Mandos restart service

Teddy Hogeborn teddy at recompile.se
Mon May 13 11:45:14 CEST 2019 

Juan Miguel Alcarria Herrera <juanmi at arco2000.es> writes:

> Hi other time Teddy, I want to say you a possible bug. When I send the
> command:
>
> service mandos restart
>
> The exit of the command is Failed!
>
> I was searching the problem and math with the stsate of the conections
> between server and clients. If I hace a FIN_WAIT1 in the netstat -putan
> command the service don't restart
>
> If I wait the needed time to the FIN_WAIT dissapear, the service restart
> without problems.
>
> System: Debian Stretch
> Mandos Server: 1.7.15-1
>
> root at mandos:~# /etc/init.d/mandos restart
> [....] Restarting mandos (via systemctl): mandos.serviceJob for
> mandos.service failed because the control process exited with error code.
> See "systemctl status mandos.service" and "journalctl -xe" for details.
>  failed!
>
> root at mandos:~# netstat -putan |grep 9000
> tcp        0      1 21.20.19.10:9000     104.12.2.34:54819     FIN_WAIT1   -

You seem to be using an explicit port for the Mandos server, which is
not the default configuration, nor is it necessary if all Mandos clients
are on the same local network as the server.  But, this could be the
source of this problem.  You could try this patch:

=== modified file 'mandos'
--- mandos	2019-04-09 20:09:51 +0000
+++ mandos	2019-05-13 09:42:07 +0000
@@ -2605,6 +2605,8 @@
                     raise
         # Only bind(2) the socket if we really need to.
         if self.server_address[0] or self.server_address[1]:
+            if self.server_address[1]:
+                self.allow_reuse_address = True
             if not self.server_address[0]:
                 if self.address_family == socket.AF_INET6:
                     any_address = "::"  # in6addr_any

Please let us know if it works.

/Teddy Hogeborn

-- 
The Mandos Project
https://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20190513/20456af0/attachment.sig>

More information about the Mandos-Dev mailing list