mkssys Command

Purpose

Adds a subsystem definition to the subsystem object class.

Syntax

mkssys { -p Path -s Subsystem -u UserID } [ -a Arguments ] [ -e StandardError ] [ -i StandardInput ] [ -o StandardOutput ] [ -t Synonym ] [ -O | -R ] [ -d | -D ] [ -q | -Q] [ -K | [ -I MessageQueue -m MessageMType | -f StopForce -n StopNormal -S ] ] [ -E Nice ] [ -G Group ] [ -w Wait ]

Description

The mkssys command adds a new subsystem definition to the subsystem object class. If no flags are chosen after the -p, -s, and -u flags have been specified, the defaults are -e /dev/console, -i /dev/console, -o /dev/console, -O, -d, -Q, -K, -E 20, and -w 20.

Note: Any auditing performed by the System Resource Controller (SRC) when actions are taken for the subsystem is logged against the login ID of the user who created the subsystem by using the mkssys command. For example, if you are logged in with root user authority, the subsystem is added with root user authority as the audit account.

Flags

Item Description
-a Arguments Specifies any arguments that must be passed to the command, started as the subsystem. These Arguments variables are passed by the SRC to the subsystem according to the same rules used by the shell. For example, quoted strings are passed as a single argument, and blanks outside a quoted string delimit arguments. Single and double quotes can be used.
-d Specifies that inactive subsystems are displayed when the lssrc -a command (status all) request is made. By default, if the -D and -d flags are not present, the -d flag is used.
-D Specifies that inactive subsystems are not displayed when status-all or status-group requests are made.
-e StandardError Specifies where the subsystem StandardError data is placed. If the -e flag is not specified, the /dev/console file is used for standard error.
-E Nice Changes the execution priority of the subsystem. Valid values are 0 through 39 (ordinary Nice variables are mapped to all positive numbers). If the -E flag is not present, the subsystem priority defaults to 20. Values between 0 and 19 are reserved for users with root authority.
-f StopForce Specifies the signal sent to the subsystem when a forced stop of the subsystem is requested. Use only when the subsystem uses signals. The mkssys command is unsuccessful if the StopForce parameter is not a valid signal.
-G Group Specifies that the subsystem belongs to the Group specified, and that the subsystem responds to all group actions on the Group.
-i StandardInput Specifies where the subsystem standard input is routed. This field is ignored when the subsystem uses sockets communication. If the -i flag is not specified, by default the /dev/console file is used for standard input.
-I MessageQueue Specifies that the subsystem uses message queues as the communication method. The MessageQueue variable specifies the message queue key for creating the message queue for the subsystem. Use the ftok subroutine with the subsystem path name as input to generate a unique key.
-K Specifies that the subsystem uses sockets as its communication method. If a communication method is not specified, sockets communication is used by default.
-m MessageMType Specifies the message type key the subsystem expects on packets sent to the subsystem by the SRC. Use only when the subsystem uses message queues communication.
-n StopNormal Specifies the signal sent to the subsystem when a normal stop of the subsystem is requested. Use only when the subsystem uses signals communication. The mkssys command is unsuccessful if the StopNormal variable is not a valid signal.
-o StandardOutput Specifies where the subsystem standard output is placed. If the -o flag is not specified, by default the /dev/console file is used for standard out.
-O Specifies that the subsystem is not restarted if it stops abnormally. The default is no restart.
-p Path Specifies the absolute path to the subsystem executable program.
-q Specifies that the subsystem can have multiple instances running at the same time.
-Q Specifies that multiple instances of the subsystem are not allowed to run at the same time and the subsystem is not to share the same interprocess communication (IPC) queue. If the -q flag is not specified, the -Q flag is the default.
-R Specifies that the subsystem is restarted if the subsystem stops abnormally.
-s Subsystem Specifies a name that uniquely identifies the subsystem. The mkssys command is unsuccessful if the subsystem name is already known in the subsystem object class.
-S Specifies that the subsystem uses the signals communication method. You cannot define subservers for a subsystem name when your communication method is signals.
-t Synonym Specifies an alternate name for the subsystem. The mkssys command is unsuccessful if the synonym name is already known in the subsystem object class.
-u UserID Specifies the user ID for the subsystem. The UserID that creates the subsystem is used for security auditing of that subsystem.
-w Wait Specifies the time, in seconds, allowed to elapse between a stop cancel (SIGTERM) signal and a subsequent SIGKILL signal. Also used as the time limit for restart actions. If the subsystem stops abnormally more than twice in the time limit specified by the Wait value, the subsystem is not automatically restarted. By default, if the -w flag is not present, the wait time default is 20 seconds.

Security

Attention RBAC users and Trusted AIX users: This command can perform privileged operations. Only privileged users can run privileged operations. For more information about authorizations and privileges, see Privileged Command Database in AIX® Version 7.1 Security. For a list of privileges and the authorizations associated with this command, see the lssecattr command or the getcmdattr subcommand.

Auditing Events: If the auditing subsystem has been properly configured and is enabled, the mkssys command will generate the following audit record (event) every time the command is executed:

Event Information
SRC_Addssys Lists in an audit log the name of the subsystem being added to the Object Data Manager (ODM) database and the entire ODM record.

See "Setting up Auditing" in AIX Version 7.1 Security for details about selecting and grouping audit events, and configuring audit event data collection.

Examples

  1. To add a subsystem that uses sockets as its communication type, type the following:

    mkssys  -s srctest  -p /usr/lpp/srctest/srctest  -u 0  -K

    This adds a subsystem definition to the subsystem object class, with a communication type of sockets, a user ID of 0 (root), and a subsystem name of srctest.
  2. To add a subsystem that uses message queues as its communication type, type the following:

    mkssys  -s srctest  -p /usr/lpp/srctest/srctest  -u 0  -I 123456 \ >  -m 789

    This adds a subsystem definition to the subsystem object class, with a communication type of message queues, a message queue key of 123456, and a subsystem message type of 789.
  3. To add a subsystem that uses signals as its communication type, type:

    mkssys  -s srctest  -p /usr/lpp/srctest/srctest  -u 0  -S -n 30 \ >  -f 31

    This adds a subsystem definition to the subsystem object class, with a communication type of signals, a stop normal signal of 30, a stop force signal of 31.
  4. To add a subsystem that uses sockets as its communication type and is always passed an argument, type:

    mkssys  -s srctest  -p /usr/lpp/srctest/srctest  -u 0  -a "-x"

    This adds a subsystem definition to the subsystem object class with a communication type of sockets and a command argument of "-x".

Files

Item Description
/etc/objrepos/SRCsubsys Specifies the SRC Subsystem Configuration object class.
/dev/SRC Specifies the AF_UNIX domain in the socket.h file.
/dev/.SRC-unix Specifies the location for temporary file sockets.