TUTORIAL PROGRAM Monday and Tuesday, JUNE 21 AND 22, 1993 USENIX SUMMER 1993 TECHNICAL CONFERENCE JUNE 21-25, 1993 CINCINNATI CONVENTION CENTER CINCINNATI, OHIO You may choose from among twenty tutorials, both full and half day, covering topics essential to your professional development. Of these twenty, twelve are offered at USENIX for the first time and a thirteenth is updated in coverage! The USENIX Association's well-respected tutorial program offers you intro- ductory as well as advanced, intensive and practical tutorials. Tutorials are presented by skilled instructors who are hands-on experts in their topic areas. All tutorials offer printed ma- terials to support your understanding and provide reference at a later time. The USENIX tutorial program meets the needs of pro- fessionals who require an immediately practical learning experi- ence. Attend the tutorials at Cincinnati and benefit from this in-depth exploration and skill development in essential areas of UNIX-related technology. USENIX tutorial program attendance is limited. Pre-registration is strongly recommended. SPECIAL NOTE FOR FULL-TIME STUDENTS Your Immediate Attention Is Requested! A limited number of spaces in each tutorial are reserved for full-time students at the special fee of $50.00 per tutorial. You MUST telephone the USENIX Conference Office, +1 (714) 588-8649 during office hours of 8:30 am-5:00 pm Pacific Time Monday-Friday, to confirm availability and make a reserva- tion. You will receive a reservation code number. This number MUST appear on your Registration Form. Your registration form with full payment and a photocopy of your current student I.D. card MUST arrive within 14 days from the date of your reserva- tion. If your registration form and payment do not arrive by that date, your reservation will be cancelled. This special fee is non-transferable. MONDAY, JUNE 21 9:00 am - 5:00 pm (includes box lunch) M1 HOW NETWORKS WORK - NEW! M2 OSF'S DISTRIBUTED COMPUTING ENVIRONMENT (DCE) M3 THE KERBEROS APPROACH TO NETWORK SECURITY - REVISED! M4 ESSENTIAL UNIX PROGRAMMING M5 UNIX SVR4.2 INTERNALS, PART 1: PROCESS AND VIRTUAL MEMORY SYSTEMS AND MP SUPPORT - NEW! M6 INTRODUCTION TO THREADS, POSIX PTHREADS, AND OSF/DCE THREADS - UPDATED! M7 UNIX POWER TOOLS - GETTING THE MOST OUT OF UNIX - NEW! Morning 1/2 day 9:00 am - 12:30 pm (includes box lunch at 12:30 pm) M8 SECURITY AND THE X WINDOW SYSTEM - NEW! M9 TOPICS IN SYSTEM ADMINISTRATION - 1 - NEW! Afternoon 1/2 day: 1:30 pm - 5:00 pm (includes lunch at 12:30 pm) M10 MANAGING THE DOMAIN NAME SYSTEM M11 TOPICS IN SYSTEM ADMINISTRATION - 2 - NEW! TUESDAY, JUNE 22 9:00 am - 5:00 pm (includes box lunch) T1 SYMMETRIC MULTIPROCESSING AND CACHING IN UNIX KERNELS T2 THE DISTRIBUTED COMPUTING ENVIRONMENT REMOTE PROCEDURE CALL SYSTEM (DCE RPC) - NEW! T3 SENDMAIL: INSIDE AND OUT - NEW! T4 UNIX NETWORK PROGRAMMING T5 UNIX SVR4.2 INTERNALS, PART 2: FILE SYSTEMS, I/O AND STREAMS - NEW! T6 THE WINDOWS NT ARCHITECTURE - NEW! T7 ACHIEVING SECURITY IN AN INTERNET ENVIRONMENT - NEW! T8 TCL AND TK: A NEW APPROACH TO X11 AND GUI PROGRAMMING T9 INSTALLING, CONFIGURING AND ADMINISTERING X SYSTEMS - NEW! TUTORIAL DESCRIPTIONS FIRST TIME OFFERED! M1 HOW NETWORKS WORK Vincent C. Jones, Consultant Intended Audience: Designers and technical managers responsible for planning or implementing distributed systems or networked ap- plications. Attendees are assumed to be familiar with networking fundamentals and TCP/IP. This is not an introduction to networking! This tutorial ties together the theoretical background and practical implications which underlie the selection of an appropriate interconnectivity architecture. The goals are many. First to show how all the protocols in the TCP/IP suite work together in an internetworking environment to meet user application needs. (For example, why some X windows applications will never be useful over a wide area network, even at Gigabit data rates.) Second, to explore exist- ing internetwork limitations. (For example, how the definition of Committed Information Rate in Frame Relay can make or break an application.) Third, to allow planning for future problems. (For example, how to minimize the pain when it becomes necessary to replace IP.) Last, to enable effective architecture decisions. (For example, we will offer criteria for selecting a bridge over a repeater or router.) Emphasis is on the internetwork infrastructure needs of TCP/IP, with an eye to the future of networking and the potential need for coexistence with or migration to Open Systems Interconnection (OSI) networking. Specific topics include: % The role of repeaters, bridges, routers and protocol conversion gateways and how each performs its functions. % Routing algorithms for bridges, routers and mail delivery: how they work and how they impact network price, performance and size limits. % Link choices for internetworks, including X.25, frame relay, and cell relay. The role of SLIP and PPP in today's networks. % Address resolution and directory service protocols and their impact on performance, reliability, manageability, naming, and addressing. Dr. Vincent Jones is an independent consultant specializing in the use of TCP/IP and OSI to support distributed processing ap- plications in multivendor environments. He comes with over twen- ty years of practical experience in the application of data com- munications and computer networking to meet real user needs. Dr. Jones is author of the book MAP/TOP Networking: A Foundation for Computer Integrated Manufacturing (McGraw-Hill), co-author of GOSIP Made Easy (Corporation for Open Systems), and an invited contributor to the Auerbach Local Area Network Handbook and to the Chief Information Officer Journal (Auerbach). M2 OSF'S DISTRIBUTED COMPUTING ENVIRONMENT (DCE) David Chappell, Chappell and Associates Intended Audience: Those who need an introduction to DCE, in- cluding those who must develop applications for, support, market, or plan for DCE or distributed systems in general. A general knowledge of networking fundamentals is assumed. Some background in a high-level programming language will be helpful, but not re- quired. The Distributed Computing Environment was created by the Open Software Foundation as a vendor-neutral infrastructure for dis- tributed computing. Among the vendors promising support for DCE are IBM, DEC, HP and many others. Running over any transport protocol, DCE provides solutions for the key problems in creating distributed systems. The goal of this tutorial is to give participants an understand- ing of what services DCE provides and how. The tutorial intro- duces DCE via a description of each of its component technolo- gies, including: % a protocol for remote procedure call (RPC) % directory services % a distributed file service % protocols for network security David Chappell is principal of Chappell & Associates, a training and consulting firm focused on vendor-neutral networking. He has written and taught many courses on distributed computing and re- lated topics to clients in North America and Europe, and has served as a consultant on numerous communications projects. Among his current projects, David is a consultant to OSF involved with OSF's Distributed Computing Environment and Distributed Management Environment. His previous experience includes software engineering positions with NCR Corporation and Cray Research. David holds an MS in Computer Science from the Univer- sity of Wisconsin-Madison. M3 THE KERBEROS APPROACH TO NETWORK SECURITY Dan Geer, Geer Zolot Associates and Jon A. Rochlis, MIT Intended Audience: Systems administrators who are concerned about, or must mitigate, the inherent lack of security and ac- countability in conventional UNIX network services environments; systems developers who are responsible for networked workstation environments, particularly those whose environments include net- works which are not themselves physically secure (i.e. Ropen networksS); and technical managers in enterprises where the flow of electronic information is at the core of the enterprise and must be protected without imposing the costs of a security culture. We focus on the practical challenges of providing security for the cooperative electronic workplace, which aspires to location and scale independence in the client-server idiom. We begin by describing network security from a general point of view, so that you will understand the kinds of threats which result from operating conventional systems in an open environment. We then describe effective approaches to meeting these threats, emphasiz- ing the practical over the theoretic. We then point out some common fallacies, such as, the idea that your organization's security is materially dependent on close control of external ac- cess (rather then competent internal security). Primarily we explain the Kerberos network security system, though we touch on public-key techniques, e.g., the X.509 authentication model and the Internet's Privacy Enhanced Mail (PEM). Kerberos is the core of the Open Software Foundation's Distributed Comput- ing Environment (OSF/DCE), and we thoroughly discuss the DCE ex- tensions and enhancements to Kerberos that made it into the de facto standard for network security. We stress throughout the nuts-and-bolts of making this work in your environment, including administration and integration of new technology with existing environments. By the end of the day, you will be able to go home and start work on a computing environment that is both open and accountable. Daniel E. Geer, Jr., recently a member of the Technical Staff of Digital Equipment Corporation's External Research Program, is now at Geer Zolot Associates. For the previous 4.5 years, he was the Manager of Systems Development for MIT's Project Athena where he oversaw the creation of the Athena distributed computing environ- ment, including the work that forms the basis for this tutorial. He holds a BS in Electrical Engineering and Computer Science from MIT and a ScD in Biostatistics from Harvard University. Jon A. Rochlis is a Technical Supervisor for MIT Distributed Com- puting and Network Services which runs MITnet and the Athena com- puting environment (including its Kerberos realm). Previously he worked on development of the Amber and Multics operating systems. Mr. Rochlis received his BS in Computer Science and Engineering from MIT. M4 ESSENTIAL UNIX PROGRAMMING Richard Stevens, Consultant Intended Audience: Programmers and system administrators who want to learn more about the essentials of UNIX programming. Some programming experience in C is assumed. This tutorial covers current UNIX programming concepts required for systems programming. It does not cover the basic functions that most programmers are familiar with (open, lseek, standard I/O, etc.). Rather it focuses on the poorly documented features that tend to be least understood. Although current standards such as POSIX are mentioned, the tutorial focuses on two real- world implementations of the various standards: 4.4BSD and System V Release 4. The topics covered are: current UNIX standards, process control (race conditions, sessions, job control), signals (POSIX.1 signal handling, unreliable signals, interrupted system calls), record locking, I/O multiplexing (select and poll), memory mapped I/O, interprocess communication (comparison of various methods), stream pipes, passing file