Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!magnus.acs.ohio-state.edu!usenet.ins.cwru.edu!agate!ziploc!eps From: eps@toaster.SFSU.EDU (Eric P. Scott) Newsgroups: comp.sys.next Subject: Re: Toward a "Public NeXT Lab" guidebook Message-ID: <1721@toaster.SFSU.EDU> Date: 15 Jun 91 07:21:33 GMT References: <9106141908.AA25449@cheops.cis.ohio-state.edu> Reply-To: eps@cs.SFSU.EDU (Eric P. Scott) Organization: San Francisco State University Lines: 89 In article <9106141908.AA25449@cheops.cis.ohio-state.edu> Greg Johnson writes: > In fact, I am >running 20 NextStations (each 8MB RAM, 105 MB disk) Ugh! > There have been >occasional ethernet traffic jams Double ugh! Our NeXTs have to share their Ethernets with other (non-NeXT) people trying to do Real Work. If we put 8MB NetBoot clients on the wire the vigilantes would skin us alive... (By the same argument all my School's buildings are designated smoke- free; suicidal activity is merely discouraged, but homicidal activity is punishable.) >Our /users/1/ partition is further divided into "staff", "student", and >"visitor" subdirectories, under which come the actual user home directories. Here's where you've drifted away from technical considerations into political/religious ones. We find that segregating users (dare I say "apartheid") merely fuels antagonism and hostility. Hence, our NeXTs are set up to treat users as human beings! "Real Names" don't have titles associated with them, either. >To allow the new private owner of a NeXT freedom to play and configure, the >NeXT comes with defaults set to allow that individual wide freedom. Files >he or she creates on one account can be accessed from another. This is fine >for a workstation you own, but is undesirable in a public lab situation. We strongly disagree, except for e-mail and certain coursework. We instruct users to keep "confidential" material in protected subdirectories. In introductory courses, plagiarism is a consideration. In advanced courses, facilitating cooperation, team work, and information sharing is essential. >Preferences to set the file creation default permissions to allow access to >files only by the owner. We find this unacceptable. We create all home directories protected 755, and insist that permissions never be lower than 711. Otherwise many things (calendar, finger, inews, etc.) break. >You'll probably want to create some user groups to separate students, staff, >and administrative users. We call this approach "unclear on the concept." The purpose of groups is to provide users with ADDITIONAL access. Users who need access to licensed source code are added to an appropriate group. Students taking classes receive a group "cookie" for each class they're registered in. (There is another factor here too--it's hard to distinguish between students and staff when a lot of the system maintenance is done by students and the staff members are getting fee waivers to register for classes...) > We use >the student's birthdate as their initial password. We don't, it's too easy to obtain. >My backup procedure has been simplified since my management neglected to >budget a tape drive. Those of you with tapes, what evaluations and >suggestions do you have? We use Exabyte (8200). It's good enough for our needs. >(We don't even have an external network connection yet. When you do, I sincerely hope it's routed and not bridged. >Not all Unix thingies will know about NetInfo, so you should keep a passwd >file. We consider those "broken"--those thingies won't work with YP/NIS either. >vaguely recall that quotas weren't implemented under 1.0. Is anybody doing >disk quotas? Quotas are evil; they discourage users from learning how their greed impacts others. We're not here to parent users, we just provide a model electronic ecosystem. If they deplete their resources, they become extinct. A very simple concept... -=EPS=-