ACUA FAQ
Some questions are asked again and again, so I have finally decided
to create a FAQ for ACUA. The FAQ's purpose is to provide concise
answers to common questions. Unlike the HOWTO,
the FAQ does not aim to give detailed explanations of how to accomplish
specific objectives with ACUA. Where appropriate, references will
be made to the relevant documentation and other sources of information.
NOTE: this FAQ will grow over time -- right now it only includes
those FAQ's that came immediately to my mind.
Q.
ACUA doesn't work properly when I have usernames that start with
a numeric digit (e.g. "2cool").
A.
Don't have usernames that start with a numeric digit.
Q.
ACUA doesn't work properly when I have usernames longer than 16
characters.
A.
Don't have usernames longer than 16 characters, or you can modify common.h
in the ACUA source and change LAX_LOGINCHARS to be a bigger value, then
re-compile ACUA. Some versions of Linux really can't support long
usernames properley. Any modern distribution should be able to cope
with 16-charactor usernames though.
Q.
The binary rpm requires libraries I don't have and I don't really want
to upgrade libraries. How can I get ACUA installed?
A.
If you don't want to upgrade libraries to get ACUA going, there
is another way: rebuild the package from the sources.
If you have rpm installed, it's done like this:
-
rpm -i acua-2.x-1.src.rpm
-
cd /usr/src/redhat/SPECS
-
rpm -bb acua-2.x.spec
-
cd /usr/src/redhat/RPMS/i386
-
rpm -Uvh acua-2.x.i386.rpm
If you've used a utility to get a .tar.gz of the sources, you could build
and install the package like this:
-
tar xzvf acua-2.x.tar.gz
-
cd acua-2.x
-
make dep
-
make clean
-
make install
If the build fails for some reason, then you'll have to fix it yourself
or get help from other users.
Q.
Can ACUA support the following access policies?
// fill in access policies here
A.
I haven't met an access policy yet that ACUA couldn't do. Many common
access policies are very simple to implement, whereas some require a better
understanding of the package, and maybe even some shell scripting. Read
the manuals, then read the HOWTO and ensure you understand the examples
it contains. Once you gain an understanding of how ACUA works and
what it can do for you, I hope you will find it can be a great help to
you. I have tried to ensure ACUA is powerful and flexible enough
to enable a great degree of automated access control.
Q.
acua_updated dies occasionally and I don't
know why. Help!
A.
Please do the following:
-
get the ACUA sources
-
untar the sources
-
build acua_updated:
% make dep ; make acua_updated
-
pull up a gdb session with the binary you just built:
-
tell gdb to pass in the -d switch disabling background operation
-
tell gdb to run acua_updated
-
let acua_updated run until it dies (however long that takes)
-
when it dies, gdb should tell you the source file and line # where it died
-
get gdb to tell you the call stack leading up to the crash
-
e-mail me the information you obtained (acua@acua.ebbs.com.au)
Robert Davidson