Join Log in
Score:2
avatar Server

Dovecot claims ports are in use, netstat disagrees

cn flag
user646372

Attempting to start dovecot gives me this:

Apr 28 13:37:00 master: Error: service(pop3-login): listen(*, 110) failed: Address already in use
Apr 28 13:37:00 master: Error: service(pop3-login): listen(*, 995) failed: Address already in use
Apr 28 13:37:00 master: Error: service(imap-login): listen(*, 143) failed: Address already in use
Apr 28 13:37:00 master: Error: service(imap-login): listen(*, 993) failed: Address already in use

And 'netstat -tulpn' displays this:

tcp        0      0 0.0.0.0:25                  0.0.0.0:*                   LISTEN      3369/master
tcp        0      0 0.0.0.0:52125               0.0.0.0:*                   LISTEN      2396/rpc.statd
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      3244/mysqld
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      2375/rpcbind
tcp        0      0 :::22                       :::*                        LISTEN      2562/sshd
tcp        0      0 :::25                       :::*                        LISTEN      3369/master
tcp        0      0 :::443                      :::*                        LISTEN      3390/httpd
tcp        0      0 :::39631                    :::*                        LISTEN      2396/rpc.statd
tcp        0      0 :::111                      :::*                        LISTEN      2375/rpcbind
tcp        0      0 :::80                       :::*                        LISTEN      3390/httpd
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               2236/dhclient
udp        0      0 0.0.0.0:111                 0.0.0.0:*                               2375/rpcbind
udp        0      0 10.0.82.190:123             0.0.0.0:*                               2589/ntpd
udp        0      0 127.0.0.1:123               0.0.0.0:*                               2589/ntpd
udp        0      0 0.0.0.0:123                 0.0.0.0:*                               2589/ntpd
udp        0      0 0.0.0.0:43243               0.0.0.0:*                               2396/rpc.statd
udp        0      0 0.0.0.0:854                 0.0.0.0:*                               2375/rpcbind
udp        0      0 127.0.0.1:876               0.0.0.0:*                               2396/rpc.statd
udp        0      0 :::111                      :::*                                    2375/rpcbind
udp        0      0 :::854                      :::*                                    2375/rpcbind
udp        0      0 :::54504                    :::*                                    2396/rpc.statd

Any idea what I'm missing here?

UPDATE:

selinux is disabled, and the distro is AWX Linux:

$ getenforce
Disabled

$ uname -a
Linux ip-10-0-82-190 4.14.268-139.500.amzn1.x86_64 #1 SMP Wed Mar 2 18:48:10 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
70
0 + 0
tcp
Appleoddity avatar
ng flag
Appleoddity
Is dovecot binding to the ports as root? Only root can bind to ports below 1024.
1
Reply
cn flag
user646372
I am running dovecot as root. Also, as stated the dovecot log says the ports are in use.
0
Reply
in flag
Gerald Schneider
What distribution are you using? Selinux could also prevent it.
0
Reply
us flag
Rob
Check the effective configuration (after parsing dovecot.conf and all includes) with `dovecot -n` and maybe see: https://serverfault.com/a/1017158/960939
2
Reply
cn flag
user646372
It was portreserve! What a shifty piece of crap! Repost as an answer and I'll award the bounty.
1
Reply
Doug avatar
in flag
Doug
I hadn't looked at the link in Rob's comment when I wrote my answer, so I just took this as user646372 solving their own issue. Credit should really go to Rob, as I see now that his link was how we got there.
0
Reply
Score:3
Doug avatar Server
in flag
Doug

dovecot would appear to not be aware of (compatible with) portreserve.

Check /etc/portreserve for configuration files that are reserving ports you need and remove them from scope (e.g. rename them with ~). Alternatively you can add portrelease to your dovecot init scripts to release the necessary ports just prior to starting dovecot.

It's worth noting this errata (https://access.redhat.com/errata/RHSA-2020:1062) which leads to this bug report ("Dovecot should use portrelease to avoid port conflicts with NFSv4 mounts" https://bugzilla.redhat.com/show_bug.cgi?id=1570283). These would appear to tie it closer to a portreseve defect which is antagonized by NFSv4. It is not clear to me that the errata actually fixes the problem as the bug report only provides some context and perhaps a workaround.

I don't think this can be fixed on dovecot side - and fixing portreserve should fix this. SUNRPC has known disadvantage of randomly assigning rpc ports 665-1023 (well - not completely randomly - it is something like 6XX+pid which results in regular issues with 993/995 ports on certain systems) - thus when NFSv4 is in-place and it has not static ports assigned, it can consume randomly 993/995 port.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.