On Wed, Jan 04, 2006 at 10:46:06PM +0300, Dmitry Morozovsky wrote: > On Wed, 4 Jan 2006, Vivek Khera wrote: > > VK> I had rpcbind running with on two interfaces like this: > VK> > VK> rpcbind -h 192.168.100.200 -h 10.0.0.9 > VK> > VK> Now, I changed rpcbind_flags in /etc/rc.conf to just have the first > address, > VK> and I restarted rpcbind. the process list from ps shows it is running > like > VK> this: > VK> > VK> rpcbind -h 192.168.100.200 > VK> > VK> Yet nmap on the other address shows rpcbind is still listening on udp > there. > VK> How do I stop that? > > As I sometimes looked into this, rpcbind (formely portmap) listens on all > described addresses via udp *and* an tcp:*.111 - I tried to dig why is this > but > did not succeed much.
Please test this patch. It's probably a very naive fix, but seems to work OK. Ceri -- Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. -- Einstein (attrib.)
Index: rpcbind.8
===================================================================
RCS file: /usr/home/ncvs/src/usr.sbin/rpcbind/rpcbind.8,v
retrieving revision 1.7
diff -u -r1.7 rpcbind.8
--- rpcbind.8 18 Jan 2005 20:02:43 -0000 1.7
+++ rpcbind.8 6 Jan 2006 10:35:02 -0000
@@ -83,7 +83,7 @@
With this option, the name-to-address translation consistency
checks are shown in detail.
.It Fl h Ar bindip
-Specify specific IP addresses to bind to for UDP requests.
+Specify specific IP addresses to bind to.
This option
may be specified multiple times and is typically necessary when running
on a multi-homed host.
@@ -95,14 +95,14 @@
.Dv INADDR_ANY ,
which could lead to problems on a multi-homed host due to
.Nm
-returning a UDP packet from a different IP address than it was
+returning a packet from a different IP address than it was
sent to.
Note that when specifying IP addresses with
.Fl h ,
.Nm
will automatically add
.Li 127.0.0.1
-and if IPv6 is enabled,
+and, if IPv6 is enabled,
.Li ::1
to the list.
.It Fl i
Index: rpcbind.c
===================================================================
RCS file: /usr/home/ncvs/src/usr.sbin/rpcbind/rpcbind.c,v
retrieving revision 1.14
diff -u -r1.14 rpcbind.c
--- rpcbind.c 7 Nov 2004 04:32:51 -0000 1.14
+++ rpcbind.c 6 Jan 2006 10:28:10 -0000
@@ -209,11 +209,11 @@
struct passwd *p;
if((p = getpwnam(RUN_AS)) == NULL) {
- syslog(LOG_ERR, "cannot get uid of daemon: %m");
+ syslog(LOG_ERR, "cannot get uid of %s: %m", RUN_AS);
exit(1);
}
if (setuid(p->pw_uid) == -1) {
- syslog(LOG_ERR, "setuid to daemon failed: %m");
+ syslog(LOG_ERR, "setuid to %s failed: %m", RUN_AS);
exit(1);
}
}
@@ -272,7 +272,8 @@
* XXX - using RPC library internal functions. For NC_TPI_CLTS
* we call this later, for each socket we like to bind.
*/
- if (nconf->nc_semantics != NC_TPI_CLTS) {
+ if (nconf->nc_semantics != NC_TPI_CLTS &&
+ nconf->nc_semantics != NC_TPI_COTS_ORD) {
if ((fd = __rpc_nconf2fd(nconf)) < 0) {
int non_fatal = 0;
@@ -308,7 +309,8 @@
hints.ai_socktype = si.si_socktype;
hints.ai_protocol = si.si_proto;
}
- if (nconf->nc_semantics == NC_TPI_CLTS) {
+ if (nconf->nc_semantics == NC_TPI_CLTS ||
+ nconf->nc_semantics == NC_TPI_COTS_ORD) {
/*
* If no hosts were specified, just bind to INADDR_ANY.
Otherwise
* make sure 127.0.0.1 is added to the list.
@@ -348,7 +350,7 @@
hints.ai_flags &= AI_NUMERICHOST;
} else {
/*
- * Skip if we have an AF_INET6 adress.
+ * Skip if we have an AF_INET6 address.
*/
if (inet_pton(AF_INET6,
hosts[nhostsbak], host_addr) == 1)
@@ -361,7 +363,7 @@
hints.ai_flags &= AI_NUMERICHOST;
} else {
/*
- * Skip if we have an AF_INET adress.
+ * Skip if we have an AF_INET address.
*/
if (inet_pton(AF_INET, hosts[nhostsbak],
host_addr) == 1)
pgpcOPKf0MNey.pgp
Description: PGP signature
