Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 13 Apr 1997 20:50:42 -0400 (EDT)
From:      James FitzGibbon <james@nexis.net>
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   ports/3277: tcp_wrapper port does not include NIS support
Message-ID:  <199704140050.UAA04355@sabre.dragoon.nexis.net>
Resent-Message-ID: <199704140100.SAA06103@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         3277
>Category:       ports
>Synopsis:       tcp_wrapper port does not include NIS support
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Apr 13 18:00:01 PDT 1997
>Last-Modified:
>Originator:     James FitzGibbon
>Organization:
The Nexis Group
>Release:        FreeBSD 3.0-CURRENT i386
>Environment:

- FreeBSD-2.2.1R
- FreeBSD-3.0-current 

>Description:

The tcp_wrapper port, as distributed, assumes that FreeBSD does not by default include NIS.  While this is correct, we do support a static netgroup file that can be access with the standard getgrent() family of functions.

>How-To-Repeat:

In /usr/local/etc/hosts.allow, attempt to allow or deny a set of hosts using the @netgroup syntax, as below:

sshd: @nexis_hosts : ALLOW
sshd: ALL : DENY

Watch /var/log/messages when you attempt to connect via ssh to the host.  The message:

Apr 13 20:31:56 sabre sshd[177]: warning: /usr/local/etc/hosts.allow, line 3: netgroup support is disabled

Will be logged, and the connection closed.

>Fix:
	
Change the tcp_wrapper distribution's Makefile on line 140 from

LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP= TLI= \

to

LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP=-DNETGROUP TLI= \

and recompile tcp_wrappers.  Programs that link against libwrap.so will need to be restarted.  Programs that link against libwrap.a will need to be rebuilt.

>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704140050.UAA04355>