Bug 46728
| Summary: | Perpetual error message, redux -- Bad line received from identity | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | R P Herrold <herrold> |
| Component: | xinetd | Assignee: | Trond Eivind Glomsrxd <teg> |
| Status: | CLOSED NOTABUG | QA Contact: | Ben Levenson <benl> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.1 | ||
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2001-07-03 00:48:41 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Does it help to uncomment the other line mentioning the userid as well? Are all other services, so you know the requests aren't coming from them? Hi, Teg,
Actually, I had COMMENTED OUT the error related message. The messages
continued.
At the time of the report, ONLY ipop3 was enabled -- I later enabled ftpd-BSD,
and it is reporting as expected.
Commenting BOTH out stops the messages ... But this seems to be the wrong
solution. (More below the snippage)
[root@compaq2 xinetd.d]# joe ipop3
Processing '/etc/joe/joerc'...done
[root@compaq2 xinetd.d]# rm *~
rm: remove `ipop3~'? y
[root@compaq2 xinetd.d]# service xinetd stop
Stopping xinetd: [ OK ]
[root@compaq2 xinetd.d]# ps ax | grep pop
[root@compaq2 xinetd.d]# service xinetd start
Starting xinetd: [ OK ]
[root@compaq2 xinetd.d]# sleep 60 ; tail -40 /var/log/messages
<snip>
Jul 2 20:25:30 compaq2 xinetd[2521]: Bad line received from identity server at
10.11.9.71: 3171
Jul 2 20:25:40 compaq2 xinetd[2159]: Exiting...
Jul 2 20:25:40 compaq2 xinetd: xinetd shutdown succeeded
<snip>
Jul 2 20:25:53 compaq2 xinetd[2549]: xinetd Version 2.1.8.9pre16 started with
libwrap options compiled in.
Jul 2 20:25:53 compaq2 xinetd[2549]: Started working: 2 available services
Jul 2 20:25:56 compaq2 xinetd: xinetd startup succeeded
[root@compaq2 xinetd.d]# sleep 360 ; tail -10 /var/log/messages
Jul 2 20:25:53 compaq2 xinetd[2549]: pop3s disabled, removing
<snip>
Jul 2 20:25:53 compaq2 xinetd[2549]: time disabled, removing
Jul 2 20:25:53 compaq2 xinetd[2549]: xinetd Version 2.1.8.9pre16 started with
libwrap options compiled in.
Jul 2 20:25:53 compaq2 xinetd[2549]: Started working: 2 available services
Jul 2 20:25:56 compaq2 xinetd: xinetd startup succeeded
[root@compaq2 xinetd.d]# cat ipop3
# default: off
# description: The POP3 service allows remote users to access their mail \
# using an POP3 client such as Netscape Communicator, mutt, \
# or fetchmail.
service pop3
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/sbin/ipop3d
## log_on_success += USERID
## log_on_failure += USERID
}
[root@compaq2 xinetd.d]#
---------------------------------
Then I uncommented :log_on_failure: -- and NO messages appeared ... So maybe
there is some logic inversion in the error/success test.
- R
It obtains the information before the service does access control... this way, you can't avoid the request by terminating the connection when authentication fails. |
See also Bugzilla 27089 ... commenting out and restarting the xinetd error logging dies NOT stop the message service pop3 { disable = no socket_type = stream wait = no user = root server = /usr/sbin/ipop3d log_on_success += USERID ## log_on_failure += USERID } ----------------------------------- The reporting host is a stock RH 7.1 server, wiht all updates applied. The source hosts are behind another RH 7.1, running iptables DNATting and are various Windows hosts. NO ident information would be forthcoming. Still getting: Jun 29 22:06:40 compaq2 xinetd[4117]: Bad line received from identity server at 10.11.9.71: 1643 Jun 29 22:06:47 compaq2 xinetd[4118]: Bad line received from identity server at 10.11.9.71: 1603 Jun 29 22:06:49 compaq2 xinetd[4119]: Bad line received from identity server at 10.11.9.71: 1604 (IP information modified for confidentiality of client site)