[Eug-lug] Wrapping for Access Control
Jeff_W
beaker at freeshell.org
Sat Jan 22 17:56:16 PST 2005
Jacob Meuser <jakemsr at jakemsr.com> wrote:
> On Fri, Jan 21, 2005 at 11:06:13PM -0800, Jeff_W wrote:
>
> > # added for TCP Wrappers control of pygopherd - beaker: 1/20/2005
> > pygopherd stream tcp nowait root /usr/pkg/bin/pygopherd pygopherd
>
> are you _sure_ you don't have to specify tcpd there?
>
> pygopherd stream tcp nowait root /usr/libexec/tcpd pygopherd
Yes, I fairly certain:
(from netbsd's HOSTS_ACCESS(5))
...
Note that in a `stock' installation of the tcp_wrappers
package, a program called tcpd is called from /etc/inetd.conf,
and this program performs the wrapper checks and then
executes the daemon. In NetBSD inetd(8) has been
modified to perform this check internally, and so tcpd is
neither used nor supplied.
...
> is there an EXAMPLES section in your tcpd(8)?
See above; there is no tcpd in the base system, however the stock
tcpd package is available in pkgsrc. I suspect is replaces the
original modified version of inetd when installed.
> > I should mention that when I use the tcpdchk & tcpmatch tools
> > everything appears to work (allow LAN hosts; deny outsiders):
>
> they don't actually run the program in question. they just check
> hosts.allow and hosts.deny.
I figured as much.
More information about the EUGLUG
mailing list