Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ dce_config(8dce) — DCE 3.1

Media Vault

Software Library

Restoration Projects

Artifacts Sought

dce_config(8dce)  —  Maintenance

NAME

dce_config  — Installs, configures, and starts up DCE

SYNOPSIS

dce_config  [i ]  [e environment_file]  [c command_file]

Options

iThe i  option tells dce_config  to look in the /etc directory of the install area (which is generally /opt/dce1.0/etc) for the component scripts it needs to run.  After you have invoked dce_config  once with the i option, you do not need to use the option again. 

e  environment_file
The e  option causes dce_config  to source environment_file at startup.  The environment_file variable represents a user-created file that sets the DCE and Distributed File Service (DFS) variables that specfy responses to the dce_config  user prompts.  Note that if you do not specify the e  option, dce_config looks for the /etc/dce_config.conf file and sources it if it exists.  If the file does not exist, it uses shell variable settings if they are set. 

c  command_file
The c  option causes dce_config  to source command_file at startup.  The command_file variable represents a user-created shell script that initiates installation and configuration processing. 

Description

The dce_config  shell command invokes a menu-driven interface that installs, configures, and starts up DCE.  The dce_config  command displays a hierarchy of menus and invokes individual installation and configuration routines, according to users’ menu selections. 

Installation routines store the binaries required for the server installation that is selected into $DCELOCAL.  Binaries required for a client installation are stored on every machine.  The configuration menu consists of initial cell configuration, additional server configuration, and DCE client configuration.  The security server and the first Cell Directory Service (CDS) server constitute initial cell configuration. 

If you specify an environment file with the e  option and a command file with the c  option, you can completely automate dce_config  processing. 

The Command File

The command file consists of install and config command lines that specify the component to install and, for DFS, the type of server. 

A sample command file, config.cmd, is provided by OSF with the DCE source.  You can copy the file and use it as supplied or you can use it as guide to creating your own environment file.  The sample file is not copied to the install tree during DCE installation. 

The install lines are in the following form:

install component [dfs_server]

where:

componentCan be one of the following values:

secMaster security server binaries

cdsInitial CDS server binaries

gdsGDS server binaries

dtsDistributed Time Service (DTS) server binaries

clientDCE client binaries

sec-replica
Security replica binaries

appdevInterface Definition Language (IDL) compiler and header files for use in DCE application development

cdsbrowser
CDS browser utility

nidl_to_idl
A utility to convert files written in NIDL to files written in IDL

dfs_serverSpecifies the type of DFS server to install; can be one of the following values:

clientDFS client

scmSystem control machine

privatefsPrivate file server

fsFile server

fldbFile location database server

The config lines are in the following form:

config component
            {
             client |
             gda |
             sec {client | server | replica} |
             cds {client | server | replica} |
             dts {clerk | local | global | ntp-provider | null-provider}
             dfs {client | scm | privatefs | fs | fldb}
             }

where:

componentCan be one of the following values:

clientDCE client configuration

gdaGDA configuration

secSecurity configuration of any one of the following:

clientSecurity client machine

serverSecurity master server machine

replicaSecurity replica machine

cdsCDS configuration of any one of the following:

clientCDS client machine

serverCDS initial server machine

replicaAdditional CDS server machines

dtsDTS configuration of any one of the following:

clerkDTS clerk machine

localDTS local server machine

globalDTS global server machine

ntp-provider
DTS NTP time-provider machine

null-provider
DTS null time-provider

dfsDFS configuration of any one of the following:

clientDFS client specify

scmSystem control machine

privatefsPrivate file server machine

fsFile server machine

fldbFile location database server machine

The Environment File

The environment file sets the DCE and DFS variables.  The file entries are in the following form:

variable=value

To change a value, simply replace it with the new value. 

A sample environment file, config.env, is provided by OSF with the DCE source.  You can copy the file and use it as supplied or you can use it as guide to creating your own environment file.  The sample file is not copied to the install tree during DCE installation. 

The DCE and DFS Variables

The first of the tables that follows lists the DCE variables you can set for dce_config  processing.  The second of the tables lists the DFS variables you can set.  In the tables, the term default refers to the setting assigned to the variable by OSF. 





_ _
Variable Value
_ _
CACHE_CDS_SERVER The name of the CDS server to cache.  It is not required that the cached server be the initial CDS server.  Used during CDS client configuration. 
_ _ _
CACHE_CDS_SERVER_IP The IP address of the CDS server to cache. 
_ _
CELL_ADMIN The principal name of the initial privileged user of the registry database (known as the registry creator).  Used during security server configuration. 
_ _
CELL_ADMIN_PW The default password assigned to the accounts created when the registry database is created, including the account for the registry creator.  The default is
dce- . 

_ _
CELL_NAME The name of the cell (without the .../) on which the configuration is being performed.  Used during security server configuration. 
_ _
CHANGE_PW Indicates whether or not dce_config  displays the message Password must be changed on exiting when the cell administrator password (CELL_ADMIN_PW) is the same as the default password.  The default is n.  It is recommended that you do not change this value in order to help ensure that the cell administrator is not assigned a commonly known password.  This variable is used in conjunction with the DEFAULT_PW variable. 
_ _
CHECK_TIME Specifies whether or not to check client and server clock synchronization; y indicates the time will be checked while n indicates it will not.  The default is y. 
_ _
DC_DISPLAY_THRESHOLD Specifies the messages to write to stdout.  Possible values are ERROR, WARNING, SUMMARY, DETAIL, VERBOSE, and DEBUG.  The default is SUMMARY. 
_ _
DC_LOG_THRESHOLD Specifies the minimum priority log messages to write to the log file, /tmp/dce_config.log.  Possible values are ERROR, WARNING, SUMMARY, DETAIL, VERBOSE, and DEBUG.  The default is DEBUG. 
_ _
DEFAULT_MAX_ID The highest value UNIX ID for principals.  The default value is 32767, which means that only principals with UNIX IDs lower than 32767 can access the cell.  It is recommended that you accept the default.  Used during security server configuration. 
_ _
DEFAULT_PW Contains the default password used when the registry is created.  This variable is used to determine if the cell administrator’s password (CELL_ADMIN_PW) is the same as the default password.  When the user exits dce_config , the value of DEFAULT_PW and CELL_ADMIN_PW are checked.  If they are the same and if the CHANGE_PW variable is set Y, dce_config  issues the warning message Password must be changed.  The default for this variable is dce- .  If your site has a commonly used and known password, change the DEFAULT_PW variable to that password to help ensure that the cell administrator account is not assigned a commonly known password. 
_ _
DIR_REPLICATE Controls the replication of CDS directories when an additional CDS server is being created at DCE configuration time.  The value y will cause dce_config  to prompt for more directories to replicate; n will not.  The default is n. 
_ _
DOMAIN_NAME The name of the host domain.  Used as a default in the Security client configuration for Kerberos5 compatibility if /etc/resolv.conf does not contain a domain name. This variable is appended to the hostname to get the fully qualified name in the format: hostname.domain_name.  For example, if DOMAIN_NAME is set to company.com and the host name is abc, the fully qualified hostname will be abc.company.com.
_ _








_ _
Variable Value
_ _ _ _
DO_CHECKS Controls the display of three prompts.  The first is whether or not the prompt Press <Return> to continue, <Ctrl-C> to exit: is returned when dce_config  encounters a nonfatal error.  This prompt forces the user to acknowledge the error and offers a way to exit dce_config .  The second and third prompt occur during master security server configuration.  They prompt for a UNIX ID number at which the security server will start assigning automatically generated group UNIX IDs and principal UNIX IDs.  If this prompt is turned off, the default is the default described in the DEFAULT_MAX_ID and GID_GAP variables.  For the DO_CHECKS variable, y displays the prompt; n does not.  The default is y. 
_ _ _ _
EXIT_ON_ERROR An indication of whether or not dce_config  will exit in the event of a fatal error: y indicates that dce_config  exits when it encounters a fatal error; n indicates it will not.  The default is n.  Setting this variable to y or n can help prevent a “here” file from getting out of sync with dce_config . 
_ _ _ _
GID_GAP The increment above highest currently used GID at which the security service will start assigning automatically generated GIDs.  The value of this variable is used with the LOW_GID variable to set the starting point for unique identifiers (UIDs) automatically assigned by the security server.  Default is 100.  Used in security server configuration. 
_ _ _ _
HOST_NAME_IP The IP address of node on which dce_config  is running. 
_ _
KEYSEED A character string used to seed the random key generator in order to create the master key for the master and each slave database.  Each database has its own master key and thus keyseed.  Used in security server configuration. 
_ _ _ _
LAN_NAME For multiple local area network (LAN) configurations, the internal name of the LAN (in the LAN profile).  Used in CDS server configuration. 
_ _ _ _
LOGFILE The full pathname of the log file produced by dce_config .  The default is /tmp/dce_config.log
_ _ _ _
LOW_GID The value at which the security server will start assigning automatically generated group IDs.  The default is the value of the highest group ID currently used on the machine being configured, incremented by the value of GID_GAP.  Although there is no restriction that the value of LOW_GID must be higher than the machine’s highest group ID, if you supply a LOW_GID that is less than or equal to the highest currently used group ID, dce_config issues a warning  message and prompts the user to reenter LOW_GID.  Used in master security server configuration. 
_ _ _ _
LOW_UID The value at which the security server starts assigning automatically generated UNIX IDs. Default is value of highest UNIX ID currently used on machine being configured, incremented by value of UID_GAP.  There is no requirement that the value of LOW_UID be higher than the machine’s highest UNIX ID, but if you supply a LOW_UID less than or equal to the highest currently used UNIX ID, dce_config issues a warning message and prompts you to reenter LOW_UID.  Used in master security server configuration. 
_ _ _ _
MULTIPLE_LAN An indication of whether or not to configure the node with multiple LAN capabilities: y indicates configure with multiple LAN capabilities, n indicates do not.  Used in CDS configuration. 
_ _ _ _
NTP_HOST The name of the host on which the NTP time-provider server is running.  Used in DTS time provider configuration. 
_ _ _ _
PWD_MGMT_SVR The default pathname to the password management server, which is $DCELOCAL/bin/pwd_strength.  Used in password management server configuration. 
_ _ _ _
PWD_MGMT_SVR_OPTIONS The default option or options for the password management server (pwd_strength ).   The value of the variable is set to v  (verbose) at server configuration. 
_ _ _ _
REMOVE_PREV_INSTALL An indication of whether or not to remove all remnants of previous DCE installations before performing the new install; y indicates remove all remnants while n indicates do not.  Be aware that if you set this variable to O, dce_config  will automatically remove all installed components each time you install any component, and you must reinstall them all.  Used in all component installations. 
_ _ _ _
REMOVE_PREV_CONFIG An indication of whether or not to remove all remnants of previous configurations before performing the new configuration: y indicates remove all remnants; n indicates do not. Be aware that if you set this variable to y, dce_config  will stop and remove all configured components each time you configure any component, and you must reconfigure them all.  Used in all component configurations. 
_ _ _ _
REP_CLEARINGHOUSE The name for new clearinghouse.  Used in additional CDS server configuration. 
_ _ _ _
SEC_SERVER Name of the machine on which cell’s master security server runs. Used in security client configuration. 
_ _ _ _
SEC_SERVER_IP IP address for server named in SEC_SERVER. 
_ _ _ _
SYNC_CLOCKS Indication of whether or not to synchronize all client clocks with the security server clock;  y indicates that client and server clocks will be synchronized while n indicates they will not.  If set to n, and clocks are out of sync by more than value specified in the TOLERANCE_SEC variable, user is prompted whether or not to synchronize them. Valid only if CHECK_TIME variable is set to y. For DFS machine configurations, should be set to y. 
_ _ _ _
TIME_SERVER Specifies the host that security client will try to synchronize its clock against. Host must have a DTS server (dtsd ) running. Recommended choice for host is the one running the master security server (name specified in the SEC_SERVER variable). 
_ _ _ _
TOLERANCE_SEC Number of seconds a client system clock can differ from the security server system clock before either the user prompted to synchronize clocks or clocks are synchronized automatically.  Default is 120 seconds. Both security service and CDS require there be no more than 5-minute difference between clocks on any two nodes in a cell. For a DFS file location database server, should not be set to less than 90 seconds. 
_ _ _ _
UID_GAP The increment above highest currently used UID at which security service starts assigning automatically generated UIDs. The value of this variable is used with the LOW_UID variable to set the starting point for UIDs automatically assigned by the security server. Default is 100. Used in security server configuration. 
_ _ _ _
UNCONFIG_HOST_PRESET Name of node to be unconfigured. Used with unconfigure option. 
_ _ _ _
AGG_FS_TYPE The type of file system for the aggregate to be exported.  Possible values are native meaning the native file system (such as  UFS, JFS) or episode meaning the episode (LFS) file system. 
_ _ _ _
AGG_DEV_NAME The device name of the aggregate to be exported,
_ _ _ _
AGG_MOUNT_PATH The mount path for the aggregate (such as /usr/users). 
_ _ _ _
AGG_NAME The name to be used for the aggregate to be exported (such as user.jlw). 
_ _ _ _
AGG_ID The unique numerical aggregate ID for the exported aggregate. 
_ _ _ _
CACHE_SIZE_RAM The number of bytes to use for an in-memory cache. 
_ _ _ _
CACHE_SIZE_DISK The number of bytes to use for a local disk cache. 
_ _ _ _
CACHE_DIR_DISK The pathname of the directory to use for a local disk cache. 
_ _ _ _
CLIENT_CACHE_LOC An indication of whether the cache is stored in memory or on disk.  machine values are mem meaning the cache is stored in memory or disk meaning the cache is stored on  the local disk. 
_ _ _ _
CONFIG_NFS_GATEWAY An indication of whether or not to configure the DFS client as an NFS gateway.  Possible values are y and n; n is the default. 
_ _ _ _
DFS_SERVER_INSTALL An indication of which type of DFS server to install: SCM for system control machine; FS for file server; PRIVATEFS for private file server; FLDB for file location database server. 
_ _ _ _
EPI_FORMAT_PART An indication of whether or not to format a disk partition as an episode aggregate.  Possible values are y to format the partition or n to not. 
_ _ _ _
EPI_FORCE_INIT An indication of whether or not to force the initialization of a partition as an Episode aggregate, possibly losing data.   Possible values are y or the initialization or n to not. 
_ _ _ _
INIT_LFS An indication of whether or not to initialize the LFS (using epiinit).  Possible values are y to initialize or n to not. 
_ _ _ _
INSTALL_OPT_SERS An indication of whether or not to install the optional DFS servers (bak, butc, upclient ).  Possible values are y to install or n to not. 
_ _ _ _
INSTALL_OPT_CLIENT An indication of whether or not to install the optional DFS client (cm, bos , and fts) binaries.  Possible values are y to install or n to not. 
_ _ _ _
LOAD_LFS_KEXT An indication of whether or not to load the LFS kernel extensions.  Possible values are y to load or n to not. 
_ _ _ _
ROOT_FILESET_NM The name of the DFS root fileset. 
_ _ _ _
SCM_NAME The name of the system control machine to be used during configuration. 
_ _ _ _