descriptors, and pseudo terminals. Richard Stevens is author of the books Advanced Programming in the UNIX Environment (1992) and UNIX Network Programming (1990). He received his PhD in the area of image processing from the University of Arizona. From 1982 until 1990 he was Vice- President of Research and Development with Health Systems Inter- national. Currently he is an author and independent consultant residing in Tucson, Arizona. M5 UNIX SVR4.2 INTERNALS, PART 1: PROCESS AND VIRTUAL MEMORY SYSTEMS AND MP SUPPORT John R. Levine, Institute for Advanced Professional Studies Intended Audience: People who maintain, modify, or port the UNIX system, as well as to those who are interested in its internal structure to better understand how to construct efficient and portable applications. Attendees should have a working familiari- ty with UNIX programming at the system call level and with the ANSI C language. We present an overview of the structure of the system with em- phasis on aspects new in SVR4.2. Topics include the overall sys- tem structure and the ways in which the various subsystems fit into and support that structure, along with the internal inter- faces that make SVR4.2 more extensible than its predecessors. The first day concentrates on: The Process Subsystem: The UNIX process abstraction provides sys- tem calls, signals, job control, fork, exec, wait, and other process-related facilities. We also discuss the new SVR4.2 gen- eric scheduler and the specific scheduling models provided (sys- tem, real-time, and time sharing). Virtual Memory: The virtual memory subsystem provides the storage associated with the UNIX processes. It supports both traditional system call disk I/O and page fault initiated I/I with a common buffering and transfer mechanism. We examine the structures that support kernel and user address spaces and their use from system calls and the pager. Multi-processor Support: SVR4.2 includes integrated support for multiple CPUs in the same system, with a multi-processor scheduler and locks to insure consistency in shared data struc- tures. We examine the MP additions to the scheduler, the locking structure, and an overview of how data structures are protected by locks. John R. Levine has been writing, lecturing, and consulting on UNIX topics since 1975. As a member of the IAPS staff, he has frequently lectured on UNIX system internals. His books range from Graphics File Formats to UNIX for Dummies. He also moderates the usenet comp.compilers interest group and edits several series of technical computer books. M6 INTRODUCTION TO THREADS, POSIX PTHREADS, AND OSF/DCE THREADS Nawaf Bitar, Kubota Pacific Computer Intended Audience: Developers interested in learning about threads in general, threads architectures and programming models in particular. It is especially useful for developers who anti- cipate working with the OSF/DCE and/or the evolving POSIX pthreads standard, both at the application and implementation levels. Multiple threads of control within a process can effectively be used to express parallelism inherent in many applications and en- vironments such as windowing systems and networked or distributed systems. On multiprocessor architectures they also provide for concurrent execution. The Open Software Foundation's Distributed Computing Environment (OSF/DCE) uses threads as a basic building block of the DCE architecture P all DCE components and many DCE applications utilize the DCE threads component and are thus them- selves multi-threaded. The tutorial begins with a brief introduction to threads and the circumstances under which they are useful. Discussion of popular threads models follows. In particular, the light-weight and variable-weight process models are covered as part of a discus- sion on parallelism granularity. We then cover various threads implementation architectures - user space, kernel, and multi- plexed (two-level schedulers) - as used in DEC Threads (CMA), OSF/1, and Solaris 2.0. The tutorial continues with a presentation of threads programming techniques including master/slave, client/server and workcrew models. Short example programs will be presented in order to en- sure that the models are well understood. Next is a presentation of the POSIX 1003.4a pthreads interface and the issues that arise at the interface level when introducing threads to UNIX. Prob- lems concerning the use of fork and signals in the presence of threads are discussed in detail. The tutorial moves on to a presentation of the pthreads-based OSF/DCE threads. In particular, extensions to pthreads including specialized object attributes and exception handling are covered in detail. A discussion of how fine-grain parallelism can be supported con- cludes the tutorial. This support is required primarily by com- pilers that wish to perform automatic parallel decomposition of programs. Further, we discuss why the current pthreads interface is inadequate for this support, the required characteristics of an implementation supporting fine-grain parallelism, and a new compiler-visible interface and implementation architecture. Nawaf Bitar is a Member of the Technical Staff at Kubota Pacific Computer. He is currently working on developing a threads model and implementation suitable for applications requiring very fine grain parallelism granularity. Prior to joining KPC he worked on Mach-based systems at HP, OSF and Apollo. FIRST TIME OFFERED! M7 UNIX POWER TOOLS - GETTING THE MOST OUT OF UNIX Rob Kolstad, Berkeley Software Design, Inc Intended Audience: Programmers, managers, and system administra- tors wanting to learn more about the powerful development tools available on UNIX. This tutorial reveals the powerful