Previous Page | Next Page

  1. Introduction
  2. About Linux
  3. Installation and getting started
  4. Logging in and out
  5. Basic Linux Commands
  6. Linux Files and File Permissions
  7. Linux Directory Structure
  8. Finding Files
  9. Linux Help
  10. Setting Time
  11. Devices
  12. Tips
  13. Accessing Other Filesystems
  14. Accessing Removable Media
  15. Making and Managing Filesystems
  16. Emergency Filesystems and Procedures
  17. LILO and Runlevels
  18. Init
  19. Environment, Shell Selection, and Startu
  20. Linux Kernel
  21. Package Installation and Printing
  22. Configuration, Logging and CRON
  23. Keys and Terminal Configuration
  24. Sound Configuration
  25. Managing Users
  26. Passwords
  27. Process Control
  28. Configuration and Diagnostic Tools
  29. Overall Configuration
  30. Using PAM
  31. Basic Network Setup
  32. Tools and Terms
  33. Novell and Printing
  34. Inetd Services
  35. Xinetd Services
  36. Other Network Services
  37. FTP and Telnet
  38. Samba
  39. Identd (auth)
  40. X Configuration
  41. X Use
  42. Using X Remotely
  43. X Documentation
  44. DNS
  45. DHCP and BOOTP
  46. Apache
  47. NFS
  48. PPP
  49. Mail
  50. Routing
  51. IP Masquerading
  52. Proxy Servers and ipchains
  53. UUCP
  54. News
  55. NIS
  56. Network Security
  57. Secure Shell
  58. Text Processing
  59. Shell Programming
  60. Emacs
  61. VI
  62. Recommended Reading
  63. Credits

Linux Xinetd Network services

The service, xinetd, is a service designed to provide the same functionality as inetd, but with better configuration options and better security. It provides the same services as inetd, so you will not need to run inetd with this service and can substitute this service for inetd. This service is easy to install and run. It is meant as a replacement for inetd, but can be run at the same time inetd is being run. If you decide to run both inetd and xinetd, but you should not run the same services, such as telnet or ftp, on both inetd and xinetd at the same time. Xinetd will support the hosts.allow and hosts.deny features using the tcp wrapper daemon, the same as inetd does.

Obtaining xinetd

It is very easy to obtain, compile, and install xinetd. You may obtain FAQ information from: http://synack.net/xinetd/faq.html and complete documentation with source and binaries may be obtained from http://www.synack.net/xinetd/. Also there is a very good xinetd tutorial which describes installation and configuration (yes, better than this documentation) at http://www.macsecurity.org/resources/xinetd/tutorial.shtml. It is written for users running Linux on a MacIntosh, but it applies very well to xinetd and Linux in general.

Compilation and installation

Download the code to a location like "/usr/local/xinetd" then enter the directory you downloaded xinetd to. Follow the following procedure to unpack a source tar file, compile, and install the package:

  1. Type "tar xvzf xinetd-2_1_8_9p3_tar.gz" to unpack the file.
  2. Type "cd xinetd-2.1.8.8.p3" to enter the directory the files were unpacked to.
  3. Read the README and INSTALL files with the commands "less README" and "less "INSTALL".
  4. Type "./configure -- with-libwrap --with-loadavg". Some documentation recommends not using the --with-libwrap option since xinit supports its own method of providing the same capabilities of hosts.allow and hosts.deny.
  5. Type "make".
  6. Type "make install". This will install the man pages, xinetd.conf, xinet.log, xinetd, and itox. These files will be accessible by typing "man" followed by the name of the file such as "man xinetd". It will also install the binary programs, xinetd, itox, and xconv.pl.
    1. At this point, you may not have ready access to these programs unless the directory /usr/local/sbin is in your system path. You can find out by issuing the command "env" and looking at the value of your path variable. If the directory is named in the path variable, you are set. If not, you will need to add it to your system path.
    2. If you are only going to require these commands while logged in as root (which is likely), you can edit the .bash_profile file in the root directory (/root/.bash_profile). This assumes you are using the bash shell, otherwise edit the appropriate file for the shell you are running. Add ":/usr/local/bin" to the statement that begins with "PATH". If no statement starting with "PATH" exists, add the statement "PATH=$PATH:/usr/local/bin".
    3. If you want this path added for all users, you may add the statements as described above to the /etc/profile file.
  7. The xinetd documentation says to issue the command:

    xconv.pl < /etc/inetd.conf > /tmp/xinetd.conf

    But I recommend using the command:

    xconv.pl < /etc/inetd.conf > /etc/xinetd.conf

    This will create a configuration file for xinetd from your original inetd.conf file.

  8. You now need to start the service. The easy way to do this is to modify the /etc/rc.d/init.d/inet file and replace all occurrences of inetd by xinetd. Since xinetd is installed to /usr/local/sbin rather than /usr/sbin, you will need to account for this in your file modifications or copy xinetd to /usr/sbin.
  9. If you have a problem getting the service to run right consider the following pitfalls:
    • If you converted your inetd.conf file to xinetd.conf, and were running with tcp wrappers in inetd, and did not compile tcp wrapper support into xinetd with the option --with-libwrap, you will need to either compile the option in or modify your configuration file so tcp wrappers are no longer used. this can generally be done by moving the server arguments to the server value, and the server arguments will be set to what would have been on the server command line or the value -1. For instance the entry:
      server = /usr/sbin/tcpd 
      server_args = in.ftpd -l -a 
      

      becomes:

      server = /usr/sbin/in.ftpd 
      server_args = -l -a 
      

      The entry:

      server = /usr/sbin/tcpd 
      server_args = in.telnetd 
      

      becomes:

      server = /usr/sbin/in.telnetd 
      server_args = -1 
      
    • You may need to add the line "groups = yes" to each service. See the xinetd.conf man page.