'\" te
.\" Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved.
.TH rpc.rexd 1M "10 May 2012" "SunOS 5.11" "System Administration Commands"
.SH NAME
rpc.rexd, rexd \- RPC-based remote execution server
.SH SYNOPSIS
.LP
.nf
\fB/usr/sbin/rpc.rexd\fR [\fB-s\fR]
.fi

.SH DESCRIPTION
.sp
.LP
\fBrpc.rexd\fR is the Oracle Sun \fBRPC\fR server for remote program execution. This daemon is started by \fBinetd\fR(1M) whenever a remote execution request is made.
.sp
.LP
For non-interactive programs, the standard file descriptors are connected directly to \fBTCP\fR connections. Interactive programs involve pseudo-terminals, in a fashion that is similar to the login sessions provided by \fBrlogin\fR(1). This daemon may use \fBNFS\fR to mount file systems specified in the remote execution request.
.sp
.LP
There is a \fB10240\fR byte limit for arguments to be encoded and passed from the sending to the receiving system.
.SH OPTIONS
.sp
.LP
The following option is supported:
.sp
.ne 2
.mk
.na
\fB\fB-s\fR\fR
.ad
.RS 6n
.rt  
Secure. When specified, requests must have valid \fBDES\fR credentials. If the request does not have a \fBDES\fR credential it is rejected. The default publickey credential is rejected. Only newer \fBon\fR(1) commands send \fBDES\fR credentials.
.sp
If access is denied with an authentication error, you may have to set your publickey with the \fBchkey\fR(1) command.
.sp
Specifying the \fB-s\fR option without presenting secure credentials will result in an error message: \fBUnix too weak auth (DesONly)!\fR
.RE

.SH SECURITY
.sp
.LP
\fBrpc.rexd\fR uses \fBpam\fR(3PAM) for account and session management. The \fBPAM\fR configuration policy, configured in \fB/etc/pam.conf\fR or per-service files in \fB/etc/pam.d/\fR, specifies the modules to be used for \fBrpc.rexd\fR. Here is a partial \fBpam.conf\fR file with \fBrpc.rexd\fR entries for account and session management using the UNIX module:
.sp
.in +2
.nf
rpc.rexd   account requisite       pam_roles.so.1
rpc.rexd   account required        pam_projects.so.1
rpc.rexd   account required        pam_unix_account.so.1

rpc.rexd      session required      pam_unix_session.so.1
.fi
.in -2

.sp
.LP
The equivalent PAM configuration in \fB/etc/pam.d/\fR would be the following entries in \fB/etc/pam.d/rpc.rexd\fR:
.sp
.in +2
.nf
account requisite         pam_roles.so.1
account required                  pam_projects.so.1
account required                  pam_unix_account.so.1

session required                  pam_unix_session.so.1
.fi
.in -2
.sp

.sp
.LP
If there are no entries for the \fBrpc.rexd\fR service in \fB/etc/pam.conf\fR and no \fB/etc/pam.d/rpc.rexd\fR file exists, then the entries for the "other" service in \fB/etc/pam.conf\fR will be used. If there are not any entries in \fB/etc/pam.conf\fR for the "other" service, then the entries in \fB/etc/pam.d/other\fR will be used. \fBrpc.rexd\fR uses the \fBgetpwuid()\fR call to determine whether the given user is a legal user.
.SH FILES
.sp
.ne 2
.mk
.na
\fB\fB/dev/pts\fIn\fR\fR\fR
.ad
.RS 23n
.rt  
Pseudo-terminals used for interactive mode
.RE

.sp
.ne 2
.mk
.na
\fB\fB/etc/passwd\fR\fR
.ad
.RS 23n
.rt  
Authorized users
.RE

.sp
.ne 2
.mk
.na
\fB\fB/tmp_rex/rexd??????\fR\fR
.ad
.RS 23n
.rt  
Temporary mount points for remote file systems
.RE

.SH ATTRIBUTES
.sp
.LP
See \fBattributes\fR(5) for descriptions of the following attributes:
.sp

.sp
.TS
tab() box;
cw(2.75i) |cw(2.75i) 
lw(2.75i) |lw(2.75i) 
.
ATTRIBUTE TYPEATTRIBUTE VALUE
_
Availabilitysystem/network/nis
.TE

.SH SEE ALSO
.sp
.LP
\fBchkey\fR(1), \fBon\fR(1), \fBrlogin\fR(1), \fBsvcs\fR(1), \fBinetadm\fR(1M), \fBinetd\fR(1M), \fBsvcadm\fR(1M), \fBpam\fR(3PAM), \fBpam.conf\fR(4), \fBpublickey\fR(4), \fBattributes\fR(5), \fBpam_authtok_check\fR(5), \fBpam_authtok_get\fR(5), \fBpam_authtok_store\fR(5), \fBpam_dhkeys\fR(5), \fBpam_passwd_auth\fR(5), \fBpam_unix_account\fR(5), \fBpam_unix_auth\fR(5), \fBpam_unix_session\fR(5), \fBsmf\fR(5)
.SH DIAGNOSTICS
.sp
.LP
Diagnostic messages are normally printed on the console, and returned to the requestor.
.SH NOTES
.sp
.LP
Root cannot execute commands using \fBrexd\fR client programs such as \fBon\fR(1).
.sp
.LP
The \fBrpc.rexd\fR service is managed by the service management facility, \fBsmf\fR(5), under the service identifier:
.sp
.in +2
.nf
svc:/network/rpc/rex:default
.fi
.in -2
.sp

.sp
.LP
Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using \fBsvcadm\fR(1M). Responsibility for initiating and restarting this service is delegated to \fBinetd\fR(1M). Use \fBinetadm\fR(1M) to make configuration changes and to view configuration information for this service. The service's status can be queried using the \fBsvcs\fR(1) command.