💾 Archived View for gemini.smallweb.space › gemlog › 20230123-efingerd-part2.gmi captured on 2023-04-26 at 13:14:27. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-01-29)

➡️ Next capture (2023-05-24)

-=-=-=-=-=-=-

efingerd with inetd (instead of systemd)

Note

This is a revised post of my older one talking about systemd. A lot is the same, but I've added some configuration options, and swapped to inetd because it was easier to setup, and was what efingerd expected.

Original Post

Background

Not a lot of folks use the finger command or protocol these days; however, I've been delving into the #smallweb / smolweb (i.e., the Gemini Protocol) for the past year and noticed a few people have revived this ancient protocol for status updates. I figured I'd give it a shot, and I thought it would be simple, but the lack of guidance really hindered me for a bit.

If you're wondering, efingerd / fingerd (the original) simply enables people outside of your own linux machine to use the finger command, just remotely.

Installing

Finger / efingerd is not installed on Ubuntu 22.10 by default so you have to install it:

$ sudo apt-get install finger
$ sudo apt-get install efingerd

Other finger daemons

This post only goes over efingerd, but if you want to see what other finger daemons are available:

$ apt search fingerd

Enabling efingerd

On Ubuntu 22.10, the install script should automatically update your /etc/inetd.conf file with the necessary configuration. One thing I learned is that these old programs are launched by another wrapper daemon, namely tcpd. I *really* tried getting cfingerd to work with systemd, xinetd, and inetd, but I kept getting errors, so I went with efingerd in the end.

If you check out /etc/inetd.conf, you'll see this line added:

:INFO: Info services
finger		stream	tcp	nowait	efingerd	/usr/sbin/tcpd	/usr/sbin/efingerd 

which I edited to:

:INFO: Info services
finger		stream	tcp	nowait	root	/usr/sbin/tcpd	/usr/sbin/efingerd -u -t 5  

• -u prevents users from using the executable ~/.efingerd file
• -t 5 sets the connection timeout
• I also changed user to root (which most other finger daemons run as) so that each user's home directory could be read by the bash scripts, otherwise the user efingerd can't see into those.

Enabling the Service

$ sudo systemctl inetd restart

Checking the service

$ sudo journalctl -f -u inetd

and

$ sudo systemctl status inetd

Configuring efingerd

make all files in /etc/efingerd executeable

sudo chmod +x /etc/efingerd/

edit them - there are a few test commands in there... check out the manpage for what they do

I pretty much got rid of everything (finger shows users logged in and their IP addresses) and crafted my own scripts inside the files to read the user's directory for the .plan, .project. and .pgpkey files, and display them if they exist.

My luser script

Open port in firewall

$ sudo ufw enable 79/tcp

Testing efingerd

try to finger your server:

finger @<your server>

(responds with whatever is in "list")

and

finger <user>@<your server>

(responds with whatever is in "luser")

Addendum - happynetbox

I reached out to the owner of happynetbox [1], a web front-end to finger where you can sign up for your own account and have a finger account purely through the web. I found this site because of ~ruario's posting on #antenna where they were testing if antenna would allow a finger:// submission. Anyways, the owner responded to me and said they used a Node project on github as a baseline for that entire site, which, might actally be easier than setting up 30 year old finger programs on today's systems. The site can be found here:

Simple Node.js finger server

[1] Happynetbox

-----

2023-01-23

Tags: finger, fingerd, efingerd, inetd, 100daystooffload

Gritty

Replies

Send replies to:

gritty@smallweb.space

Gemlog Index

Capsule Home