rogerj@batcomputer.tn.cornell.edu (Roger Jagoda) (01/04/90)
Fellow NeXTies (like neckties...?)
I have some questions that some of you might have
already had to deal with and might have insights
into regarding the Cube.
1)We have just received our first shipment of the 40MB
"accelerator" drives. Instalation is a breeze, just
slide it into the normal drive bay, screw in, and run
Buildisk.App...an entry is already in /etc/disktab for
the Quantum drive. Since NetInfo doesn't read /etc/fstab
at all, I'm wondering how the Cube knows to mount the drive
(which is does automatically as /private/swapspace.). I
mean suppose I wanted to instruct a Cube to mount this
drive AND an Optical drive on bootup. If I'm not using
fstab, I can't enter mount options and mount-points. How
do I inform a NetInfo cube of file-system mounts on bootup?
Another related question about these drives. The OS seems
smart enough to symbolically link /tmp to the newly installed
accelerator drive, however, the swapfile, /private/vm/swapfile
still lives where it did BEFORE installation (in our case on
our network server since the client machines are diskless). Is
an error of omission? Wouldn't I want to link the swapfile to grow
on the swap/accelerator disk?
2) We want to use another file server as a "backup" NetInfo
server or a "clone" server. I have tried to use the "nidomain"
command but I've had little luck. Here's what we've got:
Server=heights (660 MB machine)
Soon to be clone server=lodi (330 MB machine)
I su to root and issue (this is from lodi, or the one who WILL
be the clone acceptor)
nidomain -c network heights/network
But this never works. We tested it but downing heights and
trying a reboot and always got "netinfo server not found", and
I'm not talking about the normal message that comes up
sometimes even with the netinfo server normally.
The nidomain amn page says something about
"The machine's "serves" property should be set up prior to
running this command to contain the entry "./tag".
Now, what does this mean? How do you add a tag for network
service on a machine that is NOT designated a netinfo server
from NetNanager? Do I use the nidomain -m switch? Or do I have
to click on something under NetInfoManager?
3) I noticed several programs under /NextApps are set-uid. Is this
dangerous? I'm still getting the hang of Unix SySAdmining, but isn't
this the same as saying "when this program is run, it's run as if root
is running it". Now, unless I have to I'd like to strip off this bit
on some of the more "dangerous" programs:
--BuildDisk #Do I want ANYONE running this? What about my
network drives?
--Preferences #Do I want just anyone setting the TZ and system
clock? If this isn't setuid, will users still
be able to set their passwords?
--PrintManager #I CERTAINLY don't want users configuring any of
the printers on the net!
--Shell #This program and Terminal is setuid. Why? I have
seen where this can leave a user as root (really,
with a <hostname># prompt to boot! Can I strip
this off and still have it run properly?
The same concerns are echoed for the five programs under /NextAdmin.
--MailManager, NetManager, UserManager are all world executeable
AND setuid. Do I want to strip these or do they HAVE to be this way?
I'm not usre I want the users running UserManager! Also, NetInfoManager
is WORLD executable as well, is this necessary?
Thanks in advance. If anyone wants to know how the 40MB drives work out,
or has some benches they want to run, send me mail and I'll try them. I
think we got ours first or near first because of the number of machines
we have here (55).
Roger Jagoda
Cornell University
FQOJ@CORNELLA.CIT.CORNELL.EDU
eps@toaster.SFSU.EDU (Eric P. Scott) (01/04/90)
In article <9494@batcomputer.tn.cornell.edu> rogerj@tcgould.tn.cornell.edu (Roger Jagoda) writes: >1)We have just received our first shipment of the 40MB >"accelerator" drives. Lucky you. We didn't receive the forms until just before Christmas, and sent them in yesterday. 6 to 8 weeks, sigh. >3) I noticed several programs under /NextApps are set-uid. Is this >dangerous? Sometimes. It depends whether it's there because it's needed for program functionality, or because NeXT thought their customers were going to be PC-minded B-Land clones that don't "want" security (as opposed to "point and click ease of use"). >--BuildDisk #Do I want ANYONE running this? What about my > network drives? No to the first, and "not a problem" to the second. Do chmod o= /NextApps/BuildDisk There's no real magic in /NextApps/BuildDisk--it runs /usr/etc/builddisk and pipes the output into a ScrollView. The "real" builddisk is *not* setuid, and only works for root anyway. >--Preferences #Do I want just anyone setting the TZ and system > clock? If this isn't setuid, will users still > be able to set their passwords? No. Do chmod 755 /NextApps/Preferences Get NTP if you don't already have it, use that to set your clocks. (Unless you have a standalone machine, and want to run the FrameMaker demo, heh heh). Passwords are handled by netinfo, so yes, they can still change their passwords. >--PrintManager #I CERTAINLY don't want users configuring any of > the printers on the net! Printer configuration is handled by netinfo. The "problem" here has nothing to do with the setuid-ness of PrintManager. Do niutil -destroyprop . /printers _writers ^ or whatever to fix another NeXT goof. Leave PrintManager alone. >--Shell #This program and Terminal is setuid. Why? I have > seen where this can leave a user as root (really, > with a <hostname># prompt to boot! Can I strip > this off and still have it run properly? Leave these alone. They need read-write access to /etc/utmp. (I have seen users suddenly start getting root shells, but that's indicative of deeper problems.) >The same concerns are echoed for the five programs under /NextAdmin. > >--MailManager, NetManager, UserManager are all world executeable >AND setuid. Do I want to strip these or do they HAVE to be this way? Leave these alone. They all run Security Check Panels if run by anyone who's not root. >I'm not usre I want the users running UserManager! Also, NetInfoManager >is WORLD executable as well, is this necessary? NetInfoManager doesn't do anything not available by other means. Leave it alone too. [ You're no doubt wondering, is anyone collecting this sort of stuff? Yes, and I'm currently working on a document detailing how the SFSU Academic Computing cluster was set up. Not all, but most of the security-related issues will be discussed therein. More later this month. ] -=EPS=-
cbradley@attctc.Dallas.TX.US (Chris Bradley) (01/06/90)
In article <9494@batcomputer.tn.cornell.edu> rogerj@tcgould.tn.cornell.edu (Roger Jagoda) writes: >Another related question about these drives. The OS seems >smart enough to symbolically link /tmp to the newly installed >accelerator drive, however, the swapfile, /private/vm/swapfile >still lives where it did BEFORE installation (in our case on >our network server since the client machines are diskless). Is >an error of omission? Wouldn't I want to link the swapfile to grow >on the swap/accelerator disk? > I was looking at this, too, when the topic of swapdisks came up the other day. It's discussed (briefly!) in the on-line doc ("Appendix A: System Initialization" [/NextLibrary/Documentation/NeXT/SysAdmin/ApA_BootSequence.wn]) and describes the action of the /etc/rc.swap file. Basically, /etc/rc calls /etc/rc.swap, which is supposed to determine if you have a suitable swapdisk. In /etc/rc.swap, there is this shell fragment: # Find out which device to check SWAPDEV=`grep /private/swapdisk /etc/fstab | awk '{print $1}'\ | sed -e 's/\/dev\///'` which looks like it does indeed examine /etc/fstab for a swapdisk device. After that, the program /usr/etc/checkswap is run (checkswap(8)) to see if the disk label on the purported swapdisk is indeed ``swapdisk''. There's a little more to it, but I don't wanna transcribe the manual thru the net's bandwidth. -- Chris Bradley | "To integrate Advanced Technologies into new | Sr. Eng'r, Advanced Systems | and existing customer environments." | Businessland, Inc. |- - - - - - - - - - - - - - - - - - - - - - - -| Dallas, Texas USA | Known to management, but unclaimed thereby |