Athena Standard UNIX System Configuration for a dedicated RVD server.

by Jerome H. Saltzer, Win Treese, and Daniel Geer
July 11, 1986



I.  Introduction.


This note describes the UNIX file system contents and configuration
files for dedicated RVD servers operated by M.I.T. Project Athena.  It
is a refinement and extension of a note originally prepared by David
G.  Grubbs.

It describes the system configuration in terms of a concrete example,
consisting of a Digital VAX-11/750 configured with one small and one
large disk drive.  However, the same basic system arrangement,
modified as required, applies to other disk configurations and to RVD
servers configured on a MicroVAX or IBM RT PC.  An appendix (as yet
unwritten) lists specific detailed differences for each machine type
and configuration that has been set up.

The design desiderata used in this system configuration are as
follows:

1.  The general shape of the system is the same as all other Project
Athena centrally operated UNIX systems.  To simplify system
engineering and distribution, the file contents of the root partition
are completely standard.  All files used in other partitions are a
documented subset of standard system files.

2.  As much space as possible on the disks is handed over to the RVD
server, in as small a number of distinct partitions as possible.

3.  Directories containing user and system commands as well as
libraries are abridged to the minimum needed for efficient RVD system
administration.

4.  Convenience for time-shared login use is sacrificed.  It is
expected that a dedicated RVD server will receive no login use except
by staff managing the RVD system itself.
 
5.  The system is self-sufficient.  It does not require the service
of any other RVD server, and it does not use any RVD packs that it
provides itself.  Once started, it makes no use of any network
services.  (At initialization time, the RVD configuration makes use
of network time service, available, to verify its calendar clock
setting.  Since it can get along by continuing its old clock setting
if the time service does not respond, this use does not appear to
represent a reliability exposure.)

6.  The system is designed to run indefinitely without any attention.
To this end, it starts only those services and demons needed to
operate the RVD service.  All known logs and growing files are either
shut off or automatically trimmed.

7.  In analogy to the RVD service itself, the remainder of the UNIX
system configuration is designed to be managed from a distance.
Password file maintenance is done using the Athena user registration
system.  What remains (intended to be minimal) of maintenance and
operations work can be done by network login.  No terminal lines are
required except for an operator's console, which need be used only
for emergency boots.

8.  The configuration is designed to permit other network services to
be operated out of the same system.  However, it is standard practice
to dedicate a system to RVD use, in order to maximize reliability.




II.  The details.


Hardware configuration:

Digital VAX-11/750
/dev/ra0x is an RA-80 (124 Mbytes) partitioned as follows:
     ra0a  15884 blocks
     ra0b  33440 blocks
     ra0d  15884 blocks
     ra0e  55936 blocks
     ra0f 114824 blocks
     
/dev/ra1x is an RA-81 (456 Mbytes) partitioned as follows:
     ra1c 891072 blocks


Mounted file systems:

Filesystem  fstab entry    kbytes    used   avail capacity
/dev/ra0a    :/:rw:1:1       7421    5925     753    89%  
/dev/ra0e    :/site:rw:1:2  26223   14938    8662    63%    

/dev/ra0b is the UNIX virtual memory swap area.
/dev/ra0d is an unused partition of about 8 Mbytes.

Disk partitions assigned to the RVD server:

Device name    disk        blocks  Mbytes  Overlaid     Name of
in rvddb       partition                   maintenance  maintenance
                                           partition    pack

/dev/vdsrv1 -> /dev/ra0f   114824    58.9  /dev/dvdsrv1 rvddump1
/dev/vdsrv2 -> /dev/ra1c   891072   456.2  /dev/dvdsrv2 rvddump2

Note: The overlaid partition and maintenance pack name permit the
entire partition to be spun up from another machine, for maintenance.


Contents of /:

 /bin/		(standard contents)
 /boot/		(standard contents)
 /dev/		(standard contents)
 /etc/		(standard contents)
 /lib/		(standard contents)
 /mit/ -> /site/mit
 /mnt/		(standard--empty)
 /pcs750.bin	(standard contents)
 /site/		(see below)
 /tmp/ -> /site/tmp
 /tp/		(standard contents)
 /u1/ -> /site/mit
 /usr/		(see below)
 vmunix		(standard contents--4.3 Beta BSD UNIX)
 vmunix.6-19	(link to vmunix)

Configuration files that contain their standard Athena contents:

/.login		/.cshrc		/.profile

/etc/:
hosts (created by /etc/rc; contains entries for localhost and this
      host's name)
rvdtab (contains one entry describing some RVD server that provides a
       complete vsusr file system.)


Contents of /usr/:

/usr/adm/	-> /site/usr/adm/       (standard link)
/usr/athena/	-> /site/usr/athena/	(abridged contents, see below)
/usr/bin/	-> /site/usr/bin/	(abridged contents, see below)
/usr/crash/	-> /site/usr/crash/	(standard contents)
/usr/lib/	-> /site/usr/lib/	(abridged contents, see below)
/usr/mdec/	-> /site/usr/mdec/	(abridged contents, see below)
/usr/new/	-> /site/usr/new/	(abridged contents, see below)
/usr/preserve/	-> /site/usr/preserve/	(standard contents)
/usr/rtingres/	-> /site/usr/rtingres/	(abridged contents, see below)
/usr/spool/	-> /site/usr/spool/	(standard link)
/usr/tmp/	-> /site/usr/tmp/	(standard contents-empty)
/usr/ucb/	-> /site/usr/ucb/	(abridged contents, see below)


Contents of /site/:

/site/lost+found/	(standard contents)
/site/mit/		(abridged, see below)
/site/rvd/		(see below)
/site/usr/		(see below)
/site/exceptions	(text file describing anything unusual or non-
			 standard about the configuration of this host)


contents of /usr/athena/ (/site/usr/athena/):

gnuemacs	lib/gnuemacs/	tftp


contents of /usr/bin (/site/usr/bin):

egrep	ex	file	find	iostat	sort	sum	touch	tty


contents of /usr/lib (/site/usr/lib):

adb/		crontab		crontab.rvdsrv
more.help

(Note:  before starting cron, /etc/rc.rvdsrv copies crontab.rvdsrv
to crontab.  A future release is expected to change the name of
crontab.rvdsrv)


contents of /usr/mdec (/site/usr/mdec):

bootra		installboot	raboot
bootrl		noboot		rlboot


contents of /usr/new/ (/site/usr/new/):

resize		xterm -> /etc/xterm


contents of /usr/rtingres/ (/site/usr/rtingres/):

athenareg/backup/	athenareg/bin/		athenareg/files/
athenareg/log/		(each directory holds standard contents)


contents of /usr/ucb/ (/site/usr/ucb/):

clear		grep		reset		tail		vi
ex		head		rlogin		talk		view
f		more		rsh		telnet		vmstat
finger		netstat		strings		tset		w
ftp		printenv	systat		uptime		which
						users


contents of /mit (/site/mit):

/mit/n/a/name directories for a small number of users who regularly
administer this server, with no empty alphabet directories.


contents of /site/tmp:

Empty.  Note that there is a /site/tmp in the root file system, for
use in single-user mode, as well as one in the (overmounted) /site
file system, for use in normal operation.  No other files appear in
the overmounted /site part of the root file system.

contents of /site/rvd/:

(note: the rvd server initialization data base is named gaea to allow
remote administration, while the link rvddb-> gaea allows the use of
1a standard rvdstart script.)

gaea		rvdmsg		rvddb -> gaea	rvdenable	rvdlog
rvdlog.0	rvdlog.1	rvdlog.2	rvdlog.3	rvdlog.4
rvdlog.5	rvdlog.6	rvdlog.7	sendlog


contents of /usr/adm/ (/site/usr/adm/):

findlog		lastlog		messages	msgbuf
shutdownlog	sulog		wtmp


Normally running processes:

swapper		init		pagedaemon	named
syslogd		cron		inetd		update
rvdsrv -l 3	- e console (getty)		atimeserver


Inetd daemons enabled by /etc/inetd.conf:

ftp		telnet		shell		login
tftp		exec	


Contents of /usr/lib/crontab.rvdsrv (/site/usr/lib/crontab.rvdsrv):

0,10,20,30,40,50 * * * * root	/etc/dmesg - >>/usr/adm/messages
00 2 * * *	root	/etc/athena/clean_tmp_areas
05 3 * * *	root	 sh /etc/athena/newsyslog
40 4 * * *	root	csh -fc "(echo '  ========'; date;find /site \
 '(' -name '#*' -o -name '.#*' ')' -a -atime +3 -a -exec rm -f {} ';' \
 -print >>& /usr/adm/findlog)"
50 2 * * * root find /usr/rtingres/athenareg/log -mtime +8 -exec rm {} \;


Standard configuration files:

/etc/:
named.ca	protocols	services
named.boot	ftpusers	resolv.conf


Site-specific configuration files, managed centrally:

/.rhosts

/etc/:
passwd		group		remote
ttys (rvd version)
hosts.equiv (rvd version)
phones (empty)
remote (empty)
rvdauthor

III.  Further work needed.


1.  Is exec really needed in /etc/inetd/conf?

2.  Equivalent detailed system configurations need to be engineered
for:
    
    a.  VAX-11/750 with only RA-81 drives
    b.  MicroVAX II with 3 RK-52 drives
    c.  RT PC with 3 (70 Mbyte) drives



file:  config.txt