System Administration Commands rpc.rexd(1M)
NAME
rpc.rexd, rexd - RPC-based remote execution server
SYNOPSIS
/usr/sbin/rpc.rexd [-s]
DESCRIPTION
rpc.rexd is the Sun RPC server for remote program execution.
This daemon is started by inetd(1M) whenever a remote execu-
tion request is made.
For non-interactive programs, the standard file descriptors
are connected directly to TCP connections. Interactive pro-
grams involve pseudo-terminals, in a fashion that is similar
to the login sessions provided by rlogin(1). This daemon may
use NFS to mount file systems specified in the remote execu-
tion request.
There is a 10240 byte limit for arguments to be encoded and
passed from the sending to the receiving system.
OPTIONS
The following option is supported:
-s Secure. When specified, requests must have valid DES
credentials. If the request does not have a DES
credential it is rejected. The default publickey
credential is rejected. Only newer on(1) commands send
DES credentials.
If access is denied with an authentication error, you
may have to set your publickey with the chkey(1) com-
mand.
Specifying the -s option without presenting secure
credentials will result in an error message: Unix too
weak auth (DesONly)!
SECURITY
rpc.rexd uses pam(3PAM) for account and session management.
The PAM configuration policy, listed through /etc/pam.conf,
specifies the modules to be used for rpc.rexd. Here is a
partial pam.conf file with rpc.rexd entries for account and
session management using the UNIX module.
rpc.rexd account requisite pamroles.so.1
rpc.rexd account required pamprojects.so.1
rpc.rexd account required pamunixaccount.so.1
SunOS 5.11 Last change: 5 Nov 2004 1
System Administration Commands rpc.rexd(1M)
rpc.rexd session required pamunixsession.so.1
If there are no entries for the rpc.rexd service, the
entries for the "other" service will be used. rpc.rexd uses
the getpwuid() call to determine whether the given user is a
legal user.
FILES
/dev/ptsn Pseudo-terminals used for interactive
mode
/etc/passwd Authorized users
/tmprex/rexd?????? Temporary mount points for remote
file systems
ATRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
ATRIBUTE TYPE ATRIBUTE VALUE
Availability SUNWnisu
SEE ALSO
chkey(1), on(1), rlogin(1), svcs(1), inetadm(1M), inetd(1M),
svcadm(1M), pam(3PAM), pam.conf(4), publickey(4), attri-
butes(5), pamauthtokcheck(5), pamauthtokget(5),
pamauthtokstore(5), pamdhkeys(5), pampasswdauth(5),
pamunixaccount(5), pamunixauth(5), pamunixsession(5),
smf(5)
DIAGNOSTICS
Diagnostic messages are normally printed on the console, and
returned to the requestor.
NOTES
Root cannot execute commands using rexd client programs such
as on(1).
SunOS 5.11 Last change: 5 Nov 2004 2
System Administration Commands rpc.rexd(1M)
The pamunix(5) module is no longer supported. Similar func-
tionality is provided by pamauthtokcheck(5),
pamauthtokget(5), pamauthtokstore(5), pamdhkeys(5),
pampasswdauth(5), pamunixaccount(5), pamunixauth(5),
and pamunixsession(5).
The rpc.rexd service is managed by the service management
facility, smf(5), under the service identifier:
svc:/network/rpc/rex:default
Administrative actions on this service, such as enabling,
disabling, or requesting restart, can be performed using
svcadm(1M). Responsibility for initiating and restarting
this service is delegated to inetd(1M). Use inetadm(1M) to
make configuration changes and to view configuration infor-
mation for this service. The service's status can be queried
using the svcs(1) command.
SunOS 5.11 Last change: 5 Nov 2004 3
|
