1rdist(1) User Commands rdist(1)
2
6 rdist - remote file distribution program
7
9 rdist [-b] [-D] [-h] [-i] [-n] [-q] [-R] [-a] [-K] [-x]
10 [-PN | -PO] [-k realm] [-v] [-w] [-y]
11 [-d macro = value] [-f distfile] [-m host]...
12 rdist [-b] [-D] [-h] [-i] [-n] [-q] [-R] [-a] [-K] [-x]
15 [-PN | -PO] [-k realm] [-v] [-w] [-y] -c pathname...
16 [login @] hostname [: destpath]
17
20 The rdist utility maintains copies of files on multiple hosts. It pre‐
21 serves the owner, group, mode, and modification time of the master
22 copies, and can update programs that are executing. (rdist does not
23 propagate ownership or mode changes when the file contents have not
24 changed.) Normally, a copy on a remote host is updated if its size or
25 modification time differs from the original on the local host. With the
26 -y option (younger mode), only the modification times are checked, not
27 the size. See OPTIONS below.
28 There are two forms of the rdist command. In the first form shown in
31 the SYNOPSIS section above, rdist reads the indicated distfile for
32 instructions on updating files and/or directories. If distfile is `−',
33 the standard input is used. If no -f option is present, rdist first
34 looks in its working directory for distfile, and then for Distfile, for
35 instructions.
36 The second form shown in SYNOPSIS uses the -c option and specifies
39 paths as command line options.
40 The user can opt for a secure session of rdist which uses Kerberos V5
43 for authentication. Encryption of the data being transferred is also
44 possible. The rdist session can be kerberized using any of the follow‐
45 ing Kerberos specific options : -a, -PN or -PO, -x, and -k realm. Some
46 of these options (-a, -x, -PN or -PO, and -f or -F) can also be speci‐
47 fied in the [appdefaults] section of krb5.conf(4). The usage of these
48 options and the expected behavior is discussed in the OPTIONS section
49 below. If Kerberos authentication is used, authorization to the account
50 is controlled by rules in krb5_auth_rules(5). If this authorization
51 fails, fallback to normal rdist using rhosts occurs only if the -PO
52 option is used explicitly on the command line or is specified in
53 krb5.conf(4). Also notice that the -PN or -PO, -x, and -k realm options
54 are just supersets of the -a option. In order to use the non-secure
55 version of rdist across machines, each host machine must have a
56 /etc/host.equiv file, or the user must have an entry in the .rhosts
57 file in the home directory. See hosts.equiv(4) for more information.
58
60 The following options are supported:
61 -a
63 This option explicitly enables Kerberos authentication and trusts
65 the .k5login file for access-control. If the authorization check by
66 in.rshd(1M) on the server-side succeeds and if the .k5login file
67 permits access, the user is allowed to carry out the rdist trans‐
68 fer.
69 -b
72 Binary comparison. Performs a binary comparison and updates files
74 if they differ, rather than merely comparing dates and sizes.
75 -c pathname ...[login@]hostname[:destpath]
78 Copies each pathname to the named host; if destpath is specified,
80 it does not update any pathname on the named host. (Relative file‐
81 names are taken as relative to your home directory.) If the
82 `login@' prefix is given, the update is performed with the user ID
83 of login. If the `:destpath' is given, the remote file is installed
84 as that pathname.
85 -d macro=value
88 Defines macro to have value. This option is used to define or over‐
90 ride macro definitions in the distfile. value can be the empty
91 string, one name, or a list of names surrounded by parentheses and
92 separated by white space.
93 -D
96 Enables debugging.
98 -f distfile
101 Uses the description file distfile. A `−' as the distfile argument
103 denotes the standard input.
104 -h
107 Follows symbolic links. Copies the file that the link points to
109 rather than the link itself.
110 -i
113 Ignores unresolved links. rdist normally tries to maintain the link
115 structure of files being transferred and warn the user if all the
116 links cannot be found.
117 -k realm
120 Causes rdist to obtain tickets for the remote host in realm instead
122 of the remote host's realm as determined by krb5.conf(4).
123 -K
126 This option explicitly disables Kerberos authentication. It can be
128 used to override the autologin variable in krb5.conf(4).
129 -m host
132 Limits which machines are to be updated. Multiple -m arguments can
134 be given to limit updates to a subset of the hosts listed in the
135 distfile.
136 -n
139 Prints the commands without executing them. This option is useful
141 for debugging a distfile.
142 -PO
145 -PN
146 Explicitly requests new (-PN) or old (-PO) version of the Kerberos
148 "rcmd" protocol. The new protocol avoids many security problems
149 prevalant in the old one and is regarded much more secure, but is
150 not interoperable with older (MIT/SEAM) servers. The new protocol
151 is used by default, unless explicitly specified using these options
152 or through krb5.conf(4). If Kerberos authorization fails when using
153 the old "rcmd" protocol, there is fallback to regular, non-kerber‐
154 ized rdist. This is not the case when the new, more secure "rcmd"
155 protocol is used.
156 -q
159 Quiet mode. Does not display the files being updated on the stan‐
161 dard output.
162 -R
165 Removes extraneous files. If a directory is being updated, removes
167 files on the remote host that do not correspond to those in the
168 master (local) directory. This is useful for maintaining truly
169 identical copies of directories.
170 -v
173 Verifies that the files are up to date on all the hosts. Any files
175 that are out of date are displayed, but no files are updated, nor
176 is any mail sent.
177 -w
180 Whole mode. The whole file name is appended to the destination
182 directory name. Normally, only the last component of a name is used
183 when renaming files. This preserves the directory structure of the
184 files being copied, instead of flattening the directory structure.
185 For instance, renaming a list of files such as dir1/dir2 to dir3
186 would create files dir3/dir1 and dir3/dir2 instead of dir3 and
187 dir3. When the -w option is used with a filename that begins with
188 ~, everything except the home directory is appended to the destina‐
189 tion name.
190 -x
193 Causes the information transferred between hosts to be encrypted.
195 Notice that the command is sent unencrypted to the remote system.
196 All subsequent transfers are encrypted.
197 -y
200 Younger mode. Does not update remote copies that are younger than
202 the master copy, but issues a warning message instead. Only modifi‐
203 cation times are checked. No comparison of size is made.
204
207 White Space Characters
208 NEWLINE, TAB, and SPACE characters are all treated as white space; a
209 mapping continues across input lines until the start of the next map‐
210 ping: either a single filename followed by a `->' or the opening paren‐
211 thesis of a filename list.
212 Comments
214 Comments begin with # and end with a NEWLINE.
215 Distfiles
217 The distfile contains a sequence of entries that specify the files to
218 be copied, the destination files to be copied, the destination hosts,
219 and what operations to perform to do the updating. Each entry has one
220 of the following formats:
221 variable_name '=' name_list
223 [ label: ] source_list '->' destination_list command_list
224 [ label: ] source_list '::' time_stamp_file command_list
225 The first format is used for defining variables. The second format is
229 used for distributing files to other hosts. The third format is used
230 for making lists of files that have been changed since some given date.
231 The source list specifies a list of files and/or directories on the
232 local host that are to be used as the master copy for distribution. The
233 destination list is the list of hosts to which these files are to be
234 copied. Each file in the source list is added to a list of changes if
235 the file is out of date on the host that is being updated (second for‐
236 mat) or if the file is newer than the time stamp file (third format).
237 Labels are optional. They are used to identify a command for partial
238 updates. The colon (:) is used after an optional label, while the dou‐
239 ble colon (::) is used for making lists of files that have been changed
240 since a certain date (specified by the date/time of the time_stamp
241 file). Typically, only notify is used with the '::' format of the com‐
242 mand line.
243 Macros
245 rdist has a limited macro facility. Macros are only expanded in file‐
246 name or hostname lists, and in the argument lists of certain primi‐
247 tives. Macros cannot be used to stand for primitives or their options,
248 or the `->' or `::' symbols.
249 A macro definition is a line of the form:
252 macro = value
254 A macro reference is a string of the form:
258 ${macro}
260 although (as with make(1S)) the braces can be omitted if the macro name
264 consists of just one character.
265 Kerberos Access-Control file
267 For the kerberized rdist session, each user might have a private autho‐
268 rization list in a file .k5login in their home directory. Each line in
269 this file should contain a Kerberos principal name of the form princi‐
270 pal/instance@realm. If there is a ~/.k5login file, then access is
271 granted to the account if and only if the originater user is authenti‐
272 cated to one of the principals named in the ~/.k5login file. Otherwise,
273 the originating user is granted access to the account if and only if
274 the authenticated principal name of the user can be mapped to the local
275 account name using the authenticated-principal-name → local-user-name
276 mapping rules. The .k5login file (for access control) comes into play
277 only when Kerberos authentication is being done.
278 Metacharacters
280 The shell meta-characters: [, ], {, }, * and ? are recognized and
281 expanded (on the local host only) just as they are with csh(1).
282 Metacharacters can be escaped by prepending a backslash.
283 The ~ character is also expanded in the same way as with csh; however,
286 it is expanded separately on the local and destination hosts.
287 Filenames
289 File names that do not begin with `/' or `~' are taken to be relative
290 to user's home directory on each destination host; they are not rela‐
291 tive to the current working directory. Multiple file names must be
292 enclosed within parentheses.
