rootd - Online in the Cloud

PROGRAM:

NAME

rootd - The ROOT file server daemon

SYNOPSIS

rootd [options]

DESCRIPTION

This manual page documents briefly the rootd program.

rootd is a ROOT remote file server daemon.

This small server is started either by inetd(8) (or xinetd(8)) when a client requests a
connection to a rootd server or by hand (i.e. from the command line). The rootd server
works with the ROOT TNetFile, TFTP and TNetSystem classes. It allows access to remote
directories and ROOT files in either read or write mode from any ROOT interactive session.
By default rootd listens on port 1094, assigned to it by IANA.

STARTING VIA (X)INETD

To run rootd via inetd(8) or xinetd(8) the port 1094 must be assigned to rootd in
/etc/services; the following line should be added, if not present:

rootd 1094/tcp

If the system uses inetd, add the following line to /etc/inetd.conf:

rootd stream tcp nowait root <bindir>/rootd rootd -i

where <bindir> is the directory you have installed rootd in.

The inetd(8) daemon must re-read its configuration file to become aware of the new
service. This can be done either by killing and restarting it manually

kill -HUP <pid inetd>

or, if SYSV init(8) scripts are used, by restarting it, e.g.

/etc/init.d/inetd restart

If the system uses xinetd(8) instead, a file named 'rootd' should be created under
/etc/xinetd.d with content:

# default: off
# description: The rootd daemon
#
service rootd
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = <bindir>/rootd
server_args = -i
}

where, again, <bindir> is the directory you have installed rootd in.

The xinetd(8) daemon must be restarted:

/sbin/service xinetd restart

If you installed ROOT using some pre-compiled package (for example a Redhat Linux or a
Debian GNU/Linux package), this may already be done for you.

The above configuration examples start the daemon with superuser privileges. Please refer
to the inetd(8) or xinetd(8) documentation for ways of limiting the privileges.

STARTING BY HAND

You can also start rootd by hand running directly under your private account (no root
system privileges needed). For example to start rootd listening on port 5151 just type:

rootd -p 5151

Notice: no & is needed rootd will go in background by itself.

ANONYMOUS LOGINS

rootd can also be configured for anonymous usage (like anonymous ftp). To setup rootd to
accept anonymous logins do the following (while being logged in as root):

1 Add the following line to /etc/passwd:

rootd:*:71:72:Anonymous rootd:/var/spool/rootd:/bin/false

where you may modify the uid, gid (71, 72) and the home directory to suite your
system.

2 Add the following line to /etc/group:

rootd:*:72:rootd

where the gid must match the gid in /etc/passwd

3
Create the directories:

/var/spool/rootd
mkdir /var/spool/rootd/tmp
chmod 777 /var/spool/rootd/tmp

Where /var/spool/rootd must match the rootd home directory as specified in the
rootd /etc/passwd entry.

4 To make writable directories for anonymous do, for example:

mkdir /var/spool/rootd/pub
chown rootd:rootd /var/spool/rootd/pub

That's all.

If you installed ROOT using some pre-compiled package (for example a Redhat Linux or a
Debian GNU/Linux package), this may already be done for you.

Several remarks:

* You can login to an anonymous server either with the names anonymous or rootd.

* The passwd should be of type [email protected] Only the @ is enforced for the time
being.

* In anonymous mode the top of the file tree is set to the rootd home directory,
therefore only files below the home directory can be accessed.

* Anonymous mode only works when the server is started via inetd(8) or xinetd(8).

ABOUT PASSWORD AUTHENTICATION

In system using shadow passwords, full access to the password field of the user
information structure requires special privileges; this is typically granted if rootd is
started by inetd(8) or xinetd(8), as the in above examples. If the daemon is started in
unprivileged mode, either from a regular account or by (x)inetd with reduced privileges,
password-based authentication require users to create a file $HOME/.rootdpass containing
an encrypted password (using crypt(3)). The system tests the existence of this file before
checking the system password files. An encrypted password can be created in the following
way:

perl -e '$pw = crypt("<secretpasswd>","salt"); print "$pw0'

storing the output string in $HOME/.rootdpass .

If the $HOME/.rootdpass does not exists and the system password file cannot be accessed,
rootd attempts to run the authentication via an sshd(8) daemon.

OPTIONS

-b <tcpwindowsize>
specifies the tcp window size in bytes (e.g. see
http://www.psc.edu/networking/perf_tune.html). Default is 65535. Only change
default for pipes with a high bandwidth*delay product.

-d <level>
level of debug info written to syslogd 0 = no debug (default), 1 = minimum, 2 =
medium, 3 = maximum.

-D <rootdaemonrc>
read access rules from file <rootdaemonrc>. By default
<root_etc_dir>/system.rootdaemonrc is used for access rules; for privately started
daemons $HOME/.rootdaemonrc (if present) is read first.

-f run in the foreground (output on the window); useful for debugging purposes.

-i indicates that rootd was started by inetd(8) or xinetd(8).

-noauth
do not require client authentication

-p <port#>[-<port2#>]
specifies the port number to listen on. Use port-port2 to find the first available
port in the indicated range. Use 0-N for range relative to default service port.

-r files can only be opened in read-only mode

-s <sshd_port#>
specifies the port number for the sshd daemon used for authentication (default is
22).

-T <tmpdir>
specifies the directory path to be used to place temporary files; default is
/usr/tmp. Useful when running with limited privileges.

-w do not check /etc/hosts.equiv, $HOME/.rhosts for password-based authentication; by
default these files are checked first by calling ruserok(...); if this option is
specified a password is always required.

Use rootd online using onworks.net services