Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 181781 - problem with HOSTS.DENY
problem with HOSTS.DENY
Product: Fedora
Classification: Fedora
Component: tcp_wrappers (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Janousek
David Lawrence
: Security
Depends On:
  Show dependency treegraph
Reported: 2006-02-16 10:36 EST by ROCHE
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-04-10 15:40:59 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description ROCHE 2006-02-16 10:36:18 EST
Description of problem:

I have this file for /etc/hosts.deny:
# hosts.deny	This file describes the names of the hosts which are
#		*not* allowed to use the local INET services, as decided
#		by the '/usr/sbin/tcpd' server.
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow.  In particular
# you should know that NFS uses portmap!

I have this file for /etc/hosts.allow (empty) :
# hosts.allow	This file describes the names of the hosts which are
#		allowed to use the local INET services, as decided
#		by the '/usr/sbin/tcpd' server.

with # ps -aux |grep xinetd
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.5/FAQ
root      2232  0.0  0.2   2180   556 ?        Ss   16:04   0:00 xinetd
-stayalive -pidfile /var/run/xinetd.pid

with # /sbin/chkconfig --list
services basés sur xinetd :
        chargen:        arrêt
        chargen-udp:    arrêt
        cvs:            arrêt
        daytime:        arrêt
        daytime-udp:    arrêt
        echo:           arrêt
        echo-udp:       arrêt
        eklogin:        arrêt
        gssftp:         arrêt
        klogin:         arrêt
        krb5-telnet:    arrêt
        kshell:         arrêt
        ktalk:          arrêt
        rsync:          arrêt
        swat:           arrêt
        time:           arrêt
        time-udp:       arrêt

- On other computer I can access with SMB, HTTP, ....
- I Can not configure hosts.deny with spawn, ....

Version-Release number of selected component (if applicable):
# uname -r
# rpm -qa |grep tcp_wrappers

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
Comment 1 Tomas Janousek 2007-01-17 07:12:50 EST
Do I understand correctly that your problem is that you can't restrict HTTP &
SMB access using hosts.deny?

What is the word "spawn" supposed to mean in the second item of "PROBLEM" ?
Comment 2 Matthew Miller 2007-04-10 15:40:59 EDT
Fedora Core 4 is now completely unmaintained. These bugs can't be fixed in that
version. If the issue still persists in current Fedora Core, please reopen.
Thank you, and sorry about this.

Note You need to log in before you can comment on or make changes to this bug.