tools available in UNIX for bringing applications to rapid deployment and products to market. The primary goal is to make the attendee aware of many of the many electronic assistants the application developer can employ. It also discusses issues of support, maintenance, and future development. It touches as well upon legal issues of licensing, liability, and protection. The tutorial covers: % Rapid prototyping - Perl - Lex and yacc - Tcl and Tk - Centerline products % Source and object management - Make and Imake % File layout - Tags (editor comments) - File hierarchies % Version management & revision control - RCS - CVS - Group communication mechanisms % Portability and Cross-Architecture Support - Lint - Programming for readability P Tindent - Standardization % Maintenance - Patch % Distribution - CD/ROM - Other media % Protecting yourself - Patents, Copyrights, and Licenses - Software license servers - Copy protection and encryption Dr. Rob Kolstad is Program Manager at Berkeley Software Design, Inc. Until recently he led development of Sun Microsystems' new Backup Copilot product. Rob sponsored the first USENIX System Administrators Workshop, and recently resigned his tenure as secretary of the USENIX Board of Directors. FIRST TIME OFFERED! 1/2 day: 9:00 am - 12:30 pm (includes lunch at 12:30 pm) M8 SECURITY AND THE X WINDOW SYSTEM Jeremy Epstein, TRW and Rita Pascale, ORA Corporation Intended Audience: System administrators who want to understand measures they can take to protect their systems, managers who want to understand the risks and available solutions, and pro- grammers who want to use securityenhanced X systems. No previous experience with security is required. Some experience using X is desirable, but not required. As the X Window System increases in popularity so does concern about its security. Some of the risks (such as weak authentica- tion) are well known. Others are not. Vendors are slowly moving forward in addressing the risks. X is an open, resource-sharing system, and security measures are not easily retrofitted without damaging interoperability. While measures can be taken (beyond basic authentication), there are no quick and simple answers to security in X. This course explains the security risks involved in using X, some of the solutions currently available, and others expected in the future. Topics include threats, current technologies, authenti- cation, access controls, auditing, privilege, and denial of ser- vice. Use of authentication mechanisms is described in detail, including xhost, MIT magic cookies, Sun's Secure RPC, and Ker- beros. Vendor-specific extensions to X for access control and privilege are presented. Alternate architectures are described for multi-level secure X systems. Jeremy Epstein is a researcher in highly trusted windowing sys- tems at TRW. He has written nine papers on the subject of X and security. Prior to joining TRW, he developed trusted UNIX sys- tems for Addamax. Jeremy holds an MS CS from Purdue University and is pursuing a PhD in Computer Security from George Mason University. Rita Pascale is a researcher in highly trusted distributed sys- tems at ORA Corporation. Until recently, she worked on trusted windowing systems at TRW. She is the author or co-author of four papers on X and security. Rita holds a BS CS from Virginia Tech. FIRST TIME OFFERED! 1/2 day: 9 am - 12:30 pm (includes lunch at 12:30 pm) M9 TOPICS IN SYSTEM ADMINISTRATION - 1 Trent Hein, XOR Computer Systems and Evi Nemeth, University of Colorado, Boulder Intended Audience: System administrators who have a year or more experience and wish to learn state-of-the-art information sur- rounding the broad area of administration. This half-day tutorial is presented in four sections: Routing - This section provides background material on routing both in a local area network and in the global Internet, in preparation for learning about configuring dedicated routers. The section covers the use and setup of routed and gated for medium sized networks and debugging using ping, traceroute, and tcpdump . Configuring Cisco Routers - You've probably seen the router box. And you've probably sent packets through it. But you've always wondered how to configure this essential part of your network. We'll talk specifics about configuring Cisco routers in the TCP/IP environment, including various routing protocols and ac- cess control lists. SLIP - SLIP is the serial line IP protocol that can be used to connect to a TCP/IP network via voice grade telephone lines. This section shows how to get, use, and install SLIP including an example of the necessary kernel reconfiguration on SunOS 4.x. Modems - Using SLIP requires good modems at either end of that voice grade phone line. This section reviews modern modems and their capabilities. Also included are the configuration needed to use modems for SLIP. Trent Hein grew up in the UNIX system administration trenches at the University of Colorado, Boulder. He spent Summer 1990 at Berkeley working on the 4.4BSD port to the MIPS architecture. He currently works as a consultant for XOR Network Engineering in Colorado. Evi Nemeth, a faculty member in Computer Science at the Universi- ty of Colorado, has managed UNIX systems for the past 15 years, both from the front lines and from the ivory tower. She is co- author of the best-selling UNIX System Administration Handbook (Prentice-Hall). 