Frozen Fish 1: Amiga

home *** CD-ROM | disk | FTP | other *** search

/ Frozen Fish 1: Amiga / FrozenFish-Apr94.iso / bbs / dec93 / os20 / util / multiuser.lha / MultiUser / MultiUser.doc < prev next >

Wrap

Text File | 1993-12-21 | 59.4 KB | 1,515 lines

/ / / / / / / / \ \ \ \/ / / -+*+- MultiUser Release 1.5 -+*+- \ \/\ \/ / \ \/\ \/ DISCLAIMER WITH THIS DOCUMENT I MAKE NO WARRANTIES OR REPRESENTATIONS, EITHER EXPRESSED OR IMPLIED, WITH RESPECT TO THE PRODUCT DESCRIBED HEREIN. THE INFORMATION PRESENTED HEREIN IS BEING SUPPLIED ON AN 'AS IS' BASIS AND IS EXPRESSLY SUBJECT TO CHANGE WITHOUT NOTICE. THE ENTIRE RISK AS TO THE USE OF THIS INFORMATION IS ASSUMED BY THE USER. IN NO EVENT WILL I BE LIABLE FOR DIRECT, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES RESULTING FROM ANY CLAIM ARISING OUT OF THE INFORMATION PRESENTED HEREIN, EVEN IF I HAVE BEEN ADVISED OF THE POSSIBILITIES OF SUCH DAMAGES. COPYRIGHT This package is shareware. This means you can copy it freely as long as you don't ask any money for it, except perhaps a nominal fee for copying. If you like and use this package on a regular base, I'd appreciate it if you send me a contribution of 500 BEF or USD 15. Please send money by International Money Order, EuroCheck (in BEF!) or Cash, because it's very difficult for me to cash in other checks. This package should not be spread in any other form than an LhA archive and all parts of it should be spread together. The package may not be altered in any way and cannot be used for commercial purposes without the prior written permission of the author. This does not apply to the source of the support commands, they are full public domain, only the copyright message should be preserved. The package is Copyright © Geert Uytterhoeven, All Rights Reserved. The author reservers the right to change the status of this package whenever he may find it appropriate. The rules above do not apply to the external utilities, for which I don't give any warranties. Read the appropriate documentation for information about their disclaimers, distributability and copyright notices. CONTENTS Introduction System Requirements Installation The password file The configuration file The group file Support Commands The log file Caveats External utilities Other software supporting MultiUser History Plans for the future Credits Contacts Special thanks go to ... 1. Introduction You've got an Amiga with Kickstart 2.04 or higher and several people are regularly fooling around with it ... Last week your sister deleted your 20MB JPEG collection by mistake and you don't want this to happen again ... Well, here's the answer: MultiUser! MultiUser allows you to create a *IX-like environment where several users live together in harmony, unable to delete each others files, unable to read those private love-letters of other users ... And this even if several users are working on the machine at the same time (on a terminal hooked up to the serial port) ... You are the sole user of your computer? Well, make sure it stays that way by installing MultiUser! People without a valid login ID and password won't be able to access files you have made private with MultiUser. If you make all files private (not readable for others), the only useful thing they could do, is boot from a floppy ... And ... you do not have to reformat your hard drive! 2. System Requirements Your Amiga should be equipped with Kickstart 2.04 (V37+) or higher, and with a hard drive/controller combination that supports the CBM Rigid Disk Block protocol (e.g. an A590 or A2091, an A3000 SCSI controller, an A4000 IDE controller and most GVP SCSI controllers). MultiUser can NOT be used on floppy drive systems. If you have a controller which does not fully support the Rigid Disk Block protocol (e.g. a Supra Wordsync), please read 'Supra_Wordsync.doc' in the 'Supra_Wordsync' directory before installing. You do need an original FastFileSystem (V36.102 (release 2.04), V36.104 (release 2.05 or 2.1), V39.27 (release 3.0) or V40.1 (release 3.1)), which should have been included with your system software. The package was written on an A4000/040 running Kickstart 39.106 and was tested on the following configurations: o A4000/040, 120 MB IDE harddisk, 2 MB chip ram, 8 MB fast ram o A4000/040, 120 MB IDE harddisk, 2 MB chip ram, 8 MB fast ram, Retina graphics board, Retina WB emulation o A3000T 25MHz, 500+ MB harddisk, 2 MB chip ram and 16 MB fast ram, Kickstart 37.175, GVP '040 accel, Retina graphics board, Retina WB emulation, Vortex 486 SLC board (this is shit!), Amax II+, IV-24 graphics board,... (Not mine :-( A demonstration model in a store Kurt frequently visits :^) o A3000 25MHz, 52 MB + 120 MB harddisk, 2 MB chip ram and some MB static column ram. Kickstart 39.110 (developer) o A500, 20 MB harddisk (A590 XT), 512 K chip ram, 512 K ranger mem, 2 MB fast ram, old chipset, 68010 processor, Kickstart 2.04 softkicked (developer) o A500, 84 or 105 MB harddisk (A590 SCSI), 512 K chip ram, 512 K ranger mem, 2 MB fast ram, old chipset, Kickstart 2.04 softkicked (developer) On all these configuration the package seems to work fine, so I guess you can run it on almost any machine. You do need the reqtools.library version 38 or higher. Reqtools is Copyright © Nico François. 3. Installation WARNING: Read the installation part completely BEFORE you apply it! If you still don't know what we're talking about, you'd better don't use this package! It's NOT for the casual user; managing a MultiUser system is a difficult and tedious task! If anything fails during the installation, don't forget to restore your system to it's original state, else you could be surprised in a very bad way! If you're upgrading from release 1.4 or 1.3 (or even from an older version), please read 'MultiUser.upgrade' first. o Extract the archive and change the current directory to the directory MultiUser located in the directory where you extracted the archive to. (Preferably RAM:) o Install the library and the support commands with the following commands: Copy Libs/multiuser.library LIBS: Copy C/#? C: o The MultiUserFileSystem is distributed as a patch for the original FastFileSystem. There are patches for the FastFileSystems of release 2.04 (V36.102), release 2.05 (V36.104), release 2.1 (V36.104), release 3.0 (V39.27) and release 3.1 (V40.1) of the operating system. Make sure you have one of these FastFileSystems in the L: directory! If it's not there you can copy it from the L directory on the Install disk of the operating system install disk set. If you're not sure about the version of your FastFileSystem use the command 'Version L:FastFileSystem'. Now Create a MultiUserFileSystem with the command: Patch/Patch L:FastFileSystem Patch/MultiUserFileSystem_xxx.patch L:MultiUserFileSystem where xxx stands for '2.04', '2.05', '2.1', '3.0' or '3.1', depending on your operating system release. If you get the message Checksum error in old file Patch failed you used the wrong patchfile or you have an original FastFileSystem which is not supported (or your original FastFileSystem has been corrupted). o Choose the partitions you want to protect and the directory where you want to store the MultiUser configuration stuff. Make sure this directory is located on one of the partitions you want to protect! Let's say your configuration directory is 'App:MultiUser' (Replace 'App:MultiUser' anywhere in this document by the name of your configuration directory if you use another directory name). Copy the configuration stuff to this directory with the following command: Copy Config/#? App:MultiUser o If you've installed the TCP/IP package from Commodore (AS225) you already have a valid password file (inet:db/passwd). The inet:db directory must be located on one of the partitions you want to protect! Make sure there's an entry for a 'root' user with '65535' for the user and primary group number, e.g.: root||65535|65535|The Bastard Operator From Hell|SYS:Homes/Root|cli ^^^^^ ^^^^^ o Append the next line to your 'S:User-Startup' file: Logout GUI GLOBAL o Pick a name for your computer ... This name will appear in the login/logout requester. Let's say you want to call your system 'Pythagoras', then you have to execute the following: Echo 'Pythagoras' >ENVARC:HostName o Let's say you want to protect the partitions 'SYS:' and 'App:'. You can protect as many partitions as you like, just add their name to the list below. Create the required Keyfiles on these partitions with the following command if you haven't installed the TCP/IP package from Commodore: MakeKeyfiles App:MultiUser App:MultiUser SYS: App: TCP/IP users should use a command line like this: MakeKeyfiles inet:db App:MultiUser SYS: App: o Start HDToolBox to install the MultiUserFileSystem. If HDToolBox does not find your hard drive, you probably have to start it from the shell with 'HDToolBox <hddev>', where <hddev> stands for the name of your hard drive controller device (e.g. 'scsi.device' for CBM controllers or 'gvpscsi.device' for GVP controllers). If that fails too, you can't use MultiUser on your system. NOTE: The following text describes the use of the version of HDToolBox that is supplied with AmigaOS Release 3.0. Other versions may slightly differ. x Choose the drive you want to protect. If you want to protect more than one drive, you simply repeat this for each of the drives. Select the drive by clicking on it in the listview where all connected drives are displayed. x Press the <Partition Drive> button. Now a new display should appear containing a large box which may be divided up into several partitions ... x Activate the <Advanced Options> checkbox. Now some additional options should appear ... x Press the <Add/Update...> button in the file system section of the HDToolBox window. (There's only one gadget labeled <Add/Update...>, so you can't miss it.) x Now the window should contain a list of currently installed file systems and some additional buttons. If you are updating your MultiUserFileSystem, there should already be an entry with the 0x6d754653 ('muFS' in HEX ASCII) identifier. If this is the case, click on it and press <Update File System...>, in all other cases, press the <Add New File System...> button. x Now a requester appears. Enter 'L:MultiUserFileSystem' in the string-gadget of the requester and '0x6d754653' in the identifier (also called DosType) gadget. If your version of HDToolBox asks you to enter a version number, you should use 39. Some versions of HDToolbox (the one with 3.0) uses two requesters for the needed information, so it may be necessary to select the <Ok> button of the requester before you can fill in the DosType. x Press the <Ok> button of the requester (if you haven't done this yet). Now you should be back in the File Systems display. Go back to the Partitions display by pressing the <Ok> button. x Select the partition on the drive that you wanna protect. If you want to protect more than one partition (it is recommended to protect all partitions on the drive), you simply repeat the following stuff for every partition. You select a partition by clicking on the part of the large box (which represents your harddisk) that represents that partition. x Press the <Change ...> or <Change File System> button. x Select the <Custom File System> gadget and enter '0x6d754653' ('muFS' in HEX ASCII) into the <Identifier> gadget. x Press the <Ok> button to return to the Partitions display. You should repeat the above steps for all the partitions you wish to protect before continuing ... x Press the <Ok> button to return to the main HDToolBox display. x Press the <Save Changes to Drive> button. Don't care about the warning that this will destroy the data on your partition, no data will be lost :-). If HDToolBox complains that there isn't enough space on the drive to save all the configuration data, you should return to the File System Maintenance section of HDToolBox by pressing <Partition Drive> and <Add/Update ...> buttons. Now you should select another file system than the one with identifier 0x6d754653, press <Delete File System>, return to the main HDToolBox display and try saving the configuration again. Note that you should make sure not to delete any file system that's still used on any partition! This is why it is recommended that all partitions on the drive should use the MultiUserFileSystem. x If everything went OK, select Exit and confirm the reboot request of HDToolBox. Now your machine should automatically reset. o After the reboot, a requester should appear. Simply enter 'root' as login id. You should now be logged in as root, having access to all files. o The first thing you should do is to change your password. This is done by entering the Passwd GUI command in a shell you open or with the <Execute Command ...