From ede3e5ab83efe86b4257900549b6c84f77c81bf1 Mon Sep 17 00:00:00 2001 From: Ben Gras Date: Mon, 19 Jun 2006 14:51:41 +0000 Subject: [PATCH] Al Woodhull's new manual pages --- man/man1/ftp.1 | 150 ++++++++++++++++++ man/man1/mtools.1 | 116 ++++++++++++++ man/man1/urlget.1 | 68 +++++++++ man/man5/http_status.5 | 72 +++++++++ man/man5/httpd.conf.5 | 334 +++++++++++++++++++++++++++++++++++++++++ man/man8/httpd.8 | 124 +++++++++++++++ man/man8/tcpd.8 | 118 +++++++++++++++ 7 files changed, 982 insertions(+) create mode 100644 man/man1/ftp.1 create mode 100644 man/man1/mtools.1 create mode 100644 man/man1/urlget.1 create mode 100644 man/man5/http_status.5 create mode 100644 man/man5/httpd.conf.5 create mode 100644 man/man8/httpd.8 create mode 100644 man/man8/tcpd.8 diff --git a/man/man1/ftp.1 b/man/man1/ftp.1 new file mode 100644 index 000000000..e47cc0787 --- /dev/null +++ b/man/man1/ftp.1 @@ -0,0 +1,150 @@ +.TH FTP 1 +.SH NAME +ftp \- a File Transfer Protocol client for Minix +.SH SYNOPSIS +.B ftp +.RI [ server_name ] +.SH DESCRIPTION +.B Ftp +is a File Transfer Protocol client for Minix written by Michael Temari. +.P +There are no command line options for +.B ftp +except for the optional server name, which may be either a numeric IP address +or a domain name resolvable by DNS. +.P +If a server name is specified a connection attempt will be made, and you +will be prompted for a user name and password by the remote system. +Following the login (or immediately, if no server name was specified), the +.br +.B ftp> +.br +prompt is displayed. The following commands are accepted at the prompt: +.P +Command: Description +.br +! Escape to a shell +.br +append Append a file to remote host +.br +ascii Set file transfer type to ascii +.br +binary Set file transfer type to binary +.br +block Set file transfer mode to block +.br +bye Close connection and exit +.br +cd Change directory on remote host +.br +close Close connection +.br +clone Clone a file +.br +del Remove file on remote host +.br +dir Display long form remote host directory listing +.br +exit Close connection and exit +.br +get Retrieve a file from remote host +.br +help Display this text +.br +lcd Change directory on local host +.br +ldir Display long form local host directory listing +.br +lls Display local host directory listing +.br +lmkdir Create directory on local host +.br +lpwd Display current directory on local host +.br +lrmdir Remove directory on local host +.br +ls Display remote host directory listing +.br +mget Retrieve multiple files from remote host +.br +mkdir Create directory on remote host +.br +mod Get file modification time +.br +mput Send multiple files to remote host +.br +noop Send the ftp NOOP command +.br +open Open connection to remote host +.br +pass Enter remote user password +.br +passive Toggle passive mode +.br +put Send a file to remote host +.br +putu Send a file to remote host(unique) +.br +pwd Display current directory on remote host +.br +quit Close connection and exit +.br +quote Send raw ftp command to remote host +.br +reget Restart a partial file retrieve from remote host +.br +remotehelp Display ftp commands implemented on remote host +.br +reput Restart a partial file send to remote host +.br +rm Remove file on remote host +.br +rmdir Remove directory on remote host +.br +site Send a site specific command +.br +size Get file size information +.br +status Get connection/file status information +.br +stream Set file transfer mode to stream +.br +system Get remote system type information +.br +user Enter remote user information +.br +ver Display client version information + +.SH "SEE ALSO" +.BR ftpd (8) +.br +.BR ftpget (1) +.br +.SH NOTES +The FTP protocol passes unencrypted usernames and passwords to clients, +so they are potentially exposed to evildoers with network sniffers. So be +wary of using this to exchange files between your own accounts. Obviously +if you have a root account on another system and the remote system will +accept a login as root