Package: exabgp
Version: 4.2.21-1.1
Severity: normal
X-Debbugs-Cc: [email protected]
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
I was trying to establish a BGP sessionbetween two exabgp services,
sniffing the interface I've noticed that exabgp was sending a RST after the
TCP SYN, leading me to run `ss -naltp` and not seeing exabgp listening on
port 179. After changing the exabgp.tcp.bind from '' to '0.0.0.0' in
exabgp.env, exabgp was not able to start informing that can not bind to
0.0.0.0:179 because it was not running as root.
* What exactly did you do (or not do) that was effective (or
ineffective)?
I was able to let exabgp service to bind on port 179 adding the following
lines to /lib/systemd/system/exabgp.service
```
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
```
* What was the outcome of this action?
Exabgp was able to start succesfully binding to 0.0.0.0:179
-- System Information:
Debian Release: trixie/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: arm64 (aarch64)
Foreign Architectures: armhf
Kernel: Linux 6.1.21-v8+ (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_CRAP
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages exabgp depends on:
ii adduser 3.137
ii debconf 1.5.82
ii dpkg 1.22.0
ii init-system-helpers 1.65.2
ii lsb-base 11.6
ii python3-exabgp 4.2.21-1.1
ii python3-pkg-resources 68.1.2-2
ii sysvinit-utils [lsb-base] 3.08-3
ii ucf 3.0043+nmu1
exabgp recommends no packages.
exabgp suggests no packages.
-- no debconf information
Sorry, the lines added in /lib/systemd/system/exabgp.service were
```
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
```
On 21/10/2023 00:07, lucas wrote:
> Package: exabgp
> Version: 4.2.21-1.1
> Severity: normal
> X-Debbugs-Cc: [email protected]
>
> Dear Maintainer,
>
> *** Reporter, please consider answering these questions, where appropriate ***
>
> * What led up to the situation?
> I was trying to establish a BGP sessionbetween two exabgp services,
> sniffing the interface I've noticed that exabgp was sending a RST after the
> TCP SYN, leading me to run `ss -naltp` and not seeing exabgp listening on
> port 179. After changing the exabgp.tcp.bind from '' to '0.0.0.0' in
> exabgp.env, exabgp was not able to start informing that can not bind to
> 0.0.0.0:179 because it was not running as root.
>
> * What exactly did you do (or not do) that was effective (or
> ineffective)?
> I was able to let exabgp service to bind on port 179 adding the following
> lines to /lib/systemd/system/exabgp.service
> ```
> CapabilityBoundingSet=CAP_NET_BIND_SERVICE
> CapabilityBoundingSet=CAP_NET_BIND_SERVICE
> ```
>
> * What was the outcome of this action?
> Exabgp was able to start succesfully binding to 0.0.0.0:179
>
>
> -- System Information:
> Debian Release: trixie/sid
> APT prefers testing
> APT policy: (500, 'testing')
> Architecture: arm64 (aarch64)
> Foreign Architectures: armhf
>
> Kernel: Linux 6.1.21-v8+ (SMP w/4 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_CRAP
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages exabgp depends on:
> ii adduser 3.137
> ii debconf 1.5.82
> ii dpkg 1.22.0
> ii init-system-helpers 1.65.2
> ii lsb-base 11.6
> ii python3-exabgp 4.2.21-1.1
> ii python3-pkg-resources 68.1.2-2
> ii sysvinit-utils [lsb-base] 3.08-3
> ii ucf 3.0043+nmu1
>
> exabgp recommends no packages.
>
> exabgp suggests no packages.
>
> -- no debconf information
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.