About this list Date view Thread view Subject view Author view Attachment view

From: Martin List-Petersen (martin_at_list-petersen.dk)
Date: Wed 02 Apr 2003 - 19:32:11 BST

On Wed, 2003-04-02 at 16:36, bolle wrote:
> I had a similar problem. Setting up a Cyrus21 with exim on a vserver that
> runs on a host with Debian Woody, 2.4.19ctx-15 (i think) kernel (vserver
> 0.22-7).
> The hosts' exim was blocking port 25 so that the vserver's MTA could not be
> accessed.
> I found two solutions:
> 1. Stopping the host's exim. That is a little crude, but the verserver's MTA
> could then recieve incoming smtp calls.
> 2. Restarting the hosts exim not in inetd but as a daemon with chbind to
> eth0's original IP. The host's exim now accepts messages on port 25 and so
> does the vserver's (on its dummy eth0:xxxx). This solution sounds a little
> strange to me, because I thought, these system-calls were intended only for
> the vservers and not for the hosts. But it works (at least up to now). Even
> the other vservers now listen on port 25 for their IP

Yes. That is intended, since the main host has full rights for all ip's
and not is restricted. Besides would you also be able to limit exim, if
you use xinetd instead, which can bind to specific ip's.

In my case the ipv6 simply broke the vserver jail and some daemons
inside the vserver jail where allowed to bind the ports (example. exim /
25 and courier-imap / 143) on all ips.

Removing the ipv6 support completely from the kernel fixed my problem,
but that means i can't use ipv6 on that host at all.

If i would start a daemon up on the host system it would also bind the
port on all ip's unless i limit it, when ipv6 is removed, but that's the
way it should be.

Martin List-Petersen
martin at list-petersen dot dk
	It is a period of system war.  User programs, striking from a hidden
directory, have won their first victory against the evil Administrative
During the battle, User spies managed to steal secret source code to the
Empire's ultimate program: the Are-Em Star, a privileged root program
enough power to destroy an entire file structure.  Pursued by the
sinister audit trail, Princess _LPA0 races ~ aboard her shell script,
custodian of the stolen listings that could save her people, and restore
freedom and games to the network...

About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 02 Apr 2003 - 19:58:01 BST by hypermail 2.1.3