SLIPLOGIN(8) | System Manager's Manual | SLIPLOGIN(8) |
sliplogin
—
sliplogin |
[loginname] |
sliplogin
is used to turn the terminal line on standard
input into a Serial Line IP (SLIP) link to a remote host. To do this, the
program searches the file /etc/sliphome/slip.hosts for
an entry matching loginname (which defaults to the
current login name if omitted). If a matching entry is found, the line is
configured appropriately for slip (8-bit transparent i/o) and converted to
SLIP line discipline. Then a shell script is invoked to initialize the slip
interface with the appropriate local and remote IP address, netmask, etc.
The usual initialization script is /etc/sliphome/slip.login but, if particular hosts need special initialization, the file /etc/sliphome/slip.login.loginname will be executed instead if it exists. The script is invoked with the parameters
Only the super-user may attach a network interface. The interface
is automatically detached when the other end hangs up or the
sliplogin
process dies. If the kernel slip module
has been configured for it, all routes through that interface will also
disappear at the same time. If there is other processing a site would like
done on hangup, the file /etc/sliphome/slip.logout
or
/etc/sliphome/slip.logout.loginname
is executed if it exists. It is given the same arguments as the login
script.
loginname local-address remote-address netmask opt-args
where local-address and remote-address are the IP host names or addresses of the local and remote ends of the slip line and netmask is the appropriate IP netmask. These arguments are passed directly to ifconfig(8). opt-args are optional arguments used to configure the line.
sliplogin
is to create a
/etc/passwd entry for each legal, remote slip site
with sliplogin
as the shell for that entry. For
example:
Sfoo:ikhuy6:2010:1:slip line to foo:/tmp:/usr/sbin/sliplogin
(Our convention is to name the account used by remote host hostname as Shostname.) Then an entry is added to slip.hosts that looks like:
Sfoo `hostname` foo netmask
where `hostname` will be evaluated by sh(1) to the local host name and netmask is the local host IP netmask.
Note that sliplogin
must be setuid to root
and, while not a security hole, moral defectives can use it to place
terminal lines in an unusable state and/or deny access to legitimate users
of a remote slip line. To prevent this, a site can create a group, say
slip, that only the slip login accounts are put in then
make sure that /usr/sbin/sliplogin is in group
slip and mode 4550 (setuid root, only group
slip can execute binary).
sliplogin
logs various information to the system log
daemon, syslogd(8), with a
facility code of daemon. The messages are listed here,
grouped by severity level.
Error Severity
TCGETS
ioctl
() to get
the line parameters failed.
TCSETS
ioctl
() to set
the line parameters failed.
Notice Severity
sliplogin
command is currently in beta test.
November 11, 2018 | NetBSD 9.4 |