[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Trying to debug nfs install issue, increase verbosity of nfs server?




Patrice Dumas wrote:
> On Mon, Jan 19, 2009 at 10:35:55AM -0500, Steve Dickson wrote:
>> hmm... the real need for the lookup is so the 'mountd: <hostsname>' in
>> either /etc/hosts.deny/allow will work... so I guess the idea of 
>> not don the tcp wrappers check at all might be the answer...
> 
> Doing only IP matching also would work. If you want to serve only
> clients on an ip subnetwork, you can simply have (if I recall well)
> in hosts.allow
> 
> mountd: 192.168.0.
> 
> and in hosts.deny
> ALL: ALL
> 
> Now, if hosts.deny indeed uses a host name, then if there is no 
> host name, the mount may not be denied, although it should have.
Exactly... 
 
> However the best would be that tcp_wrappers knows if the hostname
> is needed, and if needed, and not provided, it denies. The API 
> has a possibility to pass STRING_UNKNOWN to hosts_ctl, maybe it 
> does things right in that case?
Not that I found... Yes its a chick or egg scenario. I need the
hostname to do the 'mountd: <hostname>' check in /etc/hosts.deny,
but there is no way of know that entry exists... :(


steved.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]