this is extremely dangerous. (Many ftp servers will +not allow a connection by root). +.P +Text-mode (ASCII) transfers are the default mode, be sure to enter the +"binary" command if you are downloading a program file or a compressed +archive, in fact anything other than a text file from a machine with a +different text-file format than Minix uses. +.P +If you are behind a firewall you probably need to use passive mode to +successfully transfer files. + +.SH BUGS +None are known, but there may be some unknown ones. Version 1.00 corrects +a bug in previous versions that would append a \\r (0xd) character to file +names on the destination when an mget transfer was used in binary mode. + +.SH AUTHOR +The Minix httpd server was created by and is maintained by Michael Temari +. The earliest version was released in 1992, for use +with Michael's TNet networking extensions for Minix 1.5. +.P +Man page compiled by Al Woodhull +.\" updated 2003-12-13 diff --git a/man/man1/mtools.1 b/man/man1/mtools.1 new file mode 100644 index 000000000..0467348c2 --- /dev/null +++ b/man/man1/mtools.1 @@ -0,0 +1,116 @@ +.TH MTOOLS 1 +.SH NAME +mtools \- tools to access FAT file systems +.SH SYNOPSIS +.B mtools +.RB [ \-V ] +.B msdos_command +.RI [ \-msdos_options ] +.RI arguments " ..." +.SH DESCRIPTION +.de SP +.if t .sp 0.4 +.if n .sp +.. +.B Mtools +is a collection of utilities to access MS-DOS (FAT) disks from Unix without +mounting them. It supports the long filenames of Windows NT and Windows 95. +It does not support NTFS disks. +.P +Some versions of mtools for other operating systems provide separate +commands, such as mdir, mcopy, etc., to emulate similar MS-DOS and Windows +command line commands. The version ported to Minix takes the MS-DOS +command (dir, copy, etc.) as its first argument. Supported MS-DOS +commands are: +.B attrib, +.B badblocks, +.B cat, +.B cd, +.B copy, +.B del, +.B deltree, +.B dir, +.B doctorfat, +.B du, +.B format, +.B info, +.B label, +.B md, +.B mkdir, +.B partition, +.B rd, +.B rmdir, +.B read, +.B move, +.B ren, +.B showfat, +.B type, +.B write +.P +The MS-DOS options are the same as for DOS commands, except they are prefaced +with "-" instead of "\\". +.P +Use 'mtools msdos_command -?' for help per command. (This tells you "-?" +is an illegal command, but, as with Unix systems, entering an illegal command +often is the easiest way to find out what are the legal commands.) +.P +Note that a disk argument must be terminate by or separated from a path by +a colon (":"). +If no disk argument is given mtools assumes you meant "/dev/fd0:", the +first floppy disk drive. +.SH OPTIONS +.TP +.B \-V +Show the mtools version and configuration +.SH EXAMPLES +.de EX +.TP 20 +\\fB\\$1\\fR +# \\$2 +.. +.EX "mtools dir" "show directory of MS-DOS floppy in drive A:." +.EX "mtools copy /dev/c0d0p0:file.txt ." "copy file.txt from MS-DOS root directory to current Minix directory." +.SH "SEE ALSO" +.BR dosdir (1). +.BR dosread (1). +.BR doswrite (1). +.SH NOTES +.P +Mtools requires a lot of memory. The default on a Minix 3 installation +is over 10 MB. A default configured mtools would not run on a system +with only 16 MB RAM. You may be able to make do by using chmem to +reduce the memory allocation of mtools. On the 16 MB system mentioned +mtools still works with a reduction of the memory allocation to half +the original value. The amount of memory you need depends upon the +size of the MS-DOS or Windows file systems you want to access. +Typically systems with big disks also have large amounts of memory. If +mtools won't work for you, you may be able to fall back to the old +dosdir, dosread, and doswrite Minix utilities if the FAT file system +you want to access is small enough (the dos* utilities can access FAT16 +partitions up to 256 MB size). +.P +This man page does not attempt to be complete. A lot of information is +available on line. To use mtools well you also need to be familiar with +the options for the corresponding MS-DOS commands. +For