Bug 411761
Summary: | rpcbind listens on random, possibly reserved UDP port | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Jay Turner <jturner> |
Component: | rpcbind | Assignee: | Steve Dickson <steved> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | high | Docs Contact: | |
Priority: | medium | ||
Version: | 8 | CC: | lkundrak, srevivo |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-06-02 11:02:23 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 235705 |
Description
Lubomir Kundrak
2007-12-05 10:21:04 UTC
> How does rpcbind pick ports to listen on? rpcbind always listens on port 111. > Does it need a low port for security reasons? rpcbind expects applications that register their port to use reserved ports but that should be a short lived connection. > Would it be possible to pick a range of ports it chooses from? Unfortunately there is no mechanism that will mask out "known" (i.e in /etc/services) reserved ports. (In reply to comment #1) > > How does rpcbind pick ports to listen on? > rpcbind always listens on port 111. When I terminate nfs daemons an ypbind, which I beleve to be the only rpcbind users and restart rpcbind, there's still a random reserved port in use: [root@Loori ~]# rpcinfo -s program version(s) netid(s) service owner 100000 2,3,4 local,udp,tcp portmapper superuser [root@Loori ~]# netstat -lp |grep rpcbind tcp 0 0 *:sunrpc *:* LISTEN 7607/rpcbind udp 0 0 *:puparp *:* 7607/rpcbind udp 0 0 *:sunrpc *:* 7607/rpcbind unix 2 [ ACC ] STREAM NASLOUCHÁ 235733 7607/rpcbind /var/run/rpcbind.sock [root@Loori ~]# Note the *:puparp. > > Does it need a low port for security reasons? > rpcbind expects applications that register their > port to use reserved ports but that should be > a short lived connection. So if I understand correctly, an application is to blame, though it doesn't look like that to me from the above. And if it were -- is "short lived" a good excuse for picking a reserved port? > > Would it be possible to pick a range of ports it chooses from? > Unfortunately there is no mechanism that will mask out > "known" (i.e in /etc/services) reserved ports. Would there be any other solution to the problem than writing such mechanism? Ping; Any news here? |