filepro and the SYSTEM command on SuSE Linux

[Nancy Palmquist]

Kenneth Brody wrote:
> Quoting Jay R. Ashworth (Fri, 9 Nov 2007 11:12:04 -0500):
> 
>> On Fri, Nov 09, 2007 at 09:56:38AM -0500, Nancy Palmquist wrote:
>>> Here is the framework:
>>>
>>> I am logged in as filepro - I run a filePro 5.0 dreport to read the
>>> names of the files and do a series of processes on each file, the first
>>> of which will decrypt the file and write it to my work folder.
>>>
>>> I make a command string that looks like this:
>>> gpg --passphrase-fd 0 --output
>>> /var/appl/cccwork/test_PR1194478701017kptestmetropr05.xml --decrypt
>>> /home/cccinfo/test_PR1194478701017kptestmetropr05.xml.pgp <
>>> /myblessedpassph.txt
>>>
>>> I then issue the command using SYSTEM
>>>
>>> system noredraw pgpcmd  (contents of pfpcmd is shown above)
>>>
>>> It will not run.

My definition was that after issuing the command there was no output 
file.  I finally figured out what the issue was and have gotten it 
working.  It was timing.  I did not wait long enough for the output file 
to be written.  Another case of filepro running just too fast.

I added a SLEEP "5000" before I checked the output destination and now 
it is working, just like I stated above.

I had to run logged in as filepro.

I had to import the gpg keys as filepro.

And all seems to work as it should.  I thank all that posted help and 
suggestions.
> 
> Can you define "will not run"?
> 
> If you try this instead, do you see any error messages?
> 
>      system noredraw pgpcmd & " ; read junk"
> 
> (Press Enter to return to filePro.)

I had added a command that wrote the pgpcmd contents to a file and when 
I executed that file it would work.  So I knew the command was right. 
When I did it in filepro, I just checked for the output file too fast. 
Now I know.

BTW what is PFSYSEUID=OFF supposed to do?  I looked it up and still am 
not sure.  Does that mean it will run with the user's permission instead 
of executing as filepro?  Am I understanding that correctly?

> 
> Test this theory by running the identical command, with the identical
> redirected input file, and see what happens.
> 
> My additional $0.02:
> 
> Does gpg work in a setuid environment?  Does it have access to all
> of the files involved?  (What are the permissions on the referenced
> files, including the paths to them?)  Does PFSYSEUID=OFF have any
> effect?
> 

It does have access.  That is why I ran the output as filepro user.  The 
files and folders in questions all have permission for the filepro user 
and filepro group to make changes.  Both apply to the filepro user.

Also, it made sense not to fight the permissions filepro will apply on 
its own.  Just made more sense.

Thanks again.  After some more tests and error checking, I will be with 
this silly thing.

A crazy customer sending files via sftp and still had to encrypt the 
files before sending.  Top secret stuff I guess.

Nancy


-- 
Nancy Palmquist 		MOS & filePro Training Available
Virtual Software Systems	Web Based Training and Consulting	
PHONE: (412) 835-9417		   Web site:  http://www.vss3.com