This chapter describes the configuration files accepted by the Taylor
UUCP package if compiled with HAVE_TAYLOR_CONFIG defined in
`policy.h'.
The configuration files are normally found in the directory newconfigdir, which is defined by the `Makefile' variable `newconfigdir'; by default newconfigdir is `/usr/local/conf/uucp'. However, the main configuration file, `config', is the only one which must be in that directory, since it may specify a different location for any or all of the other files. You may run any of the UUCP programs with a different main configuration file by using the `-I' option; this can be useful when testing a new configuration. When you use the `-I' option the programs will revoke any setuid privileges.
All the configuration files follow a simple line-oriented `keyword value' format. Empty lines are ignored, as are leading spaces; unlike HDB, lines with leading spaces are read. The first word on each line is a keyword. The rest of the line is interpreted according to the keyword. Most keywords are followed by numbers, boolean values or simple strings with no embedded spaces.
The # character is used for comments. Everything from a # to the end of the line is ignored unless the # is preceded by a \ (backslash); if the # is preceeded by a \, the \ is removed but the # remains in the line. This can be useful for a phone number containing a #. To enter the sequence `\#', use `\\#'.
The backslash character may be used to continue lines. If the last character in a line is a backslash, the backslash is removed and the line is continued by the next line. The second line is attached to the first with no intervening characters; if you want any whitespace between the end of the first line and the start of the second line, you must insert it yourself.
However, the backslash is not a general quoting character. For example, you cannot use it to get an embedded space in a string argument.
Everything after the keyword must be on the same line. A boolean
may be specified as y, Y, t, or T for true and
n, N, f, or F for false; any trailing characters
are ignored, so true, false, etc., are also acceptable.
All the configuration commands are explained in the following sections. However, I'll start by giving a few examples of configuration files. For a more complete description of any of the commands used here see the appropriate section of this chapter. There are also sample configuration files in the `sample' subdirectory of the distribution.
To start with, here are some examples of uses of the main configuration file, `config'. For a complete description of the commands that are permitted in `config', see section The Main Configuration File.
In many cases you will not need to create a `config' file at all. The most common reason to create one is to give your machine a special UUCP name. Other reasons might be to change the UUCP spool directory or to permit any remote system to call in.
If you have an internal network of machines, then it is likely that the internal name of your UUCP machine is not the name you want to use when calling other systems. For example, here at `airs.com' our mail/news gateway machine is named `elmer.airs.com' (it is one of several machines all named `localname.airs.com'). If we did not provide a `config' file, then our UUCP name would be `elmer'; however, we actually want it to be `airs'. Therefore, we use the following line in `config':
nodename airs
The UUCP spool directory name is set in `policy.h' when the code is compiled. You might at some point decide that it is appropriate to move the spool directory, perhaps to put it on a different disk partition. You would use the following commands in `config' to change to directories on the partition `/uucp':
spool /uucp/spool pubdir /uucp/uucppublic logfile /uucp/spool/Log debugfile /uucp/spool/Debug
You would then move the contents of the current spool directory to `/uucp/spool'. If you do this, make sure that no UUCP processes are running while you change `config' and move the spool directory.
Suppose you wanted to permit any system to call in to your system and
request files. This is generally known as anonymous UUCP, since
the systems which call in are effectively anonymous. By default,
unknown systems are not permitted to call in. To permit this you must
use the unknown command in `config'. The unknown
command is followed by any command that may appear in the system file;
for full details, see section The System Configuration File.
I will show two possible anonymous UUCP configurations. The first will let any system call in and download files, but will not permit them to upload files to your system.
# No files may be transferred to this system unknown receive-request no # The public directory is /usr/spool/anonymous unknown pubdir /usr/spool/anonymous # Only files in the public directory may be sent (the default anyhow) unknown remote-send ~
Setting the public directory is convenient for the systems which call in. It permits to request a file by prefixing it with `~/'. For example, assuming your system is known as `server', then to retrieve the file `/usr/spool/anonymous/INDEX' a user on a remote site could just enter `uucp server!~/INDEX ~'; this would transfer `INDEX' from `server''s public directory to the user's local public directory. Note that when using `csh' or `bash' the ! and the second ~ must be quoted.
The next example will permit remote systems to upload files to a special directory named `/usr/spool/anonymous/upload'. Permitting a remote system to upload files permits it to send work requests as well; this example is careful to prohibit commands from unknown systems.
# No commands may be executed (the list of permitted commands is empty) unknown commands # The public directory is /usr/spool/anonymous unknown pubdir /usr/spool/anonymous # Only files in the public directory may be sent; users may not download # files from the upload directory unknown remote-send ~ !~/upload # May only upload files into /usr/spool/anonymous/upload unknown remote-receive ~/upload
A relatively common simple case is a leaf site, a system which only calls or is called by a single remote site. Here is a typical `sys' file that might be used in such a case. For full details on what commands can appear in the `sys' file, see section The System Configuration File.
