sliplogin - attach a serial line network interface
Another symbolic loginname is '+'. If a loginname starts with '+' sliplogin will try to read the NIS map slip.hosts instead of slip.hosts. You can override the local IP found in the NIS map by entering it after the '+' sign. If a matching entry is found, the line is configured appropriately for slip (8-bit transparent i/o) and converted to SLIP line discipline. Then a shell script (slip.login) is invoked to initialize the slip interface with the appropriate local and remote IP address, netmask, etc. ( Warning: the number of arguments changed with version 2.1.0 )
A line in slip.hosts usually consists of the fields loginname, local address, remote address, netmask, slipmode, timeout and perhaps up to 3 more options which will be passed to slip.login.
The usual initialization script is /etc/slip/slip.login but, if particular hosts need special initialization, the file /etc/slip/slip.login. loginname will be executed instead if it exists. If you use the default user '*' sliplogin looks for slip.login.*, but '*' is not used as a wildcard. If no slip.login.* exists, the usual slip.login will be used. The script is invoked with the parameters
Only the super-user may attach a network interface. The interface is automatically detached when the other end hangs up, the sliplogin process dies or the client didn't send a packet while the specified timeout in /etc/slip/slip.hosts. If the kernel slip module has been configured for it, all routes through that interface will also disappear at the same time. If there is other processing a site would like done on hangup, the file /etc/slip/slip.logout or /etc/slip/slip.logout. loginname is executed if it exists. It is given the same arguments as the login script. For default user '*' sliplogin looks for slip.logout.* and if it doesn't exist, it uses slip.logout.
loginname local-address remote-address netmask slipmode timeout opt-args
where local-address is the IP host name or address of the local end of the slip line or DYNAMIC for the address of the local host. remote-address is the IP host name or address of the remote end of the slip line or the DYNAMIC keyword which will be translated into an address from the slip.tty file. You may also use an asterisk '*' instead of DYNAMIC. netmask is the appropriate IP netmask. These arguments are passed directly to ifconfig(8). slipmode is either normal, compressed, ax25, 6bit or auto where auto uses the kernel auto detection to find out if the client uses normal or compressed (Van Jacobson) slip. timeout is ignored if negative or else used as value in seconds to wait for packets to be sent from the client before sliplogin sliplogin terminates. Opt-args are optional arguments used to configure the line.
Netmask defaults to 0xffffffff if not given.gateway network [netmask]
One advantage of this method is, that you don't need a /etc/passwd entry for each user login. On the other hand, the user himself may choose the line discipline himself with the real login name. sliplogin will distinguish between the following:
With an additional '-' suffix sliplogin will suppress configure messages like the using of the compression method and the assigning of IP-adresses. An additional '+' will turn the messages on if not compiled in by default.
You may also precede the login with an additional letter to have a test mode with different binaries and configuration options.
Sfoo:ikhuy6:2010:1:slip line to foo:/tmp:/sbin/sliplogin
(Our convention is to name the account used by remote host hostname as Shostname . Then an entry is added to slip.hosts that looks like:
Sfoo `hostname` foo netmask [slip-mode] [timeout]
where `hostname` will be evaluated by sh to the local host name and netmask is the local host IP netmask. (You may also use 'DYNAMIC' instead of `hostname`.)
Note that sliplogin must be setuid to root and, while not a security hole, moral defectives can use it to place terminal lines in an unusable state and/or deny access to legitimate users of a remote slip line. To prevent this, a site can create a group, say slip that only the slip login accounts are put in then make sure that /sbin/sliplogin is in group slip and mode 4550 (setuid root, only group slip can execute binary).
Error Severity
Notice Severity
Закладки на сайте Проследить за страницей |
Created 1996-2024 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |