| 1 | #!/bin/sh - |
|---|
| 2 | # |
|---|
| 3 | # $Id: config_afs.sh,v 1.15 1998-02-17 06:18:45 jweiss Exp $ |
|---|
| 4 | # |
|---|
| 5 | # This script configures the workstation's notion of AFS. |
|---|
| 6 | # 1. It updates the cell location information from /usr/vice/etc/CellServDB |
|---|
| 7 | # 2. It updates the cell setuid information from /usr/vice/etc/SuidCells |
|---|
| 8 | PATH=/bin:/bin/athena:/usr/bin; export PATH |
|---|
| 9 | |
|---|
| 10 | VICEDIR=/usr/vice/etc |
|---|
| 11 | CELLDB=${VICEDIR}/CellServDB |
|---|
| 12 | SUIDDB=${VICEDIR}/SuidCells |
|---|
| 13 | |
|---|
| 14 | echo "Updating cell location information" |
|---|
| 15 | rm -f ${VICEDIR}/Ctmp |
|---|
| 16 | cp /afs/athena.mit.edu/service/CellServDB ${VICEDIR}/Ctmp && |
|---|
| 17 | [ -s ${VICEDIR}/Ctmp ] && |
|---|
| 18 | mv -f ${VICEDIR}/Ctmp ${CELLDB}.public && |
|---|
| 19 | cat ${CELLDB}.public ${CELLDB}.local >${VICEDIR}/Ctmp 2>/dev/null |
|---|
| 20 | [ -s ${VICEDIR}/Ctmp ] && |
|---|
| 21 | rm -f ${CELLDB}.last && |
|---|
| 22 | ln ${CELLDB} ${CELLDB}.last && |
|---|
| 23 | mv -f ${VICEDIR}/Ctmp ${CELLDB} && |
|---|
| 24 | chmod 644 ${CELLDB} && { |
|---|
| 25 | cmp -s ${CELLDB}.last ${CELLDB} || |
|---|
| 26 | awk ' |
|---|
| 27 | /^>/ {printf("\nfs newcell %s", \ |
|---|
| 28 | substr($1,2,length($1)-1))}; |
|---|
| 29 | /^[0-9]/ {printf(" %s",$1)}; |
|---|
| 30 | END {printf("\n")}' ${CELLDB} | sh |
|---|
| 31 | } |
|---|
| 32 | |
|---|
| 33 | echo "Updating setuid cell information" |
|---|
| 34 | rm -f ${VICEDIR}/Ctmp |
|---|
| 35 | cp /afs/athena.mit.edu/service/SuidCells ${VICEDIR}/Ctmp && |
|---|
| 36 | [ -s ${VICEDIR}/Ctmp ] && |
|---|
| 37 | mv -f ${VICEDIR}/Ctmp ${SUIDDB}.public && |
|---|
| 38 | cat ${SUIDDB}.public ${SUIDDB}.local >${VICEDIR}/Ctmp 2>/dev/null |
|---|
| 39 | [ -s ${VICEDIR}/Ctmp ] && |
|---|
| 40 | mv -f ${VICEDIR}/Ctmp ${SUIDDB} && |
|---|
| 41 | chmod 644 ${SUIDDB} |
|---|
| 42 | |
|---|
| 43 | echo "Only allowing setuid/setgid programs from the following cells:" |
|---|
| 44 | |
|---|
| 45 | for cellname in `/etc/athena/listsuidcells`; do |
|---|
| 46 | fs setcell "$cellname" -nosuid |
|---|
| 47 | done |
|---|
| 48 | cat ${SUIDDB} | awk ' |
|---|
| 49 | /^-/ { suid[substr($1,2,length($1)-1)] = 0; } |
|---|
| 50 | /^[^-]/ { suid[$1] = 1; |
|---|
| 51 | cells[numcells++] = $1; } |
|---|
| 52 | END { for (i = 0; i < numcells; i++) { |
|---|
| 53 | if (suid[cells[i]]) { |
|---|
| 54 | printf("fs setcell %s -suid\n", cells[i]); |
|---|
| 55 | printf("echo %s\n", cells[i]); } } }' | sh |
|---|
| 56 | |
|---|
| 57 | rm -f ${VICEDIR}/Ctmp |
|---|
| 58 | exit 0 |
|---|
