source: archive/xinetd.xml@ 45ab6c7

11.0 lazarus qt5new trunk
Last change on this file since 45ab6c7 was 45ab6c7, checked in by Xi Ruoyao <xry111@…>, 5 months ago

more SVN prop clean up

Remove "$LastChanged$" everywhere, and also some unused $Date$

  • Property mode set to 100644
File size: 15.4 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!-- Development seems to be over and the xinetd.og site does not seem to exist any more. -->
8 <!-- <!ENTITY xinetd-download-http "http://www.xinetd.org/xinetd-&xinetd-version;.tar.gz"> -->
9 <!ENTITY xinetd-download-http " ">
10 <!ENTITY xinetd-download-ftp "&sources-anduin-ftp;/xinetd/xinetd-&xinetd-version;.tar.gz">
11 <!ENTITY xinetd-md5sum "77358478fd58efa6366accae99b8b04c">
12 <!ENTITY xinetd-size "308 KB">
13 <!ENTITY xinetd-buildsize "5.0 MB">
14 <!ENTITY xinetd-time "less than 0.1 SBU">
15]>
16
17<sect1 id="xinetd" xreflabel="xinetd-&xinetd-version;">
18 <?dbhtml filename="xinetd.html"?>
19
20 <sect1info>
21 <date>$Date$</date>
22 </sect1info>
23
24 <title>xinetd-&xinetd-version;</title>
25
26 <indexterm zone="xinetd">
27 <primary sortas="a-Xinetd">Xinetd</primary>
28 </indexterm>
29
30 <sect2 role="package">
31 <title>Introduction to xinetd</title>
32
33 <para><application>xinetd</application> is the eXtended InterNET services
34 daemon, a secure replacement for <command>inetd</command>.</para>
35
36 &lfs7a_checked;
37
38 <bridgehead renderas="sect3">Package Information</bridgehead>
39 <itemizedlist spacing="compact">
40 <listitem>
41 <para>Download (HTTP): <ulink url="&xinetd-download-http;"/></para>
42 </listitem>
43 <listitem>
44 <para>Download (FTP): <ulink url="&xinetd-download-ftp;"/></para>
45 </listitem>
46 <listitem>
47 <para>Download MD5 sum: &xinetd-md5sum;</para>
48 </listitem>
49 <listitem>
50 <para>Download size: &xinetd-size;</para>
51 </listitem>
52 <listitem>
53 <para>Estimated disk space required: &xinetd-buildsize;</para>
54 </listitem>
55 <listitem>
56 <para>Estimated build time: &xinetd-time;</para>
57 </listitem>
58 </itemizedlist>
59
60 <bridgehead renderas="sect3">xinetd Dependencies</bridgehead>
61
62 <bridgehead renderas="sect4">Optional</bridgehead>
63 <para role="optional">
64 <ulink url="ftp://ftp.porcupine.org/pub/security/">TCP wrappers (deprecated)</ulink>
65 </para>
66
67 <para condition="html" role="usernotes">User Notes:
68 <ulink url="&blfs-wiki;/xinetd"/></para>
69
70 </sect2>
71
72 <sect2 role="installation">
73 <title>Installation of xinetd</title>
74
75 <para>Install <application>xinetd</application> by running the following
76 commands:</para>
77
78<screen><userinput>sed -i -e "s/exec_server/child_process/" xinetd/builtins.c &amp;&amp;
79sed -i -e "/register unsigned count/s/register//" xinetd/itox.c &amp;&amp;
80./configure --prefix=/usr --mandir=/usr/share/man --with-loadavg &amp;&amp;
81make</userinput></screen>
82
83 <para>This package does not come with a test suite.</para>
84
85 <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
86
87<screen role="root"><userinput>make install</userinput></screen>
88
89 </sect2>
90
91 <sect2 role="commands">
92 <title>Command Explanations</title>
93
94 <!-- CVE-2013-4342 https://bugzilla.redhat.com/show_bug.cgi?id=1006100 -->
95 <para><command>sed ... xinetd/builtins.c</command>: This command fixes
96 a security issue.</para>
97
98 <para><command>sed ... xinetd/itox.c</command>: This command fixes some
99 compiler warnings.</para>
100
101 </sect2>
102
103 <sect2 role="configuration">
104 <title>Configuring xinetd</title>
105
106 <sect3 id="xinetd-config">
107 <title>Config Files</title>
108
109 <para><filename>/etc/xinetd.conf</filename> and
110 <filename class="directory">/etc/xinetd.d/*</filename></para>
111
112 <indexterm zone="xinetd xinetd-config">
113 <primary sortas="e-etc-xinetd.conf">/etc/xinetd.conf</primary>
114 </indexterm>
115
116 <indexterm zone="xinetd xinetd-config">
117 <primary sortas="e-etc-xinetd.d">/etc/xinetd.d/*</primary>
118 </indexterm>
119
120 </sect3>
121
122 <sect3>
123 <title>Configuration Information</title>
124
125 <para>Ensure the path to all daemons is
126 <filename class="directory">/usr/sbin</filename>, rather than the default
127 path of <filename class="directory">/usr/bin</filename>, and install the
128 <application>xinetd</application> configuration files by running the
129 following commands as the <systemitem class="username">root</systemitem>
130 user:</para>
131
132<screen role="root"><userinput>cat &gt; /etc/xinetd.conf &lt;&lt; "EOF"
133<literal># Begin /etc/xinetd
134# Configuration file for xinetd
135
136defaults
137{
138 instances = 60
139 log_type = SYSLOG daemon
140 log_on_success = HOST PID USERID
141 log_on_failure = HOST USERID
142 cps = 25 30
143}
144
145# All service files are stored in the /etc/xinetd.d directory
146
147includedir /etc/xinetd.d
148
149# End /etc/xinetd</literal>
150EOF</userinput></screen>
151
152 <para>All of the following files have the statement, "disable = yes".
