HPE Community
Operating System - HP-UX
1822036 Members
3450 Online
109639 Solutions
New Discussion юеВ

Re: Xaccess problems

 
Steve Coates
Frequent Advisor

тАО08-01-2003 05:54 AM

тАО08-01-2003 05:54 AM

Xaccess problems

I have been trying to get Xaccess to control who can connect to the Xserver. No mater what I out in the file the system continues to allow everyone on to connect.

As a test in the Xaccess file I have:
!dt7d50cc.ode.state.oh.us

I have restarted dtlogin (/sbin/init.d/dtlogin.rc stop/start). The system is still allowed to connect.

I did a search here and based on past posts this seems right.

Any suggestions?

Steve
0 Kudos
Reply
6 REPLIES 6
Steven E. Protter
Exalted Contributor

тАО08-01-2003 05:58 AM

тАО08-01-2003 05:58 AM

Re: Xaccess problems

Your syntax is correct.

It is however possible that the state of Ohio has multiple IP addresses and purposeful discrepencies in its DNS server.

do a dig or nslookup and do it by IP address.

Also, check /var/adm/syslog/syslog.log during your login test so hou can get all of the IP addresses.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Steve Coates
Frequent Advisor

тАО08-01-2003 06:09 AM

тАО08-01-2003 06:09 AM

Re: Xaccess problems

No the DNS is fine. We run our own and everything is as expected.

I tried a Xaccess file with nothing in it , which with how I understaqnd it should prevent any connections. It still allows me to connect even configured that way.

Steve
0 Kudos
Reply
Tyler Easterling
Advisor

тАО08-01-2003 07:18 AM

тАО08-01-2003 07:18 AM

Re: Xaccess problems

Hi Steve,

Have you updated Xconfig to point to the new access file?

cp /usr/dt/config/Xconfig /etc/dt/config/Xconfig

In /etc/dt/config/Xconfig
Replace
Dtlogin.accessFile: Xaccess
With
Dtlogin.accessFile: /etc/dt/config/Xaccess

Now make any configuration changes you would like in /etc/dt/config/Xaccess file and then run:
/sbin/init.d/dtlogin.rc reset

Tyler
0 Kudos
Reply
Steve Coates
Frequent Advisor

тАО08-01-2003 07:52 AM

тАО08-01-2003 07:52 AM

Re: Xaccess problems

Yes I did change it to point at the /etc/dt/config/Xaccess but by default it looks there first and then at /usr/dt/config.

I did start and stop dtlogin.

From everything I have looked at it seems it never even looks at the Xaccess file.

Steve
0 Kudos
Reply
Tyler Easterling
Advisor

тАО08-01-2003 01:01 PM

тАО08-01-2003 01:01 PM

Re: Xaccess problems

And by "connect" you mean the X server is still accepting XDMCP connections? Does the server still accept connections after running "/sbin/init.d/dtlogin.rc stop"?

Bastille does something very similar to disable XDMCP connections from remote hosts, so if it's not working I'd like to know.

Tyler

0 Kudos
Reply
Alex Glennie
Honored Contributor

тАО08-03-2003 11:34 PM

тАО08-03-2003 11:34 PM

Re: Xaccess problems

Steve,

Try cp /usr/dt/config/Xaccess ->

/etc/dt/config/Xaccess : vi ->

!dt7d50cc.ode.state.oh.us
*

(in that order as it's important)

exit CDE

/usr/dt/bin/dtconfig -reset ... or preferably
/sbin/init 2 followed by init 3

result ?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.