|
|
TCLServer - Remote TCL/TK command processing. |
|
Table of Contents
|
|
TCLServer - Remote TCL/TK command processing. |
|
Table of Contents
What it TclServer?.
Tclserver is a general purpose network server. It provides access to a Tcl/Tk interpreter in a networked setting. Clients connect to TclServers and ask it to execute scripts on its behalf. TclServer’s uses include:
- A network shared associative data store.
- Tailorable displays of status data.
- Tailorable displays of alarm data.
-
Execution of Tcl based remote procedures.
TclServer provides host based security to prevent
connections from unauthorized hosts.
Port specification at startup allows multiple TclServers to run in a
single system.
How do I start TclServer?
TclServer is located in /usr/opt/daq/bin in the Linux data acquisition system. If this directory is in the path, the format of the TclServer command is:
tclserver [scriptname]
Options:
-pportnum - Specifies the port on which the server listens for connections defaults to 2048
-colormap new – Requests a private colormap for the application.
-display disp - Specifies the X11 display on which to project Tk widgets.
-geometry gom - Overrides the initial default geometry of the Tk top level window widget.
-name name - Specifies the window title. Also target for local send commands.
-sync - Specifies that all x11 interactions should be done synchronously
-use id – Specifies the id of a window into which Tk
will display it’s ‘toplevel’ widgets.
Allows Tk to be integrated into other X11 applications.
-visual type – Specifies the visual to be used.
-- Specifies that all further parameters should be passed to the tcl/tk script via argv.
See the man page for wish(1) for more information.
How do I close off unauthorized access to my system via TclServer
Tcl/Tk’s powerful abilities to manipulate files and to start up subprocesses make a server version of the shell a potential security hole. TclServer therefore implements a host based authentication scheme.
Initially, TclServer only supports access from clients on localhost (the same system). The serverauth command allows you to add, remove, and list the set of hosts and associated ip addresses in the authorization list:
Allows connections to the server from the host described by the hostorip parameter. hostorip can either be expressed as a resolvable hostname (e.g. foxnt.nscl.msu.edu) or as a dotted ip address (e.g. 35.8.33.128).
Disallows further connections to the server from the host described by the hostorip parameter. Currently held connections will be maintained.
Returns a list of the hosts which are allowed to contact the server as a properly formatted Tcl list. Each element of the list is a two element sublist containing the hostname and host IP address. The host ip address is in %03d.%03d.%03d.%03d format for example:
{localhost 127.000.000.001} {foxnt 035.008.033.128} {maya 035.008.033.072}