ts-shell is a terminal server shell to authorize and control IUCV terminal connections for individual Linux users. It is currently still missing in the Ubuntu Beta version (4.4.0-15-generic #31-Ubuntu SMP Fri Mar 18 19:07:12 UTC 2016 s390x).
The preferred integration of ts-shell is through a subpackage. The ts-shell is required on a particular Linux instance only, that it is the terminal server. Other Linux instances might not need to install ts-shell.
Apart from the installing ts-shell, further configuration files and steps are required:
2. Install additional documentation files for the ts-shell, that are included in the "iucvterm/doc/ts-shell" in the s390-tools source directory.
3. System configuration for ts-shell.
- (optional) Register ts-shell as shell by adding it to /etc/shells.
- Create a ts-shell group.
- Ensure the configuration files from 1. are readable by the ts-shell group.
- Create the /var/log/ts-shell directory to store audit logs; the ts-shell group should have read/write access to this directory, implemented as set-group-ID
4. Optional. The ts-shell subpackage must depend on s390-tools because it requires iucvconn. Further, the subpackage should add a Recommends to either Term::ReadLine::Gnu or Term::ReadLine::Perl.
Below is an excpert from the README.ts-shell to create ts-shell user accounts. These information should help to better understand the configuration steps above:
Setup considerations for the terminal server shell (ts-shell)
-------------------------------------------------------------
Adding new ts-shell users
~~~~~~~~~~~~~~~~~~~~~~~~~
The ts-shell installation creates a system group ts-shell.
If you intend to use ts-shell as a login shell for users, ensure that
these users are all members of ts-shell. To add existing users to
group ts-shell, use +usermod -G ts-shell 'username'+.
The ts-shell configuration files and `/var/log/ts-shell` are
readable only by members of the *ts-shell* group.
Enabling terminal session transcripts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ts-shell(1) can be configured to create transcripts of terminal sessions
to particular z/VM guest virtual machines. The transcripts are written
to log files in the `/var/log/ts-shell` directory.
NOTE: The `/var/log/ts-shell` directory permission has the set-group-ID bit set. Sub-directories that are created by
different users will inherit the group ownership of the `/var/log/ts-shell` directory.
See the ts-shell(1) manual page for more information about terminal
session transcripts.
s390-tools: missing ts-shell
ts-shell is part of the s390-tools package (see here http:// www.ibm. com/developerwo rks/linux/ linux390/ s390-tools- overview. html)
ts-shell is a terminal server shell to authorize and control IUCV terminal connections for individual Linux users. It is currently still missing in the Ubuntu Beta version (4.4.0-15-generic #31-Ubuntu SMP Fri Mar 18 19:07:12 UTC 2016 s390x).
The preferred integration of ts-shell is through a subpackage. The ts-shell is required on a particular Linux instance only, that it is the terminal server. Other Linux instances might not need to install ts-shell.
Apart from the installing ts-shell, further configuration files and steps are required:
1. Install and package these configuration files:
/etc/iucvterm/ ts-audit- systems. conf ts-authorizatio n.conf ts-shell. conf unrestricted. conf
/etc/iucvterm/
/etc/iucvterm/
/etc/iucvterm/
2. Install additional documentation files for the ts-shell, that are included in the "iucvterm/ doc/ts- shell" in the s390-tools source directory.
3. System configuration for ts-shell.
- (optional) Register ts-shell as shell by adding it to /etc/shells.
- Create a ts-shell group.
- Ensure the configuration files from 1. are readable by the ts-shell group.
- Create the /var/log/ts-shell directory to store audit logs; the ts-shell group should have read/write access to this directory, implemented as set-group-ID
4. Optional. The ts-shell subpackage must depend on s390-tools because it requires iucvconn. Further, the subpackage should add a Recommends to either Term::ReadLine::Gnu or Term::ReadLine: :Perl.
Below is an excpert from the README.ts-shell to create ts-shell user accounts. These information should help to better understand the configuration steps above:
Setup considerations for the terminal server shell (ts-shell) ------- ------- ------- ------- ------- ------- ------- ----- ~~~~~~~ ~~~~~~~ ~~~~
-------
Adding new ts-shell users
~~~~~~~
The ts-shell installation creates a system group ts-shell.
If you intend to use ts-shell as a login shell for users, ensure that
these users are all members of ts-shell. To add existing users to
group ts-shell, use +usermod -G ts-shell 'username'+.
The ts-shell configuration files and `/var/log/ts-shell` are
readable only by members of the *ts-shell* group.
Enabling terminal session transcripts ~~~~~~~ ~~~~~~~ ~~~~~~~ ~~~~~~~ ~~
~~~~~~~
ts-shell(1) can be configured to create transcripts of terminal sessions
to particular z/VM guest virtual machines. The transcripts are written
to log files in the `/var/log/ts-shell` directory.
NOTE: The `/var/log/ts-shell` directory permission has the
set-group- ID bit set. Sub-directories that are created by
`/var/ log/ts- shell` directory.
different users will inherit the group ownership of the
See the ts-shell(1) manual page for more information about terminal
session transcripts.
For further details, see http:// public. dhe.ibm. com/software/ dw/linux390/ docu/l4n0ht01. pdf