linux-from-scratch/glfs
1
0
Fork 0
mirror of https://github.com/Zeckmathederg/glfs.git synced 2025-02-03 14:47:17 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
db78bbce2a
glfs/server/major/xinetd.xml
Bruce Dubbs addff0a608 Consolidated 'Server Networking' and 'Content Serving' 
git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@3716 af4574ff-66df-0310-9fd7-8a98e5e911e0
2005-04-12 16:06:13 +00:00

718 lines
18 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
<!ENTITY % general-entities SYSTEM "../../general.ent">
%general-entities;
<!ENTITY xinetd-download-http "http://www.xinetd.org/xinetd-&xinetd-version;.tar.gz">
<!ENTITY xinetd-download-ftp " ">
<!ENTITY xinetd-md5sum "4295b5fe12350f09b5892b363348ac8b">
<!ENTITY xinetd-size "291 KB">
<!ENTITY xinetd-buildsize "4.12 MB">
<!ENTITY xinetd-time "0.11 SBU">
]>
<sect1 id="xinetd" xreflabel="xinetd-&xinetd-version;">
<sect1info>
<othername>$LastChangedBy$</othername>
<date>$Date$</date>
</sect1info>
<?dbhtml filename="xinetd.html"?>
<title>xinetd-&xinetd-version;</title>
<indexterm zone="xinetd">
<primary sortas="a-Xinetd">Xinetd</primary>
</indexterm>
<sect2>
<title>Introduction to <application>xinetd</application></title>
<para><application>xinetd</application> is the eXtended InterNET services
Daemon, a secure replacement for <command>inetd</command>.</para>
<sect3>
<title>Package information</title>
<itemizedlist spacing='compact'>
<listitem><para>Download (HTTP): <ulink url="&xinetd-download-http;"/></para></listitem>
<listitem><para>Download (FTP): <ulink url="&xinetd-download-ftp;"/></para></listitem>
<listitem><para>Download MD5 sum: &xinetd-md5sum;</para></listitem>
<listitem><para>Download size: &xinetd-size;</para></listitem>
<listitem><para>Estimated disk space required: &xinetd-buildsize;</para></listitem>
<listitem><para>Estimated build time: &xinetd-time;</para></listitem>
</itemizedlist>
</sect3>
<sect3>
<title><application>xinetd</application> dependencies</title>
<sect4>
<title>Optional</title>
<para><xref linkend="tcpwrappers"/></para>
</sect4>
</sect3>
</sect2>
<sect2>
<title>Installation of <application>xinetd</application></title>
<para>Install <application>xinetd</application> by running the following
commands:</para>
<screen><userinput><command>./configure --prefix=/usr &amp;&amp;
make</command></userinput></screen>
<para>Now, as the root user:</para>
<screen><userinput role='root'><command>make install</command></userinput></screen>
</sect2>
<sect2>
<title>Configuring <application>xinetd</application></title>
<sect3 id="xinetd-config">
<title>Config files</title>
<para><filename>/etc/xinetd.conf</filename></para>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.conf">/etc/xinetd.conf</primary>
</indexterm>
</sect3>
<sect3>
<title>Configuration Information</title>
<para>Ensure the path to all daemons is
<filename class="directory">/usr/sbin</filename>, rather than the default path
of <filename class="directory">/usr/etc</filename>, and install the
<application>xinetd</application> configuration files by running the following
commands as the root user:</para>
<screen><userinput role='root'><command>cat &gt; /etc/xinetd.conf &lt;&lt; "EOF"</command>
# Begin /etc/xinetd
# Configuration file for xinetd
#
defaults
{
instances = 60
log_type = SYSLOG daemon
log_on_success = HOST PID USERID
log_on_failure = HOST USERID
cps = 25 30
}
# All service files are stored in the /etc/xinetd.d directory
#
includedir /etc/xinetd.d
# End /etc/xinetd
<command>EOF</command></userinput></screen>
<para>All of the following files have the statement, "disable = yes". To activate
any of the services, this statement will need to be changed to "disable = no".</para>
<note><para>The following files are listed to demonstrate classic
<application>xinetd</application> applications. In many cases, these
applications are not needed. In some cases, the applications are
considered security risks. For example, telnet, rlogin, rexec, and rsh
transmit unencrypted usernames and passwords over the network and can be easily
replaced with a more secure alternative: ssh.</para></note>
<screen><userinput role='root'><command>install -d -m755 /etc/xinetd.d &amp;&amp;</command>
<command>cat &gt; /etc/xinetd.d/login &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/login
service login
{
disable = yes
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/sbin/in.rlogind
log_type = SYSLOG local4 info
}
# End /etc/xinetd.d/login
<command>EOF
cat &gt; /etc/xinetd.d/shell &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/shell
service shell
{
disable = yes
socket_type = stream
wait = no
user = root
instances = UNLIMITED
flags = IDONLY
log_on_success += USERID
server = /usr/sbin/in.rshd
}
# End /etc/xinetd.d/shell
<command>EOF
cat &gt; /etc/xinetd.d/exec &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/exec
service exec
{
disable = yes
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.rexecd
}
# End /etc/xinetd.d/exec
<command>EOF
cat &gt; /etc/xinetd.d/comsat &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/comsat
service comsat
{
disable = yes
socket_type = dgram
wait = yes
user = nobody
group = tty
server = /usr/sbin/in.comsat
}
# End /etc/xinetd.d/comsat
<command>EOF
cat &gt; /etc/xinetd.d/talk &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/talk
service talk
{
disable = yes
socket_type = dgram
wait = yes
user = root
server = /usr/sbin/in.talkd
}
# End /etc/xinetd.d/talk
<command>EOF
cat &gt; /etc/xinetd.d/ntalk &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/ntalk
service ntalk
{
disable = yes
socket_type = dgram
wait = yes
user = root
server = /usr/sbin/in.ntalkd
}
# End /etc/xinetd.d/ntalk
<command>EOF
cat &gt; /etc/xinetd.d/telnet &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/telnet
service telnet
{
disable = yes
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.telnetd
bind = 127.0.0.1
log_on_failure += USERID
}
service telnet
{
disable = yes
socket_type = stream
wait = no
user = root
# server = /usr/sbin/in.telnetd
bind = 192.231.139.175
redirect = 128.138.202.20 23
log_on_failure += USERID
}
# End /etc/xinetd.d/telnet
<command>EOF
cat &gt; /etc/xinetd.d/ftp &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/ftp
service ftp
{
disable = yes
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.ftpd
server_args = -l
instances = 4
log_on_success += DURATION USERID
log_on_failure += USERID
access_times = 2:00-8:59 12:00-23:59
nice = 10
}
# End /etc/xinetd.d/ftp
<command>EOF
cat &gt; /etc/xinetd.d/tftp &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/tftp
service tftp
{
disable = yes
socket_type = dgram
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s /tftpboot
}
# End /etc/xinetd.d/tftp
<command>EOF
cat &gt; /etc/xinetd.d/finger &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/finger
service finger
{
disable = yes
socket_type = stream
wait = no
user = nobody
server = /usr/sbin/in.fingerd
}
# End /etc/xinetd.d/finger
<command>EOF
cat &gt; /etc/xinetd.d/systat &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/systat
service systat
{
disable = yes
socket_type = stream
wait = no
user = nobody
server = /usr/bin/ps
server_args = -auwwx
only_from = 128.138.209.0
log_on_success = HOST
}
# End /etc/xinetd.d/systat
<command>EOF
cat &gt; /etc/xinetd.d/netstat &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/netstat
service netstat
{
disable = yes
socket_type = stream
wait = no
user = nobody
server = /usr/ucb/netstat
server_args = -f inet
only_from = 128.138.209.0
log_on_success = HOST
}
# End /etc/xinetd.d/netstat
<command>EOF
cat &gt; /etc/xinetd.d/echo &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/echo
service echo
{
disable = yes
type = INTERNAL
id = echo-stream
