[Eug-lug] Wrapping for Access Control

larry price laprice at gmail.com
Fri Jan 21 20:54:17 PST 2005 

What are you telling PyGopherd to listen to?

You could tell it to listen on a unix socket and have inetd pass the
connection that way.

On Fri, 21 Jan 2005 18:49:25 -0800, Jeff_W <beaker at freeshell.org> wrote:
> I'm trying to figure out how I can use TCP Wrappers to provide
> rudimentary access control for a python-based network service
> (PYGopherd). I've read a bunch of man pages and How-Tos on the web
> and have concluded that in order to get TCP Wrappers to provide
> access control there needs to be a wrapper for it and/or it needs
> to run out of inetd (this is a BSD system w/ tcpd's functions
> integrated into inetd). I've yet to come across some simple
> instructions for creating such a wrapper; tests done with simply
> adding PYG to /etc/services & /etc/inetd.conf and restarting have
> been unsuccessful - PYG starts & stops OK but connections produce
> this:
> 
> # Traceback (most recent call last):  File "/usr/pkg/bin/pygopherd", line 30, in
> # ?
> #     s = initialization.initeverything(conffile)
> #   File "/usr/pkg/lib/python2.3/site-packages/pygopherd/initialization.py", line
> #  187, in initeverything
> #     s = getserverobject(config)
> #   File "/usr/pkg/lib/python2.3/site-packages/pygopherd/initialization.py", line
> #  120, in getserverobject
> #     GopherRequestHandler)
> #   File "/usr/pkg/lib/python2.3/SocketServer.py", line 330, in __init__
> #     self.server_bind()
> #   File "/usr/pkg/lib/python2.3/site-packages/pygopherd/initialization.py", line
> #  100, in server_bind
> #     servertype.server_bind(self)
> #   File "/usr/pkg/lib/python2.3/SocketServer.py", line 341, in server_bind
> #     self.socket.bind(self.server_address)
> #   File "<string>", line 1, in bind
> # socket.error: (48, 'Address already in use')
> 
> Having forgotten anything I might have learned about python, I really
> can't make much of this except that it appears the socket/port is
> not available to the application (maybe because inetd is listening
> on it?).
> 
> Anyways, is there some easy way of "wrapping" PYG for use w/ TCP
> Wrappers or do I need to look at something else like IP Filter,
> etc. ?
> 
> -Jeff
> _______________________________________________
> EUGLUG mailing list
> euglug at euglug.org
> http://www.euglug.org/mailman/listinfo/euglug
> 


-- 
http://Zoneverte.org -- information explained
Do you know what your IT infrastructure does?

More information about the EUGLUG mailing list