NAME

fingerd - remote user information server

SYNOPSIS

fingerd [-c -confdir] [-P -finger] [-bfglmpru] [-h -| -H] [-i -| -I] [-s -| -S]

DESCRIPTION

fingerd implements the server side Remote User Information Program (RUIP) of the the Finger (or Name) protocol, specified in RFC 1288. The Finger protocol provides a remote interface to programs which display information on system status and individual users. The protocol imposes little structure on the format of the exchange between client and server. The client provides a single command line to the fingerd server which normally returns a friendly human-oriented status report listing the users of the system at the moment, or an in-depth report of information about a particular user.

fingerd is designed to be started by inetd(8), which is normally configured to start fingerd when a client opens a connection to TCP port #79. fingerd reads a single ASCII carriage-return and linefeed terminated command line from the client.

fingerd uses an access control file (see below) to see if user listings from the originating host (and optionally the originating user) are permitted, and what permissions are granted to the client host (and user). If user listings are allowed, and if the request sepcifies a user-name fingerd checks to see if that user-name is listed in a users file (see below). If the requested user name is listed in the users file then the program specified for that user-name is run. Otherwise the finger(1) program is run with the appropriate options. Output from whichever program is run is passed back to to the client.

OPTIONS

-b
Tell finger not to print user's shell and home directory. (Note that this option may not work with all versions of finger.)

-c confdir
Look for configuration files in ``confdir'' instead of the default directory (/etc).

-f
Allow forwarding of finger requests.

-g
Tell finger not to show any ``GECOS'' information (normally the user's office location and office phone number) besides the users' real names.

-h
Tell finger to show the remote hostname the user is logged in from, if any (in ``short'' mode) instead of the office location and office phone.

-H
Forces finger to use the hostname format as in -h.

-i
Attempt RFC 1413 compliant user identification queries.

-I
Same as -i but reject the connection if the ``ident'' query fails.

-l
Log all finger requests. The name of the host originating the query, possibly the ``ident'' reply, along with the actual request is reported via syslog(3) at LOG_NOTICE priority using the LOG_DAEMON facility.

-m
Tell finger to do only exact matches. User is usually a login name; however, matching will also be done on the users' real names, unless the -m option is supplied.

-p
Tell finger not to show the user's ~/.plan or ~/.project files in ``long'' listings.

-P finger
Use an alternate finger program as the local information provider. The default local program executed by fingerd is finger(1). The program must be specified by its fully qualified pathname.

-r
Refuse connections if the remote hostname cannot be resolved.

-s
Tells finger to do short listings by default, one line per user. This option normally has effect only when -m is not specified and the query matches more than one user-name.

-S
Tell finger to force short listings. This overrides any request by the remote client for a verbose report.

-u
Queries without a user name are rejected.

CONFIGURATION FILES

Message File

fingerd will send the contents of a message file before running the finger program. The path name for the message file is normally /etc/fingerd.motd.

Access File

Fingerd enables you to accept and refuse queries depending on the client's hostname and/or username. The path name for the access file is normally /etc/fingerd.acl. The format of the file is: 

client-user@[. client-host-name ]
permission

fingerd attempts to match the remote user's name (if available from an ``ident'' query, and if specified) and the remote host's name with what is in the access file. If a match is found, ``permission'' is used to process the request. Both the ``client-user'' and the ``client-host-name'' can either be literal strings or wildcard expressions (ala sh(1) ``glob'' patterns). The first line to match the request is the one used to set the permissions.

The value of ``permission'' must be one of the following:

none
deny all access.
forward
allow forwarding of finger requests (same as -f).
nogecos
do not show GECOS information (same as -g).
nohome
do not show user's home directory location (same as -b). (Note that this option may not work with all versions of finger.)
nolist
disallow user lists (same as -u).
nomatch
do not match on fullname (same as -m).
noplan
do not show user's ~/.plan, etc. files (same as -p).
forceident
fail if ident queries fail (same as -I).
forceshort
force short reply only (same as -S).
defaultshort
default to short reply (same as -s).
showhost
show user's remote host instead of office information (same as -h).

Command line options set the global defaults and cannot be reset with the access file, but access file permissions allow specific refinement of options.

Users File

Fingerd enables you to assign different programs to specific user names. This option is useful for vending machines and other services that use finger to report information. The path name for the uusseerrss file is normally /etc/fingerd.users. The format of the file is: 

name program[ args ...]

Lines beginning with ``#'' are ignored.

The value of ``name'' is the user-name to match against. This must be a literal match; wildcards and regular expressions are not accepted. The

The remainder of the line, ``program[ args ...]'' should consist of the full pathname of the program to run and the arguments you wish to give it. If you specify ``%U'' anywhere it will be replaced with the remote user's name. If you specify ``%H'' it will be replaced with the remote host's name. To pass a literal ``%'' to a command you can prepend it with another ``%''.

FILES

/etc/fingerd.motd
message file sent prior to reply
/etc/fingerd.acl
access control list
/etc/fingerd.users
programs to execute when fingered

SEE ALSO

finger(1), inetd(8), syslog(8)

Zimmerman, David, The Finger User Information Protocol, RFC 1288, Center for Discrete Mathematics and Theoretical Computer Science, Rutgers University, December 1990.

HISTORY

The fingerd command first appeared in 4.3BSD.

This version of fingerd is known separately as ``$Name: $''.

AUTHORS

This program was originally written by Mike Shanzer <shanzer@foobar.com> all comments and suggestions are welcome!

Thanks to Kevin Ruddy <smiles@powerdog.com> for the wildcard library.

Thanks to Kelly DeYoe <kelly@nine.org> for the patches (the nomatch code) and suggestions.

Thanks to Wietse Venema <wietse@wzv.win.tue.nl> for the rfc931 code.

Thanks to Christine Flemming <jones@csh.rit.edu> for helping with the manual page.

Greg A. Woods <woods@planix.com> did a major re-write, improving the error handling and implementing more options, as well as translating the manual to mdoc(7) format.

BUGS

The handling of ``%H'' and ``%U'' in the ``users'' file is pretty primitive and broken.

On some systems (at least SunOS 4.1.3) inetd(8) only passes a maximum of four(4) command line options to the daemon it runs, so you should condense command line options. So instead of using: ``fingerd -f -s -l -u'' use ``fingerd -fslu''.

Trusting and similar ``ident'' protocol results is a silly thing to do, especially for hosts you don't directly control.

There should be some way to return only the very minimum required amount of information, i.e. the user's full name (as per RFC 1288 Section 3.2.3). The combination of -S and -g comes close, but still reveals the users's login terminal, time, and idleness with most implementations of finger.

SECURITY CONSIDERATIONS

This version of fingerd reverses the meaning of the -f option from that traditional to BSD implementations. The new default matches the recommendations in RFC 1288, and we echo the recommendation that forwarding not be enabled (i.e. do not use -f).

RFC 1288 suggests that the ``user list'' feature be disabled to avoid giving away potentially sensitive information about the users of a system. Similarly it is recommended that the -m option be used to prevent finger from attempting to find a matching user name. Administrators can also prevent the display of user office locations and phone numbers by using the -g option.

RFC 1288 suggests that RUIP (Remote User Information Program) servers should not send the contents of ``user information files'' and this can be prevented on most systems by using the -p option.

The ability to execute arbitrary programs is very dangerous and should be used only with great care, especially since it's also possible to pass information gathered from the network to these programs.