1 | #!/bin/sh - |
---|
2 | # |
---|
3 | # $Id: config_afs.sh,v 1.17 1999-12-07 21:46:24 danw Exp $ |
---|
4 | # |
---|
5 | # This script configures the workstation's notion of AFS. |
---|
6 | # 1. It updates the cell location information from /usr/vice/etc/CellServDB |
---|
7 | # 2. It updates the cell setuid information from /usr/vice/etc/SuidCells |
---|
8 | PATH=/bin:/bin/athena:/usr/bin; export PATH |
---|
9 | |
---|
10 | VICEDIR=/usr/vice/etc |
---|
11 | CELLDB=${VICEDIR}/CellServDB |
---|
12 | SUIDDB=${VICEDIR}/SuidCells |
---|
13 | |
---|
14 | echo "Updating cell location information" |
---|
15 | rm -f ${VICEDIR}/Ctmp |
---|
16 | cp /afs/athena.mit.edu/service/CellServDB ${VICEDIR}/Ctmp && |
---|
17 | [ -s ${VICEDIR}/Ctmp ] && |
---|
18 | mv -f ${VICEDIR}/Ctmp ${CELLDB}.public && |
---|
19 | cat ${CELLDB}.public ${CELLDB}.local >${VICEDIR}/Ctmp 2>/dev/null |
---|
20 | [ -s ${VICEDIR}/Ctmp ] && { |
---|
21 | cmp -s ${VICEDIR}/Ctmp ${CELLDB} || { |
---|
22 | rm -f ${CELLDB}.last && |
---|
23 | ln ${CELLDB} ${CELLDB}.last && |
---|
24 | mv -f ${VICEDIR}/Ctmp ${CELLDB} && |
---|
25 | chmod 644 ${CELLDB} && |
---|
26 | sync && |
---|
27 | awk ' |
---|
28 | /^>/ {printf("\nfs newcell %s", \ |
---|
29 | substr($1,2,length($1)-1))}; |
---|
30 | /^[0-9]/ {printf(" %s",$1)}; |
---|
31 | END {printf("\n")}' ${CELLDB} | sh |
---|
32 | } |
---|
33 | } |
---|
34 | |
---|
35 | echo "Updating setuid cell information" |
---|
36 | rm -f ${VICEDIR}/Ctmp |
---|
37 | cp /afs/athena.mit.edu/service/SuidCells ${VICEDIR}/Ctmp && |
---|
38 | [ -s ${VICEDIR}/Ctmp ] && |
---|
39 | mv -f ${VICEDIR}/Ctmp ${SUIDDB}.public && |
---|
40 | cat ${SUIDDB}.public ${SUIDDB}.local >${VICEDIR}/Ctmp 2>/dev/null |
---|
41 | [ -s ${VICEDIR}/Ctmp ] && |
---|
42 | mv -f ${VICEDIR}/Ctmp ${SUIDDB} && |
---|
43 | chmod 644 ${SUIDDB} |
---|
44 | |
---|
45 | echo "Only allowing setuid/setgid programs from the following cells:" |
---|
46 | |
---|
47 | for cellname in `/etc/athena/listsuidcells`; do |
---|
48 | fs setcell "$cellname" -nosuid |
---|
49 | done |
---|
50 | cat ${SUIDDB} | awk ' |
---|
51 | /^-$/ { numcells = 0; exit; } |
---|
52 | /^-/ { suid[substr($1,2,length($1)-1)] = 0; } |
---|
53 | /^[^-]/ { suid[$1] = 1; |
---|
54 | cells[numcells++] = $1; } |
---|
55 | END { for (i = 0; i < numcells; i++) { |
---|
56 | if (suid[cells[i]]) { |
---|
57 | printf("fs setcell %s -suid\n", cells[i]); |
---|
58 | printf("echo %s\n", cells[i]); } } }' | sh |
---|
59 | |
---|
60 | rm -f ${VICEDIR}/Ctmp |
---|
61 | exit 0 |
---|