I was running a network security scan on my server and got the following warning message:


---------------------------------------------
"nlockmgr: RPC nlockmgr service

The RPC nlockmgr service has been detected as running. The nlockmgr is part of the file locking manager system for NFS. It forwards
local file locking requests to the lock manager on the server system. The nlockmgr service registers with the RPC portmapper as program
100021.

Remedy:
This service should be disabled if your system is not acting as either an NFS client or server."
------------------------------------------------


And this is what I got when I do a # rpcinfo -p command:

program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100021 1 udp 32780 nlockmgr
100021 3 udp 32780 nlockmgr
100021 4 udp 32780 nlockmgr
100021 1 tcp 33007 nlockmgr
100021 3 tcp 33007 nlockmgr
100021 4 tcp 33007 nlockmgr
100024 1 udp 928 status
100024 1 tcp 931 status



My server is not a NFS client or server, so I need to disable the nlockmgr service that is currently running but not sure how. Any hint? Please help! Appreciate it.

well, on red hat you can check the list of services and when they are configured to start like this:

usually I want to only look at the ones that are set to start automatically, so I filter that list for ones with n in there:


now, I'm not really sure which service is the one you're worried about. I seem to remember disabling portmapper on a bunch of RHEL4 servers in the past, but I don't see it on my fedora core 8 box. anyway, to disable it, do this:

Kewl, thanks mcd for your response!

I think the whole point of disabling RPC nlockmgr service is to prevent the system from exporting files to other clients, which is just the same as NFS service. But I still have some questions:

First, I don't think NFS service is active on this server, but the nlockmgr is. Is that possible when nlockmgr should be part of the NFS service.

nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off
nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off


Second, will stopping the portmapper service stop the NFS or affect any other service? Will I still be able to mount other directories from other servers to this server if I disable the portmapper?

I'm not an expert in NFS. But yes, I think they are two separate services, and even though NFS is disabled, nfslock is clearly not. As to the second question, I believe nfslock IS required if you are going to mount remote NFS shares. If you're just mounting remote windows file shares, or some other protocol you'd be fine. But if you want to act as an NFS client I believe nfslock needs to be running.

Just an update for this issue. As I read more, I found out that NFS service was handled by the portmapper and five daemons: rpc.nfsd, rpc.lockd, rpc.statd, rpc.mountd, and rpc.rquotad. By running the following commands you will at least disable some of them

rpc.mountd is stopped
rpc.nfsd is stopped
rpc.rquotad is stopped

rpc.statd is stopped

For rpc.lockd, I am not sure which command will disable it besides directly killing the PID. However, as I know, the 2.4 up kernel version will handle that service atomatically. So I upgraded my kernel, and rebooted the machine after disabling the NFS service, and it came out clean.

100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper

No more nlockmgr and no need to disable the portmapper. Cheer!