Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1298568
  • 博文数量: 287
  • 博客积分: 11000
  • 博客等级: 上将
  • 技术积分: 3833
  • 用 户 组: 普通用户
  • 注册时间: 2007-08-16 08:43
文章分类
文章存档

2013年(15)

2012年(17)

2011年(17)

2010年(135)

2009年(85)

2008年(18)

分类: 系统运维

2010-06-04 16:59:16

Q: Anyone have an RPG IV prototype example using either of these two APIs?
    Syntax
     #include
     int qsysetuid(uid_t uid);


A: At one time, I wrote an RPG version of qsysetid.h (I called it QSYSETID_H)
I don't remember which prototypes have been tested in this source file and
which have not, but to the best of my knowledge, they are all correct.

My RPG member called QSYSETID_H follows:


      /if defined(QSYSETID_H)
      /eof
      /endif
      /define QSYSETID_H

     D uid_t           s             10U 0 based(template)
     D gid_t           s             10U 0 based(template)

     D QSYSETID_NOCHANGE...
     D                 c                   const(4294967295)

     D qsysetuid       PR            10I 0 extproc('qsysetuid')
     D   uid                               like(uid_t) value

     D qsyseteuid      PR            10I 0 extproc('qsyseteuid')
     D   uid                               like(uid_t) value

     D qsysetreuid     PR            10I 0 extproc('qsysetreuid')
     D   ruid                              like(uid_t) value
     D   euid                              like(uid_t) value

     D qsysetgid       PR            10I 0 extproc('qsysetgid')
     D   gid                               like(gid_t) value

     D qsysetegid      PR            10I 0 extproc('qsysetegid')
     D   gid                               like(gid_t) value

     D qsysetregid     PR            10I 0 extproc('qsysetregid')
     D   rgid                              like(gid_t) value
     D   egid                              like(gid_t) value

     D qsygetgroups    PR            10I 0 extproc('qsygetgroups')
     D   gidsize                     10I 0 value
     D   grouplist                         like(gid_t)
     D                                     dim(32767)
     D                                     options(*varsize)

     D qsysetgroups    PR            10I 0 extproc('qsysetgroups')
     D   gidsize                     10I 0 value
     D   grouplist                         like(gid_t)
     D                                     dim(32767)
     D                                     const
     D                                     options(*varsize)


Reply: Thanks. I will give it a shot. I'm trying to use these APIs to
extend adopted authority functionality to IFS files.


New reply:
Those APIs (qsysetuid(), et al) are designed to make it easier to convert
Unix programs to run on the iSeries.  Since you're coding in RPG, that's
probably not where you're coming from.

You might find the Profile Handle or Profile Token APIs more intuitive for
your purposes, since you give them an actual user profile name rather than
a Unix uid/gid as input.

Just a thought.


Reply: Thanks again. I am actually trying to follow Carol Woodbury's
recommendations in 'Experts Guide to OS/400 & i5/OS Security' in which she
reviews the Profile Swap and Profile Token APIs as well as the UID and GID
API methods and recommends GID as her current favorite because it provides
temporary authority to the application objects for the current thread only.

Thanks to Scott Klement & Lorne
阅读(675) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~