head	1.1;
access;
symbols;
locks; strict;
comment	@# @;


1.1
date	95.08.09.06.58.01;	author ghudson;	state Exp;
branches;
next	;


desc
@@


1.1
log
@Initial revision
@
text
@#!/bin/sh -
#
# $Id: config_afs.sh,v 1.1 94/12/15 15:39:03 probe Exp Locker: probe $
#
# This script configures the workstation's notion of AFS.
# 1. It updates the cell location information from /usr/vice/etc/CellServDB
# 2. It updates the cell setuid information from /usr/vice/etc/SuidCells
PATH=/bin:/bin/athena:/usr/bin; export PATH

VICEDIR=/usr/vice/etc
CELLDB=${VICEDIR}/CellServDB
SUIDDB=${VICEDIR}/SuidCells

echo "Updating cell location information"
rm -f ${VICEDIR}/Ctmp
cp /afs/athena.mit.edu/service/CellServDB ${VICEDIR}/Ctmp && \
	[ -s ${VICEDIR}/Ctmp ] && \
	mv -f ${VICEDIR}/Ctmp ${CELLDB}.public && \
	cat ${CELLDB}.public ${CELLDB}.local >${VICEDIR}/Ctmp 2>/dev/null
rm -f ${CELLDB}.last
ln ${CELLDB} ${CELLDB}.last
mv -f ${VICEDIR}/Ctmp ${CELLDB}
chmod 644 ${CELLDB}

cmp -s ${CELLDB}.last ${CELLDB} || \
awk ' \
	  /^>/ {printf("\nfs newcell %s", substr($1,2,length($1)-1))}; \
	  /^[0-9]/ {printf(" %s",$1)}; \
	  END {printf("\n")}' ${CELLDB} | sh

echo "Updating setuid cell information"
rm -f ${VICEDIR}/Ctmp
cp /afs/athena.mit.edu/service/SuidCells ${VICEDIR}/Ctmp && \
	[ -s ${VICEDIR}/Ctmp ] && \
	mv -f ${VICEDIR}/Ctmp ${SUIDDB}.public && \
	cat ${SUIDDB}.public ${SUIDDB}.local >${VICEDIR}/Ctmp 2>/dev/null
mv -f ${VICEDIR}/Ctmp ${SUIDDB}
chmod 644 ${SUIDDB}

echo "Only allowing setuid/setgid programs from the following cells:"

(awk '/^>/ {print $1}' ${CELLDB}; cat ${SUIDDB}) | awk '\
	/^>/ {i++; cells[i]=substr($1,2,length($1)-1);suid[i]=0;next}; \
	/^-/ {for (j=1;j<=i;j++) {if (substr($1,2,length($1)-1)==cells[j]) \
		{suid[j]=0;next;}}}; \
	{for (j=1;j<=i;j++) {if ($1==cells[j]) {suid[j]=1;next}}}; \
	END {	ns=0; nn=0; \
		for (j=1;j<=i;j++) { \
		  if (suid[j]){ns++;scmd=scmd" "cells[j];\
				print "echo",cells[j];}\
		  else {nn++;ncmd=ncmd" "cells[j];};\
		  if (ns>20) \
		    {printf("fs setcell %s -suid\n", scmd);scmd="";ns=0;};\
		  if (nn>20) \
		    {printf("fs setcell %s -nosuid\n",ncmd);ncmd="";nn=0;};\
		} \
		if (ns) {printf("fs setcell %s -suid\n", scmd)};\
		if (nn) {printf("fs setcell %s -nosuid\n",ncmd)};\
	}' | sh

exit 0
@
