[1013] in testers
Re: mkserv ops
daemon@ATHENA.MIT.EDU (daemon@ATHENA.MIT.EDU)
Sun Aug 5 03:49:11 1990
Date: Sun, 5 Aug 90 03:48:32 -0400
To: dkk@MIT.MIT.EDU
Cc: testers@MIT.MIT.EDU
In-Reply-To: David Krikorian's message of Tue, 31 Jul 90 05:18:57 -0400,
From: Richard Basch <probe@MIT.MIT.EDU>
Date: Tue, 31 Jul 90 05:18:57 -0400
From: David Krikorian <dkk@ATHENA.MIT.EDU>
Reply-To: dkk@mit.edu
Home: 47 Lake St., Arlington, MA 02174, (617) 646-9289
Office: MIT Bldg. E40-358A, (617) 253-8651, 258-8736 (fax)
First of all, none of this is really needed for 7.1.
I figured out why I was confused for so long... You were bragging
about how good a job mkserv ops did on the LOGGER machines, but I
didn't notice any improvement. When I finally looked at
/usr/athena/lib/update/ops.add, I found the problem:
if [ "$hostlc" = "$hostws" -o "$hostlc" = "hostsys" ]; then
It's missing a '$' before the variable name "hostsys".
oops.
There are some other changes I'd like made to "mkserv ops":
When sed is run to remove *LOGGER from /etc/syslog.conf on wslogger
and syslogger, I'd rather have it replace "@*LOGGER" with
/usr/adm/messages, so we don't have to put that line in manually.
Excerpt from /etc/syslog.conf:
*.warning;kern,user.notice @WSLOGGER.MIT.EDU
*.alert;auth.notice /dev/console
*.notice;kern.debug;local0.info /usr/adm/messages
This means that everything that would have gone to the logger machine
already goes into /usr/adm/messages as well... Do you want double
logging - I am more than willing to oblige...
When the default /etc/inetd.conf is edited to comment out all the
dangerous and/or useless entries, I'd like two things done
differently. One is /fingerd/s/daemon/nobody/, but perhaps that
should follow user "nobody" being put in the standard /etc/passwd. Is
there any reason we *don't* put nobody in /etc/passwd? I already have
it on all the servers. The other thing is (after /klogin/s/^#//)
/^klogin/s/klogind$/Klogind$/. Since we're already cutting off all
other password-less access, I see no reason to require manual
intervention to close the last hole.
Also, please bring rkinit and zlocate local. Both definitely have
their uses on servers.
Slated for next time around.
-Richard
