diff options
Diffstat (limited to 'source/n/inetd')
-rw-r--r-- | source/n/inetd/README | 128 | ||||
-rw-r--r-- | source/n/inetd/doinst.sh | 29 | ||||
-rwxr-xr-x | source/n/inetd/inetd.SlackBuild | 39 | ||||
-rw-r--r-- | source/n/inetd/inetd.conf | 106 | ||||
-rw-r--r-- | source/n/inetd/rc.inetd | 36 | ||||
-rw-r--r-- | source/n/inetd/slack-desc | 10 |
6 files changed, 329 insertions, 19 deletions
diff --git a/source/n/inetd/README b/source/n/inetd/README new file mode 100644 index 00000000..546e1c06 --- /dev/null +++ b/source/n/inetd/README @@ -0,0 +1,128 @@ +/* $Slackware: inetd.c 1.79s 2001/02/06 13:18:00 volkerdi Exp $ */ +/* $OpenBSD: inetd.c,v 1.79 2001/01/30 08:30:57 deraadt Exp $ */ +/* $NetBSD: inetd.c,v 1.11 1996/02/22 11:14:41 mycroft Exp $ */ +/* + * Copyright (c) 1983,1991 The Regents of the University of California. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * Inetd - Internet super-server + * + * This program invokes all internet services as needed. + * connection-oriented services are invoked each time a + * connection is made, by creating a process. This process + * is passed the connection as file descriptor 0 and is + * expected to do a getpeername to find out the source host + * and port. + * + * Datagram oriented services are invoked when a datagram + * arrives; a process is created and passed a pending message + * on file descriptor 0. Datagram servers may either connect + * to their peer, freeing up the original socket for inetd + * to receive further messages on, or ``take over the socket'', + * processing all arriving datagrams and, eventually, timing + * out. The first type of server is said to be ``multi-threaded''; + * the second type of server ``single-threaded''. + * + * Inetd uses a configuration file which is read at startup + * and, possibly, at some later time in response to a hangup signal. + * The configuration file is ``free format'' with fields given in the + * order shown below. Continuation lines for an entry must begin with + * a space or tab. All fields must be present in each entry. + * + * service name must be in /etc/services + * socket type stream/dgram/raw/rdm/seqpacket + * protocol must be in /etc/protocols + * wait/nowait[.max] single-threaded/multi-threaded, max # + * user[.group] or user[:group] user/group to run daemon as + * server program full path name + * server program arguments maximum of MAXARGS (20) + * + * For RPC services + * service name/version must be in /etc/rpc + * socket type stream/dgram/raw/rdm/seqpacket + * protocol must be in /etc/protocols + * wait/nowait[.max] single-threaded/multi-threaded + * user[.group] or user[:group] user to run daemon as + * server program full path name + * server program arguments maximum of MAXARGS (20) + * + * For non-RPC services, the "service name" can be of the form + * hostaddress:servicename, in which case the hostaddress is used + * as the host portion of the address to listen on. If hostaddress + * consists of a single `*' character, INADDR_ANY is used. + * + * A line can also consist of just + * hostaddress: + * where hostaddress is as in the preceding paragraph. Such a line must + * have no further fields; the specified hostaddress is remembered and + * used for all further lines that have no hostaddress specified, + * until the next such line (or EOF). (This is why * is provided to + * allow explicit specification of INADDR_ANY.) A line + * *: + * is implicitly in effect at the beginning of the file. + * + * The hostaddress specifier may (and often will) contain dots; + * the service name must not. + * + * For RPC services, host-address specifiers are accepted and will + * work to some extent; however, because of limitations in the + * portmapper interface, it will not work to try to give more than + * one line for any given RPC service, even if the host-address + * specifiers are different. + * + * Comment lines are indicated by a `#' in column 1. + */ + +/* + * Here's the scoop concerning the user[.:]group feature: + * + * 1) set-group-option off. + * + * a) user = root: NO setuid() or setgid() is done + * + * b) other: setgid(primary group as found in passwd) + * initgroups(name, primary group) + * setuid() + * + * 2) set-group-option on. + * + * a) user = root: setgid(specified group) + * NO initgroups() + * NO setuid() + * + * b) other: setgid(specified group) + * initgroups(name, specified group) + * setuid() + * + */ + diff --git a/source/n/inetd/doinst.sh b/source/n/inetd/doinst.sh new file mode 100644 index 00000000..472958d9 --- /dev/null +++ b/source/n/inetd/doinst.sh @@ -0,0 +1,29 @@ +#!