.\" $NetBSD: rpcbind.8,v 1.11 2009/03/11 14:00:11 joerg Exp $
.\" @(#)rpcbind.1m 1.19 92/09/14 SMI; from SVr4
.\" Copyright 1989 AT&T
.\" Copyright 1991 Sun Microsystems, Inc.
.Dd October 19, 2008
.Dt RPCBIND 8
.Os
.Sh NAME
.Nm rpcbind
.Nd universal addresses to RPC program number mapper
.Sh SYNOPSIS
.Nm
.Op Fl dilLs
.Sh DESCRIPTION
.Nm
is a server that converts
.Tn RPC
program numbers into
universal addresses.
It must be running on the host to be able to make
.Tn RPC
calls
on a server on that machine.
.Pp
When an
.Tn RPC
service is started,
it tells
.Nm
the address at which it is listening,
and the
.Tn RPC
program numbers it is prepared to serve.
When a client wishes to make an
.Tn RPC
call to a given program number,
it first contacts
.Nm
on the server machine to determine
the address where
.Tn RPC
requests should be sent.
.Pp
.Nm
should be started before any other RPC service.
Normally, standard
.Tn RPC
servers are started by port monitors, so
.Nm
must be started before port monitors are invoked.
.Pp
When
.Nm
is started, it checks that certain name-to-address
translation-calls function correctly.
If they fail, the network configuration databases may be corrupt.
Since
.Tn RPC
services cannot function correctly in this situation,
.Nm
reports the condition and terminates.
.Pp
.Nm
can only be started by the super-user.
.Pp
Access control is provided by
.Pa /etc/hosts.allow
and
.Pa /etc/hosts.deny ,
as described in
.Xr hosts_access 5
with daemon name
.Nm .
.Sh OPTIONS
.Bl -tag -width Ds
.It Fl d
Run in debug mode.
In this mode,
.Nm
will not fork when it starts, will print additional information
during operation, and will abort on certain errors.
With this option, the name-to-address translation consistency
checks are shown in detail.
.It Fl i
.Dq insecure
mode.
Allows calls to SET and UNSET from any host.
Normally
.Nm
accepts these requests only from the loopback interface for security reasons.
This change is necessary for programs that were compiled with earlier
versions of the rpc library and do not make those requests using the
loopback interface.
.It Fl l
Turns on libwrap connection logging.
.It Fl s
Causes
.Nm
to change to the user daemon as soon as possible.
This causes
.Nm
to use non-privileged ports for outgoing connections, preventing non-privileged
clients from using
.Nm
to connect to services from a privileged port.
.It Fl L
Allow old-style local connections over the loopback interface.
Without this flag, local connections are only allowed over a local socket,
.Pa /var/run/rpcbind.sock
.El
.Sh NOTES
All RPC servers must be restarted if
.Nm
is restarted.
.Sh FILES
.Bl -tag -width "/var/run/rpcbind.sock" -compact
.It Pa /var/run/rpcbind.sock
.It Pa /etc/hosts.allow
explicit remote host access list.
.It Pa /etc/hosts.deny
explicit remote host denial of service list.
.El
.Sh SEE ALSO
.Xr rpcbind 3 ,
.Xr hosts_access 5 ,
.Xr hosts_options 5 ,
.Xr netconfig 5 ,
.Xr rpcinfo 8