OK, so now can you do the following for me?
1. Still, let's see the output of netstat -atpn | fgrep -e :2525tcp 0 0 0.0.0.0:2525 0.0.0.0:* LISTEN 3123/stunnel4
2. Don't kill the running stunnel process yet, I'd like to check what's
going on.
3. Show me the output of:
ls /var/run/*.pid
-rw-r--r-- 1 root root 5 Apr 14 07:01 /var/run/acpid.pid -rw-r--r-- 1 root root 5 Apr 14 07:01 /var/run/and.pid -rw-r--r-- 1 root root 5 Apr 14 07:01 /var/run/atd.pid -rw-r--r-- 1 root root 5 Apr 14 07:01 /var/run/console-kit-daemon.pid -rw-r--r-- 1 root root 5 Apr 14 07:01 /var/run/crond.pid -rw-r--r-- 1 root root 5 Apr 14 07:01 /var/run/ddclient.pid -rw-r--r-- 1 root root 5 Apr 14 07:01 /var/run/denyhosts.pid -rw-r--r-- 1 root root 5 Apr 14 07:01 /var/run/lightdm.pid -rw-r--r-- 1 root root 4 Apr 14 07:01 /var/run/memcached.pid -rw-r--r-- 1 root root 4 Apr 14 07:01 /var/run/ntpd.pid -rw-r--r-- 1 root root 4 Apr 14 07:00 /var/run/rpcbind.pid -rw-r--r-- 1 statd nogroup 5 Apr 14 07:00 /var/run/rpc.statd.pid -rw------- 1 root root 5 Apr 14 07:00 /var/run/sm-notify.pid -rw-r--r-- 1 root proxy 5 Apr 14 07:01 /var/run/squid.pid -rw-r--r-- 1 root root 5 Apr 14 07:01 /var/run/squid-prefetch.pid -rw-r--r-- 1 root root 6 Apr 15 08:45 /var/run/sshd.pid -rw-r--r-- 1 root root 5 Apr 14 07:01 /var/run/syslog-ng.pid
ls /var/run/stunnel/*.pid
ls: cannot access /var/run/stunnel/*.pid: No such file or directory
ls /var/run/stunnel4/*.pid
(it's okay if the second command gives back an error, I expect that;
it's also kind of okay if the third one gives an error, but I'd still
like to see that :))
ls: cannot access /var/run/stunnel4/*.pid: No such file or directory
4. Run the following command:
service stunnel4 stop 2>&1 | tee /tmp/stunnel-stop.log
...and then show me the full contents of /tmp/stunnel-stop.log
Stopping SSL tunnels: stunnel. root@compaq:/home/njh# cat /tmp/stunnel-stop.log Stopping SSL tunnels: stunnel. root@compaq:/home/njh#
I *think* that after you've run these commands I'll have enough info to fix this bug for other people's upgrades, so after that you'll be free to kill the stunnel process, if the netstat command shows that it is indeed an stunnel process listening on port 2525. After that, it'd be best if you add a line to the global section of your config file saying something like: pid = /var/run/stunnel4/smtp.verizon.pid ...and then "service stunnel4 start" and "service stunnel4 stop" should work properly.
I get the same error (I did a stop then a start): Starting SSL tunnels: [ ] Clients allowed=500 [.] stunnel 5.01 on x86_64-pc-linux-gnu platform [.] Compiled/running with OpenSSL 1.0.1g 7 Apr 2014 [.] Threading:PTHREAD Sockets:POLL,IPv6 SSL:ENGINE,OCSP,FIPS Auth:LIBWRAP [ ] errno: (*__errno_location ()) [.] Reading configuration from file /etc/stunnel/smtp.verizon.net.conf [.] FIPS mode disabled [ ] Compression disabled [ ] Snagged 64 random bytes from /dev/urandom [ ] PRNG seeded successfully [ ] Initializing service [ req ] [ ] No private key specified [ ] SSL options set: 0x00000004 [.] Configuration successful [!] Error binding service [ req ] to 0.0.0.0:2525 [!] bind: Address already in use (98) [ ] Closing service [ req ] [ ] Sessions cached before flush: 0 [ ] Sessions cached after flush: 0 [ ] Service [ req ] closed [Failed: /etc/stunnel/smtp.verizon.net.conf] You should check that you have specified the pid= in you configuration fileHere's my conf file now (just in case another pair of eyes shows something silly on my behalf):
sslVersion = SSLv3 debug = 5 output = /tmp/stunnel.out pid = /var/run/stunnel4/smtp.verizon.pid [ req ] client = yes accept = 2525 connect = smtp.verizon.net:465 So I ran the stop again and the ps shows it's still running: root@compaq:/etc/stunnel# service stunnel4 stop Stopping SSL tunnels: stunnel. root@compaq:/etc/stunnel# ps ax | fgrep stu3123 ? Ss 0:00 /usr/bin/stunnel4 /etc/stunnel/smtp.verizon.net.conf
32336 pts/8 S+ 0:00 fgrep stu root@compaq:/etc/stunnel# service stunnel4 stop Stopping SSL tunnels: stunnel. root@compaq:/etc/stunnel# echo $? 0 root@compaq:/etc/stunnel#
I'm almost thinking of reverting this part of upstream's change, so that pid files are created by default again, but I'll have to think about this a little bit more. Thanks for reporting the bug and for your assistance!
You're welcome. Regards, -Nigel
smime.p7s
Description: S/MIME Cryptographic Signature