153 To activate any of the services, this statement will need to be changed
154 to "disable = no".</para>
155
156 <note>
157 <para>The following files are listed to demonstrate several
158 <application>xinetd</application> applications. In many cases, these
159 applications are not needed. Some classic applications are
160 considered security risks. For example, <command>telnet</command>,
161 <command>rlogin</command>, <command>rexec</command>, and
162 <command>rsh</command> transmit unencrypted usernames and passwords
163 over the network and can be easily replaced with a more secure
164 alternative: <command>ssh</command>.</para>
165 </note>
166
167<screen role="root"><?dbfo keep-together="auto"?><userinput>install -v -d -m755 /etc/xinetd.d &amp;&amp;
168
169cat &gt; /etc/xinetd.d/systat &lt;&lt; "EOF" &amp;&amp;
170<literal># Begin /etc/xinetd.d/systat
171
172service systat
173{
174 disable = yes
175 socket_type = stream
176 wait = no
177 user = nobody
178 server = /bin/ps
179 server_args = -auwwx
180 only_from = 128.138.209.0
181 log_on_success = HOST
182}
183
184# End /etc/xinetd.d/systat</literal>
185EOF
186
187cat &gt; /etc/xinetd.d/echo &lt;&lt; "EOF" &amp;&amp;
188<literal># Begin /etc/xinetd.d/echo
189
190service echo
191{
192 disable = yes
193 type = INTERNAL
194 id = echo-stream
195 socket_type = stream
196 protocol = tcp
197 user = root
198 wait = no
199}
200
201service echo
202{
203 disable = yes
204 type = INTERNAL
205 id = echo-dgram
206 socket_type = dgram
207 protocol = udp
208 user = root
209 wait = yes
210}
211
212# End /etc/xinetd.d/echo</literal>
213EOF
214
215cat &gt; /etc/xinetd.d/chargen &lt;&lt; "EOF" &amp;&amp;
216<literal># Begin /etc/xinetd.d/chargen
217
218service chargen
219{
220 disable = yes
221 type = INTERNAL
222 id = chargen-stream
223 socket_type = stream
224 protocol = tcp
225 user = root
226 wait = no
227}
228
229service chargen
230{
231 disable = yes
232 type = INTERNAL
233 id = chargen-dgram
234 socket_type = dgram
235 protocol = udp
236 user = root
237 wait = yes
238}
239
240# End /etc/xinetd.d/chargen</literal>
241EOF
242
243cat &gt; /etc/xinetd.d/daytime &lt;&lt; "EOF" &amp;&amp;
244<literal># Begin /etc/xinetd.d/daytime
245
246service daytime
247{
248 disable = yes
249 type = INTERNAL
250 id = daytime-stream
251 socket_type = stream
252 protocol = tcp
253 user = root
254 wait = no
255}
256
257service daytime
258{
259 disable = yes
260 type = INTERNAL
261 id = daytime-dgram
262 socket_type = dgram
263 protocol = udp
264 user = root
265 wait = yes
266}
267
268# End /etc/xinetd.d/daytime</literal>
269EOF
270<!-- The last one without && -->
271cat &gt; /etc/xinetd.d/time &lt;&lt; "EOF"
272<literal># Begin /etc/xinetd.d/time
273
274service time
275{
276 disable = yes
277 type = INTERNAL
278 id = time-stream
279 socket_type = stream
280 protocol = tcp
281 user = root
282 wait = no
283}
284
285service time
286{
287 disable = yes
288 type = INTERNAL
289 id = time-dgram
290 socket_type = dgram
291 protocol = udp
292 user = root
293 wait = yes
294}
295
296# End /etc/xinetd.d/time</literal>
297EOF</userinput></screen>
298
299 <indexterm zone="xinetd xinetd-config">
300 <primary sortas="e-etc-xinetd.d-login">/etc/xinetd.d/login</primary>
301 </indexterm>
302
303 <indexterm zone="xinetd xinetd-config">
304 <primary sortas="e-etc-xinetd.d-shell">/etc/xinetd.d/shell</primary>
305 </indexterm>
306
307 <indexterm zone="xinetd xinetd-config">
308 <primary sortas="e-etc-xinetd.d-exec">/etc/xinetd.d/exec</primary>
309 </indexterm>
310
311 <indexterm zone="xinetd xinetd-config">
312 <primary sortas="e-etc-xinetd.d-comsat">/etc/xinetd.d/comsat</primary>
313 </indexterm>
314
315 <indexterm zone="xinetd xinetd-config">
316 <primary sortas="e-etc-xinetd.d-talk">/etc/xinetd.d/talk</primary>
317 </indexterm>
318
319 <indexterm zone="xinetd xinetd-config">
320 <primary sortas="e-etc-xinetd.d-ntalk">/etc/xinetd.d/ntalk</primary>
321 </indexterm>
322
323 <indexterm zone="xinetd xinetd-config">
324 <primary sortas="e-etc-xinetd.d-telnet">/etc/xinetd.d/telnet</primary>
325 </indexterm>
326
327 <indexterm zone="xinetd xinetd-config">
328 <primary sortas="e-etc-xinetd.d-ftp">/etc/xinetd.d/ftp</primary>
329 </indexterm>
330
331 <indexterm zone="xinetd xinetd-config">
332 <primary sortas="e-etc-xinetd.d-tftp">/etc/xinetd.d/tftp</primary>
333 </indexterm>
334
335 <indexterm zone="xinetd xinetd-config">
336 <primary sortas="e-etc-xinetd.d-systat">/etc/xinetd.d/systat</primary>
337 </indexterm>
338
339 <indexterm zone="xinetd xinetd-config">
340 <primary sortas="e-etc-xinetd.d-finger">/etc/xinetd.d/finger</primary>
341 </indexterm>
342
343 <indexterm zone="xinetd xinetd-config">
344 <primary sortas="e-etc-xinetd.d-netstat">/etc/xinetd.d/netstat</primary>
345 </indexterm>
346
347 <indexterm zone="xinetd xinetd-config">
348 <primary sortas="e-etc-xinetd.d-echo">/etc/xinetd.d/echo</primary>
349 </indexterm>
350
351 <indexterm zone="xinetd xinetd-config">
352 <primary sortas="e-etc-xinetd.d-chargen">/etc/xinetd.d/chargen</primary>
353 </indexterm>
354
355 <indexterm zone="xinetd xinetd-config">
356 <primary sortas="e-etc-xinetd.d-daytime">/etc/xinetd.d/daytime</primary>
357 </indexterm>
358
359 <indexterm zone="xinetd xinetd-config">
360 <primary sortas="e-etc-xinetd.d-time">/etc/xinetd.d/time</primary>
361 </indexterm>
362
363 <indexterm zone="xinetd xinetd-config">
364 <primary sortas="e-etc-xinetd.d-rstatd">/etc/xinetd.d/rstatd</primary>
365 </indexterm>
366
367 <indexterm zone="xinetd xinetd-config">
368 <primary sortas="e-etc-xinetd.d-rquotad">/etc/xinetd.d/rquotad</primary>
369 </indexterm>
370
371 <indexterm zone="xinetd xinetd-config">
372 <primary sortas="e-etc-xinetd.d-ruserd">/etc/xinetd.d/ruserd</primary>
373 </indexterm>
374
375 <indexterm zone="xinetd xinetd-config">
376 <primary sortas="e-etc-xinetd.d-sprayd">/etc/xinetd.d/sprayd</primary>
377 </indexterm>
378
379 <indexterm zone="xinetd xinetd-config">
380 <primary sortas="e-etc-xinetd.d-walld">/etc/xinetd.d/walld</primary>
381 </indexterm>
382
383 <indexterm zone="xinetd xinetd-config">
384 <primary sortas="e-etc-xinetd.d-irc">/etc/xinetd.d/irc</primary>
385 </indexterm>
386
387 <para>The format of the <filename>/etc/xinetd.conf</filename> is
388 documented in the <filename>xinetd.conf.5</filename> man page.
