[opensuse] Why does yast use 127.0.0.2 for localhost?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Everytime I use YaST to configure the network, it adds this line to /etc/hosts: 127.0.0.2 Telcontar.valinor Telcontar That line provokes postfix into failure - one message per minute in the logs: .... fatal: parameter inet_interfaces: no local interface found for 127.0.0.2 and has to be deleted manually every time. Notice that I have this: 127.0.0.1 localhost 192.168.1.14 Telcontar.valinor Telcontar What's the use of 127.0.0.2, why does yast insist on creating it? Why not 127.0.0.1? What is wrong that postfix does not work with it? Is this a bug somewhere, or did I configure something wrong? - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG0xeUACgkQIvFNjefEBxpowQCfccfYupIzAwSbrYa4XF6k3OLB u98AoNu1rfhZjMTOQ8NjTKi+UTrdJGZh =CbUR -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Everytime I use YaST to configure the network, it adds this line to /etc/hosts:
127.0.0.2 Telcontar.valinor Telcontar
I have just this weekend installed 12.3 on a xen instance - I get no such line in /etc/hosts. I seem to remember a tickbox with a text along these lines : "write hostname to /etc/hosts" ? (which I never tick). There is even a FATE related to this: https://features.opensuse.org/308824
That line provokes postfix into failure - one message per minute in the logs:
.... fatal: parameter inet_interfaces: no local interface found for 127.0.0.2
and has to be deleted manually every time. Notice that I have this:
127.0.0.1 localhost 192.168.1.14 Telcontar.valinor Telcontar
What's the use of 127.0.0.2, why does yast insist on creating it? Why not 127.0.0.1?
What is wrong that postfix does not work with it?
The default value for 'inet_interfaces' is localhost, but you have presumably set it to 'telcontar' or $myhostname ? -- Per Jessen, Zürich (12.6°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-10 09:16, Per Jessen wrote:
Carlos E. R. wrote:
Everytime I use YaST to configure the network, it adds this line to /etc/hosts:
127.0.0.2 Telcontar.valinor Telcontar
I have just this weekend installed 12.3 on a xen instance - I get no such line in /etc/hosts. I seem to remember a tickbox with a text along these lines : "write hostname to /etc/hosts" ? (which I never tick).
But I do. I will have to untick.
There is even a FATE related to this: https://features.opensuse.org/308824
Which has been rejected (reason: 11.3 is done). The bugzillas I tried give "access denied" after login. There a dead link to a post at <http://fourier.suse.de/mlarch/SuSE/research/2010/research.2010.01/msg00044.html>, server not found. I created a new one. Bug 824141 - appending 127.0.0.2 line to /etc/hosts causes postfix to go berseck
What is wrong that postfix does not work with it?
The default value for 'inet_interfaces' is localhost, but you have presumably set it to 'telcontar' or $myhostname ?
inet_interfaces = $myhostname, localhost and localhost last entry in the hosts file is set to ...2, which doesn't work. Well, actually it does, I'm pinging it. But not with postfix. - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG10zAACgkQIvFNjefEBxrDXACeKnmXxX6GKi8+LnwImz9V+96s ifsAoLQFQlgUU7vw/2633IgO4G0QnYJI =1rTb -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Carlos E. R. wrote:
On 2013-06-10 09:16, Per Jessen wrote:
Carlos E. R. wrote:
Everytime I use YaST to configure the network, it adds this line to /etc/hosts:
127.0.0.2 Telcontar.valinor Telcontar
I have just this weekend installed 12.3 on a xen instance - I get no such line in /etc/hosts. I seem to remember a tickbox with a text along these lines : "write hostname to /etc/hosts" ? (which I never tick).
But I do. I will have to untick.
There is even a FATE related to this: https://features.opensuse.org/308824
Which has been rejected (reason: 11.3 is done). The bugzillas I tried give "access denied" after login.
Sorry, I didn't study the openFATE, my access doesn't work at the moment.
I created a new one.
Bug 824141 - appending 127.0.0.2 line to /etc/hosts causes postfix to go berseck
I think the real problem is that 127.0.0.2 wasn't assigned to the loopback interface.
What is wrong that postfix does not work with it?
The default value for 'inet_interfaces' is localhost, but you have presumably set it to 'telcontar' or $myhostname ?
inet_interfaces = $myhostname, localhost
and localhost last entry in the hosts file is set to ...2, which doesn't work. Well, actually it does, I'm pinging it. But not with postfix.
That's weird - then 127.0.0.2 is probably assigned to 'lo', so why can't postfix use it. -- Per Jessen, Zürich (20.4°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-10 16:27, Per Jessen wrote:
Carlos E. R. wrote:
There is even a FATE related to this: https://features.opensuse.org/308824
Which has been rejected (reason: 11.3 is done). The bugzillas I tried give "access denied" after login.
Sorry, I didn't study the openFATE, my access doesn't work at the moment.
No problem :-) There is one bugzilla at least that was readable, but had just a comment on the end, the main problem was another one, IIRC. I created a new one to track this precise issue on a current and supported release.
That's weird - then 127.0.0.2 is probably assigned to 'lo', so why can't postfix use it.
That ifconfig doesn't print a "lo" for it? - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG149YACgkQIvFNjefEBxpm7gCfeBdcKxUcNby9tok5NVaTCfbv /rwAn2Hxm61bvkBmP6naIFaO+Ui+tPyv =U0n7 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 2013-06-10 16:27, Per Jessen wrote:
Carlos E. R. wrote:
There is even a FATE related to this: https://features.opensuse.org/308824
Which has been rejected (reason: 11.3 is done). The bugzillas I tried give "access denied" after login.
Sorry, I didn't study the openFATE, my access doesn't work at the moment.
No problem :-)
There is one bugzilla at least that was readable, but had just a comment on the end, the main problem was another one, IIRC.
I created a new one to track this precise issue on a current and supported release.
That's weird - then 127.0.0.2 is probably assigned to 'lo', so why can't postfix use it.
That ifconfig doesn't print a "lo" for it?
127.0.0.0/8 is assigned to 'lo', which is why you can ping it. In order for postfix to use 127.0.0.2 though, I'm sure 'lo' needs 127.0.0.2 added as a secondary address. -- Per Jessen, Zürich (18.4°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-10 17:48, Per Jessen wrote:
Carlos E. R. wrote:
That ifconfig doesn't print a "lo" for it?
127.0.0.0/8 is assigned to 'lo', which is why you can ping it. In order for postfix to use 127.0.0.2 though, I'm sure 'lo' needs 127.0.0.2 added as a secondary address.
It fits... - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG19fUACgkQIvFNjefEBxpxhQCgj7JinFtnLbFruD4d7bvv/cxn CMEAoJ7G8ib/YpEq2w3xSqq2gpP4J2gm =rgvI -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 6/10/2013 8:48 AM, Per Jessen wrote:
127.0.0.0/8 is assigned to 'lo', which is why you can ping it. In order for postfix to use 127.0.0.2 though, I'm sure 'lo' needs 127.0.0.2 added as a secondary address.
The problem is that localhost did not appear in hosts, and postfix starts kicking errors for some obscure reason. lo gets assigned 127.0.0.1 regardless of the existence of a line in hosts. That you can use anything in 127.0.0.0/8 to ping your own machine doesn't seem germane to the issue here. Its something odd in postfix. -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
John Andersen wrote:
On 6/10/2013 8:48 AM, Per Jessen wrote:
127.0.0.0/8 is assigned to 'lo', which is why you can ping it. In order for postfix to use 127.0.0.2 though, I'm sure 'lo' needs 127.0.0.2 added as a secondary address.
The problem is that localhost did not appear in hosts, and postfix starts kicking errors for some obscure reason.
