On Fri, Jan 06, 2006 at 05:35:28PM +0300, Dmitry Morozovsky wrote: > On Fri, 6 Jan 2006, Ceri Davies wrote: > > CD> > VK> I had rpcbind running with on two interfaces like this: > CD> > VK> > CD> > VK> rpcbind -h 192.168.100.200 -h 10.0.0.9 > CD> > VK> > CD> > VK> Now, I changed rpcbind_flags in /etc/rc.conf to just have the first > address, > CD> > VK> and I restarted rpcbind. the process list from ps shows it is > running like > CD> > VK> this: > CD> > VK> > CD> > VK> rpcbind -h 192.168.100.200 > CD> > VK> > CD> > VK> Yet nmap on the other address shows rpcbind is still listening on > udp there. > CD> > VK> How do I stop that? > CD> > > CD> > As I sometimes looked into this, rpcbind (formely portmap) listens on > all > CD> > described addresses via udp *and* an tcp:*.111 - I tried to dig why is > this but > CD> > did not succeed much. > CD> > CD> Please test this patch. It's probably a very naive fix, but seems to > CD> work OK. > > Well, two objections: > > - (obvious and dumb ;): three kinds of changes inside: behaviour, style and > typo ;-)))
Well yeah, but I figured that didn't matter for now. I disagree that the RUN_AS stuff is style though; the previous hardcoded "daemon" completely takes away the point of the '#define RUN_AS "daemon"'. If you are referring to my indentation, again that's just a "keep the patch simple" thing. Anyway... > - serious: no way to run on NO_INET6 kernel: > > [EMAIL PROTECTED]:/usr/src/usr.sbin/rpcbind# pid rpc > 83231 ?? Ss 0:00.00 /usr/obj/ar/src.6/usr.sbin/rpcbind/rpcbind > [EMAIL PROTECTED]:/usr/src/usr.sbin/rpcbind# killall rpcbind > [EMAIL PROTECTED]:/usr/src/usr.sbin/rpcbind# pid rpc > [EMAIL PROTECTED]:/usr/src/usr.sbin/rpcbind# rpcbind > [EMAIL PROTECTED]:/usr/src/usr.sbin/rpcbind# rpcinfo -p > program vers proto port service > 100000 4 tcp 111 rpcbind > 100000 3 tcp 111 rpcbind > 100000 2 tcp 111 rpcbind > 100000 4 udp 111 rpcbind > 100000 3 udp 111 rpcbind > 100000 2 udp 111 rpcbind > 100000 4 local 111 rpcbind > 100000 3 local 111 rpcbind > 100000 2 local 111 rpcbind > [EMAIL PROTECTED]:/usr/src/usr.sbin/rpcbind# killall rpcbind > [EMAIL PROTECTED]:/usr/src/usr.sbin/rpcbind# > /usr/obj/ar/src.6/usr.sbin/rpcbind/rpcbind > [EMAIL PROTECTED]:/usr/src/usr.sbin/rpcbind# rpcinfo -p > rpcinfo: can't contact portmapper: RPC: Port mapper failure - RPC: Success > [EMAIL PROTECTED]:/usr/src/usr.sbin/rpcbind# sockstat -4 | grep rpc > root rpcbind 83332 7 udp4 *:111 *:* > root rpcbind 83332 8 udp4 *:608 *:* > root rpcbind 83332 9 tcp4 *:111 *:* That's more annoying. It's not INET6 though; it's because the local transport is also tpi_cots_ord, so /var/run/rpcbind.sock is not getting created. I'll take another go at this over the weekend. Ceri -- Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. -- Einstein (attrib.)
pgpXkG0Mwshuf.pgp
Description: PGP signature