Managing a network of UNIX workstations

Sun Jan 14 03:11:05 AEST 1990

In article <3949 at jhunix.HCF.JHU.EDU> barrett at jhunix.HCF.JHU.EDU (Dan Barrett) writes:
>
>	I may be managing a network of DECstation 3100's running Ultrix in
>the near future.  I have been managing VAXen for a long time, but never a
>network of workstations.  So, I have some questions:
>
>(1)	How do you handle inter-machine superuser privileges?
>
>	I do NOT want to put "root" in /.rhosts -- this is a big security
>	risk, right?

Risk?  It depends on the permissions you have on / and /.rhosts

>(2)	How do you do transparent backups?  I want to pop a tape in ONE
>	tape drive and say "Back up ALL files from ALL workstations onto
>	this tape."
>
>	Suppose I dedicate one workstation as the "main node", mount all
>	other workstation disks on the main node using NFS, and then back it
>	up.  This should work...?  But don't I have to worry about
>	inter-machine superuser privileges?  After all, we want to back up
>	EVERY file from EVERY machine.

I'll leave this one for someone else to answer.  I have a system operator
that goes around and swaps tapes every morning - so I don't worry about it :-)

>(3)	We'd like all users to have accounts on all workstations.  What's
>	the best way to maintain an inter-machine password file?  I've
>	heard vaguely of "yellow pages" but have never used it.

Yellow Pages is a berkism.  I do sysV so I'll leave that one to someone else.

>(4)	We'd like a system where the entire network appears to each user as
>	if it were one huge "machine".  A user would log onto this "machine"
>	and not care which workstation s/he were actually using.  (Maybe the
>	"machine" would automatically log the user onto the workstation with
>	the lightest system load.  I've seen this done with VMS systems at
>	other schools.)  Can this entire scheme be done?  Transparently?

I don't know about 'one big machine'...
How about setting up a mount point for each filesystem that contain info
'needed' by the users. Eg: /mach1 /mach2 /mach3
This would allow the users to access this information while still retaining
the concept that those files are actually residing on another machine.
I mention this because I've had several aggravating experiences where
'users' got so insulated from the physical configuration underlying the
logical configuration that they literally had no idea that they were
going over the network to retrieve files.  I'm sure there are folks that
disagree with me (send all flames to /dev/null).  Maybe you won't have a
problem with this...  Maybe you will...  I like identifying resources that
have that kind of availablity so that at least there is something there
to tell them that they are tickling the wire.  Once set up in this manner,
a simple memo describing the directory-name nomenclature will suffice for
informing users that: a) they are living in a logical architecture that has
physical architecture ramifications and b) how they can determine when they
might be crossing that boundary between using the net and abusing it.

>(5)	Should we put disks on every workstation, or have one fileserver and
>	many diskless workstations?  Which is better?  Easier to maintain?
>
>	My idea is to have one or two fileservers, make the other
>	workstations use NFS, but put a small disk on each workstation for
>	swapping only.  Good?  Bad?  What's better?

It depends on your usage profile...

AS ALWAYS:
#include <standard_disclaimer.h>