https://bugzilla.novell.com/show_bug.cgi?id=230730 ------- Comment #12 from walter.haidinger@gmx.at 2007-01-17 03:25 MST ------- Ah, I see! No, it is all about cups not working with a perfectly fine and _unchanged_ hosts.allow file after the upgrade from 10.1 to 10.2. I'm not relying on tcpd for cups but I wanted to emphasize a likely usage scenario (which happens to work for me right now, though). Anyways, I'm also aware that this is an add-on patch to the cups distribution. That's why I wanted to remove it by building cups from the source rpm. Unfortunately this doesn't work either, please refer to comment #2. Does building from the source rpm work for you? So, the tcp-wrapper add-on patch is obviously broken because all (even non-socket) connections are passed to libwrap (see comment #3). The bug may even mount to an annoying DOS attack on the console: Say, you're logging syslog errors to the console too using syslog-ng usertty() function to notice important stuff right away. Then your console is flooded with error messages from cups. How many? Well, lets count the errors per second: # for sec in 25 26 27 28 29 ; do grep -c "^Jan 5 21:50:$sec banshee cupsd: warning: /etc/hosts.allow" /var/log/level/error ; done 564 635 612 563 685 That's about 600 lines per second, rendering your console unusable. Even worse, the logs only stop upon killing cups (or syslog, of course). But even if you don't log to console, your /var/log partition will fill rather quickly... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.