1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
|
<!doctype html public "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<title>Command Line Options for the WN Server</title>
<link rev="made" href="mailto:john@math.nwu.edu">
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
<meta http-equiv="last-modified" content="Fri, 09 Oct 1998 18:18:09 GMT">
<meta http-equiv="keywords" content="WN server options">
</head>
<body bgcolor="#FFFFFF">
<p>
<a href="http://hopf.math.nwu.edu/"><img
src="images/powered.jpg"
border="0"
width="190"
height="41"
align="right"
alt="WN home page"
></a>
</p>
<strong>Version 2.0.3</strong>
<br>
<!-- pnuts --> <a href="support.html">[Previous]</a> <a href="appendixA2.html">[Next]</a> <a href="manual.html">[Up]</a> <a href="manual.html">[Top]</a> <a href="dosearch.html">[Search]</a> <a href="docindex.html">[Index]</a>
<br clear="right">
<hr size="4">
<!-- #start -->
<h2 align="center">Command Line Options for the <em>WN</em> Server</h2>
<hr size="4">
<p>
These are the command line options for both the UNIX <a
href="http://linux-howto.com/man/man8/inetd.8.html"><code>inetd(8)</code></a>
system utility based daemon, <code>wnd</code>, and the stand-alone
daemon, <code>wnsd</code>.
</p>
<dl>
<dt>
<a name="a_opt"><code><b>-a</b> <i>numeric_uid</i></code></a> -- Set
trusted numeric uid for authentication
</dt>
<dd>
<p>
The server will only allow <a
href="access.html#authenticate">password authentication</a> if one of
the options <code><b>-a</b></code>, <a
href="#A_opt"><code><b>-A</b></code></a>, <a
href="#t_opt"><code><b>-t</b></code></a>, or <a
href="#T_opt"><code><b>-T</b></code></a> is used. Then the <a
href="index_desc.html#index"><code>index.cache</code></a> file for a
password protected directory must be owned by the user id specified
with the <code><b>-a</b></code> (or <a
href="#t_opt"><code><b>-t</b></code></a>) option. The
<code><b>-a</b></code> option only affects authentication while <a
href="#t_opt"><code><b>-t</b></code></a> has other effects. The four
command line arguments <code><b>-a</b></code>, <a
href="#A_opt"><code><b>-A</b></code></a>, <a
href="#t_opt"><code><b>-t</b></code></a>, <a
href="#T_opt"><code><b>-T</b></code></a> all take a numeric argument.
Thus the command should be "<code>./wnsd -a 203</code>" and
<em>not</em> "<code>./wnsd -a joe</code>" if user
"<code>joe</code>" has user id "<code>203</code>".
</p>
</dd>
<dt>
<a name="A_opt"><code><b>-A</b> <i>numeric_gid</i></code></a> -- Set
trusted numeric gid for authentication
</dt>
<dd>
<p>
This is similar to the <a
href="#a_opt"><code><code><b>-a</b></code></code></a> option except
the group owner (gid) of the <a
href="index_desc.html#index"><code>index.cache</code></a> file is
used instead of the uid.
</p>
</dd>
<dt>
<a name="d_opt"><code><b>-d</b></code></a> -- Really verbose log
</dt>
<dd>
<p>
When the server is run with this option it will include copies of all
the client headers plus some additional information in the log file.
This is only useful for debugging or if you are curious about what
clients actually send.
</p>
</dd>
<dt>
<a name="e_opt"><code><b>-e</b></code></a> -- Forbid CGI and execs
</dt>
<dd>
<p>
When the server is run with this option it will not execute a <a
href="cgi.html">CGI program</a>, a <a href="filter.html">filter</a>
or any executable in an <a href="parse.html">include</a>. In
addition the server will reject any request with the HTML <a
href="http://htmlhelp.com/reference/wilbur/block/form.html"><code><form action="post"></code></a>
method.
