The OpenNET Project / Index page

[ новости/++ | форум | wiki | теги ]

Поиск:  Каталог документации | SCO

Quarterly ASCII posting of SCO UnixWare 7 FAQ

This posting gives an ASCII dump of the entire SCO UnixWare 7 FAQ for newsgroups quarterly.
Archive-name: unix-faq/unixware/qt-faq
Posting-Frequency: quarterly
Version: 1.0.0a
Last-modified: 1999/11/01
URL: http://www.zenez.com/cgi-bin/scouw7faq/faq.pl
Maintainer:   Boyd Lynn Gerber <gerberb@zenez.com>
Disclaimer: Approval for *.answers is based on form, not content.

comp.unix.unixware.misc "SCO UnixWare 7 FAQ" is best viewed in html
because of its format.  Please visit our website at

http://www.zenez.com/cgi-bin/scouw7faq/faq.pl
 
SCO UnixWare 7 FAQ ASCII. 
                                UnixWare 7 Faq
                                 Version 1.06
                              by Matthew Schalit
                             mschalit@pacbell.net
                                20 January 2000

0.  Intro
1.  General Information
2.  User Related Information
3.  Media, Filesystems, and Disks
4.  The Network 
5.  System Administration
6.  Security
8.  Third Party Software
9.  Useful Shell Commands


0.  Intro

  0.1   WWWWW&H.
  0.2   Copyright.
  0.3   Where do I get a copy of this Faq?
  0.4   May I translate this Faq?
  0.5   May I host or maintain this Faq or just eradicate it?



1.  General Information

  1.1   What's a node?  What's a host?
  1.2   What's a nodename?  What's a hostname?
  1.3   What's a Domain Name?
  1.4   What's a Fully Qualified Domain Name?
  1.5   Something doesn't work.  How do I fix it?
  1.6   What does 'OLSS' stand for?
  1.7   What's a disk, disc, or diskette?
  1.8   What's a program?  What's a process?
  1.9   What commands are used to install software?
  1.10  How do I add a package on a disk?
  1.11  How do I add a group of packages on a disk?
  1.12  How do I add a package that's on the OLSS disc, or on the Uw7 discs?
  1.13  What are the names of the Uw7 devices in /dev? 
  1.14  What is stdin?  What is stdout?  What is stderr?
  1.15  Why am I suddenly getting not privileged or no permissions errors?
  1.16  How do I access DOS diskettes?
  1.17  What are some really neat things about Uw7?
  1.18  What's the Webtop?
  1.19  What's Visionfs?
  1.20  What's a sticky bit?
  1.21  Who's logged into my Uw7 host?
  1.22  What processes are being run by user foobar?
  1.23  How do I boot a Uw7 computer?
  1.24  How do I turn off a Uw7 computer or just reboot it?
  1.25  How do I boot into single user mode?
  1.26  What's an inode?
  1.27  What's a hard link?
  1.28  What's a symbolic link?
  1.29  How many users are licensed on my Uw7 host?
  1.30  What's a router?  What's a route?  What's a default route?
  1.31  What's a hop?
  1.32  What's ISL?
  1.33  What's an ACL?
  1.34  What are the minimum system requirements for Uw710?
  1.35  Where do I get the two install diskettes and the HBA diskette?
  1.36  In what order do I insert my HBA diskettes, one came from a 3rd party?
  1.37  How do I list the installed software on the system?
  1.38  How do I check and repair the installed software?
  1.39  What's a MB?  What's a Mb?  What's a KB and a Kb?
  1.40  How do I convert decimal numbers to binary numbers?
  1.41  How do I convert binary to decimal?
  1.42  Are the any Y2K or 2-digit vs. 4-digit year issues?
  1.43  What are my biggest probelms with Uw7?




2.  User Related Information

  2.1   What shell am I using?
  2.2   How do I display Yurtle's user ID (UID) or group ID (GID)?
  2.3   What's a really good shell that gives me useful commands?
  2.4   Where are my users's home directories on UnixWare7?
  2.5   What is User Equivalence and why is it important?
  2.6   What do the permissions -rw-r--r do?  How about drwxr-xr-x ?
  2.7   How do I use Korn shell command recall (history)?
  2.8   How do I use Korn shell filename and directory name completion?
  2.9   Can I display 132 columns on my terminal screen instead of 80?
  2.10  How do I change the color of the terminal font or background?
  2.11  How do I do an ls -l on a directory - not it's contents?
  2.12  Why do I want to use 'less' ?
  2.13  How do I impress changes made to my .profile on my environment?
  2.14  How do I spell check this Faq?
  2.15  How can I tell if an ftp download is still working?
  2.16  How do I issue complex commands to an ftp server, like ls -lF?



3.  Media, Filesystems, and Disks

  3.1   What's a partition?
  3.2   What's a slice?
  3.3   What's a filesystem?
  3.4   What's an inode?
  3.5   What are the names of the disks, like /dev/dsk/c0b0t0d0s0 ?
  3.6   What is the device name of the diskette drive?
  3.7   How do I write files to a diskette and list them?
  3.8   How do I format a 1.44 MB floppy?
  3.9   How do I create a filesystem on a floppy?
  3.10  How do I mount a floppy and view its contents?
  3.11  How do I access the disc in my cd-rom drive?
  3.12  What might a guru type when mounting a disc?
  3.13  Can I burn a cdr in UnixWare 7.1.0?
  3.14  What is the tape drive called?
  3.15  What is a good tape drive to use with Uw7?
  3.16  What are some of the tape commands I want to know?
  3.17  What are the various filesystem types on Uw7?
  3.18  What's the maximum filesystem size?
  3.19  What's the maximum file size?
  3.20  What's the logical block size?
  3.21  Is there still that 64k inode limit by default?
  3.22  How do I mount the filesystem on a disk, disc, or diskette?
  3.23  Why would mounting fail?
  3.24  Why would unmounting fail?
  3.25  How do I list the disk geometry like Cylinders, Heads, Bytes/Sector?
  3.26  How do list my partition and slice layout?  Is there a divvy?
  3.27  How do I convert sectors to MB? 
  3.28  How do I add a 2nd or 3rd disk drive to my system?
  3.29  How do I partition a hard drive?
  3.30  How do I create a slice in a partition?
  3.31  How do I create a filesystem in a slice?
  3.32  How do I use quotas on a vxfs filesystem in Uw7?
  3.33  How do I fsck the root filesystem?
  3.34  How do I enable Large File Support (for file sizes up to 1TB)?
  3.35  Why aren't my new SCSI devices recognized after I install them?
  3.36  Why isn't my Yamaha 4416S recognized after I install it?
  3.37  How do I institute ACL's on a Uw7 system?
  3.38  How do I superformat a diskette in Uw7?
  3.39  Why doesn't my tape drive work with cpio, tar, and ArcServe?
  3.40  How do I add additional swap space?




4.  The Network 

  4.1   Do I need a nic in my Uw7 box?
  4.2   What is a good brand of nic to use in Uw7?
  4.3   How do I list my IP and MAC addresses for all configured nics?
  4.4   How do I list my routing table?
  4.5   How do I add a default route?  Is it permanent?
  4.6   What is a Virtual Domain?
  4.7   How do I add an IP alias in Uw7?
  4.8   Suddenly the network is slow, why?
  4.9   Is there a firewall program for Uw7?
  4.10  What is a TCP Wrapper?
  4.11  What is a Packet Filter?
  4.12  Why can't root ftp into Uw7?
  4.13  What are the idiosyncrasies with the DNS Server Manager?
  4.14  Why does logging into the CDE freeze for minutes, then restart?
  4.15  What are network services?
  4.16  What network services, that run by default, don't I need? 
  4.17  Why can't I see computers on another subnet with Visionfs?
  4.18  Can I synchronize my computer's clock with the correct time?
  4.19  How do I use ntpdate?
  4.20  How do I use xntpd?
  4.21  Where is my domain name stored in the root filesystem?
  4.22  Is DHCP possible with Uw7?
  4.23  What are good IP addresses to use for my private LAN?
  4.24  How do I setup Uw7 as a router for two subnets?
  4.25  What is a good modem for Uw7?
  4.26  How do I set up an outgoing ppp connection?
  4.27  How do I set up an incoming ppp connection?
  4.28  How do I set up bidirectional PPP? 
  4.29  I want to disable a particular daemon, how is this done?
  4.30  How do I apply changes made to /etc/inet/inetd.conf? 
  4.31  How do I apply changes made to /etc/inet/config?
  4.32  How do I boot an ftp user who is logged in?
  4.33  How do I catch someone trying to port scan my Uw7 host?
  4.34  What web servers are running or not on Uw7 after ISL?
  4.35  Why can't I access the Webtop, my Netscape server, or Netscape Admin?
  4.36  How do I configure remote Netscape administration?
  4.37  What is the login:pass for Netscape Admin?  I can't log in.
  4.38  What do I need to watch out for with ns-admin.conf?
  4.39  How do I do NAT or DNAT or IP Masquerading on Uw7?
  4.40  Why do I see a 'Disk not sane' error when booting off emergency disks?
 


5.  System Administration

  5.1   What do I want to watch out for, right after ISL?
  5.2   What do I want to set up, right after ISL?
  5.3   In what order do I install all those PTFs?
  5.4   What logs do I want to follow?
  5.5   Where are errors recorded?
  5.6   Do I like Uw7?  Is it helpful?  Does it harsh my reality?
  5.7   A program that was running has crashed and is locked up, why?
  5.8   What are the keys I press to kill a foreground process?
  5.9   How do I find and kill a background process?
  5.10  What are the various 'kill' command arguments?
  5.11  What are the Security Profiles and their password restrictions?
  5.12  What are the restrictions on login names?
  5.13  What's a umask?  What's the default umask?
  5.14  What's an environment?  What's a .profile or .cshrc?
  5.15  Where are all the possible places to set the environment?
  5.16  Where do I change the default account aspects, like the login shell?
  5.17  How do I reuse a UID after deleting the original user?
  5.18  What are the advantages of command line 'userdel?'
  5.19  What are the advantages of command line 'usermod?'
  5.20  Where do I change the default password restrictions, such as length?
  5.21  How do I record unsuccessful login attempts?
  5.22  How do I lock an account?  How do I unlock an account?
  5.23  How do I control process priority in Uw7, with nice?
  5.24  What's good to know about cron in Uw7?
  5.25  How do I monitor the amount of space left on my drives?
  5.26  How do I determine disk usage by user?
  5.27  How do I locate and remove 'core' files?
  5.28  What is the DCU?  What do I need to know about it?
  5.29  How do I spool a package rather than install it?
  5.30  How do I change the resolution / colors on my video card?
  5.31  Will you describe the boot process please?
  5.32  What is the default run level for Uw7?  How do I set it?
  5.33  What does 'Can't load stage3' mean?
  5.34  What can I do at the boot: prompt?
  5.35  Where do I set autoboot time, after which the system goes multiuser?
  5.36  How do I boot unix.old?
  5.37  How do I make a change to the /etc/inittab file?
  5.38  Why does my system hang during startup or during shutdown?
  5.39  How do I rebuild the kernel?
  5.30  How do I rebuild the MBR or MBB?
  5.41  How do I rebuild the boot slice?
  5.42  How do I figure what process caused a core dump, such as core.242?
  5.43  What are the important tunable parameters I might adjust like MAXUP?
  5.44  How do I stop the X desktop or the CDE from running? 
  5.45  How do I send a pop-up message to the Windows machines on my LAN?
  5.46  How do I change the message I see at the login prompt?
  5.47  How do I get the character terminals to blank the screen?



6.  Security

  6.1   What are the system security features?
  6.2   What are permissions?
  6.3   What are Tcp Wrappers and Packet Filters?
  6.4   What are privileges?
  6.5   What are the alternatives to su?  A user needs a privilege.
  6.6   How do I use tfadmin, adminuser, and adminrole, instead of su?
  6.7   What are some gaping security risks I need to patch immediately?
  6.8   I'm not sure if I should apply a Uw7 security patch, what do I do?




8.  Third Party Software

  8.1   ssh2
  8.2   Star Office
  8.3   Where do I find a piece of software call "xxxxxxxxxxx" for Uw7.1.0?
  8.4   What is on the OLSS, aka Skunkware?
  8.5   Lonetar, Backup Edge, Backup Professional 
  8.6   How do I enable 128-bit encryption with Netscape programs?
  8.7   Wordperfect 8
  8.8   How do I install the KDE?  Is it any good?



9.  Useful Shell Commands

  9.1  How do I search in every file for a string like "See foo?"
  9.2  How do I find the largest files and directories?
  9.3  How do I find the largest files?
  9.4  How do I determine the number of free inodes?
  9.5  How do I find the user who is using files in a filesystem and
       thus preventing it from being unmounted?



##################################
                                 #
0.   Intro                       #
                                 #
##################################


0.  Intro



  0.1   WWWWW&H?
  7 Dec 1999
  -----------------------------------------
    Who:  Matthew Schalit, mschalit@pacbell.net, Age 32.
          Education BS Physics, UCSB, SCO ACE pending.
    What: This is a compilation of newsgroup questions from the Usenet
          newsgroup comp.unix.unixware.misc that deal with the SCO
          UnixWare 7 Operating System.
    Where: California 
    When:  This was originally posted to cuum on 18 Oct 1999.
           It is currently due for another few revisions until it
           becomes relatively stable and worthy of the great people
           what have taught me over the years.
    Why: I was inspired to write this when I saw a goodly Linux user
         post that there was no Faq but that Linux had many.
    How: I try to publish straight text so that it's portable.
        
        New additions/corrections were added on or after 31 Oct 1999, 
        and include ACL's, swap, Y2K, security, KDE, and disaster recovery.





  0.2   Copyright.
  7 Dec 1999
  ----------------------------------------
     These bits have been posted to a newsgroup and as such are free.
     Due to their nature, you may use them as you see fit.  Permission 
     to use, copy, modify, and distribute this Faq for any purpose and 
     without fee is hereby granted.  It'd be an honor.  Matthew Schalit 
     makes no representations about the suitability of this Faq for any
     purpose. It is provided "as is" without express or implied warranty.





  0.3   Where do I get a copy of this Faq?
  6 Jan 2000
  ----------------------------------------
    The Faq can be found at it's home, in text, pdf, or postscript, 
    at the following ftp site:
         Ftp:      63.194.213.179
         Port:     710
         Login:    anonymous
         Pass:     valid email

    The web version can be found at www.zenez.com 
    The text version can also be found at www.freebird.org
    The Faq can be emailed to you.  Send your request to me at:
    mschalit@pacbell.net

         


  0.4   May I translate this Faq?
  7 Dec 1999
  ----------------------------------------
   The UnixWare community and I would be honored if you gave your time
   to translate this Faq to another language.  You are given permission
   by the copyright to do so.  Would you please send me email at  
   mschalit@pacbell.net so that I can put a copy on my ftp site?
   So far it has been translated into Turkish and Slavic.



  0.5   May I mirror or maintain this Faq or just eradicate it?
  7 Dec 1999
  --------------------------------------
   You certainly may.  I am easily bought, and I like beer.  
   Pizza's good too.






##################################
                                 #
1.  General Information          #
                                 #
##################################

  1.1  What's a node?  What's a host?
  3 Oct 1999
  ----------------------------------------
   Node and host are synonyms for 'computer.' 
   A node can also refer to a device file like /dev/rdsk/f03ht,
   which gets created with the command mknod.


  1.2  What's a nodename?  What's a hostname?
  3 Oct 1999
  ----------------------------------------
   A nodename or a hostname is a computer's name.
   Computers are given names these days, so that they can be easily 
   distinguished from one another in a network environment.
   A nodename is a single word, eight characters or less, in lower case,
   that begins with a letter.  For the name to be compatible with uucp, keep 
   the name seven characters or less.  Common names for people's computers are 
   types of trees, countries, and names of their favorite Sci-Fi characters.  
   eg. the hosts used in some SCO documents:

     tortola
     redwood
     luke
     sales1


  1.3  What's a Domain Name?
  18 Sept 1999
  ----------------------------------------
   A domain name is the name that a group of computers all share.
   We are familiar with common domain names like:

     sco.com
     ibm.com
     pacbell.net
     sco.co.uk

   A domain name is the human-friendly representation of the network
   address of a group of computers.


  1.4  What's a Fully Qualified Domain Name?
  18 Sept 1999
  ----------------------------------------
   A FQDN is the complete name for a computer that specifies it on
   a network.  It consists of the nodename + domain name:

     tortola.sco.com
     doc.sco.com
     www.sco.com
     luke.mydomain.net
     www.deepspace.ucsb.edu

   A FQDN is the human-friendly representation of the IP address for
   a host on a network.


  1.5  Something doesn't work.  How do I fix it?
  18 Sept 1999
  ----------------------------------------
   There are the man pages, which contain the directions for each command
   and some important files, too.  Use the 'man' or 'apropos' command to
   look for a command or subject respectively:

      man grep
      apropos security

   Use the scohelp search engine on the UnixWare host to search for a word 
   or words.  If the host is down, use scohelp from SCO:

      http://localhost:457/       <--  This url is for the UnixWare host.
      http://doc.sco.com/         <--  This url is for the SCO document site.

   My two favorite places for information:

      http://www.dejanews.com/
      http://www.sco.com/ta/

   The first is a Usenet search engine, and the latter is the SCO Technical
   Article home page where you can search the SCO database for your issue.
   The Usenet newsgroups that you will want to focus on are:

      comp.unix.unixware.misc
      comp.unix.sco.misc

   There is an excellent Uw7 book recently published:

      Henriksen G. & M., _UnixWare 7 System Administration_, MacMillan
      Technical Publishing, USA, 1998.

   There are excellent web sites by other good people at:

      http://www.aplawrence.com/
      http://www.cruzio.com/~jeffl/sco/index.html


  1.6  What does 'OLSS' stand for?
  22 Sept 1999
  ----------------------------------------
   Open License Software Supplement, which was previously named Skunkware.
   This is a collection of unsupported software written by the unix
   community for SCO Os's.  For a list of the programs that were
   contained on the OLSS that shipped with Uw7.1.0, see section 8.4.



  1.7   What's a disk, disc, or diskette?
  22 Sept 1999
  ----------------------------------------
   A disk refers to a hard disk drive.
   A disc refers to a cd-rom disc.
   A diskette refers to a floppy diskette.



  1.8   What's a program?  What's a process?
  25 Sept 1999
  ----------------------------------------
   A program is a file that is stored on a physical
   piece of media that can be run to perform a series
   of tasks.  A process is what you call that
   program when it is loaded into and running in memory.



  1.9  What commands are used to install software?
  19 Oct 1999
  ----------------------------------------
   Software in Uw7 is usually bundled into an installable archive
   called a package.  

   In Uw7, packages are added, viewed, modified, and deleted with
   variations of the following commands.  See also the next question.

      pkgadd
      pkginfo
      pkgrm



  1.10  How do I add a package on a disk?
  19 Oct 1999
  ----------------------------------------
   To add a package named '/tmp/myapp.pkg' do the following:

      cd /tmp
      pkgadd -d `pwd`/myapp.pkg

   It is preferable to add a package utilizing the `pwd` command,
   because we find ourselves deep in a directory tree sometimes, and it
   is easier to let the shell complete that path name rather than type
   pkgadd -d /mnt/apps/uw7/olss/squid/squid2.2/squid-2.2STABLE2.pkg



  1.11  How do I add a group of packages on a disk?
  7 Dec 1999
  ----------------------------------------
   Let's say you have a bunch of OLSS packages that you downloaded
   and stored in /dload/olss/*.pkg, then you can do the following:

      cd /dload/olss
      find `pwd` -name "*pkg" -ok pkgadd -d {} \;

   where
      find       <-- the command searches your mounted filesystems
      `pwd`      <-- is evaluated as your current path 
      -name      <-- tell find that your looking for a specific file(s)
      "*pkg"     <-- called splat pkg.
      -ok        <-- pipe those complete pathnames to the next command
                     if and only if the user presses the 'y' key after
                     each found file is displayed to stdout.
      pkgadd -d  <-- that's the package adding command
      -d         <-- tells pkgadd that the next arg will be the path to the pkg
      {}         <-- this is where find inserts the path it found one at a time
      \;         <-- Escaped semi means end of the line.




