summaryrefslogtreecommitdiff
path: root/source/n/rpcbind
diff options
context:
space:
mode:
Diffstat (limited to 'source/n/rpcbind')
-rw-r--r--source/n/rpcbind/0001-security.c-removed-warning.patch29
-rw-r--r--source/n/rpcbind/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch82
-rw-r--r--source/n/rpcbind/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch40
-rw-r--r--source/n/rpcbind/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch51
-rw-r--r--source/n/rpcbind/01.rpcbind-manpage-statefile-explanation.patch25
-rw-r--r--source/n/rpcbind/doinst.sh24
-rw-r--r--source/n/rpcbind/rc.rpc64
-rwxr-xr-xsource/n/rpcbind/rpcbind.SlackBuild149
-rw-r--r--source/n/rpcbind/rpcbind.lwrap.needs.lnsl.diff14
-rw-r--r--source/n/rpcbind/slack-desc19
10 files changed, 497 insertions, 0 deletions
diff --git a/source/n/rpcbind/0001-security.c-removed-warning.patch b/source/n/rpcbind/0001-security.c-removed-warning.patch
new file mode 100644
index 00000000..6ca5b6d0
--- /dev/null
+++ b/source/n/rpcbind/0001-security.c-removed-warning.patch
@@ -0,0 +1,29 @@
+From de47f6323d8fb20feefee21d0195cf0529151e04 Mon Sep 17 00:00:00 2001
+From: Steve Dickson <steved@redhat.com>
+Date: Thu, 17 Sep 2015 15:57:35 -0400
+Subject: [PATCH 1/4] security.c: removed warning
+
+src/security.c:100:8: warning: implicit declaration of function 'xlog'
+[-Wimplicit-function-declaration]
+
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/security.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/security.c b/src/security.c
+index 0c9453f..c54ce26 100644
+--- a/src/security.c
++++ b/src/security.c
+@@ -17,6 +17,8 @@
+ #include <syslog.h>
+ #include <netdb.h>
+
++#include "xlog.h"
++
+ /*
+ * XXX for special case checks in check_callit.
+ */
+--
+2.6.4
+
diff --git a/source/n/rpcbind/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch b/source/n/rpcbind/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch
new file mode 100644
index 00000000..6a80742f
--- /dev/null
+++ b/source/n/rpcbind/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch
@@ -0,0 +1,82 @@
+From d5dace219953c45d26ae42db238052b68540649a Mon Sep 17 00:00:00 2001
+From: Olaf Kirch <okir@suse.de>
+Date: Fri, 30 Oct 2015 10:18:20 -0400
+Subject: [PATCH 2/4] Fix memory corruption in PMAP_CALLIT code
+
+ - A PMAP_CALLIT call comes in on IPv4 UDP
+ - rpcbind duplicates the caller's address to a netbuf and stores it in
+ FINFO[0].caller_addr. caller_addr->buf now points to a memory region A
+ with a size of 16 bytes
+ - rpcbind forwards the call to the local service, receives a reply
+ - when processing the reply, it does this in xprt_set_caller:
+ xprt->xp_rtaddr = *FINFO[0].caller_addr
+ It sends out the reply, and then frees the netbuf caller_addr and
+ caller_addr.buf.
+ However, it does not clear xp_rtaddr, so xp_rtaddr.buf now refers
+ to memory region A, which is free.
+ - When the next call comes in on the UDP/IPv4 socket, svc_dg_recv will
+ be called, which will set xp_rtaddr to the client's address.
+ It will reuse the buffer inside xp_rtaddr, ie it will write a
+ sockaddr_in to region A
+
+Some time down the road, an incoming TCP connection is accepted,
+allocating a fresh SVCXPRT. The memory region A is inside the
+new SVCXPRT
+
+ - While processing the TCP call, another UDP call comes in, again
+ overwriting region A with the client's address
+ - TCP client closes connection. In svc_destroy, we now trip over
+ the garbage left in region A
+
+We ran into the case where a commercial scanner was triggering
+occasional rpcbind segfaults. The core file that was captured showed
+a corrupted xprt->xp_netid pointer that was really a sockaddr_in.
+
+Signed-off-by: Olaf Kirch <okir@suse.de>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/rpcb_svc_com.c | 23 ++++++++++++++++++++++-
+ 1 file changed, 22 insertions(+), 1 deletion(-)
+
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index ff9ce6b..4ae93f1 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -1183,12 +1183,33 @@ check_rmtcalls(struct pollfd *pfds, int nfds)
+ return (ncallbacks_found);
+ }
+
++/*
++ * This is really a helper function defined in libtirpc,
++ * but unfortunately, it hasn't been exported yet.
++ */
++static struct netbuf *
++__rpc_set_netbuf(struct netbuf *nb, const void *ptr, size_t len)
++{
++ if (nb->len != len) {
++ if (nb->len)
++ mem_free(nb->buf, nb->len);
++ nb->buf = mem_alloc(len);
++ if (nb->buf == NULL)
++ return NULL;
++
++ nb->maxlen = nb->len = len;
++ }
++ memcpy(nb->buf, ptr, len);
++ return nb;
++}
++
+ static void
+ xprt_set_caller(SVCXPRT *xprt, struct finfo *fi)
+ {
++ const struct netbuf *caller = fi->caller_addr;
+ u_int32_t *xidp;
+
+- *(svc_getrpccaller(xprt)) = *(fi->caller_addr);
++ __rpc_set_netbuf(svc_getrpccaller(xprt), caller->buf, caller->len);
+ xidp = __rpcb_get_dg_xidp(xprt);
+ *xidp = fi->caller_xid;
+ }
+--
+2.6.4
+
diff --git a/source/n/rpcbind/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch b/source/n/rpcbind/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
new file mode 100644
index 00000000..9aa64791
--- /dev/null
+++ b/source/n/rpcbind/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
@@ -0,0 +1,40 @@
+From 9194122389f2a56b1cd1f935e64307e2e963c2da Mon Sep 17 00:00:00 2001
+From: Steve Dickson <steved@redhat.com>
+Date: Mon, 2 Nov 2015 17:05:18 -0500
+Subject: [PATCH 3/4] handle_reply: Don't use the xp_auth pointer directly
+
+In the latest libtirpc version to access the xp_auth
+one must use the SVC_XP_AUTH macro. To be backwards
+compatible a couple ifdefs were added to use the
+macro when it exists.
+
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/rpcb_svc_com.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index 4ae93f1..22d6c84 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -1295,10 +1295,17 @@ handle_reply(int fd, SVCXPRT *xprt)
+ a.rmt_localvers = fi->versnum;
+
+ xprt_set_caller(xprt, fi);
++#if defined(SVC_XP_AUTH)
++ SVC_XP_AUTH(xprt) = svc_auth_none;
++#else
+ xprt->xp_auth = &svc_auth_none;
++#endif
+ svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a);
++#if !defined(SVC_XP_AUTH)
+ SVCAUTH_DESTROY(xprt->xp_auth);
+ xprt->xp_auth = NULL;
++#endif
++
+ done:
+ if (buffer)
+ free(buffer);
+--
+2.6.4
+
diff --git a/source/n/rpcbind/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch b/source/n/rpcbind/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch
new file mode 100644
index 00000000..c54d542e
--- /dev/null
+++ b/source/n/rpcbind/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch
@@ -0,0 +1,51 @@
+From 3a664b1b5a310df39bd0f325b0edb1deb31c2249 Mon Sep 17 00:00:00 2001
+From: Laurent Bigonville <bigon@bigon.be>
+Date: Wed, 18 Nov 2015 14:34:26 -0500
+Subject: [PATCH 4/4] Delete the unix socket only if we have created it
+
+From: Laurent Bigonville <bigon@bigon.be>
+
+If systemd has created the unix socket on our behalf, we shouldn't try
+to delete it.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1279076
+
+Signed-off-by: Laurent Bigonville <bigon@bigon.be
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/rpcbind.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/rpcbind.c b/src/rpcbind.c
+index 045daa1..c4265cd 100644
+--- a/src/rpcbind.c
++++ b/src/rpcbind.c
+@@ -87,6 +87,7 @@ static inline void __nss_configure_lookup(const char *db, const char *s) {}
+ int debugging = 0; /* Tell me what's going on */
+ int doabort = 0; /* When debugging, do an abort on errors */
+ int dofork = 1; /* fork? */
++int createdsocket = 0; /* Did I create the socket or systemd did it for me? */
+
+ rpcblist_ptr list_rbl; /* A list of version 3/4 rpcbind services */
+
+@@ -445,6 +446,7 @@ init_transport(struct netconfig *nconf)
+ memset(&sun, 0, sizeof sun);
+ sun.sun_family = AF_LOCAL;
+ unlink(_PATH_RPCBINDSOCK);
++ createdsocket = 1; /* We are now in the process of creating the unix socket */
+ strcpy(sun.sun_path, _PATH_RPCBINDSOCK);
+ addrlen = SUN_LEN(&sun);
+ sa = (struct sockaddr *)&sun;
+@@ -846,7 +848,8 @@ static void
+ terminate(int dummy /*__unused*/)
+ {
+ close(rpcbindlockfd);
+- unlink(_PATH_RPCBINDSOCK);
++ if(createdsocket)
++ unlink(_PATH_RPCBINDSOCK);
+ unlink(RPCBINDDLOCK);
+ #ifdef WARMSTART
+ write_warmstart(); /* Dump yourself */
+--
+2.6.4
+
diff --git a/source/n/rpcbind/01.rpcbind-manpage-statefile-explanation.patch b/source/n/rpcbind/01.rpcbind-manpage-statefile-explanation.patch
new file mode 100644
index 00000000..946dd1bd
--- /dev/null
+++ b/source/n/rpcbind/01.rpcbind-manpage-statefile-explanation.patch
@@ -0,0 +1,25 @@
+--- rpcbind-0.2.3/man/rpcbind.8 2015-04-27 16:07:43.000000000 +0200
++++ rpcbind-0.2.3/man/rpcbind.8 2015-09-22 16:25:40.000000000 +0200
+@@ -132,11 +132,20 @@
+ .It Fl w
+ Cause
+ .Nm
+-to do a "warm start" by read a state file when
++to do a "warm start" by attempting to read *.xdr state files from the
++state directory
++.%T /var/state/rpcbind
++when
+ .Nm
+-starts up. The state file is created when
++starts up. The state files are created when
+ .Nm
+ terminates.
++.Pp
++This allows for restarting
++.Nm
++without the need to restart all RPC services that have previously registered.
++The state file serves similar purpose like the file created/restored by
++pmap_dump and pmap_set utilities, distributed with old portmap server package.
+ .El
+ .Sh NOTES
+ All RPC servers must be restarted if
diff --git a/source/n/rpcbind/doinst.sh b/source/n/rpcbind/doinst.sh
new file mode 100644
index 00000000..5f7dfaf5
--- /dev/null
+++ b/source/n/rpcbind/doinst.sh
@@ -0,0 +1,24 @@
+config() {
+ NEW="$1"
+ OLD="`dirname $NEW`/`basename $NEW .new`"
+ # If there's no config file by that name, mv it over:
+ if [ ! -r $OLD ]; then
+ mv $NEW $OLD
+ elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
+ rm $NEW
+ fi
+ # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+preserve_perms() {
+ NEW="$1"
+ OLD="$(dirname $NEW)/$(basename $NEW .new)"
+ if [ -e $OLD ]; then
+ cp -a $OLD ${NEW}.incoming
+ cat $NEW > ${NEW}.incoming
+ mv ${NEW}.incoming $NEW
+ fi
+ config $NEW
+}
+
+preserve_perms etc/rc.d/rc.rpc.new
diff --git a/source/n/rpcbind/rc.rpc b/source/n/rpcbind/rc.rpc
new file mode 100644
index 00000000..c850c556
--- /dev/null
+++ b/source/n/rpcbind/rc.rpc
@@ -0,0 +1,64 @@
+#!/bin/sh
+# rc.rpc: start/stop/restart RPC daemons needed to use NFS.
+#
+# You must run these daemons in order to mount NFS partitions
+# (unless you use the mount option '-o nolock', which can
+# corrupt files and is not generally recommended unless you
+# are mounting the partition(s) as read-only).
+#
+# To run an NFS server, starting these is mandatory.
+#
+
+rpc_start() {
+ if [ -x /sbin/rpcbind -a -x /sbin/rpc.statd ]; then
+ if ! ps axc | grep -q rpcbind ; then
+ echo "Starting RPC portmapper: /sbin/rpcbind -l $1"
+ /sbin/rpcbind -l $1
+ fi
+ if ! ps axc | grep -q rpc.statd ; then
+ echo "Starting RPC NSM (Network Status Monitor): /sbin/rpc.statd"
+ /sbin/rpc.statd
+ fi
+ else
+ echo "WARNING: Cannot start RPC daemons needed for NFS. One or more of"
+ echo " these required daemons is not executable or is not present"
+ echo " on your system:"
+ echo
+ echo " /sbin/rpcbind or /sbin/rpc.statd"
+ echo
+ fi
+}
+
+rpc_stop() {
+ killall rpc.statd 2> /dev/null
+ sleep 1
+ killall rpcbind 2> /dev/null
+ sleep 1
+ killall -9 rpc.statd 2> /dev/null # make sure :)
+ sleep 1
+ killall -9 rpcbind 2> /dev/null # make sure :)
+ sleep 1
+}
+
+rpc_restart() {
+ rpc_stop
+ rpc_start
+}
+
+case "$1" in
+'start')
+ # Warm restart by default (see "man rpcbind" for details about the -w option)
+ rpc_start -w
+ ;;
+'cold_start') # Start without -w option
+ rpc_start
+ ;;
+'stop')
+ rpc_stop
+ ;;
+'restart')
+ rpc_restart
+ ;;
+*)
+ echo "usage $0 start|stop|restart"
+esac
diff --git a/source/n/rpcbind/rpcbind.SlackBuild b/source/n/rpcbind/rpcbind.SlackBuild
new file mode 100755
index 00000000..d10f5852
--- /dev/null
+++ b/source/n/rpcbind/rpcbind.SlackBuild
@@ -0,0 +1,149 @@
+#!/bin/sh
+
+# Copyright 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+PKGNAM=rpcbind
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-1}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+ case "$(uname -m)" in
+ i?86) ARCH=i586 ;;
+ arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;;
+ # Unless $ARCH is already set, use uname -m for all other archs:
+ *) ARCH=$(uname -m) ;;
+ esac
+ export ARCH
+fi
+
+NUMJOBS=${NUMJOBS:-" -j7 "}
+
+if [ "$ARCH" = "i386" ]; then
+ SLKCFLAGS="-O2 -march=i386 -mcpu=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i486" ]; then
+ SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i586" ]; then
+ SLKCFLAGS="-O2 -march=i586 -mtune=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+ SLKCFLAGS="-O2 -march=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "s390" ]; then
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+ SLKCFLAGS="-O2 -fPIC"
+ LIBDIRSUFFIX="64"
+elif [ "$ARCH" = "armv7hl" ]; then
+ SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16"
+ LIBDIRSUFFIX=""
+else
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+fi
+
+CWD=$(pwd)
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-$PKGNAM
+
+rm -rf $PKG
+mkdir -p $TMP $PKG
+
+cd $TMP
+rm -rf $PKGNAM-$VERSION
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1
+cd $PKGNAM-$VERSION || exit 1
+
+zcat $CWD/0001-security.c-removed-warning.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/01.rpcbind-manpage-statefile-explanation.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/rpcbind.lwrap.needs.lnsl.diff.gz | patch -p1 --verbose || exit 1
