RPC.REXD(1M)RPC.REXD(1M)NAME
rpc.rexd, rexd - RPC-based remote execution server
SYNOPSIS
/usr/sbin/rpc.rexd [-s]
DESCRIPTION
rpc.rexd is the Sun RPC server for remote program execution. This dae‐
mon is started by inetd(1M) whenever a remote execution request is
made.
For non-interactive programs, the standard file descriptors are con‐
nected directly to TCP connections. Interactive programs involve
pseudo-terminals, in a fashion that is similar to the login sessions
provided by rlogin(1). This daemon may use NFS to mount file systems
specified in the remote execution request.
There is a 10240 byte limit for arguments to be encoded and passed from
the sending to the receiving system.
OPTIONS
The following option is supported:
-s
Secure. When specified, requests must have valid DES credentials.
If the request does not have a DES credential it is rejected. The
default publickey credential is rejected. Only newer on(1) com‐
mands send DES credentials.
If access is denied with an authentication error, you may have to
set your publickey with the chkey(1) command.
Specifying the -s option without presenting secure credentials
will result in an error message: Unix too weak auth (DesONly)!
SECURITY
rpc.rexd uses pam(3PAM) for account and session management. The PAM
configuration policy, listed through /etc/pam.conf, specifies the mod‐
ules to be used for rpc.rexd. Here is a partial pam.conf file with
rpc.rexd entries for account and session management using the UNIX mod‐
ule.
rpc.rexd account requisite pam_roles.so.1
rpc.rexd account required pam_projects.so.1
rpc.rexd account required pam_unix_account.so.1
rpc.rexd session required pam_unix_session.so.1
If there are no entries for the rpc.rexd service, the entries for the
"other" service will be used. rpc.rexd uses the getpwuid() call to
determine whether the given user is a legal user.
FILES
/dev/ptsn
Pseudo-terminals used for interactive mode
/etc/passwd
Authorized users
/tmp_rex/rexd??????
Temporary mount points for remote file systems
SEE ALSOchkey(1), on(1), rlogin(1), svcs(1), inetadm(1M), inetd(1M),
svcadm(1M), pam(3PAM), pam.conf(4), publickey(4), attributes(5),
pam_authtok_check(5), pam_authtok_get(5), pam_authtok_store(5),
pam_dhkeys(5), pam_passwd_auth(5), pam_unix_account(5),
pam_unix_auth(5), pam_unix_session(5), smf(5)DIAGNOSTICS
Diagnostic messages are normally printed on the console, and returned
to the requestor.
NOTES
Root cannot execute commands using rexd client programs such as on(1).
The pam_unix(5) module is no longer supported. Similar functionality is
provided by pam_authtok_check(5), pam_authtok_get(5), pam_auth‐
tok_store(5), pam_dhkeys(5), pam_passwd_auth(5), pam_unix_account(5),
pam_unix_auth(5), and pam_unix_session(5).
The rpc.rexd service is managed by the service management facility,
smf(5), under the service identifier:
svc:/network/rpc/rex:default
Administrative actions on this service, such as enabling, disabling, or
requesting restart, can be performed using svcadm(1M). Responsibility
for initiating and restarting this service is delegated to inetd(1M).
Use inetadm(1M) to make configuration changes and to view configuration
information for this service. The service's status can be queried using
the svcs(1) command.
Nov 5, 2004 RPC.REXD(1M)