| Age | Commit message (Collapse) | Author |
|---|
|
When a user isn't allowed to log into a file server, we
used to silently dump the user back to the console,
reporting that the command succeeded.
We should give the user an error when they fail to log in,
and we should exit unsuccessfully.
This status is communicated by setting up a sentinel env
var, and clearning it just before we execute the user
command.
|
|
|
|
|
|
|
|
the rcpu client dup's fd 0,1,2 to fd 10,11,12 which
can accidentally override the pipe file descriptor
allocated by the <{} operator. to avoid this problem,
we generate the remote script as an /env file in a
separate step now.
|
|
when the cat that forwards notes on the remote exits,
send a hangup note so processes wont keep hanging arround.
|
|
|
|
this is a reimplementation of cpu and import utilities in rc using a tlsclient
and tlssrv as the encryption and authentication layers. there is only one new
service, which after authentication and encryption setup accepts an arbitrary
rc script over the network and executes it with the standard filedescriptors
redirected to the conversaion (this is *after* authentication and in the
context of the authorized user).
the new rcpu program has a few improvements over cpu(1):
- doesnt mangle program arguments
- the remote process will get the clients standard file descriptors, so error
and output are separated and you can consume the clients input from the
remote side :-)
- forwards error status of remote process
theres no backwards mode for rimport, but a new program called rexport
for the same purpose.
all these services use exportfs without the bolted on initial handshake,
so the hope is to clean up exportfs in the future and remove all the ugly
crap in there.
|
