|
|
900 Series HP 3000 Computer Systems: MPE/iX Architected Interface Facility: Operating System Reference Manual > Chapter 3 Architected Interface DescriptionsAIFCHANGELOGON |
|
Changes the logon environment of a process.
The AIFCHANGELOGON AIF changes the logon environment of a process. It supports the concept of a private logon environment, so the effects of AIFCHANGELOGON are local to the process. This allows users to call AIFCHANGELOGON from multiple processes executing within a given job/session without having the various processes interfere with each other. All child processes created after calling AIFCHANGELOGON inherit the user name, account name, group name, job name, and capabilities of the parent. Processes created prior to calling AIFCHANGELOGON are not affected. Any program which has called AIFCHANGELOGON and has used the options parameter to change the global logon environment must call AIFCHANGELOGON again to restore the logon environment to its original state before terminating. It the global logon environment is not restored, the parent process might experience difficulties when accessing logon related information and at the time of logoff. The current implementation of this procedure is subject to the following restrictions: Session Variables: There is only one variable table per job or session. Session variables, both user-defined and system-defined, are stored by variable name in this table. If multiple processes are executing in the same job/session, they all share the same variables. If one process issues a programmatic SETVAR command and another process issues a programmatic DELETEVAR or SETVAR command for the same variable name, the SETVAR issued by the first process is deleted or overwritten. The AIFCHANGELOGON AIF does not create private (process-local) variables. System Variables Most system variables (HP@) are actually implemented as "active functions", and they function correctly after a process executes an AIFCHANGELOGON. They should reflect the changes for the process. A few system variables are not implemented as active functions. These system variables will experience the same behavior as user-defined variables; one process can overwrite the changes made by another process in the same job/session. Below is a complete list of system variables implemented as active functions. The variables marked with an "*" are read/write variables; the rest are read only.
Temporary Files The default for AIFCHANGELOGON is to create a new temporary directory on release 4.0. For applications which had temporary files open this resulted in errors being returned. In the past, the temporary directory was shared by all processes in the job/session domain. Unless the application has a need to create a new temporary directory, the recommendation is to set bit 4 in the options parameter to keep the existing temporary directory. When bit 4 is not set, the caller of AIFCHANGELOGON must close all temporary files. If temporary files are not closed, and the option to keep the temporary directory is not set, then AIFCHANGELOGON returns an error. JOBINFO If a process calls AIFCHANGELOGON, then information about the process local logon environment (created my AIFCHANGELOGON) will not be accessible via the JOBINFO intrinsic. The information returned by JOBINFO always reflects the global (jobwide or sessionwide) logon environment. If options to update global information are not selected, the global information is going to be different from the process local information. To avoid confusion and assure consistency use AIFJSGET/PUT and AIFPROCGET/PUT. DSCOPY The DSCOPY command does not work correctly when invoked programmatically from a process that has changed its logon environment using AIFCHANGELOGON. The DSCOPY process inherits the original logon characteristics instead of the process local environment. As a result, the capabilities of the DSCOPY process may be different (more or less). DSCOPY capabilities problem If the original capability is a superset of the new capability, DSCOPY grants access to files that the process should not have access to. On the other hand, if the original capability is less (not a superset) then the new capabilities, DSCOPY denies access to files that the process should have access to. DSCOPY non-fully qualified problem Suppose that you change logon to a new group or account, and you do a DSCOPY as follows:
If groupname is omitted, the file system qualifies the group name with your original logon group name. Similarly, if acctname is omitted, the file system qualifies the account name with your original logon account name. UDC environment The AIFCHANGELOGON AIF does not execute the logon UDC as a regular logoff and logon would. The UDC environment stays the same as the original logon. The new user may not be able to use the original logon UDC anymore if he or she does not have the right capabilities. |
|