[CentOS] rsh problems in CentOS 5.2 (was "cvs command failure on 5.2")
William L. Maltby
CentOS4Bill at triad.rr.com
Mon Jul 7 23:08:10 UTC 2008
On Mon, 2008-07-07 at 15:28 -0700, MHR wrote:
> On Mon, Jul 7, 2008 at 3:04 PM, William L. Maltby
> <CentOS4Bill at triad.rr.com> wrote:
> >
> > I figure you've probably checked this already, but is rcpwrappers
> > installed?
>
> No, not on either system (what is rcpwrappers?).
A typoed tcpwrappers <*blush*>. I'm sorry for that.
>
> > If so, are hosts.deny and hosts.allow setup good? I suspect
> > so - I think I saw you had some kind of successful connect earlier in
> > the thread.
> >
> They're fine. In fact, sushi is in khan's /etc/hosts file explicitly,
> and khan thinks it's on ocroads.com:
That file is not related to tcpwrappers. The /etc/hosts.{allow,deny} are
effective if tcpwrappers is in use.
# rpm -q tcp_wrappers
tcp_wrappers-7.6-40.4.el5
IIRC, this is usually installed by default? It's almost become a
mandatory for increased security.
But as I mentioned, I'm not sure this is needed or in use since you did
have some kind of good connection.
JIC
-----------------------------------------------------
# rpm -q --info tcp_wrappers
<snip>
Summary : A security tool which acts as a wrapper for TCP daemons.
Description :
The tcp_wrappers package provides small daemon programs which can
monitor and filter incoming requests for systat, finger, FTP, telnet,
rlogin, rsh, exec, tftp, talk and other network services.
Install the tcp_wrappers program if you need a security tool for
filtering incoming network services requests.
-----------------------------------------------------
Also, check out "man portmap" and "man rpcdebug". I don't know if
they'll help.
Oh! IJR, do this thing after running makewhatis as root.
$ man -k rpc
<snip useless stuff>
portmap (8) - DARPA port to RPC program number mapper
portmap (rpm) - A program which manages RPC connections.
rpc (3) - library routines for remote procedure calls
rpc (5) - rpc program number data base
rpc.gssd [gssd] (8) - rpcsec_gss daemon
rpc.idmapd [idmapd] (8) - NFSv4 ID <-> Name Mapper
rpc.lockd [lockd] (8) - start kernel lockd process
rpc.mountd [mountd] (8) - NFS mount daemon
rpc.nfsd [nfsd] (8) - NFS server process
rpc.rquotad [rquotad] (8) - remote quota server
rpc.statd [statd] (8) - NSM status monitor
rpc.svcgssd [svcgssd] (8) - server-side rpcsec_gss daemon
rpcdebug (8) - set and clear NFS and RPC kernel debug flags
rpcinfo (8) - report RPC information
I can't recall if your problem is one of those "worked on 5.1 but
now..." problems. If so, maybe the prior had tcpwrappers setup and now
you don't?
>
> [mrichter at khan mrichter]$ hostname -f
> khan.ocroads.com
>
> > Have you run with the -d parameter?
> >
>
> Nothing new (actually, nothing at all).
>
> ?!?
>
> mhr
> <snip sig stuff>
BTW, IUC, there are several points at which connection can be refused.
Service not running, firewall, tcpwrappers, ... that general purpose
daemon that dispatches programs for remote requests like ftp, that I
can't remember the name of ATM.
HTH
--
Bill
More information about the CentOS
mailing list