TUX 2.1 Reference Manual Red Hat, Inc.
TUX 2.1: Reference Manual Copyright © 2001 by Red Hat, Inc. TUX(EN)-2.1-RHI (2001-12-02T23:45-0400) Red Hat is a registered trademark and the Red Hat Shadow Man logo, RPM, the RPM logo, and Glint are trademarks of Red Hat, Inc. Linux is a registered trademark of Linus Torvalds. All other trademarks and copyrights referred to are the property of their respective owners. Copyright © 2001 by Red Hat, Inc.
Table of Contents 1. What is TUX? ................................................................................................................................. 7 1.1. New TUX 2.1 Features.................................................................................................... 7 1.2. Summary of System Requirements .............................................................................. 8 1.2.1. Current Limitations ..........................................................................
Chapter 1. What is TUX? TUX is a kernel-based web server licensed under the GNU General Public License (GPL). It is currently limited to serving static web pages and coordinating with kernel-space modules, user-space modules, and regular user-space web server daemons to provide dynamic content. Regular user-space web servers do not need to be altered in any way for TUX to coordinate with them. However, user-space code has to use a new interface based on the tux(2) system call.
Chapter 1. What is TUX? 1.1. New TUX 2.1 Features The TUX 2.1 release is an incremental upgrade to TUX 1.0 and keeps source-code level compatibility with user-space modules. The incremental enhancements include • True zero-copy disk reads — Whereas TUX 1.0 copied files into a temporary buffer, TUX 2.1 is integrated with the page cache and thus uses zero-copy block IO. • Generic zero-copy network writes — TUX 2.1 uses the generic zero-copy TCP framework.
Chapter 2. Installation This chapter describes how to install TUX. 2.1. Installation Instructions 1. For optimal performance, create a separate RAID partition as the document root for TUX. 2. Configure and install the kernel with TUX support built-in, if it has not already been provided with TUX configured. 3. Install the TUX package with the command rpm -Uvh tux-2.1.0-2.i386.rpm (modify as necessary for new versions...) 4. Create an index.html file in /var/www/html, the default document root directory. 5.
Chapter 2. Installation binary log files into into standard W3C-conforming HTTPD log files. If you want to save the ASCII output, you can redirect the output to a file: /usr/sbin/tux2w3c /var/log/tux > tux.log, where tux.log is the name of the output file. Sample log file output: 195.4.12.3 - - Fri Nov 195.4.12.3 - - Fri Nov 255.255.255.255 - - Fri 0 404 195.4.12.3 - - Fri Nov 195.4.12.3 - - Fri Nov 195.4.12.3 - - Fri Nov 195.4.12.3 - - Fri Nov 195.4.12.3 - - Fri Nov 4084 200 195.4.12.
Chapter 3. Configuration This chapter describes how to configure the TUX Web Server. 3.1. Modes of Operation The recommended mode of operation is to have TUX running as the main web server and Apache run as the assistant. • Client Port: 8080 (or other) • Web Server Port: 80 For the recommend mode where TUX is the main web server, the configuration for the userspace daemon must be changed to use port 8080. For Apache configuration, the changes are made in the configuration file /etc/httpd/conf/httpd.
Chapter 3. Configuration • The TUX compression feature is on in /etc/sysctl.conf. • The client has explicitly stated to support gzip encoding. • The original file exists, is a regular file, and has the proper permissions. • The .gz file exists, is a regular file, and has the proper permissions. • The .gz file is newer than or has the same-date as the original file. • The size of the .gz file is smaller than original file.
Chapter 3. Configuration 13 Name Default http_subdocroot No value set by default The directory, relative to the documentroot, where the web pages are stored. TUX defaults to using documentroot if http_subdocroot has no value. Description ftp_subdocroot No value set by default The directory, relative to the documentroot, where the files to be served by the FTP server are stored. TUX defaults to using the document root defined for the HTTP server if ftp_subdocroot has no value.
Chapter 3. Configuration Name Default Description push_all 0 If set to 0, may merge subsequent packets. If set to 1, force a packet boundary right after the end of the TUX request. compression 0 If set to 0, it is disabled. If set to 1, sending gzip compressed data is turned on. See Section 3.2 for details. cgi_uid -1 UID as which to run CGI programs. Set by default to the ID for "nobody" in the tux init script. cgi_gid -1 GID as which to run CGI programs.
