From ${URL} : rpcbind offers a "-h" option that binds rpcbind to a specific IP address. If the "-h" option is not used then rpcbind will attach to INADDR_ANY (0.0.0.0 for ipv4, ::: for ipv6). When "rpcbind -h 127.0.0.1" is specified rpcbind still attaches to all IP addresses: # rpcbind -h 127.0.0.1 # ps xauww | grep rpcbind root 24618 0.0 0.0 19172 848 ? Ss 00:19 0:00 rpcbind -h 127.0.0.1 # netstat -vatn | grep 111 tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 :::111 :::* LISTEN However if you check using nmap: # nmap -sU -p 111 192.168.1.2 Starting Nmap 5.51 ( http://nmap.org ) at 2012-08-28 00:19 MDT Nmap scan report for 192.168.1.2 Host is up (0.00045s latency). PORT STATE SERVICE 111/udp closed rpcbind MAC Address: 00:00:45:67:89:AB (Cadmus Computer Systems) Nmap done: 1 IP address (1 host up) scanned in 0.39 seconds So this is good right? Except if you run rpcinfo: [root@fw00 ~]# rpcinfo 192.168.1.2 program version netid address service owner 100000 4 tcp6 ::.0.111 portmapper superuser 100000 3 tcp6 ::.0.111 portmapper superuser 100000 4 udp6 ::1.0.111 portmapper superuser 100000 3 udp6 ::1.0.111 portmapper superuser 100000 4 tcp 0.0.0.0.0.111 portmapper superuser 100000 3 tcp 0.0.0.0.0.111 portmapper superuser 100000 2 tcp 0.0.0.0.0.111 portmapper superuser 100000 4 udp 127.0.0.1.0.111 portmapper superuser 100000 3 udp 127.0.0.1.0.111 portmapper superuser 100000 2 udp 127.0.0.1.0.111 portmapper superuser 100000 4 local /var/run/rpcbind.sock portmapper superuser 100000 3 local /var/run/rpcbind.sock portmapper superuser @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
see discussion in the redhat bug. they've labeled this NOTABUG.
