Difference: APPXLoginManagerForUnixLinux (1 vs. 68)

Revision 682018-01-19 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.

Changed:
<
<

>
>

  The APPX Login Manager command is used to configure and manage APPX Login Services.
Line: 196 to 196
 -initScript={lsb, <nop>RedHat}
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxLoginMgr will determine which type of service script to install.
Added:
>
>
serverEnableHTTPdebug={true, false}

Normally you can point a browser at the login port & it will display a configuration page. This might be considered a security risk, setting this to a value of 'false' will cause the listener to immediately hang up and recycle to a listening state on an HTTP request without displaying the configuration information.

 
Options - Session Identity/Permissions

-ImpersonateUID={true, false}

Line: 659 to 664
  Exit - This will exit the session manager without logging in to APPX.

Issues:

Changed:
<
<
  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appx-8060.pid)
    /etc/init.d/appx-8060: line 39: success: command not found
    /etc/init.d/appx-8060: line 39: failure: command not found
    /etc/init.d/appx-8060: line 43: failure: command not found
>
>
  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appx-8060.pid)
    /etc/init.d/appx-8060: line 39: success: command not found
    /etc/init.d/appx-8060: line 39: failure: command not found
    /etc/init.d/appx-8060: line 43: failure: command not found
 
  1. The setuid warning message is displayed every time a configuration is loaded or saved. This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
  2. The setuid warning indicates that it is triggered by the OSUser AuthenticationMethod. AuthenticationMethod is not influenced by the setuid bit being turned on. However, ImpersonateUser is impacted.

Comments:

Line: 668 to 673
 
Changed:
<
<

<--/commentPlugin-->
>
>

<--/commentPlugin-->
 

Revision 672016-03-03 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.

Changed:
<
<

>
>

  The APPX Login Manager command is used to configure and manage APPX Login Services.
Line: 301 to 300
 -ServerPrivateKeyPassphrase=PASSPHRASE
This option is not needed and has not been implemented.
Added:
>
>
-UseOldSSLcert={true,false}
Forces the login manager to use pre 5.4.4 certificates. This allows older clients to connect to 5.4.4 and up (5.4.4 & up login manager only).
 

Configuration - Environment Variables

VARIABLE=VALUE
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Login Manager. Note that when specifying variables on the command line, you do not prefix them with a dash if you are referring to environment variables.
Line: 601 to 598
 To turn off the setuid bit, chmod u-s ../appx
Changed:
<
<

Issues:

  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appx-8060.pid)
    /etc/init.d/appx-8060: line 39: success: command not found
    /etc/init.d/appx-8060: line 39: failure: command not found
    /etc/init.d/appx-8060: line 43: failure: command not found
  2. The setuid warning message is displayed every time a configuration is loaded or saved. This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
  3. The setuid warning indicates that it is triggered by the OSUser <nop>AuthenticationMethod. <nop>AuthenticationMethod is not influenced by the setuid bit being turned on. However, <nop>ImpersonateUser is impacted.

Enhancement Suggestions:

  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
  2. In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument that would list all appxLoginMgr daemons. (Perhaps this isn't practical on Unix platforms)
  3. APPX_KEYMAP environment variable should be initialized upon default install options. Currently "appxLoginMgr -install -SockPort=8060" does not place APPX_KEYMAP into appxLoginMgr-8060.env.
  4. appxLoginMgr should create .ini and .env files in the tools subdirectory, and not in the current working directory.
  5. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume <nop>ServiceName =appx-8060.
  6. The requirements for use of -name argument seem inconsistent. Below are examples where + works, and - does not.
    1. (-) ./appxLoginMgr -modify appx-8060 -TCPNodelay=false

    2. (+) ./appxLoginMgr -modify -name=appx-8060 -TCPNodelay=false
    3. (-)./appxLoginMgr -status
    4. (+)./appxLoginMgr -status -name=appx-8060
    5. (+) ./appxLoginMgr -stop appx-8060
    6. (-) ./appxLoginMgr -stop -name=appx-8060
    7. (+) ./appxLoginMgr -start appx-8060
    8. (-) ./appxLoginMgr -start -name=appx-8060
    9. (-) ./appxLoginMgr -remove appx-8060
    10. (+) ./appxLoginMgr -remove -name=appx-8060
    11. (-) ./appxLoginMgr -status
    12. (+) ./appxLoginMgr -status appx-8060
    13. (+) ./appxLoginMgr -status -name=8060
  7. Warn users not to move configuration files. A service script is created in the /etc/init.d system directory for each service installed by running the appxLoginMgr command. These scripts reference the corresponding service configuration files using a fully qualified absolute pathname. If you move the configuration files to another directory or rename them, the service scripts will no longer work. We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The service scripts also reference the appxLoginMgr command using a fully qualified absolute pathname.

  8. RequireSSL is not a valid parameter and should be removed from the configuration file.

  9. RequireSSLClientCertificates is not a valid parameter and should be removed from the configuration file.

  10. ServerPrivateKeyPassphrase is not a valid parameter and should be removed from the configuration file.

>
>

 

Reconnect Feature (5.3 & up)

A new connection manager allows a user to reconnect to dropped sessions.

Line: 685 to 655
  Attach - This button is only enabled if your login manager has been configured to allow reconnections, in which case the Workstation IDs will be 'PIPE' as in the example above. The second session (on /dev/pts/1) is a character mode session, which you cannot Attach to. If your login manager is not configured for reconnections, then the Workstation ID will be either an IP address (for GUI connections) or a /dev/ address for a character mode connection. Since an APPX System Administrator will see all running sessions, they can Attach to any user's session. A new window will open on the Administrators desktop, and the client window on the users desktop will close (when they attempt to use their session). A non Administrator will only see their own sessions, and therefore can only Attach to their own session.
Changed:
<
<
Kill - This will attempt to cancel the selected session. This will only be successful if you have sufficient O/S permissions to allow it, i.e., you have Administrator level or you are cancelling one of your own sessions. See .UTIL KILL SESSION for more information.
>
>
Kill - This will attempt to cancel the selected session. This will only be successful if you have sufficient O/S permissions to allow it, i.e., you have Administrator level or you are cancelling one of your own sessions. See .UTIL KILL SESSION for more information.
  Exit - This will exit the session manager without logging in to APPX.
Changed:
<
<
>
>

Issues:

  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appx-8060.pid)
    /etc/init.d/appx-8060: line 39: success: command not found
    /etc/init.d/appx-8060: line 39: failure: command not found
    /etc/init.d/appx-8060: line 43: failure: command not found
  2. The setuid warning message is displayed every time a configuration is loaded or saved. This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
  3. The setuid warning indicates that it is triggered by the OSUser AuthenticationMethod. AuthenticationMethod is not influenced by the setuid bit being turned on. However, ImpersonateUser is impacted.
 

Comments:

Read what other users have said about this page or add your own comments.


Changed:
<
<

<--/commentPlugin-->
>
>

<--/commentPlugin-->
 

Revision 662016-02-25 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

Line: 680 to 685
  Attach - This button is only enabled if your login manager has been configured to allow reconnections, in which case the Workstation IDs will be 'PIPE' as in the example above. The second session (on /dev/pts/1) is a character mode session, which you cannot Attach to. If your login manager is not configured for reconnections, then the Workstation ID will be either an IP address (for GUI connections) or a /dev/ address for a character mode connection. Since an APPX System Administrator will see all running sessions, they can Attach to any user's session. A new window will open on the Administrators desktop, and the client window on the users desktop will close (when they attempt to use their session). A non Administrator will only see their own sessions, and therefore can only Attach to their own session.
Changed:
<
<
Kill - This will attempt to cancel the selected session. This will only be successful if you have sufficient O/S permissions to allow it, i.e., you have Administrator level. See .UTIL KILL SESSION for more information.
>
>
Kill - This will attempt to cancel the selected session. This will only be successful if you have sufficient O/S permissions to allow it, i.e., you have Administrator level or you are cancelling one of your own sessions. See .UTIL KILL SESSION for more information.
  Exit - This will exit the session manager without logging in to APPX.

Revision 652016-02-25 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

Changed:
<
<
This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.
>
>
This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.


  The APPX Login Manager command is used to configure and manage APPX Login Services.
Line: 132 to 133
  The first form of the -install command requires only that a service name be specified. All other options are optional including the TCP/IP port. Any option not specified will be configured with an appropriate default value.
Changed:
<
<
The second form of the -install command requires only that a TCP/IP port be specified. All other options are optional including the ServiceName. Any option not specified will be configured with an appropriate default value.
>
>
The second form of the -install command requires only that a TCP/IP port be specified. All other options are optional including the <nop>ServiceName. Any option not specified will be configured with an appropriate default value.
  Both forms of the -install command allow additional configuration options to be specified. The configuration options specified are stored in the service configuration file (ini).
Line: 163 to 164
 
Options - General
Changed:
<
<
-name, -ServiceName=SERVICENAME
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g. "appx-8060".
>
>
-name, -ServiceName=SERVICENAME
The <nop>ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default <nop>ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g. "appx-8060".
  -DisplayName=DISPLAYNAME
Changed:
<
<
The DisplayName is a "user-friendly" descriptive name for a connection service. The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command. If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
>
>
The <nop>DisplayName is a "user-friendly" descriptive name for a connection service. The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command. If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
  -engine, -AppxExecutable={../appx, PATHNAME}
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be absolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located. If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.

-LogDirectory={/tmp, LOGDIR}

Changed:
<
<
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.
>
>
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the <nop>ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the <nop>LogDirectory option is not specified, the log files are created in the /tmp directory.
  -AM, -AuthenticationMethod={OS-User, Appx-User, HT-User(HTFILENAME)}
This option identifies the method by which the user ID and the password are to be validated when a connection request is received. If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file and auxiliary password which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account. If no authentication method is specified, the default authentication method is OS-User.
Line: 192 to 193
 -ServiceDisableAppxKeys={true, false}
This option can be used to disable the ability to define an APPX keymap. If set to true, those interactive clients which support the ability to define an APPX keymap will not be allowed to do so.
Changed:
<
<
-initScript={lsb, RedHat}
>
>
-initScript={lsb, <nop>RedHat}
 
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxLoginMgr will determine which type of service script to install.

Options - Session Identity/Permissions

-ImpersonateUID={true, false}

Changed:
<
<
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner. Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service. If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
>
>
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection <nop>ServiceOwner. Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service. If this value is set to true, then the <nop>ImpersonateUser option determines which user the APPX session should impersonate.
 
Changed:
<
<
-ImpersonateUser={LogonUser, NamedUser(USERID), ServiceOwner}
>
>
-ImpersonateUser={LogonUser, <nop>NamedUser(USERID), <nop>ServiceOwner}
 
This option determines which O/S user the APPX session should impersonate (run as).
Changed:
<
<
If LogonUser is specified, the user ID of the APPX session will be set to the user ID that was provided by the client login. This user ID must be a valid O/S user. The connection service must be running with the permissions of the root user if the LogonUser option is specified.
>
>
If <nop>LogonUser is specified, the user ID of the APPX session will be set to the user ID that was provided by the client login. This user ID must be a valid O/S user. The connection service must be running with the permissions of the root user if the <nop>LogonUser option is specified.
 
Changed:
<
<
If NamedUser is specified, the user ID of the APPX session will be set to the specified USERID. This USERID must be a valid O/S user. The connection service must be running with the permissions of the root user if the NamedUser option is specified.
>
>
If <nop>NamedUser is specified, the user ID of the APPX session will be set to the specified USERID. This USERID must be a valid O/S user. The connection service must be running with the permissions of the root user if the <nop>NamedUser option is specified.
 
Changed:
<
<
If ServiceOwner is specified, the user ID of the APPX session will be the user ID that the connection service is running as.
>
>
If <nop>ServiceOwner is specified, the user ID of the APPX session will be the user ID that the connection service is running as.
 

-ImpersonateGID={true, false}

Changed:
<
<
If this value is set to false, an APPX session which is initiated by the connection service will run with the group permissions of the connection ServiceOwner. Set this value to true if you want the APPX session to have group permissions based on the ImpersonateGroup option.
>
>
If this value is set to false, an APPX session which is initiated by the connection service will run with the group permissions of the connection <nop>ServiceOwner. Set this value to true if you want the APPX session to have group permissions based on the <nop>ImpersonateGroup option.
 
Changed:
<
<
-ImpersonateGroup={User, LogonUser, LogonGroup, NamedGroup(GROUPNAME), ServiceOwner, ServiceGroup}
>
>
-ImpersonateGroup={User, <nop>LogonUser, <nop>LogonGroup, <nop>NamedGroup(GROUPNAME), <nop>ServiceOwner, <nop>ServiceGroup}
 
This option determines which group permissions the APPX session should run with.

If User is specified, the APPX session will run with the group permissions of the user that the session is running as (impersonating).

Changed:
<
<
If LogonUser or LogonGroup is specified, the APPX session will run with the group permissions of the user ID that the client provided in conjunction with the connection request. The user ID must be a valid O/S user.
>
>
If <nop>LogonUser or <nop>LogonGroup is specified, the APPX session will run with the group permissions of the user ID that the client provided in conjunction with the connection request. The user ID must be a valid O/S user.
 
Changed:
<
<
If NamedGroup is specified, the group permissions of the APPX session will be set to the specified GROUPNAME. This GROUPNAME must be a valid O/S group.
>
>
If <nop>NamedGroup is specified, the group permissions of the APPX session will be set to the specified GROUPNAME. This GROUPNAME must be a valid O/S group.
 
Changed:
<
<
If ServiceOwner or ServiceGroup is specified.
>
>
If <nop>ServiceOwner or <nop>ServiceGroup is specified.
 

-Umask=FILECREATIONMASK

Line: 260 to 261
 
This option is used to tune the network performance of the APPX session. When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it. This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.

-TCPEnableKeepAlive={true, false}

Changed:
<
<
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost. If this option is set to true and an APPX session has been waiting for a response from an APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached. If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times. After TCPKeepCount attempts, if the APPX client is unable to be contacted, then the APPX session terminates.
>
>
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost. If this option is set to true and an APPX session has been waiting for a response from an APPX client for the length of time specified by <nop>TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached. If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every <nop>TCPKeepInterval seconds up to <nop>TCPKeepCount times. After <nop>TCPKeepCount attempts, if the APPX client is unable to be contacted, then the APPX session terminates.
  -TCPKeepIdle={300, SECONDS}
This option is used to set the number of seconds that an APPX session is to wait for a response from an APPX client before checking to see if the client can still be contacted.
Line: 288 to 289
 
This option identifies the pathname of the server's X509 certificate (leave blank for anonymous connections).

-ServerPrivateKeyFile=KEYFILENAME

Changed:
<
<
This option identifies the pathname of server's private key file (unlocks the ServerCertificateFile).
>
>
This option identifies the pathname of server's private key file (unlocks the <nop>ServerCertificateFile).
  -RequireSSL={true, false}
This option is not needed and has not been implemented.
Line: 440 to 441
 

The Status File (stat)

Changed:
<
<
When an APPX Connection Service is started, a status file is created in the specified LogDirectory. If a LogDirectory was not specified, then the status file is created in the /tmp directory.
>
>
When an APPX Connection Service is started, a status file is created in the specified <nop>LogDirectory. If a <nop>LogDirectory was not specified, then the status file is created in the /tmp directory.
  The name of the status file is the concatenation of the service name and ".stat". For example, if the service name is "appxd-8430", the name of the status file will be "appxd-8430.stat".
Line: 497 to 498
 

The Log File (log)

Changed:
<
<
When an APPX Connection Service is started, a log file is created in the specified LogDirectory. If a LogDirectory was not specified, then the log file is created in the /tmp directory.
>
>
When an APPX Connection Service is started, a log file is created in the specified <nop>LogDirectory. If a <nop>LogDirectory was not specified, then the log file is created in the /tmp directory.
  The name of the log file is the concatenation of the service name and ".log". For example, if the service name is "appxd-8430", the name of the log file will be "appxd-8430.log".
Line: 550 to 551
 handleClients - waiting
Changed:
<
<
>
>

#RedHatServiceCommand
 

Red Hat service command.

Line: 587 to 588
  This warning message is displayed when you start a service and the engine specified for AppxExecutable has the setuid bit set.
Changed:
<
<
When launching an APPX session, the APPX Login Manager sets the real user ID and the effective user ID of the APPX session based on the value specified for the ImpersonateUser parameter. If the engine has the setuid bit set, then the effective user of the APPX session will be changed by the operating system to be the owner of the APPX engine and the APPX session will run with the permissions of that user.
>
>
When launching an APPX session, the APPX Login Manager sets the real user ID and the effective user ID of the APPX session based on the value specified for the <nop>ImpersonateUser parameter. If the engine has the setuid bit set, then the effective user of the APPX session will be changed by the operating system to be the owner of the APPX engine and the APPX session will run with the permissions of that user.
 
Warning - the engine that you named has the setuid bit enabled, 
you may not want that bit set for the authentication 

Line: 598 to 599
 

Issues:

  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appx-8060.pid)
    /etc/init.d/appx-8060: line 39: success: command not found
    /etc/init.d/appx-8060: line 39: failure: command not found
    /etc/init.d/appx-8060: line 43: failure: command not found
  2. The setuid warning message is displayed every time a configuration is loaded or saved. This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
Changed:
<
<
  1. The setuid warning indicates that it is triggered by the OSUser AuthenticationMethod. AuthenticationMethod is not influenced by the setuid bit being turned on. However, ImpersonateUser is impacted.
>
>
  1. The setuid warning indicates that it is triggered by the OSUser <nop>AuthenticationMethod. <nop>AuthenticationMethod is not influenced by the setuid bit being turned on. However, <nop>ImpersonateUser is impacted.
 

Enhancement Suggestions:

  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
  2. In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument that would list all appxLoginMgr daemons. (Perhaps this isn't practical on Unix platforms)
  3. APPX_KEYMAP environment variable should be initialized upon default install options. Currently "appxLoginMgr -install -SockPort=8060" does not place APPX_KEYMAP into appxLoginMgr-8060.env.
  4. appxLoginMgr should create .ini and .env files in the tools subdirectory, and not in the current working directory.
Changed:
<
<
  1. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName =appx-8060.
>
>
  1. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume <nop>ServiceName =appx-8060.
 
  1. The requirements for use of -name argument seem inconsistent. Below are examples where + works, and - does not.
    1. (-) ./appxLoginMgr -modify appx-8060 -TCPNodelay=false

    2. (+) ./appxLoginMgr -modify -name=appx-8060 -TCPNodelay=false
Line: 657 to 658
  An Appx System administrator can connect to another users disconnected session, if they know the PID of the lost session.
Changed:
<
<
In Release 5.4.4, a list of dropped sessions will be displayed automatically, eliminating the need to remember PID's.
>
>
In Release 5.4.4, a list of dropped sessions can be displayed, eliminating the need to remember PID's.
 

PAM Capable (5.3 & Up)

In Release 5.3, PAM capability was added. See Login Manager PAM Capable for more information.

Added:
>
>

Reconnect Revisited (5.4.4)

To make managing reconnects easier, in 5.4.4 a 'Sessions' button was added to the login dialog box for both APPX Desktop Client and the HTML client. To access the 'Sessions' list, enter your login information as usual and click the 'Sessions' button instead of 'Login'. You can use this even if you have not set up your login manager for reconnections. You won't be able to reconnect to a session, but you will be able to manage other sessions.

You will get a display similar to the following:

sessions.png

The display automatically refreshes every 30 seconds, or you can click 'Refresh' to manually refresh the display. The information on the process currently running is only shown if you have enabled the APPX Monitor (See APPX Monitor for details). If not enabled, those columns will be blank.

If you are an APPX System Administrator, you will see all APPX sessions. If you are not an Administrator, you will only see your own sessions.

New - Starts a new session using your current login information (user, password, server & port).

Attach - This button is only enabled if your login manager has been configured to allow reconnections, in which case the Workstation IDs will be 'PIPE' as in the example above. The second session (on /dev/pts/1) is a character mode session, which you cannot Attach to. If your login manager is not configured for reconnections, then the Workstation ID will be either an IP address (for GUI connections) or a /dev/ address for a character mode connection. Since an APPX System Administrator will see all running sessions, they can Attach to any user's session. A new window will open on the Administrators desktop, and the client window on the users desktop will close (when they attempt to use their session). A non Administrator will only see their own sessions, and therefore can only Attach to their own session.

Kill - This will attempt to cancel the selected session. This will only be successful if you have sufficient O/S permissions to allow it, i.e., you have Administrator level. See .UTIL KILL SESSION for more information.

Exit - This will exit the session manager without logging in to APPX.

 

Comments:

Read what other users have said about this page or add your own comments.


Changed:
<
<
<--/commentPlugin-->
>
>

<--/commentPlugin-->
 

-- Page added by: Steve - 17 Jul 2007

Added:
>
>
META FILEATTACHMENT attachment="sessions.png" attr="h" comment="" date="1456425149" name="sessions.png" path="sessions.png" size="60247" user="JeanNeron" version="1"
 
META TOPICMOVED by="SteveFrizzell" date="1221836690" from="Main.APPXConnectionManagerForUnixLinux" to="Main.APPXLoginManagerForUnixLinux"

Revision 642016-02-22 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

Line: 44 to 44
  In the event that it is necessary to reset the permissions on the appxLoginMgr command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxLoginMgr command.
Changed:
<
<

cd /usr/local/appx/tools chown root appxLoginMgr chgrp appxgrp appxLoginMgr chmod 4775 appxLoginMgr

>
>

cd /usr/local/appx/tools chown root appxLoginMgr chgrp appxgrp appxLoginMgr chmod 4775 appxLoginMgr

  You can check the permissions of the appxLoginMgr command by running the following command:
Line: 74 to 73
 
  1. The service is started

For compete information on using the -install option of the appxLoginMgr command, please refer to the usage section of this page.

Changed:
<
<
>
>
 

The Name of the Service

Line: 84 to 83
 

Changing a Connection Service

Two methods are available for modifying an existing instance of an APPX Connection Service.

Changed:
<
<
>
>
 

Method 1 - The APPX Login Manager Command (appxLoginMgr)

The -modify command and the - replace command of the appxLoginMgr tool can be used to modify or replace a previously configured instance of the APPX Login Manager. These options update the existing APPX Login Manager daemon configuration files (ini and env) with the options specified. If you use this technique, the service will be automatically restarted for you, using the new settings. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.

Method 2 - Text Editor

Changed:
<
<
A text editor can be used to directly edit the APPX Login Manager daemon configuration files (ini and env). The configuration files include comments to help you make the desired changes. If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct. The preferred method for modifying an APPX Login Manager daemon is with Method 1 above.
>
>
A text editor can be used to directly edit the APPX Login Manager daemon configuration files (ini and env). The configuration files include comments to help you make the desired changes. If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct. The preferred method for modifying an APPX Login Manager daemon is with Method 1 above.
 

Managing an APPX Login Manager Daemon

Two methods are available for managing an existing instance of the APPX Connection Service.

Changed:
<
<
>
>
 

Method 1 - appxLoginMgr command

Line: 109 to 110
 

Usage (appxLoginMgr)

Changed:
<
<
>
>
 

Synopsis - Service Configuration

Changed:
<
<
The appxLoginMgr service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.
>
>
The appxLoginMgr service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.
  appxLoginMgr -install -SockPort=[TCP-Port] [options]... [VARIABLE=VALUE]...
Line: 121 to 123
  appxLoginMgr -remove -serviceName=SERVICENAME

Configuration - Commands

Changed:
<
<
>
>
  -install -name=SERVICENAME [options]... [VARIABLE=VALUE]...

-install -port=PORT [options]... [VARIABLE=VALUE]...

Changed:
<
<
The -install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.
>
>
The -install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.
  The first form of the -install command requires only that a service name be specified. All other options are optional including the TCP/IP port. Any option not specified will be configured with an appropriate default value.
Line: 139 to 141
 In addition to creating the service configuration file and the environment configuration file, the -install command also creates an operating system service that will be automatically started when the computer system is started.

After creating the configuration files and the operating system service, the -install command starts the service.

Changed:
<
<
-modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>

-modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...

  The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed. After updating the configuration files, the -modify command restarts the service.
Line: 149 to 154
 

-replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...

Changed:
<
<
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command. After updating the configuration files, the -replace command restarts the service. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.
>
>
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command. After updating the configuration files, the -replace command restarts the service. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.
  -remove -name=SERVICENAME
Changed:
<
<
The -remove command is used to remove an existing Connection Service. The -remove command will remove the configuration files (ini and env) and the corresponding operating system service. If the service is running when the -remove command is executed, the -remove command will first stop the service and then remove the service.
>
>
The -remove command is used to remove an existing Connection Service. The -remove command will remove the configuration files (ini and env) and the corresponding operating system service. If the service is running when the -remove command is executed, the -remove command will first stop the service and then remove the service.
 

Configuration - Options

Changed:
<
<
>
>
 
Options - General
Changed:
<
<
-name, -ServiceName=SERVICENAME
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g. "appx-8060".
>
>
-name, -ServiceName=SERVICENAME
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g. "appx-8060".
  -DisplayName=DISPLAYNAME
Changed:
<
<
The DisplayName is a "user-friendly" descriptive name for a connection service. The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command. If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
>
>
The DisplayName is a "user-friendly" descriptive name for a connection service. The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command. If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
  -engine, -AppxExecutable={../appx, PATHNAME}
Changed:
<
<
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be absolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located. If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
>
>
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be absolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located. If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
  -LogDirectory={/tmp, LOGDIR}
Changed:
<
<
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.
>
>
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.
  -AM, -AuthenticationMethod={OS-User, Appx-User, HT-User(HTFILENAME)}
Changed:
<
<
This option identifies the method by which the user ID and the password are to be validated when a connection request is received. If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file and auxiliary password which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account. If no authentication method is specified, the default authentication method is OS-User.
>
>
This option identifies the method by which the user ID and the password are to be validated when a connection request is received. If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file and auxiliary password which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account. If no authentication method is specified, the default authentication method is OS-User.
  -ServiceType=Login
Changed:
<
<
The only valid value when configuring a Connection Service is "Login". If this option is not specified, the default value is Login.
>
>
The only valid value when configuring a Connection Service is "Login". If this option is not specified, the default value is Login.
  -ServiceDisable={true, false}
Changed:
<
<
This option can be used to temporarily disable or "turn off" the connection service. If set to true, the connection service will still run but it will not accept login requests.
>
>
This option can be used to temporarily disable or "turn off" the connection service. If set to true, the connection service will still run but it will not accept login requests.
  -ServiceDisableLogin={true, false}
Changed:
<
<
This option can be used to disable or "turn off" processing of login requests from interactive clients. If set to true, login requests from interactive clients will not be processed.
>
>
This option can be used to disable or "turn off" processing of login requests from interactive clients. If set to true, login requests from interactive clients will not be processed.
  -ServiceDisableFMS={true, false}
Changed:
<
<
This option can be used to disable or "turn off" processing of connection requests from APPX/Net connections including the Windows APPX/ODBC driver. If set to true, connection requests from APPX/Net clients will not be processed.
>
>
This option can be used to disable or "turn off" processing of connection requests from APPX/Net connections including the Windows APPX/ODBC driver. If set to true, connection requests from APPX/Net clients will not be processed.
  -ServiceDisableAppxKeys={true, false}
Changed:
<
<
This option can be used to disable the ability to define an APPX keymap. If set to true, those interactive clients which support the ability to define an APPX keymap will not be allowed to do so.
>
>
This option can be used to disable the ability to define an APPX keymap. If set to true, those interactive clients which support the ability to define an APPX keymap will not be allowed to do so.
  -initScript={lsb, RedHat}
Changed:
<
<
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxLoginMgr will determine which type of service script to install.
>
>
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxLoginMgr will determine which type of service script to install.
 
Options - Session Identity/Permissions
Changed:
<
<
-ImpersonateUID={true, false}
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner. Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service. If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
>
>
-ImpersonateUID={true, false}
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner. Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service. If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
  -ImpersonateUser={LogonUser, NamedUser(USERID), ServiceOwner}
Changed:
<
<
This option determines which O/S user the APPX session should impersonate (run as).
>
>
This option determines which O/S user the APPX session should impersonate (run as).
  If LogonUser is specified, the user ID of the APPX session will be set to the user ID that was provided by the client login. This user ID must be a valid O/S user. The connection service must be running with the permissions of the root user if the LogonUser option is specified.
Line: 203 to 211
 

-ImpersonateGID={true, false}

Changed:
<
<
If this value is set to false, an APPX session which is initiated by the connection service will run with the group permissions of the connection ServiceOwner. Set this value to true if you want the APPX session to have group permissions based on the ImpersonateGroup option.
>
>
If this value is set to false, an APPX session which is initiated by the connection service will run with the group permissions of the connection ServiceOwner. Set this value to true if you want the APPX session to have group permissions based on the ImpersonateGroup option.
  -ImpersonateGroup={User, LogonUser, LogonGroup, NamedGroup(GROUPNAME), ServiceOwner, ServiceGroup}
Changed:
<
<
This option determines which group permissions the APPX session should run with.
>
>
This option determines which group permissions the APPX session should run with.
  If User is specified, the APPX session will run with the group permissions of the user that the session is running as (impersonating).
Line: 218 to 226
 

-Umask=FILECREATIONMASK

Changed:
<
<
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresponding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
>
>
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresponding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
  If the umask option is not set, files and directories that are created by the APPX session will be given the default permissions of the Service Owner.
Changed:
<
<
-IncludeSystemEnv={true, false}
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
>
>

-IncludeSystemEnv={true, false}

Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
 
Options - Startup Process
Changed:
<
<
-ServiceEnableCmds={true, false}
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true, then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
>
>
-ServiceEnableCmds={true, false}
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true, then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
  -AppxDatabase=DATABASEID
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
  -AppxApplication=APPLICATIONID
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. If specified, the APPLICATIONID must be valid, i.e. it must be defined in the Applications file in APPX System Administration. The specified APPLICATIONID must also be identified in APPX System Administration as a related application for the specified DATABASEID.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. If specified, the APPLICATIONID must be valid, i.e. it must be defined in the Applications file in APPX System Administration. The specified APPLICATIONID must also be identified in APPX System Administration as a related application for the specified DATABASEID.
  -AppxProcessType={Menu, Job, Input, Output, Update, Action, Inquiry, Query, Status, Subroutine}
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. This option identifies the type of process that is to be invoked when a client session is initiated.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. This option identifies the type of process that is to be invoked when a client session is initiated.
  -AppxProcessName=PROCESSNAME
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. This option identifies the name of the process that is to be invoked when a client session is initiated. The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. This option identifies the name of the process that is to be invoked when a client session is initiated. The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
 
Options - TCP/IP
Changed:
<
<
-port, -SockPort={8060, PORT}
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.
>
>
-port, -SockPort={8060, PORT}
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.
  -TCPNoDelay={true, false}
Changed:
<
<
This option is used to tune the network performance of the APPX session. When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it. This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
>
>
This option is used to tune the network performance of the APPX session. When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it. This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
  -TCPEnableKeepAlive={true, false}
Changed:
<
<
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost. If this option is set to true and an APPX session has been waiting for a response from an APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached. If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times. After TCPKeepCount attempts, if the APPX client is unable to be contacted, then the APPX session terminates.
>
>
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost. If this option is set to true and an APPX session has been waiting for a response from an APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached. If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times. After TCPKeepCount attempts, if the APPX client is unable to be contacted, then the APPX session terminates.
  -TCPKeepIdle={300, SECONDS}
Changed:
<
<
This option is used to set the number of seconds that an APPX session is to wait for a response from an APPX client before checking to see if the client can still be contacted.
>
>
This option is used to set the number of seconds that an APPX session is to wait for a response from an APPX client before checking to see if the client can still be contacted.
  -TCPKeepCount={8, COUNT}
Changed:
<
<
This option is used to set the number of times that an APPX session is to attempt to contact a non-responsive APPX client before the APPX session should terminate.
>
>
This option is used to set the number of times that an APPX session is to attempt to contact a non-responsive APPX client before the APPX session should terminate.
  -TCPKeepInterval={60, SECONDS}
Changed:
<
<
This option is used to set the number of seconds that an APPX session is to wait between attempts to contact a non-responsive APPX client.
>
>
This option is used to set the number of seconds that an APPX session is to wait between attempts to contact a non-responsive APPX client.
 
Options - SSL

-SSLMode={optional, required, disabled}

Changed:
<
<
This option is used to control whether or not APPX clients must use SSL connections.
optional - APPX clients may request either an SSL connection or a plain text connection
>
>
This option is used to control whether or not APPX clients must use SSL connections.
optional - APPX clients may request either an SSL connection or a plain text connection
  required - APPX clients must request an SSL connection
Line: 267 to 282
 

-TrustedCAFile=CAFILENAME

Changed:
<
<
This option identifies the pathname of the file that identifies which client certificates to trust (leave blank if client certificates are not required).
>
>
This option identifies the pathname of the file that identifies which client certificates to trust (leave blank if client certificates are not required).
  -ServerCertificateFile=CERTFILENAME
Changed:
<
<
This option identifies the pathname of the server's X509 certificate (leave blank for anonymous connections).
>
>
This option identifies the pathname of the server's X509 certificate (leave blank for anonymous connections).
  -ServerPrivateKeyFile=KEYFILENAME
Changed:
<
<
This option identifies the pathname of server's private key file (unlocks the ServerCertificateFile).
>
>
This option identifies the pathname of server's private key file (unlocks the ServerCertificateFile).
  -RequireSSL={true, false}
Changed:
<
<
This option is not needed and has not been implemented.
>
>
This option is not needed and has not been implemented.
  -RequireSSLClientCertificates={true, false}
Changed:
<
<
This option is not needed and has not been implemented.
>
>
This option is not needed and has not been implemented.
  -ServerPrivateKeyPassphrase=PASSPHRASE
Changed:
<
<
This option is not needed and has not been implemented.
>
>
This option is not needed and has not been implemented.
 

Configuration - Environment Variables

Changed:
<
<
VARIABLE=VALUE
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Login Manager. Note that when specifying variables on the command line, you do not prefix them with a dash if you are referring to environment variables.
>
>
VARIABLE=VALUE
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Login Manager. Note that when specifying variables on the command line, you do not prefix them with a dash if you are referring to environment variables.
 

Synopsis - Service Management

Changed:
<
<
appxLoginMgr [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}
>
>
appxLoginMgr [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}
  MANAGEMENT OPTIONS
Changed:
<
<
-start | < blank >
Start an instance of the Login Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.
>
>
-start | < blank >
Start an instance of the Login Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.
  -stop
Changed:
<
<
Stop the instance of the Login Manager service that was started with the SERVICENAME.ini file.
>
>
Stop the instance of the Login Manager service that was started with the SERVICENAME.ini file.
  -restart
Changed:
<
<
Restart (stop and then start) the instance of the Login Manager that was started with the SERVICENAME.ini file.
>
>
Restart (stop and then start) the instance of the Login Manager that was started with the SERVICENAME.ini file.
  -status
Changed:
<
<
Report the status of the instance of the Login Manager that was started with the SERVICENAME.ini file.
>
>
Report the status of the instance of the Login Manager that was started with the SERVICENAME.ini file.
  EXAMPLES

Example 1: Configure and start a new instance of the Connection Service that will listen for connection requests on port 8060:

appxLoginMgr -install -port=8060

Changed:
<
<
Warning - the engine that you named has the setuid bit enabled

>
>
Warning - the engine that you named has the setuid bit enabled

 you may not want that bit set for the authentication method that you have chosen (OS-User) To turn off the setuid bit, chmod u-s ../appx Configuration written to: appx-8060.ini
Line: 344 to 360
 The configuration file is created in whichever directory is your current directory at the time that the appxLoginMgr command is run to create the service. Therefore, before you run the appxLoginMgr command to create a service, you must first change to the directory where you want the configuration file to reside. For example, if you want the configuration file to be created in the APPX tools directory, you should change to the tools directory before you run the appxLoginMgr command.

The name of the configuration file and the location of the configuration file should not be changed. The service that is created will not work correctly if the name or the location of the configuration file is changed.

Changed:
<
<
# Appx connection manager configuration file

>
>
# Appx connection manager configuration file

 # # You can change this file by hand, or # use the uappxd program for better results
Line: 407 to 423
 The environment file is created in whichever directory is your current directory at the time that the appxLoginMgr command is run to create the service. Therefore, before you run the appxLoginMgr command to create a service, you must first change to the directory where you want the environment file to reside. For example, if you want the environment file to be created in the APPX tools directory, you should change to the tools directory before you run the appxLoginMgr command.

The name of the environment file and the location of the environment file should not be changed. The service that is created will not work correctly if the name or the location of the environment file is changed.

Changed:
<
<
# Appx connection manager environment variables

>
>
# Appx connection manager environment variables

 # # The entries in this file will become # environment variables in the engines
Line: 429 to 445
 The name of the status file is the concatenation of the service name and ".stat". For example, if the service name is "appxd-8430", the name of the status file will be "appxd-8430.stat".

The status file can be viewed to see the actual context within which the service is running.

Changed:
<
<
appxd-8430 running as process 28192

>
>
appxd-8430 running as process 28192

 Effective User ID 0 Real User ID 0 Configuration values follow
Line: 486 to 502
 The name of the log file is the concatenation of the service name and ".log". For example, if the service name is "appxd-8430", the name of the log file will be "appxd-8430.log".

When the connection service is started, the log file is initialized with the configuration of the connection service. The configuration information is followed by a dialog of messages relating to actions performed by the connection service. Each time the connection service processes a connection request, messages relating to the connection request are appended to the log file.

Changed:
<
<
*Daemonize = true

>
>
*Daemonize = true

 *DontForkEngine = false *InitScriptStyle = *SleepAfterFork =
Line: 536 to 552
 

Red Hat service command.

Changed:
<
<
>
>
 

Usage (service)

Changed:
<
<
>
>
 

Synopsis - service Command

service [serviceName] [start|stop|restart|status]

Line: 579 to 596
 

Issues:

Changed:
<
<
  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appx-8060.pid)
    /etc/init.d/appx-8060: line 39: success: command not found
    /etc/init.d/appx-8060: line 39: failure: command not found
    /etc/init.d/appx-8060: line 43: failure: command not found
>
>
  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appx-8060.pid)
    /etc/init.d/appx-8060: line 39: success: command not found
    /etc/init.d/appx-8060: line 39: failure: command not found
    /etc/init.d/appx-8060: line 43: failure: command not found
 
  1. The setuid warning message is displayed every time a configuration is loaded or saved. This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
  2. The setuid warning indicates that it is triggered by the OSUser AuthenticationMethod. AuthenticationMethod is not influenced by the setuid bit being turned on. However, ImpersonateUser is impacted.

Enhancement Suggestions:

Line: 606 to 623
 
  1. RequireSSL is not a valid parameter and should be removed from the configuration file.

  2. RequireSSLClientCertificates is not a valid parameter and should be removed from the configuration file.

  3. ServerPrivateKeyPassphrase is not a valid parameter and should be removed from the configuration file.

Added:
>
>

Reconnect Feature (5.3 & up)

A new connection manager allows a user to reconnect to dropped sessions.

Overview:

A new connection manager allows a user to reconnect to dropped sessions. This capability will be especially useful after the new HTML client is released and users are connecting from mobile devices.

Usage:

The new connection manager is controlled by the following settings in the service .ini file:

AppxInterface = Pipe #Client/Server Interface mode ( Socket, Pipe )
AppxPipeDir = ./sessions #Client/Server Pipe Directory
AppxPipeExe = ./appxcomm #pathname to Appx pipe communications helper
AppxPipeTimeout = 1 #Timeout for closing disconnected sessions

To use the new connection manager, set AppxInterface to 'Pipe'. The normal, default, method is 'Socket', which does not have a reconnect capability. The 'Pipe' connection type creates a Named Pipe connection between the server and the new connection manager. The new connection manager then creates a Socket connection between itself and the client. If the connection is dropped, the new connection manager will end. The server will detect this and go into a 'reconnect' mode and will hold Named Pipes connection open for 'AppxPipeTimeout' minutes. If the user reconnects to the same session id within that time limit, a new connection manager will re-establish the connection to the client. Since the server has been holding the Socket connection open, the user will be able to continue their session.

AppxPipeDir is the folder where the new connection manager will keep the named pipes and other connection related files. This is relative to the 'services' directory.

AppxPipeExe is the name of the new connection manager (appxcomm). On Linux/Unix servers this is relative to the 'services' directory. On Windows servers, this must be the complete path to the 'appxcomm.exe' program (usually found in the 'services' directory).

AppxPipeTimeout is the length of time (in minutes) the new connection manager should hold the session open. After this time has expired, the session will be closed and the user will not be able to reconnect.

Note that even though the new connection manager holds the connection open, any data typed in a field before the user pressed Enter or clicked a button will be lost. For example, if they were entering a name and the connection was lost before they pressed Enter or clicked a button, when they reconnect those characters would be lost.

Reconnecting to a session

The login dialog box has a 'Reconnect Id' field:

reconnect.png

To reconnect to a lost sesssion, enter the process id (PID) of the lost session. The PID is normally displayed in the title bar of the client, however, most of us don't pay any attention to it so it's unlikely we'll remember it to reconnect. You can check the client preferences to see what the last PID was. To do this, click the 'Options' tab, then the 'Advanced' button, and look for 'lastPid' in the [LastLogin] section:

lastlogin.png

An Appx System administrator can connect to another users disconnected session, if they know the PID of the lost session.

In Release 5.4.4, a list of dropped sessions will be displayed automatically, eliminating the need to remember PID's.

PAM Capable (5.3 & Up)

 
Added:
>
>
In Release 5.3, PAM capability was added. See Login Manager PAM Capable for more information.
 

Comments:

Read what other users have said about this page or add your own comments.

Revision 632012-04-05 - BredaHennessy

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

Line: 24 to 24
 
  • User & Group Impersonation (Unix/Linux only)
  • SSL Support
    • Anonymous
Changed:
<
<
    • Server Certficates
>
>
    • Server Certificates
 
    • Client Certificates
  • Environment Specification
    • Inherit from service
Line: 89 to 89
 

Method 1 - The APPX Login Manager Command (appxLoginMgr)

The -modify command and the - replace command of the appxLoginMgr tool can be used to modify or replace a previously configured instance of the APPX Login Manager. These options update the existing APPX Login Manager daemon configuration files (ini and env) with the options specified. If you use this technique, the service will be automatically restarted for you, using the new settings. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.

Method 2 - Text Editor

Changed:
<
<
A text editor can be used to directly edit the APPX Login Manager daemon configuration files (ini and env). The configuration files include comments to help you make the desired changes. If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct. The preferred method for modifying an APPX Login Manager daemon is with Medhod 1 above.
>
>
A text editor can be used to directly edit the APPX Login Manager daemon configuration files (ini and env). The configuration files include comments to help you make the desired changes. If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct. The preferred method for modifying an APPX Login Manager daemon is with Method 1 above.
 

Managing an APPX Login Manager Daemon

Two methods are available for managing an existing instance of the APPX Connection Service.

Line: 157 to 157
 

Configuration - Options

Options - General
Changed:
<
<
-name, -ServiceName=SERVICENAME
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appx-8060".
>
>
-name, -ServiceName=SERVICENAME
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g. "appx-8060".
  -DisplayName=DISPLAYNAME
The DisplayName is a "user-friendly" descriptive name for a connection service. The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command. If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.

-engine, -AppxExecutable={../appx, PATHNAME}

Changed:
<
<
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located. If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
>
>
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be absolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located. If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
  -LogDirectory={/tmp, LOGDIR}
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.
Line: 218 to 218
 

-Umask=FILECREATIONMASK

Changed:
<
<
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
>
>
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresponding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
  If the umask option is not set, files and directories that are created by the APPX session will be given the default permissions of the Service Owner. -IncludeSystemEnv={true, false}
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
Line: 254 to 254
 
This option is used to set the number of times that an APPX session is to attempt to contact a non-responsive APPX client before the APPX session should terminate.

-TCPKeepInterval={60, SECONDS}

Changed:
<
<
This option is used to set the number of seconds that an APPX session is to wait between attemps to contact a non-responsive APPX client.
>
>
This option is used to set the number of seconds that an APPX session is to wait between attempts to contact a non-responsive APPX client.
 
Options - SSL
Line: 273 to 273
 
This option identifies the pathname of the server's X509 certificate (leave blank for anonymous connections).

-ServerPrivateKeyFile=KEYFILENAME

Changed:
<
<
This option idenfies the pathname of server's private key file (unlocks the ServerCertificateFile).
>
>
This option identifies the pathname of server's private key file (unlocks the ServerCertificateFile).
  -RequireSSL={true, false}
This option is not needed and has not been implemented.
Line: 364 to 364
 # AppxProcessType = #startup process type for spawned engines AuthenticationMethod = OS-User #authentication method (OS-User, Appx-User, HT-User(filename)) DisplayName = Login-8430 #descriptive name
Changed:
<
<
ImpersonateGID = true #change effective grouo ID for spawned engines?
>
>
ImpersonateGID = true #change effective group ID for spawned engines?
 ImpersonateGroup = NamedGroup(appxgrp) #[LogonUser, NamedGroup(groupname), ServiceOwner] ImpersonateUID = true #change effective user ID for spawned engines? ImpersonateUser = NamedUser(appx) #[LogonUser, NamedUser(username), ServiceOwner]
Line: 588 to 588
 
  1. APPX_KEYMAP environment variable should be initialized upon default install options. Currently "appxLoginMgr -install -SockPort=8060" does not place APPX_KEYMAP into appxLoginMgr-8060.env.
  2. appxLoginMgr should create .ini and .env files in the tools subdirectory, and not in the current working directory.
  3. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName =appx-8060.
Changed:
<
<
  1. The requirements for use of -name argument seem inconsistant. Below are examples where + works, and - does not.
>
>
  1. The requirements for use of -name argument seem inconsistent. Below are examples where + works, and - does not.
 
    1. (-) ./appxLoginMgr -modify appx-8060 -TCPNodelay=false

    2. (+) ./appxLoginMgr -modify -name=appx-8060 -TCPNodelay=false
    3. (-)./appxLoginMgr -status
Line: 604 to 604
 
    1. (+) ./appxLoginMgr -status -name=8060
  1. Warn users not to move configuration files. A service script is created in the /etc/init.d system directory for each service installed by running the appxLoginMgr command. These scripts reference the corresponding service configuration files using a fully qualified absolute pathname. If you move the configuration files to another directory or rename them, the service scripts will no longer work. We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The service scripts also reference the appxLoginMgr command using a fully qualified absolute pathname.

  2. RequireSSL is not a valid parameter and should be removed from the configuration file.

Changed:
<
<
  1. RequireSSLClientCertificates is not a valid parameter and should be removed from the configuratoin file.

>
>
  1. RequireSSLClientCertificates is not a valid parameter and should be removed from the configuration file.

 
  1. ServerPrivateKeyPassphrase is not a valid parameter and should be removed from the configuration file.

Comments:

Revision 622011-08-22 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

Line: 78 to 78
 

The Name of the Service

Changed:
<
<
Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have. If you do not specify a name, a name will be assigned for you for example, appxd-8060.
>
>
Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have. If you do not specify a name, a name will be assigned for you for example, appx-8060.
 

TCP/IP Port Number

When creating an instance of an APPX Connection Service, the -SockPort option must be used to specify the TCP/IP port number on which the service is to listen for connection requests. Any available TCP/IP port number may be specified when installing an instance of the APPX Login Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional instances of the APPX Login Manager are configured, each instance is typically assigned the next available port number after 8060.

Changing a Connection Service

Line: 104 to 104
 

.

Changed:
<
<
[root@tubes tools]# service appxd-8060 status

>
>
[root@tubes tools]# service appx-8060 status

 up and running (process 13893 servicing port 8060)
Line: 157 to 157
 

Configuration - Options

Options - General
Changed:
<
<
-name, -ServiceName=SERVICENAME
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appxd-8060".
>
>
-name, -ServiceName=SERVICENAME
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appx-8060".
  -DisplayName=DISPLAYNAME
The DisplayName is a "user-friendly" descriptive name for a connection service. The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command. If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
Line: 309 to 309
 
Warning - the engine that you named has the setuid bit enabled
you may not want that bit set for the authentication method that you have chosen (OS-User)
To turn off the setuid bit, chmod u-s

Changed:
<
<
../appx Configuration written to: appxd-8060.ini Environment written to: appxd-8060.envtten to: /etc/rc.d/init.d/appxd-8060
>
>
../appx Configuration written to: appx-8060.ini Environment written to: appx-8060.envtten to: /etc/rc.d/init.d/appx-8060
 

appxLoginMgr -install -port=8060 -name=appx8060 -displayName="Appx-Production(8060)" -engine=/usr/local/appx/appx APPXPATH=c:\appx\data APPX_KEYMAP=WINDOWS

Line: 579 to 579
 

Issues:

Changed:
<
<
  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appxd-8060.pid)
    /etc/init.d/appxd-8060: line 39: success: command not found
    /etc/init.d/appxd-8060: line 39: failure: command not found
    /etc/init.d/appxd-8060: line 43: failure: command not found
  2. The setuid warning message is display every time a configuration is loaded or saved. This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
>
>
  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appx-8060.pid)
    /etc/init.d/appx-8060: line 39: success: command not found
    /etc/init.d/appx-8060: line 39: failure: command not found
    /etc/init.d/appx-8060: line 43: failure: command not found
  2. The setuid warning message is displayed every time a configuration is loaded or saved. This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
 
  1. The setuid warning indicates that it is triggered by the OSUser AuthenticationMethod. AuthenticationMethod is not influenced by the setuid bit being turned on. However, ImpersonateUser is impacted.
Changed:
<
<

Enhancement Suggestons:

>
>

Enhancement Suggestions:

 
  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
  2. In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument that would list all appxLoginMgr daemons. (Perhaps this isn't practical on Unix platforms)
  3. APPX_KEYMAP environment variable should be initialized upon default install options. Currently "appxLoginMgr -install -SockPort=8060" does not place APPX_KEYMAP into appxLoginMgr-8060.env.
  4. appxLoginMgr should create .ini and .env files in the tools subdirectory, and not in the current working directory.
Changed:
<
<
  1. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName =appxd-8060.
>
>
  1. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName =appx-8060.
 
  1. The requirements for use of -name argument seem inconsistant. Below are examples where + works, and - does not.
Changed:
<
<
    1. (-) ./appxLoginMgr -modify appxd-8060 -TCPNodelay=false

    2. (+) ./appxLoginMgr -modify -name=appxd-8060 -TCPNodelay=false
>
>
    1. (-) ./appxLoginMgr -modify appx-8060 -TCPNodelay=false

    2. (+) ./appxLoginMgr -modify -name=appx-8060 -TCPNodelay=false
 
    1. (-)./appxLoginMgr -status
Changed:
<
<
    1. (+)./appxLoginMgr -status -name=appxd-8060
    2. (+) ./appxLoginMgr -stop appxd-8060
    3. (-) ./appxLoginMgr -stop -name=appxd-8060
    4. (+) ./appxLoginMgr -start appxd-8060
    5. (-) ./appxLoginMgr -start -name=appxd-8060
    6. (-) ./appxLoginMgr -remove appxd-8060
    7. (+) ./appxLoginMgr -remove -name=appxd-8060
>
>
    1. (+)./appxLoginMgr -status -name=appx-8060
    2. (+) ./appxLoginMgr -stop appx-8060
    3. (-) ./appxLoginMgr -stop -name=appx-8060
    4. (+) ./appxLoginMgr -start appx-8060
    5. (-) ./appxLoginMgr -start -name=appx-8060
    6. (-) ./appxLoginMgr -remove appx-8060
    7. (+) ./appxLoginMgr -remove -name=appx-8060
 
    1. (-) ./appxLoginMgr -status
Changed:
<
<
    1. (+) ./appxLoginMgr -status appxd-8060
>
>
    1. (+) ./appxLoginMgr -status appx-8060
 
    1. (+) ./appxLoginMgr -status -name=8060
  1. Warn users not to move configuration files. A service script is created in the /etc/init.d system directory for each service installed by running the appxLoginMgr command. These scripts reference the corresponding service configuration files using a fully qualified absolute pathname. If you move the configuration files to another directory or rename them, the service scripts will no longer work. We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The service scripts also reference the appxLoginMgr command using a fully qualified absolute pathname.

  2. RequireSSL is not a valid parameter and should be removed from the configuration file.

Revision 612010-03-02 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

Line: 167 to 169
 
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.

-AM, -AuthenticationMethod={OS-User, Appx-User, HT-User(HTFILENAME)}

Changed:
<
<
This option identifies the method by which the user ID and the password are to be validated when a connection request is received. If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account. If no authentication method is specified, the default authentication method is OS-User.
>
>
This option identifies the method by which the user ID and the password are to be validated when a connection request is received. If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file and auxiliary password which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account. If no authentication method is specified, the default authentication method is OS-User.
  -ServiceType=Login
The only valid value when configuring a Connection Service is "Login". If this option is not specified, the default value is Login.

Revision 602009-12-08 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

Deleted:
<
<
This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.
 
Added:
>
>
This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.
 

The APPX Login Manager command is used to configure and manage APPX Login Services.

Line: 21 to 21
 
    • O/S Authentication
    • HT Authentication
    • APPX Authentication
Changed:
<
<
  • User & Group Impersonation (Unix/Linux only)
>
>
  • User & Group Impersonation (Unix/Linux only)
 
  • SSL Support
    • Anonymous
    • Server Certficates
Line: 34 to 34
 
    • Service configuration
    • Client request
Changed:
<
<

Installing the APPX Login Manager Command ( appxLoginMgr)

The APPX Login Manager ( appxLoginMgr) command is installed automatically when you install APPX on your system. The installer sets the necessary owner and group permissions for the appxLoginMgr command. So, there is nothing additional that you need to do to install the appxLoginMgr command. However, after you install APPX, you will need to run the appxLoginMgr command to configure and start an instance of the APPX Connection Service before any remote client connections may be established.
>
>

Installing the APPX Login Manager Command ( appxLoginMgr)

 
Changed:
<
<
The appxLoginMgr command is installed into the "tools" subdirectory of the directory where you installed APPX. So, if you installed APPX in "/usr/local/appx", the full pathname of the appxLoginMgr command will be "/usr/local/appx/tools/appxLoginMgr".
>
>
The APPX Login Manager ( appxLoginMgr) command is installed automatically when you install APPX on your system. The installer sets the necessary owner and group permissions for the appxLoginMgr command. So, there is nothing additional that you need to do to install the appxLoginMgr command. As part of installing APPX, you are given the opportunity to start the connection service. If you did not do this, then you will need to run the appxLoginMgr command to configure and start an instance of the APPX Connection Service before any remote client connections may be established.

The appxLoginMgr command is installed into the "services" subdirectory of the directory where you installed APPX. So, if you installed APPX in "/usr/local/appx", the full pathname of the appxLoginMgr command will be "/usr/local/appx/services/appxLoginMgr".

  The appxLoginMgr command must run with the permissions of the root user because it will be spawning appx processes running as each logged in user. Therefore, the owner of the appxLoginMgr command should be the root user and the SUID bit should be set so that the appxLoginMgr command can be run by users other than root but still be run with the permissions of root.

In the event that it is necessary to reset the permissions on the appxLoginMgr command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxLoginMgr command.

Changed:
<
<

cd /usr/local/appx/tools

>
>

cd /usr/local/appx/tools

 chown root appxLoginMgr chgrp appxgrp appxLoginMgr chmod 4775 appxLoginMgr
Changed:
<
<
>
>

  You can check the permissions of the appxLoginMgr command by running the following command:
Changed:
<
<
ls -l appxLoginMgr
>
>
ls -l appxLoginMgr
  The recommended permissions should be as follows:
Changed:
<
<
-rwsrwxr-x 1 root root    636843 Jul 11 07:31 appxLoginMgr
>
>
-rwsrwxr-x 1 root root    636843 Jul 11 07:31 appxLoginMgr
 

Creating and Configuring an APPX Connection Service

Added:
>
>
 On Unix/Linux systems, an instance of the APPX Connection Service is initially created, configured, and started by running the appxLoginMgr command with the -install option. At least one appropriately configured instance of the APPX Connection Service must be created, configured, and started before a remote APPX Client can initiate an APPX session. You may create, configure, and start as many different instances of the APPX Connection Service as you desire. However, each concurrently running instance must be configured to listen for connection requests on a different TCP/IP port.

Creating a Connection Service

Line: 85 to 80
  Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have. If you do not specify a name, a name will be assigned for you for example, appxd-8060.

TCP/IP Port Number

Changed:
<
<
When creating an instance of an APPX Connection Service, the -SockPort option must be used to specify the TCP/IP port number on which the service is to listen for connection requests. Any available TCP/IP port number may be specified when installing an instance of the APPX Login Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional instances of the APPX Login Manager are configured, each instance is typically assigned the next available port number after 8060.
>
>
When creating an instance of an APPX Connection Service, the -SockPort option must be used to specify the TCP/IP port number on which the service is to listen for connection requests. Any available TCP/IP port number may be specified when installing an instance of the APPX Login Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional instances of the APPX Login Manager are configured, each instance is typically assigned the next available port number after 8060.
 

Changing a Connection Service

Added:
>
>
 Two methods are available for modifying an existing instance of an APPX Connection Service.

Method 1 - The APPX Login Manager Command (appxLoginMgr)

Line: 101 to 98
 The appxLoginMgr command can be used to manage an instance of the APPX Connection Service. The appxLoginMgr command can be used to start, stop, restart, or display the status of an instance of an APPX Connection Service.

Method 2 - O/S Services

Changed:
<
<
Your operating system includes commands or programs that can be used to manage services. APPX Connection Services can be managed with these tools. The actual commands and programs vary depending on your operating system. Red Hat uses the command line tool service .
[root@tubes tools]# service appxd-8060 status

>
>
Your operating system includes commands or programs that can be used to manage services. APPX Connection Services can be managed with these tools. The actual commands and programs vary depending on your operating system. Red Hat uses the command line tool service

.

[root@tubes tools]# service appxd-8060 status

 up and running (process 13893 servicing port 8060)
Line: 131 to 130
  The second form of the -install command requires only that a TCP/IP port be specified. All other options are optional including the ServiceName. Any option not specified will be configured with an appropriate default value.
Changed:
<
<
Both forms of the -install command allow additional configuration options to be specified. The configuration options specified are stored in the service configuration file (ini).
>
>
Both forms of the -install command allow additional configuration options to be specified. The configuration options specified are stored in the service configuration file (ini).
  Both forms of the -install command optionally allow values to be specified for environment variables. If specified, the environment variables and their values are stored in the environment configuration file (env). The environment variables in the environment configuration file will be set for any APPX sessions which are started by the connection service.

In addition to creating the service configuration file and the environment configuration file, the -install command also creates an operating system service that will be automatically started when the computer system is started.

Changed:
<
<
After creating the configuration files and the operating system service, the -install command starts the service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
After creating the configuration files and the operating system service, the -install command starts the service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...
  The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed. After updating the configuration files, the -modify command restarts the service.

Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.

Changed:
<
<
Note that the -modify command updates the service configuration file and the environment configuration file by removing the old files and creating new files with the updated options and environment variables.  Any comments that may have been manually added to these configuration files are not preserved.
>
>
Note that the -modify command updates the service configuration file and the environment configuration file by removing the old files and creating new files with the updated options and environment variables. Any comments that may have been manually added to these configuration files are not preserved.
  -replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command. After updating the configuration files, the -replace command restarts the service. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.
Line: 154 to 155
 

Configuration - Options

Options - General
Changed:
<
<
-name, -ServiceName=SERVICENAME
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appxd-8060".
>
>
-name, -ServiceName=SERVICENAME
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appxd-8060".
  -DisplayName=DISPLAYNAME
The DisplayName is a "user-friendly" descriptive name for a connection service. The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command. If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
Changed:
<
<
-engine, -AppxExecutable={../appx, PATHNAME}
>
>
-engine, -AppxExecutable={../appx, PATHNAME}
 
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located. If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
Changed:
<
<
-LogDirectory={/tmp, LOGDIR}
>
>
-LogDirectory={/tmp, LOGDIR}
 
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.
Changed:
<
<
-AM, -AuthenticationMethod={OS-User, Appx-User, HT-User(HTFILENAME)}
This option identifies the method by which the user ID and the password are to be validated when a connection request is received. If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account. If no authentication method is specified, the default authentication method is OS-User.
>
>
-AM, -AuthenticationMethod={OS-User, Appx-User, HT-User(HTFILENAME)}
This option identifies the method by which the user ID and the password are to be validated when a connection request is received. If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account. If no authentication method is specified, the default authentication method is OS-User.
  -ServiceType=Login
Changed:
<
<
The only valid value when configuring a Connection Service is "Login". If this option is not specified, the default value is Login.
>
>
The only valid value when configuring a Connection Service is "Login". If this option is not specified, the default value is Login.
 
Changed:
<
<
-ServiceDisable={true, false}
>
>
-ServiceDisable={true, false}
 
This option can be used to temporarily disable or "turn off" the connection service. If set to true, the connection service will still run but it will not accept login requests.
Changed:
<
<
-ServiceDisableLogin={true, false}
>
>
-ServiceDisableLogin={true, false}
 
This option can be used to disable or "turn off" processing of login requests from interactive clients. If set to true, login requests from interactive clients will not be processed.
Changed:
<
<
-ServiceDisableFMS={true, false}
>
>
-ServiceDisableFMS={true, false}
 
This option can be used to disable or "turn off" processing of connection requests from APPX/Net connections including the Windows APPX/ODBC driver. If set to true, connection requests from APPX/Net clients will not be processed.
Changed:
<
<
-ServiceDisableAppxKeys={true, false}
>
>
-ServiceDisableAppxKeys={true, false}
 
This option can be used to disable the ability to define an APPX keymap. If set to true, those interactive clients which support the ability to define an APPX keymap will not be allowed to do so.

-initScript={lsb, RedHat}

Line: 186 to 186
  -initScript={lsb, RedHat}
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxLoginMgr will determine which type of service script to install.
Added:
>
>
 
Options - Session Identity/Permissions
Changed:
<
<
-ImpersonateUID={true, false}
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner. Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service. If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
>
>
-ImpersonateUID={true, false}
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner. Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service. If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
 
Changed:
<
<
-ImpersonateUser={LogonUser, NamedUser(USERID), ServiceOwner}
>
>
-ImpersonateUser={LogonUser, NamedUser(USERID), ServiceOwner}
 
This option determines which O/S user the APPX session should impersonate (run as).

If LogonUser is specified, the user ID of the APPX session will be set to the user ID that was provided by the client login. This user ID must be a valid O/S user. The connection service must be running with the permissions of the root user if the LogonUser option is specified.

If NamedUser is specified, the user ID of the APPX session will be set to the specified USERID. This USERID must be a valid O/S user. The connection service must be running with the permissions of the root user if the NamedUser option is specified.

Changed:
<
<
If ServiceOwner is specified, the user ID of the APPX session will be the user ID that the connection service is running as.
>
>
If ServiceOwner is specified, the user ID of the APPX session will be the user ID that the connection service is running as.
 
Changed:
<
<
-ImpersonateGID={true, false}
>
>
-ImpersonateGID={true, false}
 
If this value is set to false, an APPX session which is initiated by the connection service will run with the group permissions of the connection ServiceOwner. Set this value to true if you want the APPX session to have group permissions based on the ImpersonateGroup option.
Changed:
<
<
-ImpersonateGroup={User, LogonUser, LogonGroup, NamedGroup(GROUPNAME), ServiceOwner, ServiceGroup}
>
>
-ImpersonateGroup={User, LogonUser, LogonGroup, NamedGroup(GROUPNAME), ServiceOwner, ServiceGroup}
 
This option determines which group permissions the APPX session should run with.

If User is specified, the APPX session will run with the group permissions of the user that the session is running as (impersonating).

Line: 211 to 212
  If NamedGroup is specified, the group permissions of the APPX session will be set to the specified GROUPNAME. This GROUPNAME must be a valid O/S group.
Changed:
<
<
If ServiceOwner or ServiceGroup is specified.
>
>
If ServiceOwner or ServiceGroup is specified.
  -Umask=FILECREATIONMASK
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
Changed:
<
<
If the umask option is not set, files and directories that are created by the APPX session will be given the default permissions of the Service Owner. -IncludeSystemEnv={true, false}
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
>
>
If the umask option is not set, files and directories that are created by the APPX session will be given the default permissions of the Service Owner. -IncludeSystemEnv={true, false}
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
 
Options - Startup Process
Changed:
<
<
-ServiceEnableCmds={true, false}
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true, then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
>
>
-ServiceEnableCmds={true, false}
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true, then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
  -AppxDatabase=DATABASEID
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
Line: 233 to 235
  -AppxProcessName=PROCESSNAME
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. This option identifies the name of the process that is to be invoked when a client session is initiated. The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
Added:
>
>
 
Options - TCP/IP
Changed:
<
<
-port, -SockPort={8060, PORT}
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.
>
>
-port, -SockPort={8060, PORT}
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.
 
Changed:
<
<
-TCPNoDelay={true, false}
>
>
-TCPNoDelay={true, false}
 
This option is used to tune the network performance of the APPX session. When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it. This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
Changed:
<
<
-TCPEnableKeepAlive={true, false}
>
>
-TCPEnableKeepAlive={true, false}
 
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost. If this option is set to true and an APPX session has been waiting for a response from an APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached. If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times. After TCPKeepCount attempts, if the APPX client is unable to be contacted, then the APPX session terminates.
Changed:
<
<
-TCPKeepIdle={300, SECONDS}
>
>
-TCPKeepIdle={300, SECONDS}
 
This option is used to set the number of seconds that an APPX session is to wait for a response from an APPX client before checking to see if the client can still be contacted.
Changed:
<
<
-TCPKeepCount={8, COUNT}
>
>
-TCPKeepCount={8, COUNT}
 
This option is used to set the number of times that an APPX session is to attempt to contact a non-responsive APPX client before the APPX session should terminate.
Changed:
<
<
-TCPKeepInterval={60, SECONDS}
>
>
-TCPKeepInterval={60, SECONDS}
 
This option is used to set the number of seconds that an APPX session is to wait between attemps to contact a non-responsive APPX client.
Added:
>
>
 
Options - SSL
Changed:
<
<
-SSLMode={optional, required, disabled}
This option is used to control whether or not APPX clients must use SSL connections.
optional - APPX clients may request either an SSL connection or a plain text connection
>
>
-SSLMode={optional, required, disabled}
This option is used to control whether or not APPX clients must use SSL connections.
optional - APPX clients may request either an SSL connection or a plain text connection
  required - APPX clients must request an SSL connection
Changed:
<
<
disabled - APPX clients may only request a plain text connection
>
>
disabled - APPX clients may only request a plain text connection
  -TrustedCAFile=CAFILENAME
This option identifies the pathname of the file that identifies which client certificates to trust (leave blank if client certificates are not required).
Line: 270 to 273
 -ServerPrivateKeyFile=KEYFILENAME
This option idenfies the pathname of server's private key file (unlocks the ServerCertificateFile).
Changed:
<
<
-RequireSSL={true, false}
>
>
-RequireSSL={true, false}
 
This option is not needed and has not been implemented.
Changed:
<
<
-RequireSSLClientCertificates={true, false}
>
>
-RequireSSLClientCertificates={true, false}
 
This option is not needed and has not been implemented.

-ServerPrivateKeyPassphrase=PASSPHRASE

Line: 278 to 281
  -ServerPrivateKeyPassphrase=PASSPHRASE
This option is not needed and has not been implemented.
Added:
>
>
 

Configuration - Environment Variables

Changed:
<
<
VARIABLE=VALUE
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Login Manager. Note that when specifying variables on the command line, you do not prefix them with a dash if you are referring to environment variables.
>
>
VARIABLE=VALUE
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Login Manager. Note that when specifying variables on the command line, you do not prefix them with a dash if you are referring to environment variables.
 

Synopsis - Service Management

appxLoginMgr [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}

MANAGEMENT OPTIONS

Changed:
<
<
-start | < blank >
Start an instance of the Login Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.
>
>
-start | < blank >
Start an instance of the Login Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.
  -stop
Changed:
<
<
Stop the instance of the Login Manager service that was started with the SERVICENAME.ini file.
>
>
Stop the instance of the Login Manager service that was started with the SERVICENAME.ini file.
  -restart
Changed:
<
<
Restart (stop and then start) the instance of the Login Manager that was started with the SERVICENAME.ini file.
>
>
Restart (stop and then start) the instance of the Login Manager that was started with the SERVICENAME.ini file.
  -status
Changed:
<
<
Report the status of the instance of the Login Manager that was started with the SERVICENAME.ini file.
>
>
Report the status of the instance of the Login Manager that was started with the SERVICENAME.ini file.
  EXAMPLES

Example 1: Configure and start a new instance of the Connection Service that will listen for connection requests on port 8060:

appxLoginMgr -install -port=8060

Changed:
<
<
Warning - the engine that you named has the setuid bit enabled

>
>
Warning - the engine that you named has the setuid bit enabled

 you may not want that bit set for the authentication method that you have chosen (OS-User) To turn off the setuid bit, chmod u-s ../appx Configuration written to: appxd-8060.ini
Line: 340 to 342
 The configuration file is created in whichever directory is your current directory at the time that the appxLoginMgr command is run to create the service. Therefore, before you run the appxLoginMgr command to create a service, you must first change to the directory where you want the configuration file to reside. For example, if you want the configuration file to be created in the APPX tools directory, you should change to the tools directory before you run the appxLoginMgr command.

The name of the configuration file and the location of the configuration file should not be changed. The service that is created will not work correctly if the name or the location of the configuration file is changed.

Changed:
<
<
# Appx connection manager configuration file

>
>
# Appx connection manager configuration file

 # # You can change this file by hand, or # use the uappxd program for better results
Line: 392 to 392
 # TCPNoDelay = true #disable TCP packet filling delay? # TrustedCAFile = #determines which client certificates to trust # Umask = #umask (file creation mask) given to spawned engines
Changed:
<
<
>
>
 

The Environment File (env)

Added:
>
>
 Each instance of an APPX Connection Service has an environment file that is used to store the environment variables relating to that specific instance of the connection service. The environment variables in the environment file are inherited by each APPX session that is started by the APPX Connection Service.

The -install option of the appxLoginMgr command creates the environment file when the service is created.

Line: 404 to 405
 The environment file is created in whichever directory is your current directory at the time that the appxLoginMgr command is run to create the service. Therefore, before you run the appxLoginMgr command to create a service, you must first change to the directory where you want the environment file to reside. For example, if you want the environment file to be created in the APPX tools directory, you should change to the tools directory before you run the appxLoginMgr command.

The name of the environment file and the location of the environment file should not be changed. The service that is created will not work correctly if the name or the location of the environment file is changed.

Changed:
<
<
# Appx connection manager environment variables

>
>
# Appx connection manager environment variables

 # # The entries in this file will become # environment variables in the engines
Line: 419 to 418
 # letter case IS important in this file # -------------------------------------------------- APPX_KEYMAP=WINDOWS
Changed:
<
<
>
>
 

The Status File (stat)

Added:
>
>
 When an APPX Connection Service is started, a status file is created in the specified LogDirectory. If a LogDirectory was not specified, then the status file is created in the /tmp directory.

The name of the status file is the concatenation of the service name and ".stat". For example, if the service name is "appxd-8430", the name of the status file will be "appxd-8430.stat".

Line: 427 to 427
 The name of the status file is the concatenation of the service name and ".stat". For example, if the service name is "appxd-8430", the name of the status file will be "appxd-8430.stat".

The status file can be viewed to see the actual context within which the service is running.

Changed:
<
<
appxd-8430 running as process 28192

>
>
appxd-8430 running as process 28192

 Effective User ID 0 Real User ID 0 Configuration values follow
Line: 477 to 475
 Umask = Environment variables follow APPX_KEYMAP = WINDOWS
Changed:
<
<
>
>
 

The Log File (log)

Added:
>
>
 When an APPX Connection Service is started, a log file is created in the specified LogDirectory. If a LogDirectory was not specified, then the log file is created in the /tmp directory.

The name of the log file is the concatenation of the service name and ".log". For example, if the service name is "appxd-8430", the name of the log file will be "appxd-8430.log".

Line: 485 to 484
 The name of the log file is the concatenation of the service name and ".log". For example, if the service name is "appxd-8430", the name of the log file will be "appxd-8430.log".

When the connection service is started, the log file is initialized with the configuration of the connection service. The configuration information is followed by a dialog of messages relating to actions performed by the connection service. Each time the connection service processes a connection request, messages relating to the connection request are appended to the log file.

Changed:
<
<
*Daemonize = true

>
>
*Daemonize = true

 *DontForkEngine = false *InitScriptStyle = *SleepAfterFork =
Line: 533 to 530
 CAppxD::Run starting handleClients - starting handleClients - waiting
Changed:
<
<
>
>
 

Red Hat service command.

Line: 543 to 539
 

Synopsis - service Command

Changed:
<
<
service [serviceName] [start|stop|restart|status]
>
>
service [serviceName] [start|stop|restart|status]
 

Examples:

How to create private/public-keys without passphrase for server

Line: 547 to 544
 

Examples:

How to create private/public-keys without passphrase for server

Added:
>
>
 Example of appxLoginMgr parameter to identify private key:
Changed:
<
<
ServerPrivateKeyFile =/usr/local/appx/tools/tubes.internal.appx.com.private.key

>
>
ServerPrivateKeyFile =/usr/local/appx/tools/tubes.internal.appx.com.private.key

 

Example of openssl command to create private key:

Changed:
<
<
openssl genrsa -out tubes.internal.appx.com.private.key 1024

>
>
openssl genrsa -out tubes.internal.appx.com.private.key 1024

 
Changed:
<
<

How to create public SSL certificate for server

>
>

How to create public SSL certificate for server

 Example of appxLoginMgr parameter to identify SSL certificate:
Changed:
<
<
ServerCertificateFile =/usr/local/appx/tools/tubes.internal.appx.com.crt

>
>
ServerCertificateFile =/usr/local/appx/tools/tubes.internal.appx.com.crt

 

Example of openssl command to create SSL certificate:

Changed:
<
<
openssl req -new -days 365 -key tubes.internal.appx.com.private.key -x509 -out tubes.internal.appx.com.crt

>
>
openssl req -new -days 365 -key tubes.internal.appx.com.private.key -x509 -out tubes.internal.appx.com.crt

 
Added:
>
>
 

Warnings:

"the engine that you named has the setuid bit enabled"

Line: 569 to 566
 

Warnings:

"the engine that you named has the setuid bit enabled"

Changed:
<
<
This warning message is displayed when you start a service and the engine specified for AppxExecutable has the setuid bit set.
>
>
This warning message is displayed when you start a service and the engine specified for AppxExecutable has the setuid bit set.
 
Changed:
<
<
When launching an APPX session, the APPX Login Manager sets the real user ID and the effective user ID of the APPX session based on the value specified for the ImpersonateUser parameter.  If the engine has the setuid bit set, then the effective user of the APPX session will be changed by the operating system to be the owner of the APPX engine and the APPX session will run with the permissions of that user.
>
>
When launching an APPX session, the APPX Login Manager sets the real user ID and the effective user ID of the APPX session based on the value specified for the ImpersonateUser parameter. If the engine has the setuid bit set, then the effective user of the APPX session will be changed by the operating system to be the owner of the APPX engine and the APPX session will run with the permissions of that user.
 
Changed:
<
<
Warning - the engine that you named has the setuid bit enabled, 

>
>
Warning - the engine that you named has the setuid bit enabled, 

 you may not want that bit set for the authentication method that you have chosen (OS-User) To turn off the setuid bit, chmod u-s ../appx
Changed:
<
<
>
>
 

Issues:

Changed:
<
<
  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors.  Further, it fails to remove the PID from the (/var/run/appxd-8060.pid)
    /etc/init.d/appxd-8060: line 39: success: command not found
    /etc/init.d/appxd-8060: line 39: failure: command not found
    /etc/init.d/appxd-8060: line 43: failure: command not found
  2. The setuid warning message is display every time a configuration is loaded or saved.  This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
>
>
  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors. Further, it fails to remove the PID from the (/var/run/appxd-8060.pid)
    /etc/init.d/appxd-8060: line 39: success: command not found
    /etc/init.d/appxd-8060: line 39: failure: command not found
    /etc/init.d/appxd-8060: line 43: failure: command not found
  2. The setuid warning message is display every time a configuration is loaded or saved. This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
 
  1. The setuid warning indicates that it is triggered by the OSUser AuthenticationMethod. AuthenticationMethod is not influenced by the setuid bit being turned on. However, ImpersonateUser is impacted.

Enhancement Suggestons:

  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
Line: 593 to 587
 
  1. appxLoginMgr should create .ini and .env files in the tools subdirectory, and not in the current working directory.
  2. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName =appxd-8060.
  3. The requirements for use of -name argument seem inconsistant. Below are examples where + works, and - does not.
Changed:
<
<
    1. (-) ./appxLoginMgr -modify appxd-8060 -TCPNodelay=false

>
>
    1. (-) ./appxLoginMgr -modify appxd-8060 -TCPNodelay=false

 
    1. (+) ./appxLoginMgr -modify -name=appxd-8060 -TCPNodelay=false
    2. (-)./appxLoginMgr -status
    3. (+)./appxLoginMgr -status -name=appxd-8060
Line: 606 to 600
 
    1. (-) ./appxLoginMgr -status
    2. (+) ./appxLoginMgr -status appxd-8060
    3. (+) ./appxLoginMgr -status -name=8060
Changed:
<
<
  1. Warn users not to move configuration files. A service script is created in the /etc/init.d system directory for each service installed by running the appxLoginMgr command.  These scripts reference the corresponding service configuration files using a fully qualified absolute pathname.  If you move the configuration files to another directory or rename them, the service scripts will no longer work. We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The service scripts also reference the appxLoginMgr command using a fully qualified absolute pathname.

  2. RequireSSL is not a valid parameter and should be removed from the configuration file.

  3. RequireSSLClientCertificates is not a valid parameter and should be removed from the configuratoin file.

  4. ServerPrivateKeyPassphrase is not a valid parameter and should be removed from the configuration file.

>
>
  1. Warn users not to move configuration files. A service script is created in the /etc/init.d system directory for each service installed by running the appxLoginMgr command. These scripts reference the corresponding service configuration files using a fully qualified absolute pathname. If you move the configuration files to another directory or rename them, the service scripts will no longer work. We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The service scripts also reference the appxLoginMgr command using a fully qualified absolute pathname.

  2. RequireSSL is not a valid parameter and should be removed from the configuration file.

  3. RequireSSLClientCertificates is not a valid parameter and should be removed from the configuratoin file.

  4. ServerPrivateKeyPassphrase is not a valid parameter and should be removed from the configuration file.

 

Comments:

Added:
>
>
 Read what other users have said about this page or add your own comments.


Revision 592009-11-03 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"
Deleted:
<
<
 

APPX Login Manager For Unix/Linux

This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.

Revision 582008-10-15 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"
Added:
>
>
 

APPX Login Manager For Unix/Linux

This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.

Revision 572008-10-15 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"
Deleted:
<
<
 

APPX Login Manager For Unix/Linux

This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.

Revision 562008-10-15 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

Line: 104 to 104
  Your operating system includes commands or programs that can be used to manage services. APPX Connection Services can be managed with these tools. The actual commands and programs vary depending on your operating system. Red Hat uses the command line tool service .

Changed:
<
<
[root@tubes tools]# service appxd-8060 status Warning - the engine that you named has the setuid bit enabled, you may not want that bit set for the authentication method that you have chosen (OS-User) To turn off the setuid bit, chmod u-s ../appx
>
>
[root@tubes tools]# service appxd-8060 status
 up and running (process 13893 servicing port 8060)
Deleted:
<
<
[root@tubes tools]#
 

Usage (appxLoginMgr)

Revision 552008-10-09 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"
Added:
>
>
 

APPX Login Manager For Unix/Linux

This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.

Revision 542008-10-07 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"
Deleted:
<
<
 

APPX Login Manager For Unix/Linux

This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.
Line: 268 to 267
 disabled - APPX clients may only request a plain text connection

-TrustedCAFile=CAFILENAME

Changed:
<
<
This option identifies the pathname of the file that identifies which client certificates to trust.
>
>
This option identifies the pathname of the file that identifies which client certificates to trust (leave blank if client certificates are not required).
  -ServerCertificateFile=CERTFILENAME
This option identifies the pathname of the server's X509 certificate (leave blank for anonymous connections).
Line: 544 to 543
 

Red Hat service command.

Added:
>
>

Usage (service)

Synopsis - service Command

 
Changed:
<
<
Usage: service appxd-8060 {start|stop|status|reload|restart}

013) (Cosmetic) Redundant redundant redundant

data data data.

A minimal install produces three warning statements as documented below:

[root@APPX4.30TestBox tools]# ./appxLoginMgr -install -port=8060

Warning - the engine that you named has the setuid bit enabled,

you may not want that bit set for the authentication

method that you have chosen (OS-User)

To turn off the setuid bit, chmod u-s ../appx

Configuration written to: appxd-7777.ini

Environment written to: appxd-7777.env

Service script written to: /etc/init.d/appxd-8060

Configuration complete

Registering service

Starting appxd-8060: serviceName: appxd-8060

servicePath: /usr/local/appx/tools/

Looking for config file in appxd-8060.ini

Warning - the engine that you named has the setuid bit enabled,

>
>
service [serviceName] [start|stop|restart|status]
 
Changed:
<
<
you may not want that bit set for the authentication
>
>

Examples:

How to create private/public-keys without passphrase for server

Example of appxLoginMgr parameter to identify private key:
ServerPrivateKeyFile =/usr/local/appx/tools/tubes.internal.appx.com.private.key
 
Changed:
<
<
method that you have chosen (OS-User)
>
>
Example of openssl command to create private key:
openssl genrsa -out tubes.internal.appx.com.private.key 1024

How to create public SSL certificate for server

Example of appxLoginMgr parameter to identify SSL certificate:
ServerCertificateFile =/usr/local/appx/tools/tubes.internal.appx.com.crt
 
Changed:
<
<
To turn off the setuid bit, chmod u-s ../appx
>
>
Example of openssl command to create SSL certificate:
openssl req -new -days 365 -key tubes.internal.appx.com.private.key -x509 -out tubes.internal.appx.com.crt

Warnings:

"the engine that you named has the setuid bit enabled"

 
Changed:
<
<
Writing process ID to /var/run/appxd-7777.pid
>
>
This warning message is displayed when you start a service and the engine specified for AppxExecutable has the setuid bit set.
 
Changed:
<
<
running as process 12156 servicing port 8060
>
>
When launching an APPX session, the APPX Login Manager sets the real user ID and the effective user ID of the APPX session based on the value specified for the ImpersonateUser parameter.  If the engine has the setuid bit set, then the effective user of the APPX session will be changed by the operating system to be the owner of the APPX engine and the APPX session will run with the permissions of that user.
 
Added:
>
>

 Warning - the engine that you named has the setuid bit enabled,
Deleted:
<
<
 you may not want that bit set for the authentication
Deleted:
<
<
 method that you have chosen (OS-User)
Deleted:
<
<
 To turn off the setuid bit, chmod u-s ../appx
Added:
>
>
 
Changed:
<
<
up and running (process 12156 servicing port 8060)

Installation Complete

[root@APPX4.30TestBox tools]#

014) (Suggestion) Warn users not to move

configuration files.

We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The /etc/inid.d/appxd-8060 startup script references by name and path the .ini, .env, and appxLoginMgr/appxAuditLogger files.

Suggested Behavior changes:

>
>

Issues:

  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors.  Further, it fails to remove the PID from the (/var/run/appxd-8060.pid)
    /etc/init.d/appxd-8060: line 39: success: command not found
    /etc/init.d/appxd-8060: line 39: failure: command not found
    /etc/init.d/appxd-8060: line 43: failure: command not found
  2. The setuid warning message is display every time a configuration is loaded or saved.  This results in the message being displayed up to three times depending on the command being executed. Perhaps it should only be displayed when a configuration is saved.
  3. The setuid warning indicates that it is triggered by the OSUser AuthenticationMethod. AuthenticationMethod is not influenced by the setuid bit being turned on. However, ImpersonateUser is impacted.

Enhancement Suggestons:

 
  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
  2. In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument that would list all appxLoginMgr daemons. (Perhaps this isn't practical on Unix platforms)
  3. APPX_KEYMAP environment variable should be initialized upon default install options. Currently "appxLoginMgr -install -SockPort=8060" does not place APPX_KEYMAP into appxLoginMgr-8060.env.
  4. appxLoginMgr should create .ini and .env files in the tools subdirectory, and not in the current working directory.
Changed:
<
<
  1. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName =appxd-8060.
>
>
  1. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName =appxd-8060.
 
  1. The requirements for use of -name argument seem inconsistant. Below are examples where + works, and - does not.
    1. (-) ./appxLoginMgr -modify appxd-8060 -TCPNodelay=false

    2. (+) ./appxLoginMgr -modify -name=appxd-8060 -TCPNodelay=false
Line: 629 to 611
 
    1. (-) ./appxLoginMgr -status
    2. (+) ./appxLoginMgr -status appxd-8060
    3. (+) ./appxLoginMgr -status -name=8060
Changed:
<
<

Issues:

  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors.  Further, it fails to remove the PID from the (/var/run/appxd-8060.pid)

/etc/init.d/appxd-8060: line 39: success: command not found

/etc/init.d/appxd-8060: line 39: failure: command not found

/etc/init.d/appxd-8060: line 43: failure: command not found

RequireSSL - Not Implemented. Do not Use.

  1. true
  2. false

RequireSSLClientCertificates

  1. True - Connecting clients must have client side SSL certificates.
  2. False - This is the default option. Connecting clients do not need to have client side SSL certificates.

ServerCertificateFile - This is the server's SSL public certificate

  1. The pathname of server's X509 certificate (leave blank for anonymous connections). An example is ServerCertificateFile =/usr/local/appx/tools/tubes.internal.appx.com.crt

ServerPrivateKeyFile - This is the server's SSL private server key

  1. Pathname of server's private key file (unlocks the ServerCertificateFile). An example is ServerPrivateKeyFile =/usr/local/appx/tools/tubes.internal.appx.com.private.key

ServerPrivateKeyPassphrase

  1. Passphrase that unlocks ServerPrivateKeyFile

SSLMode

  1. Enabled #SSL connection type (optional, required, disabled)
  2. Disabled
  3. Optional

TrustedCAFile = #determines which client certificates to trust

How to create a server's SSL private server key and server's SSL public certificate from the Unix/Linux command line with the openssl tool.

Create new private/public-keys without passphrase for server

*openssl genrsa -out tubes.internal.appx.com.private.key 1024*

Create server's SSL public certificate

*openssl req -new         -days 365         -key tubes.internal.appx.com.private.key         -x509         -out tubes.internal.appx.com.crt*

Limitations:

>
>
  1. Warn users not to move configuration files. A service script is created in the /etc/init.d system directory for each service installed by running the appxLoginMgr command.  These scripts reference the corresponding service configuration files using a fully qualified absolute pathname.  If you move the configuration files to another directory or rename them, the service scripts will no longer work. We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The service scripts also reference the appxLoginMgr command using a fully qualified absolute pathname.

  2. RequireSSL is not a valid parameter and should be removed from the configuration file.

  3. RequireSSLClientCertificates is not a valid parameter and should be removed from the configuratoin file.

  4. ServerPrivateKeyPassphrase is not a valid parameter and should be removed from the configuration file.

 

Comments:

Read what other users have said about this page or add your own comments.

Revision 532008-10-07 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

Line: 44 to 44
  In the event that it is necessary to reset the permissions on the appxLoginMgr command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxLoginMgr command.
Added:
>
>
 

cd /usr/local/appx/tools chown root appxLoginMgr chgrp appxgrp appxLoginMgr chmod 4775 appxLoginMgr

Added:
>
>
  You can check the permissions of the appxLoginMgr command by running the following command:
Added:
>
>
 
ls -l appxLoginMgr
Added:
>
>
  The recommended permissions should be as follows:
Added:
>
>
 
-rwsrwxr-x 1 root root    636843 Jul 11 07:31 appxLoginMgr
Added:
>
>
 

Creating and Configuring an APPX Connection Service

On Unix/Linux systems, an instance of the APPX Connection Service is initially created, configured, and started by running the appxLoginMgr command with the -install option. At least one appropriately configured instance of the APPX Connection Service must be created, configured, and started before a remote APPX Client can initiate an APPX session. You may create, configure, and start as many different instances of the APPX Connection Service as you desire. However, each concurrently running instance must be configured to listen for connection requests on a different TCP/IP port.

Creating a Connection Service

Line: 96 to 102
 The appxLoginMgr command can be used to manage an instance of the APPX Connection Service. The appxLoginMgr command can be used to start, stop, restart, or display the status of an instance of an APPX Connection Service.

Method 2 - O/S Services

Changed:
<
<
Your operating system includes commands or programs that can be used to manage services. APPX Connection Services can be managed with these tools. The actual commands and programs vary depending on your operating system. Red Hat uses the command line tool service.
>
>
Your operating system includes commands or programs that can be used to manage services. APPX Connection Services can be managed with these tools. The actual commands and programs vary depending on your operating system. Red Hat uses the command line tool service .
 
[root@tubes tools]# *service appxd-8060 status*
Warning - the engine that you named has the setuid bit enabled,

Line: 107 to 113
 [root@tubes tools]#
Deleted:
<
<
 

Usage (appxLoginMgr)

Synopsis - Service Configuration

Line: 123 to 128
 

Configuration - Commands

Changed:
<
<
-install -name=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
-install -name=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
-install -port=PORT [options]... [VARIABLE=VALUE]...
>
>
-install -port=PORT [options]... [VARIABLE=VALUE]...
 
The -install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.

The first form of the -install command requires only that a service name be specified. All other options are optional including the TCP/IP port. Any option not specified will be configured with an appropriate default value.

The second form of the -install command requires only that a TCP/IP port be specified. All other options are optional including the ServiceName. Any option not specified will be configured with an appropriate default value.

Changed:
<
<
Both forms of the -install command allow additional configuration options to be specified. The configuration options are stored in the service configuration file (ini).
>
>
Both forms of the -install command allow additional configuration options to be specified. The configuration options specified are stored in the service configuration file (ini).
  Both forms of the -install command optionally allow values to be specified for environment variables. If specified, the environment variables and their values are stored in the environment configuration file (env). The environment variables in the environment configuration file will be set for any APPX sessions which are started by the connection service.

In addition to creating the service configuration file and the environment configuration file, the -install command also creates an operating system service that will be automatically started when the computer system is started.

After creating the configuration files and the operating system service, the -install command starts the service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...

Changed:
<
<
The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed. After updating the configuration files, the -modify command restarts the service. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.
>
>

The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed. After updating the configuration files, the -modify command restarts the service.

Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.

Note that the -modify command updates the service configuration file and the environment configuration file by removing the old files and creating new files with the updated options and environment variables.  Any comments that may have been manually added to these configuration files are not preserved.

  -replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command. After updating the configuration files, the -replace command restarts the service. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.
Line: 530 to 541
 handleClients - waiting
Deleted:
<
<

appxLoginMgr behavior to keep in mind

The appxLoginMgr -modify argument will maintain existing values,

but will actually remove and create new .env and .ini files with the new values specified. This combination action of remove and recreation will change (remove) any existing non default comments. Would not change behavior of the service but could be a surprise to someone that had input documentation remarks (via the # symbol).

012) (Error) Red Hat's service wrapper command.

Usage: appxd-8060 {start|stop|status|reload|restart}

start

works without issue

stop

does seem to remove the running process; however, it produces errors.

Further, it fails to remove the PID from the (/var/run/appxd-8060.pid)

/etc/init.d/appxd-8060: line 39: success: command not found

/etc/init.d/appxd-8060: line 39: failure: command not found

/etc/init.d/appxd-8060: line 43: failure: command not found

status

seems to work without issue.

reload

 
Changed:
<
<
does not appear to do anything.
>
>

Red Hat service command.

 
Changed:
<
<

restart

>
>
Usage: service appxd-8060 {start|stop|status|reload|restart}
 
Changed:
<
<
which is a stop followed by a start, suffers from the problem of stop documented earlier.

013) (Cosmetic) Redundant redundant redundant

>
>

013) (Cosmetic) Redundant redundant redundant

 data data data.

A minimal install produces three warning statements as documented below:

Line: 623 to 604
  [root@APPX4.30TestBox tools]#
Changed:
<
<

014) (Suggestion) Warn users not to move

>
>

014) (Suggestion) Warn users not to move

 configuration files.

We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The /etc/inid.d/appxd-8060 startup script references by name and path the .ini, .env, and appxLoginMgr/appxAuditLogger files.

Suggested Behavior changes:

  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
Deleted:
<
<
  1. To clarify the purpose of the file, consider renaming uappxd/appxdsvc to appxLoginMgr on all platforms.
  2. To clarify the purpose of the file, consider renaming uappxd/appxdsvc to appxAuditLogger
 
  1. In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument that would list all appxLoginMgr daemons. (Perhaps this isn't practical on Unix platforms)
  2. APPX_KEYMAP environment variable should be initialized upon default install options. Currently "appxLoginMgr -install -SockPort=8060" does not place APPX_KEYMAP into appxLoginMgr-8060.env.
  3. appxLoginMgr should create .ini and .env files in the tools subdirectory, and not in the current working directory.
Line: 650 to 629
 
    1. (-) ./appxLoginMgr -status
    2. (+) ./appxLoginMgr -status appxd-8060
    3. (+) ./appxLoginMgr -status -name=8060
Changed:
<
<
Bugs:
>
>

Issues:

  1. The stop option of the Red Hat service command has a problem. It does seem to remove the running process; however, it produces errors.  Further, it fails to remove the PID from the (/var/run/appxd-8060.pid)

/etc/init.d/appxd-8060: line 39: success: command not found

/etc/init.d/appxd-8060: line 39: failure: command not found

 
Changed:
<
<
  1. Fixed - Bug 2090 uappxd doesn't remove a running service.
>
>
/etc/init.d/appxd-8060: line 43: failure: command not found
 
Deleted:
<
<
 
 

RequireSSL - Not Implemented. Do not Use.

  1. true
  2. false
Line: 681 to 664
 
*openssl req -new         -days 365         -key tubes.internal.appx.com.private.key         -x509         -out tubes.internal.appx.com.crt*
Added:
>
>

Limitations:

 

Comments:

Read what other users have said about this page or add your own comments.

Revision 522008-09-19 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

Line: 35 to 35
 
    • Service configuration
    • Client request
Changed:
<
<

Installing the APPX Connection Manager Command ( appxLoginMgr)

>
>

Installing the APPX Login Manager Command ( appxLoginMgr)

 The APPX Login Manager ( appxLoginMgr) command is installed automatically when you install APPX on your system. The installer sets the necessary owner and group permissions for the appxLoginMgr command. So, there is nothing additional that you need to do to install the appxLoginMgr command. However, after you install APPX, you will need to run the appxLoginMgr command to configure and start an instance of the APPX Connection Service before any remote client connections may be established.

The appxLoginMgr command is installed into the "tools" subdirectory of the directory where you installed APPX. So, if you installed APPX in "/usr/local/appx", the full pathname of the appxLoginMgr command will be "/usr/local/appx/tools/appxLoginMgr".

Line: 80 to 80
  Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have. If you do not specify a name, a name will be assigned for you for example, appxd-8060.

TCP/IP Port Number

Changed:
<
<
When creating an instance of an APPX Connection Service, the -SockPort option must be used to specify the TCP/IP port number on which the service is to listen for connection requests. Any available TCP/IP port number may be specified when installing an instance of the APPX Connection Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional instances of the APPX Connection Manager are configured, each instance is typically assigned the next available port number after 8060.
>
>
When creating an instance of an APPX Connection Service, the -SockPort option must be used to specify the TCP/IP port number on which the service is to listen for connection requests. Any available TCP/IP port number may be specified when installing an instance of the APPX Login Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional instances of the APPX Login Manager are configured, each instance is typically assigned the next available port number after 8060.
 

Changing a Connection Service

Two methods are available for modifying an existing instance of an APPX Connection Service.
Line: 275 to 275
 
This option is not needed and has not been implemented.

Configuration - Environment Variables

VARIABLE=VALUE
Changed:
<
<
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager. Note that when specifying variables on the command line, you do not prefix them with a dash if you are referring to environment variables.
>
>
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Login Manager. Note that when specifying variables on the command line, you do not prefix them with a dash if you are referring to environment variables.
 

Synopsis - Service Management

appxLoginMgr [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}

MANAGEMENT OPTIONS

-start | < blank >
Changed:
<
<
Start an instance of the Connection Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.
>
>
Start an instance of the Login Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.
  -stop
Changed:
<
<
Stop the instance of the Connection Manager service that was started with the SERVICENAME.ini file.
>
>
Stop the instance of the Login Manager service that was started with the SERVICENAME.ini file.
  -restart
Changed:
<
<
Restart (stop and then start) the instance of the Connection Manager that was started with the SERVICENAME.ini file.
>
>
Restart (stop and then start) the instance of the Login Manager that was started with the SERVICENAME.ini file.
  -status
Changed:
<
<
Report the status of the instance of the Connection Manager that was started with the SERVICENAME.ini file.
>
>
Report the status of the instance of the Login Manager that was started with the SERVICENAME.ini file.
  EXAMPLES

Revision 512008-09-19 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Login Manager For Unix/Linux

Line: 74 to 74
 
  1. A service is created, including required init files and links. ( On Red Hat, /etc/init.d/ )
  2. The service is started
Changed:
<
<
For compete information on using the -install option of the appxLoginMgr command, please refer to the usage section of this page.
>
>
For compete information on using the -install option of the appxLoginMgr command, please refer to the usage section of this page.
 

The Name of the Service

Line: 653 to 653
 Bugs:

  1. Fixed - Bug 2090 uappxd doesn't remove a running service.
Added:
>
>
 

RequireSSL - Not Implemented. Do not Use.

  1. true
  2. false

RequireSSLClientCertificates

  1. True - Connecting clients must have client side SSL certificates.
  2. False - This is the default option. Connecting clients do not need to have client side SSL certificates.

ServerCertificateFile - This is the server's SSL public certificate

  1. The pathname of server's X509 certificate (leave blank for anonymous connections). An example is ServerCertificateFile =/usr/local/appx/tools/tubes.internal.appx.com.crt

ServerPrivateKeyFile - This is the server's SSL private server key

  1. Pathname of server's private key file (unlocks the ServerCertificateFile). An example is ServerPrivateKeyFile =/usr/local/appx/tools/tubes.internal.appx.com.private.key

ServerPrivateKeyPassphrase

  1. Passphrase that unlocks ServerPrivateKeyFile

SSLMode

  1. Enabled #SSL connection type (optional, required, disabled)
  2. Disabled
  3. Optional

TrustedCAFile = #determines which client certificates to trust

How to create a server's SSL private server key and server's SSL public certificate from the Unix/Linux command line with the openssl tool.

Create new private/public-keys without passphrase for server

*openssl genrsa -out tubes.internal.appx.com.private.key 1024*

Create server's SSL public certificate

*openssl req -new         -days 365         -key tubes.internal.appx.com.private.key         -x509         -out tubes.internal.appx.com.crt*
 

Comments:

Read what other users have said about this page or add your own comments.
Line: 664 to 692
  -- Page added by: Steve - 17 Jul 2007
Changed:
<
<
META TOPICMOVED by="SteveFrizzell" date="1184694066" from="Main.APPXConectionManagerForUnix-Linux" to="Main.APPXConnectionManagerForUnixLinux"
>
>
META TOPICMOVED by="SteveFrizzell" date="1221836690" from="Main.APPXConnectionManagerForUnixLinux" to="Main.APPXLoginManagerForUnixLinux"

Revision 502008-09-15 - SteveFrizzell

Line: 1 to 1
Changed:
<
<
META TOPICPARENT name="APPXConnectionManager"
>
>
META TOPICPARENT name="APPX500Features"
 

APPX Login Manager For Unix/Linux

This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.
Line: 8 to 8
  The APPX Login Manager command is used to configure and manage APPX Login Services.
Changed:
<
<
An APPX Login Service (or daemon) listens for and processes login requests from various types of APPX clients.
>
>
An APPX Login Service (daemon) listens for and processes login requests from various types of APPX clients.
  The following types of remote APPX clients are supported:
  • APPX Desktop Client (Java)
Line: 45 to 45
 In the event that it is necessary to reset the permissions on the appxLoginMgr command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxLoginMgr command.


Changed:
<
<

cd /usr/local/appx/tools chown root appxLoginMgr chgrp appxgrp appxLoginMgr chmod 4775 appxLoginMgr

>
>

cd /usr/local/appx/tools chown root appxLoginMgr chgrp appxgrp appxLoginMgr chmod 4775 appxLoginMgr

 

You can check the permissions of the appxLoginMgr command by running the following command:


Changed:
<
<
ls -l appxLoginMgr
>
>
ls -l appxLoginMgr
 

The recommended permissions should be as follows:

Line: 75 to 75
 
  1. The service is started

For compete information on using the -install option of the appxLoginMgr command, please refer to the usage section of this page.

Changed:
<
<
>
>
 

The Name of the Service

Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have. If you do not specify a name, a name will be assigned for you for example, appxd-8060.

Line: 83 to 83
 When creating an instance of an APPX Connection Service, the -SockPort option must be used to specify the TCP/IP port number on which the service is to listen for connection requests. Any available TCP/IP port number may be specified when installing an instance of the APPX Connection Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional instances of the APPX Connection Manager are configured, each instance is typically assigned the next available port number after 8060.

Changing a Connection Service

Two methods are available for modifying an existing instance of an APPX Connection Service.
Changed:
<
<
>
>
 

Method 1 - The APPX Login Manager Command (appxLoginMgr)

The -modify command and the - replace command of the appxLoginMgr tool can be used to modify or replace a previously configured instance of the APPX Login Manager. These options update the existing APPX Login Manager daemon configuration files (ini and env) with the options specified. If you use this technique, the service will be automatically restarted for you, using the new settings. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.

Method 2 - Text Editor

A text editor can be used to directly edit the APPX Login Manager daemon configuration files (ini and env). The configuration files include comments to help you make the desired changes. If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct. The preferred method for modifying an APPX Login Manager daemon is with Medhod 1 above.

Managing an APPX Login Manager Daemon

Two methods are available for managing an existing instance of the APPX Connection Service.
Changed:
<
<
>
>
 

Method 1 - appxLoginMgr command

The appxLoginMgr command can be used to manage an instance of the APPX Connection Service. The appxLoginMgr command can be used to start, stop, restart, or display the status of an instance of an APPX Connection Service.

Line: 109 to 109
 

Usage (appxLoginMgr)

Changed:
<
<
>
>
 

Synopsis - Service Configuration

Changed:
<
<
The appxLoginMgr service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.
>
>
The appxLoginMgr service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.
  appxLoginMgr -install -SockPort=[TCP-Port] [options]... [VARIABLE=VALUE]...
Line: 121 to 121
  appxLoginMgr -remove -serviceName=SERVICENAME

Configuration - Commands

Changed:
<
<
>
>
  -install -name=SERVICENAME [options]... [VARIABLE=VALUE]...

-install -port=PORT [options]... [VARIABLE=VALUE]...

Changed:
<
<
The -install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.
>
>
The -install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.
  The first form of the -install command requires only that a service name be specified. All other options are optional including the TCP/IP port. Any option not specified will be configured with an appropriate default value.
Line: 139 to 139
 In addition to creating the service configuration file and the environment configuration file, the -install command also creates an operating system service that will be automatically started when the computer system is started.

After creating the configuration files and the operating system service, the -install command starts the service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...

Changed:
<
<
The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed. After updating the configuration files, the -modify command restarts the service. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.
>
>
The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed. After updating the configuration files, the -modify command restarts the service. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.
  -replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...
Changed:
<
<
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command. After updating the configuration files, the -replace command restarts the service. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.
>
>
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command. After updating the configuration files, the -replace command restarts the service. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.
  -remove -name=SERVICENAME
Changed:
<
<
The -remove command is used to remove an existing Connection Service. The -remove command will remove the configuration files (ini and env) and the corresponding operating system service. If the service is running when the -remove command is executed, the -remove command will first stop the service and then remove the service.
>
>
The -remove command is used to remove an existing Connection Service. The -remove command will remove the configuration files (ini and env) and the corresponding operating system service. If the service is running when the -remove command is executed, the -remove command will first stop the service and then remove the service.
 

Configuration - Options

Changed:
<
<
>
>
 
Options - General
-name, -ServiceName=SERVICENAME
Changed:
<
<
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appxd-8060".
>
>
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appxd-8060".
  -DisplayName=DISPLAYNAME
Changed:
<
<
The DisplayName is a "user-friendly" descriptive name for a connection service. The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command. If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
>
>
The DisplayName is a "user-friendly" descriptive name for a connection service. The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command. If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
  -engine, -AppxExecutable={../appx, PATHNAME}
Changed:
<
<
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located. If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
>
>
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located. If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
  -LogDirectory={/tmp, LOGDIR}
Changed:
<
<
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.
>
>
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.
  -AM, -AuthenticationMethod={OS-User, Appx-User, HT-User(HTFILENAME)}
Changed:
<
<
This option identifies the method by which the user ID and the password are to be validated when a connection request is received. If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account. If no authentication method is specified, the default authentication method is OS-User.
>
>
This option identifies the method by which the user ID and the password are to be validated when a connection request is received. If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account. If no authentication method is specified, the default authentication method is OS-User.
  -ServiceType=Login
Changed:
<
<
The only valid value when configuring a Connection Service is "Login". If this option is not specified, the default value is Login.
>
>
The only valid value when configuring a Connection Service is "Login". If this option is not specified, the default value is Login.
  -ServiceDisable={true, false}
Changed:
<
<
This option can be used to temporarily disable or "turn off" the connection service. If set to true, the connection service will still run but it will not accept login requests.
>
>
This option can be used to temporarily disable or "turn off" the connection service. If set to true, the connection service will still run but it will not accept login requests.
  -ServiceDisableLogin={true, false}
Changed:
<
<
This option can be used to disable or "turn off" processing of login requests from interactive clients. If set to true, login requests from interactive clients will not be processed.
>
>
This option can be used to disable or "turn off" processing of login requests from interactive clients. If set to true, login requests from interactive clients will not be processed.
  -ServiceDisableFMS={true, false}
Changed:
<
<
This option can be used to disable or "turn off" processing of connection requests from APPX/Net connections including the Windows APPX/ODBC driver. If set to true, connection requests from APPX/Net clients will not be processed.
>
>
This option can be used to disable or "turn off" processing of connection requests from APPX/Net connections including the Windows APPX/ODBC driver. If set to true, connection requests from APPX/Net clients will not be processed.
  -ServiceDisableAppxKeys={true, false}
Changed:
<
<
This option can be used to disable the ability to define an APPX keymap. If set to true, those interactive clients which support the ability to define an APPX keymap will not be allowed to do so.
>
>
This option can be used to disable the ability to define an APPX keymap. If set to true, those interactive clients which support the ability to define an APPX keymap will not be allowed to do so.
  -initScript={lsb, RedHat}
Changed:
<
<
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxLoginMgr will determine which type of service script to install.
>
>
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxLoginMgr will determine which type of service script to install.
 
Options - Session Identity/Permissions
-ImpersonateUID={true, false}
Changed:
<
<
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner. Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service. If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
>
>
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner. Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service. If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
  -ImpersonateUser={LogonUser, NamedUser(USERID), ServiceOwner}
Changed:
<
<
This option determines which O/S user the APPX session should impersonate (run as).
>
>
This option determines which O/S user the APPX session should impersonate (run as).
  If LogonUser is specified, the user ID of the APPX session will be set to the user ID that was provided by the client login. This user ID must be a valid O/S user. The connection service must be running with the permissions of the root user if the LogonUser option is specified.
Line: 203 to 195
 If ServiceOwner is specified, the user ID of the APPX session will be the user ID that the connection service is running as.

-ImpersonateGID={true, false}

Changed:
<
<
If this value is set to false, an APPX session which is initiated by the connection service will run with the group permissions of the connection ServiceOwner. Set this value to true if you want the APPX session to have group permissions based on the ImpersonateGroup option.
>
>
If this value is set to false, an APPX session which is initiated by the connection service will run with the group permissions of the connection ServiceOwner. Set this value to true if you want the APPX session to have group permissions based on the ImpersonateGroup option.
  -ImpersonateGroup={User, LogonUser, LogonGroup, NamedGroup(GROUPNAME), ServiceOwner, ServiceGroup}
Changed:
<
<
This option determines which group permissions the APPX session should run with.
>
>
This option determines which group permissions the APPX session should run with.
  If User is specified, the APPX session will run with the group permissions of the user that the session is running as (impersonating).
Line: 217 to 209
 If ServiceOwner or ServiceGroup is specified.

-Umask=FILECREATIONMASK

Changed:
<
<
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
>
>
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
  If the umask option is not set, files and directories that are created by the APPX session will be given the default permissions of the Service Owner. -IncludeSystemEnv={true, false}
Changed:
<
<
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
>
>
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
 
Options - Startup Process
-ServiceEnableCmds={true, false}
Changed:
<
<
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true, then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
>
>
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true, then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
  -AppxDatabase=DATABASEID
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
  -AppxApplication=APPLICATIONID
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. If specified, the APPLICATIONID must be valid, i.e. it must be defined in the Applications file in APPX System Administration. The specified APPLICATIONID must also be identified in APPX System Administration as a related application for the specified DATABASEID.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. If specified, the APPLICATIONID must be valid, i.e. it must be defined in the Applications file in APPX System Administration. The specified APPLICATIONID must also be identified in APPX System Administration as a related application for the specified DATABASEID.
  -AppxProcessType={Menu, Job, Input, Output, Update, Action, Inquiry, Query, Status, Subroutine}
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. This option identifies the type of process that is to be invoked when a client session is initiated.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. This option identifies the type of process that is to be invoked when a client session is initiated.
  -AppxProcessName=PROCESSNAME
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. This option identifies the name of the process that is to be invoked when a client session is initiated. The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. This option identifies the name of the process that is to be invoked when a client session is initiated. The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
 
Options - TCP/IP
-port, -SockPort={8060, PORT}
Changed:
<
<
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.
>
>
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.
  -TCPNoDelay={true, false}
Changed:
<
<
This option is used to tune the network performance of the APPX session. When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it. This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
>
>
This option is used to tune the network performance of the APPX session. When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it. This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
  -TCPEnableKeepAlive={true, false}
Changed:
<
<
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost. If this option is set to true and an APPX session has been waiting for a response from an APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached. If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times. After TCPKeepCount attempts, if the APPX client is unable to be contacted, then the APPX session terminates.
>
>
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost. If this option is set to true and an APPX session has been waiting for a response from an APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached. If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times. After TCPKeepCount attempts, if the APPX client is unable to be contacted, then the APPX session terminates.
  -TCPKeepIdle={300, SECONDS}
Changed:
<
<
This option is used to set the number of seconds that an APPX session is to wait for a response from an APPX client before checking to see if the client can still be contacted.
>
>
This option is used to set the number of seconds that an APPX session is to wait for a response from an APPX client before checking to see if the client can still be contacted.
  -TCPKeepCount={8, COUNT}
Changed:
<
<
This option is used to set the number of times that an APPX session is to attempt to contact a non-responsive APPX client before the APPX session should terminate.
>
>
This option is used to set the number of times that an APPX session is to attempt to contact a non-responsive APPX client before the APPX session should terminate.
  -TCPKeepInterval={60, SECONDS}
Changed:
<
<
This option is used to set the number of seconds that an APPX session is to wait between attemps to contact a non-responsive APPX client.
>
>
This option is used to set the number of seconds that an APPX session is to wait between attemps to contact a non-responsive APPX client.
 
Options - SSL

-SSLMode={optional, required, disabled}

Changed:
<
<
This option is used to control whether or not APPX clients must use SSL connections.
optional - APPX clients may request either an SSL connection or a plain text connection
>
>
This option is used to control whether or not APPX clients must use SSL connections.
optional - APPX clients may request either an SSL connection or a plain text connection
  required - APPX clients must request an SSL connection

disabled - APPX clients may only request a plain text connection

-TrustedCAFile=CAFILENAME

Changed:
<
<
This option identifies the pathname of the file that identifies which client certificates to trust.
>
>
This option identifies the pathname of the file that identifies which client certificates to trust.
  -ServerCertificateFile=CERTFILENAME
Changed:
<
<
This option identifies the pathname of the server's X509 certificate (leave blank for anonymous connections).
>
>
This option identifies the pathname of the server's X509 certificate (leave blank for anonymous connections).
  -ServerPrivateKeyFile=KEYFILENAME
Changed:
<
<
This option idenfies the pathname of server's private key file (unlocks the ServerCertificateFile).
>
>
This option idenfies the pathname of server's private key file (unlocks the ServerCertificateFile).
  -RequireSSL={true, false}
Changed:
<
<
This option is not needed and has not been implemented.
>
>
This option is not needed and has not been implemented.
  -RequireSSLClientCertificates={true, false}
Changed:
<
<
This option is not needed and has not been implemented.
>
>
This option is not needed and has not been implemented.
  -ServerPrivateKeyPassphrase=PASSPHRASE
Changed:
<
<
This option is not needed and has not been implemented.
>
>
This option is not needed and has not been implemented.
 

Configuration - Environment Variables

Changed:
<
<
VARIABLE=VALUE
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager. Note that when specifying variables on the command line, you do not prefix them with a dash if you are referring to environment variables.
>
>
VARIABLE=VALUE
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager. Note that when specifying variables on the command line, you do not prefix them with a dash if you are referring to environment variables.
 

Synopsis - Service Management

Changed:
<
<
appxLoginMgr [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}
>
>
appxLoginMgr [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}
  MANAGEMENT OPTIONS
Changed:
<
<
-start | < blank >
Start an instance of the Connection Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.
>
>
-start | < blank >
Start an instance of the Connection Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.
  -stop
Changed:
<
<
Stop the instance of the Connection Manager service that was started with the SERVICENAME.ini file.
>
>
Stop the instance of the Connection Manager service that was started with the SERVICENAME.ini file.
  -restart
Changed:
<
<
Restart (stop and then start) the instance of the Connection Manager that was started with the SERVICENAME.ini file.
>
>
Restart (stop and then start) the instance of the Connection Manager that was started with the SERVICENAME.ini file.
  -status
Changed:
<
<
Report the status of the instance of the Connection Manager that was started with the SERVICENAME.ini file.
>
>
Report the status of the instance of the Connection Manager that was started with the SERVICENAME.ini file.
  EXAMPLES

Example 1: Configure and start a new instance of the Connection Service that will listen for connection requests on port 8060:

appxLoginMgr -install -port=8060

Changed:
<
<
>
>
 
Warning - the engine that you named has the setuid bit enabled
you may not want that bit set for the authentication method that you have chosen (OS-User)

Line: 321 to 310
  Display the status of an instance of the Connection Service:
Changed:
<
<
appxLoginMgr -status appx8060
>
>
appxLoginMgr -status appx8060
  Shutdown a running instance of the Connection Service:
Line: 336 to 324
  appxLoginMgr -modify -name=appx8060 -SSLMode=required APPX_KEYMAP=Windows
Deleted:
<
<
 

The Configuration File (ini)

Each instance of an APPX Connection Service has a configuration file that is used to store the various parameters relating to that specific instance of the connection service.
Line: 349 to 335
 The configuration file is created in whichever directory is your current directory at the time that the appxLoginMgr command is run to create the service. Therefore, before you run the appxLoginMgr command to create a service, you must first change to the directory where you want the configuration file to reside. For example, if you want the configuration file to be created in the APPX tools directory, you should change to the tools directory before you run the appxLoginMgr command.

The name of the configuration file and the location of the configuration file should not be changed. The service that is created will not work correctly if the name or the location of the configuration file is changed.

Changed:
<
<
>
>
 
# Appx connection manager configuration file
#

Line: 413 to 399
 The environment file is created in whichever directory is your current directory at the time that the appxLoginMgr command is run to create the service. Therefore, before you run the appxLoginMgr command to create a service, you must first change to the directory where you want the environment file to reside. For example, if you want the environment file to be created in the APPX tools directory, you should change to the tools directory before you run the appxLoginMgr command.

The name of the environment file and the location of the environment file should not be changed. The service that is created will not work correctly if the name or the location of the environment file is changed.

Changed:
<
<
>
>
 
# Appx connection manager environment variables
#

Line: 436 to 422
 The name of the status file is the concatenation of the service name and ".stat". For example, if the service name is "appxd-8430", the name of the status file will be "appxd-8430.stat".

The status file can be viewed to see the actual context within which the service is running.

Changed:
<
<
>
>
 
appxd-8430 running as process 28192
Effective User ID 0

Line: 494 to 480
 The name of the log file is the concatenation of the service name and ".log". For example, if the service name is "appxd-8430", the name of the log file will be "appxd-8430.log".

When the connection service is started, the log file is initialized with the configuration of the connection service. The configuration information is followed by a dialog of messages relating to actions performed by the connection service. Each time the connection service processes a connection request, messages relating to the connection request are appended to the log file.

Changed:
<
<
>
>
 
*Daemonize = true
*DontForkEngine = false

Line: 546 to 532
 

appxLoginMgr behavior to keep in mind

The appxLoginMgr -modify argument will maintain existing values,

Changed:
<
<
but will actually remove and create new .env and .ini files with the new values specified. This combination action of remove and recreation will change (remove) any existing non default comments. Would not change behavior of the service but could be a surprise to someone that had input documentation remarks (via the # symbol).
>
>
but will actually remove and create new .env and .ini files with the new values specified. This combination action of remove and recreation will change (remove) any existing non default comments. Would not change behavior of the service but could be a surprise to someone that had input documentation remarks (via the # symbol).
 

012) (Error) Red Hat's service wrapper command.

Changed:
<
<
Usage: appxd-8060 {start|stop|status|reload|restart}
>
>
Usage: appxd-8060 {start|stop|status|reload|restart}
 

start

Line: 563 to 544
 

stop

Changed:
<
<
does seem to remove the running process; however, it produces errors.
>
>
does seem to remove the running process; however, it produces errors.
 
Changed:
<
<
Further, it fails to remove the PID from the (/var/run/appxd-8060.pid)
>
>
Further, it fails to remove the PID from the (/var/run/appxd-8060.pid)
 
Changed:
<
<
/etc/init.d/appxd-8060: line 39: success: command not found
>
>
/etc/init.d/appxd-8060: line 39: success: command not found
 
Changed:
<
<
/etc/init.d/appxd-8060: line 39: failure: command not found
>
>
/etc/init.d/appxd-8060: line 39: failure: command not found
 
Changed:
<
<
/etc/init.d/appxd-8060: line 43: failure: command not found
>
>
/etc/init.d/appxd-8060: line 43: failure: command not found
 

status

Line: 588 to 564
 

restart

Changed:
<
<
which is a stop followed by a start, suffers from the problem of stop documented earlier.
>
>
which is a stop followed by a start, suffers from the problem of stop documented earlier.
 

013) (Cosmetic) Redundant redundant redundant

data data data.
Changed:
<
<
A minimal install produces three warning statements as documented below:
>
>
A minimal install produces three warning statements as documented below:
 
Changed:
<
<
[root@APPX4.30TestBox tools]# ./appxLoginMgr -install -port=8060
>
>
[root@APPX4.30TestBox tools]# ./appxLoginMgr -install -port=8060
 
Changed:
<
<
Warning - the engine that you named has the setuid bit enabled,
>
>
Warning - the engine that you named has the setuid bit enabled,
 
Changed:
<
<
you may not want that bit set for the authentication
>
>
you may not want that bit set for the authentication
 
Changed:
<
<
method that you have chosen (OS-User)
>
>
method that you have chosen (OS-User)
 
Changed:
<
<
To turn off the setuid bit, chmod u-s ../appx
>
>
To turn off the setuid bit, chmod u-s ../appx
 
Changed:
<
<
Configuration written to: appxd-7777.ini
>
>
Configuration written to: appxd-7777.ini
 
Changed:
<
<
Environment written to: appxd-7777.env
>
>
Environment written to: appxd-7777.env
 
Changed:
<
<
Service script written to: /etc/init.d/appxd-8060
>
>
Service script written to: /etc/init.d/appxd-8060
  Configuration complete

Registering service

Changed:
<
<
Starting appxd-8060: serviceName: appxd-8060
>
>
Starting appxd-8060: serviceName: appxd-8060
  servicePath: /usr/local/appx/tools/
Changed:
<
<
Looking for config file in appxd-8060.ini
>
>
Looking for config file in appxd-8060.ini
 
Changed:
<
<
Warning - the engine that you named has the setuid bit enabled,
>
>
Warning - the engine that you named has the setuid bit enabled,
 
Changed:
<
<
you may not want that bit set for the authentication
>
>
you may not want that bit set for the authentication
 
Changed:
<
<
method that you have chosen (OS-User)
>
>
method that you have chosen (OS-User)
 
Changed:
<
<
To turn off the setuid bit, chmod u-s ../appx
>
>
To turn off the setuid bit, chmod u-s ../appx
 
Changed:
<
<
Writing process ID to /var/run/appxd-7777.pid
>
>
Writing process ID to /var/run/appxd-7777.pid
 
Changed:
<
<
running as process 12156 servicing port 8060
>
>
running as process 12156 servicing port 8060
 
Changed:
<
<
Warning - the engine that you named has the setuid bit enabled,
>
>
Warning - the engine that you named has the setuid bit enabled,
 
Changed:
<
<
you may not want that bit set for the authentication
>
>
you may not want that bit set for the authentication
 
Changed:
<
<
method that you have chosen (OS-User)
>
>
method that you have chosen (OS-User)
 
Changed:
<
<
To turn off the setuid bit, chmod u-s ../appx
>
>
To turn off the setuid bit, chmod u-s ../appx
 
Changed:
<
<
up and running (process 12156 servicing port 8060)
>
>
up and running (process 12156 servicing port 8060)
  Installation Complete
Line: 673 to 626
 

014) (Suggestion) Warn users not to move

configuration files.
Changed:
<
<
We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The /etc/inid.d/appxd-8060 startup script references by name and path the .ini, .env, and appxLoginMgr/appxAuditLogger files.
>
>
We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The /etc/inid.d/appxd-8060 startup script references by name and path the .ini, .env, and appxLoginMgr/appxAuditLogger files.
 

Suggested Behavior changes:

  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
Line: 704 to 652
 
    1. (+) ./appxLoginMgr -status -name=8060
Bugs:
Changed:
<
<
  1. Fixed - Bug 2090 uappxd doesn't remove a running service.
>
>
  1. Fixed - Bug 2090 uappxd doesn't remove a running service.
 

Comments:

Read what other users have said about this page or add your own comments.

Revision 492008-08-27 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Login Manager For Unix/Linux

Line: 85 to 85
 Two methods are available for modifying an existing instance of an APPX Connection Service.

Method 1 - The APPX Login Manager Command (appxLoginMgr)

Changed:
<
<
The -modify command and the - replace command of the appxLoginMgr tool can be used to modify or replace a previously configured instance of the APPX Login Manager. These options update the existing APPX Login Manager daemon configuration files (ini and env) with the options specified.
>
>
The -modify command and the - replace command of the appxLoginMgr tool can be used to modify or replace a previously configured instance of the APPX Login Manager. These options update the existing APPX Login Manager daemon configuration files (ini and env) with the options specified. If you use this technique, the service will be automatically restarted for you, using the new settings. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.
 

Method 2 - Text Editor

A text editor can be used to directly edit the APPX Login Manager daemon configuration files (ini and env). The configuration files include comments to help you make the desired changes. If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct. The preferred method for modifying an APPX Login Manager daemon is with Medhod 1 above.

Managing an APPX Login Manager Daemon

Line: 139 to 139
 In addition to creating the service configuration file and the environment configuration file, the -install command also creates an operating system service that will be automatically started when the computer system is started.

After creating the configuration files and the operating system service, the -install command starts the service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...

Changed:
<
<
The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed. After updating the configuration files, the -modify command restarts the service.
>
>
The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed. After updating the configuration files, the -modify command restarts the service. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.
  -replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...
Changed:
<
<
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command. After updating the configuration files, the -replace command restarts the service.
>
>
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command. After updating the configuration files, the -replace command restarts the service. Note that when specifying variables on the command line, you must prefix them with a dash if you are referring to settings such as SSLmode, or without a dash if you are referring to environment variables, such as APPX_KEYMAP.
  -remove -name=SERVICENAME
The -remove command is used to remove an existing Connection Service. The -remove command will remove the configuration files (ini and env) and the corresponding operating system service. If the service is running when the -remove command is executed, the -remove command will first stop the service and then remove the service.
Line: 275 to 283
 
This option is not needed and has not been implemented.

Configuration - Environment Variables

VARIABLE=VALUE
Changed:
<
<
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager.
>
>
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager. Note that when specifying variables on the command line, you do not prefix them with a dash if you are referring to environment variables.
 

Synopsis - Service Management

appxLoginMgr [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}
Line: 321 to 332
  appxLoginMgr -start appx8060
Added:
>
>
Modify a setting and an environment variable of an existing service

appxLoginMgr -modify -name=appx8060 -SSLMode=required APPX_KEYMAP=Windows

 

The Configuration File (ini)

Each instance of an APPX Connection Service has a configuration file that is used to store the various parameters relating to that specific instance of the connection service.

Revision 482008-07-29 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"
Added:
>
>
 

APPX Login Manager For Unix/Linux

This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.
Line: 44 to 45
 In the event that it is necessary to reset the permissions on the appxLoginMgr command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxLoginMgr command.


Changed:
<
<

cd /usr/local/appx/tools chown root appxLoginMgr chgrp appxgrp appxLoginMgr chmod 4775 appxLoginMgr

>
>

cd /usr/local/appx/tools chown root appxLoginMgr chgrp appxgrp appxLoginMgr chmod 4775 appxLoginMgr

 

You can check the permissions of the appxLoginMgr command by running the following command:


Changed:
<
<
ls -l appxLoginMgr
>
>
ls -l appxLoginMgr
 

The recommended permissions should be as follows:

Line: 95 to 96
 The appxLoginMgr command can be used to manage an instance of the APPX Connection Service. The appxLoginMgr command can be used to start, stop, restart, or display the status of an instance of an APPX Connection Service.

Method 2 - O/S Services

Changed:
<
<
Your operating system includes commands or programs that can be used to manage services. APPX Connection Services can be managed with these tools. The actual commands and programs vary depending on your operating system. Red Hat uses the command line tool service.
>
>
Your operating system includes commands or programs that can be used to manage services. APPX Connection Services can be managed with these tools. The actual commands and programs vary depending on your operating system. Red Hat uses the command line tool service.
 

Changed:
<
<
[root@tubes tools]# service appxd-8060 status
>
>
[root@tubes tools]# service appxd-8060 status
 Warning - the engine that you named has the setuid bit enabled, you may not want that bit set for the authentication method that you have chosen (OS-User)
Line: 107 to 108
 

Changed:
<
<

Usage (appxdsvc)

>
>

Usage (appxLoginMgr)

 

Synopsis - Service Configuration

The appxLoginMgr service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.
Line: 179 to 180
 
This option can be used to disable the ability to define an APPX keymap. If set to true, those interactive clients which support the ability to define an APPX keymap will not be allowed to do so.

-initScript={lsb, RedHat}

Changed:
<
<
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxdsvc will determine which type of service script to install.
>
>
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxLoginMgr will determine which type of service script to install.
 
Options - Session Identity/Permissions
-ImpersonateUID={true, false}
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner. Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service. If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
Line: 276 to 277
 
VARIABLE=VALUE
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager.

Synopsis - Service Management

Changed:
<
<
appxdsvc [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}
>
>
appxLoginMgr [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}
  MANAGEMENT OPTIONS
-start | < blank >
Line: 295 to 296
  Example 1: Configure and start a new instance of the Connection Service that will listen for connection requests on port 8060:
Changed:
<
<
appxdsvc -install -port=8060
>
>
appxLoginMgr -install -port=8060
 
Warning - the engine that you named has the setuid bit enabled

Line: 304 to 305
 ../appx Configuration written to: appxd-8060.ini Environment written to: appxd-8060.envtten to: /etc/rc.d/init.d/appxd-8060
Changed:
<
<
appxdsvc -install -port=8060 -name=appx8060 -displayName="Appx-Production(8060)" -engine=/usr/local/appx/appx APPXPATH=c:\appx\data APPX_KEYMAP=WINDOWS
>
>
appxLoginMgr -install -port=8060 -name=appx8060 -displayName="Appx-Production(8060)" -engine=/usr/local/appx/appx APPXPATH=c:\appx\data APPX_KEYMAP=WINDOWS
  Display the status of an instance of the Connection Service:
Changed:
<
<
appxdsvc -status appx8060
>
>
appxLoginMgr -status appx8060
  Shutdown a running instance of the Connection Service:
Changed:
<
<
appxdsvc -stop appx8060
>
>
appxLoginMgr -stop appx8060
  Start a previously configured instance of the Connection Service:
Changed:
<
<
appxdsvc -start appx8060
>
>
appxLoginMgr -start appx8060
 

The Configuration File (ini)

Each instance of an APPX Connection Service has a configuration file that is used to store the various parameters relating to that specific instance of the connection service.
Changed:
<
<
The -install option of the appxdsvc command creates the configuration file when the service is created.
>
>
The -install option of the appxLoginMgr command creates the configuration file when the service is created.
  The name of the configuration file is the concatenation of the service name and ".ini". For example, if the service name is "appxd-8430", the name of the configuration file will be "appxd-8430.ini".
Changed:
<
<
The configuration file is created in whichever directory is your current directory at the time that the appxdsvc command is run to create the service. Therefore, before you run the appxdsvc command to create a service, you must first change to the directory where you want the configuration file to reside. For example, if you want the configuration file to be created in the APPX tools directory, you should change to the tools directory before you run the appxdsvc command.
>
>
The configuration file is created in whichever directory is your current directory at the time that the appxLoginMgr command is run to create the service. Therefore, before you run the appxLoginMgr command to create a service, you must first change to the directory where you want the configuration file to reside. For example, if you want the configuration file to be created in the APPX tools directory, you should change to the tools directory before you run the appxLoginMgr command.
  The name of the configuration file and the location of the configuration file should not be changed. The service that is created will not work correctly if the name or the location of the configuration file is changed.
Line: 386 to 389
 

The Environment File (env)

Each instance of an APPX Connection Service has an environment file that is used to store the environment variables relating to that specific instance of the connection service. The environment variables in the environment file are inherited by each APPX session that is started by the APPX Connection Service.
Changed:
<
<
The -install option of the appxdsvc command creates the environment file when the service is created.
>
>
The -install option of the appxLoginMgr command creates the environment file when the service is created.
  The name of the environment file is the concatenation of the service name and ".env". For example, if the service name is "appxd-8430", the name of the environment file will be "appxd-8430.env".
Changed:
<
<
The environment file is created in whichever directory is your current directory at the time that the appxdsvc command is run to create the service. Therefore, before you run the appxdsvc command to create a service, you must first change to the directory where you want the environment file to reside. For example, if you want the environment file to be created in the APPX tools directory, you should change to the tools directory before you run the appxdsvc command.
>
>
The environment file is created in whichever directory is your current directory at the time that the appxLoginMgr command is run to create the service. Therefore, before you run the appxLoginMgr command to create a service, you must first change to the directory where you want the environment file to reside. For example, if you want the environment file to be created in the APPX tools directory, you should change to the tools directory before you run the appxLoginMgr command.
  The name of the environment file and the location of the environment file should not be changed. The service that is created will not work correctly if the name or the location of the environment file is changed.
Line: 525 to 528
 

appxLoginMgr behavior to keep in mind

Changed:
<
<

The appxLoginMgr -modify argument will maintain existing values,

>
>

The appxLoginMgr -modify argument will maintain existing values,

 but will actually remove and create new .env and .ini files with the new values specified. This combination action of remove and recreation will change (remove) any existing non default comments.
Line: 667 to 667
 
  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
  2. To clarify the purpose of the file, consider renaming uappxd/appxdsvc to appxLoginMgr on all platforms.
  3. To clarify the purpose of the file, consider renaming uappxd/appxdsvc to appxAuditLogger
Changed:
<
<
  1. In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument that would list all appxLoginMgr daemons.  (Perhaps this isn't practical on Unix platforms)
  2. APPX_KEYMAP environment variable should be initialized upon default install options.  Currently "appxLoginMgr -install -SockPort=8060" does not place APPX_KEYMAP into appxLoginMgr-8060.env.
>
>
  1. In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument that would list all appxLoginMgr daemons. (Perhaps this isn't practical on Unix platforms)
  2. APPX_KEYMAP environment variable should be initialized upon default install options. Currently "appxLoginMgr -install -SockPort=8060" does not place APPX_KEYMAP into appxLoginMgr-8060.env.
 
  1. appxLoginMgr should create .ini and .env files in the tools subdirectory, and not in the current working directory.
  2. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName=appxd-8060.
Changed:
<
<
  1. The requirements for use of -name argument seem inconsistant.  Below are examples where + works, and - does not.
>
>
  1. The requirements for use of -name argument seem inconsistant. Below are examples where + works, and - does not.
 
    1. (-) ./appxLoginMgr -modify appxd-8060 -TCPNodelay=false

    2. (+) ./appxLoginMgr -modify -name=appxd-8060 -TCPNodelay=false
    3. (-)./appxLoginMgr -status

Revision 472008-07-03 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"
Changed:
<
<

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
>
>

APPX Login Manager For Unix/Linux

This page describes how to install the APPX Login Manager command and how to use it to install, configure, and manage APPX Login Services on Unix/Linux systems.
 
Changed:
<
<
The APPX Connection Manager command is used to configure and manage APPX Connection Services.
>
>
The APPX Login Manager command is used to configure and manage APPX Login Services.
 
Changed:
<
<
An APPX Connection Service listens for and processes connection requests from various types of APPX clients.
>
>
An APPX Login Service (or daemon) listens for and processes login requests from various types of APPX clients.
  The following types of remote APPX clients are supported:
  • APPX Desktop Client (Java)

Revision 462008-07-02 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 34 to 34
 
    • Service configuration
    • Client request
Changed:
<
<

Installing the APPX Connection Manager Command ( appxloginmgr)

The APPX Login Manager ( appxloginmgr) command is installed automatically when you install APPX on your system. The installer sets the necessary owner and group permissions for the appxloginmgr command. So, there is nothing additional that you need to do to install the appxloginmgr command. However, after you install APPX, you will need to run the appxloginmgr command to configure and start an instance of the APPX Connection Service before any remote client connections may be established.
>
>

Installing the APPX Connection Manager Command ( appxLoginMgr)

The APPX Login Manager ( appxLoginMgr) command is installed automatically when you install APPX on your system. The installer sets the necessary owner and group permissions for the appxLoginMgr command. So, there is nothing additional that you need to do to install the appxLoginMgr command. However, after you install APPX, you will need to run the appxLoginMgr command to configure and start an instance of the APPX Connection Service before any remote client connections may be established.
 
Changed:
<
<
The appxloginmgr command is installed into the "tools" subdirectory of the directory where you installed APPX. So, if you installed APPX in "/usr/local/appx", the full pathname of the appxloginmgr command will be "/usr/local/appx/tools/appxloginmgr".
>
>
The appxLoginMgr command is installed into the "tools" subdirectory of the directory where you installed APPX. So, if you installed APPX in "/usr/local/appx", the full pathname of the appxLoginMgr command will be "/usr/local/appx/tools/appxLoginMgr".
 
Changed:
<
<
The appxloginmgr command must run with the permissions of the root user because it will be spawning appx processes running as each logged in user. Therefore, the owner of the appxloginmgr command should be the root user and the SUID bit should be set so that the appxloginmgr command can be run by users other than root but still be run with the permissions of root.
>
>
The appxLoginMgr command must run with the permissions of the root user because it will be spawning appx processes running as each logged in user. Therefore, the owner of the appxLoginMgr command should be the root user and the SUID bit should be set so that the appxLoginMgr command can be run by users other than root but still be run with the permissions of root.
 
Changed:
<
<
In the event that it is necessary to reset the permissions on the appxloginmgr command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxloginmgr command.
>
>
In the event that it is necessary to reset the permissions on the appxLoginMgr command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxLoginMgr command.
 

cd /usr/local/appx/tools

Changed:
<
<
chown root appxloginmgr chgrp appxgrp appxloginmgr chmod 4775 appxloginmgr
>
>
chown root appxLoginMgr chgrp appxgrp appxLoginMgr chmod 4775 appxLoginMgr
 
Changed:
<
<
You can check the permissions of the appxloginmgr command by running the following command:
>
>
You can check the permissions of the appxLoginMgr command by running the following command:
 

Changed:
<
<
ls -l appxloginmgr
>
>
ls -l appxLoginMgr
 

The recommended permissions should be as follows:


Changed:
<
<
-rwsrwxr-x 1 root root 636843 Jul 11 07:31 appxloginmgr
>
>
-rwsrwxr-x 1 root root 636843 Jul 11 07:31 appxLoginMgr
 

Creating and Configuring an APPX Connection Service

Changed:
<
<
On Unix/Linux systems, an instance of the APPX Connection Service is initially created, configured, and started by running the appxloginmgr command with the -install option. At least one appropriately configured instance of the APPX Connection Service must be created, configured, and started before a remote APPX Client can initiate an APPX session. You may create, configure, and start as many different instances of the APPX Connection Service as you desire. However, each concurrently running instance must be configured to listen for connection requests on a different TCP/IP port.
>
>
On Unix/Linux systems, an instance of the APPX Connection Service is initially created, configured, and started by running the appxLoginMgr command with the -install option. At least one appropriately configured instance of the APPX Connection Service must be created, configured, and started before a remote APPX Client can initiate an APPX session. You may create, configure, and start as many different instances of the APPX Connection Service as you desire. However, each concurrently running instance must be configured to listen for connection requests on a different TCP/IP port.
 

Creating a Connection Service

Before remote clients can connect to an APPX system, at least one instance of an APPX Connection Service must be configured and started.

Changed:
<
<
The -install option of the appxloginmgr command is used to initially create, configure, and start an instance of the APPX Connection Service. The following steps are performed:
>
>
The -install option of the appxLoginMgr command is used to initially create, configure, and start an instance of the APPX Connection Service. The following steps are performed:
 
  1. A configuration file (ini) is created
  2. An environment file (env) is created
  3. A service is created, including required init files and links. ( On Red Hat, /etc/init.d/ )
  4. The service is started
Changed:
<
<
For compete information on using the -install option of the appxloginmgr command, please refer to the usage section of this page.
>
>
For compete information on using the -install option of the appxLoginMgr command, please refer to the usage section of this page.
 

The Name of the Service

Line: 83 to 83
 

Changing a Connection Service

Two methods are available for modifying an existing instance of an APPX Connection Service.
Changed:
<
<

Method 1 - The Connection Manager Command (appxdsvc)

The -modify command and the - replace command of the appxdsvc connection manager can be used to modify or replace a previously configured instance of the APPX Connection Service. These options update the existing APPX Connection Service configuration files (ini and env) with the options specified.
>
>

Method 1 - The APPX Login Manager Command (appxLoginMgr)

The -modify command and the - replace command of the appxLoginMgr tool can be used to modify or replace a previously configured instance of the APPX Login Manager. These options update the existing APPX Login Manager daemon configuration files (ini and env) with the options specified.
 

Method 2 - Text Editor

Changed:
<
<
A text editor can be used to directly edit the APPX Connection Service configuration files (ini and env). The configuration files include comments to help you make the desired changes. If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct. The preferred method for modifying a connection service is with Medhod 1 above.

Managing an APPX Connection Service

>
>
A text editor can be used to directly edit the APPX Login Manager daemon configuration files (ini and env). The configuration files include comments to help you make the desired changes. If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct. The preferred method for modifying an APPX Login Manager daemon is with Medhod 1 above.

Managing an APPX Login Manager Daemon

 Two methods are available for managing an existing instance of the APPX Connection Service.

Method 1 - appxLoginMgr command

Line: 112 to 112
 

Synopsis - Service Configuration

The appxLoginMgr service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.
Changed:
<
<
appxloginmgr -install -SockPort=[TCP-Port] [options]... [VARIABLE=VALUE]...
>
>
appxLoginMgr -install -SockPort=[TCP-Port] [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxloginmgr -modify -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
appxLoginMgr -modify -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxloginmgr -replace -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
appxLoginMgr -replace -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxloginmgr -remove -serviceName=SERVICENAME
>
>
appxLoginMgr -remove -serviceName=SERVICENAME
 

Configuration - Commands

Revision 452008-06-30 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.

Revision 442008-06-27 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 524 to 524
 handleClients - waiting
Changed:
<
<

Testing Results

010) (Error) The argument -replace erroneously

does not require the “-name” argument

If a site has two services appxd-8060 and appxd-8061 and issues the following:

./appxLoginMgr -replace -TCPNoDelay=false

The tool makes the modification to the appxd-8060.ini file. It probably should force the user to use the -name argument here.

./appxLoginMgr -replace appxd-8061 -TCPNoDelay=false

Fails.

./appxLoginMgr -replace -name=appxd-8061 -TCPNoDelay=false

Works. (Although one would probably want to add -port=8061 in the above example)

011) (Informational) Just a comment on -modify

behavior.

-modify will maintain existing values,

>
>

appxLoginMgr behavior to keep in mind

The appxLoginMgr -modify argument will maintain existing values,

 but will actually remove and create new .env and .ini files with the new values specified. This combination action of remove and recreation will change (remove) any existing non default comments.
Line: 695 to 670
 
  1. In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument that would list all appxLoginMgr daemons.  (Perhaps this isn't practical on Unix platforms)
  2. APPX_KEYMAP environment variable should be initialized upon default install options.  Currently "appxLoginMgr -install -SockPort=8060" does not place APPX_KEYMAP into appxLoginMgr-8060.env.
  3. appxLoginMgr should create .ini and .env files in the tools subdirectory, and not in the current working directory.
Added:
>
>
  1. The appxLoginMgr -replace argument should require the -ServiceName option, and not assume ServiceName=appxd-8060.
 
  1. The requirements for use of -name argument seem inconsistant.  Below are examples where + works, and - does not.
    1. (-) ./appxLoginMgr -modify appxd-8060 -TCPNodelay=false

    2. (+) ./appxLoginMgr -modify -name=appxd-8060 -TCPNodelay=false

Revision 432008-06-27 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 39 to 39
  The appxloginmgr command is installed into the "tools" subdirectory of the directory where you installed APPX. So, if you installed APPX in "/usr/local/appx", the full pathname of the appxloginmgr command will be "/usr/local/appx/tools/appxloginmgr".
Changed:
<
<
The appxloginmgr command must run with the permissions of the root user. Therefore, the owner of the appxloginmgr command should be the root user and the SUID bit should be set so that the appxloginmgr command can be run by users other than root but still be run with the permissions of root.
>
>
The appxloginmgr command must run with the permissions of the root user because it will be spawning appx processes running as each logged in user. Therefore, the owner of the appxloginmgr command should be the root user and the SUID bit should be set so that the appxloginmgr command can be run by users other than root but still be run with the permissions of root.
  In the event that it is necessary to reset the permissions on the appxloginmgr command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxloginmgr command.


Changed:
<
<

cd /usr/local/appx/tools chown root appxloginmgr chgrp appxgrp appxloginmgr chmod 4775 appxloginmgr

>
>

cd /usr/local/appx/tools chown root appxloginmgr chgrp appxgrp appxloginmgr chmod 4775 appxloginmgr

 

You can check the permissions of the appxloginmgr command by running the following command:


Changed:
<
<
ls -l appxloginmgr
>
>
ls -l appxloginmgr
 

The recommended permissions should be as follows:

Line: 70 to 70
 The -install option of the appxloginmgr command is used to initially create, configure, and start an instance of the APPX Connection Service. The following steps are performed:
  1. A configuration file (ini) is created
  2. An environment file (env) is created
Changed:
<
<
  1. A service is created
>
>
  1. A service is created, including required init files and links. ( On Red Hat, /etc/init.d/ )
 
  1. The service is started

For compete information on using the -install option of the appxloginmgr command, please refer to the usage section of this page.

The Name of the Service

Changed:
<
<
Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have. If you do not specify a name, a name will be assigned for you.
>
>
Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have. If you do not specify a name, a name will be assigned for you for example, appxd-8060.
 

TCP/IP Port Number

Changed:
<
<
When creating an instance of an APPX Connection Service, the -port option must be used to specify the TCP/IP port number on which the service is to listen for connection requests. Any available TCP/IP port number may be specified when installing an instance of the APPX Connection Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional intances of the APPX Connection Manager are configured, each instance is typically assigned the next available port number after 8060.
>
>
When creating an instance of an APPX Connection Service, the -SockPort option must be used to specify the TCP/IP port number on which the service is to listen for connection requests. Any available TCP/IP port number may be specified when installing an instance of the APPX Connection Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional instances of the APPX Connection Manager are configured, each instance is typically assigned the next available port number after 8060.
 

Changing a Connection Service

Two methods are available for modifying an existing instance of an APPX Connection Service.
Line: 90 to 90
 

Managing an APPX Connection Service

Two methods are available for managing an existing instance of the APPX Connection Service.
Changed:
<
<

Method 1 - appxdsvc command

>
>

Method 1 - appxLoginMgr command

 
Changed:
<
<
The appxdsvc command can be used to manage an instance of the APPX Connection Service. The appxdsvc command can be used to start, stop, restart, or display the status of an instance of an APPX Connection Service.
>
>
The appxLoginMgr command can be used to manage an instance of the APPX Connection Service. The appxLoginMgr command can be used to start, stop, restart, or display the status of an instance of an APPX Connection Service.
 

Method 2 - O/S Services

Changed:
<
<
Your operating system includes commands or programs that can be used to manage services. APPX Connection Services can be managed with these tools. The actual commands and programs vary depending on your operating system.
>
>
Your operating system includes commands or programs that can be used to manage services. APPX Connection Services can be managed with these tools. The actual commands and programs vary depending on your operating system. Red Hat uses the command line tool service.
[root@tubes tools]# service appxd-8060 status
Warning - the engine that you named has the setuid bit enabled,
          you may not want that bit set for the authentication
          method that you have chosen (OS-User)
 	   To turn off the setuid bit, chmod u-s ../appx
up and running (process 13893 servicing port 8060)
[root@tubes tools]# 

 

Usage (appxdsvc)

Synopsis - Service Configuration

Changed:
<
<
The appxdsvc service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.

appxloginmgr -install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...

>
>
The appxLoginMgr service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.
 
Changed:
<
<
appxloginmgr -install -port=PORT [options]... [VARIABLE=VALUE]...
>
>
appxloginmgr -install -SockPort=[TCP-Port] [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxloginmgr -modify -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
appxloginmgr -modify -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxloginmgr -replace -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
appxloginmgr -replace -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxloginmgr -remove -serviceName=SERVICENAME
>
>
appxloginmgr -remove -serviceName=SERVICENAME
 

Configuration - Commands

Changed:
<
<
-install -name=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
-install -name=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
-install -port=PORT [options]... [VARIABLE=VALUE]...
>
>
-install -port=PORT [options]... [VARIABLE=VALUE]...
 
The -install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.

The first form of the -install command requires only that a service name be specified. All other options are optional including the TCP/IP port. Any option not specified will be configured with an appropriate default value.

Revision 422008-06-26 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"
Deleted:
<
<
 

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.

Revision 412008-06-20 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"
Added:
>
>
 

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 44 to 45
 In the event that it is necessary to reset the permissions on the appxloginmgr command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxloginmgr command.


Changed:
<
<

cd /usr/local/appx/tools chown root appxloginmgr chgrp appxgrp appxloginmgr chmod 4775 appxloginmgr

>
>

cd /usr/local/appx/tools chown root appxloginmgr chgrp appxgrp appxloginmgr chmod 4775 appxloginmgr

 

You can check the permissions of the appxloginmgr command by running the following command:


Changed:
<
<
ls -l appxloginmgr
>
>
ls -l appxloginmgr
 

The recommended permissions should be as follows:

Line: 517 to 518
 

Testing Results

Deleted:
<
<

004) (Suggestion) Windows' APPXDSVC.exe supports

-status argument by itself to list all APPX services.

For example on Windows:

C:\Appx\appx.42a\tools>appxdsvc -status

Service Name: appxd-8060

Display Name: appxd-8060

Status: running

Service Name: appxd-8074

Display Name: appxd-8074

Status: running

Service Name: appxd-9999

Display Name: appxd-9999

Status: running

C:\Appx\appx.42a\tools>

Now on Linux:

[root@APPX4.30TestBox tools]# ./appxLoginMgr -status

serviceName: -status

servicePath: ./

Looking for config file in -status.ini

Error - can't open configuration file for service -status

No such file or directory

[root@APPX4.30TestBox tools]#

005) (Suggestion) Windows' APPXDSVC supports

-install as sole argument to create initial service on port 8060.

For example on Windows:

C:\Appx\appx.42a\tools>appxdsvc -install

appxd-8060 Configured

appxd-8060 will start automatically each time you boot your system

C:\Appx\appx.42a\tools>

For example on Linux:

[root@APPX4.30TestBox tools]# ./appxLoginMgr -install

serviceName: -install

servicePath: ./

Looking for config file in -install.ini

Error - can't open configuration file for service -install

No such file or directory

[root@APPX4.30TestBox tools]#

006) (Suggestion) Rename .ini, .env and service

names to match new names of appxLoginMgr and appxAuditLogger.

Current value is appxd-NNNN where NNNN is the port number.

Should be perhaps appxLoginListener-NNNN for appxLoginMgr files/services

Should be perhaps appxAuditLoggerListener-NNNN for appxAuditLogger files/services

007) (Suggestion) appxLoginMgr service creation

does not initialize required environment variable APPX_KEYMAP, results in hung client on TCP logins.

Probably should set APPX_KEYMAP = WINDOWS in appxLoginListener-NNNN.env file.

008) (Error) Service definition files can get

created in current working directory, which may not be where one wants them to be created.

An example on Linux follows:

[root@APPX4.30TestBox appx]# pwd

/appx

[root@APPX4.30TestBox appx]# ls

[root@APPX4.30TestBox appx]# /usr/local/appx/tools/appxLoginMgr -install -port=8060 -engine=/usr/local/appx/appx

Warning - the engine that you named has the setuid bit enabled,

you may not want that bit set for the authentication

method that you have chosen (OS-User)

To turn off the setuid bit, chmod u-s /usr/local/appx/appx

Configuration written to: appxd-8060.ini

Environment written to: appxd-8060.env

Service script written to: /etc/init.d/appxd-8060

Configuration complete

Registering service

Starting appxd-8060: serviceName: appxd-8060

servicePath: /appx/

Looking for config file in appxd-8060.ini

Warning - the engine that you named has the setuid bit enabled,

you may not want that bit set for the authentication

method that you have chosen (OS-User)

To turn off the setuid bit, chmod u-s /usr/local/appx/appx

Writing process ID to /var/run/appxd-8060.pid

running as process 7803 servicing port 8060

Warning - the engine that you named has the setuid bit enabled,

you may not want that bit set for the authentication

method that you have chosen (OS-User)

To turn off the setuid bit, chmod u-s /usr/local/appx/appx

up and running (process 7803 servicing port 8060)

Installation Complete

[root@APPX4.30TestBox appx]# ls

appxd-8060.env appxd-8060.ini

[root@APPX4.30TestBox appx]# ls /usr/local/appx/tools/appxd-8060*

ls: /usr/local/appx/tools/appxd-8060*: No such file or directory

[root@APPX4.30TestBox appx]#

009) (Suggestion) Possible inconsistent

requirement of the -name argument.

It seems we are inconsistent in our requirements for the use of the -name argument. Examples follow where (+) works and (-) does not currently work.

(-) ./appxLoginMgr -modify appxd-8060 -TCPNodelay=false

(+) ./appxLoginMgr -modify -name=appxd-8060 -TCPNodelay=false

(-)./appxLoginMgr -status

(+)./appxLoginMgr -status -name=appxd-8060

(+) ./appxLoginMgr -stop appxd-8060

(-) ./appxLoginMgr -stop -name=appxd-8060

(+) ./appxLoginMgr -start appxd-8060

(-) ./appxLoginMgr -start -name=appxd-8060

(-) ./appxLoginMgr -remove appxd-8060

(+) ./appxLoginMgr -remove -name=appxd-8060

(-) ./appxLoginMgr -status

(+) ./appxLoginMgr -status appxd-8060

(+) ./appxLoginMgr -status -name=8060

 

010) (Error) The argument -replace erroneously

does not require the “-name” argument
Line: 913 to 680
 to work. The /etc/inid.d/appxd-8060 startup script references by name and path the .ini, .env, and appxLoginMgr/appxAuditLogger files.
Changed:
<
<

Suggested Behavior:

>
>

Suggested Behavior changes:

 
  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
  2. To clarify the purpose of the file, consider renaming uappxd/appxdsvc to appxLoginMgr on all platforms.
  3. To clarify the purpose of the file, consider renaming uappxd/appxdsvc to appxAuditLogger
Changed:
<
<
  1. In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument.
Windows' APPXDSVC.exe supports -status argument by itself to list all APPX services.

For example on Windows:

C:\Appx\appx.42a\tools>appxdsvc -status

>
>
  1. In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument that would list all appxLoginMgr daemons.  (Perhaps this isn't practical on Unix platforms)
  2. APPX_KEYMAP environment variable should be initialized upon default install options.  Currently "appxLoginMgr -install -SockPort=8060" does not place APPX_KEYMAP into appxLoginMgr-8060.env.
  3. appxLoginMgr should create .ini and .env files in the tools subdirectory, and not in the current working directory.
  4. The requirements for use of -name argument seem inconsistant.  Below are examples where + works, and - does not.
    1. (-) ./appxLoginMgr -modify appxd-8060 -TCPNodelay=false

    2. (+) ./appxLoginMgr -modify -name=appxd-8060 -TCPNodelay=false
    3. (-)./appxLoginMgr -status
    4. (+)./appxLoginMgr -status -name=appxd-8060
    5. (+) ./appxLoginMgr -stop appxd-8060
    6. (-) ./appxLoginMgr -stop -name=appxd-8060
    7. (+) ./appxLoginMgr -start appxd-8060
    8. (-) ./appxLoginMgr -start -name=appxd-8060
    9. (-) ./appxLoginMgr -remove appxd-8060
    10. (+) ./appxLoginMgr -remove -name=appxd-8060
    11. (-) ./appxLoginMgr -status
    12. (+) ./appxLoginMgr -status appxd-8060
    13. (+) ./appxLoginMgr -status -name=8060
Bugs:
 
Changed:
<
<
Service Name: appxd-8060

Display Name: appxd-8060

Status: running

Service Name: appxd-8074

Display Name: appxd-8074

Status: running

Service Name: appxd-9999

Display Name: appxd-9999

Status: running

C:\Appx\appx.42a\tools>

Now on Linux:

[root@APPX4.30TestBox tools]# ./appxLoginMgr -status

serviceName: -status

servicePath: ./

Looking for config file in -status.ini

Error - can't open configuration file for service -status

No such file or directory

[root@APPX4.30TestBox tools]#

Bugs:

  1. Fixed - Bug 2090 uappxd doesn't remove a running service.
>
>
  1. Fixed - Bug 2090 uappxd doesn't remove a running service.
 

Comments:

Read what other users have said about this page or add your own comments.

Revision 402008-06-20 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 517 to 517
 

Testing Results

Deleted:
<
<

003) (Fixed) Bug #2090 Verified as fixed

[root@APPX4.30TestBox tools]# ./appxdsvc -remove -name=appxd-8060

Stopping service... stopped

Deleting init script... done

Deleting configuration files... done

Finished

[root@APPX4.30TestBox tools]# cd /etc/init.d

[root@APPX4.30TestBox init.d]# find .|grep appx

./uappxd-log-8431

./appxd-8430

 

004) (Suggestion) Windows' APPXDSVC.exe supports

-status argument by itself to list all APPX services.
Line: 984 to 962
  No such file or directory

[root@APPX4.30TestBox tools]#

Changed:
<
<
>
>

Bugs:

  1. Fixed - Bug 2090 uappxd doesn't remove a running service.
 

Comments:

Read what other users have said about this page or add your own comments.

Revision 392008-06-19 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 517 to 517
 

Testing Results

Deleted:
<
<

001) (Suggestion) Rename uappxd appxLoginMgr

002) (Suggestion) Rename uappxd appxAuditLogger

 

003) (Fixed) Bug #2090 Verified as fixed

[root@APPX4.30TestBox tools]#

Line: 945 to 938
 

Suggested Behavior:

  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
  2. To clarify the purpose of the file, consider renaming uappxd/appxdsvc to appxLoginMgr on all platforms.
Added:
>
>
  1. To clarify the purpose of the file, consider renaming uappxd/appxdsvc to appxAuditLogger
  2. In an effort to make appxdsvc and uappxd (appxLoginMgr) as similar as possible, consider allowing -status as a single argument.
Windows' APPXDSVC.exe supports -status argument by itself to list all APPX services.

For example on Windows:

C:\Appx\appx.42a\tools>appxdsvc -status

Service Name: appxd-8060

Display Name: appxd-8060

Status: running

Service Name: appxd-8074

Display Name: appxd-8074

Status: running

Service Name: appxd-9999

Display Name: appxd-9999

Status: running

C:\Appx\appx.42a\tools>

Now on Linux:

[root@APPX4.30TestBox tools]# ./appxLoginMgr -status

serviceName: -status

servicePath: ./

Looking for config file in -status.ini

Error - can't open configuration file for service -status

No such file or directory

[root@APPX4.30TestBox tools]#

 

Comments:

Read what other users have said about this page or add your own comments.

Revision 382008-06-19 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 944 to 944
 

Suggested Behavior:

  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
Added:
>
>
  1. To clarify the purpose of the file, consider renaming uappxd/appxdsvc to appxLoginMgr on all platforms.
 

Comments:

Read what other users have said about this page or add your own comments.

Revision 372008-06-19 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 101 to 101
 

Synopsis - Service Configuration

The appxdsvc service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.
Changed:
<
<
appxdsvc -install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
appxloginmgr -install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxdsvc -install -port=PORT [options]... [VARIABLE=VALUE]...
>
>
appxloginmgr -install -port=PORT [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxdsvc -modify -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
appxloginmgr -modify -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxdsvc -replace -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
appxloginmgr -replace -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxdsvc -remove -serviceName=SERVICENAME
>
>
appxloginmgr -remove -serviceName=SERVICENAME
 

Configuration - Commands

Line: 942 to 942
 to work. The /etc/inid.d/appxd-8060 startup script references by name and path the .ini, .env, and appxLoginMgr/appxAuditLogger files.
Added:
>
>

Suggested Behavior:

  1. To match the Windows platform, he following should be valid syntax: "appxLoginMgr -install". It should default to port 8060, or the Windows platform should not default to port 8060.
 

Comments:

Read what other users have said about this page or add your own comments.

Revision 362008-06-18 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"
Deleted:
<
<
 

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 35 to 34
 
    • Service configuration
    • Client request
Changed:
<
<

Installing the APPX Connection Manager Command ( appxdsvc)

The APPX Connection Manager ( appxdsvc) command is installed automatically when you install APPX on your system. The installer sets the necessary owner and group permissions for the appxdsvc command. So, there is nothing additional that you need to do to install the appxdsvc command. However, after you install APPX, you will need to run the appxdsvc command to configure and start an instance of the APPX Connection Service before any remote client connections may be established.
>
>

Installing the APPX Connection Manager Command ( appxloginmgr)

The APPX Login Manager ( appxloginmgr) command is installed automatically when you install APPX on your system. The installer sets the necessary owner and group permissions for the appxloginmgr command. So, there is nothing additional that you need to do to install the appxloginmgr command. However, after you install APPX, you will need to run the appxloginmgr command to configure and start an instance of the APPX Connection Service before any remote client connections may be established.
 
Changed:
<
<
The appxdsvc command is installed into the "tools" subdirectory of the directory where you installed APPX. So, if you installed APPX in "/usr/local/appx", the full pathname of the appxdsvc command will be "/usr/local/appx/tools/appxdsvc".
>
>
The appxloginmgr command is installed into the "tools" subdirectory of the directory where you installed APPX. So, if you installed APPX in "/usr/local/appx", the full pathname of the appxloginmgr command will be "/usr/local/appx/tools/appxloginmgr".
 
Changed:
<
<
The appxdsvc command must run with the permissions of the root user. Therefore, the owner of the appxdsvc command should be the root user and the SUID bit should be set so that the appxdsvc command can be run by users other than root but still be run with the permissions of root.
>
>
The appxloginmgr command must run with the permissions of the root user. Therefore, the owner of the appxloginmgr command should be the root user and the SUID bit should be set so that the appxloginmgr command can be run by users other than root but still be run with the permissions of root.
 
Changed:
<
<
In the event that it is necessary to reset the permissions on the appxdsvc command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxdsvc command.
>
>
In the event that it is necessary to reset the permissions on the appxloginmgr command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxloginmgr command.
 

Changed:
<
<

cd /usr/local/appx/tools chown root appxdsvc chgrp appxgrp appxdsvc chmod 775 appxdsvc chmod u+s appxdsvc

>
>

cd /usr/local/appx/tools chown root appxloginmgr chgrp appxgrp appxloginmgr chmod 4775 appxloginmgr

 
Changed:
<
<
You can check the permissions of the appxdsvc command by running the following command:
>
>
You can check the permissions of the appxloginmgr command by running the following command:
 

Changed:
<
<
ls -l appxdsvc
>
>
ls -l appxloginmgr
 

The recommended permissions should be as follows:


Changed:
<
<
-rwsrwxr-x 1 root root 636843 Jul 11 07:31 appxdsvc
>
>
-rwsrwxr-x 1 root root 636843 Jul 11 07:31 appxloginmgr
 

Creating and Configuring an APPX Connection Service

Changed:
<
<
On Unix/Linux systems, an instance of the APPX Connection Service is initially created, configured, and started by running the appxdsvc command with the -install option. At least one appropriately configured instance of the APPX Connection Service must be created, configured, and started before a remote APPX Client can initiate an APPX session. You may create, configure, and start as many different instances of the APPX Connection Service as you desire. However, each concurrently running instance must be configured to listen for connection requests on a different TCP/IP port.
>
>
On Unix/Linux systems, an instance of the APPX Connection Service is initially created, configured, and started by running the appxloginmgr command with the -install option. At least one appropriately configured instance of the APPX Connection Service must be created, configured, and started before a remote APPX Client can initiate an APPX session. You may create, configure, and start as many different instances of the APPX Connection Service as you desire. However, each concurrently running instance must be configured to listen for connection requests on a different TCP/IP port.
 

Creating a Connection Service

Before remote clients can connect to an APPX system, at least one instance of an APPX Connection Service must be configured and started.

Changed:
<
<
The -install option of the appxdsvc command is used to initially create, configure, and start an instance of the APPX Connection Service. The following steps are performed:
>
>
The -install option of the appxloginmgr command is used to initially create, configure, and start an instance of the APPX Connection Service. The following steps are performed:
 
  1. A configuration file (ini) is created
  2. An environment file (env) is created
  3. A service is created
  4. The service is started
Changed:
<
<
For compete information on using the -install option of the appxdsvc command, please refer to the usage section of this page.
>
>
For compete information on using the -install option of the appxloginmgr command, please refer to the usage section of this page.
 

The Name of the Service

Revision 352008-04-18 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"
Added:
>
>
 

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 35 to 36
 
    • Client request

Installing the APPX Connection Manager Command ( appxdsvc)

Changed:
<
<
The APPX Connection Manager ( appxdsvc) command is installed automatically when you install APPX on your system. The installer sets the necessary owner and group permissions for the appxdsvc command.  So, there is nothing additional that you need to do to install the appxdsvc command. However, after you install APPX, you will need to run the appxdsvc command to configure and start an instance of the APPX Connection Service before any remote client connections may be established.
>
>
The APPX Connection Manager ( appxdsvc) command is installed automatically when you install APPX on your system. The installer sets the necessary owner and group permissions for the appxdsvc command. So, there is nothing additional that you need to do to install the appxdsvc command. However, after you install APPX, you will need to run the appxdsvc command to configure and start an instance of the APPX Connection Service before any remote client connections may be established.
  The appxdsvc command is installed into the "tools" subdirectory of the directory where you installed APPX. So, if you installed APPX in "/usr/local/appx", the full pathname of the appxdsvc command will be "/usr/local/appx/tools/appxdsvc".
Changed:
<
<
The appxdsvc command must run with the permissions of the root user.  Therefore, the owner of the appxdsvc command should be the root user and the SUID bit should be set so that the appxdsvc command can be run by users other than root but still be run with the permissions of root.
>
>
The appxdsvc command must run with the permissions of the root user. Therefore, the owner of the appxdsvc command should be the root user and the SUID bit should be set so that the appxdsvc command can be run by users other than root but still be run with the permissions of root.
 
Changed:
<
<
In the event that it is necessary to reset the permissions on the appxdsvc command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxdsvc command.
>
>
In the event that it is necessary to reset the permissions on the appxdsvc command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxdsvc command.
 

cd /usr/local/appx/tools

Line: 62 to 63
 
-rwsrwxr-x 1 root root    636843 Jul 11 07:31 appxdsvc
Changed:
<
<

Creating and Configuring an APPX Connection Service

>
>

Creating and Configuring an APPX Connection Service

 On Unix/Linux systems, an instance of the APPX Connection Service is initially created, configured, and started by running the appxdsvc command with the -install option. At least one appropriately configured instance of the APPX Connection Service must be created, configured, and started before a remote APPX Client can initiate an APPX session. You may create, configure, and start as many different instances of the APPX Connection Service as you desire. However, each concurrently running instance must be configured to listen for connection requests on a different TCP/IP port.
Changed:
<
<

Creating a Connection Service 

>
>

Creating a Connection Service

 
Changed:
<
<
Before remote clients can connect to an APPX system, at least one instance of an APPX Connection Service must be configured and started.
>
>
Before remote clients can connect to an APPX system, at least one instance of an APPX Connection Service must be configured and started.
  The -install option of the appxdsvc command is used to initially create, configure, and start an instance of the APPX Connection Service. The following steps are performed:
  1. A configuration file (ini) is created
Line: 78 to 79
 

The Name of the Service

Changed:
<
<
Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have.  If you do not specify a name, a name will be assigned for you.
>
>
Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have. If you do not specify a name, a name will be assigned for you.
 

TCP/IP Port Number

Changed:
<
<
When creating an instance of an APPX Connection Service, the -port option must be used to specify the TCP/IP port number on which the service is to listen for connection requests.  Any available TCP/IP port number may be specified when installing an instance of the APPX Connection Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional intances of the APPX Connection Manager are configured, each instance is typically assigned the next available port number after 8060.

Changing a Connection Service 

Two methods are available for modifying an existing instance of an APPX Connection Service.
>
>
When creating an instance of an APPX Connection Service, the -port option must be used to specify the TCP/IP port number on which the service is to listen for connection requests. Any available TCP/IP port number may be specified when installing an instance of the APPX Connection Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional intances of the APPX Connection Manager are configured, each instance is typically assigned the next available port number after 8060.

Changing a Connection Service

Two methods are available for modifying an existing instance of an APPX Connection Service.
 

Method 1 - The Connection Manager Command (appxdsvc)

Changed:
<
<
The -modify  command and the - replace  command of the appxdsvc connection manager can be used to modify or replace a previously configured instance of the APPX Connection Service. These options update the existing APPX Connection Service configuration files (ini and env) with the options specified.
>
>
The -modify command and the - replace command of the appxdsvc connection manager can be used to modify or replace a previously configured instance of the APPX Connection Service. These options update the existing APPX Connection Service configuration files (ini and env) with the options specified.
 

Method 2 - Text Editor

Changed:
<
<
A text editor can be used to directly edit the APPX Connection Service configuration files (ini and env). The configuration files include comments to help you make the desired changes.  If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct.  The preferred method for modifying a connection service is with Medhod 1 above.
>
>
A text editor can be used to directly edit the APPX Connection Service configuration files (ini and env). The configuration files include comments to help you make the desired changes. If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct. The preferred method for modifying a connection service is with Medhod 1 above.
 

Managing an APPX Connection Service

Two methods are available for managing an existing instance of the APPX Connection Service.

Method 1 - appxdsvc command

Changed:
<
<
The appxdsvc command can be used to manage an instance of the APPX Connection Service. The appxdsvc command can be used to start, stop, restart, or display the status of an instance of an APPX Connection Service.
>
>
The appxdsvc command can be used to manage an instance of the APPX Connection Service. The appxdsvc command can be used to start, stop, restart, or display the status of an instance of an APPX Connection Service.
 

Method 2 - O/S Services

Your operating system includes commands or programs that can be used to manage services. APPX Connection Services can be managed with these tools. The actual commands and programs vary depending on your operating system.

Line: 111 to 112
 appxdsvc -replace -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...

appxdsvc -remove -serviceName=SERVICENAME

Changed:
<
<

Configuration - Commands 

>
>

Configuration - Commands

 

-install -name=SERVICENAME [options]... [VARIABLE=VALUE]...

Changed:
<
<
-install  -port=PORT [options]... [VARIABLE=VALUE]...
The -install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.
>
>
-install -port=PORT [options]... [VARIABLE=VALUE]...
The -install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.
 
Changed:
<
<
The first form of the -install command requires only that a service name be specified.  All other options are optional including the TCP/IP port.  Any option not specified will be configured with an appropriate default value.
>
>
The first form of the -install command requires only that a service name be specified. All other options are optional including the TCP/IP port. Any option not specified will be configured with an appropriate default value.
 
Changed:
<
<
The second form of the -install command requires only that a TCP/IP port be specified. All other options are optional including the ServiceName.  Any option not specified will be configured with an appropriate default value.
>
>
The second form of the -install command requires only that a TCP/IP port be specified. All other options are optional including the ServiceName. Any option not specified will be configured with an appropriate default value.
 
Changed:
<
<
Both forms of the -install command allow additional configuration options to be specified. The configuration options are stored in the service configuration file (ini).
>
>
Both forms of the -install command allow additional configuration options to be specified. The configuration options are stored in the service configuration file (ini).
  Both forms of the -install command optionally allow values to be specified for environment variables. If specified, the environment variables and their values are stored in the environment configuration file (env). The environment variables in the environment configuration file will be set for any APPX sessions which are started by the connection service.

In addition to creating the service configuration file and the environment configuration file, the -install command also creates an operating system service that will be automatically started when the computer system is started.

After creating the configuration files and the operating system service, the -install command starts the service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...

Changed:
<
<
The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed.  After updating the configuration files, the -modify command restarts the service.
>
>
The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed. After updating the configuration files, the -modify command restarts the service.
  -replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...
Changed:
<
<
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command.  After updating the configuration files, the -replace command restarts the service.
>
>
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command. After updating the configuration files, the -replace command restarts the service.
  -remove -name=SERVICENAME
The -remove command is used to remove an existing Connection Service. The -remove command will remove the configuration files (ini and env) and the corresponding operating system service. If the service is running when the -remove command is executed, the -remove command will first stop the service and then remove the service.
Line: 141 to 142
 
Options - General
-name, -ServiceName=SERVICENAME
Changed:
<
<
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server.  If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appxd-8060".
>
>
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server. If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appxd-8060".
  -DisplayName=DISPLAYNAME
Changed:
<
<
The DisplayName is a "user-friendly" descriptive name for a connection service.  The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command.  If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
>
>
The DisplayName is a "user-friendly" descriptive name for a connection service. The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command. If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
  -engine, -AppxExecutable={../appx, PATHNAME}
Changed:
<
<
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located.  If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
>
>
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located. If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
  -LogDirectory={/tmp, LOGDIR}
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.

-AM, -AuthenticationMethod={OS-User, Appx-User, HT-User(HTFILENAME)}

Changed:
<
<
This option identifies the method by which the user ID and the password are to be validated when a connection request is received.  If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account.  If no authentication method is specified, the default authentication method is OS-User.
>
>
This option identifies the method by which the user ID and the password are to be validated when a connection request is received. If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account. If no authentication method is specified, the default authentication method is OS-User.
  -ServiceType=Login
Changed:
<
<
The only valid value when configuring a Connection Service is "Login".  If this option is not specified, the default value is Login.
>
>
The only valid value when configuring a Connection Service is "Login". If this option is not specified, the default value is Login.
  -ServiceDisable={true, false}
Changed:
<
<
This option can be used to temporarily disable or "turn off" the connection service.  If set to true, the connection service will still run but it will not accept login requests.
>
>
This option can be used to temporarily disable or "turn off" the connection service. If set to true, the connection service will still run but it will not accept login requests.
  -ServiceDisableLogin={true, false}
Changed:
<
<
This option can be used to disable or "turn off" processing of login requests from interactive clients.  If set to true, login requests from interactive clients will not be processed.
>
>
This option can be used to disable or "turn off" processing of login requests from interactive clients. If set to true, login requests from interactive clients will not be processed.
  -ServiceDisableFMS={true, false}
Changed:
<
<
This option can be used to disable or "turn off" processing of connection requests from APPX/Net connections including the Windows APPX/ODBC driver.  If set to true, connection requests from APPX/Net clients will not be processed.
>
>
This option can be used to disable or "turn off" processing of connection requests from APPX/Net connections including the Windows APPX/ODBC driver. If set to true, connection requests from APPX/Net clients will not be processed.
  -ServiceDisableAppxKeys={true, false}
Changed:
<
<
This option can be used to disable the ability to define an APPX keymap.  If set to true, those interactive clients which support the ability to define an APPX keymap will not be allowed to do so.
>
>
This option can be used to disable the ability to define an APPX keymap. If set to true, those interactive clients which support the ability to define an APPX keymap will not be allowed to do so.
  -initScript={lsb, RedHat}
Changed:
<
<
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxdsvc will determine which type of service script to install.
>
>
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxdsvc will determine which type of service script to install.
 
