[src/trunk]: src Kerberos support is broken in rcommands, thus making -K -k a...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src Kerberos support is broken in rcommands, thus making -K -k a...
From: manu <manu%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 15:41:22 +0000
details:   https://anonhg.NetBSD.org/src/rev/26b100cd25df
branches:  trunk
changeset: 569774:26b100cd25df
user:      manu <manu%NetBSD.org@localhost>
date:      Sun Sep 05 08:38:23 2004 +0000

description:
Kerberos support is broken in rcommands, thus making -K -k and -x options
unavailable. Remove theses options from the man pages (it won't be very
hard to bring them back if we fix kerberos one day)

diffstat:

 bin/rcmd/Makefile       |   4 ++-
 bin/rcmd/rcmd.1         |  32 +----------------------
 bin/rcp/Makefile        |   4 ++-
 bin/rcp/rcp.1           |  35 +++-----------------------
 usr.bin/rlogin/Makefile |   4 ++-
 usr.bin/rlogin/rlogin.1 |  64 ++++--------------------------------------------
 usr.bin/rsh/Makefile    |   5 +++-
 usr.bin/rsh/rsh.1       |  35 +++-----------------------
 8 files changed, 29 insertions(+), 154 deletions(-)

diffs (truncated from 435 to 300 lines):

diff -r b26420d6ab7a -r 26b100cd25df bin/rcmd/Makefile
--- a/bin/rcmd/Makefile Sun Sep 05 08:25:41 2004 +0000
+++ b/bin/rcmd/Makefile Sun Sep 05 08:38:23 2004 +0000
@@ -1,7 +1,9 @@
-#      $NetBSD: Makefile,v 1.6 2002/08/19 09:56:01 lukem Exp $
+#      $NetBSD: Makefile,v 1.7 2004/09/05 08:38:23 manu Exp $
 
 .include <bsd.own.mk>
 
+# XXX Unsupported Kerberos options were removed from man page
+# XXX Don't forget to update the man page if you fix Kerberos
 PROG=  rcmd
 SRCS=  rsh.c
 CPPFLAGS+=-DIN_RCMD
diff -r b26420d6ab7a -r 26b100cd25df bin/rcmd/rcmd.1
--- a/bin/rcmd/rcmd.1   Sun Sep 05 08:25:41 2004 +0000
+++ b/bin/rcmd/rcmd.1   Sun Sep 05 08:38:23 2004 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: rcmd.1,v 1.16 2003/10/13 14:22:20 agc Exp $
+.\"    $NetBSD: rcmd.1,v 1.17 2004/09/05 08:38:23 manu Exp $
 .\"
 .\" Copyright (c) 1997 Matthew R. Green.
 .\" Copyright (c) 1983, 1990 The Regents of the University of California.
@@ -40,8 +40,6 @@
 .Xr rcmd 3
 .Sh SYNOPSIS
 .Nm
-.Op Fl Kdnx
-.Op Fl k Ar realm
 .Op Fl l Ar username
 .Op Fl u Ar localusername
 .Ar host
@@ -63,10 +61,6 @@
 normally terminates when the remote command does.
 The options are as follows:
 .Bl -tag -width flag
-.It Fl K
-The
-.Fl K
-option turns off all Kerberos authentication.
 .It Fl d
 The
 .Fl d
@@ -75,23 +69,11 @@
 on the
 .Tn TCP
 sockets used for communication with the remote host.
-.It Fl k
-The
-.Fl k
-option causes
-.Nm
-to obtain tickets for the remote host in
-.Ar realm
-instead of the remote host's realm as determined by
-.Xr krb_realmofhost  3  .
 .It Fl l
 By default, the remote username is the same as the local username.
 The
 .Fl l
 option allows the remote name to be specified.
-Kerberos authentication is used, and authorization is determined
-as in
-.Xr rlogin  1  .
 .It Fl u
 The
 .Fl u
@@ -105,13 +87,6 @@
 (see the
 .Sx BUGS
 section of this manual page).
-.It Fl x
-The
-.Fl x
-option turns on
-.Tn DES
-encryption for all data exchange.
-This may introduce a significant delay in response time.
 .El
 .Pp
 Shell metacharacters which are not quoted are interpreted on local machine,
@@ -138,11 +113,8 @@
 .El
 .Sh SEE ALSO
 .Xr rsh 1 ,
-.Xr krb_realmofhost 3 ,
-.Xr krb_sendauth 3 ,
 .Xr rcmd 3 ,
-.Xr environ 7 ,
-.Xr kerberos 8
+.Xr environ 7 .
 .Sh HISTORY
 The
 .Nm
diff -r b26420d6ab7a -r 26b100cd25df bin/rcp/Makefile
--- a/bin/rcp/Makefile  Sun Sep 05 08:25:41 2004 +0000
+++ b/bin/rcp/Makefile  Sun Sep 05 08:38:23 2004 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: Makefile,v 1.22 2003/07/23 08:01:24 itojun Exp $
+#      $NetBSD: Makefile,v 1.23 2004/09/05 08:38:23 manu Exp $
 #      @(#)Makefile    8.1 (Berkeley) 7/19/93
 
 .include <bsd.own.mk>
@@ -7,6 +7,8 @@
 SRCS=          rcp.c util.c
 
 # XXX Kerberos support broken right now.
+# XXX Unsupported Kerberos options were removed from man page
+# XXX Don't forget to update the man page if you fix Kerberos
 USE_KERBEROS4= no
 
 .if (${USE_KERBEROS4} != "no")
diff -r b26420d6ab7a -r 26b100cd25df bin/rcp/rcp.1
--- a/bin/rcp/rcp.1     Sun Sep 05 08:25:41 2004 +0000
+++ b/bin/rcp/rcp.1     Sun Sep 05 08:38:23 2004 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: rcp.1,v 1.16 2003/08/07 09:05:27 agc Exp $
+.\"    $NetBSD: rcp.1,v 1.17 2004/09/05 08:38:23 manu Exp $
 .\"
 .\" Copyright (c) 1983, 1990, 1993
 .\"    The Regents of the University of California.  All rights reserved.
@@ -37,12 +37,10 @@
 .Nd remote file copy
 .Sh SYNOPSIS
 .Nm
-.Op Fl Kpx
-.Op Fl k Ar realm
+.Op Fl p
 .Ar file1 file2
 .Nm
-.Op Fl Kprx
-.Op Fl k Ar realm
+.Op Fl pr
 .Ar file ...
 .Ar directory
 .Sh DESCRIPTION
@@ -57,20 +55,6 @@
 or a `/' before any `:'s).
 .Pp
 .Bl -tag -width flag
-.It Fl K
-The
-.Fl K
-option turns off all Kerberos authentication.
-.It Fl k
-The
-.Fl k
-option requests
-.Nm
-to obtain tickets
-for the remote host in realm
-.Ar realm
-instead of the remote host's realm as determined by
-.Xr krb_realmofhost  3  .
 .It Fl p
 The
 .Fl p
@@ -90,17 +74,6 @@
 .Nm
 copies each subtree rooted at that name; in this case
 the destination must be a directory.
-.It Fl x
-The
-.Fl x
-option turns on
-.Tn DES
-encryption for all data passed by
-.Nm .
-This may impact response time and
-.Tn CPU
-utilization, but provides
-increased security.
 .El
 .Pp
 If
@@ -134,7 +107,7 @@
 .Xr rcmd 3 ,
 .Xr hosts.equiv 5 ,
 .Xr rhosts 5 ,
-.Xr environ 7
+.Xr environ 7 .
 .Sh HISTORY
 The
 .Nm
diff -r b26420d6ab7a -r 26b100cd25df usr.bin/rlogin/Makefile
--- a/usr.bin/rlogin/Makefile   Sun Sep 05 08:25:41 2004 +0000
+++ b/usr.bin/rlogin/Makefile   Sun Sep 05 08:38:23 2004 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: Makefile,v 1.17 2002/06/14 00:55:18 wiz Exp $
+#      $NetBSD: Makefile,v 1.18 2004/09/05 08:38:23 manu Exp $
 #      @(#)Makefile    8.1 (Berkeley) 7/19/93
 
 PROG=  rlogin
@@ -9,6 +9,8 @@
 BINMODE=4555
 
 # XXX Kerberos support broken right now.
+# XXX Unsupported Kerberos options were removed from man page
+# XXX Don't forget to update the man page if you fix Kerberos
 
 #SRCS+=        kcmd.c
 #CPPFLAGS+=-DKERBEROS -DCRYPT
diff -r b26420d6ab7a -r 26b100cd25df usr.bin/rlogin/rlogin.1
--- a/usr.bin/rlogin/rlogin.1   Sun Sep 05 08:25:41 2004 +0000
+++ b/usr.bin/rlogin/rlogin.1   Sun Sep 05 08:38:23 2004 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: rlogin.1,v 1.19 2003/08/07 11:15:41 agc Exp $
+.\"    $NetBSD: rlogin.1,v 1.20 2004/09/05 08:38:23 manu Exp $
 .\"
 .\" Copyright (c) 1983, 1990, 1993
 .\"    The Regents of the University of California.  All rights reserved.
@@ -37,16 +37,14 @@
 .Nd remote login
 .Sh SYNOPSIS
 .Nm
-.Op Fl 8EKLdx
+.Op Fl 8ELd
 .Op Fl e Ar char
-.Op Fl k Ar realm
 .Op Fl l Ar username
 .Op Fl p Ar port
 .Ar host
 .Nm
-.Op Fl 8EKLdx
+.Op Fl 8ELd
 .Op Fl e Ar char
-.Op Fl k Ar realm
 .Op Fl p Ar port
 .Ar username@host
 .Sh DESCRIPTION
@@ -55,10 +53,9 @@
 .Ar host  .
 .Pp
 .Nm
-first attempts to use the Kerberos authorization mechanism, described below.
-If the remote host does not supporting Kerberos the standard Berkeley
+first attempts to use the standard Berkeley
 .Em rhosts
-authorization mechanism is used.
+authorization mechanism.
 The options are as follows:
 .Bl -tag -width XlXusernameX
 .It Fl 8
@@ -75,10 +72,6 @@
 When used with the
 .Fl 8
 option, this provides a completely transparent connection.
-.It Fl K
-The
-.Fl K
-option turns off all Kerberos authentication.
 .It Fl L
 The
 .Fl L
@@ -101,14 +94,6 @@
 by default.
 This specification may be as a literal character, or as an octal
 value in the form \ennn.
-.It Fl k Ar realm
-The
-.Fl k
-option requests rlogin to obtain tickets for the remote host
-in realm
-.Ar realm
-instead of the remote host's realm as determined by
-.Xr krb_realmofhost  3  .
 .It Fl l Ar username
 the
 .Fl l
@@ -122,15 +107,6 @@
 instead of the one assigned to the service
 .Dq login .
 May be given either as symbolic name or as number.
-.It Fl x
-The
-.Fl x
-option turns on
-.Tn DES
-encryption for all data passed via the rlogin session.
-This may impact response time and
-.Tn CPU
-utilization, but provides increased security.
 .El
 .Pp
 A line of the form
@@ -155,31 +131,6 @@
 is transparent.
 Flow control via ^S/^Q and flushing of input and output on interrupts
 are handled properly.
-.Sh KERBEROS AUTHENTICATION
-Each user may have a private authorization list in the file
-.Pa .klogin
-in their home directory.
-Each line in this file should contain a Kerberos principal name of the form
-.Ar principal.instance@realm  .
-If the originating user is authenticated to one of the principals named in
-.Pa .klogin ,
-access is granted to the account.
-The principal
-.Ar accountname.@localrealm
Prev by Date: [src/trunk]: src/share/man/man4 Documentation on the PIM kernel options and o...
Next by Date: [src/trunk]: src/doc At submitter's request, add more comprehensive credits a...
Previous by Thread: [src/trunk]: src/share/man/man4 Documentation on the PIM kernel options and o...
Next by Thread: [src/trunk]: src/doc At submitter's request, add more comprehensive credits a...
Indexes:
Home | Main Index | Thread Index | Old Index