[973] in testers
[David Krikorian: mkserv ops]
daemon@ATHENA.MIT.EDU (daemon@ATHENA.MIT.EDU)
Wed Aug 1 13:40:47 1990
Date: Wed, 1 Aug 90 13:40:29 -0400
From: David Krikorian <dkk@ATHENA.MIT.EDU>
To: testers@ATHENA.MIT.EDU
Reply-To: dkk@mit.edu
I was previously told this was "unsupported", but Richard asked that I
send this to testers, so here it is:
------- Forwarded Message
Date: Tue, 31 Jul 90 05:18:57 -0400
From: David Krikorian <dkk@ATHENA.MIT.EDU>
To: probe@ATHENA.MIT.EDU
Subject: mkserv ops
Reply-To: dkk@mit.edu
Home: 47 Lake St., Arlington, MA 02174, (617) 646-9289
Office: MIT Bldg. E40-358A, (617) 253-8651, 258-8736 (fax)
First of all, none of this is really needed for 7.1.
I figured out why I was confused for so long... You were bragging
about how good a job mkserv ops did on the LOGGER machines, but I
didn't notice any improvement. When I finally looked at
/usr/athena/lib/update/ops.add, I found the problem:
if [ "$hostlc" = "$hostws" -o "$hostlc" = "hostsys" ]; then
It's missing a '$' before the variable name "hostsys".
There are some other changes I'd like made to "mkserv ops":
When sed is run to remove *LOGGER from /etc/syslog.conf on wslogger
and syslogger, I'd rather have it replace "@*LOGGER" with
/usr/adm/messages, so we don't have to put that line in manually.
When the default /etc/inetd.conf is edited to comment out all the
dangerous and/or useless entries, I'd like two things done
differently. One is /fingerd/s/daemon/nobody/, but perhaps that
should follow user "nobody" being put in the standard /etc/passwd. Is
there any reason we *don't* put nobody in /etc/passwd? I already have
it on all the servers. The other thing is (after /klogin/s/^#//)
/^klogin/s/klogind$/Klogind$/. Since we're already cutting off all
other password-less access, I see no reason to require manual
intervention to close the last hole.
Also, please bring rkinit and zlocate local. Both definitely have
their uses on servers.
------- End Forwarded Message
