Make a sysconfig variable controlling if teh kernel should accept

nfs requests from non-privileged ports.

Change mountd such that it does never set this variable, but only clears
it when run with -n. Also document this in the man page.

2 files changed, 11 insertions, 2 deletions

diff --git a/etc/rc b/etc/rc
index d100dad..1e017b2 100644
--- a/etc/rc
+++ b/etc/rc
@@ -1,5 +1,5 @@
 #!/bin/sh
-#	$Id: rc,v 1.114 1997/03/16 15:26:32 joerg Exp $
+#	$Id: rc,v 1.115 1997/04/01 01:00:34 pst Exp $
 #	From: @(#)rc	5.27 (Berkeley) 6/5/91
 
 # System startup script run by init on autoboot
@@ -262,6 +262,9 @@ if [ "X${nfs_server}" = X"YES" -a -r /etc/exports ]; then
 	else
 		mountd
 	fi
+	if [ "X${nfs_reserved_port_only}" = X"YES" ]; then
+		sysctl -w vfs.nfs.nfs_privport=1
+	fi
 	echo -n ' nfsd';		nfsd -u -t 4
 # Warning: rpc.lockd is broken.
 # Only uncomment this line if the consequences are fully understood.
diff --git a/etc/sysconfig b/etc/sysconfig
index 3ea1f00..2a0eec4 100644
--- a/etc/sysconfig
+++ b/etc/sysconfig
@@ -4,7 +4,7 @@
 # This is sysconfig - a file full of useful variables that you can set 
 # to change the default startup behavior of your system.
 #
-#	$Id: sysconfig,v 1.61 1997/03/16 15:26:34 joerg Exp $
+#	$Id: sysconfig,v 1.62 1997/04/01 01:00:35 pst Exp $
 
 ######################### Start Of Local Configuration Section ###########
 
@@ -206,6 +206,12 @@ nfs_client=NO
 # Set to YES if this machine will be an NFS server
 nfs_server=NO
 
+# the following option controls if the nfs server will be only allow
+# requests from reserved ports. NB: running mountd with
+# weak_mountd_authentication=YES will automatically clear this flag.
+# See also mountd(8)
+nfs_reserved_port_only=NO
+
 # Set to appropriate flags if you want to start NIS for a client
 nis_clientflags="NO"