Manualshelf

User guide

ManualsBrandsRed Hat ManualsOtherENTERPRISE LINUX 4 - SELINUX GUIDE
71727374757677787980
xinetd Configuration Files
61
includedir /etc/xinetd.d
These lines control the following aspects of xinetd:
instances — Specifies the maximum number of simultaneous requests that xinetd can process.
log_type — Configures xinetd to use the authpriv log facility, which writes log entries to the
/var/log/secure file. Adding a directive such as FILE /var/log/xinetdlog would create a
custom log file called xinetdlog in the /var/log/ directory.
log_on_success — Configures xinetd to log successful connection attempts. By default, the
remote host's IP address and the process ID of the server processing the request are recorded.
log_on_failure — Configures xinetd to log failed connection attempts or if the connection was
denied.
cps — Configures xinetd to allow no more than 25 connections per second to any given service. If
this limit is exceeded, the service is retired for 30 seconds.
includedir /etc/xinetd.d/ — Includes options declared in the service-specific configuration
files located in the /etc/xinetd.d/ directory. Refer to Section 2.3.4.2, “The /etc/xinetd.d/
Directory” for more information.
Note
Often, both the log_on_success and log_on_failure settings in /etc/xinetd.conf
are further modified in the service-specific configuration files. More information may therefore
appear in a given service's log file than the /etc/xinetd.conf file may indicate. Refer to
Section 2.3.4.3.1, “Logging Options” for further information.
2.3.4.2. The /etc/xinetd.d/ Directory
The /etc/xinetd.d/ directory contains the configuration files for each service managed by xinetd
and the names of the files are correlated to the service. As with xinetd.conf, this directory is read
only when the xinetd service is started. For any changes to take effect, the administrator must restart
the xinetd service.
The format of files in the /etc/xinetd.d/ directory use the same conventions as /etc/
xinetd.conf. The primary reason the configuration for each service is stored in a separate file is to
make customization easier and less likely to affect other services.
To gain an understanding of how these files are structured, consider the /etc/xinetd.d/krb5-
telnet file:
service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/kerberos/sbin/telnetd
log_on_failure += USERID
disable = yes
}
These lines control various aspects of the telnet service: