tcp-socket-listen — create a socket listening for incoming TCP connections and chain
tcp-socket-listen [--no-reuse-address] [--reuse-port] [--bind-to-any] [--numeric-host] [--numeric-service] [--check-interfaces] [--combine4and6] [--backlog number] [--upstart-compatibility] [--systemd-compatibility] {host} {service} {next-prog}
tcp-socket-listen is a chain-loading utility that opens a TCP socket bound to host and service, executes a call to listen(2), sets the socket to file descriptor 3+n (where n is the number of already-opened listening file descriptors), closing whatever that descriptor was, and then chain loads to next-prog with the execvp(3) function.
next-prog may contain its own command line options, which tcp-socket-listen will ignore.
For compatibility with dæmons that expect to be run under inetd(1), inheriting the listening socket as their standard input, simply use fdmove 0 3 in next-prog.
See fdmove(1).
If the --numeric-host command line option is used, then no name lookup is done on host and it must be (a human readable form of) an IP address.
If the --numeric-service command line option is used, then no name lookup is done on service and it must be a port number.
Otherwise, host is looked up using the system name resolution facility, with the first IP address found being used, and service can be an alphanumeric service name.
The --backlog option specifies the allowed backlog level (defaulting to 5) of outstanding not-yet-accepted connections to the socket. The --no-reuse-address sets a flag that prevents the kernel from re-using an IP address and port combination if there are still TCP connections for that address and port in the CLOSE_WAIT state,
The --reuse-port option sets a flag that allows the same IP address and port combination to be used by multiple TCP listeners, as long as they all use the flag. The --check-interfaces option prevents the use of any IPv4 addresses if there are no IPv4 addresses on any network interface, and the use of any IPv6 addresses if there are no IPv6 addresses. This isn't particularly useful on a dynamically configured system where network interface IP addresses can come and go. Conversely, the --bind-to-any option is quite useful on such a system, as it allows binding to any IPV4 or IPV6 address, even one that is not on any network interface.
The --upstart-compatibility option causes tcp-socket-listen to set the UPSTART_FDS environment variable to 3, and the UPSTART_EVENTS environment variable to socket.
This is for compatibility with dæmons that expect to be run under upstart(1).
The --systemd-compatibility option is for compatibility with dæmons that expect to be run under systemd(1).
It causes tcp-socket-listen to set the LISTEN_FDS environment variable to the number of listening file descriptors, and the LISTEN_PID environment variable to its own process ID.
If the command is started up with the LISTEN_FDS and the LISTEN_PID environment variables already appropriately set, the number of listening file descriptors is taken from them and increased by one, otherwise the number of file descriptors is 1.
Thus a list of listening file descriptors can be built up with multiple commands, as long as they all use the --systemd-compatibility option.
On systems that support such, the --combine4and6 option allows a listener to communicate with both IPv4 and IPv6 clients.
(host must denote an IPv6 address for this to work.)
On other systems, and also the default if --combine4and6 is not used, one must run an IPv4 listener for IPv4 clients and an IPv6 listener for IPv6 clients.
See RFCs 3493 and 4038 for more details.
tcp-socket-listen is fully IPv6 capable, albeit that by the nature of IP versions it is not possible on some operating system kernels to handle both IPv4 and IPv6 with a single socket. To listen on an IPv4 address and an IPv6 address on such kernels, one must have two tcp-socket-listen processes.
tcp-socket-listen can be used as a simple dæmon monitored by
service-manager(1)
that chains to
tcp-socket-accept(1).
Together, the two replace
tcpserver(1)
from ucspi-tcp.
tcp-socket-listen overlaps the functionality of
inetd(1)
and
systemd(1),
with which only the
tcp-socket-accept(1)
half of the pair would be needed (in the systemd-recommended configuration of
Accept=false sockets).
To change the process' UID and GID after a successful call to listen(2), simply chain through setuidgid(1).