Unable to force rpcbind to listen only on localhost
Issue
-
Under RHEL5 it was possible to force portmap to only listen on localhost, via the "-l" option.
-
Under RHEL6, rpcbind by default listens on all interfaces for 111/tcp and 111/udp, as shown below:
# netstat -tnlup | grep rpcbind
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1406/rpcbind
tcp 0 0 :::111 :::* LISTEN 1406/rpcbind
udp 0 0 0.0.0.0:733 0.0.0.0:* 1406/rpcbind
udp 0 0 0.0.0.0:111 0.0.0.0:* 1406/rpcbind
udp 0 0 :::733 :::* 1406/rpcbind
udp 0 0 :::111 :::* 1406/rpcbind
- While can change the listen address for UDP with the "-h localhost" option, however rpcbind will continue to listen on 0.0.0.0:111/tcp.
For example:
# echo 'RPCBIND_ARGS="-l -s -h localhost"' > /etc/sysconfig/rpcbind
# service rpcbind restart
Stopping rpcbind: [ OK ]
Starting rpcbind: [ OK ]
# netstat -tnlup | grep rpcbind
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1526/rpcbind
tcp 0 0 :::111 :::* LISTEN 1526/rpcbind
udp 0 0 0.0.0.0:853 0.0.0.0:* 1526/rpcbind
udp 0 0 127.0.0.1:111 0.0.0.0:* 1526/rpcbind
udp 0 0 :::853 :::* 1526/rpcbind
udp 0 0 ::1:111 :::* 1526/rpcbind
Environment
- Red Hat Enterprise Linux 6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
