Denis Zaitceff [Fri, 20 Jun 2014 17:09:26 +0000 (23:09 +0600)]
Only fail an 'unregister' attempt if nothing can be unregistered.
It is possible that the registration for some protocol can be
unregistered by a given request, but others cannot.
Currently we abort if we find something that cannot be unregistered,
even if we have already successfuly unregistered something else.
It is better to unregister whatever we can, and return success if
anything was successful.
Original comment:
There is some inconsistency(-alike?) in the portmap protocol:
a) PMAPPROC_SET registers the only one program using the
(prog,vers,prot) key, while PMAPPROC_UNSET unregisters all the (two)
programs, as it uses just the (prog,vers) key.
b) Then, it seems to be pretty legal, if two different processes SET
the same (prog,vers) tuples - one for TCP and another for UDP.
And at the UNSET step, portmap can catch some security question: say,
one process has been used the privileged port for registration, while
another process has not. And, considering b), portmap must refuse to
UNSET the privileged port if it was asked by unprivileged port's
process. And this should not be considered as an error, while ever
one port is UNSET. But in the current implementation, that "mixed"
cases are treated as just an error. The patch fixes this behaviour.
Please apply it, if my understanding is correct.
Mike Frysinger [Tue, 11 Jan 2011 19:09:05 +0000 (14:09 -0500)]
NO_PERROR: control overriding of perror() symbol
Doing static builds of portmap might fail when the C library's perror()
function is pulled in and collides with portmap's definition. So add a
flag to control the local override.
Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Neil Brown <neilb@suse.de>
Mike Frysinger [Tue, 11 Jan 2011 19:09:04 +0000 (14:09 -0500)]
NO_FORK: control usage of fork() for nommu systems
nommu systems lack a fork() function, so add a NO_FORK flag to control
its usage. We don't lose a ton of functionality in doing so, and on an
embedded system, this is OK.
Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Neil Brown <neilb@suse.de>
Enrico Weigelt [Tue, 13 May 2008 01:20:53 +0000 (11:20 +1000)]
Various config and option improvements.
- Various aspects of the Makefile are not configurable by setting
macros on commandline or in environment
- new config.h file to allow various tunables like daemon uid and
path to record current mapping table.
- new commandline to:
Allow foreground running with syslog logging (-F)
Change the file in which the mapping is stored (-f)
Specify the username that portmap should run as (-U).
Neil Brown [Sun, 15 Jul 2007 23:18:55 +0000 (09:18 +1000)]
Treat ports below 512 as reserved ports.
Though applications trying to bind a reserved port normally look in
the range 512-1024 (because below there is very dense with well known
ports), all ports 1-1024 are reserved in that only root can bind to them.
So when checking if a port is 'reserved' we should allow it anywhere in
the full range.
This allows sunrpc.minresvport to be set low and portmap will still
allow mappings made by the kernel.
The status of 0 as a reserved port is doubtful, but
check_privileged_port will never be called with a 0, so it doesn't
matter.
Mike Frysinger [Sun, 13 May 2007 21:15:12 +0000 (17:15 -0400)]
respect DESTDIR and dont use -s with install
$(DESTDIR) is the standard for installing into other trees, not $(BASEDIR) ...
so I've converted the Makefile to use that. I've also left in $(BASEDIR) as a
default to support old installs; not sure if you'd just cut it.
Stripping should be left to the person to handle, not automatically done by
the install step. Also, `install -s` always calls `strip` which is
wrong/undesired in cross-compiling scenarios.
Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Mon, 23 Apr 2007 06:20:21 +0000 (16:20 +1000)]
Enable compile-time configurable DNS lookup for tcp_wrapper checking.
There is some small risk of deadlocking if portmap uses gethostbyaddr
for source host authentication. But some people like it.
So make it compile-time configurable:
make USE_DNS=yes
Neil Brown [Mon, 23 Apr 2007 06:20:17 +0000 (16:20 +1000)]
Allow uid/gid to be set at compile or run time.
New compile time options to set uid and gid rather than default of '1'.
Also compile-time configurable username to provide uid/gid.
Also -u and -g runtime options to set same.
Neil Brown [Fri, 20 Apr 2007 02:42:48 +0000 (12:42 +1000)]
Improve protection against unapproved service deletion.
If a privilege port was used to register a service, then a privileged
port must be used to unregister it.
This allows system services (statd/lockd/mountd) to safely register
non-privileged ports.
This is good because they don't really need privileged ports, and
using privileged ports when not needed is a waste of scarce recourses.
Neil Brown [Fri, 20 Apr 2007 02:41:29 +0000 (12:41 +1000)]
Remove #define of perror.
Original code defined a new perror to send error messages via
syslog so that perror calls in the rpc library would be redefined as well,
and the had -Dperror=xperror in the Makefile to override this.
Debian and Fedora just removed the "-Dperror=.."
SuSE fixed up problems by adding some more "#undef perror".
I have taken the Debian/Fedora approach and tidied up related bits of code.