Bug#1109999: [nfs-common] default option (${STATDOPTS}) is not used
Package: nfs-common
Version: 1:2.8.3-1
Severity: grave
Dear mainteners,
In order to increase (a little !) security, and as defined into
http://wiki.debian.org/SecuringNFS, it is a good practice to defined one
static port for nfs-stad daemon.
This feature is available in the man. Furthermore, it is implemented
into /etc/default/nfs-common into variable STATDOPTS.
But is seems that /etc/init/nfs-common script has forgotten to use this
variable when launching daemon. As a result it is not possible to change
ANY option available for this daemon.
On debian bookwoorm, it works.
Find following diff bettween Bookworm and Trixie
diff /tmp/nfs-common-trixie /tmp/nfs-common-bookworm
22a23
> RPCGSSDOPTS=
30c31
< [ -x /usr/sbin/rpc.statd ] || exit 0
---
> [ -x /sbin/rpc.statd ] || exit 0
42c43
< while read -r DEV _ _ OPTS _
---
> while read DEV MTPT FSTYPE OPTS REST
89c90
< if [ -x /sbin/modprobe ] && [ -f /proc/modules ]
---
> if [ -x /sbin/modprobe -a -f /proc/modules ]
136c137
< --exec /usr/sbin/rpc.statd
---
> --exec /sbin/rpc.statd -- $STATDOPTS
Best regards
--
-- Jean-Marc LACROIX () --
-- mailto : jeanmarc.lacroix@free.fr --
Reply to: