COSmanager User Man pages
From Documentation
Contents |
asgroup
NAME
- asgroup — Run a program with another group's permissions
SYNOPSIS
asgroup <group> [<command>]
DESCRIPTION
- Asgroup changes the effective group ID of the user to the specified group while running command. If no command was specified, an interactive Shell will be started, either using the program defined by the SHELL environment variable, or /bin/sh if SHELL is not defined. Asgroup will only permit execution to proceed if either:
- The user is part of the specified group; or
- The command's group is the one specified, and it has the set group ID bit enabled [see chmod(1)], and the user has execute access to the command.
All attempts (both successful and not) are logged to an audit trail.
FILES
- /usr/spool/log/asgroup
- Audit log file. Every execution of asgroup is logged here detailing the user, terminal, date andtime, the command and whether it was successful.
SEE ALSO
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
asuser
NAME
- asuser - Run a program as another user
SYNOPSIS
asuser [-12cdosu] <user> <command>
DESCRIPTION
- Asuser runs a command in the context of another user. It is normally only run by a process with the effective user ID of the superuser.
- Switching to the specified user causes the process to switch to that user's ID and Groups, plus the following environment variables to be set: LOGNAME, USER, HOME and FULLNAME.
OPTIONS
- -c
- Check that the caller's effective ID is superuser before running the command. By default, if the caller is not superuser, the command is still run, but without switching users.
- -d
- Change into the user's home directory before running the command, and before creating any output files (see the -o, -1 and -2 options). Normally the command is run in the current working directory.
- -s
- Run the command using the shell. This allows arbitrary shell syntax to be used in the command. Normally the command must be a single program name, optionally followed by its parameters.
- -u <ulimit>
- Set the ulimit to the specified value prior to running the command.
- -o <file>
- Redirect both STDOUT and STDERR to the given file after switching to the new user. If the file does not exist, it will be created with the ownership of the given user. Note that if you use:
- asuser <user> <command> > <file>
- the file will be opened by the shell prior to running asuser, causing it to be created with "root" ownership.
- -1 <file>
- Redirect STDOUT to the given file after switching to the new user. Please refer to the discussion under -o.
- -2 <file>
- Redirect STDERR to the given file after switching to the new user. Please refer to the discussion under -o.
EXAMPLE
asuser mike weekly_report -d prodn
- Runs the command "weekly_report -d prodn" as user "mike".
WARNINGS
- This program must not be installed with the SETUID flag set, otherwise system security would be compromised.
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
audcycle
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
audit
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
audview
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
browser
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
cos
NAME
- cos - Invoke COSmanager
SYNOPSIS
cos [-apD] [-d <db>] [-u <user>] [-v <version>] [<appl> [-C] [-v <version>] [-c <command> | <table> [<method>]]]
DESCRIPTION
- Cos is the command that invokes COSmanager and COSmanager applications.
- Cos performs security checks on the invoking user, asking for passwords if necessary, sets up the appropriate security profile and environment for the user, and then invokes either the main COSmanager menu, a COSmanager application, a method or a command.
OPTIONS
- -D
- Invoke the demonstration mode of COSmanager. (See below for more details).
- -d <database>
- Specifies a database holding the Functional Database table data. If the name specified does not end with .db, then this suffix will be appended to form a directory name, which must be located under both the $FShome and $APPL_HOME directories. If not specified, the default database (db) is used.
- -v <version>
- Specifies an alternate version of the COSmanager framework to invoke. The directory of the specified COSmanager version determines the value of the FShome variable, the base directory of the COSmanager framework.
- The following three options are only available if the user is super-user or cosmos:
- -a
- Ask "Who are you?". Normally cos automatically determines the ID of the invoking user, which in turn determines their security profile. If this option is specified, the user is prompted to enter his or her login ID, and password. If this is validated correctly, the user will be allowed into COSmanager with that user's security profile.
- -p
- Forces the user to enter the appropriate COSmanager application passwords. Normally when cos is invoked as super-user, password checking is bypassed.
- -u <user>
- Use the security profile of the specified user rather than that of the invoking user.
- <appl> specifies the COSmanager application to invoke. If omitted, the main COSmanager menu (or buttonbar) is invoked. After the application name the following options can appear:
- -C
- Invoke the application in configuration mode. This may cause further security checks and authentication to occur.
- -v <version>
- Specifies an alternate version of the application to run. The directory of the specified version of the application determines the value of the APPL_HOME variable. Normally the default version of the application is run.
- -c <command>
- Specifies the command to run under the given application.
- <table> [<method> [<params>]]
- If a table is specified with no subsequent parameters, db_methtool(1) is invoked upon that table. This provides an interactive, user-friendly interface to the methods defined for the table. If a method and optionally parameters to that method are given, then that method is invoked directly. See db_meth(1) for details of the format of the parameters.
APPLICATION INVOCATION
- When cos invokes an application, it first searches the applictn table in the COSmanager framework, looking for the specified application. If no version was specified by the user, the entry with the Default column set to yes will be used. This entry determines the base directory (APPL_HOME) of the application, the capabilities required by the user to access it, how the application is to appear in the COSmanager menu or buttonbar, and the commands to invoke the application itself.
- Once the entry is found, the user's capabilities are checked to ensure that he or she has access to the application. The application's environment variables (see below) are then set, and if $APPL_HOME/profile exists, it is sourced as a Bourne shell script. Finally the command to invoke the application is executed.
DEMONSTRATION MODE
- In this mode, any modification to tables which are not under the specified database directory, will cause them to be copied there, and the modification performed on the copy. Thus real system tables (eg: passwd, group, hosts, networks) will not be modified directly, rather the user will operate on copies of them.
- Although most COSmanager applications normally run as root or cosmos, demonstration mode forces them to be run as the normal UID of the invoking user. In addition, certain system commands are replaced with scripts that enable the demonstration or training to be run without needing special privileges.
- It is possible to create a self contained demonstration of a COSmanager application by copying the tables from the COSmanager framework database directory ($FShome/db) and the application's database directory ($APPL_HOME/db) to another directory and using the -d flag to reference the alternate database.
- For example, the following commands create a new duty3G database called training:
cos duty -c sh
cd $FShome
mkdir training.db
cd db
find . -print | cpio -pdumv ../training.db
cd $APPL_HOME
mkdir training.db
cd db
find . -print | cpio -pdumv ../training.db
exit
- The command:
cos -D -d training duty
- would be used to invoke duty3G in demonstration mode using the training database.
- Such a scheme could be used for training new operators.
ENVIRONMENT VARIABLES
- COSmanager sets and uses the following environment variables:
- APPL_HOME
- The base directory of the application being run under cos. The application programs, menus, prompt forms and database files etc, are in subdirectories under $APPL_HOME.
- FShome
- The base directory of the COSmanager framework, which contains the Functional Toolset. By default this is the home directory of the cosmos user.
- PATH
- Cos automatically includes the directories $APPL_HOME/bin and $FShome/bin in the PATH variable. Furthermore, in demonstration mode, PATH also includes $APPL_HOME/dbin and $FShome/dbin to allow special demonstration versions of programs to be written.
- DBTABDIR
- This determines the search path used to locate data for database tables within the COSmanager framework and applications. Unless the -d option is used, this variable is not set, thus defaulting the search path to the db and distrib.db directories. If, for example, "-d training" is specified, the search path is changed to the training.db and distrib.db directories.
- FS_CUSTOMER
- The Customer name to appear at the right side of the title bar on menus, forms, etc under the CUI, and in the "about" box under the GUI. This should be kept fairly short (say 20 characters), or it may be overwritten by the title.
- PRINTCMD
- A command which is used to send output to a printer. It must be able to read its input from standard input, and should not write anything to standard output (or standard error), unless there is an error condition. Using the System V spooler as an example, PRINTCMD should be set to "lp -s", which is the default.
