| 1 | .\" Copyright (c) 1983 The Regents of the University of California. |
| 2 | .\" All rights reserved. |
| 3 | .\" |
| 4 | .\" Redistribution and use in source and binary forms are permitted |
| 5 | .\" provided that the above copyright notice and this paragraph are |
| 6 | .\" duplicated in all such forms and that any documentation, |
| 7 | .\" advertising materials, and other materials related to such |
| 8 | .\" distribution and use acknowledge that the software was developed |
| 9 | .\" by the University of California, Berkeley. The name of the |
| 10 | .\" University may not be used to endorse or promote products derived |
| 11 | .\" from this software without specific prior written permission. |
| 12 | .\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR |
| 13 | .\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED |
| 14 | .\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. |
| 15 | .\" |
| 16 | .\" @(#)rcmd.3 6.9 (Berkeley) %G% |
| 17 | .\" |
| 18 | .TH RCMD 3 "" |
| 19 | .UC 5 |
| 20 | .SH NAME |
| 21 | rcmd, rresvport, ruserok \- routines for returning a stream to a remote command |
| 22 | .SH SYNOPSIS |
| 23 | .nf |
| 24 | .PP |
| 25 | .B "rem = rcmd(ahost, inport, locuser, remuser, cmd, fd2p);" |
| 26 | .B char **ahost; |
| 27 | .B int inport; |
| 28 | .B "char *locuser, *remuser, *cmd;" |
| 29 | .B int *fd2p; |
| 30 | .PP |
| 31 | .B s = rresvport(port); |
| 32 | .B int *port; |
| 33 | .PP |
| 34 | .B "ruserok(rhost, superuser, ruser, luser);" |
| 35 | .B char *rhost; |
| 36 | .B int superuser; |
| 37 | .B char *ruser, *luser; |
| 38 | .fi |
| 39 | .SH DESCRIPTION |
| 40 | .I Rcmd |
| 41 | is a routine used by the super-user to execute a command on |
| 42 | a remote machine using an authentication scheme based |
| 43 | on reserved port numbers. |
| 44 | .I Rresvport |
| 45 | is a routine which returns a descriptor to a socket |
| 46 | with an address in the privileged port space. |
| 47 | .I Ruserok |
| 48 | is a routine used by servers |
| 49 | to authenticate clients requesting service with |
| 50 | .IR rcmd . |
| 51 | All three functions are present in the same file and are used |
| 52 | by the |
| 53 | .IR rshd (8) |
| 54 | server (among others). |
| 55 | .PP |
| 56 | .I Rcmd |
| 57 | looks up the host |
| 58 | .I *ahost |
| 59 | using |
| 60 | .IR gethostbyname (3), |
| 61 | returning \-1 if the host does not exist. |
| 62 | Otherwise |
| 63 | .I *ahost |
| 64 | is set to the standard name of the host |
| 65 | and a connection is established to a server |
| 66 | residing at the well-known Internet port |
| 67 | .IR inport . |
| 68 | .PP |
| 69 | If the connection succeeds, |
| 70 | a socket in the Internet domain of type SOCK_STREAM |
| 71 | is returned to the caller, and given to the remote |
| 72 | command as |
| 73 | .B stdin |
| 74 | and |
| 75 | .BR stdout . |
| 76 | If |
| 77 | .I fd2p |
| 78 | is non-zero, then an auxiliary channel to a control |
| 79 | process will be set up, and a descriptor for it will be placed |
| 80 | in |
| 81 | .IR *fd2p . |
| 82 | The control process will return diagnostic |
| 83 | output from the command (unit 2) on this channel, and will also |
| 84 | accept bytes on this channel as being UNIX signal numbers, to be |
| 85 | forwarded to the process group of the command. |
| 86 | If |
| 87 | .I fd2p |
| 88 | is 0, then the |
| 89 | .B stderr |
| 90 | (unit 2 of the remote |
| 91 | command) will be made the same as the |
| 92 | .B stdout |
| 93 | and no |
| 94 | provision is made for sending arbitrary signals to the remote process, |
| 95 | although you may be able to get its attention by using out-of-band data. |
| 96 | .PP |
| 97 | The protocol is described in detail in |
| 98 | .IR rshd (8). |
| 99 | .PP |
| 100 | The |
| 101 | .I rresvport |
| 102 | routine is used to obtain a socket with a privileged |
| 103 | address bound to it. This socket is suitable for use |
| 104 | by |
| 105 | .I rcmd |
| 106 | and several other routines. Privileged Internet ports are those |
| 107 | in the range 0 to 1023. Only the super-user |
| 108 | is allowed to bind an address of this sort to a socket. |
| 109 | .PP |
| 110 | .I Ruserok |
| 111 | takes a remote host's name, as returned by the |
| 112 | .IR gethostbyaddr (3) |
| 113 | routine, two user names and a flag indicating whether |
| 114 | the local user's name is that of the super-user. Then, |
| 115 | if the user is |
| 116 | .B NOT |
| 117 | the super-user, it checks the files |
| 118 | .IR /etc/hosts.equiv . |
| 119 | If that lookup is not done, or is unsuccessful, the |
| 120 | .I .rhosts |
| 121 | in the local user's home directory is checked to see if the request for |
| 122 | service is allowed. If this file is owned by anyone other than the |
| 123 | user or the super-user, or if it is writeable by anyone other than the |
| 124 | owner, the check automatically fails. A 0 is returned if the machine |
| 125 | name is listed in the ``hosts.equiv'' file, or the host and remote |
| 126 | user name are found in the ``.rhosts'' file; otherwise |
| 127 | .I ruserok |
| 128 | returns \-1. |
| 129 | If the local domain (as obtained from \fIgethostname\fP\|(2)) |
| 130 | is the same as the remote domain, only the machine name need be specified. |
| 131 | .SH SEE ALSO |
| 132 | rlogin(1), rsh(1), intro(2), rexec(3), rexecd(8), rlogind(8), rshd(8) |
| 133 | .SH DIAGNOSTICS |
| 134 | .I Rcmd |
| 135 | returns a valid socket descriptor on success. |
| 136 | It returns -1 on error and prints a diagnostic message on the standard error. |
| 137 | .PP |
| 138 | .I Rresvport |
| 139 | returns a valid, bound socket descriptor on success. |
| 140 | It returns -1 on error with the global value |
| 141 | .I errno |
| 142 | set according to the reason for failure. |
| 143 | The error code EAGAIN is overloaded to mean ``All network ports in use.'' |