1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
conserver is compiled with tcp-wrappers
Use the name 'conserver' in the tcp_wrapper config files.
-- Joergen Haegg <jh@debian.org> Thu, 24 Feb 2005 21:29:28 +0100
---------------------------------------------------------------------------
conserver for Debian
--------------------
I had to make a script-wrapper around console to be able
to configure the conserver host.
The only reason that conserver ended up in non-free
is the Ohio State license that don't explicitly allows modification.
I will move it to main if this can be solved.
Conserver is compiled with tcp_wrappers.
Use the name 'conserver' as the daemon name in /etc/hosts.allow.
------------------------
REMEMBER: conserver will not start unless it has a
valid /etc/conserver.cf. Check /var/log/server.log.
------------------------
Version 8 has changed both protocol and config file format, here
is more info from the INSTALL file:
Whenever you upgrade I suggest you upgrade both the client and
server. Most times, however, you can get away without upgrading
the client (it's usually a fairly static piece of code). I'll
document any dependencies here, but check the CHANGES file for any
new features added to the client if you're considering *not*
upgrading.
Version 8.0.2
- I've added a '^Ec;' sequence to allow the client to signal the
server as to when it's ready to see console data. Without
this, verbose consoles will prevent clients from attaching
(the client sees unexpected data). An 8.0.2 client should be
compatible with an 8.0.1 server, but an 8.0.1 client is not
compatible with an 8.0.2 server.
Version 8.0.1
- There's a slight client/server protocol change to implement
the new 'initcmd' console option. If you use this
functionality with an 8.0.0 client, you'll run into a
compatibility problem while the 'initcmd' command is running.
Version 8.0.0
- The client/server protocol has been rearchitected. You *MUST*
use an 8.0.0 client with an 8.0.0 server. No combination of
client/server will work with pre-8.0.0 code.
- Upgrading from pre-8.0.0 code to 8.0.0 and beyond requires
you to change your conserver.cf and conserver.passwd files
because both of the file formats have changed.
The conserver.cf file changes are so major that there is a
convert program available in the conserver subdirectory. Just
run './conserver/convert <old-cf-file>' and it will attempt a
conversion to the new format, sending it to stdout. Any errors
will be printed to stderr. There are a couple of things
you might need to adjust. First are the user access lists.
If you are restricting users to certain consoles in your old
conserver.passwd file, you'll need to move those restrictions
into the new conserver.cf file. Restrictions are set with the
'ro' and 'rw' tags in the configuration file. Second are the
'access' blocks. What get produced by the convert program
will be functionally equivalent to the old behavior, but you
may be able to tune things to better suit your environment.
The conserver.passwd file's console restrictions have moved,
as described above. So to convert the conserver.passwd file,
all you really need to do is something like:
awk -F: '{print $1 ":" $2}' <old-passwd-file>
If you have comments or continuation lines in your file,
you'll have to do a bit more cleanup to strip out the third
field (which is what the awk command is intending to do).
- Conserver no longer trusts reverse DNS information by default.
If you use the --with-trustrevdns configure flag, you can
re-enable the use of gethostbyaddr() [I don't recommended it,
however]. If you are using domain names in access lists,
you'll either need to change those to use hostnames and/or ip
addresses/ranges or use the --with-trustrevdns flag. For
example, if you have (in the
8.0.0 format):
allowed conserver.com; # allow *.conserver.com
then you'll need to worry about this change. If you only use
full hostnames, you shouldn't have to do anything.
Version 7.2.4
- If SSL support is compiled into the code, older versions of
the client and server are, by default, incompatible because
encrypted connections are a requirement. Use of the -E flag in
the client and/or server can work around this (but I discourage
this - please upgrade the clients and servers instead).
Version 7.2.0
- The code related to broadcast messages in the client (-b) has
changed. If you want the username to come across properly in
the broadcast message, you'll need to make sure you upgrade
to the 7.2.0 client.
Version 7.1.1
- Both conserver.passwd and conserver.cf file parsing behaves
the same now. Both use leading whitespace as a continuation
line indicator - if you have leading whitespace on a line
(aside from comments) you probably should remove it.
Version 7.1.0
- The client/server protocol has changed. You *MUST* use a
7.1.0 client with a 7.1.0 and above server. A 7.1.0 client
is *not* backward compatible with a pre-7.1.0 server.
- Some of the flags in the client (-d, -D, and -r) and server
(-n) have been given new identities to make the client and
server flags more uniform.
- The conserver.passwd file now uses the first username match
to determine access rights - if you have multiple instances
of a username in an existing password file, they must be
combined into one to continue to work.
|
