Package: exim4 Version: 4.94.5 Severity: grave On installation, Exim 4.94.5 will enable IPv6 *by default*, ignoring several mechanisms in place to explicitly disable IPv6:
1. A kernel command line explicitly disabling ipv6: [code] ipv6.disable=1 [/code] 2. An /etc/hosts file with no machine readable IPv6 lines: [code] user@chuck:~$ cat /etc/hosts # 127.0.0.1 localhost debian # # remmed to disable ip6 #::1 localhost ip6-localhost ip6-loopback #fe00::0 ip6-localnet #fe00::0 ip6-mcastprefix #fe02::1 ip6-allnodes #fe02::1 ip6-allrouters user@chuck:~$ [/code] 3. An /etc/ssh/ssh_config file explicitly disabling ipv6: [code] user@chuck:~$ cat /etc/ssh/ssh_config --- snip --- AddressFamily inet # instead of 'any' or 'inet6' --- snip --- user@chuck:~$ [/code] This in turn creates this paniclog message: [code] IPv6 socket creation failed: Address family not supported by protocol [/code] On a machine with a DNS server (Unbound) running on a VBox virtual machine which is also explicitly configured disable IPv6, there will also be a rather annoying 30s delay at boot time. This seems to be due to Exim talking directly to the DNS resolver which will not answer AAAA queries as the machine it runs on is not configured to use IPv6. After waiting for 30s, Exim will continue loading. This can be avoided by adding this line to the 'Main' section of exim4.conf.template: [code] disable_ipv6 = true [/code] Once update-exim4.conf is run and the machine reboots, the delay has gone away and there is no paniclog message. To reproduce the problem, rolling back the edit of the exim4.conf.template will bring back the 30s delay and the paniclog message. At the very least, add the disable_ipv6 = true (or false) to the exim4.conf.template file, with the proper comments so that the issue will not be hard to fix. I had to add the line, it was not there by default in any of its possible variants: ie: disable_ipv6 = true ; disable_ipv6 = false ; disable_ipv6 = The *best* solution would be to have the installer check for the existence of the ipv6.disable=1 stanza in the kernel command line and then ask for IPv6 confirmation if the line is not there. A very small portion of the web runs on IPv6 and it will be some years before IPv6 becomes the default option. Thanks in advance.
