Re: flexfax: Hylafax - fax user defined in passwd

[Matthias.Apitz@SOFTCON.de]

Helen Birkmann wrote:
    
    On Sat, 15 Nov 1997 Matthias.Apitz@SOFTCON.de wrote:
    
    > Eddie Reed wrote:
    >     
    >     
    >     > That "hosts" file should be 0600, uucp owned and uucp group owned.
    >     > You could try starting with the hosts file that comes with the
    >     > distribution, and seeing if *that* works correctly. Also: how are
    > 
    > To clarify: HylaFAX's file host(4F) should be owned by user "fax"
    > which must have the same uid as "uucp". It should also have
    > mode 0600 (BTW: all these details are really explained in the
    > man page of HylaFAX's host(4F)).
    
    HylaFAX's host file on my system is owned by uucp (both user and group)
    and it WILL not let me change it to "fax"  Users fax and uucp both hve
    the same uid, and the hosts file DOES have perms 0600.

If "fax" and "uucp" both have the same uid in the /etc/passwd
it's ok. The uid is stored as a integer value in the inode of
each file and a ls(1) will take this int and uses it to resolve
the name (it looks for a name with that uid) and takes perhaps
the first matching entry.
    
    > Trying 127.0.0.1 ...
    > 220 thias server (HylaFAX (tm) Version 4.0pl2beta) ready.
    > user guru
    > 230 User guru logged in.
    > quit
    > 221 Goodbye.
    
    It lets me log in as user "anything"!

Me too :-))
$ telnet localhost 4559
Trying 127.0.0.1 ...
Connected to localhost.
220 thias server (HylaFAX (tm) Version 4.0pl2beta) ready.
user Birkmann
230 User Birkmann logged in.

And this also normal if your HylaFAX's hosts(4F) file does not
restrict the use of the service from localhost (see the man page
for details).
    
    > If the hfaxd(1M) daemon asks for a pw than one reason could be
    > that it does not use "127.0.0.1" (local loopback) for the incoming
    > client connection. You may check this also simple by running
    > a telnet to the port of the hfaxd(1M) and check from another
    > terminal/session with netstat(1) which interface is used for this
    > connection, e.g. run
    > $ netstat -an | grep 4559
    
    
     tcp        0      0  *.4559                 *.*                    LISTEN
    
    this is all I get when running this command

Did you run the netstat(1) while a telnet session to port
4559 was in progress? If there is no client connection to
port 4559 it will show only the LISTEN, if there is a
connection to port 4559 it will also schow ESTABLISHED lines.
    
    
    > (assuming the "hylafax" port is 4559)
    
    yes!
    
    > Why do you comment it out? It should work fine (and works for
    > me fine) from inetd.conf(4F) and also from boot-time script.
    
    edited both inetd.conf and /etc/rc to start hfaxd with the parameter -I
    rather than the default listed in /etc/rc (-i -s -o)

The "-I" will only work if hfaxd(1M) is started from the inetd(1M)
via an entry in inetd.conf(4F). "-I" means: the client/server
protocol is using stdin and stdout (these file descriptors are
handed over by inetd(1M) as a connected socket). If you use
"-I" in a boot-time start script it will not work. On the
other hand you can't use "-i hylafax" in inetd.conf(4F) because
inetd(1M) is listening on port "hylafax" and not hfaxd(1M) itself.
Your error message below "4559 in use" will be the result of
using "-i hylafax" in inetd.conf(4F).  In inetd.conf(4F) you must
use "-I".
    
    > 
    > Does your system create a new inetd.conf(4F) file from some
    > "master file" while booting (some UNIXes are doing such nice things,
    > e.g. also for the file inittab(4F) -- check your manual of
    > inetd.conf(4F), inetd(1M) or init(1M) for information about this).
    
    
    No, the file is the same after each reboot, because it keeps any changes I
    made before reboot.
    
    > No. This would not solve your problem (hfaxd(1M) is running
    > and that's fine).
    
    Yes, but the /var/log/messages file shows several errors:
    
    When I keep the hfaxd startup parameter in the inetd.conf, I get an error
    "hylafax tcp/ip port 4559 already in use"

Yes. You set "-i hylafax" in inetd.conf(4F) and hfaxd(1M)
sees the port 4559 in use (by inetd(1M). Use "-I".
    
    When I try to start it manually (commenting the startup parameter in the
    inetd.conf) I get the error "non-socket operation on socket", and it won't
    start up.

Please show exactly the command line you're using for the manually
start. Keep also in mind that you have to send the signal
SIG_HUP to inetd(1M) to make your changes to inetd.conf(4F)
working.
    
    > This line is only used if hfaxd(1M) uses the "127.0.0.1"
    > interface for the client connection. See above. The "5" is
    > also total unrelated to your problem (asking for pw); check
    > the manual of hosts(4F) for the real purpose of this
    > parameter.
    
    I started out with a complete new hosts file and made sure there's no
    trailing spaces.
    
    > As said allready, the user "fax" must have the same uid as "uucp"
    > and not 5 or 6 or some other value. Just check your passwd(4F)
    > file for these users. I *may* be 6 (if "uucp" is 6).
    
    What about the daily insecurity output file:
    
    
    >From root@lumpy.mkl.com Sun Nov 16 19:28:27 1997
    Date: Sun, 16 Nov 1997 03:11:03 -0500 (EST)
    From: System Administrator <root@lumpy.mkl.com>
    To: root@lumpy.mkl.com
    Subject: lumpy daily insecurity output
    
    
    Checking the /etc/master.passwd file:
    Login fax is off but still has a valid shell.
    
    /etc/master.passwd has duplicate user id's.
    fax 6	uucp 6
    
    Checking home directories:
    user fax home directory is owned by uucp

I think you should ignore these messages. They're just
telling that the things are fine as they are.

	matthias