POSIXINFO Directory Statement
Purpose
The POSIXINFO statement specifies a user ID's POSIX information. It contains POSIX user database information such as POSIX user ID (UID), POSIX group ID (GID) or group name, initial working directory, initial user program and file system root.
How to Specify
If you specify the POSIXINFO statement, it must precede any device statements you specify in a profile, user, or identity entry. (For a list of device statements, see Table 1.)
Multiple POSIXINFO statements are allowed within a user, identity, or profile entry. Each operand can be specified only once within a user, identity, or profile entry. POSIXINFO values within a user or identity entry override those in a profile entry.
The POSIXINFO statement can be continued across multiple records in the source directory file. For more information about continued statement rules, see Continued Directory Statements. Note that some operands on this statement are case sensitive, so care should be taken to preserve the case of them when editing the source directory.
Operands
- UID uid
- specifies the POSIX user ID (UID) assigned to this user. This will be the user's real UID, effective UID and saved set-UID when the user logs on. Care should be taken in assigning zero as the UID, because UID zero is considered to denote appropriate privileges. A user with appropriate privileges can perform many authorized POSIX functions and will pass many security checks. The uid is a numeric value between 0 and '4294967295 (X'FFFFFFFF'). A default value of 4294967295 (X'FFFFFFFF') is assigned if there is no UID specification for a user.
- GID gid
- GNAME gname
- specifies the user's primary group. The gid is a numeric value between
0 and 4294967295 (X'FFFFFFFF'). The gname is a 1- to 8-character
mixed-case POSIX group name. The single or double quotation mark is invalid in the
gname. The case of the group name is preserved; it is not converted to
upper case by DIRECTXA. It must match exactly the group name on a POSIXGROUP statement or the
default group name implicitly defined by DIRECTXA. The gid or
gname must identify a group defined on a POSIXGROUP directory statement or
the default group name implicitly defined by DIRECTXA. The GID for this group will be the user's
real GID, effective GID and saved-set GID when the user logs on.
You may specify the group by either GID or GNAME, but not both. If GNAME is specified, the user's primary GID is obtained from the POSIXGROUP statement defining the group with name gname. If GID is specified, the user's primary group name is obtained from a POSIXGROUP statement defining a group with GID gid. If there is more than one group with this GID, then one of them is chosen as the user's primary group; it is unpredictable which one is chosen.
If there is no GID or GNAME specification for a user, the user's primary group is the default group, named DEFAULT with GID 4294967295 (X'FFFFFFFF').
- IWDIR string
- specifies the user's initial working directory. Its rules for specification are described below.
- IUPGM string
- specifies the user's initial user program. Its rules for specification are described below.
- FSROOT string
- specifies the user's file system root. Its rules for specification are described below.
The string specifying an IWDIR, IUPGM or FSROOT results in a mixed-case 1- to 1023-character string which may contain blanks, single quotation marks, double quotation marks and other special characters. The string begins with the first nonblank character following its keyword and may be continued on multiple directory records. If you do not want imbedded blanks or quotation marks in the result, and string fits on a single directory record, you may specify string as a single blank-delimited token. Otherwise, it must be specified as a quoted string operand. For more information about continued statement rules, see Quoted String Operands.
Usage Notes
- If your installation has installed an External Security Manager (ESM), the information specified on this directory statement may be overridden by information provided by the ESM. Consult your ESM documentation for more information.
- UIDs are not required to be unique. The same value can be assigned to multiple users, but this is not recommended. If you define multiple users with the same UID, do so with caution, because UIDs are used for various authority checks and individual user control and accountability will be lost.
- POSIXINFO statements are permitted in profile entries, but you should not specify the UID in a profile entry because it is likely to result in many users with the same UID. Since UIDs are used to identify individuals for the purposes of authorization and permission checking, extreme care should be used when assigning UIDs through a profile entry. Similar consideration should be given to assigning GID/GNAME through a profile entry.
- POSIX user names, sometimes referred to as login names, are defined to be the lower case version of the user's VM user ID.
Examples
- To define a userid CLYDE with 100 as UID, 200 as primary GID, /home/clyde as initial working
directory, pxshell as initial user program, and /../VMBFS:VMSYS:ROOT/ as the file system root, code
the following directory statements:
Globaldefs PosixGroup VMcp 200 : User clyde ... PosixInfo uid 100 gid 200 iwdir /home/clyde , iupgm pxshell PosixInfo fsroot /../VMBFS:VMSYS:ROOT/ - Assume you have several virtual machines, among them are SUE and DAMIAN, that have the same
initial user program pxshell, and /../VMBFS:VMSYS:ROOT/ as the file system root. SUE's UID is 200,
primary group has an ID of 101, and initial working directory /home/sue. DAMIAN's UID is 100,
primary group is named VMcp, and initial working directory /home/damian. Code the following
directory statements:
Globaldefs PosixGroup VMcms 100 PosixGroup VMcp 200 : Profile posixdef PosixInfo iwdir /home iupgm pxshell fsroot /../VMBFS:VMSYS:ROOT/ : User sue ... Include posixdef PosixInfo uid 200 gid 100 iwdir /home/sue : User damian ... Include posixdef PosixInfo uid 101 gname VMcp iwdir /home/damian