Provided by: zephyr-server-krb_2.1.20010518.SNAPSHOT-15_i386 bug

NAME

       zephyrd - Zephyr server daemon

SYNOPSIS

       /usr/etc/zephyrd [ -d ]

DESCRIPTION

       zephyrd  is  the central server for the Zephyr Notification System.  It
       maintains a location database of all currently logged-in users,  and  a
       subscription database for each user’s Zephyr clients.

       zephyrd communicates with daemons running on other Zephyr server hosts,
       to provide a reliable service.

       While running, any unusual conditions are  recorded  via  syslog(3)  to
       facility  local6  at  various levels.  The -d option enables logging of
       additional debugging information.

       When a zephyrd is executed, it requests a list of server machines  from
       Hesiod  and  initializes  its  state from any zephyrds executing on the
       other known servers.  This initialization is only performed  after  the
       zephyrds have authenticated themselves to each other via Kerberos.  The
       server then enters a dispatch loop, servicing requests from clients and
       other servers.

SIGNALS

       SIGUSR1 enables logging of additional debugging information.
       SIGUSR2 disables the logging of additional debugging information.
       SIGHUP  causes  zephyrd to re-read the default subscription file and to
       re-query Hesiod about valid peers.  Any peers which are not  responding
       and no longer mentioned in Hesiod are flushed; any peers not previously
       named by Hesiod are added.
       SIGINT and SIGTERM cause zephyrd to gracefully shut down.
       SIGFPE causes zephyrd to dump the location and  subscription  databases
       to /var/tmp/zephyr.db in an ASCII format.

ACCESS CONTROL

       Certain  notice classes are restricted by the Zephyr server.  Each such
       class has access control lists enumerating who may transmit (xmt-*.acl)
       or subscribe to that particular class.  Subscriptions may be restricted
       either absolutely  (sub-*.acl  files),  or  by  instance  restrictions.
       iws-*.acl   files   control   subscriptions  to  wildcarded  instances.
       iui-*.acl files control subscriptions to instances which  are  not  the
       Kerberos  principal  identity  of the subscriber.  If an access control
       list of a given type is absent, there is no restriction of that type on
       the  class, except that any notices of the class must be authenticated.
       The class registry lists all classes which are restricted.

FILES

       /usr/athena/lib/zephyr/class-registry.acl:
                 List of classes which are restricted

       /usr/athena/lib/zephyr/iws-*.acl:
                 Access Control Lists for instance-wildcard restrictions

       /usr/athena/lib/zephyr/iui-*.acl:
                 Access Control Lists for instance-identity restrictions

       /usr/athena/lib/zephyr/sub-*.acl:
                 Access Control Lists for subscribing

       /usr/athena/lib/zephyr/xmt-*.acl:
                 Access Control Lists for transmitting

       /usr/athena/lib/zephyr/srvtab:
                 Kerberos Service keys

       /usr/athena/lib/zephyr/ztkts:
                 Current Kerberos tickets for exchange with other servers

       /usr/tmp/zephyr.db:
                 File containing an ASCII dump of the database.

BUGS

       The current implementation of the Zephyr server (zephyrd(8))  makes  no
       distinction  between  realm-announced,  net-visible  and  net-announced
       exposure levels.

SEE ALSO

       zephyr(1),         zhm(8),         kerberosintro(1),         hesiod(3),
       access_control_lists(?), syslog(3)
       Athena Technical Plan, Sections E.4.1 (Zephyr Notification Service) and
       E.2.1 (Kerberos Authentication and Authorization System)

AUTHOR

       John T. Kohl, MIT Project Athena and Digital Equipment Corporation

RESTRICTIONS

       Copyright (c) 1987,1988 by the Massachusetts Institute  of  Technology.
       All Rights Reserved.
       zephyr(1) specifies the terms and conditions for redistribution.