[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Starting Telnet and Wu-ftpd using kickstart



On Wed Mar 07 2001 at 14:10, Rebecca R Krause seagate com wrote:

> I checked my hosts.allow and hosts.deny files.  They are both empty.

Make sure that in the end you have in /etc/hosts.deny:

ALL: ALL

(to deny all), and in /etc/hosts.allow something like this:

# examples only
in.telnetd in.ftpd : localhost \
	192.168.1.0/255.255.255.0 \
	192.168.2.1 192.168.2.10 \
	192.168.128/255.255.255.128 \
	<lists of other IP addresses/networks allowed access>

This is policy of deny everything except what is specifically
allowed.  Very secure (and HIGHLY recommended).  The man pages for
hosts.{allow,deny} give lots of hits how you can set thing up so
that each denied connection attempt it logged or generates emails,
or whatever.  Very powerful.

> I attempted to start telnet as a daemon during startup.  Here are the steps
> I followed as root:
> 
> cd etc/xinetd.d
> cp telnet /etc/rc.d/init.d

What???  WHY did you do that???  Amazing, you just broke your
system's startup.  (Oh well, live and learn...)

> cd etc/rc.d/init.d
> chmod 777 telnet
> cd etc/rc.d/rc3.d
> ln -s ../init.d/telnet S70telnet

First, fix things by undoing what you just did:

	rm -f /etc/rc.d/init.d/telnet /etc/rc.d/rc3.d/S70telnet

To get it working how you want, all you have to do to have it
running by default at bootup is this:

	chkconfig telnet on

All xinetd daemons can be turned on and off for bootup by using
chkconfig.  It is a VERY useful tool, learn to use it.

It is trivial to use it in the %post section of a kickstart script.


After installation, do this to get it working:

	chconfig telnet on
	service xinetd reload

(ie, no need to reboot... there is hardly ever [never?] any need to
reboot just to start and stop network daemons).

> when I watch the screen during reboot and telnet tries to start, I get the
> following message:
> Starting telnet:
> VFS: file-max limit 4096 reached
> exec: too many open files in system
> Unable to load interpreter /lib/ld-linux.so.2

Yep, not suprised.  :-)

Really, you need to learn exactly what happens at bootup and how to
control it.  It seems you have a general idea, but not the
specifics.

> I am able to telnet from my machine but if I try to telnet to it I get a
> "connection refused" message.

The daemon isn't running, that's why.

> My file called telnet looks like this:
> # default: on
> # description: The telnet server serves telnet sessions; it uses \
> #     unencrypted username/password pairs for authentication.
> service telnet
> {
>       flags          = REUSE
>       socket_type    = stream
>       wait           = no
>       user           = root
>       server    = /usr/sbin/in.telnetd
>       log_on_failure += USERID
> }

That's a good config file for xinetd which should live in
/etc/xinetd.d/.  telnet is supposed to run via xinetd, so
/etc/rc.d/init.d/xinetd is the magic script (which you should not
touch).

/etc/rc.d/init.d/* files are supposed to be executable files
(usually shell scripts).

> When I look at the rest of the executable files in /etc/rc.d/init.d, I see
> that most of them have start(), stop()  and restart().  I am assuming I
> need something like that in my telnet file.  Is there documentation around
> to help me create this file?  Do I have the correct steps to start a daemon
> at startup...so once I get a good telnet file it should work for me?

Have a look on the redhat documentation cdrom, it's all there.  Lots
of it in excellent detail.

No need at all for a /etc/rc.d/init.d/telnet file.

	man xinetd in.telnetd

> Thanks!
> Rebecca

Good luck.

Cheers
Tony





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]