Banyan UNIX Access Guide
Chapter 1 - Introduction to Banyan UNIX Access
Historically, Banyan has limited administrator access to the UNIX operating system underlying its VINES product. With the release of VINES 7.0, a new feature allowed administrators to log in to UNIX on a server with full root access to the files and directories on that server.
This book describes the files and directories that are available to a user with root access.
This Chapter describes:
Basic UNIX access procedures, including UNIX login and password configuration The structure of UNIX on a Banyan server
Note: Although Banyan UNIX is based on UNIX System V.4, many changes have been made to the files and directories of UNIX System V.4 during the development of VINES. This book explains many of these differences.
Basics of UNIX Access
To log in to UNIX on a Banyan server, you must fulfill several prerequisites:
The System Maintenance menu of your server must have 12 options, as shown in Figure 1-1. If the menu has only 10 options, you must reinstall the software and choose either "You have access, Banyan does not" or "You and Banyan have UNIX access,"at the Password Installation menu. For more information on installing root access, see the VINES Server Installation Guide.
You must have an established StreetTalk user name and password. Your name must be on the AdminList of the server. This list is called AdminList@servername@servers, where servername is the name of your server. For example, if your server is named MONEY, your AdminList name is AdminList@money@servers. You must know the System Maintenance password for your server.
Once you meet these requirements, you can access basic UNIX functions from the System Maintenance menu as follows:
Option 11 allows you to log in to UNIX. Option 12 allows you to change the UNIX root password and set configuration parameters that affect root password access.
The sections that follow explain these procedures.
To Log in to UNIX
1. Select Option 11 (Access UNIX) from the System Maintenance menu. You are prompted for your StreetTalk name.
2. Enter your StreetTalk name. You are prompted for your StreetTalk password.
3. Enter your StreetTalk password.
Note: You can enter your password up to five times at this screen. If you do not enter the correct password on the fifth attempt, the software pauses for one minute, then returns to the System Maintenance menu.
You are prompted for the root password.
4. Enter the root password.
When you successfully log in to UNIX, your current directory is /disk1/banyan/ss.
Configuring the UNIX Root Password
To change UNIX Access options on a Banyan server, select Option 12 (Configure UNIX Access options) from the System Maintenance menu. You are prompted to enter your StreetTalk user name and password. The user name you enter must be:
A valid user name in the StreetTalk database On the AdminList@servername@servers of the server you are logging in to.
The screen in Figure 1-2 appears.
The options on this menu let you set:
The current password Password configuration rules, including the minimum length, the expiration period, and the number of entries in the password history list. (This restricts the re-use of passwords as explained in "Password History List," later in this chapter.
To Change the Current UNIX Access Password
1. Choose 1 (Change UNIX Access Password) at the Configure UNIX Access menu. This prompt appears:
Please enter the old password for root access:
2. Enter the old password. This prompt appears:
Please enter the new password for root access (E to exit):
If you enter E the Configure UNIX Access Menu appears.
3. Enter the new password. This prompt appears:
Please retype new password:
4. Enter the new password exactly as you typed it the first time.
Note: UNIX passwords are case-sensitive.
To Change the Password Configuration
1. Choose 2 (Change Password Configuration) at the Configure UNIX Access menu. This prompt appears:
Please enter root password:
2. Enter the current root password. This prompt appears:
Number of previous root passwords that cannot be re-used(1 - 20,none) :
3. Enter the number of passwords that you want to keep on the password history list (see the next section for more information). This prompt appears:
Minimum Password Length (1-15, none) [none]:
4. Enter the smallest number of characters for a root password on your server. A long password is more secure, but may be more difficult to remember. This prompt appears:
Password expiration in weeks (1 - 52, never) [never]:
This prompt asks you to set an interval after which you will be forced to change the root password on this server.
