diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2010-06-17 09:45:54 +0300 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2010-06-17 09:45:54 +0300 |
commit | c32cdcbb85fd6ee8d7808957f6312a5ffb3153b0 (patch) | |
tree | 2a0d7407fe7112163a97283c8a8467d2ee778d64 | |
parent | cec7ddf85ec7436bf5360c440626a0c502a74bf6 (diff) | |
download | smap-c32cdcbb85fd6ee8d7808957f6312a5ffb3153b0.tar.gz smap-c32cdcbb85fd6ee8d7808957f6312a5ffb3153b0.tar.bz2 |
Update.
* doc/smap.texi: Update.
* src/smapd.c (smap_kwtab): Fix typo (inetd-mode).
(main): Set default socket umask and max_children.
-rw-r--r-- | doc/smap.texi | 253 | ||||
-rw-r--r-- | src/smapd.c | 4 |
2 files changed, 255 insertions, 2 deletions
diff --git a/doc/smap.texi b/doc/smap.texi index 537ccad..a277238 100644 --- a/doc/smap.texi +++ b/doc/smap.texi @@ -580,7 +580,249 @@ Print program version. @node config-smapd @section Smapd Configuration File + The @command{smapd} configuration file consists, on a lexical level, +of logical lines. A @dfn{logical line} is any sequence of characters +between two unescaped newline characters. The word @samp{unescaped} +means a newline character not preceded by a single backslash. Thus, +escaped newlines allow to combine several physical lines into a single +logical one. + + Within a logical line, unescaped @samp{#} character introduces a +comment. The character itself and the rest of characters after it up +to the end of line are ignored. + + Empty lines are ignored as well. + + Each not empty line constitutes a @dfn{configuration statement}. +The statement is first split into words. A @dfn{word} is any +contiguous sequence of non-whitespace characters. Singly-quoted +and doubly-quoted strings are also considered words. Within a +doubly-quoted string, backlslash character introduces an @dfn{escape +sequence}. The following escape sequences are supported: + +@float Table, escape-sequences +@caption{Escape sequences} +@multitable @columnfractions 0.30 .5 +@item Sequence @tab Replaced with +@item \a @tab Audible bell character (@acronym{ASCII} 7) +@item \b @tab Backspace character (@acronym{ASCII} 8) +@item \f @tab Form-feed character (@acronym{ASCII} 12) +@item \n @tab Newline character (@acronym{ASCII} 10) +@item \r @tab Carriage return character (@acronym{ASCII} 13) +@item \t @tab Horizontal tabulation character (@acronym{ASCII} 9) +@item \v @tab Vertical tabulation character (@acronym{ASCII} 11) +@end multitable +@end float + +A @samp{\} followed by any character not listed in the above table is +replaced with that character alone. This allows, for example, to +include double-quote character in a doubly-quoted string. + + The first word is then treated as a @dfn{keyword}, and the rest of +words as its arguments. + + The following configuration statements are understood. + +@deffn {Config} inetd-mode bool + If @var{bool} is @samp{yes}, enable inet mode (@pxref{inetd-mode}). +@end deffn + +@deffn {Config} pidfile filename + Write pidfile to the file @var{filename}. +@end deffn + +@deffn {Config} foreground bool + If @var{bool} is @samp{yes}, run in foreground. This also means +that log output goes to standard error, unless requested otherwise by +@samp{log-to-syslog} statement or @option{--syslog} command line option. +@end deffn + +@deffn {Config} idle-timeout number + Sets @dfn{idle timeout} to @var{number} seconds. A child process +terminates if it has not received any request within this amount of +time. +@end deffn + +@deffn {Config} log-to-stderr bool + If @var{bool} is @samp{yes} send log output to standard error. +@end deffn + +@deffn {Config} log-to-syslog bool + If @var{bool} is @samp{yes} send log output to syslog. +@end deffn + +@deffn {Config} log-tag string + Tag each log line in syslog with @var{string}. By default, the name +of the program (@samp{smapd}) is used. +@end deffn + +@deffn {Config} log-facility fac + Write logs to the syslog facility @var{fac}. Valid values for +@var{fac} are: @samp{user}, @samp{daemon}, @samp{auth}, @samp{authpriv}, +@samp{mail}, @samp{cron}, and @samp{local0} through @samp{local7}. + + Default is @samp{daemon}. +@end deffn + +@deffn {Config} debug dspec1 [dspec2...] + Enable debugging output according to the given specifications. +@xref{debugging}, for a description of specifications. +@end deffn + +@deffn {Config} trace bool + If @var{bool} is @samp{yes} enable query traces. @xref{debugging, +Query traces}. +@end deffn + +@deffn {Config} trace-pattern pat1 [pat2...] + Abridge query trace output to queries beginning with the given +patterns. @xref{trace-pattern}. +@end deffn + +@deffn {Config} user name + After startup, switch to UID and GID of the user @var{name}. +@end deffn + +@deffn {Config} group name1 [name2 ...] + When switching to user privileges (see above), retain also these +supplementary groups. +@end deffn + +@deffn {Config} allgroups bool + When switching to user privileges (see above), retain all +supplementary groups the user is a member of. +@end deffn + +@deffn {Config} socket-umask mask + Set umask for creating UNIX sockets. The @var{mask} is a +three-digit number which is always treated as octal. Default umask is +@samp{117}. +@end deffn + +@deffn {Config} shutdown-timeout seconds + Sets the number of seconds to wait for all children to terminate before +shutdown, after sending them the @samp{SIGTERM} signal. Any children +remaining active after this timeout are terminated forcefully using +@samp{SIGKILL}. + + Default value is 5 seconds. +@end deffn + +@deffn {Config} backlog number + Sets the maximum size of pending connections queue for sockets. If a +connection request arrives when the queue is full, the client receives an +error with an indication of @samp{ECONNREFUSED}. + +Default backlog is 8. +@end deffn + +@deffn {Config} reuseaddr bool + If @var{bool} is @samp{yes} reuse existing socket addresses (both +INET and UNIX). This is the default. +@end deffn + +@deffn {Config} max-children number + Maximum number of children processes allowed to run simultaneously. +When the actual number of children reaches @var{number}, the server +stops refusing further connections until any of them terminates. The +value of @samp{0} means @samp{unlimited}. + +The default limit is @samp{128}. +@end deffn + +@deffn {Config} single-process bool + Operate in single-process mode. This option may be necessary only +when debugging @command{smapd}. @emph{Never use it in production +environment!} +@end deffn + +@deffn {Config} server name address [block] + Configure a server. The @var{name} argument gives its symbolic +name, which will be used in logs to identify it. The @var{address} +argument specifies network address to listen on. As of version +@value{VERSION} two kind of addresses are recognized: + +@table @asis +@item inet://@var{ip}:@var{port} + Listen on the IPv4 address @var{ip}, on the given @var{port}. IP +address may be given either in ``dotted-quad'' form or as a hostname. +Port may be specified either as a port number, or as a name of a +service from @file{/etc/services}. + +@item unix://@var{pathname} + Listen on the UNIX socket @var{pathname}. Notice that the name of the +socket must be absolute, so you would usually have three slashes +together. For example, the following statement will listen on a +socket named @file{/var/run/smap.sock}: + +@example +server main unix:///var/run/smap.sock +@end example +@end table + + Optional @var{block} is a @dfn{block statement} consisting of the +word @samp{begin} followed by a newline, one or more configuration +statements and the word @samp{end} alone on a line. For example: + +@example +server main unix:///var/run/smap.sock begin + user smap + allgroups yes +end +@end example + + The statements within block apply only to that particular server. +That is, in the example above, the connections requested on the server +@var{main} will be handled by a subprocess with privileges of the user +@var{smap}, retaining all the supplementary groups of this user. The +following statements are allowed for use in the block statement: + +@itemize @bullet +@item allgoups +@item backlog +@item group +@item max-children +@item reuseaddr +@item single-process +@item user +@end itemize + + Their meaning is the same as of the corresponding statements in +global scope (see above), but applies to that particular server only. +@end deffn + +@deffn {Config} load-path path + Add @var{path} to the current set of directories searched for module +files. @var{Path} is a list of directory names separated by colons. +@end deffn + +@deffn {Config} module modname libname [args...] + Declare new module. Arguments are: + +@table @var +@item modname +A name which uniquely identifies this module in the configuration. It +will be used to associate databases with this module. + +@item libname +Name of the shared library file (without suffix) to load. + +@item args... +Arguments to the module initialization function. +@end table +@end deffn + +@deffn {Config} database name modname [args...] +Define a database @var{name} and associate it with the module +@var{modname}, which must be loaded by a prior @code{module} +statement. Optional @var{args} are passed to the database +initialization function verbatim. +@end deffn + +@deffn {Config} query cond target FIXME +@end deffn + @node exit codes @section Smapd Exit Codes @@ -605,7 +847,16 @@ FIXME Email bug reports to @email{gray+smap@@gnu.org.ua}. Please include a detailed description of the bug and information about the conditions -under which it occurs, so we can reproduce it. +under which it occurs, so we can reproduce it. The minimal +information needed is: + +@itemize @bullet +@item Version of the package you are using. +@item Compilation options used when configuring it. +@item Run-time configuration (the @file{smapd.conf} file and command +line options used). +@item Conditions under which the bug appears. +@end itemize @node Protocol @appendix The Sockmap Protocol diff --git a/src/smapd.c b/src/smapd.c index 5b2c3aa..fa11762 100644 --- a/src/smapd.c +++ b/src/smapd.c @@ -622,7 +622,7 @@ cfg_trace_pattern(struct cfg_kw *kw, int wordc, char **wordv, void *data) static struct cfg_kw smap_kwtab[] = { /* kw type ival sval aval fun */ - { "inet-mode", KWT_BOOL, &inetd_mode }, + { "inetd-mode", KWT_BOOL, &inetd_mode }, { "pidfile", KWT_STRING, NULL, &pidfile, NULL, NULL }, { "foreground", KWT_BOOL, &foreground, }, { "idle-timeout", KWT_UINT, (int*) &idle_timeout }, @@ -690,6 +690,8 @@ main(int argc, char **argv) if (!isatty(0)) log_to_stderr = 0; smap_log_init(); + srvman_param.socket_umask = 0117; + srvman_param.max_children = 128; /* Parse command line and configuration file. */ get_options(argc, argv); if (parse_config(config_file, smap_kwtab, NULL)) |