The protocol used by rpc.rquotad is an insecure and obsolete protocol and should be disabled. This security vulnerability is discussed in CVE-1999-9625 and more details can be found in that document. This process may disrupt NFS clients that rely on disk quotas. To avoid problems, schedule a maintenance outage and stop these NFS clients.
For CentOS/RHEL 6 and earlier
1. Edit the file /etc/sysconfig/nfs To get an entry that says RQUOTAD='No'For example:
# fgrep RQUOTAD /etc/sysconfig/nfs # The below line disables the insecure, obsolete quota protocol used by RQUOTAD RQUOTAD="no"
2. Restart the NFS service to activate the changes:
# /sbin/service nfs stop # /sbin/service nfs start
For CentOS/RHEL 7 and later
CentOS/RHEL 7 and later uses systemd to manage services. The mask operation also prevents root from starting the service:
# /sbin/systemctl stop rpc-rquotad.service # /sbin/systemctl disable rpc-rquotad.service # /sbin/systemctl mask rpc-rquotad.service
Verify the status of the service and check if the service can be started/restarted.
# /sbin/systemctl restart rpc-rquotad.service Failed to restart rpc-rquotad.service: Unit is masked. # /sbin/systemctl status rpc-rquotad.service ● rpc-rquotad.service Loaded: masked (/dev/null; bad) Active: inactive (dead
rpc.rquotad is an insecure and obsolete protocol and should be disabled.
