Hello Dietmar,
thank you for your smashing hint to set up another telnetd on a free port and have it exposed to tusc's syscall tracking.
I downloaded a precompiled binary from the HP Porters and installed it.
Then I set up a 2nd telnetd/inetd listening socket almost exactly as you outlined it.
I only added the triple -c switch in tusc's invocation in order to have elapsed CPU times per syscall as well logged.
tusc itself got installed here
# uname -srv
HP-UX B.11.00 U
# ll /usr/local/bin/tusc
-rwx--x--x 1 root sys 819200 May 20 2003 /usr/local/bin/tusc
I registered the suggested port 10023 as it hasn't been used yet by another service (and because I liked the celebral link to the original telnet port ("donkey's bridge" as we Germans call it ;-)) under the name telnetdb
# grep telnet /etc/services
telnet 23/tcp # Virtual Terminal Protocol
# debug wrapper for telnet analysis
telnetdb 10023/tcp
# grep telnet /etc/services
telnet 23/tcp # Virtual Terminal Protocol
# debug wrapper for telnet analysis
telnetdb 10023/tcp
# grep telnet /etc/inetd.conf
telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b /etc/issue
telnetdb stream tcp nowait root /usr/local/sbin/tusctelnet telnetd
As you can see I called my wrapper (deviating) tusctelnet, and placed it in this path and made it executable to root
# ll /usr/local/sbin/tusctelnet
-rwxr--r-- 1 root sys 114 Jan 30 00:32 /usr/local/sbin/tusctelnet
The script's content is almost identical.
I only changed the default timestamp format according to strftime() to make it a bit more readable.
# cat /usr/local/sbin/tusctelnet
#!/sbin/sh
exec /usr/local/bin/tusc -fkaenccc -T "%Y/%m/%d %H:%M:%S" -o /tmp/tusctelnet.$$ /usr/lbin/telnetd "$@"
I then asked inetd to reread its configuration by issuing
/usr/sbin/inetd -c
and checked in syslog.log that it recognised the new telnetdb.
But all tests (so far only manually to see if it works) to connect to the new socket on localhost fail with "incorrect login"
# telnet localhost 10023
Trying...
Connected to localhost.
Escape character is '^]'.
Telnet TERMINAL-SPEED option ON
Local flow control on
HP-UX saturn B.11.00 U 9000/800 (tm)
login: topx
Login incorrect
login: topx
Login incorrect
login: topx
Login incorrect
Connection closed by foreign host.
# echo $?
1
# netstat -anfinet|grep 10023
tcp 0 0 127.0.0.1.10023 127.0.0.1.61879 TIME_WAIT
tcp 0 0 *.10023 *.* LISTEN
Because I suspected the exec call in the wrapper script, since execs replace the current process by the process passed as 1st argument.
But of course, the removal didn't change a thing.
Could you give me a clue what's going wrong?
The inspection of the newly created logfile from tusc (as set through -o ...) wasn't too revealing either.
Because of the bulk of output produced I fear to lose the overview, and there will be a lot to wade through.
Besides, a few other silly questions.
Why should the new telnetdb started as root process?
Since I want to bind it to a socket well beyond 1024 there should be no need for it.
Or does the tusc tracker/debugger require this?
And then, shouldn't instead of telnetd inetd be tusc'ed, despite the even bigger blow up of logging output?
Still many questions.
Hope you'd find the time to drop a quick line.
Ralph
Madness, thy name is system administration
