Rechercher une page de manuel
hosts_options
Langue: ja
Version: 55028 (openSuse - 09/10/07)
Section: 5 (Format de fichier)
Sommaire
NAME
hosts_options - ¥Û¥¹¥È¥¢¥¯¥»¥¹¥³¥ó¥È¥í¡¼¥ë¤Î³ÈÄ¥½ñ¼°DESCRIPTION
¤³¤Îʸ½ñ¤Ï¡¢hosts_access(5) ¤ÇÀâÌÀ¤¹¤ëʸˡ¤Î¥ª¥×¥·¥ç¥Ê¥ë¤Ê³ÈÄ¥¤Ë ¤Ä¤¤¤Æ²òÀ⤹¤ë¤â¤Î¤Ç¤¢¤ë¡£¤³¤Î³ÈÄ¥¤Ï¡¢¥×¥í¥°¥é¥à¤ò¥³¥ó¥Ñ¥¤¥ë¤·¤¿ ºÝ¤ËÍøÍѤβÄÈݤ¬·è¤Þ¤ë¡£Î㤨¤Ð¡¢Makefile ¤òÊÔ½¸¤·¡¢¥³¥ó¥Ñ¥¤¥ë»þ ¤Ë PROCESS_OPTIONS ¤ò͸ú¤Ë¤·¤¿¾ì¹ç¤Ç¤¢¤ë¡£³ÈÄ¥½ñ¼°¤Ï¤³¤Î¤è¤¦¤Ê·Á¼°¤Ç¤¢¤ë:
daemon_list : client_list : option : option ...
ºÇ½é¤Î¤Õ¤¿¤Ä¤Î¥Õ¥£¡¼¥ë¥É¤Ë¤Ä¤¤¤Æ¤Ï¡¢hosts_access(5) ¤Î¥Þ¥Ë¥å¥¢¥ë ¤Ç²òÀ⤵¤ì¤Æ¤¤¤ë¡£¥ë¡¼¥ë¤Î»Ä¤ê¤ÎÉôʬ¤Ï¡¢0 ¸Ä°Ê¾å¤Î¥ª¥×¥·¥ç¥ó¤ÎÎó ¤Ç¤¢¤ë¡£¥ª¥×¥·¥ç¥ó¤ÎÃæ¤Ç¤Ï¡¢¤¹¤Ù¤Æ¤Î ":" ¤È¤¤¤¦Ê¸»ú¤Ï¥Ð¥Ã¥¯¥¹¥é¥Ã ¥·¥å¤Ë¤è¤Ã¤ÆÊݸ¤ì¤ëɬÍפ¬¤¢¤ë¡£
¥ª¥×¥·¥ç¥ó¤Ï "keyword" ¤Þ¤¿¤Ï "keyword value" ¤Î·Á¼°¤ò¤È¤ë¡£¥ª¥× ¥·¥ç¥ó·²¤Ïµ½Ò¤µ¤ì¤¿½ç¤Ë²ò¼á¤µ¤ì¤ë¡£¤¤¤¯¤Ä¤«¤Î¥ª¥×¥·¥ç¥ó¤Ï %<letter> ¤Ë¤è¤ëÃÖ¤´¹¤¨¤ò²¾Äꤷ¤Æ¤¤¤ë¡£½é´ü¤Î¥Ð¡¼¥¸¥ç¥ó¤È¤Î¸ß´¹ À¤Î¤¿¤á¤Ë¡¢"=" ¤ò keyword ¤È value(ÃÍ) ¤Î´Ö¤Ë¤ª¤¯»ö¤âµö¤µ¤ì¤Æ¤¤ ¤ë¡£
LOGGING (¥í¥°¤ÎµÏ¿)
- severity mail.info
- severity notice
- ¥¤¥Ù¥ó¥È¤ò¥í¥°¤ËµÏ¿¤¹¤ë severity("·ã¤·¤µ") ¤Î¥ì¥Ù¥ë¤òÊѹ¹¤¹¤ë¡£ Facility names (¶¡¤µ¤ì¤ëÍøÊؤιàÌÜ¡¢¤¿¤È¤¨¤Ð mail) ¤ÏǤ°Õ¤Ç¤¢¤ê¡¢ ¸Å¤¤ syslog ¤Î¼ÂÁõ¤Ç¤Ï¥µ¥Ý¡¼¥È¤µ¤ì¤Æ¤¤¤Ê¤¤¡£severity ¥ª¥×¥·¥ç¥ó ¤Ï¡¢»Ø¼¨¤µ¤ì¤¿¥¤¥Ù¥ó¥È¤ò¶¯Ä´¤¹¤ë¤«¡¢¤¢¤ë¤¤¤Ï̵»ë¤¹¤ë¤¿¤á¤ËÍ°Õ¤Ç ¤¢¤ë¡£
ACCESS CONTROL (¥¢¥¯¥»¥¹¤Î²ÄÈÝ)
- allow
- deny
- ¥µ¡¼¥Ó¥¹¤Î²ÄÈÝ¡£¤³¤ì¤é¤Î¥ª¥×¥·¥ç¥ó¤Ï¡¢¥ë¡¼¥ë¤ÎºÇ¸å¤Ëµ½Ò¤·¤Ê¤±¤ì ¤Ð¤Ê¤é¤Ê¤¤¡£
allow ¤È deny ¤Ï¡¢¤¹¤Ù¤Æ¤Î¥¢¥¯¥»¥¹¥³¥ó¥È¥í¡¼¥ë¤Î¥ë¡¼ ¥ë¤ò¡¢¤¿¤À¤Ò¤È¤Ä¤Î¥Õ¥¡¥¤¥ë¡¢¤¿¤È¤¨¤Ðhosts.allow ¤ËǼ¤á¤ë»ö ¤ò²Äǽ¤Ë¤·¤Æ¤¤¤ë¡£
ÌÀ¼¨¤µ¤ì¤¿¥Û¥¹¥È¤À¤±¤Ë¥¢¥¯¥»¥¹¤òµö²Ä¤¹¤ë¤Ë¤Ï:
ALL: .friendly.domain: ALLOW
ALL: ALL: DENY
¥È¥é¥Ö¥ë¥á¥¤¥«¡¼¤È¤Ê¤ë¡¢¤¤¤¯¤Ä¤«¤Î¥Û¥¹¥È¤ò½ü¤¤¤Æ¡¢¤¹¤Ù¤Æ¤Î¥Û¥¹¥È ¤«¤é¤Î¥¢¥¯¥»¥¹¤òµö²Ä¤¹¤ë¤Ë¤Ï:
ALL: .bad.domain: DENY
ALL: ALL: ALLOW
¥É¥á¥¤¥ó̾¤Î¥Ñ¥¿¡¼¥ó¤ÎºÇ½é¤Ë¤Ï¥É¥Ã¥È¤¬¤Ä¤¤¤Æ¤¤¤ë»ö¤ËÃíÌܤµ¤ì¤¿¤¤¡£
RUNNING OTHER COMMANDS (³°Éô¥³¥Þ¥ó¥É¤Î¼Â¹Ô)
- spawn shell_command
- hosts_access(5) ¤Î¥Þ¥Ë¥å¥¢¥ë¤Ç²òÀ⤵¤ì¤ë %<letter> ¤ÎÃÖ¤´¹¤¨¤¬ ¼Â¹Ô¤µ¤ì¤¿¤Î¤Á¤Ë¡¢»Ò¥×¥í¥»¥¹¤Ç¡¢»ØÄê¤Î¥·¥§¥ë¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤¹¤ë¡£ ¥³¥Þ¥ó¥É¤Ïɸ½àÆþÎÏ¡¢É¸½à½ÐÎÏ¡¢¤½¤·¤Æɸ½à¥¨¥é¡¼½ÐÎϤò null ¥Ç¥Ð¥¤ ¥¹¤Ë·Ò¤²¤¿¾õÂ֤Ǽ¹Ԥµ¤ì¤ë¡£¤·¤¿¤¬¤Ã¤Æ¡¢¤³¤ì¤Ë¤è¤Ã¤Æ¥¯¥é¥¤¥¢¥ó¥È ¥Û¥¹¥È¤È¤Î²ñÏ䬺®Í𤹤ë¤è¤¦¤Ê¤³¤È¤Ï¤Ê¤¤¡£Î㤨¤Ð:
spawn (/some/where/safe_finger -l @%h | /usr/ucb/mail root) &¤³¤ì¤Ï¡¢%h ¤ò ¥ê¥â¡¼¥È¥Û¥¹¥È¤Î̾Á°¤Þ¤¿¤Ï¥¢¥É¥ì¥¹¤ËÃÖ¤´¹¤¨¤¿¤Î¤Á ¤Ë¡¢¥Ð¥Ã¥¯¥°¥é¥¦¥ó¥É¤Î»Ò¥×¥í¥»¥¹¤Ç¡¢¥·¥§¥ë¥³¥Þ¥ó¥É "safe_finger -l @%h | mail root" ¤ò¼Â¹Ô¤¹¤ë¡£
¤³¤ÎÎã¤Ç¤Ï¡¢(¥ê¥â¡¼¥È¤Î) finger ¥µ¡¼¥Ð¡¼¤«¤éÁ÷¤é¤ì¤Æ¤¯¤ë¥Ç¡¼¥¿¤Ë ¤è¤Ã¤Æ¡¢¥À¥á¡¼¥¸¤¬¤â¤¿¤é¤µ¤ì¤ë²ÄǽÀ¤òÍÞ¤¨¤ë¤¿¤á¡¢É¸½à¤Î "finger" ¥³¥Þ¥ó¥É¤ËÂå¤ï¤Ã¤Æ "safe_finger" ¥³¥Þ¥ó¥É¤òÍøÍѤ·¤Æ¤¤¤ë¡£ ¤³¤Î "safe_finger" ¥³¥Þ¥ó¥É¤Ï¡¢daemon wrapper package ¤Ë´Þ¤Þ¤ì¤Æ ¤¤¤ë¡£¤³¤ì¤Ï¡¢É¸½à¤Î finger ¤ÎϪʧ¤¤¤È¤·¤Æ¡¢¥ê¥â¡¼¥È¥Û¥¹¥È¤«¤éÁ÷ ¤é¤ì¤ë¥Ç¡¼¥¿¤ò¥Õ¥£¥ë¥¿¥ê¥ó¥°¤¹¤ë¡£
- twist shell_command
- hosts_access(5) ¤Î¥Þ¥Ë¥å¥¢¥ë¤Ç²òÀ⤵¤ì¤ë %<letter> ¤ÎÃÖ¤´¹¤¨¤¬ ¼Â¹Ô¤µ¤ì¤¿¤Î¤Á¤Ë¡¢¸½ºß¤Î¥×¥í¥»¥¹¤ò¡¢Í׵ᤵ¤ì¤¿¥·¥§¥ë¥³¥Þ¥ó¥É¤ÇÃÖ ¤´¹¤¨¤ë¡£É¸½àÆþÎÏ¡¢É¸½à½ÐÎϤ½¤·¤Æɸ½à¥¨¥é¡¼½ÐÎϤϡ¢¥¯¥é¥¤¥¢¥ó¥È ¤Î¥×¥í¥»¥¹¤ËÀܳ¤µ¤ì¤ë¡£¤³¤Î¥ª¥×¥·¥ç¥ó¤Ï¥ë¡¼¥ë¤ÎºÇ¸å¤Ëµ½Ò¤¹¤ëɬ Íפ¬¤¢¤ë¡£
¼ÂºÝ¤Î ftp ¥Ç¡¼¥â¥ó¤ËÂå¤ï¤Ã¤Æ¡¢¥á¥Ã¥»¡¼¥¸¤òÊѹ¹¤·¤Æ¥¯¥é¥¤¥¢¥ó¥È ¤ËÊÖ¤¹¤Ë¤Ï:
in.ftpd : ... : twist /bin/echo 421 Some bounce message¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥»¥¹¤È²ñÏ乤ëÊ̤ÎÊýË¡¤È¤·¤Æ¡¢¸å½Ò¤¹¤ë banners ¥ª¥×¥·¥ç¥ó¤ò»²¾È¤µ¤ì¤¿¤¤¡£
