unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (HP-UX-11.11)
Page:
Section:
Apropos / Subsearch:
optional field



 inetd(1M)							   inetd(1M)




 NAME
      inetd - Internet services daemon

 SYNOPSIS
      /usr/sbin/inetd [-c]

      /usr/sbin/inetd [-k]

      /usr/sbin/inetd [-l]

 DESCRIPTION
      The inetd daemon is the Internet superserver, which invokes Internet
      server processes as needed.  It must be running before other hosts can
      connect to the local host through ftp, rcp, remsh, rlogin, and telnet.
      The inetd daemon also supports services based on the Remote Procedure
      Call (RPC) protocol (NFS), such as rwalld and rusersd.  If RPC servers
      are started by inetd, the portmap server (see portmap(1M)) must be
      started before inetd.

      The inetd daemon is designed to invoke all the Internet servers as
      needed, thus reducing load on the system.	 It is normally started at
      system boot time.	 Only one inetd can run at any given time.

      The inetd daemon starts servers for both stream and datagram type
      services.	 For stream services, inetd listens for connection requests
      on Internet stream sockets.  When a connection is requested for one of
      its sockets, inetd decides which service the socket will support,
      forks a process, invokes an appropriate server for the connection, and
      passes the connected socket to the server as stdin and stdout.  Then
      inetd returns to listening for connection requests.

      For datagram services, inetd waits for activity on Internet datagram
      sockets.	When an incoming datagram is detected, inetd forks a
      process, invokes an appropriate server, and passes the socket to the
      server as stdin and stdout.  Then inetd waits, ignoring activity on
      that datagram socket, until the server exits.

      The inetd daemon is normally started by the /sbin/init.d/inetd script,
      which is invoked during the boot-time initialization.  Otherwise,
      inetd can be started only by the superuser.

      The Internet daemon and the servers it starts inherit the LANG and TZ
      environment variables and the umask of the process that started inetd.
      If inetd is started by the superuser, it inherits the superuser's
      umask, and passes that umask to the servers it starts.

      When invoked, inetd reads /etc/inetd.conf and configures itself to
      support whatever services are included in that file (see
      inetd.conf(4)).  The inetd daemon also performs a security check if
      the file /var/adm/inetd.sec exists (see inetd.sec(4)).  If the
      Internet daemon refuses a connection for security reasons, the



 Hewlett-Packard Company	    - 1 -   HP-UX Release 11i: November 2000






 inetd(1M)							   inetd(1M)




      connection is shut down.	Most RPC-based services, if their first
      connection is refused, attempt to connect four more times at 5-second
      intervals before timing out.  In such cases, inetd refuses the
      connection from the same service invocation five times.  This is
      visible in the system log if inetd connection logging and syslogd
      logging for the daemon facility are both enabled (see syslogd(1M)).

      The inetd daemon provides several "trivial" services internally by use
      of routines within itself.  The services are echo, discard, chargen
      (character generator), daytime (human readable time), and time
      (machine readable time in the form of the number of seconds since
      midnight, January 1, 1900).  The inetd daemon provides both TCP- and
      UDP-based servers for each of these services.  See inetd.conf(4) for
      instructions on configuring internal servers.

    Options
      inetd recognizes the following options.  These options can be used
      only by a superuser.

	   -c	Reconfigure the Internet daemon; in other words, force the
		current inetd to reread /etc/inetd.conf.  This option sends
		the signal SIGHUP to the Internet daemon that is currently
		running.  Any configuration errors that occur during the
		reconfiguration are logged to the syslogd daemon facility.

	   -k	Kill the current inetd.	 This option sends the signal
		SIGTERM to the Internet daemon that is currently running,
		causing it to exit gracefully.	This option is the preferred
		method of killing inetd.

	   -l	By default, inetd starts with connection logging disabled.
		If no inetd is running, the -l option causes the inetd to
		start with connection logging enabled.	Otherwise the -l
		option causes inetd to send the signal SIGQUIT to the inetd
		that is already running, which causes it to toggle the state
		of connection logging.

		When connection logging is enabled, the Internet daemon logs
		attempted connections to services.  It also logs connection
		attempts which fail the security check.	 This information
		can be useful when trying to determine if someone is
		repeatedly trying to access your system from a particular
		remote system (in other words, trying to break into your
		system).  Successful connection attempts are logged to the
		syslogd daemon facility at the info log level.	Connection
		attempts failing the security check are logged at the notice
		log level.  inetd also logs whether the connection logging
		has been enabled or disabled at the info log level.

 DIAGNOSTICS
      The following diagnostics are returned by the Internet daemon before



 Hewlett-Packard Company	    - 2 -   HP-UX Release 11i: November 2000






 inetd(1M)							   inetd(1M)




      it disconnects from the terminal.

	   An inetd is already running

		An attempt was made to start an Internet daemon when one was
		already running.  It is incorrect to call the Internet
		daemon a second time without the -c, -k, or -l option.

	   There is no inetd running

		An attempt was made to reconfigure an Internet daemon when
		none was running.

	   Inetd not found

		This message occurs if inetd is called with -c and another
		Internet daemon is running but cannot be reconfigured.	This
		occurs if the original Internet daemon died without removing
		its semaphore.

		Next step: Use the inetd -k command to remove the semaphore
		left by the previous Internet daemon; then restart the
		daemon.

      The following diagnostics are logged to the syslogd daemon facility.
      Unless otherwise indicated, messages are logged at the error log
      level.

	   /etc/inetd.conf: Unusable configuration file

		The Internet daemon is unable to access the configuration
		file /etc/inetd.conf.  The error message preceding this one
		specifies the reason for the failure.

	   /etc/inetd.conf: line number: error

		There is an error on the specified line in /etc/inetd.conf.
		The line in the configuration file is skipped.	This error
		does not stop the Internet daemon from reading the rest of
		the file and configuring itself accordingly.

		Next step: Fix the line with the error and reconfigure the
		Internet daemon by executing the inetd -c command.

	   system_call: message

		system_call failed.  See the corresponding manual entry for
		a description of system_call.  The reason for the failure is
		explained in message.





 Hewlett-Packard Company	    - 3 -   HP-UX Release 11i: November 2000






 inetd(1M)							   inetd(1M)




	   Cannot configure inetd

		None of the services/servers listed in the configuration
		file could be set up properly, due to configuration file
		errors.

	   Too many services (max n)

		The number of active services listed in the configuration
		file exceeds the "hard" limit that can be supported by the
		system (see setrlimit(2)).

		Next step: Reduce the number of services listed in the
		configuration file, then reconfigure the Internet daemon by
		running the command inetd -c.

	   file: \ found before end of line line

		file can be either inetd.conf or inetd.sec.  If a backslash
		is not immediately followed by an end of line, it is ignored
		and the information up to the end of line is accepted.	In
		this case, the next line of the file is not appended to the
		end of the current line.  Unless all the information
		required is present on a single line, configuration file
		error messages are also output.	 This message is logged at
		the warning log level.

	   service/protocol: Unknown service

		The call to the library routine getservbyname (see
		getservent(3N)) failed.	 The service is not listed in
		/etc/services.

		Next step: Include that service in /etc/services or
		eliminate the entry for the service in /etc/inetd.conf.

	   service/protocol: Server failing (looping), service terminated.

