Cannot prevent rpcbind from listening on all interfaces for TCP connections
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
rpcbind (Debian) |
New
|
Undecided
|
Unassigned | ||
rpcbind (Ubuntu) |
Triaged
|
Wishlist
|
Unassigned | ||
Precise |
Won't Fix
|
Undecided
|
Unassigned | ||
Trusty |
Won't Fix
|
Undecided
|
Unassigned | ||
Utopic |
Won't Fix
|
Undecided
|
Unassigned | ||
Vivid |
Won't Fix
|
Medium
|
Unassigned |
Bug Description
There is no way to prevent rpcbind from listening on all interfaces for TCP connections. The setting "-h" only applies to UDP connections. There is a bug and fix from 2007:
https:/
The link to the fix gives a 404 for me, but it probably is in their VCS.
How to reproduce:
1. install rpcbind
2. in /etc/default/
OPTIONS="$OPTIONS -h 192.168.255.1"
3. restart rpcbind
root@node1 ~ # netstat -lnp | grep rpcbind
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 8982/rpcbind
tcp6 0 0 :::111 :::* LISTEN 8982/rpcbind
udp 0 0 192.168.255.1:111 0.0.0.0:* 8982/rpcbind
udp 0 0 127.0.0.1:111 0.0.0.0:* 8982/rpcbind
udp 0 0 0.0.0.0:677 0.0.0.0:* 8982/rpcbind
udp6 0 0 ::1:111 :::* 8982/rpcbind
udp6 0 0 :::677 :::* 8982/rpcbind
The same applies to rpc.statd: even when supplying the
-n, --name ipaddr | hostname
option, it still listens on all interfaces, while '--outgoing-port' and '--port' work as expected:
/etc/default/
STATDOPTS="--name 192.168.255.1 --port 32765 --outgoing-port 32766"
root@node1 ~ # netstat -lnp | grep rpc.statd
tcp 0 0 0.0.0.0:32765 0.0.0.0:* LISTEN 8988/rpc.statd
tcp6 0 0 :::32765 :::* LISTEN 8988/rpc.statd
udp 0 0 0.0.0.0:32765 0.0.0.0:* 8988/rpc.statd
udp 0 0 127.0.0.1:684 0.0.0.0:* 8988/rpc.statd
udp6 0 0 :::32765 :::* 8988/rpc.statd
Related branches
- Ubuntu branches: Pending requested
-
Diff: 274 lines (+254/-0)3 files modifieddebian/changelog (+8/-0)
debian/patches/rcpbind-tcp-bind-specific-addrs.patch (+245/-0)
debian/patches/series (+1/-0)
Changed in rpcbind (Ubuntu): | |
assignee: | nobody → Jorge Niedbalski (niedbalski) |
importance: | Undecided → Medium |
status: | Confirmed → In Progress |
tags: | added: rls-v-notfixing |
tags: | added: cts |
Changed in rpcbind (Ubuntu): | |
status: | In Progress → Confirmed |
Changed in rpcbind (Ubuntu Vivid): | |
status: | In Progress → Confirmed |
Changed in rpcbind (Ubuntu): | |
assignee: | Jorge Niedbalski (niedbalski) → nobody |
Changed in rpcbind (Ubuntu Vivid): | |
assignee: | Jorge Niedbalski (niedbalski) → nobody |
Status changed to 'Confirmed' because the bug affects multiple users.