TUX web server
It is currently limited to serving static web pages and coordinating between kernelspace modules, userspace modules, and regular userspace web server daemons that provide dynamic content. Regular userspace web servers do not need to be altered in any way for TUX to coordinate with them. However, userspace code has to use a new interface based on the
tux(2) system call.
The main differences between TUX and other webservers include:
- TUX runs partly within a customized version of the Linux kernel and partly as a userspace daemon.
- With a capable network card, TUX enables scatter-gather DMA from the page cache directly to the network.
- TUX is only able to serve static web pages.
While only being able to serve static web pages could be seen as a significant disadvantage, TUX has one significant advantage: it is able to serve pages faster than traditional web servers. This is largely due to its place directly within the kernel, where it can improve performance by taking advantage of facilities not available to traditional web servers, which run outside of the kernel. However, this also means that TUX does not generate dynamic content. Because it is running within the kernel, such dynamic content cannot take advantage of functions that the kernel provides to userspace programs, and would create tremendous security issues.
TUX is capable of launching CGI programs to provide dynamic content. However, CGI suffers from significant performance limitations, so a CGI-heavy site would gain no performance advantage from using TUX. TUX can also redirect any request it cannot process to a traditional userspace web server daemon, for example Apache or lighttpd. This allows TUX to handle both dynamic content and errors in a safer, faster, and RFC-correct manner.
TUX has never been an integrated part of the official Linux kernel, although it has been shipped in some distributions, notably Red Hat, SuSE and Fedora. It served as a test bed (and motivator) for many features which were integrated separately. One major component was the Native POSIX Thread Library, which, with the right tuning parameters, allows userspace web servers to serve web pages at a speed very close to that of a kernelspace web server like TUX but without its limitations. Core kernel developers also argued that having an HTTP daemon within the kernel is dangerous. For example, a common bug such as a buffer overflow within TUX could give an attacker superuser control over the machine. Therefore, it is much safer to keep the HTTP daemon entirely within userspace, where a bug does not necessarily give an attacker total control.