Finit3: Almost there ...

Today the new logo for Finit3 was added to the GitHub repo and the homepage

Finit3 logo

Gorgeous, isn’t it?! 😎

This fancy artwork means we’re nearing the end of a long and agonizing release cycle where a lot of the internals of Finit have been rewritten and new exciting features have been added! More on this in an upcoming post 😃

Inetd Support in Finit v1.12

A steady flow of features, and releases, is key to keeping any project alive. Recently I ticked off another item in the Finit TODO list …

Finit v1.12 now comes with a built-in inetd! You no longer need an external inetd daemon to launch services on demand.

The good news doesn’t stop there, this little inetd actually supports a poor man’s tcpwrappers!

inetd ssh/tcp          nowait [2345] /sbin/dropbear -i -R -F
inetd ssh@eth0:222/tcp nowait [2345] /sbin/dropbear -i -R -F

With these two lines in your /etc/finit.conf you tell finit to launch the Dropbear SSH server on demand on port 22 (default ssh/tcp port in /etc/services) on all interfaces except on eth0, which in your case is the Internet (WAN) interface, here you want SSH to run on port 222. Actually, you don’t want port 22 open at all on eth0 … so finit takes care of this for you! Seriously, it just works, no need for messing about with that nasty old iptables anymore!

The original UNIX inetd super server supported many protocols internally, some of which may seem a bit odd today, and some have been superseded by more modern protocols.

Finit currently only supports one internal/built-in standard service, time. It is built as a plugin to serve as an example of how you can extend Finit yourself. The time service can be called either as UDP or TCP. To prevent security issues, the time protocol is disabled by default. To enable it you need two things:

  1. The plugin (built by default)
  2. An inetd time ... line in /etc/finit.conf

Assuming you’ve installed the default set of plugins, the following two lines can be added:

inetd time/udp   wait [2345] internal
inetd time/tcp nowait [2345] internal

This can be very useful for testing the inetd capabilities, your network connection, or simply to get the time to a client where NTP for some reason does not work, or is blocked. For instance, you could have a GPS setup on your server and distribute time to clients with the time protocol.

To use it you need an rdate client. Users of rdate in BusyBox may need to be reminded that it only supports TCP.

$ rdate -pu
Sat Mar  7 08:48:58 CET 2015

For more info on Finit and its features, see the README.

Enjoy! ツ

[Read More]

Finit v1.11 released!

Update 2015-03-09: This release has unfortunately been yanked due to serious regressions in launching background processes. It has been replaced by v1.12

[Read More]

Release of Finit v1.9

Just made it! Here’s the result of #Easterhack14 – Finit v1.9 :-)

Nothing fancy this time, just collecting some bug fixes, playing with cppcheck a bit and adding support for including .conf files. Quite useful if you want to partition your configuration, or if you share major pieces of configuration between different platforms.


Finit v1.8

It’s been a long time coming, but here it finally is, Finit v1.8! The goodies we’ve been waiting for are: Runlevels Multiple TTYs One-shot tasks Let’s start off with tasks. Tasks are one-shot commands, with a syntax like service directives, but are not monitored and respawned like services. Tasks are started in parallel, just like services. For some cases, like the system bootstrap phase, some tasks may need to be executed in sequence, and for that purpose there also exists a run command. [Read More]