Re: apache 1.3.23 ipv6 binary

To: Jeroen Massar <jeroen@unfix.org>
Cc: debian-ipv6@lists.debian.org
Subject: Re: apache 1.3.23 ipv6 binary
From: 'Sjoerd Simons' <sjoerd@air.luon.net>
Date: Sun, 14 Jul 2002 02:01:21 +0200
Message-id: <[🔎] 20020714000121.GB26194@air.luon.net>
In-reply-to: <[🔎] 004701c22ac6$23d7c670$420d640a@unfix.org>
References: <[🔎] 20020713231612.GA26194@air.luon.net> <[🔎] 004701c22ac6$23d7c670$420d640a@unfix.org>

On Sun, Jul 14, 2002 at 01:36:40AM +0200, Jeroen Massar wrote:
> Sjoerd Simons [mailto:sjoerd@air.luon.net] wrote:
> 
> > On Sun, Jul 14, 2002 at 12:32:26AM +0200, Jeroen Massar wrote:
> <SNIP>
> > > I still don't know why it's there... is it because people
> > > "open up ports in ipv6 which they firewall in v4" or ???
> > 
> > See bug #82468. It's an incompatibility in the linux 2.2 kernel ipv6
> > structures and the glibc 2.2 ipv6 structures. One could argue 
> > it's a system  misconfiguration, but the ssh package maintainer choose
> for 
> > the --ipv4-default workaround apparently. 
> 
> Now I remember :)
> But isn't that where the depends and conflicts are for ?
> eg:
> 8<---
> Depends: libc6 (>= 2.2.4-4), kernel-image (>= 2.3)
> Conflicts: kernel-image (<< 2.3)
> --->8
> But then this would force users to upgrade to 2.4 and not anybody wants
> that.

If you've got a 2.2 kernel but no ipv6 there are no problems.

> Other tactic:
> 8<---
> Package: ssh
> Depends: (ssh-kernel22 (= 3.4p1) & kernel-image (<< 2.3)) ||
> (ssh-kernel24 (= 3.4p1) & kernel-image (>= 2.3))
> --->8
> A small pseudo package requiring the correct version depending on
> kernel/glibc.
> Though this one very probably won't work with current dpkg <grin>
> 
> Or the 'easy' way would be adding a seperate package called ssh-ipv6 or
> ssh-kernel24 in the maintree, then put a little
> check in the main ssh package, and ask the user if he/she/it/...
> wouldn't rather have a ipv6-default supportin version
> as he/she/it/... is using a newer glibc&kernel :)
> 
> This still only 'fixes' SSH...
Ugly solutions that don't solve the real problem.

As i said the problem is that the system is misconfigured imho. bind9
works around this by detected the problem and turning off it's ipv6
support. ssh doesn't and gets into trouble. Probably other ipv6 enabled
application will get into trouble too. The applications are using valid
programming interfaces so the problem isn't really theirs.

Maybe the right way is to inform people about the problem (in the libc6
Readme.Debian??) and just remove the ipv4-default from the ssh package.
It's important to note it isn't just a ssh problem, but only that it's
just a highly visible application that's getting caught by the real problem.

  Sjoerd
-- 
God may be subtle, but he isn't plain mean.
		-- Albert Einstein


-- 
To UNSUBSCRIBE, email to debian-ipv6-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: apache 1.3.23 ipv6 binary
  - From: Sjoerd Simons <sjoerd@air.luon.net>
- RE: apache 1.3.23 ipv6 binary
  - From: "Jeroen Massar" <jeroen@unfix.org>

Prev by Date: RE: apache 1.3.23 ipv6 binary
Next by Date: Re: Common IPv6-enabled .deb repository and web pages
Previous by thread: RE: apache 1.3.23 ipv6 binary
Next by thread: Re: apache 1.3.23 ipv6 binary
Index(es):
- Date
- Thread