[stunnel-users] stunnel HUP bug

Stefan Behte s.behte at babiel.com
Wed Feb 9 12:37:16 CET 2011


>Stefan Behte wrote:
>> 2011.02.09 11:25:18 LOG3[1338:139976438163200]: Error binding https to
>> 2011.02.09 11:25:18 LOG3[1338:139976438163200]: bind: Permission denied
>> (13)
>> setuid = stunnel
>> setgid = stunnel

>On Unix you have to be root to bind port <1024.
>Remove setuid from your configuration file.

I was confused as it works just fine with a simple restart and I've never experienced this -HUP behaviour with a unix daemon yet, so it seemed like an bug and not a design decision to me.

Well: the setuid is not the underlying problem and dropping that line is just a workaround because of the way stunnel drops its privileges:
as far as I understand it, the problem is that after binding the port and dropping privileges, the process cannot rebind the port as those privileges were already dropped and the HUP is send to a process that cannot get/grant those privileges again. AFAIK other products like apache solve this problem by running a main process as root and dropping privileges/capabilities in subprocesses/threads that handle the connections. If you want to kill -HUP apache, you send it to the main process, not a process running with lower privileges.

To be honest, I do not like the way stunnel currently handles this, when I send a -HUP, I expect it to reload my config, without exceptions. Well, it is a design decision, a workaround exists and it's documented, but still...

Best regards,

Stefan Behte

More information about the stunnel-users mailing list