minetd is a clean, modern, POSIX‑compliant re‑imagining of classic
Unix superdaemons like inetd and xinetd.
It focuses on simplicity, safety, clarity, and maintainability,
while providing the powerful "run a program per connection" model that
made inetd timeless.
minetd is ideal for:
- lightweight TCP services
- internal automation
- embedded systems
- development environments
- secure, auditable deployments
- anywhere you need inetd‑style behavior without bloat
- Single‑file C implementation
- Strictly POSIX APIs (portable across Linux, BSD, macOS, embedded)
- No threads, no opaque magic, no complexity
For each new TCP connection:
accept()fork()- child's stdin/stdout/stderr become the socket
- child runs your program via
execvp()
Your server programs require zero networking code.
minetd supports live reloading via SIGHUP, preserving existing
connections.
Just run:
minetd --reloadOn reload:
- New services are added immediately
- Removed services stop accepting connections
- Running child processes continue untouched
- If the config is invalid, minetd safely keeps the old configuration
minetd writes its PID to:
/var/run/minetd.pid
This allows clean control operations such as reload, integration with tools, and automation.
Each service can specify a maximum number of connections per minute to avoid fork floods:
service daytime 0.0.0.0:7001 30 /usr/local/bin/daytime-server
- Every child process receives a clean FD environment
- Listener FDs are never shared across services
- Zombies are reaped immediately
- Reloading never corrupts global state
- No permanent privilege escalation
minetd reads a small, clean config file:
service <name> <host:port> <max_conn_per_min> <program> [args...]
Example:
service echo 0.0.0.0:7000 60 /usr/local/bin/echo-server
service daytime 0.0.0.0:7001 30 /usr/local/bin/daytime-server
Lines beginning with # are comments.
make
sudo make installservice daytime 0.0.0.0:7001 10 /usr/local/bin/daytime-server
service echo 0.0.0.0:7002 60 /usr/local/bin/echo-server
Foreground (debug):
minetd -f -c /etc/minetd.conf
Background:
minetd -c /etc/minetd.conf
minetd --reload
#include <stdio.h>
#include <time.h>
int main(void) {
time_t now = time(NULL);
struct tm tm;
gmtime_r(&now, &tm);
char buf[128];
strftime(buf, sizeof(buf), "%Y-%m-%d %H:%M:%S UTC\n", &tm);
fputs(buf, stdout);
return 0;
}Compile:
cc -O2 daytime-server.c -o /usr/local/bin/daytime-serverminetd aims to be secure by simplicity:
- Clean child FD sandbox
- Rate limiting
- Predictable signal handling
- Zero shared state between reloads
- Minimal code surface area
Optional (recommended):
- Dedicated service users
chrootsetrlimit- MAC frameworks
- Minimal but correct
- Simple but powerful
- Secure by design
- Portable and predictable
- Auditable by a single human
MIT License
Contributions welcome. Please follow the minimalistic and security‑oriented philosophy.
Inspired by:
- The original inetd
- OpenBSD daemon culture
- The Unix philosophy: "do one thing well"