Options - Session Identity/Permissions
-ImpersonateUID={true, false}
Changed:
<
<
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner.  Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service.  If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
>
>
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner. Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service. If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
  -ImpersonateUser={LogonUser, NamedUser(USERID), ServiceOwner}
This option determines which O/S user the APPX session should impersonate (run as).
Changed:
<
<
If LogonUser is specified, the user ID of the APPX session will be set to the user ID that was provided by the client login.  This user ID must be a valid O/S user.  The connection service must be running with the permissions of the root user if the LogonUser option is specified.
>
>
If LogonUser is specified, the user ID of the APPX session will be set to the user ID that was provided by the client login. This user ID must be a valid O/S user. The connection service must be running with the permissions of the root user if the LogonUser option is specified.
 
Changed:
<
<
If NamedUser is specified, the user ID of the APPX session will be set to the specified USERID.  This USERID must be a valid O/S user.  The connection service must be running with the permissions of the root user if the NamedUser option is specified.
>
>
If NamedUser is specified, the user ID of the APPX session will be set to the specified USERID. This USERID must be a valid O/S user. The connection service must be running with the permissions of the root user if the NamedUser option is specified.
 
Changed:
<
<
If ServiceOwner is specified, the user ID of the APPX session will be the user ID that the connection service is running as.
>
>
If ServiceOwner is specified, the user ID of the APPX session will be the user ID that the connection service is running as.
  -ImpersonateGID={true, false}
Changed:
<
<
If this value is set to false, an APPX session which is initiated by the connection service will run with the group permissions of the connection ServiceOwner.  Set this value to true if you want the APPX session to have group permissions based on the ImpersonateGroup option.
>
>
If this value is set to false, an APPX session which is initiated by the connection service will run with the group permissions of the connection ServiceOwner. Set this value to true if you want the APPX session to have group permissions based on the ImpersonateGroup option.
  -ImpersonateGroup={User, LogonUser, LogonGroup, NamedGroup(GROUPNAME), ServiceOwner, ServiceGroup}
This option determines which group permissions the APPX session should run with.

If User is specified, the APPX session will run with the group permissions of the user that the session is running as (impersonating).

Changed:
<
<
If LogonUser or LogonGroup is specified, the APPX session will run with the group permissions of the user ID that the client provided in conjunction with the connection request.  The user ID must be a valid O/S user.
>
>
If LogonUser or LogonGroup is specified, the APPX session will run with the group permissions of the user ID that the client provided in conjunction with the connection request. The user ID must be a valid O/S user.
 
Changed:
<
<
If NamedGroup is specified, the group permissions of the APPX session will be set to the specified GROUPNAME.  This GROUPNAME must be a valid O/S group.
>
>
If NamedGroup is specified, the group permissions of the APPX session will be set to the specified GROUPNAME. This GROUPNAME must be a valid O/S group.
  If ServiceOwner or ServiceGroup is specified.

-Umask=FILECREATIONMASK

Changed:
<
<
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
>
>
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
  If the umask option is not set, files and directories that are created by the APPX session will be given the default permissions of the Service Owner. -IncludeSystemEnv={true, false}
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
Options - Startup Process
-ServiceEnableCmds={true, false}
Changed:
<
<
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true, then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
>
>
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true, then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
  -AppxDatabase=DATABASEID
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
  -AppxApplication=APPLICATIONID
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the APPLICATIONID must be valid, i.e. it must be defined in the Applications file in APPX System Administration.  The specified APPLICATIONID must also be identified in APPX System Administration as a related application for the specified DATABASEID.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. If specified, the APPLICATIONID must be valid, i.e. it must be defined in the Applications file in APPX System Administration. The specified APPLICATIONID must also be identified in APPX System Administration as a related application for the specified DATABASEID.
  -AppxProcessType={Menu, Job, Input, Output, Update, Action, Inquiry, Query, Status, Subroutine}
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the type of process that is to be invoked when a client session is initiated.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. This option identifies the type of process that is to be invoked when a client session is initiated.
  -AppxProcessName=PROCESSNAME
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the name of the process that is to be invoked when a client session is initiated.  The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated. This option identifies the name of the process that is to be invoked when a client session is initiated. The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
 
Options - TCP/IP
-port, -SockPort={8060, PORT}
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.

-TCPNoDelay={true, false}

Changed:
<
<
This option is used to tune the network performance of the APPX session.  When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it.  This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
>
>
This option is used to tune the network performance of the APPX session. When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it. This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
  -TCPEnableKeepAlive={true, false}
Changed:
<
<
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost.  If this option is set to true and an APPX session has been waiting for a response from an APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached.  If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times.  After TCPKeepCount attempts, if the APPX client is unable to be contacted, then the APPX session terminates.
>
>
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost. If this option is set to true and an APPX session has been waiting for a response from an APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached. If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times. After TCPKeepCount attempts, if the APPX client is unable to be contacted, then the APPX session terminates.
  -TCPKeepIdle={300, SECONDS}
Changed:
<
<
This option is used to set the number of seconds that an APPX session is to wait for a response from an APPX client before checking to see if the client can still be contacted.
>
>
This option is used to set the number of seconds that an APPX session is to wait for a response from an APPX client before checking to see if the client can still be contacted.
  -TCPKeepCount={8, COUNT}
Changed:
<
<
This option is used to set the number of times that an APPX session is to attempt to contact a non-responsive APPX client before the APPX session should terminate.
>
>
This option is used to set the number of times that an APPX session is to attempt to contact a non-responsive APPX client before the APPX session should terminate.
  -TCPKeepInterval={60, SECONDS}
This option is used to set the number of seconds that an APPX session is to wait between attemps to contact a non-responsive APPX client.
Options - SSL

-SSLMode={optional, required, disabled}

Changed:
<
<
This option is used to control whether or not APPX clients must use SSL connections.
>
>
This option is used to control whether or not APPX clients must use SSL connections.
 
optional - APPX clients may request either an SSL connection or a plain text connection

required - APPX clients must request an SSL connection

Line: 248 to 249
 disabled - APPX clients may only request a plain text connection

-TrustedCAFile=CAFILENAME

Changed:
<
<
This option identifies the pathname of the file that identifies which client certificates to trust.
>
>
This option identifies the pathname of the file that identifies which client certificates to trust.
  -ServerCertificateFile=CERTFILENAME
This option identifies the pathname of the server's X509 certificate (leave blank for anonymous connections).
Line: 311 to 312
 appxdsvc -start appx8060

Changed:
<
<

The Configuration File (ini)

Each instance of an APPX Connection Service has a configuration file that is used to store the various parameters relating to that specific instance of the connection service.
>
>

The Configuration File (ini)

Each instance of an APPX Connection Service has a configuration file that is used to store the various parameters relating to that specific instance of the connection service.
  The -install option of the appxdsvc command creates the configuration file when the service is created.
Changed:
<
<
The name of the configuration file is the concatenation of the service name and ".ini".  For example, if the service name is "appxd-8430", the name of the configuration file will be "appxd-8430.ini".
>
>
The name of the configuration file is the concatenation of the service name and ".ini". For example, if the service name is "appxd-8430", the name of the configuration file will be "appxd-8430.ini".
 
Changed:
<
<
The configuration file is created in whichever directory is your current directory at the time that the appxdsvc command is run to create the service. Therefore, before you run the appxdsvc command to create a service, you must first change to the directory where you want the configuration file to reside. For example, if you want the configuration file to be created in the APPX tools directory, you should change to the tools directory before you run the appxdsvc command.
>
>
The configuration file is created in whichever directory is your current directory at the time that the appxdsvc command is run to create the service. Therefore, before you run the appxdsvc command to create a service, you must first change to the directory where you want the configuration file to reside. For example, if you want the configuration file to be created in the APPX tools directory, you should change to the tools directory before you run the appxdsvc command.
 
Changed:
<
<
The name of the configuration file and the location of the configuration file should not be changed.  The service that is created will not work correctly if the name or the location of the configuration file is changed.
>
>
The name of the configuration file and the location of the configuration file should not be changed. The service that is created will not work correctly if the name or the location of the configuration file is changed.
 
# Appx connection manager configuration file

Line: 376 to 377
 

The Environment File (env)

Changed:
<
<
Each instance of an APPX Connection Service has an environment file that is used to store the environment variables relating to that specific instance of the connection service.  The environment variables in the environment file are inherited by each APPX session that is started by the APPX Connection Service.
>
>
Each instance of an APPX Connection Service has an environment file that is used to store the environment variables relating to that specific instance of the connection service. The environment variables in the environment file are inherited by each APPX session that is started by the APPX Connection Service.
 
Changed:
<
<
The -install option of the appxdsvc command creates the environment file when the service is created.
>
>
The -install option of the appxdsvc command creates the environment file when the service is created.
 
Changed:
<
<
The name of the environment file is the concatenation of the service name and ".env".  For example, if the service name is "appxd-8430", the name of the environment file will be "appxd-8430.env".
>
>
The name of the environment file is the concatenation of the service name and ".env". For example, if the service name is "appxd-8430", the name of the environment file will be "appxd-8430.env".
 
Changed:
<
<
The environment file is created in whichever directory is your current directory at the time that the appxdsvc command is run to create the service. Therefore, before you run the appxdsvc command to create a service, you must first change to the directory where you want the environment file to reside. For example, if you want the environment file to be created in the APPX tools directory, you should change to the tools directory before you run the appxdsvc command.
>
>
The environment file is created in whichever directory is your current directory at the time that the appxdsvc command is run to create the service. Therefore, before you run the appxdsvc command to create a service, you must first change to the directory where you want the environment file to reside. For example, if you want the environment file to be created in the APPX tools directory, you should change to the tools directory before you run the appxdsvc command.
 
Changed:
<
<
The name of the environment file and the location of the environment file should not be changed.  The service that is created will not work correctly if the name or the location of the environment file is changed.
>
>
The name of the environment file and the location of the environment file should not be changed. The service that is created will not work correctly if the name or the location of the environment file is changed.
 
# Appx connection manager environment variables

Line: 403 to 404
 

The Status File (stat)

Changed:
<
<
When an APPX Connection Service is started, a status file is created in the specified LogDirectory. If a LogDirectory was not specified, then the status file is created in the /tmp directory.
>
>
When an APPX Connection Service is started, a status file is created in the specified LogDirectory. If a LogDirectory was not specified, then the status file is created in the /tmp directory.
 
Changed:
<
<
The name of the status file is the concatenation of the service name and ".stat".  For example, if the service name is "appxd-8430", the name of the status file will be "appxd-8430.stat".
>
>
The name of the status file is the concatenation of the service name and ".stat". For example, if the service name is "appxd-8430", the name of the status file will be "appxd-8430.stat".
 
Changed:
<
<
The status file can be viewed to see the actual context within which the service is running.
>
>
The status file can be viewed to see the actual context within which the service is running.
 
appxd-8430 running as process 28192
Effective User ID 0

Changed:
<
<
Real User ID      0
>
>
Real User ID 0
 Configuration values follow *Daemonize = true *DontForkEngine = false
Line: 461 to 462
 

The Log File (log)

Changed:
<
<
When an APPX Connection Service is started, a log file is created in the specified LogDirectory. If a LogDirectory was not specified, then the log file is created in the /tmp directory.
>
>
When an APPX Connection Service is started, a log file is created in the specified LogDirectory. If a LogDirectory was not specified, then the log file is created in the /tmp directory.
  The name of the log file is the concatenation of the service name and ".log". For example, if the service name is "appxd-8430", the name of the log file will be "appxd-8430.log".
Changed:
<
<
When the connection service is started, the log file is initialized with the configuration of the connection service.  The configuration information is followed by a dialog of messages relating to actions performed by the connection service.  Each time the connection service processes a connection request, messages relating to the connection request are appended to the log file. 
>
>
When the connection service is started, the log file is initialized with the configuration of the connection service. The configuration information is followed by a dialog of messages relating to actions performed by the connection service. Each time the connection service processes a connection request, messages relating to the connection request are appended to the log file.
 
*Daemonize = true

Line: 516 to 517
 handleClients - waiting
Added:
>
>

Testing Results

001) (Suggestion) Rename uappxd appxLoginMgr

002) (Suggestion) Rename uappxd appxAuditLogger

003) (Fixed) Bug #2090 Verified as fixed

[root@APPX4.30TestBox tools]# ./appxdsvc -remove -name=appxd-8060

Stopping service... stopped

Deleting init script... done

Deleting configuration files... done

Finished

[root@APPX4.30TestBox tools]# cd /etc/init.d

[root@APPX4.30TestBox init.d]# find .|grep appx

./uappxd-log-8431

./appxd-8430

004) (Suggestion) Windows' APPXDSVC.exe supports

-status argument by itself to list all APPX services.

For example on Windows:

C:\Appx\appx.42a\tools>appxdsvc -status

Service Name: appxd-8060

Display Name: appxd-8060

Status: running

Service Name: appxd-8074

Display Name: appxd-8074

Status: running

Service Name: appxd-9999

Display Name: appxd-9999

Status: running

C:\Appx\appx.42a\tools>

Now on Linux:

[root@APPX4.30TestBox tools]# ./appxLoginMgr -status

serviceName: -status

servicePath: ./

Looking for config file in -status.ini

Error - can't open configuration file for service -status

No such file or directory

[root@APPX4.30TestBox tools]#

005) (Suggestion) Windows' APPXDSVC supports

-install as sole argument to create initial service on port 8060.

For example on Windows:

C:\Appx\appx.42a\tools>appxdsvc -install

appxd-8060 Configured

appxd-8060 will start automatically each time you boot your system

C:\Appx\appx.42a\tools>

For example on Linux:

[root@APPX4.30TestBox tools]# ./appxLoginMgr -install

serviceName: -install

servicePath: ./

Looking for config file in -install.ini

Error - can't open configuration file for service -install

No such file or directory

[root@APPX4.30TestBox tools]#

006) (Suggestion) Rename .ini, .env and service

names to match new names of appxLoginMgr and appxAuditLogger.

Current value is appxd-NNNN where NNNN is the port number.

Should be perhaps appxLoginListener-NNNN for appxLoginMgr files/services

Should be perhaps appxAuditLoggerListener-NNNN for appxAuditLogger files/services

007) (Suggestion) appxLoginMgr service creation

does not initialize required environment variable APPX_KEYMAP, results in hung client on TCP logins.

Probably should set APPX_KEYMAP = WINDOWS in appxLoginListener-NNNN.env file.

008) (Error) Service definition files can get

created in current working directory, which may not be where one wants them to be created.

An example on Linux follows:

[root@APPX4.30TestBox appx]# pwd

/appx

[root@APPX4.30TestBox appx]# ls

[root@APPX4.30TestBox appx]# /usr/local/appx/tools/appxLoginMgr -install -port=8060 -engine=/usr/local/appx/appx

Warning - the engine that you named has the setuid bit enabled,

you may not want that bit set for the authentication

method that you have chosen (OS-User)

To turn off the setuid bit, chmod u-s /usr/local/appx/appx

Configuration written to: appxd-8060.ini

Environment written to: appxd-8060.env

Service script written to: /etc/init.d/appxd-8060

Configuration complete

Registering service

Starting appxd-8060: serviceName: appxd-8060

servicePath: /appx/

Looking for config file in appxd-8060.ini

Warning - the engine that you named has the setuid bit enabled,

you may not want that bit set for the authentication

method that you have chosen (OS-User)

To turn off the setuid bit, chmod u-s /usr/local/appx/appx

Writing process ID to /var/run/appxd-8060.pid

running as process 7803 servicing port 8060

Warning - the engine that you named has the setuid bit enabled,

you may not want that bit set for the authentication

method that you have chosen (OS-User)

To turn off the setuid bit, chmod u-s /usr/local/appx/appx

up and running (process 7803 servicing port 8060)

Installation Complete

[root@APPX4.30TestBox appx]# ls

appxd-8060.env appxd-8060.ini

[root@APPX4.30TestBox appx]# ls /usr/local/appx/tools/appxd-8060*

ls: /usr/local/appx/tools/appxd-8060*: No such file or directory

[root@APPX4.30TestBox appx]#

009) (Suggestion) Possible inconsistent

requirement of the -name argument.

It seems we are inconsistent in our requirements for the use of the -name argument. Examples follow where (+) works and (-) does not currently work.

(-) ./appxLoginMgr -modify appxd-8060 -TCPNodelay=false

(+) ./appxLoginMgr -modify -name=appxd-8060 -TCPNodelay=false

(-)./appxLoginMgr -status

(+)./appxLoginMgr -status -name=appxd-8060

(+) ./appxLoginMgr -stop appxd-8060

(-) ./appxLoginMgr -stop -name=appxd-8060

(+) ./appxLoginMgr -start appxd-8060

(-) ./appxLoginMgr -start -name=appxd-8060

(-) ./appxLoginMgr -remove appxd-8060

(+) ./appxLoginMgr -remove -name=appxd-8060

(-) ./appxLoginMgr -status

(+) ./appxLoginMgr -status appxd-8060

(+) ./appxLoginMgr -status -name=8060

010) (Error) The argument -replace erroneously

does not require the “-name” argument

If a site has two services appxd-8060 and appxd-8061 and issues the following:

./appxLoginMgr -replace -TCPNoDelay=false

The tool makes the modification to the appxd-8060.ini file. It probably should force the user to use the -name argument here.

./appxLoginMgr -replace appxd-8061 -TCPNoDelay=false

Fails.

./appxLoginMgr -replace -name=appxd-8061 -TCPNoDelay=false

Works. (Although one would probably want to add -port=8061 in the above example)

011) (Informational) Just a comment on -modify

behavior.

-modify will maintain existing values, but will actually remove and create new .env and .ini files with the new values specified. This combination action of remove and recreation will change (remove) any existing non default comments. Would not change behavior of the service but could be a surprise to someone that had input documentation remarks (via the # symbol).

012) (Error) Red Hat's service wrapper command.

Usage: appxd-8060 {start|stop|status|reload|restart}

start

works without issue

stop

does seem to remove the running process; however, it produces errors.

Further, it fails to remove the PID from the (/var/run/appxd-8060.pid)

/etc/init.d/appxd-8060: line 39: success: command not found

/etc/init.d/appxd-8060: line 39: failure: command not found

/etc/init.d/appxd-8060: line 43: failure: command not found

status

seems to work without issue.

reload

does not appear to do anything.

restart

which is a stop followed by a start, suffers from the problem of stop documented earlier.

013) (Cosmetic) Redundant redundant redundant

data data data.

A minimal install produces three warning statements as documented below:

[root@APPX4.30TestBox tools]# ./appxLoginMgr -install -port=8060

Warning - the engine that you named has the setuid bit enabled,

you may not want that bit set for the authentication

method that you have chosen (OS-User)

To turn off the setuid bit, chmod u-s ../appx

Configuration written to: appxd-7777.ini

Environment written to: appxd-7777.env

Service script written to: /etc/init.d/appxd-8060

Configuration complete

Registering service

Starting appxd-8060: serviceName: appxd-8060

servicePath: /usr/local/appx/tools/

Looking for config file in appxd-8060.ini

Warning - the engine that you named has the setuid bit enabled,

you may not want that bit set for the authentication

method that you have chosen (OS-User)

To turn off the setuid bit, chmod u-s ../appx

Writing process ID to /var/run/appxd-7777.pid

running as process 12156 servicing port 8060

Warning - the engine that you named has the setuid bit enabled,

you may not want that bit set for the authentication

method that you have chosen (OS-User)

To turn off the setuid bit, chmod u-s ../appx

up and running (process 12156 servicing port 8060)

Installation Complete

[root@APPX4.30TestBox tools]#

014) (Suggestion) Warn users not to move

configuration files.

We should probably warn via screen notice on service creation, and document inside the .ini and .env files that if the .ini, .env and appxLoginMgr/appxAuditLogger are move or renamed, then the /etc/init.d system startup script will fail to work. The /etc/inid.d/appxd-8060 startup script references by name and path the .ini, .env, and appxLoginMgr/appxAuditLogger files.

 

Comments:

Read what other users have said about this page or add your own comments.

Revision 342008-04-17 - JoeOrtagus

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 35 to 35
 
    • Client request

Installing the APPX Connection Manager Command ( appxdsvc)

Changed:
<
<
The APPX Connection Manager ( appxdsvc) command is installed automatically when you install APPX on your system. The installer sets the necessary owner and group permissions for the appxdsvc command.  So, there is nothing additional that you need to do to install the appxdsvc command. However, after you install APPX, you will need to run the appxdsvc command to configure and start an instance of the APPX Connection Service before any remote client connections may be established.
>
>
The APPX Connection Manager ( appxdsvc) command is installed automatically when you install APPX on your system. The installer sets the necessary owner and group permissions for the appxdsvc command.  So, there is nothing additional that you need to do to install the appxdsvc command. However, after you install APPX, you will need to run the appxdsvc command to configure and start an instance of the APPX Connection Service before any remote client connections may be established.
  The appxdsvc command is installed into the "tools" subdirectory of the directory where you installed APPX. So, if you installed APPX in "/usr/local/appx", the full pathname of the appxdsvc command will be "/usr/local/appx/tools/appxdsvc".
Changed:
<
<
The appxdsvc command must run with the permissions of the root user.  Therefore, the owner of the appxdsvc command should be the root user and the SUID bit should be set so that the appxdsvc command can be run by users other than root but still be run with the permissions of root.
>
>
The appxdsvc command must run with the permissions of the root user.  Therefore, the owner of the appxdsvc command should be the root user and the SUID bit should be set so that the appxdsvc command can be run by users other than root but still be run with the permissions of root.
 
Changed:
<
<
In the event that it is necessary to reset the permissions on the appxdsvc command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxdsvc command.
>
>
In the event that it is necessary to reset the permissions on the appxdsvc command, the following commands can be run by the root user to set the necessary owner and group permissions for the appxdsvc command.
 

cd /usr/local/appx/tools

Line: 62 to 62
 
-rwsrwxr-x 1 root root    636843 Jul 11 07:31 appxdsvc
Changed:
<
<

Creating and Configuring an APPX Connection Service

>
>

Creating and Configuring an APPX Connection Service

 On Unix/Linux systems, an instance of the APPX Connection Service is initially created, configured, and started by running the appxdsvc command with the -install option. At least one appropriately configured instance of the APPX Connection Service must be created, configured, and started before a remote APPX Client can initiate an APPX session. You may create, configure, and start as many different instances of the APPX Connection Service as you desire. However, each concurrently running instance must be configured to listen for connection requests on a different TCP/IP port.
Changed:
<
<

Creating a Connection Service 

>
>

Creating a Connection Service 

 
Changed:
<
<
Before remote clients can connect to an APPX system, at least one instance of an APPX Connection Service must be configured and started.
>
>
Before remote clients can connect to an APPX system, at least one instance of an APPX Connection Service must be configured and started.
  The -install option of the appxdsvc command is used to initially create, configure, and start an instance of the APPX Connection Service. The following steps are performed:
  1. A configuration file (ini) is created
Line: 74 to 74
 
  1. A service is created
  2. The service is started
Changed:
<
<
For compete information on using the -install option of the appxdsvc command, please refer to the usage section of this page.
>
>
For compete information on using the -install option of the appxdsvc command, please refer to the usage section of this page.
 

The Name of the Service

Changed:
<
<
Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have.  If you do not specify a name, a name will be assigned for you.
>
>
Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have.  If you do not specify a name, a name will be assigned for you.
 

TCP/IP Port Number

Changed:
<
<
When creating an instance of an APPX Connection Service, the -port option must be used to specify the TCP/IP port number on which the service is to listen for connection requests.  Any available TCP/IP port number may be specified when installing an instance of the APPX Connection Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional intances of the APPX Connection Manager are configured, each instance is typically assigned the next available port number after 8060.

Changing a Connection Service 

Two methods are available for modifying an existing instance of an APPX Connection Service.
>
>
When creating an instance of an APPX Connection Service, the -port option must be used to specify the TCP/IP port number on which the service is to listen for connection requests.  Any available TCP/IP port number may be specified when installing an instance of the APPX Connection Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional intances of the APPX Connection Manager are configured, each instance is typically assigned the next available port number after 8060.

Changing a Connection Service 

Two methods are available for modifying an existing instance of an APPX Connection Service.
 

Method 1 - The Connection Manager Command (appxdsvc)

Changed:
<
<
The -modify  command and the - replace  command of the appxdsvc connection manager can be used to modify or replace a previously configured instance of the APPX Connection Service. These options update the existing APPX Connection Service configuration files (ini and env) with the options specified.
>
>
The -modify  command and the - replace  command of the appxdsvc connection manager can be used to modify or replace a previously configured instance of the APPX Connection Service. These options update the existing APPX Connection Service configuration files (ini and env) with the options specified.
 

Method 2 - Text Editor

Changed:
<
<
A text editor can be used to directly edit the APPX Connection Service configuration files (ini and env). The configuration files include comments to help you make the desired changes.  If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct.  The preferred method for modifying a connection service is with Medhod 1 above.
>
>
A text editor can be used to directly edit the APPX Connection Service configuration files (ini and env). The configuration files include comments to help you make the desired changes.  If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct.  The preferred method for modifying a connection service is with Medhod 1 above.
 

Managing an APPX Connection Service

Two methods are available for managing an existing instance of the APPX Connection Service.
Changed:
<
<
>
>
 

Method 1 - appxdsvc command

Changed:
<
<
The appxdsvc command can be used to manage an instance of the APPX Connection Service. The appxdsvc command can be used to start, stop, restart, or display the status of an instance of an APPX Connection Service.
>
>
The appxdsvc command can be used to manage an instance of the APPX Connection Service. The appxdsvc command can be used to start, stop, restart, or display the status of an instance of an APPX Connection Service.
 

Method 2 - O/S Services

Your operating system includes commands or programs that can be used to manage services. APPX Connection Services can be managed with these tools. The actual commands and programs vary depending on your operating system.

Usage (appxdsvc)

Changed:
<
<
>
>
 

Synopsis - Service Configuration

Changed:
<
<
The appxdsvc service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.
>
>
The appxdsvc service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.
  appxdsvc -install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
Line: 111 to 111
 appxdsvc -replace -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...

appxdsvc -remove -serviceName=SERVICENAME

Changed:
<
<

Configuration - Commands 

>
>

Configuration - Commands 

  -install -name=SERVICENAME [options]... [VARIABLE=VALUE]...
Changed:
<
<
-install  -port=PORT [options]... [VARIABLE=VALUE]...
The -install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.
>
>
-install  -port=PORT [options]... [VARIABLE=VALUE]...
The -install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.
 
Changed:
<
<
The first form of the -install command requires only that a service name be specified.  All other options are optional including the TCP/IP port.  Any option not specified will be configured with an appropriate default value.
>
>
The first form of the -install command requires only that a service name be specified.  All other options are optional including the TCP/IP port.  Any option not specified will be configured with an appropriate default value.
 
Changed:
<
<
The second form of the -install command requires only that a TCP/IP port be specified. All other options are optional including the ServiceName.  Any option not specified will be configured with an appropriate default value.
>
>
The second form of the -install command requires only that a TCP/IP port be specified. All other options are optional including the ServiceName.  Any option not specified will be configured with an appropriate default value.
 
Changed:
<
<
Both forms of the -install command allow additional configuration options to be specified. The configuration options are stored in the service configuration file (ini).
>
>
Both forms of the -install command allow additional configuration options to be specified. The configuration options are stored in the service configuration file (ini).
  Both forms of the -install command optionally allow values to be specified for environment variables. If specified, the environment variables and their values are stored in the environment configuration file (env). The environment variables in the environment configuration file will be set for any APPX sessions which are started by the connection service.

In addition to creating the service configuration file and the environment configuration file, the -install command also creates an operating system service that will be automatically started when the computer system is started.

After creating the configuration files and the operating system service, the -install command starts the service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...

Changed:
<
<
The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed.  After updating the configuration files, the -modify command restarts the service.
>
>
The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed.  After updating the configuration files, the -modify command restarts the service.
  -replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...
Changed:
<
<
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command.  After updating the configuration files, the -replace command restarts the service.
>
>
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command.  After updating the configuration files, the -replace command restarts the service.
  -remove -name=SERVICENAME
Changed:
<
<
The -remove command is used to remove an existing Connection Service. The -remove command will remove the configuration files (ini and env) and the corresponding operating system service. If the service is running when the -remove command is executed, the -remove command will first stop the service and then remove the service.
>
>
The -remove command is used to remove an existing Connection Service. The -remove command will remove the configuration files (ini and env) and the corresponding operating system service. If the service is running when the -remove command is executed, the -remove command will first stop the service and then remove the service.
 

Configuration - Options

Changed:
<
<
>
>
 
Options - General
-name, -ServiceName=SERVICENAME
Changed:
<
<
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server.  If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appxd-8060".
>
>
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server.  If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appxd-8060".
  -DisplayName=DISPLAYNAME
Changed:
<
<
The DisplayName is a "user-friendly" descriptive name for a connection service.  The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command.  If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
>
>
The DisplayName is a "user-friendly" descriptive name for a connection service.  The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command.  If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
  -engine, -AppxExecutable={../appx, PATHNAME}
Changed:
<
<
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located.  If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
>
>
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located.  If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
  -LogDirectory={/tmp, LOGDIR}
Changed:
<
<
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.
>
>
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.
  -AM, -AuthenticationMethod={OS-User, Appx-User, HT-User(HTFILENAME)}
Changed:
<
<
This option identifies the method by which the user ID and the password are to be validated when a connection request is received.  If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account.  If no authentication method is specified, the default authentication method is OS-User.
>
>
This option identifies the method by which the user ID and the password are to be validated when a connection request is received.  If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account.  If no authentication method is specified, the default authentication method is OS-User.
  -ServiceType=Login
Changed:
<
<
The only valid value when configuring a Connection Service is "Login".  If this option is not specified, the default value is Login.
>
>
The only valid value when configuring a Connection Service is "Login".  If this option is not specified, the default value is Login.
  -ServiceDisable={true, false}
Changed:
<
<
This option can be used to temporarily disable or "turn off" the connection service.  If set to true, the connection service will still run but it will not accept login requests.
>
>
This option can be used to temporarily disable or "turn off" the connection service.  If set to true, the connection service will still run but it will not accept login requests.
  -ServiceDisableLogin={true, false}
Changed:
<
<
This option can be used to disable or "turn off" processing of login requests from interactive clients.  If set to true, login requests from interactive clients will not be processed.
>
>
This option can be used to disable or "turn off" processing of login requests from interactive clients.  If set to true, login requests from interactive clients will not be processed.
  -ServiceDisableFMS={true, false}
Changed:
<
<
This option can be used to disable or "turn off" processing of connection requests from APPX/Net connections including the Windows APPX/ODBC driver.  If set to true, connection requests from APPX/Net clients will not be processed.
>
>
This option can be used to disable or "turn off" processing of connection requests from APPX/Net connections including the Windows APPX/ODBC driver.  If set to true, connection requests from APPX/Net clients will not be processed.
  -ServiceDisableAppxKeys={true, false}
Changed:
<
<
This option can be used to disable the ability to define an APPX keymap.  If set to true, those interactive clients which support the ability to define an APPX keymap will not be allowed to do so.
>
>
This option can be used to disable the ability to define an APPX keymap.  If set to true, those interactive clients which support the ability to define an APPX keymap will not be allowed to do so.
  -initScript={lsb, RedHat}
Changed:
<
<
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxdsvc will determine which type of service script to install.
>
>
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxdsvc will determine which type of service script to install.
 
Options - Session Identity/Permissions
-ImpersonateUID={true, false}
Changed:
<
<
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner.  Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service.  If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
>
>
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner.  Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service.  If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
  -ImpersonateUser={LogonUser, NamedUser(USERID), ServiceOwner}
Changed:
<
<
This option determines which O/S user the APPX session should impersonate (run as).
>
>
This option determines which O/S user the APPX session should impersonate (run as).
 
Changed:
<
<
If LogonUser is specified, the user ID of the APPX session will be set to the user ID that was provided by the client login.  This user ID must be a valid O/S user.  The connection service must be running with the permissions of the root user if the LogonUser option is specified.
>
>
If LogonUser is specified, the user ID of the APPX session will be set to the user ID that was provided by the client login.  This user ID must be a valid O/S user.  The connection service must be running with the permissions of the root user if the LogonUser option is specified.
 
Changed:
<
<
If NamedUser is specified, the user ID of the APPX session will be set to the specified USERID.  This USERID must be a valid O/S user.  The connection service must be running with the permissions of the root user if the NamedUser option is specified.
>
>
If NamedUser is specified, the user ID of the APPX session will be set to the specified USERID.  This USERID must be a valid O/S user.  The connection service must be running with the permissions of the root user if the NamedUser option is specified.
 
Changed:
<
<
If ServiceOwner is specified, the user ID of the APPX session will be the user ID that the connection service is running as.
>
>
If ServiceOwner is specified, the user ID of the APPX session will be the user ID that the connection service is running as.
  -ImpersonateGID={true, false}
Changed:
<
<
If this value is set to false, an APPX session which is initiated by the connection service will run with the group permissions of the connection ServiceOwner.  Set this value to true if you want the APPX session to have group permissions based on the ImpersonateGroup option.
>
>
If this value is set to false, an APPX session which is initiated by the connection service will run with the group permissions of the connection ServiceOwner.  Set this value to true if you want the APPX session to have group permissions based on the ImpersonateGroup option.
  -ImpersonateGroup={User, LogonUser, LogonGroup, NamedGroup(GROUPNAME), ServiceOwner, ServiceGroup}
Changed:
<
<
This option determines which group permissions the APPX session should run with.
>
>
This option determines which group permissions the APPX session should run with.
  If User is specified, the APPX session will run with the group permissions of the user that the session is running as (impersonating).
Changed:
<
<
If LogonUser or LogonGroup is specified, the APPX session will run with the group permissions of the user ID that the client provided in conjunction with the connection request.  The user ID must be a valid O/S user.
>
>
If LogonUser or LogonGroup is specified, the APPX session will run with the group permissions of the user ID that the client provided in conjunction with the connection request.  The user ID must be a valid O/S user.
 
Changed:
<
<
If NamedGroup is specified, the group permissions of the APPX session will be set to the specified GROUPNAME.  This GROUPNAME must be a valid O/S group.
>
>
If NamedGroup is specified, the group permissions of the APPX session will be set to the specified GROUPNAME.  This GROUPNAME must be a valid O/S group.
  If ServiceOwner or ServiceGroup is specified.

-Umask=FILECREATIONMASK

Changed:
<
<
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
>
>
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
  If the umask option is not set, files and directories that are created by the APPX session will be given the default permissions of the Service Owner. -IncludeSystemEnv={true, false}
Changed:
<
<
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
>
>
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
 
Options - Startup Process
-ServiceEnableCmds={true, false}
Changed:
<
<
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true, then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
>
>
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true, then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
  -AppxDatabase=DATABASEID
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
  -AppxApplication=APPLICATIONID
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the APPLICATIONID must be valid, i.e. it must be defined in the Applications file in APPX System Administration.  The specified APPLICATIONID must also be identified in APPX System Administration as a related application for the specified DATABASEID.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the APPLICATIONID must be valid, i.e. it must be defined in the Applications file in APPX System Administration.  The specified APPLICATIONID must also be identified in APPX System Administration as a related application for the specified DATABASEID.
  -AppxProcessType={Menu, Job, Input, Output, Update, Action, Inquiry, Query, Status, Subroutine}
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the type of process that is to be invoked when a client session is initiated.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the type of process that is to be invoked when a client session is initiated.
  -AppxProcessName=PROCESSNAME
Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the name of the process that is to be invoked when a client session is initiated.  The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the name of the process that is to be invoked when a client session is initiated.  The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
 
Options - TCP/IP
-port, -SockPort={8060, PORT}
Changed:
<
<
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.
>
>
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.
  -TCPNoDelay={true, false}
Changed:
<
<
This option is used to tune the network performance of the APPX session.  When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it.  This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
>
>
This option is used to tune the network performance of the APPX session.  When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it.  This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
  -TCPEnableKeepAlive={true, false}
Changed:
<
<
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost.  If this option is set to true and an APPX session has been waiting for a response from an APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached.  If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times.  After TCPKeepCount attempts, if the APPX client is unable to be contacted, then the APPX session terminates.
>
>
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost.  If this option is set to true and an APPX session has been waiting for a response from an APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached.  If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times.  After TCPKeepCount attempts, if the APPX client is unable to be contacted, then the APPX session terminates.
  -TCPKeepIdle={300, SECONDS}
Changed:
<
<
This option is used to set the number of seconds that an APPX session is to wait for a response from an APPX client before checking to see if the client can still be contacted.
>
>
This option is used to set the number of seconds that an APPX session is to wait for a response from an APPX client before checking to see if the client can still be contacted.
  -TCPKeepCount={8, COUNT}
Changed:
<
<
This option is used to set the number of times that an APPX session is to attempt to contact a non-responsive APPX client before the APPX session should terminate.
>
>
This option is used to set the number of times that an APPX session is to attempt to contact a non-responsive APPX client before the APPX session should terminate.
  -TCPKeepInterval={60, SECONDS}
Changed:
<
<
This option is used to set the number of seconds that an APPX session is to wait between attemps to contact a non-responsive APPX client.
>
>
This option is used to set the number of seconds that an APPX session is to wait between attemps to contact a non-responsive APPX client.
 
Options - SSL

-SSLMode={optional, required, disabled}

Changed:
<
<
This option is used to control whether or not APPX clients must use SSL connections.
optional - APPX clients may request either an SSL connection or a plain text connection
>
>
This option is used to control whether or not APPX clients must use SSL connections.
optional - APPX clients may request either an SSL connection or a plain text connection
  required - APPX clients must request an SSL connection

disabled - APPX clients may only request a plain text connection

-TrustedCAFile=CAFILENAME

Changed:
<
<
This option identifies the pathname of the file that identifies which client certificates to trust.
>
>
This option identifies the pathname of the file that identifies which client certificates to trust.
  -ServerCertificateFile=CERTFILENAME
Changed:
<
<
This option identifies the pathname of the server's X509 certificate (leave blank for anonymous connections).
>
>
This option identifies the pathname of the server's X509 certificate (leave blank for anonymous connections).
  -ServerPrivateKeyFile=KEYFILENAME
Changed:
<
<
This option idenfies the pathname of server's private key file (unlocks the ServerCertificateFile).
>
>
This option idenfies the pathname of server's private key file (unlocks the ServerCertificateFile).
  -RequireSSL={true, false}
Changed:
<
<
This option is not needed and has not been implemented.
>
>
This option is not needed and has not been implemented.
  -RequireSSLClientCertificates={true, false}
Changed:
<
<
This option is not needed and has not been implemented.
>
>
This option is not needed and has not been implemented.
  -ServerPrivateKeyPassphrase=PASSPHRASE
Changed:
<
<
This option is not needed and has not been implemented.
>
>
This option is not needed and has not been implemented.
 

Configuration - Environment Variables

Changed:
<
<
VARIABLE=VALUE
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager.
>
>
VARIABLE=VALUE
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager.
 

Synopsis - Service Management

Changed:
<
<
appxdsvc [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}
>
>
appxdsvc [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}
  MANAGEMENT OPTIONS
Changed:
<
<
-start | < blank >
Start an instance of the Connection Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.
>
>
-start | < blank >
Start an instance of the Connection Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.
  -stop
Changed:
<
<
Stop the instance of the Connection Manager service that was started with the SERVICENAME.ini file.
>
>
Stop the instance of the Connection Manager service that was started with the SERVICENAME.ini file.
  -restart
Changed:
<
<
Restart (stop and then start) the instance of the Connection Manager that was started with the SERVICENAME.ini file.
>
>
Restart (stop and then start) the instance of the Connection Manager that was started with the SERVICENAME.ini file.
  -status
Changed:
<
<
Report the status of the instance of the Connection Manager that was started with the SERVICENAME.ini file.
>
>
Report the status of the instance of the Connection Manager that was started with the SERVICENAME.ini file.
  EXAMPLES

Example 1: Configure and start a new instance of the Connection Service that will listen for connection requests on port 8060:

appxdsvc -install -port=8060

Changed:
<
<
>
>
 
Warning - the engine that you named has the setuid bit enabled
you may not want that bit set for the authentication method that you have chosen (OS-User)

Line: 311 to 311
 appxdsvc -start appx8060

Changed:
<
<

The Configuration File (ini)

Each instance of an APPX Connection Service has a configuration file that is used to store the various parameters relating to that specific instance of the connection service.
>
>

The Configuration File (ini)

Each instance of an APPX Connection Service has a configuration file that is used to store the various parameters relating to that specific instance of the connection service.
  The -install option of the appxdsvc command creates the configuration file when the service is created.
Changed:
<
<
The name of the configuration file is the concatenation of the service name and ".ini".  For example, if the service name is "appxd-8430", the name of the configuration file will be "appxd-8430.ini".
>
>
The name of the configuration file is the concatenation of the service name and ".ini".  For example, if the service name is "appxd-8430", the name of the configuration file will be "appxd-8430.ini".
 
Changed:
<
<
The configuration file is created in whichever directory is your current directory at the time that the appxdsvc command is run to create the service. Therefore, before you run the appxdsvc command to create a service, you must first change to the directory where you want the configuration file to reside. For example, if you want the configuration file to be created in the APPX tools directory, you should change to the tools directory before you run the appxdsvc command.
>
>
The configuration file is created in whichever directory is your current directory at the time that the appxdsvc command is run to create the service. Therefore, before you run the appxdsvc command to create a service, you must first change to the directory where you want the configuration file to reside. For example, if you want the configuration file to be created in the APPX tools directory, you should change to the tools directory before you run the appxdsvc command.
 
Changed:
<
<
The name of the configuration file and the location of the configuration file should not be changed.  The service that is created will not work correctly if the name or the location of the configuration file is changed.
>
>
The name of the configuration file and the location of the configuration file should not be changed.  The service that is created will not work correctly if the name or the location of the configuration file is changed.
 
# Appx connection manager configuration file
#

Line: 376 to 376
 

The Environment File (env)

Changed:
<
<
Each instance of an APPX Connection Service has an environment file that is used to store the environment variables relating to that specific instance of the connection service.  The environment variables in the environment file are inherited by each APPX session that is started by the APPX Connection Service.
>
>
Each instance of an APPX Connection Service has an environment file that is used to store the environment variables relating to that specific instance of the connection service.  The environment variables in the environment file are inherited by each APPX session that is started by the APPX Connection Service.
 
Changed:
<
<
The -install option of the appxdsvc command creates the environment file when the service is created.
>
>
The -install option of the appxdsvc command creates the environment file when the service is created.
 
Changed:
<
<
The name of the environment file is the concatenation of the service name and ".env".  For example, if the service name is "appxd-8430", the name of the environment file will be "appxd-8430.env".
>
>
The name of the environment file is the concatenation of the service name and ".env".  For example, if the service name is "appxd-8430", the name of the environment file will be "appxd-8430.env".
 
Changed:
<
<
The environment file is created in whichever directory is your current directory at the time that the appxdsvc command is run to create the service. Therefore, before you run the appxdsvc command to create a service, you must first change to the directory where you want the environment file to reside. For example, if you want the environment file to be created in the APPX tools directory, you should change to the tools directory before you run the appxdsvc command.
>
>
The environment file is created in whichever directory is your current directory at the time that the appxdsvc command is run to create the service. Therefore, before you run the appxdsvc command to create a service, you must first change to the directory where you want the environment file to reside. For example, if you want the environment file to be created in the APPX tools directory, you should change to the tools directory before you run the appxdsvc command.
 
Changed:
<
<
The name of the environment file and the location of the environment file should not be changed.  The service that is created will not work correctly if the name or the location of the environment file is changed.
>
>
The name of the environment file and the location of the environment file should not be changed.  The service that is created will not work correctly if the name or the location of the environment file is changed.
 
# Appx connection manager environment variables
#

Line: 403 to 403
 

The Status File (stat)

Changed:
<
<
When an APPX Connection Service is started, a status file is created in the specified LogDirectory. If a LogDirectory was not specified, then the status file is created in the /tmp directory.
>
>
When an APPX Connection Service is started, a status file is created in the specified LogDirectory. If a LogDirectory was not specified, then the status file is created in the /tmp directory.
 
Changed:
<
<
The name of the status file is the concatenation of the service name and ".stat".  For example, if the service name is "appxd-8430", the name of the status file will be "appxd-8430.stat".
>
>
The name of the status file is the concatenation of the service name and ".stat".  For example, if the service name is "appxd-8430", the name of the status file will be "appxd-8430.stat".
 
Changed:
<
<
The status file can be viewed to see the actual context within which the service is running.
>
>
The status file can be viewed to see the actual context within which the service is running.
 
appxd-8430 running as process 28192
Effective User ID 0

Changed:
<
<
Real User ID      0
>
>
Real User ID      0
 Configuration values follow *Daemonize = true *DontForkEngine = false
Line: 461 to 461
 

The Log File (log)

Changed:
<
<
When an APPX Connection Service is started, a log file is created in the specified LogDirectory. If a LogDirectory was not specified, then the log file is created in the /tmp directory.
>
>
When an APPX Connection Service is started, a log file is created in the specified LogDirectory. If a LogDirectory was not specified, then the log file is created in the /tmp directory.
  The name of the log file is the concatenation of the service name and ".log". For example, if the service name is "appxd-8430", the name of the log file will be "appxd-8430.log".
Changed:
<
<
When the connection service is started, the log file is initialized with the configuration of the connection service.  The configuration information is followed by a dialog of messages relating to actions performed by the connection service.  Each time the connection service processes a connection request, messages relating to the connection request are appended to the log file. 
>
>
When the connection service is started, the log file is initialized with the configuration of the connection service.  The configuration information is followed by a dialog of messages relating to actions performed by the connection service.  Each time the connection service processes a connection request, messages relating to the connection request are appended to the log file. 
 
*Daemonize = true
*DontForkEngine = false

Revision 332007-08-27 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 85 to 85
 Two methods are available for modifying an existing instance of an APPX Connection Service.

Method 1 - The Connection Manager Command (appxdsvc)

Changed:
<
<
The -modify option of the appxdsvc command can be used to replace a previously configured instance of the APPX Connection Service. This option replaces the existing APPX Connection Service configuration files (ini and env) with two new files configured as specified.
>
>
The -modify  command and the - replace  command of the appxdsvc connection manager can be used to modify or replace a previously configured instance of the APPX Connection Service. These options update the existing APPX Connection Service configuration files (ini and env) with the options specified.
 

Method 2 - Text Editor

Changed:
<
<
A text editor can be used to directly edit the APPX Connection Service configuration files (ini and env). The configuration files include comments to help you make the desired changes.
>
>
A text editor can be used to directly edit the APPX Connection Service configuration files (ini and env). The configuration files include comments to help you make the desired changes.  If you use this method to modify an existing configuration, you should exercise care to ensure that the syntax is correct.  The preferred method for modifying a connection service is with Medhod 1 above.
 

Managing an APPX Connection Service

Two methods are available for managing an existing instance of the APPX Connection Service.
Line: 208 to 208
 -ServiceEnableCmds={true, false}
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true, then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
Changed:
<
<
-AppxDatabase=DATABASEID
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
>
>
-AppxDatabase=DATABASEID
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
 
Changed:
<
<
-AppxApplication=APPLICATIONID
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the APPLICATIONID must be valid, i.e. it must be defined in the Applications file in APPX System Administration.  The specified APPLICATIONID must also be identified in APPX System Administration as a related application for the specified DATABASEID.
>
>
-AppxApplication=APPLICATIONID
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the APPLICATIONID must be valid, i.e. it must be defined in the Applications file in APPX System Administration.  The specified APPLICATIONID must also be identified in APPX System Administration as a related application for the specified DATABASEID.
  -AppxProcessType={Menu, Job, Input, Output, Update, Action, Inquiry, Query, Status, Subroutine}
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the type of process that is to be invoked when a client session is initiated.
Changed:
<
<
-AppxProcessName=PROCESSNAME
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the name of the process that is to be invoked when a client session is initiated.  The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
>
>
-AppxProcessName=PROCESSNAME
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the name of the process that is to be invoked when a client session is initiated.  The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
 
Options - TCP/IP
-port, -SockPort={8060, PORT}
Changed:
<
<
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.
>
>
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.
  -TCPNoDelay={true, false}
This option is used to tune the network performance of the APPX session.  When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it.  This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
Line: 248 to 248
 disabled - APPX clients may only request a plain text connection

-TrustedCAFile=CAFILENAME

Changed:
<
<
This option idenfies the pathname of the file that identifies which client certificates to trust.
>
>
This option identifies the pathname of the file that identifies which client certificates to trust.
  -ServerCertificateFile=CERTFILENAME
This option identifies the pathname of the server's X509 certificate (leave blank for anonymous connections).
Line: 268 to 268
 
VARIABLE=VALUE
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager.

Synopsis - Service Management

Changed:
<
<
appxdsvc [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}
>
>
appxdsvc [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}
  MANAGEMENT OPTIONS
-start | < blank >
Changed:
<
<
Start an instance of the Connection Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.
>
>
Start an instance of the Connection Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.
  -stop
Changed:
<
<
Stop the instance of the Connection Manager service that was started with the SERVICENAME.ini file.
>
>
Stop the instance of the Connection Manager service that was started with the SERVICENAME.ini file.
  -restart
Changed:
<
<
Restart (stop and then start) the instance of the Connection Manager that was started with the SERVICENAME.ini file.
>
>
Restart (stop and then start) the instance of the Connection Manager that was started with the SERVICENAME.ini file.
  -status
Changed:
<
<
Report the status of the instance of the Connection Manager that was started with the SERVICENAME.ini file.
>
>
Report the status of the instance of the Connection Manager that was started with the SERVICENAME.ini file.
  EXAMPLES
Line: 294 to 294
 you may not want that bit set for the authentication method that you have chosen (OS-User) To turn off the setuid bit, chmod u-s ../appx Configuration written to: appxd-8060.ini
Changed:
<
<
Environment written to: appxd-8060.env Service script written to: /etc/rc.d/init.d/appxd-8060
>
>
Environment written to: appxd-8060.envtten to: /etc/rc.d/init.d/appxd-8060
  appxdsvc -install -port=8060 -name=appx8060 -displayName="Appx-Production(8060)" -engine=/usr/local/appx/appx APPXPATH=c:\appx\data APPX_KEYMAP=WINDOWS

Revision 322007-08-27 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 10 to 10
 An APPX Connection Service listens for and processes connection requests from various types of APPX clients.

The following types of remote APPX clients are supported:

Changed:
<
<
  • APPX GUI Client (Java)
>
>
  • APPX Desktop Client (Java)
 
  • Windows Client (Win32)
  • Character mode client (Unix/Linux Curses)
  • APPX ODBC connections (Windows Desktop)
Changed:
<
<
  • APPX/Net connections (all APPX servers)
>
>
  • APPX/Net connections
  Options and Features Include:
  • User Authentication
    • O/S Authentication
    • HT Authentication
    • APPX Authentication
Added:
>
>
  • User & Group Impersonation (Unix/Linux only)
 
  • SSL Support
    • Anonymous
    • Server Certficates
    • Client Certificates
Deleted:
<
<
  • User & Group Impersonation (Unix/Linux only)
 
  • Environment Specification
    • Inherit from service
    • Explicitly specified
Line: 102 to 102
 

Synopsis - Service Configuration

The appxdsvc service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.
Changed:
<
<
appxdsvc -install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
appxdsvc -install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxdsvc -install -port=PORT [options]... [VARIABLE=VALUE]...
>
>
appxdsvc -install -port=PORT [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxdsvc -modify -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
appxdsvc -modify -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxdsvc -replace -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
appxdsvc -replace -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
appxdsvc -remove -serviceName=SERVICENAME
>
>
appxdsvc -remove -serviceName=SERVICENAME
 

Configuration - Commands 

Changed:
<
<
-install -name=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
-install -name=SERVICENAME [options]... [VARIABLE=VALUE]...
 
Changed:
<
<
-install  -port=PORT [options]... [VARIABLE=VALUE]...
>
>
-install  -port=PORT [options]... [VARIABLE=VALUE]...
 
The -install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.

The first form of the -install command requires only that a service name be specified.  All other options are optional including the TCP/IP port.  Any option not specified will be configured with an appropriate default value.

Line: 129 to 129
  In addition to creating the service configuration file and the environment configuration file, the -install command also creates an operating system service that will be automatically started when the computer system is started.
Changed:
<
<
After creating the configuration files and the operating system service, the -install command starts the service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
After creating the configuration files and the operating system service, the -install command starts the service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...
 
The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed.  After updating the configuration files, the -modify command restarts the service.
Changed:
<
<
-replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
-replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...
 
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command.  After updating the configuration files, the -replace command restarts the service.
Changed:
<
<
-remove -name=SERVICENAME
>
>
-remove -name=SERVICENAME
 
The -remove command is used to remove an existing Connection Service. The -remove command will remove the configuration files (ini and env) and the corresponding operating system service. If the service is running when the -remove command is executed, the -remove command will first stop the service and then remove the service.

Configuration - Options

Line: 156 to 156
 
This option identifies the method by which the user ID and the password are to be validated when a connection request is received.  If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account.  If no authentication method is specified, the default authentication method is OS-User.

-ServiceType=Login

Changed:
<
<
The only valid value when configuring a Connection Service is "Login".  If this option is not specified, the default value is Login.
>
>
The only valid value when configuring a Connection Service is "Login".  If this option is not specified, the default value is Login.
  -ServiceDisable={true, false}
This option can be used to temporarily disable or "turn off" the connection service.  If set to true, the connection service will still run but it will not accept login requests.
Line: 193 to 193
  If User is specified, the APPX session will run with the group permissions of the user that the session is running as (impersonating).
Changed:
<
<
If LogonUser or LogonGroup is specified, the APPX session will run with the group permissions of the user ID that the client provided in conjunction with the connection request.  The user ID must be a valid O/S user.
>
>
If LogonUser or LogonGroup is specified, the APPX session will run with the group permissions of the user ID that the client provided in conjunction with the connection request.  The user ID must be a valid O/S user.
 
Changed:
<
<
If NamedGroup is specified, the group permissions of the APPX session will be set to the specified GROUPNAME.  This GROUPNAME must be a valid O/S group.
>
>
If NamedGroup is specified, the group permissions of the APPX session will be set to the specified GROUPNAME.  This GROUPNAME must be a valid O/S group.
 
Changed:
<
<
If ServiceOwner or ServiceGroup is specified.
>
>
If ServiceOwner or ServiceGroup is specified.
  -Umask=FILECREATIONMASK
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.

Revision 312007-08-24 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"
Deleted:
<
<
 

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 8 to 7
  The APPX Connection Manager command is used to configure and manage APPX Connection Services.
Changed:
<
<
An APPX Connection Services:
  • Listen for a connection request from a remote APPX Client on the designated TCP/IP port;
  • Set the appropriate environment and options
  • Initiate an APPX session for the APPX Client that requested a connection.
>
>
An APPX Connection Service listens for and processes connection requests from various types of APPX clients.
 
Changed:
<
<
APPX Conection Services process connection requests for the following types of remote APPX clients:
>
>
The following types of remote APPX clients are supported:
 
  • APPX GUI Client (Java)
  • Windows Client (Win32)
  • Character mode client (Unix/Linux Curses)
Line: 178 to 174
 
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxdsvc will determine which type of service script to install.
Options - Session Identity/Permissions
-ImpersonateUID={true, false}
Changed:
<
<
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection service.  Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service.  If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
>
>
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection ServiceOwner.  Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service.  If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
  -ImpersonateUser={LogonUser, NamedUser(USERID), ServiceOwner}
This option determines which O/S user the APPX session should impersonate (run as).

If LogonUser is specified, the user ID of the APPX session will be set to the user ID that was provided by the client login.  This user ID must be a valid O/S user.  The connection service must be running with the permissions of the root user if the LogonUser option is specified.

Changed:
<
<
If NamedUser is specifed, the user ID of the APPX session will be set to the specified USERID.  This USERID must be a valid O/S user.  The connection service must be running with the permissions of the root user if the NamedUser option is specified.
>
>
If NamedUser is specified, the user ID of the APPX session will be set to the specified USERID.  This USERID must be a valid O/S user.  The connection service must be running with the permissions of the root user if the NamedUser option is specified.
  If ServiceOwner is specified, the user ID of the APPX session will be the user ID that the connection service is running as.

-ImpersonateGID={true, false}

Added:
>
>
If this value is set to false, an APPX session which is initiated by the connection service will run with the group permissions of the connection ServiceOwner.  Set this value to true if you want the APPX session to have group permissions based on the ImpersonateGroup option.

-ImpersonateGroup={User, LogonUser, LogonGroup, NamedGroup(GROUPNAME), ServiceOwner, ServiceGroup}

This option determines which group permissions the APPX session should run with.

If User is specified, the APPX session will run with the group permissions of the user that the session is running as (impersonating).

If LogonUser or LogonGroup is specified, the APPX session will run with the group permissions of the user ID that the client provided in conjunction with the connection request.  The user ID must be a valid O/S user.

If NamedGroup is specified, the group permissions of the APPX session will be set to the specified GROUPNAME.  This GROUPNAME must be a valid O/S group.

 
Changed:
<
<
-ImpersonateGroup={User, LogonUser, LogonGroup, NamedGroup(groupname), ServiceOwner, ServiceGroup}
>
>
If ServiceOwner or ServiceGroup is specified.
  -Umask=FILECREATIONMASK
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
Line: 200 to 206
 
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
Options - Startup Process
-ServiceEnableCmds={true, false}
Changed:
<
<
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true , then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
>
>
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true, then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
  -AppxDatabase=DATABASEID
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
Line: 221 to 227
 
This option is used to tune the network performance of the APPX session.  When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it.  This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.

-TCPEnableKeepAlive={true, false}

Changed:
<
<
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost.  If this option is set to true and there is no activity between the APPX session and the APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached.  If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times.  After TCPKeepCount attemps, if the APPX client is unable to be contacted, then the APPX session terminates.
>
>
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost.  If this option is set to true and an APPX session has been waiting for a response from an APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached.  If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times.  After TCPKeepCount attempts, if the APPX client is unable to be contacted, then the APPX session terminates.
  -TCPKeepIdle={300, SECONDS}
Added:
>
>
This option is used to set the number of seconds that an APPX session is to wait for a response from an APPX client before checking to see if the client can still be contacted.
  -TCPKeepCount={8, COUNT}
Added:
>
>
This option is used to set the number of times that an APPX session is to attempt to contact a non-responsive APPX client before the APPX session should terminate.
  -TCPKeepInterval={60, SECONDS}
Added:
>
>
This option is used to set the number of seconds that an APPX session is to wait between attemps to contact a non-responsive APPX client.
 
Options - SSL
Deleted:
<
<
-SSLMode={optional, required, disabled}
 
Changed:
<
<
-RequireSSL={true, false}
>
>
-SSLMode={optional, required, disabled}
This option is used to control whether or not APPX clients must use SSL connections.
optional - APPX clients may request either an SSL connection or a plain text connection

required - APPX clients must request an SSL connection

disabled - APPX clients may only request a plain text connection

 
Changed:
<
<
-RequireSSLClientCertificates={true, false}
>
>
-TrustedCAFile=CAFILENAME
This option idenfies the pathname of the file that identifies which client certificates to trust.
 
Changed:
<
<
-ServerCertificateFile=CERTFILENAME
>
>
-ServerCertificateFile=CERTFILENAME
This option identifies the pathname of the server's X509 certificate (leave blank for anonymous connections).
 
Changed:
<
<
-ServerPrivateKeyFile=KEYFILENAME
>
>
-ServerPrivateKeyFile=KEYFILENAME
This option idenfies the pathname of server's private key file (unlocks the ServerCertificateFile).
 
Changed:
<
<
-ServerPrivateKeyPassphrase=PASSPHRASE
>
>
-RequireSSL={true, false}
This option is not needed and has not been implemented.
 
Changed:
<
<
-TrustedCAFile=CAFILENAME
>
>
-RequireSSLClientCertificates={true, false}
This option is not needed and has not been implemented.

-ServerPrivateKeyPassphrase=PASSPHRASE

This option is not needed and has not been implemented.
 

Configuration - Environment Variables

VARIABLE=VALUE
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager.
Line: 440 to 461
 APPX_KEYMAP = WINDOWS
Changed:
<
<

The Log File (log)

>
>

The Log File (log)

 When an APPX Connection Service is started, a log file is created in the specified LogDirectory. If a LogDirectory was not specified, then the log file is created in the /tmp directory.
Changed:
<
<
The name of the status file is the concatenation of the service name and ".log".  For example, if the service name is "appxd-8430", the name of the log file will be "appxd-8430.log".
>
>
The name of the log file is the concatenation of the service name and ".log". For example, if the service name is "appxd-8430", the name of the log file will be "appxd-8430.log".
  When the connection service is started, the log file is initialized with the configuration of the connection service.  The configuration information is followed by a dialog of messages relating to actions performed by the connection service.  Each time the connection service processes a connection request, messages relating to the connection request are appended to the log file. 

Revision 302007-08-23 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

Line: 218 to 218
 
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.

-TCPNoDelay={true, false}

Changed:
<
<
This option is used to tune the network performance of the APPX session.  When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it.  This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
>
>
This option is used to tune the network performance of the APPX session.  When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it.  This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
  -TCPEnableKeepAlive={true, false}
Changed:
<
<
Set this option to true if you want TCP to be able to detect that the connection between an APPX session and an APPX client has been lost.
>
>
Set this option to true if you want an APPX session to be able to detect that the connection between an APPX session and an APPX client has been lost.  If this option is set to true and there is no activity between the APPX session and the APPX client for the length of time specified by TCPKeepIdle, then the APPX session will attempt to contact the APPX client to see if it can still be reached.  If the APPX client cannot be contacted, then the APPX session will attempt to contact the APPX client every TCPKeepInterval seconds up to TCPKeepCount times.  After TCPKeepCount attemps, if the APPX client is unable to be contacted, then the APPX session terminates.
  -TCPKeepIdle={300, SECONDS}

Revision 292007-08-23 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

Line: 82 to 82
 

The Name of the Service

Changed:
<
<
Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have.  If you do not specify a name, a name will be assigned for you.
>
>
Each instance of an APPX Connection Service must have a unique name. When creating an instance of a service, the -name option may be used to specify the name that you want the service to have.  If you do not specify a name, a name will be assigned for you.
 

TCP/IP Port Number

Changed:
<
<
When creating an instance of an APPX Connection Service, the -port option must be used to specify the TCP/IP port number on which the service is to listen for connection requests.  Any available TCP/IP port number may be specified when installing an instance of the APPX Connection Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional intances of the APPX Connection Manager are configured, each instance is typically assigned the next available port number after 8060.
>
>
When creating an instance of an APPX Connection Service, the -port option must be used to specify the TCP/IP port number on which the service is to listen for connection requests.  Any available TCP/IP port number may be specified when installing an instance of the APPX Connection Manager Service. However, as a matter of convention, most APPX administrators configure the APPX Connection Service to listen for connections on port 8060. If additional intances of the APPX Connection Manager are configured, each instance is typically assigned the next available port number after 8060.
 

Changing a Connection Service 

Two methods are available for modifying an existing instance of an APPX Connection Service.

Method 1 - The Connection Manager Command (appxdsvc)

Changed:
<
<
The -modify option of the appxdsvc command can be used to replace a previously configured instance of the APPX Connection Service. This option replaces the existing APPX Connection Service configuration files (ini and env) with two new files configured as specified.
>
>
The -modify option of the appxdsvc command can be used to replace a previously configured instance of the APPX Connection Service. This option replaces the existing APPX Connection Service configuration files (ini and env) with two new files configured as specified.
 

Method 2 - Text Editor

A text editor can be used to directly edit the APPX Connection Service configuration files (ini and env). The configuration files include comments to help you make the desired changes.

Managing an APPX Connection Service

Line: 121 to 121
 -install -name=SERVICENAME [options]... [VARIABLE=VALUE]...

-install  -port=PORT [options]... [VARIABLE=VALUE]...

Changed:
<
<
The install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.
>
>
The -install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.
 
Changed:
<
<
The first form of the install command requires only that a service name be specified.  All other options are optional including the TCP/IP port.  Any option not specified will be configured with an appropriate default value.
>
>
The first form of the -install command requires only that a service name be specified.  All other options are optional including the TCP/IP port.  Any option not specified will be configured with an appropriate default value.
 
Changed:
<
<
The second form of the install command requires only that a TCP/IP port be specified. All other options are optional including the ServiceName.  Any option not specified will be configured with an appropriate default value.
>
>
The second form of the -install command requires only that a TCP/IP port be specified. All other options are optional including the ServiceName.  Any option not specified will be configured with an appropriate default value.
 
Changed:
<
<
Both forms of the install command allow additional configuration options to be specified. The configuration options are stored in the service configuration file (ini).
>
>
Both forms of the -install command allow additional configuration options to be specified. The configuration options are stored in the service configuration file (ini).
 
Changed:
<
<
Both forms of the install command optionally allow values to be specified for environment variables. If specified, the environment variables and their values are stored in the environment configuration file (env). The environment variables in the environment configuration file will be set for any APPX sessions which are started by the connection service.
>
>
Both forms of the -install command optionally allow values to be specified for environment variables. If specified, the environment variables and their values are stored in the environment configuration file (env). The environment variables in the environment configuration file will be set for any APPX sessions which are started by the connection service.
 
Changed:
<
<
In addition to creating the service configuration file and the environment configuration file, the install command also creates an operating system service that will be automatically started when the computer system is started.
>
>
In addition to creating the service configuration file and the environment configuration file, the -install command also creates an operating system service that will be automatically started when the computer system is started.
 
Changed:
<
<
After creating the configuration files and the operating system service, the install command starts the service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...
The modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed.  After updating the configuration files, the modify command restarts the service.
>
>
After creating the configuration files and the operating system service, the -install command starts the service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...
The -modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed.  After updating the configuration files, the -modify command restarts the service.
  -replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...
Changed:
<
<
The replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The replace option is effectively the same as a remove command followed by an install command.  After updating the configuration files, the replace command restarts the service.
>
>
The -replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The -replace command is effectively the same as a -remove command followed by an -install command.  After updating the configuration files, the -replace command restarts the service.
  -remove -name=SERVICENAME
Changed:
<
<
The remove command is used to remove an existing Connection Service. The remove command will remove the configuration files (ini and env) and the corresponding operating system service. If the service is running when the remove command is executed, the remove command will first stop the service and then remove the service.
>
>
The -remove command is used to remove an existing Connection Service. The -remove command will remove the configuration files (ini and env) and the corresponding operating system service. If the service is running when the -remove command is executed, the -remove command will first stop the service and then remove the service.
 

Configuration - Options

Options - General
-name, -ServiceName=SERVICENAME
Changed:
<
<
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server.  If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName  based on the TCP/IP port number that was specified: "appxd" followed by a "-" and the specified port number, e.g "appxd-8060".
>
>
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server.  If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the following template: "appxd-" followed by the specified TCP/IP port number, e.g "appxd-8060".
  -DisplayName=DISPLAYNAME
Changed:
<
<
The DisplayName is a "user-friendly" descriptive name for a connection service.  The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command.  If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
>
>
The DisplayName is a "user-friendly" descriptive name for a connection service.  The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command.  If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
  -engine, -AppxExecutable={../appx, PATHNAME}
Changed:
<
<
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to the location of the appxdsvc command.  If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
>
>
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to directory in which the service configuration file (ini) for the connection service is located.  If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
  -LogDirectory={/tmp, LOGDIR}
Changed:
<
<
When the service is started, two log files are created in the LOGDIR directory - a log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.
>
>
When the service is started, two log files are created in the LOGDIR directory - a connection service log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.
  -AM, -AuthenticationMethod={OS-User, Appx-User, HT-User(HTFILENAME)}
This option identifies the method by which the user ID and the password are to be validated when a connection request is received.  If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account.  If no authentication method is specified, the default authentication method is OS-User.
Line: 219 to 219
  -TCPNoDelay={true, false}
Added:
>
>
This option is used to tune the network performance of the APPX session.  When set to true, TCP will send partially filled packets of data rather than wait for a packet to fill before sending it.  This can result in improved interactive response time for the APPX session but will likely increase the number of data packets being transmitted over the network.
 -TCPEnableKeepAlive={true, false}
Added:
>
>
Set this option to true if you want TCP to be able to detect that the connection between an APPX session and an APPX client has been lost.
 -TCPKeepIdle={300, SECONDS}

-TCPKeepCount={8, COUNT}

Revision 282007-08-22 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

Line: 150 to 150
 -DisplayName=DISPLAYNAME
The DisplayName is a "user-friendly" descriptive name for a connection service.  The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command.  If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.
Changed:
<
<
-engine, -AppxExecutable={../appx, PATHNAME}
The APPX engine at the specified PATHNAME will be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to the location of the appxdsvc command
>
>
-engine, -AppxExecutable={../appx, PATHNAME}
This option identifies the PATHNAME of the APPX engine that is to be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to the location of the appxdsvc command.  If this option is not specified, the default PATHNAME of "../appx" is used to initiate an APPX session.
  -LogDirectory={/tmp, LOGDIR}
Changed:
<
<
When the service is started, two log files are created in the LOGDIR directory - a log file (.log) and a status file (.stat).  Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat.  If the LogDirectory option is not specified, the log files are created in the /tmp directory.
>
>
When the service is started, two log files are created in the LOGDIR directory - a log file (.log) and a status file (.stat). Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat. If the LogDirectory option is not specified, the log files are created in the /tmp directory.
  -AM, -AuthenticationMethod={OS-User, Appx-User, HT-User(HTFILENAME)}
Changed:
<
<
Acceptable values are 'OS-User', 'Appx-User', and 'HT-User(HTFILENAME)'. With 'Appx-User' authentication, passwords are validated against the Appx user file With 'OS-User' authentication, passwords are validated by the operating system. With 'HT-User(filename)' authentication, passwords are validated against the named file (which you can maintain the Apache's htpasswd utility. If you choose 'Appx-User' authentication, you do not need a separate OS user account for each Appx user.  If this option is not specified, the default value is OS-User.
>
>
This option identifies the method by which the user ID and the password are to be validated when a connection request is received.  If 'OS-User' authentication is specified, the user ID and the password are validated by the connection service using the operating system's authentication service. If 'Appx-User' authentication is specified, the user ID and the password are validated by APPX using the user file which is maintained in APPX System Administration. If 'HT-User(HTFILENAME)' authentication is specified, the user ID and the password are validated by the connection service using the HTFILENAME file is maintained with the htpasswd utility. If you specify 'Appx-User' authentication or HT-User authentication, the user being validated does not need an OS user account.  If no authentication method is specified, the default authentication method is OS-User.
  -ServiceType=Login
The only valid value when configuring a Connection Service is "Login".  If this option is not specified, the default value is Login.

