Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!seismo!rutgers!mit-eddie!apollo!pato From: pato@apollo.uucp (Joe Pato) Newsgroups: comp.sys.apollo Subject: Re: PROJLIST Message-ID: <35819002.8784@apollo.uucp> Date: Tue, 16-Jun-87 11:20:00 EDT Article-I.D.: apollo.35819002.8784 Posted: Tue Jun 16 11:20:00 1987 Date-Received: Sun, 21-Jun-87 07:17:58 EDT References: <970@vaxb.calgary.UUCP> Reply-To: pato@apollo.UUCP (Joe Pato) Organization: Apollo Computer, Chelmsford, MA Lines: 44 In article <970@vaxb.calgary.UUCP> freedman@calgary.UUCP (Dan Freedman) writes: > >Does anyone know what the PROJLIST environment variable is used for? >In the manuals, this variable is reported to be used to determine >whether users are "placed in their project lists" (or some such) when >they log in. What does this mean? What are the advantages / disadvantages >of being placed in one's project list? Our local Apollo people don't know. > > Dan Freedman. > The University of Calgary Computer Science Department. With BSD4.1a and later BSD derived versions of UNIX, a user process has a set of groups associated with it. (these groups can be examined with getgroups(2) and set with setgroups(2) ). When checking access permissions, (assuming arguendo that the group access bits are the only ones of interest) you are granted access to a file if you are a member of a group that has group permissions to that file. You do not need to have a real or effective group ID of the file's group, you merely must have that group in your process' group set. Normally a process' group set corresponds to the list of groups the user belongs to (the login group in /etc/passwd plus the groups that this user is a member of as defined by /etc/group). /bin/login does this by calling initgroups(3X). This functionality essentially renders the old newgrp(1) command obsolete. Apollo provides this functionality in a number of ways. If the UNIXLOGIN environment variable is set in the node's startup script, then logins will exhibit this behavior, but will also causes some other "unix oriented" changes to the login sequence. The PROJLIST (note that in AEGIS terminology projects are equivalent to UNIX groups hence the name PROJLIST) environment variable was created to allow users to retain the AEGIS login sequence while accessing this functionality. If neither the UNIXLOGIN nor the PROJLIST environment variables are set, then login will not establish a set of associated groups, and only the real and effective group IDs will be used for access control checking. This behavior is consistent with pre sr9.0 Aegis and with ATT SYSV UNIX. Joe Pato UUCP: ...{attunix,uw-beaver,brunix}!apollo!pato Apollo Computer Inc. ARPA: apollo!pato@mit-eddie.arpa