portmap(8) DARPA


portmap [-d ] [-f ] [-t dir ] [-v ] [-V ] [-i address ] [-l ] [-u uid ] [-g gid ]


Portmap is a server that converts RPC program numbers into DARPA protocol port numbers. It must be running in order to make RPC calls.

When an RPC server is started, it will tell portmap what port number it is listening to, and what RPC program numbers it is prepared to serve. When a client wishes to make an RPC call to a given program number, it will first contact portmap on the server machine to determine the port number where RPC packets should be sent.

Portmap must be started before any RPC servers are invoked.

Normally portmap forks and dissociates itself from the terminal like any other daemon. Portmap then logs errors using syslog(3).

Portmap records all current mapping in the file /var/run/portmap_mapping so that if it gets killed and restarted, it can reload the mapping for currently active services.

Options available:

Display version number and exit.
(debug) prevents portmap from running as a daemon, and causes errors and debugging information to be printed to the standard error output.
(foreground) prevents portmap from running as a daemon, and causes log messages to be printed to the standard error output.
-t dir
(chroot) tell portmap to chroot(2) into dir dir should be empty, not writable by the daemon user, and preferably on a filesystem mounted read-only, noexec, nodev, and nosuid.
-u uid
-g gid
Set the user-id and group-id of the running process to those given, rather than the compiled-in defaults of 1/1.
(verbose) run portmap in verbose mode.
-i address
bind portmap to address. If you specify it will bind to the loopback interface only.
bind portmap to the loop-back address This is a shorthand for specifying with -i.

This portmap version is protected by the tcp_wrapper library. You have to give the clients access to portmap if they should be allowed to use it. To allow connects from clients of the network 192.168. you could use the following line in /etc/hosts.allow:

portmap: 192.168.

In order to avoid deadlocks, the portmap program does not attempt to look up the remote host name or user name, nor will it try to match NIS netgroups. As a consequence only network number patterns (or IP addresses) will work for portmap access control, do not use hostnames. Notice that localhost will always be allowed access to the portmapper.

You have to use the daemon name portmap for the daemon name (even if the binary has a different name). For the client names you can only use the keyword ALL or IP addresses (NOT host or domain names).

For further information please have a look at the tcpd(8), hosts_allow5 and hosts_access5 manual pages.


The portmap command appeared in BSD 4.3


This manual page was changed by An Anibal Monsalve Salazar for the Debian Project.