Re: xinetd and fetchmail
* Robin Collins <robin.collins@mailandnews.com> [221100 13:54]:
[snip salutations]
> RAJ> My xinetd.conf only contains one stanza. Here it is:
>
>
> RAJ> service smtp
> RAJ> {
> RAJ> socket_type = stream
> RAJ> protocol = tcp
> RAJ> wait = no
> RAJ> user = mail
> RAJ> server = /usr/sbin/exim
> RAJ> server_args = -bs
> RAJ> }
>
>
> RAJ> My inetd.conf file, before I began trying to use xinetd, only had one
> RAJ> entry in it. It was:
>
>
> RAJ> smtp stream tcp nowait mail /usr/sbin/exim exim -bs
>
> If this is indeed the contents then you've made a subtle error setting
> up the xinetd config, I think you need
>
> server_args = exim -bs
>
> notice the 2nd "exim" on the line you noted from inetd.
>
> I'm no expert, this may be nothing, but I thought I'd mention it, just
> in case :)
Wasn't the problem. I had noticed that yesterday, when I started working on this issue,
but figured it was nothing; just one of the foibles of how the inetd daemon reads the
inetd.conf file. Upon your suggestion, I gave it a try and the end result was still the
same.
> Hope you get it working. BTW, I'd be interested to know if you
> succeed, I myself am just planning to implement fetchmail and probable
> exim, using xinetd would you believe.
This is what I've found out so far...I believe the problem may have something to do
with RPC services.
First, I noticed that whenever I install or remove inetd, the portmap daemon is
started or stopped, respectively.
The whole reason I got on this xinetd trip was to improve security, so I then ran
"nmap -v localhost" with inetd as the internet super-server to see what ports were
open and I got the following output:
The TCP connect scan took 0 seconds to scan 1511 ports.
Interesting ports on localhost (127.0.0.1):
Port State Protocol Service
22 open tcp ssh
25 open tcp smtp
111 open tcp sunrpc
515 open tcp printer
793 open tcp unknown
1026 open tcp nterm
6000 open tcp X11
I confirmed that portmapper was, in fact, up and running by executing a
tidbit from the inetd script in /etc/init.d/inetd.
~$ rpcinfo -u localhost portmapper
portmapper 100000 version 2 ready and waiting
Second, I noticed that when I installed or removed xinetd, there was no mention of
the portmap daemon.
Running "nmap -v localhost" with the xinetd daemon as the superserver produces this
listing:
The TCP connect scan took 0 seconds to scan 1511 ports.
Interesting ports on localhost (127.0.0.1):
Port State Protocol Service
22 open tcp ssh
25 open tcp smtp
515 open tcp printer
793 open tcp unknown
1026 open tcp nterm
6000 open tcp X11
Note that "sunrpc" is missing and that the portmapper is not active:
~$ rpcinfo -u localhost portmapper
rpcinfo: RPC: Port mapper failure - RPC: unable to receive
program 100000 is not available
Documentation I've looked at seems to indicate that xinetd and portmapper should
play well together. Oh well...I'll keep you posted.
Suggestions are welcome.
rob jacobs <r.a.jacobs@home.com>
~no witty sig required~
Reply to: