Solaris 9 Reference Manual Collection >> man pages section 1M: System Administration Commands >> System Administration Commands >> sac(1M) - service access controller sac(1M)NAME | SYNOPSIS | DESCRIPTION | SECURITY | OPTIONS | FILES | ATTRIBUTES | SEE ALSO | NOTES NAME
SYNOPSIS
/usr/lib/saf/sac DESCRIPTION
The Service Access Controller (SAC) is the overseer of the server machine. It is started when the server machine enters multiuser mode. The SAC performs several important functions as explained below. Customizing the SAC EnvironmentWhen sac is invoked, it first looks for the per-system configuration script /etc/saf/_sysconfig. sac interprets _sysconfig to customize its own environment. The modifications made to the SAC environment by _sysconfig are inherited by all the children of the SAC. This inherited environment may be modified by the children. Starting Port MonitorsAfter it has interpreted the _sysconfig file, the sac reads its administrative file /etc/saf/_sactab. _sactab specifies which port monitors are to be started. For each port monitor to be started, sac forks a child (see fork(2)) and creates a utmpx entry with the type field set to LOGIN_PROCESS. Each child then interprets its per-port monitor configuration script /etc/saf/pmtag/_config , if the file exists. These modifications to the environment affect the port monitor and will be inherited by all its children. Finally, the child process execs the port monitor, using the command found in the _sactab entry. (See sacadm; this is the command given with the -c option when the port monitor is added to the system.) Polling Port Monitors to Detect FailureThe -t option sets the frequency with which sac polls the port monitors on the system. This time may also be thought of as half of the maximum latency required to detect that a port monitor has failed and that recovery action is necessary. Administrative functionsThe Service Access Controller represents the administrative point of control for port monitors. Its administrative tasks are explained below. When queried (sacadm with either -l or -L), the Service Access Controller returns the status of the port monitors specified, which sacadm prints on the standard output. A port monitor may be in one of six states: When a port monitor terminates, the SAC removes the utmpx entry for that port monitor. The SAC receives all requests to enable, disable, start, or stop port monitors and takes the appropriate action. The SAC is responsible for restarting port monitors that terminate. Whether or not the SAC will restart a given port monitor depends on two things: SECURITYsac uses pam(3PAM) for session management. The PAM configuration policy, listed through /etc/pam.conf, specifies the session management module to be used for sac. Here is a partial pam.conf file with entries for sac using the UNIX session management module. sac session required pam_unix_session.so.1 If there are no entries for the sac service, then the entries for the "other" service will be used. OPTIONS
FILESATTRIBUTESSee attributes(5) for descriptions of the following attributes:
SEE ALSOpmadm(1M), sacadm(1M), fork(2) pam(3PAM), pam.conf(4), attributes(5), pam_authtok_check(5), pam_authtok_get(5), pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5), pam_unix(5), pam_unix_account(5), pam_unix_auth(5), pam_unix_session(5) NOTESThe pam_unix(5) module might not be supported in a future release. Similar functionality is provided by pam_authtok_check(5), pam_authtok_get(5), pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5), pam_unix_account(5), pam_unix_auth(5), and pam_unix_session(5). NAME | SYNOPSIS | DESCRIPTION | SECURITY | OPTIONS | FILES | ATTRIBUTES | SEE ALSO | NOTES |
||||||
|
