From 3d08cd331c1adcf0d917392f7e527b3f00511748 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 24 May 2024 06:52:22 +0200 Subject: Merging upstream version 6.8. Signed-off-by: Daniel Baumann --- man3/rcmd.3 | 304 ------------------------------------------------------------ 1 file changed, 304 deletions(-) delete mode 100644 man3/rcmd.3 (limited to 'man3/rcmd.3') diff --git a/man3/rcmd.3 b/man3/rcmd.3 deleted file mode 100644 index 012dc62..0000000 --- a/man3/rcmd.3 +++ /dev/null @@ -1,304 +0,0 @@ -'\" t -.\" $NetBSD: rcmd.3,v 1.9 1996/05/28 02:07:39 mrg Exp $ -.\" -.\" Copyright (c) 1983, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" SPDX-License-Identifier: BSD-4-Clause-UC -.\" -.\" @(#)rcmd.3 8.1 (Berkeley) 6/4/93 -.\" -.\" Contributed as Linux man page by David A. Holland, 970908 -.\" I have not checked whether the Linux situation is exactly the same. -.\" -.\" 2007-12-08, mtk, Converted from mdoc to man macros -.\" -.TH rcmd 3 2023-10-31 "Linux man-pages 6.7" -.SH NAME -rcmd, rresvport, iruserok, ruserok, rcmd_af, -rresvport_af, iruserok_af, ruserok_af \- routines for returning a -stream to a remote command -.SH LIBRARY -Standard C library -.RI ( libc ", " \-lc ) -.SH SYNOPSIS -.nf -.BR "#include " "/* Or on some systems */" -.P -.BI "int rcmd(char **restrict " ahost ", unsigned short " inport , -.BI " const char *restrict " locuser , -.BI " const char *restrict " remuser , -.BI " const char *restrict " cmd ", int *restrict " fd2p ); -.P -.BI "int rresvport(int *" port ); -.P -.BI "int iruserok(uint32_t " raddr ", int " superuser , -.BI " const char *" ruser ", const char *" luser ); -.BI "int ruserok(const char *" rhost ", int " superuser , -.BI " const char *" ruser ", const char *" luser ); -.P -.BI "int rcmd_af(char **restrict " ahost ", unsigned short " inport , -.BI " const char *restrict " locuser , -.BI " const char *restrict " remuser , -.BI " const char *restrict " cmd ", int *restrict " fd2p , -.BI " sa_family_t " af ); -.P -.BI "int rresvport_af(int *" port ", sa_family_t " af ); -.P -.BI "int iruserok_af(const void *restrict " raddr ", int " superuser , -.BI " const char *restrict " ruser ", const char *restrict " luser , -.BI " sa_family_t " af ); -.BI "int ruserok_af(const char *" rhost ", int " superuser , -.BI " const char *" ruser ", const char *" luser , -.BI " sa_family_t " af ); -.fi -.P -.RS -4 -Feature Test Macro Requirements for glibc (see -.BR feature_test_macros (7)): -.RE -.ad l -.P -.BR rcmd (), -.BR rcmd_af (), -.BR rresvport (), -.BR rresvport_af (), -.BR iruserok (), -.BR iruserok_af (), -.BR ruserok (), -.BR ruserok_af (): -.nf - Since glibc 2.19: - _DEFAULT_SOURCE - glibc 2.19 and earlier: - _BSD_SOURCE -.fi -.ad -.SH DESCRIPTION -The -.BR rcmd () -function is used by the superuser to execute a command on -a remote machine using an authentication scheme based -on privileged port numbers. -The -.BR rresvport () -function -returns a file descriptor to a socket -with an address in the privileged port space. -The -.BR iruserok () -and -.BR ruserok () -functions are used by servers -to authenticate clients requesting service with -.BR rcmd (). -All four functions are used by the -.BR rshd (8) -server (among others). -.SS rcmd() -The -.BR rcmd () -function -looks up the host -.I *ahost -using -.BR gethostbyname (3), -returning \-1 if the host does not exist. -Otherwise, -.I *ahost -is set to the standard name of the host -and a connection is established to a server -residing at the well-known Internet port -.IR inport . -.P -If the connection succeeds, -a socket in the Internet domain of type -.B SOCK_STREAM -is returned to the caller, and given to the remote -command as -.I stdin -and -.IR stdout . -If -.I fd2p -is nonzero, then an auxiliary channel to a control -process will be set up, and a file descriptor for it will be placed -in -.IR *fd2p . -The control process will return diagnostic -output from the command (unit 2) on this channel, and will also -accept bytes on this channel as being UNIX signal numbers, to be -forwarded to the process group of the command. -If -.I fd2p -is 0, then the -.I stderr -(unit 2 of the remote -command) will be made the same as the -.I stdout -and no -provision is made for sending arbitrary signals to the remote process, -although you may be able to get its attention by using out-of-band data. -.P -The protocol is described in detail in -.BR rshd (8). -.SS rresvport() -The -.BR rresvport () -function is used to obtain a socket with a privileged -port bound to it. -This socket is suitable for use by -.BR rcmd () -and several other functions. -Privileged ports are those in the range 0 to 1023. -Only a privileged process -(on Linux, a process that has the -.B CAP_NET_BIND_SERVICE -capability in the user namespace governing its network namespace) -is allowed to bind to a privileged port. -In the glibc implementation, -this function restricts its search to the ports from 512 to 1023. -The -.I port -argument is value-result: -the value it supplies to the call is used as the starting point -for a circular search of the port range; -on (successful) return, it contains the port number that was bound to. -.\" -.SS iruserok() and ruserok() -The -.BR iruserok () -and -.BR ruserok () -functions take a remote host's IP address or name, respectively, -two usernames and a flag indicating whether the local user's -name is that of the superuser. -Then, if the user is -.I not -the superuser, it checks the -.I /etc/hosts.equiv -file. -If that lookup is not done, or is unsuccessful, the -.I .rhosts -in the local user's home directory is checked to see if the request for -service is allowed. -.P -If this file does not exist, is not a regular file, is owned by anyone -other than the user or the superuser, is writable by anyone other -than the owner, or is hardlinked anywhere, the check automatically fails. -Zero is returned if the machine name is listed in the -.I hosts.equiv -file, or the host and remote username are found in the -.I .rhosts -file; otherwise -.BR iruserok () -and -.BR ruserok () -return \-1. -If the local domain (as obtained from -.BR gethostname (2)) -is the same as the remote domain, only the machine name need be specified. -.P -If the IP address of the remote host is known, -.BR iruserok () -should be used in preference to -.BR ruserok (), -as it does not require trusting the DNS server for the remote host's domain. -.SS *_af() variants -All of the functions described above work with IPv4 -.RB ( AF_INET ) -sockets. -The "_af" variants take an extra argument that allows the -socket address family to be specified. -For these functions, the -.I af -argument can be specified as -.B AF_INET -or -.BR AF_INET6 . -In addition, -.BR rcmd_af () -supports the use of -.BR AF_UNSPEC . -.SH RETURN VALUE -The -.BR rcmd () -function -returns a valid socket descriptor on success. -It returns \-1 on error and prints a diagnostic message on the standard error. -.P -The -.BR rresvport () -function -returns a valid, bound socket descriptor on success. -On failure, it returns \-1 and sets -.I errno -to indicate the error. -The error code -.B EAGAIN -is overloaded to mean: "All network ports in use". -.P -For information on the return from -.BR ruserok () -and -.BR iruserok (), -see above. -.SH ATTRIBUTES -For an explanation of the terms used in this section, see -.BR attributes (7). -.TS -allbox; -lbx lb lb -l l l. -Interface Attribute Value -T{ -.na -.nh -.BR rcmd (), -.BR rcmd_af () -T} Thread safety MT-Unsafe -T{ -.na -.nh -.BR rresvport (), -.BR rresvport_af () -T} Thread safety MT-Safe -T{ -.na -.nh -.BR iruserok (), -.BR ruserok (), -.BR iruserok_af (), -.BR ruserok_af () -T} Thread safety MT-Safe locale -.TE -.SH STANDARDS -BSD. -.SH HISTORY -.TP -.BR iruserok_af () -.TQ -.BR rcmd_af () -.TQ -.BR rresvport_af () -.TQ -.BR ruserok_af () -glibc 2.2. -.P -Solaris, 4.2BSD. -The "_af" variants are more recent additions, -and are not present on as wide a range of systems. -.SH BUGS -.BR iruserok () -and -.BR iruserok_af () -are declared in glibc headers only since glibc 2.12. -.\" Bug filed 25 Nov 2007: -.\" https://www.sourceware.org/bugzilla/show_bug.cgi?id=5399 -.SH SEE ALSO -.BR rlogin (1), -.BR rsh (1), -.BR rexec (3), -.BR rexecd (8), -.BR rlogind (8), -.BR rshd (8) -- cgit v1.2.3