Displaying 20 results from an estimated 277 matches for "libwrap".
2002 Jan 18
1
[patch] openssh 3.0.2p1: Libwrap gets linked in unnecessarily
Hello,
There is a small but annoying problem with linking libwrap in openssh.
The library is added to LIBS which makes it be linked in to all binaries.
This is unnecessary and leads to bogus dependencies if libwrap is a shared
library.
Following is a trivial fix that reserves a separate autoconf substitution
variable LIBWRAP, which is only used for sshd. Pleas...
2015 May 20
5
Re-install libwrap in OpenSSH
Hello all,
after a useless discussion on the opensuse ML I had to find out that they
buried the removal news of libwrap last year in some half-sentence. So this is
unfortunately pretty late for the topic. Nevertheless it is pretty obvious
that you did not get any feedback from people using ssh over decades in
server-administration. Let me make a clear point: libwrap removal was a pretty
bad idea. It is a well-used s...
2007 Nov 14
1
libwrap-ing IMAP and POP logins
Since I've been using this for maybe a year now, maybe someone else is interested in restricting IMAP and POP logins via libwrap.
In addition to the attached patch (against 1.0.5) to src/login-common/main.c, src/{imap,pop3}-login/Makefile.in have to be modified to link against libwrap.
Of course, the option needs to be integrated into configure in the long run.
-------------- next part --------------
--- src/login-common/ma...
2008 Sep 03
1
ACLs, binding to an interface, and libwrap
...y in depth,"
citing a case where binding to an interface isn't granular enough,
but I still tend to agree with Arjen and Arnaud that ACLs are better
handled by a central firewall.
As a second layer of defense, how do you all feel about the "TCP
wrappers" functionality in libwrap? As I understand it, the
hosts.allow and hosts.deny files offer the same level of granularity
that the NUT ACL functionality provided, but with the advantage of a
more well-known (and hopefully well-scrutinized) codebase.
Many Linux distributions have shipped libwrap for years, and it
shou...
2007 Mar 24
0
configure/makefile cleanup: remove LIBSELINUX, LIBWRAP and LIBPAM
...83 Makefile.in
--- Makefile.in 23 Oct 2006 21:44:47 -0000 1.283
+++ Makefile.in 24 Mar 2007 10:49:45 -0000
@@ -44,11 +44,8 @@ LD=@LD@
CFLAGS=@CFLAGS@
CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
LIBS=@LIBS@
-LIBSELINUX=@LIBSELINUX@
SSHDLIBS=@SSHDLIBS@
LIBEDIT=@LIBEDIT@
-LIBPAM=@LIBPAM@
-LIBWRAP=@LIBWRAP@
AR=@AR@
AWK=@AWK@
RANLIB=@RANLIB@
@@ -139,7 +136,7 @@ ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SS
$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $...
2004 Oct 29
2
Logging and libwrap
Hi,
A few things regarding logging and libwrap..
a) PAM_RHOST patch
Back in July, dean gaudet helpfully posted a patch to dovecot PAM_RHOST the
remote IP. Is this going to be included in the main dovecot tree? It
seems like a worthwhile addition. The more informative and concise the
logging the better.
See http://www.dovecot.org/list/dovec...
1999 Dec 08
0
Patches to help pre16 run on NetBSD
...not having some of its global variables
defined, so linking it to anything but sshd is bad. This patch
fixes Makefile.in and configure/configure.in to make this work.
Thanks,
David
--- configure.orig Tue Dec 7 01:10:51 1999
+++ configure Wed Dec 8 12:46:12 1999
@@ -2242,7 +2242,7 @@
#define LIBWRAP 1
EOF
- LIBS="$LIBS -lwrap"
+ LIBWRAP="-lwrap"
fi
@@ -2377,6 +2377,7 @@
s%@DEFS@%$DEFS%g
s%@LDFLAGS@%$LDFLAGS%g
s%@LIBS@%$LIBS%g
+s%@LIBWRAP@%$LIBWRAP%g
s%@exec_prefix@%$exec_prefix%g
s%@prefix@%$prefix%g
s%@program_transform_name@%$program_transform_name%g
---...
2008 Nov 07
6
Cannot get the libwrap patch work
Hello there,
I have been trying to make the patch work for libwrap(TCP
Wrappers) posted on http://dovecot.org/patches
<http://dovecot.org/patches%20Patch%20of%201.1> Patch of 1.1 but could not
get it work. Any help will be highly appreciated. After compiling and
running it I get error "Error: login_tcp_wrappers can't be used because
Dovecot wasn...
2015 May 20
2
Re-install libwrap in OpenSSH
On Thu, May 21, 2015 at 1:05 AM, Michael Stone <mstone at mathom.us> wrote:
> On Wed, May 20, 2015 at 03:58:22PM +0200, Stephan von Krawczynski wrote:
>
>> Show me this as an example of your firewall skills and replace this
>> hosts.allow entry:
>>
>> sshd: .... : spawn (echo -e "%u@%h[%a] on `/bin/date`" to %d connected
>> me |
>>
2010 Mar 07
1
2.0 beta 3 w/o libwrap?
I'm trying to kickstart 2.0b3 on my NetBSD system (where 1.2.x works
great!), and keep hitting:
Fatal: service(tcpwrap)
access(/software/dovecot-2.0beta3/libexec/dovecot/tcpwrap) failed: No
such file or directory
Indeed, that file doesn't exist...but I don't have nor want libwrap. It
appears that doveconf includes tcpwrap...
service tcpwrap {
chroot =
client_limit = 1
drop_priv_before_exec = no
executable = tcpwrap
extra_groups =
group =
privileged_group =
process_limit = 0
process_min_avail = 0
protocol =
service_count = 0
type =
u...
2002 Oct 08
1
openssh-3.4p1 install problems on Solaris 6 with openssl-0.9.6g
...cal/lib -R/opt/local/lib -ldl -L/usr/local/lib -R/usr/local/lib
-lssh -lopenbsd-compat -lwrap -lz -lsocket -lnsl -lcrypto
Undefined first referenced
symbol in file
method_kbdint auth2.o
getipnodebyname ./libwrap.a(misc.o)
inet_pton ./libwrap.a(hosts_access.o)
inet_ntop ./libwrap.a(socket.o)
freehostent ./libwrap.a(misc.o)
ld: fatal: Symbol referencing errors. No output written to sshd
collect2: ld returned 1 exit status
*** Error c...
2005 Jan 06
2
Feature-request: ip based access control (libwrap)
Is there plans to use libwrap
Or is there already some kind of access control i have missed??
What i really want is a mechanism so i can say:
If The request comes from "123.121.212.0" dont offer ssl and accept plain
else demand ssl and no plain
I now have this (almost) in another imap server by xinetd and two ip ad...
2001 Nov 14
5
X11 forwards and libwrap support
Hi!
Is there any reason why support for the libwrap code isn't included
in the X11 forwarding code? I'd like to restrict access to that
port.
How many applications would break if the tcp port
would be closed and only the unix-domain socket would be available?
It's true that x11 forwardings can be considered as a security
risk and th...
2016 Dec 30
1
FreeBSD / dovecot 2.2.27 / libwrap
I have compiled dovecot2 for FreeBSD with the tcpwrap option.
A tcpwrap binary gets built and resides in the FreeBSD directory
/usr/local/libexec/dovecot
an examination of the compiled options (using the FreeBSD pkg install
dovecot2) confirms: LIBWRAP : on
yet, when I adjust dovecot.conf with: login_access_sockets = tcpwrap
I get the following logged error message:
20161229 17:02:49 imap-login: Error: connect(tcpwrap) failed: No such
file or directory
Is there any way to turn up some super logging so that I can find just
what dovecot feel...
2004 Aug 06
0
FreeBSD 4.6-STABLE + icecast 1.3.12 problem
Hello
I managed to compile from ports (i've used package too) icecast 1.3.12.
It often works good, but sometimes i get error:
[20/Oct/2002:18:43:09] Kicking unknown 11 [195.117.29.210] [Access Denied
(libwrap (client connection))], connected for 6 seconds
[20/Oct/2002:19:12:51] Accepted encoder on mountpoint /icy_0 from
217.98.93.59. 1 sources connected
[20/Oct/2002:19:18:04] Kicking unknown 14 [217.98.93.59] [Displayed
mountlist], connected for 1 seconds
Fatal error 'longjmp()ing between thread con...
2001 Aug 08
2
with-tcp-wrappers enable ?
Hello,
I try to compile openssh-2.9p1 on a SGI Origin 200 computer under IRIX
6.5 with the option --with-tcp-wrappers enable. I have also compiled
tcp-wrapper and have installed the library libwrap.a in /usr/lib and the
file tcpd.h in /usr/include.
When i run the ./configure script i have a error. The script asked me
that the libwrap is missing.
How can i resolve this ?
Thanks.
Bests Regards
Fabien Muller
2008 Apr 24
3
TCPWrappers + Sendmail = not working
I have set up entries in /etc/hosts.allow and /etc/hosts.deny as follows:
/etc/hosts.allow
sendmail : 10.0.0.0/255.0.0.0
sendmail : LOCAL
/etc/hosts.deny
sendmail : ALL
When I try to connect to port 25 from an Internet host via telnet, the
server still responds as usual. The only difference I see is this in
my /var/log/maillog:
Apr 24 15:41:49 server sendmail[20691]: m3OKfna20691: tcpwrappers
2016 Dec 30
1
FreeBSD / dovecot 2.2.27 / libwrap
...I have compiled dovecot2 for FreeBSD with the tcpwrap option.
>>
>> A tcpwrap binary gets built and resides in the FreeBSD directory
>> /usr/local/libexec/dovecot
>>
>> an examination of the compiled options (using the FreeBSD pkg install
>> dovecot2) confirms: LIBWRAP : on
>>
>> yet, when I adjust dovecot.conf with: login_access_sockets = tcpwrap
>>
>> I get the following logged error message:
>>
>> 20161229 17:02:49 imap-login: Error: connect(tcpwrap) failed: No such file
>> or directory
>>
>> Is there any...
2023 Nov 09
2
2.8.1 build buglet: sockdebug.c
...int, the effort to update for a release is about
3 minutes plus time to adapt anythhing that has changed. So I'd much
rather have releases more often.)
In the pkgsrc build, nut finds tcp wrappers because they are part of the
base system. That's generally ok.
checking whether to enable libwrap (tcp-wrappers) support... yes
There is a program sockdebug.c in server:
Making all in server
`libparseconf.la' is up to date.
CC sockdebug.o
`libcommon.la' is up to date.
CC upsd.o
CC user.o
CC conf.o
CC netssl.o
CC sstate...
2011 May 24
0
libwrap does it work on in 2.0?
Hi,
I noticed recently that libwrap (TCP Wrappers) is supported,
although disabled by default, in the current Dovecot 2.0 but doesn't
seem to be mentioned anywhere on the wiki. Is this working well/at
all? Anyone care with experience using this care to share their
experiences? My OS is FreeBSD, I noticed on some Linux dis...