Hi everyone,
When running mount command with tcp under root account, I see that the
tcp client port is allocated in privilege range like 830... I do not
think it's a good behavior as port in privilege range is limited and a
lot of well known service is using it. Could you please let me know
any reason for that? It's better for mount nfs client port to be
allocated in dynamic port range instead even the system is running
under root permission? and any other way to make it happens besides
running under a normal user?
Thanks,
Brs,
Naruto
On Sat, Nov 10, 2018 at 10:48:41AM +0700, Naruto Nguyen wrote:
> Hi everyone,
>
> When running mount command with tcp under root account, I see that the
> tcp client port is allocated in privilege range like 830... I do not
> think it's a good behavior as port in privilege range is limited and a
> lot of well known service is using it. Could you please let me know
> any reason for that? It's better for mount nfs client port to be
> allocated in dynamic port range instead even the system is running
> under root permission? and any other way to make it happens besides
> running under a normal user?
Have a look at 'man 5 nfs' and search for the "noresvport" option. You
will also want to read the "Using non-privileged source ports"
paragraph.
HTH,
Niels