Bug 61192

Summary: /etc/hosts.deny documentation has bad examples for "booby traps"
Product: [Retired] Red Hat Linux Reporter: John Ha <jha>
Component: tcp_wrappersAssignee: Florian La Roche <laroche>
Status: CLOSED RAWHIDE QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.2CC: adstrong
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-03-15 04:07:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description John Ha 2002-03-15 04:07:30 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.0 (X11; Linux i686; U;) Gecko/20020311

Description of problem:
When I tried to use the example in the "booby traps" section of hosts.deny(5), I
get an error: "bad option name "(/usr/sbin/safe_finger".

Only when I read the hosts_options(5) manpage did I see the "spawn" argument to
run shell commands through hosts.deny.

So instead of:

in.tftpd: ALL: (/path/to/safe_finger ...)

It SHOULD read:

in.ftpd: ALL: spawn (/path/to/safe_finger ...)

Also, there are no references to hosts_options in the hosts.deny manpage, so I
had to do a google search before i found the right syntax.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.man hosts.deny
2.try the "booby trap" example in /etc/hosts.deny using plausible path to
safe_finger
3.tail -f /var/log/messages
4. test "denied" service connection on separate machine.

Actual Results:  xinetd[27718]: error: /etc/hosts.deny line 11: bad option name:
"(/usr/sbin/safe_finger"

Expected Results:  mail safe_finger output to root.

Additional info:

Comment 1 Florian La Roche 2002-06-11 20:37:31 UTC
Fixed in 7.6-22 or higher.

Thanks,

Florian La Roche