scott@stl.stc.co.uk (Mike Scott) (05/25/88)
I want to be able to create a process to run with a different username from the creating process. Normally processes are created with a username the same as the creating process - loginout is the only program I know which can set the username. This is connection with some networking software - I want to write the equivalent of the un*x 'rshd' for VMS (to use with the CMU/TEK TCP/IP software), so need to create processes with a given username, but without the full rigmarole of loginout asking for information. Can anyone help please, or perhaps someone already has written this code anyway (ever hopeful :-) ?? -- Regards. Mike Scott (scott@stl.stc.co.uk <or> ...uunet!mcvax!ukc!stl!scott) phone +44-279-29531 xtn 3133.
kvc@nrcvax.UUCP (Kevin Carosso) (06/02/88)
In article <679@acer.stl.stc.co.uk> scott@stl.stc.co.uk (Mike Scott) writes: >I want to be able to create a process to run with a different username >from the creating process. Normally processes are created with a >username the same as the creating process - loginout is the only >program I know which can set the username. > >This is connection with some networking software - I want to write the >equivalent of the un*x 'rshd' for VMS (to use with the CMU/TEK TCP/IP >software), so need to create processes with a given username, but >without the full rigmarole of loginout asking for information. > >Can anyone help please, or perhaps someone already has written this >code anyway (ever hopeful :-) ?? The best way to do this is to use the mechanism DECnet uses. There is an undocumented feature in LOGINOUT whereby if you create detached process with LOGINOUT as the image to be run and the NETWORK attribute in the process flags (all this using $CREPRC, of course), LOGINOUT treats the INPUT, OUTPUT, and ERROR parameters specially. I don't remember which is which, but for one you pass a string with the name of the command procedure or executable image (if the file spec has .EXE for file type) to be executed once the login information is verified, and for another you pass a string with some flags, the username, the password, and the account name (unused currently) as embedded ASCIC strings. I will try to dig up a little example program I wrote once that demonstrated this feature of LOGINOUT. Your problem will be figuring out how to use something like this from a CMU TCP/IP server. I actually used this feature when I rewrote the FTP server for the old Tektronix TCP/IP (the precursor to the CMU version). I had to add a mechanism to the TCP ACP to allow processes to, in a controlled fashion, to pass TCP connections between one another. My server was really nice, since it supported every feature of VMS LOGINOUT, including DISUSER flag, password expiration, access times, etc. Unfortunately, CMU started with a different branch of the Tektronix code, so my server never got out to the wider world (and since they don't have a QIO to pass connections, it can't be ported to their version). I've still never seen another FTP server that handled VMS validation as well. /Kevin Carosso kvc@nrc.com Network Research Co. kvc@ymir.bitnet kvc@nrcvax.uucp