by Jeff Vance
Commercial Systems Division
Introduction
This article is intended for those who would like a more indepth understanding
of the following CI enhancements introduced in the "Express 3 CI Enhancemen
ts
Overview" article in Chapter 2.
Execute access for UDCs and command files
Prior to the MPE/iX-Express 3 Based on General Release 5.0,
all UDC and command file users have been
allowed read access to the UDC file or the command file they wish to execute.
Although these user command files can be protected by lockwords, the command
file user must know the lockword to be able to read the file's contents.
Now UDC files and command files can be protected by denying READ (R)
access and granting EXECUTE (X) access to users that need to execute the
file but are not permitted to read the file. For example, using either
of the following command lines grants execute access to the "mycmdf"
file. You can verify the security using LISTFILE formats -2 or 4.
:altsec mycmdf; access=(x:any; r,w,l,a:gu)
or
:altsec mycmdf; repacd=(racd,x:@.@; r,w,l,a:$group)
If you lack READ access to a command file or UDC file, the
system behaves in the following manner:
- You cannot see any of the commands within the file.
Specifically,
OPTION LIST
and the HPCMDTRACE variable are defeated.
-
HELP is unavailable for the
file. For a UDC file this means that all of the UDCs within the file are
treated as if OPTION NOHELP was specified.
-
SHOWCATALOG still lists the
individual UDCs and UDC filenames.
- If an error occurs, the offending
command line is not echoed to $STDLIST.
Of course, if you have READ access to the file then everything works
in a compatible manner.
POSIX-named command files
In MPE/iX General Release 5.0,
all command files must follow MPE naming rules and the
HPPATH variable can only contain the names of MPE groups and accounts.
In the Express 3 Release, command files can reside in the Hierarchical
File System (HFS) and follow the more flexible POSIX naming conventions.
For example, a command file can now be named "find_deduction", "1
23" or
"AutoExec.BAT." UDC files are still restricted to MPE naming rules.
Qualified MPE or POSIX filenames are executed immediately, skipping the
HPPATH variable. For example, "file.grp", "*feq", "$ol
dpass",
"/bin/ls", "./do_it" are all qualified filenames and thus HP
PATH is
ignored. If the file exists it is executed. If the file is not
found then the following message is reported:
Unknown command name. (CIERR 975)
Qualified MPE filenames are "file.group" or "file.group.account&q
uot;. Also,
backreferences to a file equation and system-defined files, such as
$OLDPASS, are considered qualified MPE names. Qualified POSIX names are
absolute pathnames (the name starts at root, "/name"), or Current
Working Directory (CWD) relative names (the name starts at the user's
current working directory, "./name").
The command file named "a/b" can be considered a qualified POSIX name
(file "b" under directory "a"), but for compatibility reason
s this is
first treated as an unqualified MPE name with a supplied lockword.
Actually, "file.grp" could be an unqualified POSIX name (in which case
HPPATH is used), but the MPE file "FILE" in the MPE group "GRP&qu
ot; is
looked for first. Other examples where the command filename could be
both an MPE name or a POSIX name are covered later, but in all of these
cases the MPE name is searched for before the POSIX name.
To execute unqualified POSIX-named command files, HPPATH must
contain one or more entries specified in MPE-ESCAPED syntax. That is,
the name must begin with a dot (".") or a slash ("/"). The
default
HPPATH setting is "!hpgroup,PUB,PUB.SYS,ARPA.SYS". Since the default
HPPATH contains no MPE-ESCAPED named entries, unqualified POSIX-named
command files cannot be located. If HPPATH is modified to be
"PUB.SYS,/bin,./mybin" then unqualified POSIX-named command files can
be
located in /bin and in CWD/mybin. If the System Manager desires to
place POSIX-named command files in PUB.SYS then HPPATH needs to contain
a "/SYS/PUB" entry. In other words, to use unqualified POSIX-named
scripts, even if the file resides in an MPE group, the location
(directory) name must appear in HPPATH in MPE-ESCAPED syntax.
Following is the basic algorithm for processing MPE- or POSIX-named command
files:
- The command name is parsed twice: first via MPE rules
then via POSIX syntax rules.
- If the name is a qualified MPE name
(e.g., "a.b") it is tried first.
- If a file matching the name has
not yet been found and the name is not a qualified POSIX name then
HPPATH is used to try to locate the name.
- MPE path
elements (group.accounts) are appended to the MPE parsed version of the
command filename.
- POSIX path elements (directories) are prepended to
the POSIX parsed version of the command name.
- The name, qualified by
the appropriate HPPATH element, is searched for until the first match.
- If a file matching the command filename has still not been
located and the command name is a qualified POSIX name (e.g., "./a",
"/a", "a/b") then that exact name is searched for.
- At this point either
there is a match or an "unknown command" error is reported.