Chapter 3. Configuration 15 Name Default Description keepalive_timeout 0 Unfinished and should not be used. A per-client-connection timer that will time out if a request does not arrive within a pre-specified time. Timeout value is set in seconds. max_object_size 100MB Maximum file size TUX is willing to serve. Dprintk 0 If TUX_DEBUG is turned on, then print out very verbose messages to syslog. Should only be used for debugging purposes.
Chapter 3. Configuration Name Default Description virtual_server 0 (off) Turns on mass virtual hosting. Hosts are headers from the browser that are directly turned into $DOCROOT/ Host ’virtual docroots.’ This way any number of hosts can be served by a single TUX server without any performance penalty at all. Refer to Section 3.8 for details. mass_hosting_hash 0 (off) If virtual_server is enabled, this parameter modifies the hostname mapping to be more effective for a large number of hosts.
Chapter 3. Configuration 17 Parameter Default DOCROOT /var/www/html The document root, the directory where the web pages are stored. Description CGI_UID nobody UID (user) as which to run CGI programs. CGI_GID nobody GID (group) as which to run CGI programs. DAEMON_UID nobody UID (user) as which the daemon runs. DAEMON_GID nobody GID (group) as which the daemon runs. CGIROOT /var/www/html The directory where the CGI programs are stored.
Chapter 3. Configuration 3.4. Starting TUX TUX can be started by issuing the command /etc/rc.d/init.d/tux start. This script is written to start TUX on a single-processor as well as a multi-processor server. If you choose to write your own script to start TUX or start it from the /usr/sbin/tux binary, you can use the following options: Table 3-3.
Chapter 3. Configuration 19 3.5. Stopping TUX If TUX was started with the /etc/rc.d/init.d/tux start script, stop TUX by executing the /etc/rc.d/init.d/tux stop script. This will unload all user-space TUX modules automatically. If you did not use the scripts provided, stop TUX with the command /usr/sbin/tux -s or /usr/sbin/tux --stop. 3.6. Debugging TUX To print out the state and various other information about TUX, execute the gettuxconfig script. You must be root to run this script.
Chapter 3. Configuration These three tunables depend on each other, and the strip_host_tail tunable is only used if host based virtual serving is enabled. Otherwise, it is ignored. 3.8.1. virtual_server If the value is set to 0, virtual hosting is disabled: http://www.example.com/a.html => $DOCROOT/a.html If the value is set to 1, host-based virtual hosting is enabled: http://www.some.site.com/a.html => $DOCROOT/some.site.com/a.html Note TUX strips off the www.
Chapter 3. Configuration 21 http://www.some.site.com/a.html => docroot/some.site/a.html If the value is set to 2: http://www.some.site.com/a.html => docroot/site/a.html and so on... 3.9. TUX as an FTP Server Starting with version 2.0.21 of TUX and version 2.4.2-U7 of the TUX patched kernel, TUX can be configured to run as an anonymous FTP server. To use TUX as an HTTP and FTP server at the same time, use the following commands: echo "http://0.0.0.0:80" > /proc/net/tux/0/listen/0 echo "ftp://0.0.0.
Chapter 3. Configuration 3.9.1. TUX FTP Server Security Features The following are security features of the TUX FTP Server: • Because TUX does not start per-client processes, the memory allocation overhead for each FTP client logged in is less than 10 KB. This allows thousands of parallel connections. • Paranoid parser and paranoid command-evaluation. • Chroots to docroot. • Never starts any external userspace process.
Chapter 4. Security TUX is designed to have very strict security. This is possible because the assistant user-space daemons is used to handle the complex exceptions. TUX only serves a file if 1. The URL does not contain ?. 2. The URL does not start with /. 3. The URL points to a file that exists. 4. The file is world-readable. 1 5. The file is not a directory. 1 6. The file is not executable. 1 7. The file does not have the sticky-bit set. 1 8. The URL does not contain any forbidden substrings such as ..
Chapter 4.
Chapter 5. User-space Loadable Modules In addition to parts of TUX running in kernel-space, user-loadable modules can also be written for TUX. The API for the user-loadable modules is currently under development. This section of the documentation will be updated as the API becomes available. User-space loadable modules are usually a single .c file and are compiled as a shared libraries as a .so file.
Chapter 5.
Index Symbols /etc/rc.d/init.d/tux start, 18 /etc/rc.d/init.d/tux stop, 19 /etc/sysconfig/tux, 16 /etc/sysctl.
