.\" Copyright (c) 1985, 1991, 1993
.\" The Regents of the University of California. All rights reserved.
.\" %sccs.include.redist.man%
.\" @(#)inetd.8 8.1 (Berkeley) %G%
.Op Ar configuration file
should be run at boot time by
It then listens for connections on certain
internet sockets. When a connection is found on one
of its sockets, it decides what service the socket
corresponds to, and invokes a program to service the request.
finished, it continues to listen on the socket (except in some cases which
will be described below). Essentially,
allows running one daemon to invoke several others,
reducing load on the system.
The options available for
Specifies the maximum number of times a service can be invoked
in one minute; the default is 1000.
reads its configuration information from a configuration
file which, by default, is
There must be an entry for each field of the configuration
file, with entries for each field separated by a tab or
a space. Comments are denoted by a ``#'' at the beginning
of a line. There must be an entry for each field. The
fields of the configuration file are as follows:
.Bd -unfilled -offset indent -compact
There are two types of services that
can start: standard and TCPMUX.
A standard service has a well-known port assigned to it;
it may be a service that implements an official Internet standard or is a
TCPMUX services are nonstandard services that do not have a
well-known port assigned to them.
when a program connects to the
well-known port and specifies
This feature is useful for adding locally-developed servers.
entry is the name of a valid service in
services (discussed below), the service
be the official name of the service (that is, the first entry in
For TCPMUX services, the value of the
field consists of the string
followed by a slash and the
locally-chosen service name.
The service names listed in
Try to choose unique names for your TCPMUX services by prefixing them with
your organization's name and suffixing them with a version number.
depending on whether the socket is a stream, datagram, raw,
reliably delivered message, or sequenced packet socket.
must be a valid protocol as given in
entry is applicable to datagram sockets only (other sockets should
entry in this space). If a datagram server connects
to its peer, freeing the socket so
can received further messages on the socket, it is said to be
server, and should use the
entry. For datagram servers which process all incoming datagrams
on a socket and eventually time out, the server is said to be
are both examples of the latter type of
is an exception; it is a datagram server that establishes pseudo-connections.
in order to avoid a race;
the server reads the first packet, creates a new socket,
and then forks and exits to allow
to check for new service requests to spawn new servers.
entry should contain the user name of the user as whom the server
should run. This allows for servers to be given less permission
entry should contain the pathname of the program which is to be
when a request is found on its socket. If
provides this service internally, this entry should
.Em server program arguments
should be just as arguments
normally are, starting with argv[0], which is the name of
the program. If the service is provided internally, the
should take the place of this entry.
services internally by use of
routines within itself. These services are
(human readable time), and
in the form of the number of seconds since midnight, January
1, 1900). All of these services are tcp based. For
details of these services, consult the appropriate
from the Network Information Center.
rereads its configuration file when it receives a hangup signal,
Services may be added, deleted or modified when the configuration file
describes the TCPMUX protocol:
``A TCP client connects to a foreign host on TCP port 1. It sends the
service name followed by a carriage-return line-feed <CRLF>. The
service name is never case sensitive. The server replies with a
single character indicating positive (+) or negative (\-)
acknowledgment, immediately followed by an optional message of
explanation, terminated with a <CRLF>. If the reply was positive,
the selected protocol begins; otherwise the connection is closed.''
The program is passed the TCP connection as file descriptors 0 and 1.
If the TCPMUX service name begins with a ``+'',
returns the positive reply for the program.
This allows you to invoke programs that use stdin/stdout
without putting any special server code in them.
to list TCPMUX services in
Here are several example service entries for the various types of services:
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
ntalk dgram udp wait root /usr/libexec/ntalkd ntalkd
tcpmux/+date stream tcp nowait guest /bin/date date
tcpmux/phonebook stream tcp nowait guest /usr/local/bin/phonebook phonebook
logs error messages using
Important error messages and their explanations are:
\fIservice\fP/\fIprotocol\fP server failing (looping), service terminated.
The number of requests for the specified service in the past minute
exceeded the limit. The limit exists to prevent a broken program
or a malicious user from swamping the system.
This message may occur for several reasons:
1) there are lots of hosts requesting the service within a short time period,
2) a 'broken' client program is requesting the service too frequently,
3) a malicious user is running a program to invoke the service in
a 'denial of service' attack, or
4) the invoked service program has an error that causes clients
as described above, to change the rate limit.
Once the limit is reached, the service will be
reenabled automatically in 10 minutes.
\fIservice\fP/\fIprotocol\fP: No such user '\fIuser\fP', service ignored
\fIservice\fP/\fIprotocol\fP: getpwnam: \fIuser\fP: No such user
(re)reads the configuration file. The second message occurs when the
\fIservice\fP: can't set uid \fInumber\fP
\fIservice\fP: can't set gid \fInumber\fP
The user or group ID for the entry's
TCPMUX is based on code and documentation by Mark Lottor.