2d015bd67c
of security related variables from ipcinit here. * bsd_helper.h (securityinit): Add prototype. * cygserver.cc (main): Call securityinit right after wincap.init. * process.cc (process_cache::process): Fix maximum process condition. * README: Add description for new -p/--process-cache option. * bsd_helper.cc (default_tun_check): Add kern.srv.process_cache_size entry to tunable_params. Set max value of kern.srv.request_threads to 310. * cygserver.cc (SERVER_VERSION): Set to 1.20. (print_usage): Print usage of new parameter -p. (main): Add process cache parameter handling. Accomodate new max value of request threads. * cygserver.conf: Add kern.srv.process_cache_size tunable parameter. Accomodate new max value of kern.srv.request_threads. * process.cc: Fix a comment. (process_cache::process_cache): Add max process cache size parameter. Change _cache_add_trigger to manual reset event. (struct pcache_wait_t): New struct used as parameter to pcache_wait_thread. (pcache_wait_thread): New thread function used for threaded process cache. (process_cache::wait_for_processes): Use threaded waiting if number of processes to wait for is bigger than 62. Always check all processes to avoid race under heavy load. (process_cache::sync_wait_array): Remove useless assert. Reset _cache_add_trigger right at the start since it's manual reset now. Accomodate threaded waiting. * process.h (process_cache::process_cache): Add max_procs parameter. (process_cache::_max_process_count): New member. (process_cache::_wait_array: Raise to allow up to 5 wait threads. (process_cache::_process_array): Ditto.
232 lines
9.4 KiB
Plaintext
232 lines
9.4 KiB
Plaintext
What is Cygserver?
|
|
|
|
Cygserver is a program which is designed to run as a background service.
|
|
It provides Cygwin applications with services which require security
|
|
arbitration or which need to persist while no other cygwin application
|
|
is running.
|
|
|
|
The implemented services so far are:
|
|
|
|
- Control slave tty/pty handle dispersal from tty owner to other
|
|
processes without compromising the owner processes' security.
|
|
- XSI IPC Message Queues.
|
|
- XSI IPC Semaphores.
|
|
- XSI IPC Shared Memory.
|
|
|
|
|
|
Cygserver command line options:
|
|
|
|
Options to Cygserver take the normal UNIX-style `-X' or `--longoption' form.
|
|
Nearly all options have a counterpart in the configuration file (see below)
|
|
so setting them on the command line isn't really necessary. Command line
|
|
options override settings from the Cygserver configuration file.
|
|
|
|
The one-character options are prepended by a single dash, the long variants
|
|
are prepended with two dashes. Arguments to options are marked in angle
|
|
brackets below. These are not part of the actual syntax but are used only to
|
|
denote the arguments. Note that all arguments are required. Cygserver
|
|
has no options with optional arguments.
|
|
|
|
The options recognized are:
|
|
|
|
-f, --config-file <file>
|
|
|
|
Use <file> as configuration file instead of the default configuration
|
|
line. The default configuration file is /etc/cygserver.conf, typically.
|
|
The --help and --version options will print the default configuration
|
|
pathname.
|
|
|
|
This option has no counterpart in the configuration file, for obvious
|
|
reasons.
|
|
|
|
-c, --cleanup-threads <num>
|
|
|
|
Number of threads started to perform cleanup tasks. Default is 2.
|
|
Configuration file option: kern.srv.cleanup_threads
|
|
|
|
-r, --request-threads <num>
|
|
|
|
Number of threads started to serve application requests. Default is 10.
|
|
The -c and -r options can be used to play with Cygserver's performance
|
|
under heavy load conditions or on slow machines.
|
|
Configuration file option: kern.srv.request_threads
|
|
|
|
-p, --process-cache <num>
|
|
|
|
Number of processes which can connect concurrently to cygserver.
|
|
Default is 62. Each process connected to cygserver is a synchronization
|
|
object which has to be maintained. The data structure to maintain these
|
|
processes is the so-called "process cache". In theory, an arbitrary
|
|
number of processes could connect to cygserver, but due to the need to
|
|
synchronize, the higher the number of connected processes, the more
|
|
synchronization overhead exists. By using this option, you can set an
|
|
upper limit to the synchronization effort. If more than 62 processes
|
|
try to connect to cygserver concurrently, two additional synchronization
|
|
threads are necessary, and one for each further 62 concurrent
|
|
processes. So, useful values for the --process-cache option are 62, 124,
|
|
186, 248, 310. 310 is the maximum value.
|
|
Configuration file option: kern.srv.process_cache_size
|
|
|
|
NOTE: The number of child processes of a single parent process is limited
|
|
to 256. So in case of taking advantage of a process cache size beyond 256,
|
|
keep in mind that not all of these processes can be child processes of one
|
|
single parent process.
|
|
|
|
-d, --debug
|
|
|
|
Log debug messages to stderr. These will clutter your stderr output with
|
|
a lot of information, typically only useful to developers.
|
|
|
|
-e, --stderr
|
|
|
|
Force logging to stderr. This is the default if stderr is connected to
|
|
a tty. Otherwise, the default is logging to the system log. By using
|
|
the -e, -E, -y, -Y options (or the appropriate settings in the
|
|
configuration file), you can explicitely set the logging output as you
|
|
like, even to both, stderr and syslog.
|
|
Configuration file option: kern.log.stderr
|
|
|
|
-E, --no-stderr
|
|
|
|
Don't log to stderr. Configuration file option: kern.log.stderr
|
|
|
|
-y, --syslog
|
|
|
|
Force logging to the system log. This is the default, if stderr is not
|
|
connected to a tty, e. g. redirected to a file. Note, that on 9x/Me
|
|
systems the syslog is faked by a file C:\CYGWIN_SYSLOG.TXT.
