1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
.TH RSTYXD 8
.SH NAME
rstyxd, styxd \- Styx-based remote execution and file service
.SH SYNOPSIS
.B auxi/rstyxd
.I alg
\&...
.PP
.B auxi/styxd
.I alg
\&...
.SH DESCRIPTION
These services are normally started by
.IR svc (8)
in response to incoming network calls.
Each expects the standard input to be connected to the client;
unusually, it is both read and written.
.PP
Both commands first authenticate the incoming call using
.IR keyring-auth (2)
via
.IR security-auth (2).
On successful authorisation, the server sets
its user identity to that of the caller,
and the client can request that a digest and/or encryption
algorithm be applied using
.IR ssl (3)
to protect the data exchanged with the server.
Each
.I alg
names a digest or encryption algorithm that the server will allow
the client to use,
in any form accepted by
.IR ssl ;
the special name
.B none
is usually listed, to allow the client to choose not to use
.IR ssl .
.PP
.I Styxd
provides Styx file service to its client.
Having authorised the client and optionally established
.IR ssl ,
as described above,
it exports its name space (usually the name space inherited from
.IR svc (8))
on the connection using
.B Sys->export
(see
.IR sys-dial (2)).
.PP
.I Rstyxd
provides a remote-execution service.
Having authorised the client and optionally established
.IR ssl ,
as described above,
it reads a single line from its standard input.
The line contains a decimal value that is the count of the number
of bytes that follow,
which
.I rstyxd
reads as a
.IR utf (6)-encoded
string.
The string contains a command, which is parsed into arguments,
following the quoting
conventions of
.IR sh (1).
The first argument is the command name.
.I Rstyxd
prepares a modified name space in which
to run the command.
It mounts the connection (standard input) on
.BR /n/client ,
binds
.BR /n/client/dev
onto
.BR /dev ,
and opens the new
.B /dev/cons
(ie, the remote client's
.BR /dev/cons )
on file descriptors 0, 1 and 2.
Finally, it executes the command.
.SH FILES
.TF /usr/user/keyring/default
.TP
.B /n/client
mount point used by
.I rstyxd
.TP
.BI /usr/ user /keyring/default
server's authentication data when
.IR svc (8)
run as given
.I user
.SH SOURCE
.B /appl/cmd/auxi/rstyxd.b
.br
.B /appl/cmd/auxi/styxd.b
.SH SEE ALSO
.IR keyring-auth (2),
.IR security-auth (2),
.IR getauthinfo (8)
|
