[naviserver-devel] NaviServer does not bind to port 80 or 8000 on hardened Ubuntu 5.0.0

Sun, 29 Mar 2020 15:01:01 -0700 

Hi,
NaviServer fails to bind on start up to port 8000 or 80 and a specific ip number or as 0.0.0.0. 

The errors are identical. See log snip below.

For diagnostic purposes, I tried apache2 on 80. It works with:

# systemctl start apache2

# systemctl start oacs-5-9-1

Job for oacs-5-9-1.service failed because the control process exited 
with error code.

See "systemctl status oacs-5-9-1.service" and "journalctl -xe" for details.

# uname -a Linux harvesp-agah 5.0.0-1033-gcp #34-Ubuntu SMP Tue Mar 3 
04:36:26 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux


The first error in the log occurs after startup.


[29/Mar/2020:05:50:33][2926.7fad7081c740][-main-] Notice: nssock:0: 
adding virtual host entry for host <private.biz:80> location: 
http://private.biz:80 mapped to server: oacs-5-9-1
[29/Mar/2020:05:50:33][2926.7fad622be700][-driver:nssock:0-] Notice: 
starting
[29/Mar/2020:05:50:33][2926.7fad622be700][-driver:nssock:0-] Notice: 
bind operation on sock 15 lead to error: Cannot assign requested address
[29/Mar/2020:05:50:33][2926.7fad622be700][-driver:nssock:0-] Warning: 
bind on: SockAddr family AF_INET, ip x.x.x.x, port 80
[29/Mar/2020:05:50:33][2926.7fad622be700][-driver:nssock:0-] Error: 
Ns_SockBinderListen: sendmsg() failed: sent 53 bytes, 'Cannot assign 
requested address'
[29/Mar/2020:05:50:33][2926.7fad622be700][-driver:nssock:0-] Error: 
nssock:0: failed to listen on [x.x.x.x]:80: Cannot assign requested address
[29/Mar/2020:05:50:33][2926.7fad622be700][-driver:nssock:0-] Warning: 
could no bind any of the following addresses, stopping this driver: x.x.x.x
[29/Mar/2020:05:50:33][2926.7fad7081c740][-main-] Notice: nsmain: 
NaviServer/4.99.19 (tar-4.99.19) running
[29/Mar/2020:05:50:33][2926.7fad7081c740][-main-] Notice: nsmain: 
security info: uid=1002, euid=1002, gid=1003, egid=1003

[29/Mar/2020:05:50:33][2926.7fad6d353700][-sched-] Notice: sched: starting

[29/Mar/2020:05:50:33][2926.7fad7081c740][-main-] Fatal: nsmain: can't 
communicate with parent process, nwrite -1, error: Broken pipe (parent 
process was probably killed)


This is on an ubuntu image on GCP:

ubuntu-minimal-1804-bionic-v20200317
Description

Canonical, Ubuntu, 18.04 LTS Minimal, amd64 bionic minimal image built 
on 2020-03-17, supports Shielded VM features



I'm guessing it's some kind of vTPM/kernel security issue, since extra 
security features were added to the linux kernel at version5.0.0.



Any suggestions on how to get NaviServer to bind / pass the security 
challenge?


kind regards,
Ben



_______________________________________________
naviserver-devel mailing list
naviserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/naviserver-devel






















					Reply via email to