From owner-freebsd-stable@FreeBSD.ORG  Fri Jan  6 10:37:31 2006
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: stable@freebsd.org
Delivered-To: freebsd-stable@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 62F0416A41F
	for <stable@freebsd.org>; Fri,  6 Jan 2006 10:37:31 +0000 (GMT)
	(envelope-from ceri@submonkey.net)
Received: from shrike.submonkey.net (cpc2-cdif2-3-1-cust208.cdif.cable.ntl.com
	[82.31.78.208]) by mx1.FreeBSD.org (Postfix) with ESMTP id 46FA543D49
	for <stable@freebsd.org>; Fri,  6 Jan 2006 10:37:30 +0000 (GMT)
	(envelope-from ceri@submonkey.net)
Received: from ceri by shrike.submonkey.net with local (Exim 4.60 (FreeBSD))
	(envelope-from <ceri@submonkey.net>)
	id 1EuoyK-0003su-Nx; Fri, 06 Jan 2006 10:37:24 +0000
Date: Fri, 6 Jan 2006 10:37:24 +0000
From: Ceri Davies <ceri@FreeBSD.org>
To: Dmitry Morozovsky <marck@rinet.ru>
Message-ID: <20060106103648.GJ31522@submonkey.net>
Mail-Followup-To: Ceri Davies <ceri@FreeBSD.org>,
	Dmitry Morozovsky <marck@rinet.ru>, Vivek Khera <vivek@khera.org>,
	stable@freebsd.org
References: <A97CE7DE-1841-41D0-B702-E82761FCDD3B@khera.org>
	<20060104222846.K98554@woozle.rinet.ru>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="KMIs29sPfC/9Gbii"
Content-Disposition: inline
In-Reply-To: <20060104222846.K98554@woozle.rinet.ru>
X-PGP: finger ceri@FreeBSD.org
User-Agent: Mutt/1.5.11
Sender: Ceri Davies <ceri@submonkey.net>
Cc: Vivek Khera <vivek@khera.org>, stable@freebsd.org
Subject: Re: rpcbind lingering on IP no longer specified on command line
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jan 2006 10:37:31 -0000


--KMIs29sPfC/9Gbii
Content-Type: multipart/mixed; boundary="xFHWmGwbilGjB8dh"
Content-Disposition: inline


--xFHWmGwbilGjB8dh
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jan 04, 2006 at 10:46:06PM +0300, Dmitry Morozovsky wrote:
> On Wed, 4 Jan 2006, Vivek Khera wrote:
>=20
> VK> I had rpcbind running with on two interfaces like this:
> VK>=20
> VK> rpcbind -h 192.168.100.200 -h 10.0.0.9
> VK>=20
> VK> Now, I changed rpcbind_flags in /etc/rc.conf to just have the first a=
ddress,
> VK> and I restarted rpcbind.  the process list from ps shows it is runnin=
g like
> VK> this:
> VK>=20
> VK> rpcbind -h 192.168.100.200
> VK>=20
> VK> Yet nmap on the other address shows rpcbind is still listening on udp=
 there.
> VK> How do I stop that?
>=20
> As I sometimes looked into this, rpcbind (formely portmap) listens on all=
=20
> described addresses via udp *and* an tcp:*.111 - I tried to dig why is th=
is but=20
> did not succeed much.

Please test this patch.  It's probably a very naive fix, but seems to
work OK.

Ceri
--=20
Only two things are infinite, the universe and human stupidity, and I'm
not sure about the former.			  -- Einstein (attrib.)

--xFHWmGwbilGjB8dh
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="rpcbind.diff"
Content-Transfer-Encoding: quoted-printable

Index: rpcbind.8
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /usr/home/ncvs/src/usr.sbin/rpcbind/rpcbind.8,v
retrieving revision 1.7
diff -u -r1.7 rpcbind.8
--- rpcbind.8	18 Jan 2005 20:02:43 -0000	1.7
+++ rpcbind.8	6 Jan 2006 10:35:02 -0000
@@ -83,7 +83,7 @@
 With this option, the name-to-address translation consistency
 checks are shown in detail.
 .It Fl h Ar bindip
-Specify specific IP addresses to bind to for UDP requests.
+Specify specific IP addresses to bind to.
 This option
 may be specified multiple times and is typically necessary when running
 on a multi-homed host.
@@ -95,14 +95,14 @@
 .Dv INADDR_ANY ,
 which could lead to problems on a multi-homed host due to
 .Nm
-returning a UDP packet from a different IP address than it was
+returning a packet from a different IP address than it was
 sent to.
 Note that when specifying IP addresses with
 .Fl h ,
 .Nm
 will automatically add
 .Li 127.0.0.1
-and if IPv6 is enabled,
+and, if IPv6 is enabled,
 .Li ::1
 to the list.
 .It Fl i
Index: rpcbind.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /usr/home/ncvs/src/usr.sbin/rpcbind/rpcbind.c,v
retrieving revision 1.14
diff -u -r1.14 rpcbind.c
--- rpcbind.c	7 Nov 2004 04:32:51 -0000	1.14
+++ rpcbind.c	6 Jan 2006 10:28:10 -0000
@@ -209,11 +209,11 @@
 		struct passwd *p;
=20
 		if((p =3D getpwnam(RUN_AS)) =3D=3D NULL) {
-			syslog(LOG_ERR, "cannot get uid of daemon: %m");
+			syslog(LOG_ERR, "cannot get uid of %s: %m", RUN_AS);
 			exit(1);
 		}
 		if (setuid(p->pw_uid) =3D=3D -1) {
-			syslog(LOG_ERR, "setuid to daemon failed: %m");
+			syslog(LOG_ERR, "setuid to %s failed: %m", RUN_AS);
 			exit(1);
 		}
 	}
@@ -272,7 +272,8 @@
 	 * XXX - using RPC library internal functions. For NC_TPI_CLTS
 	 * we call this later, for each socket we like to bind.
 	 */
-	if (nconf->nc_semantics !=3D NC_TPI_CLTS) {
+	if (nconf->nc_semantics !=3D NC_TPI_CLTS &&
+	    nconf->nc_semantics !=3D NC_TPI_COTS_ORD) {
 		if ((fd =3D __rpc_nconf2fd(nconf)) < 0) {
 			int non_fatal =3D 0;
=20
@@ -308,7 +309,8 @@
 		hints.ai_socktype =3D si.si_socktype;
 		hints.ai_protocol =3D si.si_proto;
 	}
-	if (nconf->nc_semantics =3D=3D NC_TPI_CLTS) {
+	if (nconf->nc_semantics =3D=3D NC_TPI_CLTS ||
+	    nconf->nc_semantics =3D=3D NC_TPI_COTS_ORD) {
 		/*
 		 * If no hosts were specified, just bind to INADDR_ANY.  Otherwise
 		 * make sure 127.0.0.1 is added to the list.
@@ -348,7 +350,7 @@
 					hints.ai_flags &=3D AI_NUMERICHOST;
 				} else {
 					/*
-					 * Skip if we have an AF_INET6 adress.
+					 * Skip if we have an AF_INET6 address.
 					 */
 					if (inet_pton(AF_INET6,
 					    hosts[nhostsbak], host_addr) =3D=3D 1)
@@ -361,7 +363,7 @@
 					hints.ai_flags &=3D AI_NUMERICHOST;
 				} else {
 					/*
-					 * Skip if we have an AF_INET adress.
+					 * Skip if we have an AF_INET address.
 					 */
 					if (inet_pton(AF_INET, hosts[nhostsbak],
 					    host_addr) =3D=3D 1)

--xFHWmGwbilGjB8dh--

--KMIs29sPfC/9Gbii
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQFDvkhkocfcwTS3JF8RAj/PAJ4l5xgLINb2Qdghce/JCDhHUPJFVwCdEoFH
qkZ/ImmHGjcL0cdcQueMgkM=
=1tD7
-----END PGP SIGNATURE-----

--KMIs29sPfC/9Gbii--