NAME¶
/etc/dnetd.conf - DECnet objects file
DESCRIPTION¶
/etc/dnetd.conf is an ASCII file which contains the description of the
objects known to the DECnet super-server
dnetd.
There is one entry per line, and each line has the format:
Name Number Authenticate User command
The field descriptions are:
- Name
- The name of the object. For numbered objects this appears
only for documentation purposes. For named objects it is the actual object
name. There is a special object name * which can execute an
arbitrarily named program or script (see later).
- Number
- the DECnet object number. These numbers should match the
well-known object numbers in a VMS object database. If the object number
is zero then the name is used. There should be no duplicate object numbers
in the file apart from number 0.
- Authenticate
- Whether to authenticate incoming connections. This flag
should be a Y or N. If it is Y then incoming connections will be
authenticated either by the username and password given on the remote
command line or by the DECnet proxy database decnet.proxy. If it is
N then the next field specifies the username that the daemon will be run
as.
- Username
- The username that daemon will be run as if the incoming
command is not authenticated (ie the Authenticate flag is set to N). if
this username does not exist, and Authenticate is set to N then incoming
connections for that object will fail.
- Command
- This is the name and arguments of the command to run when a
connection is received for the object. If it is the string
"internal" then the object will be handled by dnetd if it can.
Currently only MIRROR and arbitrary TASKs can be handled internally by
dnetd.
If the name starts with a slash then it is assumed to be the full path of
the program to run. If not then dnetd will search its default
directory for program files.
NOTES¶
When an incoming connection is handled by dnetd it forks and executes the
command named in the command field with stdin and stdout pointing to the
DECnet socket. stderr will be set to /dev/null. The DECnet daemons supplied in
the dnprogs suite automatically detect this and so can be run from dnetd or
standalone.
There is a subtle difference between objects handled by the special name * and
those explicitly named in the file:
Objects handled by name "*" internally are run under control of a
pseudo-tty which means they appear to be talking to a terminal and CR/LF
conversion will be done so that TYPE "0=TASK" will produce sensible
output on VMS.
Objects explicitly named just connect directly to the DECnet socket so cannot
take advantage of tty services and do not have CR/LF conversion done for them.
Of course these objects are more secure because the system administrator has
total control over which objects can be run.
dnetd will convert all task names to lower case. This is for convenience more
than anything else because VMS converts them to uppercase and all uppercase
files names are unwieldy on Unix.
It is recommended that arbitrary objects be run as a special anonymous user to
avoid security problems.
Any changes to /etc/dnetd.conf will take effect immediately you do not need to
tell dnetd that it has changed.
EXAMPLE¶
This is the default file provided. Note that the "*" object is
commented out for security reasons.
# /etc/dnetd.conf
#
# name number auth? user command
#
FAL 17 Y none fal
MIRROR 25 Y root internal
MAIL 27 N vmsmail vmsmaild
CTERM 42 N root ctermd
DTERM 23 N root rmtermd
# * 0 Y none internal
SEE ALSO¶
decnet.proxy(5),
dnetd(8)