/some/other/in.telnetd ¤ò¡¢¥³¥Þ¥ó¥É¥é¥¤¥ó¤Î°ú¿ô¤ä¥×¥í¥»¥¹¤Î´Ä¶ ÊÑ¿ô¤Ë¤è¤Ã¤Æ±øÀ÷¤µ¤ì¤ë¤³¤È¤Ê¤¯¼Â¹Ô¤¹¤ë¤Ë¤Ï:
in.telnetd : ... : twist PATH=/some/other; exec in.telnetd·Ù¹ð: UDP ¥µ¡¼¥Ó¥¹¤Ë¤ª¤¤¤Æ¤Ï¡¢standard I/O ¤ÎÍøÍÑ¡¢¤Þ¤¿¤Ï¥¯¥é¥¤ ¥¢¥ó¥È¥×¥í¥»¥¹¤È¤Î¸ò¿®¤Î¤¿¤á¤Î read(2)/write(2) ¥ë¡¼¥Á¥ó¤È¡¢ command ¤òº®Æ±¤·¤Ê¤¤¤è¤¦¤Ë; UCP ¤Ï¡¢¤Þ¤¿Ê̤δðËÜŪ¤Ê I/O ¤òɬÍ× ¤È¤¹¤ë¡£
NETWORK OPTIONS (¥Í¥Ã¥È¥ï¡¼¥¯¤Ë´Ø¤¹¤ë¥ª¥×¥·¥ç¥ó)
- keepalive
- Äê´üŪ¤Ë¥µ¡¼¥Ð¡¼¤Ï¥¯¥é¥¤¥¢¥ó¥È¤Ë¥á¥Ã¥»¡¼¥¸¤òÁ÷¤ë¤è¤¦¤Ë¤Ê¤ë¡£¤â¤·¡¢ ¥¯¥é¥¤¥¢¥ó¥È¤«¤é¤Î±þÅú¤¬¤Ê¤¤¾ì¹ç¡¢Àܳ¤ÏÀÚÃǤµ¤ì¤¿¤â¤Î¤È¸«¤Ê¤µ¤ì ¤ë¡£¤³¤Î keepalive ¥ª¥×¥·¥ç¥ó¤Ï¡¢¥æ¡¼¥¶¡¼¤¬¥µ¡¼¥Ð¡¼¤Ë·Ñ¤Ã¤Æ¤¤¤ë ´Ö¤Ë¡¢¥Þ¥·¥ó¤ÎÅŸ»¤òÀڤä¿»þ¤ËÍÍѤǤ¢¤ë¡£keepalive ¥ª¥×¥·¥ç¥ó¤Ï datagram (UDP) services ¤Ë¤ÏÌò¤ËΩ¤¿¤Ê¤¤¡£
- linger number_of_seconds
- ¥µ¡¼¥Ð¡¼¤Î¥×¥í¥»¥¹¤¬Àܳ¤òÀÚÃǤ·¤¿¤Î¤Á¡¢¥«¡¼¥Í¥ë¤¬Ì¤ÇÛÁ÷¥Ç¡¼¥¿¤Î ºÆÁ÷¤ò»î¤ß¤ë»þ´Ö¤ò»Ø¼¨¤¹¤ë¡£
USERNAME LOOKUP (¥æ¡¼¥¶¡¼Ì¾¤ÎÌ䤤¹ç¤ï¤»)
- rfc931 [ timeout_in_seconds ]
- RFC 931 (TAP, IDENT, RFC 1413) ¤Ë¤·¤¿¤¬¤¦·Á¤Ç¡¢¥¯¥é¥¤¥¢¥ó¥È¥æ¡¼ ¥¶¡¼Ì¾¤òÌ䤤¹ç¤ï¤»¤ë¡£¥µ¡¼¥Ó¥¹¤¬ TCP °Ê³°¤ÎžÁ÷ÊýË¡¤Ë´ð¤Å¤¤¤Æ¤¤ ¤ë¾ì¹ç¤Ï¡¢¤³¤Î¥ª¥×¥·¥ç¥ó¤ÏÌۤäÆ̵»ë¤µ¤ì¤ë¡£¤³¤ÎÊýË¡¤Ï¥¯¥é¥¤¥¢¥ó ¥È¤Î¥·¥¹¥Æ¥à¤¬ RFC 