Configuration of AcuServer system security is very important to safeguarding your data files and network computers. We urge you to read Chapter 8, System Security, before placing AcuServer into open service.
AcuServer file access security is managed by a site configured access database called the server access file. On UNIX servers, you must create a server access file (default name "/etc/AcuAccess") before AcuServer will start or establish connections with clients. AcuServer includes a utility program for creating and maintaining the server access file. Step by step instructions for creating a minimal server access file are included in this section.
Access records in the server access file specify which client systems and client users are permitted to use AcuServer. Each access record includes a client machine name, client user name, local user name, password (optional), and file creation mask (umask). Wildcards in the record entries grant general access to clients and users.
To create an access file on a UNIX server that allows any user of any client to use AcuServer (provided that the user has an account on the server by the same name as the account on the client), perform the following:
1. Log onto the server as root or become superuser.
2. Run "acuserve -access" to launch the server access file manager utility.
3. Respond to the prompt for the path and name of the server access file by accepting the default: "/etc/AcuAccess".
4. Respond "yes" to the "Do you want to create it now?" prompt.
5. Select option [1] from the main menu (Add a security record).
The manager will present a series of five prompts. Accept the default for each prompt by simply pressing <return>. After you accept the umask field, the program will report that it has added the record.
6. Exit the utility by selecting option [5] from the main menu.
You now have a server access file that contains a single entry. This entry allows any user of any client to connect to AcuServer, provided that the user has an account on the server by the same name (if the user does not have an account on the server by the same name, and the server configuration variable DEFAULT-USER is defined with a valid user name, a connection will be established using the value of DEFAULT-USER).
To set up more restrictive access, see Section 8.2 Access Records.