Skip to main content

System Vault

Updated over a month ago

System Vault lets you fix the values of parameters so that they can not be changed using the parameter maintenance functions. This would usually be done by Coins. Parameters that have the value set in the System Vaulta filled padlock iconshow with a icon in the parameter maintenance browse.

The system vault will need to be configured by, or with advice from, Coins.

Once the system vault has been configured, if you have access to UNIX you can store parameter values in the vault by creating files in $BASE/var/vault. All files in $BASE/var/vault that have file extension .cfg (plain text) or .cfgx (encrypted) will be read.

The format of the file consists of one parameter ID and value per line in space-separated format. Blank lines and lines beginning with # are ignored.

The following file (paths.cfg) would set the SY parameter APPMONSH and the PL parameter BACSEXEC, as well as setting a company-specific value for BACSEXEC.

# This is a comment
0 SY APPMONSH "$BASE/bin/appmon.sh"
0 PL BACSEXEC "$BASE/bespoke/bin/eftcopy.sh"
10 PL BACSEXEC "$BASE/bespoke/bin/specialeftcopy.sh"

If you touch the var/vault directory (give it a new date/time stamp) then Coins ERP+ will re-read the contents of all the parameter files. By creating the paths.cfg file the var/vault directory will have been changed so this change should immediately be visible in Coins ERP+. The corresponding parameter values are now hidden in Coins ERP+ and cannot be changed.

Parameter Maintenance with Hidden Value

Error for Parameter with Hidden Value

An unencrypred .cfg file would be appropriate for values that should be fixed by the tech team but are not particularly sensitive. This might be used to set various operating system parameters – for example, SY/APPMONSH – to appropriate values and prevent users from changing them.

Encrypting Parameter Values

If the parameter value is also sensitive, then it might be appropriate to encrypt the values in the configuration files. You can do this as follows:

  1. Rename the paths.cfg file to paths.txt and enter the command:

    bin/session_%normal.sh -b -p syu000.p -param '{"method":"encrypt","file":"var/vault/paths.txt"}'>var/vault/paths.cfgx

  2. Check the contents of paths.cfgx – it should be an encrypted string.

  3. Remove the paths.txt file.

Coins ERP+ then reads the parameter values from the encrypted paths.cfgx file.

It would be possible for a user with access to the Calculation Editor to display the value a parameter had before it was put into the vault. To prevent this, clear out the value of the parameter before you create the .cfg or .cfgx file.

You can create any number of cfg and enc files. IDs should not be repeated. If they are then the value from the first file (alphabetically) will be used and subsequent values will be ignored. An error, prefixed with ‘COINSSystemError: Duplicate Vault ID’, will be shown in the log file. You can see this with:

bin/session_%normal.sh -b -p cos000.p|tee

Any duplicates (this would include entries in the safe) will be shown as output.

Did this answer your question?