ftam(1C) FTAM 3.00 ftam(1C)
NAME
FTAM - introduction to file transfer and management
utilities using the ISO/OSI FTAM protocol.
DESCRIPTION
The File Transfer, Access and Management (FTAM) standard,
ISO 8571, defines a set of services and protocols that
permit the transfer, access, and management of files on
heterogeneous systems across a computer network.
USER COMMANDS
The following executables provide FTAM file services.
ftcp - copy a file.
ftmv - move a file.
ftls - list files on a filestore.
ftrm - remove (delete) a file.
ftrattr - read the attributes of a file.
ftcattr - change the attributes of a file.
WHAT IS FTAM?
FTAM is an application level protocol within the ISO OSI
seven layer reference model. The FTAM protocol provides a
means for file transfer, access and management between
heterogeneous systems running an appropriate ISO/OSI
protocol stack.
The FTAM standard defines a virtual filestore, a file
protocol, and a service for manipulating the virtual
filestore. FTAM communication occurs between an FTAM
initiator and an FTAM responder. FTAM users make requests
through the FTAM initiator. The FTAM initiator establishes
a logical connection with an FTAM responder to service the
user's request. The FTAM initiator and responder then
communicate in terms of the virtual filestore. The
responder abstracts away from its real file system to
present the virtual filestore "view" to the initiator. This
abstraction means that the FTAM initiators and responders
existing on widely varying hardware and software platforms
can communicate without concern for specificities of the
system on which their FTAM peer is running.
FILESTORES
A filestore is an organized collection of files and their
attributes that resides on a computer system. The way that a
computer operating system organizes and stores files on the
filestore varies from system to system.
Licensed material--property of copyright holder(s) Page 1
ftam(1C) FTAM 3.00 ftam(1C)
In all cases, however, a file is a collection of information
such as text data from a word processor, binary data from a
spreadsheet, etc. An attribute is a piece of information
about the file. The filesize, for instance, is an attribute
that tells the size of the file. The contents type is
another attribute, one that describes the data in the file.
The FTAM standard defines a virtual filestore with file
types and file attributes. A virtual filestore is an
abstract model describing files and filestores, and the
possible actions on them. Revision 3.00 FTAM for AViiON
Systems supports the following contents types: FTAM-1
(unstructured text), FTAM-2 (sequential text), FTAM-3
(unstructured binary) and NBS-9 (directory).
FTAM FILE ATTRIBUTES
The attributes associated with files in a virtual filestore
are: filename, access control, contents type, file
availability, filesize, future filesize, date and time of
creation, date and time of last attribute modification, date
and time last modified, date and time of last read, identity
of creator, identity of last attribute modifier, identity of
last modifier, identity of last reader, legal
qualifications, permitted actions and storage account.
There are three levels of support for file attributes within
a filestore.
The attribute is not supported. An initiator that does not
support an attribute cannot make requests to read or modify
the attribute's value. A responder that does not support an
attribute does not accept requests to reference the
attribute's value and returns an error.
The attribute is partially supported. When an initiator
references an attribute that is partially supported by the
responder, the result "no value available" is returned.
The attribute is fully supported. An initiator supporting
an attribute can request filestore actions related to the
attribute. A responder supporting an attribute returns
meaningful information when an initiator references that
attribute. Except as noted below, the Revision 3.00 FTAM
for AViiON Systems initiator and responder fully support all
file attributes.
Filename is the name of the file in the virtual filestore.
The Filename section of this man page describes how Revision
3.00 FTAM for AViiON Systems interprets the filename.
Access control regulates file access under FTAM. The Access
Control Attribute section of this man page describes this
Licensed material--property of copyright holder(s) Page 2
ftam(1C) FTAM 3.00 ftam(1C)
attribute.
Contents type identifies the file data type and structure.
It indicates how file data is accessed. Revision 3.00 FTAM
for AViiON Systems supports the following contents types:
FTAM-1 (unstructured text), FTAM-2 (sequential text), FTAM-3
(unstructured binary) and NBS-9 (directory). Not all FTAM
responders support NBS-9 files. Responders that do support
NBS-9 files may make available a file called "DIRLIS", which
when specified on an ftls(1C) command yields a list of files
in the responder's virtual filestore.
File Availability indicates whether a delay should be
expected before the file can be manipulated. File
availability is either "immediate" or "deferred". A delay
might be expected if File Availability is "deferred".
Filesize is the size of the file in octets (bytes).
