Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ access(5n) — UTek W2.3

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

dfsd(8n)

vidfs(8n)



ACCESS (dfs)(5N)        COMMAND REFERENCE        ACCESS (dfs)(5N)



NAME
     access - control remote access to local files.

SYNOPSIS
     /usr/lib/dfs/access

DESCRIPTION
     This file determines which users on which remote hosts may
     access the local file system.

     It is formatted as a host followed by a seres of names of
     the form

          orca: sam, joe, root=joe, . .

     The colon separates the remote hostname (orca) from the
     users (sam,joe,...). As shown above, names with equalsign
     specify a userid mapping (i.e: allow access from root on
     orca as joe on this host).  Lines beginning with '#' are
     comments.

     Remember that access determines if the daemon will attempt
     to execute the system call on behalf of the requesting host.
     However, the standard UTek owner-group-other protection
     scheme will ultimately determine the accessibility of the
     file by the remote process.

     /usr/lib/dfs/access is an ASCII file used to modify the
     access database; the actual aliasing information is placed
     into a binary format in the files /usr/lib/dfs/access.dir
     and /usr/lib/dfs/access.pag using the command
     /usr/lib/dfs/newdfs. These are dbm(3d) files.

     It is recommended that for editing access you use vidfs(8n).
     It will make a number of checks on the validity of the
     entries in the access file.  When setting up access keep two
     points in mind.  First, users mentioned in access must
     already be in the password file /etc/passwd. They do not,
     however, have to have login privileges nor do they need a
     home directory.  You can prevent them from logging on by
     setting their encrypted password to '*' or any other single
     letter (because no password encrypts to a single character).
     Secondly, the local userid assigned to the remote user
     wishing to access the local file system must match the
     userid assigned to that remote user on the remote host.

     It is possible to specify an 'alias' in access, for example:
          host1:jeff,root
          host2:leon,root=leon

     The first entry allows access by root from host1.  However
     for security reasons allowing access by root is not often



Printed 10/17/86                                                1





ACCESS (dfs)(5N)        COMMAND REFERENCE        ACCESS (dfs)(5N)



     appropriate. The second entry allows access by root from
     host2, but the local system treats the request as if it came
     from leon and so access is based on leon's rights, not those
     of root.  Note that if two users have the same alias, only
     one of those aliases will take effect.  In other words it is
     not possible for multiple users to have an entry with the
     same alias because when a request is received from that
     alias, there is no way of knowing whose access rights to
     use.  This issue is resolved when newdfs builds the access
     database based on the first entry it finds.

     It is possible to allow access for all users from a remote
     hosts for example:
          tekecs:*
     Specifying * allows access by all users on that host except
     root.

FILES
     /usr/lib/dfs/access           raw data for DFS access
                                   database.

     /usr/lib/dfs/access.pag

     /usr/lib/dfs/access.dir       DFS access database.

     /usr/lib/dfs/newdfs           Program to make and install
                                   database.
                                   /usr/lib/dfs/convert Shell
                                   script to convert from old
                                   /etc/hosts.dfs.access file.

SEE ALSO
     dfsd(8n), vidfs(8n).






















Printed 10/17/86                                                2





































































%%index%%
na:72,82;
sy:154,197;
de:351,2568;3063,868;
fi:3931,722;
se:4653,122;
%%index%%000000000103

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026