Carlos started out by saying he has "127.0.0.1 localhost" in /etc/hosts.
lo gets assigned 127.0.0.1 regardless of the existence of a line in hosts. That you can use anything in 127.0.0.0/8 to ping your own machine doesn't seem germane to the issue here. Its something odd in postfix.
postfix tries to listen on 127.0.0.2, but as that address has not been assigned to any interface, it fails. -- Per Jessen, Zürich (14.1°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Per Jessen wrote:
postfix tries to listen on 127.0.0.2, but as that address has not been assigned to any interface, it fails.
???? Every usable address in 127.0.0.0 /8 is assigned to lo. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
James Knott wrote:
Per Jessen wrote:
postfix tries to listen on 127.0.0.2, but as that address has not been assigned to any interface, it fails.
????
Every usable address in 127.0.0.0 /8 is assigned to lo.
Hmm, yes. But then what is postfix complaining about: "parameter inet_interfaces: no local interface found for 127.0.0.2" inet_interfaces=127.0.0.2 (or similar) will only work if "127.0.0.2" is explicitly assigned to 'lo'. I wonder if postfix is trying to identify the network interface the address is assigned to. -- Per Jessen, Zürich (14.2°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-11 08:10, Per Jessen wrote:
I wonder if postfix is trying to identify the network interface the address is assigned to.
It might. It listens on interfaces, the parameter is named *interfaces... - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG3DF8ACgkQIvFNjefEBxpIzQCfSyNAkd64qBQ54PaNuA9F3IBo 5ZEAoIIl/8pmuWCAGR/mtGWKjtJXHyvD =cRL6 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* Carlos E. R. <robin.listas@telefonica.net> [06-11-13 07:39]:
On 2013-06-11 08:10, Per Jessen wrote:
I wonder if postfix is trying to identify the network interface the address is assigned to.
It might. It listens on interfaces, the parameter is named *interfaces...
Have you tried setting inet_interfaces = localhost, 127.0.0.2 or "127.0.0.1, 127.0.0.2" or "all" or "127.0.0/4" re: the last may be incorrect as I am not versed in internet numerology. aiui inet_interfaces defines where postfix should look for incoming mail. another option might be reordering appearance of 127.0.0.1 and 127.0.0.2 in /etc/hosts as the first or last may assume precedence in assignment. I also noticed some great time past the appearance of 127.0.0.2 in "hosts" and wondered w/o resolution it's presence but did not notice any system problems, nor with postfix, so it wasn't important enough to persue. I even have it commented out on one server box.... -- (paka)Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 http://en.opensuse.org openSUSE Community Member Registered Linux User #207535 @ http://linuxcounter.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-11 14:18, Patrick Shanahan wrote:
* Carlos E. R. <> [06-11-13 07:39]:
Have you tried setting inet_interfaces = localhost, 127.0.0.2 or "127.0.0.1, 127.0.0.2" or "all" or "127.0.0/4"
Nope. I have: inet_interfaces = $myhostname, localhost which is a reccomended setup and should work if the IP changes.
re: the last may be incorrect as I am not versed in internet numerology.
aiui inet_interfaces defines where postfix should look for incoming mail.
another option might be reordering appearance of 127.0.0.1 and 127.0.0.2 in /etc/hosts as the first or last may assume precedence in assignment.
No. No, because it is YaST who writes the 127.0.0.2 line to the end of the file. Once I open that file, it is to remove the ofending line, not to place it somewhere else...
I also noticed some great time past the appearance of 127.0.0.2 in "hosts" and wondered w/o resolution it's presence but did not notice any system problems, nor with postfix, so it wasn't important enough to persue. I even have it commented out on one server box....
Apparently, there is some software that needs that entry (sendmail?), so yast creates it. Well, when I ticked the whatever option in YaST, I assumed it would create an entry for 127.0.0.1, not 127.0.0.2. - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG3JSMACgkQIvFNjefEBxov3wCfUyAzpy0YvVJuO5urShy0700C g10AoL1ib0M5mqhX19pFn2ssnZnn9H/Z =hLrm -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 2013-06-11 08:10, Per Jessen wrote:
I wonder if postfix is trying to identify the network interface the address is assigned to.
It might. It listens on interfaces, the parameter is named *interfaces...
Normally an application listens on an address and the kernel takes care of the rest. I don't know how I would go about listening on an interface, but tools such as tcpdump know how to. -- Per Jessen, Zürich (19.4°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-10 20:14, Per Jessen wrote:
postfix tries to listen on 127.0.0.2, but as that address has not been assigned to any interface, it fails.
I asked on the postfx mail list. This is the answer I got, it matches what you say: +++···································· Date: Wed, 12 Jun 2013 12:36:55 -0400 (EDT) Reply-To: Postfix users <postfix-users@postfix.org> From: wietse@... (Wietse Venema) To: Postfix users <postfix-users@postfix.org> Carlos E. R.:
Apararently, my previous reply has been lost. I resend.
On 2013-06-12 14:40, Wietse Venema wrote:
Carlos E. R.:
Does the machine have a network interface with IP address 127.0.0.2?
Dunno. I guess not, because it is not listed in ifconfig output.
Then, 127.0.0.2 should not be specified in inet_interfaces. Wietse ····································++- Thus, I understand they reject this being a postfix problem. This is final, it is an openSUSE problem. YaST should not add that entry to the hosts file; as this is an optional tick box, if marked it should warn the admin that marking it may break some software (and conversely, that not marking it breaks some other, older, software (sendmail, it seems)). I suggest that you vote the feature request: https://features.opensuse.org/308824 - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG4tikACgkQtTMYHG2NR9XPmQCfZgUz/BJ+Bx+zEcK4dsQ920yC vKoAn1GV1xDx7HqFkwk2rpJziqfgYQKO =e9kv -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Carlos E. R. wrote:
Carlos E. R.:
Apararently, my previous reply has been lost. I resend.
On 2013-06-12 14:40, Wietse Venema wrote:
Carlos E. R.:
Does the machine have a network interface with IP address 127.0.0.2?
Dunno. I guess not, because it is not listed in ifconfig output.
Then, 127.0.0.2 should not be specified in inet_interfaces.
Wietse ····································++-
Thus, I understand they reject this being a postfix problem. This is final, it is an openSUSE problem.
I agree with that - postfix is only doing what it has been told.
YaST should not add that entry to the hosts file;
Or it should make sure it also adds 127.0.0.2 to 'lo'. Which is what used to happen. If that doesn't happen anymore, that is the real problem. -- Per Jessen, Zürich (26.1°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-12 20:16, Per Jessen wrote:
Carlos E. R. wrote:
I agree with that - postfix is only doing what it has been told.
Yep. And postfix errors out probably because the library functions it calls error back to it. Just an educated guess.
YaST should not add that entry to the hosts file;
Or it should make sure it also adds 127.0.0.2 to 'lo'. Which is what used to happen. If that doesn't happen anymore, that is the real problem.
All those fine details escape my capabilities :-) As I just said in bugzilla: What I would propose is a compromise: as there is a tick box to enable/disable this in YaST network configuration module, that tick box should display a text explaining what it does, and what breaks either way, so that if we get hit by the problems we know where they come from and we don't need to google it ;-) - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG4v0cACgkQtTMYHG2NR9VNewCfVZFVrEiKLEkBKgOjGOhzhDf3 XasAnA7g/9BgD7/wFg1qwD9B7LLdHkDE =mlcC -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
[12.06.2013 20:34] [Carlos E. R.]:
YaST should not add that entry to the hosts file;
Or it should make sure it also adds 127.0.0.2 to 'lo'. Which is what used to happen. If that doesn't happen anymore, that is the real problem.
