*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->HP-UX 11i man pages -> inetd (1m)              
Title
Content
Arch
Section
 

Contents


 inetd(1M)                                                         inetd(1M)




 NAME    [Toc]    [Back]
      inetd - Internet services daemon

 SYNOPSIS    [Toc]    [Back]
      /usr/sbin/inetd [-r count [interval] ] [-l|-s]

      /usr/sbin/inetd [-c]

      /usr/sbin/inetd [-k]

 DESCRIPTION    [Toc]    [Back]
      The inetd daemon is the Internet superserver, which invokes Internet
      server processes as needed.  It must be running before other hosts can
      connect to the local host through ftp, rcp, remsh, rlogin, and telnet.
      The inetd daemon also supports services based on the Remote Procedure
      Call (RPC) protocol (NFS), such as rwalld and rusersd.  If RPC servers
      are started by inetd, the portmap server (see portmap(1M)) must be
      started before inetd.

      The inetd daemon is designed to invoke all the Internet servers as
      needed, thus reducing load on the system.  It is normally started at
      system boot time.  Only one inetd can run at any given time.

      The inetd daemon starts servers for both stream and datagram type
      services.  For stream services, inetd listens for connection requests
      on Internet stream sockets.  When a connection is requested for one of
      its sockets, inetd decides which service the socket will support,
      forks a process, invokes an appropriate server for the connection, and
      passes the connected socket to the server as stdin and stdout.  Then
      inetd returns to listening for connection requests.

      For datagram services, inetd waits for activity on Internet datagram
      sockets.  When an incoming datagram is detected, inetd forks a
      process, invokes an appropriate server, and passes the socket to the
      server as stdin and stdout.  Then inetd waits, ignoring activity on
      that datagram socket, until the server exits.

      The inetd daemon is normally started by the /sbin/init.d/inetd script,
      which is invoked during the boot-time initialization.  Otherwise,
      inetd can be started only by the superuser.

      The Internet daemon and the servers it starts inherit the LANG and TZ
      environment variables and the umask of the process that started inetd.
      If inetd is started by the superuser, it inherits the superuser's
      umask, and passes that umask to the servers it starts.

      NOTE : Services currently supported by inetd will work in an IPv6
      environment with a few changes to the configuration file
      /etc/inetd.conf.  (See inetd.conf(4)).  When invoked, inetd reads
      /etc/inetd.conf and configures itself to support whatever services are
      included in that file (see inetd.conf(4)).  The inetd daemon also



 Hewlett-Packard Company            - 1 -   HP-UX 11i Version 2: August 2003






 inetd(1M)                                                         inetd(1M)




      performs a security check if the file /var/adm/inetd.sec exists (see
      inetd.sec(4)).  If the Internet daemon refuses a connection for
      security reasons, the connection is shut down.  Most RPC-based
      services, if their first connection is refused, attempt to connect
      four more times at 5-second intervals before timing out.  In such
      cases, inetd refuses the connection from the same service invocation
      five times.  This is visible in the system log if inetd connection
      logging and syslogd logging for the daemon facility are both enabled
      (see syslogd(1M)).

      The inetd daemon provides several "trivial" services internally by use
      of routines within itself.  The services are echo, discard, chargen
      (character generator), daytime (human readable time), and time
      (machine readable time in the form of the number of seconds since
      midnight, January 1, 1900).  The inetd daemon provides both TCP- and
      UDP-based servers for each of these services.  See inetd.conf(4) for
      instructions on configuring internal servers.

    Options    [Toc]    [Back]
      inetd recognizes the following options.  These options can be used
      only by a superuser.

           -c   Reconfigure the Internet daemon; in other words, force the
                current inetd to reread /etc/inetd.conf.  This option sends
                the signal SIGHUP to the Internet daemon that is currently
                running.  Any configuration errors that occur during the
                reconfiguration are logged to the syslogd daemon facility.

           -k   Kill the current inetd.  This option sends the signal
                SIGTERM to the Internet daemon that is currently running,
                causing it to exit gracefully.  This option is the preferred
                method of killing inetd.

           -l   By default, inetd starts with connection logging disabled.
                If no inetd is running, the -l option causes the inetd to
                start with connection logging enabled.  Otherwise the -l
                option causes inetd to send the signal SIGQUIT to the inetd
                that is already running, which causes it to toggle the state
                of connection logging.

           -r count [interval]
                inetd identifies a UDP service as broken or in an infinite
                loop when it receives count number of connections in
                interval seconds of time. When inetd finds any such broken
                service, it discards the packet requesting the socket
                connection, and refuses access to that service.  inetd tries
                enabling that service after 10 minutes and accepts
                connections for that service.  This is applicable to all UDP
                services other than tftp, bootp and rpc.  Using the -r
                option, you can specify the values for count and interval,
                which need to be decimal numbers.  If you invoke inetd



 Hewlett-Packard Company            - 2 -   HP-UX 11i Version 2: August 2003






 inetd(1M)                                                         inetd(1M)




                without this option or specify invalid values for this
                option, the default values 40 and 60 are taken for count and
                interval, respectively.

           -s   This option is similar to the -l option, but it suppresses
                the hostname while logging into the syslog file.  If inetd
                is not running, the -s option causes inetd to start with
                suppressed hostname logging enabled.  If inetd is running,
                the -s option causes inetd to send SIGFPE signal to inetd
                that is already running.  This causes inetd to toggle the
                state of suppressed hostname logging.

      When inetd is running with either of -l or of -s logging enabled, the
      Internet daemon logs attempted connections to services.  It also logs
      connection attempts which fail the security check.  This information
      can be useful when trying to determine if someone is repeatedly trying
      to access your system from a particular remote system (in other words,
      trying to break into your system).  Successful connection attempts are
      logged to the syslogd daemon facility at the info log level.
      Connection attempts failing the security check are logged at the
      notice log level.  inetd also logs whether the connection logging has
      been enabled or disabled at the info log level.

 DIAGNOSTICS    [Toc]    [Back]
      The following diagnostics are returned by the Internet daemon before
      it disconnects from the terminal.

           An inetd is already running    [Toc]    [Back]

                An attempt was made to start an Internet daemon when one was
                already running.  It is incorrect to call the Internet
                daemon a second time without the -c, -k, -l or -s option.

           There is no inetd running    [Toc]    [Back]

                An attempt was made to reconfigure an Internet daemon when
                none was running.

           Inetd not found    [Toc]    [Back]

                This message occurs if inetd is called with -c and another
                Internet daemon is running but cannot be reconfigured.  This
                occurs if the original Internet daemon died without removing
                its semaphore.

                Next step: Use the inetd -k command to remove the semaphore
                left by the previous Internet daemon; then restart the
                daemon.

      The following diagnostics are logged to the syslogd daemon facility.
      Unless otherwise indicated, messages are logged at the error log



 Hewlett-Packard Company            - 3 -   HP-UX 11i Version 2: August 2003






 inetd(1M)                                                         inetd(1M)




      level.

           /etc/inetd.conf: Unusable configuration file

                The Internet daemon is unable to access the configuration
                file /etc/inetd.conf.  The error message preceding this one
                specifies the reason for the failure.

           /etc/inetd.conf: line number: error

                There is an error on the specified line in /etc/inetd.conf.
                The line in the configuration file is skipped.  This error
                does not stop the Internet daemon from reading the rest of
                the file and configuring itself accordingly.

                Next step: Fix the line with the error and reconfigure the
                Internet daemon by executing the inetd -c command.

           system_call: message

                system_call failed.  See the corresponding manual entry for
                a description of system_call.  The reason for the failure is
                explained in message.

           Cannot configure inetd    [Toc]    [Back]

                None of the services/servers listed in the configuration
                file could be set up properly, due to configuration file
                errors.

           Too many services (max n)

                The number of active services listed in the configuration
                file exceeds the "hard" limit that can be supported by the
                system (see setrlimit(2)).

                Next step: Reduce the number of services listed in the
                configuration file, then reconfigure the Internet daemon by
                running the command inetd -c.

           file: \ found before end of line line

                file can be either inetd.conf or inetd.sec.  If a backslash
                is not immediately followed by an end of line, it is ignored
                and the information up to the end of line is accepted.  In
                this case, the next line of the file is not appended to the
                end of the current line.  Unless all the information
                required is present on a single line, configuration file
                error messages are also output.  This message is logged at
                the warning log level.




 Hewlett-Packard Company            - 4 -   HP-UX 11i Version 2: August 2003






 inetd(1M)                                                         inetd(1M)




           service/protocol: Unknown service

                The call to the library routine getservbyname (see
                getservent(3N)) failed.  The service is not listed in
                /etc/services.

                Next step: Include that service in /etc/services or
                eliminate the entry for the service in /etc/inetd.conf.

           service/protocol: Server failing (looping), service terminated.

                When inetd tries to start 40 servers within 60 seconds for a
                datagram service, other than bootp, rpc, or tftp, it assumes
                that the server is failing to handle the connection.  To
                avoid entering a potentially infinite loop, inetd issues
                this message, discards the packet requesting the socket
                connection, and refuses further connections for this
                service.  After 10 minutes, inetd tries to reinstate the
                service, and once again accepts connections for the service.
                inetd provides -r command-line option to modify the default
                values 40 and 60.

           service/protocol: socket: message
           service/protocol: listen: message
           service/protocol: getsockname: message

                Any one of the three errors above makes the service
                unusable.  For another host to communicate with the server
                host through this service, the Internet daemon needs to be
                reconfigured after any of these error messages.

           service/protocol: bind: message

                If this error occurs, the service is temporarily unusable.
                After 10 minutes, inetd tries again to make the service
                usable by binding to the Internet socket for the service.

           service/protocol: Access denied to remote_host (address)

                The remote host failed to pass the security test for the
                indicated service.  This information can be useful when
                trying to determine if someone is repeatedly trying to
                access your system from a particular remote system (in other
                words, trying to break into your system).  This message is
                logged at the warning log level.

           service/protocol: Connection from remote_host (address)

                When connection logging is enabled, this message indicates a
                successful connection attempt to the specified service.
                This message is logged at the notice log level.



 Hewlett-Packard Company            - 5 -   HP-UX 11i Version 2: August 2003






 inetd(1M)                                                         inetd(1M)




           service/protocol: Added service, server executable

                Keeps track of the services added when reconfiguring the
                Internet daemon.  This message is logged at the info log
                level.

           service/protocol: New list

                Lists the new user IDs, servers or executables used for the
                service when reconfiguring the Internet daemon.  This
                message is logged at the info log level.

           service/protocol: Deleted service

                Keeps track of the services deleted when reconfiguring the
                Internet daemon.  This message is logged at the info log
                level.

    Security File (inetd.sec) Errors    [Toc]    [Back]
      The following errors, prefixed by /var/adm/inetd.sec:, are related to
      the security file inetd.sec:

           Field contains other characters in addition to * for service

                For example, field 2 of the Internet address 10.5*.8.7 is
                incorrect.

           Missing low value in range for service

                For example, field 2 of the Internet address 10.-5.8.7 is
                incorrect.

           Missing high value in range for service

                For example, field 2 of the Internet address 10.5-.8.7 is
                incorrect.

           High value in range is lower than low value for service

                For example, field 2 of the Internet address 10.5-3.8.7 is
                incorrect.

           allow/deny field does not have a valid entry for service

                The entry in the allow/deny field is not one of the keywords
                allow or deny.  No security for this service is implemented
                by inetd since the line in the security file is ignored.
                This message is logged at the warning log level.

    RPC Related Errors for NFS Users    [Toc]    [Back]
      These errors are specific to RPC-based servers:



 Hewlett-Packard Company            - 6 -   HP-UX 11i Version 2: August 2003






 inetd(1M)                                                         inetd(1M)




           /etc/inetd.conf: line number: Missing program number
           /etc/inetd.conf: line number: Missing version number

                Error on the specified line of /etc/inetd.conf.  The program
                or version number for an RPC service is missing.  This error
                does not stop the Internet daemon from reading the rest of
                the file and configuring itself accordingly.  However, the
                service corresponding to the error message will not be
                configured correctly.

                Next step: Fix the line with the error, then reconfigure the
                Internet daemon by executing the inetd -c command.

           /etc/inetd.conf: line number: Invalid program number

                Error on the specified line of /etc/inetd.conf.  The program
                number for an RPC service is not a number.  This error does
                not stop the Internet daemon from reading the rest of the
                file and configuring itself accordingly.  However, the
                service corresponding to the error message will not be
                correctly configured.

                Next step: Fix the line with the error, then reconfigure the
                Internet daemon by executing the inetd -c command.

 AUTHOR    [Toc]    [Back]
      inetd was developed by HP and the University of California, Berkeley.

      NFS was developed by Sun Microsystems, Inc.

 FILES    [Toc]    [Back]
      /etc/inetd.conf               List of Internet server processes.
      /var/adm/inetd.sec            Optional security file.

 SEE ALSO    [Toc]    [Back]
      umask(1), portmap(1M), syslogd(1M), getservent(3N), inetd.conf(4),
      inetd.sec(4), protocols(4), services(4), environ(5).


 Hewlett-Packard Company            - 7 -   HP-UX 11i Version 2: August 2003
[ Back ]
      
      
 Similar pages
Name OS Title
services Linux Internet network services list
inetsvcs_sec HP-UX enable/disable secure internet services
tcpd FreeBSD access control facility for internet services
tcpd Linux access control facility for internet services
tcpd HP-UX access control facility for internet services
inetsvcs.conf HP-UX configuration file for secure internet services
services Tru64 Defines the sockets and protocols used for Internet services
tcpd OpenBSD tcp wrappers access control facility for internet services
sis HP-UX secure internet services with Kerberos authentication and authorization
rcinet Tru64 Restarts, starts, or stops Internet network services on the system
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service