[CentOS] nlockdmgr listen on privileged port

Wed Mar 30 19:35:13 UTC 2011
Tim Dunphy <bluethundr at gmail.com>

hey list!

 I am attempting to shore up some centos machines (ranging from centos
5 to centos 5.4) for pci compliance by changing the port that
nlockdmgr listens on to function under a privileged port.

 So what I did was try to hardcode the port by editing  /etc/sysconfig/nfs


# TCP port rpc.lockd should listen on.
LOCKD_TCPPORT=1011
# UDP port rpc.lockd should listen on.
LOCKD_UDPPORT=1011
#


And /etc/modprobe.conf


alias eth1 e1000e
alias scsi_hostadapter 3w-9xxx
alias scsi_hostadapter1 usb-storage
alias eth0 e1000e
options lockd nlm_udpport=1011
options lockd nlm_tcpport=1011


and then restarting the pormap service. I've even tried restarting the
network service, but unfortunately nothing seems affected:



[root at stallion:/etc/init.d] $ rpcinfo -p
   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100021    1   udp  55394  nlockmgr
    100021    3   udp  55394  nlockmgr
    100021    4   udp  55394  nlockmgr
    100021    1   tcp  33704  nlockmgr
    100021    3   tcp  33704  nlockmgr
    100021    4   tcp  33704  nlockmgr
    100024    1   udp    786  status
    100024    1   tcp    789  status


Does anyone have any tips on how to get this to work the way I'm asking it to?

regards
~
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B