This chapter describes the interfaces for managing the POSIX user attributes of a BS2000 user ID. These interfaces are part of the SRPM component which is implemented in the SECOS software product and in BS2000. It is possible to work with POSIX, however, without installing the SECOS software product.
Each BS2000 user is, at the same time, a POSIX user. Apart from having a BS2000 user ID with valid individual POSIX user attributes, there are no other conditions to be met in order to gain access to POSIX and its interfaces.
For further information on SRPM, see section "Description of the privileges" and the “SECOS” manual “Access Control” [46].
The POSIX functionality in BS2000 is described in detail in the “POSIX Commands” [38] and “POSIX Basics” [39] manuals.
What is POSIX?
POSIX (Portable Open System Interface for UNIX) is a range of UNIX-based standards. These standards ensure the compatibility and interoperability of applications in a heterogeneous network. A heterogeneous network consists of servers and products from different manufacturers and of system and user software from different software suppliers.
The POSIX standard was defined as the national American standard by the Institute of Electrical and Electronics Engineers (IEEE) in 1989. It was then adopted by the X/OPEN consortium and in 1990 became the international standard (X/OPEN Portability Guide IV, XPG4).
The library functions of the POSIX standard are available to the user via a C library and a defined set of commands is available via a shell (POSIX shell).
Application programs can be easily ported with POSIX, irrespective of the operating system being used. Programs compliant with XPG4 can therefore also run in BS2000 following recompilation.
POSIX program interfaces are offered together with BS2000 interfaces. It is possible to use a combination of both BS2000 and POSIX program interfaces in the same program.
Some BS2000 software components and software products have been expanded to include functions for processing POSIX files. SPOOL, for example, can also be used to print out POSIX files and HSMS is able to save and reconstruct POSIX files, directories and file systems.
Command | Meaning |
ADD-POSIX-USER | Defines the POSIX user attributes |
ADD-USER | Creates a user entry in the user catalog 1 |
MODIFY-LOGON-PROTECTION | Modifies protection attributes 2 |
MODIFY-POSIX-USER-ATTRIBUTES | Modifies POSIX user attributes of a BS2000user ID |
MODIFY-POSIX-USER-DEFAULTS | Modifies the default POSIX attributes of a pubset |
MODIFY-USER-ATTRIBUTES | Modifies the catalog entry of a user 1 |
SET-LOGON-PROTECTION | Defines protection attributes 2 |
SHOW-LOGON-PROTECTION | Displays protection attributes 2 |
SHOW-POSIX-STATUS | Displays POSIX status |
SHOW-POSIX-USER-ATTRIBUTES | Displays the POSIX user attributes of a BS2000 user ID |
SHOW-POSIX-USER-DEFAULTS | Displays the default POSIX attributes of a pubset |
SHOW-USER-ATTRIBUTES | Outputs information on the entries in the user catalog 1 |
START-POSIX-SHELL | Makes the POSIX shell available |
Macro | Meaning |
SRMUINF | Reads data from the user catalog and transfers it to a previously defined area |
Table 14: BS2000 interfaces for POSIX user administration
1 | Commands for administering accounting numbers for access via a remote computer. |
2 | Commands for administering access authorization via a remote computer: |
The commands are described in the “SECOS” manual “Access Control” [46] and “Commands” [27] manuals.
POSIX user attributes
See the chapter “Administering POSIX users” in the “POSIX Basics” [39] manual.
Privileges for administering the POSIX user attributes
The POSIX-ADMINISTRATION privilege exists for POSIX. Owners of this privilege are referred to as POSIX administrators. They have the following tasks and rights:
administration of the POSIX user attributes of all BS2000 user IDs on all pubsets
administration of default values for the POSIX user attributes on all pubsets
calling privileged POSIX functions
The POSIX-ADMINISTRATION privilege is automatically linked to the SYSROOT system user ID. This privilege cannot be withdrawn by SYSROOT. The security administrator (SECURITY-ADMINISTRATION privilege) can also grant the POSIX-ADMINISTRATION privilege to other BS2000 user IDs, and likewise withdraw it.
SYSROOT is the POSIX counterpart to the system administrator ID root in UNIX systems. SYSROOT is set up following first startup of the BS2000 system and automatically receives the user number 0. No other user number can be assigned to SYSROOT.
Holders of the USER-ADMINISTRATION privilege also receive authorization to administer the POSIX user attributes and the default values for these. In this instance, they are treated as if they were POSIX administrators.
The authorization of the group administrator of the *UNIVERSAL group is extended to include the POSIX user attributes. When administering the POSIX user attributes on the pubset managed by the user, the user is treated as if he/she has the privilege USER-ADMINISTRATION. In this case, the restrictions for group administrators within the user’s hierarchy described below do not apply to the user.
Group administrators may also administer POSIX user attributes. However, the following restrictions apply:
They cannot administer the default values for the POSIX user attributes.
The type of POSIX user attributes which they can use depends on their authorization (ADM-AUTHORITY).
The value range of the POSIX user attributes is restricted for group administrators.
They can only administer the group and subgroup members for whom they are responsible.
For further information on the subject of privileges see section "Privileges".
Allocating a user number to a BS2000 user ID
See the chapter “Administering POSIX users” in the “POSIX Basics” [39] manual.
Administering BS2000 and POSIX groups
See the chapter “Administering POSIX users” in the “POSIX Basics” [39] manual.
Entering new POSIX users
See the chapter “Administering POSIX users” in the “POSIX Basics” [39] manual.
Mapping POSIX user attributes in the POSIX file system
The POSIX user attribute “user number” is closely linked with the POSIX file system: the user number documents the owner of a file. In contrast to BS2000, it is simple for the root administrator to assign a new owner to a file or directory (POSIX command chown).
Reading user information by program
See the chapter “Administering POSIX users” in the “POSIX Basics” [39] manual.