Re: Bug#638322: nfs-common: rpc.statd binds to udp port 631 preventing cups startup
On Fri, 19 Aug 2011, Adam Borowski <kilobyte@angband.pl> wrote:
> Or use a whitelist rather than pretending that /etc/services was complete
> anywhere within the last 20 years.
AFAIK /etc/services has always been a complete list of ports assigned by IANA.
If someone makes a port commonly used without getting IANA approval that's
their problem/mistake.
> Not to mention bindresvport() removes the freedom of the sysadmin to bind
> services to whatever ports she wishes. Or, say, run multiple instances of
> a service.
If you make your program use bindresvport() then it means that you don't care
what the port number is as long as it's in the reserved range. This generally
means that it's a RPC service and the Portmapper will tell everyone which port
to use or that there is some other channel to tell the clients which port to
connect to (maybe a bit like the FTP two-port setup).
If you run multiple instances of a service using RPC then I guess you could
use different names with the Portmapper.
It seems to me that the only problem is if you run multiple instances of a
daemon on different ports and don't use /etc/bindresvport.blacklist, SE Linux,
or some other method of telling bindresvport() to leave your port alone. That
wouldn't be an issue of sysadmin freedom but sysadmin ignorance (and I am one
of the people who was ignorant of bindresvport.blacklist).
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
Reply to: