commit 0d44146e2fa9e8998146b960776b1b6b81b7d2dd
Author: Jaromir Hradilek <jhradile(a)redhat.com>
Date: Mon Jun 21 08:37:45 2010 +0200
Removed the TCP Wrappers section.
en-US/Controlling_Access_to_Services.xml | 18 ------------------
1 files changed, 0 insertions(+), 18 deletions(-)
---
diff --git a/en-US/Controlling_Access_to_Services.xml
b/en-US/Controlling_Access_to_Services.xml
index fda4c90..ff846b5 100644
--- a/en-US/Controlling_Access_to_Services.xml
+++ b/en-US/Controlling_Access_to_Services.xml
@@ -510,24 +510,6 @@ rsync off</screen>
</section>
</section>
</section>
- <section id="s1-services-tcp-wrappers">
- <title>Configuring TCP Wrappers</title>
- <para>
- Many UNIX system administrators are accustomed to using TCP wrappers to manage
access to certain network services. Any network services managed by
<command>xinetd</command> (as well as any program with built-in support for
<command>libwrap</command>) can use TCP wrappers to manage access.
<command>xinetd</command> can use the
<filename>/etc/hosts.allow</filename> and
<filename>/etc/hosts.deny</filename> files to configure access to system
services. As the names imply, <filename>hosts.allow</filename> contains a list
of rules that allow clients to access the network services controlled by
<command>xinetd</command>, and <filename>hosts.deny</filename>
contains rules to deny access. The <filename>hosts.allow</filename> file takes
precedence over the <filename>hosts.deny</filename> file. Permissions to grant
or deny access can be based on individual IP address (or hostnames) or on a pattern of
clients. Refer to <filename>hosts_access</filename> in section 5 of the man
pag
es (<command>man 5 hosts_access</command>) for details.</para>
- <!-- RHEL5: REMOVING CROSS LINK
- <para>For more information on using TCP Wrappers, refer to <xref
linkend="s1-tcpwrappers-purpose"/>.</para>
- -->
- <section id="s2-services-xinetd">
- <title>Using <command>xinetd</command></title>
- <para>To control access to Internet services, use
<command>xinetd</command>, which is a secure replacement for
<command>inetd</command>. The <command>xinetd</command> daemon
conserves system resources, provides access control and logging, and can be used to start
special-purpose servers. <command>xinetd</command> can also be used to grant
or deny access to particular hosts, provide service access at specific times, limit the
rate of incoming connections, limit the load created by connections, and
more.</para>
- <para>
- <command>xinetd</command> runs constantly and listens on all ports
for the services it manages. When a connection request arrives for one of its managed
services, <command>xinetd</command> starts up the appropriate server for that
service.</para>
- <para>The configuration file for <command>xinetd</command> is
<filename>/etc/xinetd.conf</filename>, but the file only contains a few
defaults and an instruction to include the <filename>/etc/xinetd.d</filename>
directory. To enable or disable an <command>xinetd</command> service, edit its
configuration file in the <filename>/etc/xinetd.d</filename> directory. If the
<computeroutput>disable</computeroutput> attribute is set to
<userinput>yes</userinput>, the service is disabled. If the
<computeroutput>disable</computeroutput> attribute is set to
<userinput>no</userinput>, the service is enabled. You can edit any of the
<command>xinetd</command> configuration files or change its enabled status
using the <application>Services Configuration Tool</application>,
<application>ntsysv</application>, or
<command>chkconfig</command>. For a list of network services controlled by
<command>xinetd</command>, review the contents of the
<filename>/etc/xinetd.d</filename> directory wit
h the command <command>ls /etc/xinetd.d</command>.</para>
- <!-- RHEL5: REMOVING CROSS LINK
- <para>For more information on using <command>xinetd</command>,
refer to <xref linkend="s1-tcpwrappers-xinetd"/>.</para>
- -->
- </section>
- </section>
<section id="s1-services-additional-resources">
<title>Additional Resources</title>
<section id="s2-services-additional-resources-installed">
Show replies by date