aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org.ua>2010-06-17 09:45:54 +0300
committerSergey Poznyakoff <gray@gnu.org.ua>2010-06-17 09:45:54 +0300
commitc32cdcbb85fd6ee8d7808957f6312a5ffb3153b0 (patch)
tree2a0d7407fe7112163a97283c8a8467d2ee778d64
parentcec7ddf85ec7436bf5360c440626a0c502a74bf6 (diff)
downloadsmap-c32cdcbb85fd6ee8d7808957f6312a5ffb3153b0.tar.gz
smap-c32cdcbb85fd6ee8d7808957f6312a5ffb3153b0.tar.bz2
Update.
* doc/smap.texi: Update. * src/smapd.c (smap_kwtab): Fix typo (inetd-mode). (main): Set default socket umask and max_children.
-rw-r--r--doc/smap.texi253
-rw-r--r--src/smapd.c4
2 files changed, 255 insertions, 2 deletions
diff --git a/doc/smap.texi b/doc/smap.texi
index 537ccad..a277238 100644
--- a/doc/smap.texi
+++ b/doc/smap.texi
@@ -580,7 +580,249 @@ Print program version.
@node config-smapd
@section Smapd Configuration File
+ The @command{smapd} configuration file consists, on a lexical level,
+of logical lines. A @dfn{logical line} is any sequence of characters
+between two unescaped newline characters. The word @samp{unescaped}
+means a newline character not preceded by a single backslash. Thus,
+escaped newlines allow to combine several physical lines into a single
+logical one.
+
+ Within a logical line, unescaped @samp{#} character introduces a
+comment. The character itself and the rest of characters after it up
+to the end of line are ignored.
+
+ Empty lines are ignored as well.
+
+ Each not empty line constitutes a @dfn{configuration statement}.
+The statement is first split into words. A @dfn{word} is any
+contiguous sequence of non-whitespace characters. Singly-quoted
+and doubly-quoted strings are also considered words. Within a
+doubly-quoted string, backlslash character introduces an @dfn{escape
+sequence}. The following escape sequences are supported:
+
+@float Table, escape-sequences
+@caption{Escape sequences}
+@multitable @columnfractions 0.30 .5
+@item Sequence @tab Replaced with
+@item \a @tab Audible bell character (@acronym{ASCII} 7)
+@item \b @tab Backspace character (@acronym{ASCII} 8)
+@item \f @tab Form-feed character (@acronym{ASCII} 12)
+@item \n @tab Newline character (@acronym{ASCII} 10)
+@item \r @tab Carriage return character (@acronym{ASCII} 13)
+@item \t @tab Horizontal tabulation character (@acronym{ASCII} 9)
+@item \v @tab Vertical tabulation character (@acronym{ASCII} 11)
+@end multitable
+@end float
+
+A @samp{\} followed by any character not listed in the above table is
+replaced with that character alone. This allows, for example, to
+include double-quote character in a doubly-quoted string.
+
+ The first word is then treated as a @dfn{keyword}, and the rest of
+words as its arguments.
+
+ The following configuration statements are understood.
+
+@deffn {Config} inetd-mode bool
+ If @var{bool} is @samp{yes}, enable inet mode (@pxref{inetd-mode}).
+@end deffn
+
+@deffn {Config} pidfile filename
+ Write pidfile to the file @var{filename}.
+@end deffn
+
+@deffn {Config} foreground bool
+ If @var{bool} is @samp{yes}, run in foreground. This also means
+that log output goes to standard error, unless requested otherwise by
+@samp{log-to-syslog} statement or @option{--syslog} command line option.
+@end deffn
+
+@deffn {Config} idle-timeout number
+ Sets @dfn{idle timeout} to @var{number} seconds. A child process
+terminates if it has not received any request within this amount of
+time.
+@end deffn
+
+@deffn {Config} log-to-stderr bool
+ If @var{bool} is @samp{yes} send log output to standard error.
+@end deffn
+
+@deffn {Config} log-to-syslog bool
+ If @var{bool} is @samp{yes} send log output to syslog.
+@end deffn
+
+@deffn {Config} log-tag string
+ Tag each log line in syslog with @var{string}. By default, the name
+of the program (@samp{smapd}) is used.
+@end deffn
+
+@deffn {Config} log-facility fac
+ Write logs to the syslog facility @var{fac}. Valid values for
+@var{fac} are: @samp{user}, @samp{daemon}, @samp{auth}, @samp{authpriv},
+@samp{mail}, @samp{cron}, and @samp{local0} through @samp{local7}.
+
+ Default is @samp{daemon}.
+@end deffn
+
+@deffn {Config} debug dspec1 [dspec2...]
+ Enable debugging output according to the given specifications.
+@xref{debugging}, for a description of specifications.
+@end deffn
+
+@deffn {Config} trace bool
+ If @var{bool} is @samp{yes} enable query traces. @xref{debugging,
+Query traces}.
+@end deffn
+
+@deffn {Config} trace-pattern pat1 [pat2...]
+ Abridge query trace output to queries beginning with the given
+patterns. @xref{trace-pattern}.
+@end deffn
+
+@deffn {Config} user name
+ After startup, switch to UID and GID of the user @var{name}.
+@end deffn
+
+@deffn {Config} group name1 [name2 ...]
+ When switching to user privileges (see above), retain also these
+supplementary groups.
+@end deffn
+
+@deffn {Config} allgroups bool
+ When switching to user privileges (see above), retain all
+supplementary groups the user is a member of.
+@end deffn
+
+@deffn {Config} socket-umask mask
+ Set umask for creating UNIX sockets. The @var{mask} is a
+three-digit number which is always treated as octal. Default umask is
+@samp{117}.
