Go to the first, previous, next, last section, table of contents.

Muq Commandline Options

Muq is accumulating the usual forest of commandline options.

For casual use, none of these are likely to be of general interest at present, but all are used in the various scripts that come with Muq:

-b 12K   Run with bigbuf size of twelve kilobytes.
-b 4M    Run with bigbuf size of four megabytes. 
-f file  Run the given file in batchmode.
-d       Run as a unix daemon, via muf:initShell and .etc.rc2
-i       Run interactive session.  (Default if no -f switches supplied.)
-m       List all expected optional muf libraries and exit.
-M       List all expected optional muf selfcheck libraries and exit.
-V       List Muq version (e.g., -2.10.0) and exit.
-x pkg:sym Use pkg:sym to evaluate any -f files or interactive input.
db       Use db (default 'muq') as the muq db prefix for this run.
--destports=80,4096-32000  Which outbound net connects are allowed.
--rootdestports=80,4096-32000  Which outbound net connects are allowed.
--full-db-check     Do full sanity check even if db looks ok.
--ignore-signature  Run even on db not matching server.
--logfile=xyzzy.log Log to given file.  (Otherwise, no logging.)
--no-environment    Do not load environment into .env.
--no-pid-file       Don't create a muq-vm.pid file.
--log-bytecodes     Start up with .muq$s.logBytecodes == t.
--srvdir=$HOME/muq/srv Override muq/bin/Muq-config.sh srvdir setting.
--dump              Write .muq file to stdout in ascii and exit.

If you want the Muq server to exit at the end of processing a batchfile, you need to put "rootShutdown" at the end of the file.

Note that setting VM_INITIAL_BIGBUF_SIZE in Site-config.h and is recompiling is preferable to using option -b: recompiling results in an appropriately resized hashtable and more efficient operation.

Allowing arbitrary outbound network connections can pose serious security problems! For example, it may allow connections to NFS filesystems on your subnet and modification of them or capture of passphrase files, or connection to X servers on your subnet and perhaps capture of keyboard type-in (including passphrases) or insertion of commands like "rm *" in open shell windows, or forging of email on your machine. For these and other reasons, Muq by default allows only certain fairly safe destination ports. (See section `]openSocket' in Muf Reference.) Think carefully before relaxing these limitations, and don't relax them further than you really need to! In particular, note that the X Window System ports are in the range 6000-6063, so doing something like "--destports=1000-64000" opens up every X server that trusts your host. If you must allow access to dangerous ports, consider doing so only for users running with in-db root privileges, using the --rootdestports switch.

Doing --destports=+4000 or --destports=+4000-5000 will add the given port(s) to the previously allowed set of ports; doing --destports=4000 or --destports=4000-5000 allows only the specified port(s). There is deliberately no way to change these settings from in-db, as insurance against the in-db root accounts being cracked. The default set of ports is controlled by OBJ_ROOT_ALLOWED_OUTBOUND_NET_PORTS and OBJ_ALLOWED_OUTBOUND_NET_PORTS in c/obj.t and may be permanently changed by providing alternate definitions of them in h/Site-config.h, touching c/obj.t, and recompiling.

The security switch controls the general level of access to host Unix system from within the Muq server.

No access to host Unix filesystem, other than db file I/O, creation of the pid file and reading of any -f files specified on commandline: No logfile writes, no external program invocation of any sort, no internally initiated extern file reading of any sort.
Very limited access to host Unix filesystem, primarily the ability to write to the logfile.
Somewhat limited access to host Unix filesystem. Can read and sometimes write files in designated directories.
Essentially unlimited access to host Unix filesystem. Not suitable for public-access servers, but useful for private Muq hacking.

Most servers default to high security, but this is compileTime configurable, for example by placing


in your `muq/h/Site-config.h' file and recompiling.

At all security levels, any modification of host filesystem (beyond routine db I/O) requires root privilege within the Muq. However, you should assume that Muq in-db system programming errors will periodically result in compromise of internal Muq root privileges on a public server: If security is an issue, presume that Muq root is controlled by your most hostile user.

The --quick-start (or equivalently -q) switch bypasses normal sanity checking on the db. At startup, Muq by default does the equivalent of Unix fsck, examining and if need be repairing all essential datastructures. This can take awhile: If you are pretty confident your db is uncorrupted, you can save time by bypassing it.

The --no-pid-file switch prevents the Muq server from creating (and later removing) a diskfile containing its process identifier number. Usually it creates a file named `muq-DB.pid' where DB is the name of the database in use, "vm" by default.

The --srvdir=directory switch selects the directory in which Muq will look for programs to run as subservers, invokable from in-db. This is normally muq/srv and normally specified in muq/bin/Muq-config.sh via the $srvdir variable. Specifying --srv-dir= will disable invocation of subservers, which might be a good security precaution in some environments. You should definitely be -very- cautious about doing something like --srv-dir=/bin, which would let in-db processes run arbitrary shell commands with your unix-level privileges.

The -x pkg:sym switch allows execution of an arbitrary function as the command or file interpreter at startup. The pkg should be in .lib, the sym should be an exported symbol in pkg, and the functional value of sym should be the desired compiledFunction.

Go to the first, previous, next, last section, table of contents.