From: Digestifier To: Linux-Admin@senator-bedfellow.mit.edu Reply-To: Linux-Admin@senator-bedfellow.mit.edu Date: Mon, 8 Nov 93 16:13:50 EST Subject: Linux-Admin Digest #146 Linux-Admin Digest #146, Volume #1 Mon, 8 Nov 93 16:13:50 EST Contents: OS/2 and LINUX INSTALLATION HELP!!!*** (ANDROUTSOS DIMITRIOS) mail routing problem (Leo Staschover) Re: what should hostname report? (Lawrence Houston) SLIP: *Almost* working (Scott Drellishak) Any software thah records users' amount of transfered data? (Lim Chee Tuck) Re: SLIP: *Almost* working (Angelo Haritsis) Re: Loophole in login in util-bin-2.0 (Anders Pedersen) Re: Loophole in login in util-bin-2.0 (Anders Pedersen) Re: Loophole in login in util-bin-2.0 (Charles Hawkins) Re: Loophole in login in util-bin-2.0 (Peter Orbaek) Shutdown bug (Julian Day) SMail/Elm lock up solved (LMRusu) Re: UltraStor 24F/34F anyone? (Mike Horwath) Problems with HP-harddisk (Frank Becker) Re: Net2? in pl13p with errors (aaron@aaron.cps.edu) Printing problem (Leo Staschover) ---------------------------------------------------------------------------- From: androut@ecf.toronto.edu (ANDROUTSOS DIMITRIOS) Subject: OS/2 and LINUX INSTALLATION HELP!!!*** Date: Sun, 7 Nov 1993 22:17:04 GMT I wish to install LINUX on my system but I am not sure how I can go about it since I have a boot manager for OS/2 installled. I have 2 IDE drives C and D. D is just a bunch of data so is of no consequence. Presently I have my C drive (245 MB) partitioned at 60 for OS/2 and the rest for DOS...I wish to repartition th eDOS partition to install Linux, however I want to also add the Linux partition on the Boot Manager. Could someone please give me some insight ...the FAQs are not very helpful when it comes to installing Linux on OS/2. Jim ------------------------------ From: leos@poly.edu (Leo Staschover) Subject: mail routing problem Date: 8 Nov 93 01:50:14 GMT Hi, I am having problems sending mail to node "shell.portal.com". This node isn't directly on the internet. I'm not sure how it's setup, but it's routed through portal.com somehow. If it's not directly on the nameserver, does linux have to be configured differently to handle this kind of address? Thanks, Leo Staschover leos@prism.poly.edu ------------------------------ From: houston@norton.geog.mcgill.ca (Lawrence Houston) Subject: Re: what should hostname report? Date: Mon, 8 Nov 1993 05:20:25 GMT From article <2bhgan$7of@nntp.ucs.ubc.ca>, by jmorriso@rflab.ee.ubc.ca (John Paul Morrison): > the newer net-2 hostname commands has a flag -f which sets the > full hostname like this: > hostname -f foo > > hostname > foo.bar.com > > depending on what your domain is. I notice SunOS hostname always shows > the domain. The Linux makefile assumes no domain name, uname will show > foo.bar.com.bar.com if you build a new kernel. A few other programs > get a little confused by it. > > So what's the correct way? (I'm 100% certain myself that hostname should > report the fully qualified domain name, since that IS your host's name. > But I'm just asking here to shame people into changing.) Not sure that I have a definitive answer, but I have been running Slackware 1.0.4 (0.99pl13 with NET-2) with the short form of the hostname (not the fully qualified domainname) and have not noticed any problems. Which is actually contrary to the NET-2 HOWTO, but kept Smail's Automatic Configuration Scripts happy (avoiding foo.bar.com.bar.com) and generates compiled Kernel Images which were in keeping with the "darkstar" Kernel which came with the Slackware Installation. This I do with a "short" "/etc/HOSTNAME" File (with a "/bin/hostname -S" in the "/etc/local" file) and the domain coming from the "/conf/net/resolv.conf" File. On our SunOS 4.1.3 I was also running with a "short" host name in the "/etc/hostname.le0" File, but more recently this NEWS Reader (vn.jan.88) required the full domainname for its postings (so I switched to the full domainname for the SUNs). Although both seemed to be running correctly (other than this NEWS Reader!)? Some other Linux Users may have reasons for the full domainname, but so far I have not come across one! Lawrence Houston - (houston@norton.geog.mcgill.ca) ------------------------------ From: sfd@soda.berkeley.edu (Scott Drellishak) Subject: SLIP: *Almost* working Date: 8 Nov 1993 10:17:19 GMT After much head-beating and hair-pulling, I've got a SLIP connection between my Linux box at home and the terminal server at work. However, for some reason, I can only telnet/rlogin/ftp/ping machines on the local net at work. If I login to a remote site (outside of work), and ping my Linux box, and run "route", I can see the use count growing, so the packets are presumably being received. I've tried various combinations of netmask and broadcast address, but no luck. Does this sound familiar to anybody? -- / Scott Drellishak sfd@metaphor.com \ | "He would see faces in movies, on TV, in magazines, and in books. | \ He thought that some of these faces might be right for him..." / ------------------------------ From: lim@ctuck.pl.my (Lim Chee Tuck) Subject: Any software thah records users' amount of transfered data? Date: Mon, 8 Nov 1993 19:22:41 GMT Hello, I'm looking for a software that can monitors the amount of transfered data (in K/M/bytes) out to my gateway ... much like university's account quotation/ limit ... please recommend, my internet provider charges me for amount of data transfered ... so I have to monitor my users, limit them and charge those who exceeded. Thanks. ------------------------------ From: ah@doc.ic.ac.uk (Angelo Haritsis) Subject: Re: SLIP: *Almost* working Date: 8 Nov 93 12:26:52 GMT In <2bl6bf$qdg@agate.berkeley.edu> sfd@soda.berkeley.edu (Scott Drellishak) writes: >After much head-beating and hair-pulling, I've got a SLIP connection >between my Linux box at home and the terminal server at work. >However, for some reason, I can only telnet/rlogin/ftp/ping machines >on the local net at work. If I login to a remote site (outside of >work), and ping my Linux box, and run "route", I can see the use count >growing, so the packets are presumably being received. >I've tried various combinations of netmask and broadcast address, but >no luck. Does this sound familiar to anybody? I have got SLIP to work a bit further for me. I can "tcp/ip" to many outside the local net internet nodes, but mysterioysly it fails on some (?) - I played with the mtu setting on the ifconfig command and managed to have some success with a few. I use 99pl13o kernel and I also managed (for the first time I think) to nfs mount directories from the slip host (nfs is dead slow over slip though but it works!). All the above with the SLIP (not the CSLIP) setup. One extra point: I have NEVER managed to "tcp/ip" to nodes on the local net (apart from the slip host of course). I wonder how you did that. I had discussed this with people using slip over 386bsd and there seems to be a slip design problem with regard to local-net routing ??? My local setup looks like this: ifconfig sl0 A.B.C.101 pointopoint A.B.C.1 netmask 255.255.255.0 broadcast A.B.C.255 route add A.B.C.101 route add default gw A.B.C.101 A.B.C is the class B address of the subnet on which the slip host A.B.C.1 is (the slip host is also the router for the subnet). I cannot speak to ANY machine with address A.B.C.xxx Hope someone can clarify this furthermore... -- #include Angelo Haritsis, Applied Systems Section s-mail: Dpt of Computing,Imperial College, 180 Queen's Gate, London SW7 2BZ, UK e-mail: ah@doc.ic.ac.uk - tel:+44 71 225 8452 - fax:+44 71 581 8024 ------------------------------ From: anders@vision.auc.dk (Anders Pedersen) Subject: Re: Loophole in login in util-bin-2.0 Date: 8 Nov 93 14:07:28 In article <1993Nov1.125235.20032@infodev.cam.ac.uk> ceh@eng.cam.ac.uk (Charles Hawkins) writes: > I have found a loophole in login in this package. I found the problem by > doing the following. > > From any machine as root, rlogin to linux box as myself and > enter password as required. > > Execute su - > > This will have you in as root with NO password authorisation. Before executing > su -, id returns uid and gid as 0, euid as my user id. > > OK so you need root access on one machine and a user id on the linux box, > but this is still a problem. I did this too, but from an ordinary account. Just rlogin as usual, give your own passwd, and I found myself running with ruid 0. euid was ok though. I was only able to do this 4 or 5 times, then it worked properly again. --Anders. -- Anders Pedersen, M.Sc.EE. anders@vision.auc.dk ------------------------------ From: anders@vision.auc.dk (Anders Pedersen) Subject: Re: Loophole in login in util-bin-2.0 Date: 8 Nov 93 14:25:39 In article <2bdd2k$ler@belfort.daimi.aau.dk> poe@daimi.aau.dk (Peter Orbaek) writes: [...] >as one of the last things it does is a "setuid(newuid)" just before starting >the shell. Yes, like this: (void)setuid(pwd->pw_uid); execlp(pwd->pw_shell, tbuf, (char *)0); Why is the return value from setuid not checked? This is *the* most important syscall in login.c, and a failure will go by unnoticed. I suggest: 1. checking the return value from setuid. 2. Calling getuid() before exec'ing, in case setuid() failed silently. Can't be too careful. I have also been able to achieve ruid = 0 by rlogin, as the original poster described. And I remember that there was no syslog entry that root had logged in. From reading login.c, I can deduce that the passwd file entry has been properly read (pwd->pw_uid is correct). This means that either setuid fails, or exec mysteriously resets ruid to 0 (as far as I can tell.) Remember that euid was correct. --Anders. -- Anders Pedersen, M.Sc.EE. anders@vision.auc.dk ------------------------------ From: ceh@eng.cam.ac.uk (Charles Hawkins) Subject: Re: Loophole in login in util-bin-2.0 Date: Mon, 8 Nov 1993 13:30:39 GMT In article <2bdd2k$ler@belfort.daimi.aau.dk>, poe@daimi.aau.dk (Peter Orbaek) writes: |> Thus spake ceh@eng.cam.ac.uk (Charles Hawkins): |> |> >In article <2bd7a4$bbb@bambi.zdv.Uni-Mainz.DE>, kubla@mogli.zdv.Uni-Mainz.DE (Dominik Kubla) writes: |> >|> Charles Hawkins (ceh@eng.cam.ac.uk) wrote: |> >|> |> >|> : I have found a loophole in login in this package. I found the problem by |> >|> : doing the following. |> >|> |> >|> : From any machine as root, rlogin to linux box as myself and |> >|> : enter password as required. |> >|> |> >|> : Execute su - |> >|> |> >|> : This will have you in as root with NO password authorisation. Before executing |> >|> : su -, id returns uid and gid as 0, euid as my user id. |> >|> |> >Oh Dear. Nice theory. However |> |> > a) I compiled with shadow passwords |> > b) I (for my sins) have a password for root in /etc/passwd. |> |> >Re b), if you are using shadow passwords then the password field in |> >/etc/passwd should be set to * rather than blank, this stops non shadow |> >compiled programgetting in thru /etc/passwd. |> |> >Sorry but I don't think this is the problem. |> |> Apparently it matters whether you login from a root account on another |> machine or whether you rlogin from an ordinary account, right? |> If this is true, I would think the problem is in rlogind, as /bin/login |> shouldn't know anything about the far end of the conection. At least that's |> how I understand it. That's correct. But using my old /bin/login cures the problem, without changing rlogind. |> If you use telnet from the other end of the network, do you experience the |> same behaviour? No you don't. |> I really can't see how you can get reported behavior from "my" login program, |> as one of the last things