skabus
Software
skarnet.org
The skabus-dyntee program
skabus-dyntee is a dynamic tee, which is the
simplest publisher daemon possible.
It listens on a Unix domain socket, accepts client connections, and
publishes to its clients everything it reads on its standard
input, as a byte stream. It only writes to clients and never reads
from them.
Interface
skabus-dyntee [ -1 ] [ -D | -d ] [ -c maxconn ] [ -b backlog ] [ -G gidlist ] [ -g gid ] [ -u uid ] [ -U ] [ -t clienttimeout ] [ -T lameducktimeout ] [ -i rulesdir | -x rulesfile ] path
- skabus-dyntee binds to the Unix domain socket at path.
- If applicable, it drops root privileges.
- It listens to its socket and accepts client connections.
- Whenever it has data available on its standard input, it reads
that data and writes it to every client it has. It duplicates its
stdin stream to all its clients, hence the name dynamic tee.
- When it reads EOF on its stdin, or when it receives a SIGTERM,
it waits for its clients to read their pending data, then exits 0.
skabus-dyntee is just a wrapper that binds to its socket and
drops privileges before executing into
skabus-dynteed. For details of
the daemon's operation, see the
skabus-dynteed documentation.
Options
- -1 : write a newline to stdout, before
closing it, right after binding and listening to the Unix socket.
If stdout is suitably redirected, this can be used by monitoring
programs to check when the server is ready to accept connections.
- -d : allow instant rebinding to the same path
even if it has been used not long ago - this is the SO_REUSEADDR flag to
setsockopt()
and is generally used with server programs. This is the default. Note that
path will be deleted if it already exists at program start time.
- -D : disallow instant rebinding to the same path.
- -c maxconn : accept at most
maxconn concurrent client connections. Default is 40. It is
impossible to set it higher than the value of the SKABUS_DYNTEE_MAX macro,
which is 1000.
- -b backlog : set a maximum of
backlog backlog connections on the socket. Extra
connection attempts will rejected by the kernel.
- -G gidlist : change skabus-dyntee's
supplementary group list to gidlist after binding the socket.
This is only valid when run as root. gidlist must be a
comma-separated list of numerical group IDs.
- -g gid : change skabus-dyntee's groupid
to gid after binding the socket. This is only valid when run
as root.
- -u uid : change skabus-dyntee's userid
to uid after binding the socket. This is only valid when run
as root.
- -U : change skabus-dyntee's user id, group id and
supplementary group list
according to the values of the UID, GID and GIDLIST environment variables
after binding the socket. This is only valid when run as root.
This can be used with the
s6-envuidgid
program to easily script a service that binds to a privileged socket
then drops its privileges to those of a named non-root account.
- -t clienttimeout : disconnect a client
that has not read its data after clienttimeout milliseconds.
By default, clienttimeout is 0, which means infinite.
- -T lameducktimeout : after
skabus-dyntee has been told to exit, clients will have
lameducktimeout milliseconds to read their pending data,
after which skabus-dyntee will exit anyway.
By default, lameducktimeout is 0, which means infinite.
- -x rulesfile : read access rights
configuration from CDB file rulesfile.
- -i rulesdir : read access rights
configuration from the filesystem in directory rulesdir.
Notes
- skabus-dyntee does not interpret its options itself. It just
dispatches them to the appropriate program on the command line that
it builds.
- From the user's point of view, skabus-dyntee behaves like a
long-lived process, even if the long-lived process itself is called
skabus-dynteed. Every operational detail
of skabus-dynteed applies to skabus-dyntee as well; in particular,
make sure to properly
configure the clients'
access rights.