HP-UX Reference (11i v2 07/12) - 5 Miscellaneous (vol 9)
h
hosts_options(5) hosts_options(5)
the remote host.
twist shell_command
Replace the current process by an instance of the specified shell command, after performing the
%letter expansions described in the hosts_access(5) manual page.
stdin, stdout, and stderr are
connected to the client process. This option must appear at the end of a rule.
To send a customized bounce message to the client instead of running the real ftp daemon:
ftpd : ... : twist /bin/echo 421 Some bounce message
For an alternative way to communicate with the client processes, see the
banners option below.
To run /some/other/telnetd without polluting its command-line array or its process environment:
telnetd : ... : twist PATH=/some/other; exec telnetd
WARNING: in case of UDP services, do not twist to commands that use the standard I/O or the
read()/write()
routines to communicate with the client process. UDP requires other I/O primitives.
Network Options
keepalive
Causes the server to periodically send a message to the client. The connection is considered broken
when the client does not respond. The keepalive option can be useful when users turn off their
machine while it is still connected to a server. The keepalive option is not useful for datagram
(UDP) services.
linger number_of_seconds
Specifies how long the kernel will try to deliver undelivered data after the server process closes a con-
nection.
Username Lookup Options
rfc931 [ timeout_in_seconds
]
Look up the client user name with the RFC 931 (TAP, IDENT, RFC 1413) protocol. This option is
silently ignored in case of services based on transports other than TCP. It requires that the client sys-
tem runs an RFC 931-compliant daemon (IDENT etc.) and may cause noticeable delays with connec-
tions from non-UNIX clients. The timeout period is tunable through configuration file
/etc/tcpd.conf. If no or invalid timeout is specified, the user name lookup is disabled.
Miscellaneous Options
banners /some/directory
Look for a file in /some/directory with the same name as the daemon process (for example,
telnetd
for the telnet service), and copy its contents to the client. Newline characters are replaced by
carriage-return newline, and
%letter sequences are expanded (see the hosts_access(5) manual page).
WARNING: Banners are supported for connection-oriented (TCP) network services only.
nice [number]
Change the nice value of the process (default 10). Specify a positive value to spend more CPU
resources on other processes.
setenv name value
Place a (name, value) pair into the process environment. The value is subjected to %letter expansions
and may contain whitespace (but leading and trailing blanks are stripped off).
WARNING: Many network daemons reset their environment before spawning a login or shell process.
umask 022
Like the umask command that is built into the shell. A umask of 022 prevents the creation of files
with group and world write permission. The umask argument must be an octal number.
user someuser or user someuser.somegroup
Assume the privileges of the "someuser" userid (or user "someuser", group "somegroup"). The first
form is useful with inetd implementations that run all services with root privilege. The second form
is useful for services that need special group privileges only.
DIAGNOSTICS
Problems are reported via syslogd, the syslog daemon, at info, notice, warning and err lev-
els. When a syntax error is found in an access control rule, the error is reported to the syslog daemon;
HP-UX 11i Version 2: December 2007 Update − 2 − Hewlett-Packard Company 177