• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4700
  • Last Modified:

disable rpc.statd service

Hi All,

I want to disable the rpc.statd services running on the system as it one of the vulnerability that needs to be closed. Actually in /etc/inetd.conf it is commented out. I know it can be disabled using lssrc -s rpc.statd but I want it to be disabled during startup also..i.e. if i reboot my server it should not start at all. How it can be done. I am using AIX 5.3 and i have to do it on solaris 9 also. kindly help in this regard.

Thanks
virgo
0
virgo0880
Asked:
virgo0880
  • 8
  • 6
1 Solution
 
woolmilkporcCommented:
Hi,

AIX:

rpc.statd (NFS crash and recovery functions for the locking services) is not in inetd.conf, it's in /etc/rc.nfs!

In inetd.conf is rpc.rstatd, responsible for performance statistics obtained from the kernel.

Which one are you actually talking about?

If it's rstatd: Commenting it out in /etc/inetd.conf is sufficient to keep inetd from starting it on demand.

statd is needed for NFS. It will start with the system as long as NFS is present.

To stop NFS completely and permanently (and rpc.statd with it) use "smitty rmnfs" -> "both"
or
/usr/sbin/rmnfs -B

Solaris:

The tool to be used should be "svcadm"

To disable NFS:

svcadm disable nfs/server

or to disable rstatd:

svcadm disable rstatd


wmp
0
 
virgo0880Author Commented:
I am talking about rpc.statd. I want to disable only rpc.statd (NFS crash and recovery functions for the locking services) and not the whole nfs, as we are using nfs for mounting some remote mounts. Is there a way to disable only rpc.statd service instead of disabling the whole nfs. I read that it is possible by editing /etc/rc.nfs script, but for me it looks to be difficult so i thought may be there is some way to stop it like stopsrc -s rpc.statd, but it will start again after reboot, how can i stop it duirng startup.

The same with solaris systems.

Thanks
virgo
0
 
dfkeCommented:
stopsrc -s rpc.statd

vi /etc/inittab and comment out the rpc.statd line
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
virgo0880Author Commented:
No dfke, that doesnt works. Even you comment out the entry in inetd.conf, the service will be started using /etc/rc.nfs script from /etc/inittab. Is there any other way.

0
 
woolmilkporcCommented:
There is no statd line in inittab.

Are you sure that you want to run NFS without statd? It's useful to notify clients that a crashed NFS server is up and running again!

/etc/rc.nfs checks for presence and "executability" of /usr/sbin/rpc.statd.

You could simply keep it from being started by removing the execute permission:

chmod a-x /usr/sbin/rpc.statd

I never used NFS without statd. Try it on your own risk!

wmp
0
 
virgo0880Author Commented:
Ok, apart from changing the permissions is there a way of stopping the service during startup ?

virgo
0
 
woolmilkporcCommented:
Why don't you want to go the easiest way?

OK, add a line to /etc/inittab at the end:

stopstatd:23456789:wait:/usr/bin/stopsrc -s rpc.statd >/dev/null 2>&1

or edit /etc/rc.nfs, comment out this part:


#
# start up status monitor and locking daemon if present
#
if [ -x /usr/sbin/rpc.statd ]; then
        # Do not start rpc.statd if TCP/IP is not configured
        if [ "`/usr/sbin/ifconfig -l`" != "lo0" ]; then
            if [ $STATD_DEBUG_LEVEL != "NONE" ]; then
                if [ $STATD_MAX_THREADS != "NONE" ]; then
                    start rpc.statd /usr/sbin/rpc.statd -d $STATD_DEBUG_LEVEL -t $STATD_MAX_THREADS
                else
                    start rpc.statd /usr/sbin/rpc.statd -d $STATD_DEBUG_LEVEL
                fi
            else
                if [ $STATD_MAX_THREADS != "NONE" ]; then
                    start rpc.statd /usr/sbin/rpc.statd -t $STATD_MAX_THREADS
                else
                    start rpc.statd /usr/sbin/rpc.statd
                fi
            fi
        fi
fi


Changing permissions is easier, and easier to revert - but it's your decision, Sir!

0
 
virgo0880Author Commented:
Yes, these are very good options. But the one with inittab entry looks good instead of messing with rc.nfs script. I will check that and revert.

Thanks
virgo
0
 
virgo0880Author Commented:
For solaris, I dont have svcadm command on the system , so how can i do it in solaris 9 ?
0
 
woolmilkporcCommented:
Sorry, I'm not Solaris expert enough to give a reliable answer here.

svcadm would have been good for disabling NFS as a whole.
How to disable only statd is far beyond my Solaris knowledge.

wmp
0
 
virgo0880Author Commented:
ok, I will raise that question in solaris forum. Thanks for your help.

virgo
0
 
woolmilkporcCommented:
OK, but removing "execute" permission from statd should help in Solaris too!
0
 
virgo0880Author Commented:
Hi Wmp,

Do you have any idea from where to get this CVE-2006-0058 (cve numbers) details to remove the vulnerabilities for AIX systems as this is having the list of patches that should be applied to the systems to remove that vulnerability and also how to check whether that apars are installed or not.

I know its a random question, but wondering if you can throw some light on this.

Thanks
virgo
0
 
virgo0880Author Commented:
Thanks for that links I will have a look at it.

virgo
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now