Permissions file in HD UUCP

Bill Kennedy bill at carpet.WLK.COM
Tue Jun 14 05:07:06 AEST 1988 

In article <721 at kuling.UUCP> bear at stab.se (Bjorn Sjoholm) writes:
>In article <374 at tandem.UUCP> narayan at tandem.UUCP (Narayan Mohanram) writes:
>>I have the HD UUCP from uport, but there is not documentation for
>>setting up the Permssions file.

[ most deleted, just adding on, Bjorn's last Permissions entry retained... ]

># Host2 & Host3
>MACHINE=host2:host3 \
>	READ=/tmp:/usr/spool/uucppublic WRITE=/tmp:/usr/spool/uucppublic \
>	COMMANDS=rmail:rnews:uucp \
>	REQUEST=yes

There is another dandy feature that you can put in, it's the MYNAME directive.
This allows you to assume another identity for the session with the machine
you are talking to.  What?  Why do that?  This machine (name is "carpet") is
a luggable that I take with me on the road.  My main system's name is "ssbn".
>From time to time I need to do something with one of ssbn's neighbors and I
don't want to ask the SA to have separate identical accounts for carpet and
ssbn.  With MYNAME=ssbn in carpet's Permissions file, each machine behaves
as though ssbn was calling.

There is another practical use for MYNAME.  You can permit controlled access
to your system for many systems by having them use MYNAME.  You give them all
a single log in ID and password and tell them to MYNAME=whatever in their
Permissions.  In your own Permissions file you put a single entry for all of
them, LOGNAME=passwdname VALIDATE=whatever and the specific access you wish
to allow.  I use this to keep an archive for a rather large mailing list.
I have no idea how many different sites use it.  They all use the same log
in ID/password and MYNAME to the same Permissions entry.  I give them fairly
generous READ permissions and fairly strict WRITE and COMMANDS permissions.

MYNAME is also very handy if you need to help debug some other site's uucp
connection.  Your system can masquerade as the other site and you can help
both of them figure out what is going wrong.  I am fairly sure that MYNAME
can be one thing in the MACHINE (we are calling them) and another in the
LOGNAME (they are calling us) entries but I have not tried to be another
name when called, only when calling.

Two more inputs, a feature and a caution.  There is a utility provided
called uucheck.  If you use uucheck with the -v option it will analyze
your Permissions file and tell you, in clear text, how it will be used
by uucico.  It will also tell you if you made an obvious (to it :-)
mistake.  You should not use a changed Permissions file until you have
sent it through uucheck.

Finally, if you have duplicate MACHINE or LOGNAME entries in Permissions
only the first one will be used.  This can get pretty confusing if you
want one form for one "nuucp" and another for another.  In the above style
I have LOGNAME=nuucp VALIDATE=site1:site2:site3:...:siten with a single
set of permissions.  When that doesn't do what I want, I assign another
log in ID (maybe the same or no password) and make another Permissions
entry for it.

Sorry for the length but Permissions is a very undocumented part of HDB
and one of the most useful features in it.  The new edition of the Nutshell
book on managing uucp is very helpful (they call HDB BNU).
-- 
Bill Kennedy  Internet:  bill at ssbn.WLK.COM
                Usenet:  { killer | att-cb | ihnp4!tness7 }!ssbn!bill

More information about the Comp.unix.microport mailing list