git: d8a99eaa1f06 - main - rpcbind: Add option to disable local host binding
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 06 Jul 2024 20:42:20 UTC
The branch main has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=d8a99eaa1f06bc3b3c017dce3e6ddf6b1fa37bcb commit d8a99eaa1f06bc3b3c017dce3e6ddf6b1fa37bcb Author: Joyu Liao <joyul@juniper.net> AuthorDate: 2024-07-06 20:39:07 +0000 Commit: Rick Macklem <rmacklem@FreeBSD.org> CommitDate: 2024-07-06 20:39:07 +0000 rpcbind: Add option to disable local host binding In our products, we need those options to support our features. Add daemon mode option for mountd, nfsd. Add skip local host binding option for rpcd. Add skip local host binding option for mountd. Reviewed by: rmacklem Differential Revision: https://reviews.freebsd.org/D45118 --- usr.sbin/rpcbind/rpcbind.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/usr.sbin/rpcbind/rpcbind.c b/usr.sbin/rpcbind/rpcbind.c index de05330d0ca5..44adae366bed 100644 --- a/usr.sbin/rpcbind/rpcbind.c +++ b/usr.sbin/rpcbind/rpcbind.c @@ -88,6 +88,7 @@ int libwrap = 0; #endif int nofork = 0; int verboselog = 0; +int nobind_localhost = 0; static char **hosts = NULL; static struct sockaddr **bound_sa; @@ -342,9 +343,9 @@ init_transport(struct netconfig *nconf) if (nhostsbak == 1) hosts[0] = "*"; else { - if (hints.ai_family == AF_INET) { + if (hints.ai_family == AF_INET && nobind_localhost == 0) { hosts[nhostsbak - 1] = "127.0.0.1"; - } else if (hints.ai_family == AF_INET6) { + } else if (hints.ai_family == AF_INET6 && nobind_localhost == 0) { hosts[nhostsbak - 1] = "::1"; } else return 1; @@ -802,7 +803,7 @@ parseargs(int argc, char *argv[]) #else #define WRAPOP "" #endif - while ((c = getopt(argc, argv, "6adh:iLlNs" WRAPOP WSOP)) != -1) { + while ((c = getopt(argc, argv, "6adh:IiLlNs" WRAPOP WSOP)) != -1) { switch (c) { case '6': ipv6_only = 1; @@ -823,6 +824,9 @@ parseargs(int argc, char *argv[]) if (hosts[nhosts - 1] == NULL) errx(1, "Out of memory"); break; + case 'I': + nobind_localhost = 1; + break; case 'i': insecure = 1; break; @@ -850,7 +854,7 @@ parseargs(int argc, char *argv[]) #endif default: /* error */ fprintf(stderr, - "usage: rpcbind [-6adiLls%s%s] [-h bindip]\n", + "usage: rpcbind [-6adIiLls%s%s] [-h bindip]\n", WRAPOP, WSOP); exit (1); }