[CentOS] Re: Re: Re: Re: What libs req'd to resolve DNS withinachrootjail?

Tue Jan 15 02:44:36 UTC 2008
Eric B. <ebenze at hotmail.com>

"Mike Kercher" <mike at vesol.com> wrote in 
message 
news:6115482898C59848B35DB9D491C9A28E08BFA3 at srv1.home.middlefinger.net...
> >> Thanks for the pointer.  Indeed, I was missing the
> trailing . after
> >> my FQDN in my revers file.  I have updated my reverse files, and
> >> nslookup is resolving better, but still not further ahead.
> >>
> >> My reverse file: 3.168.192.in-addr.arpa now contains the
> following line:
> >> 103             IN PTR  eric.test.com.
> >>
> >>
> >> If I try nslookups now, my results are as follows:
> >>
> >> # nslookup 192.168.3.103
> >> Server:         192.168.1.67
> >> Address:        192.168.1.67#53
> >>
> >> 103.103.168.192.in-addr.arpa    name = eric.test.com.
> >>
> >> # nslookup eric.test.com
> >> Server:         192.168.1.67
> >> Address:        192.168.1.67#53
> >>
> >> Name:   eric.test.com
> >> Address: 192.168.3.103
> >>
> >>
> >> So from that, it seems as though the DNS / rDNS are properly
> >> configured, does it not?  Similarly, I have both the forward and
> >> reverse domain name on the DNS server as the nslookups show.
> >> However, I still get the same error
> >> msg:
> >> Jan 14 17:46:50 apollo atftpd[15905]: Connection refused from
> >> 192.168.103.103
> >              AAA
> > Correct? -----|||
>
> Whoops - cut & paste typo.  That line is supposed to read:
> Jan 14 17:46:50 apollo atftpd[15905]: Connection refused from
> 192.168.3.103
>

> Can you post your complete hosts.allow and hosts.deny files?

Not much to them actually:
/chroot/tftpd/etc/hosts.allow:
#
# hosts.allow   This file describes the names of the hosts which are
#               allowed to use the local INET services, as decided
#               by the '/usr/sbin/tcpd' server.
#
in.tftpd : eric.test.com : allow

/chroot/tftpd/etc/hosts.deny:
#
# hosts.deny    This file describes the names of the hosts which are
#               *not* allowed to use the local INET services, as decided
#               by the '/usr/sbin/tcpd' server.
#
in.tftpd : ALL : deny



Again, I have concerns that I might be missing something in my chroot jail, 
but when I change my hosts.allow file to read the following, it works fine.
in.tftpd: 192.168.3.103 : allow

So I am utterly and totally confused.  I keep thinking that there must be 
something DNS related that I need in the chroot jail that I am missing.
I do have a /chroot/tftpd/etc/resolv.conf with the nameserver entry that 
points to the DNS server, and all files in my /chroot/tftpd/etc dir are 
world readable.  I also have a /chroot/tftpd/etc/hosts file (that is pretty 
much empty - just a line for 127.0.0.1).

# ls -l /chroot/tftpd/etc
-rw-r--r--  1 root root   148 Jan 14 17:53 hosts
-rw-r--r--  1 root root   417 Jan 14 17:37 hosts.allow
-rw-r--r--  1 root root   370 Jan 13 12:13 hosts.deny
-rw-r--r--  1 root root  1267 Jan 12 21:43 localtime
-rw-r--r--  1 root root  1686 Jan 12 15:50 nsswitch.conf
-rw-r--r--  1 root root    86 Jan 14 17:52 resolv.conf
-rw-r--r--  1 root root 20373 Jan 12 15:47 services


Is there anything else I need that I am missing?  Either config file or lib?

Any suggestions of things I can try?

Thanks,

Eric