On 9/4/23 12:36, Michael Peddemors wrote:
However, I 'get' this persons' opinion, from a developers perspective.
The system should either run, or provide a clear reason why it didn't startup (that reason could be .. You have selected * but IPv6 is not available). Doesn't really matter what the dependency is, whether a missing package, or a service not responding, there should be sane checks, and turning off IPv6 is probably a lot more popular than you think, given the increased attack vector and other observed issues.
But of course, the listen directive can easily be modified. Just harder for newbies looking for an 'out of the box' solution.
The following is in my /etc/dovecot/dovecot.conf file. Ubuntu 22, using the official dovecot APT repo:
# A comma separated list of IPs or hosts where to listen in for connections. # "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces. # If you want to specify non-default ports or anything more complex, # edit conf.d/master.conf. listen = *
My dovecot (version 2:2.3.20-3+ubuntu20.04) works just fine. I have IPv6 completely disabled on the server.
The comment in my config file indicates that * should be all available IPv4 interfaces, which contradicts what you said above. Maybe on my version the comment is right and for newer versions it isn't?
I have found a bunch of software that will refuse to run if IPv6 is disabled unless configured explicitly to use v4 and disable v6. I find this trend disturbing. In one case (atftpd) it took me a very long time to determine that the lack of an IPv6 interface was the cause for the program not starting. Once I figured that out, I just added "--ipv4" to the /etc/default/atftpd file and it started working.
Even if * really means "all interfaces" and not "all IPv4 interfaces" as the comment indicates ... if no IPv6 interfaces are found, dovecot should proceed with the interfaces it finds, not fail when none of those interfaces have IPv6 addressing.
To the OP: Was it obvious in logs that IPv6 was the problem? In a lot of cases programs that refuse to start without IPv6 being available will do so silently. It's the silently part that's the real problem with this trend.
Thanks, Shawn