--- portmap-5.orig/debian/po/it.po +++ portmap-5/debian/po/it.po @@ -0,0 +1,57 @@ +# Italian (it) translation of debconf templates for portmap +# Copyright (C) 2005 Free Software Foundation, Inc. +# This file is distributed under the same license as the portmap package. +# Luca Monducci , 2005. +# +msgid "" +msgstr "" +"Project-Id-Version: portmap\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: 2005-04-04 21:23+0200\n" +"Last-Translator: Luca Monducci \n" +"Language-Team: Italian \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "Should portmap be bound to the loopback address?" +msgstr "Limitare portmap al solo indirizzo di loopback?" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "" +"Normalmente portmap si mette in ascolto su tutti gli indirizzi IP. Comunque, " +"se non si usano servizi RPC per connettersi a server remoti (come NFS o " +"NIS), è possibile limitarlo al solo indirizzo IP di loopback 127.0.0.1." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RPC services." +msgstr "" +"Questo permette il corretto funzionamento dei servizi RPC locali (come FAM) " +"e contemporaneamente impedisce l'accesso da parte di sistemi remoti ai " +"propri servizi RPC." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "" +"È anche possibile cambiare la configurazione modificando la riga OPTIONS nel " +"file /etc/default/portmap. Se non si specifica l'opzione -i la modifica ha " +"effetto su tutte le interfacce." --- portmap-5.orig/debian/po/fr.po +++ portmap-5/debian/po/fr.po @@ -0,0 +1,64 @@ +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# Developers do not need to manually edit POT or PO files. +# <>, 2005. +# +# +msgid "" +msgstr "" +"Project-Id-Version: portmap\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: 2005-03-29 21:06+0200\n" +"Last-Translator: Stephane Fombonne \n" +"Language-Team: French \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain;charset=iso-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "Should portmap be bound to the loopback address?" +msgstr "Portmap doit-il tre li l'adresse de bouclage ?" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "" +"Par dfaut, portmap coute toutes les adresses IP. Cependant, si vous " +"n'utilisez pas les services RPC se connectant sur des serveurs distants " +"(comme NFS ou NIS), vous pouvez le restreindre en toute scurit l'adresse " +"de bouclage 127.0.0.1 (loopback)." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RPC services." +msgstr "" +"Ceci permettra aux services RPC locaux (comme FAM) de fonctionner " +"correctement, tout en les prservant d'un accs par les systmes distants." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "" +"Vous pouvez galement modifier cette configuration en ditant la ligne " +"OPTIONS dans le fichier /etc/default/portmap. Si vous n'y utilisez pas " +"l'option -i, portmap sera li toutes les interfaces." --- portmap-5.orig/debian/po/uk.po +++ portmap-5/debian/po/uk.po @@ -0,0 +1,68 @@ +# translation of portmap-uk to Ukrainian +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans# +# Developers do not need to manually edit POT or PO files. +# Eugeniy Meshcheryakov , 2005. +# +msgid "" +msgstr "" +"Project-Id-Version: portmap-uk_uk\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: 2005-03-30 19:25+0300\n" +"Last-Translator: Eugeniy Meshcheryakov \n" +"Language-Team: Ukrainian\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.9.1\n" +"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%" +"10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "Should portmap be bound to the loopback address?" +msgstr "Чи повинен portmap бути прив'язаним до адреси локальної петлі?" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "" +"За замовчанням portmap прослуховує всі IP адреси. Однак, якщо ви не " +"використовуєте RPC служби, які з'єднуються до віддалених серверів (таких, як " +"NFS та NIS), ви безпечно можете прив'язати його до адреси локальної петлі " +"127.0.0.1." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RPC services." +msgstr "" +"Це дозволить локальним службам RPC (таким, як FAM) коректно працювати, " +"перешкоджаючи доступу до ваших служб RPC з боку віддалених систем." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "" +"Ви також можете змінити ці налаштування редагуючи рядок OPTIONS файла /etc/" +"default/portmap. Якщо ви не вкажете опцію -i, то portmap буде прослуховувати " +"всі інтерфейси." --- portmap-5.orig/debian/po/cs.po +++ portmap-5/debian/po/cs.po @@ -0,0 +1,64 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: portmap\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: 2005-03-29 21:06+0200\n" +"Last-Translator: Miroslav Kure \n" +"Language-Team: Czech \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-2\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "Should portmap be bound to the loopback address?" +msgstr "M se portmap svzat s adresou lokln smyky?" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "" +"Portmap implicitn naslouch na vech IP adresch. Pokud nepouvte RPC " +"sluby, kter se pipojuj ke vzdlencm serverm (jako NFS a NIS), mete " +"portmapper svzat s IP adresou lokln smyky 127.0.0.1." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RPC services." +msgstr "" +"Tmto umonte sprvn fungovn RPC slueb (nap. FAM), ani byste museli " +"povolit pstup k vaim RPC slubm z ostatnch pota." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "" +"Toto nastaven mete zmnit tak pravou dky OPTIONS v souboru /etc/" +"default/portmap. Pokud nezadte parametr -i, portmap se nave na vechna " +"sov rozhran." --- portmap-5.orig/debian/po/da.po +++ portmap-5/debian/po/da.po @@ -0,0 +1,65 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans# +# Developers do not need to manually edit POT or PO files. +# Claus Hindsgaul , 2005. +# +msgid "" +msgstr "" +"Project-Id-Version: portmap debconf\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: 2005-03-29 10:41+0200\n" +"Last-Translator: Claus Hindsgaul \n" +"Language-Team: Danish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.9.1\n" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "Should portmap be bound to the loopback address?" +msgstr "Skal portmap bindes til loopback-adressen?" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "" +"Portmap lytter som udgangspunkt til alle IP-adresser. Men hvis du ikke " +"benytter dig af RPC-services, der forbinder sig til fjerne servere (ssom " +"NFS eller NIS), kan du uden videre binde den til loopback IP-adressen " +"127.0.0.1." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RPC services." +msgstr "" +"Dette til give lokale RPC-services (som FAM) mulighed for at fungere " +"ordentligt, mens fjerne systemer hindres i at tilg dine RPC-services." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "" +"Du kan ogs ndre denne indstilling ved at redigere OPTIONS-linjen i filen /" +"etc/default/portmap. Hvis du slet ikke angiver tilvalget -i, vil den binde " +"sig til alle netkort." --- portmap-5.orig/debian/po/templates.pot +++ portmap-5/debian/po/templates.pot @@ -0,0 +1,57 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "Should portmap be bound to the loopback address?" +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RPC services." +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "" --- portmap-5.orig/debian/po/pt_BR.po +++ portmap-5/debian/po/pt_BR.po @@ -0,0 +1,73 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: portmap\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: 2005-03-26 21:24-0300\n" +"Last-Translator: Andr Lus Lopes \n" +"Language-Team: Debian-BR Project \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "Should portmap be bound to the loopback address?" +msgstr "O portmap deve ouvir somente no endereo de loopback por padro ?" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "" +"O portmap, por padro, ouve em todos os endereos IP. Porm, caso voc no " +"esteja utilizando servios RPC que se conectem a servidores remotos (como " +"NFS ou NIS) voc pode restring-lo somente ao endereo IP loopback 127.0.0.1 " +"com segurana." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RPC services." +msgstr "" +"Isso ir permitir que servios RPC locais (como o FAM) funcionem " +"corretamente e ao mesmo tempo evitar que sistemas remotos acessem seus " +"servios RPC." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "" +"Voc pode mudar essa configurao editando a linha OPTIONS no arquivo /etc/" +"default/portmap. Caso voc apenas no especifique a opo -i o portmap ir " +"ouvir em todas as interfaces de rede." + +#~ msgid "" +#~ "This portmap version binds to the loopback IP address 127.0.0.1 by " +#~ "default." +#~ msgstr "" +#~ "Esta verso do portmap ouve no endereo IP de loopback 127.0.0.1 por " +#~ "padro." --- portmap-5.orig/debian/po/POTFILES.in +++ portmap-5/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] templates --- portmap-5.orig/debian/po/ja.po +++ portmap-5/debian/po/ja.po @@ -0,0 +1,64 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: portmap\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: 2005-03-27 08:16+0900\n" +"Last-Translator: Kenshi Muto \n" +"Language-Team: Japanese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=EUC-JP\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "Should portmap be bound to the loopback address?" +msgstr "portmap ǥ롼ץХåɥ쥹Хɤ褦ˤޤ?" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "" +"portmap ϥǥեȤǤ٤Ƥ IP ɥ쥹ꥹ󤷤ޤ⡼Ȥ" +"Ф³ RPC ӥ (NFS NIS ʤ) ȤʤΤǤС롼" +"Хå IP ɥ쥹 127.0.0.1 Хɤ褦ˤǤޤ" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RPC services." +msgstr "" +"ˤꡢ⡼ȤΥƥबʤ RPC ӥ˥Τɤ" +"ġ RPC Υ륵ӥ (FAM ʤ) ư褦ˤʤޤ" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "" +"ϡ/etc/default/portmap ե OPTIONS ԤԽ뤳ȤǤѹ" +"Ǥޤñ -i ץꤷʤ褦ˤȡ٤ƤΥ󥿡ե" +"Хɤ褦ˤʤޤ" --- portmap-5.orig/debian/po/es.po +++ portmap-5/debian/po/es.po @@ -0,0 +1,92 @@ +# +# portmap debconf translation to Spanish +# Copyright (C) 2005 Software in the Public Interest +# This file is distributed under the same license as the portmap package. +# +# Changes: +# - Initial translation +# Anibal Monsalve Salazar +# - Revision: +# Jose Carlos Garcia Sogo , 2004 +# Javier Fernandez-Sanguino Pea , 2005 +# +# +# Traductores, si no conoce el formato PO, merece la pena leer la +# documentacin de gettext, especialmente las secciones dedicadas a este +# formato, por ejemplo ejecutando: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Equipo de traduccin al espaol, por favor, lean antes de traducir +# los siguientes documentos: +# +# - El proyecto de traduccin de Debian al espaol +# http://www.debian.org/intl/spanish/coordinacion +# especialmente las notas de traduccin en +# http://www.debian.org/intl/spanish/notas +# +# - La gua de traduccin de po's de debconf: +# /usr/share/doc/po-debconf/README-trans +# o http://www.debian.org/intl/l10n/po-debconf/README-trans +# +msgid "" +msgstr "" +"Project-Id-Version: portmap\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: 2005-03-23 22:30+0100\n" +"Last-Translator: Javier Fernandez-Sanguino Pea \n" +"Language-Team: Debian Spanish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "Should portmap be bound to the loopback address?" +msgstr "" +"Debería «portmap» enlazarse a la dirección de la interfaz de red local?" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "" +"La configuración por omisión de «portmap» hace que este escuche en todas las " +"direcciones IP disponibles. Sin embargo, si no está utilizando servicios RPC " +"para conectarse a servidores remotos (como NFS o NIS) puede enlazar éste a " +"la dirección de IP local 127.0.0.1." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RPC services." +msgstr "" +"Esto permitirá que los servicios RPC locales (como FAM) funcionen " +"correctamente mientras que impedirá que otros sistemas remotos accedan a sus " +"servicios RPC." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "" +"Puede cambiar esta configuración editando la línea OPTIONS en «/etc/default/" +"portmap». Si no se especifica la opción -i, el programa se enlazará a todas " +"las interfaces de red disponibles." + +#~ msgid "" +#~ "This portmap version binds to the loopback IP address 127.0.0.1 by " +#~ "default." +#~ msgstr "" +#~ "Esta versión de portmap se enlaza por defecto a la dirección IP 127.0.0.1 " +#~ "de la interfaz de red local." --- portmap-5.orig/debian/prerm +++ portmap-5/debian/prerm @@ -0,0 +1,9 @@ +#! /bin/sh +set -e + +if [ "$1" = "upgrade" ]; then + # save portmap state; will be reread when portmap start is run + pmap_dump >/var/run/portmap.upgrade-state +fi + +#DEBHELPER# --- portmap-5.orig/debian/docs +++ portmap-5/debian/docs @@ -0,0 +1 @@ +README --- portmap-5.orig/debian/dirs +++ portmap-5/debian/dirs @@ -0,0 +1,3 @@ +sbin +usr/share/man/man8 +usr/share/doc/portmap --- portmap-5.orig/debian/copyright +++ portmap-5/debian/copyright @@ -0,0 +1,51 @@ +This package was debianized by Anthony Towns on +Sat, 5 Aug 2000 22:08:49 +1000. + +It was then worked on by Herbert Xu after +Sat, 3 Apr 2004 16:54:01 +1000. + +It is now maintained by Anibal Monsalve Salazar + +Upstream location: ftp://ftp.porcupine.org/pub/security/ + +Upstream Author: Wietse Venema + +Copyright: + +Most of the files, fall under the following copyright, and are distributable +under the terms of the BSD license (/usr/share/common-licenses/BSD): + + * Copyright (c) 1983,1991 The Regents of the University of California. + * All rights reserved. + +Some of the RPC code, is copyrighted by Sun Microsystems, and is provided +under the following terms: + + * Sun RPC is a product of Sun Microsystems, Inc. and is provided for + * unrestricted use provided that this legend is included on all tape + * media and as a part of the software program in whole or part. Users + * may copy or modify Sun RPC without charge, but are not authorized + * to license or distribute it to anyone else except as part of a product or + * program developed by the user or with the express written consent of + * Sun Microsystems, Inc. + * + * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE + * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR + * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. + * + * Sun RPC is provided with no support and without any obligation on the + * part of Sun Microsystems, Inc. to assist in its use, correction, + * modification or enhancement. + * + * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE + * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC + * OR ANY PART THEREOF. + * + * In no event will Sun Microsystems, Inc. be liable for any lost revenue + * or profits or other special, indirect and consequential damages, even if + * Sun has been advised of the possibility of such damages. + * + * Sun Microsystems, Inc. + * 2550 Garcia Avenue + * Mountain View, California 94043 + --- portmap-5.orig/debian/rules +++ portmap-5/debian/rules @@ -0,0 +1,58 @@ +#!/usr/bin/make -f +# Sample debian/rules that uses debhelper. +# GNU copyright 1997 to 1999 by Joey Hess. +# Copyright (C) 2004-2005 by Anibal Monsalve Salazar + +# Uncomment this to turn on verbose mode. +export DH_VERBOSE=1 + +# This is the debhelper compatability version to use. +export DH_COMPAT=4 + +build: build-stamp +build-stamp: + dh_testdir + $(MAKE) + touch build-stamp + +clean: + dh_testdir + dh_testroot + -$(MAKE) clean + dh_clean build-stamp + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + $(MAKE) install BASEDIR=`pwd`/debian/portmap + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + dh_installdebconf + dh_installdocs + dh_installexamples + dh_installinit -- start 43 S . start 32 0 6 . start 18 2 3 4 5 . stop 81 1 . + dh_installcron + dh_installman + dh_installinfo + dh_installchangelogs CHANGES + dh_link + dh_strip + dh_compress + dh_fixperms + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- portmap-5.orig/debian/templates +++ portmap-5/debian/templates @@ -0,0 +1,14 @@ +Template: portmap/loopback +Type: boolean +Default: false +_Description: Should portmap be bound to the loopback address? + Portmap by default listens to all IP addresses. However, if you are + not using RPC services that connect to remote servers (like NFS or NIS) + you can safely bind it to the loopback IP address 127.0.0.1. + . + This will allow RPC local services (like FAM) to work properly while + preventing remote systems from accessing your RPC services. + . + You can change this configuration also by editing the OPTIONS + line in the /etc/default/portmap file. If you just don't specify + the -i option it will bind to all interfaces. --- portmap-5.orig/debian/control +++ portmap-5/debian/control @@ -0,0 +1,17 @@ +Source: portmap +Section: net +Priority: standard +Maintainer: Anibal Monsalve Salazar +Standards-Version: 3.6.1 +Build-Depends: libwrap-dev, debhelper (>= 4.1.16) + +Package: portmap +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, lsb-base (>= 1.3-9ubuntu3) +Replaces: netbase (<< 4.00) +Description: The RPC portmapper + Portmap is a server that converts RPC (Remote Procedure Call) program + numbers into DARPA protocol port numbers. It must be running in order + to make RPC calls. + . + Services that use RPC include NFS and NIS. --- portmap-5.orig/debian/init.d +++ portmap-5/debian/init.d @@ -0,0 +1,54 @@ +#!