xinetd-2.3.15

Introduction to xinetd

xinetd is the eXtended InterNET services daemon, a secure replacement for inetd.

This package is known to build and work properly using an LFS-7.6 systemd platform.

Package Information

xinetd Dependencies

Optional

TCP wrappers (deprecated)

User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/xinetd

Installation of xinetd

Install xinetd by running the following commands:

sed -i -e "s/exec_server/child_process/" xinetd/builtins.c        &&
sed -i -e "/register unsigned count/s/register//" xinetd/itox.c  &&
./configure --prefix=/usr --mandir=/usr/share/man --with-loadavg &&
make

This package does not come with a test suite.

Now, as the root user:

make install

Command Explanations

sed ... xinetd/builtins.c: This command fixes a security issue.

sed ... xinetd/itox.c: This command fixes some compiler warnings.

Configuring xinetd

Config Files

/etc/xinetd.conf and /etc/xinetd.d/*

Configuration Information

Ensure the path to all daemons is /usr/sbin, rather than the default path of /usr/bin, and install the xinetd configuration files by running the following commands as the root user:

cat > /etc/xinetd.conf << "EOF"
# Begin /etc/xinetd
# Configuration file for xinetd

defaults
{
      instances       = 60
      log_type        = SYSLOG daemon
      log_on_success  = HOST PID USERID
      log_on_failure  = HOST USERID
      cps             = 25 30
}

# All service files are stored in the /etc/xinetd.d directory

includedir /etc/xinetd.d

# End /etc/xinetd
EOF

All of the following files have the statement, "disable = yes". To activate any of the services, this statement will need to be changed to "disable = no".

[Note]

Note

The following files are listed to demonstrate several xinetd applications. In many cases, these applications are not needed. Some classic applications are considered security risks. For example, telnet, rlogin, rexec, and rsh transmit unencrypted usernames and passwords over the network and can be easily replaced with a more secure alternative: ssh.

install -v -d -m755 /etc/xinetd.d &&

cat > /etc/xinetd.d/systat << "EOF" &&
# Begin /etc/xinetd.d/systat

service systat
{
   disable           = yes
   socket_type       = stream
   wait              = no
   user              = nobody
   server            = /bin/ps
   server_args       = -auwwx
   only_from         = 128.138.209.0
   log_on_success    = HOST
}

# End /etc/xinetd.d/systat
EOF

cat > /etc/xinetd.d/echo << "EOF" &&
# Begin /etc/xinetd.d/echo

service echo
{
   disable     = yes
   type        = INTERNAL
   id          = echo-stream
   socket_type = stream
   protocol    = tcp
   user        = root
   wait        = no
}

service echo
{
   disable     = yes
   type        = INTERNAL
   id          = echo-dgram
   socket_type = dgram
   protocol    = udp
   user        = root
   wait        = yes
}

# End /etc/xinetd.d/echo
EOF

cat > /etc/xinetd.d/chargen << "EOF" &&
# Begin /etc/xinetd.d/chargen

service chargen
{
   disable        = yes
   type           = INTERNAL
   id             = chargen-stream
   socket_type    = stream
   protocol       = tcp
   user           = root
   wait           = no
}

service chargen
{
   disable        = yes
   type           = INTERNAL
   id             = chargen-dgram
   socket_type    = dgram
   protocol       = udp
   user           = root
   wait           = yes
}

# End /etc/xinetd.d/chargen
EOF

cat > /etc/xinetd.d/daytime << "EOF" &&
# Begin /etc/xinetd.d/daytime

service daytime
{
   disable        = yes
   type           = INTERNAL
   id             = daytime-stream
   socket_type    = stream
   protocol       = tcp
   user           = root
   wait           = no
}

service daytime
{
   disable        = yes
   type           = INTERNAL
   id             = daytime-dgram
   socket_type    = dgram
   protocol       = udp
   user           = root
   wait           = yes
}

# End /etc/xinetd.d/daytime
EOF

cat > /etc/xinetd.d/time << "EOF"
# Begin /etc/xinetd.d/time

service time
{
   disable        = yes
   type           = INTERNAL
   id             = time-stream
   socket_type    = stream
   protocol       = tcp
   user           = root
   wait           = no
}

service time
{
   disable        = yes
   type           = INTERNAL
   id             = time-dgram
   socket_type    = dgram
   protocol       = udp
   user           = root
   wait           = yes
}

# End /etc/xinetd.d/time
EOF

The format of the /etc/xinetd.conf is documented in the xinetd.conf.5 man page.

Systemd Units

To start the xinetd daemon at boot, install the systemd unit from the blfs-systemd-units-20141220 package by running the following command as the root user:

make install-xinetd

As the root user, use the systemctl utility to start xinetd:

systemctl start xinetd

Check the journalctl output to ensure the appropriate services are started. If no services are enabled, the program will not start without the -stayalive option.

Contents

Installed Programs: itox, xconv.pl, and xinetd
Installed Libraries: None
Installed Directories: /etc/xinetd.d/

Short Descriptions

itox

is a utility used for converting inetd.conf files to xinetd.conf format.

xconv.pl

is a Perl script used for converting inetd.conf files to xinetd.conf format, similar to itox.

xinetd

is the Internet services daemon.

Last updated on 2014-08-25 20:50:07 +0000