Future Filesize is the maximum size to which the file can
grow as a result of modifications. The Revision 3.00 FTAM
for AViiON Systems Responder partially supports this
attribute.
Date and time of creation is the date and time the file was
created. The Revision 3.00 FTAM for AViiON Systems
Responder partially supports this attribute.
Date and time of last attribute modification is the date and
time the attributes of the file were last changed.
Date and time of last modification is the date and time the
file's contents were last modified.
Date and time of last read is the date and time the file's
contents were last read.
Identity of creator identifies the creator of the file. The
Revision 3.00 FTAM for AViiON Systems Responder supports
this attribute; it is the DG/UX owner of the file.
Identity of last attribute modifier identifies the last user
to modify the attributes of the file. The Revision 3.00
FTAM for AViiON Systems Responder partially supports this
attribute.
Identity of last modifier identifies the last user to modify
the contents of the file. The Revision 3.00 FTAM for AViiON
Systems Responder partially supports this attribute.
Identity of last reader identifies the last user to read the
contents of the file. The Revision 3.00 FTAM for AViiON
Licensed material--property of copyright holder(s) Page 3
ftam(1C) FTAM 3.00 ftam(1C)
Systems Responder partially supports this attribute.
Legal qualifications contains legal restrictions pertaining
to the contents of the file. The Revision 3.00 FTAM for
AViiON Systems Responder partially supports this attribute.
Note that this attribute is not defined sufficiently in
either the base standard or in regional agreements to be
useful at this time.
Permitted actions is the set of file actions that may be
performed on a file while it exists in the responder's
virtual filestore.
Storage account contains the name of the account to incur
storage charges for the file. The Revision 3.00 FTAM for
AViiON Systems Responder partially supports this attribute.
ACCESS CONTROL
This section describes how Revision 3.00 FTAM for AViiON
Systems regulates file access.
To receive FTAM file service, you establish an association
to a particular responder; the responder regulates file
access. When you establish an association to an FTAM for
AViiON Systems responder, you must provide an initiator
identity (user name) and password. The responder uses an
operating system defined mechanism to authenticate them. On
non-secure DG/UX, the responder compares the initiator
identity and password against entries in the passwd(4) file,
yp(3R) may be used if it is enabled. On C2 Trusted DG/UX,
the responder passes the service name (ftam), initiator
identity, and password to the trusted authentication
mechanism. The responder will not accept file service
requests until you have been successfully authenticated.
Revision 3.00 FTAM for AViiON Systems maintains an access
control attribute for each file on its virtual filestore.
When you make file service requests on a particular file,
the FTAM for AViiON Systems responder examines the file's
access control attribute along with your authenticated
initiator identity to determine if the request should be
granted.
Revision 3.00 FTAM for AViiON Systems does not directly
examine the DG/UX mode bits to validate file requests.
However, it insures that the value of the mode bits and the
access control attribute are always synchronized. If a file
does not have an access control attribute, Revision 3.00
FTAM for AViiON Systems builds a default value for the
attribute from the DG/UX mode bits. When Revision 3.00 FTAM
for AViiON Systems modifies the access control attribute, it
Licensed material--property of copyright holder(s) Page 4
ftam(1C) FTAM 3.00 ftam(1C)
changes the DG/UX mode bits to reflect the value of the
attribute as closely as possible. If a non-FTAM process
modifies the DG/UX mode bits of a file with an access
control attribute, Revision 3.00 FTAM for AViiON Systems
rebuilds the access control attribute value to reflect the
mode bits.
Revision 3.00 FTAM for AViiON Systems is absolutely limited
by the normal DG/UX protection scheme. Revision 3.00 FTAM
for AViiON Systems will not successfully complete file
requests without the correct DG/UX privileges. The access
control attribute is always as restrictive or more
restrictive than the current DG/UX mode bit settings. It is
never less restrictive. Revision 3.00 FTAM for AViiON
Systems modifies mode bits only when it receives a change-
access-control attribute request. The request will succeed
only if you already have the DG/UX privileges to change the
file's mode (owner of the file or root). To manipulate a
file under Revision 3.00 FTAM for AViiON Systems, at the
minimum, you must have permission to resolve the file's
pathname from the root directory (at least execute access to
all parent directories.)
ACCESS CONTROL ATTRIBUTE
The access control attribute controls who may access the
file and how the file may be accessed. The access control
attribute is a set attribute; its value is a set of
unrelated conditions. Each element in the set defines a
condition under which access is valid. Access to the file
is allowed if one of the conditions is satisfied. See ISO
8571-2, Section 12.16, for a complete description of the
access control attribute.
