Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ dssi(1M) — DG/UX R4.11MU05

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

sesctld(1M)



dssi(1M)                 DG/UX B2 Security R4.12MU02                dssi(1M)


NAME
       dssi - initiate a session for a system server process

SYNOPSIS
       dssi -o start server [ arg ... ]

   where:
       server  A service defined for the root user account: gated, inetd,
               lpsched, sac, snmpd, or xntpd
       arg     An argument to server

DESCRIPTION
       The dssi (daemon-starting session initiator) program starts system
       server processes on a system with the capability mechanism.  dssi can
       start a server without an AUTHID and with capabilities that the
       invoker does not have in his permitted capability set.

       The dssi program starts the server that is the initial service
       program for the specified service of root.  The server is started
       with the attributes of the specified service (this explicitly
       includes the AUTHID).  The server's other attributes, such as audit
       mask and initial working directory, are also taken from the specified
       service.

       The server inherits the stdin, stdout, and stderr with which dssi was
       invoked.

       The user that invokes dssi must have appropriate privilege to start a
       server; i.e., the process must be able to traverse the event
       OPETCMDDSSISTARTserver, where server is the name of the server
       program, such as INETD.  The default event configuration requires a
       cap of DGCAPADMINNET.  The process that runs dssi must have these
       capabilities in its bounding set.

       Servers started by dssi do not have a controlling terminal.  Each is
       started under sesctld, which terminates, leaving the server as a
       child process of init.  Each has a session ID that is its PID.

FILES
       /etc/log/dssi.log
       /etc/tcb/cap/events

SEE ALSO
       sesctld(1M).

NOTES
       The dssi program creates a new session ID, then asks sesctld to
       create a new subsession.  Thus the dssi program requires that the
       sesctld program be running.


Licensed material--property of copyright holder(s)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026