Welcome to the Linux Foundation Forum!

Lab 15.1 on centos

tosmi
tosmi Posts: 2
edited November 2017 in LFS211 Class Forum

the solution for lab 15.1 does not work on centos, seems like systemd is not linked against libwrap:

# systemctl --version systemd 219 +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN

so when you start the telnet socket, telnet will be accessible despite denying all access via hosts.deny.

nevertheless xinetd uses libwrap, so starting in.telnetd via xinetd and denying all access works as expected.

just to be sure here is the content of my hosts.deny file:

all : all

and hosts.allow:

sshd : ALL

thanks toni

Comments

  • lee42x
    lee42x Posts: 380
    edited November 2017

    Thank you for your input. The in.telnetd server used to use  libwrap.so  and would obey the hosts.allow/deny restrictions. It appears that this is no longer the case. We can use xinetd to superimpose libwrap restrictions on almost any service that xinetd launches. 

    The lab exercise will be updated. 

    Thank you for your input.

  • I also encountered this issue. It was very confusing that it didn't work. I will try what tosmi suggested.

Categories

Upcoming Training