From 7df97b80d08d0cdb7e3b7dd610a64c4cd38dc87e Mon Sep 17 00:00:00 2001 From: Art Cancro Date: Fri, 2 May 2003 04:02:47 +0000 Subject: [PATCH] * setup.c: allow specification of the Citadel system account by either username or uid * setup.c: tell init to re-read /etc/inittab by sending a SIGHUP to pid 1 instead of hunting around for the correct init or telinit command * docs/citadel.html: documented the above change, and also rewrote some other stuff to be less BBS-specific --- citadel/ChangeLog | 9 ++ citadel/docs/citadel.html | 200 ++++++++++++++++++++------------------ citadel/setup.c | 88 +++++++---------- 3 files changed, 152 insertions(+), 145 deletions(-) diff --git a/citadel/ChangeLog b/citadel/ChangeLog index b02a7cdb5..fe8bb845d 100644 --- a/citadel/ChangeLog +++ b/citadel/ChangeLog @@ -1,4 +1,12 @@ $Log$ + Revision 605.45 2003/05/02 04:02:47 ajc + * setup.c: allow specification of the Citadel system account by either + username or uid + * setup.c: tell init to re-read /etc/inittab by sending a SIGHUP to pid 1 + instead of hunting around for the correct init or telinit command + * docs/citadel.html: documented the above change, and also rewrote some + other stuff to be less BBS-specific + Revision 605.44 2003/04/30 16:16:13 ajc * Minor fix to ESMTP greeting (missing '-' screwed up pipelining) @@ -4668,3 +4676,4 @@ Sat Jul 11 00:20:48 EDT 1998 Nathan Bryant Fri Jul 10 1998 Art Cancro * Initial CVS import + diff --git a/citadel/docs/citadel.html b/citadel/docs/citadel.html index d39e49f06..25652b1a3 100644 --- a/citadel/docs/citadel.html +++ b/citadel/docs/citadel.html @@ -149,7 +149,7 @@ License, or (at your option) any later version.
  1. Everything in its place...
    2. -
  2. The BBS Login
    3. +
  3. Creating a system account for Citadel
  4. Bypassing the login: prompt
  5. Compiling the programs
    6. @@ -586,12 +586,14 @@ OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

    Overview

    -

    Citadel/UX is an advanced, multiuser, client/server, room-based BBS program. - It is designed to handle the needs of both small dialup systems and -large-scale Internet-connected systems. It was originally developed on -an Altos system running Xenix, and has been installed and tested on various -Unix and Unix-like platforms. The author's current development environment -(and BBS) is an ordinary Linux system. The current distribution includes: +

    Citadel/UX is an advanced, multiuser, client/server messaging system +suitable for BBS, e-mail, and groupware applications. +It is designed to handle the needs of both small dialup systems and +large-scale Internet-connected systems. It was originally developed on +an Altos system running Xenix, and has been installed and tested on various +Unix and Unix-like platforms. The current development environment +(and public BBS) is an ordinary Linux system. The current distribution +includes:

      @@ -669,46 +671,47 @@ get the latest Berkeley DB at http://www.

      -

      The BBS Login

      +

      Creating a system account for Citadel

      As with many Unix programs, Citadel wants to run under its own user ID. - Unlike other programs, however, this user ID will do double-duty as a -public login for your system if you are running a BBS. This account is -typically called "bbs" or "citadel" or something to that effect. You will -tell Citadel what the user-id of that account is, and when someone logs -in under that account, Citadel will prompt for a user name.

      +Unlike other programs, however, this user ID will do double-duty as a +public login for your system if you are running a BBS. This account is +typically called "bbs" or "citadel" or something to that effect. You will +tell Citadel what the user-id of that account is, and when someone logs +in under that account, Citadel will prompt for a user name.

      The Citadel user should have a unique uid. The home directory should be - the one your Citadel installation resides in (in this example we will -use /usr/local/citadel) and the shell should be either "citadel" in that -directory, or a script that will start up citadel (you may wish to set -up an external text editor; see below). Example:

      +the one your Citadel installation resides in (in this example we will +use /usr/local/citadel) and the shell should be either "citadel" in +that directory, or a script that will start up citadel (you may wish to set +up an external text editor; see below). Example:

      -
      bbs::100:1:BBS Login:/usr/local/citadel:/usr/local/citadel/citadel
      +
      bbs::100:1:Citadel Login:/usr/local/citadel:/usr/local/citadel/citadel
      -

      When you run setup later, you will be required to tell it what the Citadel - user's numeric user ID is, so it knows what user to run as. If you create - an account called bbs, guest, or citadel, the - setup program will automatically pick up the user ID by default.

      +

      When you run setup later, you will be required to tell it the username or +user ID of the account you created is, +so it knows what user to run as. If you create +an account called bbs, guest, or citadel, the +setup program will automatically pick up the user ID by default.

      For all other users in /etc/passwd, Citadel will automatically set up an account using the full name (or 'gecos' in Unixspeak) of the user. It'll - also ignore any password you supply, because it uses the user's password - on the host system. This allows a 'single sign on' type of environment. - Note that this does have to be enabled at compile time -- it's the configure - option called --enable-autologin. Keep in mind that these users - can use *either* their Citadel login name or their login name on the host - computer, and their password on the host computer.

      +also ignore any password you supply, because it uses the user's password +on the host system. This allows a 'single sign on' type of environment. +Note that this does have to be enabled at compile time -- it's the configure +option called --enable-autologin. Keep in mind that these users +can use *either* their Citadel login name or their login name on the host +computer, and their password on the host computer.

      Bypassing the login: prompt

      If you normally log in to your host system using some method other than - telnet (such as ssh), you might want the telnet service to go straight - to the Citadel BBS, instead of displaying the login: prompt first. - You can do this by having telnetd start citadel directly instead of -/bin/login. This is actually very simple to implement; all you +telnet (such as ssh), you might want the telnet service to go straight +into Citadel, instead of displaying the login: prompt first. +You can do this by having telnetd start citadel directly instead of +/bin/login. This is actually very simple to implement; all you need to do is make a simple change to your inetd or xinetd configuration. Here are some configuration examples.

      @@ -724,13 +727,13 @@ configuration. Here are some configuration examples.

      Please make sure you know what you're doing before you install this! If you are going to put Citadel somewhere other than /usr/local/citadel - then change the directory name accordingly. If you know of any other +then change the directory name accordingly. If you know of any other local peculiarities which need to be observed, edit the above configuration accordingly as well. And, of course, if you're working remotely, make sure you can successfully log in using SSH before you start changing your -telnet configuration, otherwise you could lock yourself out of your system -(ask any networking specialist about the dangers of "working inline" -- -then pull up a chair and get a fresh cup of coffee, because you're going +telnet configuration, otherwise you could lock yourself out of your system +(ask any networking specialist about the dangers of "working inband" -- +then pull up a chair and get a fresh cup of coffee, because you're going to hear some war stories).

      Compiling the programs

      @@ -741,14 +744,15 @@ to hear some war stories).

      The 'configure' script will generate a Makefile from the Makefile.in, and it will also write the file "sysdep.h" to your Citadel directory. Please - do not edit sysdep.h or Makefile.in yourself. The configure script will - figure out your system dependencies and set everything correctly.

      +do not edit sysdep.h or Makefile.in yourself. The configure script will +figure out your system dependencies and set everything correctly.

      -

      Mac OS X 10.1 and later are now supported. (Sorry, 10.0 cannot be supported, - now or in the future.) You need to install the Developer Tools CD, which - you can purchase or download for free from http://developer.apple.com. Then run - configure like this:

      +

      Mac OS X 10.1 and later are now supported. (Sorry, 10.0 cannot be +supported, +now or in the future.) You need to install the Developer Tools CD, which +you can purchase or download for free from +http://developer.apple.com. Then run +configure like this:

      env CC=/usr/bin/cc ./configure (options - see below)
      @@ -770,7 +774,7 @@ back to GDBM if it has to.

      shell users peeking into the binaries to do things like reading others' mail, finding private rooms, etc. The Citadel server needs to be started as root in order to bind to privileged ports, but as soon as its initialization - is finished, it changes its user ID to your BBS user ID in order to avoid + is finished, it changes its user ID to your Citadel user in order to avoid security holes.

      @@ -793,10 +797,11 @@ below for more information on this.