more information see the mtools website, http://mtools.linux.lu/. +.P +Mtools-3.9.10 was released on 1 March 2005. The Minix port is of the +earlier Mtools version 3.9.7, dated 1 June 2000. +.P +The Minix port is configured with the following options: disable-xdf +disable-vold disable-new-vold disable-debug disable-raw-term (read the source +to understand what these mean). +.SH BUGS +Yes, bugs may exist, but as this man page is written we don't know of any. +Please report any you find. +.P +As with any program that accesses a foreign file system, reading is probably +safe, but you may want to experiment carefully before using these programs to +write to a Windows system. +.SH AUTHOR +Mtools is maintained by David Niemi and Alain Knaff. +.P +Ported to Minix 2.0.3 by Kees J. Bot . +.P +This man page compiled by Al Woodhull . +.\" rev 2006-06-17 diff --git a/man/man1/urlget.1 b/man/man1/urlget.1 new file mode 100644 index 000000000..ff822b847 --- /dev/null +++ b/man/man1/urlget.1 @@ -0,0 +1,68 @@ +.TH URLGET 1 +.SH NAME +urlget, ftpget, httpget \- retrieve a file from the internet to stdout +.SH SYNOPSIS +.B urlget +.RB [ \-h ] +.RB [ \-d ] +.RB [ \-p ] +.RI url +.P +.B ftpget +.RI host +.RI path +.RI [user[pass]] +.P +.B httpget +.RB [ \-h ] +.RB [ \-d ] +.RB [ \-p ] +.RI host +.RI path +.SH DESCRIPTION +.de SP +.if t .sp 0.4 +.if n .sp +.. +.B Urlget +gets a file specified by a URL and copies it to standard output. +.P +.B Ftpget +similarly gets a file from a conventional ftp server, a login name +and password can be specified. +.P +.B Httpget +is similar to +.B urlget, +but the host and path are specified separately without a scheme, as with +ftpget. +.SH OPTIONS +.TP +.B \-h +show the status line and MIME header from the server. +.P +.B \-d +discard the file body. +.P +.B \-p +use POST method, otherwise use GET. +.SH EXAMPLES +.de EX +.TP 20 +\\fB\\$1\\fR +# \\$2 +.. +.TP 15n +.EX "urlget http://minix1.woodhull.com/pub/contrib/file.tar.Z > file.tar.Z" "Download file.tar.Z" +.EX "ftpget minix1.woodhull.com /pub/contrib/README.txt > README.txt" "Get a file from an anonymous ftp server" +.EX "httpget -dh minix1.woodhull.com/index.html" "Inspect the header of a web page" +.SH NOTES +These commands execute the same binary under different names. These commands +provide a lightweight non-interactive command-line method of downloading a +file or inspecting the status of a web page. Data retrieved are written +to standard output. +.SH AUTHOR +Michael Temari +.P +Man page compiled by Al Woodhull +.\" rev 2006-06-16 diff --git a/man/man5/http_status.5 b/man/man5/http_status.5 new file mode 100644 index 000000000..5301a5793 --- /dev/null +++ b/man/man5/http_status.5 @@ -0,0 +1,72 @@ +.TH HTTP_STATUS 5 +.SH NAME +http_status \- HTTP status numbers and their meanings +.SH DESCRIPTION +These are the HTTP status numbers defined in +.BI http.h +in the source directory, +.BI /usr/local/src/httpdxxx. +The message you see on your screen when a page cannot be accessed is +normally generated by your browser. +.P +HTTP_STATUS_OK 200 +.br +HTTP_STATUS_CREATED 201 +.br +HTTP_STATUS_ACCEPTED 202 +.br +HTTP_STATUS_NO_CONTENT 204 +.br +HTTP_STATUS_MOVED_PERM 301 +.br +HTTP_STATUS_MOVED_TEMP 302 +.br +HTTP_STATUS_NOT_MODIFIED 304 +.br +HTTP_STATUS_USE_PROXY 305 +.br +HTTP_STATUS_BAD_REQUEST 400 +.br +HTTP_STATUS_UNAUTHORIZED 401 +.br +HTTP_STATUS_FORBIDDEN 403 +.br +HTTP_STATUS_NOT_FOUND 404 +.br +HTTP_STATUS_METHOD_NOT_ALLOWED 405 +.br +HTTP_STATUS_PROXY_AUTH_REQRD 407 +.br +HTTP_STATUS_LENGTH_REQUIRED 411 +.br +HTTP_STATUS_SERVER_ERROR 500 +.br +HTTP_STATUS_NOT_IMPLEMENTED 501 +.br +HTTP_STATUS_BAD_GATEWAY 502 +.br +HTTP_STATUS_SERVICE_UNAVAILABLE 503 +.br +HTTP_STATUS_GATEWAY_TIMEOUT 504 +.br +HTTP_STATUS_UNSUPPORTED_VERSION 505 +.br + +.SH FILES +.TP 25n +.B /usr/local/src/httpdxxx/http.h +.SH "SEE ALSO" +The definitive source of information on the HTTP protocol is the +.B "World Wide Web Consortium" +web page at +.B http://www.w3c.org . +.P +A draft version of the HTTP 1.1 specification is available on the Minix1 +websites. For more information on status codes go to this URL: +.B http://minix1.woodhull.com/http11.html#Status-Codes +.SH AUTHOR +The Minix httpd server was created by and is maintained by Michael Temari + +.P +Man page compiled by Al Woodhull +.\"updated 2006-06-01 diff --git a/man/man5/httpd.conf.5 b/man/man5/httpd.conf.5 new file mode 100644 index 000000000..c8b96c180 --- /dev/null +++ b/man/man5/httpd.conf.5 @@ -0,0 +1,334 @@ +.TH HTTPD.CONF 5 +.SH NAME +httpd.conf httpd.mtype \- configuration files for the Minix httpd web server +.SH SYNOPSIS +.B /etc/httpd.conf +.B /etc/httpd.mtype +.SH DESCRIPTION +.B /etc/httpd.conf +is the configuration file for the Minix httpd web server written by +Michael Temari. A sample version is included with the distribution +archive and is unpacked in the source directory (normally +.BI /usr/local/src/httpdxxx). +Also provided is an example +.B httpd.mtype +file. This is an extension of the main configuration file which is normally +included when the main file is read. +.P +The makefile does not install +.B httpd.conf +and +.B httpd.mtype +automatically. The sample files included in the distribution are only +examples, you must copy and edit them for the needs of your own +installation. +.SH CONFIGURATION FILE FORMAT +.B httpd.conf +is an ascii file which consists of lines of the following form: +.P +.B directive LWS [parameters separated by LWS] +.br +NOTE: LWS denotes Linear White Space which is spaces and/or tabs +.SH CONFIGURATION FILE DIRECTIVES +The following are valid configuration file directives (listed in the order +they appear in the sample +.B httpd.conf +file provided in the distribution): +.P +.B serverroot redirect user chroot logfile dbgfile dirsend direxec +.B vhost auth proxyauth vpath include mtype +.P +To make the file more readable, for directives which occupy multiple +lines you may eliminate the directive on lines after the first and begin +these lines with LWS. + +.SH DESCRIPTIONS OF DIRECTIVES +.P +.B serverroot path + +The +.B serverroot +directive sets the translation for +.B // +to the given +.B path. + +.B redirect url + +The +.B redirect +directive will redirect the entire website via error code +"301 MOVED PERM" to specified url and original path of request. + +.B user username + +The +.B user +directive causes the server to run as the given +.B username +otherwise the server will run as whoever started it (normally root). + +.B chroot directory + +The +.B chroot +directive causes the server to chroot to the given directory after +the configuration and log files have been opened. Normally this will be the +home directory of the given username in the user directive. +.br +NOTE: +.B /~user +will be translated to the home directory of +.B user. +.br +NOTE: +.B // +will be translated to the serverroot directory. +.br +NOTE: if this directive is used then beware of the consequences. + +.B logfile filename + +The +.B logfile +directive tells the server where to log http transactions. +.br +NOTE: the log file must exist to enable logging. + +.B dbgfile filename + +The +.B dbgfile +directive tells the server where to log debugging of http transactions. +.br +NOTE: the debug log file must exist to enable debug logging. + +.B dirsend filelist + +The +.B dirsend +directive tells the server that when a directory is requested +that it should send the first file that it finds in the directory from the +.B filelist +for the request. + +.B direxec program + +The +.B direxec +directive tells the server that when a directory is requested +and no file is found from the +.B dirsend +directive that it should run the given +.B program. +.br +NOTE: the program normally generates a directory listing on the fly using +the +.B dir2html +program. +.br +NOTE: the program access is considered +.B X +with no access restrictions. + +.B vhost hostname vhostroot + +The +.B vhost +directive is for defining access for virtual hosts. If none are