</p>
</dd>
<dt>
<a name="E_opt"><code><b>-E</b></code></a> -- Restrict CGI and execs to
trusted users
</dt>
<dd>
<p>
This is similar to the <a href="#e_opt"><code><b>-e</b></code></a>
option except that <a
href="index_desc.html#index"><code>index.cache</code></a> files owned
by a trusted user id or trusted group id (set with the <a
href="#t_opt"><code><b>-t</b></code></a> or <a
href="#T_opt"><code><b>-T</b></code></a> option) are exempt from the
restrictions. That is, only programs listed in <a
href="index_desc.html#index"><code>index.cache</code></a> files owned
by the trusted user or group will be executed. If neither the <a
href="#t_opt"><code><b>-t</b></code></a> or <a
href="#T_opt"><code><b>-T</b></code></a> are used then no programs,
filters or includes will be executed. This option takes precedence
over the <a href="#u_opt"><code><b>-u</b></code></a> option, i.e. if
both are used execution of programs and programs behaves as if the <a
href="#u_opt"><code><b>-u</b></code></a> were not present (although
the <a href="#u_opt"><code><b>-u</b></code></a> option still grants
permission for the serving of ordinary files).
</p>
</dd>
<dt>
<a name="h_opt"><code><b>-h</b> <i>hostname</i></code></a> -- Set
hostname
</dt>
<dd>
<p>
Tell the server that its name is <code><i>hostname</i></code>. This
is only used for two things: to pass to <a href="cgi.html">CGI
programs</a> and for redirects generated when a trailing '/' is
omitted in a URL path to a directory. It is a shame browsers can't
handle relative URL redirects!
</p>
</dd>
<dt>
<a name="L_opt"><code><b>-L</b> <i>logfile</i></code></a> -- Set
log file name
</dt>
<dd>
<p>
Write log information to the file <code><i>logfile</i></code>. This
will override the value specified when you ran the <a
href="setup.html#installing.configure"><code>configure</code></a>
program or by setting the macro <a
href="configmacros.html#WN_LOGFILE"><code>#define WN_LOGFILE</code></a>
in <a href="configmacros.html"><code>config.h</code></a>. If the
empty string <code><i>""</i></code> is used as the value of this
option then no transaction logging will be done.
</p>
</dd>
<dt>
<a name="l_opt"><code><b>-l</b> <i>error_log</i></code></a> -- Set
error log file name
</dt>
<dd>
<p>
Write information about errors to the file
<code><i>error_log</i></code>. This will override the value
specified when you ran the <a
href="setup.html#install"><code>configure</code></a> program or by
setting the macro <a
href="configmacros.html#WN_ERRLOGFILE"><code>#define WN_ERRLOGFILE</code></a>
in <a href="configmacros.html"><code>config.h</code></a>. If the
empty string <code><i>""</i></code> is used as the value of this
option then the log file given with <a
href="#L_opt"><code><b>-L</b></code></a> is used for errors as well
as regular transactions.
</p>
</dd>
<dt>
<a name="n_opt"><code><b>-n</b> <i>effective_uid</i></code></a> -- Set
effective user numeric id (<code>wnsd</code> only)
</dt>
<dd>
<p>
This option only has an effect when the server is run by
<code>root</code> in the stand-alone version,
i.e. <code>wnsd</code>. When invoked with the <code><b>-n</b></code>
option and a numeric user id (not a user name) the server will change
the user id under which it runs to the specified numeric value. If
you do not use this option the user id is changed from
<code>root</code> to the value you set when you ran the <a
href="setup.html#install"><code>configure</code></a> program (this is
usually the numeric id of the user "<code>nobody</code>"; the
'<code><b>n</b></code>' in <code><b>-n</b></code> is a mnemonic for
"<code>nobody</code>") or edited <a
href="configmacros.html#USERID"><code>#define USERID</code></a>
in <a href="configmacros.html"><code>config.h</code></a>. The
<code><b>-n</b></code> option allows you to override that default
when you run the server. In normal use this option is not necessary
and should not be used unless you have a specific need.
</p>
</dd>
<dt>
<a name="N_opt"><code><b>-N</b> <i>effective_gid</i></code></a> -- Set
effective group numeric id (<code>wnsd</code> only)
</dt>
<dd>
<p>
This option only has an effect when the server is run by
<code>root</code> in the stand-alone version, i.e. <code>wnsd</code>.
This option is identical to the <a
href="#n_opt"><code><b>-n</b></code></a> option except it sets the
numeric group id under which the server runs rather than the user id.
