Next: User-Group ACLs, Previous: Reporting Bugs, Up: Top [Contents][Index]
This appendix describes the format of inetd compatible
configuration files. See inetd, for the discussion on how to
use such files with GNU pies.
The inetd configuration file has line oriented format.
Comments are denoted by a ‘#’ at the beginning of a line. Empty
lines and comments are ignored. Each non-empty line must be either
a service definition, or address specification.
Service definition consists of at least 6 fields separated by any amount of the white space. These fields are described in the following table (optional parts are enclosed in square brackets):
The service-name entry is the name of a valid service in the file
/etc/services. For built-in services (see builtin),
the service name must be the official name of the service
(that is, the first entry in /etc/services), or a numeric
representation thereof. For TCPMUX services, the value of the
‘service name’ field consists of the string ‘tcpmux’
followed by a slash and the locally-chosen service name
(see TCPMUX). Optionally, a plus sign may be inserted after the
slash, indicating that pies must issue a ‘+’ response
before starting this server.
|
The ‘service-name’ part corresponds to component tag
in pies.conf (see Component Statement). For built-in
components, it corresponds to the |
Optional ‘service-node’ prefix is allowed for internet services.
When present, it supplies the local addresses inetd should
listen on for that service. ‘Service-node’ consists of
a comma-separated list of addresses. Both symbolic host names and
numeric IP addresses are allowed. Symbolic hostnames are looked up in
DNS service. If a hostname has multiple address mappings, a socket
is created to listen on each address. A special hostname ‘*’
stands for INADDR_ANY.
The socket type should be one of ‘stream’, ‘dgram’, ‘raw’, ‘rdm’, or ‘seqpacket’. TCPMUX services must use ‘stream’.
|
This field corresponds to the |
The protocol must be a valid protocol as given in /etc/protocols. Examples might be ‘tcp’ or ‘udp’. TCPMUX services must use ‘tcp’.
|
The ‘service-node’ prefix and ‘socket-type’ field correspond
to the For example, the following line: 10.0.0.1:ftp dgram udp wait root ftpd is equivalent to socket inet+udp://10.0.0.1:ftp; socket-typle dgram; |
The ‘wait/nowait’ entry specifies whether the invoked component
will take over the socket associated with the service access point,
and thus whether pies should wait for the server to exit
before listening for new service requests. Datagram servers must use
‘wait’, as they are always invoked with the original datagram
socket bound to the specified service address. These servers must
read at least one datagram from the socket before exiting. If a
datagram server connects to its peer, freeing the socket so that
pies can go on receiving further messages from the socket,
it is said to be a multi-threaded server; it should read one
datagram from the socket and create a new socket connected to the
peer. It should fork, and the parent should then exit to allow
pies to check for new service requests to spawn new servers.
Datagram servers which process all incoming datagrams on a socket and
eventually time out are said to be single-threaded. Examples of
such servers are comsat and talkd.
tftpd is an example of a multi-threaded datagram server.
Servers using stream sockets generally are multi-threaded and use the
‘nowait’ entry. Connection requests for these services are
accepted by pies, and the server is given only the
newly-accepted socket connected to a client of the service. Most
stream-based services and all TCPMUX services operate in this manner.
For such services, the invocation rate may be limited by specifying
optional ‘max-rate’ suffix (a decimal number), e.g.:
‘nowait.15’.
Stream-based servers that use ‘wait’ are started with the
listening service socket, and must accept at least one connection
request before exiting. Such a server would normally accept and
process incoming connection requests until a timeout. Datagram
services must use ‘nowait’. The only stream server marked as
‘wait’ is identd (see identd in identd manual).
|
The ‘wait’ field corresponds to The ‘max-rate’ suffix corresponds to the |
The user entry contains the name of the user as whom the component should run. This allows for components to be given less permission than root.
|
This corresponds to the |
The program entry contains the full file name of the program
which is to be executed by pies when a request arrives
on its socket. For built-in services, this entry should
be ‘internal’.
It is common usage to specify /usr/sbin/tcpd in this field.
|
This field corresponds to the |
The server program arguments should be just as arguments normally are,
starting with argv[0], which is the name of the program. For
built-in services, this entry must contain the word ‘internal’,
or be empty.
|
This corresponds to the |
Address specification is a special statement that declares the ‘service-node’ part (see above) for all the services declared below it. It consists of a host address specifier followed by a colon on a single line, e.g.:
127.0.0.1,192.168.0.5:
The address specifier from such a line is remembered and used for all further lines lacking an explicit host specifier. It remains in effect until another address specification or end of the configuration is encountered, whichever occurs first.
The following address specification:
*:
causes any previous default address specifier to be forgotten.
An example of inetd.conf file with various services follows:
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l ntalk dgram udp wait root /usr/libexec/ntalkd ntalkd tcpmux stream tcp nowait root internal tcpmux/+scp-to stream tcp nowait guest /usr/sbin/in.wydawca wydawca tcpmux/docref stream tcp nowait guest /usr/bin/docref docref
Next: User-Group ACLs, Previous: Reporting Bugs, Up: Top [Contents][Index]