zwicky@pterodactyl.itstd.sri.com (08/07/90)
OK, I'm baffled. We've been running KIP and CAP for some time, with no problems. A few weeks ago one of the other sys admins cleaned up /etc/services, which had gotten rather crufty; in the process, he installed the Appletalk protocol entries, which were not previously there. Now CAP no longer works. If I run atis as me, it complains that it can't bind 202 and 204 (permission denied); if I run it as root, it doesn't complain at all, but it doesn't function at all, either. (In a subsidiary weirdness, it occasionally fails to get echo from services and claims to bind 202 and 722, but that may be a YP bug in SunOS4.1; it certainly is not the main problem.) If I take the entries out of services, it binds everything fine in the 700's, and functions perfectly. Any clues? I'm running the most recent version on columbia, with all patches; it fails to work equally on a Sun 3 running SunOS4.0.3 and on a Sun 4 running SunOS4.1. Elizabeth Zwicky (zwicky@itstd.sri.com)
hedrick@athos.rutgers.edu (Charles Hedrick) (08/07/90)
First, the new sockets are official IP "well-known sockets", so for security reasons only root can use them. This is to prevent you from starting up a telnet daemon and reading passwords from users trying to log in. That explains why you now have to be root. If you change just one machine from the 700 sockets to the 200 sockets, you're not going to get a lot of traffic, because everybody else on the network is still using 700's. I don't know what else you're trying to talk to, but on KFPS 4's there's an option to select use of the official socket numbers. I think it's a compile- time option for KIP, but don't quote me.