Unix/Linux Go Back    

OpenSolaris 2009.06 - man page for hosts_access (opensolaris section 3)

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:   man
Select Man Page Set:       apropos Keyword Search (sections above)


       hosts_access, hosts_ctl, request_init, request_set - access control library

       #include <tcpd.h>

       cc [ flag  ... ] file ...  [ library ... ] -lwrap

       extern int allow_severity;
       extern int deny_severity;

       struct request_info *request_init(request, key, value, ..., 0)
       struct request_info *request;

       struct request_info *request_set(request, key, value, ..., 0)
       struct request_info *request;

       int hosts_access(request)
       struct request_info *request;

       int hosts_ctl(daemon, client_name, client_addr, client_user)
       char *daemon;
       char *client_name;
       char *client_addr;
       char *client_user;

       The routines described in this document are part of the libwrap.so library. They implement
       a rule-based access control language with optional shell commands that are executed when a
       rule fires.

       request_init()	initializes   a  structure  with  information  about  a  client  request.
       request_set() updates an already initialized request  structure.  Both  functions  take	a
       variable-length	list  of  key-value  pairs and return their first argument.  The argument
       lists are terminated with a zero key value. All string-valued arguments	are  copied.  The
       expected keys (and corresponding value types) are:

       RQ_FILE (int)
	      The file descriptor associated with the request.

       RQ_CLIENT_NAME (char *)
	      The client host name.

       RQ_CLIENT_ADDR (char *)
	      A printable representation of the client network address.

       RQ_CLIENT_SIN (struct sockaddr_in *)
	      An internal representation of the client network address and port.  The contents of
	      the structure are not copied.

       RQ_SERVER_NAME (char *)
	      The hostname associated with the server endpoint address.

       RQ_SERVER_ADDR (char *)
	      A printable representation of the server endpoint address.

       RQ_SERVER_SIN (struct sockaddr_in *)
	      An internal representation of the server endpoint address and port.   The  contents
	      of the structure are not copied.

       RQ_DAEMON (char *)
	      The name of the daemon process running on the server host.

       RQ_USER (char *)
	      The name of the user on whose behalf the client host makes the request.

       hosts_access()  consults the access control tables described in the hosts_access(4) manual
       page.  When internal endpoint information is available, host names and client  user  names
       are  looked  up on demand, using the request structure as a cache.  hosts_access() returns
       zero if access should be denied.

       hosts_ctl() is a wrapper around the request_init() and hosts_access() routines with a per-
       haps  more  convenient interface (though it does not pass on enough information to support
       automated client username lookups).  The client host address, client host name  and  user-
       name  arguments	should contain valid data or STRING_UNKNOWN.  hosts_ctl() returns zero if
       access should be denied.

       The allow_severity  and	deny_severity  variables  determine  how  accepted  and  rejected
       requests  may  be logged. They must be provided by the caller and may be modified by rules
       in the access control tables.

       Problems are reported via the syslog daemon.

       hosts_access(4), format of the access control tables.  hosts_options(4),  optional  exten-
       sions to the base language.

       /etc/hosts.allow, /etc/hosts.deny, access control tables.

       hosts_access() uses the strtok() library function. This may interfere with other code that
       relies on strtok().

       Wietse Venema (wietse@wzv.win.tue.nl)
       Department of Mathematics and Computing Science
       Eindhoven University of Technology
       Den Dolech 2, P.O. Box 513,
       5600 MB Eindhoven, The Netherlands

       See attributes(5) for descriptions of the following attributes:

       |Availability	    | SUNWtcpd	      |
       |Interface Stability | Committed       |
       Source for tcp_wrappers is available in the SUNWtcpdS package.

Unix & Linux Commands & Man Pages : ©2000 - 2018 Unix and Linux Forums

All times are GMT -4. The time now is 07:38 PM.