This is the `sys' file that is used at `airs.com'. We use a single modem to dial out to `uunet'. This example shows how you can specify the port and dialer information directly in the `sys' file for simple cases. It also shows the use of the following:
call-login
call-login and call-password allows the default
login chat script to be used. In this case, the login name is specified
in the call-out login file (see section Configuration File Names).
call-timegrade
chat-fail
protocol-parameter
This `sys' file relies on certain defaults. It will allow `uunet' to queue up `rmail' and `rnews' commands. It will allow users to request files from `uunet' into the UUCP public directory. It will also `uunet' to request files from the UUCP public directory; in fact `uunet' never requests files, but for additional security we could add the line `request false'.
# The following information is for uunet system uunet # The login name and password are kept in the callout password file call-login * call-password * # We can send anything at any time. time any # During the day we only accept grade `Z' or above; at other times # (not mentioned here) we accept all grades. uunet queues up news # at grade `d', which is lower than `Z'. call-timegrade Z Wk0755-2305,Su1655-2305 # The phone number. phone 7389449 # uunet tends to be slow, so we increase the timeout chat-timeout 120 # We are using a preconfigured Telebit 2500. port type modem port device /dev/ttyd0 port baud 19200 port carrier true port dialer chat "" ATZ\r\d\c OK ATDT\D CONNECT port dialer chat-fail BUSY port dialer chat-fail NO\sCARRIER port dialer complete \d\d+++\d\dATH\r\c port dialer abort \d\d+++\d\dATH\r\c # Increase the timeout and the number of retries. protocol-parameter g timeout 20 protocol-parameter g retries 10
Many organizations have several local machines which are connected by UUCP, and a single machine which connects to the outside world. This single machine is often referred to as a gateway machine.
For this example I will assume a fairly simple case. It should still provide a good general example. There are three machines, `elmer', `comton' and `bugs'. `elmer' is the gateway machine for which I will show the configuration file. `elmer' calls out to `uupsi'. As an additional complication, `uupsi' knows `elmer' as `airs'; this will show how a machine can have one name on an internal network but a different name to the external world. `elmer' has two modems. It also has an TCP/IP connection to `uupsi', but since that is supposed to be reserved for interactive work (it is, perhaps, only a 9600 baud SLIP line) it will only use it if the modems are not available.
A network this small would normally use a single `sys' file.
However, for pedagogical purposes I will show two separate `sys'
files, one for the local systems and one for `uupsi'. This is done
with the sysfile command in the `config' file. Here is the
`config' file.
# This is config # The local sys file sysfile /usr/local/lib/uucp/sys.local # The remote sys file sysfile /usr/local/lib/uucp/sys.remote
Using the defaults feature of the `sys' file can greatly simplify the listing of local systems. Here is `sys.local'. Note that this assumes that the local systems are trusted; they are permited to request any world readable file and to write files into any world writable directory.
# This is sys.local # Get the login name and password to use from the call-out file call-login * call-password * # The systems must use a particular login called-login Ulocal # Permit sending any world readable file local-send / remote-send / # Permit requesting into any world writable directory local-receive / remote-receive / # Call at any time time any # Use port1, then port2 port port1 alternate port port2 # Now define the systems themselves. Because of all the defaults we # used, there is very little to specify for the systems themselves. system comton phone 5551212 system bugs phone 5552424
The `sys.remote' file describes the `uupsi' connection. The
myname command is used to change the UUCP name to `airs'
when talking to `uupsi'.
# This is sys.remote # Define uupsi system uupsi # The login name and password are in the call-out file call-login * call-password * # We can call out at any time time any # uupsi uses a special login name called-login Uuupsi # uuspi thinks of us as `airs' myname airs # The phone number phone 5554848 # We use port2 first, then port1, then TCP port port2 alternate port port1 alternate # We don't bother to make a special entry in the port file for TCP, we # just describe the entire port right here. We use a special chat # script over TCP because the usual one confuses some TCP servers. port type TCP address uu.psi.com chat ogin: \L word: \P
The ports are defined in the file `port' (see section The Port Configuration File). For this example they are both connected to the same type of 2400 baud Hayes-compatible modem.
# This is port port port1 type modem device /dev/ttyd0 dialer hayes speed 2400 port port2 type modem device /dev/ttyd1 dialer hayes speed 2400
Dialers are described in the `dial' file (see section The Dialer Configuration File).
# This is dial dialer hayes # The chat script used to dial the phone. \D is the phone number. chat "" ATZ\r\d\c OK ATDT\D CONNECT # If we get BUSY or NO CARRIER we abort the dial immediately chat-fail BUSY chat-fail NO\sCARRIER # When the call is over we make sure we hangup the modem. complete \d\d+++\d\dATH\r\c abort \d\d+++\d\dATH\r\c
Several commands use time strings to specify a range of times. This section describes how to write time strings.
A time string may be a list of simple time strings separated with a vertical bar | or a comma ,.
Each simple time string must begin with `Su', `Mo', `Tu', `We', `Th', `Fr', or `Sa', or `Wk' for any weekday, or `Any' for any day.
Following the day may be a range of hours separated with a hyphen using 24 hour time. The range of hours may cross 0; for example `2300-0700' means any time except 7 AM to 11 PM. If no time is given, calls may be made at any time on the specified day(s).
The time string may also consist of the single word `Never', which
does not match any time, or a single word with a name defined in a
previous timetable command (see section Miscellaneous config File Commands).
Here are a few sample time strings with an explanation of what they mean.
Chat scripts are used in several different places, such as dialing out on modems or logging in to remote systems. Chat scripts are made up of pairs of strings. The program waits until it sees the first string, known as the expect string, and then sends out the second string, the send string.
Each chat script is defined using a set of commands. These commands
always end in a string beginning with chat, but may start with
different strings. For example, in the `sys' file there is one set
of commands beginning with chat and another set beginning with
called-chat. The prefixes are only used to disambiguate
different types of chat scripts, and this section ignores the prefixes
when describing the commands.
chat strings
chat command are
pairs of strings separated by whitespace. The first string of each pair
is an expect string, the second is a send string. The program will wait
for the expect string to appear; when it does, the program will send the
send string. If the expect string does not appear within a certain
number of seconds (as set by the chat-timeout command) the chat
script fails and, typically, the call is aborted. If the final expect
string is seen (and the optional final send string has been sent), the
chat script is successful.
An expect string may contain additional subsend and subexpect strings,
separated by hyphens. If the expect string is not seen, the subsend
string is sent and the chat script continues by waiting for the
subexpect string. This means that a hyphen may not appear in an expect
string; on an ASCII system, use `\055' instead.
An expect string may simply be `""', meaning to skip the expect
phase. Otherwise, the following escape characters may appear in expect
strings:
chat-timeout number
chat-fail string
chat-fail commands may appear in a single chat script. The
default is to have none.
This permits a chat script to be quickly aborted if an error string is
seen. For example, a script used to dial out on a modem might use the
command `chat-fail BUSY' to stop the chat script immediately if the
string `BUSY' was seen.
chat-seven-bit boolean
chat-program, which must ignore parity by itself if necessary.
chat-program strings
chat-program and chat are specified, the
program is executed first followed by the chat script.
The first argument to the chat-program command is the program
name to run. The remaining arguments are passed to the program. The
following escape sequences are recognized in the arguments:
chat-program define additional escape
sequences.
Arguments other than escape sequences are passed exactly as they appear
in the configuration file, except that sequences of whitespace are
compressed to a single space character (this exception may be removed in
the future).
If the chat-program command is not used, no program is run.
On Unix, the standard input and standard output of the program will be
attached to the port in use. Anything the program writes to standard
error will be written to the UUCP log file. No other file descriptors
will be open. If the program does not exit with a status of 0, it will
be assumed to have failed; this means that the dialing programs used by
some versions of HDB may not be used directly, although of course a
shell script could be used as an interface.
The program will be run as the uucp user, and the environment
will be that of the process that started uucico, so care must be
taken to maintain security.
No search path is used to find the program; a full path name must be
given. If the program is an executable shell script, it will be passed
to `/bin/sh' even on systems which are unable to execute shell
scripts. It is also easy to invoke `/bin/sh' directly.
Here is a simple example of a chat script that might be used to reset a Hayes compatible modem.
chat "" ATZ OK-ATZ-OK
The first expect string is `""', so it is ignored. The chat script then sends `ATZ'. If the modem responds with `OK', the chat script finishes. If 60 seconds (the default timeout) pass before seeing `OK', the chat script sends another `ATZ'. If it then sees `OK', the chat script succeeds. Otherwise, the chat script fails.
For a more complex chat script example, see section Logging In.
The main configuration file is named `config'.
Since all the values that may be specified in the main configuration file also have defaults, there need not be a main configuration file at all.
nodename string
hostname string
uuname string
spool string
pubdir string
pubdir command in the system configuration file; see
section Miscellaneous sys File Commands.
lockdir string
unknown string ...
unknown command is not used,
unknown systems are not permitted to call in.
max-uuxqts number
uuxqt processes which may run at
the same time. Having several uuxqt processes running at once
can significantly slow down a system, but since uuxqt is
automatically started by uucico, it can happen quite easily. The
default for max-uuxqts is 0, which means that there is no limit.
If HDB configuration files are being read and the code was compiled
without HAVE_TAYLOR_CONFIG, then if the file `Maxuuxqts' in
the configuration directory contains a readable number it will be used as
the value for max-uuxqts.
timetable string string
timetable defines a timetable that may be used in
subsequently appearing time strings; section Time Strings. The first
string names the timetable entry; the second is a time string.
The following timetable commands are predefined. The NonPeak
timetable is included for compatibility. It originally described the
offpeak hours of Tymnet and Telenet, but both have since changed their
schedules.
timetable Evening Wk1705-0755,Sa,Su timetable Night Wk2305-0755,Sa,Su2305-1655 timetable NonPeak Wk1805-0655,Sa,SuIf this command does not appear, then obviously no additional timetables will be defined.
v2-files boolean
hdb-files boolean
sysfile strings
sysfile
command may be repeated; each system file has its own set of defaults.
portfile strings
portfile command may be repeated.
dialfile strings
dialfile
command may be repeated.
dialcodefile strings
dialcodefile command may be repeated; all the dialcode files will
be read in turn until a dialcode is located.
callfile strings
passwdfile below is used for incoming calls. The intention of
the call out file is to permit the system file to be publically
readable; the call out files must obviously be kept secure. These files
need not be used. Multiple call out files may be specified on the line,
and the callfile command may be repeated; all the files will be
read in turn until the system is found.
passwdfile strings
uucico
is doing its own login prompting, which it does when given the
`-e', `-l' or `-w' switches. The default is the file
`passwd' in the directory newconfigdir. Each line in the
file(s) has two words: the login name and the password (e.g. Ufoo
foopas). The login name is accepted before the system name is known,
so these are independent of which system is calling in; a particular
login may be required for a system by using the called-login
command in the system file (see section Accepting a Call). These password
files are optional, although one must exist if uucico is to
present its own login prompts. Multiple password files may be specified
on the line, and the passwdfile command may be repeated; all the
files will be read in turn until the login name is found.
logfile string
HAVE_HDB_LOGGING is
defined in `conf.h', then by default a separate log file is used
for each system. Using this command to name a log file will cause all
the systems to use it.
statfile string
debugfile string
DEBUG variable in `policy.h'). After the first debugging
message has been written, messages written to the log file are also
written to the debugging file to make it easier to keep the order of
actions straight. The debugging file is different from the log file
because information such as passwords can appear in it, so it must be
not be publically readable.
debug string ...
debug command may be used several times in the
configuration file; every debugging type named will be turned on. When
running any of the programs, the `-x' switch (actually, for
uulog it's the `-X' switch) may be used to turn on
debugging. The argument to the `-x' switch is one of the strings
listed above, or a number as described above, or a comma separated list
of strings (e.g. `-x chat,handshake'). The `-x' switch may
also appear several times on the command line, in which case all named
debugging types will be turned on. The `-x' debugging is in
addition to any debugging specified by the debug command; there
is no way to cancel debugging information. The debugging level may also
be set specifically for calls to or from a specific system with the
debug command in the system file (see section Miscellaneous sys File Commands).
The debugging messages are somewhat idiosyncratic; it may be necessary
to refer to the source code for additional information in some cases.
By default there is a single system configuration, named `sys' in
the directory newconfigdir. This may be overridden by the
sysfile command in the main configuration file; see
section Configuration File Names.
These files describe all remote systems known to the UUCP package.
The first set of commands in the file, up to the first system
command, specify defaults to be used for all systems in that file. Each
system file uses a different set of defaults.
Subsequently, each set of commands from system up to the next
system command describe a particular system. Default values may
be overridden for specific systems.
Each system may then have a series of alternate choices to use when
calling out or calling in. The first set of commands for a particular
system, up to the first alternate command, provide the first
choice. Subsequently, each set of commands from alternate up to
the next alternate command describe an alternate choice for
calling out or calling in.
When a system is called, the commands before the first alternate
are used to select a phone number, port, and so forth; if the call fails
for some reason, the commands between the first alternate and the
second are used, and so forth. Well, not quite. Actually, each
succeeding alternate will only be used if it is different in some
relevant way (different phone number, different chat script, etc.). If
you want to force the same alternate to be used again (to retry a phone
call more than once, for example), enter the phone number (or any other
relevant field) again to make it appear different.
The alternates can also be used to give different permissions to an
incoming call based on the login name. This will only be done if the
first set of commands, before the first alternate command, uses
the called-login command. The list of alternates will be
searched, and the first alternate with a matching called-login
command will be used. If no alternates match, the call will be
rejected.
The alternate command may also be used in the file-wide defaults
(the set of commands before the first system command). This
might be used to specify a list of ports which are available for all
systems (for an example of this, see section Gateway Example) or to
specify permissions based on the login name used by the remote system
when it calls in. The first alternate for each system will default to
the first alternate for the file-wide defaults (as modified by the
commands used before the first alternate command for this
system), the second alternate for each system to the second alternate
for the file-wide defaults (as modified the same way), and so forth. If
a system specifies more alternates than the file-wide defaults, the
trailing ones will default to the last file-wide default alternate. If
a system specifies fewer alternates than the file-wide defaults, the
trailing file-wide default alternates will be used unmodified. The
default-alternates command may be used to modify this behaviour.
This can all get rather confusing, although it's easier to use than to
describe concisely; the uuchk program may be used to ensure that
you are getting what you want.
system string
system command refer to this system.
alternate [string]
alternate command).
default-alternates boolean
alias string
uucp and uux commands, as well as by the remote system
(which can be convenient if a remote system changes its name). The
default is to have no aliases.
myname string
called-login is used and is not `ANY', then, when a
system logs in with that login name, string is used as the system
name. Because the local system name must be determined before the
remote system has identified itself, using myname and
called-login together for any system will set the local name for
that login; this means that each locally used system name must have a
unique login name associated with it. This allows a system to have
different names for an external and an internal network. The default is
to not use a special local name.
This section describes commands used when placing a call to another system.
time string [number]
time command is always a fixed amount of time.
The time command may appear multiple times in a single alternate,
in which case if any time string matches the system may be called. When
the time command is used for a particular system, any time
or timegrade commands that appeared in the system defaults are
ignored.
The default time string is `Never'.
timegrade character string [number]
time command is equivalent to using timegrade
with a grade of z, permitting all jobs. If there are no jobs of a
sufficiently high grade according to the time string, the system will
not be called. Giving the `-s' switch to uucico to force it
to call a system causes it to assume there is a job of grade 0
waiting to be run.
The optional third argument specifies a retry time in minutes. See the
time command, above, for more details.
Note that the timegrade command serves two purposes: 1) if there
is no job of sufficiently high grade the system will not be called, and
2) if the system is called anyway (because the `-s' switch was
given to uucico) only jobs of sufficiently high grade will be
transferred. However, if the other system calls in, the
timegrade commands are ignored, and jobs of any grade may be
transferred (but see call-timegrade below). Also, the
timegrade command will not prevent the other system from
transferring any job it chooses, regardless of who placed the call.
The timegrade command may appear multiple times without using
alternate. When the timegrade command is used for a
particular system, any time or timegrade commands that
appeared in the system defaults are ignored.
If this command does not appear, there are no restrictions on what grade
of work may be done at what time.
max-retries number
success-wait number
call-timegrade character string
time command. If a call
is placed to the other system during a time which matches the time
string, the remote system will be requested to only run jobs of grade
character or higher. Unfortunately, there is no way to guarantee
that the other system will obey the request (this UUCP package will, but
there are others which will not); moreover job grades are historically
somewhat arbitrary, so specifying a grade will only be meaningful if the
other system cooperates in assigning grades. This grade restriction
only applies when the other system is called, not when the other system
calls in.
The call-timegrade command may appear multiple times without
using alternate. If this command does not appear, or if none of
the time strings match, the remote system will be allowed to send
whatever grades of work it chooses.
baud number
speed number
baud and
port commands appear, both are used when selecting a port. To
allow calls at more than one baud rate, the alternate command
must be used (see section Defaults and Alternates). If this command does
not appear, there is no default; the baud rate may be specified in the
port file, but if it is not then the natural baud rate of the port will
be used (whatever that means on the system). Specifying an explicit
baud rate of 0 will request the natural baud rate of the port,
overriding any default baud rate from the defaults at the top of the
file.
port string
baud command or explicitly using the next version of
port). There may be many ports with the same name; each will be
tried in turn until an unlocked one is found which matches the desired
baud rate.
port string ...
port command, the strings are
treated as a command that might appear in the port file (see section The Port Configuration File). If a port is named (by using a single string following
port) these commands are ignored; their purpose is to permit
defining the port completely in the system file rather than always
requiring entries in two different files. In order to call out, a port
must be specified using some version of the port command, or by
using the baud command to select ports from the port file.
phone string
address string
phone
and address are equivalent; the duplication is intended to
provide a mnemonic choice depending on the type of port in use.
When used with a modem port, an = character in the phone number
means to wait for a secondary dial tone (although only some modems
support this); a - character means to pause while dialing for 1
second (again, only some modems support this). If the system has more
than one phone number, each one must appear in a different alternate.
The phone command must appear in order to call out on a modem;
there is no default.
When used with a TCP port, the string names the host to contact. It may
be a domain name or a numeric Internet address. If no address is
specified, the system name is used.
When used with a TLI port, the string is treated as though it were an
expect string in a chat script, allowing the use of escape characters
(see section Chat Scripts). The dialer-sequence command in the port
file may override this address (see section The Port Configuration File).
When used with a port that not a modem or TCP or TLI, this command is
ignored.
chat strings
chat-timeout number
chat-fail string
chat-seven-bit boolean
chat-program strings
call-login command.
call-password command.
chat-program command. These are `\L' and `\P', which
become the login name and password, respectively, and `\Z', which
becomes the name of the system of being called.
The default chat script is:
chat "" \r\c ogin:-BREAK-ogin:-BREAK-ogin: \L word: \PThis will send a carriage return (the \c suppresses the additional trailing carriage return that would otherwise be sent) and waits for the string `ogin:' (which would be the last part of the `login:' prompt supplied by a Unix system). If it doesn't see `ogin:', it sends a break and waits for `ogin:' again. If it still doesn't see `ogin:', it sends another break and waits for `ogin:' again. If it still doesn't see `ogin:', the chat script aborts and hangs up the phone. If it does see `ogin:' at some point, it sends the login name (as specified by the
call-login command) followed by a
carriage return (since all send strings are followed by a carriage
return unless \c is used) and waits for the string `word:'
(which would be the last part of the `Password:' prompt supplied by
a Unix system). If it sees `word:', it sends the password and a
carriage return, completing the chat script. The program will then
enter the handshake phase of the UUCP protocol.
This chat script will work for most systems, so you will only be
required to use the call-login and call-password commands.
In fact, in the file-wide defaults you could set defaults of
`call-login *' and `call-password *'; you would then just have
to make an entry for each system in the call-out login file.
Some systems seem to flush input after the `login:' prompt, so they
may need a version of this chat script with a \d before the
\L. When using UUCP over TCP, some servers will not be handle the
initial carriage return sent by this chat script; in this case you may
have to specify the simple chat script `ogin: \L word: \P'.
call-login string
call-password string
called-login strings
called-login commands, in which case the login name will be used
to select which alternate is in effect; this will only work if the first
alternate (before the first alternate command) uses the
called-login command.
Additional strings may be specified after the login name; they are a
list of which systems are permitted to use this login name. If this
feature is used, then normally the login name will only be given in a
single called-login command. Only systems which appear on the
list, or which use an explicit called-login command, will be
permitted to use that login name. If the same login name is used more
than once with a list of systems, all the lists are concatenated
together. This feature permits you to restrict a login name to a
particular set of systems without requiring you to use the
called-login command for every single system; you can achieve a
similar effect by using a different system file for each permitted login
name with an appropriate called-login command in the file-wide
defaults.
callback boolean
uucico will hang up the connection and prepare to call it back.
The default is false.
called-chat strings
called-chat-timeout number
called-chat-fail string
called-chat-seven-bit boolean
called-chat-program strings
chat command
(see section Logging In), on the other hand, is used when the remote system
is called. This called chat script might be used to set special modem
parameters that are appropriate to a particular system. It is run after
protocol negotiation is complete, but before the protocol has been
started. See section Logging In for additional escape sequence which may
be used besides those defined for all chat scripts. There is no default
called chat script. If the called chat script fails, the incoming call
will be aborted.
protocol string
seven-bit and reliable commands. If
neither the port nor the dialer use either of these commands, the
default is to assume an eight-bit reliable connection. The commands
`seven-bit true' or `reliable false' might be used in either
the port or the dialer to change this. Each protocol has particular
requirements that must be met before it will be considered during
negotiation with the remote side.
The `t' and `e' protocols are intended for use over TCP or
some other communication path with end to end reliability, as they do no
checking of the data at all. They will only be considered on a TCP port
which is both reliable and eight bit.
The `i' protocol is a bidirectional protocol. It requires an
eight-bit connection. It will run over a half-duplex link, such as
Telebit modems in PEP mode, but for efficient use of such a connection
you must use the half-duplex command (see section The Port Configuration File).
The `g' protocol is robust, but requires an eight-bit connection.
The `G' protocol is the System V Release 4 version of the `g'
protocol.
The `a' protocol is a Zmodem like protocol, contributed by Doug
Evans. It requires an eight-bit connection, but unlike the `g' or
`i' protocol it will work if certain control characters may not be
transmitted.
The `j' protocol is a variant of the `i' protocol which can
avoid certain control characters. The set of characters it avoids can
be set by a parameter. While it technically does not require an eight
bit connection (it could be configured to avoid all characters with the
high bit set) it would be very inefficient to use it over one. It is
useful over a eight-bit connection that will not transmit certain
control characters.
The `f' protocol is intended for use with X.25 connections; it
checksums each file as a whole, so any error causes the entire file to
be retransmitted. It requires a reliable connection, but only uses
seven-bit transmissions. It is a streaming protocol, so, while it can
be used on a serial port, the port must be completely reliable and flow
controlled; many aren't.
The protocols will be considered in the order shown above. This means
that if neither the seven-bit nor the reliable command are
used, the `t' protocol will be used over a TCP connection and the
`i' protocol will be used over any other type of connection
(subject, of course, to what is supported by the remote system; it may
be assumed that all systems support the `g' protocol).
Note that currently specifying both `seven-bit true' and
`reliable false' will not match any protocol. If this occurs
through a combination of port and dialer specifications, you will have
to use the protocol command for the system or no protocol will be
selected at all (the only reasonable choice would be `protocol f').
A protocol list may also be specified for a port (see section The Port Configuration File),
but if there is a list for the system the list for the port is ignored.
protocol-parameter character string ...
window
packet-size
remote-window
remote-packet-size
sync-timeout
sync-retries
timeout
retries
errors
error-decay
errors.
The default is 10.
short-packets which takes
a boolean argument:
window
packet-size
startup-retries
init-retries
init-timeout
retries
timeout
garbage
errors
error-decay
errors.
The default is 10.
remote-window
remote-packet-size
short-packets
escape-control, which takes a boolean
argument:
timeout
retries
startup-retries
garbage
send-window
escape-control
XON or XOFF. The connection must
still transmit eight bit characters other than control characters. The
default is false.
avoid
XON and XOFF which many connections use for
flow control. If the package is configured to use HAVE_BSD_TTY,
then on some versions of Unix you may have to avoid `\377' as well,
due to the way some implementations of the BSD terminal driver handle
signals.
timeout
retries
timeout
send-request boolean
receive-request boolean
request boolean
call-transfer boolean
called-transfer boolean
transfer boolean
call-local-size number string
call-remote-size number string
called-local-size number string
called-remote-size number string
local-send strings
uucp
or uux). The directories in the list should be separated by
whitespace. A ~ may be used for the public directory. On a Unix
system, this is typically `/usr/spool/uucppublic'; the public
directory may be set with the pubdir command. Here is an example
of local-send:
local-send ~ /usr/spool/ftp/pubListing a directory allows all files within the directory and all subdirectories to be sent. Directories may be excluded by preceding them with an exclamation point. For example:
local-send /usr/ftp !/usr/ftp/private ~means that all files in `/usr/ftp' or the public directory may be sent, except those files in `/usr/ftp/private'. The list of directories is read from left to right, and the last directory to apply takes effect; this means that directories should be listed from top down. The default is the root directory (i.e., any file at all may be sent by local request).
remote-send strings
local-receive strings
remote-receive strings
forward-to strings
uucp command, it effectively has the ability to forward to
any system.
forward-from strings
uucp command, it effectively has the ability to request files
from any system.
forward strings
sequence boolean
command-path string
uux, not for chat programs. The default is from
`policy.h'.
commands strings
free-space number
uucico will periodically check the amount of free space. If it
drops below the amount given by the free-space command, the file
transfer will be aborted. The default amount of space to leave free is
from `policy.h'. This file space checking may not work on all
systems.
pubdir string
debug string ...
debug command
in the main configuration file (see section Debugging Levels) for more
details. The debugging information specified here is in addition to
that specified in the main configuration file or on the command line.
max-remote-debug string ...
max-remote-debug command may be turned on by the remote system.
To prohibit any debugging, use `max-remote-debug none'. The
default is `abnormal,chat,handshake'; to turn off these default
entries, you must use `max-remote-debug none' followed by other
max-remote-debug commands specifying the settings you want.
The following are used as default values for all systems; they can be considered as appearing before the start of the file.
time Never chat "" \r\c ogin:-BREAK-ogin:-BREAK-ogin: \L word: \P chat-timeout 10 callback n sequence n request y transfer y local-send / remote-send ~ local-receive ~ remove-receive ~ command-path [ from `policy.h' ] commands rnews rmail max-remote-debug abnormal,chat,handshake
The port files may be used to name and describe ports. Any commands in
the file before the first port command specify defaults for all
ports in the file. All commands after a port command up to the
next port command then describe that port. There are different
types of ports; each type supports its own set of commands. Each
command indicates which types of ports support it. There may be many
ports with the same name; if a system requests a port by name then each
port with that name will be tried until an unlocked one is found.
port string
type string
port command. The type defines
what commands are subsequently allowed. Currently the types are:
uucico is run as a login shell.
protocol string
protocol-parameter character strings [ any type ]
protocol-parameter command used for
systems (see section Protocol Selection). This one takes precedence.
seven-bit boolean [ any type ]
reliable boolean [ any type ]
half-duplex boolean [ any type ]
device string [ modem, direct and tli only ]
baud number [ modem and direct only ]
speed number [modem and direct only ]
baud-range number number [ modem only ]
speed-range number number [ modem only ]
speed (or baud) command is still used to
determine the speed to run at if the system does not specify a speed.
For example, the command `speed-range 300 19200' means that the
port will match any system which uses a speed from 300 to 19200 baud
(and will use the speed specified by the system); this could be combined
with `speed 2400', which means that when this port is used with a
system that does not specify a speed, the port will be used at 2400
baud.
carrier boolean [ modem only ]
dial-device string [ modem only ]
dialer string [ modem only ]
dialer string ... [ modem only ]
dialer-sequence strings [ modem or tli only ]
phone
command in the system file is used as the final token. The token is
what is used for \D or \T in the dialer chat script. If the
token in this string is \D, the system phone number will be used;
if it is \T, the system phone number will be used after undergoing
dialcodes translation. A missing final token is taken as \D.
This command currently does not work if dial-device is specified;
to handle this correctly will require a more systematic notion of chat
scripts. Moreover, only the complete and abort chat
scripts from the first dialer specified are used, and only the protocol
parameters from the first dialer are used.
This command basically lets you specify a sequence of chat scripts to
use. For example, the first dialer might get you to a local network and
the second dialer might describe how to select a machine from the local
network. This lets you break your dialing sequence into simple modules,
and may make it easier to share dialer entries between machines.
When this command is used with a TLI port, then if the first dialer is
`TLI' or `TLIS' the first token is used as the address to
connect to. If the first dialer is something else, or if there is no
token, the address given by the address command is used
(see section Placing the Call). Escape sequences in the address are
expanded as they are for chat script expect strings (see section Chat Scripts). The different between `TLI' and `TLIS' is that the
latter implies the command `stream true'. These contortions are
all for HDB compatibility. Any subsequent dialers are treated as they
are for a modem.
lockname string [ modem and direct only ]
lockname LCK..ttycu0 could
be used to force the latter to use the same lock file name as the
former.
service string [ tcp only ]
push strings [ tli only ]
stream boolean [ tli only ]
push command was not used, the
`tirdwr' module is pushed on to the TLI stream.
server-address string [ tli only ]
The dialer configuration files define dialers. Any commands in the file
before the first dialer command specify defaults for all the
dialers in the file. All commands after a dialer command up to
the next dialer command are associated with the named dialer.
dialer string
chat strings
chat-timeout number
chat-fail string
chat-seven-bit boolean
chat-program strings
dial-device command for the port, if there is one.
The following escape addition escape sequences may appear in send
strings:
carrier command in the port file)
\M and \m are ignored. If both the port and the dialer
support carrier (as set by the carrier command in the port file
and the carrier command in the dialer file), then every chat
script implicitly begins with \M and ends with \m. There is
no default chat script for dialers.
The following additional escape sequences may be used in
chat-program:
dialtone string
pause string
carrier boolean
uucico will require that
carrier be on. One some systems, it will be able to wait for it. If
the argument is false, carrier will not be required. The default is
true.
carrier-wait number
dtr-toggle boolean boolean
complete-chat strings
complete-chat-timeout number
complete-chat-fail string
complete-chat-seven-bit boolean
complete-chat-program strings
complete string
complete-chat. It is equivalent to
complete-chat "" string; this has the effect of sending
string to the modem when a call finishes normally.
abort-chat strings
abort-chat-timeout number
abort-chat-fail string
abort-chat-seven-bit boolean
abort-chat-program strings
abort string
abort-chat. It is equivalent to
abort-chat "" string; this has the effect of sending
string to the modem when a call is aborted.
protocol-parameter character strings
protocol-parameter command
in the system configuration file or the port configuration file; see
section Protocol Selection. These parameters take precedence, then those
for the port, then those for the system.
seven-bit boolean
reliable boolean
half-duplex boolean [ any type ]
This discussion of UUCP security applies only to Unix. It is a bit cursory; suggestions for improvement are solicited.
UUCP is traditionally not very secure. Taylor UUCP addresses some security issues, but is still far from being a secure system.
If security is very important to you, then you should not permit any external access to your computer, including UUCP. Any opening to the outside world is a potential security risk.
By default Taylor UUCP provides few mechanisms to secure local users of
the system from each other. You can allow increased security by putting
the owner of the UUCP programs (normally uucp) into a separate
group; the use of this is explained in the following paragraphs, which
refer to this separate group as uucp-group.
When the uucp program is invoked to copy a file to a remote
system, it will by default copy the file into the UUCP spool directory.
When the uux program is used, the `-C' switch must be used
to copy the file into the UUCP spool directory. In any case, once the
file has been copied into the spool directory, other local users will
not be able to access it.
When a file is requested from a remote system, UUCP will only permit it
to be placed in a directory which is writable by the requesting user.
The directory must also be writable by UUCP. A local user can create a
directory with a group of uucp-group and set the mode to permit
group write access. This will allow the file be requested without
permitting it to be viewed by any other user.
There is no provision for security for uucp requests (as opposed
to uux requests) made by a user on a remote system. A file sent
over by a remote request may only be placed in a directory which is
world writable, and the file will be world readable and writable. This
will permit any local user to destroy or replace the contents of the
file. A file requested by a remote system must be world readable, and
the directory it is in must be world readable. Any local user will be
able to examine, although not necessarily modify, the file before it is
sent.
There are some security holes and race conditions that apply to the above discussion which I will not elaborate on. They are not hidden from anybody who reads the source code, but they are somewhat technical and difficult (though scarcely impossible) to exploit. Suffice it to say that even under the best of conditions UUCP is not completely secure.
For many sites, security from remote sites is a more important consideration. Fortunately, Taylor UUCP does provide some support in this area.
The greatest security is provided by always dialing out to the other site. This prevents anybody from pretending to be the other site. Of course, only one side of the connection can do this.
If remote dialins must be permitted, then it is best if the dialin line
is used only for UUCP. If this is the case, then you should create a
call-in password file (see section Configuration File Names) and let
uucico do its own login prompting. For example, to let remote
sites log in on a port named `entry' in the port file (see section The Port Configuration File) you might invoke `uucico -p entry'. This would cause
uucico to enter an endless loop of login prompts and daemon
executions. The advantage of this approach is that even if remote users
break into the system by guessing or learning the password, they will
only be able to do whatever uucico permits them to do. They will
not be able to start a shell on your system.
If remote users can dial in and log on to your system, then you have a security hazard more serious than that posed by UUCP. But then, you probably knew that already.
Once your system has connected with the remote UUCP, there is a fair
amount of control you can exercise. You can use the remote-send
and remote-receive commands to control the directories the remote
UUCP can access. You can use the request command to prevent the
remote UUCP from making any requests of your system at all; however, if
you do this it will not even be able to send you mail or news. If you
do permit remote requests, you should be careful to restrict what
commands may be executed at the remote system's request. The default is
rmail and rnews, which will suffice for most systems.
If different remote systems call in and they must be granted different
privileges (perhaps some systems are within the same organization and
some are not) then the called-login command should be used for
each system to require that they different login names. Otherwise it
would be simple for a remote system to use the myname command and
pretend to be a different system. The sequence command can be
used to detect when one system pretended to be another, but since the
sequence numbers must be reset manually after a failed handshake this
can sometimes be more trouble than it's worth.