System Administration Commands rpcbind(1M)
NAME
rpcbind - universal addresses to RPC program number mapper
SYNOPSIS
rpcbind [-d] [-w]
DESCRIPTION
rpcbind is a server that converts RPC program numbers into
universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine.When an RPC service is started, it tells rpcbind the address
at which it is listening, and the RPC program numbers it is prepared to serve. When a client wishes to make an RPC callto a given program number, it first contacts rpcbind on the
server machine to determine the address where RPC requests should be sent.rpcbind should be started before any other RPC service. Nor-
mally, standard RPC servers are started by port monitors, sorpcbind must be started before port monitors are invoked.
When rpcbind is started, it checks that certain name-to-
address translation-calls function correctly. If they fail,
the network configuration databases can be corrupt. Since RPC services cannot function correctly in this situation,rpcbind reports the condition and terminates.
rpcbind maintains an open transport end for each transport
that it uses for indirect calls. This is the UDP port on most systems.The rpcbind service is managed by the service management
facility, smf(5), under the service identifier: svc:/network/rpc/bind Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed usingsvcadm(1M). rpcbind can only be started by the superuser or
someone in the Primary Administrator role.SunOS 5.11 Last change: 1 Aug 2006 1
System Administration Commands rpcbind(1M)
The configuration properties of this service can be modified with svccfg(1M). The following SMF property is used to allow or disallowaccess to rpcbind by remote clients:
config/local_only = true
The default value, true, shown above, disallows remoteaccess; a value of false allows remove access. See EXAMPLES.
The FMRI svc:network/rpc/bind property group config contains the following property settings:enable_tcpwrappers Specifies that the TCP wrappers facil-
ity is used to control access to TCP services. The value true enables checking. The default value forenable_tcpwrappers is false. If the
enable_tcpwrappers parameter is
enabled, then all calls to rpcbind
originating from non-local addresses
are automatically wrapped by the TCP wrappers facility. The syslog facility code daemon is used to log allowed connections (using the info severity level) and denied traffic (using the warning severity level). See syslog.conf(4) for a description of syslog codes and severity levels. The Interface Stability of the TCPwrappers facility and its configura-
tion files is Volatile. As the TCP wrappers facility is not controlled by Sun, intrarelease incompatibilities are not uncommon. See attributes(5).verbose_logging Specifies whether the TCP wrappers
facility logs all calls orjust the denied calls. The default is false. This option has no effect if TCP wrappers are not enabled.allow_indirect Specifies whether rpcbind allows
indirect calls at all. By default,rpcbind allows most indirect calls,
SunOS 5.11 Last change: 1 Aug 2006 2
System Administration Commands rpcbind(1M)
except to a number of standard services(keyserv, automount, mount, nfs, rquota, and selected NIS andrpcbind procedures). Setting
allow_indirect to false causes all
indirect calls to be dropped. The default is true. NIS broadcast clients rely on this functionality on NIS servers. OPTIONS The following options are supported:-d Run in debug mode. In this mode, rpcbind does not fork
when it starts. It prints additional information dur-
ing operation, and aborts on certain errors. With thisoption, the name-to-address translation consistency
checks are shown in detail.-w Do a warm start. If rpcbind aborts or terminates on
SIGINT or SIGTERM, it writes the current list of registered services to /var/run/portmap.file and/var/run/rpcbind.file. Starting rpcbind with the -w
option instructs it to look for these files and start operation with the registrations found in them. Thisallows rpcbind to resume operation without requiring
all RPC services to be restarted.EXAMPLES
Example 1 Allowing Remote Access The following sequence of commands allows remote access torpcbind.
# svccfg -s svc:/network/rpc/bind setprop config/local_only = false
# svcadm refresh svc:/network/rpc/bind
FILES/var/run/portmap.file Stores the information for RPC ser-
vices registered over IP based transports for warm start purposes./var/run/rpcbind.file Stores the information for all
registered RPC services for warmSunOS 5.11 Last change: 1 Aug 2006 3
System Administration Commands rpcbind(1M)
start purposes.ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWcs ||_____________________________|_____________________________|
| Interface Stability | See below. ||_____________________________|_____________________________|
TCP wrappers is Volatile.SEE ALSO
smf(5), rpcinfo(1M), svcadm(1M), svccfg(1M), rpcbind(3NSL),
syslog.conf(4), attributes(5), smf(5) For information on the TCP wrappers facility, see thehosts_access(4) man page, delivered as part of the Solaris
operating environment in /usr/sfw/man and available in the SUNWtcpd package. NOTESTerminating rpcbind with SIGKILL prevents the warm-start
files from being written. All RPC servers are restarted if the following occurs:rpcbind crashes (or is killed with SIGKILL) and is unable to
to write the warm-start files; rpcbind is started without
the -w option after a graceful termination. Otherwise, the
warm start files are not found by rpcbind.
SunOS 5.11 Last change: 1 Aug 2006 4