[unix-history] / usr / src / lib / libc / net / rcmd.3

.\" Copyright (c) 1983 The Regents of the University of California.
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms are permitted provided
.\" that: (1) source distributions retain this entire copyright notice and
.\" comment, and (2) distributions including binaries display the following
.\" acknowledgement:  ``This product includes software developed by the
.\" University of California, Berkeley and its contributors'' in the
.\" documentation or other materials provided with the distribution and in
.\" all advertising materials mentioning features or use of this software.
.\" Neither the name of the University nor the names of its contributors may
.\" be used to endorse or promote products derived from this software without
.\" specific prior written permission.
.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
.\"
.\"	@(#)rcmd.3	6.10 (Berkeley) 6/23/90
.\"
.TH RCMD 3 "June 23, 1990"
.UC 5
.SH NAME
rcmd, rresvport, ruserok \- routines for returning a stream to a remote command
.SH SYNOPSIS
.nf
.PP
.B "rem = rcmd(ahost, inport, locuser, remuser, cmd, fd2p);"
.B char **ahost;
.B int inport;
.B "char *locuser, *remuser, *cmd;"
.B int *fd2p;
.PP
.B s = rresvport(port);
.B int *port;
.PP
.B "ruserok(rhost, superuser, ruser, luser);"
.B char *rhost;
.B int superuser;
.B char *ruser, *luser;
.fi
.SH DESCRIPTION
.I Rcmd
is a routine used by the super-user to execute a command on
a remote machine using an authentication scheme based
on reserved port numbers.
.I Rresvport
is a routine which returns a descriptor to a socket
with an address in the privileged port space.
.I Ruserok
is a routine used by servers
to authenticate clients requesting service with
.IR rcmd .
All three functions are present in the same file and are used
by the
.IR rshd (8)
server (among others).
.PP
.I Rcmd
looks up the host
.I *ahost
using
.IR gethostbyname (3),
returning \-1 if the host does not exist.
Otherwise
.I *ahost
is set to the standard name of the host
and a connection is established to a server
residing at the well-known Internet port
.IR inport .
.PP
If the connection succeeds,
a socket in the Internet domain of type SOCK_STREAM
is returned to the caller, and given to the remote
command as 
.B stdin
and
.BR stdout .
If
.I fd2p
is non-zero, then an auxiliary channel to a control
process will be set up, and a descriptor for it will be placed
in
.IR *fd2p .
The control process will return diagnostic
output from the command (unit 2) on this channel, and will also
accept bytes on this channel as being UNIX signal numbers, to be
forwarded to the process group of the command.
If
.I fd2p
is 0, then the 
.B stderr
(unit 2 of the remote
command) will be made the same as the 
.B stdout
and no
provision is made for sending arbitrary signals to the remote process,
although you may be able to get its attention by using out-of-band data.
.PP
The protocol is described in detail in
.IR rshd (8).
.PP
The
.I rresvport
routine is used to obtain a socket with a privileged
address bound to it.  This socket is suitable for use
by 
.I rcmd
and several other routines.  Privileged Internet ports are those
in the range 0 to 1023.  Only the super-user
is allowed to bind an address of this sort to a socket.
.PP
.I Ruserok
takes a remote host's name, as returned by the
.IR gethostbyaddr (3)
routine, two user names and a flag indicating whether
the local user's name is that of the super-user.  Then,
if the user is
.B NOT
the super-user, it checks the files
.IR /etc/hosts.equiv .
If that lookup is not done, or is unsuccessful, the
.I .rhosts
in the local user's home directory is checked to see if the request for
service is allowed.  If this file is owned by anyone other than the
user or the super-user, or if it is writeable by anyone other than the
owner, the check automatically fails.  A 0 is returned if the machine
name is listed in the ``hosts.equiv'' file, or the host and remote
user name are found in the ``.rhosts'' file; otherwise
.I ruserok
returns \-1.
If the local domain (as obtained from \fIgethostname\fP\|(2))
is the same as the remote domain, only the machine name need be specified.
.SH SEE ALSO
rlogin(1), rsh(1), intro(2), rexec(3), rexecd(8), rlogind(8), rshd(8)
.SH DIAGNOSTICS
.I Rcmd
returns a valid socket descriptor on success.
It returns -1 on error and prints a diagnostic message on the standard error.
.PP
.I Rresvport
returns a valid, bound socket descriptor on success.
It returns -1 on error with the global value
.I errno
set according to the reason for failure.
The error code EAGAIN is overloaded to mean ``All network ports in use.''
Commit	Line	Data
d20a1e6f KB	1	.\" Copyright (c) 1983 The Regents of the University of California.
d20a1e6f KB	2	.\" All rights reserved.
11a95b5f	3	.\"
1c15e888 C	4	.\" Redistribution and use in source and binary forms are permitted provided
	5	.\" that: (1) source distributions retain this entire copyright notice and
	6	.\" comment, and (2) distributions including binaries display the following
	7	.\" acknowledgement: ``This product includes software developed by the
	8	.\" University of California, Berkeley and its contributors'' in the
	9	.\" documentation or other materials provided with the distribution and in
	10	.\" all advertising materials mentioning features or use of this software.
	11	.\" Neither the name of the University nor the names of its contributors may
	12	.\" be used to endorse or promote products derived from this software without
	13	.\" specific prior written permission.
