本文介绍如何使用ldd命令检查特定守护进程是否支持TCP Wrapper,以及如何通过strings命令确定服务是否由tcp_wrapper处理,适用于Red Hat Enterprise Linux所有版本。
https://access.redhat.com/solutions/47176
SOLUTION 已验证 - 已更新 2013年十一月17日04:12 -
环境
- Red Hat Enterprise Linux (All versions)
- tcp_wrappers
问题
- How to find out which application are compiled with tcp_wrapper support?
- How to find out If Program/Application is compiled with TCP Wrappers Or Not?
决议
Use ldd command to determine whether a given executable daemon /path/to/daemon supports TCP Wrapper.
$ ldd /path/to/daemon | grep libwrap.so
If this command returns any output, then the daemon supports TCP Wrapper.
# ldd /usr/sbin/vsftpd | grep libwrap
libwrap.so.0 => /lib64/libwrap.so.o (0x000xxxxxxxx)
ldd is used to see if libwrap.so is a dependency or not. Some services don't use 'libwrap' library. For these services, execute following command.
# strings $(which <service_name>) | grep hosts
e.g.
hosts_access
/etc/hosts.allow
/etc/hosts.deny
If the results contain /etc/hosts.{allow,deny}, the service is handled by tcpwrapper.
NOTE: xinetd is a TCP wrapped super service. A service on xinetd can be restricted by xinetd with libwrap, even if the service program doesn't link to libwrap.so. Refer to another solution for the detail of xinetd.
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
