INETD(1M) — Series 300 and 800 Only
NAME
inetd - Internet services daemon
SYNOPSIS
/etc/inetd [-l [logfile]]
/etc/inetd [-c]
/etc/inetd [-k]
DESCRIPTION
Inetd is the internet super-server which invokes internet server processes as needed. It needs to be running for other hosts to connect to the local host through rcp, remsh, rlogin, ftp and telnet. Inetd also supports services based on the Remote Procedure Call (RPC) protocol (NFS), like mountd and ruserd. If RPC servers are started by the inetd, portmap(1M) must be started before inetd.
Inetd must be started by the super-user.
Inetd allows one daemon to invoke many servers, reducing load on the system. It is normally started at system boot time. Only one inetd can run at any one time.
Inetd listens for connections on internet sockets. When it finds a connection on one of its sockets, it decides which service the socket corresponds to; then it forks and invokes a server for the connection. It then continues to listen on the socket (except in some cases which are described below). Inetd passes the connection to the server as stdin and stdout.
The internet daemon and the servers started by it inherit the original environment of the process that started the inetd. For example, if inetd is started by the super-user, it inherits the super-user’s umask and passes that umask to the servers it starts.
When it is invoked, inetd reads /etc/inetd.conf and configures itself to support whatever services are included in that file; see inetd.conf(4). Inetd also performs a security check if the file /usr/adm/inetd.sec exists; see inetd.sec(4). If the internet daemon refuses a connection for security reasons, the connection is shut down. Most RPC-based services, if their first connection is refused, will attempt to connect four more times at 5-second intervals before timing out. In those cases, inetd will refuse the connection from the same service invocation five times. This will be visible in inetd’s log file if logging is enabled.
The following options may be used with inetd(1M):
−c Reconfigure the internet daemon; in other words, force inetd to re-read /etc/inetd.conf. This option is equivalent to sending a SIGHUP to the internet daemon that is currently running. If an internet daemon is not running, the command returns with an error message. Any configuration errors that might occur during the reconfiguration will not be printed to the terminal. If logging is enabled they will be sent to the log file.
−l [logfile] When this option is used the internet daemon keeps a log file. If no logfile is specified, the file used is /usr/adm/inetd.log. The internet daemon logs attempted connections to services. It also logs connection attempts which fail the security check. This information can be useful when trying to determine if someone is repeatedly trying to access your system from a particular remote system (in other words, trying to break into your system). The log file also contains information about the services that inetd supports and any changes caused by reconfiguration. The −l option cannot be started after the internet daemon is already running; inetd must be killed and restarted.
−k Kill the current inetd. This option is equivalent to sending a SIGTERM to the internet daemon that is currently running. This option is the preferred method of killing inetd.
DIAGNOSTICS
The diagnostics returned by the internet daemon before it disconnects from the terminal are:
Configuration file:... Unable to configure inetd
The internet daemon is unable to access the configuration file /etc/inetd.conf. The error message included specifies the reason for the failure.
Configuration file format error, line <number>, field <number>
Error on the specified line and field of /etc/inetd.conf. This error does not stop the internet daemon from reading the rest of the file and configuring itself accordingly.
Next step: Fix the line with the error and reconfigure the internet daemon by executing the command “inetd -c”.
protocol/name: Unknown service
The call to the library routine getservbyname (see getservent(3N)) failed. The service is not listed in /etc/services.
Unsupported socket type for <service> on line <number>
The type of socket defined in the configuration file for the service/server connection is not supported. The line for that service in the configuration file is skipped. This error message can also appear in the log file.
Unsupported protocol type for <service> on line <number>
The protocol type defined in the configuration file for the service/server connection is not supported. The line for that service in the configuration file is skipped. This error message can also appear in the log file.
<system call>: ...
The system call failed; see the corresponding manual entry for a description of the system call. The reason for the failure is explained in the error message appended to the system call name.
Unusable configuration file
None of the services/servers listed in the configuration file could be set up properly, due to configuration file errors.
An inetd is already running
An attempt is made to start an internet daemon when one is already running. It is correct to call the internet daemon a second time with the options −c or −k.
There is no inetd running
An attempt was made to reconfigure an internet daemon when none was running.
Inetd not found
The internet daemon displays this message if it is called with −c and it finds another internet daemon but cannot reconfigure it. This occurs if the original internet daemon died without removing its semaphore.
Next step: Do an “inetd -k” to remove the semaphore left over from the previous internet daemon, and restart the internet daemon.
Unable to close semaphore <semaphore number>
The semaphore needs to be removed by hand; see ipcs(1) and ipcrm(1). This error message can also appear in the log file.
Log File Error Messages
The messages written to the log file are the following:
Too many remote services running
The maximum number of remote services allowed to access the server system simultaneously has been exceeded.
