dssi(1M) DG/UX B2 Security R4.12MU02 dssi(1M)
NAME
dssi - initiate a session for a system server process
SYNOPSIS
dssi -o start server [ arg ... ]
where:
server A service defined for the root user account: gated, inetd,
lpsched, sac, snmpd, or xntpd
arg An argument to server
DESCRIPTION
The dssi (daemon-starting session initiator) program starts system
server processes on a system with the capability mechanism. dssi can
start a server without an AUTHID and with capabilities that the
invoker does not have in his permitted capability set.
The dssi program starts the server that is the initial service
program for the specified service of root. The server is started
with the attributes of the specified service (this explicitly
includes the AUTHID). The server's other attributes, such as audit
mask and initial working directory, are also taken from the specified
service.
The server inherits the stdin, stdout, and stderr with which dssi was
invoked.
The user that invokes dssi must have appropriate privilege to start a
server; i.e., the process must be able to traverse the event
OPETCMDDSSISTARTserver, where server is the name of the server
program, such as INETD. The default event configuration requires a
cap of DGCAPADMINNET. The process that runs dssi must have these
capabilities in its bounding set.
Servers started by dssi do not have a controlling terminal. Each is
started under sesctld, which terminates, leaving the server as a
child process of init. Each has a session ID that is its PID.
FILES
/etc/log/dssi.log
/etc/tcb/cap/events
SEE ALSO
sesctld(1M).
NOTES
The dssi program creates a new session ID, then asks sesctld to
create a new subsession. Thus the dssi program requires that the
sesctld program be running.
Licensed material--property of copyright holder(s)