EPICS Home EPICS Controls Argonne National Laboratory

Experimental Physics and
Industrial Control System

Format page
for printing


Search Tech-talk
1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  <20222023  2024  Index 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  <20222023  2024 
<== Date ==> <== Thread ==>
Subject: Re: procServer unix socket configuration
From: Michael Davidsaver via Tech-talk <tech-talk at aps.anl.gov>
To: Han Lee <jeonglee at lbl.gov>
Cc: EPICS Tech Talk <tech-talk at aps.anl.gov>
Date: Mon, 23 May 2022 12:36:08 -0700 
On 5/23/22 12:06, Han Lee via Tech-talk wrote:

Hi Ralph,

I didn't look at the man page, because I only install the binary files into an embedded system.

My first thought to see the introduction of the unix socket domain was to make the secure or complete isolated connection to the procSev without any telnet service in the similar way that MariaDB (MySQL) does, which makes our LBNL IT security team happy.

I am looking for a similar instruction, which should be an interactive console or session on USAGE, in case I am using the unix domain socket, here is the existing man page for telnet.

---- snip snip ---
To connect to the IOC, log into the soft IOC's host and connect to port 20000 using

    telnet localhost 20000

---- snip snip ---

For example,
To connect to the IOC, log into the soft IOC's host and connect to ..........?????


"telnet" (aka. bsd telnet, aka linux-netkit) doesn't understand unix sockets.
I haven't been able to find any simple CLI program which does, and also processes
telnet escape sequences.  You'll find references to use "nc" or "socat", which can
connect to unix sockets, but don't handle telnet escapes.

The conserver daemon can though.  In fact the conserver integration in procServUtils
("manage-procs write-procs-cf") uses this.

https://github.com/ralphlange/procServ/blob/cd68a34da12ec156c4126932b62947ee195b6210/procServUtils/manage.py#L239-L243

Combining procServ, manage-procs, and conserver allows procServ over unix sockets only.



Best,
Han




On Sat, May 21, 2022 at 10:16 AM Ralph Lange via Tech-talk <tech-talk at aps.anl.gov <mailto:tech-talk at aps.anl.gov>> wrote:

    I assume you did look at the man page...

    *unix:</path/to/socket>*::
         Bind to a named unix domain socket that will be created at the specified
         absolute or relative path. The server process must have permission to
         create files in the enclosing directory.
         The socket file will be owned by the uid and primary gid of the procServ
         server process with permissions 0666 (equivalent to a TCP socket bound to
         localhost).

    *unix:<user>:<group>:<perm>:</path/to/socket>*::
         Bind to a named unix domain socket that will be created at the specified
         absolute or relative path. The server process must have permission to
         create files in the enclosing directory.
         The socket file will be owned by the specified _<user>_ and _<group>_
         with _<perm>_ permissions.
         Any of _<user>_, _<group>_, and/or _<perm>_ may be omitted.
         E.g. "-P unix::grp:0660:/run/procServ/foo/control" will create the named
         socket with 0660 permissions and allow the "grp" group connect to it.
         This requires that procServ be run as root or a member of "grp".

    *unix:@</path/to/socket>*::
         Bind to an abstract unix domain socket (Linux specific).
         Abstract sockets do not exist on the filesystem, and have no permissions
         checks.
         They are functionally similar to a TCP socket bound to localhost,
         but identified with a name string instead of a port number.

    What additional information do you need?

    Cheers,
    ~Ralph


    On Sat, 21 May 2022 at 00:44, Han Lee via Tech-talk <tech-talk at aps.anl.gov <mailto:tech-talk at aps.anl.gov>> wrote:

        Hi,

        I am looking for any available documents regarding procServ unix socket options.

        Does anyone have information for a dummy like me?

        Best,
        Han
-- Jeong Han Lee, Dr.rer.nat 
        Staff Scientist and Engineer
        Lawrence Berkeley National Laboratory
        1 Cyclotron Road Mailstop 46R0161
        Berkeley, CA 94720, United States
        Tel :+1-510-486-6163
        Cell:+1-510-384-3868



--
Jeong Han Lee, Dr.rer.nat
Staff Scientist and Engineer
Lawrence Berkeley National Laboratory
1 Cyclotron Road Mailstop 46R0161
Berkeley, CA 94720, United States
Tel :+1-510-486-6163
Cell:+1-510-384-3868
Replies:
Re: procServer unix socket configuration Han Lee via Tech-talk
References:
procServer unix socket configuration Han Lee via Tech-talk
Re: procServer unix socket configuration Ralph Lange via Tech-talk
Re: procServer unix socket configuration Han Lee via Tech-talk
Navigate by Date:
Prev: Re: procServer unix socket configuration Han Lee via Tech-talk
Next: Re: procServer unix socket configuration Han Lee via Tech-talk
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  <20222023  2024 
Navigate by Thread:
Prev: Re: procServer unix socket configuration Han Lee via Tech-talk
Next: Re: procServer unix socket configuration Han Lee via Tech-talk
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  2021  <20222023  2024 
ANJ, 14 Sep 2022 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·