Trying to debug nfs install issue, increase verbosity of nfs server?
Patrice Dumas
pertusus at free.fr
Mon Jan 19 16:29:35 UTC 2009
On Mon, Jan 19, 2009 at 10:35:55AM -0500, Steve Dickson wrote:
> hmm... the real need for the lookup is so the 'mountd: <hostsname>' in
> either /etc/hosts.deny/allow will work... so I guess the idea of
> not don the tcp wrappers check at all might be the answer...
Doing only IP matching also would work. If you want to serve only
clients on an ip subnetwork, you can simply have (if I recall well)
in hosts.allow
mountd: 192.168.0.
and in hosts.deny
ALL: ALL
Now, if hosts.deny indeed uses a host name, then if there is no
host name, the mount may not be denied, although it should have.
However the best would be that tcp_wrappers knows if the hostname
is needed, and if needed, and not provided, it denies. The API
has a possibility to pass STRING_UNKNOWN to hosts_ctl, maybe it
does things right in that case?
--
Pat
More information about the fedora-devel-list
mailing list