LinuxDevCenter.com
oreilly.comSafari Books Online.Conferences.

advertisement


Linux in a Nutshell

This directory of Linux commands is from Linux in a Nutshell, 5th Edition.

Click on any of the 687 commands below to get a description and list of available options. All links in the command summaries point to the online version of the book on Safari Bookshelf.

Buy it now, or read it online on Safari Bookshelf.



xinetd

xinetd [options]

TCP/IP command. The extended Internet services daemon. xinetd saves system resources by listening to multiple sockets on the behalf of other server programs, invoking necessary programs as requests are made for their services. Beyond this, xinetd provides better logging facilities, including remote user ID, access times, and server-specific information. It also provides access-control facilities. Not limited to system administration use, it can launch services that are not listed in /etc/services. Unprivileged users can use this tool to start their own servers.

Options

-cc num

Perform an internal-state consistency check every num seconds.

-d

Turn on debugging support.

-dontfork

Execute in the foreground. This option automatically sets the -stayalive option.

-f file

Read configuration from the specified file instead of /etc/xinetd.conf.

-filelog file

Write log messages to the specified file. Cannot be combined with -syslog or -d.

-inetd_compat

Read the /etc/inetd.conf file after reading /etc/xinetd.conf.

-limit num

Start no more than num concurrent processes.

-logprocs num

Limit processes used to look up remote user IDs to num.

-pidfile file

Write xinetd's process ID to file.

-stayalive

Keep running even when no services have been specified.

-syslog facility

Log messages to the specified syslogd facility. Accepted values are daemon, auth, user, and localn, where n can range from 0 to 7. Cannot be combined with -syslog or -d. The default behavior is to write messages to syslogd using the daemon facility.

-version

Print version information, then exit.

Configuration files

By default xinetd reads its configuration information from file /etc/xinetd.conf. Lines in this file beginning with # are treated as comments. The entries for each service differ completely from /etc/inetd entries. xinetd configuration entries for services follow the pattern:

service servicename { attribute1 = valueset1 attribute2 = valueset2 }

Some attributes allow assignment operators other than =. Other operators are +=, to add to a value set, and -=, to remove a value from a value set. There are many attributes available to control services. The following are the most common:

cps

Limit incoming connection rate. Accepts two numeric arguments: the number of connections per second to allow and the number of seconds to wait to accept a new connection when the rate is exceeded. The default is 50 incoming connections and a 10-second wait.

disable

Accept a Boolean yes or no. When disabled, xinetd will ignore the entry.

flags

Accept a set of the following values defining xinetd's behavior:

IDONLY

Accept only connections when the remote user's ID can be verified by an identification server. Cannot be used with USERID logging.

INTERCEPT

Intercept packets to ensure they are coming from allowed locations. Cannot be used with internal or multithreaded services.

IPv4

Service is an IPv4 service.

IPv6

Service is an IPv6 service.

KEEPALIVE

Set flag on socket, enabling periodic checks to determine if the line is still receiving data.

NAMEINARGS

Expect the first argument for the server_args attribute to be the command to run. This flag is necessary to wrap services with tcpd.

NODELAY

Set socket's NODELAY flag.

NOLIBWRAP

Don't use xinetd's internal TCP wrapping facilities.

NORETRY

If service fails to fork, don't try to fork again.

SENSOR

Instead of launching a service, add IP addresses that attempt to access this service to a list of denied addresses for a time specified by the deny_time attribute.

group

Specify a group ID for the server process. This may be used only when xinetd runs as root.

nice

Set service priority. This attribute accepts the same values as the renice command.

id

Specify a unique identifier for the service. Useful when creating multiple entries with the servicename. For example, two versions of the echo service, one supporting UDP and the other TCP, might be given the identifiers echo-stream and echo-dgram.

log_on_failure

Specify values to log when a server cannot be started. Accepted values are HOST, USERID, or just ATTEMPT.

log_on_success

Specify values to log when a server is started. Accepted values are PID, HOST, USERID, EXIT, and DURATION.

no_access

Specify hosts that should not be allowed access to a service. May be given as an IP address, a netmask, a hostname, a network name from /etc/networks, or a group of IP addresses like so: 192.168.1.{10,11,12,15,32}.

only_from

Restrict access to the service to the specified hosts. This attribute accepts the same values as no_access.

per_source

Specify the maximum number of instances allowed to a single source IP address. The default is "UNLIMITED".

port

Specify the service port to listen to. This attribute is required for non-RPC services not listed in /etc/services. If the service is listed, the value of port cannot differ from what is listed.

protocol

Specify protocol to use, usually tcp or udp. The protocol must be listed in /etc/protocols. This attribute is required for RPC services, as well as services not found in /etc/services.

rpc_version

The RPC version used by the service. This can be a single number or a range of numbers from x-y. This attribute is required for RPC services.

rpc_number

Specify RPC ID number. This is required only for services not listed in /etc/rpc; otherwise it's ignored.

server

The program to execute for the service. When using tcpd to wrap a service, also set the NAMEINARGS flag and use the server's program name as the first argument for server_args. This attribute is required for all non-internal services.

server_args

Arguments to pass to the server program.

socket_type

Specify the socket type to create. Accepted values are stream, dgram, raw, and seqpacket.

type

Describe the type of service. Accepted values are RPC, INTERNAL, and UNLISTED.

user

Specify a user ID for the server process. This may be used only when xinetd runs as root.

wait

Determine whether services should be treated as single-threaded (yes) and xinetd should wait until the server exits to resume listening for new connections, or multithreaded (no) and xinetd should not wait to resume listening. This attribute is required for all serices.

Files

/etc/xinetd.conf

Default configuration file.

/etc/xinetd.d

Common directory containing configuration files included from /etc/xinetd.conf.


Linux Resources
  • Linux Online
  • The Linux FAQ
  • linux.java.net
  • Linux Kernel Archives
  • Kernel Traffic
  • DistroWatch.com


  • Sponsored by: