Re: hosts.allow does not resolve names

On Tue, 27 Nov 2007 20:23:26 -0600, Moe Trin wrote:
article <slrnfkp0t8.rv.BitTwister@xxxxxxxxxxxxxxx>, Bit Twister wrote:

Very simple solution. Two lines - one with the old range, one with the
new.

Yes, but I really wanted the names to work.

It's kinda like doing the math problems which have the answers in the
back of the book. I could work the ones with answers and could not
work out the answer of the ones without the answers. :(


NFS... Something is back there, and I can't think what. Have you got
any other daemon that is running out of xinetd? Because,

Nope.
xinetd based services:
cups-lpd: off
cvs: off
proftpd-xinetd: off
rexec: off
rlogin: off
rsh: off
rsync: off
sshd-xinetd: off



Nov 27 13:57:33 m2008 portmap[4702]: connect from 192.168.1.130 \
to getport(nfs): request from unauthorized host

that's portmap bitching, not tcpd or xinetd.

Yes, but hosts.allow changes is what is keeping portmap from allowing
the nfs request. :(


Quick look - is there anything obvious in a packet
dump? By that, I mean who is trying to talk to who - port numbers, etc.
Rejections? Ignores? I'd be more trying to compare the packets
between hosts.allow set with IPs verses net-names.

I'll get a packet dump tomorrow.


Open/no firewalls on both systems makes no difference.

It was a quick check, I was wondering if auth needed access and wanted
to rule it out.


No, this is something else, and I can't think what it might be. There
is something ringing an alarm bell for me, and it's related to NFS, not
tcpd. But WHAT is it? At thing point, I don't know.

Only other thing I thought of was:
Three different versions of the NFS protocol are supported by the Linux
NFS client: NFS version 2, NFS version 3, and NFS version 4. To mount
via NFS version 2, use the nfs file system type and specify nfsvers=2.
To mount via NFS version 3, use the nfs file system type and specify
nfsvers=3. Version 3 is the default protocol version for the nfs file
system type when nfsvers= is not specified on the mount command and
both client and server support it. To mount via NFS version 4, use the
nfs4 file system type. The nfsvers= keyword is not supported for the
nfs4 file system type.

That is why I went with
[bittwister@wb ~]$ grep m2008 /etc/fstab
m2008:/local /mlocal nfs rsize=32768,wsize=32768,timeo=14,intr 0 0

Did not want to get buried in Kerberos and whatnot.
.

Relevant Pages

  • Re: Problems with nfs server
    ... Matt Jerdonek wrote: ... >package as well as the nfs-user-server package. ... >I'm trying to boot an embedded linux box from NFS. ... You must identify the file system type on the client box mount command. ...
    (Debian-User)
  • find -local
    ... True if the file system type is not a remote file sys- ... I have a workstation with dozens of NFS mounts but I only want to ... search the local disk for files larger than 10 megabytes. ...
    (SunManagers)
  • Re: Linux On-Demand Network Access (LODNA)
    ... >>differs from NFS. ... >mount an NFS partition other than listing it in the ... >then changing fstab still requires root access. ... >3) No need for root privileges when choosing what to ...
    (Linux-Kernel)
  • nfs warning: mount version older than kernel ?
    ... I use nfs mount it in Debian sarge ... # Common options for cpio and tar ... # Bourne Shell Options ...
    (Ubuntu)
  • Using r/o root with amd(8)-mounted file systems
    ... and a 3rd slice to contain "everything else" (that is ... Avoid "hard" NFS mounts. ... Mount /usr read-only. ... I had tried mounting the root file system read-only; ...
    (freebsd-stable)