From Bugzilla Helper: User-Agent: Mozilla/5.0 (compatible; Konqueror/3.0.0; Linux) Description of problem: Specifying netgroup for access control in tcp_wrappers fails for the portmap: entry. Other keys such as hostnames and ALL work fine, but @netgroups are ignored and refused. (since sshd: and rpc.mountd: parse netgroups correctly I presume this is a portmap problem and not a tcp_wrappers problem) Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Specify in hosts.allow a portmap: entry that uses @netgroup for access control. 2. Try to connect from a valid machine in the netgroup. 3. Machine is refused connection only for portmap, other services using the exact same syntax (sshd: for example) work fine. Actual Results: portmap says connect from [host ip] to getport (nfs): request from unauthorized host. Expected Results: No error should have be created and host should have gained access. Additional info:
From the README included in the package: In order to avoid deadlocks, the portmap program does not attempt to look up the remote host name or user name, nor will it try to match NIS netgroups. The upshot of all this is that only network number patterns will work for portmap access control.