BBS Installation

  On Bitsko's Bar & Grill I have Unidel set up as the shell program
executed on login, or in other words, /usr/lib/citadel/citadel is used
in place of /bin/sh in the last field of passwd.  Just like shell
users on the system, the call-in Unidel user has her/his own home
directory.

  At first, I installed logins by hand, simply adding a new entry in
passwd whenever someone wanted it.  This is the easiest method, if you
have a closed system (rarely add new users) you may want to use this.

  Very soon after, I set-up the auto-validation system to create new
passwd entries automatically.  This is probably the only 'real' part
to making Unidel a BBS program, having a way to add new users in a
secure, automatic way.  I have included my guest-login/auto-validation
shells and programs for you to use (in the 'misc' directory), here is
how to set them up:

  NewUser.sh (copied to .../guest/.profile)
    Create a login called 'guest' (or whatever) with shell '/bin/sh'.
    Copy 'NewUser.sh' to '.profile' in guest's home directory.  Edit
    it so that the blurb says what you want it to and to ask the
    questions you want to ask about the person.  The only required
    question is user name.

  UpLow
    This is a program that does case conversion on answers to
    questions in .profile.  It only converts when the answer is all
    lower or upper case, if it's mixed then it leaves it alone.  To
    create it, type 'make UpLow' and copy the program into the $LIBDIR
    directory.

  AutoVal
    This is the major part of the auto-validation system, it takes a
    passwd entry in on standard input, verifies it with a little
    security checking and appends it to passwd.  To create it, type
    'make AutoVal' and copy it into the $LIBDIR directory.  As the
    super-user, 'chown root AutoVal' and 'chmod u+s AutoVal', this
    makes it so AutoVal can modify passwd.  AutoVal picks the first
    available user-id greater than 200 and assigns it to the new user.

    WARNING: This probably doesn't need to be said, but I'll say it
    anyway, any program that runs as set-uid root SHOULD BE VERIFIED,
    even though I wrote it and use it doesn't mean you should trust it.

  $LIBDIR/unidelin and $HOME/.unidelin
  $LIBDIR/unidelout and $HOME/.unidelout
    These two programs are executed when Unidel is started (unidelin)
    and just before it exits (unidelout).  I use them to archive and
    compress the user files for all users in a certain common home
    directory path (/usr/lib/citadel/rc), it leaves other user's files
    alone.

  I haven't written user-aging scripts yet, so once a user is entered,
it doesn't get deleted if they never call back.

  There's another way of handling call-ins that I haven't played with
but you may be interested in implementing yourself: Having a single
common UN*X login for all BBS users that then asks for the bbs-login
name and then changes $HOME directory and calls Unidel.  This should
be really easy to do with a '.profile' script and a simple user-list.
This would be the best way to go if you're a little leary of having
logins appended to your passwd file.
