Muq is accumulating the usual forest of commandline options.
For casual use, none of these are likely to be of general interest at present, but all are used in the various scripts that come with Muq:
-b 12K Run with bigbuf size of twelve kilobytes. -b 4M Run with bigbuf size of four megabytes. -f file Run the given file in batchmode. -d Run as a unix daemon, via muf:initShell and .etc.rc2 -i Run interactive session. (Default if no -f switches supplied.) -m List all expected optional muf libraries and exit. -M List all expected optional muf selfcheck libraries and exit. -V List Muq version (e.g., -2.10.0) and exit. -x pkg:sym Use pkg:sym to evaluate any -f files or interactive input. db Use db (default 'muq') as the muq db prefix for this run. --destports=80,4096-32000 Which outbound net connects are allowed. --rootdestports=80,4096-32000 Which outbound net connects are allowed. (ALLOWING ALL OUTBOUND PORTS POSES SERIOUS SECURITY PROBLEMS!) --full-db-check Do full sanity check even if db looks ok. --ignore-signature Run even on db not matching server. --logfile=xyzzy.log Log to given file. (Otherwise, no logging.) --no-environment Do not load environment into .env. --no-pid-file Don't create a muq-vm.pid file. --log-bytecodes Start up with .muq$s.logBytecodes == t. --srvdir=$HOME/muq/srv Override muq/bin/Muq-config.sh srvdir setting. --dump Write .muq file to stdout in ascii and exit.
If you want the Muq server to exit at the end of processing a batchfile, you need to put "rootShutdown" at the end of the file.
Note that setting VM_INITIAL_BIGBUF_SIZE in Site-config.h and is recompiling is preferable to using option -b: recompiling results in an appropriately resized hashtable and more efficient operation.
Allowing arbitrary outbound network connections can pose
serious security problems! For example, it may allow connections to
NFS filesystems on your subnet and modification of them or capture of
passphrase files, or connection to X servers on your subnet and perhaps
capture of keyboard type-in (including passphrases) or insertion of
commands like "rm *" in open shell windows, or forging of email on
your machine. For these and other reasons, Muq by default allows only
certain fairly safe destination ports.
(See section `]openSocket' in Muf Reference.) Think carefully
before relaxing these limitations, and don't relax them further than
you really need to! In particular, note that the X Window
System ports are in the range 6000-6063, so doing something like
"--destports=1000-64000" opens up every X server that trusts your
host. If you must allow access to dangerous ports, consider
doing so only for users running with in-db root privileges, using the
--rootdestports switch.
Doing --destports=+4000 or --destports=+4000-5000
will add the given port(s) to the previously allowed set of
ports; doing --destports=4000 or --destports=4000-5000
allows only the specified port(s). There is deliberately no way
to change these settings from in-db, as insurance against the
in-db root accounts being cracked. The default set of ports
is controlled by OBJ_ROOT_ALLOWED_OUTBOUND_NET_PORTS and
OBJ_ALLOWED_OUTBOUND_NET_PORTS in c/obj.t and may
be permanently changed by providing alternate definitions
of them in h/Site-config.h, touching c/obj.t,
and recompiling.
The security switch controls the general level of
access to host Unix system from within the Muq server.
-f files
specified on commandline: No logfile writes, no external
program invocation of any sort, no internally initiated
extern file reading of any sort.
Most servers default to high security, but this
is compileTime configurable, for example by placing
#define OBJ_SECURITY_DEFAULT OBJ_SECURITY_TOP
in your `muq/h/Site-config.h' file and recompiling.
At all security levels, any modification of host filesystem (beyond routine db I/O) requires root privilege within the Muq. However, you should assume that Muq in-db system programming errors will periodically result in compromise of internal Muq root privileges on a public server: If security is an issue, presume that Muq root is controlled by your most hostile user.
The --quick-start (or equivalently -q) switch
bypasses normal sanity checking on the db. At startup, Muq
by default does the equivalent of Unix fsck,
examining and if need be repairing all essential
datastructures. This can take awhile: If you are pretty
confident your db is uncorrupted, you can save time by
bypassing it.
The --no-pid-file switch prevents the Muq server
from creating (and later removing) a diskfile containing
its process identifier number. Usually it creates a
file named `muq-DB.pid' where DB is the name
of the database in use, "vm" by default.
The --srvdir=directory switch selects the directory
in which Muq will look for programs to run as subservers,
invokable from in-db. This is normally muq/srv and normally
specified in muq/bin/Muq-config.sh via the $srvdir variable.
Specifying --srv-dir= will disable invocation of
subservers, which might be a good security precaution in
some environments. You should definitely be -very-
cautious about doing something like --srv-dir=/bin,
which would let in-db processes run arbitrary shell commands
with your unix-level privileges.
The -x pkg:sym switch allows execution of an arbitrary
function as the command or file interpreter at startup.
The pkg should be in .lib, the sym
should be an exported symbol in pkg, and the
functional value of sym should be the desired
compiledFunction.
Go to the first, previous, next, last section, table of contents.