thttpd_man.html

嵌入式http源代码的文档资料

<HTML>
<HEAD><TITLE>thttpd man page</TITLE></HEAD>
<BODY BGCOLOR="#99cc99">

<!--AD_START-->
<DIV ALIGN="center"><CENTER>
<A HREF="tppmsgs/msgs0.htm#1" tppabs="http://www.acme.com/resources/ads/acme.cgi"><IMG WIDTH=470 HEIGHT=88 SRC="acme1.gif" tppabs="http://www.acme.com/resources/ads/acme1.gif" BORDER=0></A>
</CENTER></DIV>
<HR>
<CENTER><DIV ALIGN="center">
<FONT SIZE="+2"><B><A HREF="tppmsgs/msgs0.htm#2" tppabs="http://www.acme.com/donate/">Donate $5 to help support ACME Labs</A></B></FONT>
</DIV></CENTER>
<HR>
<!--AD_END-->

<IMG ALIGN=RIGHT WIDTH=111 HEIGHT=64 SRC="anvil_thttpd.gif" tppabs="http://www.acme.com/software/thttpd/anvil_thttpd.gif">
<H3>thttpd man page</H3>

<P>
[<A HREF="#NAME">NAME</A>]
[<A HREF="#SYNOPSIS">SYNOPSIS</A>]
[<A HREF="#DESCRIPTION">DESCRIPTION</A>]
[<A HREF="#OPTIONS">OPTIONS</A>]
[<A HREF="#CONFIG-FILE">CONFIG-FILE</A>]
[<A HREF="#CHROOT">CHROOT</A>]
[<A HREF="#CGI">CGI</A>]
[<A HREF="#BASIC_AUTHENTICATION">BASIC AUTHENTICATION</A>]
[<A HREF="#THROTTLING">THROTTLING</A>]
[<A HREF="#MULTIHOMING">MULTIHOMING</A>]
[<A HREF="#CUSTOM_ERRORS">CUSTOM ERRORS</A>]
[<A HREF="#NON-LOCAL_REFERERS">NON-LOCAL REFERERS</A>]
[<A HREF="#SYMLINKS">SYMLINKS</A>]
[<A HREF="#PERMISSIONS">PERMISSIONS</A>]
[<A HREF="#LOGS">LOGS</A>]
[<A HREF="#SIGNALS">SIGNALS</A>]
[<A HREF="#SEE_ALSO">SEE ALSO</A>]
[<A HREF="#THANKS">THANKS</A>]
[<A HREF="#AUTHOR">AUTHOR</A>]

<HR>

<PRE>
thttpd(8)        MAINTENANCE COMMANDS         thttpd(8)
</PRE>

<H4><A NAME="NAME">NAME</A></H4>

<P>
thttpd - tiny/turbo/throttling HTTP server


<H4><A NAME="SYNOPSIS">SYNOPSIS</A></H4>

<P>
thttpd [-C configfile] [-p port] [-d dir] [-r|-nor] [-s|-nos] [-v|-nov] [-u user] [-c cgipat] [-t throttles] [-h host] [-l logfile] [-i pidfile] [-T charset] [-D]


<H4><A NAME="DESCRIPTION">DESCRIPTION</A></H4>

<P>
thttpd is a simple, small, fast, and secure HTTP server.
It doesn't have a lot of special features, but it suffices for most uses of
the web, it's about as fast as the best full-featured servers (Apache, NCSA
Netscape),
and it has one extremely useful feature (URL-traffic-based throttling)
that no other server currently has.


<H4><A NAME="OPTIONS">OPTIONS</A></H4>

<DL>

<DT> -C
<DD>
Specifies a config-file to read.
All options can be set either by command-line flags or in the config file.
See <A HREF="#CONFIG-FILE">below</A> for details.

<DT> -p
<DD>
Specifies an alternate port number to listen on.
The default is 80.
The config-file option name for this flag is "port",
and the config.h option is <A HREF="options.html#DEFAULT_PORT" tppabs="http://www.acme.com/software/thttpd/options.html#DEFAULT_PORT">DEFAULT_PORT</A>.

<DT> -d
<DD>
Specifies a directory to chdir() to at startup.
This is merely a convenience - you could just as easily do a
cd in the shell script that invokes the program.
The config-file option name for this flag is "dir",
and the config.h options are
<A HREF="options.html#WEBDIR" tppabs="http://www.acme.com/software/thttpd/options.html#WEBDIR"></A>,
<A HREF="options.html#USE_USER_DIR" tppabs="http://www.acme.com/software/thttpd/options.html#USE_USER_DIR"></A>.

<DT> -r
<DD>
Do a chroot() at initialization time, restricting file
access to the program's current directory.
If -r is the compiled-in default, then -nor disables it.
See <A HREF="#CHROOT">below</A> for details.
The config-file option names for this flag are "chroot" and "nochroot",
and the config.h option is <A HREF="options.html#ALWAYS_CHROOT" tppabs="http://www.acme.com/software/thttpd/options.html#ALWAYS_CHROOT">ALWAYS_CHROOT</A>.

<DT> -nos
<DD>
Don't do explicit symbolic link checking.
Normally, thttpd explicitly expands any symbolic links in filenames,
to check that the resulting path stays within the original document tree.
If you want to turn off this check and save some CPU time, you can use
the -nos flag, however this is not recommended.
Note, though, that if you are using the chroot option, the symlink
checking is unnecessary and is turned off, so the safe way to save
those CPU cycles is to use chroot.
The config-file option names for this flag are "symlink" and "nosymlink".


<DT> -v
<DD>
Do el-cheapo virtual hosting.
If -v is the compiled-in default, then -nov disables it.
See <A HREF="#MULTIHOMING">below</A> for details.
The config-file option names for this flag are "vhost" and "novhost",
and the config.h option is <A HREF="options.html#ALWAYS_VHOST" tppabs="http://www.acme.com/software/thttpd/options.html#ALWAYS_VHOST">ALWAYS_VHOST</A>.

<DT> -u
<DD>
Specifies what user to switch to after initialization when started as root.
The default is "nobody".
The config-file option name for this flag is "user",
and the config.h option is <A HREF="options.html#DEFAULT_USER" tppabs="http://www.acme.com/software/thttpd/options.html#DEFAULT_USER">DEFAULT_USER</A>.

<DT> -c
<DD>
Specifies a wildcard pattern for CGI programs, for instance "**.cgi"
or "/cgi-bin/*".
See <A HREF="#CGI">below</A> for details.
The config-file option name for this flag is "cgipat",
and the config.h option is <A HREF="options.html#CGI_PATTERN" tppabs="http://www.acme.com/software/thttpd/options.html#CGI_PATTERN">CGI_PATTERN</A>.

<DT> -t
<DD>
Specifies a file of throttle settings.
See <A HREF="#THROTTLING">below</A> for details.
The config-file option name for this flag is "throttles".

<DT> -h
<DD>
Specifies a hostname to bind to, for multihoming.
The default is to bind to all hostnames supported on the local machine.
See <A HREF="#MULTIHOMING">below</A> for details.
The config-file option name for this flag is "host",
and the config.h option is <A HREF="options.html#SERVER_NAME" tppabs="http://www.acme.com/software/thttpd/options.html#SERVER_NAME">SERVER_NAME</A>.

<DT> -l
<DD>
Specifies a file for logging.
If no file is specified, thttpd logs via syslog().
The config-file option name for this flag is "logfile".

<DT> -i
<DD>
Specifies a file to write the process-id to.
If no file is specified, no process-id is written.
You can use this file to send signals to thttpd.
See <A HREF="#SIGNALS">below</A> for details.
The config-file option name for this flag is "pidfile".

<DT> -T
<DD>
Specifies the character set to use with text MIME types.
The default is iso-8859-1.
The config-file option name for this flag is "charset",
and the config.h option is <A HREF="options.html#DEFAULT_CHARSET" tppabs="http://www.acme.com/software/thttpd/options.html#DEFAULT_CHARSET">DEFAULT_CHARSET</A>.

<DT> -D
<DD>
This was originally just a debugging flag, however it's worth mentioning
because one of the things it does is prevent thttpd from making itself
a background daemon.
Instead it runs in the foreground like a regular program.
This is necessary when you want to run thttpd wrapped in a little shell
script that restarts it if it exits.

</DL>


<H4><A NAME="CONFIG-FILE">CONFIG-FILE</A></H4>

<P>
All the command-line options can also be set in a config file.
One advantage of using a config file is that the file can be changed,
and thttpd will pick up the changes with a restart.

<P>
The syntax of the config file is simple, a series of "option" or
"option=value" separated by whitespace.
The option names are listed above with their corresponding command-line flags.


<H4><A NAME="CHROOT">CHROOT</A></H4>

<P>
chroot() is a system call that restricts the program's view
of the filesystem to the current directory and directories
below it.
It becomes impossible for remote users to access
any file outside of the initial directory.
The restriction
is inherited by child processes, so CGI programs get it too.
This is a very strong security measure, and is recommended.
The only downside is that only root can call chroot(), so
this means the program must be started as root.
However,
the last thing it does during initialization is to give up
root access by becoming another user, so this is safe.

<P>
The program can also be compile-time configured to always do
a chroot(), without needing the -r flag.

<P>
Note that with some other web servers, such as NCSA httpd,
setting up a directory tree for use with chroot() is complicated, involving creating a bunch of special directories and
copying in various files.
With thttpd it's a lot easier,
all you have to do is make sure any shells, utilities, and
config files used by your CGI programs and scripts are available.
If you have CGI disabled, or if you make a policy that all CGI programs
must be written in a compiled language such as C and statically linked,
then you probably don't have to do any setup at all.

<P>
Relevant config.h option:
<A HREF="options.html#ALWAYS_CHROOT" tppabs="http://www.acme.com/software/thttpd/options.html#ALWAYS_CHROOT">ALWAYS_CHROOT</A>.


<H4><A NAME="CGI">CGI</A></H4>

<P>
thttpd supports the CGI 1.1 spec.

<P>
In order for a CGI program to be run, its name must match
the pattern specified either at compile time or on the command
line with the -c flag.
This is a simple shell-style filename pattern.
You can use * to match any string not including a slash,
or ** to match any string including slashes,
or ? to match any single character.
You can also use multiple such patterns separated by |.
The patterns get checked against the
filename part of the incoming URL.
Don't forget to quote
any wildcard characters so that the shell doesn't mess with them.

<P>
Restricting CGI programs to a single directory lets the site
administrator review them for security holes, and is
strongly recommended.
If there are individual users that
you trust, you can enable their directories too.

<P>
If no CGI pattern is specified, neither here nor at compile
time, then CGI programs cannot be run at all.
If you want
to disable CGI as a security measure, that's how you do it,
just comment out the patterns in the config file and don't
run with the -c flag.

<P>
Note: the current working directory when a CGI program gets run is
the directory that the CGI program lives in.
This isn't in the CGI 1.1 spec, but it's what most other HTTP servers do.

<P>
Relevant config.h options:
<A HREF="options.html#CGI_PATTERN" tppabs="http://www.acme.com/software/thttpd/options.html#CGI_PATTERN">CGI_PATTERN</A>,
<A HREF="options.html#CGI_TIMELIMIT" tppabs="http://www.acme.com/software/thttpd/options.html#CGI_TIMELIMIT">CGI_TIMELIMIT</A>,
<A HREF="options.html#CGI_NICE" tppabs="http://www.acme.com/software/thttpd/options.html#CGI_NICE">CGI_NICE</A>,
<A HREF="options.html#CGI_PATH" tppabs="http://www.acme.com/software/thttpd/options.html#CGI_PATH">CGI_PATH</A>,
<A HREF="options.html#CGI_LD_LIBRARY_PATH" tppabs="http://www.acme.com/software/thttpd/options.html#CGI_LD_LIBRARY_PATH">CGI_LD_LIBRARY_PATH</A>,
<A HREF="options.html#CGIBINDIR" tppabs="http://www.acme.com/software/thttpd/options.html#CGIBINDIR">CGIBINDIR</A>.


<H4><A NAME="BASIC_AUTHENTICATION">BASIC AUTHENTICATION</A></H4>

<P>
Basic Authentication is available as an option at compile time.
If enabled, it uses a password file in the directory to be protected,
called .htpasswd by default.
This file is formatted as the familiar colon-separated
username/encrypted-password pair, records delimited by newlines.
The protection does not carry over to subdirectories.
The utility program <A HREF="htpasswd_man.html" tppabs="http://www.acme.com/software/thttpd/htpasswd_man.html">htpasswd(1)</A> is included to help create and
modify .htpasswd files.

<P>
Relevant config.h option:
<A HREF="options.html#AUTH_FILE" tppabs="http://www.acme.com/software/thttpd/options.html#AUTH_FILE">AUTH_FILE</A>,


<H4><A NAME="THROTTLING">THROTTLING</A></H4>

<P>
The throttle file lets you set maximum byte rates on URLs or
URL groups.
There is no provision for setting a maximum
request rate throttle, because throttling a request uses as
much cpu as handling it, so there would be no point.

<P>
The format of the throttle file is very simple.
A # starts a comment, and the rest of the line is ignored.
Blank lines are ignored.
The rest of the lines should consist of a pattern, whitespace, and a number.
The pattern is a simple
shell-style filename pattern, using ?/**/*, or multiple
such patterns separated by |.

<P>
The numbers in the file are byte rates, specified in units
of bytes per second.
For comparison, a v.32b/v.42b modem
gives about 1500/2000 B/s depending on compression, a
double-B-channel ISDN line about 12800 B/s, and a T1 line is
about 150000 B/s.

<P>
Example:
<BLOCKQUOTE><CODE><PRE>
# throttle file for www.acme.com

**              100000  # limit total web usage to 2/3 of our T1
**.jpg|**.gif   50000   # limit images to 1/3 of our T1
**.mpg          20000   # and movies to even less
jef/**          20000   # jef's pages are too popular
</PRE></CODE></BLOCKQUOTE>