The Revision 3.00 FTAM for AViiON Systems responder supports
from 1 to 6 conditions in the access control attribute; each
condition contains an action list term and usually an
identity test. The identity test is a character string. If
your authenticated initiator identity and the character
string in the identity test match, then you are allowed to
perform the actions specified in the action list term. The
action list term may specify the following actions:
Licensed material--property of copyright holder(s) Page 5
ftam(1C) FTAM 3.00 ftam(1C)
FTAM File Actions
Rd - read a file
Ra - read the attributes of a file
Ca - change the attributes of a file
Rp - replace contents of a file
In - insert data in a file
Df - delete a file
Ex - extend a file
Er - erase contents of a file
The following rules regulate condition matching. A
condition matches if your authenticated initiator identity
and the identity test term character string match exactly
(character by character comparison). The identity test
strings OWNER, GROUP, and OTHER are treated specially. If
your authenticated initiator identity is the DG/UX owner of
the file in question, you will always match the identity
test string OWNER, likewise for GROUP, and OTHER.
Conditions are ordered, the action list term from the first
condition that matches is used to determine file access.
ACCESS CONTROL TRANSLATION
When you change the value of a file's access control
attribute, Revision 3.00 FTAM for AViiON Systems modifies
the file's mode bits so that they correspond to the access
control attribute's value as closely as possible. FTAM for
AViiON Systems examines each condition in the access control
attribute separately. It maps the identity test term of the
condition to a DG/UX access class (owner, group, or other)
and the action list term to the DG/UX read, write, and
execute permissions producing a partial mode bit value. The
final mode bit value for the file is the logical OR of the
values obtained from each condition.
The table below describes the action-list-term-to-mode-bit
mapping. Read this table as follows, using the read file
action (Rd) as an example: if the Rd bit is set in the
action list term and the file is a regular file, set the
DG/UX read mode bit; otherwise, if the file is a directory,
set the read and execute mode bits.
Licensed material--property of copyright holder(s) Page 6
ftam(1C) FTAM 3.00 ftam(1C)
FTAM | regular | directory
action | file | file
------+---------+----------
Rd | r | rx
Ra | |
Ca | |
Rp | w | wx
In | w | wx
Df | |
Ex | w | wx
Er | w | wx
r - DG/UX read permission
w - DG/UX write permission
x - DG/UX search/execute permission
The following list describes the FTAM-identity-to-DG/UX-
access-class mapping in order of precedence:
1. If the identity is not present, map the action list term
to all three DG/UX access classes. For example, a
condition without an identity test and an action list
term whose Rd and Rp bits are set is mapped to the mode
bit value rw-rw-rw- (0666) for a regular file.
2. If the identity is the string "+", map the action list
term to all three DG/UX access classes. This is for
compatibility with DG/FTAM on AOS/VS II systems.
3. If the identity is one of the strings "OWNER", "GROUP",
or "OTHER", map the action list term directly to the
corresponding DG/UX access class. For example, a
condition with an identity test of GROUP and an action
list term whose Rd bit is set is mapped to the mode bit
value --r-----(0040) for a regular file.
4. If the identity has a defined DG/UX user id that matches
the owner user id of the file in question, map the
action list term to the DG/UX owner access class.
5. If the identity has a defined DG/UX group id that
matches the group user id of the file in question, map
the action list term to the DG/UX group access class.
6. If the identity is the name of the group in the group(4)
file that matches the group user id of the file in
question, map the action list term to the DG/UX group
access class.
Licensed material--property of copyright holder(s) Page 7
ftam(1C) FTAM 3.00 ftam(1C)
7. If the identity does not match any of above, map the
action list term to the DG/UX other access class. If
all identity matches fall in this category, set the
file's mode bits to 0640 (read, write for owner, read
for group, none for other).
Whenever Revision 3.00 FTAM for AViiON Systems reads the
value of the access control attribute, it checks to make
sure that the value corresponds as closely as possible to
the DG/UX mode bits. If the mode bits have changed,
Revision 3.00 FTAM for AViiON Systems rebuilds the access
control attribute value. This value always has four
conditions. The first three correspond to the owner, group,
and other DG/UX access classes. The fourth reflects the
access granted the current initiator identity. The
following table describes the DG/UX-file-mode-to-action-
list-term mapping:
file | FTAM
mode | actions granted
------+----------------
| Ra (always granted)
|
r | Rd
|
w | Er (FTAM-1, FTAM-2, FTAM-3)
| Rp Ex (FTAM-1, FTAM-3)
| In (FTAM-2)
|
owner | Ca
|
(1) | Df
(1) The Df action is granted if the user has DG/UX
write access to the parent directory of the file in
question.
