From friz at godshell.com Tue Jun 1 10:38:32 2004 From: friz at godshell.com (Jason 'XenoPhage' Frisvold) Date: Tue, 01 Jun 2004 10:38:32 -0400 Subject: [osiris-devel] Feature Request - Dated Ignores In-Reply-To: <00AD2E2A-B25B-11D8-B07C-003065A506B2@shmoo.com> References: <1224.24.229.44.44.1085931163.squirrel@www.protectors.cc> <00AD2E2A-B25B-11D8-B07C-003065A506B2@shmoo.com> Message-ID: <1086100712.25280.8.camel@corp> On Sun, 2004-05-30 at 13:01, Brian Wotring wrote: > A couple of thoughts: > > First, the scan configuration files have nothing really to do with the > comparison process. That is, the scan configs are not consulted during > the comparison process, only when performing a scan. I think adding > this to the configuration syntax would complicate it a great deal, as > well as require changes to the management console's analysis engine. Good point, didn't think of that :) > Second, this is only half the solution. I'm sure you've thought of > this, but because it is so important I think I should mention it. In > order to maintain any sort of faith in the integrity of these files, > you have to know the time window, and more importantly, the next > resultant state of the files. That is, a time window alone is almost > worthless because in the cases you've listed you will have to leave > some breathing room and that means that any change in that window would > be considered legitimate; not a good thing ;) Yeah, I thought about the time window... was thinking of putting a variable in there to allow a +- change in time... > As far as managing the alerts go, I think it falls outside the scope of > the management console. If you know the schedules of these items, you > should be able to deal with this at a higher level. For example, email > notifications could easily be filtered/archived according to content. > For syslog entries, a log analysis program (e.g. swatch) could easily > be used to look for these scheduled changes and report on the ones that > fall outside of your time window, and deal with the time window problem > by triggering an alert if more than one change happens inside that > window. I'll check out swatch ... I figured this might fall outside of the scope of this ... The problem that I see is that I know these files will change at a certain time due to cronjobs, log rotations, etc. So I'm expecting the mails from osiris explaining that the checksum changed, the ctime changed, etc ... I could just dump those messages, but they continue to come in until the database is updated... Which is why I thought the best place to deal with this would be at the source.... > I hope this helps. Yup :) -- --------------------------- Jason 'XenoPhage' Frisvold Engine / Technology Programmer friz at godshell.com RedHat Certified - RHCE # 803004140609871 MySQL Pro Certified - ID# 207171862 MySQL Core Certified - ID# 205982910 --------------------------- "Something mysterious is formed, born in the silent void. Waiting alone and unmoving, it is at once still and yet in constant motion. It is the source of all programs. I do not know its name, so I will call it the Tao of Programming." -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040601/969bfef5/attachment.pgp From brian at shmoo.com Tue Jun 1 10:50:01 2004 From: brian at shmoo.com (Brian Wotring) Date: Tue, 1 Jun 2004 08:50:01 -0600 Subject: [osiris-devel] Feature Request - Dated Ignores In-Reply-To: <1086100712.25280.8.camel@corp> References: <1224.24.229.44.44.1085931163.squirrel@www.protectors.cc> <00AD2E2A-B25B-11D8-B07C-003065A506B2@shmoo.com> <1086100712.25280.8.camel@corp> Message-ID: If the persistent notifications are bothersome, you do have the option to have them automatically accepted. On Jun 1, 2004, at 8:38 AM, Jason 'XenoPhage' Frisvold wrote: >> As far as managing the alerts go, I think it falls outside the scope >> of >> the management console. If you know the schedules of these items, you >> should be able to deal with this at a higher level. For example, >> email >> notifications could easily be filtered/archived according to content. >> For syslog entries, a log analysis program (e.g. swatch) could easily >> be used to look for these scheduled changes and report on the ones >> that >> fall outside of your time window, and deal with the time window >> problem >> by triggering an alert if more than one change happens inside that >> window. > > I'll check out swatch ... I figured this might fall outside of the > scope > of this ... The problem that I see is that I know these files will > change at a certain time due to cronjobs, log rotations, etc. So I'm > expecting the mails from osiris explaining that the checksum changed, > the ctime changed, etc ... I could just dump those messages, but they > continue to come in until the database is updated... Which is why I > thought the best place to deal with this would be at the source.... -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D From friz at godshell.com Tue Jun 1 10:54:47 2004 From: friz at godshell.com (Jason 'XenoPhage' Frisvold) Date: Tue, 01 Jun 2004 10:54:47 -0400 Subject: [osiris-devel] Feature Request - Dated Ignores In-Reply-To: References: <1224.24.229.44.44.1085931163.squirrel@www.protectors.cc> <00AD2E2A-B25B-11D8-B07C-003065A506B2@shmoo.com> <1086100712.25280.8.camel@corp> Message-ID: <1086101687.25280.12.camel@corp> On Tue, 2004-06-01 at 10:50, Brian Wotring wrote: > If the persistent notifications are bothersome, you do have the option > to have them automatically accepted. Autonotification is bad :) I like to be notified about changes... And I like that the system persistently tells you "SOMETHING CHANGED, ACKNOWLEDGE ME!" ... I just wanted to selectively ignore :) No biggie.. I can live with it.. It was just a thought :) -- --------------------------- Jason 'XenoPhage' Frisvold Engine / Technology Programmer friz at godshell.com RedHat Certified - RHCE # 803004140609871 MySQL Pro Certified - ID# 207171862 MySQL Core Certified - ID# 205982910 --------------------------- "Something mysterious is formed, born in the silent void. Waiting alone and unmoving, it is at once still and yet in constant motion. It is the source of all programs. I do not know its name, so I will call it the Tao of Programming." -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040601/fc31594e/attachment.pgp From Alexei_Roudnev at exigengroup.com Tue Jun 1 13:19:45 2004 From: Alexei_Roudnev at exigengroup.com (Alexei_Roudnev) Date: Tue, 1 Jun 2004 10:19:45 -0700 Subject: [osiris-devel] Feature Request - Dated Ignores References: <1224.24.229.44.44.1085931163.squirrel@www.protectors.cc><00AD2E2A-B25B-11D8-B07C-003065A506B2@shmoo.com><1086100712.25280.8.camel@corp> <1086101687.25280.12.camel@corp> Message-ID: <0c9801c447fc$a2ae0220$2c7f300a@sjc.exigengroup.com> In my case, I'd like to auto-ack all changes in stagi and development ares, but make it manually in production area. Btw, you can not run 'auto-ack' mode without 'auto-expire', else you will end up with a full disk in 1 - 2 months. ============================================ > If the persistent notifications are bothersome, you do have the option > to have them automatically accepted. Autonotification is bad :) I like to be notified about changes... And I like that the system persistently tells you "SOMETHING CHANGED, ACKNOWLEDGE ME!" ... I just wanted to selectively ignore :) No biggie.. I can live with it.. It was just a thought :) From Alexei_Roudnev at exigengroup.com Tue Jun 1 13:26:32 2004 From: Alexei_Roudnev at exigengroup.com (Alexei_Roudnev) Date: Tue, 1 Jun 2004 10:26:32 -0700 Subject: [osiris-devel] Feature Request - Dated Ignores References: <1224.24.229.44.44.1085931163.squirrel@www.protectors.cc> Message-ID: <0d1001c447fd$95452090$2c7f300a@sjc.exigengroup.com> Osiris is not real-time system, so it can not work by this way. What can work is some 'smart' shecdule, saying that 'scan at 10 am , e-mail, no-auto ack; scan at 5 pm, auto-ack, e-mail'. (I am not saying, that I support the whole idea). ----- Original Message ----- From: "Jason 'XenoPhage' Frisvold" To: "Osiris Developers" Sent: Sunday, May 30, 2004 8:32 AM Subject: [osiris-devel] Feature Request - Dated Ignores Hi all, During certain scheduled times, files on my system are set to change.. Most notably are rebuilds of ssl certs, and lockfiles for running processes when logs rotate. I know about these, and I'd like to automatically ignore them on a regular schedule. However, if they change outside of that schedule, I need to know since there may be a problem.. So, I propose adding some sort of ignore system to osiris that would allow a user to ignore a file during a certain period of time. Obviously the system would have to rehash that file and automatically add it to the db... I was imagining something like this: IgnoreFile "filename" "0 0 * * *" Where the first field is the filename and the second field is a crontab-like entry of the time to ignore the file... ie, in the above example, it would ignore the file at midnight each night... Thoughts, comments, flames? :) --------------------------- Jason 'XenoPhage' Frisvold Engine / Technology Programmer friz at godshell.com RedHat Certified - RHCE # 803004140609871 MySQL Pro Certified - ID# 207171862 MySQL Core Certified - ID# 205982910 --------------------------- "Something mysterious is formed, born in the silent void. Waiting alone and unmoving, it is at once still and yet in constant motion. It is the source of all programs. I do not know its name, so I will call it the Tao of Programming." _______________________________________________ osiris-devel mailing list osiris-devel at lists.shmoo.com https://lists.shmoo.com/mailman/listinfo/osiris-devel From Alexei_Roudnev at exigengroup.com Wed Jun 2 18:23:08 2004 From: Alexei_Roudnev at exigengroup.com (Alexei Roudnev) Date: Wed, 2 Jun 2004 15:23:08 -0700 Subject: [osiris-devel] Possible bug in osiris manager / Win2K Message-ID: <034101c448f0$2eae1cd0$980ea8c0@exigengroup.com> I saw a strange situation - after running for a few weeks without any problems, osirismd failed on Win2K. I suspect possible bug (more likely, some resources are not released). Possible bug status - minor (automatic restart should help enough). version - 2.4.2-release. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040602/f9442271/attachment.htm From brian at shmoo.com Wed Jun 2 18:51:36 2004 From: brian at shmoo.com (Brian Wotring) Date: Wed, 2 Jun 2004 16:51:36 -0600 Subject: [osiris-devel] Possible bug in osiris manager / Win2K In-Reply-To: <034101c448f0$2eae1cd0$980ea8c0@exigengroup.com> References: <034101c448f0$2eae1cd0$980ea8c0@exigengroup.com> Message-ID: <66EB03F8-B4E7-11D8-A52A-003065A506B2@shmoo.com> Did the failure produce any log messages? I would be a lot more interested if you noticed this with a version later than 4.0. On Jun 2, 2004, at 4:23 PM, Alexei Roudnev wrote: > I saw a strange situation - after running for a few weeks without any > problems, osirismd failed on Win2K. I suspect possible bug (more > likely, some resources are not released). Possible bug status - minor > (automatic restart should help enough). version - 2.4.2-release. > ? > ? > _______________________________________________ > osiris-devel mailing list > osiris-devel at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris-devel -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D From Alexei_Roudnev at exigengroup.com Wed Jun 2 19:28:47 2004 From: Alexei_Roudnev at exigengroup.com (Alexei Roudnev) Date: Wed, 2 Jun 2004 16:28:47 -0700 Subject: [osiris-devel] Possible bug in osiris manager / Win2K References: <034101c448f0$2eae1cd0$980ea8c0@exigengroup.com> <66EB03F8-B4E7-11D8-A52A-003065A506B2@shmoo.com> Message-ID: <035501c448f9$5ac65360$980ea8c0@exigengroup.com> Reason have been found. It is really minor bug, but still the bug. If disk space is over, osirismd fail. PS. Hmm, I never saw any reasonable logs in Osiris 2.4. This is a problem - I prefer to have log file, which is written all the time and which logs all commands (in TRACE mode, something like 'auth1 PUSH-CONFIG OK; auth1 STARET SCAN OK; auth1 SCAN END; auth1 DB written [dbid:12];...) and all details (in debug mode). Having 100 servers, I expect to see 300 - 500 lines/day in such file, which means 500 * 300 * 50 = 7500,000 bytes/year = ~~7.5 Mb/year - so, it can work even without expiration mechanism. ----- Original Message ----- From: "Brian Wotring" To: "Osiris Developers" Sent: Wednesday, June 02, 2004 3:51 PM Subject: Re: [osiris-devel] Possible bug in osiris manager / Win2K Did the failure produce any log messages? I would be a lot more interested if you noticed this with a version later than 4.0. On Jun 2, 2004, at 4:23 PM, Alexei Roudnev wrote: > I saw a strange situation - after running for a few weeks without any > problems, osirismd failed on Win2K. I suspect