Action Scripts
Only available with select server licenses.
In addition to transferring files, servedat can be configured to execute scripts and commands in response to client requests. This allows servedat to perform actions such as post-processing, notifications, and other data management processes on targeted files.
Action Scripts are primarily for use with the movedat client or the ExpeDat Client SDK. Other clients have limited ability to interact with Action Scripts.
Action Scripts are a variation of Packaging commands and are setup in exactly the same way. The only difference is in how you use them. Packaging commands are intended to archive files and stream the archive to the client. Action Scripts are intended to perform some function and report the result to the client. But the setup and environment are identical for both.
Adding support for an Action Script is done with the Package configuration variable or the "–P" command line option:
Package <suffix>,"<command>" <options> "%s"
or
servedat -P <suffix>,'"<command>" <options> "%s"'
Note the careful arrangement of single and double quotes on the command line to ensure correct handling by the command-shell. <suffix> is the action code or file name extension you wish to associate with the given action script. <command> is the path name of the script or command line utility which will be executed with this action. <options> includes any command switches needed by the command.
The string "%s" will be replaced with the name of the directory or file targeted by the client. The command will executed with a current working directory set to the folder containing the file. Additional variations of the target path are available in the Environment variables.
You may specify multiple action scripts and packaging commands by adding additional "–P" options on the command line or Package variables in the configuration file.
The command will be executed using the bourne-shell (sh) on unix systems and CreateProcess() on Windows systems. The current working directory will be set to the parent folder containing the target file. Environment variables will be inherited from servedat itself.
As of this release, the target pathname must exist and be accessible. This requirement may be removed in a future release.
If PackTimeout is set, then the command will be terminated by servedat if it runs longer than the specified time.
In addition to the server's environment, the following variables are provided to both Action Scripts and Packaging commands:
| Name | Value |
| SV_ACTION | <String> |
| The suffix or action code which activated this command. | |
| SV_ARG | <String> |
| An additional action argument provided by the client. This is currently available only to clients using the ExpeDat Client SDK. | |
| SV_AUTHTYPE | NONE, PRIVATE, or SYSTEM |
| The authentication mechanism used to validate this transaction. NONE indicates that the server is operating in implicit anonymous mode. PRIVATE means the username matched an AuthFile entry. SYSTEM means the username matched an System User. Additional values may be set in future releases. | |
| SV_CLIENTIP | <IP Address> |
| The client IP address, as seen by the server. If the client is behind an NAT gateway, this will be a public address of that gateway. | |
| SV_CLIENTPORT | 1 to 65535 |
| The UDP port of the client, as seen by the server. If the client is behind an NAT gateway, this will be a public port of that gateway. | |
| SV_DOCID | <Hexadecimal> |
| An 8 character hexadecimal number which uniquely identifies this transaction. It corresponds to the "DocID" field in the log file. | |
| SV_ENCRYPT | AES |
| Optional | If present, this variable indicates that encryption is being used in the form named. Currently, only AES is supported. |
| SV_GETONLY | 0 or 1 |
| A value of 1 indicates that this transaction is subject to the GetOnly restriction. | |
| SV_LICENSE | <String> |
| A description of this server's software license. See Tech Note 0001 for more information about interpreting identification strings. | |
| SV_LOGPREFIX | DocID SEND|GET Client User Encrypt "Path" "Action" |
| A pre-formatted log line using the same format as that of I and F log file records. | |
| SV_MAXLOADSTART | <Integer> |
| The maximum server load since startup. | |
| SV_MAXLOADCONFIG | <Integer> |
| The maximum server load since the last configuration reload. | |
| SV_NOOVERWRITE | 0 or 1 |
| A value of 1 indicates that this transaction is subject to the NoOverwrite restriction. | |
| SV_PATHFULL | <Target Pathname> |
| The full pathname of the target file, after accounting for home directories, access privileges. | |
| SV_PATHRAW | <Target String> |
| The raw target path exactly as given by the client. | |
| SV_READONLY | 0 or 1 |
| A value of 1 indicates that this transaction is subject to the ReadOnly restriction. | |
| SV_RESTRICTHOME | 0 or 1 |
| A value of 1 indicates that this transaction is subject to the RestrictHome restriction. The current working directory and SV_PATHFULL will have been modified according to this restriction. SV_PATHRAW holds the unprocessed path. | |
| SV_SERVEDAT | servedat - 1.14.0 January 2013 - DEI, DOC-1.13.1 MTP-osx-3.15.8 631 |
| The server's identification string. See Tech Note 0001 for more information about interpreting identification strings. | |
| SV_SERVERLOAD | 0 to Capacity |
| The number of simultaneous transactions currently being served, including this one. | |
| SV_SERVERCAP | <Integer> |
| The maximum number of simultaneous transactions supportable by this server. | |
| SV_TIMEOUT | <Seconds> |
| Optional | If PackTimeout is set, then this variable will be present and contain the maximum number seconds the script will be allowed to run. |
| SV_USER | <Username> |
| Optional | The username given by the client and authenticated by the server. A value which is blank or "ANONYMOUS" indicates that authentication is enabled and no username was given. If this variable is not set, then authentication is not enabled and this was an implicit anonymous request. |
| SV_TYPE | GET or SEND |
| The type of transaction. Currently, only "GET" is supported. | |
| SV_WRITEONLY | 0 or 1 |
| A value of 1 indicates that this transaction is subject to the WriteOnly restriction. | |
| SV_WRITELISTONLY | 0 or 1 |
| A value of 1 indicates that this transaction is subject to the WriteListOnly restriction. |
Additional environment variables are likely to be introduced in future releases. Please let us know if you have suggestions.
Example
The following bourne-shell script returns the script environment back to the client.
#!/bin/sh echo Target is $1 printenv
The server can be configured to use this script as follows:
servedat -P "echo,/tmp/echoenv.sh %s" /tmp/
The action can be triggered by movedat like this:
movedat -D user@example.com:somefile=echo
Security
For security reasons, characters which may have special meaning to a command shell are not permitted in the target name. If one of the following forbidden character appear in the path, either from the client or the home directory path, the action will fail with a pathname error.
" ' ; ` ( ) [ ] & ? * ! ~ | { }
In addition, the backslash character '\' is not permitted on unix systems.
Environment values for SV_ARG and SV_PATHRAW are provided directly by the client and are not validated by servedat in any way.
The script will execute with the same privileges as the user account used for authentication. The server will advise of additional restrictions using SV_NOOVERWRITE, SV_READONLY, SV_GETONLY, SV_RESTRICTHOME, SV_WRITEONLY, and SV_WRITELISTONLY. It is up to your action script to interpret and enforce those restrictions.
Because action scripts may execute arbitrary commands, administrators should take care that they are not writeable by untrusted users.