i.inetdconf revision 7c478bd95313f5f23a4c958a745db2134aa03244
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License"). You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#
# Copyright 2004 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# ident "%Z%%M% %I% %E% SMI"
#
export PATH
# inetd_fini : clean up temp files
rm -f -- $inetsed $inettmp $inetsedhdr
return 0
}
# inetd_undo : restore original file in case of failure
}
# inetd_remove : remove daemons specified as arguments by removing
# lines from inetd.conf that match the regular
# expressions provided on stdin (one per line)
# original file is restored and script exits on failure
if [ $? -ne 0 ]; then
echo "Unable to append to $inetsed"
exit 1
fi
return 0
}
# We start by building the giant sed script used to clean out the old
# bundled entries. Broken up into bite-size sections for easier maintenance
# Location for scripts
# The header editing is built separately so that we only apply it when needed
cat >$inetsedhdr <<EOF
/^#ident/d
/^# Copyright/d
/^# Use is subject to license terms/d
EOF
# Remove the traditional introductory comments
inetd_remove intro_comment <<EOF
^# Configuration file for inetd(1M). See inetd.conf(4).
^# To re-configure the running inetd process, edit this file, then
^# send the inetd process a SIGHUP.
^# Syntax for socket-based Internet services:
^# <service_name> <socket_type> <proto> <flags> <user> <server_pathname> <args>
^# Syntax for TLI-based Internet services:
^# <service_name> tli <proto> <flags> <user> <server_pathname> <args>
EOF
# Remove the RPC syntax comments
inetd_remove rpc_comments <<EOF
^# RPC services syntax:
^# <rpc_prog>/<vers> <endpoint-type> rpc/<proto> <flags> <user>
^# <pathname> <args>
^# <endpoint-type> can be either "tli" or "stream" or "dgram".
^# For "stream" and "dgram" assume that the endpoint is a socket descriptor.
^# <proto> can be either
^# first treated as a nettype. If it is not a valid nettype then it is
^# treated as a netid
^# transports supported by this system, ie. it equates to the "visible"
^# nettype. The syntax for <proto> is:
^#.*<nettype|netid>
^# For example:
^# dummy/1 tli rpc/circuit_v,udp
EOF
# Remove the IPv6 comment which appeared starting in Solaris 8
inetd_remove ipv6_comment <<EOF
^# IPv6 and inetd.conf
^# By specifying a <proto> value of tcp6 or udp6 for a service, inetd will
^# pass the given daemon an AF_INET6 socket. The following daemons have
^# been modified to be able to accept AF_INET6 sockets
^# ftp telnet shell login exec tftp finger printer
^# and service connection requests coming from either IPv4 or IPv6-based
^# transports. Such modified services do not normally require separate
^# configuration lines for tcp or udp. For documentation on how to do this
^# for other services, see the Solaris System Administration Guide.
^# You must verify that a service supports IPv6 before specifying <proto> as
^# tcp6 or udp6. Also, all inetd built-in commands (time, echo, discard,
^# daytime, chargen) require the specification of <proto> as tcp6 or udp6
^# The remote shell server (shell) and the remote execution server
^# (exec) must have an entry for both the "tcp" and "tcp6" <proto> values.
EOF
# Remove entries in inetd.conf for r* deamons
# This also removes the old SEAM unbundled versions of these services
inetd_remove in.rshd in.rlogind in.rexecd in.comsat in.talkd in.fingerd rpc.statd rpc.rusersd rpc.rwalld rpc.sprayd systat netstat <<EOF
^[# ]*shell[ ]*stream
^[# ]*kshell[ ]*stream
^[# ]*login[ ]*stream
^[# ]*klogin[ ]*stream
^[# ]*eklogin[ ]*stream
^[# ]*exec[ ]*stream
^[# ]*comsat[ ]*dgram
^[# ]*talk[ ]*dgram
^[# ]*finger[ ]*stream
^[# ]*rstatd/2-4
^[# ]*rusersd/2-3
^[# ]*walld/1
^[# ]*sprayd/1
^[# ]*systat[ ]*stream
^[# ]*netstat[ ]*stream
^# RSHD
^# RLOGIND
^# REXECD
^# COMSATD
^# TALKD
^# FINGERD
^# RSTATD
^# RUSERSD
^# RWALLD
^# SPRAYD
^# Shell, login, exec, comsat and talk are BSD protocols
^# The spray server is used primarily for testing.
