Opened 9 months ago
Last modified 9 months ago
#18823 new enhancement
Consider consolidating BNetworkService to launch daemon — at Initial Version
| Reported by: | kallisti5 | Owned by: | nobody |
|---|---|---|---|
| Priority: | normal | Milestone: | Unscheduled |
| Component: | Network & Internet | Version: | R1/beta4 |
| Keywords: | Cc: | ||
| Blocked By: | Blocking: | ||
| Platform: | All |
Description
the net_server currently has a BNetworkService class to handle inetd-style forking of network services (our sshd currently uses it)
However, it was pointed out in IRC that launch daemon might be a better place for this.
Considerations:
- net_server is likely not the most secure palace to be forking processes.
- launch_daemon is already well designed, and could have a new type added for "inetd services"
Design Considerations:
- net_server could do basic firewalling of ports, and notify launch daemon of unhandled inbound requests.
- launch daemon could then "decide" if it wants to do anything with the network request, or drop it.
Pros:
- launch daemon managing inetd services would put full control and inventory of services in one place.
- launch daemon could adjust inetd services based on varying targets.
- services could "self-register" inetd with launch daemon by dropping a new launch script. (openssh drops a disabled inetd service off with launch daemon which waits on network)
- CLI management of inetd style services through launch_roster
- GUI management of inetd style services via X512's launch daemon gui tool.
Cons:
- It's kind of a shuffle of code
- Our use case doesn't need "targets" for inetd services
Note:
See TracTickets
for help on using tickets.
