From owner-dev-commits-src-all@freebsd.org Fri Feb 26 19:07:24 2021 Return-Path: Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8C13454B578; Fri, 26 Feb 2021 19:07:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DnK0X3XBRz4l22; Fri, 26 Feb 2021 19:07:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6BA047F4C; Fri, 26 Feb 2021 19:07:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 11QJ7OKp039196; Fri, 26 Feb 2021 19:07:24 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 11QJ7Oaq039195; Fri, 26 Feb 2021 19:07:24 GMT (envelope-from git) Date: Fri, 26 Feb 2021 19:07:24 GMT Message-Id: <202102261907.11QJ7Oaq039195@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Daniel Ebdrup Jensen Subject: git: bc3bba70d834 - main - inetd: Add examples from manual page and other sources MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: debdrup X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: bc3bba70d834c169475302334b192bc90c17521e Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Feb 2021 19:07:24 -0000 The branch main has been updated by debdrup (doc committer): URL: https://cgit.FreeBSD.org/src/commit/?id=bc3bba70d834c169475302334b192bc90c17521e commit bc3bba70d834c169475302334b192bc90c17521e Author: Daniel Ebdrup Jensen AuthorDate: 2021-02-26 19:05:46 +0000 Commit: Daniel Ebdrup Jensen CommitDate: 2021-02-26 19:07:03 +0000 inetd: Add examples from manual page and other sources The manual page lists a bunch of examples, some of which already exist in this file. Since it's both easier to remember when all examples are listed in the same location, move examples so they get installed into /etc/inetd.conf This also means users won't have to copy-paste, but can simply uncomment one or more services to use them. As such, it also becomes necessary to remove the examples from the manual page, so instead add a note explaining where the previous examples as well as others may be found. Cross-references, including to ports, have also been added where applicable. The rsync example has lived in the bug tracker for too long, considering how useful it can situationally be, for example when backup jobs on client devices are run through periodic(8) weekly. The microsoft-ds entry is necessary for Windows 10 compatibility (this can be confirmed with packet capturing, as it is not readily documented at time of writing). While here, remove two examples for which compatible daemons could not be found in ports. Submitted by: David Yeske (in part, prev ver) PR: 122037 Reviewed by: kevans, brueffer, lwhsu, yuripv Differential Revision: https://reviews.freebsd.org/D28882 --- usr.sbin/inetd/inetd.8 | 88 +++++++++++++++++++++++++++++------------------ usr.sbin/inetd/inetd.conf | 42 ++++++++++++++++------ 2 files changed, 87 insertions(+), 43 deletions(-) diff --git a/usr.sbin/inetd/inetd.8 b/usr.sbin/inetd/inetd.8 index ed784564ace7..864ca2374a14 100644 --- a/usr.sbin/inetd/inetd.8 +++ b/usr.sbin/inetd/inetd.8 @@ -28,7 +28,7 @@ .\" from: @(#)inetd.8 8.3 (Berkeley) 4/13/94 .\" $FreeBSD$ .\" -.Dd May 14, 2020 +.Dd February 24, 2021 .Dt INETD 8 .Os .Sh NAME @@ -791,36 +791,46 @@ the pid of the currently running .Nm .El .Sh "EXAMPLES" -Here are several example service entries for the various types of services: -.Bd -literal -# The first four launch the relevant daemon when a connection on a port -# as defined by /etc/services is opened. -ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l -ntalk dgram udp wait root /usr/libexec/ntalkd ntalkd -telnet stream tcp6 nowait root /usr/libexec/telnetd telnetd -shell stream tcp46 nowait root /usr/libexec/rshd rshd - -# Let the system respond to date requests via tcpmux -tcpmux/+date stream tcp nowait guest /bin/date date - -# Let people access the system phonebook via tcpmux -tcpmux/phonebook stream tcp nowait guest /usr/local/bin/phonebook phonebook - -# Make kernel statistics accessible -rstatd/1-3 dgram rpc/udp wait root /usr/libexec/rpc.rstatd rpc.rstatd - -# Use netcat as a one-shot HTTP proxy with nc (from freebsd-tips fortune) -http stream tcp nowait nobody /usr/bin/nc nc -N dest-ip 80 - -# Set up a unix socket at /var/run/echo that echo's back whatever is written -# to it. -/var/run/echo stream unix nowait root internal - -# Run chargen for IPsec Authentication Headers -#@ ipsec ah/require -chargen stream tcp nowait root internal -#@ -.Ed +Examples for a variety of services are available in +.Pa /etc/inetd.conf . +.Pp +It includes examples for +.Nm bootpd , +.Nm comsat , +.Nm cvs , +.Nm date, +.Nm fingerd , +.Nm ftpd , +.Nm imapd , +.Nm nc , +.Nm nmbd , +.Nm nntpd , +.Nm rlogind , +.Nm rpc.rquotad , +.Nm rpc.rusersd , +.Nm rpc.rwalld , +.Nm rpc.statd , +.Nm rpc.sprayd , +.Nm rshd , +.Nm prometheus_sysctl_exporter , +.Nm smtpd , +.Nm smbd , +.Nm swat +.Nm talkd , +.Nm telnetd , +.Nm tftpd , +.Nm uucpd . +.Pp +The internal services provided by +.Nm +for daytime, time, echo, discard and chargen are also +included, as well as chargen for +.Nm ipsec +Authentication Headers +.Pp +Examples for handling auth requests via +.Nm identd , +are similarily included. .Sh "ERROR MESSAGES" The .Nm @@ -930,8 +940,11 @@ in the database. .El .Sh SEE ALSO +.Xr cvs 1 Pq Pa ports/devel/opencvs , +.Xr date 1 , .Xr nc 1 , .Xr ipsec_set_policy 3 , +.Xr ipsec 4 , .Xr hosts_access 5 , .Xr hosts_options 5 , .Xr login.conf 5 , @@ -939,15 +952,24 @@ database. .Xr passwd 5 , .Xr rpc 5 , .Xr services 5 , +.Xr bootpd 8 , .Xr comsat 8 , .Xr fingerd 8 , .Xr ftpd 8 , +.Xr imapd 8 Pq Pa ports/mail/courier-imap , +.Xr nmbd 8 Pq Pa ports/net/samba412 , .Xr rlogind 8 , -.Xr rpcbind 8 , +.Xr rpc.rquotad 8 , +.Xr rpc.rusersd 8 , +.Xr rpc.rwalld 8 , +.Xr rpc.statd 8 , .Xr rshd 8 , +.Xr prometheus_sysctl_exporter 8 , +.Xr smbd 8 Pq Pa ports/net/samba412 , .Xr talkd 8 , .Xr telnetd 8 , -.Xr tftpd 8 +.Xr tftpd 8 , +.Xr uucpd 8 Pq Pa ports/net/freebsd-uucp .Rs .%A Michael C. St. Johns .%T Identification Protocol diff --git a/usr.sbin/inetd/inetd.conf b/usr.sbin/inetd/inetd.conf index 65a3507a6dc2..7f5f6783a038 100644 --- a/usr.sbin/inetd/inetd.conf +++ b/usr.sbin/inetd/inetd.conf @@ -66,15 +66,10 @@ #rstatd/1-3 dgram rpc/udp wait root /usr/libexec/rpc.rstatd rpc.rstatd #rusersd/1-2 dgram rpc/udp wait root /usr/libexec/rpc.rusersd rpc.rusersd #walld/1 dgram rpc/udp wait root /usr/libexec/rpc.rwalld rpc.rwalld -#pcnfsd/1-2 dgram rpc/udp wait root /usr/local/libexec/rpc.pcnfsd rpc.pcnfsd #rquotad/1 dgram rpc/udp wait root /usr/libexec/rpc.rquotad rpc.rquotad #rquotad/1 dgram rpc/udp6 wait root /usr/libexec/rpc.rquotad rpc.rquotad #sprayd/1 dgram rpc/udp wait root /usr/libexec/rpc.sprayd rpc.sprayd # -# example entry for the optional pop3 server -# -#pop3 stream tcp nowait root /usr/local/libexec/popper popper -# # example entry for the optional imap4 server # #imap4 stream tcp nowait root /usr/local/libexec/imapd imapd @@ -110,14 +105,41 @@ # #smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env tcp-env /var/qmail/bin/qmail-smtpd # -# Enable the following two entries to enable samba startup from inetd -# (from the Samba documentation). Enable the third entry to enable the swat -# samba configuration tool. +# Example entry for Samba sharing for the SMB protocol # -#netbios-ssn stream tcp nowait root /usr/local/sbin/smbd smbd -#netbios-ns dgram udp wait root /usr/local/sbin/nmbd nmbd +# Enable the first two entries to enable Samba startup from inetd (according to +# the Samba documentation). Enable the third entry only if you have other +# NetBIOS daemons listening on your network. Enable the fourth entry to use +# the swat Samba configuration tool. +#netbios-ssn stream tcp nowait root /usr/local/sbin/smbd smbd +#microsoft-ds stream tcp nowait root /usr/local/sbin/smbd smbd +#netbios-ns dgram udp wait root /usr/local/sbin/nmbd nmbd #swat stream tcp nowait/400 root /usr/local/sbin/swat swat # # Example entry for the Prometheus sysctl metrics exporter # #prom-sysctl stream tcp nowait nobody /usr/sbin/prometheus_sysctl_exporter prometheus_sysctl_exporter -dgh +# +# Example entry for insecure rsync server +# This is best combined with a VTI like if_ipsec(4) or wg(4) +#rsync stream tcp nowait root /usr/local/bin/rsyncd rsyncd --daemon +# +# Let the system respond to date requests via tcpmux +#tcpmux/+date stream tcp nowait guest /bin/date date +# +# Let people access the system phonebook via tcpmux +#tcpmux/phonebook stream tcp nowait guest /usr/local/bin/phonebook phonebook +# +# Make kernel statistics accessible +#rstatd/1-3 dgram rpc/udp wait root /usr/libexec/rpc.rstatd rpc.rstatd +# +# Use netcat as a one-shot HTTP proxy with nc (from freebsd-tips fortune) +#http stream tcp nowait nobody /usr/bin/nc nc -N dest-ip 80 +# +# Set up a unix socket at /var/run/echo that echo's back whatever is written to it. +#/var/run/echo stream unix nowait root internal +# +# Run chargen for IPsec Authentication Headers +#@ ipsec ah/require +#chargen stream tcp nowait root internal +#@