rcmd, rresvport, ruserok -- routines for returning a stream to a remote command


cc ... -lsocket

rcmd (ahost, inport, locuser, remuser, cmd, fd2p)
char **ahost;
u_short inport;
char *locuser, *remuser, *cmd;
int *fd2p;

int rresvport (port) int *port;

int ruserok (rhost, superuser, ruser, luser) char *rhost; int superuser; char *ruser, *luser;


rcmd( ) is a routine used by the superuser to execute a command on a remote machine using an authentication scheme based on reserved port numbers. rresvport( ) is a routine that returns a descriptor to a socket with an address in the privileged port space. ruserok( ) is a routine used by servers to authenticate clients requesting service with rcmd( ). All three functions are present in the same file and are used by various servers, including rshd(ADMN) server.

rcmd( ) looks up the host *ahost using gethostbyname(SLIB), returning -1 if the host does not exist. Otherwise *ahost is set to the standard name of the host and a connection is established to a server residing at the well-known Internet port inport.

If the call succeeds, a socket of type SOCK_STREAM is returned to the caller and given to the remote command as stdin and stdout. If fd2p is non-zero, an auxiliary channel to a control process is set up, and a descriptor for it is placed in *fd2p. The control process returns diagnostic output from the command (unit 2) on this channel, and also accepts bytes on this channel as being signal numbers, to be forwarded to the process group of the command. If fd2p is 0, the stderr (unit 2 of the remote command) is made the same as the stdout. No provision is made for sending arbitrary signals to the remote process, although you may be able to get its attention by using out-of-band data.

The protocol is described in detail in rshd(ADMN).

The rresvport routine is used to obtain a socket with a privileged address bound to it. This socket is suitable for use by rcmd and several other routines. Privileged addresses consist of a port in the range 0 to 1023. Only the superuser is allowed to bind an address of this sort to a socket.

ruserok takes a remote host's name, as returned by a gethostbyname(SLIB) routine, two user names and a flag indicating if the local user's name is the superuser. If the user is not the superuser, it checks the /etc/hosts.equiv file. If that lookup is not done, or is unsuccessful, the .rhosts in the local user's home directory is checked to see if the request for service is allowed. If this file is owned by anyone other than the user or the superuser, or if it is readable or writeable by anyone other than the owner, the check automatically fails. A return value of zero is returned if the machine name is listed in the hosts.equiv file or if the host and remote user name are found in the .rhosts file; otherwise ruserok returns -1.


There is no way to specify options to the socket call which rcmd makes.

Differences between versions

For releases prior to SCO OpenServer Release 5.0.6, rcmd may succeed even if the permissions for the .rhosts file are greater than 600.

See also

gethostbyname(SLIB) hosts.equiv(SFF), rcmd(TC), rexec(SLIB), rexecd(ADMN), rlogin(TC), rlogind(ADMN), rshd(ADMN)
© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003