Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!convex!linac!mp.cs.niu.edu!bennett
From: bennett@mp.cs.niu.edu (Scott Bennett)
Newsgroups: comp.sys.next
Subject: Re: Unix `w' command not working
Message-ID: <1991Mar1.010704.25496@mp.cs.niu.edu>
Date: 1 Mar 91 01:07:04 GMT
References: <91057.115121SLVQC@CUNYVM.BITNET> <1367@toaster.SFSU.EDU> <1991Feb27.172635.132@gacvx2.gac.edu>
Organization: Northern Illinois University
Lines: 54

In article <1991Feb27.172635.132@gacvx2.gac.edu> dan@gacvx2.gac.edu writes:
>In article <1367@toaster.SFSU.EDU>, eps@toaster.SFSU.EDU (Eric P. Scott) writes:
>> In article <91057.115121SLVQC@CUNYVM.BITNET> SLVQC@CUNYVM.BITNET
>> 	(Salvatore Saieva) writes:
>>>I recently installed NeXTStep v2.0 and the Unix `w' command no
>>>longer works. (It used to work under v1.0.) Whenever I try to run
>>> [text deleted  --SJB]
>
>I have the same problem on netboot clients.  "w" and "netstat" return "No
>namelist" programs like "monitor" don't work either.  It worked under 0.8 and
>0.9.  It quit when I upgraded to 1.0.  I still see the problem on 2.0.  I was
>told that this is due to NFS maps the UID of root to -1 so that it does not
>have the same abilities on the network file system as it would on a local file
>system.  The documentation (on-line I think) for 1.0 mentioned a patch that
>could be entered into the kernal using 'adb' that would give root UID 0 on the
>network file systems.  I was not able to get 'adb' to work on 1.0, and NeXT
>did not recommend the patch.  It bothers me that "netstat" does not work,

     Damned straight they didn't recommend this.  Do *not* do this if
you ever plan to have your machine connected to any network that extends
beyond the walls of your house.  The remapping is done for a very good
reason and should not be defeated.  If UID 0 *were* maintained in such
a situation, anyone who had the root password for a machine served by
your machine would have unrestricted access to anything on your machine.
Given that anyone with a workstation--and keep in mind that workstations
are commonly served by other machines via NFS--can boot a workstation
in single-user mode, honoring UID 0 across an NFS connection would 
effectively eliminate *all* security on the serving system and any other
machines served by it.
     Be a good Internet neighbor and don't even dream of doing this
sort of thing.  If the documentation mentions the zap you describe,
then NeXT has slipped up badly by even publishing it.  (The people
at the NIC would be apoplectic if they saw it.)

>because it comes in handy.  All works correctly on the servers, only the
>netboot clients show the problem.
>
>-- 
>Dan Boehlke                    Internet:  dan@gac.edu
>Campus Network Manager         BITNET:    dan@gacvax1.bitnet
>Gustavus Adolphus College
>St. Peter, MN 56082 USA        Phone:     (507)933-7596


                                  Scott Bennett, Comm. ASMELG, CFIAG
                                  Systems Programming
                                  Northern Illinois University
                                  DeKalb, Illinois 60115
**********************************************************************
* Internet:       bennett@cs.niu.edu                                 *
* BITNET:         A01SJB1@NIU                                        *
*--------------------------------------------------------------------*
*  "WAR is the HEALTH of the STATE"  --Albert Jay Nock (I think:-)   *
**********************************************************************