Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 NFS Services Administrator’s Guide: HP-UX 11i version 3 > Chapter 2 Configuring and Administering NFS Services

Configuring RPC-based Services
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

This section describes the following tasks:

Enabling Other RPC Services

  1. In the /etc/inetd.conf file, use a text editor to uncomment the entries that begin with “rpc” .

    Following is the list of entries in an /etc/inetd.conf file:

    #rpc stream tcp nowait root /usr/sbin/rpc.rexd 100017 1 rpc.rexd#rpc dgram udp wait root /usr/lib/netsvc/rstat/rpc.rstatd 100001 2-4 rpc.rstatd#rpc dgram udp wait root /usr/lib/netsvc/rusers/rpc.rusersd 100002 1-2 rpc.rusersd#rpc dgram udp wait root /usr/lib/netsvc/rwall/rpc.rwalld 100008 1 rpc.rwalld#rpc dgram udp wait root /usr/sbin/rpc.quotad 100011 1 rpc.quotad#rpc dgram udp wait root /usr/lib/netsvc/spray/rpc.sprayd 100012 1 rpc.sprayd#rpc xti ticotsord swait root /usr/lib/netsvc/gss/gssd 100234 1 gssd

  2. Enter the following command to force inetd to read its configuration file:

    /usr/sbin/inetd -c
CAUTION: Do not issue the/usr/sbin/inetd command if NFS is not yet running on your system. The NFS.core startup script starts the rpcbind process, which must be running before you configure inetd to manage RPC-based services.

Table 2-8 lists the RPC daemons and services that can be started by the inetd daemon. It briefly describes each one and specifies the manpage you can refer to for more information.

Table 2-8 RPC Services managed by inetd

RPC ServiceDescription

rexd

The rpc.rexd program is the server for the on command, which starts the Remote Execution Facility (REX). The on command sends a command to be executed on a remote system. The rpc.rexd program on the remote system executes the command, simulating the environment of the user who issued the on command. For more information, see rexd (1M) and on (1).

rstatd

The rpc.rstatd program answers requests from the rup command, which collects and displays status information about the systems on the local network. For more information, see rstatd (1M) and rup (1).

rusersd

The rpc.rusersd program responds to requests from the rusers command, which collects and displays information about all users who are logged in to the systems on the local network. For more information, see rusersd (1M) and rusers (1).

rwalld

The rpc.rwalld program handles requests from the rwall program. The rwall program sends a message to a specified system where the rpc.rwalld program is running, and the message is written to all users logged in to the system. For more information, see rwalled (1M) and rwall (1M).

sprayd

The rpc.sprayd program is the server for the spray command, which sends a stream of packets to a specified host and then reports how many were received and how fast. For more information, see sprayd (1M) and spray (1M).

rquotad

Therpc.rquotad program responds to requests from the quota command, which displays information about a user’s disk usage and limits. For more information, see rquotad (1M) and quota (1).

gssd

The gssd program operates between the Kernel RPC and the Generic Security Services Application Program Interface (GSS-API) to generate and validate the GSS-API tokens. For more information, see gssd(1M).

 

Restricting Access to RPC-based Services

To restrict access to RPC-based services, create an entry with the following syntax in the /var/adm/inetd.sec file for each service to which you want to restrict access:

service {allow} host_or_network [host_or_network...] {deny}

If the /var/adm/inetd.sec file does not exist, you may have to create it.

The service must match one of the service names in the /etc/rpc file.

Specify either allow or deny, but not both. Enter only one entry per service.

The host_or_network can be either an official host name, a network name, or an IP address. Any of the four numbers in an IP address can be specified as a range (for example, 1-28) or as a wildcard character (*).

The inetd.sec file is checked only when the service starts. If a service remains active and accepts more requests without being restarted, the inetd.secfile is not checked again.

You can use HP SMH to modify the /var/adm/inetd.sec file.

For more information, see inetd.conf (4) and inetd.sec (4).

Examples from /var/adm/inetd.sec

In the following example, only hosts on subnets 15.13.2.0 through 15.13.12.0 are allowed to use the spray command:

sprayd allow 15.13.2-12.0

In the following example, the host cauliflower is prevented from using the rwall command:

rwalld deny cauliflower


Configuring and Using NFS Netgroups
  		 


Chapter 3 Configuring and Administering AutoFS  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2008 Hewlett-Packard Development Company, L.P.