Bug 18686 – /etc/hosts causes denial of localhost-only services

Bug 18686 - /etc/hosts causes denial of localhost-only services

Summary:	/etc/hosts causes denial of localhost-only services

Status:	CLOSED RAWHIDE

Aliases:	None

Product:	Red Hat Linux
Classification:	Retired
Component:	xinetd (Show other bugs)
Sub Component:
Version:	7.0
Hardware:	i386 Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Trond Eivind Glomsrxd
QA Contact:	David Lawrence
Docs Contact:

URL:
Whiteboard:
Keywords:

Duplicates:	20516 (view as bug list)
Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2000-10-09 06:06 EDT by Phil Venton
Modified:	2007-04-18 12:29 EDT (History)
CC List:	3 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2000-10-09 12:37:37 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
This one-liner fixes it for me. I don't think it's the right solution, but it shows where the problem is. (321 bytes, patch) 2000-10-09 07:01 EDT, Tim Waugh	no flags	Details \| Diff
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Phil Venton 2000-10-09 06:06:49 EDT

After a fresh install, xinetd will deny connections to any services listed
with "only_from = localhost", when attempting to connect from localhost.  

/etc/hosts contains the following:

127.0.0.1 localhost.localdomain localhost foo.bar.net foo

changing /etc/hosts to read, for example:

127.0.0.1 localhost.localdomain localhost
192.168.0.1 foo.bar.net foo

fixes the problem.

I suspect, in the first case, xinetd is resolving 127.0.0.1 to "foo" rather
than localhost, and disallowing the connect?

See also bug #17839

Comment 1 Tim Waugh 2000-10-09 07:01:21 EDT

Created attachment 3904 [details]
This one-liner fixes it for me.  I don't think it's the right solution, but it shows where the problem is.

Comment 2 Trond Eivind Glomsrxd 2000-10-09 11:42:35 EDT

Verified - it segfaults when doing access control.

Comment 3 Trond Eivind Glomsrxd 2000-10-09 12:10:05 EDT

The oneliner does not fix the problem.

Comment 4 Tim Waugh 2000-10-09 12:22:42 EDT

Huh?  It does; I just tried it again, this time without building with -g or
running with -d, which I did the first time.

The problem is that the str_addr comes from a static variable that's overwritten
with each entry parsed.  So the problem only shows itself on entries that are
not the last one to be read.

I installed -6 and telnet-server, and had just linuxconf-web and telnet in
xinetd.d.  I modified telnet to have 'only_from = localhost', and restarted
xinetd.  No problems.  When I moved linuxconf-web to xlinuxconf-web and restart
xinetd, I could telnet localhost.  After making the one line change and
restarting xinetd, I could.

There is another shallow copy a few lines above, so the one-liner clearly
doesn't _fix_ the problem entirely, but basically the problem is that shallow
rather than deep copies of that string are being performed.

Comment 5 Trond Eivind Glomsrxd 2000-10-09 12:37:33 EDT

For me, it still segfaults. I agree that the issue is shallow copies, which is
why I'm currently going though it with njamd.

Comment 6 Trond Eivind Glomsrxd 2000-10-17 12:14:36 EDT

Fixed in xinetd-2.1.8.9pre11-1

Comment 7 Crutcher Dunnavant 2001-03-15 17:33:09 EST

*** Bug 20516 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.