ruserok()

Check the identity of a remote host

Synopsis:

#include <unistd.h>

int ruserok( char * rhost, 
             int superuser,
             char * ruser,
             char * luser );

Arguments:

rhost
The name of the remote host, as returned by gethostbyaddr().
superuser
Nonzero if the local user is the superuser, zero otherwise.
ruser
The name of the remote user.
luser
The name of the local user.

Library:

libsocket

Use the -l socket option to qcc to link against this library.

Description:

The ruserok() routine checks the identity of a remote host. It's used by servers to authenticate clients requesting service with rcmd().

The rcmd(), rresvport(), and ruserok() functions are used by the rshd server (see the Utilities Reference), among others.

The ruserok() function takes a remote host's name (as returned by the gethostbyaddr() routine), two user names, and a flag indicating whether the local user's name is that of the superuser. Then, if the user isn't the superuser, it checks the file /etc/hosts.equiv (described in the Utilities Reference).

If that lookup isn't done, or is unsuccessful, the .rhosts file in the local user's home directory is checked to see if the request for service is allowed. If this file is owned by anyone other than the user or the superuser, or if it's writable by anyone other than the owner, the check automatically fails.

If the local domain obtained from gethostname() is the same as the remote domain, only the machine name need be specified.

Returns:

0
The machine name is listed in the hosts.equiv file, or the host and remote username were found in the .rhosts file.
-1
An error occurred (errno is set).

Errors:

The error code EAGAIN is overloaded to mean “All network ports in use.”

Classification:

Unix

Safety:
Cancellation point Yes
Interrupt handler No
Signal handler No
Thread No

See also:

gethostbyaddr(), gethostname(), iruserok(), iruserok_sa(), rcmd(), rresvport()

/etc/hosts.equiv, rshd in the Utilities Reference