[arch-general] Leafnode and Systemd

Whiskers catwheezel at operamail.com
Wed Oct 17 15:29:56 EDT 2012 

Leafnode-2 <http://www.dt.e-technik.uni-dortmund.de/~ma/leafnode/beta/> is
a local caching proxy nntp server.  It isn't among Arch's packages, but I
have been using it for some years on another distro (Mandrake/Mandriva).

Systemd launches xinetd on start-up:

	$ cat /usr/lib/systemd/system/xinetd.service
	[Unit]
	Description=A secure replacement for inetd
	After=network.target

	[Service]
	ExecStart=/usr/sbin/xinetd -dontfork
	ExecReload=/bin/kill -HUP $MAINPID

	[Install]
	WantedBy=multi-user.target
	$ 

And xinetd has this file for Leafnode:

	$ cat /etc/xinetd.d/nntp
	service Leafnode
	{
		flags = NAMEINARGS NOLIBWRAP
		per_source = 3
		port = 119
		socket_type = stream
		protocol = tcp
		user = news
		server = /usr/sbin/tcpd
		server_args = /usr/local/sbin/leafnode
		type = UNLISTED
		wait = no
		instances = 7
		only_from = 127.0.0.1
	}

(actually generated using webmin, but in accord with the instructions in
the README and INSTALL files in the Leafnode tarball).

But this doesn't allow any user to access Leafnode; I suspect this is
because /usr/sbin/tcpd doesn't exist (being a part of tcp-wrappers which
Arch no longer has).  (I can run the Leafnode components fetchnews and
texpire as root; but attempts to connect to the local server result in
"connection refused").

There are no daemons launched from /etc/rc.conf.

I have installed ufw as a substitute for tcp-wrappers and created this
file:

	$ cat /etc/ufw/applications.d/ufw-newsserver
	[Leafnode]
	title=Leafnode
	description=NNTP caching proxy server
	ports=119/tcp
	$ 

and have these rules in force, at least one of which should allow local
access to leafnode, I think:

	# ufw status
	Status: active

	To                         Action      From
	--                         ------      ----
	Anywhere                   ALLOW       127.0.0.1
	newsserver                 ALLOW       127.0.0.1
	127.0.0.1 119/tcp          ALLOW       127.0.0.1
	Leafnode                   ALLOW       127.0.0.1

Rather than install tcp-wrappers on my Arch system, I'd like to use
whatever the proper "server" is nowadays instead of /usr/sbin/tcpd - but
what is it?  Or is there something other than xinetd that works as a
'super server' with systemd?

I've only been using Arch for a few months, and it's a bit of a challenge
getting used to the Arch Way - particularly while it's changing over to
systemd etc - so please be patient with me if I've missed something simple
or made a newbie mistake!

-- 
-- ^^^^^^^^^^
--  Whiskers 
-- ~~~~~~~~~~

More information about the arch-general mailing list