5. Enter a number of weeks. The system asks you to confirm your choices, as shown below.
Number of passwords to remember: 10
Minimum Password Length: none
Password expiration in weeks: never
Is this information correct (y/n) [y]:
If you enter n, the software returns to step 1. If you enter Y, the Configure UNIX Access menu appears.
Password History List
During the Banyan software installation procedure, and again when you use the Change Password Configuration option, you control how many passwords are kept in the password history list by answering this prompt:
Number of root passwords to remember:
Each time you change your password, the old password is placed on the password history list. If the list is full, the oldest password drops off to make room for the one used most recently. Passwords currently on the password history list cannot be used for UNIX access. Once a password drops off the list, however, you can re-use it.
To illustrate how the password history list works, suppose you ask the system to remember two passwords. Figure 1-3 shows the initial system installation dialogue, and the first UNIX Access password change.
Note: During the initial installation, the password you enter does not appear on the screen. The password is shown on the screen in Figure 1-3 to clarify the example.
The old password (Hello) is now on the password history list. This means that you cannot re-use `Hello'. Figure 1-4 shows the password history list after the second and third password changes.
After the third password change, the original password (Hello) drops off the password history list. This password can now be re-used.
UNIX Structure on a Banyan Server
The sections that follow provide an overview of the VINES files and directories.
Banyan Software Tree
Figure 1-5 shows all of the directories in the Banyan server.
Organization of this Book
Many of the directories shown in Figure 1-5, such as /etc and /dev, are part of standard UNIX. While these are discussed in some detail in later chapters, most of this manual discusses the Banyan service directories under /disk1/banyan, and the data files associated with the Banyan services.
Major Banyan services, such as StreetTalk (Chapter 3), STDA (Chapter 4) and Intelligent Messaging (Chapter 10), are treated in their own chapters. Other services are grouped in chapters that discuss a particular server function. For example, Chapter 5 discusses directories that offer file services, and Chapter 2 discusses directories that contain software pertinent to the installation and configuration of a Banyan server.
Banyan's Enterprise Network Services are software systems that store, move, and present information on Banyan networks. There are over 20 different services available for a revision 7.00 Banyan server. Most of this manual is devoted to these services.
Every Banyan service has a home directory in the /disk1/banyan path. This service directory typically holds the service executables, log files, scripts and other files required to monitor and maintain the service. Table 1-1, in the next section, summarizes the service directories and the other subdirectories of /disk1/banyan.
Services also have associated data files. Some services store their data files in the home directory, along with the executables. Other services store data files in separate subdirectories. The discussion of each service, later in this manual, includes the data files associated with the service, and identifies the location of those files.
Service Directories in /disk1/banyan
The directory /disk1/banyan contains a subdirectory for each service available on the Banyan server, and additional subdirectories for various utilities.
The contents of each directory are as follows:
Apple File protocol.
AppleTalk transfer agent.
Banyan file service.
Banyan Intelligent Messaging service.
Banyan Print service.
Communication services, such as TCP/IP, IPX/SPX, ISDN, Source Level Routing, and ICA communications.
Banyan duplication tools and releaseware. The programs in this directory are accessible through the hidden System Maintenance option 3d.
Banyan Event Management service.
DOS/UNIX bridge file service.
File Transfer service. (For internal Banyan use only.)
Banyan History Collector service.
Installation scripts and utilities.
Kernel Configuration utility.
Lexlink Print service.
Message file directories for several Banyan utilities.
Banyan Network Management service.
File Transfer Service directory. (Banyan internal use only).
VINES 5.xx Network Management service.
Simple Network Management Protocol option.
StreetTalk Naming service.
StreetTalk Directory Assistance.
ICA System Diagnostics.
Utilities used for service management and other Banyan-specific tools.
VINES Configuration service.
VINES Proxy Agent.
VINES Security service.
Asynchronous Terminal Emulation service.
Banyan Wide Area Network service.
Common Files in Banyan Service Directories
Certain scripts and log files show up in almost every service directory under /disk1/banyan. These files are listed in Table 1-1.
Common Files in Banyan Service Directories