Man Linux: Main Page and Category List

NAME

       bosserver - Initializes the BOS Server

SYNOPSIS

       bosserver [-noauth] [-log] [-enable_peer_stats]
           [-enable_process_stats] [-allow-dotted-principals] [-help]

DESCRIPTION

       The bosserver command initializes the Basic OverSeer (BOS) Server
       (bosserver process). In the conventional configuration, the binary file
       is located in the /usr/lib/openafs directory on a file server machine.

       The BOS Server must run on every file server machine and helps to
       automate file server administration by performing the following tasks:

       ·   Monitors the other AFS server processes on the local machine, to
           make sure they are running correctly.

       ·   Automatically restarts failed processes, without contacting a human
           operator. When restarting multiple server processes simultaneously,
           the BOS Server takes interdependencies into account and initiates
           restarts in the correct order.

       ·   Processes commands from the bos suite that administrators issue to
           verify the status of server processes, install and start new
           processes, stop processes either temporarily or permanently, and
           restart halted processes.

       ·   Manages system configuration information: the files that list the
           cell’s server encryption keys, database server machines, and users
           privileged to issue commands from the bos and vos suites.

       The BOS Server logs a default set of important events in the file
       /var/log/openafs/BosLog. To record the name of any user who performs a
       privileged bos command (one that requires being listed in the
       /etc/openafs/server/UserList file), add the -log flag. To display the
       contents of the BosLog file, use the bos getlog command.

       The first time that the BOS Server initializes on a server machine, it
       creates several files and subdirectories in the local /usr/afs
       directory, and sets their mode bits to protect them from unauthorized
       access. Each time it restarts, it checks that the mode bits still
       comply with the settings listed in the following chart. A question mark
       indicates that the BOS Server initially turns off the bit (sets it to
       the hyphen), but does not check it at restart.

       If the mode bits do not comply, the BOS Server writes the following
       warning to the BosLog file:

          Bosserver reports inappropriate access on server directories

       However, the BOS Server does not reset the mode bits, so the
       administrator can set them to alternate values if desired (with the
       understanding that the warning message then appears at startup).

       This command does not use the syntax conventions of the AFS command
       suites. Provide the command name and all option names in full.

OPTIONS

       -noauth
           Assigns the unprivileged identity "anonymous" to the issuer, which
           is useful only when authorization checking is disabled on the
           server machine (for instance, during the installation of a file
           server machine.)

       -log
           Records in the /var/log/openafs/BosLog file the names of all users
           who successfully issue a privileged bos command (one that requires
           being listed in the /etc/openafs/server/UserList file).

       -enable_peer_stats
           Activates the collection of Rx statistics and allocates memory for
           their storage. For each connection with a specific UDP port on
           another machine, a separate record is kept for each type of RPC
           (FetchFile, GetStatus, and so on) sent or received. To display or
           otherwise access the records, use the Rx Monitoring API.

       -enable_process_stats
           Activates the collection of Rx statistics and allocates memory for
           their storage. A separate record is kept for each type of RPC
           (FetchFile, GetStatus, and so on) sent or received, aggregated over
           all connections to other machines. To display or otherwise access
           the records, use the Rx Monitoring API.

       -allow-dotted-principals
           By default, the RXKAD security layer will disallow access by
           Kerberos principals with a dot in the first component of their
           name. This is to avoid the confusion where principals user/admin
           and user.admin are both mapped to the user.admin PTS entry. Sites
           whose Kerberos realms don’t have these collisions between principal
           names may disable this check by starting the server with this
           option.

       -help
           Prints the online help for this command. All other valid options
           are ignored.

EXAMPLES

       The following command initializes the BOS Server and logs the names of
       users who issue privileged bos commands.

          % bosserver -log &

PRIVILEGE REQUIRED

       The issuer most be logged onto a file server machine as the local
       superuser "root".

SEE ALSO

       BosConfig(5), BosLog(5), bos(8), bos_create(8), bos_exec(8),
       bos_getlog(8), bos_getrestart(8), bos_restart(8), bos_shutdown(8),
       bos_start(8), bos_startup(8), bos_status(8), bos_stop(8)

COPYRIGHT

       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by the IBM Public License Version 1.0.
       It was converted from HTML to POD by software written by Chas Williams
       and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.