Problem with TCP_wrappers

[Jan-Philip Velders <jpv jvelders tn tudelft nl>]

Hi,

I'm running into something weird here.
I'm using RH5.1 with tcp_wrappers 7.6.

The syntax for hosts.allow and hosts.deny is:
<service list> : <access list> [ : <shell_command> ]

Everything works when I _don't_ use the shell_command.
I used the _exact_ line as in the man-pages utilising "safe_finger" (comes
with tcp_wrappers), tcpdchk will break on it. And the tcp_wrappers will
"ignore" the line, in my test I used a default deny and opened up ftp to
all and put the safe_finger line in; result: I can't ftp to localhost or
from any other machine via TCP/IP...

Does anybody know if this is standard behaviour under RH5.1 ?
I do like to use the feature to log all the info tcp_wrappers can obtain
about the remote-side.
The tcp_wrappers also have a special compile-time-option which gives more
functionality with all the rules, but then you have to combine all the rules
into _one_ file "hosts.access" (I think!), and hosts.{allow,deny} don;t
function. But it doesn't look like it's compiled that way
(-DPROCESS_OPTIONS)...

Can somebody shine a light on this ?
Thanks in advance!

Greetings,
Jan-Philip Velders

<jpv aacc nl
<jpv jvelders tn tudelft nl>
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
| Nederlandse Linux GebruikersGroep : http://www.nllgg.nl |
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-