[325] in athena10
Deconstructing reactivate
daemon@ATHENA.MIT.EDU (ghudson@MIT.EDU)
Thu Jul 24 13:18:47 2008
Date: Thu, 24 Jul 2008 13:18:02 -0400 (EDT)
From: ghudson@MIT.EDU
Message-Id: <200807241718.m6OHI2sS019161@outgoing.mit.edu>
To: athena10@mit.edu
In Athena 9.4, we run reactivate when xlogin starts, and from a cron
job every six minutes. Reactivates run from xlogin are called
"prelogin" reactivates; cron job runs are called "full" reactivates.
reactivate will not run if the system is in the middle of an update or
if another reactivate process is running. Full reactivates will not
run if the script can detect any user logins (including screen
sessions and non-login remote shells).
reactivate will suppress logins via /etc/nologin while it runs.
In all cases, reactivate will:
* Work around a Mozilla bug by removing some files.
If PUBLIC=true, reactivate will:
* Copy shadow/passwd/group.local files from AFS.
* Copy athinfo.access and local-lockers.conf from AFS.
* Remove any existing /etc/athena/access.
* Remove any existing /etc/athena/orbitrc.
* Remove any existing reactivate.local.
* Remove any existing sshd keys.
* Remove any existing Mozilla cache directories.
* Kill any running sshd.
If it's a full reactivate OR PUBLIC=true, reactivate will:
* Flush NFS uid mappings
* Flush all Zephyr subs the machine might have
* Zero any ticket files it detects in /tmp
* Remove some emacs, esd, and sawfish files in /tmp or /var/tmp
(the emacs and esd paths are no longer used by emacs or esd, I think)
* Remove all per-session temp directories
* Restore shadow/passwd/group from their respective .local files.
* Kill processes not owned by users in the passwd file.
* Set the access_on state per the ACCESSON rc.conf variable.
If it's a full reactivate, reactivate will:
* Remove all temporary homedirs
* Run config_afs to reconfigure CellServDB etc.
* Turn AFS encryption on or off based on a flag file in AFS
* Remove all login session records.
* Detach all lockers.
* Create /etc/noroot if this is a cluster machine.
* Invoke the auto-update script.
* Run reactivate.local.
If it's a full reactivate AND PUBLIC=true, reactivate will:
* Remove all files in /tmp
A great deal of this stuff will not be necessary in Athena 10, and the
remainder should probably not be handled through a grand unified
reactivate script. But I wanted to break it all down for
consideration.