NOTE:
The same command filename can be both a qualified MPE name and a
qualified POSIX name, e.g., "a/b.c". This name could refer to file &q
uot;A" in
group "C" with lockword "B", or file "b.c" under d
irectory "a". According to
the above algorithm, the qualified MPE version of the name is tried first.
Before showing some examples it is important to remember that MPE command names
are delimited by the first character that is not a valid name character. This
is how the CI has behaved since MPE XL Release 1.0 and, in most cases, a blank
delimits all command names. UDC names are delimited by the first
non-alphanumeric character.
For example, if the command entered is
:udc1a.chv, the CI first looks for a UDC named "UDC1A", a
nd if
found passes ".chv" as the first argument.
Built-in command names are delimited by
the first non-alpha character. For example, if the built-in command is
:run$oldpass, "$oldpass" is passed as the first parameter
to the
RUN command.
Likewise, if the built-in command is :abortio7, "7" is pa
ssed as
the first argument to the ABORTIO command.
Command filenames are delimited
by the first non-filename character. For example, if the command entered is
:xyzzy.g%foo, the file "XYZZY.G" is passed "%foo&quo
t; as its first
argument.
Again, this is not new behavior for the Express 3 Release, but it is worth
describing since many users assume a blank command name delimiter is required.
For the examples below, assume that HPPATH is set as:
:setvar hppath "PUB.SYS, ., /SYS/PUB"
where the directory "." refers to the user's current working directory
(CWD).
Command / HPPATH Searching
-
:a
- A.PUB.SYS, ./a, /SYS/PUB/a
-
:A
- A.PUB.SYS, ./A, /SYS/PUB/A (redundant)
-
:./a
- qualified name, HPPATH is ignored, ./a is executed
-
:/a
- qualified name, HPPATH is ignored, /a is executed
-
:a_b
- A.PUB.SYS ("_b" passed as 1st parm), ./a _b, /SYS/PUB/a_b
-
:a.b
- qualified MPE name, A.B.ACCT, if not found then HPPATH is used as: ./a.b, /SYS/PUB/a.b (MPE path elements are skipped)
-
:_a
- ./_a, /SYS/PUB/_a (MPE path elements are skipped)
-
:a/b
- A/B.PUB.SYS (POSIX path elements are skipped), if not found then qualified POSIX name "a/b" is executed
-
:a/b.c
- qualified MPE name, A/B.C, if not found then quali fied POSIX name, a/b.c (HPPATH skipped)
-
:_a/b
- qualified POSIX name, _a/b (HPPATH skipped)
New predefined variables
HPSTREAMEDBY is a read-only string variable. It contains the
user.account
name of the user who streamed "you", if "you" is a job; or w
ho STARTSESSed
"you", if "you" is a programmatically created session. The
exact format is:
UserName.AcctName (#J|Snnnnn)
If "you" is the initial OPERATOR.SYS logon or a job streamed from the
SYSSTART.PUB.SYS file, then the job/session ID is replaced by the string
"SYSTEM PROCESS". For example, MANAGER.SYS (SYSTEM PROCESS).
HPLASTJOB is a read-write string variable. It contains the job ID of
the job you most recently STREAMed. The format is: "#Jnnnnn" and appe
ars
the same as the job ID output by the STREAM command.
HPOSVERSION is a read-only string variable. It contains the operating
system version ID identical to the middle version string in the
SHOWME banner.
Remember that the HPVERSION variable contains the user version ID, which can be
modified via SYSGEN.
HPRELVERSION is a read-only string variable. It contains the Release
version ID identical to the left version string in the
SHOWME banner.
Redo enhancements
The REDO procedure which is
invoked by the CI, Debugger, SYSGEN, VOLUTIL and
the Link Editor has been enhanced.
Motivated, in part, by the need for case specificity in POSIX filenames,
REDO
now supports upshift (^) and downshift (v) edits.
Also command lines
get longer, it becomes more cumbersome to delete a name, hence a word edit has
been defined. For example dw deletes a word. REDO
defines words to be any
characters delimited by a space, comma or semicolon.
Note: in Release 5.5, a word is delimited by the above characters in addition
to: tab, equalsign, single and double quotemarks, square brackets and
parenthesis. This was done for consistency between REDO word
operations and the new word() evaluator function.
Words can also be upshifted (^w) or downshifted (vw).
Finally, sometimes the edit needs
to be applied to part of a word or to several words, so you can supply
your own matching delimiter. For example, d/ would delete to the
first "/".
The new edits can be applied to the end-of-line by preceding the edit with "
;>".
For example, <code>>dw</code< deletes the last word, and <code
>>v@</code>
downshifts starting at the
end-of-line back to the first "@" character (searching from right-to-l
eft).
The user-supplied delimiter edits are not performed if the
delimiter is not found. Also the special characters space, "^" and &q
uot;>"
cannot be used as delimiters since these symbols have already been defined.
If a word edit is specified and a word delimiter is not found then the edit
applies to the entire line.
|
Printable version
