|
Authen::Libwrap - access to Wietse Venema's TCP Wrappers library |
Authen::Libwrap - access to Wietse Venema's TCP Wrappers library
use Authen::Libwrap qw( hosts_ctl STRING_UNKNOWN );
# we know the remote username (using identd)
$rc = hosts_ctl( "programname",
"hostname.domain.com",
"10.1.1.1",
"username" );
);
print "Access is ", $rc ? "granted" : "refused", "\n";
# we don't know the remote username
$rc = hosts_ctl( "programname",
"hostname.domain.com",
"10.1.1.1",
STRING_UNKNOWN );
);
print "Access is ", $rc ? "granted" : "refused", "\n";
The Authen::Libwrap module allows you to access the hosts_ctl() function from
the popular TCP Wrappers security package. This allows validation of
network access from perl programs against the system-wide hosts.allow
file.
If any of the parameters to hosts_ctl() are not known (i.e. username due to
lack of an identd server), the constant STRING_UNKNOWN should be passed to
the function.
Nothing unless you ask for it.
hosts_ctl( $daemon, $hostname, $ip_address, $username );
STRING_UNKNOWN
Calls to hosts_ctl() which a line in hosts.allow that uses the ``twist''
option will terminate the running perl program. This is not a bug in
Authen::Libwrap per se -- libwrap uses exec(3) to replace the running process
with the specified program, so there's nothing to return to.
Some operating systems ship with a default catch-all rule in hosts.allow that uses the twist option. You may have to modify this configuration to use Authen::Libwrap effectively.
James FitzGibbon, <james@ehlo.com>
perl(1), hosts_access(3), hosts_access(5), hosts_options(5)
|
Authen::Libwrap - access to Wietse Venema's TCP Wrappers library |