[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[leafnode-list] Re: xinetd on centos 7 install

On 2015-07-17, 18:07 GMT, MatÄj Cepl wrote:
> Thatâs a great question. I have no idea about the answer though.

I have asked on #systemd on FreeNode and this is what I got:

    mcepl: Hi, I have switched my leafnode2 installation from 
        xinetd to systemd for port-activated service) and now 
        I wonder about how to make systemd recognize and follow 
        /etc/hosts.{deny,allow}. That doesn't work right? Are 
        there any other ACLs for systemd-run services?
    grawity: there's iptables/nftables
    zdzichu: tcpwrappes support was removed some time ago
    dreisner: ...thankfully
    grawity: alternatively, use "ExecStart=@/usr/bin/tcpd 
        /usr/bin/leafnode2", like in the early days of 
    zdzichu: grawity: '@'?
    grawity: argv[0]
    grawity: like in traditional inetd.conf you'd specify the 
        executable and argv[0] separately
    grawity: so IIRC tcpd made use of that
    mcepl: grawity: thanks ... that seems like a bit missing 
        part of systemd to me, but thanks for the workaround.
    grawity: it's intentionally missing, yes
    ***mcepl will rather shut up

I have later emphasized that I donât necessarily fight for 
tcpwrappers themselves (somebody noticed that even OpenSSH 
doesnât support it anymore), but Iâve got no reply on that.

I think there is a point in the notice about iptables/nftables.  
I donât think I will put the above line into Fedora/RHEL 
leafnode packages.



http://www.ceplovi.cz/matej/, Jabber: mcepl@xxxxxxxxxx
GPG Finger: 89EF 4BC6 288A BF43 1BAB  25C3 E09F EF25 D964 84AC
Roses are red;
    Violets are blue.
I'm schizophrenic,
    And so am I.

leafnode-list mailing list