I am running Wietse's log-daemon daemons and /bin/login replacement on
a 4.1.4 Sun, along with TCP Wrappers with compiled with process_options
enabled. The goal is to log connections, and also to display
certain banners when people connect, and different ones when
connections are denied. It works great!
However, I noticed that non-rejected rlogin connections display the
banner twice. If I modify my hosts.deny to have a banners action for
"all except in.rlogind" then I get no banner when an rlogin connection is made.
I am concluding that both in.rlogind and tcpd are obeying the
hosts.deny instructions. If this is correct, is there a sensible way
to prevent it, other than by modifying Wietse's rlogind source?
If it is not correct, can someone offer an alternative explanation?
If this is a RTFM question, I apologize -- I was unable to find reference to
the banner feature of the rlogind daemon anywhere other than in the README,
"941218 Changed rlogind and rshd to use the open-ended tcp wrapper 7.0
programmatic interface, so that banners can be used."
Well, I believe that alright! My question is how to not use them, since
tcpd is already displaying them.