From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTP id C62855A026F for ; Fri, 9 Feb 2024 22:10:19 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1707513018; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=RgPqpfBJDrM4yUMkB2q60q9yadJAPpCzp0ySFoBH1tY=; b=cYJgnAPxctwSn/CEQ4JMjW9PLxs5HBFjdjbOr1NmhrtU1EdCDQTx6pmgINHyJnCHkeU4Rm GGwxdpVSGJog6YEFWFVIrshVN1lGmbF65a5TaWA9w7n/s+Sym4H1gRPVBFryaYaCoyrzca vniM/JBerle3B1eeioaZVr1zDOHvjpM= Received: from mail-ej1-f71.google.com (mail-ej1-f71.google.com [209.85.218.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-205-iypbo4LBOhWm8W2WKrfHsQ-1; Fri, 09 Feb 2024 16:10:16 -0500 X-MC-Unique: iypbo4LBOhWm8W2WKrfHsQ-1 Received: by mail-ej1-f71.google.com with SMTP id a640c23a62f3a-a2f1d0c3389so89227566b.0 for ; Fri, 09 Feb 2024 13:10:16 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707513014; x=1708117814; h=content-transfer-encoding:mime-version:organization:references :in-reply-to:message-id:subject:cc:to:from:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=RgPqpfBJDrM4yUMkB2q60q9yadJAPpCzp0ySFoBH1tY=; b=SVx2U5vi+hnd5a+OqAMYo1CNlcBdNIiUcYbwIhMdsF5GUckpoXbbydmJS/deZMuo2Y R2iTfFWWvQkhW0M50bRxeyWl0YfMxb9Lv9p3AhM+2iHJKFuSiRoyG/5nb7UhuY0VDnjP gCHMvNpBIA1v3ToJnJ3Awf6IwuX6KxoIPg3He4MwGpgitxtZvLeUjeA3LAjkwIeLiRqJ crn7mJKJmhUPAXZRaA6oXwOVvcdVVOHajs1CwIZjPUS+q7fvqw4QTQDQSnUpTMOmbEXQ l9vupBc7UhqnWfVuDCSOCGYoJcmIHW15l8sx/957wuQ+AY3eO39Yv5MnYlLlkqoIm4Yg rTAw== X-Gm-Message-State: AOJu0YxWpYWcTYbZQDJZscN7iCeP/JAd1ehxcE5ue1XNzXUUd+rGZ7Zk a/QYtGO6Ya81hjcjV1+SuZ14RG2DAKRIrEZYPCkzmvIlTGB2G8fWzUuLQV5bmngiSOy/rmv+HUN uSvSBgc+1M1tFs5NJD6vYKu165/Wa2cbYPv/cMsUUfpLAPpagMAr4sjuo6GAMGsBTvuMvV9Hhd1 DMrlCUXyMJbLZJkYHY9QgudW45dj1Te4fTFLI= X-Received: by 2002:a17:906:e916:b0:a3b:b947:af77 with SMTP id ju22-20020a170906e91600b00a3bb947af77mr145863ejb.67.1707513014613; Fri, 09 Feb 2024 13:10:14 -0800 (PST) X-Google-Smtp-Source: AGHT+IFgIrWraXLFdYv0sPpMg03sGJjPu52LaUO2/i2fW1+sAvxDL9F56/0aXbvDuQMPIo94PwP90A== X-Received: by 2002:a17:906:e916:b0:a3b:b947:af77 with SMTP id ju22-20020a170906e91600b00a3bb947af77mr145853ejb.67.1707513014211; Fri, 09 Feb 2024 13:10:14 -0800 (PST) Received: from maya.cloud.tilaa.com (maya.cloud.tilaa.com. [164.138.29.33]) by smtp.gmail.com with ESMTPSA id tk6-20020a170907c28600b00a38a868bcf7sm1121383ejc.41.2024.02.09.13.10.13 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 09 Feb 2024 13:10:13 -0800 (PST) Date: Fri, 9 Feb 2024 22:09:39 +0100 From: Stefano Brivio To: Paul Holzinger Subject: Re: pasta does not correctly handle bind errors with port ranges Message-ID: <20240209220939.2f477a76@elisabeth> In-Reply-To: References: Organization: Red Hat X-Mailer: Claws Mail 4.1.1 (GTK 3.24.36; x86_64-pc-linux-gnu) MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Message-ID-Hash: 5K7VOP3DFRLI66NRD3FRVQUJML6PIFNI X-Message-ID-Hash: 5K7VOP3DFRLI66NRD3FRVQUJML6PIFNI X-MailFrom: sbrivio@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Hi Paul, On Fri, 9 Feb 2024 17:57:05 +0100 Paul Holzinger wrote: > Hi all, > I found some issues with the pasta port binding logic, it does not=20 > correctly handle errors when trying to bind a port range. > Let's first bind a port so we can force an error condition it: > $ nc -l -p 8080 & > $ pasta -t 8080=C2=A0 true > Failed to bind any port for '-t 8080', exiting <-- fails as expected > $ pasta -t 8081 -t 8080=C2=A0 true > Failed to bind any port for '-t 8080', exiting <-- here it also fails=20 > correctly > $ pasta -t 8080-8081=C2=A0 true > <-- no error even though pasta could not bind 8080 This is actually intended: it only fails if it can't bind *any* port in a given range, so that users don't have to explicitly exclude ports from ranges in case some are already taken, knowingly or not. That's why the error message says "any port". For two ports it probably makes no sense, but for larger ranges excluding dozens of ports can get quite annoying for the user. And warnings on failed bind() calls could get quite noisy, too. If it's a problem for Podman, I can think of two solutions. One would be an option such as --strict-bind or suchlike (better names warmly welcome). Another idea would be that the back-end in Podman passes ranges as single ports... but then the command line might explode and that's not ideal for users, either. I'd rather favour the extra option. > Also besides this I find the error message less than ideal. It missing=20 > the errno from the bind syscall so important context gets lost (i.e.=20 > Address already in use vs Permission denied). The problem is that we might fail to bind multiple ports, so there isn't necessarily a single bind() error. But if we go with --strict-bind, we could report the first error (including return code from the system call) and exit right away. Let me know if any of this would address your problem, I can write a patch in the next days in case (or feel free to submit one). --=20 Stefano