Solved

rexec and shell scripts

Posted on 2003-11-13
10
14,318 Views
Last Modified: 2013-12-06
How do I invoke rexec in a shell script? we use solaris 8 and what are the permissions for a non su user? should we make any entries in hosts files to execute this command? Most of the man pages are not much help on executing rexec from shell script. ANy help on this would be great! Thanks.
0
Comment
Question by:rsastry
10 Comments
 
LVL 40

Accepted Solution

by:
jlevie earned 84 total points
ID: 9739569
There's nothing difficult about using rexec or rsh within a script to execute a command on a remote system, provided that the user running the script has a correct .rhosts file on the remote so they don't have to enter a password. With a valid .rhosts file on the remote you can do something like:

rsh remote-system chmod 0644 some-file

However, if you can't set up the remote to allow unchallenged rsh or rexec access via .rhosts or hosts.equiv then you need to consider using expect as the scripting language. It operates on a send/expect model so it can issue a command (send "rsh remote chmod 0644 some-file\r") wait for the password prompt (expect "Password") and then send the password (send "my-passwd\r").
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 9739839
True for 'rsh', but not necessarily for 'rexec' since Solaris does not have a shell-level utility to call 'rexec' directly.

What's the difference? rexec is a generalization of rsh that allows more file descriptor plumbing than the standard stdin/stdout/stderr.

HP-UX, for example, has a seperate rexec command.
0
 

Author Comment

by:rsastry
ID: 9739919
Thanks for the info. So in solaris what is the alternative for rexec that can be used in a shell script? to make rsh work do I need to do anything specific on the local and remote hosts? (like starting the rsh service ?)
0
 
LVL 40

Expert Comment

by:jlevie
ID: 9740125
The remote hosts must have an rsh server available and reachable. This won't necessarily be the case on all systems for security reasons. RedHat (and some other Linuxen) don't install or enable insecure protocols like rsh, rlogin, telnet, etc) be default. And quite a few sys admins will disable those on systems that do provide the server by default.

To avoid having to deal with passwords for rsh within a script you can create an .rhosts file in the user's home dir on the remote system (see 'man rhosts' for details).  
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 14

Assisted Solution

by:chris_calabrese
chris_calabrese earned 83 total points
ID: 9740194
Or better yet, ditch rsh/rexec altogether in favor of  Secure Shell (ssh).

SSH is a drop-in replacement for rsh/rexec, encrypts data/passwords, allows cryptographic authentication mechanisms, and is available from sunfreeware.com for Solaris (and available for all kinds of other platforms too).
0
 
LVL 48

Expert Comment

by:Tintin
ID: 9742355
Also ssh comes standard on Solaris 9.

rsh and rexec are getting pretty ancient now and existed in a time where security wasn't an issue.
0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 83 total points
ID: 9744264
In Solaris you can rsh as stated in  jlevie's first comment. (if the "r"* services are enable, it
is enable by default, but a lot of adm guy disable them, and it is a security hole on the system !),
and you have setup .rhosts file in you Sun boxes.

I think most of people use secure shell -- ssh instead of rsh. you can download openssh from:
http://sunfreeware.com/

for your version of Solaris.

For using ssh in a script, you can choice to setup ssh connetion without password, or use
expect script to handle the password.

Just do a search at EE, you can find  a lot of example about setup ssh without password,
ssh + expect ect.

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 9769953
.. and don't forget to remove the .rhosts files, and/or disable reading it in sshd_conf
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now