configured +then any host is accepted. If specified then access is only granted for +requests for hosts which are configured here. In the +.B vpath +section below the +.B /// +gets translated to the corresponding +.B vhostroot. + + +.B auth authname authdescription access [passwdfile [users]] + +The +.B auth +directive sets up different authorizations with the server. The +.B authname +is the name given to the authorization and is case insensitive. +The +.B authdescription +is the description of the authorization and is what +the user will see when asked to enter a username and password. The +access is one or more of +.B (RWX). +.B R +tells the server the URL can be read. +.B W +tells the server the URL can be overwritten. +.B X +tells the server +that the URL can and should be executed. Access is in addition to normal +Unix security considerations. For instance a file that can be written to +that does not have the +.B W +access will have an error returned. The +.B passwdfile +is the name of the password file to validate users against. If +.B passwdfile +is given as +.B '.' +then the system password file +.B (/etc/passwd) +will be used. If no +.B passwdfile +is given then no authorization is allowed for anyone. If no +.B users +are given then any validated user is authorized, otherwise only the given +.B users +are allowed. + +.B proxyauth authname authdescription access [passwdfile [users]] + +The +.B proxyauth +directive defines access authorization to be used for Proxy access. +.br +.B authname += Same as auth above +.br +.B authdescription += Same as auth above +.br +.B access += Must be R to allow proxy +.br +.B passwdfile += Same as auth above +.br +.B users += Same as auth above + +.B vpath from to [auth [access]] + +The +.B vpath +directive sets up URL path translations and authorizations. A +requested URL that matches +.B from +will be translated to +.B to +with the given +.B auth +and +.B access. +If +.B auth +does not exist then the URL will have no +.B access. +If +.B access +is not given then the access is taken from the +.B auth +record (see above). A +.B '.' +in place of the +.B to +means that the server should use a translation from another +.B vpath +record, but associate the given +.B auth +and access with the requested URL. A +.B '*' +may be at the end only of the +.B from +to provide a wildcard match. For example if the +.B from +has +.B /AB* +then any of +.B /ABCDEF +or +.B /AB +or +.B /ABmichael +will match, but +.B /AD or +.B /a +will not. The requested URL is first checked against each +.B vpath +record until an exact match (meaning URL match +.B from +and +.B from +had no +.B '*') +is found or the end of the list. Therefore a wildcard match will match +the last +.B from in the list in which it matched. +.br +NOTE: if at the beginning of the to field +.br + /~user will get translated to the home directory of the given user +.br + // will get translated to the serverroot directory + +.B include filename + +The +.B include +directive tells the server to read configuration information +from the given filename. +.br +NOTE: normally you get +.B mtype +directives in an included file. + +.B mtype mimetype extensions + +The +.B mtype +directive tells the server what +.B mimetype +to associate with files which have any of the given +.B extensions. +If no match is found then the file will be treated as +.B application/octet-stream. + + +.SH FILES +.B /etc/httpd.conf +.B /etc/httpd.mtype +.B /etc/passwd +.SH "SEE ALSO" +.BR httpd (8) +.BR http_status (5) +.SH NOTES +The source directory contains a commented sample +.B httpd.conf +and +.B httpd.mtype +files. +.P +You can run the server as +.B httpd -t /etc/httpd.conf +to see whether the configuration file is being parsed correctly. +.P +Although standard Minix does not have a graphical interface to support +browsers such as Netscape and Microsoft Internet Explorer, the +.B lynx +browser can be used on 32-bit Minix systems with enough memory. You can point +lynx to your own site