From owner-freebsd-ports Sun Apr 13 18:00:07 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id SAA06112 for ports-outgoing; Sun, 13 Apr 1997 18:00:07 -0700 (PDT) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id SAA06103; Sun, 13 Apr 1997 18:00:04 -0700 (PDT) Resent-Date: Sun, 13 Apr 1997 18:00:04 -0700 (PDT) Resent-Message-Id: <199704140100.SAA06103@freefall.freebsd.org> Resent-From: gnats (GNATS Management) Resent-To: freebsd-ports Resent-Reply-To: FreeBSD-gnats@freefall.FreeBSD.org, james@nexis.net Received: from nexis.net (customer-1.ican.net [198.133.36.101]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA05534 for ; Sun, 13 Apr 1997 17:50:57 -0700 (PDT) Received: from sabre.dragoon.nexis.net (sabre.dragoon.nexis.net [206.231.255.171]) by nexis.net (8.8.5/8.8.5) with ESMTP id UAA08675 for ; Sun, 13 Apr 1997 20:48:17 -0400 (EDT) Received: (from james@localhost) by sabre.dragoon.nexis.net (8.8.5/8.8.5) id UAA04355; Sun, 13 Apr 1997 20:50:42 -0400 (EDT) Message-Id: <199704140050.UAA04355@sabre.dragoon.nexis.net> Date: Sun, 13 Apr 1997 20:50:42 -0400 (EDT) From: James FitzGibbon Reply-To: james@nexis.net To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: ports/3277: tcp_wrapper port does not include NIS support Sender: owner-ports@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >Number: 3277 >Category: ports >Synopsis: tcp_wrapper port does not include NIS support >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports >State: open >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Apr 13 18:00:01 PDT 1997 >Last-Modified: >Originator: James FitzGibbon >Organization: The Nexis Group >Release: FreeBSD 3.0-CURRENT i386 >Environment: - FreeBSD-2.2.1R - FreeBSD-3.0-current >Description: The tcp_wrapper port, as distributed, assumes that FreeBSD does not by default include NIS. While this is correct, we do support a static netgroup file that can be access with the standard getgrent() family of functions. >How-To-Repeat: In /usr/local/etc/hosts.allow, attempt to allow or deny a set of hosts using the @netgroup syntax, as below: sshd: @nexis_hosts : ALLOW sshd: ALL : DENY Watch /var/log/messages when you attempt to connect via ssh to the host. The message: Apr 13 20:31:56 sabre sshd[177]: warning: /usr/local/etc/hosts.allow, line 3: netgroup support is disabled Will be logged, and the connection closed. >Fix: Change the tcp_wrapper distribution's Makefile on line 140 from LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP= TLI= \ to LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP=-DNETGROUP TLI= \ and recompile tcp_wrappers. Programs that link against libwrap.so will need to be restarted. Programs that link against libwrap.a will need to be rebuilt. >Audit-Trail: >Unformatted: