mcsysinfod [ -c | --configfile cfFile] [ -d | --debug ] [ -f | --fg ] [ -L | --logfac facility] [ -p | --port num] [ -s | --sysinfo path] [ -t | --timeout seconds]
mcsysinfod -V | --version
mcsysinfod(8) is a server process which provides SysInfo Service Protocol™ (SSP) service. SSP is a TCP stream protocol which allows a client to retrieve MagniComp SysInfo data from a remote system running mcsysinfod(8) The data is provided in mcsysinforeport(5) format.
Upon startup mcsysinfod will fork(2) a copy of itself and run in the background listening on all network interfaces on the system for a connection on port 11967 by default. Each time a new client connects, a copy of mcsysinfod is forked for handling that client.
The mcsysinfo(1) CLI command is used to generate the actually data which is sent to the client.
All messages are sent to the LOG_DAEMON syslog(3) facility by default.
Most options can be set by either a short, dash + single character, or a long form consisting of dash + dash + string.
Command line options override builtin default values and corresponding CONFIGURATION FILE parameters.
Use cfFile as the configuration file (see CONFIGURATION FILE to read. The default configuration file is determined by looking for ../config/mcsysinfod.cf relative to the location that mcsysinfod was run from. Use the --debug option to see what configuration file mcsysinfod finds at startup.
Enable debugging information.
Run in the foreground (do not fork). The default is to run in the background. This option is usually used with --debug.
Use syslog(3) logging facility. The default facility is daemon.
Set the amount of idle time allowed in a client session before the session is terminated to be seconds. The default is 1 hour.
Use path as the path to the mcsysinfo(1) command. By default, mcsysinfod looks for $CFDIR/../bin/sysinfo where $CFDIR is the configuration directory.
Listen on port num for connections. The default is the standard SSP port of 11967.
Print version information and exit.
Variables in the configuration file override builtin default values. Command line options in turn override configuration file variables.
The name of the configuration file read by mcsysinfod is mcsysinfod.cf.
Lines beginning with hash (#) are considered comment lines and are ignored. Most variables are set with the form:
key=value
Variable key names are case insensitive.
The following are the valid variables:
A list of allowed hostnames and netgroup(5)'s
Specify the types of authorization and authentication which are required to allow a client to access SSP services. See the AUTHORIZATION section for more details. The valid values for type are:
Check the client's hostname/IP against the Allow list. If a match is found, access is granted.
Require that the client send a username and password which is checked against User entries defined in the same configuration file.
Require that the client send a username and password which is checked against the system's passwd(5) database.
Listen on TCP port Number for client connections.
List of pathnames to the mcsysinfo(1) command. Entries are seperated by colon (:). The first entry found is used. The string ${CFDIR} will be automatically expanded to the path to the configuration directory. For example, the entry:
SysInfoPath=sysinfo:${CFDIR}/../bin/sysinfo
will first check the current directory for sysinfo and then look in the bin directory of the installation.
Set the number of seconds before a client session is dropped to be Seconds.
Define a username and password combination which the client can authenticate against if the Auth list includes the user type. The password must be plain text. Multiple User lines are accepted.
By default, mcsysinfod allows access from any system. Access may be limited by use of the AUTH variable in the mcsysinfod.cf file.
If the AUTH and/or the ALLOW keywords are found in the mcsysinfod.cf then only clients who pass the authorization tests will be allowed to connect. The AUTH variable specifies a comma seperated list of authorization types to check. The recognized types are:
Use host based authorization. If host is set, then the ALLOW variable is checked against the client requesting the connection. If the client is found in the ALLOW list, then authorization is approved. If the client is not authorized against the ALLOW list and another authorization type is available, then the client will be told during session startup that authentication via the AUTH protocol is required. If the client is not authorized against the ALLOW list and no other authorization types are available, access is denied.
The client requesting a connection must send a username and password which is checked against all USER entries in the mcsysinfod.cf file. If the username sent by the client matches a USER entry and the passwords match, access is authorized. If the passwords do not match, access is denied. If no match for the username is found, the username and password are checked against the next authorization type (if any) specified in the AUTH entry.
The client requesting a connection must send a username and password which is checked against the system's passwd(5) database via the getpwnam(3) and getspnam(3) interfaces. If the username is found and the passwords match, access is granted. If the username is found and the passwords do not match, access is denied. Otherwise, the username and password are checked against additional password based authorization types (if any) specified by the AUTH entry.
Let's take the following example:
AUTH=host,user,passwd ALLOW=server1,server2,itnetgroup USER=ituser1 2fatpwd USER=helpdesk way2cool
A client's hostname will first be checked to see if it matches hostnames server1 and server2 as well as if it's in a netgroup called itnetgroup. If that fails, the client will be told that it must authenticate itself. If the client sends a username of helpdesk and the way2cool password, then authentication will suceed. If the client sends a username of jsmith and a password of fun4all then both will be checked against the system's passwd(5) database since jsmith does not appear in any USER entry.