-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, Oct 01, 2017 at 07:43:47AM -0400, Gene Heskett wrote: > On Sunday 01 October 2017 03:34:19 to...@tuxteam.de wrote: > > > On Sun, Oct 01, 2017 at 01:28:39AM -0400, Gene Heskett wrote: > > > > [...] > > > > > > > Assuring that my port is not in this IANA list is not enough to > > > > > ensure that my port number will not clash with a port number > > > > > used by a Debian package (by default). > > > > > > > > > > So your answer to my question is wrong. > > > > > > In which case debian should publish the unlisted ports they do use, > > > if for no other reason than to "stake a claim". > > > > "Debian" "should". Gene, you "should" know better ;-) > > > > Want to start with it? Write a script which scans the /etc files in > > all Debian packages for network configurations. > > > That might be possible IF you wanted to use a tool like grep, but in 30 > years I've not found a way to silence the "binary file matches" messages > from grep. That apparently un-muffle-able noise without chaining two or > more invocations of grep makes it worthless for 95% of the searches I > might do. The best I can do finds 460 instances of " port " in my > own /etc tree, but from looking at that output, less than 100 actually > assign a number, most use the output of some other function to assign > the port.
Out of grep's fine manual: --binary-files=TYPE If the first few bytes of a file indicate that the file contains binary data, assume that the file is of type TYPE. By default, TYPE is binary, and grep normally outputs either a one-line message saying that a binary file matches, or no message if there is no match. If TYPE is without-match, grep assumes that a binary file does not match; this is equivalent to the -I option. If TYPE is text, grep processes a binary file as if it were text; this is equivalent to the -a option. Warning: grep --binary-files=text might output binary garbage, which can have nasty side effects if the output is a terminal and if the terminal driver interprets some of it as commands. So I'd try --binary-file=without-match (or its shorter cousin -I). > So opening up every deb in /var/cache/apt/archives to search thru each > ones /etc files might take this machine a week or more, and you would > still have less than 25% of the numerical values. One things for sure, > it would take a more imaginative approach than mine because so much of > it appears to be dynamic assignments. One would have to emulate how each > goes about it, and then its only valid for that machine at that box of > time, however long it took. > > However, since it seems so much of that is dynamic, one could possibly > use the dynamic method to find a currently unused server port when the > client requests a connection, and the client can check the number > assigned against its own list of ports, and accept or reject, wash rinse > repeat until one is usable by both. Correctly done, I see at least > 20,000 possibilities in the /etc/services list. The OP just needs to > find a coder who can write such a critter. Problem is, there are several such "dynamic" approaches. The older one is Sun RPC's portmapper, which does have its downsides. So my advice would be "relax". If there's a sysadmin around, just make debugging of a clash easier, if not, look into all of those container/ orchestration frameworks, which have to tackle the problem more systematically. Cheers - -- tomás -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlnQ5EwACgkQBcgs9XrR2kZDcgCeKmFQ/WlViB2AXkptG94qslzr NNcAnRMtsAzjPoPRHOQfOGZz79o0YJ49 =9WM+ -----END PGP SIGNATURE-----