/bin/sh + +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +preserve_perms() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + if [ -e $OLD ]; then + cp -a $OLD ${NEW}.incoming + cat $NEW > ${NEW}.incoming + mv ${NEW}.incoming $NEW + fi + config $NEW +} + +preserve_perms etc/rc.d/rc.inetd.new +config etc/inetd.conf.new + diff --git a/source/n/inetd/inetd.SlackBuild b/source/n/inetd/inetd.SlackBuild index e2186401..27978bf5 100755 --- a/source/n/inetd/inetd.SlackBuild +++ b/source/n/inetd/inetd.SlackBuild @@ -1,6 +1,6 @@ -#!/bin/sh +#!/bin/bash -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2017, 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,8 +20,11 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=inetd VERSION=1.79s -BUILD=${BUILD:-9} +BUILD=${BUILD:-11} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -33,17 +36,20 @@ if [ -z "$ARCH" ]; then esac fi -CWD=$(pwd) +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + TMP=${TMP:-/tmp} PKG=$TMP/package-inetd rm -rf $PKG mkdir -p $TMP $PKG -# Explode the package framework: -cd $PKG -explodepkg $CWD/_inetd.tar.gz - echo "+====================+" echo "| inetd-OpenBSD-1.79 |" echo "+====================+" @@ -63,18 +69,23 @@ zcat $CWD/fix-x86_64-daytime-segfault.diff.gz | patch -p1 || exit 1 make || exit 1 strip inetd +mkdir -p $PKG/usr/sbin cat inetd > $PKG/usr/sbin/inetd +chmod 755 $PKG/usr/sbin/inetd +mkdir -p $PKG/usr/man/man8 cat inetd.8 | gzip -9c > $PKG/usr/man/man8/inetd.8.gz +mkdir -p $PKG/etc/rc.d +cat $CWD/rc.inetd > $PKG/etc/rc.d/rc.inetd.new +cat $CWD/inetd.conf > $PKG/etc/inetd.conf.new +mkdir -p $PKG/usr/doc/inetd-1.79s +cp -a $CWD/README $PKG/usr/doc/inetd-1.79s +chown root:root $PKG/usr/doc/inetd-1.79s/README +chmod 644 $PKG/usr/doc/inetd-1.79s/README mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh cat $CWD/slack-desc > $PKG/install/slack-desc # Build the package: cd $PKG /sbin/makepkg -l y -c n $TMP/inetd-$VERSION-$ARCH-$BUILD.txz - -# Clean up the extra stuff: -if [ "$1" = "--cleanup" ]; then - rm -rf $TMP/inetd - rm -rf $PKG -fi diff --git a/source/n/inetd/inetd.conf b/source/n/inetd/inetd.conf new file mode 100644 index 00000000..a238a10a --- /dev/null +++ b/source/n/inetd/inetd.conf @@ -0,0 +1,106 @@ +# See "man 8 inetd" for more information. +# +# If you make changes to this file, either reboot your machine or send the +# inetd a HUP signal: +# Do a "ps x" as root and look up the pid of inetd. Then do a +# "kill -HUP <pid of inetd>". +# The inetd will re-read this file whenever it gets that signal. +# +# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args> +# +# The first 4 services are really only used for debugging purposes, so +# we comment them out since they can otherwise be used for some nasty +# denial-of-service attacks. If you need them, uncomment them. +# echo stream tcp nowait root internal +# echo dgram udp wait root internal +# discard stream tcp nowait root internal +# discard dgram udp wait root internal +# daytime stream tcp nowait root internal +# daytime dgram udp wait root internal +# chargen stream tcp nowait root internal +# chargen dgram udp wait root internal +# time stream tcp nowait root internal +# time dgram udp wait root internal +# +# These are standard services: +# +# Very Secure File Transfer Protocol (FTP) server. +# ftp stream tcp nowait root /usr/sbin/tcpd vsftpd +# +# Professional File Transfer Protocol (FTP) server. +# ftp stream tcp nowait root /usr/sbin/tcpd proftpd +# +# Telnet server: +# telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd +# +# The comsat daemon notifies the user of new mail when biff is set to y: +# comsat dgram udp wait root /usr/sbin/tcpd in.comsat +# +# Shell, login, exec and talk are BSD protocols +# +# shell stream tcp nowait root /usr/sbin/tcpd in.rshd -L +# login stream tcp nowait root /usr/sbin/tcpd in.rlogind +# exec stream tcp nowait root /usr/sbin/tcpd in.rexecd +# talk dgram udp wait root /usr/sbin/tcpd in.talkd +# ntalk dgram udp wait root /usr/sbin/tcpd in.talkd +# +# To use the talk daemons from KDE, comment the talk and ntalk lines above +# and uncomment the ones below: +# talk dgram udp wait root /usr/sbin/tcpd /usr/bin/kotalkd +# ntalk dgram udp wait root /usr/sbin/tcpd /usr/bin/ktalkd +# +# Kerberos authenticated services +# +# klogin stream tcp nowait root /usr/sbin/tcpd rlogind -k +# eklogin stream tcp nowait root /usr/sbin/tcpd rlogind -k -x +# kshell stream tcp nowait root /usr/sbin/tcpd rshd -k +# +# Services run ONLY on the Kerberos server +# +# krbupdate stream tcp nowait root /usr/sbin/tcpd registerd +# kpasswd stream tcp nowait root /usr/sbin/tcpd kpasswdd +# +# POP and IMAP mail servers +# +# Post Office Protocol version 3 (POP3) server: +# pop3 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/popa3d +# Internet Message Access Protocol (IMAP) server: +# imap2 stream tcp nowait root /usr/sbin/tcpd imapd +# +# The Internet Unix to Unix copy (UUCP) service: +# uucp stream tcp nowait uucp /usr/sbin/tcpd /usr/lib/uucp/uucico -l +# +# Tftp service is provided primarily for booting. Most sites +# run this only on machines acting as "boot servers." +# tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot -r blksize +# +# Internet Bootstrap Protocol (BOOTP) server: +# bootps dgram udp wait root /usr/sbin/bootpd bootpd +# +# Finger, systat and netstat give out user information which may be +# valuable to potential "system crackers." Many sites choose to disable +# some or all of these services to improve security. +# Try "telnet localhost systat" and "telnet localhost netstat" to see that +# information yourself! +# finger stream tcp nowait nobody /usr/sbin/tcpd in.fingerd -u +# systat stream tcp nowait nobody /usr/sbin/tcpd /bin/ps -auwwx +# netstat stream tcp nowait root /usr/sbin/tcpd /bin/netstat -a +# +# Ident service is used for net authentication +# auth stream tcp wait root /usr/sbin/in.identd in.identd +# +# These are to start Samba, an smb server that can export filesystems to +# Pathworks, Lanmanager for DOS, Windows for Workgroups, Windows95, Lanmanager +# for Windows, Lanmanager for OS/2, Windows NT, etc. +# If you're running smbd and nmbd as daemons in /etc/rc.d/rc.samba, then you +# shouldn't uncomment these lines. +# netbios-ssn stream tcp nowait root /usr/sbin/smbd smbd +# netbios-ns dgram udp wait root /usr/sbin/nmbd nmbd +# +# Sun-RPC based services. +# <service name/version><sock_type><rpc/prot><flags><user><server><args> +# rstatd/1-3 dgram rpc/udp wait root /usr/sbin/tcpd rpc.rstatd +# rusersd/2-3 dgram rpc/udp wait root /usr/sbin/tcpd rpc.rusersd +# walld/1 dgram rpc/udp wait root /usr/sbin/tcpd rpc.rwalld +# +# End of inetd.conf. diff --git a/source/n/inetd/rc.inetd b/source/n/inetd/rc.inetd new file mode 100644 index 00000000..9fe14197 --- /dev/null +++ b/source/n/inetd/rc.inetd @@ -0,0 +1,36 @@ +#!/bin/sh +# Start/stop/restart inetd, the BSD Internet super-daemon. + +# Start inetd: +inetd_start() { + if [ -x /usr/sbin/inetd ]; then + echo "Starting Internet super-server daemon: /usr/sbin/inetd" + /usr/sbin/inetd + fi +} + +# Stop inetd: +inetd_stop() { + killall inetd +} + +# Restart inetd: +inetd_restart() { + inetd_stop + sleep 1 + inetd_start +} + +case "$1" in +'start') + inetd_start + ;; +'stop') + inetd_stop + ;; +'restart') + inetd_restart + ;; +*) + echo "usage $0 start|stop|restart" +esac diff --git a/source/n/inetd/slack-desc b/source/n/inetd/slack-desc index 7f5c15c5..aa8a10c9 100644 --- a/source/n/inetd/slack-desc +++ b/source/n/inetd/slack-desc @@ -1,17 +1,17 @@ # HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line +# The "handy ruler" below makes it easier to edit a package description. Line # up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also # customary to leave one space after the ':'. |-----handy-ruler------------------------------------------------------| inetd: inetd (Internet super-server) inetd: inetd: This is a program to listen for connections on certain Internet -inetd: sockets and invokes a program to service the request. Essentially, +inetd: sockets and invokes a program to service the request. Essentially, inetd: inetd allows running one daemon to invoke several others, reducing -inetd: load on the system. Many of the network services are run through +inetd: load on the system. Many of the network services are run through inetd: inetd, so you'll probably need it. inetd: inetd: This version of inetd was ported from OpenBSD. |