返回主页
虚拟光驱软件 DaemonTools 安装说明
ucspi-tcp 软件包安装说明
tcpserver 使用详解
设置一个 daytime 服务器
命令行版 tcpserver 安装指南
A daytime server just hands out a human readable date for each connection to port 13. This is not particularly exciting, but the real goal here is to understand a standard daemontools/tcpserver setup complete with logging and all.
groupadd daytime && useradd -g daytime daytime && groupadd daytime-log && useradd -g daytime-log daytime-log && mkdir -p /etc/daytime/log && mkdir /var/log/daytime && chown daytime-log:daytime-log /var/log/daytime |
We are creating seperate user and group IDs for the server and logging processes. /etc/daytime will contain the run file for the tcpserver process, /etc/daytime/log will contain the run file for the logging process. Logfiles will go to /var/log/daytime.
cd /etc/daytime cat <<"EOF" > run #!/bin/sh DTIME_UID=`id -u daytime` DTIME_GID=`id -g daytime` exec 2>&1 exec /usr/bin/tcpserver -vRHl0 -u "$DTIME_UID" -g "$DTIME_GID" \ -x /etc/tcprules/tcp.daytime.cdb 0 13 date EOF chmod 0700 run |
These commands create the run file for tcpserver. Most of the tcpserver command line is explained in getting started with tcpserver.
-u "$DTIME_UID" -g "$DTIME_GID" |
tcpserver switches to the UID/GID of daytime after preparing to receive connections.
-x /etc/tcprules/tcp.daytime.cdb |
tcpserver will accept/reject connections based on the contents of tcp.daytime.cdb.
cd log cat <<"EOF" > run #!/bin/sh exec /usr/sbin/setuidgid daytime-log /usr/sbin/multilog t /var/log/daytime EOF chmod 0700 run |
/usr/sbin/setuidgid daytime-log |
This runs the multilog program under the UID/GID of daytime-log.
/usr/sbin/multilog t /var/log/daytime |
multilog logs messages to /var/log/daytime, adding a timestamp in tai64n format in front of each line.
mkdir /etc/tcprules && cd /etc/tcprules cat <<"EOF" > tcp.daytime 127.0.0.1:allow :deny EOF tcprules tcp.daytime.cdb tcp.daytime.tmp < tcp.daytime |
tcp.daytime contains the access rules in plaintext. In this case, only access from localhost is allowed. The next line converts the rules into cdb format readable by tcpserver.
These access rules could also have been achieved by having tcpserver listen on 127.0.0.1 exclusively.
ln -s /etc/daytime /service |
Things fall into place now: By creating the link, svscan will find the /etc/daytime and /etc/daytime/log directories. It starts two supervise processes with a pipe between them; this is how multilog gets the logging output of tcpserver. The supervise processes start the actual run scripts.
pstree -p |
You should see approximately this in the output:
`-svscanboot(156)-+-readproctitle(162) `-svscan(161)-+-supervise(164)---tcpserver(211) `-supervise(165)---multilog(213)
date@ 127.0.0.1 |
You should see the current date.
tai64nlocal < /var/log/daytime/current |
This command shows the logs with human readable timestamps.