Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Control of Multiple Virtual Storage Address Space Attributes for UNIX* Daemon Support

IP.com Disclosure Number: IPCOM000117873D
Original Publication Date: 1996-Jul-01
Included in the Prior Art Database: 2005-Mar-31
Document File: 6 page(s) / 196K

Publishing Venue

IBM

Related People

Ault, DF: AUTHOR [+3]

Abstract

The goal of the OpenEdition Multiple Virtual Storage (MVS) product is to provide industry-wide standard programming interfaces. The intent is to be able to port applications from other operating systems to MVS. Typical UNIX* systems support a wide range of daemon processes which perform system functions based on user requests. Unfortunately, much of the system function that is required to perform these daemon functions is not defined in any of the industry standards. Without these functions, it is not possible to port these daemon applications to MVS. The areas in which porting daemons runs into trouble are the security environment, accounting and address space attributes.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 33% of the total text.

Control of Multiple Virtual Storage Address Space Attributes for
UNIX* Daemon Support

      The goal of the OpenEdition Multiple Virtual Storage (MVS)
product is to provide industry-wide standard programming interfaces.
The intent is to be able to port applications from other operating
systems to MVS.  Typical UNIX* systems support a wide range of daemon
processes which perform system functions based on user requests.
Unfortunately, much of the system function that is required to
perform these daemon functions is not defined in any of the industry
standards.  Without these functions, it is not possible to port these
daemon applications to MVS.  The areas in which porting daemons runs
into trouble are the security environment, accounting and address
space attributes.

      The main characteristic of daemon processes which this
invention provides is the ability of the daemon to be able to create
a user process (address space) with the desired attributes.  Before
going into the OpenEdition method of supporting daemons, it will be
helpful to explain how a UNIX system typically accomplishes this task
and why different methods are needed on MVS.

UNIX Daemon Support

      Some examples of UNIX daemons are the TELNET daemon which
creates a process to run a user that logs on to a system or a CRON
daemon which will create a process to run a user program at a defined
time.  In order to create the address space with the correct
identify, a UNIX daemon will perform the following actions:
  o  Executes with superuser authority
  o  Validates a user request to run (e.g., validate password for
      logon)
  o  fork to create a new process
  o  setgroups to establish the appropriate RACF groups
  o  setgid to establish the active group
  o  setuid to change the identity of the process
  o  exec to execute the program which the user wants to run (e.g.,
      shell)

      At the completion of the above steps, the process has the user
identity and is capable of running the user application with the
appropriate authority.

MVS Problems With UNIX Approach

      The primary obstacle with an equivalent approach in MVS is that
MVS address spaces must have an MVS identify in addition to a POSIX
identity.  This means that a change of the real and effective User
Identifier (UID) for a process must also be accompanied by a change
in the MVS userid.  This change in the MVS userid is necessary to
give the new process the correct authority for accessing MVS
resources.  To complicate matters, many components of MVS assume that
the identity of an address space will not change in the middle of the
jobs execution.

      Another problem has to do with accounting.  On MVS, System
Management Facilities (SMF) records are created for the start and
termination of a job.  These SMF records are typically used for
billing purposes.  When a fork and exec is done, it creates SMF
records on behalf of the user that did the for...