krowitz%richter@UMIX.CC.UMICH.EDU (David Krowitz) (06/27/90)
Many people who are tightening up their ACL's are forgetting that
many of the system servers run as user.server.none rather than as
root.staff.none. You must also pay attention the the default (initial)
ACL's that are given to newly created files and directories. Many
of the server programs such as the print server (/sys/hardcopy/prsvr)
must create temp files and/or access type manager files on the fly.
Some of the things to be careful about are:
/sys/mgrs -- the type manager directory. The print server creates
new manager files in here the first time it executes
a new print driver (from the /sys/hardcopy/drivers
directory). On each subsiquent execution, the print
server must be able to access the manager it created.
Other Apollo servers which use dynamically loaded
drivers (eg. the DDE debugger, 3rd party device drivers,
etc) also use this directory.
`node_data/systmp -- temp file directory used by TCP/IP (/etc/tcpd), the
mbx_helper, the server_process_manager (/sys/spm/spm),
the display manager, and the registry. The display
manger, /etc/tcpd, and /etc/rgyd all run as
root.staff.none, but the spm and the mbx_helper both
run as user.server.none
`node_data/tmp -- temp file directory used by X Window server and by the
local location broker (/etc/ncs/llbd). Both of these are
usually run as root.staff.none if they are started at
boot time. If you start X Windows after you login, it
may wind up running as user.server.none
Note that this directory is pointed to by /tmp (ie. it
*is* the /tmp directory, but each diskless node has
their own copy), so many Unix utilities will also want
to use this directory.
`node_data/usrtmp -- temp file directory point to by /usr/tmp. Not used by
any of the Apollo servers that I'm running, but used
by any Unix program that wants access to /usr/tmp.
`node_data/dev -- the device file directory. Point to by /dev (ie. each
diskless node has their own copy). All of the pad devices
(ie. display manager window I/O), all of the crp devices
(ie. remote login via /com/crp I/O), all of the pseudo-
tty devices (ie. all TCP/IP based I/O), and all of your
real ttys are located here. Note that /dev/sio1, /dev/sio2,
and /dev/sio3 are equivalent to /dev/tty01, /dev/tty02, and
/dev/tty03, respectively, but that they have different
handshaking rules. Note that *everyone* (ie. %.%.%) must
have read and write rights to the pad, crp, pty, sio/tty,
tape, and floppy disk devices in order to do I/O on the
node. Also, don't forget /dev/null!
These are just a few of the places you can screw up. Other common problems
are font file (/sys/dm/fonts), which are used by many GMR and GPR programs,
the various spooling directories under /usr/spool (some of which are links
back to `node_data).
I've just noticed that I've been typing root.staff.none where I should
have been typing root.wheel.none and root.server.none ... got to have that
first cup of coffee before I read my mail ... If anyone has more tips, let
me know and I'll summarize them.
-- David Krowitz
krowitz@richter.mit.edu (18.83.0.109)
krowitz%richter.mit.edu@eddie.mit.edu
krowitz%richter.mit.edu@mitvma.bitnet
(in order of decreasing preference)