Originally Posted by vigilkumar
i am using the vsftpd daemon.To use the hosts.allow file the vsftpd has to run as a xinetd controlled service; right? if it is so then how should i run vsftpd as an xinetd service so that i can allow anonymous access to users of a particular domain only.
Ummm, no. The /etc/hosts.allow file does not need to have inetd/xinetd running to be effective. We do not run (x)inetd at my office at all, though we *do* run sshd, samba, apache, tomcat, etc. and use /etc/hosts.[allow,deny] to get finer access control to services.
But, I am still a bit curious and/or confused as to why you are needing anonymous access to the server from one specific domain. It seems a dangerous way to go for security, IMHO. Is this one of the domains you control and are trying to tie connections between that domain and another?
As far as getting this set up, it would seem that you can definitely use the /etc/hosts.allow file to look for connections coming from the specific domain and for the specific daemon (vsftpd) and have it run a script when the server sees the connection coming in to be able to set up your connection any way you want. I was looking at the vsftpd config manual
and it seems like they have the capability of separating the anonymous access away from the regular user access as well if you want.