socket_type = stream
protocol = tcp
user = root
wait = no
}
service echo
{
disable = yes
type = INTERNAL
id = echo-dgram
socket_type = dgram
protocol = udp
user = root
wait = yes
}
# End /etc/xinetd.d/echo
<command>EOF
cat &gt; /etc/xinetd.d/chargen &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/chargen
service chargen
{
disable = yes
type = INTERNAL
id = chargen-stream
socket_type = stream
protocol = tcp
user = root
wait = no
}
service chargen
{
disable = yes
type = INTERNAL
id = chargen-dgram
socket_type = dgram
protocol = udp
user = root
wait = yes
}
# End /etc/xinetd.d/chargen
<command>EOF
cat &gt; /etc/xinetd.d/daytime &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/daytime
service daytime
{
disable = yes
type = INTERNAL
id = daytime-stream
socket_type = stream
protocol = tcp
user = root
wait = no
}
service daytime
{
disable = yes
type = INTERNAL
id = daytime-dgram
socket_type = dgram
protocol = udp
user = root
wait = yes
}
# End /etc/xinetd.d/daytime
<command>EOF
cat &gt; /etc/xinetd.d/time &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/time
service time
{
disable = yes
type = INTERNAL
id = time-stream
socket_type = stream
protocol = tcp
user = root
wait = no
}
service time
{
disable = yes
type = INTERNAL
id = time-dgram
socket_type = dgram
protocol = udp
user = root
wait = yes
}
# End /etc/xinetd.d/time
<command>EOF
cat &gt; /etc/xinetd.d/rstatd &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/rstatd
ervice rstatd
{
disable = yes
type = RPC
flags = INTERCEPT
rpc_version = 2-4
socket_type = dgram
protocol = udp
server = /usr/sbin/rpc.rstatd
wait = yes
user = root
}
# End /etc/xinetd.d/rstatd
<command>EOF
cat &gt; /etc/xinetd.d/rquotad &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/rquotad
service rquotad
{
disable = yes
type = RPC
rpc_version = 1
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/rpc.rstatd
}
# End /etc/xinetd.d/rquotad
<command>EOF
cat &gt; /etc/xinetd.d/rusersd &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/rusersd
service rusersd
{
disable = yes
type = RPC
rpc_version = 1-2
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/rpc.rusersd
}
# End /etc/xinetd.d/rusersd
<command>EOF
cat &gt; /etc/xinetd.d/sprayd &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/sprayd
service sprayd
{
disable = yes
type = RPC
rpc_version = 1
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/rpc.sprayd
}
# End /etc/xinetd.d/sprayd
<command>EOF
cat &gt; /etc/xinetd.d/walld &lt;&lt; "EOF" &amp;&amp;</command>
# Begin /etc/xinetd.d/walld
service walld
{
disable = yes
type = RPC
rpc_version = 1
socket_type = dgram
protocol = udp
wait = yes
user = nobody
group = tty
server = /usr/sbin/rpc.rwalld
}
# End /etc/xinetd.d/walld
<command>EOF
cat &gt; /etc/xinetd.d/irc &lt;&lt; "EOF"</command>
# Begin /etc/xinetd.d/irc
service irc
{
disable = yes
socket_type = stream
wait = no
user = root
flags = SENSOR
type = INTERNAL
bind = 192.168.1.30
deny_time = 60
}
# End /etc/xinetd.d/irc
<command>EOF</command></userinput></screen>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-login">/etc/xinetd.d/login</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-shell">/etc/xinetd.d/shell</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-exec">/etc/xinetd.d/exec</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-comsat">/etc/xinetd.d/comsat</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-talk">/etc/xinetd.d/talk</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-ntalk">/etc/xinetd.d/ntalk</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-telnet">/etc/xinetd.d/telnet</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-ftp">/etc/xinetd.d/ftp</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-tftp">/etc/xinetd.d/tftp</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-systat">/etc/xinetd.d/systat</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-finger">/etc/xinetd.d/finger</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-netstat">/etc/xinetd.d/netstat</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-echo">/etc/xinetd.d/echo</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-chargen">/etc/xinetd.d/chargen</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-daytime">/etc/xinetd.d/daytime</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-time">/etc/xinetd.d/time</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-rstatd">/etc/xinetd.d/rstatd</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-rquotad">/etc/xinetd.d/rquotad</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-ruserd">/etc/xinetd.d/ruserd</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-sprayd">/etc/xinetd.d/sprayd</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-walld">/etc/xinetd.d/walld</primary>
</indexterm>
<indexterm zone="xinetd xinetd-config">
<primary sortas="e-etc-xinetd.d-irc">/etc/xinetd.d/irc</primary>
</indexterm>
<para>The format of the <filename>/etc/xinetd.conf</filename> is
documented in the <filename>xinetd.conf.5</filename> man page. Further
information can be found at <ulink url="http://www.xinetd.org"/>.</para>
<para id="xinetd-init">As the root user, install the
<filename>/etc/rc.d/init.d/xinetd</filename> init script included in the
<xref linkend="intro-important-bootscripts"/> package.</para>
<indexterm zone="xinetd xinetd-init">
<primary sortas="f-xinetd">xinetd</primary>
</indexterm>
<screen><userinput role='root'><command>make install-xinetd</command></userinput></screen>
<para>As the root user, use the new boot script to start
<command>xinetd</command>:</para>
<screen><userinput role='root'><command>/etc/rc.d/init.d/xinetd start</command></userinput></screen>
<para>Checking the <filename>/var/log/daemon.log</filename> file
should prove quite entertaining. This file may contain entries
similar to the following:</para>
<screen>Aug 22 21:40:21 dps10 xinetd[2696]: Server /usr/sbin/in.rlogind is not
executable [line=29]
Aug 22 21:40:21 dps10 xinetd[2696]: Error parsing attribute server -
DISABLING SERVICE [line=29]
Aug 22 21:40:21 dps10 xinetd[2696]: Server /usr/sbin/in.rshd is not
executable [line=42]</screen>
<para>These errors are because most of the servers <command>xinetd</command>
is trying to control are not installed yet.</para>
</sect3>
</sect2>
<sect2>
<title>Contents</title>
<segmentedlist>
<segtitle>Installed Programs</segtitle>
<segtitle>Installed Libraries</segtitle>
<segtitle>Installed Directories</segtitle>
<seglistitem>
<seg>itox, xconv.pl and xinetd</seg>
<seg>None</seg>
<seg>/etc/xinetd.d/</seg>
</seglistitem>
</segmentedlist>
<variablelist>
<bridgehead renderas="sect3">Short Descriptions</bridgehead>
<?dbfo list-presentation="list"?>
<varlistentry id="itox">
<term><command>itox</command></term>
<listitem><para>is a utility used for converting
<filename>inetd.conf</filename> files to
<filename>xinetd.conf</filename> format.</para>
<indexterm zone="xinetd itox">
<primary sortas="b-itox">itox</primary>
</indexterm></listitem>
</varlistentry>
<varlistentry id="xconv.pl">
<term><command>xconv.pl</command></term>
<listitem><para>is a <application>Perl</application> script used for
converting <filename>inetd.conf</filename> files to
<filename>xinetd.conf</filename> format, similar to
<command>itox</command>.</para>
<indexterm zone="xinetd xconv.pl">
<primary sortas="b-xconv.pl">xconv.pl</primary>
</indexterm></listitem>
</varlistentry>
<varlistentry id="xinetd-prog">
<term><command>xinetd</command></term>
<listitem><para>is the Internet services daemon.</para>
<indexterm zone="xinetd xinetd-prog">
<primary sortas="b-xinetd">xinetd</primary>
</indexterm></listitem>
</varlistentry>
</variablelist>
</sect2>
</sect1>
Reference in New Issue View Git Blame Copy Permalink