		When inetd tries to start 40 servers within 60 seconds for a
		datagram service, other than bootp, rpc, or tftp, it assumes
		that the server is failing to handle the connection.  To
		avoid entering a potentially infinite loop, inetd issues
		this message, discards the packet requesting the socket
		connection, and refuses further connections for this
		service.  After 10 minutes, inetd tries to reinstate the
		service, and once again accepts connections for the service.

	   service/protocol: socket: message
	   service/protocol: listen: message
	   service/protocol: getsockname: message




 Hewlett-Packard Company	    - 4 -   HP-UX Release 11i: November 2000






 inetd(1M)							   inetd(1M)




		Any one of the three errors above makes the service
		unusable.  For another host to communicate with the server
		host through this service, the Internet daemon needs to be
		reconfigured after any of these error messages.

	   service/protocol: bind: message

		If this error occurs, the service is temporarily unusable.
		After 10 minutes, inetd tries again to make the service
		usable by binding to the Internet socket for the service.

	   service/protocol: Access denied to remote_host (address)

		The remote host failed to pass the security test for the
		indicated service.  This information can be useful when
		trying to determine if someone is repeatedly trying to
		access your system from a particular remote system (in other
		words, trying to break into your system).  This message is
		logged at the warning log level.

	   service/protocol: Connection from remote_host (address)

		When connection logging is enabled, this message indicates a
		successful connection attempt to the specified service.
		This message is logged at the notice log level.

	   service/protocol: Added service, server executable

		Keeps track of the services added when reconfiguring the
		Internet daemon.  This message is logged at the info log
		level.

	   service/protocol: New list

		Lists the new user IDs, servers or executables used for the
		service when reconfiguring the Internet daemon.	 This
		message is logged at the info log level.

	   service/protocol: Deleted service

		Keeps track of the services deleted when reconfiguring the
		Internet daemon.  This message is logged at the info log
		level.

    Security File (inetd.sec) Errors
      The following errors, prefixed by /var/adm/inetd.sec:, are related to
      the security file inetd.sec:

	   Field contains other characters in addition to * for service





 Hewlett-Packard Company	    - 5 -   HP-UX Release 11i: November 2000






 inetd(1M)							   inetd(1M)




		For example, field 2 of the Internet address 10.5*.8.7 is
		incorrect.

	   Missing low value in range for service

		For example, field 2 of the Internet address 10.-5.8.7 is
		incorrect.

	   Missing high value in range for service

		For example, field 2 of the Internet address 10.5-.8.7 is
		incorrect.

	   High value in range is lower than low value for service

		For example, field 2 of the Internet address 10.5-3.8.7 is
		incorrect.

	   allow/deny field does not have a valid entry for service

		The entry in the allow/deny field is not one of the keywords
		allow or deny.	No security for this service is implemented
		by inetd since the line in the security file is ignored.
		This message is logged at the warning log level.

    RPC Related Errors for NFS Users
      These errors are specific to RPC-based servers:

	   /etc/inetd.conf: line number: Missing program number
	   /etc/inetd.conf: line number: Missing version number

		Error on the specified line of /etc/inetd.conf.	 The program
		or version number for an RPC service is missing.  This error
		does not stop the Internet daemon from reading the rest of
		the file and configuring itself accordingly.  However, the
		service corresponding to the error message will not be
		configured correctly.

		Next step: Fix the line with the error, then reconfigure the
		Internet daemon by executing the inetd -c command.

	   /etc/inetd.conf: line number: Invalid program number

		Error on the specified line of /etc/inetd.conf.	 The program
		number for an RPC service is not a number.  This error does
		not stop the Internet daemon from reading the rest of the
		file and configuring itself accordingly.  However, the
		service corresponding to the error message will not be
		correctly configured.





 Hewlett-Packard Company	    - 6 -   HP-UX Release 11i: November 2000






 inetd(1M)							   inetd(1M)




		Next step: Fix the line with the error, then reconfigure the
		Internet daemon by executing the inetd -c command.

 AUTHOR
      inetd was developed by HP and the University of California, Berkeley.

      NFS was developed by Sun Microsystems, Inc.

 FILES
      /etc/inetd.conf		    List of Internet server processes.
      /var/adm/inetd.sec	    Optional security file.

 SEE ALSO
      umask(1), portmap(1M), syslogd(1M), getservent(3N), inetd.conf(4),
      inetd.sec(4), protocols(4), services(4), environ(5).







































 Hewlett-Packard Company	    - 7 -   HP-UX Release 11i: November 2000