SLIPLOGIN(8) | System Manager's Manual | SLIPLOGIN(8) |
sliplogin
— attach
a serial line network interface
sliplogin |
[loginname] |
sliplogin
is used to turn the terminal
line on standard input into a Serial Line IP (SLIP) link to a remote host.
To do this, the program searches the file
/etc/sliphome/slip.hosts for an entry matching
loginname (which defaults to the current login name if
omitted). If a matching entry is found, the line is configured appropriately
for slip (8-bit transparent i/o) and converted to SLIP line discipline. Then
a shell script is invoked to initialize the slip interface with the
appropriate local and remote IP address, netmask, etc.
The usual initialization script is /etc/sliphome/slip.login but, if particular hosts need special initialization, the file /etc/sliphome/slip.login.loginname will be executed instead if it exists. The script is invoked with the parameters
Only the super-user may attach a network interface. The interface
is automatically detached when the other end hangs up or the
sliplogin
process dies. If the kernel slip module
has been configured for it, all routes through that interface will also
disappear at the same time. If there is other processing a site would like
done on hangup, the file /etc/sliphome/slip.logout
or
/etc/sliphome/slip.logout.loginname
is executed if it exists. It is given the same arguments as the login
script.
Comments (lines starting with a `#') and blank lines are ignored. Other lines must start with a loginname but the remaining arguments can be whatever is appropriate for the slip.login file that will be executed for that name. Arguments are separated by white space and follow normal sh(1) quoting conventions (however, loginname cannot be quoted). Usually, lines have the form
loginname local-address remote-address netmask opt-args
where local-address and remote-address are the IP host names or addresses of the local and remote ends of the slip line and netmask is the appropriate IP netmask. These arguments are passed directly to ifconfig(8). opt-args are optional arguments used to configure the line.
The normal use of sliplogin
is to create a
/etc/passwd entry for each legal, remote slip site
with sliplogin
as the shell for that entry. For
example:
Sfoo:ikhuy6:2010:1:slip line to foo:/tmp:/usr/sbin/sliplogin
(Our convention is to name the account used by remote host hostname as Shostname.) Then an entry is added to slip.hosts that looks like:
Sfoo `hostname` foo netmask
where `hostname` will be evaluated by sh(1) to the local host name and netmask is the local host IP netmask.
Note that sliplogin
must be setuid to root
and, while not a security hole, moral defectives can use it to place
terminal lines in an unusable state and/or deny access to legitimate users
of a remote slip line. To prevent this, a site can create a group, say
slip, that only the slip login accounts are put in then
make sure that /usr/sbin/sliplogin is in group
slip and mode 4550 (setuid root, only group
slip can execute binary).
sliplogin
logs various information to the
system log daemon,
syslogd(8), with a facility
code of
daemon.
The messages are listed here, grouped by severity level.
TCGETS
ioctl
() to get
the line parameters failed.
TCSETS
ioctl
() to set
the line parameters failed.
The sliplogin
command is currently in beta
test.
November 11, 2018 | NetBSD 10.99 |