Opened 8 years ago
Closed 8 years ago
#952 closed defect (duplicate)
Listener socket not removed on stop: Address already in use
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-core | Version: | 1.9.x |
| Keywords: | socket, listen, tor, hidden service | Cc: | |
| uname -a: |
Linux xxx 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt20-1+deb8u2 (2016-01-02) x86_64 GNU/Linux
Linux moineau.riseup.net 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt20-1+deb8u2 (2016-01-02) x86_64 GNU/Linux |
||
| nginx -V: |
nginx version: nginx/1.6.2
TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt=-Wl,-z,relro --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_spdy_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module --add-module=/build/nginx-T5fW9e/nginx-1.6.2/debian/modules/nginx-auth-pam --add-module=/build/nginx-T5fW9e/nginx-1.6.2/debian/modules/nginx-dav-ext-module --add-module=/build/nginx-T5fW9e/nginx-1.6.2/debian/modules/nginx-echo --add-module=/build/nginx-T5fW9e/nginx-1.6.2/debian/modules/nginx-upstream-fair --add-module=/build/nginx-T5fW9e/nginx-1.6.2/debian/modules/ngx_http_substitutions_filter_module |
||
Description
If I make a server block with a listen configured for a unix socket, like this:
server {
listen unix:/run/tor/nginx-onion-80.sock;
server_name exampleonionaddress.onion;
allow "unix:";
deny all;
...
Then I can configure a tor hidden service to connect to that socket, and not open a inet listening port, such as this in torrc:
HiddenServicePort 80 unix:/run/tor/nginx-onion-80.sock
This works great, the socket is created by nginx, and tor can communicate with it. The only problem is when you restart, or stop nginx, that socket is not removed, and then when nginx starts, it fails because it expects to be able to create that socket and bind to it, but its already there, this is the error that is produced:
2016/04/11 23:45:43 [emerg] 1480#0: bind() to unix:/run/tor/nginx-onion-80.sock failed (98: Address already in use) 2016/04/11 23:45:43 [emerg] 1480#0: bind() to unix:/run/tor/nginx-onion-80.sock failed (98: Address already in use) 2016/04/11 23:45:43 [emerg] 1480#0: bind() to unix:/run/tor/nginx-onion-80.sock failed (98: Address already in use) 2016/04/11 23:45:43 [emerg] 1480#0: bind() to unix:/run/tor/nginx-onion-80.sock failed (98: Address already in use) 2016/04/11 23:45:43 [emerg] 1480#0: bind() to unix:/run/tor/nginx-onion-80.sock failed (98: Address already in use) 2016/04/11 23:45:43 [emerg] 1480#0: still could not bind()
and then it fails to start. I have to manually remove that socket after stopping nginx, before starting it again.
I believe that nginx should clean this up when it stops.
Change History (2)
comment:2 by , 8 years ago
| Resolution: | → duplicate |
|---|---|
| Status: | new → closed |
Whether or not unix listening sockets are removed depends on how nginx is stopped. See ticket #753.
First of all, I suggest to update to a modern nginx version of nginx.
Anyway, I've tested with 1.6.2, and it works for me - the socket is removed on exit.
Run your nginx with debugging log enabled (see http://nginx.org/en/docs/debugging_log.html). You should see the lines like this when stopping: