1.\" $NetBSD: rpcbind.8,v 1.11 2009/03/11 14:00:11 joerg Exp $ 2.\" @(#)rpcbind.1m 1.19 92/09/14 SMI; from SVr4 3.\" Copyright 1989 AT&T 4.\" Copyright 1991 Sun Microsystems, Inc. 5.Dd October 19, 2008 6.Dt RPCBIND 8 7.Os 8.Sh NAME 9.Nm rpcbind 10.Nd universal addresses to RPC program number mapper 11.Sh SYNOPSIS 12.Nm 13.Op Fl dilLs 14.Sh DESCRIPTION 15.Nm 16is a server that converts 17.Tn RPC 18program numbers into 19universal addresses. 20It must be running on the host to be able to make 21.Tn RPC 22calls 23on a server on that machine. 24.Pp 25When an 26.Tn RPC 27service is started, 28it tells 29.Nm 30the address at which it is listening, 31and the 32.Tn RPC 33program numbers it is prepared to serve. 34When a client wishes to make an 35.Tn RPC 36call to a given program number, 37it first contacts 38.Nm 39on the server machine to determine 40the address where 41.Tn RPC 42requests should be sent. 43.Pp 44.Nm 45should be started before any other RPC service. 46Normally, standard 47.Tn RPC 48servers are started by port monitors, so 49.Nm 50must be started before port monitors are invoked. 51.Pp 52When 53.Nm 54is started, it checks that certain name-to-address 55translation-calls function correctly. 56If they fail, the network configuration databases may be corrupt. 57Since 58.Tn RPC 59services cannot function correctly in this situation, 60.Nm 61reports the condition and terminates. 62.Pp 63.Nm 64can only be started by the super-user. 65.Pp 66Access control is provided by 67.Pa /etc/hosts.allow 68and 69.Pa /etc/hosts.deny , 70as described in 71.Xr hosts_access 5 72with daemon name 73.Nm . 74.Sh OPTIONS 75.Bl -tag -width Ds 76.It Fl d 77Run in debug mode. 78In this mode, 79.Nm 80will not fork when it starts, will print additional information 81during operation, and will abort on certain errors. 82With this option, the name-to-address translation consistency 83checks are shown in detail. 84.It Fl i 85.Dq insecure 86mode. 87Allows calls to SET and UNSET from any host. 88Normally 89.Nm 90accepts these requests only from the loopback interface for security reasons. 91This change is necessary for programs that were compiled with earlier 92versions of the rpc library and do not make those requests using the 93loopback interface. 94.It Fl l 95Turns on libwrap connection logging. 96.It Fl s 97Causes 98.Nm 99to change to the user daemon as soon as possible. 100This causes 101.Nm 102to use non-privileged ports for outgoing connections, preventing non-privileged 103clients from using 104.Nm 105to connect to services from a privileged port. 106.It Fl L 107Allow old-style local connections over the loopback interface. 108Without this flag, local connections are only allowed over a local socket, 109.Pa /var/run/rpcbind.sock 110.El 111.Sh NOTES 112All RPC servers must be restarted if 113.Nm 114is restarted. 115.Sh FILES 116.Bl -tag -width "/var/run/rpcbind.sock" -compact 117.It Pa /var/run/rpcbind.sock 118.It Pa /etc/hosts.allow 119explicit remote host access list. 120.It Pa /etc/hosts.deny 121explicit remote host denial of service list. 122.El 123.Sh SEE ALSO 124.Xr rpcbind 3 , 125.Xr hosts_access 5 , 126.Xr hosts_options 5 , 127.Xr netconfig 5 , 128.Xr rpcinfo 8 129