From c0dad1ff8de1b9d4994133bc779a792853883a4d Mon Sep 17 00:00:00 2001 From: guido Date: Wed, 9 Apr 1997 20:17:15 +0000 Subject: Make a sysconfig variable controlling if teh kernel should accept nfs requests from non-privileged ports. Change mountd such that it does never set this variable, but only clears it when run with -n. Also document this in the man page. --- etc/rc | 5 ++++- etc/sysconfig | 8 +++++++- 2 files changed, 11 insertions(+), 2 deletions(-) (limited to 'etc') diff --git a/etc/rc b/etc/rc index d100dad..1e017b2 100644 --- a/etc/rc +++ b/etc/rc @@ -1,5 +1,5 @@ #!/bin/sh -# $Id: rc,v 1.114 1997/03/16 15:26:32 joerg Exp $ +# $Id: rc,v 1.115 1997/04/01 01:00:34 pst Exp $ # From: @(#)rc 5.27 (Berkeley) 6/5/91 # System startup script run by init on autoboot @@ -262,6 +262,9 @@ if [ "X${nfs_server}" = X"YES" -a -r /etc/exports ]; then else mountd fi + if [ "X${nfs_reserved_port_only}" = X"YES" ]; then + sysctl -w vfs.nfs.nfs_privport=1 + fi echo -n ' nfsd'; nfsd -u -t 4 # Warning: rpc.lockd is broken. # Only uncomment this line if the consequences are fully understood. diff --git a/etc/sysconfig b/etc/sysconfig index 3ea1f00..2a0eec4 100644 --- a/etc/sysconfig +++ b/etc/sysconfig @@ -4,7 +4,7 @@ # This is sysconfig - a file full of useful variables that you can set # to change the default startup behavior of your system. # -# $Id: sysconfig,v 1.61 1997/03/16 15:26:34 joerg Exp $ +# $Id: sysconfig,v 1.62 1997/04/01 01:00:35 pst Exp $ ######################### Start Of Local Configuration Section ########### @@ -206,6 +206,12 @@ nfs_client=NO # Set to YES if this machine will be an NFS server nfs_server=NO +# the following option controls if the nfs server will be only allow +# requests from reserved ports. NB: running mountd with +# weak_mountd_authentication=YES will automatically clear this flag. +# See also mountd(8) +nfs_reserved_port_only=NO + # Set to appropriate flags if you want to start NIS for a client nis_clientflags="NO" -- cgit v1.1