	14	.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
	15	.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
	16	.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
d20a1e6f	17	.\"
1c15e888	18	.\" @(#)rcmd.3 6.10 (Berkeley) 6/23/90
11a95b5f	19	.\"
1c15e888	20	.TH RCMD 3 "June 23, 1990"
11a95b5f KM	21	.UC 5
	22	.SH NAME
	23	rcmd, rresvport, ruserok \- routines for returning a stream to a remote command
	24	.SH SYNOPSIS
	25	.nf
4fb1c171	26	.PP
11a95b5f KM	27	.B "rem = rcmd(ahost, inport, locuser, remuser, cmd, fd2p);"
11a95b5f KM	28	.B char **ahost;
f3f0480d	29	.B int inport;
11a95b5f KM	30	.B "char locuser, remuser, *cmd;"
	31	.B int *fd2p;
	32	.PP
	33	.B s = rresvport(port);
	34	.B int *port;
	35	.PP
	36	.B "ruserok(rhost, superuser, ruser, luser);"
	37	.B char *rhost;
	38	.B int superuser;
	39	.B char ruser, luser;
	40	.fi
	41	.SH DESCRIPTION
	42	.I Rcmd
	43	is a routine used by the super-user to execute a command on
	44	a remote machine using an authentication scheme based
	45	on reserved port numbers.
	46	.I Rresvport
	47	is a routine which returns a descriptor to a socket
	48	with an address in the privileged port space.
	49	.I Ruserok
	50	is a routine used by servers
	51	to authenticate clients requesting service with
	52	.IR rcmd .
	53	All three functions are present in the same file and are used
	54	by the
d20a1e6f	55	.IR rshd (8)
11a95b5f KM	56	server (among others).
	57	.PP
	58	.I Rcmd
	59	looks up the host
	60	.I *ahost
	61	using
d20a1e6f	62	.IR gethostbyname (3),
11a95b5f KM	63	returning \-1 if the host does not exist.
	64	Otherwise
	65	.I *ahost
	66	is set to the standard name of the host
	67	and a connection is established to a server
	68	residing at the well-known Internet port
	69	.IR inport .
	70	.PP
7faf4e1f MK	71	If the connection succeeds,
7faf4e1f MK	72	a socket in the Internet domain of type SOCK_STREAM
11a95b5f KM	73	is returned to the caller, and given to the remote
	74	command as
	75	.B stdin
	76	and
	77	.BR stdout .
	78	If
	79	.I fd2p
	80	is non-zero, then an auxiliary channel to a control
	81	process will be set up, and a descriptor for it will be placed
	82	in
	83	.IR *fd2p .
	84	The control process will return diagnostic
	85	output from the command (unit 2) on this channel, and will also
	86	accept bytes on this channel as being UNIX signal numbers, to be
	87	forwarded to the process group of the command.
	88	If
	89	.I fd2p
	90	is 0, then the
	91	.B stderr
	92	(unit 2 of the remote
	93	command) will be made the same as the
	94	.B stdout
	95	and no
	96	provision is made for sending arbitrary signals to the remote process,
	97	although you may be able to get its attention by using out-of-band data.
	98	.PP
	99	The protocol is described in detail in
d20a1e6f	100	.IR rshd (8).
11a95b5f KM	101	.PP
	102	The
	103	.I rresvport
	104	routine is used to obtain a socket with a privileged
	105	address bound to it. This socket is suitable for use
	106	by
	107	.I rcmd
7faf4e1f MK	108	and several other routines. Privileged Internet ports are those
7faf4e1f MK	109	in the range 0 to 1023. Only the super-user
11a95b5f KM	110	is allowed to bind an address of this sort to a socket.
	111	.PP
	112	.I Ruserok
d20a1e6f KB	113	takes a remote host's name, as returned by the
d20a1e6f KB	114	.IR gethostbyaddr (3)
7faf4e1f	115	routine, two user names and a flag indicating whether
d20a1e6f KB	116	the local user's name is that of the super-user. Then,
	117	if the user is
	118	.B NOT
	119	the super-user, it checks the files
	120	.IR /etc/hosts.equiv .
	121	If that lookup is not done, or is unsuccessful, the
11a95b5f	122	.I .rhosts
d20a1e6f KB	123	in the local user's home directory is checked to see if the request for
	124	service is allowed. If this file is owned by anyone other than the
	125	user or the super-user, or if it is writeable by anyone other than the
	126	owner, the check automatically fails. A 0 is returned if the machine
	127	name is listed in the ``hosts.equiv'' file, or the host and remote
	128	user name are found in the ``.rhosts'' file; otherwise
11a95b5f	129	.I ruserok
d20a1e6f	130	returns \-1.
0609943c MK	131	If the local domain (as obtained from \fIgethostname\fP\\|(2))
0609943c MK	132	is the same as the remote domain, only the machine name need be specified.
11a95b5f	133	.SH SEE ALSO
d20a1e6f	134	rlogin(1), rsh(1), intro(2), rexec(3), rexecd(8), rlogind(8), rshd(8)
7faf4e1f MK	135	.SH DIAGNOSTICS
	136	.I Rcmd
	137	returns a valid socket descriptor on success.
	138	It returns -1 on error and prints a diagnostic message on the standard error.
	139	.PP
	140	.I Rresvport
	141	returns a valid, bound socket descriptor on success.
	142	It returns -1 on error with the global value
	143	.I errno
	144	set according to the reason for failure.
	145	The error code EAGAIN is overloaded to mean ``All network ports in use.''