Product SiteDocumentation Site

1.196.  rsh

1.196.1.  RHBA-2009:0423: bug fix update


This update has already been released (prior to the GA of this release) as FASTRACK errata RHBA-2009:0423
Updated rsh packages that resolve several issues are now available.
The rsh-server package contains programs which allow users to run commands on remote machines, log in to other machines, copy files between machines (rsh, rlogin and rcp), and provides an alternate method of executing remote commands (rexec). All of these programs are run by xinetd and can be configured through the Pluggable Authentication Modules (PAM) system, and through configuration files in the /etc/xinetd.d/ directory.
These updated rsh packages provide fixes for the following bugs:
  • rsh did not set any of the environment variables listed in the /etc/security/pam_env.conf configuration file, and thus rsh users did not have access to that environment. With this update, rsh correctly reads and sets the environment variables listed in /etc/security/pam_env.conf, thus resolving the issue.
  • the rexec(1) man page stated that the maximum length of the username on the remote system was restricted to 16 characters. Internally, however, rexec limited the maximum username length to 14 characters. rexec's maximum username length has been increased to 16 characters, which corresponds to the value given in the manual page, and which resolves the issue.
  • when copying data to a full NFS directory, rcp failed silently and did not report an error, which led to silent data loss. With this update, rcp does report an error under this condition.
All users of rsh are advised to upgrade to these updated packages, which resolve these issues.

Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.