The easiest method of backing up a protected mail directory is to copy it into an Andrew File System (AFS) directory since these are backed up daily as with mainframes. The only problem with this is that the file servers may be down when one wants to copy his mail directory since, at the time of this writing, these servers are still under active development; however, they are becoming more robust daily. One can read about the current AFS status in the file /../fac/usr/gripe/doc/vice/status. [annotate]
Using AFS, one could keep his actual mail directory (not a copy thereof) in his AFS home directory which eliminates the issue of backing it up. This is additionally beneficial if the user does not use the same workstation everyday (that is, he does not have his own but shares project owned machines). Two problems with this arrangement result from the AFS being a distributed file system. Besides the chance that the server will be down when the user wants to read mail, performance degrades since messages must always be referenced across the local area network. [annotate]
Facilities' official mechanism for backing up protected directories is called sup. This is awkward to use and hard to set up, but a subsection here describes a particular arrangement suitable for the user's mail directory. [annotate]
If the user choses to use AFS, he should get copies of Getting Started with the Andrew File System and Protecting AFS files and directories. To use AFS, send mail to Gripe requesting an account. When Gripe replies with a password, change it to be the same as the account's password on the workstation. This causes the user to be authenticated into AFS when he logs into his workstation (that is, he is automatically logged into his AFS account). To change the password, first log into the AFS account: log <AFS userid> Then issue the vpasswd command. [annotate]
All of the example command lines in this section assume the user has /usr/misc/bin on his Unix shell PATH environment variable. [annotate]
Make an AFS directory to copy into: mkdir /afs/cs.cmu.edu/user/<AFS userid>/mail-backup [annotate]
This will be readable by everyone, so protect it with the following: fs sa /afs/cs.cmu.edu/user/<AFSuserid>/mail-backup System:AnyUser none [annotate]
Once the AFS account and directory to backup into have been established, the user needs a means to recursively copy his mail directory updating only those file that have changed and deleting those that no longer exist. To do this, issue the following command: copy -2 -v -R <mail directory> <AFS backup directory> Do not terminate either of these directory specifications with a /. The -v switch causes copy to output a line for copy and deletion, so this may be eliminated if the user desires. [annotate]
Assuming the AFS account has been established, and the user has followed the directions in 10.3, now make an AFS directory to serve as the mail directory: mkdir /afs/cs.cmu.edu/user/<AFS userid>/Mail [annotate]
This will be readable by everyone, so protect it with the following: fs sa /afs/cs.cmu.edu/user/<AFSuserid>/Mail System:AnyUser none [annotate]
Tell MH where the mail directory is by modifying the profile's ".mh_profile" (see section 10.3) Path: component (see section 10.4.1): Path: /afs/cs.cmu.edu/user/<AFS userid>/Mail [annotate]
To use sup the user must set up a directory named "sup" on the workstation in the user's home directory. This contains different directories for the various trees that will be backed up, so there will be a "Mail" directory. This directory will contain two files: "crypt" and "list". The "crypt" file contains one line, terminated with a new line, that contains a single word -- an encryption key. "list" contains one line, terminated with a new line, that contains two words -- . [annotate]
On the user's mainframe, a file must be created that will be supplied to the sup program. It should contain the following line to backup the mail directory: [annotate]
Mail delete host=<workstation> hostbase=/usr/<user> base=/usr/<user> \ crypt=WordInCryptFile login=<user> password=LoginPasswordOnWorkstation Warning: This file contains the user's password and should be protected appropriately. [annotate]
The following Unix shell command issued on the mainframe will backup the mail directory: [annotate]
sup <name of the sup file used in previous paragraph> [annotate]
As a specific example, assume user "fred" has a workstation called "fred", and his mainframe is the "gpa" machine where he has another user account named "fred". The password on his workstation is "purple". On his workstation, he creates the directory "/usr/fred/sup/Mail/" with the two files "crypt" and "list". The file "/usr/fred/sup/Mail/crypt" contains only the encryption key: steppenwolf The file "/usr/fred/sup/Mail/list" contains the command to upgrade the "Mail" directory: upgrade Mail [annotate]
On the "gpa" machine, the file "/usr/fred/supfile" contains the following line: Mail delete host=fred hostbase=/usr/fred base=/usr/fred \ crypt=steppenwolf login=fred password=purple This file is protected on "gpa", so others cannot see fred's password on his workstation. [annotate]
On the gpa-vax, issuing sup /usr/fred/supfile to the Unix shell will update the MH mail directory from fred's workstation deleting any files that exist on the gpa that do not exist on the workstation. [annotate]
For a more complete description of the features of sup, see the UNIX Workstation Owner's Guide and The SUP Software Upgrade Protocol. [annotate]