> option of the Workbench. You are prompted to enter your old password, so simply press enter. Now you are asked to enter your new password twice. If you enter the same password twice, this will from now on (until you change it again) be the password root has to enter at a login request. o Now you have to protect some important files using the MProtect and SetOwner[37] commands. We will use SetOwner in this description, but if you aren't using Kickstart 39.xx or higher, you should use SetOwner37 instead! You should protect the Keyfiles on all protected partitions. Execute the following commands for every protected partition: SetOwner <VOL>.MultiUser.keyfile root MProtect <VOL>.MultiUser.keyfile R where <VOL> stands for a partition name (e.g. 'SYS:' or 'App:' in our example). Protect some other important files, too: SetOwner App:MultiUser/passwd root MProtect App:MultiUser/passwd RWD SetOwner App:MultiUser/MultiUser.config root MProtect App:MultiUser/MultiUser.config RWD SetOwner App:MultiUser/MultiUser.group root MProtect App:MultiUser/MultiUser.group RWD SetOwner App:MultiUser/.profile root MProtect App:MultiUser/.profile SRWED GROUP R OTHER R SetOwner S:Startup-Sequence root MProtect S:Startup-Sequence SRWED GROUP R OTHER R SetOwner S:User-Startup root MProtect S:User-Startup SRWED GROUP R OTHER R SetOwner SYS:Tools/HDToolBox root MProtect SYS:Tools/HDToolBox RWED ... and any other files you wish to protect ... It is recommended to leave most files readable for others, except of course the files you really wanna keep to yourself. .info files and .backdrop files should be readable for everybody if you don't want complications when using the Workbench. o Do NOT forget to make a backup of all Keyfiles, in case an accident occurs! 4. The password file The password file contains all the information the system needs on the users that are allowed to access the system. This file (named 'passwd') must be located in the PASSWDDIR directory, as specified with the 'MakeKeyFiles' command. Each line of the file contains information on one user. The syntax of such a line is as follows: <userid>'|'<passwd>'|'<uid>'|'<gid>'|'<name>'|'<home>'|'<port> <userid> is the same as the name this user will need to give at a login request. This name may be upto 31 characters long. <passwd> if the user has a password, this is his coded password. If you add new users, you should make this field empty, this means the user doesn't have a password yet. Then login as that user and change his password using the Passwd command. <uid> is the user identifier, a number between 1 and 65535. Each user should have a different user identifier! The identifier 65535 is reserved for root! <gid> is the primary group identifier, a number between 0 and 65535. Users with the same group identifier belong to the same group and can access each others files depending on the group-protection bits. Users with different group identifiers can access each others files depending on the other-protection bits. The identifier 65535 is reserved for root! For users belonging to more than one group, see the group file section. <name> is the real name of the user. You can enter whatever you like for this. At the moment this is limited to 219 characters. This name is displayed when user information is asked using the UserInfo command. <home> is the home-directory of the user. When a logout is performed, a requester will appear prompting for a new login. If a user logs in using this requester, the current directory will be changed to the home of this user and the local environment variable HOME will be set to the name of the home-directory. This doesn't happen when a Login command is used. <port> is only used by the TCP/IP package from Commodore (AS225). If you haven't installed that package you should leave this field empty. A passwd file could look like this: root||65535|65535|The Bastard Operator From Hell|SYS:Homes/Root|cli geert|Fqhg_IYBiU`|2|1|Geert Uytterhoeven|SYS:Homes/Geert|cli kurt|fNXjuAgFBFF|3|2|Kurt Haenen|SYS:Homes/Kurt|cli guest||1|0|Anonymous Guest|SYS:Homes/Guest|cli If there are bad lines in the password file, a warning will be posted and the bad line will be ignored. The warning requester will disappear automatically after 10 seconds if the user doesn't respond. 5. The configuration file The configuration file defines some settings. This file (named 'MultiUser.config') must be located in the CONFIGDIR directory, as specified with the 'MakeKeyFiles' command. It contains lines with options and values - in the form <OPTION>=<VALUE> -, and comments. Comments must be preceeded with a semicolon. If an option is missing, the default value will be taken. 0 is used for OFF, 1 for ON. The 'MultiUser.config' example delivered with the package reflects the default settings. If there are bad options in the configuration file, a warning will be posted and the bad line will be ignored. The warning requester will disappear automatically after 10 seconds if the user doesn't respond. 5.1. LIMITDOSSETPROTECTION If this options is turned on, the protection bits for GROUP and OTHER can no longer be changed with the dos.library/SetProtection() call. Of course you can still change the protection bits for GROUP and OTHER with the MProtect command (or with the library call muSetProtection()). It's very useful because a lot of programs change the protection bits without knowing about bits for GROUP and OTHER. Defaults to ON. See also the support command LimitDOSSetProtection. 5.2. PROFILE If this option is turned on and there exists a script file '.profile' in the configuration directory, it will be executed after each login prompt by the support command Logout. Defaults to ON. The '.profile' example delivered with the package displays a 'Message_Of_The_Day' if it exists in the configuration directory (change the directory in the '.profile' if you have a different configuration directory than 'App:MultiUser') and executes a '.profile' if it exists in the user's home-directory. 5.3. LASTLOGINREQ If this option is turned on, there will appear a lastlogin requester after each graphical login. Defaults to ON. 5.4. LOGSTARTUP If this option is turned on, every startup or reinitialisation of the MultiUser.server will be logged to the file 'MultiUser.log' in the configuration directory. Defaults to OFF. 5.5. LOGLOGIN If this option is turned on, every successful login will be logged to the file 'MultiUser.log' in the configuration directory. Defaults to OFF. 5.6. LOGLOGINFAIL If this option is turned on, every unsuccessful login will be logged to the file 'MultiUser.log' in the configuration directory. Defaults to OFF. 5.7. LOGPASSWD If this option is turned on, every successful password change will be logged to the file 'MultiUser.log' in the configuration directory. Defaults to OFF. 5.8. LOGPASSWDFAIL If this option is turned on, every unsuccessful password change will be logged to the file 'MultiUser.log' in the configuration directory. Defaults to OFF. 5.9. LOGCHECKPASSWD If this option is turned on, every successful password check (see the library function muCheckPasswd()) will be logged to the file 'MultiUser.log' in the configuration directory. Defaults to OFF. 5.10. LOGCHECKPASSWDFAIL If this option is turned on, every unsuccessful password check (see the library function muCheckPasswd()) will be logged to the file 'MultiUser.log' in the configuration directory. Defaults to OFF. 5.11. PASSWDUIDLEVEL Users with a user identifier greater or equal than the specified value are allowed to change their passwords. Specify a value in the range 0..65535. E.g. if you specify a value of 2, a guest user with a user identifier of 1 cannot change his password, unless his primary group identifier is greater than the PASSWDGIDLEVEL. See also the option PASSWDGIDLEVEL. Defaults to 0. 5.12. PASSWDGIDLEVEL Users with a primary group identifier greater or equal than the specified value are allowed to change their passwords. Specify a value in the range 0..65535. E.g. if you specify a value of 1, all users in a guest group with a primary group identifier of 0 cannot change their passwords, unless their user identifiers are greater than the PASSWDUIDLEVEL. See also the option PASSWDUIDLEVEL. Defaults to 0. 6. The group file The group file contains more information about the groups and defines the secondary groups a user belongs to, and thus allows a user to belong to more than one group. This file (named 'MultiUser.group') must be located in the CONFIGDIR directory, as specified with the 'MakeKeyFiles' command. This file exists out of two parts, separated by a blank line. Each line in the first part of the file contains information on one group. Note however that not every group should have a line in this file, but at least one must have one. The syntax of such a line is as follows: <GroupID>|<gid>|<MgrUid>|<GroupName> <GroupID> is the short name of the group. This name may be upto 31 characters long. <gid> is the group identifier for this group, a number between 0 and 65535. <MgrUid> is the user identifier of this group's manager. If the group doesn't have a manager, you should specify 0. It is not necessary that a group's manager belongs to the group. <GroupName> is the full name of the group. This name may be upto 219 characters long. Each line in the second part of the file contains information on one user (there may exist more than one line for each user). The syntax of such a line is as follows (max. about 1024 characters): <uid>:<gid>[,<gid>...] <uid> is the user identifier of a user. <gid> is the group identifier of a secondary group to which the user belongs. It is NOT necessary to specify the primary group number (as specified in the passwd file) as one of the secondary groups. A group file could look like this: root|65535|65535|System dev|1|65535|Developers stud|2|2|Students guest|0|65535|Anonymous Guest 2:2,65535 3:1 If there are bad lines in the group file, a warning will be posted and the bad line will be ignored. The warning requester will disappear automatically after 10 seconds if the user doesn't respond. 7. Support Commands The support commands are used to login to/logout from the system, change the protection bits of a file, change the owner of a file, change the default protection bits for a group of tasks, ... The number of support commands may grow in future releases. Here are the commands that are currently supported. They can only be executed from the shell or with the <Execute Command...> option of the Workbench. 7.1. LimitDOSSetProtection This command defines whether the protection bits for GROUP and OTHER may be changed via the dos.library/SetProtection() call. It's very useful because a lot of programs change the protection bits without knowing about bits for GROUP and OTHER. See also the option LIMITDOSSETPROTECTION in the configuration file. Options ... ON Turn the limitation on. This means the protection bits for GROUP and OTHER no longer can be changed with the dos.library/SetProtection() call. Of course you can still change the protection bits for GROUP and OTHER with the MProtect command (or with the library call muSetProtection()). OFF Turn the limitation off. 7.2. Login This command will put a new owner on top of the current owner of the task. *IX users may think of this as the *IX su command. The effect of a successful login can be reversed with the Logout command. The owner-list of a task is sort of a stack: with Login you put a new owner on top of the stack, with Logout, you take an owner of the stack (unless the stack is empty). Options ... GUI Normally the login prompt appears in the shell-window that was used to execute Login, but if this option is specified, a requester is used. TASK Login another task than the one we're currently working in. A task name should be specified after the TASK keyword. You can only login tasks which you own (unless you are root)! OWN Login another task than the one we're currently working in by changing it's owner to the owner of the current task. This works only with tasks that are owner by nobody (unless you are root)! This option must be used in conjunction with the TASK option. GLOBAL Login all tasks connected to the current task. It's a bit difficult to explain what connected means, but you could say that a parent task and all its children are connected unless one of them was logged in/out without the GLOBAL option. PROCESS Login another process than the one you're currently working in. A process number (as displayed by the Status command) should be specified after the PROCESS keyword. You can only login processes which you own (unless you are root)! 7.3. Logout This command is the inverse of Login if the stack of owners of the current task isn't empty. If the stack is empty or becomes empty after executing the Logout command, a login prompt will appear. After login, the current directory will be changed to the user's home-directory, and depending on your configuration settings, the '.profile' script in the configuration directory may be executed. Options ... GUI If a login request is generated by Logout, should it use a requester? TASK See Login GLOBAL This option only works when the owner stack is or becomes empty when executing the Logout command. If this option is specified in such a case, not only this task will change its owner, but all connected task as well. It's a bit difficult to explain what connected means, but you could say that a parent task and all its children are connected unless one of them was logged out without the GLOBAL option. It's very useful to logout all your tasks from your current session. QUIET Tells logout never to generate a login request. If the owner stack becomes empty, you will simply be logged in as nobody. This may be removed in future releases, but since it isn't really useful, this shouldn't be a problem. PROCESS See Login ALL Remove all users from the stack of owners. Specifying this option has the same effect as using 'Logout' until you get a login request. 7.4. MakeKeyfiles This command creates the Keyfiles. Every partitions you want to use with the MultiUserFileSystem must have a Keyfile ('.MultiUser.keyfile') in its root directory. If one of them is missing or inconsistent, all tasks will be owned by nobody to prevent unprivileged accesses, and an alert will be posted! Do NOT forget to make a backup of all Keyfiles, in case an accident occurs! Options ... PASSWDDIR The directory where you've put the password file. This directory must be on one of the protected partitions. CONFIGDIR The directory where you've put the configuration and group file. This directory must be on one of the protected partitions. VOLUME The list of partitions you want to protect. 7.5. MAssign This command lets you create non-binding assigns (i.e. assigns which are evaluated each time you use them) for a template path. You should start it from a shell using 'Run' (since MAssign won't return until you send an ACTION_DIE DosPacket). MAssign must be run by root, so change its owner to root and set its 'U'-bit (see MProtect). Options ... NAME The logical device name for the assignment to create. It should end with a colon (':'). This name will show up in ReqTools requesters too, but unfortunately not in asl requesters, so use RTPatch (© Nico François)! TARGET Template path for the assignment. It may contain option specifiers which are replaced by a string - depending on the calling user - on every usage. %u UserId of the calling user %h Home directory of the calling user %g GroupID of the calling user %% % E.g. after the command Run MAssign HOME: %h every user can refer to his/her home directory simply by using HOME:. If you want a separate ENVARC: directory for every user you can use the following two commands: Assign ENVARC: DISMOUNT Run MAssign ENVARC: SYS:Prefs/Env-Archive/%u This technique can easily be extended to ENV:, S:, MAIL:, ... The 'Assign ... DISMOUNT' is only necessary if you want to redefine an assign which already exists. 7.6. MList This is a simple list replacement. It takes none, one or more path-names as parameters and lists the files in those path(s) or in the current directory if no path-name was specified, together with all their protection bits and some other info. It recognizes the new 'U' protection bit. Options ... DIR The pathname(s) or the directory(s) you want information on. The standard AmigaDOS wildcards may be used here. GROUPS Display the GroupIDs for the files. 7.7. MProtect This command changes the protection flags for files or directories. Options ... FILE The file or directory you want to change the protection flags of. The standard AmigaDOS wildcards may be used here. FLAGS The protection flags used for the owner of the file. Valid flags are none or some out of: U Set uid bit: during execution, change the owner of the process (i.e. the uid and gid) to the owner of the file (cfr. *IX). This even works if you make the program resident. However, this only works after the multiuser.library has been initialised. If you put programs with the 'U' bit on in your S:User-Startup, make sure you do it after the 'Logout GLOBAL' command, or put 'UserInfo <>NIL:' before the first of them to assure the library has been loaded! If you set the 'U' bit together with 'GROUP W' or 'OTHER W', you will get a warning because this is a very dangerous situation :-) S Script bit: file is a shell script. P Pure bit: program is reentrant and reexecutable. A Archive bit: file has been backed up or archived. R Read bit: file is readable. W Write bit: file is writable. E Execute bit: file is executable. D Delete bit: file is deletable. GROUP The protection flags used for users in the same group as the owner of the file. Specify them after the GROUP keyword. Valid flags are none or some out of 'R', 'W', 'E' and 'D'. OTHER The protection flags used for users outside the owner's group. Specify them after the OTHER keyword. Valid flags are none or some out of 'R', 'W', 'E' and 'D'. ADD Add all specified protection flags to the flags that are already set. SUB Subtract all specified protection flags from the flags that are already set. ALL Recursively scan all directories from within the specified directory and process all found files and directories. QUIET Process silently, but do report errors. 7.8. Passwd The Passwd command is used to change your password. Simply type in the command in the shell and you will be prompted to enter your old password and type your new password twice. If you did this correctly, your password will be changed! Options ... GUI If this option is specified, Passwd uses requesters to prompt for your passwords instead of simple console I/O. 7.9. SetDefProtect This commands sets the default protection bits for the current task. Options ... FLAGS The protection flags used for the owner of the file. See MProtect ('U' is not valid here). GROUP The protection flags used for users in the same group as the owner of the file. Specify them after the GROUP keyword. See MProtect. OTHER The protection flags used for users outside the owner's group. Specify them after the OTHER keyword. See MProtect. GLOBAL Change the default protection bits not only for the current task, but for all tasks on the same level. 