# [SOLVED] portmap: cannot open /etc/hosts.allow: perm denied

## kimmie

I've been getting this message in my logs, it dates back to the time I emerged portmap-6.0.

```
portmap: warning: cannot open /etc/hosts.allow: permission denied
```

I checked the file permissions vs the portmap process permissions:

```
$ ps -o user,fgroup -C portmap

USER     FGROUP

bin      bin

$ ls -l /etc/hosts.*

-rw-r----- 1 root root 67 Aug  2 23:13 /etc/hosts.allow

-rw-r----- 1 root root  9 Apr  9  2007 /etc/hosts.deny
```

So that explains the error. I could fix it by chmod o+r /etc/hosts.*, or by chgrp bin /etc/hosts.*. But what are the permissions of hosts.allow and .deny supposed to be?Last edited by kimmie on Sun Jan 20, 2008 3:08 am; edited 1 time in total

----------

## Sadako

I don't think they have any "default" permissions, as they are not really part of a base gentoo install, and are created by a user if/when required.

What is root's umask on that box?

The gentoo default is 0022, but I'm guessing on that box it's 0027?

Anyway, for most people who create the file themselves the default permissions would be world-readable.

----------

## kimmie

You're right, the umask is 027 on that box, so that's how it got that way.

Maybe I'm just being paranoid by wondering whether for hosts.allow and .deny should be world readable. My thinking was that if I make the files world readable, then any account can easily find out what services are available on the box, and from where. But then, you can use a portscanner to do nearly the same thing, without access to an account, so it hardly matters.

I also wondered what the "bin" user was for. From what I read, in the past it was used to own binaries by some flavours of UNIX, but now it's pretty much unused. Except in this case, as an unprivileged user for portmapper...

----------

