4.8 and NIS enabled client spawning listening UDP ports per
process
Brian Towles
brian at towles.com
Mon Jun 16 21:54:06 PDT 2003
This seems to happen in 4.8 Stable as well as Release..
Any clues?
Im leaning towards someting in PAM but dont quite know what.
Thanks
-=Brian
On Mon, 2003-06-16 at 10:48, brian at towles.com wrote:
> Howdy All
>
>
> I have a very weird issue.
>
> Im running a 4.8 Release box as a NIS client and for every process that
> either logs in or changes running as user a Listening UDP port is created.
>
> Im putting some sample output from ps sockstat and lsof to show what I
> mean. The problem is these UDP ports are listening ports bound to all
> interfaces.
>
> It appears to be releated to NIS because when i uncomment the +::::(etc)
> from the passwd and group files it goes away for any newly started
> processes. I dont even have to turn off ypbind.
>
> Ive tried to put ypbind in secure mode and well as non broadcast mode and
> the same results happen.
>
> Any ideas as to what this is? More importantly, any idea of how to get rid
> of it?
>
> Thanks
> -=Brian
>
> ------Applicable rc.conf entries------
> nisdomainname="nisdomain"
> nis_client_enable="YES"
> nis_client_flags="-m -S nisdomain,192.168.0.20"
>
> ------sample ps awux entries---------
> root 189 0.0 0.1 952 656 d0 Is+ 10:28AM 0:00.07
> /usr/libexec/getty std.9600 ttyd0
> www 191 0.9 2.1 12428 10808 ?? S 10:28AM 0:00.44
> /usr/local/sbin/httpd -k start -DSSL
> www 192 0.2 1.8 10664 8968 ?? S 10:28AM 0:00.34
> /usr/local/sbin/httpd -k start -DSSL
> www 193 0.0 2.4 13832 12296 ?? S 10:28AM 0:01.41
> /usr/local/sbin/httpd -k start -DSSL
> www 194 0.9 2.1 12332 10728 ?? S 10:28AM 0:00.47
> /usr/local/sbin/httpd -k start -DSSL
> root 221 0.0 0.5 5708 2484 ?? I 10:30AM 0:00.54 sshd: brian
> [priv] (sshd)
> brian 223 0.0 0.5 5700 2532 ?? S 10:30AM 0:00.69 sshd:
> brian at ttyp0 (sshd)
> brian 224 0.0 0.2 1120 936 p0 Is 10:30AM 0:00.47 -bash (bash)
> root 229 0.0 0.2 1116 956 p0 S 10:30AM 0:00.93 -su (bash)
> postfix 366 0.0 0.3 2280 1352 ?? S 10:43AM 0:00.07 proxymap -t
> unix -u
> postfix 368 0.0 0.3 2272 1348 ?? S 10:43AM 0:00.15
> trivial-rewrite -n rewrite -t unix -u
>
> --- results of sockstat -4 | grep udp -----
> www httpd 241 16 udp4 *:984 *:*
> www httpd 238 16 udp4 *:989 *:*
> brian bash 224 4 udp4 *:1068 *:*
> brian sshd 223 6 udp4 *:995 *:*
> root sshd 221 7 udp4 *:996 *:*
> www httpd 194 16 udp4 *:1005 *:*
> www httpd 193 16 udp4 *:1008 *:*
> www httpd 192 16 udp4 *:1007 *:*
> www httpd 191 16 udp4 *:1006 *:*
> www httpd 190 16 udp4 *:1009 *:*
> brian imapd 188 4 udp4 *:1010 *:*
> root snmpd 185 6 udp4 *:161 *:*
> postfix qmgr 178 9 udp4 *:1012 *:*
> postfix pickup 177 9 udp4 *:1013 *:*
> root ypbind 81 4 udp4 *:1017 *:*
> daemon portmap 79 3 udp4 *:111 *:*
> bind named 76 3 udp4 *:53 *:*
> bind named 76 20 udp4 192.168.0.2:53 *:*
> bind named 76 22 udp4 127.0.0.1:53 *:*
> root syslogd 73 4 udp4 *:514 *:*
>
>
> ----results of lsof | grep UDP -----
> syslogd 73 root 4u IPv4 0xd5220e00 0t0 UDP *:syslog
> named 76 bind 3u IPv4 0xd5220d40 0t0 UDP *:domain
> named 76 bind 20u IPv4 0xd5220c80 0t0 UDP
> homestar.home.towles.com:domain
> named 76 bind 22u IPv4 0xd5220bc0 0t0 UDP
> localhost.home.towles.com:domain
> portmap 79 daemon 3u IPv4 0xd5220b00 0t0 UDP *:sunrpc
> ypbind 81 root 4u IPv4 0xd5220a40 0t0 UDP *:1017
> pickup 177 postfix 9u IPv4 0xd5220980 0t0 UDP *:1013
> qmgr 178 postfix 9u IPv4 0xd52208c0 0t0 UDP *:1012
> snmpd 185 root 6u IPv4 0xd5220800 0t0 UDP *:snmp
> imapd 188 brian 4u IPv4 0xd5220740 0t0 UDP *:1010
> httpd 190 www 16u IPv4 0xd52205c0 0t0 UDP *:1009
> httpd 191 www 16u IPv4 0xd5220380 0t0 UDP *:1006
> httpd 192 www 16u IPv4 0xd5220440 0t0 UDP *:1007
> httpd 193 www 16u IPv4 0xd5220500 0t0 UDP *:1008
> httpd 194 www 16u IPv4 0xd52202c0 0t0 UDP *:1005
> sshd 221 root 7u IPv4 0xd5221280 0t0 UDP *:vsinet
> sshd 223 brian 6u IPv4 0xd5221340 0t0 UDP *:pop3s
> bash 224 brian 4u IPv4 0xd5221400 0t0 UDP
> *:instl_bootc
> httpd 238 www 16u IPv4 0xd52214c0 0t0 UDP *:ftps-data
> httpd 241 www 16u IPv4 0xd5221640 0t0 UDP *:984
>
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list