[ Hijacked from freebsd-hackers ]
On Tue, 20 Jul 1999 17:33:24 CST, Greg Skafte wrote:
> I've just recently switched from using the tcpwrappers port to the
> native tcpwrappers implemention
>
> the following config entries worked on the port but are not working with
> the native
I've tested the spawn option using a standalone sshd daemon and both of
the following two configurations work as expected (on their own, not in
conjunction):
sshd: ALL : \
spawn (/usr/bin/mail -s "sshd request from %h" sheldonh <dev/null) & \
: DENY
sshd: ALL : \
spawn (/usr/bin/mail -s "sshd request from %h" sheldonh <dev/null) & \
: ALLOW
Are you perhaps running sshd out of inetd? You don't need to. Build the
port and make sure it links against the base system's libwrap and the
standalone sshd will grok /etc/hosts.allow just fine.
As for using the spawn option for services launched out of inetd, it's
definitely a problem. If you look in your /var/log/messages, you'll
probably see lots of these:
Jul 21 09:19:53 axl inetd[16995]: write: Bad file descriptor
I'm looking at that. I suspect it may be a bug I introduced while trying
to squish the "inetd leaves children lying about" bug.
Ciao,
Sheldon.
To Unsubscribe: send mail to majord...@freebsd.org
with "unsubscribe freebsd-hackers" in the body of the message
