From owner-freebsd-stable Fri Jun 11 15:56:22 1999 Delivered-To: freebsd-stable@freebsd.org Received: from noao.edu (noao.edu [140.252.1.54]) by hub.freebsd.org (Postfix) with ESMTP id 58F3914EB8 for ; Fri, 11 Jun 1999 15:56:19 -0700 (PDT) (envelope-from grandi@noao.edu) Received: from mirfak.tuc.noao.edu (IDENT:grandi@mirfak.tuc.noao.edu [140.252.1.9]) by noao.edu (8.9.3/8.8.8/SAG-14Jan99) with ESMTP id PAA04035; Fri, 11 Jun 1999 15:56:15 -0700 (MST) (envelope-from grandi@noao.edu) Date: Fri, 11 Jun 1999 15:56:15 -0700 (MST) From: Steve Grandi X-Sender: grandi@mirfak.tuc.noao.edu To: obrien@NUXI.com Cc: freebsd-stable@FreeBSD.ORG Subject: Re: amd and /etc/hosts.allow In-Reply-To: <19990611135114.A28890@nuxi.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I've dug into this a little more: amd is a red herring; any attempt to to do an NFS mount hangs with mount_nfs hung in D state (ktrace/kdump shows that nami is the last system call made). portmap appears to be the problem: rebuilding portmap after commenting out the line LDADD= -lwrap in /usr/src/usr.sbin/portmap/Makefile makes NFS mounts work again even in the presence of /etc/hosts.allow The portion of /etc/hosts.allow that refers to portmap sure appears to me to be sufficient to let local hosts in: # Portmapper is used for all RPC services; protect your NFS! #portmap : localhost : allow #portmap : .noao.edu : allow #portmap : .evil.cracker.example.com : deny portmap : ALL : allow Any thoughts? The next time I can play with this system, I will start portmap with -v to see if any log entries are interesting. Steve Grandi On Fri, 11 Jun 1999, David O'Brien wrote: > > Ever since the "tcpwrapper enabled" tasks came into use in stable, I can't > > get amd to work. > > Since Amd is not started up from inetd, the tcp_wrapers/inetd changes > could not affect Amd. Nor has Amd been hacked to interact with libwrap > what so ever. > > -- > -- David (obrien@NUXI.com -or- obrien@FreeBSD.org) > Steve Grandi, National Optical Astronomy Observatories/AURA Inc., Tucson AZ USA Internet: grandi@noao.edu Voice: +1 520 318-8228 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message