On Thu, Feb 15, 2001 at 06:55:51AM +0000, Dr A V Le Blanc wrote:
> coda itself anywhere under /usr.  The real pain is tweaking any
> Linux distribution to deal with shared /usr on a particular
> client.  This is one reason why I feel the distributions and
> both rpm and dpkg fail to support this kind of installation
> adequately.

One problem that is very hard to resolve are the non-shared
configuration files in /etc. When some of the binaries in /usr are
updated, this might require an update to the configuration on all
clients. So there should be some way of installing multiple versions
of a binary/package and leaving it up to the clients to upgrade.

So the problem turns into having an `unpacked' package in some place in
/coda, with pre/post install/remove scripts which create links from the
local /usr tree to the various binaries. Which is exactly what "depot"
is doing (and in some ways "stow", a simpler version of "depot").

> in AFS.  With Coda you can put the suid programs there, but not
> sgid, of course.  (Thus in the previous example, where /usr is
> a link into /coda, /usr/bin/man may have to be a link out of /coda,
> if it is a sgid program.)

Ehh, not anymore. We didn't like the security "feature" of some user who
has `root' on one client being able to install suid-root binaries. Which
can then be executed on any other Coda-client. Suid-bits should be a per
machine policy, so Coda now correctly filters them out. And no, there is
no option to disable this filtering of suid bits.

If anybody wants suid-binaries in /coda, here is what I've been using:

- Get the program "super" and install it on the local disk on every
  client (f.i. /bin).

- For each suid binary in Coda,
    mv binary binary.su && ln -s /bin/super binary

- For each sgid binary in Coda,
    mv binary binary.sg && ln -s /bin/super binary

- Create a super.tab file similar to the following:
    #!/bin/super -o
    :global_options logfile=/var/log/super.log renewtime=y
    {binary,binary2,binary3} /coda/usr/sbin/*.su user~* uid=0
    mail /usr/bin/mail.sg user~* uid=<caller> gid=mail \
        env=PAGER,LISTER,EDITOR,VISUAL,MAIL,MBOX,DEAD

- Install the super.tab in /etc on every client, now any client can
  modify his local suid policies without compromising everything else.

Super nicely strips out environment variables, which breaks some
programs like setuid cgi-scripts, so I'm using the following recipe for
those:

    jitterbug /coda/cgi-bin/*.su \
        env=CONTENT_LENGTH,REQUEST_METHOD,QUERY_STRING,PATH_INFO,SCRIPT_NAME,AUTH_TYPE,REMOTE_USER,REMOTE_HOST,REMOTE_ADDR \
        nobody

Jan