Component Scripts

The dce_config  script calls component scripts that reside in the /opt/dcelocal/etc directory (or in the etc directory of the install area) with symbolic links to /etc.  In a custom configuration script, you can call the component scripts directly and supply the required input via the environment variables.  The names and functions of the component scripts follows:

dce_shutdown
Shuts down all DCE server processes (auditd , dtsd , cdsadv , cdsd , secd , gdsd , gdad ), except for DFS server processes (dfsd ).  The script is executed via dcecp  or another control program.  It must be run on the machine running the daemon processes to be shut down.  You must be root or another priviledged user to run the script.  You should always run the script before reconfiguring DCE. 

The dce_shutdown  script attempts to shut down a daemon gently.  If it fails to do so, it will send a kill signal to all the DCE daemons. 

The dce_shutdown  script can also be run directly if for any reason you do not want to use a control program.  When the script is run with the f  option, it will find and kill the DCE daemons.  This behavior is the same as that of the dce.clean script, which was included in DCE R1.0.3 and previous releases.  DCE R1.1 does not include the dce.clean script, but provides the name as a symbolic link to the dce_shutdown  script for the user’s convenience. 

dfs.cleanKills DFS server processes.  This script must be run on the machine running the processes.  It should be run before reconfiguring DCE.  (Note that some DFS daemon processes cannot be killed by dfs.clean.) 

dce.rm [install]
Removes all data and configuration files created by DCE servers after initial configuration except for data and files created by DFS servers.  This script must be run on the machine running the processes.  It should be run before reconfiguring DCE.  If you invoke the script with the install parameter, the script removes the binary files added during installation. 

dfs.rm [install]
Removes data and configuration files created by DFS servers after initial configuration.  This script must be run on the machine running the processes, and dced  must be running on that machine.  The dfs.rm script should be run before reconfiguring DCE.  If you invoke the script with the install parameter, the script removes the binary files added during installation.  Note that this script invokes the dce.clean script. 

dce.unconfig hostname

Removes all DCE clients on hostname from the security and directory service databases.  It should be run before reconfiguring a client machine. 

dfs.unconfig hostname

Removes the DFS client on hostname from the security and directory service databases.  It should be run before reconfiguring a client machine. 

dce_com_env
Sets environment variables.

dce_config_env
Calls the dce_com_env script that sets the environment variables. 

dce_com_utils
Contains common functions used by dce_config  and dfs_config . 

dce_config_utils
Contains internal routines used by dce_config  scripts. 

dfs_config
Configures a machine as a DFS server or client.

rc.dceStarts DCE daemons.  This script cannot be run remotely; it must be run on the machine on which the daemons are being started. 

rc.dfsStarts DCE daemons.  This script cannot be run remotely; it must be run on the machine on which the daemons are being started. 

Privileges Required

You must have root authority to run the dce_config  command. 

Exit Values

In case of an error, this command repeats requests for correct input.  The user can exit the program from any menu. 

Errors

A representative list of errors that might be returned is not shown here.  Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages. 

Related Information

Books: OSF DCE Administration Guide

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026