Make a sysconfig variable controlling if teh kernel should accept
nfs requests from non-privileged ports. Change mountd such that it does never set this variable, but only clears it when run with -n. Also document this in the man page.
This commit is contained in:
parent
07bb70bf47
commit
c6e5e15858
5
etc/rc
5
etc/rc
@ -1,5 +1,5 @@
|
||||
#!/bin/sh
|
||||
# $Id: rc,v 1.114 1997/03/16 15:26:32 joerg Exp $
|
||||
# $Id: rc,v 1.115 1997/04/01 01:00:34 pst Exp $
|
||||
# From: @(#)rc 5.27 (Berkeley) 6/5/91
|
||||
|
||||
# System startup script run by init on autoboot
|
||||
@ -262,6 +262,9 @@ if [ "X${nfs_server}" = X"YES" -a -r /etc/exports ]; then
|
||||
else
|
||||
mountd
|
||||
fi
|
||||
if [ "X${nfs_reserved_port_only}" = X"YES" ]; then
|
||||
sysctl -w vfs.nfs.nfs_privport=1
|
||||
fi
|
||||
echo -n ' nfsd'; nfsd -u -t 4
|
||||
# Warning: rpc.lockd is broken.
|
||||
# Only uncomment this line if the consequences are fully understood.
|
||||
|
@ -4,7 +4,7 @@
|
||||
# This is sysconfig - a file full of useful variables that you can set
|
||||
# to change the default startup behavior of your system.
|
||||
#
|
||||
# $Id: sysconfig,v 1.61 1997/03/16 15:26:34 joerg Exp $
|
||||
# $Id: sysconfig,v 1.62 1997/04/01 01:00:35 pst Exp $
|
||||
|
||||
######################### Start Of Local Configuration Section ###########
|
||||
|
||||
@ -206,6 +206,12 @@ nfs_client=NO
|
||||
# Set to YES if this machine will be an NFS server
|
||||
nfs_server=NO
|
||||
|
||||
# the following option controls if the nfs server will be only allow
|
||||
# requests from reserved ports. NB: running mountd with
|
||||
# weak_mountd_authentication=YES will automatically clear this flag.
|
||||
# See also mountd(8)
|
||||
nfs_reserved_port_only=NO
|
||||
|
||||
# Set to appropriate flags if you want to start NIS for a client
|
||||
nis_clientflags="NO"
|
||||
|
||||
|
@ -43,7 +43,7 @@ static char copyright[] =
|
||||
#ifndef lint
|
||||
/*static char sccsid[] = "@(#)mountd.c 8.15 (Berkeley) 5/1/95"; */
|
||||
static const char rcsid[] =
|
||||
"$Id: mountd.c,v 1.16 1997/03/29 03:32:49 imp Exp $";
|
||||
"$Id: mountd.c,v 1.17 1997/04/01 14:15:30 bde Exp $";
|
||||
#endif /*not lint*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -318,13 +318,15 @@ main(argc, argv)
|
||||
}
|
||||
}
|
||||
|
||||
mib[0] = CTL_VFS;
|
||||
mib[1] = MOUNT_NFS;
|
||||
mib[2] = NFS_NFSPRIVPORT;
|
||||
if (sysctl(mib, 3, NULL, NULL, &resvport_only,
|
||||
sizeof(resvport_only)) != 0 && errno != ENOENT) {
|
||||
syslog(LOG_ERR, "sysctl: %m");
|
||||
exit(1);
|
||||
if (!resvport_only) {
|
||||
mib[0] = CTL_VFS;
|
||||
mib[1] = MOUNT_NFS;
|
||||
mib[2] = NFS_NFSPRIVPORT;
|
||||
if (sysctl(mib, 3, NULL, NULL, &resvport_only,
|
||||
sizeof(resvport_only)) != 0 && errno != ENOENT) {
|
||||
syslog(LOG_ERR, "sysctl: %m");
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
if ((udptransp = svcudp_create(RPC_ANYSOCK)) == NULL ||
|
||||
|
@ -43,7 +43,7 @@ static char copyright[] =
|
||||
#ifndef lint
|
||||
/*static char sccsid[] = "@(#)mountd.c 8.15 (Berkeley) 5/1/95"; */
|
||||
static const char rcsid[] =
|
||||
"$Id: mountd.c,v 1.16 1997/03/29 03:32:49 imp Exp $";
|
||||
"$Id: mountd.c,v 1.17 1997/04/01 14:15:30 bde Exp $";
|
||||
#endif /*not lint*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -318,13 +318,15 @@ main(argc, argv)
|
||||
}
|
||||
}
|
||||
|
||||
mib[0] = CTL_VFS;
|
||||
mib[1] = MOUNT_NFS;
|
||||
mib[2] = NFS_NFSPRIVPORT;
|
||||
if (sysctl(mib, 3, NULL, NULL, &resvport_only,
|
||||
sizeof(resvport_only)) != 0 && errno != ENOENT) {
|
||||
syslog(LOG_ERR, "sysctl: %m");
|
||||
exit(1);
|
||||
if (!resvport_only) {
|
||||
mib[0] = CTL_VFS;
|
||||
mib[1] = MOUNT_NFS;
|
||||
mib[2] = NFS_NFSPRIVPORT;
|
||||
if (sysctl(mib, 3, NULL, NULL, &resvport_only,
|
||||
sizeof(resvport_only)) != 0 && errno != ENOENT) {
|
||||
syslog(LOG_ERR, "sysctl: %m");
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
if ((udptransp = svcudp_create(RPC_ANYSOCK)) == NULL ||
|
||||
|
Loading…
Reference in New Issue
Block a user