153 lines
4.0 KiB
Plaintext
153 lines
4.0 KiB
Plaintext
'\"macro stdmacro
|
|
.if n .pH g1a.rpcbind @(#)rpcbind 41.1 of 5/16/91
|
|
.\" Copyright 1991 UNIX System Laboratories, Inc.
|
|
.\" Copyright 1989, 1990 AT&T
|
|
.nr X
|
|
.if \nX=0 .ds x} rpcbind 1M "" "\&"
|
|
.if \nX=1 .ds x} rpcbind 1M ""
|
|
.if \nX=2 .ds x} rpcbind 1M "" "\&"
|
|
.if \nX=3 .ds x} rpcbind "" "" "\&"
|
|
.TH \*(x}
|
|
.SH NAME
|
|
\f4rpcbind\f1 \- universal addresses to RPC program number mapper
|
|
.SH SYNOPSIS
|
|
.B /usr/etc/rpcbind
|
|
[
|
|
.B \-mC
|
|
]
|
|
[
|
|
.B \-f
|
|
.I forkcnt
|
|
]
|
|
[
|
|
.B \-a
|
|
.IR mask , match
|
|
|
|
|
.B \-a
|
|
.IR match
|
|
]
|
|
.SH DESCRIPTION
|
|
\f4rpcbind\f1
|
|
is a server that converts RPC
|
|
program numbers into
|
|
universal addresses.
|
|
It must be running to make RPC calls.
|
|
.P
|
|
When an RPC service is started,
|
|
it will tell
|
|
\f4rpcbind\f1
|
|
at what address it is listening,
|
|
and what RPC
|
|
program numbers it is prepared to serve.
|
|
When a client wishes to make an RPC
|
|
call to a given program number,
|
|
it will first contact
|
|
\f4rpcbind\f1
|
|
on the server machine to determine
|
|
the address where RPC
|
|
packets should be sent.
|
|
.P
|
|
Normally, standard RPC
|
|
servers are started by
|
|
port monitors,
|
|
so
|
|
\f4rpcbind\f1
|
|
must be started before
|
|
port monitors are invoked.
|
|
.P
|
|
\f4rpcbind\f1 is restricted to users with the \f4root\fP user ID.
|
|
.\"If you are running the Enhanced Security Utilities,
|
|
.\"\f4rpcbind\fP is restricted to root with the appropriate privileges.
|
|
.P
|
|
Options to customize
|
|
\f4rpcbind\f1's
|
|
behavior
|
|
are read from the file
|
|
.I /etc/config/rpcbind.options
|
|
during system initialization.
|
|
The options are:
|
|
.TP
|
|
.B \-m
|
|
Enable reception of RPC requests sent to
|
|
\f4rpcbind\f1's
|
|
multicast address.
|
|
.TP
|
|
.B \-C
|
|
Turn on compatibility mode. This will allow local applications to
|
|
register with \f4rpcbind\f1 using a network address other
|
|
than the loopback address. Applications that do not use the SGI-provided
|
|
RPC interfaces to register with rpcbind may require this option to
|
|
function properly. However, use of this option will also introduce a known
|
|
\f4security\f1 problem.
|
|
.TP
|
|
\f3\-f \f2forkcnt\f1
|
|
Ignored by \f4rpcbind\f1. It is supplied to provide command line
|
|
compatibility with \f3portmap\f1.
|
|
.TP
|
|
\f4\-w\f1
|
|
When \f4rpcbind\f1 receives a SIGINT signal, it saves a copy of its
|
|
configuration in /tmp/rpcbind.file. The \f4\-w\f1 switch causes
|
|
\f4rpcbind\f1 to warm start and preconfigure itself from this file when
|
|
it is started.
|
|
.TP
|
|
\f3\-a \f2mask\f1,\f2match\f1
|
|
.sp -.5v
|
|
.TP
|
|
\f3\-a \f2match\fP
|
|
This option permits restriction of most of the \f4rpcbind\f1 services to
|
|
a subset of hosts or networks. (The \f4rpcbind\f1 null procedure is not
|
|
restricted.)
|
|
The
|
|
.IR mask ,
|
|
and
|
|
.I match
|
|
arguments are IP addresses in Internet dot notation (see
|
|
.IR inet (3N))
|
|
that represent masks, hosts or networks.
|
|
The \f2mask\fP and \f2match\fP arguments must be separated by a comma
|
|
with no intervening whitespace.
|
|
If \f2mask\fP and the comma are missing,
|
|
the argument is interpreted as a Class A, B, or C network number
|
|
and the mask is set to the value appropriate for the network's class.
|
|
.RS
|
|
.LP
|
|
The
|
|
.B \-a
|
|
option can be repeated up to 50 times.
|
|
For each mask and match specified,
|
|
the requesting client host's address is logically-ANDed with \f2mask\fP;
|
|
if the result equals \f2match\fP, the client's request is processed.
|
|
If none of the mask-match comparisons succeed, the request is rejected.
|
|
Requests from all of the local host's addresses are always permitted.
|
|
.RE
|
|
.TP
|
|
.B \-A
|
|
This option is equivalent to a series of \f3\-a\f1 options
|
|
listing all of the addresses of interfaces on the machine, with
|
|
their netmasks.
|
|
It is convenient for authorizing hosts on directly connected
|
|
networks and point-to-point links without explicitly enumerating
|
|
the networks.
|
|
The restrictions defined by \f3\-A\f1 do not count against the limit
|
|
of 50 \f3\-a\f1 options.
|
|
.PP
|
|
For example, if
|
|
.I /etc/config/rpcbind.options
|
|
contains
|
|
.Ex
|
|
-a 255.255.255.0,128.32.199.0
|
|
-a 192.0.2.0
|
|
-a 255.255.255.255,192.26.51.3
|
|
.Ee
|
|
access is restricted to any host on the Class B 128.32.199 subnet
|
|
or the Class C 192.0.2 network or to the host with the 192.26.51.3 address.
|
|
Requests from clients on any other networks will be rejected.
|
|
.RE
|
|
.PP
|
|
.SH NOTES
|
|
If
|
|
\f4rpcbind\f1
|
|
crashes, all RPC servers must be restarted.
|
|
.SH "SEE ALSO"
|
|
rpcinfo(1M), portmap(1M)
|