Mandos restart service
Teddy Hogeborn
teddy at recompile.se
Mon May 13 11:45:14 CEST 2019
Juan Miguel Alcarria Herrera <juanmi at arco2000.es> writes:
> Hi other time Teddy, I want to say you a possible bug. When I send the
> command:
>
> service mandos restart
>
> The exit of the command is Failed!
>
> I was searching the problem and math with the stsate of the conections
> between server and clients. If I hace a FIN_WAIT1 in the netstat -putan
> command the service don't restart
>
> If I wait the needed time to the FIN_WAIT dissapear, the service restart
> without problems.
>
> System: Debian Stretch
> Mandos Server: 1.7.15-1
>
> root at mandos:~# /etc/init.d/mandos restart
> [....] Restarting mandos (via systemctl): mandos.serviceJob for
> mandos.service failed because the control process exited with error code.
> See "systemctl status mandos.service" and "journalctl -xe" for details.
> failed!
>
> root at mandos:~# netstat -putan |grep 9000
> tcp 0 1 21.20.19.10:9000 104.12.2.34:54819 FIN_WAIT1 -
You seem to be using an explicit port for the Mandos server, which is
not the default configuration, nor is it necessary if all Mandos clients
are on the same local network as the server. But, this could be the
source of this problem. You could try this patch:
=== modified file 'mandos'
--- mandos 2019-04-09 20:09:51 +0000
+++ mandos 2019-05-13 09:42:07 +0000
@@ -2605,6 +2605,8 @@
raise
# Only bind(2) the socket if we really need to.
if self.server_address[0] or self.server_address[1]:
+ if self.server_address[1]:
+ self.allow_reuse_address = True
if not self.server_address[0]:
if self.address_family == socket.AF_INET6:
any_address = "::" # in6addr_any
Please let us know if it works.
/Teddy Hogeborn
--
The Mandos Project
https://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20190513/20456af0/attachment.sig>
More information about the Mandos-Dev
mailing list