|
|
Configuration file option: kern.log.syslog
|
|
|
|
-Y, --no-syslog
|
|
|
|
Don't log to syslog. Configuration file option: kern.log.syslog
|
|
|
|
-l, --log-level <level>
|
|
|
|
Set the verbosity level of the logging output. Valid values are between
|
|
1 and 7. The default level is 6, which is relatively chatty. If you set
|
|
it to 1, you will get only messages which are printed under severe conditions,
|
|
which will result in stopping Cygserver itself.
|
|
Configuration file option: kern.log.level
|
|
|
|
-m, --no-sharedmem
|
|
|
|
Don't start XSI IPC Shared Memory support. If you don't need XSI IPC
|
|
Shared Memory support, you can switch it off here.
|
|
Configuration file option: kern.srv.sharedmem
|
|
|
|
-q, --no-msgqueues
|
|
|
|
Don't start XSI IPC Message Queues.
|
|
Configuration file option: kern.srv.msgqueues
|
|
|
|
-s, --no-semaphores
|
|
|
|
Don't start XSI IPC Semaphores.
|
|
Configuration file option: kern.srv.semaphores
|
|
|
|
-S, --shutdown
|
|
|
|
Shutdown a running daemon and exit. Other methods are sending a SIGHUP
|
|
to the Cygserver PID or, if running as service under NT, calling
|
|
`net stop cygserver' or `cygrunsrv -E cygserver'.
|
|
|
|
-h, --help
|
|
|
|
Output usage information and exit.
|
|
|
|
-v, --version
|
|
|
|
Output version information and exit.
|
|
|
|
|
|
How to start Cygserver:
|
|
|
|
Before you run Cygserver for the first time, you should run the
|
|
/usr/bin/cygserver-config script once. It creates the default
|
|
configuration file and, upon request, installs Cygserver as service
|
|
when running under NT. The script only performs a default install,
|
|
with no further options given to Cygserver when running as service.
|
|
Due to the wide configurability by changing the configuration file,
|
|
that's typically not necessary.
|
|
|
|
On Windows 9x/Me, just start Cygserver in any console window. It's
|
|
advisable to redirect stderr to a file of choice (e. g.
|
|
/var/log/cygserver.log) and to use the -e and -Y options or the
|
|
set the appropriate settings in the configuration file (see below).
|
|
|
|
On Windows NT/2000/XP or 2003, you should always run Cygserver as a
|
|
service under LocalSystem account. This is the way it is installed
|
|
for you by the /usr/bin/cygserver-config script.
|
|
|
|
|
|
How to use the Cygserver services:
|
|
|
|
The Cygserver services are used by Cygwin applications only if you
|
|
set the environment variable CYGWIN to contain the string "server".
|
|
You must do this before starting the application.
|
|
|
|
Typically, you don't need any other option, so it's ok to set CYGWIN
|
|
just to "server". It is not necessary to set the CYGWIN environment
|
|
variable prior to starting the Cygserver process itself, but it won't
|
|
hurt to do so.
|
|
|
|
The easiest way is to set the environment variable CYGWIN to the values
|
|
you want in the Windows system environment and to reboot the machine.
|
|
This is advisable, since it allows you to set the variable once and
|
|
then forget about it. It also ensures that services as well as desktop
|
|
applications have the same setting.
|
|
|
|
If you don't want that for whatever reason, you can set the
|
|
variable in the /cygwin.bat file which is used in the net distribution,
|
|
to start a Cygwin bash from the desktop. In that file, you can set
|
|
the CYGWIN variable using Windows command line interpreter syntax, e. g.:
|
|
|
|
set CYGWIN=server
|
|
|
|
If you don't set CYGWIN in the system environment, but you're running
|
|
other Cygwin services, these services need to get that CYGWIN value by
|
|
setting the environment using the appropriate cygrunsrv option '-e' when
|
|
installing the service. Example installing a service 'foo':
|
|
|
|
cygrunsrv -I foo -p /usr/sbin/foo -e "CYGWIN=server"
|
|
|
|
|
|
The Cygserver configuration file:
|
|
|
|
Cygserver has many options, which allow to customize the server
|
|
to your needs. Customization is accomplished by editing the configuration
|
|
file, which is by default /etc/cygserver.conf. This file is read only
|
|
once on startup of Cygserver. There's no option to re-read the file on
|
|
runtime by, say, sending a signal to Cygserver.
|
|
|
|
The configuration file determines how Cygserver operates. There are
|
|
options which set the number of threads running in parallel, options
|
|
for setting how and what to log and options to set various maximum
|
|
values for the IPC services.
|
|
|
|
The default configuration file delivered with Cygserver is installed
|
|
to /etc/defaults/etc. The /usr/bin/cygserver-config script copies it to
|
|
/etc, giving you the option to overwrite an already existing file or to
|
|
leave it alone. Therefore, the /etc file is safe to be changed by you,
|
|
since it will not be overwritten by a later update installation.
|
|
|
|
The default configuration file contains many comments which describe
|
|
everything needed to understand the settings. A comment at the start of the
|
|
file describes the syntax rules for the file. The default options are shown
|
|
in the file but are commented out.
|
|
|
|
It is generally a good idea to uncomment only options which you intend to
|
|
change from the default values. Since reading the options file on Cygserver
|
|
startup doesn't take much time, it's also considered good practice to keep
|
|
all other comments in the file. This keeps you from searching for clues
|
|
in other sources.
|
|
|
|
|
|
If you have problems with Cygserver, or you have found a bug, or you
|
|
think you have found a bug, or you don't understand configuration file
|
|
options, the mailing list <cygwin@cygwin.com> is the right place to ask
|
|
questions.
|
|
|
|
Have fun!
|