Pre-installation Checklist and Security Considerations - UNIX

Pre-installation Checklist

Before you begin, ensure that a config.bbx file and TCP/IP are installed and configured on the designated UNIX host server, and that you have the following:

  • PRO/5 Data Server installation media.

  • PRO/5 Data Server activation key and serial number (PRO/5 Data Server revision 2.10 and higher uses FLEXlm/FLEXnet licensing software).

This online documentation includes the FLEXlm/FLEXnet End User and is accessible from the table of contents. In addition, the Flexera Software website www.flexerasoftware.com) contains Adobe Acrobat and fully searchable versions of the current manuals.

  • Superuser access privileges.

UNIX Security Considerations

The Data Server was designed to function correctly within the security framework of the host operating system, and will not introduce a security risk if installed and used properly. The Data Server that runs on the UNIX and similar operating systems uses TCP/IP for network communications. The following summarizes TCP/IP security as it applies to accessing the Data Server:

Data Server Started by Superuser

If the Data Server is started by a superuser (as it would be when started automatically by a TCP startup script), the host server's passwd file must contain user ID and password entries for each remote user that is to be granted access. Also, each user's home directory must have an .rhosts file that contains a remote computer entry that allows the file to be accessed locally. A superuser-started Data Server will not allow another superuser to connect and assume superuser access via the host server.

Data Server Started by Regular User

If the Data Server is started by a regular user, the home directory of that user must contain an .rhosts file that contains a remote computer entry that allows the file to be accessed locally.

In the following .rhosts file example, the first line allows all users to access files from the remote computer named west, while the second line allows only users apopov, sdiaz, and dmartin to access files via the remote computer named east.

west
east apopov sdiaz dmartin