Welcome to the Linux Foundation Forum!

Lab 15.1 on centos

Posts: 2
edited November 2017 in LFS211 Class Forum

the solution for lab 15.1 does not work on centos, seems like systemd is not linked against libwrap:

# systemctl --version systemd 219 +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN

so when you start the telnet socket, telnet will be accessible despite denying all access via hosts.deny.

nevertheless xinetd uses libwrap, so starting in.telnetd via xinetd and denying all access works as expected.

just to be sure here is the content of my hosts.deny file:

all : all

and hosts.allow:

sshd : ALL

thanks toni

Comments

  • Posts: 380
    edited November 2017

    Thank you for your input. The in.telnetd server used to use  libwrap.so  and would obey the hosts.allow/deny restrictions. It appears that this is no longer the case. We can use xinetd to superimpose libwrap restrictions on almost any service that xinetd launches. 

    The lab exercise will be updated. 

    Thank you for your input.

  • I also encountered this issue. It was very confusing that it didn't work. I will try what tosmi suggested.

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Categories

Upcoming Training