^# The rwall server allows others to post messages to users
^# Rstatd is used by programs such as perfmeter
^#[ ]*.note: Kerberos does not yet support ipv6
^# Finger, systat and netstat give out user information which may be
^# valuable to potential "system crackers." Many sites choose to disable
^# some or all of these services to improve security.
^# The rusers service gives out user information. Sites concerned
^# with security may choose to disable it.
EOF
# Remove entries in inetd.conf for common network service deamons
^[# ]*time[ ]*stream
^[# ]*time[ ]*dgram
^[# ]*daytime[ ]*stream
^[# ]*daytime[ ]*dgram
^[# ]*echo[ ]*stream
^[# ]*echo[ ]*dgram
^[# ]*discard[ ]*stream
^[# ]*discard[ ]*dgram
^[# ]*chargen[ ]*stream
^[# ]*chargen[ ]*dgram
^# Time service is used for clock synchronization.
^# Echo, discard, daytime, and chargen are used primarily for testing.
^# Daytime provides a legible form of date and time.
^# Echo is used primarily for testing.
^# Discard is used primarily for testing.
^# Chargen is used primarily for testing.
EOF
# Remove entry in inetd.conf for smserverd daemon
inetd_remove rpc.smserverd <<EOF
^[# ]*100155/1
^# smserverd
EOF
# Remove entry in inetd.conf for telnetd
# Also removes the old SEAM version
inetd_remove in.telnetd <<EOF
^[# ]*telnet[ ]*stream
^[# ]*telnet.*/usr/krb5/lib/telnetd
^# TELNETD
^# Ftp and telnet are standard Internet services.
EOF
# Remove entry in inetd.conf for in.tnamed
inetd_remove in.tnamed <<EOF
^[# ]*name[ ]*dgram
^# TNAMED
^# Tnamed serves the obsolete IEN-116 name server protocol.
EOF
# Remove entry in inetd.conf for printer daemon
inetd_remove in.lpd <<EOF
^[# ]*printer[ ]*stream
^# LPD
^# Print Protocol Adaptor - BSD listener
EOF
# Remove entry in inetd.conf for ocfserv daemon
inetd_remove ocfserv <<EOF
^[# ]*100150/1
^# OCFSERV
^# OCF (Smart card) Daemon
EOF
# Remove entry in inetd.conf for rpc.rexd
inetd_remove rpc.rexd <<EOF
^[# ]*rexd/1
^# REXD
^# The rexd server provides only minimal authentication
EOF
# Remove entry in inetd.conf for rquotad
inetd_remove rquotad <<EOF
^[# ]*rquotad/1
^# RQUOTAD
^# Rquotad supports UFS disk quotas for NFS clients
EOF
# Remove entries in inetd.conf for SLVM daemons
^[# ]*100229/1
^[# ]*100230/1
^[# ]*100242/1
^# METAD
^# METAMHD
^# METAMEDD
^# SLVM Daemons
EOF
# Remove entry in inetd.conf for ktkt_warnd daemon
inetd_remove ktkt_warnd <<EOF
^[# ]*100134/1
^# KTKT_WARND
^# Kerberos V5 Warning Message Daemon
EOF
# Remove entries in inetd.conf for kpropd
inetd_remove kpropd << EOF
^[# ]*krb5_prop[ ]*stream
^# Kerberos V5 DB Propagation Daemon
EOF
# Remove entry in inetd.conf for GSS daemon
inetd_remove gssd <<EOF
^[# ]*100234/1
^# GSSD
^# GSS Daemon
EOF
# Remove entry in inetd.conf for ftp daemon
# Also removes the old SEAM entry
inetd_remove in.ftpd <<EOF
^[# ]*ftp[ ]*stream
^[# ]*ftp.*/usr/krb5/lib/ftpd
^# FTPD
^# Ftp and telnet are standard Internet services.
