< May 2016 | Russ Allbery > Eagle's Path | August 2016 > |
This release adds a new, experimental server implementation:
remctl-shell. As its name implies, this is designed to be run as a shell
of a dedicated user rather than as a server. It does not use the remctl
protocol, instead relying on ssh to pass in the command and user
information (via special authorized_keys
configuration). But it
supports the same configuration as the normal remctl server. It can be
useful for allowing remctl-style simple RPC in environments that only use
ssh public key authentication.
Also in this release is a new configuration option, sudo, which is like the existing user option to run a command as another user but uses sudo instead of calling setuid() directly. This allows the server to switch users when running as a non-root user, which will be the normal case for remctl-shell.
The remctl-shell implementation in this release should be considered a first draft and is likely to improve in the future. (I already have a list of things that probably should be improved.)
You can get the latest release from the remctl distribution page.
< May 2016 | Russ Allbery > Eagle's Path | August 2016 > |