Univention Bugzilla – Bug 50135
[UDM HTTP API] API server listens on *:8888
Last modified: 2019-09-22 15:51:13 CEST
There is no reason to have the tornado process listen on *:8888. Localhost is sufficient, as it is proxied by Apache anyway. 8000, 8080 and 8888 are often used by Python web applications. Let the API server listen only on 127.0.0.1 and use a custom, "unusual" port like 9753.
The port is currently configurable via 'directory/manager/rest/server/port' and with the univention-firewall not reachable via extern. But we can also let it bind to 127.0.0.1. We have no registry about ports which are used by apps, etc. I can change it to something random.
I changed the default to port 9979 and use the 127.0.0.1 loopback interface. univention-management-console-module-udm (9.0.12-34) a2b9ea5b984e | Bug #50135: Bug #27816: make interface configurable, use 9979 as default port, use 127.0.0.1 as default interface
OK: code change OK: manual tests: $ lsof -Pni | grep $(pgrep -f univention.management.server) python2.7 18200 root 6u IPv4 48347504 0t0 TCP 127.0.0.1:9979 (LISTEN) $ ucr set directory/manager/rest/server/port=12345 Create directory/manager/rest/server/port File: /etc/apache2/sites-available/univention-management.conf $ service univention-directory-manager-rest restart $ lsof -Pni | grep $(pgrep -f univention.management.server) python2.7 2057 root 6u IPv4 48434206 0t0 TCP 127.0.0.1:12345 (LISTEN) $ ucr set directory/manager/rest/server/address=10.200.3.66 Create directory/manager/rest/server/address $ service univention-directory-manager-rest restart $ lsof -Pni | grep $(pgrep -f univention.management.server) python2.7 2087 root 6u IPv4 48429020 0t0 TCP 10.200.3.66:12345 (LISTEN) $ ucr set 'directory/manager/rest/server/address=*' Setting directory/manager/rest/server/address $ service univention-directory-manager-rest restart $ lsof -Pni | grep $(pgrep -f univention.management.server) python2.7 2116 root 6u IPv6 48430574 0t0 TCP *:12345 (LISTEN) $ wget http://10.200.3.66:12345 Verbindungsaufbau zu 127.0.0.1:12345 … verbunden. $ wget http://127.0.0.1:12345 Verbindungsaufbau zu 127.0.0.1:12345 … verbunden. $ ucr unset directory/manager/rest/server/port directory/manager/rest/server/address Unsetting directory/manager/rest/server/port Unsetting directory/manager/rest/server/address File: /etc/apache2/sites-available/univention-management.conf $ service univention-directory-manager-rest restart $ lsof -Pni | grep $(pgrep -f univention.management.server) python2.7 2251 root 6u IPv4 48430782 0t0 TCP 127.0.0.1:9979 (LISTEN) REOPEN: missing UCRV descriptions
Added UCR-Variables description: univention-directory-manager-rest (9.0.15-2) 470219b302ab | Bug #50135: describe UCR variables
[4.4-1 247de7fb1f] Bug #50135: wording Not rebuilt, as I'm sure there will be more rebuilds soon.
<http://errata.software-univention.de/ucs/4.4/282.html>