      The citadel.rc file

      -

      The text-based client included with Citadel is suitable for BBS applications. - Much of its command set and other behavior is configurable through a Run - Control (RC) file. The standard client looks for this file in the following - locations:

      +

      The text-based client included with Citadel is suitable for BBS +applications. +Much of its command set and other behavior is configurable through a Run +Control (RC) file. The standard client looks for this file in the following +locations:

      • $HOME/.citadelrc
        • @@ -822,7 +827,7 @@ default editor for the Enter command by editing the citade a security hole, because they usually provide users with the ability to drop into a shell on the host system, or save files using names other than the name of the temporary file they are editing. If you intend to use an -external editor on a public BBS, make sure you use one that has been hardened +external editor on a public BBS, make sure you use one that has been hardened for such a purpose -- one which has had the 'shell' and 'save as' commands disabled, as well as any other functions which a destructive user could use to gain unauthorized access to your host system.

        @@ -839,12 +844,12 @@ specifies what command you use to print. Text is sent to the standard input 
        printcmd="nl|pr|lpr -Plocal"

        ...that would add line numbers, then paginate, then print on the printer - named "local". There's tons of stuff you can do with this feature. For - example, you could use a command like cat <<$HOME/archive - to save copies of important messages in a textfile. Again, this is probably - something you don't want to configure for a public BBS host -- most system - administrators don't want remote users sending arbitrary things to local - printers.

        +named "local". There's tons of stuff you can do with this feature. For +example, you could use a command like cat <<$HOME/archive +to save copies of important messages in a textfile. Again, this is probably +something you don't want to configure for a public BBS host -- most system +administrators don't want remote users sending arbitrary things to local +printers.

        URL viewing

        @@ -932,7 +937,8 @@ to get things configured.

        The options are as follows:

        -

        -hHomeDir - the directory your BBS data files live in. This should, +

        -hHomeDir - the directory your Citadel data files live in. +This should, of course, be a directory that you've run the setup program against to set up some data files. If a directory is not specified, the directory name which was specified in the Makefile will be used.

        @@ -1033,7 +1039,9 @@ utilized less and less every day.

        help

        That's just about all the information you need to install the system. -But if you get stuck, you can visit UNCENSORED! BBS and report a problem or +But if you get stuck, you can visit +UNCENSORED! BBS +and report a problem or ask for help. But if you intend to report a problem getting the Citadel server to run, please double-check the following things first:

        @@ -1045,10 +1053,12 @@ to run, please double-check the following things first:

      -

      To report a problem, you can log on to UNCENSORED! or any other BBS on - the Citadel network which carries the Citadel/UX> room. Please - DO NOT e-mail the developers directly. Post a request for help on the -BBS, with all of the following information:

      +

      To report a problem, you can log on to +UNCENSORED! +or any other BBS on +the Citadel network which carries the Citadel/UX> room. Please +DO NOT e-mail the developers directly. Post a request for help on the +BBS, with all of the following information:

      • The exact nature of your difficulty
        • @@ -1320,8 +1330,9 @@ of the room. If you enter Yes, you will also be prompted with the following 
        Directory name [mydirname]:

        ...the name of the subdirectory to put this room's files in. The name - of the directory created will be <your BBS directory>/files/<room - dir name>.

        +of the directory created +will be <your Citadel directory>/files/<room +dir name>.

        Uploading allowed [Yes]? Yes
        @@ -1516,7 +1527,7 @@ setting.

        There are several strings that you can put in help files that will be automatically substituted with other strings. They are:

        -
         
         ^nodename    = The node name of your system on a Citadel/UX network
         ^humannode   = Human-readable node name (also your node name on C86Net)
         ^fqdn        = Your system's fully-qualified domain name
         ^username    = The name of the user reading the help file
         ^usernum     = The user number of the user reading the help file
         ^sysadm      = The name of the system administraor (i.e., you)
         ^variantname = The name of the BBS software you're running
         ^bbsdir      = The directory on the host system in which you have
                        installed the Citadel system.
        +
         
         ^nodename    = The node name of your system on a Citadel/UX network
         ^humannode   = Human-readable node name (also your node name on C86Net)
         ^fqdn        = Your system's fully-qualified domain name
         ^username    = The name of the user reading the help file
         ^usernum     = The user number of the user reading the help file
         ^sysadm      = The name of the system administraor (i.e., you)
         ^variantname = The name of the software you're running
         ^bbsdir      = The directory on the host system in which you have
                        installed the Citadel system.

