1.\" $OpenBSD: fingerd.8,v 1.18 2007/09/25 06:28:13 jmc Exp $ 2.\" 3.\" Copyright (c) 1980, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. Neither the name of the University nor the names of its contributors 15.\" may be used to endorse or promote products derived from this software 16.\" without specific prior written permission. 17.\" 18.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 19.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28.\" SUCH DAMAGE. 29.\" 30.\" from: @(#)fingerd.8 8.1 (Berkeley) 6/4/93 31.\" $Id: fingerd.8,v 1.18 2007/09/25 06:28:13 jmc Exp $ 32.\" 33.Dd $Mdocdate: September 25 2007 $ 34.Dt FINGERD 8 35.Os 36.Sh NAME 37.Nm fingerd 38.Nd remote user information server 39.Sh SYNOPSIS 40.Nm fingerd 41.Op Fl lMmpSsu 42.Op Fl P Ar filename 43.Sh DESCRIPTION 44.Nm 45implements a simple protocol based on RFC 1288 46that provides an interface to the 47Name and Finger programs at several network sites. 48The program is supposed to return a friendly, 49human-oriented status report on either the system at the moment 50or a particular person in depth. 51There is no required format and the 52protocol consists mostly of specifying a single 53.Dq command line . 54.Pp 55.Nm 56is started by 57.Xr inetd 8 , 58which listens for 59.Tn TCP 60requests at port 79. 61Once connected it reads a single command line 62terminated by a 63.Aq Tn CRLF 64which is passed to 65.Xr finger 1 . 66.Nm 67closes its connections as soon as the output is finished. 68.Pp 69If the line is null (i.e., just a 70.Aq Tn CRLF 71is sent) then 72.Xr finger 1 73returns a 74.Dq default 75report that lists all people logged into 76the system at that moment. 77.Pp 78If a user name is specified (e.g., 79.Pf eric Aq Tn CRLF ) 80then the 81response lists more extended information for only that particular user, 82whether logged in or not. 83Allowable 84.Dq names 85in the command line include both 86.Dq login names 87and 88.Dq user names . 89If a name is ambiguous, all possible derivations are returned. 90.Pp 91The following options may be passed to 92.Nm 93as server program arguments in 94.Pa /etc/inetd.conf : 95.Bl -tag -width Ds 96.It Fl l 97Enable logging. 98The name of the host originating the query and the actual request 99is reported via 100.Xr syslog 3 101at LOG_NOTICE priority. 102A request of the form 103.Sq /W 104or 105.Sq /w 106will return long output. 107Empty requests will return all currently logged in users. 108All other requests look for specific users. 109See RFC 1288 for details. 110.It Fl M 111Enables matching of 112.Ar user 113names. 114This is disabled by default if the system is running YP. 115.It Fl m 116Prevent matching of 117.Ar user 118names. 119.Ar User 120is usually a login name; however, matching will also be done on the 121users' real names, unless the 122.Fl m 123option is supplied. 124.It Fl P Ar filename 125Use an alternate program as the local information provider. 126The default local program 127executed by 128.Nm 129is 130.Xr finger 1 . 131By specifying a customized local server, 132this option allows a system manager 133to have more control over what information is 134provided to remote sites. 135.It Fl p 136Prevents 137.Xr finger 1 138from displaying the contents of the 139.Dq Pa .plan 140and 141.Dq Pa .project 142files. 143.It Fl S 144Prints user information in short mode, one line per user. 145This overrides the 146.Dq Pa Whois switch 147that may be passed in from the remote client. 148.It Fl s 149Enable secure mode. 150Forwarding of queries to other remote hosts is denied. 151.It Fl u 152Queries without a user name are rejected. 153.El 154.Sh SEE ALSO 155.Xr finger 1 , 156.Xr inetd 8 157.Sh HISTORY 158The 159.Nm 160command appeared in 161.Bx 4.3 . 162.Sh BUGS 163Connecting directly to the server from a 164.Tn TIP 165or an equally narrow-minded 166.Tn TELNET Ns -protocol 167user program can result 168in meaningless attempts at option negotiation being sent to the 169server, which will foul up the command line interpretation. 170.Nm 171should be taught to filter out 172.Tn IAC Ns 's 173and perhaps even respond 174negatively 175.Pq Tn IAC WON'T 176to all option commands received. 177