931 ¤È¸ß´¹À¤Î¤¢¤ë¥Ç¡¼¥â¥ó (IDENT ¤Ê¤É) ¤òÁö ¤é¤»¤Æ¤¤¤ë¤³¤È¤¬¾ò·ï¤Ç¡¢non-UNIX ¤Î¥¯¥é¥¤¥¢¥ó¥È¤«¤é¤ÎÀܳ¤ËÂФ· ¤Æ¤Ï¡¢Ãø¤·¤¯ÃÙ¤¯¤Ê¤ë¤À¤í¤¦¡£timeout ¤Þ¤Ç¤ÎÉÿô¤ÏǤ°Õ¤Ç¤¢¤ë¡£ timeout ¤¬»Ø¼¨¤µ¤ì¤Ê¤¤¾ì¹ç¡¢¥³¥ó¥Ñ¥¤¥ë»þ¤Ë·è¤á¤é¤ì¤¿½é´üÃͤ¬»È¤ï ¤ì¤ë¡£
MISCELLANEOUS (¤½¤Î¾¤Î»ö¹à)
- banners /some/directory
- `/some/directory' ¤ÎÃæ¤Ç¡¢¥Ç¡¼¥â¥ó¥×¥í¥»¥¹¤Î̾Á°¤È°ìÃפ¹¤ë¥Õ¥¡¥¤ ¥ë (¤¿¤È¤¨¤Ð¡¢telnet ¥µ¡¼¥Ó¥¹¤Ê¤é in.tenletd)¤òõ¤·¡¢¤½¤ÎÆâÍƤò ¥¯¥é¥¤¥¢¥ó¥È¤ËÂФ·¤Æ¥³¥Ô¡¼¤¹¤ë¡£²þ¹Ôʸ»ú¤Ï¡¢CR(carriage-return) ²þ¹Ôʸ»ú¤ËÃÖ¤´¹¤¨¤é¤ì¡¢%<letter> ¤ÏŸ³«¤µ¤ì¤ë (hosts_access(5) ¤Î¥Þ¥Ë¥å¥¢¥ë¤ò»²¾È)¡£
tcp wrapper ¤ÎÇÛÉÛ¥½¡¼¥¹¤Ë¤Ï¡¢¼êºÝ¤è¤¯ banner ¤òÊݼ餹¤ë¤¿¤á¤Î¡¢ ¥µ¥ó¥×¥ë¤Î makefile (Banners.Makefile) ¤¬´Þ¤Þ¤ì¤Æ¤¤¤ë¡£
·Ù¹ð: banners ¤Ï connection-oriented (TCP) network (¥³¥Í¥¯¥·¥ç¥ó ¤Ë»Ø¸þ¤Î¹â¤¤¥µ¡¼¥Ó¥¹)¤Ç¤Î¤ßÍøÍѤ¹¤ë»ö¤¬¤Ç¤¤ë¡£
- nice [ number ]
- ¥×¥í¥»¥¹¤Î nice ÃͤòÊѹ¹¤¹¤ë(½é´üÃÍ¤Ï 10)¡£Â¾¤Î¥×¥í¥»¥¹¤Ë¡¢¤è¤ê ¿¤¯¤Î CPU »ñ¸»¤ò³ä¤êÅö¤Æ¤ë¤Ë¤Ï¡¢Àµ¤ÎÃͤò»Ø¼¨¤¹¤ë¡£
- setenv name value
- (name, value) ¤Î¥Ú¥¢¤ò¥×¥í¥»¥¹¤Î´Ä¶ÊÑ¿ô¤ËÀßÄꤹ¤ë¡£value ¤Ï %<letter> ¤Ø¤ÎŸ³«¤¬¤¢¤ë¤â¤Î¤È²¾Äꤵ¤ì¡¢¥Û¥ï¥¤¥È¥¹¥Ú¡¼¥¹¤ÎÍøÍÑ¤Ï ¼«À©¤¹¤ëɬÍפ¬¤¢¤ë¤À¤í¤¦(¤¿¤À¤·¡¢Á°¸å¤Î¶õÇò¤ÏÀÚ¤ê¼Î¤Æ¤é¤ì¤ë)¡£
