HP-UX Reference (11i v2 03/08) - 1M System Administration Commands N-Z (vol 4)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

201

202

203

204

205

206

207

208

209

210

rexd(1M) rexd(1M)

NAME

rexd - RPC-based remote execution server

SYNOPSIS

/usr/sbin/rpc.rexd

[-l log_ﬁle][

-m mountdir ][-r]

DESCRIPTION

rexd is the RPC server for remote command execution. A

rexd is started by inetd when a remote exe-

cution request is received (see inetd(1M)).

rexd

exits when command execution has completed.

If the user ID (uid) in the remote execution request is assigned to a user on the server,

rexd executes the

command as that user. If no user on the server is assigned to the uid,

rexd does not execute the com-

mand. The

-r option and inetd.sec security ﬁle allow for better access control (see inetd.sec (4)).

For noninteractive commands, standard output and error ﬁle descriptors are connected to sockets.

Interactive commands use pseudo terminals for standard input, output, and error (see pty(7)).

If the ﬁle system speciﬁed in the remote execution request is not already mounted on the server,

rexd

uses NFS to mount the ﬁle system for the duration of the command execution (see nfs(7)).

rexd mounts

ﬁle systems with the

nosuid and soft

options. For more details on mount options see mount(1M). If

the server cannot mount the ﬁle system, an error message is returned to the client. By default, any

mount points required by

rexd are created below /var/spool/rexd

. To change the default location,

use the

-m option.

Options

rexd recognizes the following options and command-line arguments:

-l log_file Log any diagnostic, warning, and error messages to log_ﬁle.Iflog_ﬁle exists,

rexd appends messages to the ﬁle. If log_ﬁle does not exist, rexd creates it.

Messages are not logged if the -l option is not speciﬁed.

Information logged to the ﬁle includes date and time of the error, host name,

process ID and name of the function generating the error, and the error mes-

sage. Note that different RPC services can share a single log ﬁle because

enough information is included to uniquely identify each error.

-m mountdir Create temporary mount points below directory mountdir. By default, rexd

creates temporary mount points below /var/spool/rexd

. The directory

mountdir should have read and execute permission for all users (mode 555).

Otherwise,

rexd denies execution for users that do not have read and execute

permission.

-r Use increased security checking. When started with the -r option, rexd

denies execution access to a client unless one of the following conditions is

met:

• The name of the client host is in

/etc/hosts.equiv ﬁle on the

server.

• The user on the server that is associated with the uid sent by the

client has an entry in

$HOME/.rhosts specifying the client name

on a line or the client name followed by at least one blank and the

user’s name.

For example, assume a user whose login name is

mjk is assigned to

uid 7 on NODE1 and executes the following on command:

on NODE2 pwd

User mjk on NODE2 must have one of the following entries in

$HOME/.rhosts:

NODE1

NODE1 mjk

Section 1M−−672 Hewlett-Packard Company − 1 − HP-UX 11i Version 2: August 2003