Jeremy Herbison wrote: > As I posted in blfs-support, it appears portmapper, at least when run using > the blfs bootscript (and not started by inetd/xinetd as the portmapper manpage > recommends), runs as UID 1 regardless of whether or not that is even a valid > UID. Either the book needs to add a "bin" user (I assume that's what it wants > to run as) for portmapper, or (preferably) a patch to portmap is needed. > > Actually I suppose that if running under xinetd fixes the problem, that could > be the solution, too.
Interesting. Looking at the source of pmap_check.c: void check_startup() { /* * Give up root privileges so that we can never allocate a privileged * port when forwarding an rpc request. */ if (setuid(1) == -1) { syslog(LOG_ERR, "setuid(1) failed: %m"); exit(1); } (void) signal(SIGINT, toggle_verboselog); } It would appear that there is no choice of uid given to the user. OTOH, I don't really see a problem with portmap running as uid 1. The only reason I can see we would need an entry in the passwd file is for programs like ps and top to translate the numeric uid to a name. The name used would be arbitrary. The traditional name for uid 1 is, of course, bin. Also, I don't see where portmap is to be run out of a superserver. The man page specifically says: "Portmap must be started before any RPC servers are invoked." It is designed to be run as a full time daemon. --Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page