Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 15 Sep 2001 07:23:23 -0500
From:      Bob Martin <bob@buckhorn.net>
To:        Conrado Vardanega <cvspam@ig.com.br>, freebsd-stable@FreeBSD.ORG
Subject:   Re: Disallowed any service (not ssh), part III
Message-ID:  <3BA3483B.58E03871@buckhorn.net>
References:  <NDBBLGPICDCECKDGFCGFCENGCKAA.cvspam@ig.com.br>

next in thread | previous in thread | raw e-mail | index | archive | help
I'll tackle the easy part first. The reason it's called mergemaster is
that you have to merge your configuration into the new systemfiles. So
the generated sendmail.cf doesn't include your configuration, nor do any
of the other files in /usr/src/etc.

The reason that we keep asking about /etc/pam.conf is that it is one of
the "common threads". /etc/hosts.allow and /etc/login.conf are the also
common to ftp, telnet and ssh. Moreover, pam.conf recently changed. (See
/usr/src/UPDATING for details). 

It would seem that you've already covered the bases. I can only think of
2 other possible causes. First, these services are (at least in default
configurations) designed to refuse UID's of 0. The other thing that
comes to mind is that these services also require a valid home directory
and a valid shell. For example, if cvarda's shell is
/usr/local/bin/bash, and that shell is not in /etc/shells (clobbered by
mergemaster?) then the login would be refused.

Bob Martin

Conrado Vardanega wrote:
> 
> I ran mergemaster after some installworlds and I've found no changes on
> pam.conf.
> 
> By the way, I've been checking out mergemaster's output files and the
> generated sendmail.cf didn't included my current configuration. Is this
> wrong?
> 
> As stated on original message: The server has no ipfw rules (default to
> accept), login.access is default, hosts.allow is default (first line
> "ALL:ALL:allow"). All machines have DNS entry, as well reverse matching the
> forward name.
>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BA3483B.58E03871>