  1.12  How do I add a package that's on the OLSS disc, or on the Uw7 discs?
  7 Dec 1999
  ----------------------------------------
   To add the package named 'less' from the first cd-rom drive:

      pkgadd -d cdrom1 less

   You can also install a bunch of apps from a disc, as in:

      pkgadd -d cdrom1 less gs xpm glibs gv xpdf top pine



  1.13  What are the names of the UnixWare7 devices (like disk, tape, etc...)
  22 Sept 1999
  ----------------------------------------
    UnixWare comes with two neat commands called, 'getdev' and 'devattr'
    which are often used one after the other:

      getdev | less
      devattr -v diskette1

    After looking at devattr, take a look at Section (3), Media, Filesystems,
    and Disks.



  1.14  What is stdin?  What is stdout?  What is stderr?
  5 Nov 1999
  ----------------------------------------
   stdin, standard in, means the default character input device, which
   is generally the keyboard.

   stdout, standard out, means the screen that is displayed to you when 
   you are typing at a prompt.  Commands like 'ls' and 'cat' display 
   their output to stdout.

   stderr, standard error, means the screen that error messages
   are displayed to.  The registration nag displays itself to stderr, which
   is usually on the console, ctrl-alt-esc.




  1.15  Why am I suddenly getting not privileged or no permissions errors?
  22 Sept 1999
  ----------------------------------------
   When something drastic occurs, such as the restoring of critical files,
   the securities privilege database can get corrupted.  Symptoms could be
   that a user tries to ping and they will see:

      UX:ping: ERROR: socket: permission denied

   Check it with:

       /sbin/initprivs

   If running that returns anything at all, then fix it immediately with

       /etc/security/tools/setpriv -x

   (This happened to me on the 24th, two days after I made this and checked it. 
   As I recall, a BP backup had recently hung, hmmmm.



  1.16  How do I access DOS diskettes?
  23 Sept 1999
  ----------------------------------------
   In Uw710 and future releases, the old DOS utilities have been replaced
   with the 'mtools' programs located on the OLSS disc, so that SCO
   will not have to pay royalties to Microsoft.  We now have:

      mdir mcopy mdel mmd mformat   

      

  1.17  What are some really neat things about Uw7?
  24 Sept 1999
  ----------------------------------------
   UnixWare 7.1.0 was bundled with two outstanding applications
   in my opinion, that make it more useful than some Os's.
   The Webtop and Visionfs open doors like no other programs
   I have ever seen (except a web browser, of course).

   UnixWare's 'more' lets you scroll up line by line.

   UnixWare's ftp daemon lets users compress and/or tar archives on the
   fly of uncompressed / untar'ed files or directories.

   There is a package called Reliant HA which is a way to institute 
   high availability with Uw7 hosts, so that you can share the
   load to a group of servers and have reduncany at the same time.



  1.18  What is the Webtop?
  24 Sept 1999
  ----------------------------------------
   The Webtop is a scaled down version of Tarentella!!  What's with 
   the exclamation points?  Please allow me to explain...
   
   The Webtop lets you run an application on Uw7 but display it
   to any Netscape w/Java browser anywhere in the world.

   This redirection of display and keyboard control is what used
   to be accomplished with an X-Server running on a PC.  Then the
   X-based application running on Uw7 would be displayed on the
   PC using the PC X-Server.  

      Disadvantage == $$.  
      Disadvantage == Installing X-Server on all PC's
      Disadvantage == Limited to X-Applications.

   Also, redirection of display and keyboard control is being done by
   telnet for terminal based programs, and in a more specialized way
   with products such as Facet-Win.

   Now with the Webtop,

      Advantage == Low $$, almost every computer has Netscape.  Webtop is free.
      Advantage == No configuration needed on the PC side if Netscape is
                   already running with Java enabled.
      Advantage == Simple as heck for users.  They just type the URL:
                   http://myhost/webtop/   <-- 'myhost' is the Uw7 FQDN.
                   and they are presented with a Login screen.
      Advantage == Can be seen on any computer with Netscape, not just PC's.
      Advantage == Can be administered from anywhere in the world.
      Advantage == Root can use the scoadmin managers through the webtop.
      Advantage == Runs many type of programs like X-apps, Terminal apps, etc.



  1.19  What is Visionfs?
  24 Sept 1999
  ----------------------------------------
   Visionfs is a program that runs on the Uw7 host and lets Windows
   users do file and print sharing with the Unix host.  Windows users
   will see the Unix computer in their Network Neighborhood.



  1.20  What's a sticky bit?
  24 Sept 1999
  ----------------------------------------
   A sticky bit is one of the permissions that can be set on a directory.
   Most people are familiar with read and write permissions already.

      drwxrwxrwx         <--  A directory that any user can list,
                              create/delete files in, or access.

   When the sticky bit is set on a directory, it means that anyone can
   create files in the directory but users can only delete files they own.

      drwxrwxrwt         <--  Here the sticky bit is set. 

   The temp directory has the sticky bit set on it.  To set the sticky
   bit on a directory called /foo as shown above, enter the command:

      chmod 1777 /foo



  1.21  Who is logged into my Uw7 host?
  24 Sept 1999
  ----------------------------------------
   You can use the 'who -Hu' command.



  1.22  What processes are being run by user foobar?
  24 Sept 1999
  ----------------------------------------
   You can use the 'ps -u foobar' command.



  1.23  How do I boot a Uw7 computer?
  24 Sept 1999
  ----------------------------------------
   When you turn on the power, you will see a UnixWare 7 splash
   screen after your computer POST's.  There is a 5 second delay
   and then it will autoboot into multiuser mode.  If for some reason
   you are presented with a   boot:  prompt, you can type go and hit Enter.




  1.24  How do I turn off a Uw7 computer or just reboot it?
  24 Sept 1999
  ----------------------------------------
   As root, from the / directory enter:

      shutdown -g0 -y -i0      <--  To shut it off
      shutdown -g0 -y -i6      <--  To reboot it

   both commands wait for zero seconds before beginning the shutdown,
   and both commands require no further 'yes' responses.




  1.25  How do I boot into single user mode?
  24 Sept 1999
  ----------------------------------------
   Turn on the computer or reboot it, and when you see the
   splash screen, press the space bar.  At the boot: prompt, type:

       initstate=1
       go

   Do not attempt to do an 'init 1' or 'shutdown -i1' from multiuser
   mode.  This barely works, and you will get many errors.

   Do not attempt to go to multiuser mode from single user mode.
   To get to multiuser mode from single user mode, reboot!
   If you don't, you will most likely have a crippled system.


  1.26  What's an inode?
  7 Dec 1999
  ----------------------------------------
   An inode is a data structure that contains information about a file.
   Inodes point to files in a filesystem, just as a Table of Contents
   point to chapters in a book.  Inodes are refered to by numbers starting 
   from 2.  Each filesystem has one unique set of inodes.  Each file has 
   an inode assigned to it when it is created.  There has been historically a
   limit of 64K inodes per filesystem, and we had to watch out that we
   didn't create too many files, thus run out of inodes.

   The inode (information node) contains the following data:

     * mode                       -  d,l,c,b  (Directory, Link, Device Files)
     * link count                 -  the number of hard links to the file
     * owner                      -
     * group                      -
     * size in bytes              -
     * time stamps                -  mtime, ctime, atime
     * data block addresses       -  Pointers to the real data



  1.27  What's a hard link?
  9 Oct 1999
  ----------------------------------------
   A hard link is an additional name for a file.  When a user creates
   a hard link, an inode number / name pair is entered into the target
   directory, and that inode is the same number as the original inode.
   Thus both names have the same inode number.

   Hard links can not cross filesystem boundaries (filesystems have 
   different inode tables).  Hard links can't link directories.



  1.28  What's a symbolic link?
  9 Oct 1999
  ----------------------------------------
   A symlink is sometimes called a soft link and is another
   way to provide multiple names for the same file.  A symlink
   can cross filesystem boundaries and can link directories.

   Physically, when a user creates a symlink, a new file entry is created
   in the target directory, and that file's inode contains pointers
   to the original file's data block addresses.



  1.29  How many users are licensed on my Uw7 host?
  9 Oct 1999
  ----------------------------------------
   You can run the uname -l command.



  1.30  What's a router?  What's a route?  What's a default route?
  7 Dec 1999
  ----------------------------------------
   Router:
    A router is a network device that is used to connect two different
    networks together.  The difference in the networks can be as trivial
    as that they are on different subnets, or complex as in
    connecting and translating a DSL line to a local LAN, for example.
    A router can be a separate device as in a Cisco router or a router
    can be a computer with 2 network cards.  A firewall is a router that
    only allows specific traffic to pass between networks.

   Static Route:
    When a computer on network A needs to talk to a computer on network B,
    the data passes back and forth through the router, using it as the 
    connection between the networks.  The path that the data takes
    from network A to B through the router is called a route.  For
    computers on A to talk to B, they need to have a static route entered 
    in their Operating System's routing table.  In the routing table,
    a static route is listed as the IP address of the router.  This says
    to the host on A, use the router as the static route to get traffic to 
    any host listed on network B.

   Default Route:
    If there is no static route from A to B, then the system will fall
    back onto the default route to get data out to an unknown IP network.
    Because our computers are generally attached to only one subnet,
    and because there is usually a router on that subnet to connect
    that subnet to the rest of the world, the host in this case always
    uses the same route to get its data out.  That route is what we  want
    to use as the default route.



  1.31  What's a hop?
  11 Oct 1999
  ----------------------------------------
   When we speak of the number of hops that it takes for data to get from 
   computer A to computer B, we are referring to the number of routers that 
   the data passes through to get there.


  1.32  What's ISL?
  13 Oct 1999
  ----------------------------------------
   ISL stands for Initial System Load, which is what we call it when
   you install your OS.


  1.33  What an ACL?
  5 Nov 1999
  ----------------------------------------
   ACL stands for Access Control List, and an ACL is a list of permissions
   that correspond to a file the same way UID:GID and rwxr-xr-- do.  The
   ACL permissions are an extension of the usual permissions on a file.
   ACL's give us a way to let specific users access files, users who would
   not otherwise have access.  See also the ACL question(s) in the System
   Administration section.  When there is an an active ACL list for a
   file, then ls -l will show a (+) sign after the permissions bit, i.e.:

      -rwxr-xr-x+

   ACL's can be used to let two different groups have access to a file,
   or they can be used on a more specific per user basis.
   ACL's can also be put onto a directory, and then new files will inherit the
   default ACL's.  Unfortunately, SCO has shipped 7.0.1, and 7.1.0 with 
   broken default directory ACLs.  Files don't inherit the proper permissions.
   Here's to their fixing it soon.



  1.34  What are the minimum system requirements for Uw710?
  7 Dec 1999
  ----------------------------------------
   32 MB RAM, 486DX, mouse, SVGA, floppy, cd-rom or nic to install,
   and a 1.2 GB hard drive (500MB for small footprint server).
   That would be rather meager, though; so try to use at least a Pentium
   with 64 MB ram.  Please be sure to use supported hardware that is
   listed on the SCO website, http://www.sco.com/chwp/



  1.35  Where do I get the two install diskettes and the HBA diskette?
  20 Oct 1999
  ----------------------------------------
   Normally those diskettes were packaged with the Uw7 media kit that you got.
   When they are lost or corrupted, you can recreate them from images 
   that are on your Uw7 Install Disc #1.  Those images are stored
   on the disc in

      /info/images/Boot_ima.1
      /info/images/Boot_ima.2
      /info/images/Hba_imag

    To make a diskette from one of those images, choose one way:

      A)  Use a Uw7 machine, cd to the /info/images directory and:
           
             format -E /dev/rdsk/f03ht
             dd if=<image> of=/dev/rdsk/f03ht bs=512k

          I patiently run an exhaustive verify on my diskette
          formats, but that's just me.

      B)  Use the program rawrite2 which is available on the net.
          Run this in a DOS window somewhere distasteful:

             rawrite2 -f d:\info\images\Boot_ima.1 -d A:

      C)  Use the floppycp program which is available on the net.




  1.36  In what order do I insert my HBA diskettes, one came from a 3rd party?
  14 Oct 1999
  ----------------------------------------
   When you are given an HBA diskette for Uw7 from a third party hardware
   vendor like DPT or Mylex, you will insert that diskette first and insert
   the SCO supplied HBA diskette last.  The install process will use the
   first installed driver, if there were two installed.
 


  1.37  How do I list the installed software on the system?
  14 Oct 1999
  ----------------------------------------
   You can use the pkginfo command as in:
 
      pkginfo | less
      pkginfo -l <pkgname like nsfast or gcc>



  1.38  How do I check and repair the installed software?
  14 Oct 1999
  ----------------------------------------
   People are tempted to use the pkgchk -n command to check if there
   are any errors in the installed packages.  This is ok.  But it
   is NOT ok at all to use pkgchk -f to fix things up.  The
   Uw7 Release 7.1 Getting Started Guide specifically states,
   on p. 65,

      'It is typical to see a number of errors when running this command
       (pkgchk or pkgchk -n), due to the number of and interaction 
       between the various packages on your system.  You should make a
       note of any errors you find, but do not attempt to fix these
       errors with pkgchk -f.  This command is currently not
       supported and may cause your system to fail or not reboot. 
       There is no current workaround.'
 


  1.39  What's a MB?  What's a Mb?  What's a KB and a Kb?
  7 Dec 1999
  ----------------------------------------
   MB == Megabyte         1 MB == 1024 KB
   Mb == Megabit
   KB == Kilobyte         1 KB == 1024 B
   kb == Kilobit
   B  == byte             1 B  == 8 b
   b  == bit
   1 block == 512 B



  1.40  How do I convert decimal numbers to binary numbers?
  14 Oct 1999
  ----------------------------------------
   To convert decimal to binary, draw yourself the following
   chart, and I'll convert 184 to binary:

       7    6    5    4      3   2   1   0      <-- two to this power 
      128   64   32   16     8   4   2   1      <-- equals the number below it


   To convert 184, I think to myself:
     *  184 has at least a 128 in it, so I put a one in the 128's column.

        1

     *  184-128 = 56 ,  which is less that 64, so there are no 64's.  Put a 0
        in the 64's columns and a one in the 32's instead.

        1    0    1

     *  56-32 = 24, so I need a 16 and an 8 to make 24, no 4's, 2's, or 1's.

        1    0    1    1     1    0   0   0

   So 184 = 10111000.  I hope that wasn't too confusing.



  1.41  How do I convert binary to decimal?
  14 Oct 1999
  ----------------------------------------
   To convert binary back to decimal, draw the usual chart:

      7    6    5    4     3    2    1    0
     128   64   32   16    8    4    2    1

   Then, to convert 11011011, for instance, write it below the columns,

      1    1    0    1     1    0    1    1    which looks like:

     128 + 64 + 0  + 16  + 8  + 0  + 2  + 1  =  219



  1.42  Are the any Y2K or 2-digit vs. 4-digit year issues?
  5 Nov 1999
  --------------------------------------
   SCO just released another ptf for Y2K related issues:  ptf7436a  libc
   This ptf covers the gettime issue that was previously discussed here.
   Also there is a Y2K patch for 7.1.0, ptf7402, and one should apply that. 




  1.43  What are my biggest probelms with Uw7?
  5 Nov 1999
  --------------------------------------
   My biggest problems, which relate specifically to my one test system
   are the following:

   1)  Ifor_pmd failures on reboot.
   2)  Netscape Fastrack Server not licensed error needing reboot.
   3)  Default Directory ACL's don't work.
   4)  Miserable emergency_disk and emergency_rec commands.
   5)  Matrox Millenium I, II, G200, and G400 drivers don't work.
   6)  SCO ships the OS with bugs and lets us find them.
   6)  There's mention of broken header files and POSIX since 7.0.0.
       w.r.t. ushort or u_short or something like that.  Not really a
       big issue with me, but still gives me cause to pause.






##################################
                                 #
2.  User Related Information     #
                                 #
##################################

  2.1  What shell am I using?
  18 Sept 1999
  ----------------------------------------
   Use the 'ps' command:

      ps


  2.2   How do I display Yurtle's user ID (UID) or group ID (GID)?
  7 Dec 1999
  ----------------------------------------
   Use the 'id' command to display all the UID and all the groups:

      id yurtle


  2.3  What is a really good shell that gives me useful commands?
  18 Sept 1999
  ----------------------------------------
   People enjoy the Korn Shell, ksh, for everyday use.  It gives the
   user the ability to do command recall and filename completion.
   The default root shell is the Bourne shell, sh, which is considered more
   secure because it does not have command line history, but is
   limited and rather old.  Bash is the Borne Again Shell, a newer
   version of the Bourne Shell which is well liked also.


  2.4  Where are my users's home directories on UnixWare7?
  5 Nov 1999
  ----------------------------------------
   The home directories are all in '/home' which is often
   created as slice number 4 on the first disk drive:

      /home   is mounted on   /dev/dsk/c0b0t0d0s4

   Yurtle's home directory would be /home/yurtle for instance.
   Fred's home directory would be   /home/fred   for instance.
   When logged in as fred, I can type ~/ which means /home/fred/,
   or I could type $HOME/.


 
  2.5  What is User Equivalence and why is it important?
  18 Sept 1999
  ----------------------------------------
   User equivalence exists on a network when the following
   occurs on _all_ computers on that network:

      a given user has the same username, UID, and password
      a given user belongs to the same groups
      a given group has the same GID

   This enables all users to have transparent access no matter
   what terminal they sit down at.  It also enables users to
   utilize commands such as 'rlogin.'


  2.6  What do the permissions -rw-r--r do?  How about drwxr-xr-x ?
  18 Sept 1999
  ----------------------------------------
   Permissions control whether users can list, create, delete, access,
   read, modify, or run a file.  Definitions are as follows:

      Directory Perms                              File Perms
     -----------------                            ------------
      r = ls the directory                         r = cat a file
      w = create / delete files in the dir.        w = modify file with vi
      x = access the directory                     x = execute a file

   To answer the question, the first example lets the owner read and
   write to the file, and everyone else can only read it (excluding root).
   In the second example, the directory is set up so that the owner 
   of the directory can list files in the directory, create/delete them, 
   and access the directory.  Everyone else, except root, can only list 
   the files and access the directory.  

   Note that DELETING a file depends on the directory w permission and the
   directory's owner/group, NOT on the file's w permission! Permissions can 
   be listed with the 'ls -l' command.

   Permission numerical equivalents:

      read    = 4
      write   = 2
      execute = 1



  2.7  How do I use Korn shell command recall (history)?
  22 Sept 1999
  ----------------------------------------
   Commands you have typed can be recalled again on the command line
   so that you can just press 'Enter' to re-execute the command.
   Commands can be recalled and edited, too.  The history of commands
   is kept in the user's directory as $HOME/.history.

   First the user needs to log in using the Korn shell, which is the
   default shell for new users.  The user's $HOME/.profile needs to
   contain the lines:

      EDITOR=vi
      export EDITOR

   Then log in as the user.  Go ahead and type a few harmless commands
   like 'cal' and 'banner hello' to prime your history file; then
   you are ready to use it.  When you want to work with a command in your
   history, press the 'Esc' key once.  This puts you into a single line
   vi editor, in command mode, that has opened your history file.  To cycle 
   up or down through the commands in your history, use the 'j' and 'k' 
   keys just as you would in vi.  When you find the command you want, 
   press Enter.

   Because you are using a single line vi, you can use all the usual
   vi commands to move about and alter the command as needed.  Things
   to try are the search '/' keystroke in order to search through your
   history for the command you are looking for and the 'w' or 'b' keystrokes.


  2.8  How do I use Korn shell filename and directory name completion?
  22 Sept 1999
  ----------------------------------------
   The Korn shell can be used to help someone type out the long name of
   a file or directory.  Often we give gzipped archives such a long
   descriptive name that it takes too long to type the whole thing. 

   To use name completion, use the Korn or Bash shell with the
   EDITOR variable set to 'vi' as described in (2.7).  Then start typing
   something like 

      cd /opt/net

   then press:

      'Esc'
      '\'

   The keystrokes Esc, then \ will complete the name net to netscape if
   net contains enough characters to uniquely identify the only possible
   name as 'netscape.'  If there are two or more files or directories
   that start with net, then nothing will change on your screen.



  2.9   Can I display 132 columns on my terminal screen instead of 80?
  5 Nov 1999
  ----------------------------------------
   This is still not possible in a regular terminal screen like vt04.
   It is possible, though, to do on the CDE in a dtterm by clicking on 
   Options --> Window Size -->  132 columns.



  2.10  How do I change the color of the terminal font or background?
  22 Sept 1999
  ----------------------------------------
   Use the 'setcolor' command.  I like to leave the default white
   on black for regular characters and change the inverse, as in:

      setcolor -r yellow red

   This looks good to me when I pipe things to 'less.'



  2.11  How do I ls -l a directory but not its whole contents?
  9 Oct 1999
  ----------------------------------------
   When you try to ls -l /tmp to see what the permissions are on /tmp,
   the command lists the contents of /tmp instead.  To stop that, type:

      ls -ld /tmp

   You can remember the -d as standing for 'directory.'



   2.12  Why do I want to use 'less' ?
   15 Oct 1999
   --------------------------------------
    Less is an excellent program that can be pkgadd'd off the OLSS disc.
    Less is more.  Less has the following excellent aspects:

      * Less can scroll up and down line by line
      * Less can scroll horizontally, left and right
      * Less can be configured so that it does not wrap long lines (ps -ef !!)
      * Less uses all the usual vi commands like h, j, k, l, and /.
      * Less can tail a growing log file just like tail -f does.
      * Less will highlight text strings found using /.

    To get the most out of less, I like to do the following in my .profile:

      setcolor -r yellow red
      LESS=MS
      export LESS

    This sets the highlight colors, and exports the -M and -S arguments
    to less which makes less put file %'s at the bottom of the screen and
    makes less not wrap long lines (scroll right with the arrow key).


  2.13  How do I impress changes made to my .profile on my environment?
  15 Oct 1999
  -----------------------------------------
   You can type the command

      . $HOME/.profile

   using the . with a space after it causes the file to be run.


  2.14  How do I spell check this Faq?
  15 Oct 1999
  ----------------------------------------
   Uw7 comes with the spell command, but I find it hard to use.
   There is an excellent spell checker on the OLSS called ispell.
   It is interactive and has a ? command for help.

      pkgadd -d cdrom 1 ispell
      ispell bitsofaq



  2.15  How can I tell if an ftp download is still working?
  26 Dec 1999
  -------------------------------------
   The ftp client program has a useful feature called Hash, which
   when turned on, prints a bunch of ##### to the screen during the
   download, 1 # for each 1KB download.

   Just issue the 'hash' comand at the ftp prompt, the same way that
   you issue the 'bin' command.




  2.16  How do I issue complex commands to an ftp server, like ls -lF?
  26 Dec 1999
  --------------------------------------
   The ftp client program lets you issue complex argument lists within
   quotation marks, as in:

      ftp>  ls "-lF ptf*"

   The trick is just to quote eveything after the first command.
   It only took me 10 years of ftp'ing to learn that one :)






#####################################
                                    #
3.  Media, Filesystems, and Disks   #
                                    # 
#####################################

  3.1   What's a partition?
  14 Oct 1999
  ----------------------------------------
   A disk can be subdivided into one to four continuous sections
   called partitions.  In reality, Unixware7 likes to use only one Unix
   partition per disk, but the others can be raw for database use.
   Inside a partition are slices (or just raw space as I mentioned).



  3.2   What's a slice?
  14 Oct 1999
  ----------------------------------------
   A slice is a subdivision of a partition.  There can be from zero to 184
   slices in a partition.  Inside a slice is a filesystem.



  3.3   What's a filesystem?
  14 Oct 1999
  ----------------------------------------
   A filesystem is a data structure (sort of like an array) that contains
   a superblock, an inode list, and data blocks.  This data structure is
   used to provide the operating system access to files and data.
   The data blocks hold the actual file data, and the inodes keep track
   of things like permissions and where the actual data is.


  3.4   What's an inode?
  14 Oct 1999
  ----------------------------------------
   An inode is also a data structure that holds the important information
   about a file that we see when we do an ls -l, like:

     Mode -- (filetype / permissions)
     Link count  -- the number of hard links to a file
     The owner's UID
     The file's GID
     The size in bytes
     The atime, mtime, ctime  -- file modification times
     The addresses of the data blocks that hold the file. 

   In some cases there are no data block addresses and only major and
   minor numbers as is the case with device files in /dev.

   For each and every file there exists at least one inode.



  3.5   What are the names of the disks, like /dev/dsk/c0b0t0d0s0 ?
  7 Dec 1999
  ----------------------------------------
   The hard disks are named in subdirectories of /dev:
   
      /dev/dsk          block devices
      /dev/rdsk         raw character devices

   The hard disks are always named starting with c#b#t#d# then either
   an s# or p# making either of the following for raw devices:

      /dev/rdsk/c#b#t#d#s#
      /dev/rdsk/c#b#t#d#p#

   You can remember this as Can't Be That Difficult for c_b_t_d.
   Use the s# designation when you're referring to a slice and the p#
   designation when you are referring to a partition.  You can use s0 to
   refer to the entire partition (when using partsize for instance).
   The s#, number part, is in HEX !  Be sure to use hex when referring to 
   slices higher than 9, as in c0b0t0d0sc for the 12th slice (12 = c).

   The c, b, t, and d stand for:

      c# is the controler number (like c0 or c1 for each HBA or IDE controler)
      b# is the bus number of the HBA.  This is usually 0, as in b0.
      t# is the scsi id.  t# for IDE is 0=primary, 1=slave.
      d# is the lun number (also usually 0 as in d0).

   On a small system without raid and only one Adaptec scsi HBA, the
   c, b, and d, don't change, and you use the different scsi id's (t#) to
   refer to each different drive, as in:

      /dev/rdsk/c0b0t0d0s0                    /dev/rdsk/c0b0t12d0s0
      /dev/rdsk/c0b0t1d0s0                    /dev/rdsk/c0b0t13d0s0
      /dev/rdsk/c0b0t3d0s0



  3.6  What is the device name of the diskette drive?
  7 Dec 1999
  ----------------------------------------
   The first 1.44 floppy drive is usually referenced as

      /dev/dsk/f03ht       <--- These are equivalent and are
      /dev/fd0             <--- for filesystem use

      /dev/rdsk/f03ht      <--- These are equivalent and are
      /dev/rfd0            <--- for formatting, cpio, and tar 


   Diskettes are referenced by device files in

      /dev/dsk/*     <--  Block devices (diskettes with filesystems)
      /dev/rdsk/*    <--  Raw devices   (diskettes made with tar or cpio)

      /dev/dsk/f03ht    <-- First  1.44 MB block diskette
      /dev/dsk/f13ht    <-- Second 1.44 MB block diskette
      /dev/rdsk/f03ht   <-- First  1.44 MB raw diskette
      /dev/rdsk/f13ht   <-- Second 1.44 MB raw diskette

      /dev/dsk/f05ht    <-- First  1.2  MB block diskette
      /dev/rdsk/f05ht   <-- First  1.2  MB raw diskette
      /dev/rdsk/f15ht   <-- Second 1.2  MB raw diskette

   The specific device file to use depends on the density and size of 
   the diskette and drive.  The device file name consists of:

      f0  or  f1     <--  The first or second drive respectively
      3h             <--  3.5"  high density (1.44 MB)
      5h             <--  5.25" high density (1.2 MB)
      t              <--  The t specifies the entire disk

   There are other diskette device identifiers like 3e, 3d, 5d, which can
   be found in the man pages.



  3.7  How do I write files to a diskette and list them?
  5 Nov 1999
  ----------------------------------------
   The process is to format the floppy, create a vxfs filesystem on it,
   mount the floppy, copy the files to the mount directory, then ls that
   directory.

   Another method is to format the floppy, then use tar to write the files
   to the floppy.  Use tar again to list the files.  A disadvantage of tar 
   is that you can't use wildcards (*) when extracting files.  Tar on Uw7
   can back up empty directories, unlike that in OS5.

   A very good method of writing files to diskettes is to format the floppy,
   then use cpio.

   Finally, you can take a DOS formatted floppy and mcopy the files to it,
   then list them with mdir.



  3.8  How do I format a 1.44 MB floppy?
  Sept 19 1999
  ----------------------------------------
   Use the format command on the raw diskette:

      format -V /dev/rdsk/f03ht     <-- First 1.44 MB floppy and verify.
   
   or use the following for an exhaustive verify:
  
      format -E /dev/rdsk/f03ht     <-- I use this for assurance, because
                                        it write verifies every sector.
                                        Unfortunately it takes a few minutes.


  3.9  How do I create a filesystem on a floppy?
  Sept 19 1999
  ----------------------------------------
   First format the floppy with an exhaustive verify, as this is the only
   surefire way to root out bad sectors.  Then use the 'mkfs' command:

      mkfs -F vxfs /dev/fd0 2880

   which will create a vxfs filesystem on the first floppy drive with
   a size of 2880 512-byte blocks (1.44 MB).



  3.10  How do I mount a floppy and view the contents?
  Sept 19 1999
  ----------------------------------------
   Mount the floppy with the 'mount' command, then list the contents 
   using the 'ls' command:

      mount -F vxfs /dev/fd0 /mnt
      ls -l /mnt

   If the floppy doesn't have a filesystem on it, or the mount point 
   directory doesn't exist, then the mount will fail.



  3.11  How do I access the disc in my cd-rom drive?
  Sept 22 1999 
  ----------------------------------------
   The disc has a filesystem on it, which is called a 'cdfs' filesystem
   in Uw7, and it needs to be mounted to be accessed:

      mount -r -F cdfs /dev/cdrom/cdrom1 /mnt

   where;
      mount     <--  The command needs to be run by by a privileged user.
      -r        <--  Specifies read only.
      -F cdfs   <--  Describes the filesystem type as 'cdfs'
      /dev/...  <--  Specifies the first cdrom drive (a block device).
      /mnt      <--  The directory to which the disc is mounted. 
                     It must exist before running the 'mount' command.


  3.12  What might a guru type when mounting a disc?
  Sept 22 1999
  ----------------------------------------
   One can use the '-o <option_args>' argument to the mount command to
   do useful things like disallowing SUID, setting r-xr--r--, and 
   converting caps to lower-case, as in:

      mount -r -F cdfs -o nosuid,dperm=544,nameconv=l /dev/cdrom/cdrom1 /mnt

   One would probably alias that command in their .profile so as to
   make it easily available to ksh, or bash, as in:

      alias mcd1=" ... "

   where the '...' should be replace by the whole command seven lines above.
   From the mount(1M) page,
     'The CDROM media may or may not have values set for items such as 
      the User ID (UID), Group ID (GID), permissions, etc. If a value 
      is not recorded on the CDROM, a default value is assigned by the 
      software. The default value is either taken from the 
      /etc/conf/pack.d/cdfs/space.c file, or from the value specified 
      with the -o option of the mount command.'

   'mkisofs,' part of the cdrecord tools on the OLSS, properly
   writes the permissions when creating the ISO image.


  3.13  Can I burn a cdr in UnixWare 7.1.0?
  23 Sept 1999
  ----------------------------------------
   The 'cdtools' package of software enables you to burn both
   cdr's and cdrw's.  The latest version can be found at
   http://www.sco.com/skunkware

   When you have pkgadded it, there is a good sco_notes.txt file I recall,
   and contains the method to burn a cd that the following is based upon:


   1) as root, create the file /etc/default/cdrecord as follows:

----------------------begin /etc/default/cdrecord--------------------------
   #--------------------------------------------------------------
   # Default values for device, speed, and FIFO size
   #--------------------------------------------------------------

   CDR_DEVICE=/dev/rcdrom/cdrom1:1,0
   CDR_SPEED=4
   CDR_FIFOSIZE=8m

   #--------------------------------------------------------------
   # Identifier for Yamaha cdr400t
   #--------------------------------------------------------------

   cdr400=1,1,0    4       8m

-------------------------------------end /etc/default/cdrecord-------------


   2) Copy all the files that you want to a temporary directory
      called /home/tmp/cdi and arrange the files the way you want them
      on the final cdr that you are going to burn.
   3) Log in as root if you are not already.
   4) # cd /home/tmp/cdi
   5) mkisofs -L -l -v -r -V mydisc -o /home/tmp/out.img .
   6) cdrecord -v -dummy dev=1,1,0 -data /home/tmp/out.img
   7) cdrecord -v dev=1,1,0 -data /home/tmp/out.img
   8) mount -r -F cdfs /dev/cdrom/cdrom1 /mnt

   That worked well for me.

   (1) sets up your defaults, if your cdr is the first cdrom, with scsi 
   id 1, lun 0.  Also the new default FIFO size is a hefty 8 MB, and 
   mine never got below 96% full.   Record speed is set at 4x. (2) is 
   self-explanatory.  (3)  cdrecord needs to run as root, or else you 
   need to set up the SUID and SGID and permissions stuff == hassle.
   (4) Change to the correct directory.  (5)  It is necessary to make an 
   ISO filesystem image (cdfs) of all your files, and the flags are 
   important, and so is the '.' which is just like the relative pathname 
   notation in cpio.  I got the args from the SCO_NOTES.html file included 
   in the archive. The -V mydisc is what labels the cdrom "mydisc". 
   (6)  Then test it with -dummy.  Notice the -data forces the system to 
   write in Yellow-Book 2048 byte sector format.  (7)  Burn the cd now.  
   (8)  I'd eject, then insert and mount the cd.




  3.14  What is the tape drive called?
  9 Oct 1999
  ----------------------------------------
   The tape drive device files are in /dev/rmt/*

      ctape1    For rewinding, non retensioning
      ntape1    For non rewinding, non retensioning
      rtape1    For rewinding, retensioning
     nrtape1    For non rewinding, retensioning
      utape1    For unloading the tape after the operation.

   Substitute a 2 if you are using the second tape drive.
   Usually we find ourselves using /dev/rmt/ctape1 for 
   common cpio and tar tasks.



  3.15  What is a good tape drive to use with Uw7?
  9 Oct 1999
  ----------------------------------------
   Any scsi tape drive should be functional, with some devices
   offering newer options like fast positioning to index marks, etc.
   Hewlett Packard DAT drives used to be well liked, but now
   many people in the ng's are recommending Sony drives, as they
   offer greatly increased backup speeds due to simultaneous
   write and verify.



  3.16  What are some of the tape commands I want to know?
  9 Oct 1999
  ----------------------------------------
   The tapecntl command is used to manipulate the tape device
   directly.  Some commands will not work on all tape drives as each
   tape drive supports slightly different subsets of all the potential
   scsi tape commands.  Common tapecntl commands are:

      tapecntl -r      -  Reset the tape drive
      tapecntl -w      -  Rewind the tape.
      tapecntl -u      -  Eject the tape.
      tapecntl -C      -  List the hardware compression setting
      tapecntl -c 3    -  Enable all hardware compression
      tapecntl -c 0    -  Disable all hardware compression
      tapecntl -v      -  Set the drive to read/write in variable block lengths
      tapecntl -f 512  -  Set the drive back to r/w in 512 byte block lengths!

   The default tape i/o block length for r/w is fixed at 512 bytes.
   The default tape device that all the above commands refer to is ntape1.
   To use one of these commands like reset, I would type:

      tapecntl -r /dev/rmt/ntape1



  3.17  What are the various filesystem types on Uw7?
  15 Oct 1999
  ------------------------------------
   Uw7 is based around the Vxfs filesystem.  It also supports:

      dosfs   -  For DOS.
      cdfs    -  For cdrom's, both Rockridge and High Sierra/ISO9660
      bfs     -  For the boot file system
      nfs     -  As in Sun's NFS.
      nucfs   -  Netware for Unix
      s5      -  An OpenServer flavor.


      
  3.18  What's the maximum filesystem size?
  15 Oct 1999
  ------------------------------------
   The maximum vxfs filesystem size is 1 TB.



  3.19  What's the maximum file size?
  15 Oct 1999
  ------------------------------------
   The maximum vxfs file size is 1 TB.



  3.20  What's the logical block size?
  15 Oct 1999
  ------------------------------------
   The logical block size is set when one creates the filesystem and
   is the size of a data block chunk of data.  It can be set at
   1024, 2048, 4096, or 8192 bytes.  The default is 1024.  This 
   logical block size is not what we usually think of as a block,
   which we say is 512 bytes, historically.



  3.21  Is there still that 64k inode limit by default?
  15 Oct 1999
  ------------------------------------
   There is no 64K inode limit on a vxfs filesystem by default, beginning
   with Uw7.1.0.



  3.22  How do I mount the filesystem on a disk, disc, or diskette?
  15 Oct 1999
  ------------------------------------
   A filesystem must be mounted before it can be used.  Here are the
   commands that one can use to mount various media:

      Disk:      mount -F vxfs /dev/dsk/c0b0t0d0s4 /home
      Disc:      mount -r -F cdfs /dev/cdrom/cdrom1 /mnt
      Diskette:  mount -F vxfs /dev/dsk/f03ht /mnt

   The examples refer to the first floppy drive, first cdrom, and
   to mounting the Home filesystem.




  3.23  Why would mounting fail?
  15 Oct 1999
  ------------------------------------
   An attempt to mount a filesystem will fail if the directory to which 
   you are mounting does not exist, or if that directory contains files
   that are in use, or if you refer to the filesystem as the wrong type.
   Only a privileged user can use the mount command.



  3.24  Why would unmounting fail?
  15 Oct 1999
  ------------------------------------
   A filesystem will not unmount if someone is using the filesystem, which
   includes having cd'd into the filesystem and leaving that terminal in 
   that directory, and when a user is using a file as in vi.  Only a 
   privileged user can use the mount command.




  3.25  How do I list the disk geometry like Cylinders, Heads, Bytes/Sector?
  15 Oct 1999
  ------------------------------------
   The disk geometry is very important to understand so that one can
   successfully partition and slice their hard drives.  The disk geometry
   is different with each system, and can be changed with a setting in
   your scsi host adapter Bois called "Enable BIOS translation for
   DOS drives over 1GB."  

   To list your geometry, type either command:

      partsize -d /dev/rdsk/c0b0t0d0s0
      prtvtoc -p /dev/rdsk/c0b0t0d0s0

   where you will need to use the correct target id, etc., and be sure
   that you specify s0 as the slice so that you refer to the entire 
   partition.



  3.26  How do I list my partition and slice layout?  Is there a divvy?
  15 Oct 1999
  ------------------------------------
   For partitions, use fdisk.  For slices use prtvtoc.  There may be a 
   nifty program like divvy in the future, but, for now, use the following 
   command to list the slice layout to a file in /tmp:

      prtvtoc -f /tmp/mytoc

   If you do a cat /tmp/mytoc, you will see something like the 
   following, where;

   SLICE is the slice number in decimal, 
   TAG   designates whether it is a root, boot, swap, home, or .... slice 
   FLAG  field defines whether the slice is valid, read-only, and/or
         unmountable (that field is similar to the permissions field 644 
         or 755 in that it contains numbers that are added  
   START and SIZE  fields refer to the sector that the slice begins
                   on and the number of sectors that the slice occupies, 
                   respectively.

      #SLICE    TAG     FLAGS   START    SIZE
       0        0x5     0x201   63       16305912
       1        0x2     0x200   1076355  6152895
       2        0x3     0x201   642600   433755
       3        0x0     0x0     0        0
       4        0xb     0x200   7229250  8787555
       5        0x0     0x0     0        0
       6        0xc     0x201   64260    578340
       7        0x1     0x201   63       34
       8        0xd     0x201   97       15968
       9        0x0     0x0     0        0
      10        0x9     0x200   16065    48195
      11        0x0     0x0     0        0
      12        0x0     0x0     0        0
      13        0x0     0x0     0        0
      14        0x0     0x0     0        0
      15        0xf     0x201   16016805 16065
      

   An important slice to look at is slice 4, the home slice, because you
   will use it as a perfect template for creating your own slices, when 
   you need to.  The 0xb and 0x200 are what I'm referring to.




  3.27  How do I convert sectors to MB? 
  15 Oct 1999
  ------------------------------------
   First you need to do a 'partsize' on the hard drive you are interested in,
   so that you can determine the bytes/sector.  On my IBM hard drive, 
   1 sector = 512 Bytes.  You can multiply this by 1, twice, as in:

       1  sect.      1024 Bytes       1024 KB 
      ---------  x  ----------   x   ---------     =   2048 sect./ MB 
      512 Bytes        1 KB            1 MB 

   Using the beauty of cross-multiplication, we can see that Bytes
   cancels Bytes, KB cancels KB, and we are left with sectors/MB.
   So on my system, to convert sectors to MB, I would divide the 
   number of sectors by 2048 sect./MB.


