SCALL() Function - System Call BBj
For this topic's original documentation, see SCALL() Function - System Call.
Due to the client/server architecture of BBj, SCALL behaves differently in the BBj Thin Client mode. SCALL runs the system call on the server. If BBjServices is running as root, then the system call will run with the permissions of the user on the system. If BBjServices is not running as root, then the system call will execute with the user running BBjServices privileges.
SCALLing BBj specifically (in BBj 3.0 and higher)
An SCALL of BBj from Fat Client which does not contain a –TC or –FC option will contain an implicit –FC option. Similarly, a SCALL of BBj from Thin Client which does not contain a –TC or –FC option will contain an implicit –TC option.
An SCALLed Thin Client BBj Session will inherit the command line options starting with a '-' (ie : '-u') from the calling program. If the same command line option is specified in the arguments list of the SCALL string, that option is used.
If the SCALL command string contains BBj (case insensitive), BBjServices will arrange for a new interpreter session with the display on the user's machine. In many ways, this is similar to BBjAPI().getThinClient().clientExec("BBj–TC–RH<hostname>"). The preferred method, however would be SCALL("bbj") because it consumes less resources.
SCALLing BBj specifically (in BBj4.0and higher)
If SETOPTS bit 8, $08$ is set and the SCALL does not contain the string BBj (case insensitive), then the command will be executed on the client like a clientExec().
SCALLing BBj Security (in BBj 17.0 and higher)
BBj 17.0 offers additional levels of security to the SCALL function. This security applies when BBj services is run as root on *nix platforms and the -u<user> argument is used to switch users.
The new security uses the .rhosts and hosts.equiv of the new user specified by -u<user>. By default, BBjServices runs in “normal” scall security mode. In normal mode, the .rhosts/hosts.equiv check is only done when -u<user> specifies a privileged user. Upgrading to “enhanced” security forces the check to be made for all users specified by -u<user>. The “pre17” security mode is available to revert back to the SCALL’ing BBj behavior from pre 17.00 releases.
The security level is set from Enterprise Manager. The property in BBj.properties that controls the SCALLing BBj security level is com.basis.scall.security.
When the SCALLing BBj security level is set to “enhanced” and -u<nonOSuser> specifies a non OS level user, the .rhosts/hosts.equiv check is made against the user “nobody”. The user this check is made against can be changed via the Enterprise Manager. If the com.basis.scall.security.nonOSuser property is set to “NotAllowed”, the enhanced security mode does not allow -u<nonOSuser> to specify a non OS level user.
If BBj User Authentication is turned on, it is used instead.