source: web/old/remctl-2.14/examples/rsh-wrapper @ f6f3e91

web
Last change on this file since f6f3e91 was f6f3e91, checked in by Jessica B. Hamrick <jhamrick@…>, 15 years ago

Preserve directory hierarchy (not sure what happened to it)

  • Property mode set to 100755
File size: 1.6 KB
Line 
1#!/bin/sh
2#
3# One of the things that one can do with remctl is create commands that
4# actually run on remote systems, or even emulate rsh with tighter ACLs
5# and no remote accounts.
6#
7# For example, suppose you want to let users run a variety of commands
8# on remote servers.  First, write a program that looks at its first
9# argument to figure out what command to run and then passes along its other
10# arguments appropriately.  Install that program on the systems where users
11# should be able to start commands.  On each system, also install remctld
12# with a configuration file containing something like:
13#
14#     start ANY /usr/local/sbin/start-backend /etc/remctl/acl/starters
15#
16# where /usr/local/sbin/start-backend is that implementation.  Put the
17# Kerberos principals of the people who should be able to run the backend in
18# /etc/remctl/acl/starters.
19#
20# Now, install the following script as "start".  Users can then type:
21#
22#     start <host> <action> <option> ...
23#
24# very similar to the syntax of rsh.  In fact, if you use "rsh" as the type
25# in your remctld configuration, you can even install this script as rsh.
26#
27# This means that you can even tell software that only knows how to use
28# rsh that the start script is your rsh program and let that software run
29# remote commands with the tighter ACL checking of remctld and no need for
30# an account on the remote system.
31#
32# This idea and sample script are from Romain LENGLET.
33
34if [ $# -lt 2 ] ; then
35    echo "Invalid number of parameters"
36    exit 1
37fi
38TYPE="$0"
39HOST="$1"
40SERVICE="$2"
41shift 2
42exec remctl "${HOST}" "${TYPE}" "${SERVICE}" "$@"
Note: See TracBrowser for help on using the repository browser.