I downloaded the source to match the OS release running on the host machine (10.11.6) and ran make in the rlogin dir. It built, but fails to run with rcmd: socket: Operation not permitted. It will run and connect if run with sudo, so I’m assuming it’s a permissions issue.
I saw the entitlements.plist containing com.apple.private.network.reserved-port and corresponding codesign line in the makefile.
Can anyone give me any guidance on how to build this properly?
Thanks,
Sandor
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (Darwi...@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/darwin-dev/darwin-dev-garchive-73044%40googlegroups.com
This email sent to darwin-dev-g...@googlegroups.com
I have a need to build rlogin to allow it to connect to a rlogin server accessible on a non-standard specific port.
I downloaded the source to match the OS release running on the host machine (10.11.6) and ran make in the rlogin dir. It built, but fails to run with rcmd: socket: Operation not permitted. It will run and connect if run with sudo, so I’m assuming it’s a permissions issue.
I saw the entitlements.plist containing com.apple.private.network.reserved-port and corresponding codesign line in the makefile.
Can anyone give me any guidance on how to build this properly?
Thanks,
Sandor
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (Darwi...@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
I’m sure you’ve already considered this, but it’s worth having it in the mailing list archives anyway: rlogin is generally not a good idea, and unless there is some overwhelming reason why you can’t use it, ssh or slogin is a much better plan.
If you can replace the use of rlogin, with one of the latter two, it will save you the trouble of building it.
Kind regards,
Alastair.
> On Mar 6, 2019, at 00:57, Alastair Houghton <alas...@alastairs-place.net> wrote:
>
>> On 5 Mar 2019, at 21:43, Sandor Szatmari <admin.sza...@gmail.com> wrote:
>>
>> I have a need to build rlogin to allow it to connect to a rlogin server accessible on a non-standard specific port.
> I’m sure you’ve already considered this, but it’s worth having it in the mailing list archives anyway: rlogin is generally not a good idea, and unless there is some overwhelming reason why you can’t use it, ssh or slogin is a much better plan.
Sage advice, but one our companies products supports a system integration (via rlogin) with infrastructure installed decades ago, and is not going away and cannot be changed. One, it’s not in our purview to change this, two the equipment operates in what is considered a trusted environment. ie not my choice, not my design, not in my control. But, having had to deal with this over the years has given me great appreciation for the sentiment you convey.
>
> If you can replace the use of rlogin, with one of the latter two, it will save you the trouble of building it.
My goal is to have rlogin connect to a higher randomly selected port, but the rlogin client provided on macOS does not appear to have a flag to specify an alternate port. I want to rebuild the rlogin client with this functionality grafted on. Any and all suggestions are welcome.
Thanks,
Sandor
Sandor
- GNU inetutils (https://www.gnu.org/software/inetutils/)
- FreeBSD bsdrcmds (https://github.com/jlehen/bsdrcmds)
Brendan
> https://lists.apple.com/mailman/options/darwin-dev/brendan%40bslabs.net
>
> This email sent to bre...@bslabs.net
I’ll check them out, maybe their source would be better to modify.
Sandor
Apple’s version works by having the entitlement com.apple.private.network.reserved-port, which AFAIK only works if the code signature on the binary belongs to Apple (otherwise it’d be a massive security hole). I think third-party software probably has to run as root in order for rresvport() to work.
That’s what I was afraid of, but just wasn’t confident enough about to be sure of that conclusion.
Thanks,
Sandor