[Spread-users] non default RequiredAuthMethods doesn't work.
Gregory Cavanagh
greg at linux-rulz.com
Fri Sep 16 01:37:31 EDT 2005
Chad,
I am trying to do the same thing and am having the same problem on a redhat enterprise box.
I did an strace on spread and it did open and read my /etc/spread.access_ip.
However it doesn't seem to ever init my ip list and I never see the
"ip_init: using file: /etc/spread.access_ip" message.
I have tried RequiredauthMethods and AllowedAuthMethods as you did.
Stuck and would greatly appreciate hearing what the secret configuration options are.
--Greg
>Hi,
>I have run version 3.17.2 on my desktop machine for a while (Slackware
>9.1). I never changed the RequiredAuthMethods or AllowedAuthMethods lines
>in spread.conf.
>Recently I tried to run 3.17.3 on another machine (Slackware 10.0).
>I am trying to get the "IP" auth method working. If I leave the
>RequiredAuthMethods or AllowedAuthMethods lines commented out I can
>connect with spuser.
>As soon as I uncomment either of those two lines I am no longer able to
>connect.
> $ spuser
> Spread library version is 3.17.3
> SP_error: (-9) Connection rejected, authentication failed
> Bye.
>I have been adding some printfs to the code. I figured out that empty
>lines in spread.access_ip seem to cause problems so I removed everything
>except the following five lines. One is the server IP and one is my
>desktop IP. I put the localhost IP in there to see if it would work.
> unix
> local
> 127.0.0.1
> 66.244.238.43
> 68.144.176.6
>I also tried with the lines including a "/32" mask but that didn't work.
>It looks like the code assumes "/32" if none is provided.
>
>Right now the auth lines in spread.conf look like:
> RequiredAuthMethods = "IP"
> AllowedAuthMethods = "IP"
>The output from the printfs I've added are below. They include the
>function name, the source code line number (which won't mean much to you)
>and usually the value of a variable.
> CHAD : 'Acm_auth_get_allowed_list' called
> CHAD : 'Acm_auth_get_allowed_list' '291' Num_Auth_Methods: '2'
> CHAD : 'Acm_auth_get_allowed_list' '296' : '0' enabled '0' name 'NULL'
> CHAD : 'Acm_auth_get_allowed_list' '296' : '1' enabled '1' name 'IP'
> CHAD : 'Acm_auth_get_allowed_list' '308' list: 'IP '
> CHAD : 'Sess_accept_continue' '845' list_len: '3'
> CHAD : 'Sess_accept_continue' '846' allowed_auth_list: 'IP '
> CHAD : 'Sess_recv_client_auth' called
> CHAD : 'Sess_recv_client_auth' '893' auth_name ''
> Sess_recv_client_auth: reading auth string SHORT on mailbox 9
>It looks the authentication system is looking for an authentication name
>from the client. I'm running spuser without any command line
>arguments but I also tried spuser -s 4803 at ip_addr without any luck.
>I've tried running spuser from the same machine as spread is running on
>and from my desktop machine. I also upgraded my desktop version to
>3.17.03.
>Is there a setting that I'm missing somewhere? I didn't see anything in
>the user guide PDF file I would keep digging but I don't have any time to
>work on it for a couple days so I figured I would just ask and hope
>someone has an answer.
>Thanks,
>/Chad
More information about the Spread-users
mailing list