oreilly.comSafari Books Online.Conferences.


Linux in a Nutshell

This directory of Linux commands is from Linux in a Nutshell, 5th Edition.

Click on any of the 687 commands below to get a description and list of available options. All links in the command summaries point to the online version of the book on Safari Bookshelf.

Buy it now, or read it online on Safari Bookshelf.


xinetd [options]

TCP/IP command. The extended Internet services daemon. xinetd saves system resources by listening to multiple sockets on the behalf of other server programs, invoking necessary programs as requests are made for their services. Beyond this, xinetd provides better logging facilities, including remote user ID, access times, and server-specific information. It also provides access-control facilities. Not limited to system administration use, it can launch services that are not listed in /etc/services. Unprivileged users can use this tool to start their own servers.


-cc num

Perform an internal-state consistency check every num seconds.


Turn on debugging support.


Execute in the foreground. This option automatically sets the -stayalive option.

-f file

Read configuration from the specified file instead of /etc/xinetd.conf.

-filelog file

Write log messages to the specified file. Cannot be combined with -syslog or -d.


Read the /etc/inetd.conf file after reading /etc/xinetd.conf.

-limit num

Start no more than num concurrent processes.

-logprocs num

Limit processes used to look up remote user IDs to num.

-pidfile file

Write xinetd's process ID to file.


Keep running even when no services have been specified.

-syslog facility

Log messages to the specified syslogd facility. Accepted values are daemon, auth, user, and localn, where n can range from 0 to 7. Cannot be combined with -syslog or -d. The default behavior is to write messages to syslogd using the daemon facility.


Print version information, then exit.

Configuration files

By default xinetd reads its configuration information from file /etc/xinetd.conf. Lines in this file beginning with # are treated as comments. The entries for each service differ completely from /etc/inetd entries. xinetd configuration entries for services follow the pattern:

service servicename { attribute1 = valueset1 attribute2 = valueset2 }

Some attributes allow assignment operators other than =. Other operators are +=, to add to a value set, and -=, to remove a value from a value set. There are many attributes available to control services. The following are the most common:


Limit incoming connection rate. Accepts two numeric arguments: the number of connections per second to allow and the number of seconds to wait to accept a new connection when the rate is exceeded. The default is 50 incoming connections and a 10-second wait.


Accept a Boolean yes or no. When disabled, xinetd will ignore the entry.


Accept a set of the following values defining xinetd's behavior:


Accept only connections when the remote user's ID can be verified by an identification server. Cannot be used with USERID logging.


Intercept packets to ensure they are coming from allowed locations. Cannot be used with internal or multithreaded services.


Service is an IPv4 service.


Service is an IPv6 service.


Set flag on socket, enabling periodic checks to determine if the line is still receiving data.


Expect the first argument for the server_args attribute to be the command to run. This flag is necessary to wrap services with tcpd.


Set socket's NODELAY flag.


Don't use xinetd's internal TCP wrapping facilities.


If service fails to fork, don't try to fork again.


Instead of launching a service, add IP addresses that attempt to access this service to a list of denied addresses for a time specified by the deny_time attribute.


Specify a group ID for the server process. This may be used only when xinetd runs as root.


Set service priority. This attribute accepts the same values as the renice command.


Specify a unique identifier for the service. Useful when creating multiple entries with the servicename. For example, two versions of the echo service, one supporting UDP and the other TCP, might be given the identifiers echo-stream and echo-dgram.


Specify values to log when a server cannot be started. Accepted values are HOST, USERID, or just ATTEMPT.


Specify values to log when a server is started. Accepted values are PID, HOST, USERID, EXIT, and DURATION.


Specify hosts that should not be allowed access to a service. May be given as an IP address, a netmask, a hostname, a network name from /etc/networks, or a group of IP addresses like so: 192.168.1.{10,11,12,15,32}.


Restrict access to the service to the specified hosts. This attribute accepts the same values as no_access.


Specify the maximum number of instances allowed to a single source IP address. The default is "UNLIMITED".


Specify the service port to listen to. This attribute is required for non-RPC services not listed in /etc/services. If the service is listed, the value of port cannot differ from what is listed.


Specify protocol to use, usually tcp or udp. The protocol must be listed in /etc/protocols. This attribute is required for RPC services, as well as services not found in /etc/services.


The RPC version used by the service. This can be a single number or a range of numbers from x-y. This attribute is required for RPC services.


Specify RPC ID number. This is required only for services not listed in /etc/rpc; otherwise it's ignored.


The program to execute for the service. When using tcpd to wrap a service, also set the NAMEINARGS flag and use the server's program name as the first argument for server_args. This attribute is required for all non-internal services.


Arguments to pass to the server program.


Specify the socket type to create. Accepted values are stream, dgram, raw, and seqpacket.


Describe the type of service. Accepted values are RPC, INTERNAL, and UNLISTED.


Specify a user ID for the server process. This may be used only when xinetd runs as root.


Determine whether services should be treated as single-threaded (yes) and xinetd should wait until the server exits to resume listening for new connections, or multithreaded (no) and xinetd should not wait to resume listening. This attribute is required for all serices.



Default configuration file.


Common directory containing configuration files included from /etc/xinetd.conf.

Linux Resources
  • Linux Online
  • The Linux FAQ
  • Linux Kernel Archives
  • Kernel Traffic

  • Sponsored by: