Many of the tasks the system administrator performs can be accomplished only in a special account called the SYSPROG (SYStem PROGrammer) account. The SYSPROG account gives the system administrator unlimited access to all files on the system as well as to certain commands that cannot be invoked by ordinary users (because those commands are not included in their Master Dictionaries).
The SYSPROG account is used to maintain the entire mvBase system. Starting up and shutting down the system, backing up and restoring the system, as well as many other administrative tasks, can be done only from the SYSPROG account.
The SYSPROG Master Dictionary contains a number of commands used for administrative purposes that are not found in any other account on the system.
The SYSPROG account has an assigned system privilege level of 3, so that when the administrator is logged on to SYSPROG, when SYS2 commands are used the actual system privilege level is raised to SYS3—the highest among the four privilege levels on the system. SYS3 privileges give the administrator unlimited access to the entire mvBase system.
Other accounts can be given unlimited access to the system similar to that of the SYSPROG account. This is done by assigning SYS3 privileges to such accounts. In the SYSTEM Dictionary, the Account Definition item for the SYSPROG account has an assigned system privilege level of 3. See the sections Creating and Deleting Accounts and mvBase System Security in the mvBase System Administration Manual for more information about system privilege levels.
Protecting the SYSPROG Account
Because the SYSPROG account gives unlimited access to the system, including the SYSTEM Dictionary, it is particularly important to assign a password to the SYSPROG account in order to limit access to authorized users. If SYSPROG is not password-protected, no other password on the system is safe, since any user could log to the SYSPROG account and change the passwords of all the accounts on the system. This oversight would also make it possible for any user, using the Editor, to make changes to the Account Definition items in the SYSTEM Dictionary.
Accessing the SYSPROG Account
If you have been authorized to use the SYSPROG account, you can log on to it from the logon prompt. You can also log to it from another account using the LOGTO command. See mvBase System Security in the mvBase System Administration Manual for more information about password assignments.
Contents of the SYSPROG Account
The SYSPROG account contains a number of files that are used for administrative purposes. They are similar in function to the system-level files contained in the SYSTEM Dictionary, which are described later in this section. More detailed information about these files can be found in the mvBase Operation and Administration Guide.
The files contained in the SYSPROG account include:
|
CURSOR |
Contains cursor movement definitions for terminals. |
|
FILE-XREF |
Contains file pathnames for all accounts on the system. The FILE-XREF file defines which files are to be tracked by the update logger. |
|
NEWAC |
Used as a template for the Master Dictionaries of all accounts on the system: when a new account’s Master Dictionary is created using CREATE-ACCOUNT, the contents of the NEWAC file are copied to it. |
|
PATH-XREF |
An old-to-new account index file. See the Update and Transaction Logging section in the mvBase Operation and Administration Guide for more information about the PATH-XREF file. |
|
POINTER-FILE |
Contains items that point to saved select-lists. |
|
RESTORE-XREF |
Used by the update logger. The RESTORE-XREF file is used to store file pathnames for accounts on a remote system. |
|
SYSPROG-BP |
Contains a pointer to the DEFINE-CURSOR program. All programs designed to be run only from the SYSPROG account can be stored in SYSPROG-BP. SYSPROG-BP contains DEFINE-CURSOR, GFE.RECOVER, LOAD.UPGRADE.PRG AND UPGRADE.MVBASE. |
|
SYSPROG-PL (SPL) |
Run only from the SYSPROG account. Contains Procs used for coldstarting and shutting down the system, backing up the system, creating and deleting accounts, listing the contents of the SYSTEM-ERRORS and SECURITY-LOG files, etc. These Procs are described in the SYSPROG Command Reference section. |
Copying SYSPROG Commands
The reason commands are placed in SYSPROG account and not made available to all users is that using these commands could affect other users on the system. It is recommended that only knowledgeable users attempt to use them. If you are authorized to access these commands, you should thoroughly understand them and exercise caution in using them.
Some SYSPROG commands, but not all of them, can be accessed from accounts other than SYSPROG. If you regularly access individual commands in the SYSPROG account, you might want to consider duplicating the command in your Master Dictionary. (You should implement some way of restricting others from your account.)
|
NOTE |
It is recommended that you not copy the command from the SYSPROG Master Dictionary. Instead, copy it from NEWAC, SYSPROG file. This file contains commands which can be used outside the SYSPROG account. (The commands that cannot be accessed outside of SYSPROG usually reference files defined in the SYSPROG Master Dictionary or the SYSTEM Dictionary.) |
See Also
Using the SYSPROG Account and Commands