[9fans] really basic (stupid) questions, re: beginning sys admin.

[9fans] really basic (stupid) questions, re: beginning sys admin.

[Lloyd M Caldwell]

Hello,

This is fairly long so tia if you choose to continue reading.

I have used, administered and programmed Un*x's for many years, this 
seems to be more of a hinderance then help.

To prove how stupid I am, it took me 3 weeks to figure out how to enter 
text into sam. If you invoke 'sam file.txt' you see nothing of the file 
and all the typing in sam's control window results in nothing. Maybe if 
sam had used the same "new window" icon as rio, I might have figured out 
more quickly that you must make a new window inside an existing window 
to actually see the text file contents.  This, despite having read of 
the recursive rio capability and seeing the figures in Rob Pike's paper 
on sam. Acme is too much of a commitment, besides the initial glenda 
login acme window message says there are two columns and my systems 
glenda,acme window has three columns.

My system is installed from cdrom, release 4, march 23rd, fossil+venti.

Q1) how to "logout" of the fossil+venti console? In my experience, open 
console access to servers is bad (insecure).  Even though it is stated 
numerous places that there is no "root" account.  Apparently physical 
access to the console IS "root"?

Q2) It is stated that you can't run both an authentication server and a 
file server on the same node so how do I get the 'factotum' stuff going 
on a standalone file-server/terminal/cpu-server (the cdrom installed 
system)?

Q3) I have made a new user, how would I set this new user's (and 
glenda's) password?  Again on the standalone cdrom installed system.

Q4) on Un*x, after entering a man page command I can search for a 
specific word with /word in a terminal emulator window. How do I perform 
the same thing in a rio/rc window (please don't answer "use acme")?

Q5) rebooting seems to be the main method to re-configure the system or 
ones access rights.  In Un*x logging in/out and using su and 
kill/restart allowed one to choose the role and modify the system 
configuration without rebooting (I have a system running with uptime 
over 3 years). Is rebooting the method for performing these tasks?  This 
seems rather draconian (imo).

Any help is greatly appreciated.

tia
regards
Lloyd M Caldwell
lmc@xmission.com

ps: i have an ac97 audio driver written and working on a via-epia 
motherboard? anyone interested in trying this?

Re: [9fans] really basic (stupid) questions, re: beginning sys admin.

[andrey mirtchovski]

> Q1) how to "logout" of the fossil+venti console? In my experience, open
> console access to servers is bad (insecure).  Even though it is stated
> numerous places that there is no "root" account.  Apparently physical
> access to the console IS "root"?

physical access to any machine makes it insecure. in plan9 whoever
boots the machine owns it. you may "lock" the console through various
means such as starting up aux/vga and running any program that uses
'draw' (stats for example): it can't be interrupted, but can be
rebooted.

> Q2) It is stated that you can't run both an authentication server and a
> file server on the same node

this is not true. you are free to run any combination of
factotum/venti/keyfs/whatever on a single machine.

> Q3) I have made a new user, how would I set this new user's (and
> glenda's) password?  Again on the standalone cdrom installed system.

normally via 'auth/changeuser' if you have auth/keyfs running.

> Q5) rebooting seems to be the main method to re-configure the system or
> ones access rights.  In Un*x logging in/out and using su and
> kill/restart allowed one to choose the role and modify the system
> configuration without rebooting (I have a system running with uptime
> over 3 years). Is rebooting the method for performing these tasks?  This
> seems rather draconian (imo).

norhing but the file server has state in Plan 9 and fossil/venti do
not require a reboot for reconfiguration (except to ensure that the
machine will come up correctly after, say, a power outage). everything
else can be kill-ed/restarted to your heart's desire. since there's no
logout a terminal must be rebooted for changes to your profile to take
effect in all namespaces.

Re: [9fans] really basic (stupid) questions, re: beginning sys admin.

[andrey mirtchovski]

> Q4) on Un*x, after entering a man page command I can search for a
> specific word with /word in a terminal emulator window.

you can only do that because somebody decided to pipe the output
through 'less' or somesuch. you're percieving it as a gui feature
simply because that's the way you've used it right from the very
beginning. writing something for rio that simulated this behaviour
would be a nice exercise.

that said...

