Ubuntu
rpcbind package

Cannot prevent rpcbind from listening on all interfaces for TCP connections

Bug #1430181 reported by Kurt Huwig
52
This bug affects 9 people
Affects Status Importance Assigned to Milestone
rpcbind (Debian)
New
Undecided
Unassigned
rpcbind (Ubuntu)
Triaged
Wishlist
Unassigned
Precise
Won't Fix
Undecided
Unassigned
Trusty
Won't Fix
Undecided
Unassigned
Utopic
Won't Fix
Undecided
Unassigned
Vivid
Won't Fix
Medium
Unassigned

Bug Description

There is no way to prevent rpcbind from listening on all interfaces for TCP connections. The setting "-h" only applies to UDP connections. There is a bug and fix from 2007:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=84494

The link to the fix gives a 404 for me, but it probably is in their VCS.

How to reproduce:

1. install rpcbind
2. in /etc/default/rpcbind:

OPTIONS="$OPTIONS -h 192.168.255.1"

3. restart rpcbind

root@node1 ~ # netstat -lnp | grep rpcbind
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 8982/rpcbind
tcp6 0 0 :::111 :::* LISTEN 8982/rpcbind
udp 0 0 192.168.255.1:111 0.0.0.0:* 8982/rpcbind
udp 0 0 127.0.0.1:111 0.0.0.0:* 8982/rpcbind
udp 0 0 0.0.0.0:677 0.0.0.0:* 8982/rpcbind
udp6 0 0 ::1:111 :::* 8982/rpcbind
udp6 0 0 :::677 :::* 8982/rpcbind

The same applies to rpc.statd: even when supplying the

-n, --name ipaddr | hostname
              Specifies the bind address used for RPC listener sockets.

option, it still listens on all interfaces, while '--outgoing-port' and '--port' work as expected:

/etc/default/nfs-common:
STATDOPTS="--name 192.168.255.1 --port 32765 --outgoing-port 32766"

root@node1 ~ # netstat -lnp | grep rpc.statd
tcp 0 0 0.0.0.0:32765 0.0.0.0:* LISTEN 8988/rpc.statd
tcp6 0 0 :::32765 :::* LISTEN 8988/rpc.statd
udp 0 0 0.0.0.0:32765 0.0.0.0:* 8988/rpc.statd
udp 0 0 127.0.0.1:684 0.0.0.0:* 8988/rpc.statd
udp6 0 0 :::32765 :::* 8988/rpc.statd

Related branches

lp:~niedbalski/ubuntu/vivid/rpcbind/fix-lp-1430181
On hold for merging into lp:ubuntu/vivid/rpcbind
Ubuntu branches: Pending requested
Diff: 274 lines (+254/-0)
3 files modified
debian/changelog (+8/-0)
debian/patches/rcpbind-tcp-bind-specific-addrs.patch (+245/-0)
debian/patches/series (+1/-0)
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in rpcbind (Ubuntu):
status: New → Confirmed
Jorge Niedbalski (niedbalski)
Changed in rpcbind (Ubuntu):
assignee: nobody → Jorge Niedbalski (niedbalski)
importance: Undecided → Medium
status: Confirmed → In Progress
Revision history for this message
Jorge Niedbalski (niedbalski) wrote :

There is no way to prevent rpcbind from listening on all interfaces for TCP connections. The setting "-h" only applies to UDP connections.

Without the attached patch, starting rpcbind with -h makes no effect to listen on a specific address:

$ rpcbind -h 192.168.100.2

tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 22011/rpcbind
tcp6 0 0 :::111 :::* LISTEN 22011/rpcbind
udp 0 0 127.0.0.1:111 0.0.0.0:* 22011/rpcbind
udp 0 0 0.0.0.0:986 0.0.0.0:* 22011/rpcbind
udp6 0 0 ::1:111 :::* 22011/rpcbind
udp6 0 0 :::986 :::* 22011/rpcbind

With this patch, starting rpcbind with -h makes effect to listen to a specific address

$ rpcbind -h 192.168.100.2

tcp 0 0 192.168.100.2:111 0.0.0.0:* LISTEN 24826/rpcbind
tcp 0 0 127.0.0.1:111 0.0.0.0:* LISTEN 24826/rpcbind
tcp6 0 0 ::1:111 :::* LISTEN 24826/rpcbind

Revision history for this message
Kurt Huwig (k-huwig-f) wrote :

Thanks for the patch! Just two questions:

1. why does rpcbind not listen to UDP any more?
2. have you noticed that a similar problem exists in rpc.statd?

Brian Murray (brian-murray)
tags: added: rls-v-notfixing
Jorge Niedbalski (niedbalski)
tags: added: cts
Revision history for this message
Jorge Niedbalski (niedbalski) wrote :

Hello Kurt,

1) I am not seeing the reported issue, it still works on UDP/TCP properly.
2) rpc.statd is part of another package nfs-common, I can review that specifically.

Revision history for this message
Robie Basak (racb) wrote :

16:36 <rbasak> niedbalski: I'm not sure that bug 1430181 is appropriate to fix in an SRU or during feature freeze in Vivid (without an exception).

16:36 <rbasak> niedbalski: seems to me that TCP binding is a new feature because the switch is documented to support UDP only.

16:37 <rbasak> niedbalski: the patch looks pretty extensive too.

So I think this needs to wait for Vivid+1? We should have the time, in that case, to get this patch upstreamed, instead of needing a delta in Ubuntu specifically. Or if this isn't possible, can the reason be explained in this bug, please?

Revision history for this message
Sebastien Bacher (seb128) wrote :

unsuscribing sponsors, it seems it's not to upload for vivid and already being handled (it has a merge request as well)

Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :

I looked at this as well, it looks like it probably would benefit from preparing the 0.2.3 release instead of patching things. I haven't looked very closely, but it seems as though the patches may already be included in uptream git (and thus in 0.2.3, which seems to be the latest revision on git://linux-nfs.org/~steved/rpcbind, which is the correct upstream branch if I'm to believe the sourceforge link set as homepage in the package). If they aren't, then they probably wouldn't apply cleanly anyway.

I would suggest discussing the update with Debian; from there we could merge the package to the latest version.

Jorge Niedbalski (niedbalski)
Changed in rpcbind (Ubuntu):
status: In Progress → Confirmed
Changed in rpcbind (Ubuntu Vivid):
status: In Progress → Confirmed
Changed in rpcbind (Ubuntu):
assignee: Jorge Niedbalski (niedbalski) → nobody
Changed in rpcbind (Ubuntu Vivid):
assignee: Jorge Niedbalski (niedbalski) → nobody
Revision history for this message
Robie Basak (racb) wrote :

Marking Won't Fix for the SRU tasks as the current position is that we have no intention of SRUing this.

Changed in rpcbind (Ubuntu Precise):
status: New → Won't Fix
Changed in rpcbind (Ubuntu Trusty):
status: New → Won't Fix
Changed in rpcbind (Ubuntu Utopic):
status: New → Won't Fix
Changed in rpcbind (Ubuntu Vivid):
status: Confirmed → Won't Fix
Changed in rpcbind (Ubuntu):
status: Confirmed → Triaged
summary: - rpcbind/rpc.statd listen on all interfaces
+ Cannot prevent rpcbind from listening on all interfaces for TCP
+ connections
Changed in rpcbind (Ubuntu):
importance: Medium → Wishlist
Revision history for this message
Robie Basak (racb) wrote :

Laurent,

Thank you for adding the Debian bug watch. I think the Debian bug refers to UDP only though, and the complaint in this bug is for TCP support, so I don't think the two bugs track the same issue. Consequently I'm deleting the bug watch. If this is wrong, please comment.

Changed in rpcbind (Debian):
importance: Unknown → Undecided
status: Unknown → New
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.