Transfer restrictions, Subvolume restrictions, Security code restrictions – HP Integrity NonStop H-Series User Manual

For an example of the TFTP Server RUN command, see

“Subvolume Restrictions”

below.

NOTE:

Ask your system manager for the name of the TCP/IP process on your system. If the

process is named anything other than $ZTC0, specify that name in a TCPIP^PROCESS^NAME
TACL PARAM command before running tftpsrv.

Refer to the TACL Reference Manualfor more information about TACL PARAM commands.

You might also need to resolve the DEFINE name =TCPIP^HOST^FILE.

Transfer Restrictions

Because TFTP services do not require you to provide a user ID or password, the TFTP server places
restrictions on the types of files you can retrieve from and store on a NonStop system.

Subvolume Restrictions

The user or operator who starts the TFTP server can specify from one to ten subvolumes in the RUN
command. If subvolumes are specified, all files transferred by a TFTP client to the NonStop system
must be stored in one of the specified subvolumes, and only files in those subvolumes can be
retrieved by TFTP clients. For example, the following command specifies that all TFTP transfers will
operate on files in the subvolumes $NET.PUB and $GRP.MEMOS:

TACL 5> run $system.ztcpip.tftpsrv /nowait, pri 150,&
out $null/ $net.pub $grp.memos

In this example, the run options that appear between the slashes (/) are the recommended options
for starting the TFTP server. The options specify that the current TACL process will not suspend itself
while the new process runs, that the execution priority is 150, and that the output goes to $NULL.

NOTE:

The user or operator who starts the TFTP server must have super ID capabilities.

If no subvolumes are specified, TFTP can only transfer files to or from the subvolume named
$DATA.PUBLIC. For more information about starting the TFTP server, see the TCP/IP Configuration
and Management Manual.

Security Code Restrictions

A file is protected in the Guardian file system by a security code that specifies who can read, write,
execute, and purge the file. The TFTP server examines the security code before allowing a file to
be transferred to the TFTP client or replaced by a file sent from the client. The form of the security
code is RWEP, indicating the following privileges:

Table 10 File Security Codes

Read access

R

Write access

W

Execute access

E

Purge access

P

In the security code, these privileges are granted to certain types of users; for example, the security
code NGGG grants read access to N (all network users) and write, execute, and purge access to
G (group members).

For a complete description of file security codes, see the Guardian User's Guide.

Restrictions on Retrieving Files

You can retrieve only those files that have a security code of Nxxx (where x can be any valid
security code. The file must be secured with the read access privilege granted to any network user
(N). The TFTP server does not consider the other three types of access when you retrieve a file.

128

Communicating With the TFTP Server