Network Services

Objective:

• Explain the client-server model and enable/disable server processes.

In previous releases of Solaris, the inetd network daemon was responsible for running network services on demand and was configured by editing the file, /etc/inetd.conf. As of Solaris 10, this has all changed. The services that were previously configured using this file are now configured and managed by the Service Management Facility (SMF)see Chapter 3 for a full description of the Service Management Facility. A new command, inetadm, is used to carry out the management of these network services.

The default /etc/inetd.conf file now contains only a few entries, unlike in previous versions of Solaris where all of the network services were listed. The /etc/inetd.conf file may still be used as a mechanism for adding new (third-party additional software) services, but in order to make use of these services, they must be converted to run under SMF. This is carried out using the inetconv command. When you run this command with no options, it automatically reads the /etc/inetd.conf file and converts any entries to services that can run under SMF. The inetd daemon can no longer be run manually from the command line, nor can it be instructed to re-read its configuration file, as in previous releases of Solaris. Changes or modifications to the configuration of network services are done using the inetadm or svccfg commands.

To see the network services being managed by SMF, enter the inetadm command with no options:

# inetadm

ENABLED   STATE          FMRI
enabled   online         svc:/network/rpc/gss:default
enabled   online         svc:/network/rpc/mdcomm:default
enabled   online         svc:/network/rpc/meta:default
enabled   online         svc:/network/rpc/metamed:default
enabled   online         svc:/network/rpc/metamh:default
disabled  disabled       svc:/network/rpc/rex:default
enabled   online         svc:/network/rpc/rstat:default
enabled   online         svc:/network/rpc/rusers:default
disabled  disabled       svc:/network/rpc/spray:default
disabled  disabled       svc:/network/rpc/wall:default
disabled  disabled       svc:/network/tname:default
enabled   online         svc:/network/security/ktkt_warn:default
enabled   online         svc:/network/telnet:default
enabled   online         svc:/network/nfs/rquota:default
disabled  disabled       svc:/network/chargen:dgram
disabled  disabled       svc:/network/chargen:stream
disabled  disabled       svc:/network/daytime:dgram
disabled  disabled       svc:/network/daytime:stream
disabled  disabled       svc:/network/discard:dgram
disabled  disabled       svc:/network/discard:stream
disabled  disabled       svc:/network/echo:dgram
disabled  disabled       svc:/network/echo:stream
disabled  disabled       svc:/network/time:dgram
disabled  disabled       svc:/network/time:stream
enabled   online         svc:/network/ftp:default
disabled  disabled       svc:/network/comsat:default
enabled   online         svc:/network/finger:default
disabled  disabled       svc:/network/login:eklogin
disabled  disabled       svc:/network/login:klogin
enabled   online         svc:/network/login:rlogin
disabled  disabled       svc:/network/rexec:default
enabled   online         svc:/network/shell:default
disabled  disabled       svc:/network/shell:kshell
disabled  disabled       svc:/network/talk:default
enabled   online         svc:/application/font/stfsloader:default
enabled   online         svc:/application/x11/xfs:default
enabled   online         svc:/network/rpc/smserver:default
disabled  disabled       svc:/network/rpc/ocfserv:default
enabled   offline        svc:/application/print/rfc1179:default
disabled  disabled       svc:/platform/sun4u/dcs:default
disabled  disabled       svc:/network/uucp:default
disabled  disabled       svc:/network/security/krb5_prop:default
disabled  disabled       svc:/network/apocd/udp:default
enabled   online         svc:/network/rpc-100235_1/rpc_ticotsord:default
enabled   online         svc:/network/rpc-100083_1/rpc_tcp:default
enabled   online         svc:/network/rpc-100068_2-5/rpc_udp:default
enabled   online         svc:/network/tftp/udp6:default

The preceding code shows, for example, that the spray service is in the disabled state. To enable this service, use the inetadm command with the -e option:

# inetadm -e spray

Now you can see that the service has been enabled and is available for use:

# inetadm | grep spray

enabled   online         svc:/network/rpc/spray:default

To disable the spray service, use the inetadm command with the -d option:

# inetadm -d spray

Check again to verify that the service is now disabled:

# inetadm | grep spray

disabled  disabled       svc:/network/rpc/spray:default

You can also list the properties and values of a selected network service, using the -l option to the inetadm command. The following code lists the properties of the spray service:

# inetadm -l spray

SCOPE    NAME=VALUE
         name="sprayd"
         endpoint_type="tli"
         proto="datagram_v"
         isrpc=TRUE
         rpc_low_version=1
         rpc_high_version=1
         wait=TRUE
         exec="/usr/lib/netsvc/spray/rpc.sprayd"
         user="root"
default  bind_addr=""
default  bind_fail_max=-1
default  bind_fail_interval=-1
default  max_con_rate=-1
default  max_copies=-1
default  con_rate_offline=-1
default  failrate_cnt=40
default  failrate_interval=60
default  inherit_env=TRUE
default  tcp_trace=FALSE
default  tcp_wrappers=FALSE

Each network service uses a port that represents an address space and is reserved for that service. Systems communicate with each other through these ports. Well-known ports are listed in the /etc/services file, which is a symbolic link to /etc/inet/services. The following are a few entries from the /etc/services file:

chargen         19/tcp          ttytst source
chargen         19/udp          ttytst source
ftp-data        20/tcp
ftp             21/tcp

From these entries, you can see that the chargen service uses port 19 and will use both TCP and UDP protocols. It also has aliases assigned.

Each network service uses a well-known port number that is used by all the hosts on the network. Keeping track of these ports can be difficult, especially on a network that supports several network services.

Solaris utilizes a client/server model known as remote procedure calls (RPC). With an RPC service, a client connects to a special server process, rpcbind, which is a "well-known service". rpcbind registers port numbers associated with each RPC service listed in the /etc/rpc file. The rpcbind process receives all RPC-based client application connection requests and sends the client the appropriate server port number. For example, mountd is listed in the /etc/rpc file as follows:

mountd          100005  mount showmount

The mountd daemon has a program number of 100005 and is also known as mount and showmount.

You use the rpcinfo utility with the -p option to list registered RPC programs running on a system. For example, you can check on processes on another system like this:

rpcinfo -p 192.168.1.21

The system responds with a list of all the registered RPC services found running on that system:

program    vers     proto   port    service
100005     1        udp     32784   mountd

The output displays the program number, version, protocol, port, and service name. One of them in this example is the mountd service.

You can also use rpcinfo to unregister an RPC program. When you use rpcinfo with the -d option, you can delete registration for a service. For example, if sprayd is running on the local system, you can unregister, and disable it as follows:

rpcinfo  -d sprayd 1

The sprayd service would be unregistered from RPC. You could restart the sprayd service by issuing a restart command using the svcadm command, as follows:

svcadm restart spray

This causes the spray service to restart and automatically re-register the RPC program associated with the spray service.