possible bug (more > likely, some resources are not released). Possible bug status - minor > (automatic restart should help enough). version - 2.4.2-release. > > > _______________________________________________ > osiris-devel mailing list > osiris-devel at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris-devel -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D _______________________________________________ osiris-devel mailing list osiris-devel at lists.shmoo.com https://lists.shmoo.com/mailman/listinfo/osiris-devel From Alexei_Roudnev at exigengroup.com Wed Jun 2 19:30:38 2004 From: Alexei_Roudnev at exigengroup.com (Alexei Roudnev) Date: Wed, 2 Jun 2004 16:30:38 -0700 Subject: [osiris-devel] Possible bug in osiris manager / Win2K References: <034101c448f0$2eae1cd0$980ea8c0@exigengroup.com> <66EB03F8-B4E7-11D8-A52A-003065A506B2@shmoo.com> Message-ID: <035601c448f9$9c987430$980ea8c0@exigengroup.com> Reason have been found. It is really minor bug, but still the bug. If disk space is over, osirismd fail. PS. Hmm, I never saw any reasonable logs in Osiris 2.4. This is a problem - I prefer to have log file, which is written all the time and which logs all commands (in TRACE mode, something like 'auth1 PUSH-CONFIG OK; auth1 STARET SCAN OK; auth1 SCAN END; auth1 DB written [dbid:12];...) and all details (in debug mode). Having 100 servers, I expect to see 300 - 500 lines/day in such file, which means 500 * 300 * 50 = 7500,000 bytes/year = ~~7.5 Mb/year - so, it can work even without expiration mechanism. ----- Original Message ----- From: "Brian Wotring" To: "Osiris Developers" Sent: Wednesday, June 02, 2004 3:51 PM Subject: Re: [osiris-devel] Possible bug in osiris manager / Win2K Did the failure produce any log messages? I would be a lot more interested if you noticed this with a version later than 4.0. On Jun 2, 2004, at 4:23 PM, Alexei Roudnev wrote: > I saw a strange situation - after running for a few weeks without any > problems, osirismd failed on Win2K. I suspect possible bug (more > likely, some resources are not released). Possible bug status - minor > (automatic restart should help enough). version - 2.4.2-release. > > > _______________________________________________ > osiris-devel mailing list > osiris-devel at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris-devel -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D _______________________________________________ osiris-devel mailing list osiris-devel at lists.shmoo.com https://lists.shmoo.com/mailman/listinfo/osiris-devel From Alexei_Roudnev at exigengroup.com Mon Jun 7 13:47:34 2004 From: Alexei_Roudnev at exigengroup.com (Alexei_Roudnev) Date: Mon, 7 Jun 2004 10:47:34 -0700 Subject: [osiris-devel] Re: [osiris] Creating a filter for modules References: <20040607154707.GA26269@cs.utk.edu> <46C48844-B89B-11D8-B8A0-000393887392@shmoo.com> Message-ID: <119401c44cb7$83d55960$2c7f300a@sjc.exigengroup.com> I do not remember, if it was fixed in osiris 4, but osiris 2 have a serious stability problem - if it failed during writing some database (say, no disk space), it left this database in corrupted state, and next scans will cause osirismd to fail, so making impossible normal system work. I remember discussion about cremoving database files before writing them, but I do not remember our conclusion - how it is implemented in osiris4. It is serious problem, because it means, that after you deploy all system (say, on 100 servers) and run it succesfully for a while (say,1 year - so that it is supported by OPS perople, not by skilled designers / developers), it saddenly stops to work, and fix require to understand, what's going on, finding damaged database and removing it, which is annoying if doing manually, and is not easy to automate. Alex Roudnev PS. I am writing script, which will remove expired and unused databases older than some time, but such script is not able to remove damaged database, because it is not clean, how to recongize it. Do you have any idea, how to determine 'current' database from perl/shell script? PPS. What was a decision about database expiration in osiris4? I remember a discussion, but unfortunately the only proposed approach was to remove old database at once, which makes any forensic impossible - I prefer to set up number of old databases (say, 2) which are saved, and remove 'DB - NN' database only. > > Currently, filters do not apply to modules, but I this should be > possible. I will add this to the feature list. Thanks. > > On Jun 7, 2004, at 9:47 AM, David Vasil wrote: > > > I am using osiris in a shop of mixed solaris / linux servers > > and workstations. When using the mod_kmods module, I would like > > to create a filter so that modules that are autocleaned do not > > set off a warning when they are scanned. Specifically the nfs > > module in a linux environment. Here is a example log message: > > > > ----- > > [223][changed-hostname][cmp][mod_kmods][kern:nfs][nfs > > 84600 19 (autoclean),nfs 84600 20 (autoclean)] > > ----- > > > > I have been able to set up filters for file system based filters > > but have not been able to create one for mod_kmods yet and would > > like to have these messages ignored. I have tried to create a > > filter like this: > > > > ----- > > host=*;path=mod_kmods;include only: missing new ; > > ----- > > > > and it still sends the cmp messages. In fact, when I added this > > rule, I began receiving messages from an old filter I created > > which was working great until the mod_kmods filter was added: > > > > ----- > > host=*;path=/usr/local/etc/postfix/prng_exch;include only: perm uid > > gid missing ; > > ----- > > > > and I kept receiving email for this rule until I removed both filters > > and re-added the filter for prng_exch. Is there a way to create > > a filter for modules? If not, would this be something to include > > in future versions? > > > > -- > > +------------------------------------------------------------+ > > | Dave Vasil vasil at cs.utk.edu | > > | University of Tennessee Computer Science Dept. | > > | UTKCS Systems Administrator 865-974-8364 | > > +------------------------------------------------------------+ > > _______________________________________________ > > osiris mailing list > > osiris at lists.shmoo.com > > https://lists.shmoo.com/mailman/listinfo/osiris > -- > Brian Wotring ( brian at shmoo.com ) > PGP KeyID: 0x9674763D > > _______________________________________________ > osiris mailing list > osiris at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris > From Alexei_Roudnev at exigengroup.com Wed Jun 9 23:05:12 2004 From: Alexei_Roudnev at exigengroup.com (Alexei Roudnev) Date: Wed, 9 Jun 2004 20:05:12 -0700 Subject: [osiris-devel] Old database removal script - see attacment (Script is 'BETA' grade, tested on 1 server only) Message-ID: <19a301c44e97$bf3e35d0$980ea8c0@exigengroup.com> See attachment. I run this script daily, removing old databases and sticked temporary files. Script removes data base, if: - it was not changed during last N (default 3) days AND - next database was not changed during last N (default 3) days AND - it is not one of last M (default - 4) databases. Do not run it, if you archive databases. Of course, expiration should be (better) implemented in the osirismd itself. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040609/aa552491/attachment.htm -------------- next part -------------- A non-text attachment was scrubbed... Name: daily.bat Type: application/octet-stream Size: 109 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040609/aa552491/attachment.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: osiris_clean.pl Type: application/x-perl Size: 5648 bytes Desc: not available Url : http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040609/aa552491/attachment.bin From Alexei_Roudnev at exigengroup.com Thu Jun 10 13:37:05 2004 From: Alexei_Roudnev at exigengroup.com (Alexei_Roudnev) Date: Thu, 10 Jun 2004 10:37:05 -0700 Subject: [osiris-devel] Re: [osiris] Old database removal script - see attacment (Script is 'BETA' grade, tested on 1 server only) References: <19a301c44e97$bf3e35d0$980ea8c0@exigengroup.com> Message-ID: <127c01c44f11$8c3d9160$2c7f300a@sjc.exigengroup.com> I hate the whole idea of keeping links, instead of creating 'contributed' directory and 'binaries' folder on the osiris FTP. Reason is simple - the life time of any server, where I can put this script, is not the same as of Osiris WEB server, so if I put something there, it can disappear before the end of life for Osiris. Such approach (link) can work for binaries, because it is just a matter of time to compile them again, but it should not work for config samples, scripts, tools etc. (Anyway, I can put it for download). ----- Original Message ----- From: "Brian Wotring" To: "Alexei Roudnev" Sent: Thursday, June 10, 2004 6:35 AM Subject: Re: [osiris] Old database removal script - see attacment (Script is 'BETA' grade, tested on 1 server only) If you post it somewhere for download, I will post the link on the contributions page. On Jun 9, 2004, at 9:05 PM, Alexei Roudnev wrote: > See attachment. I run this script daily, removing old databases and > sticked temporary files. > > Script removes data base, if: > - it was not changed during last N (default 3) days > AND > - next database was not changed during last N (default 3) days > AND > - it is not one of last M (default - 4) databases. > > Do not run it, if you archive databases. Of course, expiration should > be (better) implemented in the osirismd itself. > > > ___________________________________________ > ____ > osiris mailing list > osiris at lists.shmoo.com > https://lists.shmoo.com/mailman/listinfo/osiris -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D From brian at shmoo.com Tue Jun 22 10:02:57 2004 From: brian at shmoo.com (Brian Wotring) Date: Tue, 22 Jun 2004 08:02:57 -0600 Subject: [osiris-devel] osiris-4.0.3 released Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Osiris version 4.0.3 release - --------------------------------------------------- Osiris - Host Integrity Monitoring http://osiris.shmoo.com This release of Osiris contains a few new enhancements, and many fixes. No updates to scan agents are necessary. Differences with version 4.0.3 ================================================= FIXED: - - subject headers in email notifications, missing CRLF - - fixed log message of type error that should have been type: info. - - notify_flags (scan failed) not being set correctly. - - bogus scan-failure messages from being sent by the scheduler. - - bug where console would not updage schedules after a rm-host. - - install.sh bug not always detecting linux distro correctly. - - plist file for Darwin init script wasn't compatible with older OS X versions. - - solaris install.sh bug with useradd/groupadd calls. FEATURES: - - added Date header to email notification messages. - - added default config for Windows Server 2003. Downloads: http://osiris.shmoo.com/data/osiris-4.0.3.tar.gz http://osiris.shmoo.com/data/osiris-4.0.3-win32.exe Checksums and Signatures: MD5(osiris-4.0.3.tar.gz)= a1b5acd2120c1d52cd5047c7fa7c6613 MD5(osiris-4.0.3-win32.exe)= 2f8261eb86575fe6dd18da34a85eb152 http://osiris.shmoo.com/data/osiris-4.0.3.tar.gz.sig http://osiris.shmoo.com/data/osiris-4.0.3-win32.exe.sig Please forward any questions or comments to the Osiris mailing list: osiris at lists.shmoo.com, and any questions related to development to the development list: osiris-devel at lists.shmoo.com - -- Brian Wotring ( brian at shmoo.com ) PGP KeyID: 0x9674763D -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQNg8Ew3seZ6WdHY9EQJsQwCfW238M4zY0SY3tp7o18usJdRMXxgAn0+K jRG6Eq4rCckJ10fGY3kL5Dip =yjpn -----END PGP SIGNATURE----- From sebastian.siewior at rz.uni-freiburg.de Mon Jun 28 17:56:00 2004 From: sebastian.siewior at rz.uni-freiburg.de (Sebastian Siewior) Date: Mon, 28 Jun 2004 23:56:00 +0200 (CEST) Subject: [osiris-devel] patch to support libwrap (attached) Message-ID: hello, this patch adds support for libwrap. libwrap adds support for restricted access via /etc/hosts.(allow|deny) and is shipped with most GNU/LINUX or UNIXes and maybe not available on windows (dunno) B... osirismd adds support for a "allowed hosts list" but this way is better (I thing) after patching the source tar xzf osiris-4.0.3.tar.gz && bunzip2 -c osiris-4.0.3-wrap.patch.bz2 | patch -p0 you can run configure & compile the configure script schould autodetect libwrap and enable if available. Use Something like (in /etc/hots.allowed or .deny): osirismd: 10.10.10 osirisd: 10.10.20 -- regards Sebastian -------------- next part -------------- A non-text attachment was scrubbed... Name: osiris-4.0.3-wrap.patch.bz2 Type: application/octet-stream Size: 17006 bytes Desc: Url : http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040628/bcf6cf47/attachment.obj