293 Primitives
295 The following primitives can be used to specify actions rdist is to
296 take when updating remote copies of each file.
297 install [-b] [-h] [-i] [-R] [-v] [-w] [-y] [newname]
299 Copy out of date files and directories (recursively). If no newname
301 operand is given, the name of the local file is given to the remote
302 host's copy. If absent from the remote host, parent directories in
303 a filename's path are created. To help prevent disasters, a non-
304 empty directory on a target host is not replaced with a regular
305 file or a symbolic link by rdist. However, when using the -R
306 option, a non-empty directory is removed if the corresponding file‐
307 name is completely absent on the master host.
308 The options for install have the same semantics as their command
310 line counterparts, but are limited in scope to a particular map.
311 The login name used on the destination host is the same as the
312 local host unless the destination name is of the format login@host.
313 In that case, the update is performed under the username login.
314 notify address...
317 Send mail to the indicated email address of the form:
319 user@host
321 that lists the files updated and any errors that might have
323 occurred. If an address does not contain a `@host' suffix, rdist
324 uses the name of the destination host to complete the address.
325 except filename ...
328 Omit from updates the files named as arguments.
330 except_pat pattern ...
333 Omit from updates the filenames that match each regular-expression
335 pattern (see ed(1) for more information on regular expressions).
336 Note that `\' and `$' characters must be escaped in the distfile.
337 Shell variables can also be used within a pattern, however shell
338 filename expansion is not supported.
339 special [filename] ... "command-line"
342 Specify a Bourne shell, sh(1) command line to execute on the remote
344 host after each named file is updated. If no filename argument is
345 present, the command-line is performed for every updated file, with
346 the shell variable FILE set to the file's name on the local host.
347 The quotation marks allow command-line to span input lines in the
348 distfile; multiple shell commands must be separated by semicolons
349 (;).
350 The default working directory for the shell executing each command-
352 line is the user's home directory on the remote host.
353 IPv6
356 The rdist command is IPv6-enabled. See ip6(7P). IPv6 is not currently
357 supported with Kerberos V5 authentication.
358
360 Example 1 A Sample distfile
361 The following sample distfile instructs rdist to maintain identical
364 copies of a shared library, a shared-library initialized data file,
365 several include files, and a directory, on hosts named hermes and
366 magus. On magus, commands are executed as super-user. rdist notifies
367 merlin@druid whenever it discovers that a local file has changed rela‐
368 tive to a timestamp file. (Parentheses are used when the source or des‐
369 tination list contains zero or more names separated by white-space.)
370 HOSTS = ( hermes root@magus )
373 FILES = ( /usr/local/lib/libcant.so.1.1
375 /usrlocal/lib/libcant.sa.1.1 /usr/local/include/{*.h}
376 /usr/local/bin )
377 (${FILES}) -> (${HOSTS})
379 install −R ;
380 ${FILES} :: /usr/local/lib/timestamp
381 notify merlin@druid ;
382
386 ~/.rhosts User's trusted hosts and users
387 /etc/host.equiv system trusted hosts and users
390 /tmp/rdist* Temporary file for update lists
393 $HOME/.k5login File containing Kerberos principals that are
396 allowed access
397 /etc/krb5/krb5.conf Kerberos configuration file
400
403 See attributes(5) for descriptions of the following attributes:
404 ┌─────────────────────────────┬─────────────────────────────┐
409 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
410 ├─────────────────────────────┼─────────────────────────────┤
411 │Availability │SUNWrcmdc │
412 └─────────────────────────────┴─────────────────────────────┘
413
415 csh(1), ed(1), make(1S), sh(1), in.rshd(1M), stat(2), hosts.equiv(4),
416 krb5.conf(4), attributes(5), krb5_auth_rules(5), ip6(7P)
417
419 A complaint about mismatch of rdist version numbers might really stem
420 from some problem with starting your shell, for example, you are in too
421 many groups.
422
424 The super-user does not have its accustomed access privileges on NFS
425 mounted file systems. Using rdist to copy to such a file system might
426 fail, or the copies might be owned by user "nobody".
427
429 Source files must reside or be mounted on the local host.
430 There is no easy way to have a special command executed only once after
433 all files in a directory have been updated.
434 Variable expansion only works for name lists; there should be a general
437 macro facility.
438 rdist aborts on files that have a negative modification time (before
441 Jan 1, 1970).
442 There should be a "force" option to allow replacement of non-empty
445 directories by regular files or symlinks. A means of updating file
446 modes and owners of otherwise identical files is also needed.
447SunOS 5.11 23 Dec 2008 rdist(1)