tech-userlevel: Re: CVS commit: src (identd -L)

Subject: Re: CVS commit: src (identd -L)
To: Andrew Brown <atatat@atatdot.net>
From: Jim Wise <jwise@draga.com>
List: tech-userlevel
Date: 05/18/1999 16:19:13
-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 18 May 1999, Andrew Brown wrote:

>...except that identd persists, ie, it's marked as a "wait" service in
>inetd.conf.  when an inbound connection is noticed by inetd, inetd
>just forks off identd with stdin/stdout connected to the listening
>socket, not the connected socket.  identd handles the connect itself.
>then it waits around and handles a few more if they arrive before it
>decides to die.  so you only get access control for the first allowed
>connection for whatever period you decide to declare in inetd.conf.

Not necessarily.  This is the behavior if you start identd with `wait'
in inetd.conf, and use the `-w' flag.  identd can also be run with
`nowait' if it is started without `-w' or with the `-i' flag.  From the
man page:

       The  -i  flag,  which  is the default mode, should be used
       when starting the daemon  from  inetd  with  the  "nowait"
       option  in the /etc/inetd.conf file. Use of this mode will
       make inetd start one identd  daemon  for  each  connection
       request.

There is a strong argument that the (commented out) identd line in
src/etc/inetd.conf should use `nowait' -- if no one objects, I'll change
it.
	
>   #!/usr/local/bin/perl
>   ($_=<>);
>   ($mine,$your)=(/(\d+)/g);
>   print("$your , $mine : USERID : UNIX :george\r\n");
>
>this is my identd, which runs as a "nowait" service.  the problem is,
>of course, that it will hang if the "client" to identd doesn't say
>anything.  :)

Yup.  Also, it's not clear to me that the perl interpreter is any
lighter weight than identd -L's fast path, when identd is started
nowait.  Same goal - different way of getting there.  :)

- -- 
				Jim Wise
				jwise@draga.com

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv

iQEVAwUBN0HLRokLDoBfn5jPAQFZEAgAxai9NVpKDQIstbw9oXk1dtqKTcZfL6Hf
XeAQPMRk0D/jODcq4CniZDv5ZXPVaWoLpbYWRFPC7RPylfG3sAWyZfeSuFvf4BMH
UvfOtxbaA/ORb2FPmpVaOVCATIMVxSjt6x4o+vM8BhQKCe3mXMXZL1Xn7qlRfJyj
TMUZHKJaUNCx0+Mc1LWjJdWbsQah11zB4py/WmCchlRVqAleuVXCc2cU5oTCSeQe
9T0YCPDVgkIvmKFDAnEYGi0MgPMMIgokXdc5Ip3R9uGz0IMTZoi+ffUlZezil8ia
ihDp2u9mo9qGzpkreDE63MvoW0zGV/xjShEL78P7XBoKkM462fUi9Q==
=8rRT
-----END PGP SIGNATURE-----