Description of problem:
rpcbind uses a random UDP port between about 600/UDP and 1023/UDP. Sometimes rpcbind happens to use a UDP port that is required for Kerberos. In that case, Kerberos fails to start. FreeIPA's CI is running into the issue every now and then.

Version-Release number of selected component (if applicable):
rpcbind-0.2.4-8.rc3.fc27.x86_64

How reproducible:
rarely

Steps to Reproduce:
1. restart rpcbind a lot until it eventually uses 749/udp

Actual results:
kadmin fails to start

Jun 19 13:12:13 master.ipa.test kadmind[16427](info): setting up network...
kadmind: setsockopt(8,IPV6_V6ONLY,1) worked
kadmind: setsockopt(10,IPV6_V6ONLY,1) worked
kadmind: Address already in use - Cannot bind server socket on 0.0.0.0.749
Jun 19 13:12:13 master.ipa.test kadmind[16427](Error): Failed setting up a RPC socket (for 0.0.0.0.749)
kadmind: Address already in use - Error setting up network
Jun 19 13:13:13 master.ipa.test kadmind[17767](info): setting up network...
kadmind: setsockopt(8,IPV6_V6ONLY,1) worked
kadmind: setsockopt(10,IPV6_V6ONLY,1) worked
kadmind: Address already in use - Cannot bind server socket on 0.0.0.0.749
Jun 19 13:13:13 master.ipa.test kadmind[17767](Error): Failed setting up a RPC socket (for 0.0.0.0.749)
kadmind: Address already in use - Error setting up network


Expected results:
rpcbind never takes a Kerberos port

Additional info:
rpcbind should be more careful when it selects a random UDP port. I suggest that rpcbind never uses a UDP port that has been reserved for a service in /etc/services, e.g. with getservbyport(port, "udp"). See https://linux.die.net/man/3/getservbyport

The issue affects F27, F28, rawhide, and RHEL 7. RHEL 6 had portreserve but it's no longer available in RHEL 7.