s6-ipcserverd.html (5057B)
1 <html> 2 <head> 3 <meta name="viewport" content="width=device-width, initial-scale=1.0" /> 4 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> 5 <meta http-equiv="Content-Language" content="en" /> 6 <title>s6: the s6-ipcserverd program</title> 7 <meta name="Description" content="s6: the s6-ipcserverd program" /> 8 <meta name="Keywords" content="s6 s6-ipcserverd ipcserver ucspi unix server super-server" /> 9 <!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> --> 10 </head> 11 <body> 12 13 <p> 14 <a href="index.html">s6</a><br /> 15 <a href="//skarnet.org/software/">Software</a><br /> 16 <a href="//skarnet.org/">skarnet.org</a> 17 </p> 18 19 <h1> The <tt>s6-ipcserverd</tt> program </h1> 20 21 <p> 22 <tt>s6-ipcserverd</tt> is the serving part of the 23 <a href="s6-ipcserver.html">s6-ipcserver</a> super-server. 24 It assumes that its stdin is a bound and listening Unix 25 domain socket, and 26 it accepts connections from clients connecting to it, forking a 27 program to handle each connection. 28 </p> 29 30 <h2> Interface </h2> 31 32 <pre> 33 s6-ipcserverd [ -1 ] [ -v verbosity ] [ -P | -p ] [ -c <em>maxconn</em> ] [ -C <em>localmaxconn</em> ] <em>prog...</em> 34 </pre> 35 36 <ul> 37 <li> s6-ipcserverd accepts connections from clients to an already 38 bound and listening SOCK_STREAM Unix domain socket which is its 39 standard input. </li> 40 <li> For every client connection to this socket, it 41 forks. The child sets some environment variables, then 42 executes <em>prog...</em> with stdin reading from the socket and 43 stdout writing to it. </li> 44 <li> Depending on the verbosity level, it logs what it does to stderr. </li> 45 <li> It runs until killed by a signal. Depending on the received 46 signal, it may kill its children before exiting. </li> 47 </ul> 48 49 <h2> Environment variables </h2> 50 51 <p> 52 For each connection, an instance of <em>prog...</em> is spawned with 53 the following variables set: 54 </p> 55 56 <ul> 57 <li> PROTO: always set to IPC </li> 58 <li> IPCREMOTEEUID: set to the effective UID of the client, 59 unless credentials lookups have been disabled </li> 60 <li> IPCREMOTEEGID: set to the effective GID of the client, 61 unless credentials lookups have been disabled </li> 62 <li> IPCREMOTEPATH: set to the path associated with the remote socket, 63 if any. Be aware that it may contain arbitrary characters. </li> 64 <li> IPCCONNNUM: set to the number of connections originating from 65 the same user (i.e. same uid) </li> 66 </ul> 67 68 <p> 69 If client credentials lookup has been disabled, IPCREMOTEEUID and 70 IPCREMOTEEGID will be set, but empty. 71 </p> 72 73 74 <h2> Options </h2> 75 76 <ul> 77 <li> <tt>-1</tt> : write a newline to stdout, and close stdout, 78 right before entering the client-accepting loop. 79 If stdout is suitably redirected, this can be used by monitoring 80 programs to check when the server is accepting connections. See 81 <a href="notifywhenup.html">this page</a> for more information on 82 readiness notification. </li> 83 <li> <tt>-v <em>verbosity</em></tt> : be more or less 84 verbose. <em>verbosity</em> can be 0 (quiet), 1 (normal), or 2 85 (verbose). </li> 86 <li> <tt>-P</tt> : disable client credentials lookups. The 87 IPCREMOTEEUID and IPCREMOTEEGID environment variables will be unset 88 in every instance of <em>prog...</em>. This is the portable option, 89 because not every system supports credential lookup across Unix domain 90 sockets; but it is not as secure. </li> 91 <li> <tt>-p</tt> : enable client credentials lookups. This 92 is the default; it works at least on Linux, Solaris, and 93 *BSD systems. On systems that do not support it, every connection 94 attempt will fail with a warning message. </li> 95 <li> <tt>-c <em>maxconn</em></tt> : accept at most 96 <em>maxconn</em> concurrent connections. Default is 40. It is 97 impossible to set it higher than 1000. </li> 98 <li> <tt>-C <em>localmaxconn</em></tt> : accept at most 99 <em>localmaxconn</em> connections from the same user ID. 100 Default is 40. It is impossible to set it higher than <em>maxconn</em>. </li> 101 </ul> 102 103 <h2> Signals </h2> 104 105 <ul> 106 <li> SIGTERM: exit. </li> 107 <li> SIGHUP: send a SIGTERM and a SIGCONT to all children. </li> 108 <li> SIGQUIT: send a SIGTERM and a SIGCONT to all children, then exit. </li> 109 <li> SIGABRT: send a SIGKILL to all children, then exit. </li> 110 </ul> 111 112 <h2> Notes </h2> 113 114 <ul> 115 <li> Unlike his close cousin 116 <a href="http://www.superscript.com/ucspi-ipc/ipcserver.html">ipcserver</a>, 117 s6-ipcserverd does not perform operations such as access control. Those are 118 delegated to the 119 <a href="s6-ipcserver-access.html">s6-ipcserver-access</a> program. </li> 120 <li> s6-ipcserverd can be used to set up 121 <a href="localservice.html">local services</a>. </li> 122 <li> s6-ipcserverd is meant to be execve'd into by a program that gets 123 the listening socket. That program is normally 124 <a href="s6-ipcserver-socketbinder.html">s6-ipcserver-socketbinder</a>, 125 which creates the socket itself; but it can be a different one if the 126 socket is to be retrieved by another means, for instance by fd-passing 127 from a fd-holding daemon (some people call this "socket activation"). </li> 128 </ul> 129 130 </body> 131 </html>