1 upserver AFS Commands upserver
6 upserver -- initialize server portion of Update Server.
10 /usr/afs/bin/upserver [<directory> ] [-crypt <directory> ]
16 Initializes the server portion of the Update Server
17 (upserver process), specifying which of its local disk
18 directories the process is willing to distribute in response
19 to requests from the client portion of the Update Server
20 (upclient process) running on other machines. If no
21 directories are specified, the server portion can distribute
22 the contents of any directory on its local disk.
24 The command also determines whether the upserver is willing
25 to distribute a directory's contents in unencrypted form or
26 not. By default, the encryption level is -clear, meaning
27 that upserver transfers the directory's contents in
28 unencrypted form unless an upclient requests encryption.
29 When -crypt is specified for a directory, the upserver will
30 refuse an upclient's request for unencrypted transfer. With
31 the United States edition of AFS, the effect of -crypt is to
32 guarantee that upserver transfers a directory's contents
33 only in encrypted form. With the international edition, the
34 effect of -crypt is to prevent upserver from ever
35 transferring the directory's contents, because the upclient
36 has no way to comply with the requirement that it request
37 the contents in encrypted form (the -crypt flag on upclient
38 is not available in the international edition). Use -crypt
39 and -clear to toggle the level of encryption for directories
40 as appropriate (the EXAMPLES section illustrates their use).
44 This command is not normally issued at the command shell
45 prompt, but rather placed into a file server machine's
46 /usr/afs/local/BosConfig with the bos create command. If it
47 is ever issued at the command shell prompt, the issuer must
48 be working on a file server machine. The upserver process
49 uses the local KeyFile when handling keys for mutually
50 authenticating with the upclient process and encrypting
51 data. The two processes always mutually authenticate,
52 whether or not data is encrypted.
54 This command does not use the syntax conventions of the AFS
55 command suites, so the command and switch names must be
58 Cells using the international edition of AFS should not use
59 the Update Server to distribute the contents of
60 /usr/afs/etc. The contents of this directory are sensitive,
61 and the international edition of AFS does not provide any
62 facility for encrypting them before transfer across the
63 network. One way to prevent this distribution is to mark
64 /usr/afs/etc with -crypt.
70 directory names each directory to be distributed in
71 unencrypted form (because they appear before the
72 first -crypt or -clear flag). If omitted, all
73 directories on the machine's local disk are
74 eligible for distribution.
76 -crypt precedes a list of one or more directories which
77 upserver will distribute only in encrypted form.
79 -clear precedes a list of one or more directories which
80 upserver may distribute in unencrypted form (but
81 if upclient requests them in encrypted form, then
82 upserver encrypts them). This argument is
83 necessary only if the issuer has previously used
84 -crypt on the command line and wishes to switch
85 back to unencrypted form.
89 The last parameter (enclosed in quotes) in the following
90 bos create command causes the upserver to distribute
91 /usr/afs/bin in unencrypted form and /usr/afs/etc in
94 % bos create fs1.transarc.com upserver simple
95 "/usr/afs/bin/upserver /usr/afs/bin -crypt /usr/afs/etc"
99 Issuer must be listed in /usr/afs/etc/UserList to place this
100 command in /usr/afs/local/BosConfig, because that is the
101 privilege required to issue bos create.