        So, for example, you could create a help file which looked like:

        @@ -1613,14 +1624,14 @@ in at all -- all accounts must be created by an Aide.

        • A public access BBS or message board - since you do not - know who might want to log in, self-service account creation needs to -stay enabled. If you want to be strict about users identifying themselves, -then you should also require users to register (just remember to post -a privacy policy if you're going to collect personal information) -- then -set the initial access level to 1 (New User), so new users cannot post messages +know who might want to log in, self-service account creation needs to +stay enabled. If you want to be strict about users identifying themselves, +then you should also require users to register (just remember to post +a privacy policy if you're going to collect personal information) -- then +set the initial access level to 1 (New User), so new users cannot post messages until after you've validated them. For a more lax environment, you can -remove the registration requirement and grant new accounts level 4 (Normal -User) access on the first visit.
          • +remove the registration requirement and grant new accounts level 4 (Normal +User) access on the first visit.
        • A private email/groupware system for your organization - in this case, disable self-service account creation; you don't want strangers welcoming themselves to your system. You'll probably also want @@ -1966,20 +1977,22 @@ spool. This type of configuration is discouraged, but a tool is provided to allow it.

          The tool is called citmail and it is, quite simply, a local MDA - (Mail Delivery Agent) which you can configure into your MTA for final delivery - of incoming messages to Citadel users. A full discussion of the finer -points of complex Sendmail configurations is beyond the scope of this document; - however, you might want to visit Pixel BBS where some useful - HOWTO documents are provided.

          +(Mail Delivery Agent) which you can configure into your MTA for final delivery +of incoming messages to Citadel users. A full discussion of the finer +points of complex Sendmail configurations is beyond the scope of +this document; +however, you might want to visit Pixel BBS where some useful +HOWTO documents are provided.

          -

          For outbound mail, you can either allow Citadel to perform deliveries directly +

          For outbound mail, you can either allow Citadel to perform +deliveries directly (this won't affect your other mail system because outbound mail doesn't tie up port 25) or enter 127.0.0.1 as your smart-host, which will tell Citadel to forward all of its outbound mail to your other mail system.

          -

          Hosting an Internet mailing - list

          +

          Hosting an Internet mailing +list

          Citadel has built in mailing list service (known in the 'net vernacular as "listserv") functionality.  You can turn any room into a mailing @@ -2064,23 +2077,24 @@ in your e-mail software) and the confirmation is automatically completed.

          Overview

          If you are running Citadel as a BBS or other forum type of application, - one way to 'keep the conversation going' is to share rooms with other Citadel - systems. In a shared room, a message posted to the room is automatically - propagated to every system on the network. It's kind of like a UseNet newsgroup, - but without the spam.

          +one way to 'keep the conversation going' is to share rooms with other Citadel +systems. In a shared room, a message posted to the room is automatically +propagated to every system on the network. It's kind of like +a UseNet newsgroup, +but without the spam.

          If you are using Citadel as the e-mail and groupware platform for a large - organization, you can use its networking features to build a large network - of Citadel servers which share content (think of rooms as public folders), - redistribute e-mail throughout the organization, and integrate the global - address book.  It might make sense, for example, in a large corporation - to give each department or location its own Citadel server.  Thanks - to Citadel's global address book features, you could still have all of the - users share a single e-mail domain.

          +organization, you can use its networking features to build a large network +of Citadel servers which share content (think of rooms as public folders), +redistribute e-mail throughout the organization, and integrate the global +address book.  It might make sense, for example, in a large corporation +to give each department or location its own Citadel server.  Thanks +to Citadel's global address book features, you could still have all of the +users share a single e-mail domain.

          Obviously, the first thing you have to do is find another Citadel to share - rooms with, and make arrangements with them. The following Citadels are - a good place to start:

          +rooms with, and make arrangements with them. The following Citadels are +a good place to start:

          • UNCENSORED! - uncensored.citadel.org diff --git a/citadel/setup.c b/citadel/setup.c index 87d85f064..f9a27571a 100644 --- a/citadel/setup.c +++ b/citadel/setup.c @@ -15,6 +15,7 @@ #include #include #include +#include #include #include #include @@ -52,33 +53,35 @@ char init_entry[SIZ]; char *setup_titles[] = { - "BBS Home Directory", + "Citadel Home Directory", "System Administrator", - "BBS User ID", + "Citadel User ID", "Server port number", }; char *setup_text[] = { -"Enter the full pathname of the directory in which the BBS you are\n" -"creating or updating resides. If you specify a directory other than the\n" -"default, you will need to specify the -h flag to the server when you start\n" -"it up.\n", +"Enter the full pathname of the directory in which the Citadel installation\n" +"you are creating or updating resides. If you specify a directory other\n" +"than the default, you will need to specify the -h flag to the server when\n" +"you start it up.\n", "Enter the name of the system administrator (which is probably you).\n" "When an account is created with this name, it will automatically be\n" "assigned the highest access level.\n", -"You should create a user called 'bbs', 'guest', 'citadel', or something\n" -"similar, that will allow users a way into your BBS. The server will run\n" -"under this user ID. Please specify that (numeric) user ID here.\n", +"Citadel needs to run under its own user ID. This would typically be\n" +"called \"citadel\", but if you are running Citadel as a public BBS, you\n" +"might also call it \"bbs\" or \"guest\". The server will run under this\n" +"user ID. Please specify that user ID here. You may specify either a\n" +"user name or a numeric UID.\n", "Specify the TCP port number on which your server will run. Normally, this\n" "will be port 504, which is the official port assigned by the IANA for\n" "Citadel servers. You'll only need to specify a different port number if\n" -"you run multiple BBS's on the same computer and there's something else\n" -"already using port 504.\n", +"you run multiple instances of Citadel on the same computer and there's\n" +"something else already using port 504.\n", "Setup has detected that you currently have data files from a Citadel/UX\n" "version 3.2x installation. The program 'conv_32_40' can upgrade your\n" @@ -91,41 +94,6 @@ char *setup_text[] = struct config config; int direction; -/* - * Do an "init q" to tell init to re-read its configuration file - */ -void init_q(void) { - pid_t cpid; - int status; - - cpid = fork(); - if (cpid==0) { - /* - * We can't guarantee that telinit or init will be in the right - * place, so we try a couple of different paths. The first one - * will work 99% of the time, though. - */ - execlp("/sbin/telinit", "telinit", "q", NULL); - execlp("/sbin/init", "init", "q", NULL); - execlp("/usr/sbin/init", "init", "q", NULL); - execlp("/bin/init", "init", "q", NULL); - execlp("/usr/bin/init", "init", "q", NULL); - execlp("init", "init", "q", NULL); - - /* - * Didn't find it? Fail silently. Perhaps we're running on - * some sort of BSD system and there's no init at all. If so, - * the person installing Citadel probably knows how to handle - * this task manually. - */ - exit(1); - } - else if (cpid > 0) { - while (waitpid(cpid, &status, 0) == -1) ;; - } -} - - /* * Set an entry in inittab to the desired state */ @@ -172,7 +140,7 @@ void set_init_entry(char *which_entry, char *new_state) { if (fp != NULL) { fwrite(inittab, strlen(inittab), 1, fp); fclose(fp); - init_q(); + kill(1, SIGHUP); /* Tell init to re-read /etc/inittab */ } free(inittab); } @@ -638,7 +606,9 @@ void set_long_val(int msgpos, long int *ip) void edit_value(int curr) { - long l; + int i; + struct passwd *pw; + char bbsuidname[SIZ]; switch (curr) { @@ -647,9 +617,23 @@ void edit_value(int curr) break; case 2: - l = config.c_bbsuid; - set_long_val(curr, &l); - config.c_bbsuid = l; + i = config.c_bbsuid; + pw = getpwuid(i); + if (pw == NULL) { + set_int_val(curr, &i); + config.c_bbsuid = i; + } + else { + strcpy(bbsuidname, pw->pw_name); + set_str_val(curr, bbsuidname); + pw = getpwnam(bbsuidname); + if (pw != NULL) { + config.c_bbsuid = pw->pw_uid; + } + else if (atoi(bbsuidname) > 0) { + config.c_bbsuid = atoi(bbsuidname); + } + } break; case 3: @@ -905,7 +889,7 @@ int main(int argc, char *argv[]) /* if (setuid(config.c_bbsuid) != 0) { important_message("Citadel/UX Setup", - "Failed to change the user ID to your BBS user."); + "Failed to change the user ID to your Citadel user."); cleanup(errno); } */ -- 2.39.2