All those fine details escape my capabilities :-)
As I just said in bugzilla:
What I would propose is a compromise: as there is a tick box to enable/disable this in YaST network configuration module, that tick box should display a text explaining what it does, and what breaks either way, so that if we get hit by the problems we know where they come from and we don't need to google it ;-)
There is a tickbox in YaST configuration as Per mentioned in the first response in this thread, Message-ID: <kp3ug9$sdf$1@saturn.local.net>. In many installation instructions (for example, if you install a SAP system on SLES), you get a direct hint to make sure this box is not ticked. Once you learn that ticking this box writes 127.0.0.2 with your hostname into /etc/hosts, you know that you don't want this feature. AFAIK, the box was unchecked the last times I installed openSUSE (and SLES). At some time, it added 127.0.0.2 to /etc/sysconfig/network/ifcfg-lo too - and this was needed because of some strange rules in CUPS access lists ("allow 127.0.0.2") that were introduced for some obscure reasons. When you look at postfix' config with the line "inet_interfaces = $myhostname, localhost", it is sure meant that $myhostname is resolved to an "outside" address (as opposed to a localhost address). Postfix should check that the given addresses are available for its local installation, though. Maybe one can tell Wietse that this is a security flaw, it will be fixed at once ;-) Just my 2¢, Werner -- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-13 07:25, Werner Flamme wrote:
There is a tickbox in YaST configuration as Per mentioned in the first response in this thread, Message-ID: <kp3ug9$sdf$1@saturn.local.net>.
Yes, and I suggested in Bugzilla that YaST warns of the consequences either way. It is not very good if the user finds out that something is working badly and has to ask in mail list, forum, or google, or upstream. It saves time for all. I knew about deleting the line in hosts, but not of the tick box having that precise effect (it does not mention 127.0.0.2 in YaST tick box, not so easy to correlate, I'm afraid).
When you look at postfix' config with the line "inet_interfaces = $myhostname, localhost", it is sure meant that $myhostname is resolved to an "outside" address (as opposed to a localhost address). Postfix should check that the given addresses are available for its local installation, though. Maybe one can tell Wietse that this is a security flaw, it will be fixed at once ;-)
Maybe, but that's not for me to do. It has to be someone with better network expertise than me. :-) As for the $myhostname being an internet address - well, not always. It can be a local network server only, too. For internal exchange only. It just needs a working DNS server. - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG5c+gACgkQtTMYHG2NR9VbzwCgi9NDeTQWuArqLF8+kBO0Oyh4 YwAAmgJanlx4JrcIGfDtNgzwk576QKA8 =rodf -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Carlos E. R. [13.06.2013 09:25]:
When you look at postfix' config with the line "inet_interfaces = $myhostname, localhost", it is sure meant that $myhostname is resolved to an "outside" address (as opposed to a localhost address). Postfix should check that the given addresses are available for its local installation, though. Maybe one can tell Wietse that this is a security flaw, it will be fixed at once ;-)
[..]
As for the $myhostname being an internet address - well, not always. It can be a local network server only, too. For internal exchange only. It just needs a working DNS server.
It can be any address but a localhost address, that's what I meant when I wrote 'it is sure meant that $myhostname is resolved to an "outside" address (as opposed to a localhost address)'. Localhost addresses are in the 127.0.0.0/8 range :-) BTW, everyone using postfix should know the value of a working DNS ;-) Regards, Werner -- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-13 09:32, Werner Flamme wrote:
Carlos E. R. [13.06.2013 09:25]:
[..]
As for the $myhostname being an internet address - well, not always. It can be a local network server only, too. For internal exchange only. It just needs a working DNS server.
It can be any address but a localhost address, that's what I meant when I wrote 'it is sure meant that $myhostname is resolved to an "outside" address (as opposed to a localhost address)'. Localhost addresses are in the 127.0.0.0/8 range :-)
I understand those match the "localhost" part of my setting.
BTW, everyone using postfix should know the value of a working DNS ;-)
I actually learnt that long ago with sendmail ;-) - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG5eLUACgkQtTMYHG2NR9VTZgCgirMgbCDYqkXOLXAY1qOIGmEJ 9YYAmQF7CCKNIvGcjaKwbXRcZJiMVQoI =bFAX -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-10 19:14, John Andersen wrote:
On 6/10/2013 8:48 AM, Per Jessen wrote:
127.0.0.0/8 is assigned to 'lo', which is why you can ping it. In order for postfix to use 127.0.0.2 though, I'm sure 'lo' needs 127.0.0.2 added as a secondary address.
The problem is that localhost did not appear in hosts, and postfix starts kicking errors for some obscure reason.
localhost is in hosts, twice at least.
lo gets assigned 127.0.0.1 regardless of the existence of a line in hosts.
That you can use anything in 127.0.0.0/8 to ping your own machine doesn't seem germane to the issue here. Its something odd in postfix.
That you can ping that destination is not the same as pinging /from/ that IP. - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG2HJkACgkQIvFNjefEBxpCaQCfQUA+nkm9DPM35pKnQTSOFzkh cEUAoMpGzq6+4gDSLu1BJDy+fv0lARHX =0qmm -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Carlos E. R. wrote:
localhost is in hosts, twice at least.
There's no problem with having more than one line with a host name. Only the first one will be used.
That you can ping that destination is not the same as pinging /from/ that IP.
How often do you ever ping from an IP? The best you can do is specify which interface is to be used. The actual address used is the one that's assigned to the interface that is used to reach the destination. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-10 22:10, James Knott wrote:
Carlos E. R. wrote:
localhost is in hosts, twice at least.
There's no problem with having more than one line with a host name. Only the first one will be used.
Postfix is attempting to use the last one. My very first line is this: 127.0.0.1 localhost then I have: ::1 localhost ipv6-localhost ipv6-loopback However, postfix is not attempting to use localhost, but "telcontar": 192.168.1.14 Telcontar.valinor Telcontar This is the line that postfix is reading, the very last line of the file: 127.0.0.2 Telcontar.valinor Telcontar and it is created when I run the yast network configuration module (I don't write it). I have a comment written somewhere: # 127.0.0.2 Telcontar.valinor Telcontar --> causes error in postfix. # fatal: parameter inet_interfaces: no local interface found for 127.0.0.2 (one line, Thunderbird forces wrapping the line) It has been happening for years. I have the comment in the hosts file lest I forget. - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG2VXcACgkQIvFNjefEBxqxEQCgl82HZUk+ZwjbPIHSri+APaZl fnwAniLvNdf/HUAqaI1F3Q8AlvhTyY6g =Vciz -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10 Jun 2013, at 16:10, James Knott wrote:
Carlos E. R. wrote:
localhost is in hosts, twice at least.
There's no problem with having more than one line with a host name. Only the first one will be used.
That is not routinely true. Assuming a typical nsswitch.conf, both the traditional gethostbyname() and the modern getaddrinfo() calls that resolve names to addresses both return structures that include all addresses whose entries in /etc/hosts include the name as a value or all values provided by normal DNS resolution of the name, with no particular significance to the ordering of the addresses returned. If (as when setting Postfix's "inet_interfaces" parameter to a list of hostnames) a daemon's configuration tells it to listen on particular addresses by hostname, it is only rational for that daemon to see that as a directive to use all of the addresses to which the name resolves. That's why this is a problem for Postfix: it is being told to open listeners using a name that resolves to 2 addresses: one that is bound to a configured network interface and 127.0.0.2, which isn't. A quirk of the Linux loopback implementation allows listeners to be opened on any address in 127/8 on the lo interface, but Postfix doesn't (and shouldn't) handle 127/8 specially and open listeners on arbitrary addresses that just happen to work. It sees that 127.0.0.2 isn't configured on any interface, reports its misconfiguration, and dies because that sort of error is severe for a MTA.
That you can ping that destination is not the same as pinging /from/ that IP.
How often do you ever ping from an IP?
Not very frequently, but apparently far more often than you would expect. :)
The best you can do is specify which interface is to be used.
That does not accurately describe the functionality of the "-I" option to the modern Linux (iputils) version of ping nor of the analogous options in the BSD (-b/-S) and SVr4/Solaris (-i) ping implementations. All 3 of those provide for the specification of a source address OR an interface name.
The actual address used is the one that's assigned to the interface that is used to reach the destination.
