DTS: Installation Summary

The Data Transfer System (DTS) must be installed at each site that files are to be transferred to and/or from. The DTS is composed of Perl scripts and associated configuration files and requires the creation of three user accounts of varying privilege. The DTS does not require root access to run, however, you will need such access or the cooperation of someone who has root access to set it up.

The following software must be installed:

* OpenSSH (any SSH2 implementation with sftp will work)

* Perl 5 (v 5.16 recommended) with the following modules:

  • Env
  • File (comes with Perl 5.8)
  • Time::Hires (comes with Perl 5.8)
  • MailTools
  • IO (comes with Perl 5.6)
  • MD5 and Digest::MD5
  • Expect (at least 1.12)
  • Net::SFTP::Foreign (unless using FTP with OTP)
  • Net::FTP (unless using SFTP)
Note that Net::FTP is not needed for the recommended configuration using SFTP.

The following accounts must be created, each belonging to a common group called dts:

* DTS operator (dtsops) - A standard user account to run the DTS from

  • The mailbox for this account receives all error messages from the DTS, so the operator is notified when problems occur.
  • Unpack the DTS package in the dtsops home directory
  • Create a log directory (e.g. ~dtsops/log) with subdirectories, in and out, for storing the logs of incoming and outgoing transfers. Set DTS_IN and DTS_OUT in the dts.config file to their respective locations.
  • Create a staging area with subdirectories, in and out. Set DTS_STG and DTS_FTP in the dts.config file to their respective locations. The DTS_FTP directory should have dtsops as its owner and dts as its group with the following permissions: drwxrwsr-x (i.e. chmod 775, chmod g+s). The DTS_STG directory only requires that dtsops be able to write to it.
  • Choose a name that other DTS sites will refer to this DTS as, preferrably short and all-caps. Set it as MYSITE in the dts.config file.
  • Set OPSEMAIL in the dts.config file to dtsops@machinename, replacing "machinename" with the full hostname.
  • Edit SITELIST and SCRIPTS to contain the path to the installed dts.sitelist and dts.scripts files (included with the DTS package). The dts.sitelist file should only be readable by the dtsops user.
  • Define an environmental variable, DTS_CONFIG, in your shell startup (e.g. ~/.tcshrc), setting it to the location of the dts.config file.

* DTS ftp (dtsftp) - A limited account which allows ftp/sftp transfers

  • The home directory for this account should be the path set as DTS_FTP.
  • The shell for the account should be /noshell if FTP is the protocol being used, or the location of the sftp-server executable if sftp is being used (e.g. /usr/libexec/openssh/sftp-server). No one will be able to log in to a shell on this account.
  • chroot the account such that the home directory is the top level.

Note: As of DTS 9.2.0 (Aug 2021), the need for a dtsmail account has been discontinued.