You need a copy of the shell too, but then you can use shell variable functions
to avoid the need for sed.
(heheh)
Andres Perera <andre...@zoho.com> wrote:
>the kernel can make identd queries with
>
>setenv("remote_port", 123);
>setenv("local_port", 456);
>popen("echo $remote_port, $local_port|nc localhost 113|sed 's,.*:,,'",
>"r");
>
>
>i have diff to change chroot(1) so that it documents the need:
>
>+.Sh
>+needs nc and sed in the chroot for pf usage
>
>or alternatively identc can be implemented as a kernel module
>
>identd responses could be cached for 5 minutes and invalidated when
>the remote host does adduser, or vipw
>
>On Wed, Aug 14, 2013 at 6:55 PM, Henning Brauer
><lists-openbsdb...@bsws.de> wrote:
>> * Maxim Khitrov <m...@mxcrypt.com> [2013-08-14 22:51]:
>>> On Wed, Aug 14, 2013 at 3:14 PM, Mike Belopuhov <m...@belopuhov.com>
>wrote:
>>> > unless a local socket is found, user or group check will not be
>performed.
>>> That doesn't make sense to me. Are you saying that a user/group
>>> condition is ignored in some cases? That sounds like a bug in
>itself.
>>
>> think it through: how do you look uo the user owning the socket on a
>> remote machine?
>>
>> --
>> Henning Brauer, h...@bsws.de, henn...@openbsd.org
>> BS Web Services GmbH, http://bsws.de, Full-Service ISP
>> Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to
>Fully Managed
>> Henning Brauer Consulting, http://henningbrauer.com/
