Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: Disabling rpcbind/portmapper
From: Casper Dik (casperholland.sun.com)
Date: Tue Nov 04 2003 - 10:57:52 CST
>How safe is it to mv/stop the S71rpc startup script in Solaris. I remember
>system panics with Solaris 2.6 and 2.7 when attempting to run "S71rpc stop",
>so I got in the habit of preventing all the associated programs (rpc.statd,
>etc...) from running and then blocking port 111 using wrappers/rpcbind
>replacement and ipf. I thought that some Sun programs like Solstice
>DiskSuite, Legato, CDE, Tooltalk, etc... used to need rpcbind on the
>loopback, is that the case? Can it be safely moved/stopped if I'm not using
>NIS, NFS, or any of the others I've disabled?
If the system paniced, that certainly is a bug (I can't remeber
having seen one).
If nothing much worked, then that certainly could have happened.
Services which depend on rpcbind can easily be spotted using
Programs which depend on rpcbind are anything NFS related;
autofs, cachefs, vold (in S9+) and others.
In some cases, the fact that rpcbind not runs will cause a much
longer timeout rather than an immediate "service not there" response.
The risk of rpcbind is fairly minimal; though I supposed we should
put in some work to make it e.g., "localhost only".