1 .\" Copyright (c) 1985, 1991, 1993, 1994
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. All advertising materials mentioning features or use of this software
13 .\" must display the following acknowledgement:
14 .\" This product includes software developed by the University of
15 .\" California, Berkeley and its contributors.
16 .\" 4. Neither the name of the University nor the names of its contributors
17 .\" may be used to endorse or promote products derived from this software
18 .\" without specific prior written permission.
20 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 .\" from: @(#)inetd.8 8.3 (Berkeley) 4/13/94
50 .Op Fl a Ar address | hostname
54 .Op Ar configuration file
58 utility should be run at boot time by
62 It then listens for connections on certain
63 internet sockets. When a connection is found on one
64 of its sockets, it decides what service the socket
65 corresponds to, and invokes a program to service the request.
66 The server program is invoked with the service socket
67 as its standard input, output and error descriptors.
71 continues to listen on the socket (except in some cases which
72 will be described below). Essentially,
74 allows running one daemon to invoke several others,
75 reducing load on the system.
77 The following options are available:
78 .Bl -tag -width indent
82 Turn on logging of successful connections.
84 Turn on TCP Wrapping for external services.
86 .Sx "IMPLEMENTATION NOTES"
87 section for more information on TCP Wrappers support.
89 Turn on TCP Wrapping for internal services which are built in to
92 Specify the default maximum number of
93 simultaneous invocations of each service;
94 the default is unlimited.
95 May be overridden on a per-service basis with the "max-child"
98 Specify the default maximum number of times a service can be invoked
99 from a single IP address in one minute; the default is unlimited.
100 May be overridden on a per-service basis with the
101 "max-connections-per-ip-per-minute" parameter.
103 Specify the maximum number of times a service can be invoked
104 in one minute; the default is 256.
105 A rate of 0 allows an unlimited number of invocations.
107 Specify the default maximum number of
108 simultaneous invocations of each service from a single IP address;
109 the default is unlimited.
110 May be overridden on a per-service basis with the "max-child-per-ip"
113 Specify one specific IP address to bind to.
114 Alternatively, a hostname can be specified,
115 in which case the IPv4 or IPv6 address
116 which corresponds to that hostname is used.
117 Usually a hostname is specified when
121 in which case the hostname corresponds to the
125 When hostname specification is used
126 and both IPv4 and IPv6 bindings are desired,
127 one entry with the appropriate
129 type for each binding
130 is required for each service in
131 .Pa /etc/inetd.conf .
133 a TCP-based service would need two entries,
140 See the explanation of the
145 Specify an alternate file in which to store the process ID.
150 reads its configuration information from a configuration
151 file which, by default, is
152 .Pa /etc/inetd.conf .
153 There must be an entry for each field of the configuration
154 file, with entries for each field separated by a tab or
155 a space. Comments are denoted by a
158 of a line. There must be an entry for each field. The
159 fields of the configuration file are as follows:
161 .Bd -unfilled -offset indent -compact
165 {wait|nowait}[/max-child[/max-connections-per-ip-per-minute[/max-child-per-ip]]]
166 user[:group][/login-class]
168 server program arguments
172 .Tn "ONC RPC" Ns -based
173 service, the entry would contain these fields:
175 .Bd -unfilled -offset indent -compact
179 user[:group][/login-class]
181 server program arguments
184 There are two types of services that
186 can start: standard and TCPMUX.
187 A standard service has a well-known port assigned to it;
188 it may be a service that implements an official Internet standard or is a
193 TCPMUX services are nonstandard services that do not have a
194 well-known port assigned to them.
195 They are invoked from
197 when a program connects to the
199 well-known port and specifies
201 This feature is useful for adding locally-developed servers.
202 TCPMUX requests are only accepted when the multiplexor service itself
203 is enabled, above and beyond and specific TCPMUX-based servers; see the
204 discussion of internal services below.
208 entry is the name of a valid service in
211 or the specification of a
213 domain socket (see below).
216 services (discussed below), the service
219 be the official name of the service (that is, the first entry in
220 .Pa /etc/services ) .
221 When used to specify an
222 .Tn "ONC RPC" Ns -based
223 service, this field is a valid RPC service name in
226 The part on the right of the
228 is the RPC version number.
230 can simply be a single numeric argument or a range of versions.
231 A range is bounded by the low version to the high version -
233 For TCPMUX services, the value of the
235 field consists of the string
237 followed by a slash and the
238 locally-chosen service name.
239 The service names listed in
244 Try to choose unique names for your TCPMUX services by prefixing them with
245 your organization's name and suffixing them with a version number.
256 depending on whether the socket is a stream, datagram, raw,
257 reliably delivered message, or sequenced packet socket.
258 TCPMUX services must use
263 must be a valid protocol or
269 both of which imply IPv4 for backward compatibility.
284 specify that the entry accepts both IPv4 and IPv6 connections
288 If it is desired that the service is reachable via T/TCP, one should
291 which implies IPv4 for backward compatibility.
294 specifies IPv4 only, while
299 specify that the entry accepts both IPv6 and IPv6 connections
304 are specified with the
309 One can use specify IPv4 and/or IPv6 with the 4, 6 or 46 suffix, for example
313 TCPMUX services must use
322 entry specifies whether the server that is invoked by
325 the socket associated with the service access point, and thus whether
327 should wait for the server to exit before listening for new service
329 Datagram servers must use
331 as they are always invoked with the original datagram socket bound
332 to the specified service address.
333 These servers must read at least one datagram from the socket
335 If a datagram server connects
336 to its peer, freeing the socket so
338 can receive further messages on the socket, it is said to be
342 it should read one datagram from the socket and create a new socket
343 connected to the peer.
344 It should fork, and the parent should then exit
347 to check for new service requests to spawn new servers.
348 Datagram servers which process all incoming datagrams
349 on a socket and eventually time out are said to be
350 .Dq single-threaded .
355 are both examples of the latter type of
358 is an example of a multi-threaded datagram server.
360 Servers using stream sockets generally are multi-threaded and
364 Connection requests for these services are accepted by
366 and the server is given only the newly-accepted socket connected
367 to a client of the service.
368 Most stream-based services operate in this manner.
369 Stream-based servers that use
371 are started with the listening service socket, and must accept
372 at least one connection request before exiting.
373 Such a server would normally accept and process incoming connection
374 requests until a timeout.
375 TCPMUX services must use
378 The maximum number of outstanding child processes (or
382 service may be explicitly specified by appending a
384 followed by the number to the
388 (or if a value of zero is specified) there is no maximum.
390 once the maximum is reached, further connection attempts will be
391 queued up until an existing child process exits.
395 mode, although a value other than one (the
396 default) might not make sense in some cases.
397 You can also specify the maximum number of connections per minute
398 for a given IP address by appending
401 followed by the number to the maximum number of
402 outstanding child processes.
403 Once the maximum is reached, further
404 connections from this IP address will be dropped until the end of the
406 In addition, you can specify the maximum number of simultaneous
407 invocations of each service from a single IP address by appending a
409 followed by the number to the maximum number of outstanding child
410 processes. Once the maximum is reached, further connections from this
411 IP address will be dropped.
415 entry should contain the user name of the user as whom the server
416 should run. This allows for servers to be given less permission
422 allows to specify group name different
423 than default group for this user.
428 allows to specify login class different
435 entry should contain the pathname of the program which is to be
438 when a request is found on its socket. If
440 provides this service internally, this entry should
445 .Em server program arguments
446 should be just as arguments
447 normally are, starting with argv[0], which is the name of
448 the program. If the service is provided internally, the
450 of the service (and any arguments to it) or the word
452 should take the place of this entry.
454 Currently, the only internal service to take arguments is
456 Without options, the service will always return
457 .Dq ERROR\ : HIDDEN-USER .
458 The available arguments to this service that alter its behavior are:
459 .Bl -tag -width indent
469 option discussed below),
470 return this username instead of an error
472 for either socket credentials or the username.
476 return this username for every request.
477 This is primarily useful when running this service on a NAT machine.
480 the user's name to the ident requester,
482 username made up of random alphanumeric characters,
487 flag overrides not only the user names,
488 but also any fallback name,
494 .Ar sec Ns Op . Ns Ar usec
496 Specify a timeout for the service.
497 The default timeout is 10.0 seconds.
501 service, as per RFC 1413.
502 All the remaining flags apply only in this case.
504 Return numeric user IDs instead of usernames.
508 exists in the home directory of the identified user, report the username
509 found in that file instead of the real username.
510 If the username found in
512 is that of an existing user,
513 then the real username is reported.
516 flag is also given then the username in
518 is checked against existing user IDs instead.
522 but without the restriction that the username in
524 must not match an existing user.
528 exists in the home directory of the identified user, return
529 .Dq ERROR\ : HIDDEN-USER .
532 file which might exist.
536 instead of the name of the system as reported by
542 utility also provides several other
544 services internally by use of
545 routines within itself. These services are
549 (character generator),
551 (human readable time), and
553 (machine readable time, in the form of the number of seconds since
554 midnight, January 1, 1900). All of these services are available in
555 both TCP and UDP versions; the UDP versions will refuse service if the
556 request specifies a reply port corresponding to any internal service.
557 (This is done as a defense against looping attacks; the remote IP address
559 For details of these services, consult the
564 The TCPMUX-demultiplexing service is also implemented as an internal service.
565 For any TCPMUX-based service to function, the following line must be included
568 .Bd -literal -offset indent
569 tcpmux stream tcp nowait root internal
576 will log an entry to syslog each time a connection is accepted, noting the
577 service selected and the IP-number of the remote requester if available.
578 Unless otherwise specified in the configuration file,
579 and in the absence of the
591 utility rereads its configuration file when it receives a hangup signal,
593 Services may be added, deleted or modified when the configuration file
595 Except when started in debugging mode,
597 records its process ID in the file
598 .Pa /var/run/inetd.pid
599 to assist in reconfiguration.
600 .Sh IMPLEMENTATION NOTES
606 will wrap all services specified as
615 option is given, such
617 services will be wrapped.
618 If both options are given, wrapping for both
619 internal and external services will be enabled.
620 Either wrapping option
621 will cause failed connections to be logged to the
626 flag to the wrapping options will include successful connections in the
633 only wraps requests for a
635 service while no servers are available to service requests.
637 connection to such a service has been allowed,
640 over subsequent connections to the service until no more servers
641 are left listening for connection requests.
643 When wrapping is enabled, the
645 daemon is not required, as that functionality is builtin.
646 For more information on TCP Wrappers, see the relevant documentation
647 .Pq Xr hosts_access 5 .
648 When reading that document, keep in mind that
650 services have no associated daemon name.
651 Therefore, the service name
654 should be used as the daemon name for
659 describes the TCPMUX protocol:
660 ``A TCP client connects to a foreign host on TCP port 1. It sends the
661 service name followed by a carriage-return line-feed <CRLF>. The
662 service name is never case sensitive. The server replies with a
663 single character indicating positive (+) or negative (\-)
664 acknowledgment, immediately followed by an optional message of
665 explanation, terminated with a <CRLF>. If the reply was positive,
666 the selected protocol begins; otherwise the connection is closed.''
667 The program is passed the TCP connection as file descriptors 0 and 1.
669 If the TCPMUX service name begins with a
672 returns the positive reply for the program.
673 This allows you to invoke programs that use stdin/stdout
674 without putting any special server code in them.
676 The special service name
680 to list TCPMUX services in
683 The implementation includes a tiny hack
684 to support IPsec policy settings for each socket.
685 A special form of comment line, starting with
687 is interpreted as a policy specifier.
690 will be used as an IPsec policy string,
692 .Xr ipsec_set_policy 3 .
694 policy specifier is applied to all the following lines in
696 until the next policy specifier.
697 An empty policy specifier resets the IPsec policy.
699 If an invalid IPsec policy specifier appears in
702 will provide an error message via the
704 interface and abort execution.
705 .Ss Ux Domain Sockets
706 In addition to running services on IP sockets,
711 To do this you specify a
725 The specification of the socket must be
726 an absolute path name,
727 optionally prefixed by an owner and mode
729 .Em :user:group:mode: .
732 .Dl ":news:daemon:220:/var/run/sock"
734 creates a socket owned
739 with permissions allowing only that user and group to connect.
740 The default owner is the user that
743 The default mode only allows the socket's owner to connect.
750 must change the ownership and permissions on the socket.
751 This can only be done securely if
752 the directory in which the socket is created
753 is writable only by root.
758 to create sockets in world writable directories,
763 or a similar directory.
765 Internal services may be run on
767 domain sockets, in the usual way.
769 the name of the internal service
771 the last component of the socket's pathname.
773 .Bl -tag -width /var/run/inetd.pid -compact
774 .It Pa /etc/inetd.conf
777 translation of service names to RPC program numbers
779 translation of service names to port numbers
780 .It Pa /var/run/inetd.pid
781 the pid of the currently running
785 Here are several example service entries for the various types of services:
787 ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
788 ntalk dgram udp wait root /usr/libexec/ntalkd ntalkd
789 telnet stream tcp6 nowait root /usr/libexec/telnetd telnetd
790 shell stream tcp46 nowait root /usr/libexec/rshd rshd
791 tcpmux/+date stream tcp nowait guest /bin/date date
792 tcpmux/phonebook stream tcp nowait guest /usr/local/bin/phonebook phonebook
793 rstatd/1-3 dgram rpc/udp wait root /usr/libexec/rpc.rstatd rpc.rstatd
794 /var/run/echo stream unix nowait root internal
796 chargen stream tcp nowait root internal
803 logs error messages using
805 Important error messages and their explanations are:
809 .Ar service Ns / Ns Ar protocol
810 .No "server failing (looping), service terminated."
812 The number of requests for the specified service in the past minute
814 The limit exists to prevent a broken program
815 or a malicious user from swamping the system.
816 This message may occur for several reasons:
817 .Bl -enum -offset indent
819 There are many hosts requesting the service within a short time period.
821 A broken client program is requesting the service too frequently.
823 A malicious user is running a program to invoke the service in
824 a denial-of-service attack.
826 The invoked service program has an error that causes clients
833 as described above, to change the rate limit.
834 Once the limit is reached, the service will be
835 reenabled automatically in 10 minutes.
838 .Ar service Ns / Ns Ar protocol :
844 .Ar service Ns / Ns Ar protocol :
857 (re)reads the configuration file.
858 The second message occurs when the
871 The user or group ID for the entry's
875 .It "setsockopt(SO_PRIVSTATE): Operation not supported"
878 utility attempted to renounce the privileged state associated with a
879 socket but was unable to.
882 .Xr ipsec_set_policy 3 ,
884 .Xr hosts_options 5 ,
899 .%A Michael C. St. Johns
900 .%T Identification Protocol
908 TCPMUX is based on code and documentation by Mark Lottor.
911 based services is modeled after that
915 The IPsec hack was contributed by the KAME project in 1999.
918 TCP Wrappers support first appeared in