HP-UX SNAplus2 R7 Administration Command Reference

ManualsBrandsHP ManualsSoftwareHP-UX SNAplus2 Software

171

172

173

174

175

176

177

178

179

180

Administration Commands

deﬁne_rcf_access

If the address does not match, an LS is dynamically deﬁned. To ensure that the explicit LS deﬁnition (including

the required PU name) is used, be sure that the address deﬁned for this LS matches the address that is supplied by

the host or the downstream computer on the incoming call.

2.47 deﬁne_rcf_access

The define_rcf_access command deﬁnes access to the SNAplus2 Remote Command Facility (RCF). This

command deﬁnes the user ID used to run UNIX Command Facility (UCF) commands and the restrictions under which

administration commands can be issued using the Service Point Command Facility (SPCF). For more information

about SPCF and UCF, refer to the HP-UX SNAplus2 Administration Guide. You can use this command to permit

access to SPCF, UCF, or both.

The command can be used to specify the RCF access for the ﬁrst time, or to modify an existing deﬁnition. Because

RCF access parameters are deﬁned as domain resources, this command is not associated with a particular node.

SNAplus2 acts on these parameters during node start-up; if these parameters are changed while a node is running,

the changes do not take effect on the server where the node is running until the node is stopped and restarted.

2.47.1 Supplied Parameters

Parameter name Type Length Default

[define_rcf_access]

ucf_username character 31 (null string)

spcf_permissions constant NONE

Supplied parameters are:

ucf_username

Speciﬁes the HP-UX user name of the UCF user. This parameter is a string of locally displayable characters.

Do not specify the name root; SNAplus2 does not allow UCF commands to be run as root for security rea-

sons.

All UCF commands are run using the user ID for this user, with the default shell, default group ID, and

access permissions that are deﬁned on the HP-UX system for this user.

To prevent access to UCF, do not specify this parameter.

spcf_permissions

Speciﬁes the types of SNAplus2 administration commands that can be accessed using SPCF. To prevent

access to SPCF, set this parameter to NONE. To allow access to SPCF, set this parameter to one or more of

the following values (combined using a + character):

ALLOW_QUERY_LOCAL

The query_* commands are allowed.

ALLOW_DEFINE_LOCAL

The define_*, set_*, delete_*, add_*, remove_* , and init_node commands are allowed.

ALLOW_ACTION_LOCAL

The start_*, stop_*, activate_*, deactivate_*, aping, initial-

ize_session_limit, change_session_limit, and reset_session_limit

commands are allowed.

ALLOW_QUERY_REMOTE

174