Welcome to the new Linux Foundation Forum!

Lab 15.1 on centos

tosmitosmi Posts: 2
edited November 2017 in LFS211 Class Forum

the solution for lab 15.1 does not work on centos, seems like systemd is not linked against libwrap:

# systemctl --version systemd 219 +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN

so when you start the telnet socket, telnet will be accessible despite denying all access via hosts.deny.

nevertheless xinetd uses libwrap, so starting in.telnetd via xinetd and denying all access works as expected.

just to be sure here is the content of my hosts.deny file:

all : all

and hosts.allow:

sshd : ALL

thanks toni

Comments

  • lee42xlee42x Posts: 116
    edited November 2017

    Thank you for your input. The in.telnetd server used to use  libwrap.so  and would obey the hosts.allow/deny restrictions. It appears that this is no longer the case. We can use xinetd to superimpose libwrap restrictions on almost any service that xinetd launches. 

    The lab exercise will be updated. 

    Thank you for your input.

  • I also encountered this issue. It was very confusing that it didn't work. I will try what tosmi suggested.

Sign In or Register to comment.