> Quoth Richard L. Hamilton on Mon, Jun 18, 2007 at > 08:46:56PM -0700: > > Actually, didn't need to reboot, just restart > svc:/network/inetd:default > > (since I was the only user, it's not as if it would > bother anyone). One > > of the joys of SMF, at least when it works... > > > > Not that the log really told me anything I could > make heads or tails of. > > > > But I did notice something with rpcinfo: > ... > > Can you file a bug at bugs.opensolaris.org ?
But which is the bug, (a) that /usr/sbin/netservices sets it as ticotsord for the local case and rpc.ttdbserverd and/or its clients don't work with that, or (b) once rpc.ttdbserverd starts, it registers on tcp/tcp6 anyway, so that the misguided attempt at security by the netservices script not only breaks things, but doesn't actually provide security since anyone could trigger it to start (and register such that it accepts external requests) with rpcinfo -T ticotsord `uname -n` 100083 ? Personally, I think it's both - netservices ought to to something that works locally only vs local and remote, and somehow, rpc.ttdbserverd (and for that matter, any other rpc services with similar behavior) ought to support a mode of operation where they either constrain themselves to using the rpc registration set up for them by inetd (and don't register or listen on anything else), or else that they take an option that tells them to only bind to localhost. The problem being that for the former, I don't think either with old (pre-smf) or new inetd that there's a way to tell it that a single instance of a server process to be run in what used to be "wait" mode can serve multiple netids (or protocols or whatever), except for some special cases with the combined ipv4/ipv6 stack. So if the server wants to listen on multiple netids (protocols), it registers itself for the rest of them once started; meaning that only a client speaking the netid (protocol) registered with inetd will cause it to start, but one it's running, a client speaking any that it supports will work...very annoying... This message posted from opensolaris.org