EOF
# Remove dr_daemon entry if it is present.
inetd_remove dr_daemon <<EOF
^[# ]*300326/4[ ]*tli
EOF
# Remove the DCS entries from /etc/inetd.conf.
inetd_remove dcs <<EOF
^[# ]*sun-dr[ ]*stream
EOF
# Remove entry in inetd.conf for uucp daemon
inetd_remove in.uucpd <<EOF
^[# ]*uucp[ ]*stream
^# UUCPD
^# Must run as root
EOF
# Not yet converted
# Remove cachefsd
#inetd_remove cachefsd <<EOF
#^[# ]*100235/1[ ]*tli
#^# CacheFS Daemon
#EOF
# Remove font server
inetd_remove fs <<EOF
^[# ]*fs[ ]*stream
^# Sun Font Server
EOF
# Not yet converted
# Remove ToolTalk DB server
#inetd_remove rpc.ttdbserverd <<EOF
#^[# ]*100083/1[ ]*tli
#^# Sun ToolTalk Database Server
#EOF
# Not yet converted
# Remove rpc.cmsd
#inetd_remove rpc.cmsd <<EOF
#^[# ]*100068/2-5[ ]*dgram
#^# rpc.cmsd
#EOF
# Not yet converted
# Remove dtspcd
#inetd_remove dtspcd <<EOF
#^[# ]*dtspc[ ]*stream
#EOF
# Remove nfsmapid
# Only appears in Solaris 10
inetd_remove nfsmapid <<EOF
^[# ]*100166/1
^# NFSv4
EOF
# Remove stfsloader
inetd_remove stfsloader <<EOF
^[# ]*100424/1
^# Standard Type Services Framework
EOF
# Things below here don't appear after Solaris 9
# Remove KCMS
inetd_remove kcms_server <<EOF
^[# ]*100221/1[ ]*tli
^# Sun KCMS Profile Server
EOF
# Remove sadmind
inetd_remove sadmind <<EOF
^[# ]*100232/10[ ]*tli
^# Solstice system
EOF
# Things below here don't appear after Solaris 8
# Remove ufsd
inetd_remove ufsd <<EOF
^[# ]*ufsd/1[ ]*tli
^# UFS-aware service daemon
EOF
# Remove amiserv
inetd_remove amiserv <<EOF
^[# ]*100146/1[ ]*tli
^[# ]*100147/1[ ]*tli
^# AMI Daemon
EOF
# Things below here don't appear after Solaris 7
# Remove kerbd
inetd_remove kerbd <<EOF
^[# ]*kerbd/4[ ]*tli
^# Kerbd Daemon
EOF
# Things below here don't appear after Solaris 2.6
# Remove xaudio
inetd_remove xaudio <<EOF
^[# ]*xaudio[ ]*stream
EOF
# End of setup, now process the file
do
sedhdr="-f $inetsedhdr"
if [ ! -f $dest ] ; then
# Must be a fresh install, skip the gymnastics
else
# Save existing file first
if [ $? -ne 0 ]; then
echo "Unable to create $inetold"
exit 1
fi
# if new header already there, don't strip copyright or prepend
# new header
# Execute the stored sed script to remove all standard stuff
if [ $? -ne 0 ]; then
echo "Unable to create $inettmp"
exit 1
fi
# Now we have just the customer/3rd-party records and comments.
# Stick our new header on the front, and clean up all the
# extraneous blank comment lines left over from above.
case $? in
0) ;;
BEGIN { lastblank = 0 }
/^#[ \t]*$/ {
if (lastblank == 0) {
lastblank = 1
print
}
next
}
{ lastblank = 0; print }
' > $inetconf
if [ $? -ne 0 ]; then
echo "Unable to construct $inetconf"
exit 1
fi
;;
exit 1
;;
esac
fi
# Add cachefsd if not there
#
# CacheFS daemon. Provided only as a basis for conversion by inetconv(1M).
#
100235/1 tli rpc/ticotsord wait root /usr/lib/fs/cachefs/cachefsd cachefsd"
EOF
done
# Clean up temp files
exit 0