Open System Services Management and Operations Guide (G06.25+, H06.03+)
Managing Terminal Access
Open System Services Management and Operations Guide—527191-002
7-5
Configuring FTP Access
instead of the INITIAL-PROGRAM value from either a third-party product or
Safeguard user definition, as described in How Users Gain Access to the OSS
Environment on page 8-10.
The default value used by the OSH program when the PARAM option does not
appear places the user in the OSS shell (/bin/sh). Therefore, you must explicitly
define a value for the PARAM option to start any program other than the OSS shell.
In the PARAM value definition, the -p flag indicates that a program file is to be
executed; the -p flag is followed by the full OSS pathname of the application. (The
quotation marks around the PARAM value are required.)
•
The initial working directory of the user is set to that configured for the user name
specified by the OWNER option. The INITIAL-DIRECTORY value configured for
the user through either a third-party product or SAFECOM is not used.
In the SCF ADD SERVICE command example on page 7-4, the super ID is
configured without an initial working directory, so the user has the default
subvolume for the super ID (/G/SYSTEM/SYSTEM) as an initial working directory.
This configuration is probably not ideal.
As an alternative, the following configuration could be used:
ADD SERVICE $ZTNT.OSH3, TYPE CONVERSATION, PRI 150, &
SWAP $DATA1, CPU 2, PROGRAM $SYSTEM.SYSTEM.OSH, &
PARAM "-p /bin/my_app", &
SUBTYPE DYNAMIC, OWNER "GUEST.USER0", ACCESS SYSTEM
where the user name GUEST.USER0 is assigned a more appropriate default
volume and subvolume for an OSS initial working directory.
•
As shown in Figure 7-3 on page 7-4, the service name OSH3 is displayed on the
screen. You can suppress this display by using the DISPLAY OFF option of the
ADD SERVICE command.
Use this option if you do not want availability of the service known to all users.
•
HP recommends that you do not configure resilient windows for direct program
logins. The default configuration for a service is to not have resilient windows, so
simply omit the RESILIENT option when defining the service.
Configuring FTP Access
Configuration of FTP server access is fully described in the TCP/IP Configuration and
Management Manual and the TCP/IPv6 Configuration and Management Manual.
Whether an anonymous user of FTP initially enters the Guardian environment or the
OSS environment depends on which anonymous login user name is used and whether
an OSS initial directory is configured for that user name. Section 8, Managing Security,
shows how to set up an OSS user for anonymous FTP access.
Additional information on defining the initial working directory for FTP server access
can be found in Section 8, Managing Security.