HTTPd Server Account and Environment

WASD Hypertext Services - Technical Overview

[next] [previous][contents]

4 - HTTPd Server Account and Environment

The HTTPd server account should be a standard account, preferably in a group of its own (definitely at least a non-system, non-user group), with sufficient quotas to handle the expected traffic.

4.1 - VMS Account

The following provides a guide to the account:

  Username: HTTP$SERVER                      Owner:  HyperText Daemon
  Account:  HTTPD                            UIC:    [377,377] ([HTTPD,HTTP$SERVER])
  CLI:      DCL                              Tables: DCLTABLES
  Default:  HT_ROOT:[HTTP$SERVER]
  LGICMD:   LOGIN
  Flags:  Restricted DisNewMail
  Primary days:   Mon Tue Wed Thu Fri
  Secondary days:                     Sat Sun
  Primary   000000000011111111112222  Secondary 000000000011111111112222
  Day Hours 012345678901234567890123  Day Hours 012345678901234567890123
  Network:  ##### Full access ######            ##### Full access ######
  Batch:    ##### Full access ######            ##### Full access ######
  Local:    -----  No access  ------            -----  No access  ------
  Dialup:   -----  No access  ------            -----  No access  ------
  Remote:   -----  No access  ------            -----  No access  ------
  Expiration:            (none)    Pwdminimum:  6   Login Fails:     0
  Pwdlifetime:         90 00:00    Pwdchange:      (pre-expired)
  Last Login:            (none) (interactive), 11-MAY-1995 08:44 (non-interactive)
  Maxjobs:         0  Fillm:       300  Bytlm:       300000
  Maxacctjobs:     0  Shrfillm:      0  Pbytlm:           0
  Maxdetach:       0  BIOlm:       512  JTquota:       1024
  Prclm:         100  DIOlm:       512  WSdef:         1000
  Prio:            4  ASTlm:       600  WSquo:         2000
  Queprio:         0  TQElm:       100  WSextent:     20000
  CPU:        (none)  Enqlm:       256  Pgflquo:     200000
  Authorized Privileges:
    NETMBX    TMPMBX
  Default Privileges:
    NETMBX    TMPMBX

4.2 - Account Support Files

NOTE: The recommended LOGIN.COM (and server startup in general) has been modified for version 4. It now involves three files, LOGIN.COM, HTTPD_BATCH.COM and HTTPD80.COM. This was done to more easily support multiple servers in VMS clusters.

Examples may be found in HT_ROOT:[EXAMPLE].

LOGIN.COM

The following is suggested as the LOGIN.COM for the server account. It provides a secure DCL environment for the server image to execute within.

  $ SET NOON
  $ SET NOCONTROL=Y
  $ NODENAME = F$GETSYI("NODENAME")
  $ IF F$MODE() .EQS. "OTHER" THEN EXIT
  $ IF F$MODE() .EQS. "BATCH" THEN EXIT
  $!(interactive and network modes stop here!)
  $ STOP/ID=0

HTTPD_BATCH.COM

The following procedure is SUBMITted by system startup procedure under the HTTPd server account, and simply creates a detached process under the control of HTTPD80.COM, or its equivalent.

  $! SET VERIFY
  $ SET NOON
  $ SET NOCONTROL=Y
  $ NODENAME = F$GETSYI("NODENAME")
  $ PORT = P1
  $ IF PORT .EQS. "" THEN PORT = "80"
  $ PURGE /KEEP=3 HT_SERVER_LOGS:'NODENAME'_'PORT'_HTTPD.LOG
  $ RUN SYS$SYSTEM:LOGINOUT -
        /DETACHED /AUTHORIZE -
        /INPUT=HTTPD'PORT'.COM -
        /OUTPUT=HT_SERVER_LOGS:'NODENAME'_'PORT'_HTTPD.LOG
  $ STOP/ID=0

HTTPD80.COM

The following is suggested as the procedure control the execution of the HTTPD.EXE image.

  $! SET VERIFY
  $ SET NOON
  $ SET NOCONTROL=Y
  $ NODENAME = F$GETSYI("NODENAME")
  $ PORT = 80
  $! DEFINE /JOB HTTPD$MAP HTTPD$MAP'PORT'
  $! DEFINE /JOB HTTPD$AUTH HTTPD$AUTH'PORT'
  $! DEFINE /JOB HTTPD$CONFIG HTTPD$CONFIG'PORT'
  $ IF F$TRNLNM("MULTINET") .EQS. ""
  $    THEN HTTPD = "$HT_EXE:HTTPD"
  $    ELSE HTTPD = "$HT_EXE:HTTPD_MULTINET"
  $ ENDIF
  $ HTTPD_LOOP:
  $    WRITE SYS$OUTPUT F$TIME()
  $    HTTPD /PRIORITY=6 /PORT='PORT' /LOG=HT_LOGS:'NODENAME'_'PORT'_ACCESS.LOG
  $!   (non-error exit, must be a restart, loop immediately)
  $    IF $STATUS THEN GOTO HTTPD_LOOP
  $!   (error exit, wait, then try to start the server again)
  $    WAIT 00:01:00
  $    GOTO HTTPD_LOOP
  $!END_HTTPD_LOOP:
  $ STOP/ID=0

Privileged Image

As this image is to be installed with privileges unauthorized use should be prevented by applying an ACL similar to the following against the executable image:

  $ SET SECURITY HT_EXE:HTTPD.EXE -
    /ACL=((IDENT=HTTP$SERVER,ACCESS=R+E),(IDENT=*,ACCESS=NONE))

This can be done once, at installation, or for peace-of-mind (a.k.a. VMS-ish paranoia) at each server startup.

As the HTTP$SERVER account should be completely unprivileged, and the HTTPd image requires NETMBX, TMPMBX, PRMMBX, PSWAPM, SYSNAM and SYSPRV privileges, it must be installed using a command similar to the following:

  $ INSTALL = "$SYS$SYSTEM:INSTALL/COMMAND_MODE"
  $ INSTALL ADD HT_EXE:HTTPD.EXE /PRIVILEGE=(ALTPRI,PRMMBX,PSWAPM,SYSPRV,SYSNAM) 

Logical Names

The following logical names are essential for the operation of the HTTPd server and must be defined before startup:

The following logical name is created by the executing HTTPd server and defines the name of the control mailbox:

The following logical names are created by the executing HTTPd server if the HTTPd monitor utility is enabled:

Server Process Logging Directory

The server process log directory (output for the detached HTTPd server processes) may require explicit access controls for the HTTPd account. This can be done by applying an ACL similar to the following:

  $ SET SECURITY HT_ROOT:[LOG]SERVER.DIR -
    /ACL=((IDENT=HTTP$SERVER,ACCESS=R+W+E, OPTIONS=DEFAULT), -
          (IDENT=HTTP$SERVER,ACCESS=R+W+E), -
          (IDENT=*,ACCESS=NONE, OPTIONS=DEFAULT), -
          (IDENT=*,ACCESS=NONE))

As with the ACL on the server executable this can be done once, at installation (or, if right over the top, at each server startup). Appropriate disk quotas may also need to be applied.

Startup

NOTE: The server system startup DCL (SYSTARTUP_VMS.COM) has been modified for version 4.n.

Putting all this together the HTTPd server startup procedure becomes something similar to the following:

$ DEFINE /SYSTEM /TRANSLATION=CONCEALED HT_ROOT DSA811:[HT_ROOT.]
$!
$ SET SECURITY HT_ROOT:[LOG]SERVER.DIR -
  /ACL=((IDENT=HTTP$SERVER,ACCESS=R+W+E, OPTIONS=DEFAULT), -
        (IDENT=HTTP$SERVER,ACCESS=R+W+E), -
        (IDENT=*,ACCESS=NONE, OPTIONS=DEFAULT), -
        (IDENT=*,ACCESS=NONE))
$!
$ SCRIPT_ROOT = F$TRNLNM("HT_ROOT") - ".]" + ".SCRIPT.]"
$ DEFINE /SYSTEM HT_SCRIPT HT_ROOT:[SCRIPT]
$ IF F$GETSYI("ARCH_NAME") .EQS. "VAX"
$ THEN
$    EXE_ROOT = F$TRNLNM("HT_ROOT") - ".]" + ".VAX.]"
$    DEFINE /SYSTEM /TRANSLATION=(CONCEALED) HT_EXE_ROOT 'EXE_ROOT'
$    DEFINE /SYSTEM HT_EXE HT_EXE_ROOT:[000000]
$ ELSE
$    EXE_ROOT = F$TRNLNM("HT_ROOT") - ".]" + ".AXP.]"
$    DEFINE /SYSTEM /TRANSLATION=(CONCEALED) HT_EXE_ROOT 'EXE_ROOT'
$    DEFINE /SYSTEM HT_EXE HT_EXE_ROOT:[000000]
$ ENDIF
$ DEFINE /SYSTEM /TRANSLATION=(CONCEALED) CGI-BIN 'EXE_ROOT','SCRIPT_ROOT'
$ DEFINE /SYSTEM HT_AXP HT_ROOT:[AXP]
$ DEFINE /SYSTEM HT_VAX HT_ROOT:[VAX]
$!
$ DEFINE /SYSTEM HT_LOGS HT_ROOT:[LOG]
$ DEFINE /SYSTEM HT_SERVER_LOGS HT_ROOT:[LOG.SERVER]
$ DEFINE /SYSTEM HT_AUTH HT_ROOT:[EXAMPLE]
$!
$ DEFINE /SYSTEM HTTPD$AUTH HT_ROOT:[EXAMPLE]HTTPD$AUTH.CONF
$ DEFINE /SYSTEM HTTPD$CONFIG HT_ROOT:[EXAMPLE]HTTPD$CONFIG.CONF
$ DEFINE /SYSTEM HTTPD$MAP HT_ROOT:[EXAMPLE]HTTPD$MAP.CONF
$ DEFINE /SYSTEM HTTPD$GMT "+10:30"
$!
$ INSTALL = "$SYS$SYSTEM:INSTALL/COMMAND_MODE"
$ IF F$TRNLNM("MULTINET") .NES. ""
$ THEN
$    SET SECURITY HT_EXE:HTTPD.EXE -
     /ACL=((IDENT=HTTP$SERVER,ACCESS=R+E),(IDENT=*,ACCESS=NONE))
$    INSTALL ADD HT_EXE:HTTPD.EXE -
                 /PRIVILEGE=(ALTPRI,SYSPRV,SYSNAM,PRMMBX,PSWAPM)
$ ELSE
$    SET SECURITY HT_EXE:HTTPD_MULTINET.EXE -
     /ACL=((IDENT=HTTP$SERVER,ACCESS=R+E),(IDENT=*,ACCESS=NONE))
$    INSTALL ADD HT_EXE:HTTPD_MULTINET.EXE -
                 /PRIVILEGE=(ALTPRI,SYSPRV,SYSNAM,PRMMBX,PSWAPM)
$ ENDIF
$ SUBMIT /QUEUE=SYS$BATCH /USER=HTTP$SERVER /NOLOG /NOPRINT -
         HT_ROOT:[HTTP$SERVER]HTTPD_BATCH.COM /PARAM="80"

4.3 - HTTPd Command Line

4.3.1 - Server Startup

When starting up the server several characteristics of the may be specified using qualifiers on the command line. If not specified appropriate defaults are employed.

Note: buffer sizes apply on a per-request (thread) basis, and may be tailored for specific environments at server startup.

4.3.2 - Server Control

A foreign command for the HTTPD control functionality will need to be assigned in the adminstration users' LOGIN.COM, for example:

  HTTPD == "$HT_EXE:HTTPD"

The control functionality (via the /DO= qualifier) is available to the privileged user. If a non-default server port, or multiple servers on the one system are being used, then it will be necessary to append a /PORT= qualifier to the any command, and issue it multiple times.

4.3.2.1 - Server Shutdown

The running server may be elegantly shut down, without loss of existing client requests, using the following command on the server system:

  $ HTTPD /DO=EXIT

The running server may be immediately and unconditionally shut down using the following command on the server system:

  $ HTTPD /DO=ABORT

The running server may be elegantly restarted, without loss of existing client requests, using the following command on the server system:

  $ HTTPD /DO=RESTART

4.3.2.2 - Logging

The HTTPd server request log may be opened (enabled) or closed (disabled) using the following commands:

  $ HTTPD /DO=LOG=OPEN
and
  $ HTTPD /DO=LOG=CLOSE

Any records still in the RMS buffers may be flushed using:

  $ HTTPD /DO=LOG=FLUSH

4.3.2.3 - Authentication

See 7 - HTTPd Authentication and Authorization.

NOTE: Previous functionality supported using command-line directives such as $ HTTPD /DO=HTA=PATH is no longer available, and has been superceded by the server administration facility, see 8 - HTTPd Server Administration.


[next] [previous][contents]