[2269] in SIPB-AFS-requests
changes to files and directories on reynalda
daemon@ATHENA.MIT.EDU (mhpower@MIT.EDU)
Tue Jan 30 03:52:05 1996
From: mhpower@MIT.EDU
To: sipb-afsreq@MIT.EDU
Date: Tue, 30 Jan 1996 03:51:43 EST
I've created a directory /afs/sipb/service/afs/sunos that contains
various files for use on reynelda. In most cases, the files are
intended to be copied directly to reynelda, with the directory
/afs/sipb/service/afs/sunos corresponding to /. There's a top-level
file commands.sh that's intended to be executed, rather than copied.
Also, there's a directory usr/local/sun-patches that has patches that
are intended to be applied as their individual instructions describe.
The patches and most other changes have already been applied on
bloom-beacon, senator-bedfellow, and penguin-lust.
I didn't include notes on whether files are normally installed setuid
or setgid, since I believe nearly all processes on reynelda will be
running as root, and thus setuid and setgid is often not especially
relevant. One exception is snmpd, which runs as daemon, and is
installed setgid kmem by the commands.sh script.
Some of the changes that people could possibly want to undo are (in
order by roughly how likely it is that these are unwanted):
-- the /etc/passwd file has the encrypted public workstation root
password, rather than the encrypted sipb afs root password (ok,
this one isn't in the "could possibly want to undo" category)
-- /etc/athena/config_afs makes "fs setcell" calls only for the
five primary cells in the mit.edu domain. (They are also all
set to -nosuid, since we don't expect non-root users.)
-- telnet service is enabled in /etc/inetd.conf. There hasn't been
a lot of use of the Athena telnetd on SunOS, so it perhaps isn't
stable enough for use on an AFS server.
-- the kernel configuration file has maxusers set to 72, and doesn't
include the options LOFS, TFS, SYSAUDIT, CRYPT, RFC, and VFSSTATS
-- the version of sendmail 8 that's used on sipb's other SunOS
machines is installed as /usr/lib/sendmail, superseding the vendor
sendmail. It is not, however, started running in daemon mode.
-- there's code starting with "if [ -f /usr/local/bin/xntpd ]"
in /etc/athena/rc, even though this file doesn't exist, and I
don't know if there were any plans to run xntpd on SunOS
-- there's also an "if [ -f /usr/local/bin/afs2sl.pl ]; then" line
in /etc/athena/rc, even though this file doesn't yet exist. I
expect that afs2sl.pl will work about as well on SunOS as on Ultrix,
although I'll test it running as daemon before installing it.
There are a number of other changes that probably don't exist on
Athena SunOS servers, e.g., the use of /usr/local/bin/gnewsyslog or
the inetd.conf entry for /usr/local/etc/fingerd, and I can explain
these in more detail in anyone needs me to.
Matt
