A dash through various daemons: Printing

lpd — the ``standard'' BSD print spooling daemon.

Daemons: Printing: LPD

Daemons: Printing: lpsched

lpsched -- the ``standard'' ATT version of lpd; it is more complex to administer and, while it was less likely to wander off the reservation once it is in operation, configuration can be much more interesting and problem-laden than lpd. lpsched uses the same RFC 1179 protocol, which it inherited from BSD.

Daemons: Printing: CUPS

cups — a very popular open source replacement which disposes of the problematic RFC 1179 protocol, replacing it with IPP (RFC2567 (good explanation of the overall view of the protocol's design), RFC2568, RFC2569, RFC2639, RFC2910, RFC2911, RFC3196, RFC3239, RFC3380, RFC3381, RFC3382, RFC3391, RFC3510, RFC3712, RFC3995, RFC3996, RFC3997, RFC3998)

See chapter 26 in USLAH for lots more about CUPS.

Daemons: MTAs/MSAs

Mail Transfer Agents (MTAs, see for instance RFC2821) and Mail Submission Agents (MSAs, RFC2476)


Routes local and network mail. Acts as MTA on port 25 (and can act as an MSA on port 587).



The file /etc/mail/sendmail.cf is a set of rewriting rules for modifying addresses; luckily tools exist to automate creation of this file.


Normally, you would use a ``makefile'' that rewrites a ``.mc'' file into a ``.cf'' file. Check http://www.sendmail.org for lots more information -- the op.ps manual is the canonical reading material, although the O'Reilly book is easier. Unfortunately, some distributions have bizarrely taken this makefile and turned into a simple invocation to a very complex shell script.


sendmail is covered in USLAH (pp. 789-794), plus there is an entire O'Reilly & Associates book dedicated to sendmail.


Current, sendmail 8.14 is quite popular as an MTA. The ability to use a bolt-on ``milter'' (mail filter) was added (see http://www.milter.org), and now sendmail is probably the most flexible MTA when dealing with working at a message level; milters can detect and reject spam, they can check for legitimate users even for just forwarding MTAs, they can be implemented in C/C++, Perl, and Python. (Any language that can handle calls into libmilter and has a reasonable run time with respect to threads should be able to use libmilter.)


Daemons: Other MTAs/MSAs

  • qmail - Dan Bernstein's MTA (http://www.qmail.org).
  • smail - an older, less popular MTA from GNU; however, it has been very stable
  • exim - an MTA from Cambridge, gaining in popularity, now found in many Linux distributions such as RedHat (CentOS) and Debian (where it is now the default MTA)
  • Exchange - the enterprise Windows email server from Microsoft
  • haraka - a Javascript/node.js MTA; remarkably fast and configurable, but appears to be waning after a brief burst of popularity.
  • Daemons: MTAs/MSAs


    Daemons: MTAs and SPAM

    Very important these days in both server and client support is anti-spam and anti-virus protection. From a server perspective, the biggest tools are

    NFS - Network File Service

    NFS - Network File Service


    ftpd is the File Transfer Protocol daemon. This is the ademon that is contacted via TCP by FTP client software to transfer files. As with sendmail, keeping up with security patches is critical in ftp implementations (the complex command set generally gives hackers plenty of places to look for flaws). On UNIX/Linux systems, a popular FTP implementation has been wu-ftpd (which has had many security flaws.)

    There are also many clients, such as lftp and wget in addition to the traditional ftp.


    ftpd is now being widely replaced by programs running over SSH/SSL, which gives a ftp-like capability over SSH (we will talk later more about sshd). While the client commands for ftp and sftp are similar, the underlying protocol is quite different (see http://tools.ietf.org/html/draft-ietf-secsh-filexfer-10.txt for more details.) Security is much better since plaintext passwords are not sent over IP as they were for the old protocol.


    Remote execution daemons

    History: A number of commands have existed over the years to permit a closer coupling between servers that support them. First there was telnet and ftp, then came the ``r'' commands.

    Today, ssh has displaced all of these. *Don't* use anything else.

    named (and djbdns)

    named is a common name for the popular Domain Name Server daemon and it comes as part of the BIND package, originally from UC Berkeley. named provides fundamentally:

    named (and djbdns)

    named (and djbdns, and MaraDNS, and others)

    Note that there are many competitors with BIND; djbdns has been very secure and robust despite many years of essentially non-development of the code. MaraDNS is another easy to configure competitor. There are also integration tools, such as DNSmasque, which like Windows, can make it very easy to merge your DNS and DHCP operations.


    The finger protocol is an older method for getting information about users. Still used in our department, but not widely in the world.

    HyperText Transport

    Many web servers exist, both in the public domain and commercially. One of the most popular, Apache, uses the daemon name of httpd. It offers a great variety of services and enhancements. See http://httpd.apache.org.


    There are lightweight servers also, such as thttpd (http://www.acme.com/software/thttpd) and specialized ones such that allow development in SOAP-like manner (see Perl's excellent repository at http://www.cpan.org. (JOAP, HTTP-Server-Simple, etc.))

    Probably the two most popular general purpose lightweight daemons are nginx and lighttpd. (I have used nginx since it seems to me to be more stable than lighttpd, but many very large websites use lighttpd successfully.) One challenge with nginx is that it requires CGI processes to the FastCGI protocol. While that has some excellent security and performance benefits, many CGI applications are not natively FastCGI and may take some work to become useful with FastCGI.

    The Wiki page on nginx

    The Wiki page on lighttpd

    Databases: LDAP servers

    The main open source choice for UNIX/Linux-based LDAP service has been OpenLDAP (http://www.openldap.org) The daemon process is called slapd, and it supports replication (via slurpd or more recently, syncrepl), a wide variety of backends (including relational databases such as MySQL and PostgreSQL.)

    Databases: relational

    MySQL -- fast, became much more featureful in version 5 Expect to find the daemon mysqld in the process table. The client is mysql. Only a small amount of text file configuration in the poorly named file /etc{/*}/my.cnf; the rest is resident in the database.

    Also, see drizzle and mariadb, forks from MySQL. (A comparison of the two is here).

    Databases: relational

    PostgreSQL -- very featureful, (ironically, it was supported by Sun well before Sun's acquisition of MySQL). Grep for ``post'' when you are looking for its daemons, which typically have ``postmaster'' and other keywords with ``post'' in them. The client is psql. Surprising amount of text configuration files, such as hba.conf. Generally not as fast as MySQL.

    Time: ntpd

    Since the 1990s, we have had a Network Time Protocol (NTP) and a structure of servers to propagate it. (Work goes back to the 1980s, but the first popular daemon implementation popped up in the 1990s.) It keeps our machines within a few milliseconds with a simple network of servers.

    Miscellaneous UNIX/Linux daemons

    A number of other UNIX/Linux daemons have been around for years to provide more specialized services. Examples include such daemons as dhcpd, dhclient, bootparamd, tftpd, rarpd and others.