> How do I perform
> the same thing in a rio/rc window (please don't answer "use acme")?

...there's a patch that adds the 'look' command to the middle-button
terminal menu so that one can select a string and search for it in
that particular window. the patch is sitting on our servers, if
whoever wrote it wants to submit it (either to the distribution or
separately on /sources) you may use that as a solution.

Re: [9fans] really basic (stupid) questions, re: beginning sys admin.

[Sascha Retzki]

> Hello,
> 
> 
> Q1) how to "logout" of the fossil+venti console? In my experience, open 
> console access to servers is bad (insecure).  Even though it is stated 
> numerous places that there is no "root" account.  Apparently physical 
> access to the console IS "root"?

Sure. See, you installed a network-distributed Operating System on a single machine on which you operate locally. Think of it this way, normally you would create file-/cpu-/authservers now. You can substitude 'root' for 'hostowner', which is alias as bootes in most documents (and eve in the kernel iirc, but unsure). He is in group sys and most other groups needed to operate on almost anything (glenda is the hostowner of a single-system-installation).

> 
> Q2) It is stated that you can't run both an authentication server and a 
> file server on the same node so how do I get the 'factotum' stuff going 
> on a standalone file-server/terminal/cpu-server (the cdrom installed 
> system)?
> 

Oh? I kind-of run a fileserver with an auth-server, what documents stat that?

> Q3) I have made a new user, how would I set this new user's (and 
> glenda's) password?  Again on the standalone cdrom installed system.
> 

Not. Distributed network environment, you are trying to use it like Unix, it won't really work that way.

> Q4) on Un*x, after entering a man page command I can search for a 
> specific word with /word in a terminal emulator window. How do I perform 
> the same thing in a rio/rc window (please don't answer "use acme")?
> 

Why not, acme rocks for that :-D

So you are demanding more(1)/less(1), there is not really such thing. If you want to read manpages, search arround in them etc, acme does a great job. If page(1) can search in postscript, and you prefer page, man(1) can assemble them.

> Q5) rebooting seems to be the main method to re-configure the system or 
> ones access rights.  In Un*x logging in/out and using su and 
> kill/restart allowed one to choose the role and modify the system 
> configuration without rebooting (I have a system running with uptime 
> over 3 years). Is rebooting the method for performing these tasks?  This 
> seems rather draconian (imo).
> 

Depends what you reconfigured. Sometimes it is a damn good idea to restart the whole OS after resetup, because you are right there - if some startup-script contains a typo, you will be able to react (unlike the system goes down unexpectedly at 1 am, murphys law, you know).


> 
> ps: i have an ac97 audio driver written and working on a via-epia 
> motherboard? anyone interested in trying this?

Ac97 driver for Plan9? I briefly looked into ac97*.pdf and planned to start working on it if I find the time...

Re: [9fans] really basic (stupid) questions, re: beginning sys admin.

[Steve Simon]

> Q5) rebooting seems to be the main method to re-configure the system or 
> ones access rights.  In Un*x logging in/out and using su and 
> kill/restart allowed one to choose the role and modify the system 
> configuration without rebooting (I have a system running with uptime 
> over 3 years). Is rebooting the method for performing these tasks?  This 
> seems rather draconian (imo).

Once you have an auth server running then you can always cpu(1) to a cpu
server as a different user. I have a single cpu/auth/file server which I often
drawterm to as myself and the cpu to it again in a window as bootes to do my
weekly pull from sources.

-Steve

Re: [9fans] really basic (stupid) questions, re: beginning sys admin.

[erik quanstrom]

> My system is installed from cdrom, release 4, march 23rd, fossil+venti.
> 
> Q1) how to "logout" of the fossil+venti console? 

Ctrl-\.  read con(1) for more information.  you haven't actually logged out,
just cut your connection.

