1RCMD(3)                    Linux Programmer's Manual                   RCMD(3)
2
3
4

NAME

6       rcmd, rresvport, iruserok, ruserok - routines for returning a stream to
7       a remote command
8

SYNOPSIS

10       #include <netdb.h>   /* Or <unistd.h> on some systems */
11
12       int rcmd(char **ahost, int inport, const char *locuser,
13                const char *remuser, const char *cmd, int *fd2p);
14
15       int rresvport(int *port);
16
17       int iruserok(uint32_t raddr, int superuser,
18                    const char *ruser, const char *luser);
19
20       int ruserok(const char *rhost, int superuser,
21                   const char *ruser, const char *luser);
22
23   Feature Test Macro Requirements for glibc (see feature_test_macros(7)):
24
25       rcmd(), rresvport(), ruserok(): _BSD_SOURCE
26

DESCRIPTION

28       The rcmd() function is used by the superuser to execute a command on  a
29       remote  machine using an authentication scheme based on privileged port
30       numbers.  The rresvport() function returns a  descriptor  to  a  socket
31       with  an  address  in  the  privileged  port space.  The iruserok() and
32       ruserok()  functions  are  used  by  servers  to  authenticate  clients
33       requesting  service with rcmd().  All four functions are present in the
34       same file and are used by the rshd(8) server (among others).
35
36       The rcmd() function looks up the host  *ahost  using  gethostbyname(3),
37       returning  -1  if  the host does not exist.  Otherwise *ahost is set to
38       the standard name of the host and a  connection  is  established  to  a
39       server residing at the well-known Internet port inport.
40
41       If  the  connection  succeeds,  a socket in the Internet domain of type
42       SOCK_STREAM is returned to the caller, and given to the remote  command
43       as stdin and stdout.  If fd2p is non-zero, then an auxiliary channel to
44       a control process will be set up, and  a  descriptor  for  it  will  be
45       placed  in  *fd2p.   The  control process will return diagnostic output
46       from the command (unit 2) on this channel, and will also  accept  bytes
47       on  this  channel  as being Unix signal numbers, to be forwarded to the
48       process group of the command.  If fd2p is 0, then the stderr (unit 2 of
49       the  remote  command) will be made the same as the stdout and no provi‐
50       sion is made for sending  arbitrary  signals  to  the  remote  process,
51       although  you  may  be  able  to get its attention by using out-of-band
52       data.
53
54       The protocol is described in detail in rshd(8).
55
56       The rresvport() function is used to obtain a socket with  a  privileged
57       address  bound  to  it.   This socket is suitable for use by rcmd() and
58       several other functions.  Privileged Internet ports are  those  in  the
59       range  0  to 1023.  Only the superuser is allowed to bind an address of
60       this sort to a socket.
61
62       The iruserok() and ruserok() functions take a remote host's IP  address
63       or  name, respectively, two usernames and a flag indicating whether the
64       local user's name is that of the superuser.  Then, if the user  is  not
65       the  superuser, it checks the /etc/hosts.equiv file.  If that lookup is
66       not done, or is unsuccessful, the .rhosts  in  the  local  user's  home
67       directory is checked to see if the request for service is allowed.
68
69       If  this file does not exist, is not a regular file, is owned by anyone
70       other than the user or the superuser, or is writable  by  anyone  other
71       than the owner, the check automatically fails.  Zero is returned if the
72       machine name is listed in the hosts.equiv file, or the host and  remote
73       username  are  found  in  the  .rhosts  file;  otherwise iruserok() and
74       ruserok() return -1.  If the local domain (as  obtained  from  gethost‐
75       name(2))  is  the same as the remote domain, only the machine name need
76       be specified.
77
78       If the IP address of the remote host is  known,  iruserok()  should  be
79       used  in  preference  to ruserok(), as it does not require trusting the
80       DNS server for the remote host's domain.
81

RETURN VALUE

83       The rcmd() function returns a valid socket descriptor on  success.   It
84       returns  -1  on  error  and prints a diagnostic message on the standard
85       error.
86
87       The rresvport() function returns a valid, bound  socket  descriptor  on
88       success.   It  returns  -1  on  error  with  the global value errno set
89       according to the reason for failure.  The error code  EAGAIN  is  over‐
90       loaded to mean "All network ports in use."
91

CONFORMING TO

93       Not in POSIX.1-2001.  Present on the BSDs, Solaris, and many other sys‐
94       tems.  These functions appeared in 4.2BSD.
95

BUGS

97       iruserok() is not declared in glibc headers.
98

SEE ALSO

100       rlogin(1), rsh(1), intro(2), rexec(3), rexecd(8), rlogind(8), rshd(8)
101

COLOPHON

103       This page is part of release 3.22 of the Linux  man-pages  project.   A
104       description  of  the project, and information about reporting bugs, can
105       be found at http://www.kernel.org/doc/man-pages/.
106
107
108
109Linux                             2007-12-28                           RCMD(3)
Impressum