Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

sesctld(1M)

trusted_path(6M)



sesctl(1M)               DG/UX B2 Security R4.12MU02              sesctl(1M)


NAME
       sesctl - session control

SYNOPSIS
       sesctl [ options ... ]

                 [ -p ]

                 [ -d 1 ]

                 [ -s signal ]

                 [ -t [ -g num_secnds ] ]

                 [ -f sbsn_name ]

                 [ -u ]

                 [ -x ]

                 [ -n sbsn_name ] [ -i ]

                 [ -e program,arguments  ]

DESCRIPTION
       Sesctl provides an interface to the Trusted Path mechanism to control
       subsessions.  This interface is generally used by the Trusted Path
       menu to manipulate the existing sessions on a terminal.

   Options
       -f sbsn_name
                 changes the currently focused subsession to the subsession
                 named sbsn_name.

       -d 1      generates confirmation messages after each individual
                 requests for debugging purposes.  The value of 1 is
                 required today but the recognized values may be expanded in
                 the future.

       -s signal sends the specified signal to all processes in the terminal
                 foreground process group.  The signal argument is the
                 decimal integer number for the signal to send as defined in
                 /usr/include/sys/signal.h.  The current foreground process
                 group is determined by TIOCGPGRP on the terminal, See
                 termio(3C)).  This is useful for sending a SIGINT
                 equivalent to what the BRKINT termio(7) flag would have
                 generated for the Break sequence.

       -t        terminates all subsessions that are running on the
                 terminal.  The -g num_secnds option specifies that the user
                 subsession leader processes for each subsession should be
                 sent a SIGHUP signal and trusted path should delay
                 num_secnds seconds before sending a SIGKILL signal.
                 Without the -g switch, all user subsession leader processes
                 will be sent a SIGKILL signal immediately.  The num_secnds
                 argument must be a decimal integer number of seconds
                 greater than zero; any value greater than 300 is silently
                 reduced to 300.

       [ -u ]    causes Trusted Path to save the security attributes from
                 the currently running process as the default attributes for
                 new subsessions created by that subsession.  This may only
                 be done by a terminal session leader that has appropriate
                 privilege or once by a session initiator invoked with the
                 -i option.

       [ -x ]    causes sesctl to drop the controlling terminal and request
                 a sesctld(1M) to become a session leader and manage
                 subsessions on the terminal.  This can only be done with
                 the -u option and is generally used in conjunction with a
                 -n option to create a subsession on the terminal.  This
                 will cause Trusted Path to change the session id for the
                 terminal, which may be confusing in some situations.  The
                 sesctl will remain until all subsessions on the terminal
                 (started by sesctld) have terminated.

       -p        prints out the current environment definitions of device
                 name and number for the user's controlling terminal.

       [ -n sbsn_name ] [ -i ]
                 creates a new subsession with the name sbsn_name.  A -e
                 option (below) must be given to specify the program to run
                 and the arguments for that program.  The -i option
                 indicates the new subsession is starting a session
                 initiator, such as su(1), assume(1), or newsession(1) and
                 it should be invoked with the privileges needed by a
                 session initiator.  The program executed must be one of the
                 session initiators just listed.

       -e program,arguments
                 specifies a program and arguments to exec.  If the -n
                 option is requested, the program will be exec-ed in a new
                 session context, otherwise the program will be exec-ed
                 after all other options are complete.  This must be the
                 last argument because everything after the -e will be
                 passed to the program being exec-ed.

EXAMPLES
       The following example changes the current active subsession to the
       subsession named initial:

       sesctl -f initial

       The following example creates a virtual terminal session with trusted
       path service.  This service includes a trusted path menu that can be
       used to access administrative roles.

       mterm -display myhost:0 -e \
       sesctl -u -x -n sysadmin -i -e assume sysadmin

DIAGNOSTICS
   Exit Codes
        0     normal

        1     abnormal termination

SEE ALSO
       sesctld(1M), trusted_path(6M).

NOTES
       Trusted Path will only accept commands from the currently active
       subsession.  It isn't possible to control Trusted Path from a
       background process in an inactive subsession.  It isn't possible to
       control Trusted Path from another terminal.



Licensed material--property of copyright holder(s)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026