-----------------------------------
README -	ISPutil README file
-----------------------------------

---------
SYNOPSIS:
---------

ISPutil is a package for Internet Software Providers.

It provides login shells, menus, tools and utilities supporting various 
categories of user including dialup IP, sales, staff, sysop, retired, 
arrears and expired.

It also provides various monitoring functions via a WWW-server.

Shadow password support was not present up through version 0.5 but in
version 0.6 shadow passwords will probably be required.

---------
SEE ALSO:
---------

	COPYING -	This package is copyright Mark Metson 1996-1997
			and placed under the GNU General Public License
			version 2. The file COPYING gives information
			about this license.

	INSTALL	-	The file INSTALL describes what is required in 
			order to run this package, and how to install it.

	http://www.knotwork.com/ISPutil/

------
HOSTS:
------

This package is in use at Kayhay Internet and Communications
(http://www.kayhay.com/), where user accounts and the webserver reside 
on the "people" machine while the dialin modems are on a separate machine 
named "stars". Thus it uses rsh to execute some of its functions on the 
assumption that the host they must take place on is not the host 
executing the main scripts.

In order to make the package more portable, it was installed on G.O.D. 
(http://www.knotwork.com) which has only the one machine doing 
everything. Thus for a while it also worked for the case where everything 
was on the one machine.

It was begun with the assumption that users would have a Credit Limit, 
either due to payments already received or due to actually extending 
credit and billing later; this Credit Limit would be usedto purchase 
online months and hours and perhaps other things as well. However Kayhay 
was the only installation really using the package and the decision was 
made there to do sales in advance, so the package now has the users 
buying months and hours ahead of time and the Credit Limit was not used at 
all in version 0.5 but is coming back for version 0.6 (in progress).

When setting up paths and such in the Makefile, you will see variables 
for MAILHOST and for WEBSERVER.

The MAILHOST variable is used to mail reports to  "accounts@$MAILHOST" 
for the accounts department, to "user@$MAILHOST" for the user, and to 
"majordomo@$MAILHOST" to subscribe new users to the "users" mailing list 
and to unsubscribe expired users from that mailing list. Thus, MAILHOST 
can be some other host.

The WEBSERVER variable is used for writing new users a ~/.plan file 
saying basically "See my homepage at http://$WEBSERVER/~username" ; it 
does not imply that the webserver can be some other machine than the main 
server on which user accounts are created, because the user homepages are 
created right on the same machine as that ~/.plan file - the main server 
machine.

Actual generation of user homepages is done using stuff in the WWWutil 
package; ISPutil and WWWutil are fairly intertwined.

 ----------------
USER CATEGORIES:
----------------

User privileges are based upon their login group, their group 
memberships, and their shell.

Login Group:

The login group of all users except dialup IP users and new users can be 
the (Slackware) normal default group, "users". In earlier versions newly 
created users were created with a login group of "guest" and changed to 
Dialup IP users when validated; that was because users could dial in or 
telnet in and create accounts themselves. In this version however, users 
cannot create accounts; they must be created by people in the sales, 
staff or sysop groups. Dialup IP users have their login group set to the 
group necessary for setting up IP-protocol sessions. This package assumes 
a group named "slipin" has such priviledges. (That is the group I have my 
"dslip" package security set up for.)

Group Membership:

Group membership is used for segregation of users into different classes.

Membership in the group "sales" provides access to the ability to create 
new users, and to set new-user accounts up for SLIP or PPP. (NOTE in this 
version the new-user routine makes the new accounts directly into SLIP 
accounts without an intervening "guest" stage requiring validation.)

Membership in the group "staff" provides access to the ability to observe 
various things not shown to other users, but not to change certain things
the changing of which falls into "sales" or "sysop" responsibilities or 
privileges.

Membership in the group "sysop" provides the ability to set the group 
memberships of users, and perform various other functions considered
too sensitive or important to allow "sales" or "staff" to access.

Shell:

Different login shells are used for various purposes. The shells are:

	Glogin -	Used for G-prefixed usernames; trims off the G,
			uses pwdoas to check user password and run lgc shell
			using that user's EUID (or UID depending on which
			version of pwdoas is used).

	Plogin -	Used for P-prefixed usernames; trims off the P,
			uses pwdoas to check user password and run pppin
			using that user's EUID (or UID depending on which
			version of pwdoas is used).

	Slogin -	Used for S-prefixed usernames; trims off the S,
			uses pwdoas to check user password and run slipin
			using that user's EUID (or UID depending on which
			version of pwdoas is used).

	menu -		Generic menu frontend, runs different menus based
			upon the group memberships of the user.

	slipin -	If on a serial port, go to SLIP mode; otherwise,
			run menu.

	pppin -		If on a serial port, go to PPP mode; otherwise,
			run menu.

	retired -	Text blurb "Account retired at user's request",
			and logout.

	arrears -	Text blurb "Account suspended pending payment",
			and logout.

	expired -	Text blurb "Account expired", and logout.


	NOTE	"Run menu" may involve telnetting to the main server
		and logging on there, since this package supports the
		case where the modems are on a separate server.

	NOTE	"Text blurb" dumps a textfile it is not as terse as the
		above may seem. Sysops can change the textfile contents.


-----------------------------
USAGE CONTROL AND ACCOUNTING:
-----------------------------

This package assumes that one is selling online time based upon modem 
usage. It supports the case where this package, and user accounts, are 
based primarily on a different server than that which houses the modems.
In fact that case is better-tested than the case where one server "does
it all".

e.g. at Kayhay we have our main server, "people", running most of this 
and hosting the user home-directories, and a modem server, "stars", 
housing the modems. Users telnet to "people" to access all these menus and 
such, but their modem logins, and online time accounting, is on "stars".

Users get a certain number of minutes of online time per accounting 
period (we use an accounting period of one calendar month, but the 
package makes no assumptions about the length of the period). The 
Dial-Up_Utils package by Adam McKee <adam@broadwaynet.com>

Users may purchase additional blocks of online time in a given accounting 
period. This is implemented by increasing this period's "time remaining" 
so it gets reset at the end of the period.

[
  Presently the cost per block of added time, and the number of minutes a 
  block consists of, are hard-coded in utils/buytime.sh and 
  utils/selltime.sh .

  They are also in user_new.c
]

