source: server/other/xinetd.xml@ 1f672c1

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 6.1 6.2 6.2.0 6.2.0-rc1 6.2.0-rc2 6.3 6.3-rc1 6.3-rc2 6.3-rc3 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since 1f672c1 was 1f672c1, checked in by Bruce Dubbs <bdubbs@…>, 19 years ago

Update to xinetd configuration files from patch by John Gnew

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@3614 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 15.1 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
3 "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7<!ENTITY xinetd-download-http "http://www.xinetd.org/xinetd-&xinetd-version;.tar.gz">
8<!ENTITY xinetd-download-ftp " ">
9<!ENTITY xinetd-md5sum "4295b5fe12350f09b5892b363348ac8b">
10<!ENTITY xinetd-size "291 KB">
11<!ENTITY xinetd-buildsize "4.12 MB">
12<!ENTITY xinetd-time "0.11 SBU">
13]>
14
15<sect1 id="xinetd" xreflabel="xinetd-&xinetd-version;">
16<sect1info>
17<othername>$LastChangedBy$</othername>
18<date>$Date$</date>
19</sect1info>
20<?dbhtml filename="xinetd.html"?>
21<title>xinetd-&xinetd-version;</title>
22<indexterm zone="xinetd">
23<primary sortas="a-Xinetd">Xinetd</primary></indexterm>
24
25<sect2>
26<title>Introduction to <application>xinetd</application></title>
27
28<para><application>xinetd</application> is the eXtended InterNET services
29Daemon, a secure replacement for <command>inetd</command>.</para>
30
31<sect3><title>Package information</title>
32<itemizedlist spacing='compact'>
33<listitem><para>Download (HTTP):
34<ulink url="&xinetd-download-http;"/></para></listitem>
35<listitem><para>Download (FTP):
36<ulink url="&xinetd-download-ftp;"/></para></listitem>
37<listitem><para>Download MD5 sum: &xinetd-md5sum;</para></listitem>
38<listitem><para>Download size: &xinetd-size;</para></listitem>
39<listitem><para>Estimated disk space required:
40&xinetd-buildsize;</para></listitem>
41<listitem><para>Estimated build time:
42&xinetd-time;</para></listitem></itemizedlist>
43</sect3>
44
45<sect3><title><application>xinetd</application> dependencies</title>
46<sect4><title>Optional</title>
47<para><xref linkend="tcpwrappers"/></para>
48</sect4>
49</sect3>
50
51</sect2>
52
53<sect2>
54<title>Installation of <application>xinetd</application></title>
55
56<para>Install <application>xinetd</application> by running the following
57commands:</para>
58
59<screen><userinput><command>./configure --prefix=/usr &amp;&amp;
60make</command></userinput></screen>
61
62<para>Now, as the root user:</para>
63
64<screen><userinput role='root'><command>make install</command></userinput></screen>
65
66</sect2>
67
68<sect2>
69<title>Configuring <application>xinetd</application></title>
70
71<sect3 id="xinetd-config"><title>Config files</title>
72<para><filename>/etc/xinetd.conf</filename></para>
73<indexterm zone="xinetd xinetd-config">
74<primary sortas="e-etc-xinetd.conf">/etc/xinetd.conf</primary></indexterm>
75</sect3>
76
77<sect3><title>Configuration Information</title>
78
79<para>Ensure the path to all daemons is
80<filename class="directory">/usr/sbin</filename>, rather than the default path
81of <filename class="directory">/usr/etc</filename>, and install the
82<application>xinetd</application> configuration files by running the following
83commands as the root user:</para>
84
85<screen><userinput role='root'><command>cat &gt; /etc/xinetd.conf &lt;&lt; "EOF"</command>
86# Begin /etc/xinetd
87# Configuration file for xinetd
88#
89
90defaults
91{
92 instances = 60
93 log_type = SYSLOG daemon
94 log_on_success = HOST PID USERID
95 log_on_failure = HOST USERID
96 cps = 25 30
97}
98
99# All service files are stored in the /etc/xinetd.d directory
100#
101includedir /etc/xinetd.d
102# End /etc/xinetd
103<command>EOF</command></userinput></screen>
104<para>All of the following files have the statement, "disable = yes". To activate
105any of the services, this statement will need to be changed to "disable = no".</para>
106
107<note><para>The following files are listed to demonstrate classic
108<application>xinetd</application> applications. In many cases, these
109applications are not needed. In some cases, the applications are
110considered security risks. For example, telnet, rlogin, rexec, and rsh
111transmit unencrypted usernames and passwords over the network and can be easily
112replaced with a more secure alternative: ssh.</para></note>
113
114<screen><userinput role='root'><command>install -d -m755 /etc/xinetd.d &amp;&amp;</command>
115<command>cat &gt; /etc/xinetd.d/login &lt;&lt; "EOF" &amp;&amp;</command>
116# Begin /etc/xinetd.d/login
117
118service login
119{
120 disable = yes
121 socket_type = stream
122 protocol = tcp
123 wait = no
124 user = root
125 server = /usr/sbin/in.rlogind
126 log_type = SYSLOG local4 info
127}
128
129# End /etc/xinetd.d/login
130<command>EOF
131cat &gt; /etc/xinetd.d/shell &lt;&lt; "EOF" &amp;&amp;</command>
132# Begin /etc/xinetd.d/shell
133
134service shell
135{
136 disable = yes
137 socket_type = stream
138 wait = no
139 user = root
140 instances = UNLIMITED
141 flags = IDONLY
142 log_on_success += USERID
143 server = /usr/sbin/in.rshd
144}
145
146# End /etc/xinetd.d/shell
147<command>EOF
148cat &gt; /etc/xinetd.d/exec &lt;&lt; "EOF" &amp;&amp;</command>
149# Begin /etc/xinetd.d/exec
150
151service exec
152{
153 disable = yes
154 socket_type = stream
155 wait = no
156 user = root
157 server = /usr/sbin/in.rexecd
158}
159
160# End /etc/xinetd.d/exec
161<command>EOF
162cat &gt; /etc/xinetd.d/comsat &lt;&lt; "EOF" &amp;&amp;</command>
163# Begin /etc/xinetd.d/comsat
164
165service comsat
166{
167 disable = yes
168 socket_type = dgram
169 wait = yes
170 user = nobody
171 group = tty
172 server = /usr/sbin/in.comsat
173}
174
175# End /etc/xinetd.d/comsat
176<command>EOF
177cat &gt; /etc/xinetd.d/talk &lt;&lt; "EOF" &amp;&amp;</command>
178# Begin /etc/xinetd.d/talk
179
180service talk
181{
182 disable = yes
183 socket_type = dgram
184 wait = yes
185 user = root
186 server = /usr/sbin/in.talkd
187}
188
189# End /etc/xinetd.d/talk
190<command>EOF
191cat &gt; /etc/xinetd.d/ntalk &lt;&lt; "EOF" &amp;&amp;</command>
192# Begin /etc/xinetd.d/ntalk
193
194service ntalk
195{
196 disable = yes
197 socket_type = dgram
198 wait = yes
199 user = root
200 server = /usr/sbin/in.ntalkd
201}
202
203# End /etc/xinetd.d/ntalk
204<command>EOF
205cat &gt; /etc/xinetd.d/telnet &lt;&lt; "EOF" &amp;&amp;</command>
206# Begin /etc/xinetd.d/telnet
207
208service telnet
209{
210 disable = yes
211 socket_type = stream
212 wait = no
213 user = root
214 server = /usr/sbin/in.telnetd
215 bind = 127.0.0.1
216 log_on_failure += USERID
217}
218
219service telnet
220{
221 disable = yes
222 socket_type = stream
223 wait = no
224 user = root
225# server = /usr/sbin/in.telnetd
226 bind = 192.231.139.175
227 redirect = 128.138.202.20 23
228 log_on_failure += USERID
229}
230
231# End /etc/xinetd.d/telnet
232<command>EOF
233cat &gt; /etc/xinetd.d/ftp &lt;&lt; "EOF" &amp;&amp;</command>
234# Begin /etc/xinetd.d/ftp
235
236service ftp
237{
238 disable = yes
239 socket_type = stream
240 wait = no
241 user = root
242 server = /usr/sbin/in.ftpd
243 server_args = -l
244 instances = 4
245 log_on_success += DURATION USERID
246 log_on_failure += USERID
247 access_times = 2:00-8:59 12:00-23:59
248 nice = 10
249}
250
251# End /etc/xinetd.d/ftp
252<command>EOF
253cat &gt; /etc/xinetd.d/tftp &lt;&lt; "EOF" &amp;&amp;</command>
254# Begin /etc/xinetd.d/tftp
255
256service tftp
257{
258 disable = yes
259 socket_type = dgram
260 wait = yes
261 user = root
262 server = /usr/sbin/in.tftpd
263 server_args = -s /tftpboot
264}
265
266# End /etc/xinetd.d/tftp
267<command>EOF
268cat &gt; /etc/xinetd.d/finger &lt;&lt; "EOF" &amp;&amp;</command>
269# Begin /etc/xinetd.d/finger
270
271service finger
272{
273 disable = yes
274 socket_type = stream
275 wait = no
276 user = nobody
277 server = /usr/sbin/in.fingerd
278}
279
280# End /etc/xinetd.d/finger
281<command>EOF
282cat &gt; /etc/xinetd.d/systat &lt;&lt; "EOF" &amp;&amp;</command>
283# Begin /etc/xinetd.d/systat
284
285service systat
286{
287 disable = yes
288 socket_type = stream
289 wait = no
290 user = nobody
291 server = /usr/bin/ps
292 server_args = -auwwx
293 only_from = 128.138.209.0
294 log_on_success = HOST
295}
296
297# End /etc/xinetd.d/systat
298<command>EOF
299cat &gt; /etc/xinetd.d/netstat &lt;&lt; "EOF" &amp;&amp;</command>
300# Begin /etc/xinetd.d/netstat
301
302service netstat
303{
304 disable = yes
305 socket_type = stream
306 wait = no
307 user = nobody
308 server = /usr/ucb/netstat
309 server_args = -f inet
310 only_from = 128.138.209.0
311 log_on_success = HOST
312}
313
314# End /etc/xinetd.d/netstat
315<command>EOF
316cat &gt; /etc/xinetd.d/echo &lt;&lt; "EOF" &amp;&amp;</command>
317# Begin /etc/xinetd.d/echo
318
319service echo
320{
321 disable = yes
322 type = INTERNAL
323 id = echo-stream
324 socket_type = stream
325 protocol = tcp
326 user = root
327 wait = no
328}
329
330service echo
331{
332 disable = yes
333 type = INTERNAL
334 id = echo-dgram
335 socket_type = dgram
336 protocol = udp
337 user = root
338 wait = yes
339}
340
341# End /etc/xinetd.d/echo
342<command>EOF
343cat &gt; /etc/xinetd.d/chargen &lt;&lt; "EOF" &amp;&amp;</command>
344# Begin /etc/xinetd.d/chargen
345
346service chargen
347{
348 disable = yes
349 type = INTERNAL
350 id = chargen-stream
351 socket_type = stream
352 protocol = tcp
353 user = root
354 wait = no
355}
356
357service chargen
358{
359 disable = yes
360 type = INTERNAL
361 id = chargen-dgram
362 socket_type = dgram
363 protocol = udp
364 user = root
365 wait = yes
366}
367
368# End /etc/xinetd.d/chargen
369<command>EOF
370cat &gt; /etc/xinetd.d/daytime &lt;&lt; "EOF" &amp;&amp;</command>
371# Begin /etc/xinetd.d/daytime
372
373service daytime
374{
375 disable = yes
376 type = INTERNAL
377 id = daytime-stream
378 socket_type = stream
379 protocol = tcp
380 user = root
381 wait = no
382}
383
384service daytime
385{
386 disable = yes
387 type = INTERNAL
388 id = daytime-dgram
389 socket_type = dgram
390 protocol = udp
391 user = root
392 wait = yes
393}
394
395# End /etc/xinetd.d/daytime
396<command>EOF
397cat &gt; /etc/xinetd.d/time &lt;&lt; "EOF" &amp;&amp;</command>
398# Begin /etc/xinetd.d/time
399
400service time
401{
402 disable = yes
403 type = INTERNAL
404 id = time-stream
405 socket_type = stream
406 protocol = tcp
407 user = root
408 wait = no
409}
410
411
412service time
413{
414 disable = yes
415 type = INTERNAL
416 id = time-dgram
417 socket_type = dgram
418 protocol = udp
419 user = root
420 wait = yes
421}
422
423# End /etc/xinetd.d/time
424<command>EOF
425cat &gt; /etc/xinetd.d/rstatd &lt;&lt; "EOF" &amp;&amp;</command>
426# Begin /etc/xinetd.d/rstatd
427
428ervice rstatd
429{
430 disable = yes
431 type = RPC
432 flags = INTERCEPT
433 rpc_version = 2-4
434 socket_type = dgram
435 protocol = udp
436 server = /usr/sbin/rpc.rstatd
437 wait = yes
438 user = root
439}
440
441# End /etc/xinetd.d/rstatd
442<command>EOF
443cat &gt; /etc/xinetd.d/rquotad &lt;&lt; "EOF" &amp;&amp;</command>
444# Begin /etc/xinetd.d/rquotad
445
446service rquotad
447{
448 disable = yes
449 type = RPC
450 rpc_version = 1
451 socket_type = dgram
452 protocol = udp
453 wait = yes
454 user = root
455 server = /usr/sbin/rpc.rstatd
456}
457
458# End /etc/xinetd.d/rquotad
459<command>EOF
460cat &gt; /etc/xinetd.d/rusersd &lt;&lt; "EOF" &amp;&amp;</command>
461# Begin /etc/xinetd.d/rusersd
462
463service rusersd
464{
465 disable = yes
466 type = RPC
467 rpc_version = 1-2
468 socket_type = dgram
469 protocol = udp
470 wait = yes
471 user = root
472 server = /usr/sbin/rpc.rusersd
473}
474
475# End /etc/xinetd.d/rusersd
476<command>EOF
477cat &gt; /etc/xinetd.d/sprayd &lt;&lt; "EOF" &amp;&amp;</command>
478# Begin /etc/xinetd.d/sprayd
479
480service sprayd
481{
482 disable = yes
483 type = RPC
484 rpc_version = 1
485 socket_type = dgram
486 protocol = udp
487 wait = yes
488 user = root
489 server = /usr/sbin/rpc.sprayd
490}
491
492# End /etc/xinetd.d/sprayd
493<command>EOF
494cat &gt; /etc/xinetd.d/walld &lt;&lt; "EOF" &amp;&amp;</command>
495# Begin /etc/xinetd.d/walld
496
497service walld
498{
499 disable = yes
500 type = RPC
501 rpc_version = 1
502 socket_type = dgram
503 protocol = udp
504 wait = yes
505 user = nobody
506 group = tty
507 server = /usr/sbin/rpc.rwalld
508}
509
510# End /etc/xinetd.d/walld
511<command>EOF
512cat &gt; /etc/xinetd.d/irc &lt;&lt; "EOF"</command>
513# Begin /etc/xinetd.d/irc
514
515service irc
516{
517 disable = yes
518 socket_type = stream
519 wait = no
520 user = root
521 flags = SENSOR
522 type = INTERNAL
523 bind = 192.168.1.30
524 deny_time = 60
525}
526
527# End /etc/xinetd.d/irc
528<command>EOF</command>
529
530</userinput></screen>
531
532<para>The format of the <filename>/etc/xinetd.conf</filename> is
533documented in the <filename>xinetd.conf.5</filename> man page. Further
534information can be found at <ulink url="http://www.xinetd.org"/>.</para>
535
536<para id="xinetd-init">As the root user, install the
537<filename>/etc/rc.d/init.d/xinetd</filename> init script included in the
538<xref linkend="intro-important-bootscripts"/> package.</para>
539<indexterm zone="xinetd xinetd-init">
540<primary sortas="f-xinetd">xinetd</primary></indexterm>
541
542<screen><userinput role='root'><command>make install-xinetd</command></userinput></screen>
543
544<para>As the root user, use the new boot script to start
545<command>xinetd</command>:</para>
546
547<screen><userinput role='root'><command>/etc/rc.d/init.d/xinetd start</command></userinput></screen>
548
549<para>Checking the <filename>/var/log/daemon.log</filename> file
550should prove quite entertaining. This file may contain entries
551similar to the following:</para>
552
553<screen>Aug 22 21:40:21 dps10 xinetd[2696]: Server /usr/sbin/in.rlogind is not
554executable [line=29]
555Aug 22 21:40:21 dps10 xinetd[2696]: Error parsing attribute server -
556DISABLING SERVICE [line=29]
557Aug 22 21:40:21 dps10 xinetd[2696]: Server /usr/sbin/in.rshd is not
558executable [line=42]</screen>
559
560<para>These errors are because most of the servers <command>xinetd</command>
561is trying to control are not installed yet.</para>
562</sect3>
563
564</sect2>
565
566<sect2>
567<title>Contents</title>
568
569<segmentedlist>
570<segtitle>Installed Programs</segtitle>
571<segtitle>Installed Libraries</segtitle>
572<segtitle>Installed Directories</segtitle>
573
574<seglistitem>
575<seg>itox, xconv.pl and xinetd</seg>
576<seg>None</seg>
577<seg>None</seg>
578</seglistitem>
579</segmentedlist>
580
581<variablelist>
582<bridgehead renderas="sect3">Short Descriptions</bridgehead>
583<?dbfo list-presentation="list"?>
584
585<varlistentry id="itox">
586<term><command>itox</command></term>
587<listitem><para>is a utility used for converting
588<filename>inetd.conf</filename> files to
589<filename>xinetd.conf</filename> format.</para>
590<indexterm zone="xinetd itox">
591<primary sortas="b-itox">itox</primary>
592</indexterm></listitem>
593</varlistentry>
594
595<varlistentry id="xconv.pl">
596<term><command>xconv.pl</command></term>
597<listitem><para>is a <application>Perl</application> script used for
598converting <filename>inetd.conf</filename> files to
599<filename>xinetd.conf</filename> format, similar to
600<command>itox</command>.</para>
601<indexterm zone="xinetd xconv.pl">
602<primary sortas="b-xconv.pl">xconv.pl</primary>
603</indexterm></listitem>
604</varlistentry>
605
606<varlistentry id="xinetd-prog">
607<term><command>xinetd</command></term>
608<listitem><para>is the Internet services daemon.</para>
609<indexterm zone="xinetd xinetd-prog">
610<primary sortas="b-xinetd">xinetd</primary>
611</indexterm></listitem>
612</varlistentry>
613</variablelist>
614
615</sect2>
616
617</sect1>
Note: See TracBrowser for help on using the repository browser.