389 <!-- 13-12-12 the http://www.xinetd.org is broken
390 Further
391 information can be found at <ulink url="http://www.xinetd.org"/>.
392 -->
393 </para>
394
395 </sect3>
396
397 <sect3 id="xinetd-init">
398 <title><phrase revision="sysv">Boot Script</phrase>
399 <phrase revision="systemd">Systemd Unit</phrase></title>
400
401 <para>As the <systemitem class="username">root</systemitem> user, install
402 the <phrase revision="sysv"><filename>/etc/rc.d/init.d/xinetd</filename>
403 init script</phrase>
404 <phrase revision="systemd"><filename>xinetd.service</filename>
405 unit</phrase> included in
406 the <xref linkend="bootscripts" revision="sysv"/>
407 <xref linkend="systemd-units" revision="systemd"/> package.</para>
408
409 <indexterm zone="xinetd xinetd-init">
410 <primary sortas="f-xinetd">xinetd</primary>
411 </indexterm>
412
413<screen role="root"><userinput>make install-xinetd</userinput></screen>
414
415 <para>As the <systemitem class="username">root</systemitem> user,
416 use the <phrase revision="sysv">new boot script</phrase>
417 <phrase revision="systemd"><command>systemctl</command> command</phrase>
418 to start <command>xinetd</command>:</para>
419
420<screen role="root" revision="sysv"><userinput>/etc/rc.d/init.d/xinetd start</userinput></screen>
421
422<screen role="root" revision="systemd"><userinput>systemctl start xinetd</userinput></screen>
423
424 <para>Check the
425 <phrase revision="sysv"><filename>/var/log/daemon.log</filename></phrase>
426 <phrase revision="systemd"><command>journalctl</command> output</phrase>
427 to ensure the appropriate services are started. If no services are
428 enabled, the program will not start without the
429 <option>-stayalive</option> option.</para>
430
431<!--
432<screen><literal>Aug 22 21:40:21 dps10 xinetd[2696]: Server /usr/sbin/in.rlogind is not
433executable [line=29]
434Aug 22 21:40:21 dps10 xinetd[2696]: Error parsing attribute server -
435DISABLING SERVICE [line=29]
436Aug 22 21:40:21 dps10 xinetd[2696]: Server /usr/sbin/in.rshd is not
437executable [line=42]</literal></screen>
438
439 <para>These errors are because most of the servers
440 <command>xinetd</command> is trying to control are not
441 installed yet.</para>
442-->
443 </sect3>
444
445 </sect2>
446
447 <sect2 role="content">
448 <title>Contents</title>
449
450 <segmentedlist>
451 <segtitle>Installed Programs</segtitle>
452 <segtitle>Installed Libraries</segtitle>
453 <segtitle>Installed Directories</segtitle>
454
455 <seglistitem>
456 <seg>itox, xconv.pl, and xinetd</seg>
457 <seg>None</seg>
458 <seg>/etc/xinetd.d/</seg>
459 </seglistitem>
460 </segmentedlist>
461
462 <variablelist>
463 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
464 <?dbfo list-presentation="list"?>
465 <?dbhtml list-presentation="table"?>
466
467 <varlistentry id="itox">
468 <term><command>itox</command></term>
469 <listitem>
470 <para>is a utility used for converting
471 <filename>inetd.conf</filename> files to
472 <filename>xinetd.conf</filename> format.</para>
473 <indexterm zone="xinetd itox">
474 <primary sortas="b-itox">itox</primary>
475 </indexterm>
476 </listitem>
477 </varlistentry>
478
479 <varlistentry id="xconv.pl">
480 <term><command>xconv.pl</command></term>
481 <listitem>
482 <para>is a <application>Perl</application> script used for
483 converting <filename>inetd.conf</filename> files to
484 <filename>xinetd.conf</filename> format, similar to
485 <command>itox</command>.</para>
486 <indexterm zone="xinetd xconv.pl">
487 <primary sortas="b-xconv.pl">xconv.pl</primary>
488 </indexterm>
489 </listitem>
490 </varlistentry>
491
492 <varlistentry id="xinetd-prog">
493 <term><command>xinetd</command></term>
494 <listitem>
495 <para>is the Internet services daemon.</para>
496 <indexterm zone="xinetd xinetd-prog">
497 <primary sortas="b-xinetd">xinetd</primary>
498 </indexterm>
499 </listitem>
500 </varlistentry>
501
502 </variablelist>
503
504 </sect2>
505
506</sect1>
Note: See TracBrowser for help on using the repository browser.