similar to: TCPWrappers + Sendmail = not working

Good Morning, I have a Centos 4.5 (x86_64) server running samba to share data with windows users. We've been going through a security audit and the following log entries were noted: [2007/09/24 09:37:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206) get_alias_user_groups: gid of user bendew doesn't exist. Check your /etc/passwd and /etc/group files [2007/09/24 09:37:29, 1]

Hi, A few things regarding logging and libwrap.. a) PAM_RHOST patch Back in July, dean gaudet helpfully posted a patch to dovecot PAM_RHOST the remote IP. Is this going to be included in the main dovecot tree? It seems like a worthwhile addition. The more informative and concise the logging the better. See http://www.dovecot.org/list/dovecot/2004-July/004011.html for the original message.

On 23 April 2014 21:43, mancha <mancha1 at zoho.com> wrote: > On Wed, Apr 23, 2014 at 12:26:58PM -0700, Iain Morgan wrote: >> A slightly better solution would be a PAM module that uses the same >> syntax as libwrap. Possibly someone has already written such a module. > > Possibly, but only for platforms which use for PAM. Pam is executed so late in the chain that any

Hi, This is an early warning: OpenSSH will drop tcpwrappers in the next release. sshd_config has supported the Match keyword for a long time and it is possible to express more useful conditions (e.g. matching by user and address) than tcpwrappers allowed. Removing it reduces the amount of code in the 'hot' pre-authentication path in sshd and rids us of a dependency. -d

On Tue, Apr 22, 2014 at 9:33 AM, Damien Miller <djm at mindrot.org> wrote: > Hi, > > This is an early warning: OpenSSH will drop tcpwrappers in the next > release. sshd_config has supported the Match keyword for a long time > and it is possible to express more useful conditions (e.g. matching > by user and address) than tcpwrappers allowed. > > Removing it reduces the

Hello, I run dovecot-2/Maildir/LDAP user/passdb and would like to be able to deny acess to users who connect from certain domains/IP (google.com for instance since in that case they gave their credentials to a third party). My understanding is that I cannot use some negative form of "allow_nets". The only mechanism I can think of is tcp_wrappers. However, dovecot documentation mention

http://bugzilla.mindrot.org/show_bug.cgi?id=973 Summary: sshd behaves differently while doing syslog entries for tcpwrappers denied message, with -r and without -r option. Product: Portable OpenSSH Version: 3.9p1 Platform: All OS/Version: All Status: NEW Severity: normal

I am (belatedly) updating pkgsrc to 2.8.1 (+ bugfix). (FWIW, I think a 2.8.1.1 or 2.8.2 immediately with the fix is in order. >From a packaging viewpoint, the effort to update for a release is about 3 minutes plus time to adapt anythhing that has changed. So I'd much rather have releases more often.) In the pkgsrc build, nut finds tcp wrappers because they are part of the base system.

Hello, we want to use dovecot LMTP for efficient mail delivery from our MX servers (running postfix 2.8) to our storage servers (dovecot 2.0.17). However, the one problem we see is the lack of access control when using LMTP. It apears that every client in our network who has access to the storage machines can drop a message in a Maildir of any user on that storage server. To prevent this

I don't know if this is RedHat 5.1 specific, but be aware that the version of portmap distributed is the enhanced (Wietse Venema) version. That's great, except for two things. The first is documented, but easy to overlook: "In order to avoid deadlocks, the portmap program does not attempt to look up the remote host name or user name...The upshot of all this is that only network

Hi All I'm trying to get two Asterisk servers to talk to each other using IAX(2). I've read the WiKi and the docs and tried the examples..... I can't get it to work (I have 2 x 7960's registering on one server and 1 x 7960 registering on the other). I've set them up as follows... The two servers are set up as friends and have consecutive IP address's. The setup is

Problem: setting --with-tcpwrappers does not configure code to be compiled with wrapper support Solution: references to with_tcp_wrappers (lines 4975, 6396, 6397) need to be changed to with_tcpwrappers David Purks Sr Sys Admin Cogent Communications

Thanks, I think it would not hurt to add the variables into the source if that helps? A bit puzzled why it wants TCP wrappers though, the program is primarily about the Unix socket access. It can be used by end-users or more likely by developers for troubleshooting; potentially for some automations that act like a NUT driver. Not intended as a prime-time mechanism, but could have its uses... As

hi everybody having I believe sort of plain-vanilla config with section in 10-tcpwrapper.conf as per docs login_access_sockets = tcpwrap service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } /etc/hosts.deny contains: ALL: given_host and yet dovecot logins IMAP client in whereas other tcpwrapper aware

I'd like to see a feature of the commercial ssh in openssh: AllowHosts xxx.yyy.xxx.yyy *.domain.net DenyHosts xxx.yyy.xxx.* name.domain.net This allows or denies connects from certain machines (including wildcard matching). Is there any chance for this feature to be included? No, we don't want to use tcp-wrapper for this. Bye.

Hello everyone, I am having difficulties in setting up a tftp server on a Fedora 3.14.8-200.fc20.x86_64. Running tftp client to test the server functionality, a simple get from the terminal prompts 'Transfer timed out.' back. The version is tftp-hpa 5.2, with remap, with tcpwrappers, unfortunately I am not able to find any log in the system journal.? The server and related services appear

By the way, on the NUT CI farm the libwrap is present on some (though not all) systems - covering linux, freebsd, openindiana... and neither complained about `sockdebug` :\ What version do you have? Maybe it is some alternate implementation? Jim On Thu, Nov 9, 2023 at 3:44?PM Greg Troxel <gdt at lexort.com> wrote: > I am (belatedly) updating pkgsrc to 2.8.1 (+ bugfix). > >

Howdy, It seems that even when specifying the --with-tcp-wrappers configure flag, the LIBWRAP define in config.h never gets #define'd and -lwrap never gets added to LIBS in the Makefile. To make sure I wasn't dealing with a stale configure file, I ran autoconf on configure.in to roll a new configure. I also don't see anything wrong with the --with-tcp-wrappers defined in

Hi, I used dovecot 1.x for quite a while and it worked fine. However, I used it through inetd and used hosts.allow/deny to restrict access to only certain groups of systems. Since yesterday I have dovecot 2.0.13. But in version 2.0.13 it seems that starting using inetd doesn't work anymore : I only get a strange error message if I try to connect using telnet : telnet localhost imap

...it was almost midnight, Cinderella became a pumpkin, and NUT was released!.. Trick or treat?! -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://alioth-lists.debian.net/pipermail/nut-upsdev/attachments/20231031/f3590340/attachment.htm>