1
.\" Copyright (c) 1985, 1991, 1993, 1994
2
.\" The Regents of the University of California. All rights reserved.
4
.\" Redistribution and use in source and binary forms, with or without
5
.\" modification, are permitted provided that the following conditions
7
.\" 1. Redistributions of source code must retain the above copyright
8
.\" notice, this list of conditions and the following disclaimer.
9
.\" 2. Redistributions in binary form must reproduce the above copyright
10
.\" notice, this list of conditions and the following disclaimer in the
11
.\" documentation and/or other materials provided with the distribution.
12
.\" 4. Neither the name of the University nor the names of its contributors
13
.\" may be used to endorse or promote products derived from this software
14
.\" without specific prior written permission.
16
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28
.\" @(#)inetd.8 8.4 (Berkeley) 6/1/94
43
.Op Ar configuration_files ...
45
The information in this man page may be inaccurate or incomplete. The
46
authoritative documentation for the
48
utility is contained in
50
document. To access it from your command line, type
54
The online copy of the documentation is available at the following
57
http://www.gnu.org/software/inetutils/manual.
62
should be run at boot time by
66
It then listens for connections on certain
67
internet sockets. When a connection is found on one
68
of its sockets, it decides what service the socket
69
corresponds to, and invokes a program to service the request.
70
The server program is invoked with the service socket
71
as its standard input, output and error descriptors.
75
continues to listen on the socket (except in some cases which
76
will be described below). Essentially,
78
allows running one daemon to invoke several others,
79
reducing load on the system.
81
The options available for
87
Pass local and remote address data via environment variables. See
88
\fBENVIRONMENT\fP below.
89
.It Fl R, -rate Ar rate
90
Specifies the maximum number of times a service can be invoked
91
in one minute; the default is 40.
93
Resolve local and remote IP addresses and pass them to the server program
94
via \fBTCPLOCALHOST\fP and \fBTCPREMOTEHOST\fP environment variables. See
95
\fBENVIRONMENT\fP below. This option implies \fB--environment\fP.
104
reads its configuration information from a configuration
105
file on the command line, by default,
106
.Pa /etc/inetd.conf and /etc/inetd.d .
107
If the configuration pathname is a directory, all the files in the
108
directory are read like a configuration file. All of the configuration
109
files are read and merged. There must be an entry for each field in
110
the configuration file, with entries for each field separated by a tab
111
or a space. Comments are denoted by a ``#'' at the beginning of a
112
line. The fields of the configuration file are as follows:
114
.Bd -unfilled -offset indent -compact
121
server program arguments
124
There are two types of services that
126
can start: standard and TCPMUX.
127
A standard service has a well-known port assigned to it;
128
it may be a service that implements an official Internet standard or is a
129
BSD-specific service.
132
TCPMUX services are nonstandard services that do not have a
133
well-known port assigned to them.
134
They are invoked from
136
when a program connects to the
138
well-known port and specifies
140
This feature is useful for adding locally-developed servers.
144
entry is the name of a valid service in
149
services (discussed below), the service
152
be the official name of the service (that is, the first entry in
153
.Pa /etc/services ) .
154
For TCPMUX services, the value of the
156
field consists of the string
158
followed by a slash and the
159
locally-chosen service name.
160
The service names listed in
165
Try to choose unique names for your TCPMUX services by prefixing them with
166
your organization's name and suffixing them with a version number.
177
depending on whether the socket is a stream, datagram, raw,
178
reliably delivered message, or sequenced packet socket.
179
TCPMUX services must use
184
must be a valid protocol as given in
190
TCPMUX services must use
194
.Em wait/nowait[.max]
195
entry specifies whether the server that is invoked by inetd will take over
196
the socket associated with the service access point, and thus whether
198
should wait for the server to exit before listening for new service
200
Datagram servers must use
202
as they are always invoked with the original datagram socket bound
203
to the specified service address.
204
These servers must read at least one datagram from the socket
206
If a datagram server connects
207
to its peer, freeing the socket so
209
can received further messages on the socket, it is said to be
213
it should read one datagram from the socket and create a new socket
214
connected to the peer.
215
It should fork, and the parent should then exit
218
to check for new service requests to spawn new servers.
219
Datagram servers which process all incoming datagrams
220
on a socket and eventually time out are said to be
221
.Dq single-threaded .
226
are both examples of the latter type of
229
is an example of a multi-threaded datagram server.
232
suffix (separated from
236
by a dot) specifies the maximum number of times a service can be invoked
237
in one minute; the default is 40.
238
If a service exceeds this limit,
241
and stop servicing requests for the specific service for ten minutes.
246
Servers using stream sockets generally are multi-threaded and
250
Connection requests for these services are accepted by
252
and the server is given only the newly-accepted socket connected
253
to a client of the service.
254
Most stream-based services operate in this manner.
255
Stream-based servers that use
257
are started with the listening service socket, and must accept
258
at least one connection request before exiting.
259
Such a server would normally accept and process incoming connection
260
requests until a timeout.
261
TCPMUX services must use
266
suffix (separated from
270
by a dot) is a decimal number that specifies the maximum number of server
271
instances that may be spawned from
273
within an interval of 60 seconds. It overrides the settings of the
274
\fB-R\fP command line option.
278
entry should contain the user name of the user as whom the server
279
should run. This allows for servers to be given less permission
284
entry should contain the pathname of the program which is to be
287
when a request is found on its socket. If
289
provides this service internally, this entry should
294
.Em server program arguments
295
should be just as arguments
296
normally are, starting with argv[0], which is the name of
297
the program. If the service is provided internally, the
300
should take the place of this entry.
307
services internally by use of
308
routines within itself. These services are
312
(character generator),
314
(human readable time), and
316
(machine readable time,
317
in the form of the number of seconds since midnight, January
318
1, 1900). All of these services are tcp based. For
319
details of these services, consult the appropriate
321
from the Network Information Center.
326
rereads its configuration file when it receives a hangup signal,
328
Services may be added, deleted or modified when the configuration file
333
describes the TCPMUX protocol:
334
``A TCP client connects to a foreign host on TCP port 1. It sends the
335
service name followed by a carriage-return line-feed <CRLF>. The
336
service name is never case sensitive. The server replies with a
337
single character indicating positive (+) or negative (\-)
338
acknowledgment, immediately followed by an optional message of
339
explanation, terminated with a <CRLF>. If the reply was positive,
340
the selected protocol begins; otherwise the connection is closed.''
341
The program is passed the TCP connection as file descriptors 0 and 1.
343
If the TCPMUX service name begins with a ``+'',
345
returns the positive reply for the program.
346
This allows you to invoke programs that use stdin/stdout
347
without putting any special server code in them.
349
The special service name
353
to list TCPMUX services in
357
If a connection is made with a streaming protocol (TCP) and if
358
\fB--environment\fP option has been given, inetd will set
359
the following environment variables before starting the program:
361
\fBPROTO\fP: always "TCP".
363
\fBTCPLOCALIP\fP: the local IP address of the interface which accepted the connection.
365
\fBTCPLOCALPORT\fP: the port number on which the TCP connection was established.
367
\fBTCPREMOTEIP\fP: the IP address of the remote client.
369
\fBTCPREMOTEPORT\fP: the port number on the client side of the TCP connection.
371
In addition, if given the \fB--remote\fP option,
373
will set the following environment variables:
375
\fBTCPLOCALHOST\fP: the DNS name of \fITCPLOCALIP\fR.
377
\fBTCPREMOTEHOST\fP: the DNS name of \fITCPREMOTEIP\fR.
380
Here are several example service entries for the various types of services:
382
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
383
ntalk dgram udp wait root /usr/libexec/ntalkd ntalkd
384
tcpmux/+date stream tcp nowait guest /bin/date date
385
tcpmux/phonebook stream tcp nowait guest /usr/local/bin/phonebook phonebook
391
logs error messages using
393
Important error messages and their explanations are:
395
\fIservice\fP/\fIprotocol\fP server failing (looping), service terminated.
397
The number of requests for the specified service in the past minute
398
exceeded the limit. The limit exists to prevent a broken program
399
or a malicious user from swamping the system.
400
This message may occur for several reasons:
401
1) there are lots of hosts requesting the service within a short time period,
402
2) a 'broken' client program is requesting the service too frequently,
403
3) a malicious user is running a program to invoke the service in
404
a 'denial of service' attack, or
405
4) the invoked service program has an error that causes clients
410
as described above, to change the rate limit.
411
Once the limit is reached, the service will be
412
reenabled automatically in 10 minutes.
415
\fIservice\fP/\fIprotocol\fP: No such user '\fIuser\fP', service ignored
416
\fIservice\fP/\fIprotocol\fP: getpwnam: \fIuser\fP: No such user
422
file. The first message
425
(re)reads the configuration file. The second message occurs when the
429
\fIservice\fP: can't set uid \fInumber\fP
430
\fIservice\fP: can't set gid \fInumber\fP
432
The user or group ID for the entry's
445
The environment variables (see \fBENVIRONMENT\fP) are set only for
446
TCP IPv4 nowait connections.
452
TCPMUX is based on code and documentation by Mark Lottor.
added
removed
debian/local/man/inetd.8
