[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: lpd with libwrap (or tcp wrappers)

On Thu, 15 Feb 2001, Jeremy C. Reed wrote:

 > But is this the Debian way? What will happen when I upgrade lpr package?

i'd be more than very surprised if any automatic script would modify
any conf file i write or modify. then again, you never know what those
scripts will do, but they strongly shouldn't.

 >  Feb 15 15:36:50 pilchuck lpd[9780]: bind: Address already in use
 >  Feb 15 15:36:50 pilchuck lpd[9780]: exiting

now actually looking at lpd:), it doesn't seem to support being run
from inetd. you have several ways to go, though. first, trust it's own
builtin access control (lpd.perms or something); (possibly
additionally) put a packet filter in front of it; or you can add
libwrap support to lpd (it's not supposed to be hard); or the last
thing i can think of is to modify lpd in a way when it allows to be
run from inetd (that is, it takes its input from stdin, iirc)

having a very quick look at lpd.perms(5) i'd say its basically
equivalent (functionality-wise) to hosts.{allow,deny}, but also has
print service-specific options. i didn't find the equivalent option to
UKNOWN and PARANOID, though, but, as printing is supposed (imho) be a
`local' service, you have to maintain a consistent dns database and
you won't even need this.

So, you're a Ph.D. Just don't touch anything.

Reply to: