fingerd
implements a simple protocol based on RFC 1288
that provides an interface to the
Name and Finger programs at several network sites.
The program is supposed to return a friendly,
human-oriented status report on either the system at the moment
or a particular person in depth.
There is no required format and the
protocol consists mostly of specifying a single
“command line”.
fingerd
is started by
inetd(8),
which listens for
TCP
requests at port 79.
Once connected it reads a single command line
terminated by a
‹CRLF›
which is passed to
finger(1).
fingerd
closes its connections as soon as the output is finished.
If the line is null (i.e., just a
‹CRLF›
is sent) then
finger(1)
returns a
“default”
report that lists all people logged into
the system at that moment.
If a user name is specified (e.g.,
.Pf eric Aq Tn CRLF )
then the
response lists more extended information for only that particular user,
whether logged in or not.
Allowable
“names”
in the command line include both
“login names”
and
“user names”.
If a name is ambiguous, all possible derivations are returned.
The following options may be passed to
fingerd
as server program arguments in
/etc/inetd.conf:
-l
Enable logging.
The name of the host originating the query and the actual request
is reported via
syslog(3)
at LOG_NOTICE priority.
A request of the form
‘/W’
or
‘/w’
will return long output.
Empty requests will return all currently logged in users.
All other requests look for specific users.
See RFC 1288 for details.
-M
Enables matching of
user
names.
This is disabled by default if the system is running YP.
-m
Prevent matching of
user
names.
User
is usually a login name; however, matching will also be done on the
users' real names, unless the
-m
option is supplied.
-P filename
Use an alternate program as the local information provider.
The default local program
executed by
fingerd
is
finger(1).
By specifying a customized local server,
this option allows a system manager
to have more control over what information is
provided to remote sites.
-p
Prevents
finger(1)
from displaying the contents of the
“.plan”
and
“.project”
files.
-S
Prints user information in short mode, one line per user.
This overrides the
“Whois switch”
that may be passed in from the remote client.
-s
Enable secure mode.
Forwarding of queries to other remote hosts is denied.
Connecting directly to the server from a
TIP
or an equally narrow-minded
TELNET
user program can result
in meaningless attempts at option negotiation being sent to the
server, which will foul up the command line interpretation.
fingerd
should be taught to filter out
IAC
and perhaps even respond
negatively
(IAC WON'T)
to all option commands received.