You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Ronny (JIRA)" <ji...@apache.org> on 2009/02/23 14:23:02 UTC
[jira] Resolved: (DIRSERVER-1315) ApacheDS fails to start if the
specified bind port number is less than 1024
[ https://issues.apache.org/jira/browse/DIRSERVER-1315?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ronny resolved DIRSERVER-1315.
------------------------------
Resolution: Fixed
Fix Version/s: 1.5.4
The init-script starts as user:group apacheds:apacheds. This user has no permission to bind sockets >1024. Give apacheds the correct rights. You can run as another user by changing the line 64 in the init-script to an appropriate user. It is not recommended in security POV to run apacheds as root.
> ApacheDS fails to start if the specified bind port number is less than 1024
> ---------------------------------------------------------------------------
>
> Key: DIRSERVER-1315
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1315
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: installer-plugin
> Affects Versions: 1.5.4
> Environment: Ubuntu 8.10 Server
> java version "1.6.0_10"
> Java(TM) SE Runtime Environment (build 1.6.0_10-b33)
> Java HotSpot(TM) Client VM (build 11.0-b15, mixed mode, sharing)
> java version "1.5.0_16"
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_16-b02)
> Java HotSpot(TM) Client VM (build 1.5.0_16-b02, mixed mode, sharing)
> No sudo, root login directly
> uname -a: Linux opennms 2.6.27-9-server #1 SMP Thu Nov 20 22:53:41 UTC 2008 i686 GNU/Linux
> Reporter: Ronny
> Fix For: 1.5.4
>
>
> I installed Debian package and native installer from apacheds-1.5.4-i386.bin and apacheds-1.5.4-i386.deb. Starting with default init-scripts is no problem.
> I tried to change the LDAP listening port from 10389 to 389 and apacheds do not start. The apacheds-rolling.log shows "permission denied" errors during binding the socket to 389. Checking the environment with netstat -lnpt and netstat -lnpu to determine there are no bindings to 389. I tried to use port 1023 and the same issue. Changing to 1024 and apacheds startup is successful. It seems that the problem is to bind to well-known ports > 1024. I start /etc/init.d/apacheds-1.5.4-default console with the following output:
> Running Apache Directory Server - default...
> wrapper | --> Wrapper Started as Console
> wrapper | Using tick timer.
> wrapperp | server listening on port 32000.
> wrapper | Command[0] : java
> wrapper | Command[1] : -Dlog4j.configuration=file:////var/lib/apacheds-1.5.4/default/conf/log4j.properties
> wrapper | Command[2] : -Dapacheds.var.dir=/var/lib/apacheds-1.5.4/default
> wrapper | Command[3] : -Dapacheds.log.dir=/var/lib/apacheds-1.5.4/default/log
> wrapper | Command[4] : -Dapacheds.run.dir=/var/lib/apacheds-1.5.4/default/run
> wrapper | Command[5] : -Dapacheds.instance=default
> wrapper | Command[6] : -Dbootstrap.start.class=org.apache.ldap.server.Service
> wrapper | Command[7] : -Dbootstrap.stop.class=org.apache.ldap.server.Service
> wrapper | Command[8] : -Xms384m
> wrapper | Command[9] : -Xmx384m
> wrapper | Command[10] : -Djava.library.path=../lib
> wrapper | Command[11] : -classpath
> wrapper | Command[12] : ../lib/bootstrapper.jar:../lib/wrapper.jar:../lib/slf4j-api-1.4.3.jar:../lib/slf4j-log4j12-1.4.3.jar:../lib/log4j-1.2.14.jar
> wrapper | Command[13] : -Dwrapper.key=NjJVtS6jRAMeEiz8
> wrapper | Command[14] : -Dwrapper.port=32000
> wrapper | Command[15] : -Dwrapper.jvm.port.min=31000
> wrapper | Command[16] : -Dwrapper.jvm.port.max=31999
> wrapper | Command[17] : -Dwrapper.debug=TRUE
> wrapper | Command[18] : -Dwrapper.pid=7401
> wrapper | Command[19] : -Dwrapper.version=3.2.3
> wrapper | Command[20] : -Dwrapper.native_library=wrapper
> wrapper | Command[21] : -Dwrapper.cpu.timeout=10
> wrapper | Command[22] : -Dwrapper.jvmid=1
> wrapper | Command[23] : org.apache.directory.daemon.TanukiBootstrapper
> wrapper | Command[24] : /opt/apacheds-1.5.4
> wrapper | Command[25] : org.apache.directory.server.Service
> wrapper | Command[26] : /var/lib/apacheds-1.5.4/default/conf/server.xml
> wrapper | Launching a JVM...
> jvm 1 | WrapperManager class initialized by thread: main Using classloader: sun.misc.Launcher$AppClassLoader@7d772e
> jvm 1 | Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org
> jvm 1 | Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved.
> jvm 1 |
> jvm 1 | Wrapper Manager: JVM #1
> jvm 1 | Running a 32-bit JVM.
> jvm 1 | Wrapper Manager: Registering shutdown hook
> jvm 1 | Wrapper Manager: Using wrapper
> jvm 1 | Load native library. One or more attempts may fail if platform specific libraries do not exist.
> jvm 1 | Loading native library failed: libwrapper-linux-x86-32.so Cause: java.lang.UnsatisfiedLinkError: no wrapper-linux-x86-32 in java.library.path
> jvm 1 | Loaded native library: libwrapper.so
> jvm 1 | Calling native initialization method.
> jvm 1 | Inside native WrapperManager initialization method
> jvm 1 | Java Version : 1.6.0_10-b33 Java HotSpot(TM) Client VM
> jvm 1 | Java VM Vendor : Sun Microsystems Inc.
> jvm 1 |
> jvm 1 | Control event monitor thread started.
> jvm 1 | Startup runner thread started.
> jvm 1 | WrapperManager.start(org.apache.directory.daemon.TanukiBootstrapper@5ffb18, args["/opt/apacheds-1.5.4", "org.apache.directory.server.Service", "/var/lib/apacheds-1.5.4/default/conf/server.xml"]) called by thread: main
> jvm 1 | Communications runner thread started.
> jvm 1 | Open socket to wrapper...Wrapper-Connection
> jvm 1 | Opened Socket from 31000 to 32000
> jvm 1 | Send a packet KEY : NjJVtS6jRAMeEiz8
> jvm 1 | handleSocket(Socket[addr=/127.0.0.1,port=32000,localport=31000])
> wrapperp | accepted a socket from 127.0.0.1 on port 31000
> wrapperp | read a packet KEY : NjJVtS6jRAMeEiz8
> wrapper | Got key from JVM: NjJVtS6jRAMeEiz8
> wrapperp | send a packet LOW_LOG_LEVEL : 1
> wrapperp | send a packet PING_TIMEOUT : 30
> wrapperp | send a packet PROPERTIES : (Property Values)
> wrapper | Start Application.
> wrapperp | send a packet START : start
> jvm 1 | Received a packet LOW_LOG_LEVEL : 1
> jvm 1 | Wrapper Manager: LowLogLevel from Wrapper is 1
> jvm 1 | Received a packet PING_TIMEOUT : 30
> jvm 1 | PingTimeout from Wrapper is 30000
> jvm 1 | Received a packet PROPERTIES : (Property Values)
> jvm 1 | Received a packet START : start
> jvm 1 | calling WrapperListener.start()
> jvm 1 | WrapperListener.start runner thread started.
> jvm 1 | Waiting for WrapperListener.start runner thread to complete.
> jvm 1 | _ _ ____ ____
> jvm 1 | / \ _ __ __ _ ___| |__ ___| _ \/ ___|
> jvm 1 | / _ \ | '_ \ / _` |/ __| '_ \ / _ \ | | \___ \
> jvm 1 | / ___ \| |_) | (_| | (__| | | | __/ |_| |___) |
> jvm 1 | /_/ \_\ .__/ \__,_|\___|_| |_|\___|____/|____/
> jvm 1 | |_|
> jvm 1 |
> jvm 1 | [13:13:39] ERROR [org.apache.directory.server.ldap.LdapService] - Failed to bind an LDAP service (1023) to the service registry.
> jvm 1 | java.net.SocketException: Permission denied
> jvm 1 | at sun.nio.ch.Net.bind(Native Method)
> jvm 1 | at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:119)
> jvm 1 | at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59)
> jvm 1 | at org.apache.mina.transport.socket.nio.SocketAcceptor.registerNew(SocketAcceptor.java:363)
> jvm 1 | at org.apache.mina.transport.socket.nio.SocketAcceptor.access$800(SocketAcceptor.java:55)
> jvm 1 | at org.apache.mina.transport.socket.nio.SocketAcceptor$Worker.run(SocketAcceptor.java:222)
> jvm 1 | at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
> jvm 1 | at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
> jvm 1 | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
> jvm 1 | at java.lang.Thread.run(Thread.java:619)
> jvm 1 | [13:13:39] ERROR [org.apache.directory.daemon.Bootstrapper] - Failed on null.init(InstallationLayout, String[])
> jvm 1 | org.apache.directory.shared.ldap.exception.LdapConfigurationException: Failed to bind an LDAP service (1023) to the service registry. [Root exception is java.net.SocketException: Permission denied]
> jvm 1 | at org.apache.directory.server.ldap.LdapService.startLDAP0(LdapService.java:422)
> jvm 1 | at org.apache.directory.server.ldap.LdapService.start(LdapService.java:321)
> jvm 1 | at org.apache.directory.server.configuration.ApacheDS.startup(ApacheDS.java:136)
> jvm 1 | at org.apache.directory.server.Service.init(Service.java:86)
> jvm 1 | at org.apache.directory.daemon.Bootstrapper.callInit(Bootstrapper.java:151)
> jvm 1 | at org.apache.directory.daemon.TanukiBootstrapper.start(TanukiBootstrapper.java:51)
> jvm 1 | at org.tanukisoftware.wrapper.WrapperManager$12.run(WrapperManager.java:2788)
> jvm 1 | Caused by: java.net.SocketException: Permission denied
> jvm 1 | at sun.nio.ch.Net.bind(Native Method)
> jvm 1 | at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:119)
> jvm 1 | at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59)
> jvm 1 | at org.apache.mina.transport.socket.nio.SocketAcceptor.registerNew(SocketAcceptor.java:363)
> jvm 1 | at org.apache.mina.transport.socket.nio.SocketAcceptor.access$800(SocketAcceptor.java:55)
> jvm 1 | at org.apache.mina.transport.socket.nio.SocketAcceptor$Worker.run(SocketAcceptor.java:222)
> jvm 1 | at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
> jvm 1 | at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
> jvm 1 | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
> jvm 1 | at java.lang.Thread.run(Thread.java:619)
> jvm 1 | Wrapper Manager: ShutdownHook started
> jvm 1 | WrapperManager.stop(0) called by thread: Wrapper-Shutdown-Hook
> jvm 1 | Send a packet STOP : 0
> wrapperp | read a packet STOP : 0
> wrapper | JVM requested a shutdown. (0)
> wrapper | wrapperStopProcess(0) called.
> wrapper | Sending stop signal to JVM
> wrapperp | send a packet STOP : NULL
> jvm 1 | Startup runner thread stopped.
> jvm 1 | Thread, Wrapper-Shutdown-Hook, handling the shutdown process.
> jvm 1 | shutdownJVM(0) Thread:Wrapper-Shutdown-Hook
> jvm 1 | Send a packet STOPPED : 0
> wrapperp | read a packet STOPPED : 0
> wrapper | JVM signalled that it was stopped.
> jvm 1 | Closing socket.
> wrapperp | socket read no code (closed?).
> wrapperp | server listening on port 32001.
> wrapper | JVM exited normally.
> wrapper | Signal trapped. Details:
> wrapper | signal number=17 (SIGCHLD), source="unknown"
> wrapper | Received SIGCHLD, checking JVM process status.
> wrapper | JVM process exited with a code of 4, setting the wrapper exit code to 4.
> jvm 1 | Wrapper Manager: ShutdownHook complete
> wrapper | <-- Wrapper Stopped
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.