+@end deffn
+
+@deffn {Config} shutdown-timeout seconds
+ Sets the number of seconds to wait for all children to terminate before
+shutdown, after sending them the @samp{SIGTERM} signal. Any children
+remaining active after this timeout are terminated forcefully using
+@samp{SIGKILL}.
+
+ Default value is 5 seconds.
+@end deffn
+
+@deffn {Config} backlog number
+ Sets the maximum size of pending connections queue for sockets. If a
+connection request arrives when the queue is full, the client receives an
+error with an indication of @samp{ECONNREFUSED}.
+
+Default backlog is 8.
+@end deffn
+
+@deffn {Config} reuseaddr bool
+ If @var{bool} is @samp{yes} reuse existing socket addresses (both
+INET and UNIX). This is the default.
+@end deffn
+
+@deffn {Config} max-children number
+ Maximum number of children processes allowed to run simultaneously.
+When the actual number of children reaches @var{number}, the server
+stops refusing further connections until any of them terminates. The
+value of @samp{0} means @samp{unlimited}.
+
+The default limit is @samp{128}.
+@end deffn
+
+@deffn {Config} single-process bool
+ Operate in single-process mode. This option may be necessary only
+when debugging @command{smapd}. @emph{Never use it in production
+environment!}
+@end deffn
+
+@deffn {Config} server name address [block]
+ Configure a server. The @var{name} argument gives its symbolic
+name, which will be used in logs to identify it. The @var{address}
+argument specifies network address to listen on. As of version
+@value{VERSION} two kind of addresses are recognized:
+
+@table @asis
+@item inet://@var{ip}:@var{port}
+ Listen on the IPv4 address @var{ip}, on the given @var{port}. IP
+address may be given either in ``dotted-quad'' form or as a hostname.
+Port may be specified either as a port number, or as a name of a
+service from @file{/etc/services}.
+
+@item unix://@var{pathname}
+ Listen on the UNIX socket @var{pathname}. Notice that the name of the
+socket must be absolute, so you would usually have three slashes
+together. For example, the following statement will listen on a
+socket named @file{/var/run/smap.sock}:
+
+@example
+server main unix:///var/run/smap.sock
+@end example
+@end table
+
+ Optional @var{block} is a @dfn{block statement} consisting of the
+word @samp{begin} followed by a newline, one or more configuration
+statements and the word @samp{end} alone on a line. For example:
+
+@example
+server main unix:///var/run/smap.sock begin
+ user smap
+ allgroups yes
+end
+@end example
+
+ The statements within block apply only to that particular server.
+That is, in the example above, the connections requested on the server
+@var{main} will be handled by a subprocess with privileges of the user
+@var{smap}, retaining all the supplementary groups of this user. The
+following statements are allowed for use in the block statement:
+
+@itemize @bullet
+@item allgoups
+@item backlog
+@item group
+@item max-children
+@item reuseaddr
+@item single-process
+@item user
+@end itemize
+
+ Their meaning is the same as of the corresponding statements in
+global scope (see above), but applies to that particular server only.
+@end deffn
+
+@deffn {Config} load-path path
+ Add @var{path} to the current set of directories searched for module
+files. @var{Path} is a list of directory names separated by colons.
+@end deffn
+
+@deffn {Config} module modname libname [args...]
+ Declare new module. Arguments are:
+
+@table @var
+@item modname
+A name which uniquely identifies this module in the configuration. It
+will be used to associate databases with this module.
+
+@item libname
+Name of the shared library file (without suffix) to load.
+
+@item args...
+Arguments to the module initialization function.
+@end table
+@end deffn
+
+@deffn {Config} database name modname [args...]
+Define a database @var{name} and associate it with the module
+@var{modname}, which must be loaded by a prior @code{module}
+statement. Optional @var{args} are passed to the database
+initialization function verbatim.
+@end deffn
+
+@deffn {Config} query cond target
FIXME
+@end deffn
+
@node exit codes
@section Smapd Exit Codes
@@ -605,7 +847,16 @@ FIXME
Email bug reports to @email{gray+smap@@gnu.org.ua}. Please include a
detailed description of the bug and information about the conditions
-under which it occurs, so we can reproduce it.
+under which it occurs, so we can reproduce it. The minimal
+information needed is:
+
+@itemize @bullet
+@item Version of the package you are using.
+@item Compilation options used when configuring it.
+@item Run-time configuration (the @file{smapd.conf} file and command
+line options used).
+@item Conditions under which the bug appears.
+@end itemize
@node Protocol
@appendix The Sockmap Protocol
diff --git a/src/smapd.c b/src/smapd.c
index 5b2c3aa..fa11762 100644
--- a/src/smapd.c
+++ b/src/smapd.c
@@ -622,7 +622,7 @@ cfg_trace_pattern(struct cfg_kw *kw, int wordc, char **wordv, void *data)
static struct cfg_kw smap_kwtab[] = {
/* kw type ival sval aval fun */
- { "inet-mode", KWT_BOOL, &inetd_mode },
+ { "inetd-mode", KWT_BOOL, &inetd_mode },
{ "pidfile", KWT_STRING, NULL, &pidfile, NULL, NULL },
{ "foreground", KWT_BOOL, &foreground, },
{ "idle-timeout", KWT_UINT, (int*) &idle_timeout },
@@ -690,6 +690,8 @@ main(int argc, char **argv)
if (!isatty(0))
log_to_stderr = 0;
smap_log_init();
+ srvman_param.socket_umask = 0117;
+ srvman_param.max_children = 128;
/* Parse command line and configuration file. */
get_options(argc, argv);
if (parse_config(config_file, smap_kwtab, NULL))

Return to:

Send suggestions and report system problems to the System administrator.