it does is a "setuid(newuid)" just before starting |> the shell. After I have logged into my machineas myself from one that I am root on, executing id reports uid=0(root) gid=0(root) euid=123(ceh) so although I am effectively me I have root power. This only happens if when rloging on I am asked for a password, i.e. I have no .rhosts entry. |> Just as a test, you might want to build the login program without shadow |> support, and see what happens then. Will do when I have a moment. Charles Hawkins -- +--------------------------------+ +-----------------------------------+ + Cambridge University + + Telephone : (44) 223 332765 + + Engineering Department + + Fax : (44) 223 332662 + + Trumpington Street + + E-mail : ceh@eng.cam.ac.uk + + Cambridge CB2 1PZ + + + +--------------------------------+ +-----------------------------------+ ------------------------------ From: poe@daimi.aau.dk (Peter Orbaek) Subject: Re: Loophole in login in util-bin-2.0 Date: 8 Nov 1993 14:22:12 GMT Thus spake anders@vision.auc.dk (Anders Pedersen): >In article <2bdd2k$ler@belfort.daimi.aau.dk> poe@daimi.aau.dk (Peter Orbaek) writes: >[...] >>as one of the last things it does is a "setuid(newuid)" just before starting >>the shell. >Yes, like this: > (void)setuid(pwd->pw_uid); > execlp(pwd->pw_shell, tbuf, (char *)0); >Why is the return value from setuid not checked? This is *the* >most important syscall in login.c, and a failure will go by >unnoticed. >I suggest: > 1. checking the return value from setuid. > 2. Calling getuid() before exec'ing, in case > setuid() failed silently. Can't be too careful. I'll do that... At least 1. Can't imagine why setuid() should fail, unless /bin/login is not setuid root or /etc/passwd is corrupted. I just peeked at the man-page for setuid (on hpux): + If the euid is not zero, but the argument uid is equal to the ruid or the suid, setuid sets the euid to uid; the ruid and suid remain unchanged. (If a set-user-ID program is not running as super-user, it can change its euid to match its ruid and reset itself to the previous euid value.) Is your /bin/login program setuid root as it should be? >I have also been able to achieve ruid = 0 by rlogin, as the original >poster described. And I remember that there was no syslog entry >that root had logged in. From reading login.c, I can deduce that >the passwd file entry has been properly read (pwd->pw_uid is correct). >This means that either setuid fails, or exec mysteriously >resets ruid to 0 (as far as I can tell.) Remember that euid >was correct. What libraries are you using? Could be in there. - Peter. -- Peter Orbaek Phone: +45 89 42 32 23 Comp. Sci. Department of Aarhus University, Denmark. ------------------------------ From: jfd0@aber.ac.uk (Julian Day) Subject: Shutdown bug Date: Mon, 8 Nov 1993 15:52:31 GMT I noticed recently that if a tty has a full buffer and has sent a , shutdown will hang when notifying that tty untill is pressed. This means that an average user is able to prevent the system going being shut down (or at least make it more awkward.) -- Julian Day ===== No sig. (jfd0@aber.ac.uk) ------------------------------ From: rusu@tango.seas.upenn.edu (LMRusu) Subject: SMail/Elm lock up solved Date: 8 Nov 93 15:37:16 GMT In article <160458@netnews.upenn.edu> rusu@eniac.seas.upenn.edu (LMRusu) writes: >Hello Linuxers, > >I'm having a slight problem with SMail/Elm: when I try to send a message >bigger than ~10k from my Linux box the hole thing (the X screen) just >locks up solid. The only way I can get out is by rebooting the machine. >Any message under 10k will be sent just fine and I can receive messages >of any size. > The problem was that pl13p was running out of buffers and locking my machine. Solution? I went back to the official release of pl13. Everything works great now! Regards, Larry -- ------------------------------ From: root@jacobs.mn.org (Mike Horwath) Crossposted-To: comp.os.linux.development Subject: Re: UltraStor 24F/34F anyone? Date: 8 Nov 1993 13:57:40 GMT I think part of the problem with your building the kernel is that you forgot one very big step in there (which for some reason is letting you get by and it shouldn't). You list your building steps as so: cd linux make dep make clean make zImage When it should go like so: cd linux make config make dep make clean make zlilo The make config prompts you for pertinent configuration information and the zlilo will invoke your /etc/lilo/install script (or program) to get lilo up and going on the new kernel. (Which may have to be changed cause zlilo causes the kernel to be named /vmlinuz and /vmlinuz.old.) Good luck -- Mike Horwath IRC: Drechsau BBS: Drechsau LIFE: lover root@jacobs.mn.org drechsau@jacobs.mn.org Jacob's Ladder 612-588-0201 UUCP, UseNet, Linux files, BBS ------------------------------ From: frank@e-technik.tu-ilmenau.de (Frank Becker) Subject: Problems with HP-harddisk Reply-To: frank@e-technik.tu-ilmenau.de Date: Mon, 08 Nov 93 15:56:39 GMT We tried to install slackware 1.03 and 1.04 at a Tandon 2/66 with 420MB HP-harddisk. We completed the installation process correctly and made a bootdisk. While booting with the new bootdisk the system hanged up. We think that there is a incompatibility with the harddisk, because we installed linux at a Tandon 50 with 420MB Seagate-harddisk successfully. Does anybody know about this? Thanks Frank ------------------------------ Date: Mon, 8 Nov 1993 10:09:28 +0000 From: aaron@aaron.cps.edu Subject: Re: Net2? in pl13p with errors Reply-To: aaron@aaron.cps.edu In <2bdk98$64v@comma.rhein.de>, volkmar@gatekeeper.rhein.de (Volkmar Eich) writes: >Hi, > >because of problems with the existing net-2 code i changed my system >from pl13 (net-debugged) to pl13p. In the old versions of net-2 >I had problems with fragmented IP-Packets. I know, the weren't >supported. > >As I got to know in pl13p (including net2debugged) this missing feature >might be implemented. Now I got the following error message: > ><6>*** tcp.c:tcp_data bug acked < copied > >Can somebody help me. I know that this occurs when I should receive SMTP- >Packets and try to connect to my newsserver. > >Thanks for your assitance. > >Volkmar > If you have the kernel source installed (which you should, especially if you are running an Alpha version, you can do a grep for that line of code in the /linux/net/inet directory. I believe the file is tcp.c and just comment out that line of code (it's a printk() if I remeber right. The error may still be there, but the annonying message is gone. Aaron Monfils Chicago Public Schools aaron@aaron.cps.edu aaron@cpsnet2.cps.edu '93 Suzuki GSX-R1100WP '93 Kawasaki ZX-6E ------------------------------ From: leos@poly.edu (Leo Staschover) Subject: Printing problem Date: 8 Nov 93 15:49:34 GMT Hi, I can't get printing to work in Linux. I am getting errors such as "jobs queued but cannot start daemon" and "lpc: connect: No such file or directory". These errors are discussed in the Printing-HOWTO doc, and the solution is to "configure yourself as a single node network". Can someone elaborate on how exactly to do this? I am on a single node network connected to the Internet.. Thanks, Leo Staschover leos@prism.poly.edu ------------------------------ ** FOR YOUR REFERENCE ** The service address, to which questions about the list itself and requests to be added to or deleted from it should be directed, is: Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU You can send mail to the entire list (and comp.os.linux.admin) via: Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU Linux may be obtained via one of these FTP sites: nic.funet.fi pub/OS/Linux tsx-11.mit.edu pub/linux sunsite.unc.edu pub/Linux End of Linux-Admin Digest ******************************