Enrico Weigelt [Tue, 13 May 2008 01:20:53 +0000 (11:20 +1000)]
Various config and option improvements.
- Various aspects of the Makefile are not configurable by setting
macros on commandline or in environment
- new config.h file to allow various tunables like daemon uid and
path to record current mapping table.
- new commandline to:
Allow foreground running with syslog logging (-F)
Change the file in which the mapping is stored (-f)
Specify the username that portmap should run as (-U).
Neil Brown [Sun, 15 Jul 2007 23:18:55 +0000 (09:18 +1000)]
Treat ports below 512 as reserved ports.
Though applications trying to bind a reserved port normally look in
the range 512-1024 (because below there is very dense with well known
ports), all ports 1-1024 are reserved in that only root can bind to them.
So when checking if a port is 'reserved' we should allow it anywhere in
the full range.
This allows sunrpc.minresvport to be set low and portmap will still
allow mappings made by the kernel.
The status of 0 as a reserved port is doubtful, but
check_privileged_port will never be called with a 0, so it doesn't
matter.
Mike Frysinger [Sun, 13 May 2007 21:15:12 +0000 (17:15 -0400)]
respect DESTDIR and dont use -s with install
$(DESTDIR) is the standard for installing into other trees, not $(BASEDIR) ...
so I've converted the Makefile to use that. I've also left in $(BASEDIR) as a
default to support old installs; not sure if you'd just cut it.
Stripping should be left to the person to handle, not automatically done by
the install step. Also, `install -s` always calls `strip` which is
wrong/undesired in cross-compiling scenarios.
Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Mon, 23 Apr 2007 06:20:21 +0000 (16:20 +1000)]
Enable compile-time configurable DNS lookup for tcp_wrapper checking.
There is some small risk of deadlocking if portmap uses gethostbyaddr
for source host authentication. But some people like it.
So make it compile-time configurable:
make USE_DNS=yes
Neil Brown [Mon, 23 Apr 2007 06:20:17 +0000 (16:20 +1000)]
Allow uid/gid to be set at compile or run time.
New compile time options to set uid and gid rather than default of '1'.
Also compile-time configurable username to provide uid/gid.
Also -u and -g runtime options to set same.
Neil Brown [Fri, 20 Apr 2007 02:42:48 +0000 (12:42 +1000)]
Improve protection against unapproved service deletion.
If a privilege port was used to register a service, then a privileged
port must be used to unregister it.
This allows system services (statd/lockd/mountd) to safely register
non-privileged ports.
This is good because they don't really need privileged ports, and
using privileged ports when not needed is a waste of scarce recourses.
Neil Brown [Fri, 20 Apr 2007 02:41:29 +0000 (12:41 +1000)]
Remove #define of perror.
Original code defined a new perror to send error messages via
syslog so that perror calls in the rpc library would be redefined as well,
and the had -Dperror=xperror in the Makefile to override this.
Debian and Fedora just removed the "-Dperror=.."
SuSE fixed up problems by adding some more "#undef perror".
I have taken the Debian/Fedora approach and tidied up related bits of code.
projects / portmap.git / log