This is NOVACS 0.1.

You can get it from 

	http://205.222.185.29/index_en.html or
	
	http://privat.schlund.de/K/Knut_Grahlmann/index_en.html
	
NOVACS was written by Knut Grahlmann <Knut.Grahlmann@bigfoot.com> and is copyrighted
under the terms of the GPL (see LICENSE for further information).

1 HISTORY
2 HOW IT WORKS
3 REQUIREMENTS
4 INSTALL
5 SECURITY TIPS
6 TODO
7 CREDITS


1 HISTORY:

NOVACS stands for "Novell for Macs". It's purpose is to enable Mac users to access
their homefolders on a Novell server through a Linux box.
One could ask why I need a special Perl-script for this since it's supposed to work
with the regular drivers from Novell. Well, officially it does. However, some schools
in Montgomery County (Maryland, USA) (where I lived as an exchange student for a
year) had tried this "direct approach" and they had reported problems.
To avoid these, I told the SysOP of my school that we could try to bring our macs on
the net via a Linux box.
Well, it was easy to let them get on the Internet, I just installed two network cards,
masquerading and squid. Letting the users put their data from the Macs on the Novell
servers was harder.


2 HOW IT WORKS:

All Mac users get a home folder on the Linux box that they access via Appletalk. If
they need to access their Novell folder, they surf to a file on the Linux box. This
html-file has two fields in which they type the Novell username and password. 
This information is sent to a perl script in the cgi-bin folder of the Linux box.
The scripts mounts with 'novellmount' (from the ncpfs package) the Novell folder into
a dummy folder. It also creates a lock file. Then, a symbolic link is created in the 
Linux home-folder to the dummy folder. That's it.
When the users are done, they need to surf to a second file and type in their
username and password again. This information is compared from a second script with
the password stored in the lockfile. If they match, the link is deleted and the
novell folder is umounted with 'novellumount'.


3 REQUIREMENTS:

All the Mac users who will be allowed to use the Novell folder should be group
'nogroup'. At least the group of their home folders must be 'nogroup' (so that the
scripts which run as 'nogroup' can write in it).
The homefolders MUST BE set to g+w (again, for the scripts).


4 INSTALL:

-Edit the Perl-files so that they fit your needs (server name etc.).
 (more instructions in the files)

-Put them in your local cgi-bin folder.

-Make sure they are executable.

-Write the right server-URL in the html-files.

-Put the html-files in htdocs (if you use Apache).

-If thou wish, thou can also put the cute lille

-Create the folders 'dummy' and 'locks' in your cgi-bin folder,
 owner 'wwwrun' (or whatever Apache runs under) and group 'root'.

-Create a file 'errors' in the same folder with the same rights.



5 SECURITY TIPS:

-Normally, one can't access a subfolder of cgi-bin from the web. To be more certain
that nobody can read the cleartext passwords in the lock file, just put a .htaccess
file in the 'dummy' and 'locks' folder. (For more information on .htaccess files read
the Apache documentation.)

-As I said, the home folders must be group accessible. If Mac users can telnet the
Linux box, they can corrupt the data of co-users. So be sure to have them only have
something like /bin/passwd as login-shell.


6 TODO

Nothing, at least not from me. I don't have an opportunity to test the programs
anymore since I'm back in Germany again (and neither my school nor my family has a
Novell server).
If somebody has bugfixes, add-ons etc. and is willing to publish them, I will be more
than happy to include them.


7 CREDITS:

Randal L. Schwartz, Tom Christiansen, and Larry Wall for writing "Learning Perl" and
	"Programming Perl"
The whole Linux community for writing Linux, the most reliable OS (not a single crash
while I wrote the whole program, in spite of several Netscapes, NEdits, Shells etc.)
Mark Edel for writing NEdit.
My host family for letting me use their computer and being so patient with me.
My parents for letting me go to the U.S.A.

Knut Grahlmann <Knut.Grahlmann@bigfoot.com> 08/11/1999
