Inside VESOFT #11 (BACKG)
I remember many moons ago when I worked at VESOFT Eugene asking us Tech Support geeks what we thought about having a background job, because there was all sorts of nifty things he could put in it. I gave the idea a thumbs up, because everyone else on the planet had background jobs for their stuff. Well eventually BACKG became available, and a number of things that required LOGON UDC’s could now be put into the background job and make the system even more secure (theoretically).
For those of you that don’t know, there is a way to logon to an SM user and have it bypass the logon UDC’s. UDC’s have other undesirable traights as well for security purposes, so the implementation of the background job and procedure exits was a very nice evolution. There are obviously some issues with the background job, in that it must be running, but you can take reasonable precautions to make sure it always starts up with the system. The BACKG command has the following syntax and parameters:
%SEC BACKG [SHOW] [STARTJOB] [STOPJOB] [START|STOP, taskname[,...]] "taskname" is one (or more) of: ALARM AUDITC CMDPROT HELLO LOGOFF LOGON NETPUSH NETRECV OBSFILL or the name of a user-implemented task. %SEC BACKG STARTJOB %SEC BACKG START,LOGOFF %SEC BACKG STOP,LOGOFF %SEC BACKG SHOW %SEC BACKG STOPJOB
I personally love the LOGON task and its associated HELLO.DATA.VESOFT file. Using the procedure exit AIF, VESOFT have changed how you might think of logging on. You can redefine HELLO so that a user could say HI or HOWDY or FOOBAR instead (whatever you want). This is more fun than anything else, but you can use it to further hide the type of system you are connected to.
The part that I really like, and make use of is the HELLO abbreviations. This feature allows you to redefine an entire hello string into a short word, for example.
$HELLO SYS SHAWN,MANAGER.SYS;HIPRI
So at the colon prompt I would simply type SYS and I would be logged on as SHAWN,MANAGER.SYS with HIPRI. I can even go so far as to embed the passwords and any other parameters that I want, but I wouldn’t suggest putting the passwords in. One way that I’ve made use of this is to devise a logon convention for session names, usually using initials with a region location, or possibly the phone extension or something, and then configure it up so that users would just logon with a short ID code and not have to use HELLO or any of the other stuff you normally have to teach users. Then of course you dump them into SECURITY/3000 menus immediately so that they never see a colon prompt and never have any idea what they are working on.
The other tasks are all pretty easy to figure out, the NETPUSH and NETRECV tasks are really the most confusing to set up. I think I was the only person at VESOFT that really understood it at the time I worked there, and that was from having to do extensive setup across 7 machines when I worked at L.A.Gear to support network synchronization of logons, so all the security profiles on all the machines were always in sync. I don’t think I remember it well enough to really explain it anymore, but if you have the need, you should call tech support or read up on it to implement it. I believe it’s easier now than it use to be.
There is a BACKGINI.DATA.VESOFT file that contains startup parameters for the tasks that are executed by BACKG. This can contain things like the execution priority, and the execution time for certain tasks like OBSFILL, NETPUSH, and AUDITC. A companion file is the TASKLIST.BACKG.VESOFT file which contains the names of the tasks that are available to BACKG. If you want to disable a certain task, then remove it from this file. As new tasks are created by VESOFT, they will be added to this file. Theoretically you can create your own tasks and add them to this file, but I’ve never found the documentation on how to do it.
BACKG is a great tool, and if you are a SECURITY/3000 shop especially, you should be using it. Having it running also gets you access to the little talked about batch scheduler that has been fit into the VESOFT suite of programs. STREAMX has some nifty new features that let you take advantage of the expression processing of the VESOFT suite to create your own batch scheduling environment. I’ve only spent a little time in it to date, but I’ll make more of a study of it in the future to put into one of these columns.