I have SPoD/NDV for Open Systems. I want to be able to centrally administer both user specific UNIX environment variables and NATURAL startup parameters in one place, so my SPoD clients won’t have to when they map to the NDV server on Open Systems. Of course, they will still have to pass the hostname:port and their user id, I just don’t want the programmers to have to deal with the NATURAL startup parameters. This is hidden from them on the host because they start NATURAL with a script.
The user specific environment variables speak of include $HOME, but other environment variables used by our NATURAL NATPARMs and user applications like $USER_WORK, $USER_PRINT, $USER_DEPT, $DEPT_WORK, etc.
This really points to a basic design flaw with SPoD/NDV for Open Systems. While the SPoD client user id is passed to the remote NATURAL session and sets *USERID, the clients NATURAL session started by the NDV server is started as the same user who started the NDV server itself, in my case user sag. So, the SPoD client user not only inherits all of sag user’s UNIX environment variables, but also all rights and permissions on the host. This is a big security hole in SPoD for Open Systems.
I’m trying to minimize this hole by overriding some of the more critical UNIX environment variables like $HOME, since a lot of our user applications create extract files in the user’s $HOME directory which the programmers are trying to test so everything ends up in sag’s $HOME directory and steps on each other.
I know I can override the UNIX environment variables in the NATCONF.CFG file, but I’m also trying to set NATURAL startup parameters which can NOT be specified in the NATCONF.CFG. For those, I must either specify them at NDV startup, which implies that I have to start a separate NDV server for every combination of NATURAL startup parameters, or the programmer must specify them when they map to the NDV server. A definate administrator nightmare.