</p>
</dd>
<dt>
<a name="p_opt"><code><b>-p</b> <i>port</i></code></a> -- Set the port
(<code>wnsd</code> only)
</dt>
<dd>
<p>
Running the command "<code>wnsd -p 8080</code>" will run
the server on port <code>8080</code> rather than the default which is
normally <code>80</code> but can be set in <a
href="configmacros.html"><code>config.h</code></a> by editing the <a
href="configmacros.html#DEFAULT_PORT"><code>#define DEFAULT_PORT</code></a>
macro. If a value less than or equal to <code>1024</code> is used
then the server must be run by <code>root</code> (it will change its
permissions after opening the port). This option is only used by
<code>wnsd</code> since when <code>wnd</code> is run under the UNIX
<a
href="http://linux-howto.com/man/man8/inetd.8.html"><code>inetd(8)</code></a>
system utility, the port is determined by the setting in the UNIX <a
href="http://linux-howto.com/man/man5/services.5.html"><code>services(5)</code></a>
configuration file normally found in <code>/etc</code>.
</p>
</dd>
<dt>
<a name="q_opt"><code><b>-q</b> <i>pid_file</i></code></a> -- Set file
name which contains the (<code>wnsd</code>) server process id.
</dt>
<dd>
<p>
Write the process id or "pid" of the main server process to the file
"<code><i>pid_file</i></code>". This file name should be the full
path relative to the system root. If this is not set either with the
<code><b>-q</b></code> option, via the <a
href="setup.html#installing.configure"><code>configure</code></a>
program, or by editing the macro <a
href="configmacros.html#SWN_PID_FILE"><code>#define SWN_PID_FILE</code></a>
in the <a href="configmacros.html"><code>config.h</code></a> file
then the pid will be written to the UNIX <a
href="http://linux-howto.com/man/man3/stdio.3.html"><code>stdout(3)</code></a>
stream when the server is started.
</p>
</dd>
<dt>
<a name="S_opt"><code><b>-S</b></code></a> -- Use the UNIX <a
href="http://linux-howto.com/man/man8/syslogd.8.html"><code>syslogd(8)</code></a>
system utility for logging.
</dt>
<dd>
<p>
Instead of writing log messages to a file specified with <a
href="#L_opt"><code><b>-L</b></code></a> or in <a
href="configmacros.html"><code>config.h</code></a>, use the UNIX
<code>syslog(3)</code> facility. If <a
href="configmacros.html#WN_ERRLOGFILE"><code>#define WN_ERRLOGFILE</code></a>
is set to <code>""</code> and the server is run with the
<code><b>-S</b></code> option then error logging will be handled by
the <code>syslog(3)</code> facility. If <a
href="configmacros.html#WN_ERRLOGFILE"><code>#define WN_ERRLOGFILE</code></a>
is given a value or the <a href="#l_opt"><code><b>-l</b></code></a>
option is used then errors will be logged there rather than using the
UNIX <a
href="http://linux-howto.com/man/man8/syslogd.8.html"><code>syslogd(8)</code></a>
system utility.
</p>
</dd>
<dt>
<a name="t_opt"><code><b>-t</b> <i>trusted_uid</i></code></a> -- Set
trusted numeric uid
</dt>
<dd>
<p>
When invoked with the <code><b>-t</b></code> option alone
<code>wnd</code> or <code>wnsd</code> will not serve a document
unless the <a
href="index_desc.html#index"><code>index.cache</code></a> file
listing it has the prescribed owner (uid). This numeric uid should
be that of the maintainer not the one under which <code>wnd</code> or
<code>wnsd</code> runs if started by <code>root</code>. Indeed, for
security reasons the server will refuse to use an <a
href="index_desc.html#index"><code>index.cache</code></a> file whose
owner is the uid under which the server is running, in this case. If
on your server all <a
href="index_desc.html#index"><code>index.cache</code></a> files are
created by a single user or a single group this option or the <a
href="#T_opt"><code><b>-T</b></code></a> option are highly
recommended. This added security is weakened somewhat if you also
use the <a href="#u_opt"><code><b>-u</b></code></a> option which
allows <a href="index_desc.html#index"><code>index.cache</code></a>
files owned by untrusted users to permit the serving of files owned
by the same user. If both <a
href="#u_opt"><code><b>-u</b></code></a> and <code><b>-t</b></code>
are used the trusted user specified by <code><b>-t</b></code> is
exempt from the restrictions imposed by the <a
href="#u_opt"><code><b>-u</b></code></a> argument. The four command
line arguments <a href="#a_opt"><code><b>-a</b></code></a>, <a
href="#A_opt"><code><b>-A</b></code></a>, <code><b>-t</b></code>, <a
href="#T_opt"><code><b>-T</b></code></a> all take a numeric argument.
