Difference: APPXLoginManagerForUnixLinux (61 vs. 62)

Revision 622011-08-22 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

Line: 78 to 78
 

The Name of the Service

Changed:
<
<		Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have. If you do not specify a name, a name will be assigned for you for example, appxd-8060.
>
>		Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have. If you do not specify a name, a name will be assigned for you for example, appx-8060.
 

TCP/IP Port Number

When creating an instance of an APPX Connection Service, the -SockPort option must be used to specify the TCP/IP port number on which the service is to listen for connection requests. Any available TCP/IP port number may be specified when installing an instance of the APPX Login Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional instances of the APPX Login Manager are configured, each instance is typically assigned the next available port number after 8060.

Changing a Connection Service

Line: 104 to 104
 

.

Changed:
<
<
[root@tubes tools]# service appxd-8060 status
>
>
[root@tubes tools]# service appx-8060 status
 up and running (process 13893 servicing port 8060)
Line: 157 to 157
 

Configuration - Options

Options - General
Changed:
<
<		-name, -ServiceName=SERVICENAME
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appxd-8060".
>
>		-name, -ServiceName=SERVICENAME
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appx-8060".
  -DisplayName=DISPLAYNAME
The DisplayName is a "user-friendly" descriptive name for a connection service. The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command. If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
Line: 309 to 309
 
Warning - the engine that you named has the setuid bit enabled
you may not want that bit set for the authentication method that you have chosen (OS-User)
To turn off the setuid bit, chmod u-s
Changed:
<
<		../appx Configuration written to: appxd-8060.ini Environment written to: appxd-8060.envtten to: /etc/rc.d/init.d/appxd-8060
>
>		../appx Configuration written to: appx-8060.ini Environment written to: appx-8060.envtten to: /etc/rc.d/init.d/appx-8060
 

appxLoginMgr -install -port=8060 -name=appx8060 -displayName="Appx-Production(8060)" -engine=/usr/local/appx/appx APPXPATH=c:\appx\data APPX_KEYMAP=WINDOWS

Line: 579 to 579
 

Issues:

Changed:
<
<
  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appxd-8060.pid) 
    /etc/init.d/appxd-8060: line 39: success: command not found
    /etc/init.d/appxd-8060: line 39: failure: command not found
    /etc/init.d/appxd-8060: line 43: failure: command not found
  2. The setuid warning message is display every time a configuration is loaded or saved. This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
>
>
  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appx-8060.pid) 
    /etc/init.d/appx-8060: line 39: success: command not found
    /etc/init.d/appx-8060: line 39: failure: command not found
    /etc/init.d/appx-8060: line 43: failure: command not found
  2. The setuid warning message is displayed every time a configuration is loaded or saved. This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
 
  1. The setuid warning indicates that it is triggered by the OSUser AuthenticationMethod. AuthenticationMethod is not influenced by the setuid bit being turned on. However, ImpersonateUser is impacted.
Changed:
<
<

Enhancement Suggestons:

>
>

Enhancement Suggestions:

 
  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
  2. In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument that would list all appxLoginMgr daemons. (Perhaps this isn't practical on Unix platforms)
  3. APPX_KEYMAP environment variable should be initialized upon default install options. Currently "appxLoginMgr -install -SockPort=8060" does not place APPX_KEYMAP into appxLoginMgr-8060.env.
  4. appxLoginMgr should create .ini and .env files in the tools subdirectory, and not in the current working directory.
Changed:
<
<
  1. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName =appxd-8060.
>
>
  1. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName =appx-8060.
 
  1. The requirements for use of -name argument seem inconsistant. Below are examples where + works, and - does not.
Changed:
<
<

    1. (-) ./appxLoginMgr -modify appxd-8060 -TCPNodelay=false

    2. (+) ./appxLoginMgr -modify -name=appxd-8060 -TCPNodelay=false
>
>

    1. (-) ./appxLoginMgr -modify appx-8060 -TCPNodelay=false

    2. (+) ./appxLoginMgr -modify -name=appx-8060 -TCPNodelay=false
 
    1. (-)./appxLoginMgr -status
Changed:
<
<
    1. (+)./appxLoginMgr -status -name=appxd-8060
    2. (+) ./appxLoginMgr -stop appxd-8060
    3. (-) ./appxLoginMgr -stop -name=appxd-8060
    4. (+) ./appxLoginMgr -start appxd-8060
    5. (-) ./appxLoginMgr -start -name=appxd-8060
    6. (-) ./appxLoginMgr -remove appxd-8060
    7. (+) ./appxLoginMgr -remove -name=appxd-8060
>
>
    1. (+)./appxLoginMgr -status -name=appx-8060
    2. (+) ./appxLoginMgr -stop appx-8060
    3. (-) ./appxLoginMgr -stop -name=appx-8060
    4. (+) ./appxLoginMgr -start appx-8060
    5. (-) ./appxLoginMgr -start -name=appx-8060
    6. (-) ./appxLoginMgr -remove appx-8060
    7. (+) ./appxLoginMgr -remove -name=appx-8060
 
    1. (-) ./appxLoginMgr -status
Changed:
<
<
    1. (+) ./appxLoginMgr -status appxd-8060
>
>
    1. (+) ./appxLoginMgr -status appx-8060
 
    1. (+) ./appxLoginMgr -status -name=8060

  2. Warn users not to move configuration files. A service script is created in the /etc/init.d system directory for each service installed by running the appxLoginMgr command. These scripts reference the corresponding service configuration files using a fully qualified absolute pathname. If you move the configuration files to another directory or rename them, the service scripts will no longer work. We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The service scripts also reference the appxLoginMgr command using a fully qualified absolute pathname.

  3. RequireSSL is not a valid parameter and should be removed from the configuration file.

View topic | History: r68 < r67 < r66 < r65 | More topic actions...
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback