System Administration Commands rpcbind(1M)
NAME
rpcbind - universal addresses to RPC program number mapper
SYNOPSIS
rpcbind [-d] [-w]
DESCRIPTION
rpcbind is a server that converts RPC program numbers into
universal addresses. It must be running on the host to be
able to make RPC calls on a server on that machine.
When an RPC service is started, it tells rpcbind the address
at which it is listening, and the RPC program numbers it is
prepared to serve. When a client wishes to make an RPC call
to a given program number, it first contacts rpcbind on the
server machine to determine the address where RPC requests
should be sent.
rpcbind should be started before any other RPC service. Nor-
mally, standard RPC servers are started by port monitors, so
rpcbind must be started before port monitors are invoked.
When rpcbind is started, it checks that certain name-to-
address translation-calls function correctly. If they fail,
the network configuration databases can be corrupt. Since
RPC services cannot function correctly in this situation,
rpcbind reports the condition and terminates.
rpcbind maintains an open transport end for each transport
that it uses for indirect calls. This is the UDP port on
most systems.
rpcbind can only be started by the superuser.
The FMRI svc:network/rpc/bind property group config contains
the following property settings:
enable_tcpwrappers
Specifies that the TCP wrappers facility is used to con-
trol access to TCP services. The value true enables
checking. The default value for enable_tcpwrappers is
false. If the enable_tcpwrappers parameter is enabled,
then all calls to rpcbind originating from non-local
addresses are automatically wrapped by the TCP wrappers
facility. The syslog facility code daemon is used to log
allowed connections (using the info severity level) and
denied traffic (using the warning severity level). See
syslog.conf(4) for a description of syslog codes and
severity levels. The stability level of the TCP
wrappers facility and its configuration files is Exter-
nal. As the TCP wrappers facility is not controlled by
Sun, intrarelease incompatibilities are not uncommon.
See attributes(5).
verbose_logging
Specifies whether the TCP wrappers facility logs all
calls orjust the denied calls. The default is false.
This option has no effect if TCP wrappers are not
enabled.
allow_indirect
Specifies whether rpcbind allows indirect calls at all.
By default, rpcbind allows most indirect calls, except
to a number of standard services(keyserv, automount,
mount, nfs, rquota, and selected NIS and rpcbind pro-
cedures). Setting allow_indirect to false causes all
indirect calls to be dropped. The default is true. NIS
broadcast clients rely on this functionality on NIS
servers.
OPTIONS
The following options are supported:
-d Run in debug mode. In this mode, rpcbind does not
fork when it starts. It prints additional informa-
tion during operation, and aborts on certain
errors. With this option, the name-to-address
translation consistency checks are shown in detail.
-w Do a warm start. If rpcbind aborts or terminates
on SIGINT or SIGTERM, it writes the current list of
registered services to /var/run/portmap.file and
/var/run/rpcbind.file. Starting rpcbind with the
-w option instructs it to look for these files and
start operation with the registrations found in
them. This allows rpcbind to resume operation
without requiring all RPC services to be restarted.
FILES
/var/run/portmap.file Stores the information for RPC ser-
vices registered over IP based
transports for warm start purposes.
/var/run/rpcbind.file Stores the information for all
registered RPC services for warm
start purposes.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWcsu |
|_____________________________|_____________________________|
| Interface Stability | See below. |
|_____________________________|_____________________________|
TCP wrappers is External.
SEE ALSO
smf(5), rpcinfo(1M), svcadm(1M), svccfg(1M), rpcbind(3NSL),
syslog.conf(4), attributes(5), smf(5)
For information on the TCP wrappers facility, see the
hosts_access(4) man page, delivered as part of the Solaris
operating environment in /usr/sfw/man and available in the
SUNWtcpd package.
NOTES
Terminating rpcbind with SIGKILL prevents the warm-start
files from being written.
All RPC servers are restarted if the following occurs:
rpcbind crashes (or is killed with SIGKILL) and is unable to
to write the warm-start files; rpcbind is started without
the -w option after a graceful termination. Or, the warm
start files are not found by rpcbind.
The rpcbind service is managed by the service management
facility, smf(5), under the service identifier
svc:/network/rpc/bind
Administrative actions on this service, such as enabling,
disabling, or requesting restart, can be performed using
svcadm(1M).
The configuration properties of this service can be modified
with svccfg(1M).
|
|