hamm@WAKS.RUTGERS.EDU.UUCP (02/12/87)
I've come across two ways of handling login command files, and wonder whether
anyone knows a reason to prefer (or abhor) one or the other:
1. SYS$SYLOGIN is defined to point to a system-wide login command
procedure, which is thus invoked for all processes. LGICMD (in the
UAF) for each user is defined to point to the file LOGIN.COM in
that user's home directory.
2. SYS$SYLOGIN is undefined, but LGICMD for *all* users points to
the system-wide login command procedure. A line late in this command
procedure checks to see if a user LOGIN.COM exists, and, if so,
executes it.
As far as I can tell, these two methods are superficially equivalent. Each
results in both levels of command procedure being executed in the proper
order, and neither chokes if no user LOGIN.COM is present.
Comments?
Greg Hamm
Rutgers Molecular Biology Computing Lab
hamm@biovax.bitnet
hamm@waks.rutgers.edu
------stew%lhasa@HUCSC.HARVARD.EDU.UUCP (02/12/87)
Regarding SYS$SYLOGIN and login command procedures: SYS$SYLOGIN should be used for things you want to require that all users execute every time they log in. LGICMD should be used for things which you supply for the user's convenience. The former should be as short as possible, so that a user that wants to get in to do something quick can do so by logging in with USERNAME/NOCOM. In this case, SYS$SYLOGIN is executed, but the LGICMD isn't. That's the major difference. On our system, SYS$SYLOGIN is defined, and LGICMD points to another file in SYS$MANAGER: which sets up symbols and terminal types and so forth, and then executes SYS$LOGIN:LOGIN.COM (if it exists).
"MCCORE::THURY@ti-eg.CSNET".UUCP (02/12/87)
>I've come across two ways of handling login command files, and wonder whether >anyone knows a reason to prefer (or abhor) one or the other: > 1. SYS$SYLOGIN is defined to point to a system-wide login command > procedure, which is thus invoked for all processes. LGICMD (in the > UAF) for each user is defined to point to the file LOGIN.COM in > that user's home directory. LOGIN.COM in the user's default directory is the default, and need NOT be specified in SYSUAF's LGICMD field. See the VMS 4.4 System Manager's Reference Manual; Page 5-7 to 5-9 for a complete description of the interactions among SYS$SYLOGIN, LGICMD & LOGIN.COM > 2. SYS$SYLOGIN is undefined, but LGICMD for *all* users points to > the system-wide login command procedure. A line late in this command > procedure checks to see if a user LOGIN.COM exists, and, if so, > executes it. >As far as I can tell, these two methods are superficially equivalent. Each >results in both levels of command procedure being executed in the proper >order, and neither chokes if no user LOGIN.COM is present. The two are NOT equivalent! LOGIN.COM can be bypassed if the user adds the /NOCOMMAND switch to his username when logging in (i.e. Username: SMITH/NOCOMMAND ) SYS$SYLOGIN cannot be bypassed. If there is something that absolutely MUST be executed by every user at login, the SYS$SYLOGIN method (1 above) is the preferred. Depending upon the nature of operations on your system NOT having a SYS$SYLOGIN could introduce a security hole!! Regards, Denny Thury VAX Systems Support Texas Instruments, Inc. P.O. Box 801 MS 8006 McKinney, Texas 75069
CHRIS@BINGVAXA.BITNET.UUCP (02/12/87)
We use the LGICMD option in SYSUAF simply because it allows us to define different login files for different people. - chris peck suny binghamton,ny,usa