to browse your own pages. +When debugging a web server there is nothing quite like browsing your own +pages to see whether things are working right. That said, be aware that +different web browsers may vary in how they interpet standard web page +features, and will certainly vary in how they interpret "extensions" to +the HTML standards. So checking a page with several browsers on several +platforms is always a good idea. +.SH BUGS +Not really a bug, but you can get in trouble if a real directory you want +to access shares the first part of its name with a +.B vpath +definition. You just have to pay attention to the directory names you use. +.SH AUTHOR +The Minix httpd server was created by and is maintained by Michael Temari + +.P +Man page was compiled by Al Woodhull +.\" updated 2006-06-01 diff --git a/man/man8/httpd.8 b/man/man8/httpd.8 new file mode 100644 index 000000000..04fed2a6a --- /dev/null +++ b/man/man8/httpd.8 @@ -0,0 +1,124 @@ +.TH HTTPD 8 +.SH NAME +httpd, in.httpd, dir2html \- a web server for Minix 2 and Minix 3 +.SH SYNOPSIS +.B httpd +.RB [\-t|\-v] +.RI [ config_file ] +.P +.B "tcpd http /usr/local/bin/in.httpd &" +.P +.B dir2html +.RB [directory] +.SH DESCRIPTION +.B Httpd +is a World Wide Web (WWW) server written by Michael Temari. It was +written from scratch so the setup and configuration will not be like +other web servers. +.P +.B In.httpd +is linked to +.B httpd. +This alternate name is used to indicate the program is a server that is +started by +.B tcpd (8), +a program which listens for incoming TCP connections on the passed +port (defined in +.BI /etc/services ). +When a connection comes in +.B tcpd +forks and starts the given daemon program, after possibly checking for access +restrictions and logging the connection. Therefore, to enable +.B in.httpd +to start you use (in a startup script): +.P +.B "tcpd http /usr/local/bin/in.httpd &" +.P +or +.P +.B "daemonize tcpd http /usr/local/bin/in.httpd" +.P +.B (daemonize +is a shell function defined in +.BI/usr/etc/rc +in Minix 2.0.3 and later releases which starts programs as daemons). +To enable or reenable +.B in.httpd +from the command line a user a system administrator should use +.B intr (8), +like this: +.P +.B "intr -d tcpd http /usr/local/bin/in.httpd &" +.P +to start +.B tcpd +as a daemon (getting input from /dev/null, writing output to /dev/log, +and not part of a process group). +.P +.B Dir2html +is an accessory program that produces a directory listing formatted as +web page for the current directory or for a directory specified as an +argument. It is called by +.B httpd +when a web client references a directory that includes no index.html +file (or whatever alternative to index.html that may be defined in +/etc/httpd.conf). Since it writes to standard output it may also be called +as a standalone program. +.P +Options for +.B httpd +are: +.SH OPTIONS +.TP +.B \-t +This tells the server to parse the configuration file so that you can +see if it is the way you want it. You may also pass the name of your +configuration file if it is not the default /etc/httpd.conf. +.TP +.B \-v +Shows the server version, then exits. +.TP +.B config_file +normally /etc/httpd.conf +.SH FILES +.TP 25n +.B /etc/httpd.conf +The configuration file. +.P +.B /etc/httpd.mtype +Extension to configuration file defining MIME types. +.P +.B /usr/adm/httpd.log +Log file. The file must exist for logging to begin. +.SH "SEE ALSO" +.BR httpd.conf (5), +.BR http_status (5), +.BR serv.access (5), +.BR intr (8), +.BR tcpd (8). +.SH NOTES +This server has been tested on both Minix 2 and Minix 3. +.P +Running a server exposed to the Internet is risky to the host system and +to the local network. Consult with the owner of your net before you go +public. Read the +.B SECURITY +document in the source directory. +.P +The +.B tcpd (8) +man page needs to be written. The important thing to know is that if +the access control file +.B /etc/serv.access +exists tcpd will exec its paranoid twin, tcpdp, which will deny access from +any IP for which a name cannot be found. +.SH BUGS +None are known, but there are surely some unknown ones. Be careful! +.SH AUTHOR +The Minix httpd server was created by and is maintained by Michael Temari + +.P +This man page was compiled by Al Woodhull +.P +.