jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-20 07:51:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
a546f1cd58
openafs/doc/man-pages/pod8/bosserver.pod
Simon Wilkinson f085951d39 Turn on bos restricted code 
Remove the #ifdef's around the bos restricted mode code. This makes
restricted mode available as part of the standard build, but a server
will not go into restricted mode unless the relevant command line
options are specified, or bos setrestricted is run.

Document bos_setrestricted and bos_getrestricted, and the new
'-restricted' command line option. Add a note to the man pages of
all of the commands whose behaviour is affected by restricted mode.

Add 'setr' and 'getr' aliases for setrestart and getrestart so that
these documented shortcuts continue to work (otherwise they'd be
ambiguous against setrestricted and getrestricted). Note that
setre, setres, and setrest will not work once this patch is applied.

Change-Id: Ie69d21493ea5f78757f0a3d478de43fdaabd3c31
Reviewed-on: http://gerrit.openafs.org/1028
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
2009-12-31 04:54:52 -08:00

210 lines
7.1 KiB
Plaintext
Raw Blame History

=head1 NAME
bosserver - Initializes the BOS Server
=head1 SYNOPSIS
=for html
<div class="synopsis">
B<bosserver> [B<-noauth>] [B<-log>] [B<-enable_peer_stats>]
S<<< [B<-auditlog> <I<log path>>] >>> [B<-audit-interface> (file | sysvmq)]
[B<-enable_process_stats>] [B<-allow-dotted-principals>]
[B<-restricted>] [B<-help>]
=for html
</div>
=head1 DESCRIPTION
The bosserver command initializes the Basic OverSeer (BOS) Server
(B<bosserver> process). In the conventional configuration, the binary file
is located in the F</usr/afs/bin> directory on a file server machine.
The BOS Server must run on every file server machine and helps to automate
file server administration by performing the following tasks:
=over 4
=item *
Monitors the other AFS server processes on the local machine, to make sure
they are running correctly.
=item *
Automatically restarts failed processes, without contacting a human
operator. When restarting multiple server processes simultaneously, the
BOS Server takes interdependencies into account and initiates restarts in
the correct order.
=item *
Processes commands from the bos suite that administrators issue to verify
the status of server processes, install and start new processes, stop
processes either temporarily or permanently, and restart halted processes.
=item *
Manages system configuration information: the files that list the cell's
server encryption keys, database server machines, and users privileged to
issue commands from the B<bos> and B<vos> suites.
=back
The BOS Server is configured via the F<BosConfig> configuration file.
Normally, this file is managed via the B<bos> command suite rather than
edited directly. See the L<BosConfig(5)> man page for the syntax of this
file.
The BOS Server will rewrite B<BosConfig> when shutting down, so changes
made manually to it will be discarded. Instead, to change the BOS Server
configuration only for the next restart of B<bosserver>, create a file
named F</usr/afs/local/BosConfig.new>. If B<BosConfig.new> exists when
B<bosserver> starts, it is renamed to F</usr/afs/local/BosConfig>,
removing any existing file by that name, before B<bosserver> reads its
configuration.
The BOS Server logs a default set of important events in the file
F</usr/afs/logs/BosLog>. To record the name of any user who performs a
privileged B<bos> command (one that requires being listed in the
F</usr/afs/etc/UserList> file), add the B<-log> flag. To display the
contents of the B<BosLog> file, use the B<bos getlog> command.
The first time that the BOS Server initializes on a server machine, it
creates several files and subdirectories in the local F</usr/afs>
directory, and sets their mode bits to protect them from unauthorized
access. Each time it restarts, it checks that the mode bits still comply
with the settings listed in the following chart. A question mark indicates
that the BOS Server initially turns off the bit (sets it to the hyphen),
but does not check it at restart.
/usr/afs drwxr?xr-x
/usr/afs/backup drwx???---
/usr/afs/bin drwxr?xr-x
/usr/afs/db drwx???---
/usr/afs/etc drwxr?xr-x
/usr/afs/etc/KeyFile -rw????---
/usr/afs/etc/UserList -rw?????--
/usr/afs/local drwx???---
/usr/afs/logs drwxr?xr-x
If the mode bits do not comply, the BOS Server writes the following
warning to the F<BosLog> file:
Bosserver reports inappropriate access on server directories
However, the BOS Server does not reset the mode bits, so the administrator
can set them to alternate values if desired (with the understanding that
the warning message then appears at startup).
This command does not use the syntax conventions of the AFS command
suites. Provide the command name and all option names in full.
=head1 OPTIONS
=over 4
=item B<-noauth>
Assigns the unprivileged identity C<anonymous> to the issuer, which is
useful only when authorization checking is disabled on the server machine
(for instance, during the installation of a file server machine.)
=item B<-log>
Records in the F</usr/afs/logs/BosLog> file the names of all users who
successfully issue a privileged B<bos> command (one that requires being
listed in the F</usr/afs/etc/UserList> file).
=item B<-auditlog> <I<log path>>
Turns on audit logging, and sets the path for the audit log. The audit
log records information about RPC calls, including the name of the RPC
call, the host that submitted the call, the authenticated entity (user)
that issued the call, the parameters for the call, and if the call
succeeded or failed.
=item B<-audit-interface> (file | sysvmq)
Specifies what audit interface to use. Defaults to C<file>. See
L<fileserver(8)> for an explanation of each interface.
=item B<-enable_peer_stats>
Activates the collection of Rx statistics and allocates memory for their
storage. For each connection with a specific UDP port on another machine,
a separate record is kept for each type of RPC (FetchFile, GetStatus, and
so on) sent or received. To display or otherwise access the records, use
the Rx Monitoring API.
=item B<-enable_process_stats>
Activates the collection of Rx statistics and allocates memory for their
storage. A separate record is kept for each type of RPC (FetchFile,
GetStatus, and so on) sent or received, aggregated over all connections to
other machines. To display or otherwise access the records, use the Rx
Monitoring API.
=item B<-allow-dotted-principals>
By default, the RXKAD security layer will disallow access by Kerberos
principals with a dot in the first component of their name. This is to avoid
the confusion where principals user/admin and user.admin are both mapped to the
user.admin PTS entry. Sites whose Kerberos realms don't have these collisions
between principal names may disable this check by starting the server
with this option.
=item B<-restricted>
In normal operation, the bos server allows a super user to run any command.
When the bos server is running in restricted mode (either due to this
command line flag, or when configured by L<bos_setrestricted(8)>) a number
of commands are unavailable. Note that this flag persists across reboots.
Once a server has been placed in restricted mode, it can only be opened up
by sending the SIGFPE signal.
=item B<-help>
Prints the online help for this command. All other valid options are
ignored.
=back
=head1 EXAMPLES
The following command initializes the BOS Server and logs the names of
users who issue privileged B<bos> commands.
% bosserver -log &
=head1 PRIVILEGE REQUIRED
The issuer most be logged onto a file server machine as the local
superuser C<root>.
=head1 SEE ALSO
L<BosConfig(5)>,
L<BosLog(5)>,
L<bos(8)>,
L<bos_create(8)>,
L<bos_exec(8)>,
L<bos_getlog(8)>,
L<bos_getrestart(8)>,
L<bos_restart(8)>,
L<bos_setrestricted(8)>,
L<bos_shutdown(8)>,
L<bos_start(8)>,
L<bos_startup(8)>,
L<bos_status(8)>,
L<bos_stop(8)>
=head1 COPYRIGHT
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was
converted from HTML to POD by software written by Chas Williams and Russ
Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
Reference in New Issue View Git Blame Copy Permalink