SYNOPSIS

dacs_vfs [\m[blue]dacsoptions\m[]\s-2\u[1]\d\s+2]

DESCRIPTION

This program is part of the DACS suite.

The dacs_vfs web service is an interface to the DACS virtual filestore. It provides a way to examine, change, and delete items independently of how and where they are stored.

This program is also available as a DACS utility, \m[blue]dacsvfs(1)\m[]\s-2\u[2]\d\s+2.

Security

Only the DACS administrator should be able to successfully run this program; therefore, access to it is totally denied by the default rules as a security precaution.

OPTIONS

Web Service Arguments

In addition to the \m[blue]standard CGI arguments\m[]\s-2\u[3]\d\s+2, dacs_vfs requires the following CGI arguments:

ITEM_TYPE

This is the DACS item type, as configured in dacs.conf (\m[blue]dacs.conf(5)\m[]\s-2\u[4]\d\s+2), to which the request is to be applied. As a special case, if the value of this argument is the word "enabled", a list of enabled storage methods is displayed.

REQUEST

The value of this argument is the name of an operation followed by zero or more arguments. The syntax is identical to that of \m[blue]dacsvfs(1)\m[]\s-2\u[2]\d\s+2, except that the edit, update, and help operations are unavailable. For the put operation, the value to store is taken from the VALUE argument.

VALUE

The object to use for the put and load operations.

FIELD_SEP

The field separator character to use for the load and dump operations.

EXAMPLES

The following examples assume that the web service requests are granted.

This request will return the revocation list:

https://example.com/cgi-bin/dacs/dacs_vfs?REQUEST=get&ITEM_TYPE=revocations

Assuming the jurisdiction is configured appropriately, the following request will return the roles associated with DEMO::EXAMPLE:jones:

https://demo.example.com/cgi-bin/dacs/dacs_vfs?REQUEST=get+jones&ITEM_TYPE=roles

If the jurisdiction is configured with the directives:

LOG_FILE "${Conf::DACS_HOME}/logs/dacs_log-" . strftime("%d-%b-%y")
VFS "[logfile]dacs-fs:${Conf::DACS_HOME}/logs/dacs_log-" . strftime("%d-%b-%y")

then the following request will return the contents of the jurisdiction's DACS log file:

https://demo.example.com/cgi-bin/dacs/dacs_vfs?REQUEST=get&ITEM_TYPE=logfile

Security

The logfile item type is not something predefined by DACS; new (not predefined) item types can be created at will and that is what was done for this example. Since logfiles can potentially include sensitive information, as can other resources used by DACS, it should be obvious why access to this web service should be very carefully managed.

DIAGNOSTICS

The program exits 0 if everything was fine, 1 if an error occurred. If an error occurs during processing, this web service will return an HTTP Status of 400, followed by a blank line which is optionally followed by a descriptive error message.

BUGS

Only the text/plain output format is implemented.

RELATED TO dacs_vfs…

\m[blue]dacsvfs(1)\m[]\s-2\u[2]\d\s+2, \m[blue]dacs.conf(5)\m[]\s-2\u[5]\d\s+2

AUTHOR

Distributed Systems Software (\m[blue]www.dss.ca\m[]\s-2\u[6]\d\s+2)

COPYING

Copyright2003-2012 Distributed Systems Software. See the \m[blue]LICENSE\m[]\s-2\u[7]\d\s+2 file that accompanies the distribution for licensing information.

NOTES

1.

dacsoptions

http://dacs.dss.ca/man/dacs.1.html#dacsoptions

2.

dacsvfs(1)

http://dacs.dss.ca/man/dacsvfs.1.html

3.

standard CGI arguments

http://dacs.dss.ca/man/dacs.services.8.html#standard_cgi_args

4.

dacs.conf(5)

http://dacs.dss.ca/man/dacs.conf.5.html#VFS

5.

dacs.conf(5)

http://dacs.dss.ca/man/dacs.conf.5.html

6.

www.dss.ca

http://www.dss.ca

7.

LICENSE

http://dacs.dss.ca/man/../misc/LICENSE