FILE CONCURRENCY
Revision 3.00 FTAM for AViiON Systems observes file
concurrency for files only it manipulates. Revision 3.00
FTAM for AViiON Systems supports portions of concurrency
control as described in ISO 8571. In the absence of the
concurrency control parameter, the Revision 3.00 FTAM for
AViiON Systems responder enforces the phase 2 OIW specified
default concurrency control.
Licensed material--property of copyright holder(s) Page 8
ftam(1C) FTAM 3.00 ftam(1C)
FILENAMES
This section describes FTAM-for-AViiON-Systems-to-DG/UX-
filename mapping. FTAM for AViiON Systems filenames follow
DG/UX file naming conventions; FTAM for AViiON Systems
typically passes filenames to DG/UX unmodified.
Revision 3.00 FTAM for AViiON Systems does not modify
filenames that begin with the slash '/' character. The
directory path of these absolute pathnames is traced from
the root of the DG/UX file system hierarchy.
Revision 3.00 FTAM for AViiON Systems supports a csh(1)-like
tilde function. If the first character of a filename is a
tilde '~', Revision 3.00 FTAM for AViiON Systems treats the
characters between the tilde and the first slash '/'
character as a DG/UX user name and looks up that user's home
directory. Null user names are resolved to the logon name
of the current user. Revision 3.00 FTAM for AViiON Systems
traces the directory path of tilde pathnames from that
user's home directory.
The FTAM for AViiON Systems user interface and responder
treat filenames that do not begin with slash or tilde
(relative pathnames) differently. The FTAM for AViiON
Systems responder traces the directory path of relative
pathnames from the initiator identity's home directory. The
Revision 3.00 FTAM for AViiON Systems user interface traces
the directory path of local relative pathnames from the
current working directory.
Revision 3.00 FTAM for AViiON Systems resolves all links to
the final pathname before manipulating the file.
The examples below illustrate Revision 3.00 FTAM for AViiON
Systems pathname resolution mechanism:
On the DG/UX command line, you issue a command to read FTAM
file attributes:
$ ftrattr av-filestore#foo/bar#my-init-id#my-password
Ftrattr connects to av-filestore, a Revision 3.00 FTAM for
AViiON Systems responder. A DG/UX user my-init-id is
defined on the responder with a home directory of /home/my-
init-id. The filename foo/bar does not begin with a slash
or tilde so it is a relative pathname that resolves to
/home/my-init-id/foo/bar.
Licensed material--property of copyright holder(s) Page 9
ftam(1C) FTAM 3.00 ftam(1C)
On the DG/UX command line, you issue a command to delete a
file using FTAM:
$ ftrm av-filestore#/tmp/bar#my-init-id#my-password
Ftrm connects to av-filestore, a Revision 3.00 FTAM for
AViiON Systems responder. A DG/UX user my-init-id is
defined on the responder. The filename /tmp/bar begins
with a slash, so it is an absolute pathname that resolves to
/tmp/bar.
On the DG/UX command line, you issue a command to list the
contents of a directory file:
$ ftls ~a-init-id/..
The ftls file specification does not include a filestore
field so it refers to a file on the local file system. A
DG/UX user a-init-id is defined on the local system with a
home directory of /home/a-init-id. This is a tilde filename
which resolves to '/home/a-init-id/..'.
On the DG/UX command line, you issue a command to copy a
file:
$ cd /usr
$ ftcp include/stdio.h ~/stdio.h
Neither ftcp file specifications include a filestore field,
so both reference files on the local file system. Your home
directory is /home/my-init-id. The source file
specification does not begin with a slash or tilde so it is
a local relative pathname that resolves to
/usr/include/stdio.h. The target file specification is a
tilde pathname and resolves to /home/my-init-id/stdio.h.
SEE ALSO
ftcattr(1C), ftcp(1C), ftfs(1C), ftls(1C), ftmv(1C),
ftrattr(1C), ftrm(1C).
"Using FTAM for AViiON(R) Systems",
"Setting up and Managing the OSI/Platform for AViiON(R) Systems",
"Using the DG/UX(TM) System",
ISO OSI Standard 8571, parts 1 through 4.
Licensed material--property of copyright holder(s) Page 10