1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
|
.\" Copyright 1995 Peter Tobias <tobias@et-inf.fho-emden.de>
.\" Copyright 2012 Serafeim Zanikolas <sez@debian.org>
.\" May be distributed under the GNU General Public License
.TH update-inetd 8 "27 August 2009" "Linux" "Linux Programmer's Manual"
.SH NAME
update\-inetd \- create, remove, enable or disable entry
in /etc/inetd.conf
.SH SYNOPSIS
.B update\-inetd
[\-\-file FILENAME] [\-\-help] [\-\-version] [\-\-verbose]
[\-\-comment-chars CHARACTERS] [\-\-debug] [\-\-group GROUPNAME] \-\-add ENTRY
.B update\-inetd
[\-\-file FILENAME] [\-\-help] [\-\-version] [\-\-verbose]
[\-\-pattern PATTERN] [\-\-multi] [\-\-debug] \-\-remove SERVICE
.B update\-inetd
[\-\-file FILENAME] [\-\-help] [\-\-version] [\-\-verbose]
[\-\-comment-chars CHARACTERS] [\-\-pattern PATTERN] [\-\-multi]
[\-\-debug] \-\-enable SERVICE
.B update\-inetd
[\-\-file FILENAME] [\-\-help] [\-\-version] [\-\-verbose]
[\-\-comment-chars CHARACTERS] [\-\-pattern PATTERN] [\-\-multi]
[\-\-debug] \-\-disable SERVICE
.SH DESCRIPTION
.B update\-inetd
can be used to add, remove, enable or disable
entries in the
.IR /etc/inetd.conf
file (you can specify a different file by using the
.B \-\-file
option).
After the
.IR /etc/inetd.conf
file has been changed,
.B update\-inetd
will send a SIGHUP signal to the inetd process to make sure
that inetd will use the new
.IR /etc/inetd.conf
file. For Perl scripts you can also use the Perl module
.B DebianNet.pm
\&. See
.BR DebianNet (3pm)
for further information.
.B update\-inetd
can also be used to add entries that are commented out by
default. They will be treated like normal entries. That
also means that if you already have an entry that is
commented out you can't add an entry for the same service
without removing the old one first.
In accordance with the Debian Policy, update-inetd treats entries that are
prefixed with a single `#' character as commented out by a user. This means
that for a user to disable a service using update-inetd, and for the service
to remain disabled after upgrades, the user must run update-inetd with
\-\-comment-chars '#' (see relevant option below). Conversely, package
maintainer scripts should not override the default comment chars (and when
they do, they must not use '#').
Also note that \-\-enable and \-\-remove will not be acted upon for service
entries that are commented out using anything but the value specified with
\-\-comment-chars (or the default value if none is specified).
.SH OPTIONS
.TP
.I "\-\-version"
Print version information on standard output and
exit successfully.
.TP
.I "\-\-help"
Print a usage message on standard output and exit
successfully.
.TP
.I "\-\-verbose"
Explain what is being done.
.TP
.I "\-\-debug"
Enables debugging mode.
.TP
.I "\-\-file FILENAME"
Use FILENAME instead of
.IR /etc/inetd.conf
\&.
.TP
.I "\-\-group GROUPNAME"
Specify that the new entry should be placed in group
GROUPNAME (e.g. \*(rqMAIL"). If the group does not
exist the entry will be placed at the end of the file.
The default group is \*(rqOTHER".
.TP
.I "\-\-comment-chars CHARACTERS"
update-inetd uses \*(rq#<off>#\ \*(rq as the default comment characters.
You can use this option to specify different comment characters.
This is only necessary if you have to deal with two (or more)
services of the same name. If you do use this option, it is your
responsibility to eventually remove the commented out entry.
.TP
.I "\-\-pattern PATTERN"
This option can be used to select a service. You only need this
option if you have two (or more) services of the same name.
.TP
.I "\-\-multi"
If you want to disable/remove more than one entry at a time
you should use this option. If you try to remove more than one
entry at a time without using this option the program will show
a warning and prompt the user for an explicit confirmation.
.TP
.I "\-\-add ENTRY"
Add an entry to
.IR /etc/inetd.conf
\&. A description of the ENTRY format can be found in the inetd(8)
or inetd.conf(5) manual pages (or just look at /etc/inetd.conf).
In order to prevent the shell from changing your ENTRY
definition you have to quote the ENTRY using single or double
quotes. You can use tabs (the tab character or \et) and spaces
to separate the fields of the ENTRY. To add the ENTRY to a
specific section in the /etc/inetd.conf file please use the
.B \-\-group
option in addition to the
.B \-\-add
option.
If you are trying to add an entry which already exists update-inetd
won't add the entry. For uncommented entries it will do nothing
and for entries that are commented out by the comment-chars (see
option
.B \-\-comment\-chars
) it will enable the existing entry. If you want to completely replace
an entry just remove the entry with the
.B \-\-remove
option first.
.TP
.I "\-\-remove SERVICE"
Remove SERVICE (e.g. telnet) from
.IR /etc/inetd.conf
.TP
.I "\-\-enable SERVICE"
Enable SERVICE (e.g. \*(rqftp") in
.IR /etc/inetd.conf
\&. If you want to enable more than one SERVICE you can use a comma
separated list of services (no whitespace characters allowed).
.TP
.I "\-\-disable SERVICE"
Disable SERVICE (e.g. \*(rqftp") in
.IR /etc/inetd.conf
\&. If you want to disable more than one SERVICE you can use a comma
separated list of services (no whitespace characters allowed).
.PP
In order to prevent the shell from changing your ENTRY definition
you have to quote the ENTRY using single or double quotes. You can
use tabs (the tab character or \et) and spaces to separate the fields
of the ENTRY. If you want to enable/disable more than one SERVICE you
can use a comma separated list of services (no whitespace characters
allowed).
.SH EXAMPLES
You've installed ssh (secure encrypting remote shell) and wish
to disable its unencrypted cousins:
update\-inetd \-\-comment\-chars '#' \-\-disable login,shell,exec,telnet
Using a single '#' character as a comment\-char prevents update\-inetd
to re-enable the services on package upgrades.
You think the clock on your computer is often inaccurate and
wish to make sure other computers cannot read it:
update\-inetd \-\-comment\-chars '#' \-\-disable time,daytime
You get the clock fixed:
update\-inetd \-\-enable time,daytime
You hear a rumor that inetd is easily crashed via a SYN attack
against the time and daytime services, you want to turn off only
their TCP versions, while leaving the analogous UDP services
enabled:
update\-inetd \-\-comment\-chars '#' \-\-pattern tcp \-\-disable time,daytime
You just finished writing a POP3 server and want to install the
/etc/inetd.conf entry from the makefile:
update\-inetd \-\-group MAIL \-\-add \e
\&'pop\-3\et\etstream\ettcp\etnowait\etroot\et/usr/sbin/tcpd\et/usr/sbin/in.pop3d'
.SH FILES
/etc/inetd.conf
/var/run/inetd.pid
.SH SEE ALSO
DebianNet(3pm)
.SH AUTHOR
Peter Tobias, <tobias@et\-inf.fho\-emden.de>
|
