1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
|
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="Content-Language" content="en" />
<title>skabus: the skabus-rpc-daemon program</title>
<meta name="Description" content="skabus: the skabus-rpc-daemon program" />
<meta name="Keywords" content="skabus skabus-rpc unix linux socket rpc mapper server daemon" />
<!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> -->
</head>
<body>
<p>
<a href="index.html">skabus</a><br />
<a href="//skarnet.org/software/">Software</a><br />
<a href="//skarnet.org/">skarnet.org</a>
</p>
<h1> The <tt>skabus-rpc-daemon</tt> program </h1>
<p>
<tt>skabus-rpc-daemon</tt> is a RPC mapper <em>daemon</em>, i.e. a
long-lived program.
It listens on a Unix domain socket, then
accepts client connections. It allows clients to register interfaces
and methods; it transmits queries from a client Q to the appropriate
client R that can handle them; it then transmits the answer back to
client Q.
</p>
<h2> Interface </h2>
<pre>
skabus-rpc-daemon [ -1 ] [ -v <em>verbosity</em> ] [ -D | -d ] [ -c <em>maxconn</em> ] [ -b <em>backlog</em> ] [ -G <em>gidlist</em> ] [ -g <em>gid</em> ] [ -u <em>uid</em> ] [ -U ] [ -t <em>clienttimeout</em> ] [ -T <em>lameducktimeout</em> ] [ -i <em>rulesdir</em> | -x <em>rulesfile</em> ] [ -S | -s ] [ -J | -j ] <em>path</em>
</pre>
<ul>
<li> skabus-rpc-daemon binds to the Unix domain socket at path. </li>
<li> If applicable, it drops root privileges. </li>
<li> It listens to its socket and accepts client connections. </li>
<li> Clients are handled as described in the
<a href="skabus-rpcd.html">skabus-rpcd</a> page. </li>
</ul>
<p>
skabus-rpc-daemon is just a wrapper that binds to its socket and drops
privileges before executing into
<a href="skabus-rpcd.html">skabus-rpcd</a>. For details of the daemon's
operation, see the <a href="skabus-rpcd.html">skabus-rpcd</a> documentation.
</p>
<h2> Options </h2>
<ul>
<li> <tt>-1</tt> : write a newline to stdout, before
closing it, right after binding and listening to the Unix socket.
If stdout is suitably redirected, this can be used by monitoring
programs to check when the server is ready to accept connections. </li>
<li> <tt>-v <em>verbosity</em></tt> : be quiet, normally
verbose, or more verbose, depending on if <em>verbosity</em> is 0,
1, or more. The default is 1. </li>
<li> <tt>-d</tt> : allow instant rebinding to the same path
even if it has been used not long ago - this is the SO_REUSEADDR flag to
<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/setsockopt.html">setsockopt()</a>
and is generally used with server programs. This is the default. Note that
<em>path</em> will be deleted if it already exists at program start time. </li>
<li> <tt>-D</tt> : disallow instant rebinding to the same path. </li>
<li> <tt>-c <em>maxconn</em></tt> : accept at most
<em>maxconn</em> concurrent client connections. Default is 40. It is
impossible to set it higher than the value of the SKABUS_RPC_MAX macro,
which is 1000. Client connections to this server are usually long-lived;
make sure to correctly tune that number to your needs. </li>
<li> <tt>-b <em>backlog</em></tt> : set a maximum of
<em>backlog</em> backlog connections on the socket. Extra
connection attempts will rejected by the kernel. </li>
<li> <tt>-G <em>gidlist</em></tt> : change skabus-rpc-daemon's
supplementary group list to <em>gidlist</em> after binding the socket.
This is only valid when run as root. <em>gidlist</em> must be a
comma-separated list of numerical group IDs. </li>
<li> <tt>-g <em>gid</em></tt> : change skabus-rpc-daemon's groupid
to <em>gid</em> after binding the socket. This is only valid when run
as root. </li>
<li> <tt>-u <em>uid</em></tt> : change skabus-rpc-daemon's userid
to <em>uid</em> after binding the socket. This is only valid when run
as root. </li>
<li> <tt>-U</tt> : change skabus-rpc-daemon's user id, group id and
supplementary group list
according to the values of the UID, GID and GIDLIST environment variables
after binding the socket. This is only valid when run as root.
This can be used with the
<a href="//skarnet.org/software/s6/s6-envuidgid.html">s6-envuidgid</a>
program to easily script a service that binds to a privileged socket
then drops its privileges to those of a named non-root account. </li>
<li> <tt>-t <em>clienttimeout</em></tt> : disconnect a client
if it's in the middle of an operation and it has not written or read any
data in <em>clienttimeout</em> milliseconds. By default, <em>clienttimeout</em>
is 0, which means infinite. </li>
<li> <tt>-T <em>lameducktimeout</em></tt> : give clients
<em>lameducktimeout</em> milliseconds to finish their current operation
before exiting after skabus-rpc-daemon has received a SIGTERM. By default,
<em>lameducktimeout</em> is 0, which means infinite. </li>
<li> <tt>-x <em>rulesfile</em></tt> : read access rights
configuration from CDB file <em>rulesfile</em>. </li>
<li> <tt>-i <em>rulesdir</em></tt> : read access rights
configuration from the filesystem in directory <em>rulesdir</em>. </li>
<li> <tt>-S</tt> : paranoid identification mode. Disallows
unspecified clients from registering
under any identifier. This is the default. </li>
<li> <tt>-s</tt> : free registration. Allows unspecified clients
to register with any identifier. </li>
<li> <tt>-J</tt> : paranoid interface registration. Disallows
unspecified clients from registering interfaces. This is the default. </li>
<li> <tt>-j</tt> : free interface registration. Allows unspecified clients
to register any interface name. </li>
</ul>
<h2> Notes </h2>
<ul>
<li> skabus-rpc-daemon does not interpret its options itself. It just
dispatches them to the appropriate program on the command line that
it builds. </li>
<li> From the user's point of view, skabus-rpc-daemon behaves like a
long-lived process, even if the long-lived process itself is called
<a href="skabus-rpcd.html">skabus-rpcd</a>. Every operational detail
of skabus-rpcd applies to skabus-rpc-daemon as well; in particular,
make sure to properly
<a href="skabus-rpcd.html#configuration">configure the clients'
access rights</a>. </li>
<li> skabus-rpc-daemon is meant to be used in a s6 run script, as
a supervised local service. It does not fork itself or write to syslog.
However, it can be run under any infrastructure, including other
supervision infrastructures, OpenRC, systemd, or SysV scripts. </li>
</ul>
</body>
</html>
|