DNETD.CONF(5)DNETD.CONF(5)NAME
/etc/dnetd.conf - DECnet objects file
DESCRIPTION
/etc/dnetd.conf is an ASCII file which contains the description of the
objects known to the DECnet super-server dnetd.
There is one entry per line, and each line has the format:
Name Number Authenticate User command
The field descriptions are:
Name The name of the object. For numbered objects this
appears only for documentation purposes. For named
objects it is the actual object name. There is a spe‐
cial object name * which can execute an arbitrarily
named program or script (see later).
Number the DECnet object number. These numbers should match
the well-known object numbers in a VMS object data‐
base. If the object number is zero then the name is
used. There should be no duplicate object numbers in
the file apart from number 0.
Authenticate
Whether to authenticate incoming connections. This
flag should be a Y or N. If it is Y then incoming con‐
nections will be authenticated either by the username
and password given on the remote command line or by
the DECnet proxy database decnet.proxy. If it is N
then the next field specifies the username that the
daemon will be run as.
Username The username that daemon will be run as if the incom‐
ing command is not authenticated (ie the Authenticate
flag is set to N). if this username does not exist,
and Authenticate is set to N then incoming connections
for that object will fail.
Command This is the name and arguments of the command to run
when a connection is received for the object. If it is
the string "internal" then the object will be handled
by dnetd if it can. Currently only MIRROR and arbi‐
trary TASKs can be handled internally by dnetd.
If the name starts with a slash then it is assumed to
be the full path of the program to run. If not then
dnetd will search its default directory for program
files.
NOTES
When an incoming connection is handled by dnetd it forks and executes
the command named in the command field with stdin and stdout pointing
to the DECnet socket. stderr will be set to /dev/null. The DECnet dae‐
mons supplied in the dnprogs suite automatically detect this and so can
be run from dnetd or standalone.
There is a subtle difference between objects handled by the special
name * and those explicitly named in the file:
Objects handled by name "*" internally are run under control of a
pseudo-tty which means they appear to be talking to a terminal and
CR/LF conversion will be done so that TYPE "0=TASK" will produce sensi‐
ble output on VMS.
Objects explicitly named just connect directly to the DECnet socket so
cannot take advantage of tty services and do not have CR/LF conversion
done for them. Of course these objects are more secure because the sys‐
tem administrator has total control over which objects can be run.
dnetd will convert all task names to lower case. This is for conve‐
nience more than anything else because VMS converts them to uppercase
and all uppercase files names are unwieldy on Unix.
It is recommended that arbitrary objects be run as a special anonymous
user to avoid security problems.
Any changes to /etc/dnetd.conf will take effect immediately you do not
need to tell dnetd that it has changed.
EXAMPLE
This is the default file provided. Note that the "*" object is com‐
mented out for security reasons.
# /etc/dnetd.conf
#
# name number auth? user command
#
FAL 17 Y none fal
MIRROR 25 Y root internal
MAIL 27 N vmsmail vmsmaild
CTERM 42 N root ctermd
DTERM 23 N root rmtermd
# * 0 Y none internal
SEE ALSOdecnet.proxy(5), dnetd(8)DECnet for Linux 5 December 1999 DNETD.CONF(5)