From owner-FreeBSD-users-jp@jp.freebsd.org  Thu Apr  5 14:18:35 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id OAA82091;
	Thu, 5 Apr 2001 14:18:35 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from meadow.scphys.kyoto-u.ac.jp (meadow.scphys.kyoto-u.ac.jp [130.54.54.165])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with SMTP id OAA82085
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 5 Apr 2001 14:18:35 +0900 (JST)
	(envelope-from amorita@meadow.scphys.kyoto-u.ac.jp)
Received: (qmail 95303 invoked from network); 5 Apr 2001 05:18:04 -0000
Received: from localhost (HELO meadow.scphys.kyoto-u.ac.jp) (127.0.0.1)
  by localhost with SMTP; 5 Apr 2001 05:18:04 -0000
To: FreeBSD-users-jp@jp.freebsd.org
X-cite: xcite 1.31
References: <4.3.2-J.20010405104908.0303eac0@zenon.rite.or.jp>
From: Akio Morita <amorita@meadow.scphys.kyoto-u.ac.jp>
MIME-Version: 1.0 (generated by SEMI 1.13.7 - "Awazu")
Content-Type: text/plain; charset=ISO-2022-JP
Date: 05 Apr 2001 14:18:03 +0900
In-Reply-To: <4.3.2-J.20010405104908.0303eac0@zenon.rite.or.jp>
 (Tetuya Saito's message of "Thu, 05 Apr 2001 11:03:02 +0900")
Message-ID: <85d7ar2ad0.fsf@meadow.scphys.kyoto-u.ac.jp>
Lines: 68
User-Agent: T-gnus/6.14.6 (based on Gnus v5.8.8) (revision 04) SEMI/1.13.7 (Awazu) FLIM/1.13.2 (Kasanui) Emacs/20.6 (i386-unknown-freebsdelf3.4) MULE/4.0 (HANANOEN)
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-users-jp 60588
Subject: [FreeBSD-users-jp 60588] Re: TCP_WRAPPER
 =?ISO-2022-JP?B?GyRCJEskRCQkJEYbKEI=?= 
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: amorita@meadow.scphys.kyoto-u.ac.jp

$B?9ED!w5~Bg$G$9(B

Tetuya Saito(tetuya@rite.or.jp)$B$5$s$O!"(B
Thu, 05 Apr 2001 11:03:02 +0900$B$K(B
$B!V(B[FreeBSD-users-jp 60581] Re: TCP_WRAPPER $B$K$D$$$F(B $B!W$N(BMessage$B$G=q$-$^$7$?(B

$B!d@FF#!w#R#I#T#E$G$9(B
$B!d(B
(snip)
$B!d(B>$B$"$H$O(Btcp_wrapper$B;H$C$F$$$k$+$I$&$+$OJL$K$7$F!"(Bldd /usr/sbin/sshd
$B!d(B>$B$d$l$P!"0MB8$5$l$F$$$k$+$I$&$+$OJ,$+$k$H;W$$$^$9!#(B
$B!d(Bldd /usr/sbin/sshd$B$r<B9T$7$F$_$^$7$?!#(B
$B!d7k2L$O0J2<$NDL$j$G$7$?!#(B
$B!d(B/usr/sbin/sshd:
$B!d(B         libopie.so.2 => /usr/lib/libopie.so.2 (0x28091000)
$B!d(B         libmd.so.2 => /usr/lib/libmd.so.2 (0x2809a000)
$B!d(B         libcrypt.so.2 => /usr/lib/libcrypt.so.2 (0x280a4000)
$B!d(B         libcrypto.so.1 => /usr/lib/libcrypto.so.1 (0x280b9000)
$B!d(B         libutil.so.3 => /usr/lib/libutil.so.3 (0x28175000)
$B!d(B         libz.so.2 => /usr/lib/libz.so.2 (0x2817e000)
$B!d(B         libwrap.so.3 => /usr/lib/libwrap.so.3 (0x2818b000)
$B!d(B         libpam.so.1 => /usr/lib/libpam.so.1 (0x28193000)
$B!d(B         libc.so.4 => /usr/lib/libc.so.4 (0x2819c000)
$B!d(B
$B!d$3$l$r(Bmil$B$H(Blibwrap.so.3$B$r;HMQ$7$F$$$k$h$&$J$N$G!"(BTCP_WRAPPER$B$,AH$_9~$^$l$F(B 
$B!d$$$k$h$&$K;W$&$N$G$9$,(B
$B!d(B
$B@52r!#AH$_9~$^$l$F$$$^$9(B

$B!d$I$&$7$F!"(Btcpdchk$B$r<B9T$9$k$H!"(Bwarning: /etc/hosts.allow, line 27: sshd: 
$B!d(Bservice possibly not wrapped$B$N(B
$B!d(Bwarning$B$,$G$k$N$G$7$g$&$+!)(B
$B!d(B
$B:G=i$K=q$$$?@bL@$r8m2r$7$F$$$k$h$&$G$9$,!"$-$A$s$H(B tcpdchk$B$N(B manual$B$d(B
source$B$rFI$s$GF0:n$rM}2r$7$F2<$5$$(B!
tcpdchk$B$,8!::$9$k$N$O(B hosts.(allow|deny)$B<+?H$N=q<0$H(B
inetd.conf$B$KBP$9$k@09g@-$G$9(B
$B$D$^$j!"(Binetd$B$N4IM}2<$K$$$J$$(B daemon$B$N@_Dj$,(B hosts.(allow|deny)$B$K(B
$B$"$C$F$b$=$N(B daemon$B$,(B TCP_WRAPPER$B$rMxMQ$7$F$$$k$+$r8!::$G$-$^$;$s(B
$B!t(Blibwrap$B$r(B link$B$7$F$b!"$=$3$K$"$k4X?t$r@5$7$/(B access control$B$K(B
$B!t;H$C$F$J$1$l$P8z2L$O$J$$$N$G!"30It$+$i$=$l$r3N$+$a$k$N$O(B
$B!t6K$a$FFq$7$$(B
$B$h$C$F!"(Bhosts.(allow|deny)$B$K(B entry$B$,B8:_$9$k$,!"(Binetd.conf$B$KL5$$(B
daemon$B$O(B`service possibly not wrapped'$B$J$k7Y9p$r=P$7$^$9(B
$B!t(Binetd$B$+$i(B wrappe$B$5$l$F$$$J$$(B($B$3$l$,@5$7$$$3$H$O$o$+$j$^$9$h$M(B?)

$B!d(BAt 10:20 01/04/05 +0900, akiba$BMM(B wrote:
$B!d(B>$B=)>l$H?=$7$^$9!#(B
$B!d(B>$B$3$l$J$s$G$9$1$I$b!"(B/usr/libexec/sshd$B$C$FK\Ev$K$"$j$^$9$+(B?
$B!d(B>sshd    stream  tcp  nowait  root   /usr/sbin/sshd     sshd -i
$B!d(B>$B$N4V0c$$$G$O$"$j$^$;$s$+(B?
$B!d(B
$B!d(B/usr/libexec/ssd$B$O%j%s%/$G<BBN$O(B/usr/sbin/sshd$B$G$9(B
$B!d$J$<!"$3$N$h$&$J%j%s%/$r:n$C$?$+$H$$$&$H!"(Binetd.conf$B$NB>$N@_Dj$K$"$o$;$k$?$a$K(B
$B!d:n$C$?$N$G$9$,!"$^$:$+$C$?$G$7$g$&$+!)(B
$B!d(B
$B$@$C$?$i!"<!$N$h$&$K$9$k$N$,@5$7$$$N$G$O(B?
sshd    stream  tcp  nowait  root   /usr/libexec/sshd     sshd -i
$B=q<0$H$7$F$O(B inetd(8)$B$K$"$k$h$&$K(B
service socket protocl {wait|nowait} user program argv[0] (argv[1]...)
$B$G$9$N$G!"(Bargv[0]$B$O(B sshd$B$rEO$9$N$,@5$7$$$G$9(B
$B$b$C$H$b!"(Binetd.conf$B$r8!::$9$k%D!<%kN`$,(B program$B$G<($5$l$k(B path$B$K(B
daemon$B$N<BBN$,B8:_$9$k$3$H$rMW5a$9$k$H:$$j$^$9$,(B...

--
#  Akio Morita ( $B?9ED(B $B><IW(B -- $B5~ETBg3XBg3X1!M}3X8&5f2J(B D3)
#   E-mail:  amorita@meadow.scphys.kyoto-u.ac.jp
#  WebPage:  http://misao.kuicr.kyoto-u.ac.jp/amorita/
