Run remote command exit program

With this program and OpsNav you can give certain users access to secure the Remote Command.

This Content Component encountered an error

Here is a sample CL program that allows certain users with Limit Capabilities(*YES) to run the CALL command remotely.

Note in the remarks that initial access security to the remote command is set up through Operations Navigator:
- right click on the AS/400 in question;
- select Application Administration;
- select the Client Applications
- expand AS/400 Client Access Express;
- secure 'Remote Command - Command Line' to the appropriate users.

Information is also provided in the program remarks on how to register the exit program.


 
/********************************************************************/
/*                                                                  */
/* Program name: UTJRMTCMD                                          */
/* System name:  Security                                           */
/* Author:       Mary C. Milliron                                   */
/* Project No.:  M5176                                              */
/*                                                                  */
/* Program Narrative:                                               */
/*                                                                  */
/*   This is an Exit program to secure the Remote Command to        */
/* certain users. Initial security is provided by Operations        */
/* Navigator. It is limiting access to the remote command to QPGMR, */
/* QSYSOPR, QSECOFR and APPDEV group profiles. APPDEV has been      */
/* placed in the Additional Group Profiles list for certain users   */
/* so that they can call a program that will end a server.  This    */
/* exit program was written to prevent them from accessing other    */
/* commands.                                                        */
/*                                                                  */
/*   There are 2 types of remote commands that go thru this exit    */
/* program:                                                         */
/*                                                                  */
/*  1. The distributed program call. RCFID = 4099                   */
/*     This is a system call from an application.                  */
/*                                                                  */
/*  2. The command line call. RCFID = 4098                          */
/*     This is a call from a Windows command prompt.                */
/*                                                                  */
/*   To register this program as an exit program, WRKREGINF and     */
/* add it to exit point QIBM_QZRC_RMT.                              */
/*                                                                  */
/* Compiler Options:                                                */
/*                                                                  */
/*   << list options specific to this program >>                    */
/*                                                                  */
/* Command:                                                         */
/*                                                                  */
/*   << if applicable >>                                            */
/*                                                                  */
/* Program Modification History:                                    */
/*                                                                  */
/*  mm/dd/yyyy  intitials  Project No: Mnnnn                        */
/*                         Description                              */
/*                                                                  */
/********************************************************************/
             PGM        PARM(&STATUS &REQUEST)

             DCL        VAR(&MSG) TYPE(*CHAR) LEN(200)

/*                                     */
/* PROGRAM CALL PARAMETER DECLARATIONS */
/*                                     */

             DCL        VAR(&STATUS) TYPE(*CHAR) LEN(1) /* +
                          Accept/Reject indicator */

    /* */
    /* Note: Request is declared as *CHAR LEN(2000) because that is */
    /* the limit in CL. The actual length of REQUEST is 4171. */
    /* */
             DCL        VAR(&REQUEST) TYPE(*CHAR) LEN(2000) /* +
                          Parameter structure */

/*                                 */
/* PARAMETER DECLARES              */
/*                                 */

    /* COMMON DECLARES */
             DCL        VAR(&USER) TYPE(*CHAR) LEN(10)
    /* User ID     */
             DCL        VAR(&APPLIC) TYPE(*CHAR) LEN(10)
    /* Server ID   */
             DCL        VAR(&FUNCTN) TYPE(*CHAR) LEN(10) /* Function +
                          being performed   */

    /* REMOTE COMMAND SERVER DECLARES */
             DCL        VAR(&RCFMT) TYPE(*CHAR) LEN(8) /* Format +
                          name                 */
             DCL        VAR(&RCFID) TYPE(*CHAR) LEN(4) /* Function +
                          identifier         */
             DCL        VAR(&RCPGM) TYPE(*CHAR) LEN(10) /* Program +
                          name                */
             DCL        VAR(&RCLIB) TYPE(*CHAR) LEN(10) /* Program +
                          library name        */
             DCL        VAR(&RCNUM) TYPE(*CHAR) LEN(4) /* Number of +
                          parms or cmdlen */
             DCL        VAR(&RCDATA) TYPE(*CHAR) LEN(6000) /* +
                          Command string nor parms */

/*                                 */
/* OTHER DECLARES                  */
/*                                 */
             DCL        VAR(&WRKLEN) TYPE(*CHAR) LEN(5)
             DCL        VAR(&DECLEN) TYPE(*DEC) LEN(8 0)
             DCL        VAR(&LMTCPB) TYPE(*CHAR) LEN(10)
             DCL        VAR(&CMD) TYPE(*CHAR) LEN(4)
             DCL        VAR(&RCFID_DEC) TYPE(*DEC) LEN(5 0) /* +
                          Function identifier         */

/*                                                    */
/* EXTRACT THE VARIOUS PARAMETERS FROM THE STRUCTURE  */
/*                                                    */

    /* HEADER */
             CHGVAR     VAR(&USER) VALUE(%SST(&REQUEST 1 10))
             CHGVAR     VAR(&APPLIC) VALUE(%SST(&REQUEST 11 10))
             CHGVAR     VAR(&FUNCTN) VALUE(%SST(&REQUEST 21 10))

    /* REMOTE COMMAND SERVER */
             CHGVAR     VAR(&RCFMT) VALUE(%SST(&REQUEST 21 8))
             CHGVAR     VAR(&RCFID) VALUE(%SST(&REQUEST 29 4))

             CHGVAR     VAR(&RCFID_DEC) VALUE(%BINARY(&RCFID)) /* +
                          convert binary to decimal */
             MONMSG     MSGID(CPF0000)

             CHGVAR     VAR(&RCPGM) VALUE(%SST(&REQUEST 33 10))
             CHGVAR     VAR(&RCLIB) VALUE(%SST(&REQUEST 43 10))
             CHGVAR     VAR(&RCNUM) VALUE(%SST(&REQUEST 33 10))
             CHGVAR     VAR(&RCDATA) VALUE(%SST(&REQUEST 57 1043))

/*                                           */
/* BEGIN MAIN PROGRAM                        */
/*                                           */

             CHGVAR     VAR(&STATUS) VALUE('1') /* INITIALIZE RETURN +
                          VALUE TO ACCEPT THE REQUEST */

/* ADD LOGIC COMMON TO ALL SERVERS */

             IF         COND(&APPLIC *EQ '*RMTSRV') THEN(GOTO +
                          CMDLBL(RMTCMD)) /* IF RMTCMD/DPC */

             GOTO       CMDLBL(EXIT)

/*                                           */
/* SUBROUTINES                               */
/*                                           */
      RMTCMD:

             RTVUSRPRF  USRPRF(&USER) LMTCPB(&LMTCPB)

             CHGVAR     VAR(&CMD) VALUE(%SST(&RCDATA 1 4))

             IF         COND(&LMTCPB *EQ '*YES' *AND &RCFID_DEC = +
                          4098 *AND (&CMD *NE 'CALL' *AND &CMD *NE +
                          'call' *AND &CMD *NE 'Call' *AND &CMD *NE +
                          '    ')) THEN(CHGVAR VAR(&STATUS) +
                          VALUE('0')) /* Only allow user to execute +
                          the CALL command */

             GOTO       CMDLBL(EXIT)

     EXIT:
             ENDPGM 
This was first published in April 2001

Dig deeper on Performance

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchEnterpriseLinux

SearchDataCenter

Close