[CentOS] nlockdmgr listen on privileged port

Tim Dunphy bluethundr at gmail.com
Thu Mar 31 14:46:42 UTC 2011


oh a wise guy, eh?? nyuk nyuk nyuk nyuk! :p

On Thu, Mar 31, 2011 at 3:29 AM, Tony Molloy <tony.molloy at ul.ie> wrote:
> On Wednesday 30 March 2011 20:35:13 Tim Dunphy wrote:
>
>> hey list!
>
>>
>
>> I am attempting to shore up some centos machines (ranging from centos
>
>> 5 to centos 5.4) for pci compliance by changing the port that
>
>> nlockdmgr listens on to function under a privileged port.
>
>>
>
>> So what I did was try to hardcode the port by editing /etc/sysconfig/nfs
>
>>
>
>>
>
>> # TCP port rpc.lockd should listen on.
>
>> LOCKD_TCPPORT=1011
>
>> # UDP port rpc.lockd should listen on.
>
>> LOCKD_UDPPORT=1011
>
>> #
>
>>
>
>>
>
>> And /etc/modprobe.conf
>
>>
>
>>
>
>> alias eth1 e1000e
>
>> alias scsi_hostadapter 3w-9xxx
>
>> alias scsi_hostadapter1 usb-storage
>
>> alias eth0 e1000e
>
>> options lockd nlm_udpport=1011
>
>> options lockd nlm_tcpport=1011
>
>>
>
>>
>
>> and then restarting the pormap service. I've even tried restarting the
>
>> network service, but unfortunately nothing seems affected:
>
>>
>
>>
>
>>
>
>> [root at stallion:/etc/init.d] $ rpcinfo -p
>
>> program vers proto port
>
>> 100000 2 tcp 111 portmapper
>
>> 100000 2 udp 111 portmapper
>
>> 100021 1 udp 55394 nlockmgr
>
>> 100021 3 udp 55394 nlockmgr
>
>> 100021 4 udp 55394 nlockmgr
>
>> 100021 1 tcp 33704 nlockmgr
>
>> 100021 3 tcp 33704 nlockmgr
>
>> 100021 4 tcp 33704 nlockmgr
>
>> 100024 1 udp 786 status
>
>> 100024 1 tcp 789 status
>
>>
>
>>
>
>> Does anyone have any tips on how to get this to work the way I'm asking it
>
>> to?
>
>>
>
> How about trying to restart the nfs service ;-)
>
> Tony
>
>> regards
>
>> ~
>
>> GPG me!!
>
>>
>
>> gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
>
>> _______________________________________________
>
>> CentOS mailing list
>
>> CentOS at centos.org
>
>> http://lists.centos.org/mailman/listinfo/centos
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>



-- 
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B



More information about the CentOS mailing list