The Administrator's Menu Program

Scott White

Wide area networking (WAN) has introduced a new era of computer system administration through remote access. After the initial system installation, WAN technology allows a much higher system-to-administrator ratio. I am a central system administrator for computers scattered across nine states. To increase system productivity and relegate some administration functions, I needed a method to grant certain users at the remote locations, called local administrators, access to limited administration functions. That method would have to be a setuid executable, but what would the interface be? The local administrators, in some cases, are not completely familiar with UNIX. Therefore, a menu-driven interface seemed best for all skill levels. I decided on the following attributes for the interface:

1) reasonable security protection preventing unwanted use

2) script based for quick development and revision

3) easy customization for different users so one could grant varying system administration capabilities

4) reusability, because I was continually rewriting menu-based scripts.

With these design parameters, I developed the Administrator's Menuing Program, amp. In short, amp is a dynamically configurable pseudo-system administrator's menuing utility.

How amp Works

The amp utility has four basic parts. A C program front-end authenticates the user and calls the main script. A menu configuration file which lists all the users and their respective menuing options is supplied for the main script. The main script presents the menu options to the user and executes menu-option scripts when chosen. Finally, there are the menu-option scripts that perform different administration functions.<>