·Ù¹ð: ¿¤¯¤Î¥Í¥Ã¥È¥ï¡¼¥¯¥Ç¡¼¥â¥ó¤Ï login ¤Þ¤¿¤Ï shell ¥×¥í¥»¥¹¤ò ºÆµ¯Æ°¤¹¤ëÁ°¤Ë¡¢¤½¤Î´Ä¶ÊÑ¿ô¤ò¥ê¥»¥Ã¥È¤¹¤ë¡£
- umask 022
- ¥·¥§¥ë¤Î¥Ó¥ë¥È¥¤¥ó¥³¥Þ¥ó¥É umask ¤È»÷¤¿µ¡Ç½¡£022 ¤Î umask ¤Ï¡¢ group ¤È world ¤Ë¤è¤ë½ñ¤¹þ¤ß¶Ø»ßÁ¼Ã֤ˤè¤Ã¤Æ¡¢¥Õ¥¡¥¤¥ë¤ÎºîÀ®¤ò ͽËɤ¹¤ë¡£umask ¤Î°ú¿ô¤Ï 8 ¿Ê¿ô¤Ç¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¡£
- user nobody
- user nobody.kmem
- ¥æ¡¼¥¶¡¼ "nobody" (¤Þ¤¿¤Ï¥æ¡¼¥¶¡¼ "nobody", ¥°¥ë¡¼¥× "kmem")¤Ï¡¢ ÆÃÊ̤ʰ·¤¤¤È¤ß¤Ê¤¹¡£ºÇ½é¤Î·Á¼°¤Ï¡¢root ¸¢¸Â¤ÇÁ´¤Æ¤Î¥µ¡¼¥Ó¥¹¤ò¼Â ¹Ô¤¹¤ë¤è¤¦¤Ê inetd¤Î¼ÂÁõ¤ÇÍÍѤǤ¢¤ë¡£ÆóÈÖÌܤηÁ¼°¤Ï¡¢¥°¥ë¡¼¥×¤Î ¸¢¸Â¤Î¤ß¤¬É¬Íפʥµ¡¼¥Ó¥¹¤Î¤¿¤á¤ËÍÍѤǤ¢¤ë¡£
DIAGNOSTICS
¥¢¥¯¥»¥¹¥³¥ó¥È¥í¡¼¥ë¥ë¡¼¥ë¤Ëʸˡ¥¨¥é¡¼¤¬È¯¸«¤µ¤ì¤¿¾ì¹ç¡¢¥¨¥é¡¼¤Ï syslog ¥Ç¡¼¥â¥ó¤ØÊó¹ð¤µ¤ì¤ë¡£Í¾·×¤Ê¥ª¥×¥·¥ç¥ó¤Ï̵»ë¤µ¤ì¡¢¥µ¡¼¥Ó ¥¹¤ÏµñÈݤµ¤ì¤ë¡£SEE ALSO
hosts_access(5), ´ðËÜŪ¤Ê¥¢¥¯¥»¥¹¥³¥ó¥È¥í¡¼¥ë½ñ¼°AUTHOR
Wietse Venema (wietse@wzv.win.tue.nl) Department of Mathematics and Computing Science Eindhoven University of Technology Den Dolech 2, P.O. Box 513, 5600 MB Eindhoven, The Netherlands
ËÝÌõ¼Ô
FUKUSHIMA Osamu/Ê¡Åç±÷½¤ <fuku@amorph.rim.or.jp>
Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre