=begin text

=end text

=head1 SOLARIS CONFIGURATION

Solaris has a service management facility to start processes and daemons

at system boot. This facility replaces the more traditional runtime

configuration scripts used by other Unix operating systems.

The Solaris service management facility is also used to implement inetd(1M).

To configure stunnel to listen on one or more ports, create the stunnel

configuration file /etc/stunnel/stunnel.conf. The configuration tokens are

explained elsewhere in this manual. A sample configuration file delivered

in /etc/stunnel can be used as a reference.

Now activate the stunnel smf(5) service using svcadm(1M).

=over 4

=item

# svcadm enable svc:/network/ssl/stunnel:default

=back

Note that the smf(5) FMRI can be abbreviated to stunnel, so following

command is also valid:

=over 4

=item

# svcadm enable stunnel

=back

Check that the service is running with the svcs(1M) command. If the stunnel

service is not online, use svcs -xv to find out why. This command will show the

name of the log file used to record any startup errors.

The stunnel smf(5) service is defined by a manifest which is part of the

The stunnel smf(5) service starts stunnel process(es) which listen for

incoming connections. An alternative way of achieving this is to use

INETD MODE described elsewhere in this manual. This method is advantageous

if the service useage is intermittant, or when many services need to use

stunnel because each service can be enabled or disabled independently.

When configuring inetd(1M) to listen on the required ports, the

stunnel process(es) are started only when a connection is established.

The INETD MODE section of this manual describes editing /etc/inetd.conf

to configure inetd(1M), although this file exists in Solaris, the services

controlled by inetd(1M) are in fact configured using smf(5) manifests.

To configure inetd(1M) on Solaris to start a stunnel process:

=over 4

=item *

Check that the service has an entry in /etc/services.

=item *

Check to see if there is already a smf(5) service running on this port

using svcs(1M) and  disable any existing service with svcadm(1M).

=item *

Create a stunnel configuration file, for example:

/etc/stunnel/stunnel_imap.conf

=item *

Create a scratch template file and add the /etc/inetd.conf entry to

this file (see INETD MODE).

=item *

Use the inetconv(1M) command to create a inetd(1M) service manifest and 

register the service with smf(5), for example:

# inetconv -i /tmp/inetd_scratch.conf -o /var/svc/manifest/network/ssl

=item *

The newly created service can be managed with svcadm(1M).

=back

=head1 ATTRIBUTES

See attributes(5) for descriptions of the  following  attributes:

___________________________________________________________

|       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE     |

|_____________________________|___________________________|

|_____________________________|___________________________|

| Interface Stability         | Uncommitted               |

|_____________________________|___________________________|

=head1 SOURCE CODE

Source for stunnel is available on http://opensolaris.org.