DANEnet questions

Date: Tue, 25 Mar 1997 22:37:56 -0400
From: David Trueman <david@cs.dal.ca>
To: Eric Howland <howland@hiram.wicip.org>
cc: csuite-tech@chebucto.ns.ca
Precedence: bulk

next message in archive
next message in thread
previous message in archive
Index of Subjects 



I'm going to try to answer some of the questions and hope that someone
else on the list will fill in a few gaps.

On Tue, 25 Mar 1997, Eric Howland wrote:

> I just lost a long message to you. I had just changed to ispell as the
> spelling checker. mmmmm  
> 
> What spelling checker do you use?

ispell -- it works quite well for me.

> I will try to recreate the message rapidly. 
> 
> 1. The password problem solved itself - I think.  I do not know exactly
> when it fixed itself, because after we had traced the problem to the
> passwd file we were working on the incorrect assumption that the new
> passwd would show up at the end of the passwd file so we were checking
> with tail /etc/passwd.  We created some directories that seemed to be
> wanted such as /csuite/log/newacct but I see no evidence that it was 
> used. 
> 
> 
> 2. Is it possible to exempt a login from idle? I have killed idled for the
> moment as it was driving me crazy. After we go up I would still like to
> have at least two windows. 

THere is a hook in idled.  The output of idle is sent through $filter
where filter is set to "cat".  So, one could set filter to "grep -v eric"
and that would do the trick.  I definitelyintend to addd this in a more
general way, probably by 1.0.

For that matter, we need to set classes on new criteria. Since we have a
> terminal server differentiating files on ttypX will not work. This is like
> the messages you wrote to the list recently about who.  I assume the
> changes should be in timerd. Maybe we should steal your who code.

This has been done in the current development code -- contact me directly
if you want to try it out.  Basically, I added a host pattern field to the
classtable file -- you can select dialups based on the IP number or
hostname of your terminal server.


> 2. It looks like if we change the location of the home directories and
> shell we can put our old password file in
> /csuite/private/registration/create and the next time the scripts run the
> accounts will be created. Does this seem right to you?  Other than the 
> users files what else would we have to do. 

I would never have thought of this...  Unfortunately, newacct-make does
not loop over all lines in the pw.* file, so you have to have one file per
password file line.  That would not be a big deal -- a very simple awk
program would do that for you.  That should be very close to being a
complete process.  Why dont you try it out on a few lines of the passwd
file and then try out the accounts and see if all is well -- I can't think
of anything else needed.  Well, there is the creation of the namedb files.
Presumably you have some kind of user database -- that should be converted
to namedb format.  Let us know i fyou need some help on the format.

> 3. I am still being confused by the IP creation stuff. In our system every
> IP has one account that they use for maintaining their material. In your
> system it seems that an IP is really a directory in the tree along with the
> two associated listservs. I seem to have created the lists but not the
> directory.  I imagine that I am not filling in the right things in the
> database. 

Here is where I hope someone else will jump in.  What I can say is that
the latest domkip is more carefulk about reporting *why* it did not set up
an IP -- you might want to get that version.

> Here is my COMPLETED file. You can see that I tried several values for
> directory and Category:
> ip-1009|1009|testuser|Education/Education/testip2|testuser||859305601
> ip-1009|1009|testuser|Education/Education/testip2|testuser||859309795
> ip-1009|1009|ip-1009|Education/Testip2|testuser||859310633
> 
> Here is my REJECTED.imake file:
> 
> ip-1008|1008|aa001|Education/Education/testip|aa001|
> ip-1008|1008|aa001|Education/testip|aa001|
> ip-1008|1008|testuser|Education/testip|testuser|
> ip-1009|1009|testuser|Education/Education/testip2|testuser|
> ip-1009|1009|testuser|Education/Education/testip2|testuser|
> ip-1009|1009|ip-1009|Education/Testip2|testuser|
> 
> You can not tell without looking at the times but the last few are both
> COMPLETED and REJECTED. 
> 
> Here is the part of test.domkip from the last try:
> 
> + echo To: majordomo
> From: macneil
> 
> 
> + echo ip-1009
> + tr , \012
> + sed s/^/approve .testipkey subscribe testuser /g
> + unlock /var/csuite/etc/majordomo/spool/testuser 20909
> + rm /var/csuite/etc/majordomo/spool/testuser
> + echo ip-1009|1009|ip-1009|Education/Testip2|testuser||859310633
> + echo group|ip-1009|859310633
> + read line
> + unlock /var/csuite/private/groupfile 20909
> + rm -f /var/csuite/private/ipdb/TOMAKE
> + [ -s /var/csuite/private/ipdb/REJECTED.ipmake ]
> + cat /var/csuite/private/ipdb/REJECTED.ipmake
> + exit 0
> + unlock /var/csuite/etc/majordomo/spool/testuser 20909
> + CS_GROUPFILELOCK=/var/csuite/private/groupfile
> + spooldir=/var/csuite/etc/majordomo/spool
> + majordomodir=/var/csuite/etc/majordomo/lists
> 

> 
> 4. I am also confused by the groups (although maybe when I start creating
> accounts this will be clearer).  I gather that the groups have permission
> to edit certain trees of the system. Does that mean that there should be a
> hierarchy starting with csuite at the top and all other groups including
> those higher up?  I am getting this from the last line on
> http://hiram.wicip.org/adm/ip/EdGroup.html

There is a group hierarchy.  At the top is "csuite".  Anyone in "csuite"
has the ability to add and delete members and create groups lower in the
tree.  The same is true of any sub-tree.  For example, we have subject
page editors and they can manage groups associated with IPs in that
subject area.  The idea is to distribute the administrative load out over
many people.

> I do not seem to be able to run
> /cgi-ipbin/lynxcgi:/csuite/lynxcgi-bin/group-edit 
> maybe because of the lynxcgi, although I also tried to run this from
> lynx and it failed there as well. group-edit is there and I can run it by
> hand and see a bunch of relevant looking html. 

The above mentioned EdGroup.html is the way to access group-edit

> 5. I made an account for you to look around on our system. It is a regular
> shell account. The login is XXXXXXXXX and the pw is XXXXXXXX. I do not
> know if you need it, but you are certainly welcome to look around. It messed
> up ip-1008 by giving cshelp that uid and gid - that is why I am now working
> with testip2, which is ip-1009. 

I will check it out if we can't arrive at a solution soon.

I hope I have helped a bit.  Keep in touch and we'll make sure all your
questions get answerred eventually.

  David Trueman,
    Systems Manager, Dalhousie Math, Stats and Computing Science
    Technical Chair, Chebucto Community Net

next message in archive
next message in thread
previous message in archive
Index of Subjects