The Parts of Entman

By: James Reynolds - Revised: 2007-01-31 ben

Introduction

Information about the parts of Entman including file by file descriptions and detailed descriptions of select scripts.


The Parts of Entman

Entman's files reside in one main folder: /etc/entman. However within that folder there is a plethora of additional subfolders.  It came to our attention that it is very important to system administrators where admin support scripts are located.  We've done our best to migrate to acceptable locations.  We've also done our best to make things modular (easy to move).  This is a huge undertaking for Entman thus it is a work in progress.  We've made huge strides and hope to continue to make more. 

/etc/entman contains Entman configuration files and their associated scripts. It also contains directories such as the home folder cache.  The preferences are stored there. Customized images are also stored there. Basically all Entman files are stored here.

/Library/Entman contains scripts and tools. The folder is split into 3 parts (6 folders): Private, Public, and User Tools. Private contains all of the admin scripts and tools. Public contains tools and scripts that non-admin users must have access to, for example, a Logout Menu that is used on authenticated kiosks. User Tools are scripts and tools that the non-admin user actually uses, Logout and Run Maintenance.

If you want more detail on any item, please see the file by file description.

File by File Descriptions

These are all of the files that are a part of Entman

Basically this list is completely out of date?  I can't find these files under /etc/entman ~ Ben
  • /Library/Application Support/Menuversum/Menus/RMMenu - This is a plist file that Menuversum uses so it knows what it needs to about the "RMMenu" (Radmind status menu).
  • /Library/Application Support/Menuversum/Sets/RMMenu - This is a plist file that Menuversum uses so it knows what menus it needs to show.
  • /Library/Application Support/Menuversum/status_green.jpg and status_red.jpg - These are the image files that are shown in the RMMenu.
  • /Library/StartupItems/Firewall - Contains the firewall startup item. This script is a launcher script. The real firewall script is /etc/ulabmin/rc.firewall
  • /Library/StartupItems/ULabMin - Contains the ULabMin startup item. This script is a launcher script. The real ULabMin startup script is /Library/ULabMin/Private/scripts/startup_script.pl. NOTE, if the computer does not startup, it is likely that the startup item or the startup script have failed? Why would this cause startup to fail? Because ULabMin modifies the file /System/Library/StartupItems/LoginWindow/StartupParameters.plist so that the loginwindow will NOT start until ULabMin finishes. We are thinking of a workaround so this doesn't happen.
  • /Library/ULabMin/Private/cups_cache/ is used to keep a cache of the cups configuration files. You should leave this folder empty.
  • /Library/ULabMin/Private/disabled/ contains scripts that are currently not active. Notably, this folder contains set_firmware_password_script.pl. This script needs to be edited in order to use it, and it is a "temporary" script, making it a special case script, so it lives in the "disabled" folder.
  • /Library/ULabMin/Private/disabled/set_firmware_password_script.pl
  • /Library/ULabMin/Private/home_folder_cache/ is where home folders are created and saved. At login the folders here are swapped with the user folder in /Users. You should not create any folders in "home_folder_cache", or else the login scripts will break (this is something that needs to be fixed).
  • /Library/ULabMin/Private/home_folder_template/ is the folder that is duplicated for the cache. Actually, you don't have to use this folder. The setting can be changed. Look in /etc/ulabmin/ulabmin_global_config.pl and change $template_homefolder (probably to "/System/Library/User Template/English.lproj"). We don't use /System/Library/User Template/English.lproj because ULabMin will change the folder permissions in order to speed up login. Probably best not to change the system user template. So just copy the template to the folder. Another idea that we may add is to actually have a user folder be the template (/Users/template). Then have a user that you can login that actually uses that folder. To do this, we would want to hide the folder when a real user logs in. We might add this someday.


