Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 NFS Services Administrator's Guide: HP-UX 11i version 2 > Chapter 7 Configuring and Using the Remote Execution Facility (REX)

Configuring REX
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

This section tells you how to set up REX clients and REX servers. It also explains how to configure added security for REX servers and how to configure logging for the rexd daemon.

Configure REX

  1. Make sure all the hosts to which users need access are listed in your hosts database (BIND, NIS, or /etc/hosts).

  2. Make sure users have accounts on all the hosts they need to use. Make sure the user ID for each user is the same on all hosts where that user has an account.

    If you are using NIS or NIS+, and users do not need access to any hosts outside your NIS domain or NIS+ namespace, this step is not necessary. With NIS and NIS+, user accounts are administered centrally on the master server, and all hosts have access to the same user information. See Chapter 4 “Configuring and Administering NIS” for instructions on setting up NIS. See Chapter 5 “Configuring and Administering NIS+” for instructions on setting up NIS+.

  3. Make sure all REX clients (hosts from which users will issue the on command) are configured as NFS servers. See “Configuring and Administering an NFS Server”.

  4. Make sure users’ home directories on all REX clients are exported to REX servers (available to be mounted with NFS). See “Exporting Directories to NFS Clients ”.

  5. Make sure all REX servers (hosts where the rexd daemon will run) are configured as NFS clients. See “Configuring and Administering an NFS Client”.

  6. Use a text editor to uncomment the following line in the /etc/inetd.conf file, which starts rexd:

    rpc stream tcp nowait root /usr/sbin/rpc.rexd 100017 1 rpc.rexd

  7. Issue the following command to force inetd to reread its configuration file:

    /usr/sbin/inetd -c

Configure REX Security

  1. On each REX server, add the -r option to the line in /etc/inetd.conf that starts the rexd daemon, as follows:

    rpc stream tcp nowait root /usr/sbin/rpc.rexd 100017 1 \
    rpc.rexd -r

  2. Issue the following command to force inetd to reread /etc/inetd.conf:

    /usr/sbin/inetd -c

  3. Add lines to the /etc/hosts.equiv file on the REX server to allow REX clients to use the server,

    or

    have each REX user add lines to a .rhosts file in the user’s home directory on the REX server to allow access from REX clients.

The -r option causes rexd to deny requests from a user on a REX client unless the client is listed in /etc/hosts.equiv or the user’s $HOME/.rhosts file on the REX server.

A line in the /etc/hosts.equiv or $HOME/.rhosts file has the following syntax:

hostname  [username]

For example, if user paula has accounts on REX clients broccoli and cabbage and on REX server cauliflower, she would create a .rhosts file in her home directory on cauliflower with the following lines:

broccoli  paula
cabbage   paula
CAUTION: The /etc/hosts.equiv and $HOME/.rhosts files create a significant security risk. Make sure these files and users’ home directories are writable only by the owner.

For more information, see the man pages for rexd(1M) and hosts.equiv(4).

Configure Logging for the rexd Daemon

  1. Use a text editor to add the -l log_file option to the line in /etc/inetd.conf that starts rexd, as in the following example:

    rpc stream tcp nowait root /usr/sbin/rpc.rexd 100017 1  \
    rpc.rexd -l /var/adm/rexd.log

  2. Issue the following command to force inetd to reread its configuration file:

    /usr/sbin/inetd -c

When logging is turned on, rexd logs any diagnostic, warning, and error messages to log_file. If log_file exists, rexd appends messages to the file. If log_file does not exist, rexd creates it. Messages are not logged if the -l option is not specified.

Information logged to the file includes date and time of the error, host name, process ID and name of the function generating the error, and the error message.

Different RPC services can share a single log file, because enough information is included to uniquely identify each error.

Type man 1M rexd for explanations of the messages logged by the rexd daemon.

Many of the errors logged by rexd are also returned to the user who issued the on command. Type man 1 on for explanations of the messages returned by the on command.



How REX Works
  		 


Chapter 8 Troubleshooting NFS Services  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2004 Hewlett-Packard Development Company, L.P.