1/2 day: 1:30 pm - 5 pm (includes lunch at 12:30 pm) M10 MANAGING THE DOMAIN NAME SYSTEM William LeFebvre, Northwestern University Intended Audience: Internet network managers who need to grasp the intricacies of managing the Domain Name System (DNS). Atten- dees should have a basic understanding of Internet Protocols and a user's understanding of DNS. They should also be familiar with number bases, bits, bytes, and machine representations of in- tegers, but need not be sophisticated programmers. This half-day tutorial explains how to administer the Internet Domain Name System on a UNIX machine. It details the operation of named and the resolver library, primary and secondary servers, the format of DNS zone files, installation of the entire bind package, and configuration and control of the named daemon. Time will be made for a question-and-answer session. William LeFebvre received his MS in Computer Science from Rice University. He is currently the manager and analyst for the com- puting facilities of the Electrical Engineering and Computer Sci- ence Department at Northwestern University. William serves as a director for the Sun User Group. He is also well known in the network community for moderating the electronic digest Sun-Spots from 1987 to 1989, and for founding the electronic mailing list Sun-managers (which he still maintains). FIRST TIME OFFERED! 1/2 day: 1:30 pm - 5 pm (includes lunch at 12:30 pm) M11 TOPICS IN SYSTEM ADMINISTRATION - 2 Trent Hein, XOR Computer Systems and Evi Nemeth, University of Colorado, Boulder Intended Audience: System administrators who have a year or more experience and wish to learn state-of-the-art information sur- rounding the broad area of administration. The morning tutorial Topics in System Administration-1 is not prerequisite to Part 2. Administering DOS-based PCs in a TCP/IP environment - Are you faced with integrating DOS PCs into your network environment? This section covers available options and configuration specifics of setting up and administering PCs using both FTP's PCTCP and Sun's PCNFS products to do email, printing, filesharing, and more. PCs under TCP/IP can be your friend, if you know how to keep them happy. Network Wiring - Connection hardware and raw media have changed since the early days of thick coaxial cable for Ethernet. We'll cover modern media, twisted pair concentrators, FDDI and CDDI, ATM networks and some of the issues faced by sites needing to up- grade their network base. Intro to expect - Perhaps the greatest system administration tool to come along since PERL, expect is a high-powered interpreted dialogue language which can act like your hands on the keyboard to perform tricky tasks while you're away, asleep or at play. We'll talk about the basic constructs of the language and write some sample programs. Evi Nemeth, a faculty member in Computer Science at the Universi- ty of Colorado, has managed UNIX systems for the past 15 years, both from the front lines and from the ivory tower. She is co- author of the best-selling UNIX System Administration Handbook (Prentice-Hall). Trent Hein grew up in the UNIX system administration trenches at the University of Colorado, Boulder. He spent Summer 1990 at Berkeley working on the 4.4BSD port to the MIPS architecture. He currently works as a consultant for XOR Network Engineering in Colorado. TUESDAY, JUNE 22 9:00 am - 5:00 pm (includes box lunch) T1 SYMMETRIC MULTIPROCESSING AND CACHING IN UNIX KERNELS Curt Schimmel, Silicon Graphics, Inc. Intended Audience: Targeted to system programmers with 6 months or more of UNIX kernel internals experience, this tutorial is ideally suited for those who will be porting the UNIX kernel to a modern computer architecture in the future, those involved in the design of new computer architectures that need to support the UNIX operating system effectively or for anyone who wants to learn more about operating systems and modern computer architec- tures. This intensive tutorial presents the issues involved with porting the UNIX operating system to modern computer architectures. At- tendees will gain an understanding of the design considerations modern architectures present to the operating system and insight into the design of new architectures intended to support the UNIX operating system. Examples of modern RISC processors and the computer systems built around them are used to illustrate the concepts. The first section of the tutorial investigates the effects of various cache memory systems on the UNIX kernel. After an over- view of cache system architecture is presented, four different cache organizations ranging from pure virtual to pure physical caches are studied including the tradeoffs of each, the impact on the kernel, and how to modify the kernel to properly control the cache. The second section presents tightly coupled, symmetric multipro- cessors. This includes a discussion of the mutual exclusion, synchronization, race conditions, and deadlock problems as they apply to the UNIX kernel. Several strategies for adapting the UNIX kernel to run on a multiprocessor are then presented, rang- ing from master/slave to multithreaded semaphore techniques, along with the tradeoffs of each approach. The third section builds upon the first two by examining cache consistency in a multiprocessor system. An understanding of the cache consistency problems and the effects on the kernel is gained followed by an investigation of both hardware and software cache consistency algorithms for different cache organizations and multiprocessor kernel implementations. The final section presents the differences between RISC Memory Management Units and more traditional style MMU's. This includes Translation Lookaside Buffer (TLB) management, referenced and modified bit handling, and TLB flushing and replacement tech- niques. Emphasis is placed on the effects on the kernel and the algorithmic changes needed. *This tutorial has been previously offered by the USENIX Associa- tion with the title "UNIX on Modern