diff --git a/nfs-utils-2.3.3-man-tcpwrappers.patch b/nfs-utils-2.3.3-man-tcpwrappers.patch new file mode 100644 index 0000000..65fee3a --- /dev/null +++ b/nfs-utils-2.3.3-man-tcpwrappers.patch @@ -0,0 +1,89 @@ +diff -up nfs-utils-2.3.3/utils/mountd/mountd.man.orig nfs-utils-2.3.3/utils/mountd/mountd.man +--- nfs-utils-2.3.3/utils/mountd/mountd.man.orig 2018-09-06 14:09:08.000000000 -0400 ++++ nfs-utils-2.3.3/utils/mountd/mountd.man 2018-10-26 09:53:10.005127368 -0400 +@@ -232,36 +232,7 @@ section include + which each have same same meaning as given by + .BR rpc.nfsd (8). + +-.SH TCP_WRAPPERS SUPPORT +-You can protect your +-.B rpc.mountd +-listeners using the +-.B tcp_wrapper +-library or +-.BR iptables (8). +-.PP +-Note that the +-.B tcp_wrapper +-library supports only IPv4 networking. +-.PP +-Add the hostnames of NFS peers that are allowed to access +-.B rpc.mountd +-to +-.IR /etc/hosts.allow . +-Use the daemon name +-.B mountd +-even if the +-.B rpc.mountd +-binary has a different name. +-.PP +-Hostnames used in either access file will be ignored when +-they can not be resolved into IP addresses. +-For further information see the +-.BR tcpd (8) +-and +-.BR hosts_access (5) +-man pages. +-.SS IPv6 and TI-RPC support ++.SH IPv6 and TI-RPC support + TI-RPC is a pre-requisite for supporting NFS on IPv6. + If TI-RPC support is built into + .BR rpc.mountd , +@@ -288,7 +259,6 @@ table of clients accessing server's expo + .BR nfs (5), + .BR nfs.conf (5), + .BR tcpd (8), +-.BR hosts_access (5), + .BR iptables (8), + .BR netconfig (5) + .sp +diff -up nfs-utils-2.3.3/utils/statd/statd.man.orig nfs-utils-2.3.3/utils/statd/statd.man +--- nfs-utils-2.3.3/utils/statd/statd.man.orig 2018-10-26 09:52:27.609358805 -0400 ++++ nfs-utils-2.3.3/utils/statd/statd.man 2018-10-26 09:53:37.345978117 -0400 +@@ -319,28 +319,6 @@ chooses, simply use + .BR chown (1) + to set the owner of + the state directory. +-.PP +-You can also protect your +-.B rpc.statd +-listeners using the +-.B tcp_wrapper +-library or +-.BR iptables (8). +-To use the +-.B tcp_wrapper +-library, add the hostnames of peers that should be allowed access to +-.IR /etc/hosts.allow . +-Use the daemon name +-.B statd +-even if the +-.B rpc.statd +-binary has a different filename. +-.P +-For further information see the +-.BR tcpd (8) +-and +-.BR hosts_access (5) +-man pages. + .SH ADDITIONAL NOTES + Lock recovery after a reboot is critical to maintaining data integrity + and preventing unnecessary application hangs. +@@ -445,7 +423,6 @@ network transport capability database + .BR rpc.nfsd (8), + .BR rpcbind (8), + .BR tcpd (8), +-.BR hosts_access (5), + .BR iptables (8), + .BR netconfig (5) + .sp diff --git a/nfs-utils.spec b/nfs-utils.spec index a5b97bd..ea44d7f 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -22,6 +22,7 @@ Patch101: nfs-utils-1.2.1-exp-subtree-warn-off.patch Patch102: nfs-utils-1.2.5-idmap-errmsg.patch Patch103: nfs-utils-2.1.1-nfs-config.patch Patch104: nfs-utils-2.3.1-systemd-gssproxy-restart.patch +Patch105: nfs-utils-2.3.3-man-tcpwrappers.patch Provides: exportfs = %{epoch}:%{version}-%{release} Provides: nfsstat = %{epoch}:%{version}-%{release} @@ -310,6 +311,7 @@ fi %changelog * Sat Oct 27 2018 Steve Dickson 2.3.3-1.rc1 - Changed /var/lib/nfs/rpc_pipefs to have 555 permissions +- Removed tcp wrappers support from man pages * Sat Oct 27 2018 Steve Dickson 2.3.3-0.rc1 - Updated to latest uupstream RC release: nfs-utils-2-3-4-rc1