svcadm(1M)을 검색하려면 섹션에서 1M 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.
rcmd(3c)
Standard C Library Functions rcmd(3C)
NAME
rcmd, rcmd_af, rresvport, rresvport_af, ruserok - routines for return‐
ing a stream to a remote command
SYNOPSIS
#include <netdb.h>
#include <unistd.h>
int rcmd(char **ahost, unsigned short inport, const char *luser,
const char *ruser, const char *cmd, int *fd2p);
int rcmd_af(char **ahost, unsigned short inport, const char *luser,
const char *ruser, const char *cmd, int *fd2p, int af);
int rresvport(int *port);
int rresvport_af(int *port, int af);
int ruserok(const char *rhost, int suser, const char *ruser,
const char *luser);
DESCRIPTION
The rcmd() and rcmd_af() functions execute a command on a remote
machine with an authentication scheme based on privileged port numbers.
The {PRIV_NET_PRIVADDR} privilege is required to use these functions so
they can bind a socket to a privileged port number. An AF_INET socket
is returned with rcmd(). The rcmd_af() function supports AF_INET,
AF_INET6, or AF_UNSPEC for the address family. An application can
choose which type of socket is returned by passing AF_INET or AF_INET6
as the address family. The use of AF_UNSPEC means that the caller will
accept any address family. Choosing AF_UNSPEC provides a socket that
best suits the connectivity to the remote host.
The rcmd() and rcmd_af() functions look up the host *ahost using getad‐
drinfo(3C) and return −1 if the host does not exist. Otherwise, *ahost
is set to the standard name of the host and a connection is established
to a server residing at the Internet port inport.
If the connection succeeds, a socket in the Internet domain of type
SOCK_STREAM is returned to the caller. The socket is given to the
remote command as standard input (file descriptor 0) and standard out‐
put (file descriptor 1). If fd2p is non-zero, an auxiliary channel to a
control process is set up and a descriptor for it is placed in *fd2p.
The control process returns diagnostic output file (descriptor 2) from
the command on the auxiliary channel. The control process also accepts
bytes on this channel as signal numbers to be forwarded to the process
group of the command. If fd2p is 0, the standard error (file descriptor
2) of the remote command is made the same as its standard output. No
provision is made for sending arbitrary signals to the remote process,
other than possibly sending out-of-band data.
The protocol is described in detail in in.rshd(8).
The rresvport() and rresvport_af() functions are used to obtain a
socket bound to a privileged port number. Privileged Internet ports are
those in the range 1 to 1023. The {PRIV_NET_PRIVADDR} privilege is
required to bind a socket to a privileged port number. The application
must pass in port, which must be in the range 512 to 1023. The system
first tries to bind to that port number. If it fails, the system then
tries to bind to another unused privileged port, if one is available.
The rresvport() function returns a descriptor to a socket in the Inter‐
net domain of type SOCK_STREAM with an address in the AF_INET address
family. The rresvport_af() function is the equivalent to rresvport(),
except that you can choose AF_INET or AF_INET6 as the socket address
family to be returned by rresvport_af(). AF_UNSPEC does not apply to
the rresvport_af() function.
The ruserok() function is a routine used by servers to authenticate
clients that request a service with rcmd(). The ruserok() function
takes a remote host name returned by the gethostbyaddr() function with
two user names and a flag to indicate whether the local user's name is
that of the superuser. See gethostbyname(3C). The ruserok() function
then checks the files /etc/hosts.equiv and possibly .rhosts in the
local user's home directory to see if the request for service is
allowed. A 0 value is returned if the machine name is listed in the
/etc/hosts.equiv file, or if the host and remote user name are found in
the .rhosts file. Otherwise, the ruserok() function returns −1. If the
superuser flag is 1, the /etc/hosts.equiv is not checked.
RETURN VALUES
The rcmd() and rcmd_af() functions return a valid socket descriptor
upon success. The functions return −1 upon error and print a diagnostic
message to standard error.
The rresvport() and rresvport_af() functions return a valid, bound
socket descriptor upon success. The functions return −1 upon error with
the global value errno set according to the reason for failure.
The error code EAGAIN is overloaded to mean "All privileged network
ports in use."
FILES
/etc/hosts.equiv system trusted hosts and users
~/.rhosts user's trusted hosts and users
USAGE
The protocols underlying these functions use weak authentication and
offer no protection against spoofing or snooping of traffic. The
in.rshd(8) server is disabled by default on Oracle Solaris and most
other modern operating systems. Use of the sshd(8) server is strongly
recommended instead, and a programming interface to it is available via
the libssh2 library.
The range of privileged ports used by these functions does not take
into account changes to the smallest-nonpriv-port and extra-priv-ports
properties by ipadm(8).
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE TYPEAT‐
TRIBUTE VALUE _ Interface StabilityCommitted _ MT-LevelUnsafe
This interface is Unsafe in multithreaded applications. Unsafe inter‐
faces should be called only from the main thread.
SEE ALSO
rlogin(1), rsh(1), Intro(2), getaddrinfo(3C), gethostbyname(3C),
rexec(3C), attributes(7), privileges(7), in.rexecd(8), in.rshd(8)
HISTORY
The rcmd_af() and rresvport_af() functions were added to Oracle Solaris
in the Solaris 8 release.
The rcmd(), rresvport(), and ruserok() functions have been present
since the initial release of Solaris.
Oracle Solaris 11.4 3 Nov 2021 rcmd(3C)