+
+# This is needed after the patch above:
+autoreconf -vif || exit 1
+
+chown -R root:root .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \;
+
+# Configure:
+CFLAGS="$SLKCFLAGS" \
+./configure \
+ --prefix=/usr \
+ --bindir=/sbin \
+ --libdir=/lib${LIBDIRSUFFIX} \
+ --sysconfdir=/etc \
+ --mandir=/usr/man \
+ --enable-libwrap \
+ --enable-warmstarts \
+ --with-statedir=/var/state/rpcbind \
+ --with-rpcuser=bin \
+ --with-nss-modules="files" \
+ --without-systemdsystemunitdir \
+ --build=$ARCH-slackware-linux || exit 1
+
+# Build and install:
+make $NUMJOBS || make || exit 1
+make install DESTDIR=$PKG || exit 1
+
+# Make state directory:
+mkdir -p $PKG/var/state/rpcbind
+chown bin:root $PKG/var/state/rpcbind
+
+# Install init script:
+mkdir -p $PKG/etc/rc.d
+zcat $CWD/rc.rpc.gz > $PKG/etc/rc.d/rc.rpc.new
+
+# Strip binaries:
+( cd $PKG
+ find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+ find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+)
+
+# Add a documentation directory:
+mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION
+cp -a \
+ AUTHORS COPYING* NEWS README* \
+ $PKG/usr/doc/${PKGNAM}-$VERSION
+
+# Compress manual pages:
+find $PKG/usr/man -type f -exec gzip -9 {} \;
+for i in $( find $PKG/usr/man -type l ) ; do
+ ln -s $( readlink $i ).gz $i.gz
+ rm $i
+done
+
+mkdir -p $PKG/install
+zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
+cat $CWD/slack-desc > $PKG/install/slack-desc
+
+cd $PKG
+/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
+
diff --git a/source/n/rpcbind/rpcbind.lwrap.needs.lnsl.diff b/source/n/rpcbind/rpcbind.lwrap.needs.lnsl.diff
new file mode 100644
index 00000000..43f2bdf8
--- /dev/null
+++ b/source/n/rpcbind/rpcbind.lwrap.needs.lnsl.diff
@@ -0,0 +1,14 @@
+--- ./configure.ac.orig 2015-04-27 09:07:43.000000000 -0500
++++ ./configure.ac 2015-12-14 13:34:54.592931654 -0600
+@@ -52,6 +52,11 @@
+ fi
+ AM_CONDITIONAL(SYSTEMD, [test -n "$with_systemdsystemunitdir" -a "x$with_systemdsystemunitdir" != xno ])
+
++AC_SEARCH_LIBS(yp_get_default_domain, nsl)
++AC_MSG_CHECKING([for hosts_access in -lwrap])
++saved_LIBS="$LIBS"
++LIBS="$saved_LIBS -lwrap"
++
+ AS_IF([test x$enable_libwrap = xyes], [
+ AC_CHECK_LIB([wrap], [hosts_access], ,
+ AC_MSG_ERROR([libwrap support requested but unable to find libwrap]))
diff --git a/source/n/rpcbind/slack-desc b/source/n/rpcbind/slack-desc
new file mode 100644
index 00000000..70adeb78
--- /dev/null
+++ b/source/n/rpcbind/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+ |-----handy-ruler------------------------------------------------------|
+rpcbind: rpcbind (a daemon to manage RPC connections)
+rpcbind:
+rpcbind: This is a network daemon used to manage connections to RPC services.
+rpcbind: It is meant as a replacement for the 'rpc.portmap' server from the
+rpcbind: 'portmap' package. Daemons that offer RPC services (such as the
+rpcbind: daemons for NFS) tell the rpcbind on what port they listen.
+rpcbind: RPC network port numbers may change each time the system is booted.
+rpcbind:
+rpcbind: This package is required to use NFS or other RPC services.
+rpcbind:
+rpcbind: Homepage: http://sourceforge.net/projects/rpcbind/