DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH
 

rcmd(TC)


rcmd -- remote shell command execution

Syntax

rcmd node [ -l user ] [ -n ] [ -s ] [ command ]

/usr/hosts/node [ -l user ] [ -n ] [ -s ] [ command ]

Description

rcmd sends command to node for execution. It passes the resulting remote command its own standard input and outputs the remote command's standard output and standard error. Command can consist of more than one parameter. The second, simplified form of the command is equivalent to the first, but is only available if the system administrator previously ran mkhosts(ADMN). Interrupt, quit, and terminate signals received by rcmd are also received by the remote command; rcmd normally terminates at the same time as the remote command.

If command is omitted, rcmd simply runs rlogin(TC).

By default, the command belongs to the user on the remote node with the same name as the user who ran rcmd. This means that the resulting processes belong to the remote user and begin with the remote user's home directory as their working directory. Options permit you to specify another user on node as the owner. In any case, if the user account requires a password, the remote system must have declared the local user equivalent to the remote user: an entry in /etc/hosts.equiv or in a .rhosts file in the current directory (normally the home directory) of the target user will demonstrate equivalence. (See rcmd(SLIB)).

If an account has no password, any user can use rcmd or rcp commands to access that account. In this case, an entry in /etc/hosts.equiv or in a .rhosts file is not required.

rcmd understands the following options:


-l user
The command is to belong to user on node.

-n
Prevent the remote command from blocking on input by making its standard input be /dev/null instead of rcmd's standard input.

If -n is not specified, rcmd reads the local standard input regardless of whether the remote machine reads standard input.


-s
Propagate signals received on the controlling terminal across the network connection to the process on the remote system.

Without -s, rcmd propagates SIGINT, SIGQUIT, SIGTERM, and SIGPIPE with action PASSTHROUGH.

With -s, rcmd propagates signals according to the following table:

signal action
SIGHUP SENDTERM
SIGINT PASSTHROUGH
SIGQUIT PASSTHROUGH
SIGILL ABORT
SIGTRAP ABORT
SIGIOT ABORT
SIGEMT ABORT
SIGFPE ABORT
SIGBUS ABORT
SIGSEGV ABORT
SIGSYS ABORT
SIGPIPE PASSTHROUGH
SIGALRM PASSTHROUGH
SIGTERM PASSTHROUGH
SIGUSR1 PASSTHROUGH
SIGUSR2 PASSTHROUGH
SIGPWR SENDTERM
SIGWINCH PASSTHROUGH
SIGTSTP PASSTHROUGH
SIGCONT PASSTHROUGH
SIGTTIN PASSTHROUGH
SIGTTOU PASSTHROUGH

 signal     action
 SIGHUP     SENDTERM
 SIGINT     PASSTHROUGH
 SIGQUIT    PASSTHROUGH
 SIGILL     ABORT
 SIGTRAP    ABORT
 SIGIOT     ABORT
 SIGEMT     ABORT
 SIGFPE     ABORT
 SIGBUS     ABORT
 SIGSEGV    ABORT
 SIGSYS     ABORT
 SIGPIPE    PASSTHROUGH
 SIGALRM    PASSTHROUGH
 SIGTERM    PASSTHROUGH
 SIGUSR1    PASSTHROUGH
 SIGUSR2    PASSTHROUGH
 SIGPWR     SENDTERM
 SIGWINCH   PASSTHROUGH
 SIGTSTP    PASSTHROUGH
 SIGCONT    PASSTHROUGH
 SIGTTIN    PASSTHROUGH
 SIGTTOU    PASSTHROUGH
Actions include:

SENDTERM
send remote a SIGTERM.

ABORT
send remote a SIGTERM and then core dump the local process.

PASSTHROUGH
send remote the given signal.

Should rcmd receive a signal other than one which it has been set to propagate (for example, SIGKILL), it will terminate and the remote process will not be effected.

Authenticated rcmd using Kerberos

Authenticated rcmd attempts to connect to a port (kshell) other than the standard shell port. kshell is assigned to port 544/tcp in /etc/services.

If the connection to the kshell port succeeds in reaching an authenticated rshd server, rcmd establishes authentication. If rcmd cannot connect to kshell, it aborts the connection and retries using the standard shell port. If that succeeds, the connection is unauthenticated.

If the remote rshd server is in strict mode and authentication fails, one of the following error messages is displayed:


Connection refused
rshd is not listening on the standard shell port

rshd: Authentication is required on host: hostname
The administrator has configured rshd to listen on the standard port, but to refuse unauthenticated service and print this message.
To execute authenticated remote commands with rcmd, the user must have network credentials, and the user's principal name must appear in the $HOME/.k5login file on the remote host (this file must be writable only by the user or by root, and it must be readable by root in the filesystem where it resides).

Examples

The following command runs who on a node called ``central,'' putting the output in a file on the local machine.

rcmd central who > /tmp/c.who

The next example puts the same output on the remote machine.

rcmd central who \> /tmp/c.who

As the above examples illustrate, metacharacters to be interpreted by the remote shell must be hidden from the local shell. Thus

rcmd central cd /etc ; cat passwd

clearly does not do what was intended because the semicolon is interpreted by the local shell, not the remote shell, and the remote shell never even sees the cat command. Either of the following commands properly escapes the semicolon:

rcmd central cd /etc \; cat passwd
rcmd central 'cd /etc ; cat passwd'

Limitations

rshd(ADMN) must be running on the target machine.

In other installations, this command is called rsh.

Authentication is based on Version 5 of the Kerberos Network Authentication Service protocol. Only this version of the protocol is supported.

Data encryption is not supported.

Files


$HOME/.k5login
equivalent users for authenticated rcmd

$HOME/.rhosts
equivalent users

/etc/hosts.equiv
list of trusted hosts

/etc/services
list of Internet services

/krb5/v5srvtab
local default service key table

See also

hosts.equiv(SFF), kinit(TC), mkhosts(ADMN), rlogin(TC), rshd(ADMN), services(SFF)

Standards conformance

rcmd is not part of any currently supported standard. It is an extension of AT&T UNIX System V provided by The Santa Cruz Operation, Inc.
© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003