You may not be able to log in if the system answers at a different speed from the speed at which your system is calling. This little glitch would prevent you from seeing the login prompt. For example, if you are calling at 1200 baud, and the remote system answers at 2400 baud, you need to send a BREAK twice, assuming that the related gettydefs entry says go from 2400->300->1200. Therefore, the chat script would look like this:

login:-BREAK-login:-BREAK-login: nuucp word: loginAok

The difference between the primary expect-send and the subexpect-subsend is that the subexpect-subsend will only be used if the expect strings are not received.

The uucico program stops looking at the incoming characters when a match is found for the expect text. It is common, however, to use the last text expected to ensure that the send sequence isn’t sent to the remote system too soon.

Before you can define the chat script, you need at the very least the uucp login name and password, which you will use to access the remote system. You should use the cu command to contact the remote system to find out what you need to define for the script. A sample session appears here:

chare@unilabs> cu -l tty21
Connected

>send NEWLINE>
login: nuucp
Welcome to Unilabs Research

Shere=bugs
~.

To create a chat script for the system bugs, which is directly connected to your system, describe it this way:

expect nothing

send newline

expect login:

send nuucp

This would translate into a chat script that looks like this:

         “” \r\c login: nuucp

The pair of double quotes means “expect nothing;” \r\c is “send newline.” These special characters are two of a number of characters used in chat scripts—table 3.3 lists the others. It is wise to avoid the use of subexpect-subsend pairs unless needed, because they can often lead to problems in establishing a connection.

Testing the Connection with uucico

When the L-devices and L.sys files have been configured, communication can then be evaluated with the uucico program’s debug option. The process uucico uses is essentially the same for Version 2 and HDB. When the call is initiated, uucico keeps track of the process by creating a status file for the machine in the /usr/spool/uucp directory. This status file is called STST. machine name. The status file contains the details of the last connection. If the status file is present when the remote system calls in, the connection is dropped after telling the remote that there is a LOCK file. If the status file is there when you want to make an outgoing call, the call is prevented, and a message is logged saying there is a status file to prevent the call. The contents of the status file look like this:

pointer to error code
|
| number of calls
| |
| | time of last call
| | |
4 1 729570390 LOGIN FAILED unilabs
                 |            |
                 status       |
                             system

The error code is explained in the status part of the entry, which eliminates the need for interpreting the error code manually.

When the status file exists, any other jobs queued for the affected system do not result in a call until the retry time period has been reached. To circumvent this, you can remove the status file.

Version 2 Permissions

In HDB UUCP, one file essentially controls access to commands and files on your system. Version 2 UUCP uses as many as five files; three files are used in the typical configuration:

USERFILE

L.cmds

SQFILE

USERFILE

USERFILE controls access to the files on your system for both remote and local users. It is highly recommended that for each entry in your /etc/passwd file, you create an entry in USERFILE. The code listing section at the end of the chapter includes genUSER, which generates a default USERFILE. The following sample USERFILE is created by genUSER:

root,    /usr/spool/uucppublic /
daemon,    /usr/spool/uucppublic /
bin,    /usr/spool/uucppublic /bin
sys,    /usr/spool/uucppublic /
adm,    /usr/spool/uucppublic /usr/adm
uucp,    /usr/spool/uucppublic /usr/lib/uucp/uucico
nuucp,    /usr/spool/uucppublic /usr/lib/uucp/uucico
uucpadm,    /usr/spool/uucppublic /usr/lib/uucp
lp,    /usr/spool/uucppublic /bin
tutor,    /usr/spool/uucppublic
install,    /usr/spool/uucppublic
chare,    /usr/spool/uucppublic

Like the entries in the HDB Permissions files, each USERFILE entry defines a number of constraints for file transfer, including:

•  Which files on the system can be accessed for UUCP by a local user. Both USERFILE and Unix file permissions must be satisfied for the request to succeed.

•  Which files can be accessed by a remote system.

•  The login name the remote system must use when calling in.

•  The callback configuration the local machine uses to call back and confirm the remote machine’s identity.

Not all constraints must be configured, but keep in mind that the fewer the constraints you implement, the greater the risk of a security violation.

USERFILE entries consist of:

username,system [c] pathname(s)
uu101,thumper /usr/spool/uucppublic /usr/tmp
uu102,bugs c /u/tmp

The username (uu101, uu102) defines the name that must be used to log in to the local system. This username must be configured in the ./etc.passwd file using a shell of /usr/lib/uucp/uucico.

The system portion defines the name of the remote system. The callback flag, shown as a single “c” separated by a space, is similar to the CALLBACK option in HDB UUCP. If the letter ‘c’ exists after the system name, then when your system answers a call from the remote system, your system will hang up the phone, and then call the remote system back. In this way you can validate the identity of the remote system.

The pathname component(s) is a space-delimited absolute pathname list of directories that are accessible by the remote machine.