|
| 1 | +skd - a lightweight socket daemon |
| 2 | +================================= |
| 3 | + |
| 4 | +skd is a small daemon which binds to a udp, tcp or unix-domain socket, waits |
| 5 | +for connections and runs a specified program to handle them. It is ideal as a |
| 6 | +secure, efficient replacement for traditional inetd as well as being an |
| 7 | +easy-to-use tool for non-privileged users wanting to run their own network |
| 8 | +services. |
| 9 | + |
| 10 | +Datagram and stream sockets are available in both the internet and unix |
| 11 | +namespaces, each with the expected inetd behaviour. In the internet domain, |
| 12 | +IPv6 is supported in addition to IPv4. |
| 13 | + |
| 14 | +skd also supports connection limits, verbose logging of connections, dropping |
| 15 | +of privileges, forking into the background with a pidfile and redirecting |
| 16 | +stderr to syslog or a file. Some of these facilities (such as forking into the |
| 17 | +background, privilege dropping and logging) are also useful for standalone, |
| 18 | +non-network services and can be used without binding any socket. |
| 19 | + |
| 20 | + |
| 21 | +Building and installing |
| 22 | +----------------------- |
| 23 | + |
| 24 | +Unpack the source tar.gz file and change to the unpacked directory. |
| 25 | + |
| 26 | +Run 'make', then 'make install' to install in /bin. Alternatively, you can set |
| 27 | +DESTDIR and/or BINDIR to install in a different location, or strip and copy |
| 28 | +the compiled skd binary into the correct place manually. |
| 29 | + |
| 30 | +skd was developed on GNU/Linux and FreeBSD, but should be reasonably portable. |
| 31 | +In particular, it is expected to compile on most modern unix platforms. Please |
| 32 | +report any problems or bugs to Chris Webb < [email protected]>. |
| 33 | + |
| 34 | + |
| 35 | +Usage |
| 36 | +----- |
| 37 | + |
| 38 | +Usage: skd [OPTIONS] PROG [ARGS]... |
| 39 | +Options: |
| 40 | + -i [INTERFACE:]PORT bind a listening socket in the internet namespace |
| 41 | + -l PATH, -x PATH bind a listening socket in the local unix namespace |
| 42 | + -s create a stream socket (default socket style) |
| 43 | + -d create a datagram socket instead of a stream socket |
| 44 | + -t [INTERFACE:]PORT create a TCP socket: equivalent to -s -i |
| 45 | + -u [INTERFACE:]PORT create a UDP socket: equivalent to -d -i |
| 46 | + -b BACKLOG set the listen backlog for a stream socket |
| 47 | + -c MAXCLIENTS set the maximum number of concurrent connections |
| 48 | + accepted by a stream socket (default is unlimited) |
| 49 | + -n set TCP_NODELAY to disable Nagle's algorithm for TCP |
| 50 | + stream connections |
| 51 | + -v report information about every connection accepted |
| 52 | + or initial datagram received to stderr or the log |
| 53 | + -B fork, establish new session id, redirect stdin and |
| 54 | + stdout to/from /dev/null if they are attached to a |
| 55 | + terminal, and run as a daemon in the background |
| 56 | + -L TAG[:FAC.PRI] start a logger subprocess, redirecting stderr to the |
| 57 | + system log with tag TAG, facility FAC and priority |
| 58 | + PRI (defaulting to daemon.notice if unspecified) |
| 59 | + -L >LOGFILE redirect stderr to create and write to LOGFILE |
| 60 | + -L >>LOGFILE redirect stderr to append to LOGFILE |
| 61 | + -P PIDFILE write pid to PIDFILE (after forking if used with -B) |
| 62 | + -U after binding the socket, drop privileges to those |
| 63 | + specified by $UID and $GID, and if $ROOT is set, |
| 64 | + chroot into that directory |
| 65 | + |
| 66 | +When a stream socket is specified, listen on it and accept all incoming |
| 67 | +connections, executing the given program in a child process with stdin and |
| 68 | +stdout attached to the connection socket. Do not wait for the child to exit |
| 69 | +before accepting another connection on the listening socket. |
| 70 | + |
| 71 | +When a datagram socket is specified, wait for an initial datagram to arrive |
| 72 | +before launching the given program with stdin and stdout attached to the |
| 73 | +listening socket. Until this program exits, don't attempt to check for more |
| 74 | +datagrams or spawn another child. |
| 75 | + |
| 76 | +If none of -i, -l, -u is used, no socket is bound and the given program is |
| 77 | +executed immediately, after any background, logging, pidfile and privilege |
| 78 | +dropping actions have been completed. This allows use of these facilities |
| 79 | +for standalone and non-network services. |
| 80 | + |
| 81 | + |
| 82 | +Examples |
| 83 | +-------- |
| 84 | + |
| 85 | +A unix domain echo server running in the foreground, reporting connections to |
| 86 | +stderr: |
| 87 | + |
| 88 | + skd -vl /dev/cat.sock cat |
| 89 | + |
| 90 | +An motd server running in the background with a pidfile /var/run/motd.pid, |
| 91 | +reporting connections to syslog with tag 'testsrv', facility 'daemon' and |
| 92 | +priority 'info': |
| 93 | + |
| 94 | + skd -vt 3000 -BP /var/run/motd.pid -L testsrv:daemon.info \ |
| 95 | + cat /etc/motd |
| 96 | + |
| 97 | +Uwe Ohse's uscheduled running in the background, logging errors from stderr to |
| 98 | +syslog: |
| 99 | + |
| 100 | + skd -BL uschedule:daemon.notice -- uscheduled -d /var/lib/uschedule |
| 101 | + |
| 102 | +The last example demonstrates how skd can be useful as a daemontools |
| 103 | +replacement in a more standard unix environment. I use it to daemonise |
| 104 | +uschedule, dnscache and tinydns with logs sent to syslog. |
| 105 | + |
| 106 | + |
| 107 | +Copying |
| 108 | +------- |
| 109 | + |
| 110 | +skd was written by Chris Webb < [email protected]> and is distributed as Free |
| 111 | +Software under the terms of the MIT license in COPYING. |
0 commit comments