\" updated 2006-06-17 + diff --git a/man/man8/tcpd.8 b/man/man8/tcpd.8 new file mode 100644 index 000000000..0d285652f --- /dev/null +++ b/man/man8/tcpd.8 @@ -0,0 +1,118 @@ +.TH TCPD 8 +.SH NAME +tcpd, tcpdp \- waits for a TCP connection request and starts a server +.SH SYNOPSIS +.B tcpd +.RB [ \-d ] +.RB [ \-m +.RI maxclients ] +.RI service +.RI program +.RB [ arg ... ] +.SH DESCRIPTION +.de SP +.if t .sp 0.4 +.if n .sp +.. +.B Tcpd +is a daemon, that is, a user-space program that is normally started when the +operating system is started and that normally does not terminate until the +system is shut down. +Conceptually, you can think of +.B tcpd +as doing nothing but listening to a port for a connection attempt. Several +copies of +.B tcpd +will typically be started, one for each service that is to be provided. +When a connection is detected the tcpd for that port +.IR fork s +and then the child process +.IR exec s +an instance of the server for that port. +.P +The above description is simplified. +Normally two versions of the tcpd.c source code are compiled. +.B Tcpd +is the one that waits for a connection. When a connection occurs +.B tcpd +.IR fork s. +If +.B tcpd +was started with options or if the child detects that the access +control file +.IR /etc/serv.access +exists, the child will +.IR exec +its paranoid twin, +.B tcpdp, +which checks that the connection attempt is from an allowed node or network, +or that it is not from a disallowed node or network. +.B Tcpdp +also tries to look up the name corresponding to an IP address, and denies +the connection if a name cannot be found. Finally, +.B tcpdp +determines whether the connection is supposed to be logged. +If all is well, the child +.B tcpd +or +.B tcpdp +then +.IR exec s +the server for the service with any arguments specified on the command line +for that server. +.SH OPTIONS +.TP +.B \-d +turn on debugging. +.TP +.B \-m +allow no more than the specified +.IR maxclients +to start. +.SH EXAMPLES +.de EX +.TP 20 +\\fB\\$1\\fR +# \\$2 +.. +.TP 15n +.EX "tcpd telnet in.telnetd &" "wait for a telnet connection on the normal port" +.EX "tcpd 8000 in.httpd /etc/httpd8000.conf &" "wait for web page request on port 8000 and use a custom config file for the in.httpd program." +.P +Note that command lines must be terminated with "&" to return control to the +calling process, leaving the daemon executing as a background process. +.P +The above examples show how tcpd might be invoked from /etc/rc or +another script that runs during system initialization. You will also +see this in the supplied startup scripts: +.EX "daemonize tcpd shell in.rshd" "daemonize is a shell function that tests whether a daemon is present and starts it if so, using the & to start it in the background." +.P +Another case that should be mentioned is that when a system administrator +wants to start (or restart) a daemon from a command line, +.BR intr (8) +should be used, like this: +.EX "intr -d tcpd telnet in.telnetd &" "remove the daemon from a process group and connect its input to /dev/null and its output to /dev/log." +.SH FILES +.TP 25n +.B /etc/serv.access +The access control file. +.SH "SEE ALSO" +.BR execve (2), +.BR fork (2), +.BR intr (8), +.BR serv.access (5). +.SH NOTES +That daemons cannot daemonize themselves is a way in which Minix differs from +most other Unix-like systems. +.P +Allowing access to your system from the net is dangerous. Be sure you +know what you are doing. Be sure the owner of your net knows what you are +doing. Don't enable services you don't need. Enable logging and look at your +logs. +.SH BUGS +None known, let us know... +.SH AUTHOR +Kees J. Bot +.P +Man page by Al Woodhull +.\" rev 2006-06-02