 
  3.28  How do I add a 2nd or 3rd disk drive to my system?
  7 Dec 1999
  ------------------------------------
   It is fairly straightforward to add another drive to a UnixWare
   system, thanks to the command 'diskadd.'  You don't need to do
   anything to the system before you install the drive.  After you've 
   shutdown, installed the drive with the correct termination, and 
   jumpered it for the correct scsi id and auto-spinup, you can 
   restore power and run your HBA BIOS setup program to match your 
   HBA to your drive capabilities (on an Adaptec scsi HBA like a 2940UW,
   you would press CTRL-A during POST).  Then boot into multiuser mode, 
   login as root, and run:

      diskadd c0b0t1d0

   The diskadd program will take you through:

      fdisk        --   Is invoked to allow you to create a partition
      disksetup    --   Is run which helps you to do the following:
         * Surface Analysis
         * Create the VTOC (Volume Table of Contents)
         * Write the bad track and bad sector table to the drive
         * Create the layout of slices on the new drive (up to 13 of them)
         * Use mkfs to make filesystems
         * Creates the lost+found directories automatically in any filesystem.
         * Creates the mount point directories.
         * Mounts the filesystems.
         * Updates the vfstab file.

   The 'disksetup' program walks you through all the steps via a simple
   series of questions.  It is well written and works smoothly.  You will
   need to know how many MB you want each slice to be, and what they
   will be called, and that's about it.


   *********************
   Some caveats:

      1)  UnixWare uses a slice representation like c0b0t0d0xx
          for almost everything that needs a drive named.

      2)  That naming has no partition information in it !!
          So you can't specify what partition you mean when you type
          c0b0t0d0s4 to refer to a slice.  

      3)  The only way for UnixWare to know what partition contains
          slice 4, is for it to mark that partition active.

      4)  Thus you can only use one partition for filesystems on each 
          hard drive.  And that one partition needs to be active for
          the system to know where to go.  The only exeption is
          when you use a whole additional partition for one filesystem
          and no slices.

      5)  In the active Unix partition, you can have 184 slices.  Diskadd 
          only helps you create up to 13.  Any additional slices need to be 
          hand created.  On the 2nd drive with scsi id=1, the slices would 
          be 1 through b8 (because slices are listed in hex):

            /dev/rdsk/c0b0t1d0s1
            /dev/rdsk/c0b0t1d0s2
            /dev/rdsk/c0b0t1d0s3
                  ...
            /dev/rdsk/c0b0t1d0sb6
            /dev/rdsk/c0b0t1d0sb7
            /dev/rdsk/c0b0t1d0sb8      <--  Slice #'s are in hex, b8 = 184.



      6)  The situation where you would have more than one partition on another
          drive is where you need a raw partition for Database storage, or you
          are using the trick of one filesystem taking up a whole partition
          with no slices in it.




  3.29  How do I partition a hard drive?
  15 Oct 1999
  ------------------------------------
   It is not very common to partition a hard drive with UnixWare, because of
   the caveats listed in (3.29).  If you find yourself needing to add a
   partition for some raw space, go ahead and use 'fdisk.'  Reboot and
   remake your emergency boot and root disks.



  3.30  How do I create a slice in a partition?
  7 Dec 1999
  ------------------------------------
   People add a slice if they want to make another filesystem or add additional
   swap space.  Most slices were created the easy way, during ISL or when you 
   added a drive and ran diskadd.  If you need more than 13 slices or you 
   just postponed adding them until later, you'll want to do the following:


      1) Choose a drive with an active UW partition with free space in it.
      2) Print the VTOC to a temp file called mytoc.
      3) Look at mytoc and determine what slice number to use.
      4) Determine from mytoc where to start your new slice.
      5) Determine using math how many sectors to use... The Magic Multiplier.
      6) Edit and save mytoc with the new slice #, TAG, FLAG, START, and SIZE.
      7) Impress mytoc back onto the partition as the new VTOC. 
      8) Reboot if you changed the root disk drive or if you added a slice
         above number 15.
 

   After that is done, the slice is ready for a filesystem and mounting.
   Here is an in-depth example of the above procedure:

      1) I'll choose the partition that is on my first hard drive
         because it has some free space on it and it has an easy to
         follow example slice (/home).  That means scsi id 0.

      2) prtvtoc -f /tmp/mytoc /dev/rdsk/c0b0t0d0s0

      3) less /tmp/mytoc
         The output is shown below.  Slice 5 is empty.  I'll use 5.
  
      #SLICE    TAG     FLAGS   START    SIZE
       0        0x5     0x201   63       16305912
       1        0x2     0x200   1076355  6152895
       2        0x3     0x201   642600   433755
       3        0x0     0x0     0        0
       4        0xb     0x200   7229250  8787555
       5        0x0     0x0     0        0
       6        0xc     0x201   64260    578340
       7        0x1     0x201   63       34
       8        0xd     0x201   97       15968
       9        0x0     0x0     0        0
      10        0x9     0x200   16065    48195
      11        0x0     0x0     0        0
      12        0x0     0x0     0        0
      13        0x0     0x0     0        0
      14        0x0     0x0     0        0
      15        0xf     0x201   16016805 16065

      4)  To determine where to start, you need to look and see where
          the last slice ends because the unallocated space begins at
          then end of the last slice.  A cylinder begins at the end of
          the last slice.  From the above output, I can see 
          slice 0, the whole partition, starts at 63 and is 16305912 sectors 
          long.  It is important to realize that:

              (start sector)  +  (number of sectors)  =  (beginning sector
                                                          of empty space).

          For example, a hypothetical slice that starts at sector 0 
          and is 10 sectors long.  Then:

                 ( 0 )        +        ( 10 )         =   10

          which means that the slice takes up sectors 0-9, and sector 10
          is where the free space starts.

          Back to the real chart, we see:  (63) + (16305912) = (16305975) 
          which tells me that the drive ends on 16305975.  Now I look for 
          the last slice which is the slice with the highest start number, 
          15 in this case.  Below is a listing of slice 15 again:

      #SLICE    TAG     FLAGS   START     SIZE
      15        0xf     0x201   16016805  16065


      I want to start at the beginning of the unallocated space.  
      The formula says:

                               16016805 + 16065 =  16032870 

      So the answer to this section is:   The START sector = 16032870.

      5) How many sectors to use.... The Magic Multiplier.
         I've determined where to start the slice in part (4), and 
         that sector is on a cylinder boundary.  I also want it to 
         end on a cylinder boundary.  So I need to determine about 
         how many sectors I have to play with, and then calculate 
         how many I need to make my slice end on a cylinder boundary.  
         I do a quick partsize as described in question (3.25):
         
           #TYPE   HEADS   CYLS   SECS   SECSZ
             4     255     1115    63     512

         So now I am armed with the data that a track is 63 sectors around,
         and a cylinder is 255 tracks high.  That's 255 tracks that are 63
         sectors around or (255 x 63)=16065 sectors.  
         
         That's the Magic Multiplier...: 16065.
         There are 16065 sectors in a cylinder.
         The sector size of my new slice needs to be a multiple of 16065.
         Every START listed in the table is an even multiple of 16065.

         By using the Magic Multiplier this way, we assure ourselves that
         our slices start at the beginning of a cylinder and end at the
         end of a cylinder.

         In this example, I subtract to get the amount of space available:
         
                   16305975     Partition ends on this sector.
                -  16032870     New slice starts on this sect.
               -------------
                =    273105     I have this much unalloc'd space to play with.

         Doing a little multiplying I see that, if I try a few multiples of
         the Magic Multiplier:

             14 * 16065 =  224910
             15 * 16065 =  240975 
             16 * 16065 =  257040
             17 * 16065 =  273105

             
         I'll choose the second one.  My answer is then:   SECZ = 240975



      6) So far I've decided:

         TAG   = 0x4        from man edvtoc  0x4   means user filesystem
         FLAG  = 0x200      from man edvtoc  0x200 means valid to use
         SLICE = 5          from Step (3)
         START = 16032870   from Step (4)
         SECSZ = 240975     from Step (5)

         The edited file looks like this:

                  /tmp/mytoc
        +---------------------------------------------
        |#SLICE    TAG     FLAGS   START    SIZE
        | 0        0x5     0x201   63       16305912
        | 1        0x2     0x200   1076355  6152895
        | 2        0x3     0x201   642600   433755
        | 3        0x0     0x0     0        0
        | 4        0xb     0x200   7229250  8787555
        | 5        0x4     0x200   16032870 240975      
        | 6        0xc     0x201   64260    578340
        | 7        0x1     0x201   63       34
        | 8        0xd     0x201   97       15968
        | 9        0x0     0x0     0        0
        |10        0x9     0x200   16065    48195
        |11        0x0     0x0     0        0
        |12        0x0     0x0     0        0
        |13        0x0     0x0     0        0
        |14        0x0     0x0     0        0
        |15        0xf     0x201   16016805 16065
        |
 


       7)  Now impress this on the drive with 'edvtoc' as in:

               edvtoc -f /tmp/mytoc /dev/rdsk/c0b0t0d0s0


     We are done.  Slice #5 is created as....   /dev/rdsk/c0b0t0d0s5.
     No need to reboot because the device node for slice 5 exists already.





  3.31  How do I create a filesystem in a slice?
  15 Oct 1999
  ------------------------------------
   Now that we have a slice, we need a filesystem on it.  To 
   do this we'll use the 'mkfs' command twice: once to list the 
   mkfs command used to create /home and once to create a vxfs 
   filesystem on the new slice.  

      1)  mkfs -m /dev/dsk/c0b0t0d0s4 > /tmp/doit

          This command is used to list the mkfs command that was used to
          create /home.  We'll use this because it is almost identical to
          the command that we need to make our vxfs filesystem.  This
          is the output of the command: 

        mkfs -F vxfs -o ninode=unlimited,bsize=1024,version=4, \
        inosize=256,logsize=1024,nolargefiles /dev/dsk/c0b0t0d0s4 8787554
          
          where I have used a \ to denote that the mkfs command was one long
          line.  Now vi doit and change it to specify our new slice, then
          execute it as follows.

       2)  vi /tmp/doit as follows to add a vxfs filesystem to slice 5
           that we created in Question (3.30):

                  /tmp/doit
     +--------------------------------------------------------------------
     | mkfs -F vxfs -o ninode=unlimited,bsize=1024,version=4,inosize=256, \
     | logsize=1024,nolargefiles /dev/dsk/c0b0t0d0s5 272790
     |

           In this file I changed the last two "words."  Save the file.

        3)  Use your new 'doit' file to create the filesystem:

                # sh /tmp/doit

      Now there is a filesystem on our new slice.  To complete the whole
      process, we want to create a mount point directory like /home2, and
      then go into Scoadmin Filesystem to let the system know about the
      mount configuration and to let it update /etc/vfstab so that we can
      simply type:  mount /home2  instead of the whole c0b0t0d0s5 stuff, 
      anytime we want to mount it.



  3.32  How do I use quotas on a vxfs filesystem in Uw7?
  7 Dec 1999
  -------------------------------------
   Quotas allow you to set limits on how much space is alotted to each 
   user.  These limits work on vxfs filesystems and can be hard or soft.
   They can limit the user by KB or by the number of files created. 

   Here is a cookbook method to create a quota on the /home filesystem
   so that Yurtle is limited to 200 MB and/or 1000 files in her home 
   directory, /home/yurtle:

      A.  Log in as root 

      B.  touch /home/quotas      <-- only if the file doesn't exist.

      C.  edquota -F vxfs yurtle
          In this file, change the line so that it says:
            blocks soft=180000 hard=200000, inodes soft=900 hard=1000

      D.  quotaon -F vxfs /home

   To see a report of the quota usage on a filesystem type the following:

      repquota -F vxfs /home



  3.33  How do I fsck the root filesystem?
  7 Dec 1999
  --------------------------------------
   You can't fsck the root filesystem manually.  Don't believe anyone 
   that tells you otherwise.  The root filesystem knows when it should 
   be fsck'd and will do it on its own at boot time if and only if 
   it needs it.

   You can fsck other slices, though, when they are unmounted.
   To fsck /home, you can do the following:

     1)  Warn users and get them all to log off.
     2)  fuser -u /dev/dsk/c0b0t0d0s4        <-- list files in use in /home
     3)  fuser -k /dev/dsk/c0b0t0d0s4        <-- kill user proc's using files.
     4)  umount /home                        <-- unmount /home
     5)  fsck -F vxfs -ofull /dev/dsk/c0b0t0d0s4



  3.34  How do enable Large File Support (for file sizes up to 1TB)?
  5 Nov 1999
  --------------------------------------
   To enable large file support on a filesystem you must either:

      A.  Create a filesystem with the mkfs command and list largefile
          support as one the options.

      B.  Or use the fsadm command on a filesystem that already exists,

             fsadm -o largefiles /data      <---  /data is a mounted FS.

    Then set the ulimit to unlimited as in:

             ulimit -f unlimited

     which can also be done permanently by setting the
     SFSZLIM and HFZSLIM to 0x7FFFFFFF with the Scoadmin System Tuner
     in the Process Limit Parameters section and relinking.



  3.35  Why aren't my new scsi devices recognized after I install them?
  18 Oct 1999
  --------------------------------------
   Scsi devices that are added to the system, when the power is off, will
   be recognized during POST by your scsi hba.  Be sure to enter the
   hba config program so that your hba settings match your device's
   capabilities.  Then you can boot to single user mode (only  for the
   sake of speed) and run  sdiconfig -l   to get a listing of your devices
   which looks similar to:

 
      0:0,7,0: HBA     : (adsb,1) Adaptec PCI SCSI
        0,0,0: DISK    : IBM     DRVS09V         0140
        0,1,0: DISK    : IBM     DDRS-34560D     DC1B
        0,2,0: TAPE    : HP      HP35480A        T603
        0,3,0: CDROM   : PLEXTOR CD-ROM PX-40TS  1.00

   If all of your devices are not listed, but were found by the hba
   during POST, then you may need to check scsi id's and termination.
   Be sure that you have inserted the cable with Pin 1 matching the
   red stripe on the cable, and try to use the best cables you can.
   After pulling on cables and bending them, they can fail.
   Also, be sure your hba BIOS is the most recent version.


  3.36  Why isn't my Yamaha 4416S recognized after I install it?
  18 Oct 1999
  --------------------------------------
   The Yamaha 4416S cd-writer/rewriter, known as the 4x4x16, doesn't
   like to run at scsi ID 5 or 6.  For that matter, it doesn't like 7
   either.  I've had devices mysteriously vanish and reappear on
   the 68 and 50-pin chains when the 4416 is at id 5 or 6.
   Try switching to id 3 or something.  Also, be sure your hba BIOS is
   the most recent version.  There is good thread on Usenet about
   the 4416s being "intermittently detected."



  3.37  How do I institute ACL's on a Uw7 system?
  7 Dec 1999
  --------------------------------------
   ACL's can be created, deleted, or modified by root or by the
   owner of a file.  Use various forms of the commands:

      getacl
      setacl

   Below is an ACL example:
   
     *  We'll be adding 'r--' permissions on a file 
        for two entities, the group 'grart' and the user 'sysop':

     *  We'll add these permissions because the file is called
        /home/data/turt/logo, and the relevant permissions are:

      drwxr-xr-x    2 root     sys              Oct 20 21:00  data
      drwxrwx---    2 root     turtles          Oct 22 21:20  turt
      -rw-rw----    1 yurtle   turtles          Oct 20 22:00  logo

        and from the permissions, we can see that sysop and the grart
        group can't read nor access the turt directory, nor can they
        read the actual file, logo.

        Thus we'll have to add acl's for both turt and logo, to give sysop 
        and grart read access all the way down the path.  It's very important
        to be sure that the perms are correct for each directory and file
        in the path.

     *  Here are the before and after ACL's, then we'll discuss how to do it:

            Before ACL's                             After ACL's
   -------------------------------      --------------------------------------

   # file: logo      # file: turt       # file: logo         # file: turt
   # owner: yurtle   # owner: root      # owner: yurtle      # owner: root
   # group: turtles  # group: turtles   # group: turtles     # group: turtles
   user::rw-         user::rwx          user::rw-            user::rwx
   group::rw-        group::rwx         user:sysop:r--       user:sysop:r-x
   class:rw-         class:rwx          group::rw-           group::rwx
   other:---         other:---          group:grart:r--      group:grart:r-x
                                        class:rw-            class:rwx
                                        other:---            other:---


     *  As root or Yurtle, cd into    /home/data/

     *  You can list the ACL with     getacl turt
     *  You set the ACL with    -->   setacl -m u:sysop:r-x turt
                                      setacl -m g:grart:r-x turt
     *  Then cd /home/data/turt -->   setacl -m u:sysop:r-- logo
                                      setacl -m u:grart:r-- logo



   Default Directory ACLs
   ***********************

   Let's say that you get tired of adding r-- permissions for sysop
   to all the files in the directory turt, and you want to set a default 
   ACL entry on that directory.  Well, too bad.  It's broken.  It's been
   broken since 7.0.0 aparently, and SCO should be ashamed.

   Here's how to add a default ACL entry, should it ever work:

     *  As root, cd in /home/data
     *  Set the ACL on the directory:   setacl -m d:u:sysop:r-- turt




  3.38  How do I superformat a diskette in Uw7?
  7 Dec 1999
  ---------------------------------------
   The standard way to format a floppy is to use 80 tracks and 18 sectors
   per track, but for DOS format diskettes, Microsoft reserved 3 sectors 
   of every track for undelete information.  This space can be used for 
   your data.  You can increase the size of your DOS diskette from 1440K 
   to 1680K.  The concept, again, is to use 21 sectors per track, instead 
   of only 18 sectors per track.

   This is easily done on Uw7 with the following commands:

       format -E /dev/rfd0
       mformat -t 80 -h 2 -s 21 a:

   which does an exhaustive low level unix format, then an mformat using
   80 cylinders, 2 heads, 21 sectors per track to drive A:.  Check it out
   with mdir a:.




  3.39  Why doesn't my tape drive work with cpio, tar, and ArcServe?
  25 Oct 1999
  ---------------------------------------
   ArcServe has a quirk where is takes over exclusive control of the tape
   drive when it is installed.  Other commands like cpio and tar will not
   work with your tape drive until you type, as root,

      astop

   This stops the ArcServe daemon and returns tape control to the system.
   When you are finished using the tape, go ahead and type astart to
   return control to ArcServe.  On a side note, most people prefer a
   'super-tar' program from a third party vendor for their backup needs.



  3.40  How do I add additional swap space?
  7 Dec 1999
  ---------------------------------------
   There are two ways to add some swap space to your computer: 
     
     1) add another swap slice, the same size, on a different drive.
     2) or add a file and dedicate it to swap.  

   The latter idea is mediocre at best, and the following example will 
   describe adding a swap slice.  
   
   Issues to note:
   ----------------
    *  The kernel will distribute the usage of multiple swaps on different 
       drives in a stripe style, if the swaps are identical size.
    *  It doesn't fill them sequentially or wait for busy drives.
    *  So we strive for identical sized swap slices.
    *  If the slice can't be identical in size, then larger.
    *  We can always make the swaps identical size in /etc/swaptab (in blocks).
    *  Adding a slice was discussed in Section (3.30).  
  

Here we go:
   

   --- Adding a swap slice ---
   There are two ways:

   A) When you installed the drive with diskadd then prtvtoc/edvtoc.
      This is kludgy, becasue the disksetup slice adding program
      is not coded to specifcally deal with swap slices.

   B) After the disk is installed, just like you would add any other slice.  
      See Section (3.30) on how to add a slice.  I'll describe this way, 
      so as to augment (3.30).

  Given:
    A Uw710 system with two scsi hard drives on the same controller,
    labeled with id 0, and id 12.  Both drives have one Uw7 partition
    that is active.  I know that disk2 slice 180 is free, so I'll use that:
    (It's probably better to use the lower numbers and work your way up,
    but I'd like to illustrate a slice number above 16 and issues like hex 
    names and device nodes).

  Solution:
   1)  Determine the exact size and specifications of the swap
       slice on disk1 that we'll duplicate on disk2.

          prtvtoc -p /dev/rdsk/c0b0t0d0s0
          prtvtoc -f /tmp/mytoc /dev/rdsk/c0b0t0d0s0
          cat /tmp/mytoc | grep 0x3

       I know that the TAG for a swap slice is 0x3.  So I can grep 
       /tmp/mytoc for that TAG  which shows, with my added titles, that:

       SLICE      TAG      FLAG       START       SECSZ
          2       0x3      0x201      642600      433755

       I see that I'm trying to add a swap slice that's 433755 sectors.

       From the prtvtoc -p I see that disk1 has  1115C, 255H, 63S/T, 512B/S.
       A bit of math (255 * 63) tells me that the Magic Number for a disk1 
       cylinder is 16065 sectors.  Now (433755 / 16065) = 27 cylinders.  
       And I can calculate that (433755 * 512) = 222082560 bytes.  

       So from all this I gather my requirements: 

          A)  My new swap slice SLICE = 180.
          B)  My new swap slice TAG = 0x3
          C)  My new swap slice FLAG = 0x201
          D)  My new swap slice START is yet to be determined.
          E)  My new swap slice SECSZ would like to be = 433755
          F)  My new swap slice cylinders would like to be = 27.

   2)  Now I need to take a close look at my second disk and see if I can
       create that layout.  The big issue I will face is my disk geometries
       may be different.  I am trying to have all swaps the identical size
       and have all swaps start and end on cylinder boundries.  Here is 
       a head to head summary of the output of the following commands:

          prtvtoc -p /dev/rdsk/c0b0t0d0s0
          prtvtoc -p /dev/rdsk/c0b0t12d0s0

           Cyl       Heads    Sec/Trk   Bytes/Sec    Magic Number
          1115        255       63         512          16065
          8748        64        32         512           2048

       Different Magic Numbers!
       Different Magic Numbers (sector size of a cylinder).
       I can't make both swaps the same number of bytes if the second swap 
       slice is to end on a cylinder boundary.

       I will get around this by making the new swap slice at least as large
       as the first swap slice, in sectors that means >= 433755.  Then I'll
       make them exactly the same number of blocks in /etc/swaptab.  In this
       area of administration, 1 sector = 1 block = 512 bytes.
     
       (2048 * 212) = 434176 sectors = SECSZ      <--  Answer.

   3)  Now I'll create the second swap slice.  This involves the procedure
       outlined in Section (3.30) above.  I'll follow that procedure but use
       the values I calculated in this Section, instead:

       To summarize,

           i.  prtvtoc -f /tmp/swaptoc /dev/rdsk/c0b0t12d0s0
          ii.  vi /tmp/swaptoc.
         iii.  My new swap slice SLICE = 180
          iv.  My new swap slice TAG   = 0x3
           v.  My new swap slice FLAG  = 0x201
          vi.  I see that I can start on START = 821248
         vii.  I showed that my          SECSZ = 434176
        viii.  Add slice 180 to swaptoc using values from iii, iv, v, vi, vii.
          ix.  Save /tmp/swaptoc and exit vi.
           x.  edvtoc -f /tmp/swaptoc /dev/rdsk/c0b0t12d0s0


   4)  The second swap slice is created and now I add it to the list of
       devices that swap uses, by adding the block device to the
       /etc/swaptab file and making the exact same block size as the original.
       I used slice 180 on drive 2, and that looks like:

           Raw device           /dev/rdsk/c0b0t12d0sb4
           Block Device         /dev/dsk/c0b0t12d0sb4

       so /etc/swaptab looks like:
       +----------------------------------------------------------------
       | #swapname               offset(in blocks)     size(in blocks)
       | /dev/swap                       0                   -
       | /dev/dsk/c0b0t12d0sb4           0                433755 
       |


   5)  Reboot.  Here I thought I was done without a reboot if I just entered
       swap -c to load the /etc/swaptab file, but I got a Device not found
       error.  Low and behold, the raw and block devices for the second
       disk slice 180 were not created after I did the edvtoc.  My first
       instinct was to make the device nodes by hand with mknod, so I did....

            mknod /dev/rdsk/c0b0t12d0sb4 c 7679 436
            mknod /dev/dsk/c0b0t12d0sb4 b 7679 436

       Wrong again!  The devices were made fine, but swap -c still said
       Device not found.  A bit more reading of man vtoc told me that
       the device nodes for slices 1-15 are created, but 16-183 are not,
       unless the slice exists.  This is all done at boot time, so I 
       concluded I needed a reboot :-/.  I rm'd the two device nodes I
       had created, rebooted, and everything worked perfectly.

       swap -l  lists the new swap

         path                         dev       swaplo   blocks     free
         /dev/swap                    7679,2       0     433752    433752
         /dev/dsk/c0b0t12d0sb4        7679,436     0     433752    433752






################################
                               #
4.  The Network                #
                               #
################################

  4.1   Do I need a nic in my Uw7 box?
  24 Sept 1999
  ----------------------------------------
   From postings in the c.u.u.m newsgroup and some personal experience,
   it occurs to me that Uw7 expects to be on a network.  It is very 
   probable that a system without a network card will function erratically.
   That concern leads me to install my NIC during ISL rather than defer it.


  4.2   What is a good brand of nic to use in Uw7?
  24 Sept 1999
  ----------------------------------------
   Any brand of NIC that has been tested and certified by SCO will
   be listed on the Compatible Hardware Page, whose url is:

      http://www.sco.com/chwp/

   Only use hardware that is listed by SCO as compatible hardware!
   People are not always successful who focus on a supported chipset,
   rather than a supported nic from a brand name vendor.


  4.3   How do I list my IP and MAC addresses for all configured nics?
  24 Sept 1999
  ----------------------------------------
   Use the 'ifconfig -a' command to see a good deal about net0, net1, etc.
   You can also find the Media Access Control (MAC) address with:

      ndstat
      arp -a
      cat /etc/inet/macaddr

   It is useful to poke around with ndstat to understand how you can 
   modify your MAC address if you are doing fail-over tasks.

   To get the MAC addresses of all the NICS on your subnet:

      *  You can enable replies to broadcast pings on all the Uw7 hosts.
      *  You can then ping your subnet's broadcast address.
      *  All the Uw7 nics will respond.
      *  Run an 'arp -a' and all the NICS + MAC's + IP's will be listed.

   To use 'inconfig' to enable response to broadcast pings,
   you will want to direct each host to reply to icmp activity:

      inconfig arpt_keep 1200
      inconfig icmp_reply_broadcast 1

   This will make arp keep it's data in it's cache for 1200 sec, and
   direct the nics to reply as described.



  4.4   How do I list my routing table?
  24 Sept 1999
  ----------------------------------------
   Use the 'netstat -rn' command to see the table using IP addresses.
   Use the 'netstat -r'  command to see the table using host and network names.



  4.5   How do I add a default route?  Is it permanent?
  3 Oct 1999
  ----------------------------------------
   Use the 'route' command again, for systems with standard netmasks
   like 255.0.0.0, or 255.255.0.0, or 255.255.255.0 as in:

      route add default 10.1.1.254

   If you have a more creative netmask, you will need to use
   more arguments to your route command to specify that.
   The default route will not stay around after a reboot.  To make a 
   route 'permanent' you will need to 'add' it at every reboot.
   This is as simple as the route add command above.  Modify line 4a
   in your /etc/inet/config:

      original config file
   +-----------------------
   | ...
   | #4a:/usr/sbin/route::n::add default router_placeholder:
   | ...
   |

  
      modified config file
   +-----------------------
   | ...
   | 4a:/usr/sbin/route::y::add default 10.1.1.254:
   | ...
   |

   After adding a default route, be sure that your /etc/resolv.conf properly
   points to any new DNS.


  4.6   What is a Virtual Domain?
  24 Sept 1999
  ----------------------------------------
   A Virtual Domain is created when you add an 2nd IP address to one nic.
   You can configure your machine so that it provides email, FTP, and web
   services for several different domains... just add more IP aliases.
   Then configure the services to use with the virtual domain.


  4.7   How do I add an IP alias in Uw7?
  24 Sept 1999
  ----------------------------------------
   Use the 'ifconfig' command to add or remove an alias:

      ifconfig net0 alias 10.1.1.100
      ifconfig net0 -alias 10.1.1.100

   You can test your new alias with the 'ping' command.  If you have put 
   the alias on a different subnet than the real address of the nic, then
   you will need to configure a route for one network to talk to the
   other virtual network.



  4.8   Suddenly the network is slow, why?
  9 Oct 1999
  ----------------------------------------
   This is a common job interview question.  There are many possibilities:

      A)  There is a runaway process hogging cpu slices... use ps -ef.
      B)  If the slow-down happens at the same time, look for machinery
          being run nearby the network or server at that time.
      C)  Check netstat -i for ierrs or oerrs that are increasing.
      D)  Check other netstat outputs for suspicious results.
      E)  Is your filesystem out of free space, ram, or swap?
      F)  Can you put a packet sniffer on the cable?
      G)  Who had access to the server, and what was recently changed?
      H)  Mismatched nics and hubs. Try to use all 3com, or Intel, etc.
      I)  A nic is getting confused trying to do auto-negotiation.
          Boot to DOS and run the NIC's configuration utility to force
          the nic to the proper speed (10Mbps or 100Mbps) and the
          proper duplex (hubs use half, only switches and routers use full).
      J)  Start swapping cables and hardware with known functioning ones.

      

  4.9   Is there a firewall program for Uw7?
  20 Oct 1999
  ----------------------------------------
   There is no firewall application per se for Uw7.  SCO training manuals
   state the following:

      'A firewall is not a simple switch that you select on or off.
       Instead, it is a series of components that you can use to build
       your security system, like adding bricks in a wall.'

      'A properly configured Uw7 system can accomplish (being a firewall).
       To achieve this, the system should be:

          *  Set up as the connection between networks

          *  Configured with security features such as TCP wrappers,
             packet filters, and proxy servers.

          *  Running minimal services and have as few accounts as possible
             to reduce the risk of penetration.'

   People get defeated when attempting to use Uw7 as a firewall because
   it can not do NAT (network address translation).  Often people
   want to setup a private LAN connected to the Internet via one
   registered IP address.  This needs NAT to do completely.
   Proxy servers help, but are limited to doing web type transfers and
   need proxy capable clients.  NAT doesn't have these limitations.
   If the LAN has all registered IP's, then this is a non-issue.

   People enjoy using Linux for NAT/firewall.  Other excellent
   alternatives include the GnatBox (www.gnatbox.com) and the
   Linux Router Project (www.linuxrouter.org).  I use the LRP.
   For an excellent firewall reference, please see the O'Reilly book,
   _Building Internet Firewalls_.  You may wish to create the following:

      ISP <--> LRP <--> DMZ <--> Cisco <--> Internal Protected Network



  4.10  What is a TCP Wrapper?
  24 Sept 1999
  ----------------------------------------
   There are many services that run on Uw7 such as ftpd, and telnetd.
   TCP wrappers are programs that 'wrap' around these services and
   only allow permitted traffic to flow to them.  The allowing and
   denial of access is controlled by /etc/hosts.allow and /etc/hosts.deny.
   TCP wrappers are enabled by default and set to allow all.  They
   are enabled/disabled in /etc/inet/inetd.conf.


  4.11  What is a Packet Filter?
  24 Sept 1999
  ----------------------------------------
   A packet filter is a set of rules that control the delivery of packets
   between the Network and Internet layers of the TCP protocol stack.

   As such, packet filters can restrict which packets are allowed to 
   enter or exit through a nic.

   Packet filters are not enabled by default, and can be created using
   the Scoadmin Packet Filter Manager.



  4.12  Why can't root ftp into Uw7?
  24 Sept 1999
  ----------------------------------------
   Root is denied ftp access by default, as a security consideration.
   To enable root to ftp, remove 'root' from the file /etc/ftpusers,
   and be sure that root's login shell is not commented out in the file
   /etc/shells.



  4.13  What are the idiosyncrasies with the DNS Server Manager?
  24 Sept 1999
  ----------------------------------------
   If you start it and exit it without creating any DNS servers,
   it will still automatically create a 'caching only' nameserver.

   It can't add a CNAME entry if you try to in the CDE.

   It oddly creates extra  CNAME             entries in db.mynet.com.
   It oddly creates extra  IN   RP  {}  {}   entries in db.mynet.com.



  4.14  Why does logging into the CDE freeze for minutes, then restart?
  24 Sept 1999
  ----------------------------------------
   This is often the result of a misconfigured DNS or /etc/resolv.conf.
   Be sure to have the proper nameservers listed, and check nslookup
   to be sure you get the correct results returned from DNS.  Try a
   bogus name like 'bogus' at the nslookup prompt.  If the command
   hangs, then you have a problem with DNS.  Your system can also
   hang if your default route is down and your first nameserver
   listed in /etc/resolv.conf is on the next subnet.



  4.15  What are network services?
  24 Sept 1999
  ----------------------------------------
   A Uw7 system runs many programs in the background that are designed
   to respond to and communicate with a user's program.  This is called
   the server/client model.  We refer to a server process as a service,
   which waits for communication on one or more ports.  People are
   familiar with such services as ftp, and telnet.  These are
   offered by the corresponding processes ftpd, telnetd, and httpd
   on ports 21, 23, and 80.   These services are mapped out in a text
   file called /etc/services.



  4.16  What network services, that run by default, don't I need? 
  24 Sept 1999
  ----------------------------------------
   Many people do not need to run routed on their small LAN, especially
   if they have their default route and other routes statically entered.



  4.17  Why can't I see computers on another subnet with Visionfs?
  24 Sept 1999
  ----------------------------------------
   Visionfs uses NetBIOS names for name to IP address resolution, but NetBIOS
   broadcasts don't cross routers.  A solution is to edit:

      /etc/lmhosts
      c:\windows\lmhosts 
      c:\winnt\system32\drivers\etc\lmhosts

   or put a Visionfs host on each subnet.



  4.18  Can I synchronize my computer's clocks with the correct time?
  24 Sept 1999
  ----------------------------------------
   There are extremely accurate time-keeping systems called atomic clocks
   that keep the world's time exact.  You can access this exact time
   if you have a link to your ISP up, by running the simple program 
   'ntpdate.'  If you want to set up a more elaborate time synch system, 
   like a time server to synch all your workstations to, then use 'xntpd.'


  4.19  How do I use ntpdate?
  24 Sept 1999
  ----------------------------------------
   Ntpdate is not a service but a one-shot program that uses the default
   route (usually to your ISP) to communicate with the time servers 
   you specify.  The atomic clocks are called Stratum 1 servers, and 
   should not be used.  They communicate, in turn, with high powered 
   and reliable, computer time servers called Stratum 2 servers, which 
   are polled by many people who run Stratum 3 servers.  We often poll 
   Stratum 2 and 3 servers.  Good time servers can be found at:

      http://www.eecis.udel.edu/~mills/ntp/servers.html

   An example 'ntpdate' command that I have aliased is:

      ntpdate tock.cs.unlv.edu clock.psu.edu clock.tricity.wsu.edu
              ns.scruz.net ntp.cox.smu.edu

   which is typed all on one line.  At least four time serves are used
   which increases the accuracy of the time returned.



  4.20  How do I use xntpd?
  6 Jan 2000
  ----------------------------------------
   First some general concepts.  Xntpd is running by default because an 
   (empty) ntp.conf exists.  Xntpd is started from an entry in 
   /etc/inet/config.  Xntpd which implements the Network Time
   Protocol (NTP) is not trivial, and there is a newsgroup called 
   comp.protocols.time.ntp where this topic is discussed in detail.
   You can interact with an xntpd daemon by using the xntpdc command.

   The further away in network hops a time server is from an atomic clock,
   the less reliable it is.  This reliability is called the server's stratum.
    
     Stratum 1 == Atomic clocks.  Please don't use these.
     Stratum 2 == Secondary servers.
     Stratum 3 == Uw7 local clocks default to 3 but should be set to 10 !!!
     Stratum 5 == A good level for your local ntp server.
     Stratum 10 = The proper level for clients and their local clock.

   For every 100 hosts on your intranet, you should configure one ntp client
   to poll two stratum 2 servers (in case one is down).  Then configure all
   the other hosts to poll your freshly synchronized, local time server.

   To setup your Uw7 host as you xntpd local time server:

      A)  Determine which Secondary servers to poll from the list at
          http://www.eecis.udel.edu/~mills/ntp/servers.html

      B)  Add appropriate entries to /etc/inet/ntp.conf by using the
          scoadmin Client Manager -->  Add a Client -->  NTP client.
          Here there is a bug.  You will need to tab and click around
          on the different entries before the scoadmin tcl script will
          allow your cursor into the IP address field.  Now you can
          enter the names of the two time servers you chose in step (A).
          Then enter 127.127.1.0 which is your local clock (RTC) address.
          Click ok and exit the Client Manager.  Configuring like this
          through the Client Manager is what enables the client side
          of xntpd and the server side also.  Exit the Client Manager.

      C)  Edit your new /etc/inet/ntp.conf file:

                  original /etc/inet/ntp.conf
               +-----------------------------------------
               |  broadcastclient no
               |  server 128.xxx.xxx.97
               |  server 192.xxx.xxx.41
               |  server 127.127.1.0
               |  driftfile /etc/inet/ntp.drift
               |  


                  modified /etc/inet/ntp.conf
               +-----------------------------------------
               |  broadcastclient no
               |  server 128.xxx.xxx.97
               |  server 192.xxx.xxx.41
               |  server 127.127.1.0
               |  fudge 127.127.1.0 stratum 5
               |  driftfile /etc/inet/ntp.drift
               |  

   You can see that the fudge line was added to set the stratum of the
   local time server.  Let's call that local time server ns1.local.com.
   To configure the other 99 hosts on your network to use ns1, then
   you would do the same A, B, C procedure above, but only use the
   ns1.local.com and 127.127.1.0 addresses.  Fudge the 99 hosts to stratum 10.

   Observe the effects of xntpd in /var/adm/syslog.  You'll want to be
   sure that your default route is brought up in /etc/inet/config, 
   because then it is established before xntpd tries to use it.
 
   If you want to debug the daemon, observe its status, or modify a
   setting while it's running, you can use xntpdc.



  4.21  Where is my domain name stored in the root filesystem?
  24 Sept 1999
  ----------------------------------------
   You can search every local file for the domain name string
   using the find command along with xargs for speed:

      find / -type f | xargs fgrep -l "domain" > /tmp/p.out

   Xargs is a command line program that groups a bunch of fgreps and
   processes them all at once instead of one at a time.



  4.22  Is DHCP possible with Uw7?
  7 Dec 1999
  ----------------------------------------
   Uw7 has both dhcp client and server capabilities.  I have not been
   able to get dhcp to work with Windows 9x when ptf7401c, Sockets
   and Streams, is applied.  Now that we are up to ptf7401f, this
   may work.  Without that ptf, the dhcp server worked.  I don't
   have the facility to test this at this time.

   In the cusm ng, people are frowning upon using DHCP as it is
   an inelegant tool.  There are better ways to set up your network
   and distribute a working name to address resolution system.



  4.23  What are good IP addresses to use for my private LAN?
  7 Dec 1999
  ----------------------------------------
   The following information is taken from rfc1918, a Request For
   comments by Y. Rekhter, et. al., which obsoleted the older rfc1597.
   Read this document on the web at:

      http://www.faqs.org/rfcs/rfc1918.html

     'The Internet Assigned Numbers Authority (IANA) has 
      reserved the following three blocks of the IP address 
      space for private internets:

          10.0.0.0        -   10.255.255.255  (10/8 prefix)
          172.16.0.0      -   172.31.255.255  (172.16/12 prefix)
          192.168.0.0     -   192.168.255.255 (192.168/16 prefix)

      We will refer to the first block as "24-bit block", 
      the second as "20-bit block", and to the third as 
      "16-bit" block. Note that (in pre-CIDR notation) 
      the first block is nothing but a single class A 
      network number, while the second block is a set of 
      16 contiguous class B network numbers, and third 
      block is a set of 256 contiguous class C network 
      numbers.

      An enterprise that decides to use IP addresses out 
      of the address space defined in this document can 
      do so without any coordination with IANA or an 
      Internet registry. The address space can thus be 
      used by many enterprises. Addresses within this 
      private address space will only be unique within 
      the enterprise, or the set of enterprises which
      choose to cooperate over this space so they may 
      communicate with each other in their own private 
      internet.'

   You would probably want to add packet filtering rules to your external
   router so that you do not allow traffic from these private IP's
   to go outbound from your external nic.


  4.24  How do I setup Uw7 as a router for two subnets?
  24 Sept 1999
  ----------------------------------------
   This is accomplished with two NIC's in the Uw7 host, configured
   with IP addresses on the two subnets.  The procedure looks like this:


      A.  Install the 2nd nic in the case.
      B.  Boot off a DOS disk and run the nic config utility
      C.  Add the 2nd card with a good nodename like myhost1.
      D.  Give the card the right IP on the new subnet.
      E.  Click advanced to set ipsendredirects and ipforwarding.


   Be sure to run each NIC's configuration utility which is usually
   a DOS application in order to fix the card's irq and address if
   it is an ISA card.  You might want to fix the speed and duplex also.

   Then with one card already configured as myhost.mydom.net, 
   use 'netcfg' to configure the other card and enter its name as 
   myhost1.  Enter the appropriate IP address and be sure to select 
   Advanced Options so that you can check the box Use As Router?  Yes.  
   That sets ipforwarding and ipsendredirects (which you can see 
   with 'inconfig').  After saving and exiting, the scoadmin manager 
   will add entries in your /etc/hosts and your DNS A record file 
   db.mydom.net (if it exists).

   Then you should be able to go to the hosts on each subnet
   and add the route to the other subnet.



  4.25  What is a good modem for Uw7?
  24 Sept 1999
  ----------------------------------------
   An external modem is the way to go.  Many people are happy with
   Sportsters, Zoom 56Ks, Multitech, etc...

   Don't use an internal modem.  It may work, but poorly.
   Don't use an internal PCI modem.  It will never work.

   You may wish to apply ptf7423, the ttymon supplement, for
   you modem to work with cu bidirectionally, in addition to ptf7401.
   
   
   

  4.26  How do I set up an outgoing PPP connection?
  27 Oct 1999
  --------------------------------------
   This is most easily accomplished via the gui scoadmin managers.
   Given:  Zoom external on COM1 for a dialout PPP to my ISP.
           My IP:   Assigned at login
           ISP IP:  Assigned at login
           ISP DNS:  206.xxx.yyy.12
           ISP DNS:  206.www.zzz.12

   I am going to start by installing the modem and configuring the serial
   port it is connected to, then configuring the PPP link with the PPP
   Connection Wizard....

     1)  Log in as root to the CDE and start the scoadmin Network Config
         Manager.  Select View --> WAN.  If you had no modems installed,
         your window will show no devices.
     
     2)  Select Hardware --> Add new WAN device --> Modem.
         This starts the modem manager.
         
     3)  Select Modem --> Add --> Manual Configuration.
         ( I could have used Auto, because the Zoom 56K is detectable).
     
     4)  Select your modem manufacturer and model.  I'll use
         Zoom V.34X, because almost every Zoom script is identical,
         and this as good as any.  Select the term/00m port that is what 
         we call COM1.  Then click the Configure Port... button, before 
         you click OK.
         
     5)  This button takes you into the Serial Configuration Manager.
         Port Type = COM1 Modem
         Configure Port = Outgoing Only
         Speed = Auto
         Then ok to exit.  Then ok to exit again.  Then Host --> Exit.
         Back in the Network Configuration Manager, Go ahead and exit
         it also,
         
     6)  Testing the Modem:  Now work at a terminal prompt.  
            
            *   Set the correct UID:GID on the serial port to uucp:uucp
                  chown uucp:uucp /dev/term/00m
            
            *   Directly connect to the modem with cu:
                  cu -l /dev/term/00m
                You should enter the connection screen and see a message.
                You may see an AT.  Type AT and press Enter, and you will
                see an OK or 0.  If you don't, type ATE1 and Enter, and
                then AT again.  That E1 turns echo on, which you need to see
                the data, but you don't need for PPP, that's why it's off.
                You could always just try an ATZ, then AT.  Don't worry about 
                about the state you leave it in.
                
            *   Test that link to see if you get a dial tone:
                  ATDT
                You will hear it after typing that.
                
            *   Type ~. and Enter to disconnect.
         
         If any of the modem aspects don't work, then you'll need to 
         troubleshoot your modem and phone line, which is beyond the scope
         of this Faq.  Fix that before you go on.  The SCO doc's contain
         good modem troubleshooting help.
          
     7)  Now with a working modem, restart the Scoadmin Network
         Configuration Manager again to build the PPP link.  Choose
         View --> WAN and then select Software --> Configure PPP...
         Then choose View --> Bundles screen.  Then Wizard --> Add.   
         Then Outgoing, Start.

     8)  In the Outgoing : Bundle window, setup the following:
     
            Provider bundle name:   earthlink
            Remote System:          epop-sr
            Telephone:              2334492  then  Add
            How to Connect:         Use pppattach  then Next.
     
     9)   Outgoing : PPP Authentication
     
            Authentication Protocol:  None
            Next...
            
     10)  Outgoing : Login Script
     
            Use Script:  Yes
            Login Script:  All are left unchanged except
              2nd Send:  ELN/mschalit    <-- My login name
              3rd Send:  **********      <-- My password
              
           Your username will probably be just your email name,
           but earthlink requires me to prepend an ELN/ before
           my username for logging in.  Then next....
         
     11)  Outgoing : IP Network Protocol:
     
            Local address assigned by:   Remote
            Local IP address/hostname:   0.0.0.0
            Remote address assigned by:  Remote
            Remote IP address/hostname:  0.0.0.0
            Use as default route:        Yes
            Local host acts as gateway:  No
            Act as Proxy for arp:        No
            
          Here I use 0.0.0.0 because it is a manual attach link.
          I select use as default route, because theoretically, this
          is a PPP link to an ISP who will link me out to the world.
          I want any data, not destined for my local computers, to go out 
          to the Internet through my ISP by default, thus the default route.
          The local host will not act as a gateway for all the other computers
          on my LAN so that they can get their data out, in this example.  
          The act as proxy for arp is related to the gateway, and this is
          also not needed, because I am not forwarding all data from my
          LAN out to the net, just from the Uw7 host to the net.
          
     12)  Outgoing : Name Servers
     
            Domain Search Order:
            
              schalit.net
            
            Name Server Search Order:  Put your local DNS server last if any.
            
               206.xxx.yyy.12
               206.www.zzz.12
            
            Then next....
      
     13)  Outgoing : Link Devices
      
            Flow Control:         Hardware
            Multilink max links:  1
            Selected Link Devices:  Add the COM1 ACU  device.
            Then Finish.  You're done.
     
   Now that the link has been created, exit all managers and we'll test it.
   Note these facts:  Manual pppattach links will not be listed in ifconfig -a
   until the link is brought up.  Part of the ifconfig setup is an option
   called 'RFC1323' which gets set on all ifconfig devices.  This RFC option
   conflicts with VJ Header Compression.  RFC1323 is on by default, and
   VJ Header compression is off by default, so the setup is ok at this point,
   but I've found that rfc1323 mucks up some web pages from finishing to load
   or to send, so look in the ifconfig man page and consider turning this
   off if you have a good link but some pages don't complete.  To turn off
   rfc1323, do the following:
   
         ifconfig ppp0 -rfc1323
         
   
   Testing and Monitoring the dialout PPP link:
   
      To test and monitor the state of the pppd as you make the
      outgoing PPP link, use the ppptalk command:
      
        ppptalk debug med bundle earthlink
        ppptalk debug med link link_0
        pppattach earthlink &
        tail -f /var/adm/log/ppp.log
        
     That will set debugging on the bundle and the link device, and
     dial the earthlink bundle, and then tail the PPP log.  If it stays
     on line with the ISP, then your link succeeded.  Often times you
     will have to read the log closely to see what your ISP rejected and
     to modify your PPP configuration to fit that.  
     
     PPP is sensitive to what ptf's you've applied, also.  You can look at
     the ptf setup I used, which is listed in this Faq, under What to Setup 
     Right After ISL.    
     
     If you want you modem speaker on until you connect, then you will
     need to edit your /etc/uucp/default/modem.name.file and change
     the Speaker line to read ATM1.
     
     After my link was up and it didn't hang up on me right away, I
     typed  ping www.sco.com and it worked, so I'm going to stop here.    
          
          
           
 
  4.27  How do I set up an incoming PPP connection?
  27 Oct 1999
  --------------------------------------
   This exciting example of modern networking begins with no modem.
   Follow step (1) through (4) of the above procedure in (4.26).
   Continue here with (5) below.  
   
   The big picture is that I intend to add a modem that is configured
   as incoming/outgoing (this is the key to success!).  I'll test 
   the modem outward using cu on the Uw7 computer to my ISP and inward 
   allowing Uw7 to answer a call from Hyperterminal on NT4 SP5.
   
   I'll then make an incoming PPP bundle so that I can dial in from
   NT4 and login as my unix username, mschalit.
   
   After (1) - (4) above:
   
   
     5)  This button takes you into the Serial Configuration Manager.
         Port Type = COM1 Modem
         Configure Port = Incoming & Outgoing
         Speed = 115200
         Then ok to exit.  Then ok to exit again.  Then Host --> Exit.
         Back in the Network Configuration Manager, Go ahead and exit
         it also,
         
     6)  Testing the Modem:  Working at a terminal prompt.  
            
            *   Set the correct UID:GID on the serial port to uucp:uucp
                if it's not correct:
                
                  chown uucp:uucp /dev/term/00m
            
            *   Directly connect to the modem with cu:
                  cu -l /dev/term/00m
                You should enter the connection screen and see a message.
                You may see an AT.  Type AT and press Enter, and you will
                see an OK or 0.  If you don't, type ATE1 and Enter, and
                then AT again.  That E1 turns on echo, which you need to see
                the data, but you don't need for PPP, that's why it's off.
                You can also type ATZ and Enter to reset the modem, then AT.
                Don't worry about about the state you leave it in.
                
            *   Test that link to see if you get a dial tone:
                  ATDT
                You will hear it after typing that.  Hit ~. to
                disconnect and reconnect with cu -l /dev/term/00m
                
            *   Test the link outbound... Dial the ISP, login, etc.
                   ATDT 2xxyy92
                After you login, disconnect with ~.
            
            *   Test the link incoming... I got on my NT4 box and
                ran Hyperterminal and dialed my Uw7 modem.  It
                answered and I hit enter to get a Login prompt.
                I logged in as myself and was able to ls -l and
                cal and banner hello a bunch of times.  Good.
            
            *   Test the link outbound again.
            *   Test the link inbound again.
            
         All those tests show me that the modem is stable and will
         answer calls and make calls repeatedly.  Good news. 
          
     7)  Now with a working modem, restart the Scoadmin Network
         Configuration Manager again to build the PPP link.  Choose
         View --> WAN and then select Software --> Configure PPP...
         Then choose View --> Bundles screen.  Then Wizard --> Add.   
         Then Incoming, Start.


     8)  In the Incoming : Remote Access Window...
           Remote access bundle:  sysop
           Authentication methods...
             Enable Chap                 = No
             Enable Pap                  = No
             Enable login                = Yes
             Enable Caller ID            = No
           Then Next...
           
     9)  In the Incoming : Login screen.......
            Username:  rasop
            Password:  entered something here
         Next
     
    10)  In the Incoming : IP Network Protocol window.....
         I left it on local and left my local address in there...
    
           Local address assigned by:     Local
           Local IP Address/hostname:     10.1.1.1
           Remote address assigned by:    Local
           Remote IP address/hostname:    10.1.1.103
           Use as default route:          No
           Local host acts as gateway:    Yes
           Act as proxy for arp:          Yes
         Then next......
        
    11)  In the Incoming : Advertise DNS
           Advertise DNS servers:         Yes
           Primary server address:        10.1.1.1    (because I have one)
           Secondary:                     
         The next....
        
    12)  In the Incoming : Link Devices window.........
    
           Flow Control:           Hardware
           Multilink max links:    1
           Selected devices:       COM1  Add >>
         Then finish, then exit, then exit.
    
    Now we are ready to dial in from another computer.  I have set up
    my NT4 box with a PPP link to Uw7.  I told NT to bring up a
    terminal window during the modem negotiation so that I can 
    type in my login:pass.  That's on the Script tab in the Edit
    Modem Properties.  I told it not to do software compression and
    not to do VJ header compression due to the modem compression
    and the rfc1323 being enabled.
    
    When I dial, a little window pops up with three fields:
       username
       password
       domain
       Check Box for save password
    It doesn't matter what I enter there, because I will end up logging
    in with the terminal window.  I entered something and it dialed out and
    popped up the terminal window.  I logged in as rasop and gave it
    the password, and it worked.
    
        
           
      
  4.28  How do I set up bidirectional PPP? 
  24 Sept 1999
  ----------------------------------------
   In an SCO Network Admin class I once took, there was a nice
   guy named Fred, who was an old BBS'er.  He was able to
   get bidirectional PPP working between two Uw710 hosts.
   The key is that they are both Uw7 hosts and they are configured
   similarly and have similar network configuration needs.
   
   After installing ptf7401 and ptf7423, he did the following:

      A)  Setup both hosts with PPP links using the Wizard as Outgoing only.

      B)  On machine A, both IP addresses are Assigned By Local.
          In both spaces put in the real IP addresses of the two hosts.

      C)  On machine B, both IP addresses are Assigned by Remote.
          Use fake addresses like 127.0.0.2 and 127.0.0.3.
 
      D)  After exiting all the scoadmin managers, restart them
          and go back into Network Manager --> Wan --> Configure PPP,
          Modify the bundle and select the box to fix it as BiDirectional.

      E)  Then you can setup the logins, and it should work.




  4.29  I want to disable a particular daemon, how is this done?
  5 Nov 1999
  ----------------------------------------
   You can ask yourself the following questions:

      a)  Is it stand-alone and started via a script in /etc/rc2.d?
      b)  Does it start from /etc/inet/config
      c)  Does it start from /etc/inet/inetd.conf
      d)  Is it run from the Service Access Facility (SAF)?

   Often you will just need to comment something out in the right file.




  4.30  How do I apply changes made to /etc/inet/inetd.conf? 
  24 Sept 1999
  ----------------------------------------
   Changes made to this file can be applied by doing either

      kill -HUP `cat /etc/inet/inetd.pid`

      sacadm -k -p inetd
      sacadm -s -p inetd

   to stop and start it.



  4.31  How do I apply changes made to /etc/inet/config?
  7 Dec 1999
  ----------------------------------------
   Changes made to the config file will only take effect after
   tcp is restarted which can only be done with a reboot.




  4.32  How do I boot an ftp user who is logged in?
  24 Sept 1999
  ----------------------------------------
   This can be accomplished using the ps command:

      ps -ef | grep ftpd | grep -v grep

   which will list everyone who's using ftp into your site.
   Choose the offender and note the PID.  Let's say it is 767.

      kill 767

   gives them the boot. :-)




  4.33  How do I catch someone trying to port scan my Uw7 host?
  24 Sept 1999  by Jim Van Verth
  ----------------------------------------
   The curious out there like to scan the ports of publicly available
   computers.  At times they are trying to attack your system.  So
   you can run a dummy service on an unused port that'll send mail to
   root if someone tries to connect to the port.

   Let's call the new service we are going to create 'probe.'
   Let's have probe run on port 999, which is unused.
   Let's make a batch file that probe runs called 'etcprobe.'
   Probe will be added with an entry in /etc/services.
   Probe will be started with an entry in /etc/inet/inetd.conf.
   Etcprobe will be stored in /usr/local/bin.


       /usr/local/bin/etcprobe
  +-------------------------------------------------------------------
  | #!/bin/sh
  | netstat -an | grep 999 | grep ESTAB | mail -s "Probe Alert!!" root
  |


        /etc/services
  +------------------------------
  |  ...
  |  ...
  |  probe     999/tcp
  |  ...


        /etc/inet/inetd.conf
  +----------------------------------------------------------------------
  | ...
  | probe   stream   tcp   nowait   root  /usr/local/bin/etcprobe   probe
  | 


   Now apply the changes made to inetd.conf with the kill command.
   Test that probe is working by trying to telnet to port 999.
   You'll get mail to root in a few seconds.



  4.34  What web servers are running or not on Uw7 after ISL?
  24 Sept 1999
  ----------------------------------------
   After Initial System Load (ISL), only the scohelphttpd is running.
   Netscape Fastrack Server is not running.
   Netscape Fastrack Administration Server is not running.

      scohelphttp query
      nsfast query
      /usr/ns-home/admserv/ns-admin query




  4.35  Why can't I access the Webtop, my Netscape server, or Netscape Admin?
  7 Dec 1999
  ----------------------------------------
   This happens when no Netscape servers are enabled on those ports.
   The Webtop runs off your usual Netscape server on port 80.

      nsfast enable

   The Netscape Admin server in another daemon run on port 620.

      /usr/ns-home/admserv/start-admin

   There are also instances where an error or a misconfigured
   magnus.conf file will make it difficult or impossile to run the
   server to which that file refered.  It is easy to burger your
   magnus.conf file when you alter your domain name or your network
   IP address.





  4.36  How do I configure remote Netscape administration?
  24 Sept 1999
  ----------------------------------------
   Edit the /usr/ns-home/admserv/ns-admin.conf file and modify the 
   "Addresses" line from

      Addresses 10.1.1.1

   to read

      Addresses (10.1.1.1|10.1.1.2)

   in order to let both 10.1.1.1 and 10.1.1.2 run Netscape Admin Server.




  4.37  What is the login:pass for Netscape Admin?  I can't log in.
  7 Dec 1999
  ----------------------------------------
   The login is   admin
   The pass  is   root's password set during ISL

   If you ever change root's password with 'passwd,' it will not
   change the Netscape AdminServe password.  Be sure to type in the
   one that you entered during ISL.
 
   Sometimes this can get garbled, so have a look at

      /usr/ns-home/admserv/admpw

   to be sure there is a password.  The password in that file
   should be in encrypted form.  Sometimes you just press Enter
   as the password.





  4.38  What do I need to watch out for with ns-admin.conf?
  24 Sept 1999
  ----------------------------------------
   The Netscape Administration Server config file 
   /usr/ns-home/admserv/ns-admin.conf  can give people problems if there
   is a trailing dot in the ServerName or if the servername is wrong.
   This can occur if the hostname has been changed.  If things
   get bad, fix them with: 

      pkgrm nsadmin
      pkgadd -d cdrom1 nsadmin
   



  4.39  How do I do NAT or DNAT or IP Masquerading on Uw7?
  7 Dec 1999
  ----------------------------------------
   There is no way currently to do this in Uw7.  It is proposed and in
   beta testing at the time of this writing.  Check for it at SCO's ftp
   site, at ftp://ftp.sco.com/TLS       
   
   People also like to use Linux to do this, but a full SuSE install isn't 
   quite elegant enough when compared to the following:

      http://www.gnatbox.com/
      http://www.linuxrouter.org/

   The GnatBox, pronounced like the bug, and the Linux Router Project
   are both mini Linux OS's that fit on a single diskette and don't need a
   cdrom or hard drive.  They both contain firewall/NAT capability, support 
   for many common network cards and built in web servers for remote 
   administration.  They are rock solid, fast, and very stable.  The GnatBox 
   is $1000, and uses a parallel port dongle (booo).  The LRP is of course, 
   free :).  I've used them both.  I continue to use the LRP on an old P150,
   and I think it's very good.  See also Section (4.9) in this Faq.




  4.40  Why do I see a 'Disk not sane' error when booting off emergency disks?
  7 Dec 1999
  ---------------------------------------
   This error is either the result of your using the Veritas Filesystem
   package with that ODM thing, or you are lacking some critical ptf's.
   Beware Veritas and that it can't unencapsulate an encapsulated boot disk.
   I seem to recall hearing about a TA or ptf dealing with Veritas and
   emergency booting.  I use a Super-Tar like Lonetar from Cactus software, 
   to have disaster recovery and emergency boot utilities.

  



###############################
                              #
5.  System Administration     #
                              #
###############################

  5.1   What do I want to watch out for, right after ISL?
  11 Oct 1999
  ----------------------------------------
   Don't go changing your host name, your domain name, or your IP address 
   willy nilly.  That data is stored in too many places.

   Xntpd will be running with an empty ntp.conf file.
 
   Routed will be running.

   Be careful of starting the DNS manager; it can start a caching DNS server.

   Netscape server on 80, Netscape Admin Server on 620, Webtop, and Visionfs
   are not enable be default, but scohelphttp on 457 is.

   You need to immediately re-apply update710 if you just installed Uw7.1.0.
   You need to look closely at whether there is an updated NIC driver.

   The scohelp files need to be indexed, but you may still be installing
   software, so decide and then index it.

   Root can't ftp in by default.

   Be careful of applying any ptf.  Only do one at a time and really
   look around for problems is causes like licensing errors.  Look
   at your syslog and osmlog after rebooting.

   Any Real Networks apps need to be pkgrm'd and re-added after the 
   audio subsystem is configured.

   Skunkware apps will need /usr/local/bin in your PATH, and they'll need
   /usr/local/man in your MANPATH, which is kept in /etc/default/man.




  5.2   What do I want to set up, right after ISL?
  7 Dec 1999
  ----------------------------------------
   It occurs to me to install things in the following way which took me 
   many attempts to do without causing issues.  Your results WILL vary :)

      A) update710 again if I just installed Uw7.1.0
      B) /etc/hosts, and ping a few things for curiosity's sake.
      C) A few user accounts.
      D) ksh login for root, because I like filename completion.
      E) Create /.profile and add a few aliases and EDITOR=vi.
      F) ptf7408  Security
      G) nics_710, then nd_710  latest versions.
      H) audio.710.pkg  then scoadmin audio
      I) All the other PTF's.  See Section (5.3).
      K) Make emergency Boot and Root.  
      L) nsfast enable.
      M) ln -s /usr/bin/clear /usr/bin/cls  :)
      N) /usr/vision/bin/visionfs setup
      O) gzip, mtools, glibs, xpm, less, gs, gv, jdk117a, jdk117pls, jdkman
         jdkdoc, xpdf, swing, bash, pine, gcc, glib.  Or something like that.
      P) A backup program.
      Q) scoadmin Network Manager --> Add Wan Device --> Serial Port
         and configure it then add my external Zoom 56k modem
         which is autodetected nicely.
      R) umask.
      S) Set up my default route through DSL hopefully.
      T) Set up nameserver entries in /etc/resolv.conf if I have an active
         link to a DNS server.
      U) Add /usr/local/bin to the path in /etc/profile.
      V) Add /usr/local/man to the MANPATH in /etc/default/man.
         Defadm has a bug and can't parse /etc/default/man, use vi !
      W) Apply Security Patches (SSE's) as described in Section (6).
      X) Create DNS server and Printers if necessary.

   With the help of others in the comp.unix.unixware.misc newsgroup,
   we've found that a vast majority of systems will run smoothly nowadays
   if we apply the minimum patch listing of PTF's and any optional ones
   that you need for your unique setup, in the right order.  See the
   next question for the details.



  5.3   In what order do I install all those PTFs?
  7 Dec 1999  by Roberto Zini.
  ----------------------------------------

    " Subject: Re: Patches installation order under UW7.x
      From: Roberto Zini <fred@strhold.it>
      Newsgroups: comp.unix.unixware.misc
      NNTP-Posting-Host: fred.strhold.it


      Hi !

      I've managed to build the following list for UnixWare 7.1 :


      ptf7425a - This patch replaces the original UW7.1 installation 
                 diskettes.  Use it only if required.
      ptf7401h
      ptf7410b
      ptf7414a
      ptf7406b
      ptf7408c
      ptf7413g - ptf7425a should not be installed on the top of ptf7413g
      ptf7407b
      ptf7433a
      ptf7436a
      ptf7432a
      ptf7430b
      ptf7428c
      ptf7424a
      ptf7423a
      ptf7421b
      ptf7420c
      ptf7419c
      ptf7418a
      ptf7417a
      ptf7411a
      ptf7402a
      ptf7129a
      ptf7058b
      ptf7045d
      ptf7035a
      ptf7132a

      xdrivers.710a.pkg
      xserver.710b.pkg
      audio.710a.pkg
      
      The following patches could be installed accordingly to your 
      needs (ie, if you have problems with some specific HW stuff)

      ptf7134a
      ptf7133a
      ptf7125a
      ptf7083b
      ptf7067e
      ptf7066a

      Hope this helps !

      Best,
      Roberto"

   This list changes rapidly, as SCO adapts quickly to problems with Uw7.
   If you take a look at http://www.sco.com/support/unixware7/
   you will find the latest versions of the above ptf's and new ones.
   It really helps them when we submit thorough, well reasoned bug reports.



 
  5.4   What logs do I want to follow?
  7 Dec 1999
  ----------------------------------------
   There are a few logs that will grow over time and ones
   that contain useful information:

      *  /var/adm/syslog
      *  /var/adm/log/osmlog
      *  /var/adm/log/ppp.log
      *  /usr/vision/vfsdata/logs/error.log
      *  /.dt/startlog
      *  /.dt/errorlog
      *  /var/adm/sulog
      *  /var/webtop/log/error.log 
      *  /usr/ns-home/httpd-scohelphttp/logs/access
      *  /usr/ns-home/httpd-80/logs/access
      *  /usr/ns-home/admserv/access



  5.5   Where are errors recorded?
  7 Dec 1999
  ----------------------------------------
   In all the files in section (5.3) and:

      *  /var/dt/Xerrors
      *  /usr/ns-home/admserv/errors
      *  /usr/ns-home/admserv/cron.error
      *  /usr/ns-home/httpd-80/logs/errors
      *  /usr/ns-home/httpd-scohelphttp/logs/errors
      *  /var/uucp/.Admin/errors
      *  $HOME/.dt/errorlog
      *  /var/adm/log/*.err





  5.6   Do I like Uw7?  Is it helpful?  Does it harsh my reality?
  7 Dec 1999
  ----------------------------------------
   The bugs and idiosyncrasies can get to me sometimes, but they are
   rapidly being fixed with patches.  I just try to take care and do
   any modifications to my test system first.  I try to appreciate
   the fact that Uw7 is almost mature.  I keep an intense log book 
   that details my every action and their exact time.  When I see an 
   error starting to occur at a given time, I know just what happened 
   at that moment.  After those issues and a bit of fishing, I like it 
   more than any other PC based OS I've every used.



  5.7   A program that was running has crashed and is locked up, why?
  25 Sept 1999
  ----------------------------------------
   When a program crashes, it's the running processes that are hanging.
   When a program crashes, we need to run a ps -ef and grep the output
   for the name of the program or the name of the process and kill it
   off if necessary.



  5.8   What are the keys I press to kill a foreground process?
  7 Dec 1999
  ----------------------------------------
   When you are running a program that is seemingly stuck, like an
   nslookup that isn't working, you can press the 'Delete' key or
   'ctrl-c'.  If neither of those work, you can try 'ctrl-\', but
   that will dump a core.



  5.9   How do I find and kill a background process?
  7 Dec 1999
  ----------------------------------------
   Let's say that a process called tasker is hung and we need to kill it.
   Run the command:

       ps -ef | grep tasker | grep -v grep

   and get the PID of the process.  Let's say the PID is 8376.  Type:

       kill 8376           <--  First try this.  It's the nicest kill.
       kill -1 8376        <--  If that doesn't work, try this.
       kill -2 8376        <--  If it's being stubborn, try this.
       kill -9 8376        <--  This will kill anything, but it's rough.

   After you try the first kill, do another ps -ef to see if the process
   is still running.  If it is try the next kill, and so on.



  5.0   What are the various 'kill' command arguments?
  25 Sept 1999
  ----------------------------------------
   There is a nice discussion of this in 'man 5 signal.'
   Some of the different kills in order of increasing power:

      kill -15  SIGTERM   Exit    Terminated
      kill -1   SIGHUP    Exit    Hangup
      kill -2   SIGINT    Exit    Interrupt
      kill -3   SIGQUIT   Core    Quit
      kill -9   SIGKILL   Exit    Killed



  5.11  What are the Security Profiles and their password restrictions?
  25 Sept 1999
  ----------------------------------------
   Low              Passwords not required
   Traditional      Passwords required.  Default minimum == 3 chars.
   Improved         Passwords required.  Default minimum == 6 chars.
   High             Passwords required.  Default minimum == 8 chars.



  5.12  What are the restrictions on login names?
  25 Sept 1999
  ----------------------------------------
   Then maximum login name length is 254 characters.  Any name longer
   than 8 characters must be created using the useradd command.
   The name should not contain upper case letters.  No colons.
   It can't start with a number.



  5.13  What's a umask?  What's the default umask?
  7 Dec 1999
  ----------------------------------------
   The umask is a set of numbers like 0022.  It specifies which 
   permissions to withhold when a directory or file is created.  The 
   default umask is set in /etc/profile and /etc/cshrc.  For Low and 
   Traditional, it's 0022.  For Improved and High, it's 0077.  To see 
   what permissions a file or directory will get when created, do the 
   following:

      always start with                    1  7  7  7 
      write in the umask                   0  0  2  2
      subtract                           --------------
      equals the directory perms.  -->     1  7  5  5
      which we see as                       drwxr-xr-x
      to get file perms enter              1  1  1  1
      and subtract again                 --------------
      equals the file perms.    ----->     0  6  4  4
      which we see as                       -r-xr--r--




  5.14  What's an environment?  What's a .profile or .cshrc?
  25 Sept 1999
  ----------------------------------------
   A users environment is a series of name=value pairs that
   hold values specific to that user.  People are familiar with
   the environment variables named PATH and HOME.  The environment for
   a user can be set in their $HOME/.profile or their $HOME/.cshrc
   if the user is using csh.



  5.15  Where are all the possible places to set the environment?
  7 Dec 1999
  ----------------------------------------
   All the possible places include:

      /etc/profile
      /etc/cshrc
      /etc/default/su
      $HOME/.profile
      $HOME/.login
      $HOME/.cshrc
      $HOME/.kshrc
      $HOME/.dtprofile


   It is not a good idea to use .kshrc because it gets parsed too often.
   If you put your user's environment modifications in their .profile 
   instead, then your system will run faster.

   It's important to note that root's environment is special and that
   root's PATH get's entirely set in /.profile.  This is done as a 
   security concern.





  5.16  Where do I change the default account aspects, like the login shell?
  7 Dec 1999
  ----------------------------------------
   You can use the 'defadm' command to manipulate your /etc/default/* files:

      defadm useradd

   Defadm has a bug where it can't parse the /etc/default/man file because
   one of the paths is too long.  It also has problems with another
   file, /etc/default/login, which is important because it needs
   to delay hackers from attacking the system.  In that file, it has
   a problem because, right after ISL, the MAXTRYS= null entry screws
   up the works.  Nothing after that line is parsed during login attempts
   as far as I could tell.  I fixed it by putting in a MAXTRYS=50 or
   some such number.




  5.17  How do I reuse a UID after deleting the original user?
  25 Sept 1999
  ----------------------------------------
   By default, Uw7 doesn't let you reuse a UID for a period of one year.
   The default can me modified with 'defadm userdel.'  The aging UIDs 
   can be found in and deleted from:

      /etc/security/ia/ageduid




  5.18  What are the advantages of command line 'userdel?'
  25 Sept 1999   contibutors:  OLC
  ----------------------------------------
   The command line userdel will allow you to remove a user but leave
   their home directory intact.  It will allow you to specify when to
   allow the UID to be reused.



  5.19  What are the advantages of command line 'usermod?'
  25 Sept 1999   contributors:  OLC
  ----------------------------------------
   The command line usermod will allow you to change a UID or a login name.



  5.20  Where do I change the default password restrictions, such as length?
  25 Sept 1999
  ----------------------------------------
   Use the command 'defadm login' to view these restrictions.  The
   defadm command will let you change the settings too.  You can
   always use vi on /etc/default/login.



  5.21  How do I record unsuccessful login attempts?
  7 Dec 1999
  ----------------------------------------
   This has a major bug.  The bug is that during ISL, the file
   /etc/default/login that controls all the aspects of unsuccessful
   login attempts, is created with an empty line MAXTRYS=
   that breaks the whole thing.  Lines after MAXTRYS are ignored!
   I found this the other day when I went to look at my loginlog and
   it was completely empty and I couldn't get anything to log nor
   could I get any changes to work in /etc/default/login, nor could
   I get Login process to behave as it claims it will in the man page.
   
   To get the all /etc/default/login subsystems to work again, just
   be sure to put in a value for MAXTRYS, such as MAXTRYS=30.
   Try to not have empty fields in any /etc/default/... file.

   To Make the System Log:

   You can create the file

      -rw-------   root  sys  0  /var/adm/loginlog

   with the touch command and the chmod command.  Then enter:

      defadm login MAXTRYS=50       <--  because that needs to be non-null.
      defadm login LOGFAILURES      <--  to see what it is set at.
      defadm login LOGFAILURES=2    <--  if you want to log after two failures.




  5.22  How do I lock an account?  How do I unlock an account?
  7 Dec 1999
  ----------------------------------------
   You can use the command line utilities on user foobar's account:

      passwd -l foobar      <--  to lock the account named foobar
      passwd  foobar        <--  to unlock the account by issuing a new pass.

   There was a bug that's just been solved with a TA and a PTF that
   fixes the problem where you could not create an account and force
   the user to change their password at the next login.  We were faced
   with a locked account instead of being faced with a logged in user 
   looking at the password change screen.  Thanks SCO!





  5.23  How do I control process priority in Uw7, with nice?
  7 Dec 1999
  ----------------------------------------
   If you're about to run a program, use            nice 10 myprog
   If the program is running as a process, use      renice 10 myprog

   To view a process's priority, whose PID is 8376

      priocntl -d 8376

   You'll see that priorities for regular old programs range from 
   -20 to 20.  You'll want to set your find command down to a 
   priority of -15 or so to go easy on everyone else.  To get your 
   process more cpu cycles, get its priority up to 10 or so.

   Only a priveleged user can boost a prioity.




  5.24  What's good to know about cron in Uw7?
  25 Sept 1999
  ----------------------------------------
   It checks the validity of your cronfile when you modify
   it with 'crontab -e' and exit.  You can't have any empty
   lines in a crontab file, or the whole file will be ignored.
   List your crontab with 'crontab -l.'




  5.25  How do I monitor the amount of space left on my drives?
  7 Dec 1999
  ----------------------------------------
   Root can use the commands such as these:

      dfspace
      quot -F vxfs /
      du -ks /etc
      repquota -F vxfs /home




  5.26  How do I determine disk usage by user?
  5 Nov 1999
  -----------------------------------------
   Use the quot command and give it a filesystem mount point as an argument.
   It will list the number of blocks used by user.
 
      quot -F vxfs /home
      quot -F vxfs /




  5.27  How do I locate and remove 'core' files?
  7 Dec 1999
  -----------------------------------------
   In Uw7, there are system files named

      core.4.html
      core.ph
      core.h

   so searching for core* and rm'ing that would be an oops.
   What is safer, is a find with an rm that confirms before removing
   the file so that you can spare the core.ph file and others.

   All core files in Uw7 that are dumped by processes are named core.PID;
   where PID is the processes id.  To remove them, try the following:

      find / -name "core.*" -ok rm {} \;

   Then press 'n' for any files you need to keep or 'y' to delete it.



  5.28  What is the DCU?  What do I need to know about it?
  9 Oct 1999
  -----------------------------------------
   The DCU is the Device Configuration Utility which is a character
   based, menu driven interface for viewing and modifying the hardware
   configuration of your computer, such as IRQ's and port addresses.

   You can always exit and cancel any changes.
   It is one of the only ways to see your hardware setup, unlike OpenServer 5
   which had the handy hwconfig -h.

   During ISL, you have only one chance to enter the DCU.  You can not go
   back using the F9 key and enter it a second time.  You can't enter it
   once you skip it.

   During ISL, it is a good idea to go into the DCU and disable any HBA
   drivers for which you don't have hardware.  There are about a dozen
   or so, and you don't need them all.  




  5.29  How do I spool a package instead of install it?
  7 Dec 1999
  ------------------------------------------
   You can do this with:

      pkgadd -s -d cdrom1 packagename

   I was not able to spool a download package, such as a ptf.
   I even tried pkgtrans, but to no avail.  I guess it must
   be redundant to spool a downloaded package.




  5.30  How do I change the resolution / colors on my video card?
  15 Oct 1999
  ------------------------------------------
   To make adjustments to your display settings, you can use the
   scoadmin video manager in either CHARM or GUI mode.  You have the
   ability with this manager to test the settings first, before making
   them permanent.



  5.31  Will you describe the boot process please?
  7 Dec 1999
  ------------------------------------------
   The boot process was taught to me in my Uw7 Admin II class at
   the Open Learning Center in Santa Cruz.  Here is what happens
   when you push the power button on a Uw7 computer:

      A.  The mainboard bios loads runs a series of tests called POST,
          for Power On Self Test.
      B.  After POST, the BIOS loads Sector 0, Cylinder 0 on the
          boot drive that was chosen in the BIOS setup (A,C).
      C.  This sector is what we call the Master Boot Block, or the
          Master Boot Record (MBB or MBR).  This contains the partition
          table which is read to determine the active partition.
      D.  The secondary bootstrap then reads sector 0 of the Active 
          partition and loads what it finds there.  On Uw7, this is the 
          boot slice, # 7, which is raw data and contains the boot program.
      E.  The boot program runs and we see the splash screen.
          If no keys are pressed for 5 seconds, then the system continues
          to boot up.  If a key is pressed, you see a boot: prompt and the
          system pauses.  When the system continues loading, boot reads 
          some or all of the following files from /stand:

            stage3.blm
            bfs.blm
            dcmp.blm
            hd.blm
            platform.blm
            smallfs.blm

           If the computer can't find /stand, then you will get an error
           like, "Can't load Stage3."

      F.  Boot reads and acts upon the data in:
          
            /stand/boot
            /stand/bootmsgs

      G.  Boot loads and runs the kernel, unix.

      H.  After the kernel is successfully loaded and running in memory, 
          you see the message, "The system is coming up."

   --------

      a.  Sysproc (as PID 0) loads, executes, and starts init.

      b.  Init (as PID 1) executes, and reads inittab to set the initial 
          run level and mount filesystems.

      c.  Init goes through the inittab and runs all the programs it is 
          told to, based on the run level that the system is entering.

      d.  Almost always, this includes reading and running /etc/rc2 which
          runs all the S##scripts in /etc/rc2.d.

      e.  init starts the login sessions (via /etc/rc.d)
               starts File and Print sharing (via /etc/rc3.d)
               starts programs after logins have started (via /etc/dinit.d)

   Then you should see a login prompt, either GUI or terminal text.




  5.32  What is the default run level for Uw7?  How do I set it?
  15 Oct 1999
  ------------------------------------------
   The default run level is either 2 or 3 depending on whether you installed
   Netware utilities or NFS utilities during ISL, and can be set in the
   /etc/inittab file.  Here is the line from that file where it is set:

      is:3:initdefault:


     
  5.33  What does 'Can't load stage3' mean?
  7 Dec 1999
  ------------------------------------------
   As described above in the boot process question, the system will return
   a "Can't load stage3" error when it can't find the file /stand/stage3.blm
   when the system is booting.  This commonly happens when you've installed 
   Uw7 into a partition so that the /stand slice exists entirely or in part 
   beyond the 1024th cylinder.



  5.34  What can I do at the boot: prompt?
  15 Oct 1999
  ------------------------------------------
   If you hit the spacebar when you see the Uw7 splash screen, you can
   access the usual unix style  boot:  prompt.  You can't type ls, but
   you can type dir.  You can type ? to get a list of commands.  
   You can boot the computer by typing boot, b, go, or g, then Enter.
   You can boot to init 1 by typing initstate=1, then go.  You can boot
   the unix.old kernel by typing BOOTPROG=unix.old, then go.  You
   can boot to a DOS partition by typing:  b hd(0,dos)



  5.35  Where do I set autoboot time, after which the system goes multiuser?
  15 Oct 1999
  ------------------------------------------
   You can set the variable AUTOBOOT=15 in the file /stand/boot
   to set the autotimeout at 15 seconds, instead of 5 seconds.
   This is the number of seconds that the splash screen will
   stay up before autobooting the system.

   You can also set a variable called TIMEOUT=60 in /stand/boot
   to set the number of seconds to 60, that the computer will wait at
   a boot:  prompt before booting.  Normally the computer will wait
   indefinitely (TIMEOUT=0) if the user presses a key during the 
   AUTOBOOT delay and causes the boot: prompt to appear.



  5.36  How do I boot unix.old?
  15 Oct 1999
  ------------------------------------------
   To boot the old kernel, unix.old, that was running before you relinked
   the kernel, type the following at the boot:  prompt,

      BOOTPROG=unix.old
      go



  5.37  How do I make a change to the /etc/inittab file?
  15 Oct 1999
  ------------------------------------------
   We often make changes to the /etc/inittab file when we want to
   to make a change to the initstate or how a terminal is behaving.
   To make a permanent change to the inittab file, you will need to
   edit two files:

      /etc/conf/init.d/kernel
      /etc/inittab

   Manually editing these two files works well.  The inittab file is
   made from the kernel file whenever the idmkinit command is run, so
   editing them both accomplishes the task of running idmkinit an copying
   the file to /etc.



  5.38  Why does my system hang during startup or during shutdown?
  15 Oct 1999
  ------------------------------------------
   The system executes one file at a time in the /etc/rc2.d directory
   and waits for the file to finish running before it starts the next
   file.  Sometimes the ppp or the lp script can hang, and you can
   see this by typing ps -ef.  Look for an S##script that is stuck.



  5.39  How do I rebuild the kernel?
  20 Oct 1999
  ------------------------------------------
   To rebuild the kernel: 
   
      *  log in as root 
      *  /etc/conf/bin/idbuild -B
      *  shutdown -g0 -y -i6

   By rebooting with the -i6, the environment maker idmkenv is run on reboot.


  5.40  How do I rebuild the MBB or MBR?
  7 Dec 1999
  ------------------------------------------
   Sometimes the MBB of the computer's root hard drive gets trashed and
   you will not be able to boot the computer from the hard drive.  You will
   probably see a NO SYSTEM DISK, or NO OS error from the BIOS.   If you 
   boot from your boot/root emergency disks, you can use fdisk to recreate
   your MBB.  Enter the fdisk program and you'll see the MBR option on
   the main menu.  These days, I'm using a SuperTar more often, because
   two of them have Emergency Recovery Programs.



  5.41  How do I rebuild the boot slice?
  7 Dec 1999    by Tony Nelson
  ------------------------------------------
   If your boot slice has been corrupted, boot will not load, and
   probably nothing will appear on your screen after POST.  You will
   see no Uw7 splash screen.  If you need to rebuild your boot slice,
   you can do this as follows:

      *   Boot off the emergency disks
      *   Mount the filesystems
      *   Access a Unix shell
      *   /mnt/usr/bin/disksetup -b /mnt/etc/boot /dev/rdsk/c0b0t0d0s0
      *   exit
      *   ctrl-alt-F1
      *   Reboot


 
  5.42  How do I figure what process caused a core dump, such as core.242?
  7 Dec 1999  by Robert Lipe
  ------------------------------------------
   You can easily find this information by typing:

      # file core.242

        core.242:      ELF 32-bit LSB core file 80386 Version 1
                    Arguments = '/etc/ifor_pmd '



  5.43  What are the important tunable parameters I might adjust like MAXUP?
  7 Dec 1999
  ------------------------------------------
  There isn't much you can tune to increase performance.  Most 
  parameters are autotuned these days on Uw7.
  
  There are a few important tunables that you may run into like MAXUP,
  ULIMIT, and MAXLINK.  Search your http://localhost:457/ pages for
  Tunable Parameters and read about them.  The first three sections are
  the important ones.  Here's a summary:
 
  To view a tunable:      /etc/conf/bin/idtune -g MAXUP
  To set a tunable:       /etc/conf/bin/idtune -m MAXUP 250
 
  Now there are two types of tunable parameters, internet and KERNEL.
  
    *  internet:  parameter names are lower case
                  tunables stored in /etc/inet/dfl
                  
    *  KERNEL:    parameter names are upper case
                  tunables are stored in /etc/conf/mtune.d
                                         /etc/conf/autotune.d
  

  Important ones are:                             Default Value:
  
    *  ULIMIT    block size of the largest file          2097151
                 listed in /etc/default/login
                 
    *  MAXLINK   Maximum number of subdirectories           1000
                 allowed in a directory
                 changed with idtune.
                 
    *  MAXUP     Maximum number of processes an               80
                 unprivileged user can run.
                 changed with idtune.
 
    *  NPROC     The maximum number of processes             400
                 possible on the system.
                 changed with idtune.
    
    *  SFSZLIM   Soft size limit for a user file           3FFFFFFF
       HFSZLIM   Hard size limit for a user file           3FFFFFFF
       
    *  SFNOLIM   Soft limit on the number of files a user opens.
       HFNOLIM   Hard limit on the number of files a user opens.

  


  5.44  How do I stop the X desktop or the CDE from running?
  30 Oct 1999
  -------------------------------------
   You can use the following commands to have an affect on the CDE or
   what people commonly call the X desktop:
   
      scologin enable
      scologin disable
      scologin start
      scologin stop
   
   You don't need to scologin stop when you change your video settings.
   Any new settings will take affect the next time you log in.
   
   If you run a scologin stop, then log in on some terminal like vt04,
   you can do do a startx to bring up the PMWM instead of the CDE.
   

   
  5.45  How do I send a pop-up message to the Windows machines on my LAN?
  7 Dec 1999
  ---------------------------------------
   With Visionfs, root can send a broadcast pop-up message to Windows machines.
   The command is something like:

     /usr/vision/bin/visionfs message --to luke --from Sysop Hello World.

   Where fred is using NT on host luke, and the message can be longer 
   than Hello World.  But a \n newline doesn't work, and you must fit 
   your message into one continous command line.




  5.46  How do I change the message I see at the login prompt?
  26 Dec 1999
  ----------------------------------------
   Modify the /etc/issue file.  Normally you're presented with one 
   of these prompts:  

       Welcome to UnixWare 7.1.0
       The system's name is yoda.

       Login (vt04): 

   Or you see the following when you telnet in:

       SCO UnixWare 7.1.0 (yoda) (pts/2)

       login:

   You can have this give more or less information as your security
   needs dictate.




  5.47  How do I get the character terminals to blank the screen?
  26 Dec 1999
  ----------------------------------------
   There is a kernel parameter called TBLNK that you can easily 
   modify with vtblank (1M):

      # vtblank           -  View TBLNK seconds and (on | off) state
      # vtblank -s 60     -  Set the screen to blank after 60 sec, turn on.
      # vtblank -m 1      -  Set the screen to blank after 1 min, turn on.
      # vtblank -o off    -  Disable screen blanking, leave TBLNK unchanged.
      # vtblank -o on     -  Enable screen blanking.




###############################
                              #
6.  Security                  #
                              #
###############################

  6.1   What are the system security features?
  7 Dec 1999
  --------------------------------------
   The system controls access to files via permissions and user logins.  
   The system controls access to and from the network via Tcp Wrappers and 
   Packet Filters.  The system controls access to sensative system commands
   via permissions and privileges, using the commands su, tfadmin,
   adminrole, and adminuser.  There is a special type of user besides
   root called a system owner, that is a security risk, and should not
   be used willy nilly.  It turns out that anyone with system owner
   privilege can issue the command  /sbin/tfadmin passwd root and change 
   root's password.  It's not a good idea to give people system owner 
   accounts.  

   There is a Skunkware program called sudo, an enhanced su, that people 
   like also.




  6.2   What are permissions?
  25 Oct 1999
  --------------------------------------
   Permissions are the -rwxr-xr-- bits and the UID:GID on the file that you 
   see when you do a long listing on a file.  These are discussed in 
   Section (2.6) and elsewhere.




  6.3   What are Tcp Wrappers and Packet Filters?
  7 Dec 1999
  --------------------------------------
   Tcp wrappers control who is allowed to access the services run via inetd.
   And packet filters control exactly which packets are allowed to move in 
   and out of each NIC.  Both allow and deny certain things to happen
   based on a set of rules that are checked in order.  The first rule to
   match the item being tested is the rule that gets applied.  These commands 
   are discussed in Sections (4.10) and (4.11).



  6.4   What are privileges?
  7 Dec 1999
  --------------------------------------
   Users need to be granted the privilege to run important system commands
   like kill, shutdown, and ifconfig.  Privileges are an additional way, 
   besides permissions, to control who can run sensitive commands like 
   shutdown and ifconfig.  By using privileges, root can grant the right 
   to run a command or group of commands, rather than give out the root 
   password and telling the user to use su.  When a user has been granted 
   privileges to use a command, they execute that command as if they were
   root, using that command as an argument to the tfadmin command, as in

      /sbin/tfadmin shutdown -g0 -y -i6

   (The system maintains a security privilege database, and it can get 
   corrupted.  See also Section (1.15).  Check it by typing /sbin/initprivs
   and fix it with /etc/security/tools/setpriv -x.



  6.5   What are the alternatives to su?  A user needs a privilege.
  25 Oct 1999
  --------------------------------------
   Instead of granting every right by giving out the root password and
   telling someone to use su, we use the tfadmin command and the privilege
   mechanism.  This allows us to grant specific access.



  6.6   How do I use tfadmin, adminuser, and adminrole, instead of su?
  25 Oct 1999
  --------------------------------------
   To use privileges instead of su, we do the following:

      A)  Create a group of commands that a user needs, called a role,
          with the adminrole command
      B)  Assign a user or users to that role with adminuser.
      C)  Then they can execute the commands using tfadmin.

   This is straightforward enough.  The following is an example, where I'll 
   grant the privilege to use 'kill' and 'shutdown' to Yurtle:


   Script started on Mon Oct 25 20:56:10 1999
   # id | awk '{ print $1 " " $2 }'
   UID=0(root) GID=3(sys)
   #
   # /bin/adminrole -n SCRAM
   # /bin/adminrole -a kill:/bin/kill:allprivs SCRAM
   # /bin/adminrole -a shutdown:/sbin/shutdown:allprivs SCRAM
   # /bin/adminuser -n -o SCRAM yurtle
   # 
   # ^D
   
   script done on Mon Oct 25 21:00:45 1999


   That's all there is to it.  Yurtle can kill anything and shutdown
   at anytime now, as long as initprivs returns nothing, by typing:

     /sbin/tfadmin shutdown -g0 -y -i0




  6.7   What are some gaping security risks I need to patch immediately?
  7 Dec 1999
  --------------------------------------
   There are several CERT advisories that pertain directly to UnixWare 710.
   As such, these documented security risks are well known throughout the
   net underground, and if someone knows your system, they may try these.
   If system security is at all important to you, then apply the SSE patches.
   Please take a close look at the following SCO Security Web page:

      http://www.sco.com/security

   I am running the following SSE patches on my system:

      SSE 7028   Sendmail          7.1.0 only
      SSE 7029   mailcap           7.1.0 only
      SSE 7030   rpc calendar      7.1.0 only
      SSE 7033   Bind
      SSE 7035   ftpd              7.x.x
      SSE 7039   Su
      SSE 7041   X Windows
      SSE 7042   Xlock
      SSE 7046   Uidadmin


   There's a hole in Pine up through 4.10.  There are many other attacks 
   that people can use to exploit Unix.  Have a look at:
   http://oliver.efri.hr/~crv/security/bugs/list.html
   for an extensive list of security exploits that may pertain to you.
   
   There's a way for people to flood your ports and create a DoS attack.
   The http://www.sco.com/security page has a way to guard against that.

   There is the problem that anyone with system owner privileges on Uw7
   can change root's password with /sbin/tfadmin passwd root.

   Any emergency recovery diskettes that you make are like master keys
   to your system.  Anyone with those can reboot your computer and boot
   off of those (if the floppy is enabled) and change root's password.
   Try to guard those as tightly as you guard root.

   The Tcp Wrappers are excellent, and you may want to use them to
   protect telnet, rlogin, and rsh, so that people can't just log in 
   remotely.  People like to use ssh to do secure telnet.




  6.8   I'm not sure if I should apply a Uw7 security patch, what do I do?
  31 Oct 1999
  --------------------------------------
   Each SSE### patch will only install on the exact version of UnixWare 
   for which it was written.





###############################
                              #
8.  Third Party Software      #
                              #
###############################

  8.1  ssh2
  18 Sept 1999  -  by Mikhail Kuperblum
  ----------------------------------------
   ssh2 compiled well on Uw7.1.0 noting the  following:
   a) modify the "configure" script to force "sco-style ptys"
   b) CC=cc ./configure --host=i686-unknown-sysv4
   c) make


  8.2  Star Office
  18 Sept 1999 - by Roberto Zini
  ----------------------------------------
   Star Office 5.x  does not run on Uw7.1.0 due to the lack of
   thread support in lxrun at this time.  Look for Sun to
   distribute a Java version of Star Office in the end of 1999.


  8.3  Where do I find a piece of software call "xxxxxxxxxxx" for Uw7.1.0?
  18 Sept 1999
  ----------------------------------------
   There are many programs available for UnixWare7 on the Open License
   Software Supplement (OLSS, or Skunkware) which has its home at:

      http://www.sco.com/skunkware/

   There is an archive for UnixWare called Freebird, located at:

      http://www.freebird.org/


  8.4  Lonetar, Backup Edge, Backup Professional
  6 Jan 2000
  ----------------------------------------
   I've used Lonetar for years and I swear by it.  I have heard many
   people who will say the exact same thing for Backup Edge.  Both of 
   those have Emergency Recovery software.  I've used Airbag and it
   has a bunch of nice features.  Beware of the Putfront, though.
   Backup Professional is another product by Cactus and it worked well
   for me, but was too tricky for me to be happy with.

   When using Lonetar on Uw7.1, it will modify the access times of all
   your files that it backs up, corrupting your security privilege
   database (initprivs).  This can be fixed with setpriv -x as described
   elsewhere in this Faq.  This can be prevented by editing the
   Ltar.X.cron and Ltar.X.tape files in /etc/lone-tar, where you would
   replace the 'X' with 'M' 'V' 'S' and 'I' for Master, Verify, Selective, 
   and Incremental.  The details are in the new Lonetar online Faq.
   You'll end up searching for OPTIONS= and removing any lower case 'a'.





  8.5  What is on the OLSS (Skunkware)?
  18 Sept 1999
  ----------------------------------------
   Here is a list of the programs on the Uw7.1.0 OLSS disc:

   a2ps aalib Acme addressbo AnswerGar apache ApacheJMe astrolog autoconf bash 
   bb bison bladeenc blt24g bzip2 calc catdoc cdrecord cgiwrap Count cpio 
   ctags cvs dejagnu ecu egcs elvis enhydra enscript eperl esound Eterm 
   expect528 fetchmail file fileutils findutils flex fnlib freefonts freeWAIS 
   ftwalk fvwm fvwm95 fweb fwf gawk gdb getline gimp glibs glimpse gnucash 
   gnuplot gphoto groff gs guile gutils gv gzip htdig httpanaly hypermail 
   ImageMagi infozip inn ipalias irc ispell itcl301 jikes jsdk kde less lsof 
   lwgate lyx majorcool majordomo make maplay mathrec mc md5 mgdiff 
   mkpkg mpack mpeg2enco mpegplay mpg123 mtools mutt mysql nana ncftp 
   nedit nvi objc orion palmpilot patch pixmap povray procdump
   procmail psutils python qtfree rcs rpm rxvt sbart sentry sgmltools 
   sharutil skunkperl slrn snd squid stl strobe sudo swing tanked tar 
   tcl804 tclx804 tcsh teTeX texinfo tik timidity tk804 tkinfo top 
   transfig treeps ttutils vim vrwave wget WindowMak xanim xaos 
   xascii xautolock xboing xbuffy xcoral xdiary xdir xearth xemacs 
   xfig xfishtank xgalaga xgrabsc xhtml xinvest xkobo xlockmore
   xmailbox xmcd XmHTML xmix Xmixer xmmix xpaint xpdf xpipeman3 xpm 
   xpool xquote xrolodex xscavenge xscreensa Xswallow xt xv xwave 
   zircon zsh



  8.6   How do I enable 128-bit encryption with Netscape programs?
  26 Dec 1999
  ---------------------------------------
   The 128-bit program is called /opt/netscape/netscape-us  and it
   is already on your system, but you need to pay $20 to your var to
   get the COLA.  Then change the netscape symlink from netscape-export 
   to netscape-us.  Some people seem to think that licensing the 128 bit
   version changes the symlink, but nothing is changed.  You MUST do this 
   by hand to get the 128-bit Netscape version running.  You can prove
   this to yourself with a quick ps -ef.  I am looking at my COLA and 
   it says, "SCO Strong Encryption Supplement" on it.



  8.7   Wordperfect 8
  20 Oct 1999
  -------------------------------------
   The Wordperfect 8 Linux version works with lxrun, except for
   a bug where the program may exit right after printing.


  8.8   How do I install the KDE?  Is it any good?
  20 Jan 2000
  --------------------------------------
   I installed KDE 1.1.2 the other day, after downloading it from
   http://www.sco.com/skunkware, and I was amazed at how effortless
   it was to install and how outstanding an interface it is.  Thanks
   to Ron Record, the other goodly folks at SCO, and the original
   people who hacked it.

   On the SCO website KDE page there is a very simple instal-
   lation procedure that I'll echo here for completeness.  I'll stop
   my X server with scologin disable first.  I run it on demand, anyway.
   Then I'll set up the KDE so that it starts when I type startx.

   Find your way to ftp://ftp.sco.com/skunkware/uw7/x11/winman/kde
   and download the following:

      Xpm Libs                          2 MB
      Glibs                            21 MB
      Qtfree Libs                       9 MB
      ETerm Terminal emulator.         15 MB
      kde-1.1.2.pkg                    40 MB

   Pkgadd them all except the KDE package.  The KDE install has problems
   with /var/tmp being too small (it needs more that 40 MB), so you'll
   need to unmount /var/tmp before you pkgadd the KDE.  Be patient when
   installing the KDE, it may look like it's hung, when actually it's
   working hard at uncompressing the archive to /var/tmp.

   Then add the following to your $HOME/.profile:

        PATH=$PATH:/usr/local/bin:/usr/local/kde/bin:.
        KDEDIR=/usr/local/kde
        export KDEDIR PATH

   Then create or modify your $HOME/.xinitrc file so that you
   add the following as the last line:

        startkde

   Now when you are at a terminal prompt, just type startx to
   run the KDE.
   
   I was running the 710a updated xserver, drivers, and base 
   from ftp.sco.com/pub/drivers when I wrote this.









######################################
                                     #
9.  Useful Shell Commands            #
                                     #
######################################

  9.1 How do I search in every file for a string like "See foo?"
  18 Sept 1999 
  ----------------------------------------
   To find the string "See foo" in every local file, one can do a 'find'
   and 'fgrep' utilizing 'xargs' to run a group of fgreps at once which
   is more efficient than running one fgrep at a time: 

     find / -type f -mount | xargs fgrep -l "See foo" 



  9.2  How do I find the largest files and directories?
  18 Sept 1999
  ----------------------------------------
   To find the largest files and directories, in units of kilobytes
   one can use 'du,' 'sort,' and 'less' to list the files from largest
   to smallest:

      du -akx | sort -nr | less 



  9.3  How do I find the largest files?
  18 Sept 1999
  ----------------------------------------
   To find the largest files, in units of bytes, one can use 'find,'
   'ls,' 'awk,' 'sort,' and 'less':

      find / -type f -exec ls -l {} + | awk '{ print $5 "\t" $9 }' \
      | sort -nr | less

   To find the largest files, in units of kilobytes:

      find / -type f -exec ls -l {} + | awk '{ print int($5/1024) "\t" $9 }' \
      | sort -nr | less



  9.4  How do I determine the number of free inodes?
  18 Sept 1999
  ----------------------------------------
   Use the 'df' command:

      df -i



  9.5  How do I find the user who is using files in a filesystem and
         thus preventing it from being unmounted?
  18 Sept 1999
  ----------------------------------------
   Use the 'fuser' command, and notice that it refers to block devices
   unless you throw the '-c' flag which lets you use mount points:

      fuser -cu /home     <--  List all PIDs(usernames) using files in /home
      fuser -u /dev/fd0   <--  List all PIDs(usernames) using the first floppy
      fuser -u /dev/dsk/c0b0t0d0s4  <-- " using slice 4 on disk 0 ( /home )


-- 
--
Boyd Gerber <gerberb@zenez.com> 
ZENEZ	3748 Valley Forge Road, Magna Utah  84044
Office 801-250-0795 FAX 801-250-7975

  Закладки на сайте
  Проследить за страницей
Created 1996-2017 by Maxim Chirkov  
ДобавитьРекламаВебмастеруГИД  
Hosting by Ihor