Architectures." Curt Schimmel is an Operating System Architect at Silicon Graph- ics, Inc. He received his MS in Computer Science from the Rensselaer Polytechnic Institute. He has worked in many areas of UNIX kernel development and computer architecture on systems ranging from microprocessors to multiprocessor supercomputers. He has worked extensively in the areas of multiprocessor systems, virtual memory, real-time, process management, and the design of new CPU and cache system architectures. FIRST TIME OFFERED! T2 THE DISTRIBUTED COMPUTING ENVIRONMENT REMOTE PROCEDURE CALL SYSTEM (DCE RPC) Richard Mackey, Open Software Foundation Intended Audience: Application programmers who want to write dis- tributed applications using remote procedure calls. No prior knowledge about distributed computing is assumed. A knowledge of general networking issues will be helpful. This tutorial gives attendees a strong overall sense of what the Distributed Computing Environment Remote Procedure Call (DCE RPC) system is and how one writes applications using it. The tutorial describes the general structure of DCE RPC - the Interface Defin- ition Language (IDL) and DCE RPC's application programming inter- face (API). Next it describes how DCE RPC is used to build ap- plications. We then examine the relationship between DCE RPC and DCE's Directory (naming) and Security (authentication and author- ization) services. The DCE RPC system is a framework for building distributed appli- cations in a heterogeneous computing environment. It allows pro- grams to "call" subroutines that run on remote systems. DCE RPC runs on a variety of UNIX and other systems. Also known as NCS 2.0, DCE RPC is the successor to Hewlett-Packard Apollo's NCS 1.5. DCE RPC was developed jointly by HP and Digital Equipment Corporation. The entire DCE is licensed in source form by the Open Software Foundation and is available in binary form from various vendors. Richard Mackey, a consulting engineer at the Open Software Foun- dation, is a technical project leader and architect for the DCE Release 1.1 project, and has been working on DCE since its incep- tion. Prior to joining OSF, he worked on the Cronus Distributed Computing Environment project at BBN in Cambridge, MA. FIRST TIME OFFERED! T3 SENDMAIL: INSIDE AND OUT Eric Allman, University of California, Berkeley Intended Audience: This is an intense, fast-paced tutorial.for system administrators who want to learn more about the sendmail program, particularly details of the configuration file, for pro- grammers implementing new mail front-ends who want to know exact- ly what sendmail can do for them, and for curious people who want to know what sendmail is all about. Sendmail is arguably the most successful UNIX-based mail transfer agent in the world today. Originally distributed with the Berke- ley Software Distribution, sendmail is now used by most UNIX ven- dors. However, it has a reputation for being difficult to con- figure and manage. This talk uses the latest release of sendmail from Berkeley (ver- sion 6) for examples. Version 6 includes many of the popular features of IDA sendmail. Other versions of sendmail are dis- cussed briefly. This tutorial does not cover mail front-ends beyond their interface to sendmail. After introducing a bit of the philosophy and history underlying sendmail, we focus on these areas: % The syntactic elements of the configuration file: mailers, options, macros, classes, headers, precedences and priorities, trusted users, key file definitions, and rewriting rules and rulesets. % The flow and semantics of rulesets, including hints about debugging. % An introduction to SMTP, how sendmail operates in an SMTP environment, and SMTP interactions with UUCP. % Day-to-day management issues, including alias and forwarding files, special recipients (files, programs, and include files), mailing lists, command line flags, tuning, and security. % How sendmail interacts with the Domain Name Server. % Interfacing sendmail to new mail agents. Eric Allman is the original author of sendmail, several other perennial favorites including syslog, the -me macros, and trek, as well as being a major contributor to INGRES. He received his MS in Computer Science from U.C. Berkeley in 1980. He is currently the Lead Programmer on the Mammoth Project at U.C. Berkeley, where his duties include most everything that needs doing. T4 UNIX NETWORK PROGRAMMING Richard Stevens, Consultant Intended Audience: UNIX/C programmers interested in learning how to write programs that communicate across a network. A basic familiarity with networking concepts and the TCP/IP protocols is assumed. The goal of the tutorial is to provide the programmer with the knowledge required to write network programs and to develop and examine actual examples. The tutorial covers the following material: % Introduction (5%). The big picture, standards, UNIX process handling,connections and associations. % Berkeley sockets (80%). All the socket functions, TCP and UDP client-server examples, reserved ports, stream pipes, passing file descriptors, multiplexed I/O, out-of-band data, raw sockets (ping and traceroute programs), broadcasting, inetd superserver, constructing Internet addresses, and possible socket changes with 4.4BSD. % Remote procedure calls (15%). Sun RPC, comparison with HP/Apollo RPC. Richard Stevens is author of the books Advanced Programming in the UNIX Environment (1992) and UNIX Network Programming (1990). He received his PhD in the area of image processing from the University of Arizona. From 1982 until 1990 he was Vice- President of Research and Development with Health Systems Inter- national. Currently he is an author and independent consultant