1.\" $NetBSD: identd.8,v 1.18 2004/01/31 22:39:24 wiz Exp $ 2.\" 3.\" This software is in the public domain. 4.\" Written by Peter Postma <peter@pointless.nl> 5.\" 6.Dd January 31, 2004 7.Dt IDENTD 8 8.Os 9.Sh NAME 10.Nm identd 11.Nd TCP/IP Ident protocol server 12.Sh SYNOPSIS 13.Nm 14.Op Fl 46beIilNnr 15.Op Fl a Ar address 16.Op Fl c Ar charset 17.Op Fl F Ar format 18.Op Fl f Ar fallback 19.Op Fl g Ar uid 20.Op Fl L Ar username 21.Op Fl o Ar osname 22.Op Fl p Ar portno 23.Op Fl t Ar seconds 24.Op Fl u Ar uid 25.Sh DESCRIPTION 26.Nm 27is a TCP/IP server which implements the user identification protocol 28as specified in RFC 1413. 29.Pp 30.Nm 31operates by looking up specific TCP/IP connections and returning 32information which may or may not be associated with the process owning 33the connection. 34.Pp 35The following options are available: 36.Bl -tag -width XXxXusernameXX 37.It Fl 4 38Bind to IPv4 addresses only. 39(flag 40.Fl b 41only) 42.It Fl 6 43Bind to IPv6 addresses only. 44(flag 45.Fl b 46only) 47.It Fl a Ar address 48Bind to the specified 49.Ar address . 50This may be an IPv4 or IPv6 address or even a hostname. 51If a hostname is specified then 52.Nm 53will resolve it to an address (or addresses) and will bind this address. 54(flag 55.Fl b 56only) 57.It Fl b 58Run in the background (as daemon). 59.It Fl c Ar charset 60Specfify an optional character set designator to be included in replies. 61.Ar charset 62should be a valid charset set as described in the 63.Tn MIME RFC 64in upper case characters. 65.It Fl e 66Return 67.Dq UNKNOWN-ERROR 68instead of the usual 69.Dq NO-USER 70or 71.Dq INVALID-PORT 72error replies. 73.It Fl F Ar format 74Specify the format to display info. 75The allowed format specifiers are: 76.Bd -literal 77%u print user name 78%U print user number 79%g print (primary) group name 80%G print (primary) group number 81%l print list of all groups by name 82%L print list of all groups by number 83.Ed 84.Pp 85The lists of groups (%l, %L) are comma-separated, and start with the primary 86group which is not repeated. 87Any other characters (preceded by %, and those not preceded by it) 88are printed literally. 89The 90.Dq default 91format is %u, and you should not use anything else without using the flag 92.Fl o Ar OTHER . 93.It Fl f Ar fallback 94Specify a 95.Ar fallback 96username. 97If the lookup fails then this username will be returned. 98This can be useful for when running this service on a NAT host. 99.It Fl g Ar gid 100Specify the group id number or name which the server should switch to after 101binding itself to the TCP/IP port. 102.It Fl I 103Same as 104.Fl i 105but without the restriction that the username in 106.Pa .ident 107must not match an existing user. 108.It Fl i 109If the 110.Pa .ident 111file exists in the home directory of the identified user, return the username 112found in that file instead of the real username. 113If the username found in 114.Pa .ident 115is that of an existing user, then the real username will be returned. 116.It Fl L Ar username 117Specify a 118.Dq lie 119.Ar username . 120Return this name for all ident requests. 121.It Fl l 122Use 123.Xr syslogd 8 124for logging. 125.It Fl N 126Enable 127.Pa .noident 128files. 129If this file exists in the home directory of the identified user then return 130.Dq HIDDEN-USER 131instead of the normal USERID response. 132.It Fl n 133Return numeric user IDs instead of usernames. 134.It Fl o Ar osname 135Return 136.Ar osname 137instead of the default 138.Dq UNIX . 139.It Fl p Ar portno 140Specify an alternative port number under which the server should run. 141The default is port 113. 142(flag 143.Fl b 144only) 145.It Fl r 146Return a random name of alphanumeric characters. 147If the 148.Fl n 149flag is also enabled then a random number will be returned. 150.It Fl t Ar seconds 151Specify a timeout for the service. 152The default timeout is 30 seconds. 153.It Fl u Ar uid 154Specify the user id number or name to which the server should switch after 155binding itself to the TCP/IP port. 156.El 157.Sh FILES 158.Pa /etc/inetd.conf 159.Sh EXAMPLES 160.Nm 161operates from 162.Xr inetd 8 163or as standalone daemon. 164Put the following lines into 165.Xr inetd.conf 5 166to enable 167.Nm 168as an IPv4 and IPv6 service via inetd: 169.Pp 170ident stream tcp nowait nobody /usr/libexec/identd identd -l 171.Pp 172ident stream tcp6 nowait nobody /usr/libexec/identd identd -l 173.Pp 174If you want to run 175.Nm 176as standalone daemon then please use the 177.Fl b 178flag (background). 179.Sh SEE ALSO 180.Xr inetd.conf 5 , 181.Xr inetd 8 182