We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

disable rpc.statd service

virgo0880
virgo0880 asked
on
Medium Priority
6,697 Views
Last Modified: 2013-11-17
Hi All,

I want to disable the rpc.statd services running on the system as it one of the vulnerability that needs to be closed. Actually in /etc/inetd.conf it is commented out. I know it can be disabled using lssrc -s rpc.statd but I want it to be disabled during startup also..i.e. if i reboot my server it should not start at all. How it can be done. I am using AIX 5.3 and i have to do it on solaris 9 also. kindly help in this regard.

Thanks
virgo
Comment
Watch Question

CERTIFIED EXPERT
Most Valuable Expert 2013
Top Expert 2013

Commented:
Hi,

AIX:

rpc.statd (NFS crash and recovery functions for the locking services) is not in inetd.conf, it's in /etc/rc.nfs!

In inetd.conf is rpc.rstatd, responsible for performance statistics obtained from the kernel.

Which one are you actually talking about?

If it's rstatd: Commenting it out in /etc/inetd.conf is sufficient to keep inetd from starting it on demand.

statd is needed for NFS. It will start with the system as long as NFS is present.

To stop NFS completely and permanently (and rpc.statd with it) use "smitty rmnfs" -> "both"
or
/usr/sbin/rmnfs -B

Solaris:

The tool to be used should be "svcadm"

To disable NFS:

svcadm disable nfs/server

or to disable rstatd:

svcadm disable rstatd


wmp

Author

Commented:
I am talking about rpc.statd. I want to disable only rpc.statd (NFS crash and recovery functions for the locking services) and not the whole nfs, as we are using nfs for mounting some remote mounts. Is there a way to disable only rpc.statd service instead of disabling the whole nfs. I read that it is possible by editing /etc/rc.nfs script, but for me it looks to be difficult so i thought may be there is some way to stop it like stopsrc -s rpc.statd, but it will start again after reboot, how can i stop it duirng startup.

The same with solaris systems.

Thanks
virgo
CERTIFIED EXPERT

Commented:
stopsrc -s rpc.statd

vi /etc/inittab and comment out the rpc.statd line

Author

Commented:
No dfke, that doesnt works. Even you comment out the entry in inetd.conf, the service will be started using /etc/rc.nfs script from /etc/inittab. Is there any other way.

CERTIFIED EXPERT
Most Valuable Expert 2013
Top Expert 2013
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Author

Commented:
Ok, apart from changing the permissions is there a way of stopping the service during startup ?

virgo
CERTIFIED EXPERT
Most Valuable Expert 2013
Top Expert 2013

Commented:
Why don't you want to go the easiest way?

OK, add a line to /etc/inittab at the end:

stopstatd:23456789:wait:/usr/bin/stopsrc -s rpc.statd >/dev/null 2>&1

or edit /etc/rc.nfs, comment out this part:


#
# start up status monitor and locking daemon if present
#
if [ -x /usr/sbin/rpc.statd ]; then
        # Do not start rpc.statd if TCP/IP is not configured
        if [ "`/usr/sbin/ifconfig -l`" != "lo0" ]; then
            if [ $STATD_DEBUG_LEVEL != "NONE" ]; then
                if [ $STATD_MAX_THREADS != "NONE" ]; then
                    start rpc.statd /usr/sbin/rpc.statd -d $STATD_DEBUG_LEVEL -t $STATD_MAX_THREADS
                else
                    start rpc.statd /usr/sbin/rpc.statd -d $STATD_DEBUG_LEVEL
                fi
            else
                if [ $STATD_MAX_THREADS != "NONE" ]; then
                    start rpc.statd /usr/sbin/rpc.statd -t $STATD_MAX_THREADS
                else
                    start rpc.statd /usr/sbin/rpc.statd
                fi
            fi
        fi
fi


Changing permissions is easier, and easier to revert - but it's your decision, Sir!

Author

Commented:
Yes, these are very good options. But the one with inittab entry looks good instead of messing with rc.nfs script. I will check that and revert.

Thanks
virgo

Author

Commented:
For solaris, I dont have svcadm command on the system , so how can i do it in solaris 9 ?
CERTIFIED EXPERT
Most Valuable Expert 2013
Top Expert 2013

Commented:
Sorry, I'm not Solaris expert enough to give a reliable answer here.

svcadm would have been good for disabling NFS as a whole.
How to disable only statd is far beyond my Solaris knowledge.

wmp

Author

Commented:
ok, I will raise that question in solaris forum. Thanks for your help.

virgo
CERTIFIED EXPERT
Most Valuable Expert 2013
Top Expert 2013

Commented:
OK, but removing "execute" permission from statd should help in Solaris too!

Author

Commented:
Hi Wmp,

Do you have any idea from where to get this CVE-2006-0058 (cve numbers) details to remove the vulnerabilities for AIX systems as this is having the list of patches that should be applied to the systems to remove that vulnerability and also how to check whether that apars are installed or not.

I know its a random question, but wondering if you can throw some light on this.

Thanks
virgo
CERTIFIED EXPERT
Most Valuable Expert 2013
Top Expert 2013

Commented:

Author

Commented:
Thanks for that links I will have a look at it.

virgo
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.