Thus the command should be "<code>./wnsd -t 203</code>" and
<em>not</em> "<code>./wnsd -t joe</code>" if user
"<code>joe</code>" has user id "<code>203</code>".
</p>
</dd>
<dt>
<a name="T_opt"><code><b>-T</b> <i>trusted_gid</i></code></a> -- Set
trusted numeric gid
</dt>
<dd>
<p>
This is similar to the <a href="#t_opt"><code><b>-t</b></code></a>
option except the numeric group owner (gid) of the <a
href="index_desc.html#index"><code>index.cache</code></a> file is
used instead of the numeric uid.
</p>
</dd>
<dt>
<a name="u_opt"><code><b>-u</b></code></a> -- Restrict untrusted users
</dt>
<dd>
<p>
When this option is invoked the server requires that every file
served (including wrappers and includes) have the same owner as the
<a href="index_desc.html#index"><code>index.cache</code></a> file
which grants it permission to be served. This means that untrusted
users can only serve files which they own. If the <a
href="#t_opt"><code><b>-t</b></code></a> or <a
href="#T_opt"><code><b>-T</b></code></a> option is used with
<code><b>-u</b></code> then <a
href="index_desc.html#index"><code>index.cache</code></a> files owned
by the trusted user or trusted group are exempt from this requirement
and they may grant permission to serve any file the server can read.
If the <code><b>-u</b></code> and <a
href="#E_opt"><code><b>-E</b></code></a> options are used together
then the <a href="#E_opt"><code><b>-E</b></code></a> takes precedence
for execution of <a href="cgi.html">CGI program</a>, a <a
href="filter.html">filter</a> and executable <a
href="parse.html">includes</a>, but the <code><b>-u</b></code> still
has effect for ordinary files being served.
</p>
<p>
Notice that if none of <a href="#t_opt"><code><b>-t</b></code></a>,
<a href="#T_opt"><code><b>-T</b></code></a>, and
<code><b>-u</b></code> are used then a user with his own home page can
make a symbolic link to any file readable by the server and that
document will be served. This is true even if the linked to document
is in a directory with <a href="access.html">limited access</a> or is
outside the server data hierarchy.
</p>
</dd>
<dt>
<a name="v_opt"><code><b>-v</b> <i>log_format</i></code></a> -- Set log
format
</dt>
<dd>
<p>
The legal values for this option are "<code>common</code>",
"<code>verbose</code>", and "<code>ncsa</code>". They cause the log
file to be written in the so-called common log format, or
<em>WN</em>'s verbose format including user agent, referrer, virtual
server nickname, and cookies, or in the NCSA extended format which
includes referrer and user agent. The default can be set with <a
href="configmacros.html#VERBOSELOG"><code>#define VERBOSELOG</code></a>
macro in <a href="configmacros.html"><code>config.h</code></a>.
</p>
</dd>
<dt>
<a name="v_opt"><code><b>-V</b> <i>virtual_host_file</i></code></a> --
Set file name which contains the list of virtual hosts
</dt>
<dd>
<p>
The file "<code><i>virtual_host_file</i></code>" should be the name
of the file containing the list of "virtual hosts" and their
corresponding IP numbers and root directories. The format of this
file is one line per virtual host. Each such line should have the
form:
</p>
<blockquote>
<code>
hostname IP_address root_path
</code>
</blockquote>
<p>
with the three parts separated by white space. For example an entry
might be:
</p>
<blockquote>
<code>
myhost.school.edu 111.222.333.444 /var/wn
</code>
</blockquote>
<p>
In particular the hostname should be the fully qualified domain name.
Lines in this file which are empty or start with '<code>#</code>' are
ignored.
</p>
<p>
If the virtual host file is changed you will need to restart the
server for the change to take effect.
</p>
</dd>
</dl>
<!-- #end -->
<hr size="4">
<address>
<em>WN</em> version 2.0.3
<br>
Copyright © 1998 <a href="mailto:john@math.nwu.edu">John Franks
<john@math.nwu.edu></a>
<br>
licensed under the <a href="http://www.opencontent.org/opl.html">
OpenContent Public License</a>
<br>
last-modified: Fri, 09 Oct 1998 18:18:09 GMT
</address>
<!-- pnuts --> <a href="support.html">[Previous]</a> <a href="appendixA2.html">[Next]</a> <a href="manual.html">[Up]</a> <a href="manual.html">[Top]</a> <a href="dosearch.html">[Search]</a> <a href="docindex.html">[Index]</a>
</body>
</html>
|
