Provided by: zephyr-server-krb_2.1.20010518.SNAPSHOT-15_i386 bug


       zephyrd - Zephyr server daemon


       /usr/etc/zephyrd [ -d ]


       zephyrd  is  the central server for the Zephyr Notification System.  It
       maintains a location database of all currently logged-in users,  and  a
       subscription database for each user’s Zephyr clients.

       zephyrd communicates with daemons running on other Zephyr server hosts,
       to provide a reliable service.

       While running, any unusual conditions are  recorded  via  syslog(3)  to
       facility  local6  at  various levels.  The -d option enables logging of
       additional debugging information.

       When a zephyrd is executed, it requests a list of server machines  from
       Hesiod  and  initializes  its  state from any zephyrds executing on the
       other known servers.  This initialization is only performed  after  the
       zephyrds have authenticated themselves to each other via Kerberos.  The
       server then enters a dispatch loop, servicing requests from clients and
       other servers.


       SIGUSR1 enables logging of additional debugging information.
       SIGUSR2 disables the logging of additional debugging information.
       SIGHUP  causes  zephyrd to re-read the default subscription file and to
       re-query Hesiod about valid peers.  Any peers which are not  responding
       and no longer mentioned in Hesiod are flushed; any peers not previously
       named by Hesiod are added.
       SIGINT and SIGTERM cause zephyrd to gracefully shut down.
       SIGFPE causes zephyrd to dump the location and  subscription  databases
       to /var/tmp/zephyr.db in an ASCII format.


       Certain  notice classes are restricted by the Zephyr server.  Each such
       class has access control lists enumerating who may transmit (xmt-*.acl)
       or subscribe to that particular class.  Subscriptions may be restricted
       either absolutely  (sub-*.acl  files),  or  by  instance  restrictions.
       iws-*.acl   files   control   subscriptions  to  wildcarded  instances.
       iui-*.acl files control subscriptions to instances which  are  not  the
       Kerberos  principal  identity  of the subscriber.  If an access control
       list of a given type is absent, there is no restriction of that type on
       the  class, except that any notices of the class must be authenticated.
       The class registry lists all classes which are restricted.


                 List of classes which are restricted

                 Access Control Lists for instance-wildcard restrictions

                 Access Control Lists for instance-identity restrictions

                 Access Control Lists for subscribing

                 Access Control Lists for transmitting

                 Kerberos Service keys

                 Current Kerberos tickets for exchange with other servers

                 File containing an ASCII dump of the database.


       The current implementation of the Zephyr server (zephyrd(8))  makes  no
       distinction  between  realm-announced,  net-visible  and  net-announced
       exposure levels.


       zephyr(1),         zhm(8),         kerberosintro(1),         hesiod(3),
       access_control_lists(?), syslog(3)
       Athena Technical Plan, Sections E.4.1 (Zephyr Notification Service) and
       E.2.1 (Kerberos Authentication and Authorization System)


       John T. Kohl, MIT Project Athena and Digital Equipment Corporation


       Copyright (c) 1987,1988 by the Massachusetts Institute  of  Technology.
       All Rights Reserved.
       zephyr(1) specifies the terms and conditions for redistribution.