/bin/sh +# +# start/stop portmap daemon. + +test -f /sbin/portmap || exit 0 + +. /lib/lsb/init-functions + +OPTIONS="" +if [ -f /etc/default/portmap ]; then + . /etc/default/portmap +fi + +case "$1" in + start) + log_begin_msg "Starting portmap daemon..." + start-stop-daemon --start --quiet --oknodo --exec /sbin/portmap -- $OPTIONS + log_end_msg $? + + sleep 1 # needs a short pause or pmap_set won't work. :( + if [ -f /var/run/portmap.upgrade-state ]; then + log_begin_msg "Restoring old RPC service information..." + pmap_set /var/run/portmap.state + start-stop-daemon --stop --quiet --oknodo --exec /sbin/portmap + log_end_msg $? + ;; + force-reload) + $0 restart + ;; + restart) + $0 stop + $0 start + ;; + *) + log_success_msg "Usage: /etc/init.d/portmap {start|stop|force-reload|restart}" + exit 1 + ;; +esac + +exit 0 + --- portmap-5.orig/debian/postinst +++ portmap-5/debian/postinst @@ -0,0 +1,81 @@ +#!/bin/sh +set -e + +. /usr/share/debconf/confmodule + +if [ "$1" = "configure" ] && [ -n "$2" ] && + dpkg --compare-versions "$2" lt 5-3; then + err=$(update-rc.d -f portmap remove 2>&1 > /dev/null) || { + echo "$err" >&2 + exit 1 + } +fi + +if [ "$1" = "configure" ] && [ -n "$2" ] && dpkg --compare-versions "$2" lt "5-7ubuntu2"; then + db_set portmap/loopback true +fi + +CONFFILE="/etc/default/portmap" + +# be consistent with Debian +if [ -e "$CONFFILE" ]; then + sed -i -e 's/ARGS/OPTIONS/g' "$CONFFILE" +else + echo -e "# By default, listen only on the loopback interface\nOPTIONS=\"-i 127.0.0.1\"" > "$CONFFILE" +fi + +. "$CONFFILE" + +# Start configuration +if [ "$1" = configure ] || [ "$1" = reconfigure ] ; then + + portmap_changed=0 + + db_get portmap/loopback + + if [ "$RET" = true ]; then + # first we need to understand if there is OPTIONS somewhere + # and if not, add it with a sane default. + if [ "$1" = "configure" ] && [ -n "$2" ] && ! grep -q OPTIONS "$CONFFILE" >/dev/null 2>&1 ; then + echo "OPTIONS=\"-i 127.0.0.1\"" >> "$CONFFILE" + portmap_changed=1 + fi + # if OPTION is not at the beginning, make it so + # XXX: only the last OPTIONS will be used, but we don't know + # if the user is chaining the values, so it seems to be reasonably safe. + if ! grep -q ^OPTIONS "$CONFFILE" >/dev/null 2>&1; then + sed -i -e 's/.*OPTIONS/OPTIONS/g' "$CONFFILE" + portmap_changed=1 + fi + # sorce again the result + . "$CONFFILE" + # check if loopback is not in the string + if [ -z "$(echo $OPTIONS | grep "127.0.0.1")" ]; then + OPTIONS="$OPTIONS -i 127.0.0.1" + sed -i -e 's/OPTIONS.*/OPTIONS=\"'"$OPTIONS"'\"/g' "$CONFFILE" + portmap_changed=1 + fi + else + if [ "$1" = "configure" ] && [ -n "$2" ] && ! grep -q OPTIONS "$CONFFILE" >/dev/null 2>&1 ; then + echo "OPTIONS=\"\"" >> "$CONFFILE" + fi +# Just reverse the change above in case a user wants to go from 'true' +# to 'false' at some point. + OPTIONS="$(echo $OPTIONS | sed -e 's/-i 127.0.0.1//g')" + sed -i -e 's/^OPTIONS.*/OPTIONS=\"'"$OPTIONS"'\"/g' "$CONFFILE" + portmap_changed=1 + fi + +#if [ "$portmap_changed" -eq 1 ] ; then +# Do something is settings changed? We might want to +# check which RPC services are out there and restart them too... +#fi + + db_stop +fi +# End of configuration + +#DEBHELPER# + +exit 0 + --- portmap-5.orig/debian/config +++ portmap-5/debian/config @@ -0,0 +1,28 @@ +#!/bin/sh -e +# config script for portmap + +action=$1 +version=$2 + +# Source debconf library. +. /usr/share/debconf/confmodule + +if [ -e /etc/default/portmap ]; then + . /etc/default/portmap + if [ -n "$(echo $ARGS | grep "127.0.0.1")" ] || [ -n "$(echo $OPTIONS | grep "127.0.0.1")" ]; then + db_set portmap/loopback true + else + db_set portmap/loopback false + fi +fi + +if [ "$action" = "configure" ] || [ "$action" = "reconfigure" ]; then + db_input medium portmap/loopback || true + db_go || true +fi + +db_go + +#DEBHELPER# + +exit 0 --- portmap-5.orig/debian/postrm +++ portmap-5/debian/postrm @@ -0,0 +1,7 @@ +#!/bin/sh + +if [ "$1" = purge ] && [ -e /etc/default/portmap ]; then + rm -f /etc/default/portmap +fi + +#DEBHELPER# --- portmap-5.orig/debian/changelog +++ portmap-5/debian/changelog @@ -0,0 +1,213 @@ +portmap (5-10ubuntu3) breezy; urgency=low + + * Set portmap/loopback default to false, as it should have been at the start + of Breezy + + -- Matt Zimmerman Tue, 16 Aug 2005 14:36:32 -0700 + +portmap (5-10ubuntu2) breezy; urgency=low + + * Fix handling of /etc/default/portmap. + + -- Fabio M. Di Nitto Fri, 15 Apr 2005 17:26:06 +0200 + +portmap (5-10ubuntu1) breezy; urgency=low + + * Resynchronise with Debian. + + -- Scott James Remnant Thu, 14 Apr 2005 22:46:59 +0100 + +portmap (5-10) unstable; urgency=high + + * Re-added the debconf configuration, although the default for this is now + to have portamp listening in all interfaces. The debconf setting + allows system administrators, base-config and cdd developers to preseed + this value to 'true' (link only to the loopback interface) if needed. + Patch by Javier Fernández-Sanguino Peña . + Closes: #301130, #286301. + * Thanks to the following translators for their contribution: + cs Miroslav Kure + da Claus Hindsgaul + es Javier Fernández-Sanguino Peña + fr Stephane Fombonne + it Luca Monducci + ja Kenshi Muto + pt_BR André Luís Lopes + uk Eugeniy Meshcheryakov + * Fixed "incomplete chroot patch from #274178", closes: #301535. + + -- Anibal Monsalve Salazar Mon, 11 Apr 2005 14:03:26 +1000 + +portmap (5-9) unstable; urgency=high + + * The following patch was applied to portmap.c: + - while ((c = getopt(argc, argv, "dtvi:")) != EOF) { + + while ((c = getopt(argc, argv, "dt:vi:")) != EOF) { + See