git: d8a99eaa1f06 - main - rpcbind: Add option to disable local host binding

From: Rick Macklem <rmacklem_at_FreeBSD.org>
Date: Sat, 06 Jul 2024 20:42:20 UTC
The branch main has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=d8a99eaa1f06bc3b3c017dce3e6ddf6b1fa37bcb

commit d8a99eaa1f06bc3b3c017dce3e6ddf6b1fa37bcb
Author:     Joyu Liao <joyul@juniper.net>
AuthorDate: 2024-07-06 20:39:07 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2024-07-06 20:39:07 +0000

    rpcbind: Add option to disable local host binding
    
    In our products, we need those options to support our features.
    
    Add daemon mode option for mountd, nfsd.
    Add skip local host binding option for rpcd.
    Add skip local host binding option for mountd.
    
    Reviewed by:    rmacklem
    Differential Revision:  https://reviews.freebsd.org/D45118
---
 usr.sbin/rpcbind/rpcbind.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/usr.sbin/rpcbind/rpcbind.c b/usr.sbin/rpcbind/rpcbind.c
index de05330d0ca5..44adae366bed 100644
--- a/usr.sbin/rpcbind/rpcbind.c
+++ b/usr.sbin/rpcbind/rpcbind.c
@@ -88,6 +88,7 @@ int libwrap = 0;
 #endif
 int nofork = 0;
 int verboselog = 0;
+int nobind_localhost = 0;
 
 static char **hosts = NULL;
 static struct sockaddr **bound_sa;
@@ -342,9 +343,9 @@ init_transport(struct netconfig *nconf)
 	    if (nhostsbak == 1)
 	        hosts[0] = "*";
 	    else {
-		if (hints.ai_family == AF_INET) {
+		if (hints.ai_family == AF_INET && nobind_localhost == 0) {
 		    hosts[nhostsbak - 1] = "127.0.0.1";
-		} else if (hints.ai_family == AF_INET6) {
+		} else if (hints.ai_family == AF_INET6 && nobind_localhost == 0) {
 		    hosts[nhostsbak - 1] = "::1";
 		} else
 		    return 1;
@@ -802,7 +803,7 @@ parseargs(int argc, char *argv[])
 #else
 #define WRAPOP	""
 #endif
-	while ((c = getopt(argc, argv, "6adh:iLlNs" WRAPOP WSOP)) != -1) {
+	while ((c = getopt(argc, argv, "6adh:IiLlNs" WRAPOP WSOP)) != -1) {
 		switch (c) {
 		case '6':
 			ipv6_only = 1;
@@ -823,6 +824,9 @@ parseargs(int argc, char *argv[])
 			if (hosts[nhosts - 1] == NULL)
 				errx(1, "Out of memory");
 			break;
+		case 'I':
+			nobind_localhost = 1;
+			break;
 		case 'i':
 			insecure = 1;
 			break;
@@ -850,7 +854,7 @@ parseargs(int argc, char *argv[])
 #endif
 		default:	/* error */
 			fprintf(stderr,
-			    "usage: rpcbind [-6adiLls%s%s] [-h bindip]\n",
+			    "usage: rpcbind [-6adIiLls%s%s] [-h bindip]\n",
 			    WRAPOP, WSOP);
 			exit (1);
 		}