Re: xinetd -> danted fails [repost]

From: Andrew Schulman (andrex_at_deadspam.com)
Date: 07/21/03


Date: Mon, 21 Jul 2003 05:19:21 -0400


> |> A daemon that is to be run under *inetd has to be prepared to read
> |> network traffic on stdin and write to stdout, i.e. not try to listen on
> |> the port itself. If the daemon has code to switch into this mode, then
> |> you need to use the appropriate command line option or config option to
> |> make it do so. Have you checked the danted doco?
> |
> |Yes, I've checked and rechecked the danted and xinetd docs and FAQs.
> |danted doesn't have a facility to connect via stdin/stdout as far as I
> |can tell.
>
> If that's the case, then you cannot run danted under *inetd, it is not
> *inetd ready. However some hits I got from google suggest there is a
> command line option for it, but the sites are down and the cached
> versions are unclear. I can't even find the home site of danted with
> google.

Dante home is http://www.inet.no/dante/. I also found some references to
people running dante (or other socks servers, but that's another story)
under inetd, using nowait.

> |What you say would explain how xinetd can take over listening on the
> |ports
> |usually used by the servers it manages. However, this is the first time
> |I've heard this explanation, and I can't find any mention of it in the
> |inetd or xinetd docs.
>
> It's sort of implied by the description of xinetd in the man page, where
> it says "it listens on all service ports for the services listed in
> its configuration file". Since the port cannot be listened on by more
> than one process, this means the real server has to not listen but wait
> on stdin. Unfortunately this is part of BSD lore, I don't know where
> it's documented, I don't remember how I learnt this.

Hm, yes... BSD lore... but it does explain how xinetd can take over the
server's port.
 
> |What I do find in the docs is some confusing (to me) explanations of the
> |wait/nowait (inetd) or wait (xinetd) options. As best I can figure out,
> |if danted wants to continue to listen on its port (1080), then I should
> |specify "wait" (inetd) or "wait=yes" (xinetd) in *inetd.conf. But when I
> |try this, I get the "Deactivating service socks due to excessive incoming
> |connections" error, which no one, in my Google groups searches, seems to
> |be able to figure out.
>
> Wait means that *inetd will only fork off one process at a time to
> handle the request. Nowait means that it will continue to serve more
> requests while the last one is being served. This means that it will
> fork off as many processes as needed, up to the limit. Since danted
> doesn't run properly under xinetd, it exits immediately and the request
> is still waiting to be served. So xinetd very quickly runs up lots of
> processes and then decides enough is enough, there is something wrong.
>
> Wait/nowait has nothing to do with *inetd readiness.

OK, this makes sense. I guess it's time to write to the danted authors, and
ask them if it can be made to work under *inetd.

Thanks very much for your help, I wasn't close to figuring this out.
Andrew.

-- 
To reply by email, change "deadspam.com" to "alumni.utexas.net"