On Fri, Oct 01, 1999 at 02:39:44PM -0400, David Harris wrote:
> I use tcpserver for qmail - that only makes sense to me because of the load
> issues.
>
> But about the other services? I'd perhaps like to use tcpserver for them too..
> and I've heard that others have had success with this. But I don't like the
> idea of a whole bunch of programs all configured with command line directives
> running in the background just for these rarely used services.
Have you actually profiled the impact of doing such a thing? Modern
UNIX is designed to deal with many tasks, and this one would have only a
few pages per process that weren't shared.
> Why doesn't somebody patch tcpserver so that one daemon can handle multiple
> services and read the configuration all out of one file. That would be really
> neat, IMO.
Because it is unnecessary. tcpserver is so light that multiple
tcpservers don't hurt system resources significantly, especially if
they're not used and swapped out. In fact, I would go so far as to say
it's bad. Anything that reads configuration regarding multiple services
out of a single file is bad. How do you add or remove a service
safely?
It also goes against "the UNIX way" -- each task does one small and
easily definable task. Why else have programs like "sort" or "uniq"?
Why not build those into "ls" as well? Oh, and "cat". Oh, and "more".
What DJB has done is to build a set of programs that each do a single
task -- svscan handles starting a series of supervise tasks; supervise
handles (re)starting and stoping a single task; tcpserver handles
incoming connections; qmail-smtpd handles ths SMTP protocol; and so on.
> Also, when you tcpserver devotees start railing about how the system can be
> attacked with inetd, it rings hollow to me because an attacker could use any
> service to attack, right? So if I have inetd in my system I'm vulnerable
> whether I used it for qmail or not.
Right on both points.
> Wouldn't it be cooler if you could show the
> user how to easily replace inetd with tcpserver all together?
I have seen a script that converts a inetd.conf file into a series of
"supervise tcpserver" commands. It can't get much simpler than that.
--
Bruce Guenter <[EMAIL PROTECTED]> http://em.ca/~bruceg/
