[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Trying to debug nfs install issue, increase verbosity of nfs server?



On Mon, Jan 19, 2009 at 10:35:55AM -0500, Steve Dickson wrote:
> hmm... the real need for the lookup is so the 'mountd: <hostsname>' in
> either /etc/hosts.deny/allow will work... so I guess the idea of 
> not don the tcp wrappers check at all might be the answer...

Doing only IP matching also would work. If you want to serve only
clients on an ip subnetwork, you can simply have (if I recall well)
in hosts.allow

mountd: 192.168.0.

and in hosts.deny
ALL: ALL

Now, if hosts.deny indeed uses a host name, then if there is no 
host name, the mount may not be denied, although it should have. 
However the best would be that tcp_wrappers knows if the hostname
is needed, and if needed, and not provided, it denies. The API 
has a possibility to pass STRING_UNKNOWN to hosts_ctl, maybe it 
does things right in that case?

--
Pat


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]