Re: daemon/initd

To: debian-user@lists.debian.org
Subject: Re: daemon/initd
From: John Pearson <john@huiac.apana.org.au>
Date: Wed, 22 Sep 1999 16:31:28 +0930
Message-id: <[🔎] 19990922163128.C15906@huiac.localnet>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] CC2567F4.000BF145.00@diagnack1.diagnostic.co.nz>; from zdrysdal@diagnostic.co.nz on Wed, Sep 22, 1999 at 03:13:12PM +1300
References: <[🔎] CC2567F4.000BF145.00@diagnack1.diagnostic.co.nz>

On Wed, Sep 22, 1999 at 03:13:12PM +1300, zdrysdal@diagnostic.co.nz wrote
> Hi
> 
> Can someone properly explain to me the differences between how a process
> starts up as a daemon as apposed to a process which starts up via initd as
> i am a little unsure.
> 
> thanx
> 

Assuming that by 'initd' you mean 'inetd', not a whole lot.

Inetd is used only with daemons that normally listen on a 
network port, usually so they can offer some service (e.g.,
telnetd).  Not all daemons do this (e.g., apmd), and these 
daemons don't get run from inetd.

Inetd provides some basic functionality required of any network 
service, and that otherwise is provided by the daemon:
  - Listening for connections;
  - Establishing connections;
  - Spawning a child process to handle the connection.

The advantages to using inetd lie in the fact that you can
have a single process listening for connections on many
services, saving resources, and in the fact that it allows
you to centralise access controls for network services:
Inetd is linked against the tcpwrappers library, which
allows you to control access to services based on service
name or port number, client IP and so on using
/etc/hosts.deny and /etc/hosts.allow (man 5 hosts_access).

Services have to be written with support for inetd; if they
are run from inetd they communicate with the client through
stdin/stdout rather than via a socket and they have to be
smart enough (or told) to do so, and they no longer have 
any way of determining (e.g.) the client IP number (unless 
the client has some way of telling them, which raises the
possibility of spoofing).

Some services benefit from *not* running under inetd,
perhaps because they provide a level or kind of access
control not available under tcpwrappers (e.g. exim, bind,
apache), because they deal with high connection rates
better by themselves (e.g., pre-spawning children in apache
or squid) or because they are designed to handle multiple
connections efficiently within a single process.



John P.
-- 
huiac@camtech.net.au
john@huiac.apana.org.au
"Oh - I - you know - my job is to fear everything." - Bill Gates in Denmark

Reply to:

Follow-Ups:
- Re: daemon/initd
  - From: John Pearson <john@huiac.apana.org.au>

References:
- daemon/initd
  - From: zdrysdal@diagnostic.co.nz

Prev by Date: Re: Floppy light stays perpetually on.
Next by Date: SUSPENDER LA SUSCRIPCION
Previous by thread: Re: daemon/initd
Next by thread: Re: daemon/initd
Index(es):
- Date
- Thread