bug #274178. + + -- Anibal Monsalve Salazar Sun, 20 Mar 2005 19:00:54 +1100 + +portmap (5-8) unstable; urgency=low + + * Fixed "discards port mappings on stop; start" (Closes: #293743). + * Compilation warnings cleanup (Closes: #266481). + Patch by Mark Ferlatte + * Option to chroot portmap (Closes: #274178). + Patch by Mark Ferlatte + * New maintainer's email address. + + -- Anibal Monsalve Salazar Mon, 07 Feb 2005 21:47:42 +1100 + +portmap (5-7ubuntu3) hoary; urgency=low + + * The "I'M SO STUPID IT HURTS" release + * Really ensure portmap only listens to localhost on upgrades from warty + + -- Thom May Mon, 13 Dec 2004 15:33:10 +0100 + +portmap (5-7ubuntu2) hoary; urgency=low + + * Listen on all interfaces by default. (Ubuntu #4140) + + -- Thom May Mon, 13 Dec 2004 14:29:31 +0100 + +portmap (5-7ubuntu1) hoary; urgency=low + + * Resynchronise with Debian. + + -- Matthias Klose Mon, 15 Nov 2004 15:05:56 +0000 + +portmap (5-7) unstable; urgency=high + + * Fixed "Silently changes to bind to localhost only" (Closes: #280026, #280128, #280553). + Commented out the OPTION line in /etc/default/portmap. + * Removed debconf note (Closes: #280371, #280554, #280414). + Patches supplied (but not applied) by: + Andre Luis Lopes + Kenshi Muto + Jose Carlos Garcia Sogo + * Fixed "Manpage is wrong" (Closes: #280421). + Changed portmap.8. + + -- Anibal Monsalve Salazar Wed, 10 Nov 2004 20:34:44 +1100 + +portmap (5-6) unstable; urgency=high + + * Fixed "Silently changes to bind to localhost only" (Closes: #280026). + Display a medium debconf note to let users know about portmap's + binding to the loopback address by default. + + -- Anibal Monsalve Salazar Mon, 08 Nov 2004 07:23:19 +1100 + +portmap (5-5) unstable; urgency=high + + * Implemented -i option to allow binding to a particular address (Closes: #246935). + Patch by Matt Zimmerman . + Soeren Sonnenburg supplied the original version of the + patch. + * Bind to the loopback address by default. + Patch by Matt Zimmerman . + * debian/init.d: added --oknodo to make sure portmap script returns 0 + Patch by Matt Zimmerman . + + -- Anibal Monsalve Salazar Fri, 05 Nov 2004 06:57:29 +1100 + +portmap (5-4ubuntu5) warty; urgency=low + + * Fix s/OPTIONS/ARGS/ in /etc/default/portmap + + -- Fabio M. Di Nitto Thu, 14 Oct 2004 08:28:18 +0200 + +portmap (5-4ubuntu4) warty; urgency=low + + * Implement -i option to allow binding to a particular address + * Bind to the loopback address by default + + -- Matt Zimmerman Tue, 12 Oct 2004 21:57:58 -0700 + +portmap (5-4ubuntu3) warty; urgency=low + + * debian/init.d: added --oknodo to make sure portmap script returns 0 + when portmap is already running (#995) + + -- Nathaniel McCallum Fri, 3 Sep 2004 18:01:24 -0400 + +portmap (5-4ubuntu2) warty; urgency=low + + * Added versioned depend on lsb-base + + -- Nathaniel McCallum Fri, 3 Sep 2004 15:13:38 -0400 + +portmap (5-4ubuntu1) warty; urgency=low + + * debian/init.d: pretty initscript + + -- Nathaniel McCallum Fri, 3 Sep 2004 11:43:05 -0400 + +portmap (5-4) unstable; urgency=low + + * New maintainer. + + -- Anibal Monsalve Salazar Thu, 20 May 2004 09:52:29 +1000 + +portmap (5-3) unstable; urgency=low + + * New maintainer (closes: #210768, #241674). + * Fixed hosts.allow example in portmap(8) (closes: #29142, #229004). + * Moved rcS script to 43 from 41 (closes: #196150). + + -- Herbert Xu Sat, 3 Apr 2004 20:32:41 +1000 + +portmap (5-2.3) unstable; urgency=low + + * Non maintainer upload. + * Call setgroups instead of initgroup (closes: #226681). + * Removed emacs trailer in changelog. + + -- Herbert Xu Sat, 27 Mar 2004 09:47:23 +1100 + +portmap (5-2.2) unstable; urgency=low + + * NMU + * Update to debhelper mode 4, cleanups in debian/ (closes: #162586). + * Standards-version is 3.6.1. + * Start portmap in runlevels 2 to 5, at priority 18. Also stop it for + runlevel 1 before it is killed by `single' + (closes: #159925, #216107, #60367, #93599, #101726, #130360). + * Stop it at S32 in runlevels 0 and 6, after umountnfs.sh (closes: #138023). + * Force the symlink update for older versions so that all packages don't + have to start portmap before their own daemon. + * Don't ship README's content in portmapper.txt. + + -- Josselin Mouette Fri, 20 Feb 2004 17:11:03 +0100 + +portmap (5-2.1) unstable; urgency=low + + * NMU + * [pmap_check.c] Drop group privileges as well. (Closes: #58864) + * [portmap.c] Corrected error message for failure to bind with tcp. + (Closes: #61876) + * [portmap.c, Makefile] Use glibc's strerror() and daemon(). (Closes: #106380) + * [portmap.c] Don't declare extern int errno but #include so as + not to reference the deprecated errno@GLIBC_2.0 symbol. (Closes: #168530) + * New upload, built using newer binutils which should fix the prelinking + issue on powerpc. (Closes: #176352) + * [debian/copyright] Updated the upstream location. (Closes: #181807) + * [debian/rules] Removed obsolete dh_suidregister. + + -- J.H.M. Dassen (Ray) Sat, 13 Sep 2003 17:08:22 +0200 + +portmap (5-2) unstable; urgency=low + + * Fix from_local.c to declare some functions it uses correctly. Thanks + to Bdale Garbee. (Closes: Bug#90090) + * Add -Wall to CFLAGS, and fix most of the warnings it comes up with. + + -- Anthony Towns Sun, 18 Mar 2001 19:04:25 +1000 + +portmap (5-1) unstable; urgency=low + + * Initial Release. + + -- Anthony Towns Sat, 5 Aug 2000 22:08:49 +1000 + --- portmap-5.orig/pmap_set.8 +++ portmap-5/pmap_set.8 @@ -0,0 +1,24 @@ +.TH PMAP_SET 8 "21th June 1997" Linux "Linux Programmer's Manual" +.SH NAME +pmap_set \- set the list of registered RPC programs +.SH SYNOPSIS +.B pmap_set +.SH DESCRIPTION +The +.B pmap_set +command can be used to restart a running portmapper or to set +the list of registered RPC programs on the local host. If you +want to use the program to restart the portmapper you have to +redirect the output of +.B pmap_dump +to a file. After this you can restart the portmapper and restore +the list of the registered RPC programs by feeding the output +of +.B pmap_dump +to the +.B pmap_set +command. +.SH SEE ALSO +.BR pmap_dump (8), +.BR rpc.portmap (8) + --- portmap-5.orig/pmap_dump.8 +++ portmap-5/pmap_dump.8 @@ -0,0 +1,24 @@ +.TH PMAP_DUMP 8 "21th June 1997" Linux "Linux Programmer's Manual" +.SH NAME +pmap_dump \- print a list of all registered RPC programs +.SH SYNOPSIS +.B pmap_dump +.SH DESCRIPTION +The +.B pmap_dump +command can be used to restart a running portmapper or to print +a list of all registered RPC programs on the local host. If you +want to use the program to restart the portmapper you have to +redirect the output of +.B pmap_dump +to a file. After this you can restart the portmapper and restore +the list of the registered RPC programs by feeding the output +of +.B pmap_dump +to the +.B pmap_set +command. +.SH SEE ALSO +.BR pmap_set (8), +.BR rpc.portmap (8) + --- portmap-5.orig/portmap.8 +++ portmap-5/portmap.8 @@ -0,0 +1,167 @@ +.\" Copyright (c) 1987 Sun Microsystems +.\" Copyright (c) 1990, 1991 The Regents of the University of California. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" from: @(#)portmap.8 5.3 (Berkeley) 3/16/91 +.\" $Id: portmap.8,v 1.2 2004/04/03 09:30:21 herbert Exp $ +.\" +.Dd March 16, 1991 +.Dt PORTMAP 8 +.Os BSD 4.3 +.Sh NAME +.Nm portmap +.Nd +.Tn DARPA +port to +.Tn RPC +program number mapper +.Sh SYNOPSIS +.Nm portmap +.Op Fl d +.Op Fl t Ar dir +.Op Fl v +.Op Fl i Ar address +.Sh DESCRIPTION +.Nm Portmap +is a server that converts +.Tn RPC +program numbers into +.Tn DARPA +protocol port numbers. +It must be running in order to make +.Tn RPC +calls. +.Pp +When an +.Tn RPC +server is started, it will tell +.Nm portmap +what port number it is listening to, and what +.Tn RPC +program numbers it is prepared to serve. +When a client wishes to make an +.Tn RPC +call to a given program number, +it will first contact +.Nm portmap +on the server machine to determine +the port number where +.Tn RPC +packets should be sent. +.Pp +.Nm Portmap +must be started before any +.Tn RPC +servers are invoked. +.Pp +Normally +.Nm portmap +forks and dissociates itself from the terminal +like any other daemon. +.Nm Portmap +then logs errors using +.Xr syslog 3 . +.Pp +Options available: +.Bl -tag -width Ds +.It Fl d +(debug) prevents +.Nm portmap +from running as a daemon, +and causes errors and debugging information +to be printed to the standard error output. +.It Fl t Ar dir +(chroot) tell +.Nm portmap +to +.Xr chroot 2 +into +.Ar dir . +.Ar dir +should be empty, not writeable by the daemon user, and preferably on a +filesystem mounted read-only, noexec, nodev, and nosuid. +.It Fl v +(verbose) run +.Nm portmap +in verbose mode. +.It Fl i Ar address +bind +.Nm portmap +to address. If you specify 127.0.0.1 it will bind to the loopback interface only. +.El + +This +.Nm portmap +version is protected by the +.Nm tcp_wrapper +library. You have to give the clients access to +.Nm portmap +if they should be allowed to use it. To allow connects from clients of +the network 192.168. you could use the following line in /etc/hosts.allow: + +portmap: 192.168. + +You have to use the daemon name +.Nm portmap +for the daemon name (even if the binary has a different name). For the +client names you can only use the keyword ALL or IP addresses (NOT +host or domain names). + +For further information please have a look at the +.Xr tcpd 8 , +.Xr hosts_allow 5 +and +.Xr hosts_access 5 +manual pages. + +.Sh SEE ALSO +.Xr inetd.conf 5 , +.Xr rpcinfo 8 , +.Xr pmap_set 8 , +.Xr pmap_dump 8 , +.Xr inetd 8 +.Xr tcpd 8 +.Xr hosts_access 5 +.Xr hosts_options 5 +.Sh BUGS +If +.Nm portmap +crashes, all servers must be restarted. +.Sh HISTORY +The +.Nm +command appeared in +.Bx 4.3 +.Sh AUTHORS +This +manual page was changed by +.An Anibal Monsalve Salazar +for the Debian Project. --- portmap-5.orig/portmap.c +++ portmap-5/portmap.c @@ -80,6 +80,10 @@ * Mountain View, California 94043 */ +#if defined(__GLIBC__) +#define _BSD_SOURCE 1 /* for daemon(3) */ +#include +#endif /* __GLIBC__ */ #include #include #include @@ -91,11 +95,13 @@ #include #include #include -#ifdef SYSV40 #include -#endif +#include +#include +#include +#include +#include -extern char *strerror(); #include #ifndef LOG_PERROR @@ -124,7 +130,6 @@ static void callit(); struct pmaplist *pmaplist; int debugging = 0; -extern int errno; #include "pmap_check.h" @@ -148,6 +153,7 @@ #endif #endif +int main(argc, argv) int argc; char **argv; @@ -157,22 +163,31 @@ struct sockaddr_in addr; int len = sizeof(struct sockaddr_in); register struct pmaplist *pml; + char *chroot_path = NULL; + struct in_addr bindaddr; + int have_bindaddr = 0; - while ((c = getopt(argc, argv, "dv")) != EOF) { + while ((c = getopt(argc, argv, "dt:vi:")) != EOF) { switch (c) { case 'd': debugging = 1; break; - + case 't': + chroot_path = optarg; + break; case 'v': verboselog = 1; break; - + case 'i': + have_bindaddr = inet_aton(optarg, &bindaddr); + break; default: - (void) fprintf(stderr, "usage: %s [-dv]\n", argv[0]); + (void) fprintf(stderr, "usage: %s [-dv] [-t dir] [-i address]\n", argv[0]); (void) fprintf(stderr, "-d: debugging mode\n"); + (void) fprintf(stderr, "-t dir: chroot into dir\n"); (void) fprintf(stderr, "-v: verbose logging\n"); + (void) fprintf(stderr, "-i address: bind to address\n"); exit(1); } } @@ -183,10 +198,12 @@ } #ifdef LOG_MAIL - openlog("portmap", debugging ? LOG_PID | LOG_PERROR : LOG_PID, + openlog("portmap", + debugging ? LOG_PID | LOG_NDELAY | LOG_PERROR : LOG_PID | LOG_NDELAY, FACILITY); #else - openlog("portmap", debugging ? LOG_PID | LOG_PERROR : LOG_PID); + openlog("portmap", + debugging ? LOG_PID | LOG_NDELAY | LOG_PERROR : LOG_PID | LOG_NDELAY); #endif if ((sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) { @@ -201,6 +218,9 @@ addr.sin_addr.s_addr = 0; addr.sin_family = AF_INET; addr.sin_port = htons(PMAPPORT); + if (have_bindaddr) + memcpy(&addr.sin_addr, &bindaddr, sizeof(bindaddr)); + if (bind(sock, (struct sockaddr *)&addr, len) != 0) { syslog(LOG_ERR, "cannot bind udp: %m"); exit(1); @@ -227,7 +247,7 @@ setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof on); #endif if (bind(sock, (struct sockaddr *)&addr, len) != 0) { - syslog(LOG_ERR, "cannot bind udp: %m"); + syslog(LOG_ERR, "cannot bind tcp: %m"); exit(1); } if ((xprt = svctcp_create(sock, RPCSMALLMSGSIZE, RPCSMALLMSGSIZE)) @@ -280,6 +300,14 @@ (void)svc_register(xprt, PMAPPROG, PMAPVERS, reg_service, FALSE); /* additional initializations */ + if (chroot_path) + { + if (-1 == chroot(chroot_path)) + { + syslog(LOG_ERR, "couldn't do chroot"); + exit(1); + } + } check_startup(); #ifdef IGNORE_SIGCHLD /* Lionel Cons */ (void)signal(SIGCHLD, SIG_IGN); @@ -350,7 +378,7 @@ */ /* remote host authorization check */ check_default(svc_getcaller(xprt), rqstp->rq_proc, (u_long) 0); - if (!svc_sendreply(xprt, xdr_void, (caddr_t)0) && debugging) { + if (!svc_sendreply(xprt, (xdrproc_t) xdr_void, (caddr_t)0) && debugging) { abort(); } break; @@ -359,7 +387,7 @@ /* * Set a program,version to port mapping */ - if (!svc_getargs(xprt, xdr_pmap, ®)) + if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (caddr_t) ®)) svcerr_decode(xprt); else { /* reject non-local requests, protect priv. ports */ @@ -401,7 +429,7 @@ ans = 1; } done: - if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&ans)) && + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_int, (caddr_t)&ans)) && debugging) { (void) fprintf(stderr, "svc_sendreply\n"); abort(); @@ -413,7 +441,7 @@ /* * Remove a program,version to port mapping. */ - if (!svc_getargs(xprt, xdr_pmap, ®)) + if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (caddr_t) ®)) svcerr_decode(xprt); else { ans = 0; @@ -447,7 +475,7 @@ prevpml->pml_next = pml; free(t); } - if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&ans)) && + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_int, (caddr_t)&ans)) && debugging) { (void) fprintf(stderr, "svc_sendreply\n"); abort(); @@ -459,7 +487,7 @@ /* * Lookup the mapping for a program,version and return its port */ - if (!svc_getargs(xprt, xdr_pmap, ®)) + if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (caddr_t) ®)) svcerr_decode(xprt); else { /* remote host authorization check */ @@ -474,7 +502,7 @@ port = fnd->pml_map.pm_port; else port = 0; - if ((!svc_sendreply(xprt, xdr_int, (caddr_t)&port)) && + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_int, (caddr_t)&port)) && debugging) { (void) fprintf(stderr, "svc_sendreply\n"); abort(); @@ -486,7 +514,7 @@ /* * Return the current set of mapped program,version */ - if (!svc_getargs(xprt, xdr_void, NULL)) + if (!svc_getargs(xprt, (xdrproc_t) xdr_void, (caddr_t) NULL)) svcerr_decode(xprt); else { /* remote host authorization check */ @@ -497,7 +525,7 @@ } else { p = pmaplist; } - if ((!svc_sendreply(xprt, xdr_pmaplist, + if ((!svc_sendreply(xprt, (xdrproc_t) xdr_pmaplist, (caddr_t)&p)) && debugging) { (void) fprintf(stderr, "svc_sendreply\n"); abort(); @@ -645,7 +673,7 @@ timeout.tv_sec = 5; timeout.tv_usec = 0; a.rmt_args.args = buf; - if (!svc_getargs(xprt, xdr_rmtcall_args, &a)) + if (!svc_getargs(xprt, (xdrproc_t) xdr_rmtcall_args, (caddr_t) &a)) return; /* host and service access control */ if (!check_callit(svc_getcaller(xprt), @@ -674,9 +702,9 @@ au->aup_uid, au->aup_gid, au->aup_len, au->aup_gids); } a.rmt_port = (u_long)port; - if (clnt_call(client, a.rmt_proc, xdr_opaque_parms, &a, - xdr_len_opaque_parms, &a, timeout) == RPC_SUCCESS) { - svc_sendreply(xprt, xdr_rmtcall_result, (caddr_t)&a); + if (clnt_call(client, a.rmt_proc, (xdrproc_t) xdr_opaque_parms, (char*) &a, + (xdrproc_t) xdr_len_opaque_parms, (char*) &a, timeout) == RPC_SUCCESS) { + svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (caddr_t)&a); } AUTH_DESTROY(client->cl_auth); clnt_destroy(client); --- portmap-5.orig/pmap_set.c +++ portmap-5/pmap_set.c @@ -17,6 +17,10 @@ #include #include +int parse_line(char *buf, u_long *prog, u_long *vers, int *prot, + unsigned *port); + +int main(argc, argv) int argc; char **argv; @@ -40,6 +44,7 @@ /* parse_line - convert line to numbers */ +int parse_line(buf, prog, vers, prot, port) char *buf; u_long *prog; @@ -47,9 +52,9 @@ int *prot; unsigned *port; { - char proto_name[BUFSIZ]; + char proto_name[256]; - if (sscanf(buf, "%lu %lu %s %u", prog, vers, proto_name, port) != 4) { + if (sscanf(buf, "%lu %lu %255s %u", prog, vers, proto_name, port) != 4) { return (0); } if (strcmp(proto_name, "tcp") == 0) { @@ -65,3 +70,4 @@ } return (0); } + --- portmap-5.orig/pmap_dump.c +++ portmap-5/pmap_dump.c @@ -23,6 +23,20 @@ static char *protoname(); +#ifndef INADDR_LOOPBACK +#define INADDR_LOOPBACK ntohl(inet_addr("127.0.0.1")) +#endif + +static void get_myloopaddress(addrp) +struct sockaddr_in *addrp; +{ + memset((char *) addrp, 0, sizeof(*addrp)); + addrp->sin_family = AF_INET; + addrp->sin_port = htons(PMAPPORT); + addrp->sin_addr.s_addr = htonl(INADDR_LOOPBACK); +} + +int main(argc, argv) int argc; char **argv; @@ -31,7 +45,7 @@ register struct pmaplist *list; register struct rpcent *rpc; - get_myaddress(&addr); + get_myloopaddress(&addr); for (list = pmap_getmaps(&addr); list; list = list->pml_next) { rpc = getrpcbynumber((int) list->pml_map.pm_prog); --- portmap-5.orig/from_local.c +++ portmap-5/from_local.c @@ -51,6 +51,9 @@ #include #include #include +#include +#include +#include #ifndef TRUE #define TRUE 1 @@ -96,6 +99,7 @@ /* find_local - find all IP addresses for this host */ +int find_local() { struct ifconf ifc; @@ -154,6 +158,7 @@ /* from_local - determine whether request comes from the local system */ +int from_local(addr) struct sockaddr_in *addr; { --- portmap-5.orig/pmap_check.c +++ portmap-5/pmap_check.c @@ -41,10 +41,14 @@ #include #include #include +#include #ifdef SYSV40 #include #include #endif +#include +#include +#include extern char *inet_ntoa(); @@ -101,15 +105,25 @@ * Give up root privileges so that we can never allocate a privileged * port when forwarding an rpc request. */ + if (setgid(1) == -1) { + syslog(LOG_ERR, "setgid(1) failed: %m"); + exit(1); + } + if (setgroups(0, 0) == -1) { + syslog(LOG_ERR, "setgroups(0, 0) failed: %m"); + exit(1); + } if (setuid(1) == -1) { syslog(LOG_ERR, "setuid(1) failed: %m"); exit(1); } + (void) signal(SIGINT, toggle_verboselog); } /* check_default - additional checks for NULL, DUMP, GETPORT and unknown */ +int check_default(addr, proc, prog) struct sockaddr_in *addr; u_long proc; @@ -128,6 +142,7 @@ /* check_privileged_port - additional checks for privileged-port updates */ +int check_privileged_port(addr, proc, prog, port) struct sockaddr_in *addr; u_long proc; @@ -173,6 +188,7 @@ #else +int check_setunset(addr, proc, prog, port) struct sockaddr_in *addr; u_long proc; @@ -197,6 +213,7 @@ /* check_callit - additional checks for forwarded requests */ +int check_callit(addr, proc, prog, aproc) struct sockaddr_in *addr; u_long proc; @@ -249,13 +266,13 @@ }; struct proc_map *procp; static struct proc_map procmap[] = { - PMAPPROC_CALLIT, "callit", - PMAPPROC_DUMP, "dump", - PMAPPROC_GETPORT, "getport", - PMAPPROC_NULL, "null", - PMAPPROC_SET, "set", - PMAPPROC_UNSET, "unset", - 0, 0, + {PMAPPROC_CALLIT, "callit"}, + {PMAPPROC_DUMP, "dump"}, + {PMAPPROC_GETPORT, "getport"}, + {PMAPPROC_NULL, "null"}, + {PMAPPROC_SET, "set"}, + {PMAPPROC_UNSET, "unset"}, + {0, 0}, }; /* @@ -269,7 +286,7 @@ if (prognum == 0) { progname = ""; - } else if (rpc = getrpcbynumber((int) prognum)) { + } else if ((rpc = getrpcbynumber((int) prognum))) { progname = rpc->r_name; } else { sprintf(progname = progbuf, "%lu", prognum); --- portmap-5.orig/daemon.c +++ portmap-5/daemon.c @@ -36,11 +36,8 @@ #endif /* LIBC_SCCS and not lint */ #include - -/* From unistd.h */ -#define STDIN_FILENO 0 -#define STDOUT_FILENO 1 -#define STDERR_FILENO 2 +#include +#include /* From paths.h */ #define _PATH_DEVNULL "/dev/null" --- portmap-5.orig/Makefile +++ portmap-5/Makefile @@ -8,7 +8,7 @@ # if you disagree. See `man 3 syslog' for examples. Some syslog versions # do not provide this flexibility. # -FACILITY=LOG_MAIL +FACILITY=LOG_DAEMON # To disable tcp-wrapper style access control, comment out the following # macro definitions. Access control can also be turned off by providing @@ -16,7 +16,8 @@ # daemon, is always treated as an authorized host. HOSTS_ACCESS= -DHOSTS_ACCESS -WRAP_LIB = $(WRAP_DIR)/libwrap.a +#WRAP_LIB = $(WRAP_DIR)/libwrap.a +WRAP_LIB = -lwrap # Comment out if your RPC library does not allocate privileged ports for # requests from processes with root privilege, or the new portmap will @@ -71,7 +72,7 @@ # With verbose logging on, HP-UX 9.x and AIX 4.1 leave zombies behind when # SIGCHLD is not ignored. Enable next macro for a fix. # -# ZOMBIES = -DIGNORE_SIGCHLD # AIX 4.x, HP-UX 9.x +ZOMBIES = -DIGNORE_SIGCHLD # AIX 4.x, HP-UX 9.x # Uncomment the following macro if your system does not have u_long. # @@ -81,11 +82,14 @@ # libwrap.a object library. WRAP_DIR should specify the directory with # that library. -WRAP_DIR= ../tcp_wrappers +WRAP_DIR= $(TCPD_DIR) # Auxiliary object files that may be missing from your C library. # -AUX = daemon.o strerror.o +#AUX = daemon.o strerror.o + +# glibc has strerror() (it's POSIX) and daemon() (when compiling -D_BSD_SOURCE) +AUX = # NEXTSTEP is a little different. The following seems to work with NS 3.2 # @@ -99,22 +103,31 @@ # Comment out if your compiler talks ANSI and understands const # -CONST = -Dconst= +#CONST = -Dconst= ### End of configurable stuff. ############################## +GLIBC=$(shell grep -s -c __GLIBC__ /usr/include/features.h) + +ifeq ($(GLIBC),0) +LIBS += # -lbsd +else +LIBS += -lnsl +endif + + SHELL = /bin/sh -COPT = $(CONST) -Dperror=xperror $(HOSTS_ACCESS) $(CHECK_PORT) \ +COPT = $(CONST) $(HOSTS_ACCESS) $(CHECK_PORT) \ $(SYS) -DFACILITY=$(FACILITY) $(ULONG) $(ZOMBIES) $(SA_LEN) \ $(LOOPBACK) $(SETPGRP) -CFLAGS = $(COPT) -O $(NSARCHS) +CFLAGS = -Wall $(COPT) -O2 $(NSARCHS) OBJECTS = portmap.o pmap_check.o from_local.o $(AUX) all: portmap pmap_dump pmap_set -portmap: $(OBJECTS) $(WRAP_DIR)/libwrap.a +portmap: $(OBJECTS) # $(WRAP_DIR)/libwrap.a $(CC) $(CFLAGS) -o $@ $(OBJECTS) $(WRAP_LIB) $(LIBS) pmap_dump: pmap_dump.c @@ -129,6 +142,17 @@ get_myaddress: get_myaddress.c cc $(CFLAGS) -DTEST -o $@ get_myaddress.c $(LIBS) +install: all + install -o root -g root -m 0755 -s portmap ${BASEDIR}/sbin + install -o root -g root -m 0755 -s pmap_dump ${BASEDIR}/sbin + install -o root -g root -m 0755 -s pmap_set ${BASEDIR}/sbin + install -o root -g root -m 0644 portmap.8 ${BASEDIR}/usr/share/man/man8 + install -o root -g root -m 0644 pmap_dump.8 ${BASEDIR}/usr/share/man/man8 + install -o root -g root -m 0644 pmap_set.8 ${BASEDIR}/usr/share/man/man8 + cat BLURB >${BASEDIR}/usr/share/doc/portmap/portmapper.txt + gzip -9f ${BASEDIR}/usr/share/doc/portmap/portmapper.txt + + lint: lint $(COPT) $(OBJECTS:%.o=%.c)