Samba upgrade installs xinted: no telnet nor SWAT after this

>Version:       V2.3R63-uNSLUng-6.8-beta
>USB Port 1:    Ready, 729MB (52% Free) [1 GB USB-Stick]
>USB Port 2:    Ready, 469220MB (1% Free) [500 GB Maxtor One-Touch]
>uNSLUng status:   Unslung to disk1, /dev/sdb1
>
>All,
>
>since a couple of week I run into the issue that after the upgrade of
>packages Samba was still working, but I could no longer log into my
>Slug with telnet nor was SWAT working any longer.
>
>In the meantime I think I traced it down by installing all packages
>individually but Samba.
>
>Though xinted isn't installed yet on my SLUG (should I - why?)
>
># ipkg remove xinetd
>No packages removed.
>Nothing to be done
>
>the upgrade of Samba seems to trigger the installation of xinetd
>causing the trouble:
>
># ipkg -test upgrade
>Upgrading    samba on root from 3.0.28a-1 to 3.2.0-1...
>Downloading
>http://ipkg.nslu2-linux.org/feeds/optware/nslu2/cross/stable/samba_3.2.0
>-1_armeb.ipk
>Installing xinetd (2.3.14-7) to root...
>Downloading
>http://ipkg.nslu2-linux.org/feeds/optware/nslu2/cross/stable/xinetd_2.3.
>14-7_armeb.ipk
>Nothing to be done
>
>Any hint what may go wrong here?

> Version:   V2.3R63-uNSLUng-6.8-beta
> USB Port 1: Ready, 729MB (52% Free) [1 GB USB-Stick]
> USB Port 2: Ready, 469220MB (1% Free) [500 GB Maxtor One-Touch]
> uNSLUng status:   Unslung to disk1, /dev/sdb1
>
> All,
>
> since a couple of week I run into the issue that after the upgrade of
> packages Samba was still working, but I could no longer log into my
> Slug with telnet nor was SWAT working any longer.

>Using a none standard subnet can cause this problem because Xinetd is
>pre configured to use the standard subnet.  Suggest re-installing Xinetd
>and then checking the config file /opt/etc/xinetd.conf.  I have changed
>mine as follows :-
>
>defaults
>{
>         only_from      = localhost 0.0.0.0/0
>         instances      = 60
>         log_type       = SYSLOG authpriv info
>         log_on_success = HOST PID
>         log_on_failure = HOST
>         cps            = 25 30
>}
>
>includedir /opt/etc/xinetd.d

>On Mon, 7 Jul 2008 21:11:20 +0100, Robert Hammond wrote:
>>In message <g4tqek+81oe-B11MqFFcr05BDgjK7y7TUQ@...>,
>doll_oliver
>><doll_oliver-/E1597aS9LQAvxtiuMwx3w@...> writes:
>>> [...]
>>># ipkg -test upgrade
>>>Upgrading    samba on root from 3.0.28a-1 to 3.2.0-1...
>>> [...]
>> Xinetd seems to be a perquisite for Samba 3,  I think it is needed
>for Swat.
>
>hmm, this sounds pretty odd to me as I use Samba 3.x, SWAT (and
>telnet) quite long time, now (Slug being my home's Windows DC) IMO
>without xinet not having any issues!?
>
>>Telnet access is enabled by default when using Xinetd so must be
>>something different with your set-up if Telnet does not work.
>
>Indeed this is strange, esp as the output during the update tells the
>following about the xinetd config:
>
>"[...] to activate the samba version 3.
>Configuring xinetd
>Note that telnetd is enabled by default. Edit /opt/etc/xinetd.d/telnetd
>and set 'disable=yes' to disable telnet AFTER making sure that Dropbear
>or other means of logging onto your system are enabled and working.
>
>Note that only 192.168.1.0/24 has access in the default configuration"
>

> In nslu2-linux@..., "doll_oliver" wrote:
>> Samba 3.2 worked fine since the upgrade, but after a reboot of the
>> Slug it doesn't come up again
> [...]
>> So I'll switch back to my pre-xinetd backup image of the stick
>> for now :-(
>
> I was a bit in a hurry this morning bringing back the setup into an
> operational state for the rest of the family before leaving home.
>
> Haven't had time to further dig into the problem, but may I have to
> use another start up/diversion script for Samba as xinted is a
> prerequisite, now?

>
> On Mon, 07 Jul 2008 15:22:04 -0500, "Mike (mwester)" wrote:
> > You do have openssh installed, right?  :)
>
> yes, I have, but I at least found that sometimes doing the upgrades
> via telnet (it's my home network ;) is more easy if an upgrade of ssh
> itself is in the queue.
>
> > One of the big advantages of using openssh and an ssh client instead
> > of telnet, besides the security, is that ssh is immune to the type
> > of problems that you are describing
>
> I'm not so much abused having no telnet any longer, having no SWAT is
> what bothers me.
>
> > where something happens to pull in xinetd as a dependency, which
> > inevitably results in telnetd not being able to be started, and
> > the loss of connection to the Unslung NSLU2.
>
> And that's what I want to understand. Why and when has the xinetd
> dependency been introduced for Samba?
>

>
> In message <g4v6jm+nlo1@...>, doll_oliver
> <doll_oliver@...> writes
> >On Mon, 7 Jul 2008 21:11:20 +0100, Robert Hammond wrote:
> >>In message <g4tqek+81oe-B11MqFFcr05BDgjK7y7TUQ@...>,
> >doll_oliver
> >><doll_oliver-/E1597aS9LQAvxtiuMwx3w@...> writes:
> >>> [...]
> >>># ipkg -test upgrade
> >>>Upgrading    samba on root from 3.0.28a-1 to 3.2.0-1...
> >>> [...]
> >> Xinetd seems to be a perquisite for Samba 3,  I think it is needed
> >for Swat.
> >
> >hmm, this sounds pretty odd to me as I use Samba 3.x, SWAT (and
> >telnet) quite long time, now (Slug being my home's Windows DC) IMO
> >without xinet not having any issues!?
> >
> >>Telnet access is enabled by default when using Xinetd so must be
> >>something different with your set-up if Telnet does not work.
> >
> >Indeed this is strange, esp as the output during the update tells the
> >following about the xinetd config:
> >
> >"[...] to activate the samba version 3.
> >Configuring xinetd
> >Note that telnetd is enabled by default. Edit /opt/etc/xinetd.d/telnetd
> >and set 'disable=yes' to disable telnet AFTER making sure that Dropbear
> >or other means of logging onto your system are enabled and working.
> >
> >Note that only 192.168.1.0/24 has access in the default configuration"
> >
> Not too sure when Xinetd was added as a perquisite,  perhaps from the
> latest 3.2.0 onwards??.
>
> I suppose that there is a danger adding Xinetd as a perquisite to any
> Optware package.  If a user has changed from the default subnet and

> has no sshd installed they would effectively have no way of accessing
> the slug if booted with the disk attached,  (no doubt there are still
> many users without the recommended sshd access).  They would still be
> able to recover by booting disk less but again users who have no sshd
> tend to be inexperienced so recovering by booting disk less would be
> difficult for them.
>
> Perhaps the Optware Xinetd installer should be modified to either :-
>
> 1.  Allow all subnets by setting 'only_from = localhost 0.0.0.0/0' in
> xinetd.conf
> or
> 2.  Read the configured subnet from I think
>
> /etc/sysconfig/network-scripts/ifcfg-ixp0
>
> and then correct the relevant line in xinetd.conf
>
> Option 1. is obviously quite easy, some users may consider allowing all
> subnets a security problem.
>
> Option 2. would involve writing a complex script perhaps using the sed
> command plus other commands,  could be quite a difficult task to

>
> On Wed, 09 Jul 2008 23:03:30 -0000, "Brian Zhou" wrote:
> > xinetd dependency was introduced between 3.0.28a-1 to 3.0.28a-2.
>
> OK, so I remembered the release#s when I first ran into the issue
> correctly.
>
> > I agree with that change.
>
> I disagree with the introducion of a dependency with xinetd in Samba
> as long as nobody can tell me a (good) reason for it.
>
> [I'm just a simple guy using a Slug at home happy to know what an "ls"
> does (OK maybe I know a bit more, but I'm far away being an Unix
> expert [nor an native English speaker]). So don't be surprised when such
> dependencies get introduced that guys like me fall into a trap without
> knowing what's going on. But anyway:]
>
> if the reason is that SWAT doesn't need so much resources if xinetd is
> used I'd argue that once a package has been "released" with specific
> dependencies those dependencies shouldn't be extended unless it's an
> indispensable feature to ensure it's proper future functionality.
>
> So anybody who want's to have services started by xinted is free to
> add this feature at a later state. (And when sb does add xinetd I
> think he should have enough background information why he does it,
> what changes it might apply to his system and what needs to be tweaked).
>
> > For a new user with the 192.168.1.0/24 default network, swat
> > would just work. As Robert Hammond pointed out,
> > what needs to be improved is wiki page on xinetd, to change the
> > only_from field in /opt/etc/xinetd.conf accordingly if a subnet
> > different from 192.168.1.0/24 is used.
> >
> > Based on nslu2-linux community rule #4 and #5, you're supposed to
> > update wiki page.
>
> [when talking about "you", shouldn't it have been Robert in the first
> place adding this info. Though I'm a simple guy (as mentioned before)
> I'm happy to add these info. But being curious and honestly I've been
> looking for these rules: where can I find them (looked at the wiki but
> also at the yahoo groups page)?
>
> Which brings me to another thing: I at least found the rule for this
> group:
>
> "Posts deemed inappropriate: [...] End user questions about basic
> NSLU2 settings or usage (this is not a help forum for the NSLU2 - Use
> nslu2-general for this kind of discussion"
>
> And this was the first group I tried to subscribe too but I was pushed
> away to this group by the moderator :-P
>
> "Hello, msg  offtopic. Here is the correct group:
> http://groups.yahoo.com/group/nslu2-linux/?yguid=184009766"
>
> So please, since I learned that Samba comes with xinetd now (though
> still waiting for good arguments;) and as Robert told what to change
> in the xinted conf I'm happy to live with that change in the future.
> But though I fixed the telnet and SWAT issue I now have the issue that
> Samba does not start after rebooting my Slug. So I'm still lost at
> some point.
> --
> tnx & cheers
> Oliver
>
> PS: while attempting to update the wiki I think it already covers the
> topic:
>
> "If after installing xinetd and rebooting you cannot telnet in to the
> box anymore check the /opt/etc/xinetd.conf file. I discovered by
> default the only_allow line has localhost and 192.168.1.0/24 listed.
> Sadly my network uses IP addresses in the 192.168.0.1-255 range so
> couldn't connect. Commenting out this line will allow connections from
> any IP address. Alternatively change the only_allow to something that
> suits your needs i.e. localhost 192.168.0.0/16 - Rufus"
>

>--- In nslu2-linux@..., Robert Hammond <rob.hammond@...>
>wrote:
>>
>> In message <g4v6jm+nlo1@...>, doll_oliver
>> <doll_oliver@...> writes
>> >On Mon, 7 Jul 2008 21:11:20 +0100, Robert Hammond wrote:
>> >>In message <g4tqek+81oe-B11MqFFcr05BDgjK7y7TUQ@...>,
>> >doll_oliver
>> >><doll_oliver-/E1597aS9LQAvxtiuMwx3w@...> writes:
>> >>> [...]
>> >>># ipkg -test upgrade
>> >>>Upgrading    samba on root from 3.0.28a-1 to 3.2.0-1...
>> >>> [...]
>> >> Xinetd seems to be a perquisite for Samba 3,  I think it is needed
>> >for Swat.
>> >
>> >hmm, this sounds pretty odd to me as I use Samba 3.x, SWAT (and
>> >telnet) quite long time, now (Slug being my home's Windows DC) IMO
>> >without xinet not having any issues!?
>> >
>> >>Telnet access is enabled by default when using Xinetd so must be
>> >>something different with your set-up if Telnet does not work.
>> >
>> >Indeed this is strange, esp as the output during the update tells the
>> >following about the xinetd config:
>> >
>> >"[...] to activate the samba version 3.
>> >Configuring xinetd
>> >Note that telnetd is enabled by default. Edit /opt/etc/xinetd.d/telnetd
>> >and set 'disable=yes' to disable telnet AFTER making sure that Dropbear
>> >or other means of logging onto your system are enabled and working.
>> >
>> >Note that only 192.168.1.0/24 has access in the default configuration"
>> >
>> Not too sure when Xinetd was added as a perquisite,  perhaps from the
>> latest 3.2.0 onwards??.
>>
>> I suppose t