Patrice Dumas wrote: > On Mon, Jan 19, 2009 at 10:35:55AM -0500, Steve Dickson wrote: >> hmm... the real need for the lookup is so the 'mountd: <hostsname>' in >> either /etc/hosts.deny/allow will work... so I guess the idea of >> not don the tcp wrappers check at all might be the answer... > > Doing only IP matching also would work. If you want to serve only > clients on an ip subnetwork, you can simply have (if I recall well) > in hosts.allow > > mountd: 192.168.0. > > and in hosts.deny > ALL: ALL > > Now, if hosts.deny indeed uses a host name, then if there is no > host name, the mount may not be denied, although it should have. Exactly... > However the best would be that tcp_wrappers knows if the hostname > is needed, and if needed, and not provided, it denies. The API > has a possibility to pass STRING_UNKNOWN to hosts_ctl, maybe it > does things right in that case? Not that I found... Yes its a chick or egg scenario. I need the hostname to do the 'mountd: <hostname>' check in /etc/hosts.deny, but there is no way of know that entry exists... :( steved. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