residing in Tucson, Arizona. T5 UNIX SVR4.2 INTERNALS, PART 2: FILE SYSTEMS, I/O AND STREAMS John R. Levine, Institute for Advanced Professional Studies Intended Audience: Those who maintain, modify, or port the UNIX system, as well as those interested in its internal structure so as to better understand how to construct efficient and portable applications. Attendees should have a working familiarity with UNIX programming at the system call level and with the ANSI C language. Part 1 of this tutorial on Monday is not prerequisite for Part 2. We present an overview of the structure of the system with em- phasis on aspects new in SVR4.2. Topics include the overall sys- tem structure and the ways in which the various subsystems fit into and support that structure, along with the internal inter- faces that make SVR4.2 more extensible than its predecessors. The second day concentrates on: File Systems: The virtual file system (VFS) interface generalizes the traditional UNIX file system to support multiple disk file formats as well as remote file systems such as NFS and pseudo- files such as the /proc debugger interface and the STREAMS-based pipes. We look at the structure of VFS and some of the specific file systems that interface to it. Block and Character I/O: The traditional block and character I/.O continue to be the primary interfaces to device drivers. We look at these interfaces along with new features such as installable drivers and mappable device memory. STREAMS: The STREAMS subsystem is a general and modular facility for modular non-disk device drivers. We look at the basic struc- ture of STREAMS, and how it supports terminal and network facili- ties. John R. Levine has been writing, lecturing, and consulting on UNIX topics since 1975. As a member of the IAPS staff, he has frequently lectured on UNIS system internals. His books range from Graphics File Formats to UNIX for Dummies. He also moderates the usenet comp.compilers interest group and edits several series of technical computer books. FIRST TIME OFFERED! T6 THE WINDOWS NT ARCHITECTURE Ted Demopoulos, Demopoulos Associates Intended Audience: People who want to learn about the internal architecture of Windows NT. Knowledge of very basic operating system principles, such as the nature of virtual memory and processes, is assumed. Familiarity with the internals of a modern operating system, such as UNIX or VMS, is helpful although not necessary. Windows NT is a new portable operating system with features that until recently were found mainly in research operating systems. It currently runs on Intel, Mips, and DEC's Alpha architectures. Attendees will gain an understanding of the goals, the philoso- phy, and structure of Windows NT. The components of Windows NT and how they work together to accomplish these goals are present- ed. The tutorial concludes with a brief introduction to future enhancements to NT, collectively code named RCairo.S Tutorial to- pics include: % The NT Kernel, % The Object Manager, % VM, % I/O, % Networking, % Protected Subsystems. Ted Demopoulos is the president of Demopoulos Associates, a con- sulting company specializing in open systems education and con- sulting. He holds an MS in Theoretical Mathematics from the University of New Hampshire. Ted was employed by Apollo Computer and Hewlett-Packard where he worked with distributed technologies for five years. Lately he has been serving as a consultant to the Open Software Foundation on distributed and operating system technologies. He has followed the development of Windows NT since its announcement and has been working with Windows NT since Microsoft's pre-beta release last summer. FIRST TIME OFFERED! T7 ACHIEVING SECURITY IN AN INTERNET ENVIRONMENT Rob Kolstad, Berkeley Software Design, Inc and Tina Darmohray, Lawrence Livermore National Laboratory Intended Audience: Valuable for system administrators, program- mers, technical and operational managers, and all interested pro- fessionals involved in securing computer networks and/or inter- network gateways. Previous exposure to TCP/IP networks is a prerequisite. Often, the success of an enterprise depends heavily on digital communications. Until now, the techniques and tools required to secure a functional TCP/IP network have been an art - acquired only through trial and error. This tutorial presents issues and solutions surrounding the securing of functional internetwork connections. This tutorial is oriented more toward UNIX than other systems like VMS and VM. The tutorial reviews the building blocks of distributed filesys- tems, sendmail configuration, the Post Office Protocol, and In- ternet connections. It then integrates the building blocks to show how to construct an Internet firewall to connect your net- work to the Internet, while isolating and mitigating security problems. We conclude with a discussion of ethics and the kinds of policies that can smooth the running of your networked site. Topics include: % Distributed Filesystems % Sendmail % Post Office Protocol % Connecting to the Internet % Firewalls - Routers - Gateway Hosts - Proxy Users - DNS - Mail % Ethics % Internet Debugging % Security Policies Tina Darmohray has over a decade of experience as a UNIX system administrator. She is the Lead for the UNIX System Administra- tion Team at LLNL. Her group has responsibility for over 1,000 machines. In 1990, she installed the first firewall at LLNL and has since consulted with a number of sites in the Bay Area. Pre- viously, she worked for Sun Microsystems. She received her MS at the University of California, Berkeley. Dr. Rob Kolstad is Program Manager at Berkeley Software Design, Inc. Until recently he led development of Sun