The skabus-dyntee program
skabus-dyntee is a dynamic tee, which is the simplest publisher daemon possible. It listens on a Unix domain socket, accepts client connections, and publishes to its clients everything it reads on its standard input, as a byte stream. It only writes to clients and never reads from them.
Interface
skabus-dyntee [ -1 ] [ -D | -d ] [ -c maxconn ] [ -b backlog ] [ -G gidlist ] [ -g gid ] [ -u uid ] [ -U ] [ -t clienttimeout ] [ -T lameducktimeout ] [ -i rulesdir | -x rulesfile ] path
- skabus-dyntee binds to the Unix domain socket at path.
- If applicable, it drops root privileges.
- It listens to its socket and accepts client connections.
- Whenever it has data available on its standard input, it reads that data and writes it to every client it has. It duplicates its stdin stream to all its clients, hence the name dynamic tee.
- When it reads EOF on its stdin, or when it receives a SIGTERM, it waits for its clients to read their pending data, then exits 0.
skabus-dyntee is just a wrapper that binds to its socket and drops privileges before executing into skabus-dynteed. For details of the daemon's operation, see the skabus-dynteed documentation.
Options
- -1 : write a newline to stdout, before closing it, right after binding and listening to the Unix socket. If stdout is suitably redirected, this can be used by monitoring programs to check when the server is ready to accept connections.
- -d : allow instant rebinding to the same path even if it has been used not long ago - this is the SO_REUSEADDR flag to setsockopt() and is generally used with server programs. This is the default. Note that path will be deleted if it already exists at program start time.
- -D : disallow instant rebinding to the same path.
- -c maxconn : accept at most maxconn concurrent client connections. Default is 40. It is impossible to set it higher than the value of the SKABUS_DYNTEE_MAX macro, which is 1000.
- -b backlog : set a maximum of backlog backlog connections on the socket. Extra connection attempts will rejected by the kernel.
- -G gidlist : change skabus-dyntee's supplementary group list to gidlist after binding the socket. This is only valid when run as root. gidlist must be a comma-separated list of numerical group IDs.
- -g gid : change skabus-dyntee's groupid to gid after binding the socket. This is only valid when run as root.
- -u uid : change skabus-dyntee's userid to uid after binding the socket. This is only valid when run as root.
- -U : change skabus-dyntee's user id, group id and supplementary group list according to the values of the UID, GID and GIDLIST environment variables after binding the socket. This is only valid when run as root. This can be used with the s6-envuidgid program to easily script a service that binds to a privileged socket then drops its privileges to those of a named non-root account.
- -t clienttimeout : disconnect a client that has not read its data after clienttimeout milliseconds. By default, clienttimeout is 0, which means infinite.
- -T lameducktimeout : after skabus-dyntee has been told to exit, clients will have lameducktimeout milliseconds to read their pending data, after which skabus-dyntee will exit anyway. By default, lameducktimeout is 0, which means infinite.
- -x rulesfile : read access rights configuration from CDB file rulesfile.
- -i rulesdir : read access rights configuration from the filesystem in directory rulesdir.
Notes
- skabus-dyntee does not interpret its options itself. It just dispatches them to the appropriate program on the command line that it builds.
- From the user's point of view, skabus-dyntee behaves like a long-lived process, even if the long-lived process itself is called skabus-dynteed. Every operational detail of skabus-dynteed applies to skabus-dyntee as well; in particular, make sure to properly configure the clients' access rights.