[netatalk-admins] Using TCPWrappers

Subject: [netatalk-admins] Using TCPWrappers
From: Peter Gutowski (peterg@powervue.com)
Date: Sun Sep 12 1999 - 09:14:29 EDT

• Next message: Amitai Schlair: "Re: [netatalk-admins] Using TCPWrappers"
• Previous message: Mick Laver: "[netatalk-admins] netatalk-1.4b2+asun2.1.3: atalk ok,"
• Next in thread: Amitai Schlair: "Re: [netatalk-admins] Using TCPWrappers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Each time I compile netatalk, I read in the top Makefile ...

# Location of the tcp wrapper library and include files. Comment this out
# if you don't want tcp wrapper support. having tcp wrapper support is
# highly recommended.
TCPWRAPDIR=/usr

asun also admonishes:

        tcp wrapper support. if TCPWRAPDIR is uncommented in the
                main Makefile, tcp wrapper support will get built.
                i recommend building w/ it to enable host restrictions.

Since I want to integrate this kind of security into my setup I've left
this uncommented and added '-lwrap' to the sys/linux/Makefile. It all
seemed to compile just fine. BTW, I currently using Linux 2.2.11 on an
intel box, using pre-asun2.1.14-35, and otherwise a basic Redhat 5.2
distribution.

I added the following line to /etc/services:

afpovertcp 548/tcp # AFP over TCP

And have struggled with what exactly to put in /etc/inetd.conf. The
closest thing to success has been:

afpovertcp stream tcp wait root /usr/sbin/tcpd \
    /usr/local/atalk/sbin/afpd -d

(Note: I've broken the above line into two pieces; in the inetd.conf file
it's just a single line)

Of course, if that worked I wouldn't be writing! In the course of these
tests I did shutdown afpd as it was launched from /etc/rc.d/init/atalk,
but left atalkd running. I played with
different things on the inetd.conf line, but haven't had success. On my
Mac I'm using Mac OS 8.6 and clicking on the 'Server IP Address' button to
enter the netatalk host machine. When I use the above line the Mac put up
a dialog box saying something like "Connecting to...." but it doesn't ever
put up the login screen (name, password). afpd starts, but it seems to be
a 'normal' start, i.e. it's still running after I cancel this and the
server's name begins to show up in the Chooser.

I've also tried eliminating the '-d' option and that didn't seem to make
much difference (I'd just guess that the -d option is there for debugging
purposes.)
 
So, I'm guessing that afpd needs to called in some way that I am not
imagining. Any advise would be greatly appreciated. Apologies in advance
if this is clearly documented somewhere, but I've tried to find where that
is and haven't (obviously) met with success.

------------------------------------
Peter Gutowski <peterg@powervue.com>
http://www.powervue.com/~peterg

• Next message: Amitai Schlair: "Re: [netatalk-admins] Using TCPWrappers"
• Previous message: Mick Laver: "[netatalk-admins] netatalk-1.4b2+asun2.1.3: atalk ok,"
• Next in thread: Amitai Schlair: "Re: [netatalk-admins] Using TCPWrappers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:17:12 EST