Ubuntu security update blocks bind sockets tcp-ports 0...1023

Asked by Andreas Hoeber on 2014-01-15

Hi all,

does anybody know a solution for this:

We have several ubuntu servers for two years now and the automatic installation of security updates is enabled. There was never a problem with the updates. Besides the servers work like a charm. But there was a security update that came on 01/03/2014. With this update the server application IBM Domino does not start several services anymore. These services (http, smtp, ldap...)try to bind sockets to the tcp-ports in the range of 0 ... 1023. I now found out that this is not possible if the software does not run as root(http://www-01.ibm.com/support/docview.wss?uid=swg21097534 ). The last two years this was not a problem. There is a tool within the domino server called bindsock that did this job(change from normal user to root and bind the sockets). But this does not work anymore. And there seems to be no way to diagnose this problem for a normal user (https://bbs.archlinux.org/viewtopic.php?pid=1356197 ).

So here come my questions:

What is the cause of the problem that it is not possible for the IBM Domino server to bind sockets?

When there is now no workaround for the problem will there probably be a further update that will correct this problem?

I love Ubuntu and it would break my heart if I should search for another linux distribution. :(

Please help me.

Thank you for any hint in advance.

Regards

Andreas

PS: The version of ubuntu is 12.04.03 LTS...

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu linux Edit question
Assignee:
No assignee Edit question
Solved by:
Andreas Hoeber
Solved:
2014-02-19
Last query:
2014-02-19
Last reply:
2014-02-15
Launchpad Janitor (janitor) said : #1

This question was expired because it remained in the 'Open' state without activity for the last 15 days.

Andreas Hoeber (nosp4m) said : #2
Launchpad Janitor (janitor) said : #3

This question was expired because it remained in the 'Open' state without activity for the last 15 days.

Andreas Hoeber (nosp4m) said : #4
Andreas Hoeber (nosp4m) said : #5

Thanks for patience. The new kernel version 3.2.0-59 solves the problem.

Regards

Andreas