On Mon, 14 Aug 2017 08:25:18 -0500, John McKown wrote: >On Sun, Aug 13, 2017 at 10:34 PM, Paul Gilmartin wrote: > >> On Sun, 13 Aug 2017 17:27:24 -0500, John McKown wrote: >> > >> >Looking at >> > https://www.ibm.com/support/knowledgecenter/SSLTBW_2.2.0/com.ibm.zos.v2r2.halz002/ftp_cfg_opt_user_exits.htm >> > [URL repaired, I think. Grrr.] >> >It looks like something could possible be done using the FTOSTPR exit. >> This >> >appears to get control after a number of commands, namely RETR (send file >> >to remote), STOR (get file from remote), STOU (store unique), APPE (append >> >to existing file on z/OS), DELE (delete z/OS DSN or file), RTNO (Rename >> >z/OS file or DSN). >> > >> >I was thinking that this might be a way to "do something" when one of these >> >events occurs. Some of my ideas were along the lines of sending: a email >> >that a file has been received; sending a email when a remote user downloads >> >a file; run a batch job or UNIX script when a specific DSN/file was >> >uploaded. >> > >> When is the exit entered? When the command begns? When it completes? Both? >> >Exit runs _after_ the command completes. It has a parameter which >indicates the "return code" for the function. I've not looked closely at >the various values which might be in this "return code". > >Perhaps I should have included this link as well: >https://www.ibm.com/support/knowledgecenter/SSLTBW_2.2.0/com.ibm.zos.v2r2.halz001/ftpostpruserexit.htm > I RTFM. That one is entered after; (most?) others before.
Also, with what UID are tne exits entered? I assume that after password validitation the server does fork(); setuid(); so are subsequent exits entered with the UID of the server (parent) or of the child? Wild idea: How about an exit in ~$LOGNAME/.ftpexit, execued for each command after the setuid()? This could be authored by the user with no need for admin privilege. I suppose ths is equivalent to FILETYPE=JES, ssh, or Co:Z in that each provides a way to execute code remotely. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
