ncpfs—Novell Netware Connectivity for Linux
Today's networks are becoming increasingly complex and diverse. Often a system administrator is forced to face a network of more than one operating systems, and sometimes even more than one communication protocols. Not surprisingly, one platform that manages to adjust in these harsh conditions is Linux. Linux supports a very wide array of networking protocol, and software exists to tap into virtually any network server, and even become a server for non-Unix clients. Samba provides client/server for Windows 3.11/95/NT networks, Netatalk takes care of Macintosh's Appletalk, and in this article I will discuss yet another program that allows any Linux machine to become a full-fledged Novell client.
Novell networks are among the most popular ones in the world. Therefore, it is no surprise that some means of interacting with Novell servers has evolved. A typical Novell network consists of one Novell server, usually running dedicated to Novell, and many clients (PCs usually running DOS/Windows). Unlike NFS Unix networks, there is a very big software difference between the Novell server (usually running a special OS) and the clients (usually running DOS/Windows with Novell drivers). While commercial products exist that enable interaction between Novell and Unix systems, ncpfs provides a powerful, easy and free way of doing it.
ncpfs is a suite of programs created and maintained by Volker Lendecke (lendecke@namu01.Num.Math.Uni-Goettingen.de) that let you access a Novell server in various ways. The primary service a Novell server provides is its files. A Novell server holds several volumes, each usually corresponding to a hard drive or CD-ROM. ncpfs lets you easily mount a Novell server—the directory used to mount the server will contain a directory for each volume accessible on that server, and in those directories will be the actual directories and files. Note that a Novell server allows you to see only what you have permission to see.
Get the latest version of ncpfs from: ftp.gwdg.de:/pub/linux/misc/ncpfs or from: sunsite.unc.edu:/pub/Linux/system/Filesystems/ncpfs. Untar it, and compile the tools by typing make and make install. Consult the README file, if you have any problems.
ncpfs utilizes the NCP (Novell Core Protocol) protocol, which sits on top of IPX (Internetworking Packet eXchange). First, make sure that IPX support is available in the kernel (or as a loadable module). Then, you must configure the IPX interface. ncpfs comes with the Linux IPX tools, which allow you to create an IPX interface and a route, somewhat like ifconfig and route. The easiest way to configure your IPX system is by doing this:
ipx_configure --auto_interface=on \ --auto_primary=on
This attempts to automatically determine everything about your interface, and to set it as the primary one. If this doesn't work, you will have to try to configure manually. For more information consult the man pages for ipx_configure, ipx_interface, ipx_internal_net and ipx_route. Now you are ready to run ncpfs utilities.
All the ncpfs tools work in a similar fashion. Since each operation requires accessing a Novell server, almost each command execution requires that three things be supplied: the server name, the user name and the password. There are two ways to do so:
Use command-line parameters: <command> -S <server name> -U <user name> -P <password>. This is usually a tiresome method since EVERY command needs to have these three switches fed to it.
The file ~/.nwclient may contain information about servers. Each line may contain information in the following syntax: <server_name>/<user_name> <password>
If you specify the -S command-line parameter, the program will automatically get the user name and password from the appropriate line of this file. If not, it will use the first line.
To cut straight to the interesting stuff, in order to mount a Novell server, simply type:
ncpmount <mount_point>
Again, add switches for the server, user and password or use ~/.nwclient.
Your mount point will contain a directory for each volume, containing the actual files, in the Novell server. ncpmount also provides many options to control the mounting, such as the UID and GID of the file hierarchy. Consult ncpmount.8 for more details. Note that a Novell server can be mounted several times from the same computer. Note also that ncpmount and ncpumount do NOT have to be setuid, which enables any normal user to mount their accounts on a Novell server, opening yet more possibilities for ncpfs application in the real world. For example, to access the file \LOGIN\LOGIN.EXE on volume SYS, on the Novell server MYSERV on /mnt, as the user supervisor with the password 12345 (let's hope there aren't many of these out there), execute:
ncpmount -S MYSERV -U supervisor -P 12345 /mnt
OR have the following line in ~/.nwclient:
MYSERV/supervisor 12345and execute:
ncpmount /mntOnce the Novell server is mounted, the file LOGIN.EXE will be represented as /mnt/sys/login/login.exe.
In order to print to a Novell server, simply execute:
nprint -q <queue_name> <file>
This will contact the specified printer queue on the server and send it <file> as a print job. See nprint.1 for more details. Note that ncpfs also provides a print server, allowing Linux to connect to a Novell server's queues and transfer jobs to the Linux printing system; see pserver.1 for more information.
Another important functionality provided by ncpfs is direct access to the bindery. The bindery is the database where a Novell server keeps all information about users, groups, and just about everything else. Unfortunately, the bindery can normally be accessed only by using tools provided by Novell. While these tools are usually very colorful and user-friendly, when it comes to manipulating hundreds of users and groups they don't pack the punch. In Unix this problem is solved by providing direct access to the database—/etc/passwd, for example, and using general-purpose tools such as sed, awk and perl. ncpfs provides tools to access the bindery and modify it, allowing the savvy system administrator to write flexible shellscripts to modify a Novell server's bindery. So, for example, if you wish to change every single user's name so that the third letter is x, you can do so quite easily. This ability means that even if you don't need to access a Novell server from a Linux machine you might still find a use for ncpfs for administrative purposes.
The tools nwbocreate, nwbols, nwboprops and nwborm allow you to manipulate bindery objects (such as users, groups, print queues, etc.); the tools nwbpadd, nwbpcreate, nwbprm, nwbpset and nwbpvalue will change the properties of objects. These base-functionality programs open up endless possibilities for Novell management utilities for Linux, even more diverse than the ones that exist for DOS/Windows, since no programming libraries are normally provided with Novell Netware. See their man pages for additional information.
Some more nifty tools provided by ncpfs are:
nwrights, nwgrant, nwrevoke allow the modification of file access rights like Unix's chmod)
nsend sends a message to a user via the Novell server (note that if the recipient is also using ncpfs, their computer must run kerneld to receive the message)
slist lists the Novell servers available on the network;
nwpasswd changes the password of a user;
pqlis lists the print queues available on a Novell server;
nwuserlist lists the users logged into the server and their hardware addresses
ncopy copies files within a Novell server without sending them through the network
My school, the Hebrew University High School in Jerusalem Israel (www.leyada.jlm.k12.il) decided to go on-line about one year ago. We had a 60-computer Novell network already up and running, and we dedicated one DX4-100 for the job of Internet server. However, in many cases students and teachers wanted (or were required) to write their own WWW pages. At first, that person would write a page, and I would copy it to the Internet server manually. This is a very clumsy solution that worked only at first, and it doesn't allow the user to edit their pages.
At some point I found ncpfs. It was a very experimental project then, but it did most of what I needed it to do. Right now, our Novell server (freud.leyada.jlm.k12.il) is always mounted by our Linux Internet server (www.leyada.jlm.k12.il) as /novell (a cron script checks that this is so, and mounts the server if not). The httpd web server automatically looks for pages in a specific directory inside the Novell hierarchy, which solves the problem. This directory, say G:\WWW, contains our entire home page. When a student wishes to create a home page, he requests that a directory be opened for him under that directory, say G:\WWW\HOME\JOE. He receives Novell write permission to that directory, and is able to edit HTML files with his favorite web editor. This technique also allows everyone to use DOS and Windows to edit HTML files, which in our case is what the Novell clients run. Therefore, a user edits an HTML file through Windows and checks it with Netscape, while the page is LIVE, since the Linux machine mounts the Novell server.
Shay Rojansky is a 17-year-old high school student and Computer Science student at the Hebrew University of Jerusalem. He works in his high school as a system administrator (mainly Linux) and in the CS institute at the Hebrew University as a lab assistant. You can send him email at roji@cs.huji.ac.il.