A colon is the preferred way to split a user and group name pair; make this
possible and depreciate the use of dot.
This commit is contained in:
parent
a4e89ca2a1
commit
d3f47cfba9
@ -1,4 +1,4 @@
|
||||
.\" $NetBSD: inetd.8,v 1.23 1999/09/10 03:26:49 simonb Exp $
|
||||
.\" $NetBSD: inetd.8,v 1.24 1999/10/06 21:54:10 ad Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 1998 The NetBSD Foundation, Inc.
|
||||
.\" All rights reserved.
|
||||
@ -127,8 +127,8 @@ fields of the configuration file are as follows:
|
||||
[addr:]service-name
|
||||
socket-type
|
||||
protocol[,sndbuf=size][,rcvbuf=size]
|
||||
wait/nowait[.max]
|
||||
user[.group]
|
||||
wait/nowait[:max]
|
||||
user[:group]
|
||||
server-program
|
||||
server program arguments
|
||||
.Ed
|
||||
@ -141,8 +141,8 @@ based service, the entry would contain these fields.
|
||||
service-name/version
|
||||
socket-type
|
||||
rpc/protocol[,sndbuf=size][,rcvbuf=size]
|
||||
wait/nowait[.max]
|
||||
user[.group]
|
||||
wait/nowait[:max]
|
||||
user[:group]
|
||||
server-program
|
||||
server program arguments
|
||||
.Ed
|
||||
@ -292,8 +292,8 @@ suffix (separated from
|
||||
.Dq wait
|
||||
or
|
||||
.Dq nowait
|
||||
by a dot) specifies the maximum number of server instances that may be
|
||||
spawned from
|
||||
by a dot or a colon) specifies the maximum number of server instances that may
|
||||
be spawned from
|
||||
.Nm
|
||||
within an interval of 60 seconds. When omitted,
|
||||
.Dq max
|
||||
@ -316,13 +316,14 @@ is usually the only stream server marked as wait.
|
||||
.Pp
|
||||
The
|
||||
.Em user
|
||||
entry should contain the user name of the user as whom the server
|
||||
should run. This allows for servers to be given less permission
|
||||
than root. An optional group name can be specified by appending a dot to
|
||||
the user name followed by the group name. This allows for servers to run with
|
||||
a different (primary) group id than specified in the password file. If a group
|
||||
is specified and user is not root, the supplementary groups associated with
|
||||
that user will still be set.
|
||||
entry should contain the user name of the user as whom the server should
|
||||
run. This allows for servers to be given less permission than root. An
|
||||
optional group name can be specified by appending a colon to the user name
|
||||
followed by the group name (it is possible to use a dot in lieu of a colon,
|
||||
however this feature is provided only for backward compatibility). This allows
|
||||
for servers to run with a different (primary) group id than specified in the
|
||||
password file. If a group is specified and user is not root, the
|
||||
supplementary groups associated with that user will still be set.
|
||||
.Pp
|
||||
The
|
||||
.Em server-program
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: inetd.c,v 1.54 1999/09/15 09:59:41 itojun Exp $ */
|
||||
/* $NetBSD: inetd.c,v 1.55 1999/10/06 21:54:10 ad Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 1998 The NetBSD Foundation, Inc.
|
||||
@ -77,7 +77,7 @@ __COPYRIGHT("@(#) Copyright (c) 1983, 1991, 1993, 1994\n\
|
||||
#if 0
|
||||
static char sccsid[] = "@(#)inetd.c 8.4 (Berkeley) 4/13/94";
|
||||
#else
|
||||
__RCSID("$NetBSD: inetd.c,v 1.54 1999/09/15 09:59:41 itojun Exp $");
|
||||
__RCSID("$NetBSD: inetd.c,v 1.55 1999/10/06 21:54:10 ad Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
@ -108,8 +108,8 @@ __RCSID("$NetBSD: inetd.c,v 1.54 1999/09/15 09:59:41 itojun Exp $");
|
||||
* name a tcpmux service
|
||||
* socket type stream/dgram/raw/rdm/seqpacket
|
||||
* protocol must be in /etc/protocols
|
||||
* wait/nowait[.max] single-threaded/multi-threaded, max #
|
||||
* user[.group] user/group to run daemon as
|
||||
* wait/nowait[:max] single-threaded/multi-threaded, max #
|
||||
* user[:group] user/group to run daemon as
|
||||
* server program full path name
|
||||
* server program arguments maximum of MAXARGS (20)
|
||||
*
|
||||
@ -117,8 +117,8 @@ __RCSID("$NetBSD: inetd.c,v 1.54 1999/09/15 09:59:41 itojun Exp $");
|
||||
* service name/version must be in /etc/rpc
|
||||
* socket type stream/dgram/raw/rdm/seqpacket
|
||||
* protocol must be in /etc/protocols
|
||||
* wait/nowait[.max] single-threaded/multi-threaded
|
||||
* user[.group] user to run daemon as
|
||||
* wait/nowait[:max] single-threaded/multi-threaded
|
||||
* user[:group] user to run daemon as
|
||||
* server program full path name
|
||||
* server program arguments maximum of MAXARGS (20)
|
||||
*
|
||||
@ -172,7 +172,7 @@ __RCSID("$NetBSD: inetd.c,v 1.54 1999/09/15 09:59:41 itojun Exp $");
|
||||
*/
|
||||
|
||||
/*
|
||||
* Here's the scoop concerning the user.group feature:
|
||||
* Here's the scoop concerning the user:group feature:
|
||||
*
|
||||
* 1) set-group-option off.
|
||||
*
|
||||
@ -1561,8 +1561,9 @@ do { \
|
||||
arg = sskip(&cp);
|
||||
{
|
||||
char *cp;
|
||||
cp = strchr(arg, '.');
|
||||
if (cp) {
|
||||
if ((cp = strchr(arg, ':')) == NULL)
|
||||
cp = strchr(arg, '.');
|
||||
if (cp != NULL) {
|
||||
*cp++ = '\0';
|
||||
sep->se_max = atoi(cp);
|
||||
} else
|
||||
@ -1590,8 +1591,11 @@ do { \
|
||||
}
|
||||
}
|
||||
sep->se_user = newstr(sskip(&cp));
|
||||
if ((sep->se_group = strchr(sep->se_user, '.')))
|
||||
if ((sep->se_group = strchr(sep->se_user, ':')) != NULL)
|
||||
*sep->se_group++ = '\0';
|
||||
else if ((sep->se_group = strchr(sep->se_user, '.')) != NULL)
|
||||
*sep->se_group++ = '\0';
|
||||
|
||||
sep->se_server = newstr(sskip(&cp));
|
||||
if (strcmp(sep->se_server, "internal") == 0) {
|
||||
struct biltin *bi;
|
||||
@ -2072,7 +2076,7 @@ print_service(action, sep)
|
||||
{
|
||||
if (isrpcservice(sep))
|
||||
fprintf(stderr,
|
||||
"%s: %s rpcprog=%d, rpcvers = %d/%d, proto=%s, wait.max=%d.%d, user.group=%s.%s builtin=%lx server=%s"
|
||||
"%s: %s rpcprog=%d, rpcvers = %d/%d, proto=%s, wait:max=%d.%d, user:group=%s.%s builtin=%lx server=%s"
|
||||
#ifdef IPSEC
|
||||
" policy=\"%s\""
|
||||
#endif
|
||||
@ -2087,7 +2091,7 @@ print_service(action, sep)
|
||||
);
|
||||
else
|
||||
fprintf(stderr,
|
||||
"%s: %s proto=%s, wait.max=%d.%d, user.group=%s.%s builtin=%lx server=%s"
|
||||
"%s: %s proto=%s, wait:max=%d.%d, user:group=%s.%s builtin=%lx server=%s"
|
||||
#ifdef IPSEC
|
||||
" policy=%s"
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user