rpcbind(1M) rpcbind(1M) NAME rpcbind - universal addresses to RPC program number mapper SYNOPSIS /usr/etc/rpcbind [ -mvC ] [ -f forkcnt ] -l backlog ] [ -a mask,match | -a match ] DESCRIPTION rpcbind is a server that converts RPC program numbers into universal addresses. It must be running to make RPC calls. When an RPC service is started, it will tell rpcbind at what address it is listening, and what RPC program numbers it is prepared to serve. When a client wishes to make an RPC call to a given program number, it will first contact rpcbind on the server machine to determine the address where RPC packets should be sent. Normally, standard RPC servers are started by port monitors, so rpcbind must be started before port monitors are invoked. rpcbind is restricted to users with the root user ID. Options to customize rpcbind's behavior are read from the file /etc/config/rpcbind.options during system initialization. The options are: -m Enable reception of RPC requests sent to rpcbind's multicast address. -v Turn on verbose mode. In this mode, additional debugging and error information is printed to stderr. -C Turn on compatibility mode. This will allow local applications to register with rpcbind using a network address other than the loopback address. Applications that do not use the SGI-provided RPC interfaces to register with rpcbind may require this option to function properly. However, use of this option will also introduce a known security problem. -f forkcnt Ignored by rpcbind. It is supplied to provide command line compatibility with portmap. -l backlog Set the limit on the length of the queue of pending connections for connection-oriented services such as TCP. This option can only be used to increase the limit from the default value (currently 64). -w When rpcbind receives a SIGINT signal, it saves a copy of its configuration in /tmp/rpcbind.file and /tmp/portmap.file. The -w switch causes rpcbind to warm start and preconfigure itself from these files when it is started. -a mask,match -a match This option permits restriction of most of the rpcbind services to a subset of hosts or networks. (The rpcbind null procedure is not restricted.) The mask, and match arguments are IP addresses in Internet dot notation (see inet(3N)) that represent masks, hosts or networks. The mask and match arguments must be separated by a comma with no intervening whitespace. If mask and the comma are missing, the argument is interpreted as a Class A, B, or C network number and the mask is set to the value appropriate for the network's class. The -a option can be repeated up to 50 times. For each mask and match specified, the requesting client host's address is logically- ANDed with mask; if the result equals match, the client's request is processed. If none of the mask-match comparisons succeed, the request is rejected. Requests from all of the local host's addresses are always permitted. -A This option is equivalent to a series of -a options listing all of the addresses of interfaces on the machine, with their netmasks. It is convenient for authorizing hosts on directly connected networks and point-to-point links without explicitly enumerating the networks. The restrictions defined by -A do not count against the limit of 50 -a options. For example, if /etc/config/rpcbind.options contains -a 255.255.255.0,128.32.199.0 -a 192.0.2.0 -a 255.255.255.255,192.26.51.3 access is restricted to any host on the Class B 128.32.199 subnet or the Class C 192.0.2 network or to the host with the 192.26.51.3 address. Requests from clients on any other networks will be rejected. FILES /tmp/rpcbind.file /tmp/portmap.file NOTES If rpcbind crashes, all RPC servers must be restarted. SEE ALSO rpcinfo(1M), portmap(1M) Page 2