HPE Community
Operating System - HP-UX
1847203 Members
3360 Online
110263 Solutions
New Discussion

Re: problems with inetd.sec

 
SOLVED
Go to solution
Greta Blamire
Frequent Advisor

‎09-28-2000 08:55 AM

‎09-28-2000 08:55 AM

problems with inetd.sec

I need to cut off access to the production server from two other servers on my network. I put the entries in inetd.sec to deny ftp and login for each server, but only the last entry is being used. It's only cutting off service for last line. This is what the man page says it will do:
from inetd.sec man page:

Multiple
allow|deny lines for each service are not unsupported. If there are
multiple allow|deny lines for a particular service, all but the last
line are ignored.

I'm a bit confused about what "not unsupported" means, but logically that means that multiple lines are supported. Should I attempt this another way or is there still a way to use the inetd.sec file? The environment is a K260 using 11.0
If you can't face the facts, change them!
0 Kudos
Reply
8 REPLIES 8
James R. Ferguson
Acclaimed Contributor

‎09-28-2000 09:05 AM

‎09-28-2000 09:05 AM

Re: problems with inetd.sec

Greta:

"...not unsupported..." -- clearly a typographical error. As the man (4) inetd.sec entry says, "To continue a line, terminate it with \."

Does this help resolve your problem?

...JRF...
0 Kudos
Reply
Alan Riggs
Honored Contributor

‎09-28-2000 09:18 AM

‎09-28-2000 09:18 AM

Solution

Re: problems with inetd.sec

You must put all allow/deny entries on one line. Use the line ocntinuation charachter \ for increased readability.
Reply
Manju Kampli
Trusted Contributor

‎09-28-2000 06:55 PM

‎09-28-2000 06:55 PM

Re: problems with inetd.sec

put all the entries in to one line of allow|deny
Never stop "LEARNING"
Reply
Shannon Petry
Honored Contributor

‎09-29-2000 06:26 AM

‎09-29-2000 06:26 AM

Re: problems with inetd.sec

What it means (I think) from "not unsupported" is that inetd will not fail to run if you have more than one entry. However here is what happens. {example inetd.sec
mountd allow 127.0.0.1 host1
mountd deny host2 host3 host4 }
The first line for mountd is IGNORED. All hosts are allowed access except host2, host3 and host4. What one may have tried to accomplish was allowing only host1 and the localhost access. To accomplish this, the logic must be changed.
As someone mentionied, the "\" is used as a continuation, so if you had 90 hosts to enter each line can be continued.

Hope it helps explain!
Shannondsa
Microsoft. When do you want a virus today?
Reply
Shannon Petry
Honored Contributor

‎09-29-2000 06:26 AM

‎09-29-2000 06:26 AM

Re: problems with inetd.sec

What it means (I think) from "not unsupported" is that inetd will not fail to run if you have more than one entry. However here is what happens. {example inetd.sec
mountd allow 127.0.0.1 host1
mountd deny host2 host3 host4 }
The first line for mountd is IGNORED. All hosts are allowed access except host2, host3 and host4. What one may have tried to accomplish was allowing only host1 and the localhost access. To accomplish this, the logic must be changed.
As someone mentionied, the "\" is used as a continuation, so if you had 90 hosts to enter each line can be continued.

Hope it helps explain!
Shannondsa
Microsoft. When do you want a virus today?
Reply
Tim Nelson
Honored Contributor

‎09-29-2000 01:54 PM

‎09-29-2000 01:54 PM

Re: problems with inetd.sec

I'm sure if this is correct, but attempting to use implement it won't hurt your server.

Simply don't put either of the two servers in the inetd.sec file. Just make sure the inetd.sec file is in /var/adm I believe the default is not to allow as long /var/adm/inetd.sec exists. This may not help your particular situation, but I wanted to put it out on the table anyway. Good luck to you.
Reply
Hector Mota
New Member

‎11-29-2006 07:21 AM

‎11-29-2006 07:21 AM

Re: problems with inetd.sec

Good afternoon, I have the same problem with the inetd.sec:
I add the it lines mountd deny, I export a directory and I can
to have access from any machine That can be happening?
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎11-29-2006 07:25 AM

‎11-29-2006 07:25 AM

Re: problems with inetd.sec

inetd.sec is only used for services spawned by the 'inetd' daemon.

mountd does not get spawned by inetd, hence inetd.sec will have no effect on it.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.