> In my experience, open 
> console access to servers is bad (insecure).  Even though it is stated 
> numerous places that there is no "root" account.  Apparently physical 
> access to the console IS "root"?

the fileserver (either fossil+venti or ken's fs) are ment to be run in
the computer room.  perhaps this is less true than it once was, and although 
it is true that a physically insecure machine is insecure, it's not quite as insecure
as giving a prompt out to anyone.

linux root logins via their logging helped me track down an inside job once
upon a time.  the perp wouldn't have been able to reload the machine or
take it apart as it was in my office.

> 
> Q2) It is stated that you can't run both an authentication server and a 
> file server on the same node so how do I get the 'factotum' stuff going 
> on a standalone file-server/terminal/cpu-server (the cdrom installed 
> system)?

you can't run ken's fileserver (/sys/src/fs) and an auth server on the same
machine becaus ken's fileserver is specialized to serving files --- it can't
run programs.  you can, hoever run an auth server (that's just a matter
of starting auth/keyfs auth/cron editing /rc/bin/service.auth and optionally
starting auth/secstored) on a cpu server.  since fossil and venti also run
on a cpu server, this is possible, although probablly not the most secure
arrangement.

> 
> Q3) I have made a new user, how would I set this new user's (and 
> glenda's) password?  Again on the standalone cdrom installed system.

auth/changeuser.  you must start auth/keyfs first.

> 
> Q4) on Un*x, after entering a man page command I can search for a 
> specific word with /word in a terminal emulator window. How do I perform 
> the same thing in a rio/rc window (please don't answer "use acme")?

the anser is use acme. ;-)  but if you don't like that answer, there is a version
of 9term on sources /n/sources/contrib/quanstro/9term.look.tar.bz2 that will
search for a string in either direction via the b2 menu.  it should be easy
to port my modifications to rio.

> Q5) rebooting seems to be the main method to re-configure the system or 
> ones access rights.  In Un*x logging in/out and using su and 
> kill/restart allowed one to choose the role and modify the system 
> configuration without rebooting (I have a system running with uptime 
> over 3 years). Is rebooting the method for performing these tasks?  This 
> seems rather draconian (imo).

you've been unixed!  plan9 terminals are supposed to be diskless and stateless.
you should be able to pull the plug on your terminal with no worries.  so it
makes sense to either powercycle or reboot a terminal to logout or change
users.  (why is uptime a useful metric on all machines?)  cpu servers and/or
fileservers don't need to change users.  you can leave them running for as
long as necessiary.  my worm fileserver has never been rebooted except to
change kernels.

to run plan9 effectively, you probablly want a minimum of two computers.
1. terminal.  get something cheep.  no harddrive required if you can pxe boot.
i boot my terminal from CF because i have an emergency fossil there.
2. cpu server running auth and venti+fossil.  you don't need much horsepower
for this machine either, but a fair amount of memory is definately beneficial.
if you're running the old fileserver, you need at least one more machine.

- erik

Re: [9fans] really basic (stupid) questions, re: beginning sys admin.

[erik quanstrom]

i'm the culprit.  but i wrote it for p9p, and didn't have the heart to
port it to plan9.  perhaps i should break down and port it to rio.
acme is a better solution, but it seems that that argument has been
lost.

ron, are you ready for smrio? ☺

- erik

On Sat Oct 21 14:33:04 EDT 2006, mirtchovski@gmail.com wrote:
> > How do I perform
> > the same thing in a rio/rc window (please don't answer "use acme")?
> 
> ...there's a patch that adds the 'look' command to the middle-button
> terminal menu so that one can select a string and search for it in
> that particular window. the patch is sitting on our servers, if
> whoever wrote it wants to submit it (either to the distribution or
> separately on /sources) you may use that as a solution.

Re: Re: [9fans] really basic (stupid) questions, re: beginning sys admin.

[andrey mirtchovski]

no, i think we're talking about two different implementations of the
same thing. the one i have is decidedly plan9-only (and I believe
searches in one direction only). it'll be on sources tomorrow.

On 10/22/06, erik quanstrom <quanstro@coraid.com> wrote:
> i'm the culprit.  but i wrote it for p9p, and didn't have the heart to
> port it to plan9.  perhaps i should break down and port it to rio.
> acme is a better solution, but it seems that that argument has been
> lost.
>
> ron, are you ready for smrio? ☺
>
> - erik
>