  • /Library/ULabMin/Private/lost_and_found/ is where user home folders are placed after they logout. They are stored in a folder with their username. They are also date/time stamped so that they don't conflict.
  • /Library/ULabMin/Private/resources/ is an old folder that was use to store configuration information. It will probably go away in a future version of ULabMin.
  • /Library/ULabMin/Private/resources/status_green.tif and status_red.tif - These images are just like the images used by Menuversum (above). However, these images are actually the images shown in the Loginpanel. Note, the images are copied from this location to /System/Library/CoreServices/SecurityAgent.app/Contents/Resources/MacOSXart.tif.
  • /Library/ULabMin/Private/scripts/ is the heart of ULabMin. It contains all of the scripts. "report_to_master.sh" needs to be edited before it will function correctly. Other than that, all of these scripts are configured with the files in /etc/ulabmin.
  • /Library/ULabMin/Private/scripts/assimilateUser.pl
  • /Library/ULabMin/Private/scripts/create_cached_home_folders.pl
  • /Library/ULabMin/Private/scripts/create_crontab.pl
  • /Library/ULabMin/Private/scripts/cron_nightly.pl
  • /Library/ULabMin/Private/scripts/eject.sh - This script isn't implemented yet (but should work)
  • /Library/ULabMin/Private/scripts/find_writable.pl
  • /Library/ULabMin/Private/scripts/idlescript.pl
  • /Library/ULabMin/Private/scripts/killsumapps.pl
  • /Library/ULabMin/Private/scripts/labsingleuser.pl
  • /Library/ULabMin/Private/scripts/launch_maintenance
  • /Library/ULabMin/Private/scripts/loginhook.pl
  • /Library/ULabMin/Private/scripts/logouthook.pl
  • /Library/ULabMin/Private/scripts/maintenance_status.pl
  • /Library/ULabMin/Private/scripts/newPresentation.pl
  • /Library/ULabMin/Private/scripts/phone_home.pl
  • /Library/ULabMin/Private/scripts/post_maintenance.pl
  • /Library/ULabMin/Private/scripts/report_to_master.sh
  • /Library/ULabMin/Private/scripts/run_radmind.pl
  • /Library/ULabMin/Private/scripts/secure_system.pl
  • /Library/ULabMin/Private/scripts/set_computer_name.pl
  • /Library/ULabMin/Private/scripts/startup_script.pl
  • /Library/ULabMin/Private/scripts/updateByHostPrefs.sh
  • /Library/ULabMin/Private/tools/ contains binaries and applications that ULabMin uses.
  • /Library/ULabMin/Private/tools/GetFileInfo
  • /Library/ULabMin/Private/tools/hping2
  • /Library/ULabMin/Private/tools/OFPW
  • /Library/ULabMin/Private/tools/Pictures
  • /Library/ULabMin/Private/tools/Screen Preserver
  • /Library/ULabMin/Private/tools/SetDisplay
  • /Library/ULabMin/Private/tools/SetFile
  • /Library/ULabMin/Private/tools/triggerfiles/ use to contain files that "configured" ULabMin (their existance meant something). This version of ULabMin switches to text file configuration so most of the trigger files are gone. This folder is still used by the scripts to save state information. But in the future this folder may disappear.
  • /Library/ULabMin/Private/tools/writable_caches/ is used by the scripts to store files that need to be writable. It was mainly created for the Adobe Registration Database file, which needs to be world writable for one of the Adobe apps (not all require the file to be world writable). A few other files are stored here as well.
  • /Library/ULabMin/Public/LogoutMenu
  • /Library/ULabMin/Public/LogoutNow
  • /Library/ULabMin/Public/Maintenance Notification
  • /Library/ULabMin/User Tools/Logout
  • /Library/ULabMin/User Tools/Run Maintenance
  • /etc/ulabmin/ejectexclude
  • /etc/ulabmin/ipopfeed.pl
  • /etc/ulabmin/lostAndFoundReadme
  • /etc/ulabmin/objects.nib
  • /etc/ulabmin/performing_maintenance1.gif
  • /etc/ulabmin/performing_maintenance1.gif
  • /etc/ulabmin/performing_maintenance1.gif
  • /etc/ulabmin/performing_maintenance1.gif
  • /etc/ulabmin/performing_maintenance1.gif
  • /etc/ulabmin/rc.firewall
  • /etc/ulabmin/resources
  • /etc/ulabmin/screen saver pictures
  • /etc/ulabmin/StartupParameters.plist
  • /etc/ulabmin/ulabmin_do_not_modify_config.pl
  • /usr/local/bin/create_overload
  • /usr/local/bin/create_printer_overload
  • /usr/local/bin/download_overload.pl
  • /usr/local/bin/prep_for_overload
  • /usr/local/bin/upload_overload
Files not installed by default.
  • /etc/hosts.allow
  • /etc/hosts.deny
  • /etc/rc
  • /etc/rc.boot
  • /etc/rc.cleanup
  • /etc/sshd_config
  • /etc/sudoers
  • /etc/ttys

Table Of Contents
  • Set Firmware Password Script
    • The purpose of this script is to set the OFPW.

  • Assimilate User
    • The purpose of this script is to cleanup the user home folder (/Users/), so that a "clean" template folder is available at the end of this script.

  • Create Cached Home Folders
    • The purpose of this script is to copy a template home folder (using ditto) and perform any other operations on it so it is as ready as can be for login. The goal of this script is to not run while there is a user at the computer, but to only run when the computer is idle.

  • Create Crontab
    • The purpose of this script is to create /etc/crontab using a global config file.

  • Cron Nightly
    • The purpose of this script is to run radmind or just reboot the computer (nicely).

  • Find Writable
    • The purpose of this script is to let us know of any file or folder that users can write to that they shouldn't be able to write to. The reason why this script is run is two fold. The first goal is to catch errors in distribution like when an admin absent mindedly installs an application that installs as world writable by default and doesn't fix it. The second goal is to catch any changes that happen after the fact, like when an admin absent mindedly "fixes" a problem on a lab computer by making something world writable and forgets to fix it, OR when a cracker absent mindedly creates files that are world writable. ;)

  • Idlescript
    • The purpose of this script is to do lots of stuff when "idle". For example, on lab computers this script does stuff when the computer is logged out (idle) like launch a screensaver over the loginwindow. On kiosks, this script does stuff when the screen saver is active (idle) like reset browser preferences. It also does a few things no matter if the computer is idle or not, like check for trigger files.