Next step: Consider increasing the number of simultaneous remote services allowed; see inetd.conf(4).
protocol/service: Unknown service
Unable to find service in /etc/services.
Next step: Include that service in /etc/services or eliminate the entry for the service server in /etc/inetd.conf.
Warning: \ found before end of line <line> in <file>
The file can be either inetd.conf or inetd.sec. If a backslash is not immediately followed by an end of line, it is ignored and the information included until the end of line is used. In this case the next line of the file is not appended to the end of the current line. Unless all the information required is present on a single line, configuration file error messages are also output.
Error selecting: ...
The service request being processed is not successful.
Error accepting call to server <server>
The service that calls that specific server won’t be successful.
Remote host <name>(<address>) not allowed for <service> on <date>
The remote host failed to pass the security test. This information can be useful when trying to determine if someone is repeatedly trying to access your system from a particular remote system (in other words, trying to break into your system).
Connect to <server> from <remote host> (<address>) <date>
Keeps a log of all the remote connections to your system.
Error trying to execute <server>: ...
The internet daemon cannot execute the server. The remote service that attempted the connection to your system does not complete the connection.
Service: <service name> Executable: <server>
Creates a list of services at configuration time that can be connected through the internet daemon and the servers that they use.
New .... for <service>
Lists the new user ids, servers or executables used for the servers when reconfiguring the internet daemon.
Deleted service <service>, protocol <protocol>
Keeps track of the services deleted when reconfiguring the internet daemon.
Added service <service>, executable <server>
Keeps track of the services added when reconfiguring the internet daemon.
Unable to create socket for <service>: ...
Unable to bind socket for <service>: ...
Unable to listen at socket for <service>: ...
Any one of the three errors above makes the service unusable. For another host to communicate with the server host through this service, the internet daemon needs to be reconfigured after any of these error messages.
Security File (inetd.sec) Errors
Certain errors are related to the security file inetd.sec. If the −l option is specified they are written to the log file. They are the following:
Field contains other characters in addition to ∗ for <service>
For example, field 2 of the internet address 10.5∗.8.7 is incorrect.
Missing low value in range for <service>
For example, field 2 of the internet address 10.-5.8.7 is incorrect.
Missing high value in range for <service>
For example, field 2 of the internet address 10.5-.8.7 is incorrect.
High value in range is lower than low value for <service>
For example, field 2 of the internet address 10.5-3.8.7 is incorrect.
Stat call on security file failed: ...
Until this is fixed, no remote service is allowed to execute on the local system. The cause of the problem is specified by the error message following this message.
Fopen of security file failed: ...
Until this is fixed, no remote service is allowed to execute on the local system. The cause of the problem is specified by the error message following this message.
Warning: no list of hosts or networks for <service>
A list of hosts and networks allowed or denied is required following the allow/deny field in the security file. No security for this service is implemented by inetd.
Warning: allow/deny field does not have a valid entry for <service>
The entry in the allow/deny field is not one of the keywords “allow” or “deny”. No security for this service is implemented by inetd since the line in the security file is ignored.
RPC Related Errors for NFS Users Only
These errors are specific to RPC-based servers.
Configuration file format error, line <number>, missing program number
Configuration file format error, line <number>, missing version number
Error on the specified line of /etc/inetd.conf. The program or version number for an RPC service is missing. This error does not stop the internet daemon from reading the rest of the file and configuring itself accordingly. However, the service corresponding to the error message will not be correctly configured.
Next step: Fix the line with the error and then reconfigure the internet daemon by executing the command “inetd -c”.
Configuration file format error, line <number>, incorrect program number
Error on the specified line of /etc/inetd.conf. The program number for an RPC service is not a number. This error does not stop the internet daemon from reading the rest of the file and configuring itself accordingly. However, the service corresponding to the error message will not be correctly configured.
Next step: Fix the line with the error and then reconfigure the internet daemon by executing the command “inetd -c”.
Unable to get socket address for <server>: <error message>
Service not usable.
Some error has occurred which makes it impossible to use the service.
Next step: Reconfigure the internet daemon.
DEPENDENCIES
Implemented on the Series 300 and 800 only.
AUTHOR
HP and UCB (University of California at Berkeley)
NFS was developed by Sun Microsystems, Inc.
FILES
/etc/inetd.conf list of internet server processes.
/usr/adm/inetd.sec optional security file.
/usr/adm/inetd.log default log file for the −l option.
SEE ALSO
ipcrm(1), ipcs(1), portmap(1m), inetd.conf(4), inetd.sec(4), protocols(4), services(4).
INTERNATIONAL SUPPORT
8-bit data and file names, messages.
Hewlett-Packard Company — May 11, 2021