ncplogin ncpmap ncplogout

NDS aware resources mounting/unmounting utilities

Purpose:

Add to ncpfs tree/context oriented commands similar to those found in non GPL Caldera Open Linux Client (nwlogin, nwmount, nwlogout...)

ncplogin: make the historical ncpmount utility NDS aware of tree and context arguments.Open a permanent authenticated connection to a server belonging to the tree specified as -T tree_name. The authentication credentials of this connection will be later used for background authentication when trying to access additional resources belonging to the same tree. In contrast to ncpmount, ncplogin does not accept a volume name, nor a mount point. it will mount the SYS volume of the server that authenticated you in $HOME/ncp/SERVER/SYS or in /mnt/ncp/$USER/SERVER/SYS if the $HOME is on a remote NFS server.

ncpmap: Performs background authentication to permanently mount an additional volume belonging to a tree where current user is already authenticated (like DOS Netware client MAP command). Needs a volume name and a mount point. With -a will behave as ncplogin with an autocreated automatic mount point.

ncplogout: Close all permanent connections to a tree or a server, created by ncplogin, ncpmount, ncpmap (or the PAM module).

Requirements:

ncpfs version 2.2 installed and operational (slist) on the Linux box.

Usage:

Usage of ncplogin is required for every new tree the current user wish to connect to. If current user has been authenticated via NetWare using the pam_ncp_auth module, usage of ncplogin is not needed for accessing resources belonging to the tree to which the authenticating server belongs.

ncplogin supports all arguments of ncpmount plus several specific arguments:

- X or --namecontext context use that context or override default name context

-T or --tree treename use that tree or override default tree

-B, or --broadcast broadcast_level set connection broadcast mode to 0, 1 or 2

-E or --echo print the used mount point (for use with some TCL/Tk utilities)

- l or --localmount mount in /mnt/ncp/$USER instead of $HOME/ncp/
required with NFS mounted homes

ncpmap supports all arguments of ncplogin/ncpmap except any argument related to user name or password, since it requires that user is already authenticated.The following options and arguments are specific:

-R, or --root path Specify a path to mount in the volume. Equivalent of MAP ROOT in Dos clients
Will be converted in uppercase if needed (if contrast with ncpmount -V volume:PATH that requires an uppercased path)

-a or --autocreate mount using automatic mount point (no mount point needed)

- l or --localmount mount in /mnt/ncp/$USER instead of $HOME/ncp/
required with NFS mounted homes

-V or --volume volumeName required: Specify volume name to mount (same as ncpmount)

mountpoint an existing directory as mounting point. (same as ncpmount)
not needed with -a option

Some command lines arguments are unecessary if you set the following environnement variables:

NWCLIENT_PREFERRED_TREE		will fill up -T argument
NWCLIENT_DEFAULT_NAME_CONTEXT	will fill in -X argument
NWCLIENT_PREFERRED_SERVER	will fill in -S argument
NWCLIENT_DEFAULT_USER		will fill in -U argument

see lib/nwclient documentation for more details.

Some real life examples:

[root@prope tcl-utils]# ncplogin

Logging into CIPCINSA as ppollet
Password:
The simplest. You have set preferred tree (or preferred server) and default context and your Netware login is the same as your Unix one
or you set NWCLIENT_DEFAULT_USER (here root->ppollet).
Just type in the password and you should find the SYS volume of the server that answered mounted in $HOME/ncp/SERVERNAME/SYS
(autocreated, chowned to you and chmoded 700).

[tec@prope tcl-utils]# ncplogin -l

Logging into CIPCINSA as tec
Password:
A bit more tricky.  User tec has his Linux home  on a NFS mounted server . ncplogin (and ncpmap), are executed as root
on the local machine,  (remember they have been chmoded +s); so they have no rights to even peek into the NFS mounted directory
to check if the default mount point ($HOME/ncp/SERVER/SYS) exists. So they fail with 'permission denied'. Of course you could mount the NFS
directory with "no_root_squash" option, but it looks to me a really bad idea ;-)

-l option force ncplogin/ncpmap to use a local directory (/mnt/ncp/$USER/SERVER/VOLUME) in which root has enough rights. This directory will
be eventually autocreated and chmoded 700 to the current user (tec).

So the SYS volume of the server will be mounted in /mnt/ncp/tec/CIPCINSA/SYS and not in /home/tec/ncp/CIPCINSA/SYS !

[root@prope tcl-utils]# ncpmap -V EURINSA_APPS -a

If authentified to the tree to which server EURINSA belongs, will silently mount volume in $HOME/ncp/EURINSA/APPS.
 root is running it, so his home is (likely) local, no need of -l option.

[tec@prope tcl-utils]# ncpmap -V EURINSA_APPS -R /students/public/gr201 -a -l

 Student tec is authentified to the tree, will silently mount directory /students/public/gr201 of volume
EURINSA_APPS (in the same context as student tec) in /mnt/ncp/tec/EURINSA/APPS. Remember why the  -l  option ?

Some scripting now:

In our place, login to Netware is performed by the PAM authentication module and we force the automounting of user's Netware home in local /mnt/ncp/$USER/nwhome and creation of a ~/.nwinfos file (options -l -ZAI of the PAM module). So every user has one 'permanent connection' to Netware that is later used in shell scripts calling ncpmap to access other ressources without further authentication. No user (but root) needs to call ncplogin unless connection to Netware has been lost during the session. Yes Petr, I would love an "autoreconnect" feature for ncpfs ;-)

The following script (/usr/local/bin/pve.sh) opens a KDE explorer window to a Netware directory named "Profs vers Eleves" ( "Teachers to students" in french) that exists on the SYS volume of every Netware server. Students have only read rights in these directories and faculty members have full rights. So faculty members use it to give students documents to study, fill up..., lab session texts ,exams...
We placed on every student desktop a KDE link to this script:

#!/bin/sh if [ -e $HOME/.nwinfos ]; then DIR=/mnt/ncp/$USER/pve source $HOME/.nwinfos if [ ! -d $DIR ]; then mkdir $DIR fi if [ ! -d $DIR/linux ]; then ncpmap -V "$NDS_PREFERRED_SERVER"_sys -R "Profs Vers Eleves" $DIR fi else DIR=/misc/pve fi kfmclient openURL $DIR

If the file exists, user has been authenticated by the PAM module Mount point must be local since ncpmap has no rights on NFS mounted homes Read all informations created by the PAM module ( the preferred server= where "Profs vers Eleves" lives for that student) Eventually create the mount point (PAM module has given full rights to /mnt/ncp/$USER to current user and only to him) If not already mounted ( we have created a readonly empty directory 'linux' in all Netware SYS:"Profs vers Eleves" directories) mount it with ncpmap using the preferred server of that student user has been authenticated by LDAP, use automounter (another story) finally open a KDE explorer window on that directory

We have a similar script (/usr/local/bin/evp.sh) that open a windows to "Eleves Vers Profs" , a directory where students have rights to create and write (but not to read, modify or erase) and faculty have full rights. So students can return documents (write once, cannot cheat , rename or erase) to faculty members. I will certainly miss these nifty Netware rights next year ;-(

Download:

These three utilities are included in ncpfs current release in the sutil directory.
They are installed together with ncpmount/ncpumount and are 'chmoded' +s to allow non root users to mount Netware volumes.
In last ncpfs releases, the historical command ncpumount has been merged with ncplogout.
We would like to acknowledge Petr Vandrovec's current efforts to merge ncplogin and ncpmount in forthcoming releases.

History:

See source code for these programs.

TODO:

Cosmetic bug: ncplogin rev 1.11 do not gracefully exit if no tree nor server has been either specified in the command line or found in the environnement. It just try to open a connection with an unitialized string and exit with a ncp server not found error.
It would be nice to get rid of the -l flag and to "autodectect" whether $HOME is local or NFS.
More seriously, we are still not convinced that only one connection to Netware is made by these utilities. In some situations, but not everytime, userlist me /A (in a Dos shell) gives 2 or 3 opened connections with the same IPX address and time after a single ncplogin (?). Everything is neatly closed by ncplogout.. but...

Vous êtes notre eme visiteur

- X or --namecontext context	use that context or override default name context
-T or --tree treename	use that tree or override default tree
-B, or --broadcast broadcast_level	set connection broadcast mode to 0, 1 or 2
-E or --echo	print the used mount point (for use with some TCL/Tk utilities)
- l or --localmount	mount in /mnt/ncp/$USER instead of $HOME/ncp/ required with NFS mounted homes

-R, or --root path	Specify a path to mount in the volume. Equivalent of MAP ROOT in Dos clients Will be converted in uppercase if needed (if contrast with ncpmount -V volume:PATH that requires an uppercased path)
-a or --autocreate	mount using automatic mount point (no mount point needed)
- l or --localmount	mount in /mnt/ncp/$USER instead of $HOME/ncp/ required with NFS mounted homes
-V or --volume volumeName	required: Specify volume name to mount (same as ncpmount)
mountpoint	an existing directory as mounting point. (same as ncpmount) not needed with -a option