remctl 2.14 released
rra at stanford.edu
Fri May 22 19:40:17 EDT 2009
I'm pleased to announce release 2.14 of remctl.
remctl is a client/server application that supports remote execution of
specific commands, using Kerberos v5 GSS-API for authentication.
Authorization is controlled by a configuration file and ACL files and
can be set separately for each command, unlike with rsh. remctl is like
a Kerberos-authenticated simple CGI server, or a combination of Kerberos
rsh and sudo without most of the features and complexity of either.
Changes from previous release:
The remctld configuration file may now specify that one argument to a
command is passed on standard input instead of on the command line
using the stdin= option. This option allows passing data to commands
that's too long to fit into a command-line argument or that contains
remctld logging of commands or arguments now replaces unprintable
characters (characters between ASCII 0 and 31 and ASCII 127) with
periods rather than assuming syslog will cope with them correctly.
Use command and subcommand as the names for the first two parameters
to the remctl client and the first two strings in a remctl command
instead of the unintuitive "type" and "service" terminology borrowed
from sysctl. This only changes documentation and some internal
variable names; no external APIs should be affected.
Declare message_fatal_cleanup extern in util.h. Fixes compilation
problems on Mac OS X and probably elsewhere.
Diagnose and explicitly reject on the server nul characters in command
arguments that don't support them rather than truncating the argument
Plug several memory leaks in the remctld server. (These would have
little practical effect unless a client stayed connected and issued
The protocol now permits commands with no arguments. remctld
currently doesn't support them, but now returns ERROR_UNKNOWN_COMMAND
instead of ERROR_BAD_COMMAND when receiving one.
Add documentation on extending remctl in docs/extending.
Add initial protocol version three draft in docs/protocol-v3.
Better check logmask options when parsing the server configuration
file and report errors instead of silently ignoring them. Masking the
command is also no longer supported (it previously worked by
Support building against Solaris 10's native generic GSS-API
libraries. Thanks, Peter Eriksson.
Update to rra-c-util 1.0:
* Fix open call parameters in daemon portability test.
* Fix AI_ADDRCONFIG portability on BSD/OS systems.
* Split die into a separate object to not link it in shared libraries.
* Don't break if the user clobbers CPPFLAGS at build time.
* Correctly set -L options with --with-gssapi-lib, not -I.
* Change AC_TRY_* to AC_*_IFELSE as recommended by Autoconf.
* Update portable and util test suite for C TAP Harness 1.0.
* Use native Kerberos instead of forking kinit in test suite.
Update to C TAP Harness 1.0:
* Rewrite of all test cases to use the new TAP library support.
* Much improved and simplified builddir != srcdir test suite support.
* Support running a single test with tests/runtests -o.
* Correctly handle completely skipped tests, like client/pod.
* Better reporting of fatal errors in the test suite.
You can download it from:
This package is maintained using Git; see the instructions on the above
page to access the Git repository.
Debian packages have been uploaded to Debian unstable.
Please let me know of any problems or feature requests not already listed
in the TODO file.
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos