unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (SunOS-4.1.3)
Page:
Section:
Apropos / Subsearch:
optional field

UID_ALLOCD(8C)                                                  UID_ALLOCD(8C)



NAME
       uid_allocd, gid_allocd - UID and GID allocator daemons

SYNOPSIS
       /usr/etc/rpc.uid_allocd
       /usr/etc/rpc.gid_allocd

AVAILABILITY
       Available  only  on  Sun  386i systems running a SunOS 4.0.x release or
       earlier.  Not a SunOS 4.1 release feature.

DESCRIPTION
       The UID (or GID) allocator will temporarily allocate an unused UID  (or
       GID)  for use by account administration tools.  It maintains a cache of
       UIDs (GIDs) that have been allocated by potentially multiple tools  (or
       instances  of  tools)  in a distributed system, so that they can create
       accounts (or groups) concurrently.  It also  provides  the  ability  to
       safely  enter a UID (GID) into the cache which was allocated using some
       other method, such as manually by an administrator; and the ability  to
       delete  entries  from  the cache.  Entries in this cache persist for at
       least an hour even through system crashes.

       These allocators are available on the system which contains the  master
       copy  of the list of UIDs (or GID).  Since this list is currently main-
       tained using the Network Information  Service  (NIS),  the  service  is
       available on the master of the passwd.byuid (group.bygid) NIS map.  The
       service could be provided using a UID database service other  than  the
       NIS service.

       This  implementation uses DES authentication (the Sun Secure RPC proto-
       col) to restrict access to this function.  The only clients  privileged
       to  allocate  UIDs  (GIDs)  are those whose net IDs are in the accounts
       group (fixed at GID 11).  All machine IDs are allowed to allocate  UIDs
       (GIDs).

       If  the file /etc/ugid_alloc.range exists, the allocator only allocates
       UIDs (GIDs) in the range listed there.  This feature is intended to  be
       used  by  sites which have multiple NIS domains on their networks; each
       NIS domain would be assigned a unique range of  UIDs  (GIDs).   If  the
       file  exists,  and  the  local  NIS domain is not explicitly assigned a
       unique range of UIDs or GID, none will be allocated.  Without a  mecha-
       nism to ensure that UIDs are uniquely assigned between NIS domains that
       share resources, normal NFS security mechanisms (excluding Secure  NFS)
       may  fail  to serve as an advisory security mechanism.  Common alterna-
       tive methods for ensuring UID uniqueness include using  a  function  of
       some preexisting identifier such as an employee number, or using a sin-
       gle NIS domain for the entire site.

FILES
       /var/yp/domainname/passwd.byuid.{dir,pag}
       /var/yp/domainname/group.bygid.{dir,pag}
       /var/yp/domainname/netid.byname.{dir,pag}
       /etc/uid_alloc.cache
       /etc/gid_alloc.cache
       /etc/ugid_alloc.range
       /usr/include/rpcsvc/uid_alloc.x
       /usr/include/rpcsvc/gid_alloc.x

SEE ALSO
       snap(1), ugid_alloc.range(5), logintool(8)

BUGS
       Using UID (GID) ranges does not solve the problem  that  two  different
       machines,  or  groups  of  machines,  may assign different meaning to a
       given UID (GID).

       The current implementation of the daemon is tuned towards  small  lists
       of  active  UIDs  (GIDs),  both  in the NIS service and in the cache it
       maintains.

NOTES
       The Network Information Service (NIS) was formerly known as Sun  Yellow
       Pages  (YP).   The  functionality of the two remains the same; only the
       name has changed.



                                6 October 1989                  UID_ALLOCD(8C)