Microsystems' new Backup Copilot product. Rob sponsored the first USENIX System Administrators Workshop, and recently resigned his tenure as secretary of the USENIX Board of Directors. T8 TCL AND TK: A NEW APPROACH TO X11 AND GUI PROGRAMMING John Ousterhout, University of California, Berkeley Intended Audience: People who wish to learn how to write scripts for existing applications built with Tcl and Tk or who would like to build new graphical-user-interface applications based on Tcl and Tk. Prior experience with Tcl and Tk is not necessary nor is detailed knowledge of any existing X toolkit. Please be familiar with the C programming language and have basic knowledge about the X Window System. Creating good graphical user interfaces for the X Window System is notoriously hard. With traditional tools you have to read thousands of pages of documentation and write thousands of lines of code to build even the simplest application. Tcl (a shell- like scripting language) and Tk (an X11 toolkit and Motif-like widget set based on Tcl) offer an alternative approach. With Tcl and Tk you program GUI applications in a high-level scripting language with a much simpler model of the X world. As a result, applications can be built with less learning time and an order of magnitude less code than with other toolkits. The Tcl language is interpretive so you can also program and extend applications at run-time. Different applications can issue Tcl commands to each other in order to work together in interesting ways. This gives Tcl and Tk greater power and flexibility than other toolk- its. Lastly, you can extend the facilities of Tcl and Tk by writing C code where it is needed, so there is no loss of func- tionality or performance. The course provides a complete top to bottom introduction to Tcl and Tk. First, we offer an overview of Tcl and Tk and their benefits. Then the Tcl scripting language is described in de- tail, including its syntax and the most commonly used commands. Thirdly, we discuss how to program the Tk toolkit using Tcl scripts. We cover the major features provided by Tk, including widgets, geometry managers, and communication between applica- tions. Next, we describe how to write C code that interfaces to Tcl and, in particular, how to build new Tcl commands with C pro- cedures. Finally, we describe how to build new widgets and geometry managers by writing C code that interfaces to Tk. The course contains numerous examples of scripts and C programs to illustrate the capabilities of the system. John Ousterhout is a Professor in the Department of Electrical Engineering and Computer Sciences at the University of Califor- nia, Berkeley and the author of both Tcl and Tk. His interests include user interfaces, operating systems, and distributed sys- tems. Ousterhout is a recipient of the ACM Grace Murray Hopper Award, the National Science Foundation Presidential Young Inves- tigator Award, the National Academy of Sciences Award for Initia- tives in Research, the IEEE Browder J. Thompson Award, and the U.C. Berkeley Distinguished Teaching Award. He received a PhD in Computer Science from Carnegie Mellon University in 1980. FIRST TIME OFFERED! T9 INSTALLING, CONFIGURING AND ADMINISTERING X SYSTEMS Paul E. Kimball, Digital Equipment Corporation Intended Audience: System administrators or interested users who are building or maintaining X-based application environments. A conversational familiarity with windowing environments and net- working concepts is assumed. X programming experience is helpful but not necessary. Now that low-cost X terminals and inexpensive X workstations are widely available, more and more system managers are faced with having to support X networks. It's a challenge: users want their workstations installed and customized, programmers demand the latest development libraries, and through it all, security and performance must be maintained. Since X systems depend on the close cooperation of numerous separate software components, troubleshooting problems is also more challenging than in monol- ithic systems. This tutorial covers the practical essentials of administering and maintaining large networks of X workstations and X terminals. From this course you will learn: % How to obtain, install and build the X distribution % How to start and configure the X server on workstations % How to install and set up X terminals % How X login sessions are started and controlled % How to maintain security in X networks % How to manage and install fonts and font servers % How to customize the user's graphic environment % How OPEN LOOK, OSF/Motif and other user interfaces fit in the X environment % How to cope with vendor-specific X features % How software is distributed and licensed in a heterogeneous X network % How to maintain optimum performance in X networks % How to troubleshoot common X problems % Which files to edit to control an X system Paul E. Kimball is the manager of technical support for Digital Equipment Corporation's Independent Software Vendor Group in Mountain View, CA. There he works with a team of engineers as- sisting software developers in porting to Open Systems. Mr. Kim- ball has 15 years of experience in graphics, window systems and user-interface toolkits,. He is a frequent speaker at UniForum, Xhibition, X World, UKUUG and other UNIX and X events. He has been working and teaching with X and X Toolkits since 1986. Mr. Kimball holds Engineering degrees from MIT and Princeton Univer- sity. ***************************************************************** For more information contact: USENIX Association Conference Office 22672 Lambert St., Suite 613 El Toro, CA 92630 Telephone (714) 588-8649 FAX: (714) 588-9706