rcmd(TC)

rcmd -- remote shell command execution

rsh- remote shell command execution

Syntax

rcmd|rsh node [ -l user ] [ -n ] [ -s ] [ command ]

/usr/hosts/node [ -l user ] [ -n ] [ -s ] [ command ]

Description

rcmd (linked to /bin/rsh) sends command to node for execution. It passes the resulting remote command its own standard input and outputs the remote command's standard output and standard error. Command can consist of more than one parameter. The second, simplified form of the command is equivalent to the first, but is only available if the system administrator previously ran mkhosts(ADMN). Interrupt, quit, and terminate signals received by rcmd are also received by the remote command; rcmd normally terminates at the same time as the remote command.

If command is omitted, rcmd simply runs rlogin(TC).

By default, the command belongs to the user on the remote node with the same name as the user who ran rcmd. This means that the resulting processes belong to the remote user and begin with the remote user's home directory as their working directory. Options permit you to specify another user on node as the owner. In any case, if the user account requires a password, the remote system must have declared the local user equivalent to the remote user: an entry in /etc/hosts.equiv or in a .rhosts file in the current directory (normally the home directory) of the target user will demonstrate equivalence. (See rcmd(SLIB)).

If an account has no password, any user can use rcmd or rcp commands to access that account. In this case, an entry in /etc/hosts.equiv or in a .rhosts file is not required.

rcmd understands the following options:

-l user

The command is to belong to user on node.

-n

Prevent the remote command from blocking on input by making its standard input be /dev/null instead of rcmd's standard input.

If -n is not specified, rcmd reads the local standard input regardless of whether the remote machine reads standard input.

-s

Propagate signals received on the controlling terminal across the network connection to the process on the remote system.

Without -s, rcmd propagates SIGINT, SIGQUIT, SIGTERM, and SIGPIPE with action PASSTHROUGH.

With -s, rcmd propagates signals according to the following table:

signal action

SIGHUP SENDTERM

SIGINT PASSTHROUGH

SIGQUIT PASSTHROUGH

SIGILL ABORT

SIGTRAP ABORT

SIGIOT ABORT

SIGEMT ABORT

SIGFPE ABORT

SIGBUS ABORT

SIGSEGV ABORT

SIGSYS ABORT

SIGPIPE PASSTHROUGH

SIGALRM PASSTHROUGH

SIGTERM PASSTHROUGH

SIGUSR1 PASSTHROUGH

SIGUSR2 PASSTHROUGH

SIGPWR SENDTERM

SIGWINCH PASSTHROUGH

SIGTSTP PASSTHROUGH

SIGCONT PASSTHROUGH

SIGTTIN PASSTHROUGH

SIGTTOU PASSTHROUGH

Actions include:

signal	action
SIGHUP	SENDTERM
SIGINT	PASSTHROUGH
SIGQUIT	PASSTHROUGH
SIGILL	ABORT
SIGTRAP	ABORT
SIGIOT	ABORT
SIGEMT	ABORT
SIGFPE	ABORT
SIGBUS	ABORT
SIGSEGV	ABORT
SIGSYS	ABORT
SIGPIPE	PASSTHROUGH
SIGALRM	PASSTHROUGH
SIGTERM	PASSTHROUGH
SIGUSR1	PASSTHROUGH
SIGUSR2	PASSTHROUGH
SIGPWR	SENDTERM
SIGWINCH	PASSTHROUGH
SIGTSTP	PASSTHROUGH
SIGCONT	PASSTHROUGH
SIGTTIN	PASSTHROUGH
SIGTTOU	PASSTHROUGH

SENDTERM: send remote a SIGTERM.
ABORT: send remote a SIGTERM and then core dump the local process.
PASSTHROUGH: send remote the given signal.

Should rcmd receive a signal other than one which it has been set to propagate (for example, SIGKILL), it will terminate and the remote process will not be effected.

Authenticated rcmd using Kerberos

Authenticated rcmd attempts to connect to a port (kshell) other than the standard shell port. kshell is assigned to port 544/tcp in /etc/services.

If the connection to the kshell port succeeds in reaching an authenticated rshd server, rcmd establishes authentication. If rcmd cannot connect to kshell, it aborts the connection and retries using the standard shell port. If that succeeds, the connection is unauthenticated.

If the remote rshd server is in strict mode and authentication fails, one of the following error messages is displayed:

Connection refused: rshd is not listening on the standard shell port
rshd: Authentication is required on host: hostname: The administrator has configured rshd to listen on the standard port, but to refuse unauthenticated service and print this message.

To execute authenticated remote commands with rcmd, the user must have network credentials, and the user's principal name must appear in the $HOME/.k5login file on the remote host (this file must be writable only by the user or by root, and it must be readable by root in the filesystem where it resides).

Examples

The following command runs who on a node called ``central,'' putting the output in a file on the local machine.

rcmd central who > /tmp/c.who

The next example puts the same output on the remote machine.

rcmd central who \> /tmp/c.who

As the above examples illustrate, metacharacters to be interpreted by the remote shell must be hidden from the local shell. Thus

rcmd central cd /etc ; cat passwd

clearly does not do what was intended because the semicolon is interpreted by the local shell, not the remote shell, and the remote shell never even sees the cat command. Either of the following commands properly escapes the semicolon:

rcmd central cd /etc \; cat passwd
rcmd central 'cd /etc ; cat passwd'

Limitations

rshd(ADMN) must be running on the target machine.

In other installations, this command is called rsh.

Authentication is based on Version 5 of the Kerberos Network Authentication Service protocol. Only this version of the protocol is supported.

Data encryption is not supported.

Files

$HOME/.k5login: equivalent users for authenticated rcmd
$HOME/.rhosts: equivalent users
/etc/hosts.equiv: list of trusted hosts
/etc/services: list of Internet services
/krb5/v5srvtab: local default service key table

Standards conformance

rcmd is not part of any currently supported standard. It is an extension of AT&T UNIX System V provided by The Santa Cruz Operation, Inc.