z/OS UNIX System Services Planning
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Steps for customizing the inetd daemon

z/OS UNIX System Services Planning
GA32-0884-00

Before you begin: TCP/IP must be properly configured and started.

Perform the following steps to customize the inetd daemon.

  1. Copy /samples/inetd.conf to /etc/inetd.conf.

    _______________________________________________________________

  2. Decide which services you want to support, such as rlogin and telnet. There is no list of daemons that can be started from inetd. To find out whether a daemon can run under inetd, check its documentation. The documentation should also tell you what its inetd.conf entry should look like.

    _______________________________________________________________

  3. Decide on a user name for the services. You can use the one in the sample inetd.conf (OMVSKERN). You can also use a different user name for each service. Some daemons might not require as many privileges as others.

    _______________________________________________________________

  4. Set up the user names in RACF®, with appropriate privileges. You should consider whether to use BPX.DAEMON support. (For more information, see Establishing the correct level of security for daemons.)
    For a multilevel secure environment: If the SAF FACILITY class resource profile BPX.POE is defined, you must grant the user ID assigned to INETD to at least READ access to this profile. For example: 
    PERMIT BPX.POE CLASS(FACILITY) ID(OMVSKERN) ACCESS(READ)
SETROPTS RACLIST(FACILITY) REFRESH

    _______________________________________________________________

  5. Uncomment or add a line in inetd.conf for each service that you want to support. Make any changes needed to the lines for supported services. See the description of inetd in z/OS UNIX System Services Command Reference for the syntax of inetd.conf entries. Also see the appropriate documentation for the various daemon programs for the requirements for each daemon.

    _______________________________________________________________

  6. Make sure that each service is listed in TCPIP.ETC.SERVICES or /etc/services with the appropriate port number.

    _______________________________________________________________

  7. Arrange for inetd to be started on each IPL. The most common way to do this is to start it from /etc/rc. It can also be started from a started task using BPXBATCH with PARM='SH...' or from a shell session of a user with appropriate authority.
    If you start inetd from /etc/rc, then messages will be sent to /etc/log. If you start inetd as a started task and you have syslogd running, then any inetd messages will go to syslogd. You can have syslogd direct those messages to the MVS console with a statement like the following in your /etc/syslog.conf file:
    *.INETD*.daemon.debug      /dev/console

    _______________________________________________________________

When you are done, you have customized the inetd daemon.

Parent topic: Customizing the inetd daemon

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014