[5068] in testers
verify seems awfully kind and trusting
daemon@ATHENA.MIT.EDU (Mitchell E Berger)
Sat Aug 4 02:13:50 2001
Message-Id: <200108040613.CAA02107@byte-me.mit.edu>
To: testers@MIT.EDU
Date: Sat, 04 Aug 2001 02:13:45 -0400
From: Mitchell E Berger <mitchb@MIT.EDU>
Earlier today I mkserv remoted a previously PUBLIC=true machine to give
Greg remote access to look into another potential problem and changed the
root password. When he was done, I ran mkserv public and rebooted it.
I just went to log into it and discovered that the root password hadn't
reverted to the public root. Closer watching of a reboot and reading of
the /etc/athena/verify script reveals the following:
- It expects services, syslog.conf, inittab, info-dir, inetd.conf, and
conf.linuxconf to be in $SYSPREFIX/config/$athenaversion/etc. inetd.conf and
conf.linuxconf are missing, thus cp complains during verify.
- It later expects passwd, shadow, and group to be in that same directory.
passwd and shadow are missing.
- It's doing syncupdates with passwd, shadow, and group to keep pieces of the
.local versions of them. Since this is the public ws verification script,
and it bombs out if PUBLIC!=true, we don't want to allow any changes from
{passwd|shadow|group}.local to be preserved, and in fact those files should
probably be blown away if they exist.
- Though the existence of *.local files is tested for when doing the
syncupdates, it's just assumed they exist immediately after when performing
chowns and chmods.
Mitch
