HP-UX SNAplus2 R7 NOF Programmer's Guide

ManualsBrandsHP ManualsSoftwareHP-UX SNAplus2 Software

241

242

243

244

245

246

247

248

249

250

NOF API Verbs

DEFINE_RCF_ACCESS

issued using the Service Point Command Facility (SPCF). For more information about SPCF and UCF, see the

HP-UX SNAplus2 Administration Guide. You can use this verb to permit access to both SPCF and UCF, or to only

one of them.

This verb must be issued to the domain conﬁguration ﬁle; it can be used to specify the RCF access for the ﬁrst time,

or to modify an existing deﬁnition. SNAplus2 acts on these parameters during node startup; if these parameters are

changed while a node is running, the changes do not take effect on the server where the node is running until the

node is stopped and restarted.

3.40.1 VCB Structure

typedef struct define_rcf_access

{

AP_UINT16 opcode; /* Verb operation code */

unsigned char reserv2; /* reserved */

unsigned char format; /* reserved */

AP_UINT16 primary_rc; /* primary return code */

AP_UINT32 secondary_rc; /* secondary return code */

unsigned char ucf_username[32]; /* UCF username */

AP_UINT32 spcf_permissions; /* SPCF permissions */

unsigned char reserv3[8]; /* Reserved */

} DEFINE_RCF_ACCESS;

3.40.2 Supplied Parameters

The application supplies the following parameters:

opcode

AP_DEFINE_RCF_ACCESS

ucf_username

Speciﬁes the HP-UX user name of the UCF user. This parameter is a null-terminated ASCII string. Do not

specify the name root, because SNAplus2 does not allow UCF commands to be run as root for security

reasons.

All UCF commands will be run using this user’s user ID, with the default shell, default group ID, and access

permissions that are deﬁned on the HP-UX system for this user.

To prohibit access to UCF, set this parameter to a null string.

spcf_permissions

Speciﬁes the types of SNAplus2 verbs that can be accessed using SPCF. Set this to AP_NONE to prevent

access to SPCF, or to one or more of the following values (combined using a logical OR):

AP_ALLOW_QUERY_LOCAL

QUERY_* verbs are permitted.

AP_ALLOW_DEFINE_LOCAL

DEFINE_*, SET_*, DELETE_*, ADD_*, and REMOVE_* verbs, and also INIT_NODE, are permitted.

AP_ALLOW_ACTION_LOCAL

“Action” verbs are permitted: START_*, STOP_*, ACTIVATE_*, DEACTIVATE_*, and also APING,

INITIALIZE_SESSION_LIMIT, CHANGE_SESSION_LIMIT, and RESET_SESSION_LIMIT.

AP_ALLOW_QUERY_REMOTE

The QUERY_* verbs are allowed to be directed at any node in the domain.

247