NAME
rootd - The ROOT file server daemon
SYNOPSIS
rootd [options]
DESCRIPTION
This manual page documents briefly the rootd program.
rootd is a ROOT remote file server daemon.
This small server is started either by inetd(8) (or xinetd(8)) when a
client requests a connection to a rootd server or by hand (i.e. from
the command line). The rootd server works with the ROOT TNetFile, TFTP
and TNetSystem classes. It allows access to remote directories and ROOT
files in either read or write mode from any ROOT interactive session.
By default rootd listens on port 1094, assigned to it by IANA.
STARTING VIA (X)INETD
To run rootd via inetd(8) or xinetd(8) the port 1094 must be assigned
to rootd in /etc/services; the following line should be added, if not
present:
rootd 1094/tcp
If the system uses inetd, add the following line to /etc/inetd.conf:
rootd stream tcp nowait root <bindir>/rootd rootd -i
where <bindir> is the directory you have installed rootd in.
The inetd(8) daemon must re-read its configuration file to become aware
of the new service. This can be done either by killing and restarting
it manually
kill -HUP <pid inetd>
or, if SYSV init(8) scripts are used, by restarting it, e.g.
/etc/init.d/inetd restart
If the system uses xinetd(8) instead, a file named ’rootd’ should be
created under /etc/xinetd.d with content:
# default: off
# description: The rootd daemon
#
service rootd
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = <bindir>/rootd
server_args = -i
}
where, again, <bindir> is the directory you have installed rootd in.
The xinetd(8) daemon must be restarted:
/sbin/service xinetd restart
If you installed ROOT using some pre-compiled package (for example a
Redhat Linux or a Debian GNU/Linux package), this may already be done
for you.
The above configuration examples start the daemon with superuser
privileges. Please refer to the inetd(8) or xinetd(8) documentation for
ways of limiting the privileges.
STARTING BY HAND
You can also start rootd by hand running directly under your private
account (no root system privileges needed). For example to start rootd
listening on port 5151 just type:
rootd -p 5151
Notice: no & is needed rootd will go in background by itself.
ANONYMOUS LOGINS
rootd can also be configured for anonymous usage (like anonymous ftp).
To setup rootd to accept anonymous logins do the following (while being
logged in as root):
1 Add the following line to /etc/passwd:
rootd:*:71:72:Anonymous rootd:/var/spool/rootd:/bin/false
where you may modify the uid, gid (71, 72) and the home
directory to suite your system.
2 Add the following line to /etc/group:
rootd:*:72:rootd
where the gid must match the gid in /etc/passwd
3 Create the directories:
/var/spool/rootd
mkdir /var/spool/rootd/tmp
chmod 777 /var/spool/rootd/tmp
Where /var/spool/rootd must match the rootd home directory as
specified in the rootd /etc/passwd entry.
4 To make writable directories for anonymous do, for example:
mkdir /var/spool/rootd/pub
chown rootd:rootd /var/spool/rootd/pub
That’s all.
If you installed ROOT using some pre-compiled package (for example a
Redhat Linux or a Debian GNU/Linux package), this may already be done
for you.
Several remarks:
* You can login to an anonymous server either with the names
anonymous or rootd.
* The passwd should be of type user@host.domain Only the @ is
enforced for the time being.
* In anonymous mode the top of the file tree is set to the rootd
home directory, therefore only files below the home directory
can be accessed.
* Anonymous mode only works when the server is started via
inetd(8) or xinetd(8).
ABOUT PASSWORD AUTHENTICATION
In system using shadow passwords, full access to the password field of
the user information structure requires special privileges; this is
typically granted if rootd is started by inetd(8) or xinetd(8), as the
in above examples. If the daemon is started in unprivileged mode,
either from a regular account or by (x)inetd with reduced privileges,
password-based authentication require users to create a file
$HOME/.rootdpass containing an encrypted password (using crypt(3)). The
system tests the existence of this file before checking the system
password files. An encrypted password can be created in the following
way:
perl -e ’$pw = crypt("<secretpasswd>","salt"); print "$pw0’
storing the output string in $HOME/.rootdpass .
If the $HOME/.rootdpass does not exists and the system password file
cannot be accessed, rootd attempts to run the authentication via an
sshd(8) daemon.
OPTIONS
-b <tcpwindowsize>
specifies the tcp window size in bytes (e.g. see
http://www.psc.edu/networking/perf_tune.html). Default is 65535.
Only change default for pipes with a high bandwidth*delay
product.
-d <level>
level of debug info written to syslogd 0 = no debug (default), 1
= minimum, 2 = medium, 3 = maximum.
-D <rootdaemonrc>
read access rules from file <rootdaemonrc>. By default
<root_etc_dir>/system.rootdaemonrc is used for access rules; for
privately started daemons $HOME/.rootdaemonrc (if present) is
read first.
-f run in the foreground (output on the window); useful for
debugging purposes.
-i indicates that rootd was started by inetd(8) or xinetd(8).
-noauth
do not require client authentication
-p <port#>[-<port2#>]
specifies the port number to listen on. Use port-port2 to find
the first available port in the indicated range. Use 0-N for
range relative to default service port.
-r files can only be opened in read-only mode
-s <sshd_port#>
specifies the port number for the sshd daemon used for
authentication (default is 22).
-T <tmpdir>
specifies the directory path to be used to place temporary
files; default is /usr/tmp. Useful when running with limited
privileges.
-w do not check /etc/hosts.equiv, $HOME/.rhosts for password-based
authentication; by default these files are checked first by
calling ruserok(...); if this option is specified a password is
always required.
SEE ALSO
root(1), proofd(1), system.rootdaemonrc(1)
For more information on the ROOT system, please refer to
http://root.cern.ch
ORIGINAL AUTHORS
The ROOT team (see web page above):
Rene Brun and Fons Rademakers
COPYRIGHT
This library is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published
by the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
This library is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
USA
AUTHOR
This manual page was originally written by Christian Holm Christensen
<cholm@nbi.dk>, for the Debian GNU/Linux system and ROOT version 3. It
has been modified by G. Ganis <g.ganis@cern.ch> to document new
features included in ROOT version 4.