7.10. SetOwner This command is used to change the owner of a file. You can only change the owner of files you own or of files that are owned by nobody, unless you're root. If you don't have Kickstart 39.xx or higher, you should use SetOwner37 instead of SetOwner! Options ... FILE The file or directory you want to change the owner of. The standard AmigaDOS wildcards may be used here. USER The UserID of the user that should become the owner of the file or directory. If no user is specified, the current task owner will be taken. You're not allowed to change the owner of a file to someone else than yourself or nobody, unless you're root. GROUP The GroupID of the group for the file or directory owner. If you don't specify any group, the user's primary group will be taken. Of course you must specify a group you belongs to (i.e. your primary group or one of your secondary groups), unless you're root. NOBODY Set the owner of the file or directory to nobody. ALL Recursively scan all directories from within the specified directory and process all found files and directories. QUIET Process silently, but do report errors. 7.11. Tasks This command lists the active tasks of a user. Options ... USERID List the active tasks of the specified user. Default is the current user. ALL List all active tasks. 7.12. UserInfo This command can be used to get some information on the users of this system. It will display the UserID and uid, GroupID and gid, name, home-directory, lastlogin date and the contents of a '.plan' file if it exists in the home-directory of the appropriate user. Options ... USERID Give information on the user with the specified UserID. The UserID is the name you have to enter at a login prompt. The standard AmigaDOS wildcards may be used here. Default is the current user. UID Same as USERID, but this time information on the user whose user ID is specified is listed. The user ID is the number given as second entry in the passwd file. Specify the userid after the UID keyword. GID Same thing as UID, but this time for all users in the group with the specified group ID. Specify the group ID after the GID keyword. NAME Gives information on the user with the specified real name. Specify the name after the NAME keyword. The standard AmigaDOS wildcards may be used here. GROUPID Gives information on all the users in the group with the specified GroupID. Specify the GroupID after the GROUPID keyword. GROUPNAME Gives information on all the users in the group with the specified Group Name. Specify the Group Name after the GROUPNAME keyword. ALL Give information on all the users of this system. This means all users listed in the passwd file. Q=QUICK If you add this option, only the UserID(s) will be displayed. This is very useful for scripts and aliases. E.g. after the alias definition Alias HCD CD SYS:Homes/*`UserInfo QUICK []*` the command 'HCD guest' will change the current directory to guest's home directory, supposed all your users have a home-directory in SYS:Homes. GROUPS If you add this option, the secondary groups a user belongs to will be displayed too. 7.13. Who This command lists the names and UserIDs of all users who are logged in currently. Options ... AM I Display only the name and UserID of the current user. Q=QUICK If you add this option, only the UserID(s) will be displayed. 8. The log file Depending on your configuration file, some actions will be logged to the file 'MultiUser.log' in your configuration directory. The following kind of entries may appear therein (<user> stands for a user represented by his user identifier, <userid> stands for a user represented by his UserID): o <date>, <time>: Startup MultiUser startup on <date>, <time>. o <date>, <time>: Login from <user> to <UserID> <UserID> was logged in from a task owned by <user> on <date>, <time>. <user> will be '0000' if the Logout command was used instead of Login. o <date>, <time>: Login from <user> to <UserID> failed <UserID> failed to login from a task owned by <user> on <date>, <time>. <user> will be '0000' if the Logout command was used instead of Login. This may indicate an attempt of <user> to do an unauthorized login on the account of <UserID>! o <date>, <time>: Passwd for <user> <user> changed his password on <date>, <time>. o <date>, <time>: Passwd for <user> failed <user> failed to change his password on <date>, <time>. o <date>, <time>: CheckPasswd for <user> The password check ((see the library function muCheckPasswd()) on <date>, <time> for <user> was successful. o <date>, <time>: CheckPasswd for <user> failed The password check ((see the library function muCheckPasswd()) on <date>, <time> for <user> was unsuccessful. This may indicate an attempt of an unknown person to make unauthorizedly use of the account of <user>! 9. Caveats o Unlike the FastFileSystem, the MultiUserFileSystem returns an error on illegal lock modes (i.e. anything else than ACCESS_READ/SHARED_LOCK or ACCESS_WRITE/EXCLUSIVE_LOCK). This has been done for future compatibility reasons. However, some programs do pass illegal lock modes - which is a violation of the Amiga rules - and thus will fail to work. o The .profile will not be executed under Csh because Csh is not a real (Amiga) shell but rather an interactive program. o Csh expands wild cards by itself, so quote them (e.g. "*") if you use the support commands. o Do not try to use the MultiUserFileSystem on floppy disks (or other removables)! Although it is possible, you will almost always get in trouble with the Keyfiles. Keeping your floppies in a safe place is still the best protection! o ARexx programs are always executed under the same ownership as the RexxMaster task - which is started by RexxMast -, so make sure the RexxMast command is executed by NOBODY (i.e. before the first Login/Logout command) and do not set the set uid bit for RexxMast! o The protection bits for a directory are not used to check if a user has access to objects in the directory. They do are used to check if a user can Lock() the directory, so you can't CD to a directory you have no access to. 10. External utilities The Extern subdirectory in the archive contains utilities written by other programmers who allowed me to distribute them in the MultiUser package. Some may have the source included, other not. Although I've tested them and they seemed to work, I don't give any warranties! For more information about their usages, disclaimers, distributability and copyright notices, refer to the appropriate documentation. Currently the following external utilities are included: o UserID by Fabian Nuñez (fnunez@cs.uct.ac.za) There's also an announce for a soon-to-release utility: o MuMu by Litrik De Roy If you write an interesting piece of software you want me to distribute as an external utility, please send it to me and I'll add it to the package. 11. Other software supporting MultiUser o ReOrg V3.1: disk optimizer by Holger Kruse (kruse@cs.ucf.edu) o newlist8: 'ls' clone by Phil Dietz (pdietz@cse.unl.edu) If you write an interesting piece of software that supports MultiUser, please let me know and I'll add it to the list above. 12. History Release 1.0ß (Library Version 39.134) First public release of MultiUser. All the work on this one was done by Geert Uytterhoeven. Internal Release (Library Version 39.135) Update of the library and the support programs to allow global logging out. (Kurt Haenen) o The way the library manages the linking of tasks and owners was changed to allow a kind of global control over all tasks of a single user. It still isn't quite the way I'd like it, but it's getting closer ... o The GLOBAL option was added to the Logout command to allow the user to logout all tasks connected to the same tasknode (private structure). This means that you can logout/login a task and all its children by executing a LOGOUT GLOBAL command from one of them. Very useful 'cause now you can logout the Workbench without having to quit it ... o TASK option added to Login and Logout to allow you to Login/Logout another task (of which you are the owner or that's owned by nobody or whatever task if you are root). o QUIET option added to Logout to force Logout so that nobody will become owner of the task. We're still discussing this, so it may be removed again in the future ... Internal Release (Library Version 39.136) Update of the file system, library and support programs so that default protection bits can be set and are used by the file system. (Geert Uytterhoeven) o The file system and library were updated to keep track of default protection bits and to use them whenever a file is created. o A new utility SetDefProtect (name may change in the future) was added to allow the user to specify the default protection bits for a tasknode. Release 1.1 (Library Version 39.137) Update of the library to support .profiles and allow hiding of the password on any terminal (I hope)! Update to the file system to support protection of files against locking. (Geert Uytterhoeven and Kurt Haenen) o The Logout command now also executes a .profile script after login. o An exclusive lock can only be taken on a file you have write-, or delete-rights on. A shared lock can be obtained on a file you have read-, write-, execute- or delete-rights on or that's owned by you. o The UserInfo command can now display the .sig file located in the home of the user on which info is demanded. To do this, you have to give the SIG option. The .sig file should be readable for the one asking information about the owner of the .sig! Release 1.2 (Library Version 39.140) Starting with this release, all the work was done by Geert Uytterhoeven. o The password file should be compatible with the TCP/IP package from Commdore (AS225) (I hope :-). o Wildcards added in some support commands. o If a user don't have a password he won't be asked for it no more during Login/Logout. o Finally: autodoc and includes added!! o .sig renamed to .plan. SIG option renamed to PLAN. o PURE bit set for the support commands. They were also pure in earlier releases, but I forgot the magic bit. o Some other minor changes I can't remember :-) Release 1.2a (Library Version 39.141) Only some bug fixes :-( o SetOwner37: opened wrong dos.library version. o Setowner[37]: crashed when bad operating system version. o Password encryption still wasn't compatible with AS225 because of an ambiguity in the ACrypt() documentation (I passed the UserName instead of the UserID). Release 1.3 (11/05/93) (Library Version 39.145) WARNING: THIS IS A MAJOR UPDATE WITH SOME FUNDAMENTAL CHANGES!! YOU SHOULD CHECK YOUR OWN MULTIUSER APPLICATION SOURCES AND RECOMPILE THEM!! o Using history after changing the password from the console doesn't reveal the entered passwords anymore. o Bug fixed: If you used Passwd before IPrefs installed localization or in case of a pre-2.1 Workbench, a corrupt password file was written (RawDoFmt() patched by locale.library treats %u different than the original). o New less kludgy, object oriented internal structure. o Meaning of tag muT_Task changed. Now it needs a pointer to a task structure rather than the task's name. o Library function muSetDefProtection() renamed to muSetDefProtectionA(): its arguments are now passed via a taglist using the tag muT_Task and the new tag muT_DefProtection. o If you're already root you won't be asked for a password anymore during Login. o GLOBAL flag added to SetDefProtect. o PROCESS keyword added for Login/Logout. o New tags muT_UserID and muT_Password added for muLoginA(). o You aren't allowed anymore to change the owner of a file to someone else than yourself or nobody, unless you're root. o Owner change during execution (set uid bit, cfr. *IX) added. o Source of support commands added as examples. They are full public domain. If you develop your own support commands I'd appreciate it if you would send me a copy (eventually a copy of the source too :-). Maybe I could add them to the next release of the package. o From now on the MultiUserFileSystem is distributed as a patch for the original FastFileSystem. o New support command Tasks. o New library functions muSetProtection() and muLimitDOSSetProtection(). New support command LimitDOSSetProtection. Release 1.4 (20/07/93) (Library Version 39.151) o Logout QUIET was broken: fixed! o If the password file is corrupt, you will get a warning instead of an inaccessible system. All invalid lines will be ignored. o The ramlib task isn't owned by root anymore. o UserInfo entered an endless loop if a .plan was read protected: fixed! o SetOwner37 caused a (harmless) Enforcer hit (thanks Max): fixed! o New keytypes muKeyType_WUserID, muKeyType_WUserName, muKeyType_WUserIDNext and muKeyType_WUserNameNext for muGetUserInfo() to handle wildcards in a UserID or UserName. o UserInfo uses the new keytypes and thus allows wildcards for UserID and UserName. o New library function muCheckPasswd(). o The MultiUser.server doesn't spawn AmigaDOS-requesters anymore. o The support commands MList, MProtect and SetOwner[37] now handle non-matching wildcards correctly and give the right error message. o Enhanced security using Keyfiles. o The (private) library function muSetLibFlush() is obsolete now. o Configuration file and log options added. o The .profile in the configuration directory will be executed (depending on your configuration settings), rather than the .profile in a user's home-directory. o New library functions muGetPasswdDirLock() and muGetConfigDirLock(). o Patch for the FastFileSystem of AmigaOS Release 2.05 (V36.104) added. o QUICK flag added for UserInfo. o If the user doesn't respond to a warning requester, the requester will disappear automatically after 10 seconds to allow unattended operation in production environments. o Bug fixed: If you specify a nonexistent task name, Login/Logout TASK raises an error now instead of operating on the current task. o Security hole fixed: now set uid only works on volumes using the MultiUserFileSystem. o The .lastlogin file is human readable now (i.e. <Day> <Date> <Time>). o The PLAN flag for UserInfo is obsolete now, UserInfo always displays the contents of the .plan file (unless you specify the QUICK flag). Now UserInfo displays the lastlogin date too. o Almost all of Kurt's code is gone now (I hope this won't start an AT&T/USL <-> BSD alike war :-). o Finally Passwd looks fine when used from a Shell on a serial terminal: now it dumps carriage returns where it should. I still don't know why muLogin()/Logout() always worked correctly and Passwd not (in both cases I used almost the same code!), but who cares?? Release 1.5 (14/10/93) (Library Version 39.157) o Patch for the FastFileSystem of AmigaOS Release 3.1 (V40.1) added. o Bug fixed: If the multiuser.library hasn't been loaded yet or the owner of a DosPacket can't be found, the default protection bits are now RWED GROUP R OTHER R instead of RWED. o New support command Who. o External utility UserID added. o Now MultiUser works fine with programs using Soft Interrupts for their packet I/O, especially programs using ixemul.library (i.e. gcc/g++ and programs compiled with gcc/g++). Thanks Markus! o Bug fixed: If the LASTLOGINREQ option is turned off, Logout GUI won't output to a console window anymore. o Autodoc bug fixed: muLogoutA() executes the .profile in the configuration directory rather than the .profile in the user's home-directory. o New tag muT_All for muLogoutA(), new flag ALL for Logout. o The library functions muGetPasswdDirLock() and muGetConfigDirLock() are now callable by everybody instead of root only. o Partitions formatted under the MultiUserFileSystem for more security (which results in a format equivalent to FFS INTL) can now be converted to any other MultiUserFileSystem equivalent of the standard file system (e.g. OFS or FFS DC) using ReOrg 3.1. Thanks Holger! o Group file added, new structure muGroupInfo, new according keytypes and new library functions muAllocGroupInfo(), muFreeGroupInfo() and muGetGroupInfo(). o New flag GROUPS for MList, new flag GROUPS and new options GROUPID and GROUPNAME for UserInfo, new option GROUP for SetOwner and SetOwner37. o New structure muExtOwner, new library functions muGetTaskExtOwner() and muUserInfo2ExtOwner(), new macros muSecGroups() and muExtOwner2ULONG(). o New library function muGetRelationshipA() for easier access control. o Bug fixed: If you called SetOwner(), SetProtection(), SetComment() or SetFileDate() too many times on files or directories you have no access to, the file system crashed. This bug appeared in all subsequent releases! o New structures muMonitor and muMonMsg, new library functions muAddMonitor() and muRemMonitor() for system monitoring. o Minor changes in the format of the log file. o New support command MAssign. o Bug fixed: the .lastlogin file wasn't recognized using some languages. o Installation method for Supra Wordsync controllers added. Thanks René! 13. Plans for the future o A GUI tool for managing the password and configuration files. o A mail utility. o A console lock. o The multiuser.library should be a part of the MultiUserFileSystem. o A 'safe' backdoor for emergency situations. o Owner change during execution should work for shell scripts too. o A brand new File System: maybe the Linux file system? Any help is welcome! 14. Credits o Library : Geert Uytterhoeven & Kurt Haenen o Support Commands : Geert Uytterhoeven & Kurt Haenen o Documentation : Geert Uytterhoeven & Kurt Haenen o File System Patches : Geert Uytterhoeven Starting with Release 1.2, all the work was done by Geert Uytterhoeven. 15. Contacts How to contact the author ... o E-mail uytterho@cs.kuleuven.ac.be However, I won't read mail on a regular base from July 'till September '93. o Fax +32-16-535823 This is my preferred (fast-'n-easy :-) link to the world from July to September '93. o Snail mail - My home address Geert Uytterhoeven Huysmansstraat 12 B-3128 BAAL BELGIUM - My study address (from October '93 'till end June '94) Geert Uytterhoeven Tervuursevest 119 B-3001 HEVERLEE BELGIUM How to contact the MultiUser mailing list ... (thanks Kai) Mail your comments to mufs@hactar.hanse.de If you want to subscribe to this mailing list, just send an E-mail to listserv@hactar.hanse.de containing a line like this: ADD <address> mufs where <address> stands for your E-mail address. From then on you will receive a copy of all mails sent to the mailing list. For more help about the mailing list, send an E-mail containing only the magic word 'HELP' to the list server (i.e. listserv@hactar.hanse.de). 16. Special thanks go to ... o Nico François for developing ReqTools. o Jorrit Tyberghein for developing the magnificent PowerVisor (We're waiting for release 1.43 :-) o Kurt Haenen, Ives Aerts, Litrik De Roy and Nico François for beta testing. o Kai 'wusel' Siering, Markus Illenseer, Tako Schotanus, Ralph-Thomas Aussem, Max Hantsch, Markus Wild and Jason Gouger for their comments and/or tips. o The Department of Computer Science at the Katholieke Universiteit Leuven for allowing me to use the InterNet for this MultiUser project. o Kai 'wusel' Siering for setting up a mailing list for MultiUser. o Fabian Nuñez for supplying an external utility. o Holger Kruse and Phil Dietz for supporting MultiUser in their programs. o René Laederach for the Supra Wordsync installation tip. / / / / / / / / / / / / / / / / \ \ \ \/ / / / \ \ \ \ / / / \ \ \ \/ / / \ \/\ \/ / \ \ \ \ / \ \/\ \/ Only Amiga makes it possible ... But wouldn't Linux for Amiga be nice! /\ /XX\ /XXXX\ /XXXXXX\ /XXXXXXXX\ /\ \XXXXXXXX/ /\ /XX\ \XXXXXX/ /XX\ /XXXX\ \XXXX/ /XXXX\ /XXXXXX\ \XX/ /XXXXXX\ /XXXXXXXX\ \/ /XXXXXXXX\ \XXXXXXXX/ /\ \XXXXXXXX/ \XXXXXX/ /XX\ \XXXXXX/ \XXXX/ /XXXX\ \XXXX/ \XX/ /XXXXXX\ \XX/ \/ /XXXXXXXX\ \/ \XXXXXXXX/ \XXXXXX/ \XXXX/ \XX/ \/