|
META TOPICPARENT |
name="APPX500Features" |
APPX Login Manager For Unix/Linux |
|
The Name of the Service |
|
< < | Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have. If you do not specify a name, a name will be assigned for you for example, appxd-8060. |
> > | Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have. If you do not specify a name, a name will be assigned for you for example, appx-8060. |
| TCP/IP Port Number
When creating an instance of an APPX Connection Service, the -SockPort option must be used to specify the TCP/IP port number on which the service is to listen for connection requests. Any available TCP/IP port number may be specified when installing an instance of the APPX Login Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional instances of the APPX Login Manager are configured, each instance is typically assigned the next available port number after 8060.
Changing a Connection Service |
|
. |
|
< < | [root@tubes tools]# service appxd-8060 status
|
> > | [root@tubes tools]# service appx-8060 status
|
| up and running (process 13893 servicing port 8060)
|
| Configuration - Options
Options - General |
|
< < | -name, -ServiceName=SERVICENAME The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appxd-8060". |
> > | -name, -ServiceName=SERVICENAME The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appx-8060". |
|
-DisplayName=DISPLAYNAME
The DisplayName is a "user-friendly" descriptive name for a connection service. The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command. If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME. |
| Warning - the engine that you named has the setuid bit enabled
you may not want that bit set for the authentication method that you have chosen (OS-User)
To turn off the setuid bit, chmod u-s
|
|
< < | ../appx Configuration written to: appxd-8060.ini
Environment written to: appxd-8060.envtten to: /etc/rc.d/init.d/appxd-8060 |
> > | ../appx Configuration written to: appx-8060.ini
Environment written to: appx-8060.envtten to: /etc/rc.d/init.d/appx-8060 |
|
appxLoginMgr -install -port=8060 -name=appx8060 -displayName="Appx-Production(8060)" -engine=/usr/local/appx/appx APPXPATH=c:\appx\data APPX_KEYMAP=WINDOWS |
|
Issues: |
|
< < |
- The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appxd-8060.pid)
/etc/init.d/appxd-8060: line 39: success: command not found /etc/init.d/appxd-8060: line 39: failure: command not found /etc/init.d/appxd-8060: line 43: failure: command not found
- The setuid warning message is display every time a configuration is loaded or saved. This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
|
> > |
- The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appx-8060.pid)
/etc/init.d/appx-8060: line 39: success: command not found /etc/init.d/appx-8060: line 39: failure: command not found /etc/init.d/appx-8060: line 43: failure: command not found
- The setuid warning message is displayed every time a configuration is loaded or saved. This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
|
|
- The setuid warning indicates that it is triggered by the OSUser AuthenticationMethod. AuthenticationMethod is not influenced by the setuid bit being turned on. However, ImpersonateUser is impacted.
|
|
< < | Enhancement Suggestons: |
> > | Enhancement Suggestions: |
|
- To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
- In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument that would list all appxLoginMgr daemons. (Perhaps this isn't practical on Unix platforms)
- APPX_KEYMAP environment variable should be initialized upon default install options. Currently "appxLoginMgr -install -SockPort=8060" does not place APPX_KEYMAP into appxLoginMgr-8060.env.
- appxLoginMgr should create .ini and .env files in the tools subdirectory, and not in the current working directory.
|
|
< < |
- The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName =appxd-8060.
|
> > |
- The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName =appx-8060.
|
|
- The requirements for use of -name argument seem inconsistant. Below are examples where + works, and - does not.
|
|
< < |
-
-
(-) ./appxLoginMgr -modify appxd-8060 -TCPNodelay=false
- (+) ./appxLoginMgr -modify -name=appxd-8060 -TCPNodelay=false
|
> > |
-
-
(-) ./appxLoginMgr -modify appx-8060 -TCPNodelay=false
- (+) ./appxLoginMgr -modify -name=appx-8060 -TCPNodelay=false
|
|
-
- (-)./appxLoginMgr -status
|
|
< < |
-
- (+)./appxLoginMgr -status -name=appxd-8060
- (+) ./appxLoginMgr -stop appxd-8060
- (-) ./appxLoginMgr -stop -name=appxd-8060
- (+) ./appxLoginMgr -start appxd-8060
- (-) ./appxLoginMgr -start -name=appxd-8060
- (-) ./appxLoginMgr -remove appxd-8060
- (+) ./appxLoginMgr -remove -name=appxd-8060
|
> > |
-
- (+)./appxLoginMgr -status -name=appx-8060
- (+) ./appxLoginMgr -stop appx-8060
- (-) ./appxLoginMgr -stop -name=appx-8060
- (+) ./appxLoginMgr -start appx-8060
- (-) ./appxLoginMgr -start -name=appx-8060
- (-) ./appxLoginMgr -remove appx-8060
- (+) ./appxLoginMgr -remove -name=appx-8060
|
|
-
- (-) ./appxLoginMgr -status
|
|
< < |
-
- (+) ./appxLoginMgr -status appxd-8060
|
> > |
-
- (+) ./appxLoginMgr -status appx-8060
|
|
-
- (+) ./appxLoginMgr -status -name=8060
-
Warn users not to move configuration files. A service script is created in the /etc/init.d system directory for each service installed by running the appxLoginMgr command. These scripts reference the corresponding service configuration files using a fully qualified absolute pathname. If you move the configuration files to another directory or rename them, the service scripts will no longer work. We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The service scripts also reference the appxLoginMgr command using a fully qualified absolute pathname.
-
RequireSSL is not a valid parameter and should be removed from the configuration file.
|