10.4: A simplistic identd daemon for Tiger

May 09, '05 02:50:00PM

Contributed by: mathieu

Tiger only hintMost IRC servers still require an ident answer from your connection to let you in. Unfortunately, few Mac IRC clients have a working identd server bundled in. Furthermore, identd might also be needed for certains FTP servers. This hint will show how to enable a simple launchd service listening on 113 TCP, running all the time and available for all users. This should be fairly OK from a security standpoint, as the Python script I will use is unlikely to present any buffer overflow issue.

[robg adds: I haven't tested this one...]

launchd is the new service manager of Mac OS X 10.4 (aka Tiger). We will need to create an XML file describing our new service. Here is a terminal sequence showing how to do that (^D is Control-D; the $ and # symbols are prompts):

$ sudo su -
# cd /System/Library/LaunchDaemons
# cat > net.globules.identd.plist
You'll see nothing happening after the cat command above, other than a new line below the command's line. Copy and paste this text, then hit Control-D to write the file.

The label and the name for this XML file should be unique. Here I am using my domain name to ensure that; you could change it to anything you like. Once this done, we'll need to put the Python script in /usr/local/bin, and its configuration file in /etc/:
# cd /usr/local/bin
# curl -O http://www.globules.net/python.py
# md5 identd.py 
MD5 (identd.py) = 147a8469bf760df8dfbaba02eece83c6
#
Please check the Python code by yourself as well: this should be fairly readable if you have any experience in UNIX scripting. Now we're only missing a configuration file:
# cd /etc
# cat > identd.ini
[options]
-r = 8
defaultuser = UNKNOWN

[users]
sjobs = steve
bgates = bill
Again, hit Control-D after the last line. This is a list to associate short usernames with identd answer strings. The default is to generate a random string of eight characters. To start the services, the simplest way would be to reboot your Mac. Our new XML file will then be read, and launchd will start listening on 113 TCP. Alternatively, I've found that this works:
# launchctl unload /System/Library/LaunchDaemons
# launchctl load /System/Library/LaunchDaemons
You can verify that the new service has indeed started:
# launchctl list
Do not forget to adjust your firewall to allow incoming 113 TCP from the System Preferences. Any suggestions are welcomed. I hope the above will help to also show the basics of launchd.

Comments (8)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20050501071007592