diff options
Diffstat (limited to 'c/src/exec/libnetworking/libc/rcmd.3')
| -rw-r--r-- | c/src/exec/libnetworking/libc/rcmd.3 | 204 |
1 files changed, 0 insertions, 204 deletions
diff --git a/c/src/exec/libnetworking/libc/rcmd.3 b/c/src/exec/libnetworking/libc/rcmd.3 deleted file mode 100644 index e25057fa4e..0000000000 --- a/c/src/exec/libnetworking/libc/rcmd.3 +++ /dev/null @@ -1,204 +0,0 @@ -.\" Copyright (c) 1983, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" From: @(#)rcmd.3 8.1 (Berkeley) 6/4/93 -.\" $Id$ -.\" -.Dd February 15, 1996 -.Dt RCMD 3 -.Os BSD 4.2 -.Sh NAME -.Nm rcmd , -.Nm rresvport , -.Nm iruserok , -.Nm ruserok -.Nd routines for returning a stream to a remote command -.Sh SYNOPSIS -.Fd #include <unistd.h> -.Ft int -.Fn rcmd "char **ahost" "int inport" "const char *locuser" "const char *remuser" "const char *cmd" "int *fd2p" -.Ft int -.Fn rresvport "int *port" -.Ft int -.Fn iruserok "u_long raddr" "int superuser" "const char *ruser" "const char *luser" -.Ft int -.Fn ruserok "const char *rhost" "int superuser" "const char *ruser" "const char *luser" -.Sh DESCRIPTION -The -.Fn rcmd -function -is used by the super-user to execute a command on -a remote machine using an authentication scheme based -on reserved port numbers. -The -.Fn rresvport -function -returns a descriptor to a socket -with an address in the privileged port space. -The -.Fn ruserok -function -is used by servers -to authenticate clients requesting service with -.Fn rcmd . -All three functions are present in the same file and are used -by the -.Xr rshd 8 -server (among others). -.Pp -The -.Fn rcmd -function -looks up the host -.Fa *ahost -using -.Xr gethostbyname 3 , -returning \-1 if the host does not exist. -Otherwise -.Fa *ahost -is set to the standard name of the host -and a connection is established to a server -residing at the well-known Internet port -.Fa inport . -.Pp -If the connection succeeds, -a socket in the Internet domain of type -.Dv SOCK_STREAM -is returned to the caller, and given to the remote -command as -.Em stdin -and -.Em stdout . -If -.Fa fd2p -is non-zero, then an auxiliary channel to a control -process will be set up, and a descriptor for it will be placed -in -.Fa *fd2p . -The control process will return diagnostic -output from the command (unit 2) on this channel, and will also -accept bytes on this channel as being -.Tn UNIX -signal numbers, to be -forwarded to the process group of the command. -If -.Fa fd2p -is 0, then the -.Em stderr -(unit 2 of the remote -command) will be made the same as the -.Em stdout -and no -provision is made for sending arbitrary signals to the remote process, -although you may be able to get its attention by using out-of-band data. -.Pp -The protocol is described in detail in -.Xr rshd 8 . -.Pp -The -.Fn rresvport -function is used to obtain a socket with a privileged -address bound to it. This socket is suitable for use -by -.Fn rcmd -and several other functions. Privileged Internet ports are those -in the range 0 to 1023. Only the super-user -is allowed to bind an address of this sort to a socket. -.Pp -The -.Fn iruserok -and -.Fn ruserok -functions take a remote host's IP address or name, as returned by the -.Xr gethostbyname 3 -routines, two user names and a flag indicating whether the local user's -name is that of the super-user. -Then, if the user is -.Em NOT -the super-user, it checks the -.Pa /etc/hosts.equiv -file. -If that lookup is not done, or is unsuccessful, the -.Pa .rhosts -in the local user's home directory is checked to see if the request for -service is allowed. -.Pp -If this file does not exist, is not a regular file, is owned by anyone -other than the user or the super-user, or is writable by anyone other -than the owner, the check automatically fails. -Zero is returned if the machine name is listed in the -.Dq Pa hosts.equiv -file, or the host and remote user name are found in the -.Dq Pa .rhosts -file; otherwise -.Fn iruserok -and -.Fn ruserok -return \-1. -If the local domain (as obtained from -.Xr gethostname 3 ) -is the same as the remote domain, only the machine name need be specified. -.Pp -The -.Fn iruserok -function is strongly preferred for security reasons. -It requires trusting the local DNS at most, while the -.Fn ruserok -function requires trusting the entire DNS, which can be spoofed. -.Sh DIAGNOSTICS -The -.Fn rcmd -function -returns a valid socket descriptor on success. -It returns \-1 on error and prints a diagnostic message on the standard error. -.Pp -The -.Fn rresvport -function -returns a valid, bound socket descriptor on success. -It returns \-1 on error with the global value -.Va errno -set according to the reason for failure. -The error code -.Dv EAGAIN -is overloaded to mean ``All network ports in use.'' -.Sh SEE ALSO -.Xr rlogin 1 , -.Xr rsh 1 , -.Xr intro 2 , -.Xr rexec 3 , -.Xr rexecd 8 , -.Xr rlogind 8 , -.Xr rshd 8 -.Sh HISTORY -These -functions appeared in -.Bx 4.2 . |