as described on the mailinglist: A recent kernel security update[1] caused some issues with our ctdb cluster; messages like: | We are still serving a public IP 'x.x.x.x' that we should not be serving. Removing it | common/system_common.c:89 failed to open raw socket (Invalid argument) | Could not find which interface the ip address is hosted on. can not release it and | common/system_linux.c:344 failed to open raw socket (Invalid argument) The corresponding parts in ctdb's code look like this: | s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW)); converting IPPROTO_RAW to 0xff00 (from strace): | socket(PF_INET, SOCK_RAW, 0xff00 /* IPPROTO_??? */) = -1 EINVAL (Invalid argument) Removing htons() from both calls seems to fix the issue for us. To have the original behavior, one could use IPPROTO_IP which is 0. [1] https://security-tracker.debian.org/tracker/CVE-2015-8543
Created attachment 11802 [details] Patches for v4-4 branch
Created attachment 11803 [details] Patches for v4-3 branch
Hi Karolin, This one is for 4.3 and 4.4 branches.
For reference, the ML discussion is at https://lists.samba.org/archive/samba/2016-January/197434.html, Commits on master are: https://git.samba.org/?p=samba.git;a=commitdiff;h=9f8395cb7d49b63a82f75bf504f5f83920102b29 https://git.samba.org/?p=samba.git;a=commitdiff;h=9f94620a308a3b17c1886c2c4807b34b8d5edacb (And also, Debian bug: https://bugs.debian.org/813406)
(In reply to Amitay Isaacs from comment #3) Pushed to autobuild-v4-[3|4]-test.
(In reply to Karolin Seeger from comment #5) Pushed to both branches. Closing out bug report. Thanks!