1 .\" Copyright (c) 1983, 1991, 1993
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. Neither the name of the University nor the names of its contributors
13 .\" may be used to endorse or promote products derived from this software
14 .\" without specific prior written permission.
16 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 .\" From: @(#)rcmd.3 8.1 (Berkeley) 6/4/93
29 .\" $FreeBSD: src/lib/libc/net/rcmd.3,v 1.27 2008/12/14 22:48:48 murray Exp $
42 .Nd routines for returning a stream to a remote command
48 .Fn rcmd "char **ahost" "int inport" "const char *locuser" "const char *remuser" "const char *cmd" "int *fd2p"
50 .Fn rresvport "int *port"
52 .Fn iruserok "u_long raddr" "int superuser" "const char *ruser" "const char *luser"
54 .Fn ruserok "const char *rhost" "int superuser" "const char *ruser" "const char *luser"
56 .Fn rcmd_af "char **ahost" "int inport" "const char *locuser" "const char *remuser" "const char *cmd" "int *fd2p" "int af"
58 .Fn rresvport_af "int *port" "int af"
60 .Fn iruserok_sa "const void *addr" "int addrlen" "int superuser" "const char *ruser" "const char *luser"
65 is used by the super-user to execute a command on
66 a remote machine using an authentication scheme based
67 on reserved port numbers.
71 returns a descriptor to a socket
72 with an address in the privileged port space.
77 to authenticate clients requesting service with
79 All three functions are present in the same file and are used
81 .Xr rshd 8 Pq Pa net/bsdrcmds
82 server (among others).
91 returning -1 if the host does not exist.
94 is set to the standard name of the host
95 and a connection is established to a server
96 residing at the well-known Internet port
99 If the connection succeeds,
100 a socket in the Internet domain of type
102 is returned to the caller, and given to the remote
109 is non-zero, then an auxiliary channel to a control
110 process will be set up, and a descriptor for it will be placed
113 The control process will return diagnostic
114 output from the command (unit 2) on this channel, and will also
115 accept bytes on this channel as being
117 signal numbers, to be
118 forwarded to the process group of the command.
123 (unit 2 of the remote
124 command) will be made the same as the
127 provision is made for sending arbitrary signals to the remote process,
128 although you may be able to get its attention by using out-of-band data.
130 The protocol is described in detail in
131 .Xr rshd 8 Pq Pa net/bsdrcmds .
135 function is used to obtain a socket to which an address with a Privileged
136 Internet port is bound.
137 This socket is suitable for use by
139 and several other functions.
140 Privileged Internet ports are those in the range 0 to 1023.
141 Only the super-user is allowed to bind an address of this sort
148 functions take a remote host's IP address or name, as returned by the
150 routines, two user names and a flag indicating whether the local user's
151 name is that of the super-user.
154 the super-user, it checks the
157 If that lookup is not done, or is unsuccessful, the
159 in the local user's home directory is checked to see if the request for
162 If this file does not exist, is not a regular file, is owned by anyone
163 other than the user or the super-user, or is writable by anyone other
164 than the owner, the check automatically fails.
165 Zero is returned if the machine name is listed in the
167 file, or the host and remote user name are found in the
174 If the local domain (as obtained from
176 is the same as the remote domain, only the machine name need be specified.
180 function is strongly preferred for security reasons.
181 It requires trusting the local DNS at most, while the
183 function requires trusting the entire DNS, which can be spoofed.
185 The functions with an
194 work the same as the corresponding functions without a
195 suffix, except that they are capable of handling both IPv6 and IPv4 ports.
199 suffix means that the function has an additional
201 argument which is used to specify the address family,
205 argument extension is implemented for functions
206 that have no binary address argument.
209 argument specifies which address family is desired.
213 suffix means that the function has general socket address and
215 As the socket address is a protocol independent data structure,
216 IPv4 and IPv6 socket address can be passed as desired.
219 argument extension is implemented for functions
220 that pass a protocol dependent binary address argument.
221 The argument needs to be replaced with a more general address structure
222 to support multiple address families in a general way.
224 The functions with neither an
228 suffix work for IPv4 only, except for
230 which can handle both IPv6 and IPv4.
231 To switch the address family, the
233 argument must be filled with
246 function, this variable is used as the program to run instead of
247 .Xr rsh 1 Pq Pa net/bsdrcmds .
253 returns a valid socket descriptor on success.
254 It returns -1 on error and prints a diagnostic message
255 on the standard error.
260 returns a valid, bound socket descriptor on success.
261 It returns -1 on error with the global value
263 set according to the reason for failure.
266 is overloaded to mean ``All network ports in use.''
268 .Xr rlogin 1 Pq Pa net/bsdrcmds ,
269 .Xr rsh 1 Pq Pa net/bsdrcmds ,
271 .Xr rlogind 8 Pq Pa net/bsdrcmds ,
272 .Xr rshd 8 Pq Pa net/bsdrcmds
276 .%T "Advanced Socket API for IPv6"
283 .%T "Advanced Socket API for IPv6"
288 functions appeared in
293 appeared in RFC 2292, and was implemented by the WIDE project
294 for the Hydrangea IPv6 protocol stack kit.
298 appeared in draft-ietf-ipngwg-rfc2292bis-01.txt,
299 and was implemented in the WIDE/KAME IPv6 protocol stack kit.
303 appeared in discussion on the IETF ipngwg mailing list,
304 and was implemented in