Installing SoftBench
Setting Up Network-Distributed Operation
Customizing Subprocess Control
Chapter 6 57
Example of Controlling Access
For example, on a cluster of three nodes, the inetd.sec file contains the
following after installation:
mserve allow hostA hostB hostC
spc allow hostA hostB hostC
To add a new host, simply append it to the end of the line. To add a
complete network, simply include the network or subnet component of
the address:
mserve allow hostA hostB hostC 192.6.36.*
spc allow hostA hostB hostC 192.6.36.*
If a system attempts to connect to the message server or spc without
access permissions, an error message occurs. The error message may
indicate a broken connection and may suggest that the inetd.sec
should be checked. Since there are other reasons why a connection may
be broken, SoftBench cannot always identify the cause as a security
problem. If the system on which SoftBench is started does not have
permission to connect to the message server, softbench exits
immediately on startup with a broken connection error. Even if
inetd.sec was correctly configured upon installation, later
modifications to the file could generate this problem.
The host on which the environment is first started must always be
allowed in inetd.sec. If inetd.sec is shared via an NFS mount (not
recommended), then it would have to include all hosts which need to talk
to any message server with access to the shared file. This would not be
handled automatically by the installation procedure as it only provides
permission to the installing host and cluster.
Note that if the hostname or internet address of the system is changed,
the inetd.sec file should be checked to make sure it still allows access
to the correct systems.