Details
-
Bug
-
Status: Resolved (View Workflow)
-
Medium
-
Resolution: Fixed
-
29.0.5
-
Security Level: Default (Default Security Scheme)
-
Horizon 22 - April 13 - 27, Horizon - April 27 - May 11
-
1070
Description
Hi Team,
While working on ensuring non-root users can bind to privileged ports [UDP/162 and UDP/514] noticed the below on Minions for both root and non-root users
Setup:
I have OpenNMS-Core and Minions communicating over Kafka.
I have 2 minions one running as root another running as non-root.
Setup minions to listen on UDP/162 and UDP/514 for trapd-listeners and syslog-listeners respectively
Issue:
Noticed when kafka-cluster is unavailable, and at that time if the minion service is started, it starts but the minion's trapd-listener does not bind to udp/162 as mentioned in "org.opennms.netmgt.trapd.cfg" and although "trapd-listener" does not bind to udp/162 I can see the "syslog-listener" binding to udp/514 as configured in "org.opennms.netmgt.syslog.cfg".
This seems to be an issue since, if we are using the off-heap feature and minion does not bind to udp/162 till kafka-cluster is available then traps being sent will not be processed at all.
The below screenshot you can see udp/514 is binded but udp/162 is not binded to up until the last time netstat was run, it binded here since that time i started kafka-cluster back up.