minetd --- A Modern, Minimal inetd‑Style Superdaemon

minetd is a clean, modern, POSIX‑compliant re‑imagining of classic Unix superdaemons like inetd and xinetd.
It focuses on simplicity, safety, clarity, and maintainability, while providing the powerful "run a program per connection" model that made inetd timeless.

minetd is ideal for:

• lightweight TCP services\
• internal automation\
• embedded systems\
• development environments\
• secure, auditable deployments\
• anywhere you need inetd‑style behavior without bloat

---

✨ Key Features

Minimal, Modern, and Clear

• Single‑file C implementation
• Strictly POSIX APIs (portable across Linux, BSD, macOS, embedded)
• No threads, no opaque magic, no complexity

inetd‑Style Execution Model

For each new TCP connection: 1. accept()
2. fork()
3. child's stdin/stdout/stderr become the socket
4. child runs your program via execvp()

Your server programs require zero networking code.

Safe & Controlled Hot‑Reload

minetd supports live reloading via SIGHUP, preserving existing connections.

Just run:

minetd --reload

On reload: - New services are added immediately\

• Removed services stop accepting connections\
• Running child processes continue untouched\
• If the config is invalid, minetd safely keeps the old configuration

PID‑Based Control

minetd writes its PID to:

/var/run/minetd.pid

This allows clean control operations such as reload, integration with tools, and automation.

Simple Per‑Service Rate Limiting

Each service can specify a maximum number of connections per minute to avoid fork floods:

service daytime 0.0.0.0:7001 30 /usr/local/bin/daytime-server

Small, Auditable, Security‑Oriented

• Every child process receives a clean FD environment\
• Listener FDs are never shared across services\
• Zombies are reaped immediately\
• Reloading never corrupts global state\
• No permanent privilege escalation

---

📝 Configuration

minetd reads a small, clean config file:

service <name> <host:port> <max_conn_per_min> <program> [args...]

Example:

service echo    0.0.0.0:7000 60 /usr/local/bin/echo-server
service daytime 0.0.0.0:7001 30 /usr/local/bin/daytime-server

Lines beginning with # are comments.

---

🚀 Quick Start

1. Build

make
sudo make install

2. Create /etc/minetd.conf

service daytime 0.0.0.0:7001 10 /usr/local/bin/daytime-server
service echo    0.0.0.0:7002 60 /usr/local/bin/echo-server

3. Start the daemon

Foreground (debug):

minetd -f -c /etc/minetd.conf

Background:

minetd -c /etc/minetd.conf

4. Reload configuration safely

minetd --reload

---

🧪 Example "Daytime Server"

#include <stdio.h>
#include <time.h>

int main(void) {
    time_t now = time(NULL);
    struct tm tm;

    gmtime_r(&now, &tm);

    char buf[128];
    strftime(buf, sizeof(buf), "%Y-%m-%d %H:%M:%S UTC\n", &tm);

    fputs(buf, stdout);
    return 0;
}

Compile:

cc -O2 daytime-server.c -o /usr/local/bin/daytime-server

---

🔒 Security Philosophy

minetd aims to be secure by simplicity:

• Clean child FD sandbox\
• Rate limiting\
• Predictable signal handling\
• Zero shared state between reloads\
• Minimal code surface area

Optional (recommended): - Dedicated service users\

• chroot\
• setrlimit\
• MAC frameworks

---

🧱 Project Goals

• Minimal but correct\
• Simple but powerful\
• Secure by design\
• Portable and predictable\
• Auditable by a single human

---

🪪 License

MIT License

---

🤝 Contributing

Contributions welcome.
Please follow the minimalistic and security‑oriented philosophy.

---

❤️ Acknowledgements

Inspired by: - The original inetd\

• OpenBSD daemon culture\
• The Unix philosophy: "do one thing well"