On 05/28/08, Darren J Moffat wrote:
>
> >ejabberdctl(1M) is used for other administration tasks. What it does
> >is to attach a remote shell the specified Erlang node(that is, an
> >Erlang VM) and sends command to ejabberd modules. Because Erlang
> >protects acess to nodes with a cookie file, which is only accessible
> >by the one who starts the server, so I assign "euid=1;egid=1" attribute
> >to the command in the profile.
>
> What underlying OS transport mechanism is used for this ? TCP, doors,
> UNIX domain sockets, pipes, shared memory ?
I just realized what I described on how ejabberdctl worked was
inaccurate. Ejabberd administration is implemented as an Erlang
application too. For most administration tasks, ejabberdctl(1M)
script actually starts a separate Erlang node to run that
application, which then may communicate with ejabberd server
application running in another node.
The inter-node communication is authenticated with cookie, which
is a shared secret among all nodes(I didn't find any document
dicussing the details, but I read somewhere the cookie's clear
text is not sent over network. So it may be used as a key to
encrypt a random challenge value to create a response for
authentication.) All messages sent on network are not encrypted.
Although I am not sure, I think the underlying OS transport
mechanism used for inter-node communication is TCP, because nodes
can run on different machines. Below is pfiles output for the
port ejabberd server listens on for inter-node communcation(
it is not the ports I metioned in FastTrack):
8: S_IFSOCK mode:0666 dev:293,0 ino:9441 uid:0 gid:0 size:0
O_RDWR|O_NONBLOCK
SOCK_STREAM
SO_SNDBUF(49152),SO_RCVBUF(49152)
sockname: AF_INET 0.0.0.0 port: 33523
--
Regards,
Raymond