- DBPRINT
- A command that takes (as standard input) output from the Functional Database and send it to a printer. This allows pre-formatting of database tables before printing. One utility that provides this is page(1). This will take the header line and repeat it at the top of each printed page and place the page number on the bottom line. An example of the setting of this variable would be:
DBPRINT="page -C | lp -s"
- PRINTYPE
- The printer type to be used by the page(1) command. This is only necessary if the DBPRINT variable is set to use the page command. A terminfo(4) entry must exist for this printer type.
- These variables are automatically set when the cos command is run. Most can be changed by using the "Global Parameters" menu under "COSmanager Configuration".
SEE ALSO
WARNINGS
- COSmanager runs most of the time with root privileges. The startup scripts and profiles as supplied are written extremely carefully to eliminate the possibility of "trapdoors" or other means of compromising system security. If the files $FShome/bin/COSstartup, $FShome/bin/APstartup or $APPL_HOME/profile are modified, be very careful not to introduce such "trapdoors". In particular, always use full pathnames when specifying directories, especially within PATH variables. Also make sure that the file permissions on such scripts are not changed which may allow access by "hostile" users.
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
daemon
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
fs_tools
NAME
- fs_tools - the Functional Toolset
SYNOPSIS
- The Functional Toolset is a suite of tools, to enable sophisticated applications to be built quickly and easily. It consists of a suite of user interface tools, database access tools, and various miscellaneous tools. The Functional Database tools are described under db(1). This manual page describes the user interface tools, the environment variables that the toolset uses, and some common facilities which the toolset uses (such as path lists).
USER INTERFACE TOOLS
- These are full-screen, interactive programs, each with a distinct function and they support both a Graphical User Interface (GUI) and a Character User Interface (CUI), the latter can run on virtually any terminal.
- These functions include:
- Picking an item from a menu
- Filling in a form
- Browsing through output, and optionally printing sections
- Choosing one or more items from a list
- Hitting one of a number of function keys in answer to a request
- Although these functions are implemented as separate programs, the "look and feel" of each of the tools is the same, so the user interface remains uniform throughout an application built with these tools.
- Below are brief descriptions of the functions and features of each user interface tool. Further details can be found in the appropriate manual entry for each.
MENU
- Menu implements a hierarchical menu structure. The user simply arrows down to the desired item, and hits Enter or Accept. If that item is an action then the program corresponding to that action is executed. If it is a submenu, then that menu will be entered. Hitting Exit will take the user up a level in the menu hierarchy, or exit Menu completely if it was the Main or Top-level menu.
Other features of Menu are:
- Conditional menu items. If the condition is not true, the user will not see that item.
- "Self-modifying" menu text. The menu description can contain references to Shell environment variables. If these variables change, so will the text of the menu.
- A full hierarchy of every menu in the system is available by hitting the Index key. The user can then search through the hierarchy, and jump directly to any menu.
PROMPT
- Prompt allows a user to fill in a form and when complete, it outputs Shell commands to set environment variables to the values entered in each field. Optionally, prompt can also load default values for each field from environment variables of the same names. This association of Shell variables to fields on a form, and the association between database column values and Shell variables [see db(1)], means that prompt can be readily used to input and manipulate database column values.
- Prompt is also capable of doing extensive validation of user input, and of doing database "lookups" to ensure consistency, and to provide useful feedback to the user.
SCROLL
- Scroll is a sophisticated version of [more(1)] or [pg(1)]. It provides up and down, left and right scrolling through any output data. The user can search for arbitrary patterns, and can spool any range of pages to a printer. Scroll can also interpret print control codes for the Epson LQ printer range.
CHOOSE
- Choose is a "pick-and-point" selection utility. It displays lines of data to the user and allows him or her to choose one (or more) lines, which it then writes to standard output. The user has similar features to move within the data as Scroll provides.
CONFIRM
- Confirm displays a message (which may consist of a number of lines) on the screen, and asks the user to make a decision. The user is presented with a fixed number of alternatives, each is selectable by a different function key, which is labelled accordingly.
METHTOOL
- Db_methtool provides an interface to perform actions (or
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
menu
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
methtool
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
page
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
root
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
runopt
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.
scroll
COPYRIGHT
- Copyright © 1990-2006 Functional Software. All rights reserved.