tech-userlevel archive
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index][
Old Index]
proposal: inetd improvements.
I am thinking of using inetd to run a few services in a production
environment and in order to make it robust and featureful enough to
do so, I would like to make the following list of changes to it:
1. maximum connexions per unit time is not a terribly
useful feature and in fact makes the use of inetd in
an enterprise unusable as it is a built-in denial of
service. I propose that we keep track of the number
of outstanding children and place a maximum on that
rather than connexions per second. Perhaps we can
leave connexions per unit time in the code but strongly
discourage its use,
2. inetd should be able to optionally signal kids of wait
services when it is HUPed or stopped,
3. for wait services for which inetd fails to bind, it should
retry later as it is possible that a daemon that it HUPed
earlier is taking a while to exit,
4. % should be defined as an address type and it should expand
into a list of IP addresses which is periodically regenerated
by iterating over the interfaces,
5. it should be possible to configure multiple kids on a wait
service to give the ability to trivially run pre-forked services,
6. put in some interpolation in args so that we can tell the daemon
a few things.
7. add a few extra socket options here and there,
8. maybe a chroot option, maybe unnecessary given that you can
already do this via chroot(1), and
9. convert it to libevent for portability and provide autoconf
so that it can be built on other OSes (not used on NetBSD of
course).
Thoughts?
--
Roland Dowdeswell http://Imrryr.ORG/~elric/
Home |
Main Index |
Thread Index |
Old Index