commit 0d44146e2fa9e8998146b960776b1b6b81b7d2dd Author: Jaromir Hradilek jhradile@redhat.com Date: Mon Jun 21 08:37:45 2010 +0200
Removed the TCP Wrappers section.
en-US/Controlling_Access_to_Services.xml | 18 ------------------ 1 files changed, 0 insertions(+), 18 deletions(-) --- diff --git a/en-US/Controlling_Access_to_Services.xml b/en-US/Controlling_Access_to_Services.xml index fda4c90..ff846b5 100644 --- a/en-US/Controlling_Access_to_Services.xml +++ b/en-US/Controlling_Access_to_Services.xml @@ -510,24 +510,6 @@ rsync off</screen> </section> </section> </section> - <section id="s1-services-tcp-wrappers"> - <title>Configuring TCP Wrappers</title> - <para> - Many UNIX system administrators are accustomed to using TCP wrappers to manage access to certain network services. Any network services managed by <command>xinetd</command> (as well as any program with built-in support for <command>libwrap</command>) can use TCP wrappers to manage access. <command>xinetd</command> can use the <filename>/etc/hosts.allow</filename> and <filename>/etc/hosts.deny</filename> files to configure access to system services. As the names imply, <filename>hosts.allow</filename> contains a list of rules that allow clients to access the network services controlled by <command>xinetd</command>, and <filename>hosts.deny</filename> contains rules to deny access. The <filename>hosts.allow</filename> file takes precedence over the <filename>hosts.deny</filename> file. Permissions to grant or deny access can be based on individual IP address (or hostnames) or on a pattern of clients. Refer to <filename>hosts_access</filename> in section 5 of the man pag es (<command>man 5 hosts_access</command>) for details.</para> - <!-- RHEL5: REMOVING CROSS LINK - <para>For more information on using TCP Wrappers, refer to <xref linkend="s1-tcpwrappers-purpose"/>.</para> - --> - <section id="s2-services-xinetd"> - <title>Using <command>xinetd</command></title> - <para>To control access to Internet services, use <command>xinetd</command>, which is a secure replacement for <command>inetd</command>. The <command>xinetd</command> daemon conserves system resources, provides access control and logging, and can be used to start special-purpose servers. <command>xinetd</command> can also be used to grant or deny access to particular hosts, provide service access at specific times, limit the rate of incoming connections, limit the load created by connections, and more.</para> - <para> - <command>xinetd</command> runs constantly and listens on all ports for the services it manages. When a connection request arrives for one of its managed services, <command>xinetd</command> starts up the appropriate server for that service.</para> - <para>The configuration file for <command>xinetd</command> is <filename>/etc/xinetd.conf</filename>, but the file only contains a few defaults and an instruction to include the <filename>/etc/xinetd.d</filename> directory. To enable or disable an <command>xinetd</command> service, edit its configuration file in the <filename>/etc/xinetd.d</filename> directory. If the <computeroutput>disable</computeroutput> attribute is set to <userinput>yes</userinput>, the service is disabled. If the <computeroutput>disable</computeroutput> attribute is set to <userinput>no</userinput>, the service is enabled. You can edit any of the <command>xinetd</command> configuration files or change its enabled status using the <application>Services Configuration Tool</application>, <application>ntsysv</application>, or <command>chkconfig</command>. For a list of network services controlled by <command>xinetd</command>, review the contents of the <filename>/etc/xinetd.d</filename> directory wit h the command <command>ls /etc/xinetd.d</command>.</para> - <!-- RHEL5: REMOVING CROSS LINK - <para>For more information on using <command>xinetd</command>, refer to <xref linkend="s1-tcpwrappers-xinetd"/>.</para> - --> - </section> - </section> <section id="s1-services-additional-resources"> <title>Additional Resources</title> <section id="s2-services-additional-resources-installed">