NFS : how to specify a port number for rpc.statd ?
My system has been running nfs-utils-1.2.0 for a few years.
Recently I proceed to upgrade to the latest nfs-utils-1.2.5. My configure options are "--disable-nfsv4 --disable-nfsv41 --disable-gss --disable-uuid --enable-mount --enable-shared --with-statduser=statd --with-rpcgen=internal --without-tcp-wrappers". There is no problem in building it, but rpc.statd refuses to start. The (server) startup steps are : 1. mount -t nfsd /proc/fs/nfsd 2. exportfs -av 3. rpc.mountd -p 1011 4. rpc.statd -o 1013 -p 1014 --no-notify At this point, rpc.statd fails. The syslog says > rpc.statd[875]: Version 1.2.5 starting > rpc.statd[875]: Flags: > rpc.statd[875]: Could not bind name to socket: Permission denied The same steps worked well for the old version. It is started by root in the init script and I'm sure that all the ports (tcp & udp) 1011, 1013 & 1014 are available on my system. Then I've tried different combinations of values for -o and -p, found that the port number for -p must be at least 1024. It seems that -p requires an un-privileged port, but there is no mention in the ChangeLog's of the releases from 1.2.1 through 1.2.5. Since the daemons will run along with a firewall, is there any way to make rpc.statd listening on the specified ports ? |
Is SELinux in enforcing mode on your machine?
If yes, try putting it in permissive mode. If it works, then add SELinux manage rules to allow rpc.statd to listen on required ports, and then put SELinux back in enforcing mode. To start give the output of Code:
sestatus |
Quote:
As far as I know, I'm not using SELinux features and "sestatus" is not yet available on my system. It was initially a LFS system installed some years ago, but with constant kernel & packages updates. The current kernel is version 2.6.39.2 . The SELinux-related kernel configs are just the defaults : Code:
# Security options |
Hi,
I am sorry, but I haven't really any hint. Can you have a look at the log files while trying to launch the service? |
Quote:
> rpc.statd[875]: Version 1.2.5 starting > rpc.statd[875]: Flags: > rpc.statd[875]: Could not bind name to socket: Permission denied It can start if the value of -p is at least 1024. I guess the nfs-utils developers should have changed something in rpc.statd, but I can't find where this is documented. Also, I'd like to know if some hack on the codes can restore its original behaviour. |
All times are GMT -5. The time now is 03:52 AM. |