-ServiceDisable={true, false}

Added:
>
>
This option can be used to temporarily disable or "turn off" the connection service.  If set to true, the connection service will still run but it will not accept login requests.
  -ServiceDisableLogin={true, false}
Added:
>
>
This option can be used to disable or "turn off" processing of login requests from interactive clients.  If set to true, login requests from interactive clients will not be processed.
  -ServiceDisableFMS={true, false}
Added:
>
>
This option can be used to disable or "turn off" processing of connection requests from APPX/Net connections including the Windows APPX/ODBC driver.  If set to true, connection requests from APPX/Net clients will not be processed.
  -ServiceDisableAppxKeys={true, false}
Added:
>
>
This option can be used to disable the ability to define an APPX keymap.  If set to true, those interactive clients which support the ability to define an APPX keymap will not be allowed to do so.
  -initScript={lsb, RedHat}
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxdsvc will determine which type of service script to install.
Options - Session Identity/Permissions
-ImpersonateUID={true, false}
Changed:
<
<
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection service.  Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service.  If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
>
>
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection service.  Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service.  If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
  -ImpersonateUser={LogonUser, NamedUser(USERID), ServiceOwner}
This option determines which O/S user the APPX session should impersonate (run as).

Revision 272007-08-22 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"
Added:
>
>
 

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 117 to 118
 

Configuration - Commands 

Changed:
<
<
-install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
-install -name=SERVICENAME [options]... [VARIABLE=VALUE]...
  -install  -port=PORT [options]... [VARIABLE=VALUE]...
Changed:
<
<
The install command is used to configure and start a new instance of an APPX Connection Service. Either form of the install command may be used.
>
>
The install command is used to configure a new instance of an APPX Connection Service. Either form of the install command may be used.

The first form of the install command requires only that a service name be specified.  All other options are optional including the TCP/IP port.  Any option not specified will be configured with an appropriate default value.

The second form of the install command requires only that a TCP/IP port be specified. All other options are optional including the ServiceName.  Any option not specified will be configured with an appropriate default value.

 
Changed:
<
<
The first form of the install command requires only that a service name be specified.
>
>
Both forms of the install command allow additional configuration options to be specified. The configuration options are stored in the service configuration file (ini).
 
Changed:
<
<
The second form of the install command requires only that a TCP/IP port be specified.
>
>
Both forms of the install command optionally allow values to be specified for environment variables. If specified, the environment variables and their values are stored in the environment configuration file (env). The environment variables in the environment configuration file will be set for any APPX sessions which are started by the connection service.
 
Changed:
<
<
Both forms of the install command allow for configuration options to be specified. If specified, the configuration options are stored in the service configuration file (ini). Default values will be used for any configuration options that are not specified including the service name.
>
>
In addition to creating the service configuration file and the environment configuration file, the install command also creates an operating system service that will be automatically started when the computer system is started.
 
Changed:
<
<
Both forms of the install command optionally allow values to be specified for environment variables. If specified, the environment variables and their values are stored in the environment configuration file (env). The environment variables in the environment configuration file will be set for any APPX sessions which are started by the connection service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...
The modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed.
>
>
After creating the configuration files and the operating system service, the install command starts the service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...
The modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed.  After updating the configuration files, the modify command restarts the service.
  -replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...
Changed:
<
<
The replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The replace option is effectively the same as a remove command followed by an install command.
>
>
The replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The replace option is effectively the same as a remove command followed by an install command.  After updating the configuration files, the replace command restarts the service.
 
Changed:
<
<
-remove -servicename=SERVICENAME
The remove command is used to remove an existing Connection Service. The remove command will remove the configuration files (ini and env) and the corresponding operating system service.
>
>
-remove -name=SERVICENAME
The remove command is used to remove an existing Connection Service. The remove command will remove the configuration files (ini and env) and the corresponding operating system service. If the service is running when the remove command is executed, the remove command will first stop the service and then remove the service.
 

Configuration - Options

Options - General
Line: 149 to 154
 
The APPX engine at the specified PATHNAME will be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to the location of the appxdsvc command

-LogDirectory={/tmp, LOGDIR}

Added:
>
>
When the service is started, two log files are created in the LOGDIR directory - a log file (.log) and a status file (.stat).  Both log files have the same name as the ServiceName but one has a file extension of .log and the other has a file extension of .stat.  If the LogDirectory option is not specified, the log files are created in the /tmp directory.
  -AM, -AuthenticationMethod={OS-User, Appx-User, HT-User(HTFILENAME)}
Acceptable values are 'OS-User', 'Appx-User', and 'HT-User(HTFILENAME)'. With 'Appx-User' authentication, passwords are validated against the Appx user file With 'OS-User' authentication, passwords are validated by the operating system. With 'HT-User(filename)' authentication, passwords are validated against the named file (which you can maintain the Apache's htpasswd utility. If you choose 'Appx-User' authentication, you do not need a separate OS user account for each Appx user.  If this option is not specified, the default value is OS-User.
Line: 184 to 190
 -ImpersonateGroup={User, LogonUser, LogonGroup, NamedGroup(groupname), ServiceOwner, ServiceGroup}

-Umask=FILECREATIONMASK

Changed:
<
<
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If specified, the FILECREATIONMASK will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK should be an octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022. If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000. For more information on umask values, please refer to your Unix/Linux system documentation.
>
>
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If the umask option is specified, the FILECREATIONMASK value will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK must be a decimal, hex, or octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022 (octal). If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000 (octal). For more information on umask values, please refer to your Unix/Linux system documentation.
 
Changed:
<
<
If the umask option is not set, files and directories that are created by the APPX session will be given the default permissions of the Service Owner. -IncludeSystemEnv={true, false}
>
>
If the umask option is not set, files and directories that are created by the APPX session will be given the default permissions of the Service Owner. -IncludeSystemEnv={true, false}
 
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
Options - Startup Process
-ServiceEnableCmds={true, false}
Line: 285 to 289
  The -install option of the appxdsvc command creates the configuration file when the service is created.
Changed:
<
<
The name of the configuration file is the concatenation of the service name and ".ini".  For example, if the service name is "appxd-8060", the name of the configuration file will be "appxd-8060.ini".
>
>
The name of the configuration file is the concatenation of the service name and ".ini".  For example, if the service name is "appxd-8430", the name of the configuration file will be "appxd-8430.ini".
  The configuration file is created in whichever directory is your current directory at the time that the appxdsvc command is run to create the service. Therefore, before you run the appxdsvc command to create a service, you must first change to the directory where you want the configuration file to reside. For example, if you want the configuration file to be created in the APPX tools directory, you should change to the tools directory before you run the appxdsvc command.
Line: 350 to 353
  The -install option of the appxdsvc command creates the environment file when the service is created.
Changed:
<
<
The name of the environment file is the concatenation of the service name and ".env".  For example, if the service name is "appxd-8060", the name of the environment file will be "appxd-8060.env".
>
>
The name of the environment file is the concatenation of the service name and ".env".  For example, if the service name is "appxd-8430", the name of the environment file will be "appxd-8430.env".
  The environment file is created in whichever directory is your current directory at the time that the appxdsvc command is run to create the service. Therefore, before you run the appxdsvc command to create a service, you must first change to the directory where you want the environment file to reside. For example, if you want the environment file to be created in the APPX tools directory, you should change to the tools directory before you run the appxdsvc command.
Line: 371 to 374
 # -------------------------------------------------- APPX_KEYMAP=WINDOWS
Added:
>
>

The Status File (stat)

When an APPX Connection Service is started, a status file is created in the specified LogDirectory. If a LogDirectory was not specified, then the status file is created in the /tmp directory.

The name of the status file is the concatenation of the service name and ".stat".  For example, if the service name is "appxd-8430", the name of the status file will be "appxd-8430.stat".

The status file can be viewed to see the actual context within which the service is running.

appxd-8430 running as process 28192
Effective User ID 0
Real User ID      0
Configuration values follow
*Daemonize = true
*DontForkEngine = false
*InitScriptStyle = 
*SleepAfterFork = 
AppxApplication = 
AppxDatabase = 
AppxExecutable = ../appx
AppxProcessName = 
AppxProcessType = 
AuthenticationMethod = OS-User
DisplayName = appxd-8430
ImpersonateGID = true
ImpersonateGroup = User
ImpersonateUID = true
ImpersonateUser = LogonUser
IncludeSystemEnv = true
LogDirectory = /tmp
LogNamePattern = /tmp/appxlog%N.xml
LogRotationInterval = 86400
LogRotationSize = 1G
RequireSSL = false
RequireSSLClientCertificates = false
ServerCertificateFile = 
ServerPrivateKeyFile = 
ServerPrivateKeyPassphrase = 
ServiceDisable = false
ServiceDisableAppxKeys = false
ServiceDisableFMS = false
ServiceDisableLogins = false
ServiceDisableODBC = 
ServiceEnableCmds = true
ServiceName = appxd-8430
ServiceType = login
SockPort = 8430
SSLMode = Optional
TCPEnableKeepAlive = true
TCPKeepCount = 8
TCPKeepIdle = 300
TCPKeepInterval = 60
TCPNoDelay = true
TrustedCAFile = 
Umask = 
Environment variables follow
APPX_KEYMAP = WINDOWS

The Log File (log)

When an APPX Connection Service is started, a log file is created in the specified LogDirectory. If a LogDirectory was not specified, then the log file is created in the /tmp directory.

The name of the status file is the concatenation of the service name and ".log".  For example, if the service name is "appxd-8430", the name of the log file will be "appxd-8430.log".

 
Added:
>
>
When the connection service is started, the log file is initialized with the configuration of the connection service.  The configuration information is followed by a dialog of messages relating to actions performed by the connection service.  Each time the connection service processes a connection request, messages relating to the connection request are appended to the log file. 
*Daemonize = true
*DontForkEngine = false
*InitScriptStyle = 
*SleepAfterFork = 
AppxApplication = 
AppxDatabase = 
AppxExecutable = ../appx
AppxProcessName = 
AppxProcessType = 
AuthenticationMethod = OS-User
DisplayName = appxd-8430
ImpersonateGID = true
ImpersonateGroup = User
ImpersonateUID = true
ImpersonateUser = LogonUser
IncludeSystemEnv = true
LogDirectory = /tmp
LogNamePattern = /tmp/appxlog%N.xml
LogRotationInterval = 86400
LogRotationSize = 1G
RequireSSL = false
RequireSSLClientCertificates = false
ServerCertificateFile = 
ServerPrivateKeyFile = 
ServerPrivateKeyPassphrase = 
ServiceDisable = false
ServiceDisableAppxKeys = false
ServiceDisableFMS = false
ServiceDisableLogins = false
ServiceDisableODBC = 
ServiceEnableCmds = true
ServiceName = appxd-8430
ServiceType = login
SockPort = 8430
SSLMode = Optional
TCPEnableKeepAlive = true
TCPKeepCount = 8
TCPKeepIdle = 300
TCPKeepInterval = 60
TCPNoDelay = true
TrustedCAFile = 
Umask = 
createListener complete - listening on port 8430
CAppxD::Run starting
handleClients - starting
handleClients - waiting
 

Comments:

Deleted:
<
<
 Read what other users have said about this page or add your own comments.


Revision 262007-08-22 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"
Deleted:
<
<
 

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 185 to 184
 -ImpersonateGroup={User, LogonUser, LogonGroup, NamedGroup(groupname), ServiceOwner, ServiceGroup}

-Umask=FILECREATIONMASK

Changed:
<
<
APPX sessions which are initiated by the connection service will be given the specified FILECREATIONMASK.  The FILECREATIONMASK is used to set the permissions on files that are created by the APPX session.  The FILECREATIONMASK value should be a 4-digit octal value representing a standard Unix/Linux umask value.  For more information on umask values, please refer to your Unix/Linux system documentation.
>
>
When a file is created, the default permissions set by Unix/Linux are 666 (-rw-rw-rw-). When a directory is created, the default permissions set by Unix/Linux are 777 (drwxrwxrwx). If specified, the FILECREATIONMASK will modify the default permissions of files or directories that are created by the APPX session. The value of FILECREATIONMASK should be an octal number whose bits will be used to mask or turn off the corresonding bits of the default file creation permissions. For example, if you want files to be created with permissions of 644, the appropriate FILECREATIONMASK value would be 022. If you want files to be created with the default permissions of 666, the appropriate FILECREATIONMASK value would be 000. For more information on umask values, please refer to your Unix/Linux system documentation.
 
Added:
>
>
If the umask option is not set, files and directories that are created by the APPX session will be given the default permissions of the Service Owner.
 -IncludeSystemEnv={true, false}
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
Options - Startup Process

Revision 252007-08-16 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

Line: 141 to 141
 
Options - General
-name, -ServiceName=SERVICENAME
Changed:
<
<
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server.  If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the TCP/IP port number that was specified: "appxd" followed by a "-" and the specified port number, e.g "appxd-8060".
>
>
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server.  If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName  based on the TCP/IP port number that was specified: "appxd" followed by a "-" and the specified port number, e.g "appxd-8060".
  -DisplayName=DISPLAYNAME
The DisplayName is a "user-friendly" descriptive name for a connection service.  The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command.  If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.

Revision 242007-08-16 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

Line: 139 to 139
 
The remove command is used to remove an existing Connection Service. The remove command will remove the configuration files (ini and env) and the corresponding operating system service.

Configuration - Options

Changed:
<
<
Options - Session Identity/Permissions
>
>
Options - General
-name, -ServiceName=SERVICENAME
The ServiceName uniquely identifies an APPX connection service. When creating (installing) a connection service, the SERVICENAME value may be any string value that conforms to the rules for valid filenames on your server.  If this option is omitted when a connection service is being created, the connection service will be created with a default ServiceName based on the TCP/IP port number that was specified: "appxd" followed by a "-" and the specified port number, e.g "appxd-8060".

-DisplayName=DISPLAYNAME

The DisplayName is a "user-friendly" descriptive name for a connection service.  The DISPLAYNAME value will appear in your system's Services control panel and will be displayed by the ps command.  If you don't specify a DISPLAYNAME when a connection service is being created, the connection service will be created with a DISPLAYNAME based on the SERVICENAME.

-engine, -AppxExecutable={../appx, PATHNAME}

The APPX engine at the specified PATHNAME will be run when initiating an APPX session. The specified PATHNAME may be alsolute or it may be relative to the location of the appxdsvc command

-LogDirectory={/tmp, LOGDIR}

-AM, -AuthenticationMethod={OS-User, Appx-User, HT-User(HTFILENAME)}

Acceptable values are 'OS-User', 'Appx-User', and 'HT-User(HTFILENAME)'. With 'Appx-User' authentication, passwords are validated against the Appx user file With 'OS-User' authentication, passwords are validated by the operating system. With 'HT-User(filename)' authentication, passwords are validated against the named file (which you can maintain the Apache's htpasswd utility. If you choose 'Appx-User' authentication, you do not need a separate OS user account for each Appx user.  If this option is not specified, the default value is OS-User.

-ServiceType=Login

The only valid value when configuring a Connection Service is "Login".  If this option is not specified, the default value is Login.

-ServiceDisable={true, false}

 
Added:
>
>
-ServiceDisableLogin={true, false}

-ServiceDisableFMS={true, false}

-ServiceDisableAppxKeys={true, false}

-initScript={lsb, RedHat}

Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxdsvc will determine which type of service script to install.
Options - Session Identity/Permissions
 -ImpersonateUID={true, false}
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection service.  Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service.  If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
Line: 162 to 189
  -IncludeSystemEnv={true, false}
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
Deleted:
<
<
Options - General

-name, -ServiceName=SERVICENAME

The specified SERVICENAME will be the name assigned to the Connection Manager service script that is created and to the related configuration files. The configuration file will have a file extension of "ini". If this option is omitted, the default SERVICENAME will be "appxd" followed by a "-" and the specified port number, e.g "appxd-8060".

-DisplayName=DISPLAYNAME

If you don't supply a DISPLAYNAME appxdsvc will append the port number to the end of the SERVICENAME and use that as the DISPLAYNAME. (The DISPLAYNAME will appear in the Services control panel and will be displayed by the ps command)

-engine, -AppxExecutable=PATHNAME

The APPX engine at the specified PATHNAME will be run when initiating an APPX session.  The specified PATHNAME may be alsolute or it may be relative to the location of the appxdsvc command

-LogDirectory={/tmp, LOGDIR}

-AM, -AuthenticationMethod={OS-User | Appx-User | HT-User(filename)}

Acceptable values are 'OS-User', 'Appx-User', and 'HT-User(filename)'. With 'Appx-User' authentication, passwords are validated against the Appx user file With 'OS-User' authentication, passwords are validated by the operating system. With 'HT-User(filename)' authentication, passwords are validated against the named file (which you can maintain the Apache's htpasswd utility. If you choose 'Appx-User' authentication, you do not need a separate OS user account for each Appx user.  If this option is not specified, the default value is OS-User.

-ServiceType=Login

The only valid value when configuring a Connection Service is "Login".  If this option is not specified, the default value is Login.

-ServiceDisable={true, false}

-ServiceDisableLogin={true, false}

-ServiceDisableFMS={true, false}

-ServiceDisableAppxKeys={true, false}

-initScript={lsb, RedHat}

Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxdsvc will determine which type of service script to install.
 
Options - Startup Process
Deleted:
<
<
 -ServiceEnableCmds={true, false}
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true , then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
Line: 239 to 231
 -ServerPrivateKeyPassphrase=PASSPHRASE

-TrustedCAFile=CAFILENAME

Deleted:
<
<
 

Configuration - Environment Variables

Changed:
<
<

VARIABLE=VALUE

>
>
VARIABLE=VALUE
 
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager.
Deleted:
<
<
 

Synopsis - Service Management

appxdsvc [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}

Revision 232007-08-15 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

Line: 139 to 139
 
The remove command is used to remove an existing Connection Service. The remove command will remove the configuration files (ini and env) and the corresponding operating system service.

Configuration - Options

Changed:
<
<
Options - Session Identity/Permissions
>
>
Options - Session Identity/Permissions
 
Changed:
<
<
-ImpersonateGID={true, false}
>
>
-ImpersonateUID={true, false}
If this value is set to false, an APPX session which is initiated by the connection service will run as the user of the connection service.  Set this value to true if you want the APPX session to run with the permissions of a user (impersonate) other than the user of the connection service.  If this value is set to true, then the ImpersonateUser option determines which user the APPX session should impersonate.
 
Changed:
<
<
-ImpersonateGroup={LogonUser, NamedGroup(groupname), ServiceOwner}
>
>
-ImpersonateUser={LogonUser, NamedUser(USERID), ServiceOwner}
This option determines which O/S user the APPX session should impersonate (run as).
 
Changed:
<
<
-ImpersonateUID={true, false}
>
>
If LogonUser is specified, the user ID of the APPX session will be set to the user ID that was provided by the client login.  This user ID must be a valid O/S user.  The connection service must be running with the permissions of the root user if the LogonUser option is specified.

If NamedUser is specifed, the user ID of the APPX session will be set to the specified USERID.  This USERID must be a valid O/S user.  The connection service must be running with the permissions of the root user if the NamedUser option is specified.

If ServiceOwner is specified, the user ID of the APPX session will be the user ID that the connection service is running as.

-ImpersonateGID={true, false}

 
Changed:
<
<
-ImpersonateUser={LogonUser, NamedUser(username), ServiceOwner}
>
>
-ImpersonateGroup={User, LogonUser, LogonGroup, NamedGroup(groupname), ServiceOwner, ServiceGroup}
  -Umask=FILECREATIONMASK
Added:
>
>
APPX sessions which are initiated by the connection service will be given the specified FILECREATIONMASK.  The FILECREATIONMASK is used to set the permissions on files that are created by the APPX session.  The FILECREATIONMASK value should be a 4-digit octal value representing a standard Unix/Linux umask value.  For more information on umask values, please refer to your Unix/Linux system documentation.
 
Changed:
<
<
-IncludeSystemEnv={true, false}
>
>
-IncludeSystemEnv={true, false}
Set this option to true if you want the APPX sessions which are initiated by the connection service to inherit the environment of the connection service.
 
Options - General
Line: 182 to 192
  -ServiceDisableAppxKeys={true, false}
Changed:
<
<
-initScript={lsb, RedHat }
>
>
-initScript={lsb, RedHat}
 
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxdsvc will determine which type of service script to install.
Options - Startup Process

Revision 222007-08-15 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

Line: 115 to 116
  appxdsvc -remove -serviceName=SERVICENAME

Configuration - Commands 

Changed:
<
<
-install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>

-install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...

 -install  -port=PORT [options]... [VARIABLE=VALUE]...
The install command is used to configure and start a new instance of an APPX Connection Service. Either form of the install command may be used.
Line: 134 to 138
 -remove -servicename=SERVICENAME
The remove command is used to remove an existing Connection Service. The remove command will remove the configuration files (ini and env) and the corresponding operating system service.

Configuration - Options

Changed:
<
<
-port, -SockPort [Required with -install option]
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.
>
>
Options - Session Identity/Permissions

-ImpersonateGID={true, false}

-ImpersonateGroup={LogonUser, NamedGroup(groupname), ServiceOwner}

-ImpersonateUID={true, false}

-ImpersonateUser={LogonUser, NamedUser(username), ServiceOwner}

-Umask=FILECREATIONMASK

-IncludeSystemEnv={true, false}

 
Options - General
Changed:
<
<
-name, -ServiceName [Optional]
The specified SERVICENAME wiil be the name assigned to the Connection Manager service script that is created and to the related configuration files. The configuration file will have a file extension of "ini". If this option is omitted, the default SERVICENAME will be "appxd" followed by a "-" and the specified port number, e.g "appxd-8060".
>
>
-name, -ServiceName=SERVICENAME
The specified SERVICENAME will be the name assigned to the Connection Manager service script that is created and to the related configuration files. The configuration file will have a file extension of "ini". If this option is omitted, the default SERVICENAME will be "appxd" followed by a "-" and the specified port number, e.g "appxd-8060".
 
Changed:
<
<
-DisplayName=DISPLAYNAME [Optional]
If you don't supply a DISPLAYNAME appxdsvc will append the port number to the end of the SERVICENAME and use that as the DISPLAYNAME. (The DISPLAYNAME will appear in the Services control panel and will be displayed by the ps command)
>
>
-DisplayName=DISPLAYNAME
If you don't supply a DISPLAYNAME appxdsvc will append the port number to the end of the SERVICENAME and use that as the DISPLAYNAME. (The DISPLAYNAME will appear in the Services control panel and will be displayed by the ps command)
 
Changed:
<
<
-engine, -AppxExecutable=PATHNAME [Optional]
>
>
-engine, -AppxExecutable=PATHNAME
 

The APPX engine at the specified PATHNAME will be run when initiating an APPX session.  The specified PATHNAME may be alsolute or it may be relative to the location of the appxdsvc command

Changed:
<
<
-AM, -AuthenticationMethod={OS-User | Appx-User | HT-User(filename)}  [Optional]
>
>
-LogDirectory={/tmp, LOGDIR}

-AM, -AuthenticationMethod={OS-User | Appx-User | HT-User(filename)}

 
Acceptable values are 'OS-User', 'Appx-User', and 'HT-User(filename)'. With 'Appx-User' authentication, passwords are validated against the Appx user file With 'OS-User' authentication, passwords are validated by the operating system. With 'HT-User(filename)' authentication, passwords are validated against the named file (which you can maintain the Apache's htpasswd utility. If you choose 'Appx-User' authentication, you do not need a separate OS user account for each Appx user.  If this option is not specified, the default value is OS-User.
Changed:
<
<
-ServiceType=Login [Optional]
>
>
-ServiceType=Login
 
The only valid value when configuring a Connection Service is "Login".  If this option is not specified, the default value is Login.
Changed:
<
<
-initScript={lsb, RedHat } [Optional]
>
>
-ServiceDisable={true, false}

-ServiceDisableLogin={true, false}

-ServiceDisableFMS={true, false}

-ServiceDisableAppxKeys={true, false}

-initScript={lsb, RedHat }

 
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxdsvc will determine which type of service script to install.
Options - Startup Process
Changed:
<
<
-ServiceEnableCmds={true, false} [Optional]
>
>
-ServiceEnableCmds={true, false}
 
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true , then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
Changed:
<
<
-AppxDatabase=DATABASEID [Optional]
>
>
-AppxDatabase=DATABASEID
 
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
Changed:
<
<
-AppxApplication=APPLICATIONID [Optional]
>
>
-AppxApplication=APPLICATIONID
 
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the APPLICATIONID must be valid, i.e. it must be defined in the Applications file in APPX System Administration.  The specified APPLICATIONID must also be identified in APPX System Administration as a related application for the specified DATABASEID.
Changed:
<
<
-AppxProcessType={Menu, Job, Input, Output, Update, Action, Inquiry, Query, Status, Subroutine} [Optional]
>
>
-AppxProcessType={Menu, Job, Input, Output, Update, Action, Inquiry, Query, Status, Subroutine}
 
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the type of process that is to be invoked when a client session is initiated.
Changed:
<
<
-AppxProcessName=PROCESSNAME [Optional]
>
>
-AppxProcessName=PROCESSNAME
 
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the name of the process that is to be invoked when a client session is initiated.  The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
Added:
>
>
Options - TCP/IP

-port, -SockPort={8060, PORT}

Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.

-TCPNoDelay={true, false}

-TCPEnableKeepAlive={true, false}

-TCPKeepIdle={300, SECONDS}

-TCPKeepCount={8, COUNT}

-TCPKeepInterval={60, SECONDS}

 
Options - SSL
Changed:
<
<
*-SSLMode={optional, required, disabled, forcedOn, forcedOff} [Optional]
>
>
-SSLMode={optional, required, disabled}
 
Changed:
<
<
-RequireSSL={true, false} [Optional]
>
>
-RequireSSL={true, false}
 
Changed:
<
<
-RequireSSLClientCertificates={true, false} [Optional]
>
>
-RequireSSLClientCertificates={true, false}
  -ServerCertificateFile=CERTFILENAME
Line: 187 to 228
  -ServerPrivateKeyPassphrase=PASSPHRASE
Changed:
<
<
-TrustedCAFile=CAFILENAME
>
>
-TrustedCAFile=CAFILENAME
 

Configuration - Environment Variables

Changed:
<
<
VARIABLE=VALUE [Optional]
>
>
VARIABLE=VALUE
 
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager.

Synopsis - Service Management

Revision 212007-08-15 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"
Added:
>
>
 

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 105 to 106
 

Synopsis - Service Configuration

The appxdsvc service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.
Changed:
<
<
appxdsvc -install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
appxdsvc -install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
 appxdsvc -install -port=PORT [options]... [VARIABLE=VALUE]...

appxdsvc -modify -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...

Line: 114 to 115
  appxdsvc -remove -serviceName=SERVICENAME

Configuration - Commands 

Changed:
<
<
-install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
-install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
 -install  -port=PORT [options]... [VARIABLE=VALUE]...
Changed:
<
<
The install command is used to configure and start a new instance of an APPX Connection Service. Either form of the install command may be used.
>
>
The install command is used to configure and start a new instance of an APPX Connection Service. Either form of the install command may be used.
  The first form of the install command requires only that a service name be specified.
Line: 125 to 125
  Both forms of the install command allow for configuration options to be specified. If specified, the configuration options are stored in the service configuration file (ini). Default values will be used for any configuration options that are not specified including the service name.
Changed:
<
<
Both forms of the install command optionally allow values to be specified for environment variables. If specified, the environment variables and their values are stored in the environment configuration file (env). The environment variables in the environment configuration file will be set for any APPX sessions which are started by the connection service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...
>
>
Both forms of the install command optionally allow values to be specified for environment variables. If specified, the environment variables and their values are stored in the environment configuration file (env). The environment variables in the environment configuration file will be set for any APPX sessions which are started by the connection service. -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...
 
The modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed.

-replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...

Line: 137 to 136
 

Configuration - Options

-port, -SockPort [Required with -install option]
Configure the service to listen for connection requests on the specified TCP/IP PORT number. This option is required with the -install option. You may choose any TCP/IP PORT number that is not reserved or already being used on your system.
Added:
>
>
Options - General
  -name, -ServiceName [Optional]
The specified SERVICENAME wiil be the name assigned to the Connection Manager service script that is created and to the related configuration files. The configuration file will have a file extension of "ini". If this option is omitted, the default SERVICENAME will be "appxd" followed by a "-" and the specified port number, e.g "appxd-8060".
Line: 157 to 157
  -initScript={lsb, RedHat } [Optional]
Used with -install option to specify the type of operating system that the service script is to be created for. If this option is not specified, appxdsvc will determine which type of service script to install.
Added:
>
>
Options - Startup Process
  -ServiceEnableCmds={true, false} [Optional]
Changed:
<
<
If set to true , then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established.  If set to true, then any startup process specified by the client will take precedence over any startup process that may have been specified in the connection service configuration.  If the option is not specified, the default value is true.
>
>
Set this option to true if you want to allow the client to specify a startup process. Set this option to false if you do not want to allow the client to specify a startup process. If set to true , then any APPX startup process that may have been specified by the client will be invoked when the connection with the APPX session is established. If set to true, then any startup process that is specified by the client will take precedence over any startup process that may have been specified in the connection service configuration. If the option is not specified, the default value is true.
  -AppxDatabase=DATABASEID [Optional]
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  If specified, the DATABASEID must be valid, i.e. it must be defined in the Databases file in APPX System Administration.
Line: 171 to 172
 
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the type of process that is to be invoked when a client session is initiated.

-AppxProcessName=PROCESSNAME [Optional]

Changed:
<
<
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the name of the process that is to be invoked when a client session is initiated.  The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
>
>
This option must be specified if the connection service is being configured to invoke a specific startup process when a client session is initiated.  This option identifies the name of the process that is to be invoked when a client session is initiated.  The PROCESSNAME must be of the type specified and must be defined in the specified APPX Application.
Options - SSL

*-SSLMode={optional, required, disabled, forcedOn, forcedOff} [Optional]

-RequireSSL={true, false} [Optional]

-RequireSSLClientCertificates={true, false} [Optional]

-ServerCertificateFile=CERTFILENAME

-ServerPrivateKeyFile=KEYFILENAME

-ServerPrivateKeyPassphrase=PASSPHRASE

-TrustedCAFile=CAFILENAME

 

Configuration - Environment Variables

VARIABLE=VALUE [Optional]

Changed:
<
<
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager.
>
>
You can include a space-separated list of environment variables at the end of the command line when you use the -install option. These environment variables will be saved in the env file that is created and will be given to the environment of the appx sessions that are started by the Connection Manager.
 

Synopsis - Service Management

appxdsvc [-start | -stop | -restart | -status] {SERVICENAME | -serviceName=SERVICENAME}
Changed:
<
<
MANAGEMENT OPTIONS
>
>
MANAGEMENT OPTIONS
 
-start | < blank >
Start an instance of the Connection Manager service using the configuration information in the SERVICENAME.ini and the SERVICENAME.env files.

Revision 202007-08-14 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPXConnectionManager"

APPX Connection Manager For Unix/Linux

This page describes how to install the APPX Connection Manager command and how to use it to install, configure, and manage APPX Connection Services on Unix/Linux systems.
Line: 102 to 102
 Your operating system includes commands or programs that can be used to manage services. APPX Connection Services can be managed with these tools. The actual commands and programs vary depending on your operating system.

Usage (appxdsvc)

Changed:
<
<

Synopsis (Service Configuration)

>
>

Synopsis - Service Configuration

 
The appxdsvc service configuration commands are used to create, configure, and remove an instance of an APPX Connection Service.

appxdsvc -install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...

Line: 117 to 117
 
-install -serviceName=SERVICENAME [options]... [VARIABLE=VALUE]...
-install  -port=PORT [options]... [VARIABLE=VALUE]...
Changed:
<
<
Configure and start a new instance of an APPX Connection Service. Either form of the install command may be used.
>
>
The install command is used to configure and start a new instance of an APPX Connection Service. Either form of the install command may be used.
  The first form of the install command requires only that a service name be specified.
Changed:
<
<
The second form of the install command requires only that a TCP/IP port be specified. If a service name option is not specified, the install command will determine a name for the service as describe below.
>
>
The second form of the install command requires only that a TCP/IP port be specified.

Both forms of the install command allow for configuration options to be specified. If specified, the configuration options are stored in the service configuration file (ini). Default values will be used for any configuration options that are not specified including the service name.

Both forms of the install command optionally allow values to be specified for environment variables. If specified, the environment variables and their values are stored in the environment configuration file (env). The environment variables in the environment configuration file will be set for any APPX sessions which are started by the connection service.

 -modify -name=SERVICENAME [options]... [VARIABLE=VALUE]...
Changed:
<
<
Modify an existing Connection Service.  The specified options will be updated in the service configuration files.  Any options not specified will not be changed.
>
>
The modify command is used to modify the configuration of an existing Connection Service. The specified options will be updated in the service configuration files. Any options not specified will not be changed.
  -replace -name=SERVICENAME [options]... [VARIABLE=VALUE]...
Changed:
<
<
Replace an existing Connection Service with a new Connection Service. The replace option is effectively that same as a remove followed by an install.
>
>
The replace command is used to replace an existing Connection Service with a new Connection Service with the same name. The replace option is effectively the same as a remove command followed by an install command.