|
|
A port monitor is a process that is responsible for monitoring a set of homogeneous, incoming ports on a machine. A port monitor's main purpose is to detect incoming service requests and to dispatch them appropriately.
A port is an externally-seen access point on a system. A port may be an address on a network (TSAP or PSAP), a hardwired terminal line, an incoming phone line, and so on. The definition of what constitutes a port is strictly a function of the port monitor itself.
A port monitor performs certain basic functions. Some of these are required to conform to the Service Access Facility (SAF); others may be specified by the requirements and design of the port monitor itself.
Port monitors have two main functions:
The first function of a port monitor is to manage a port. The actual details of how a port is managed are defined by the person who defines the port monitor. A port monitor is not restricted to handling a single port; it may handle multiple ports simultaneously.
The second function of a port monitor is to monitor the port or ports for which it is responsible for indications of activity. Two types of activity may be detected:
A port monitor must be able to restrict access to the system without disturbing services that are still running. In order to do this, a port monitor must maintain two internal states: enabled and disabled. The port monitor starts in the state indicated by the ISTATE environment variable provided by the SAC. (See ``The Service Access Controller''.)
Enabling or disabling a port monitor affects all ports for which the port monitor is responsible. If a port monitor is responsible for a single port, only that port will be affected. If a port monitor is responsible for multiple ports, the entire collection of ports will be affected.
Enabling or disabling a port monitor is a dynamic operation: it causes the port monitor to change its internal state. The effect does not persist across new invocations of the port monitor.
Enabling or disabling an individual port, however, is a static operation: it causes a change to an administrative file. The effect of this change will persist across new invocations of the port monitor.
Port monitors are responsible for creating utmp entries with the ``type'' field set to ``USER_PROCESS'' for services they start, if this action has been specified (that is, if -fu was specified on the pmadm command line that added the service). These utmp entries may in turn be modified by the service. When the service terminates, the utmp entry must be set to ``DEAD_PROCESS''.
When a port monitor starts, it writes its process ID into a file named _pid in the current directory and places an advisory lock on the file.
Before invoking the service designated in the port monitor administrative file, _pmtab, a port monitor must arrange for the per-service configuration script to be run (if one exists) by calling the library function doconfig(3iac). Because the per-service configuration script may specify the execution of restricted commands, as well as for other security reasons, port monitors are invoked with root permissions. The details of how services are invoked are specified by the person who defines the port monitor.
A port monitor's current directory contains an administrative file named _pmtab. _pmtab is maintained by the pmadm command in conjunction with a port monitor-specific administrative command. Port monitor-specific commands are discussed below.
A port monitor's current directory also contains the per-service configuration scripts, if they exist. The names of the per-service configuration scripts correspond to the service tags in the _pmtab file.
A port monitor may create private files in the directory /var/saf/pmtag, where pmtag is the name of the port monitor. Examples of private files are log files or temporary files.
A port monitor must terminate itself gracefully on receipt of the signal SIGTERM. The termination sequence is: