Path: utzoo!attcan!uunet!lll-winken!abhg!carpet!bill From: bill@carpet.WLK.COM (Bill Kennedy) Newsgroups: comp.unix.microport Subject: Re: Permissions file in HD UUCP Message-ID: <93@carpet.WLK.COM> Date: 13 Jun 88 19:07:06 GMT References: <374@tandem.UUCP> <721@kuling.UUCP> Reply-To: bill@ssbn.WLK.COM (Bill Kennedy) Followup-To: comp.unix.microport Organization: W.L. Kennedy Jr. and Associates Lines: 59 In article <721@kuling.UUCP> bear@stab.se (Bjorn Sjoholm) writes: >In article <374@tandem.UUCP> narayan@tandem.UUCP (Narayan Mohanram) writes: >>I have the HD UUCP from uport, but there is not documentation for >>setting up the Permssions file. [ most deleted, just adding on, Bjorn's last Permissions entry retained... ] ># Host2 & Host3 >MACHINE=host2:host3 \ > READ=/tmp:/usr/spool/uucppublic WRITE=/tmp:/usr/spool/uucppublic \ > COMMANDS=rmail:rnews:uucp \ > REQUEST=yes There is another dandy feature that you can put in, it's the MYNAME directive. This allows you to assume another identity for the session with the machine you are talking to. What? Why do that? This machine (name is "carpet") is a luggable that I take with me on the road. My main system's name is "ssbn". From time to time I need to do something with one of ssbn's neighbors and I don't want to ask the SA to have separate identical accounts for carpet and ssbn. With MYNAME=ssbn in carpet's Permissions file, each machine behaves as though ssbn was calling. There is another practical use for MYNAME. You can permit controlled access to your system for many systems by having them use MYNAME. You give them all a single log in ID and password and tell them to MYNAME=whatever in their Permissions. In your own Permissions file you put a single entry for all of them, LOGNAME=passwdname VALIDATE=whatever and the specific access you wish to allow. I use this to keep an archive for a rather large mailing list. I have no idea how many different sites use it. They all use the same log in ID/password and MYNAME to the same Permissions entry. I give them fairly generous READ permissions and fairly strict WRITE and COMMANDS permissions. MYNAME is also very handy if you need to help debug some other site's uucp connection. Your system can masquerade as the other site and you can help both of them figure out what is going wrong. I am fairly sure that MYNAME can be one thing in the MACHINE (we are calling them) and another in the LOGNAME (they are calling us) entries but I have not tried to be another name when called, only when calling. Two more inputs, a feature and a caution. There is a utility provided called uucheck. If you use uucheck with the -v option it will analyze your Permissions file and tell you, in clear text, how it will be used by uucico. It will also tell you if you made an obvious (to it :-) mistake. You should not use a changed Permissions file until you have sent it through uucheck. Finally, if you have duplicate MACHINE or LOGNAME entries in Permissions only the first one will be used. This can get pretty confusing if you want one form for one "nuucp" and another for another. In the above style I have LOGNAME=nuucp VALIDATE=site1:site2:site3:...:siten with a single set of permissions. When that doesn't do what I want, I assign another log in ID (maybe the same or no password) and make another Permissions entry for it. Sorry for the length but Permissions is a very undocumented part of HDB and one of the most useful features in it. The new edition of the Nutshell book on managing uucp is very helpful (they call HDB BNU). -- Bill Kennedy Internet: bill@ssbn.WLK.COM Usenet: { killer | att-cb | ihnp4!tness7 }!ssbn!bill