Bug 102989 - portmap ignores entries in /etc/services
portmap ignores entries in /etc/services
Product: Fedora
Classification: Fedora
Component: glibc (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jakub Jelinek
Brian Brock
Depends On:
  Show dependency treegraph
Reported: 2003-08-24 07:59 EDT by Nils Philippsen
Modified: 2007-11-30 17:10 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-04-28 12:42:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Sourceware 456 None None None Never

  None (edit)
Description Nils Philippsen 2003-08-24 07:59:52 EDT
Description of problem:

spamd (of spamassassin) would like to use port 783/tcp, but can't do this
because rpc.mountd already uses this port, even though it is listed in

nils@wombat:~> grep '[^0-9]783/tcp' /etc/services
spamd           783/tcp                         # SpamAssassin Daemon

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. (Stop spamd, Re)Start nfs (rpc.mountd)
2. (Re)Start spamassassin (spamd)
3. Lather, rinse, repeat until rpc.mountd mysteriously gets spamd's port
Actual results:

rpc.mountd gets port 783/tcp

Expected results:

rpc.mountd doesn't get any port listed in /etc/services

Additional info:

This could also be relevant for other daemons
Comment 1 Steve Dickson 2003-08-25 09:06:29 EDT
mountd using the bindresvport() lib routine to bind a 
reserve port. bindresvport() starts at port 600 and works
it way down until a free port is found or IPPORT_RESERVED-1
is reached (in this case an error is returned).

So it not mountd ignorning defined service ports, its 
bindresvport() (which has been a problem since the beginning
of time)....

There are two workarounds to this problem
1) make sure spamd startes before mountd
2) explicitly set the port mound uses with the -d flag

Comment 2 Nils Philippsen 2005-04-03 06:54:19 EDT
Hmm, seems this has to be solved in glibc then (if it hasn't already), one way
or another we should be able to specify ports that bindresvport() doesn't touch
(be it via /etc/services or other means).
Comment 3 Warren Togami 2005-04-03 07:36:42 EDT
Nils is referring to Bug #102956 where spamassassin is still conflicting with
this issue.
Comment 4 Warren Togami 2005-04-04 03:58:20 EDT
> 1) make sure spamd startes before mountd
This may be unwise, because spamd can manipulate data that may in a mounted
Comment 5 Jakub Jelinek 2005-04-04 04:38:44 EDT
I can't find a bug number, but this has been certainly discussed in the past.
Skipping priviledged ports that are in /etc/services is not a good idea,
maybe our /etc/services is incomplete, but basically all numbers between 600
and 1023 are already assigned to some program, sometimes to several.

I think the result was that this should be managed by initscripts daemon or
something, that will prebind the ports that will be needed for services it is
going to start and then free them when the services are going to start or
something, but I don't remember details.
Comment 6 Steve Dickson 2005-04-04 12:58:21 EDT
Although this was not the case before, you can now predefine
all the ports the rpc daemons will use which really 
helps getting through firewalls as well as with this 
issue (I would suspect)....
Comment 7 Roland McGrath 2005-04-05 16:10:35 EDT
See also bug #103401
Comment 8 Roland McGrath 2005-04-05 16:13:02 EDT
Btw, comment #4 makes no sense.  mountd is only involved in exporting
filesystems, not in anything that the machine itself mounts.
Comment 9 Warren Togami 2005-04-05 19:35:01 EDT
Comment 10 Ulrich Drepper 2005-04-28 12:06:15 EDT
This bug should be closed.  glibc cannot be responsible for port reservations. 
It is impossible to look at /etc/services since, as said *many* times before,
all the ports are officially allocated.

Nils, just close it and find some other way.  I though xinetd can help.

Note You need to log in before you can comment on or make changes to this bug.