On Mon Feb 07 2000 at 16:18, Hal Burgiss wrote:
> On Mon, Feb 07, 2000 at 02:06:03PM -0500, Bob Tennent wrote:
> > I seem to have messed up something and can't figure out what.
> > The command xfs -port -1 produces the following unenlightening messages:
I think you have the wrong syntax there (or missing some options).
> > _FontTransSocketINETCreateListener: Unable to get service for -1
> > _FontTransMakeAllCOTSServerListeners: failed to create listener for tcp
If you have a look in /etc/rc.d/init.d/xfs you'll see the following...
daemon xfs -droppriv -daemon -port -1
(The "daemon" there refers to a shell function in
/etc/rc.d/init.d/functions that acts as a "wrapper" for running the
real daemon program specified as parameters to the function).
> > On the other hand, xfs -port 7100 works fine, and I can then do
> > xset +fp tcp/localhost:7100 as usual. So why does RedHat use unix/:-1 and
> > why wouldn't it be working?
>
> unix/:-1 creates a socket in the filesystem in /tmp. Likely things to
> look for are a) filesystem is filled past normal user limits (xfs runs
> as non-root user) b) permissions on /tmp are wonky. Another
> possibility may be that XF86Config is setup wrong. Needs to match
> init.d/xfs.
>
> Why? Dunno. Security maybe.
Definitely, absolutely for security. And thank god for that too! By
listening to only local unix sockets, only local processes can connect
to it. But get it to listen on a *network* socket, and you
immediately have a daemon that is "attackable" from the network.
Unless you are really, REALLY using a network font server, this is
something that you don't want.
Cheers
Tony
-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-
Tony Nugent <[EMAIL PROTECTED]> Systems Administrator
GrowZone OnLine (a project of) GrowZone Development Network
POBox 475 Toowoomba Oueensland Australia 4350 Ph: 07 4637 8322
-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-=*#*=-
--
To unsubscribe:
mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
