From a1ea8f4c10d090c7e93a73cc191e4eefeb449efd Mon Sep 17 00:00:00 2001 From: avsm <> Date: Sun, 28 May 2006 23:29:32 +0000 Subject: [PATCH] Add support for NFS mounts to be from non-reserved ports: - new sysctl vfs.nfs.privport to require NFS mount requests to be on reserved ports when set to 1 (the default). - mountd now automatically sets the sysctl depending on the -n flag. - add mountd_flags to rc.conf to enable the -n flag at boot. deraadt@ ok --- src/etc/rc | 4 ++-- src/etc/rc.conf | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/src/etc/rc b/src/etc/rc index 5b2bc549..38379f36 100644 --- a/src/etc/rc +++ b/src/etc/rc @@ -1,4 +1,4 @@ -# $OpenBSD: rc,v 1.281 2006/03/27 16:53:10 reyk Exp $ +# $OpenBSD: rc,v 1.282 2006/05/28 23:29:32 avsm Exp $ # System startup script run by init on autoboot # or after single-user. @@ -383,7 +383,7 @@ if [ X"${nfs_server}" = X"YES" -a -s /etc/exports -a \ `sed -e '/^#/d' < /etc/exports | wc -l` -ne 0 ]; then rm -f /var/db/mountdtab echo -n > /var/db/mountdtab - echo -n ' mountd'; mountd + echo -n ' mountd'; mountd ${mountd_flags} echo -n ' nfsd'; nfsd ${nfsd_flags} if [ X"${lockd}" = X"YES" ]; then echo -n ' rpc.lockd'; rpc.lockd diff --git a/src/etc/rc.conf b/src/etc/rc.conf index e919bf13..7b71c6a1 100644 --- a/src/etc/rc.conf +++ b/src/etc/rc.conf @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: rc.conf,v 1.111 2006/03/27 16:53:10 reyk Exp $ +# $OpenBSD: rc.conf,v 1.112 2006/05/28 23:29:32 avsm Exp $ # set these to "NO" to turn them off. otherwise, they're used as flags routed_flags=NO # for normal use: "-q" @@ -82,6 +82,7 @@ savecore_flags= # "-z" to compress ypserv_flags= # E.g. -1 for YP v1, -d for DNS etc yppasswdd_flags=NO # "-d /etc/yp" if passwd files are in /etc/yp nfsd_flags="-tun 4" # Crank the 4 for a busy NFS fileserver +mountd_flags= # "-n" to permit non-reserved port NFS mounts amd_dir=/tmp_mnt # AMD's mount directory amd_master=/etc/amd/master # AMD 'master' map syslogd_flags= # add more flags, ie. "-u -a /chroot/dev/log"