NFS tcpwrapper - Strange issue

Latest response

I encountered a strange issue with tcpwrapper (hosts.allow) and NFS yesterday and I am wondering if anyone has come across the same issue or knows if it is a bug.

The issue has to do with mountd and how to tcpwrap it. In the man page it states that you need to use rpc.mountd, so we have formatted our hosts.allow with the following:
rpc.mountd:10.xx.xxx.0/255.255.255.0 10.xx.xx.xxx

However when we do this it will work, but only for the first address/subnet range. As soon as we add another address we get the following error in the messages log:

rpc.mountd[2196]: connect from 10.xx.xx.xxx denied: request from unauthorized host

I have found that if we change the mountd entry to the following:

mountd:10.xx.xxx.0/255.255.255.0 10.xx.xx.xxx

All of the servers start working with out any problems.

Has anyone come across this issue?

Responses

The mountd man page specifically says:

Use the daemon name mountd even if the rpc.mountd binary has a different name.

So the hosts.allow entry mountd:<ip addresses> is the correct syntax.

I agree that the man page fomratting is confusing, as it refers to the "rpc.mountd" binary name in bold, as well as the TCP wrapper "mountd" in bold.

After looking at it closer yesterday I saw the same thing. So yes it is a bit confusing, just needed to read it a bit closer.

Either way we got it all working.

Thanks for the reply