It is common for interfaces to have many more than one IP address assigned to them, so "the one that's assigned to the interface" may be a meaningless phrase. More precisely: a target address uses a particular route which is bound to an interface and may use a specific source address. If you do not specify a source address for ping to use, it will use the source address specific to the route (if their is one) or the default address for the interface to which the route is bound. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-12 23:13, Bill Cole wrote:
On 10 Jun 2013, at 16:10, James Knott wrote:
Carlos E. R. wrote:
localhost is in hosts, twice at least.
There's no problem with having more than one line with a host name. Only the first one will be used.
That is not routinely true. Assuming a typical nsswitch.conf, both the traditional gethostbyname() and the modern getaddrinfo() calls that resolve names to addresses both return structures that include all addresses whose entries in /etc/hosts include the name as a value or all values provided by normal DNS resolution of the name, with no particular significance to the ordering of the addresses returned. If (as when setting Postfix's "inet_interfaces" parameter to a list of hostnames) a daemon's configuration tells it to listen on particular addresses by hostname, it is only rational for that daemon to see that as a directive to use all of the addresses to which the name resolves.
That's why this is a problem for Postfix: it is being told to open listeners using a name that resolves to 2 addresses: one that is bound to a configured network interface and 127.0.0.2, which isn't. A quirk of the Linux loopback implementation allows listeners to be opened on any address in 127/8 on the lo interface, but Postfix doesn't (and shouldn't) handle 127/8 specially and open listeners on arbitrary addresses that just happen to work. It sees that 127.0.0.2 isn't configured on any interface, reports its misconfiguration, and dies because that sort of error is severe for a MTA.
Thanks a lot for that detailed explanation :-)
The actual address used is the one that's assigned to the interface that is used to reach the destination.
It is common for interfaces to have many more than one IP address assigned to them, so "the one that's assigned to the interface" may be a meaningless phrase. More precisely: a target address uses a particular route which is bound to an interface and may use a specific source address. If you do not specify a source address for ping to use, it will use the source address specific to the route (if their is one) or the default address for the interface to which the route is bound.
Ok, right. I should have said "the ones", then :-) - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG5dQAACgkQtTMYHG2NR9WQpACfbNdTdGuv3vKYAszXUtpszxJ3 5FcAn1VaOJ7fzFqb+4R1KdTo2LOP/Lf1 =jq4q -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2013-06-10 03:16 (GMT-0400) Per Jessen composed:
There is even a FATE related to this: https://features.opensuse.org/308824
Since it was rejected, it may be overdue to reopen the probable reason it was opened: https://bugzilla.novell.com/show_bug.cgi?id=573488 Not having it certainly doesn't appear to hurt anything here. I've been using the exact same 64 line hosts file lacking both it and IPV6 entries on all my openSUSE systems for years. -- "The wise are known for their understanding, and pleasant words are persuasive." Proverbs 16:21 (New Living Translation) Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2013-06-11 01:35, Felix Miata wrote:
On 2013-06-10 03:16 (GMT-0400) Per Jessen composed:
There is even a FATE related to this: https://features.opensuse.org/308824
Since it was rejected,
It was rejected "bureaucratically". The reason given is that it applied to a release, 11.3, that was out, so the fate was too late. Ie, it was left there, nobody doing anything, till it could be closed. I have reopened it, please vote. it may be overdue to reopen the probable reason
it was opened: https://bugzilla.novell.com/show_bug.cgi?id=573488
Yes, they told the guy to open a fate, then they closed the fate and the bugzilla with nothing solved a year later. Nice... - -- Cheers / Saludos, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlG2aOkACgkQIvFNjefEBxrJIACfdU5xI1Gt7DJLrganC+iN3+8R QXkAoLCKAzMyJ1/tPP2i/XBzo3cUn+if =4LzH -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (9)
-
Bill Cole -
Carlos E. R. -
Carlos E. R. -
Felix Miata -
James Knott -
John Andersen -
Patrick Shanahan -
Per Jessen -
Werner Flamme