ports question

iwadmin · October 4, 2008, 12:03pm

I’ve been trying to get my web server up and running, but it seems another process is using port 80. How can I figure out what has it locked up?

John

ken_yap · October 4, 2008, 12:42pm

As root, do:

netstat -atpn | grep -w :80

The last column is the process name that is using the port.

iwadmin · October 4, 2008, 12:59pm

Hummmm

Nothing returned

ken_yap · October 4, 2008, 1:11pm

So no process is using the port. What evidence do you have that some process is using the port?

iwadmin · October 4, 2008, 1:14pm

I tried to install one of my old trusty favorite web servers through wine. When I try to run it it cannot bind to port 80. So I thought maybe something was using the port.

Here’s the server log.

[2008-10-04 05:40:32] INFO: Common Library loading messages for locale ‘en_us’ (Z:/sambar70/messages/en_US/messages.ini)
[2008-10-04 05:40:32] INFO: Common Library loading messages for locale ‘de_de’ (Z:/sambar70/messages/de_DE/messages.ini)
[2008-10-04 05:40:32] INFO: Common Library loading messages for locale ‘el_gr’ (Z:/sambar70/messages/el_GR/messages.ini)
[2008-10-04 05:40:32] INFO: Common Library loading messages for locale ‘po_br’ (Z:/sambar70/messages/po_BR/messages.ini)
[2008-10-04 05:40:32] INFO: Common Library loading messages for locale ‘nl_nl’ (Z:/sambar70/messages/nl_NL/messages.ini)
[2008-10-04 05:40:32] INFO: Common Library loading messages for locale ‘ru_ru’ (Z:/sambar70/messages/ru_RU/messages.ini)
[2008-10-04 05:40:32] INFO: Common library initalized…
[2008-10-04 05:40:32] WARN: Sambar Server Pro license required to forward DNS.
[2008-10-04 05:40:32] INFO: Server hostname is: duke
[2008-10-04 05:40:32] INFO: Network IP Address is 192.168.1.102
[2008-10-04 05:40:32] INFO: Server SLB identifier is 102
[2008-10-04 05:40:32] ERROR: Unable to bind to port 80; the port is in use by another server.
[2008-10-04 05:40:32] ERROR: Failure starting the HTTP listener…
[2008-10-04 05:40:32] INFO: CRON scheduler signaled to shutdown…
[2008-10-04 05:40:32] INFO: Waiting for 0 active threads to terminate…
[2008-10-04 05:40:32] INFO: Closing with NO OPEN THREADS…
[2008-10-04 05:40:32] INFO: Closing with 0 open connections…
[2008-10-04 05:40:33] INFO: Server library exited…
[2008-10-04 05:40:33] INFO: Common library exited…

ken_yap · October 4, 2008, 1:23pm

Is wine running as root? A non-root process will not be able to bind to a port < 1024, but the error message may be misleading.

iwadmin · October 4, 2008, 1:36pm

Your right, it’s gotta be started as a root process and it is working. Now I gotta figure out a way to make it start when the system starts as a root process.

Windows had a start up folder that I used to put it in. Is there anything like that in SUSE 11.0 or do I have to right a batch or something.

ken_yap · October 4, 2008, 1:46pm

You have to write an init script using /etc/init.d/skeleton as a template, then install it using insserv. Details in man insserv. I don’t know if you have to run wine in a GUI, which would make things more messy.

iwadmin · October 4, 2008, 2:01pm

I’ll figure something out.

Well, it is working. I can’t see any of the sites from another workstation though. Now I gotta make visible to the outside. I shut down the firewall, but that didn’t help. I edited the hosts file but that didn’t help either.

hcvv · October 4, 2008, 5:22pm

I wonder why the -w. When I do with -w I do not get a result, but I am running Apache. Whitout -w I do get lines of output

boven:~ # netstat -atpn | grep -w :80
boven:~ # netstat -atpn | grep  :80
tcp        0      0 0.0.0.0:80              0.0.0.0:*                 LISTEN      3820/httpd2-prefork

user · October 4, 2008, 5:20pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A better option, in my opinion, for applications that cannot bind a low
port as root and then switch to run as non-root like Apache can is to
have them bind a high port and us iptables to forward traffic from port
80 to that high port. This way if the service is compromised by some
successful attack you don’t lose your entire system… just
(potentially) your website. Forwarding ports with iptables is fairly
simple so if you go that route there are some documents I’ll send that
do this. TID# 10100226 from support.novell.com covers this as I recall.

Good luck.

iwadmin wrote:
> I’ll figure something out.
>
> Well, it is working. I can’t see any of the sites from another
> workstation though. Now I gotta make visible to the outside. I shut down
> the firewall, but that didn’t help. I edited the hosts file but that
> didn’t help either.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFI54nZ3s42bA80+9kRAriJAJ9fExIzSRqa5JgCBsQXV+uqAq6jIgCfX1++
EP9/8zar/CAald2a1GgfREQ=
=MVwK
-----END PGP SIGNATURE-----

iwadmin · October 4, 2008, 10:02pm

I got a response that time Henk.

hcvv · October 4, 2008, 10:07pm

Well, you see what happens in my system. But let us leave it at that. Your problem is solved and that is what it is all about .

iwadmin · October 4, 2008, 10:54pm

Well,

Not really. In order to run the old windows server program, it must be started through root. SU cannot start because it will fail trying bind to port 80 if started through a regular user console.

So what I have to do to get it to bind is log off my user session then log on to root and start the program there. The program will run and bind with port 80. Multiple websites also work. However, you cannot log off of root and have the program continue to run without having an open vulnerability.

This program that I am attempting to run has an excellent web interface that my web users as well as I have highly enjoyed and I have been unable to find anything of it’s caliber that will run under Apache. If anyone knows of a web interface that will run on Apache, please let me know.

In the mean time, I will keep messin with it; trying different installs and configurations to see if I can get it to work. I think the method I may work out is crossing it with Apache to give me the web interface on a different port, but I fear I may loose some or all of the administrative capabilities of the program. Maybe not.

John

iwadmin · October 4, 2008, 11:49pm

OK,

So, I got the program to run in a user account by creating an install directory. As root I changed the permissions of the install dir to the user/group of the account holder. I placed the server on another (high) port and it is working as long as the port# is named in the URL.

Still working on the highend SSL port.

John

iwadmin · October 5, 2008, 5:12am

I thought I would give this an update.

I wasn’t able to get the Sambar server to work on SUSE 11.0 and I mostly chock this up to my inexperience with the UNIX/Linux OS (I’m only two weeks old).

So, I broke down and installed windows XP Pro on one of the workstations here and will let it do nothing but serve the web pages until I can get a better handle on SUSE and Apache.

I’ll keep looking around for a web interface that will manage sites through the net, as I am not in the office all the time.

Thanks to those that attempted help, it was appreciated!

John

malcolmlewis · October 5, 2008, 5:21am

Hi
Have a look at webmin
Webmin

–
Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 11.0 x86 Kernel 2.6.25.16-0.1-default
up 16:16, 2 users, load average: 0.00, 0.07, 0.10
GPU GeForce 6600 TE/6200 TE - Driver Version: 173.14.12

iwadmin · October 5, 2008, 5:33am

Man Malcolm,

That looks sweet. I’ll give it a good read.

Thanks for the link!