I have been told to disable the rpc processes such as rstat and rusers on some servers for security concerns, what if I am running NFS on those servers. Would it affect the NFS since both rstat and rusers are nfs daemons??
I MUST have the NFS running on the server. Can I disable rstat and rusers without affecting NFS???
Any feedback is appreciated.
Thanks,
mitsurughi
Solaris 10 allows you to check the dependencies that different services have on each other. You can check for this using the 'svcs -d' command.
For example, on a Solaris 10 box at work:
$ svcs -d nfs/server
STATE STIME FMRI
disabled Mar_01 svc:/network/rpc/keyserv:default
disabled Mar_01 svc:/network/rpc/gss:default
online Mar_01 svc:/milestone/network:default
online Mar_01 svc:/system/filesystem/local:default
online Mar_01 svc:/network/rpc/bind:default
online Mar_01 svc:/network/nfs/nlockmgr:default
online Mar_01 svc:/network/nfs/mapid:default
So, to run NFS server, you need keyserv and gss services to run (apart from what is already online). Your server will have similar dependencies - check using 'svcs -d'. Note that the services that the command throws as output will have their own dependencies.
I found out from another post that the NFS server needs to have nfsd, statd, lockd and mountd initiated and NFS client needs to have lockd and statd. So I went ahead and stopped rstat and rusers services.
Mitsurughi