1 | =for stopwords |
---|
2 | remctl const API hostname IP NUL-terminated GSS-API DNS KRB5CCNAME NULs |
---|
3 | ENOMEM CNAME lookups canonicalization libdefaults canonicalize Allbery |
---|
4 | DNS-based |
---|
5 | |
---|
6 | =head1 NAME |
---|
7 | |
---|
8 | remctl, remctl_result_free - Simple remctl call to a remote server |
---|
9 | |
---|
10 | =head1 SYNOPSIS |
---|
11 | |
---|
12 | #include <remctl.h> |
---|
13 | |
---|
14 | struct remctl_result * |
---|
15 | B<remctl>(const char *I<host>, unsigned short I<port>, |
---|
16 | const char *I<principal>, const char **I<command>); |
---|
17 | |
---|
18 | void B<remctl_result_free>(struct remctl_result *I<result>); |
---|
19 | |
---|
20 | =head1 DESCRIPTION |
---|
21 | |
---|
22 | remctl() provides a simplified client API for the remctl protocol. Given |
---|
23 | the host, port, service principal for authentication, and command to run, |
---|
24 | it opens a connection to the remote system, sends the command via the |
---|
25 | remctl protocol, reads the results, closes the connection, and returns the |
---|
26 | result as a remctl_result struct. |
---|
27 | |
---|
28 | I<host> is a hostname or IP address and must be non-NULL. I<port> is the |
---|
29 | port to connect to; if 0, the library first attempts to connect to the |
---|
30 | registered port of 4373 and then tries the legacy port of 4444 if that |
---|
31 | fails. Future versions of the library will drop this fallback to 4444. |
---|
32 | I<principal> is the service principal to use for authentication; if NULL, |
---|
33 | C<host/I<host>> is used, with the realm determined by domain-realm |
---|
34 | mapping. I<command> is the command to run as a NULL-terminated array of |
---|
35 | NUL-terminated strings. |
---|
36 | |
---|
37 | If no principal is specified and the default is used, the underlying |
---|
38 | GSS-API library may canonicalize I<host> via DNS before determining the |
---|
39 | service principal, depending on your library configuration. Specifying a |
---|
40 | principal disables this behavior. |
---|
41 | |
---|
42 | The remctl protocol uses Kerberos v5 via GSS-API for authentication. The |
---|
43 | underlying GSS-API library will use the default ticket cache for |
---|
44 | authentication, so to successfully use remctl(), the caller should already |
---|
45 | have Kerberos tickets for an appropriate realm stored in its default |
---|
46 | ticket cache. The environment variable KRB5CCNAME can be used to control |
---|
47 | which ticket cache is used. |
---|
48 | |
---|
49 | remctl() returns a newly allocated remctl_result struct, which has the |
---|
50 | following members: |
---|
51 | |
---|
52 | struct remctl_result { |
---|
53 | char *error; /* remctl error if non-NULL. */ |
---|
54 | char *stdout_buf; /* Standard output. */ |
---|
55 | size_t stdout_len; /* Length of standard output. */ |
---|
56 | char *stderr_buf; /* Standard error. */ |
---|
57 | size_t stderr_len; /* Length of standard error. */ |
---|
58 | int status; /* Exit status of remote command. */ |
---|
59 | }; |
---|
60 | |
---|
61 | If error is non-NULL, a protocol error occurred and the command was not |
---|
62 | successfully completed. Otherwise, standard output from the command will |
---|
63 | be stored in stdout_buf with the length in stdout_len, standard error from |
---|
64 | the command will be stored in stderr_buf with the length in stderr_len, |
---|
65 | and status will hold the exit status of the command. Following the |
---|
66 | standard Unix convention, a 0 status should normally be considered success |
---|
67 | and any non-zero status should normally be considered failure, although a |
---|
68 | given command may have its own exit status conventions. |
---|
69 | |
---|
70 | remctl_result_free() frees the remctl_result struct when the calling |
---|
71 | program is through with it. |
---|
72 | |
---|
73 | If you want more control over the steps of the protocol, if you want to |
---|
74 | issue multiple commands on the same connection, or if you need to send |
---|
75 | data as part of the command that contains NULs, use the full API described |
---|
76 | in remctl_new(3), remctl_open(3), remctl_commandv(3), and |
---|
77 | remctl_output(3). |
---|
78 | |
---|
79 | =head1 RETURN VALUE |
---|
80 | |
---|
81 | remctl() returns NULL on failure to allocate a new remctl_result struct or |
---|
82 | on failure to allocate space to store an error message. Otherwise, it |
---|
83 | returns a newly allocated remctl_result struct with either an error |
---|
84 | message in the error field or the results of the command filled out as |
---|
85 | described above. If remctl() returns NULL, errno will be set to an |
---|
86 | appropriate error code (generally ENOMEM). |
---|
87 | |
---|
88 | =head1 CAVEATS |
---|
89 | |
---|
90 | If the I<principal> argument to remctl() is NULL, most GSS-API libraries |
---|
91 | will canonicalize the I<host> using DNS before deriving the principal name |
---|
92 | from it. This means that when connecting to a remctl server via a CNAME, |
---|
93 | remctl() will normally authenticate using a principal based on the |
---|
94 | canonical name of the host instead of the specified I<host> parameter. |
---|
95 | This behavior may cause problems if two consecutive DNS lookups of I<host> |
---|
96 | may return two different results, such as with some DNS-based |
---|
97 | load-balancing systems. |
---|
98 | |
---|
99 | The canonicalization behavior is controlled by the GSS-API library; with |
---|
100 | the MIT Kerberos GSS-API library, canonicalization can be disabled by |
---|
101 | setting C<rdns> to false in the [libdefaults] section of F<krb5.conf>. It |
---|
102 | can also be disabled by passing an explicit Kerberos principal name via |
---|
103 | the I<principal> argument, which will then be used without changes. If |
---|
104 | canonicalization is desired, the caller may wish to canonicalize I<host> |
---|
105 | before calling remctl() to avoid problems with multiple DNS calls |
---|
106 | returning different results. |
---|
107 | |
---|
108 | The default behavior, when a port of 0 is given, of trying 4373 and |
---|
109 | falling back to 4444 will be removed in a future version of this library |
---|
110 | in favor of using the C<remctl> service in F</etc/services> if set and |
---|
111 | then falling back on only 4373. 4444 was the poorly-chosen original |
---|
112 | remctl port and should be phased out. |
---|
113 | |
---|
114 | =head1 NOTES |
---|
115 | |
---|
116 | The remctl port number, 4373, was derived by tracing the diagonals of a |
---|
117 | QWERTY keyboard up from the letters C<remc> to the number row. |
---|
118 | |
---|
119 | =head1 SEE ALSO |
---|
120 | |
---|
121 | remctl_new(3), remctl_open(3), remctl_command(3), remctl_commandv(3), |
---|
122 | remctl_output(3), remctl_close(3) |
---|
123 | |
---|
124 | The current version of the remctl library and complete details of the |
---|
125 | remctl protocol are available from its web page at |
---|
126 | L<http://www.eyrie.org/~eagle/software/remctl/>. |
---|
127 | |
---|
128 | =head1 AUTHOR |
---|
129 | |
---|
130 | Russ Allbery <rra@stanford.edu> |
---|
131 | |
---|
132 | =cut |
---|