Page MenuHomeFreeBSD
Differential D26746

Add a -R option to mountd so that it can be run without rpcbind for an NFSv4 only server
ClosedPublic
Actions

Authored by rmacklem on Oct 12 2020, 2:15 AM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, May 1, 11:15 AM
Unknown Object (File)
Wed, May 1, 11:15 AM
Unknown Object (File)
Wed, May 1, 11:15 AM
Unknown Object (File)
Wed, May 1, 10:05 AM
Unknown Object (File)
Wed, May 1, 2:05 AM
Unknown Object (File)
Mar 12 2024, 9:48 AM
Unknown Object (File)
Mar 12 2024, 9:48 AM
Unknown Object (File)
Mar 12 2024, 9:48 AM
View All 41 Files
Subscribers
bcr
emaste
imp

Details

Reviewers
freqlabs
gbe
asomers
Group Reviewers
manpages
Commits
rS367027: Update man page for -R option added by r376026.
rS367026: Add "-R" option to tell mountd to not register with rpcbind.
Summary

rpcbind is now considered a security risk for some sites.
Since an NFSv4 only NFS server does not need rpcbind,
it makes sense to have an option that implements this.

This patch adds a "-R" option that disables the Mount
protocol (not used by NFSv4) and does not register
with rpcbind.

Changes are required to /etc/rc.d/mountd and /etc/rc.d/nfsd.
Those will be in a separate commit.

Test Plan

Tried an assortment of configurations, both with
and without -R, to see that it works.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

rmacklem created this revision.Oct 12 2020, 2:15 AM
Herald added a reviewer: manpages. · View Herald TranscriptOct 12 2020, 2:15 AM
Herald added a subscriber: imp. · View Herald Transcript
rmacklem requested review of this revision.Oct 12 2020, 2:15 AM
Harbormaster completed remote builds in B34105: Diff 78120.Oct 12 2020, 2:15 AM
bcr accepted this revision as: manpages.Oct 12 2020, 6:24 AM
bcr added a subscriber: bcr.

OK from manpages.

rmacklem updated this revision to Diff 78151.Oct 13 2020, 12:49 AM

Fix a bug where the sig_mask being used as the
argument to sigsuspend() was set to the wrong
bits, where SIGHUP was blocked.

Harbormaster completed remote builds in B34126: Diff 78151.Oct 13 2020, 12:49 AM
emaste added a subscriber: emaste.Oct 20 2020, 2:45 PM
rmacklem added a reviewer: asomers.Oct 23 2020, 11:39 PM

Added asomers@ in case he'd like ot review this.

freqlabs accepted this revision.Oct 23 2020, 11:55 PM

Nice, looks good to me!

This revision is now accepted and ready to land.Oct 23 2020, 11:55 PM
freqlabs added a comment.Oct 23 2020, 11:57 PM

The nesting is quite deep at this point, it would probably make sense to break things up a little but that's orthogonal to this change.

asomers added a comment.Oct 24 2020, 4:17 PM

It looks fine to me, but I'm not very knowledgeable in this area.

Closed by commit rS367026: Add "-R" option to tell mountd to not register with rpcbind. (authored by rmacklem). · Explain WhyOct 24 2020, 10:48 PM
This revision was automatically updated to reflect the committed changes.
rmacklem added a commit: rS367026: Add "-R" option to tell mountd to not register with rpcbind..
rmacklem added a commit: rS367027: Update man page for -R option added by r376026..Oct 24 2020, 10:52 PM

Revision Contents
Changeset List

PathSize
head/
usr.sbin/
mountd/
325 lines

Diff 78725

View Options

head/usr.sbin/mountd/mountd.c

Loading...