From: Digestifier To: Linux-Admin@senator-bedfellow.mit.edu Reply-To: Linux-Admin@senator-bedfellow.mit.edu Date: Mon, 16 Aug 93 20:06:35 EDT Subject: Linux-Admin Digest #2 Linux-Admin Digest #2, Volume #1 Mon, 16 Aug 93 20:06:35 EDT Contents: Welcome to the comp.os.linux.* hierarchy! (Matt Welsh) Re: Why use shadow? (Mark Kassab) Help getting X started (M.J. Glover) Re: Why use shadow? (David Engel) Linux standard for system UID/GIDs ?? (Michael Elkins) Re: What's the FASTEST FS? (Peter Mutsaers) cron listed as /USR/BIN/CRON ??? (Chris D. Johnston) LILO like DOS executable Loader? (Chris D. Johnston) Re: Why use shadow? (Erik Levitt) Re: LILO like DOS executable Loader? (Ian McCloghrie) Re: LILO like DOS executable Loader? (Byron A Jeff) Where to get the Linux FAQ (PLEASE READ) (Matt Welsh) stale LCK file after uucp session (JL Gomez) NFS mount fails with authentication error (Tom Lane) Re: cron listed as /USR/BIN/CRON ??? (Scott D. Heavner) Re: Why use shadow? (Warner Losh) ---------------------------------------------------------------------------- From: mdw@TC.Cornell.EDU (Matt Welsh) Crossposted-To: comp.os.linux.announce,comp.os.linux.help,comp.os.linux.development,comp.os.linux.misc,comp.os.linux,news.answers,comp.answers Subject: Welcome to the comp.os.linux.* hierarchy! Date: 12 Aug 1993 12:29:25 -0400 Archive-name: linux-faq/announce/intro Last-modified: 8 August 93 Welcome to the comp.os.linux.* hierarchy! Background ========================================================================= This posting is an introduction to the comp.os.linux.* hierarchy of USENET newsgroups. Linux is a free implementation of UNIX for 80386/80486 machines covered by the GNU GPL. Most of the development of the Linux kernel has been done by Linus Torvalds, an internationally reknowned UNIX wizard from Helsinki, Finland. For the past two years or so, the newsgroup comp.os.linux has grown be one of the most popular groups on USENET. Late in 1992, a CFV for splitting comp.os.linux was posted; the only group which passed was comp.os.linux.announce, a moderated newsgroup for Linux announcements and patches. Six months later, during the summer of 1993, another CFV for splitting comp.os.linux was posted. The voting period for the comp.os.linux reorganization results ended at 23:59:59 UTC on 4 August 1993 (4:59PM US Pacific Time, 7:59PM US Eastern Time.) The results are as follows: comp.os.linux reorganization results - 1842 votes Yes No : 2/3? >100? : Pass? : Group ---- ---- : ---- ----- : ----- : ------------------------------- 1692 135 : Yes Yes : Yes : comp.os.linux.admin 1741 90 : Yes Yes : Yes : comp.os.linux.development 1647 177 : Yes Yes : Yes : comp.os.linux.help 1660 155 : Yes Yes : Yes : comp.os.linux.misc Because of this split, the newsgroup comp.os.linux will be deleted on 11 November 1993. The new newsgroups will be created on 11 August 1993. This posting describes these newsgroups, including comp.os.linux.announce, which will remain entact. General Policy ========================================================================= The general policy for the Linux newsgroups is simple. Who sets the policy? We all do. All of us on USENET are interested in communicating openly about a number of topics. That's why we have USENET. If you want the Linux newsgroups to work for you, a few suggestions: * Read the Linux FAQ and follow the newsgroups for some time before posting questions. This is very important. comp.os.linux suffered from HUGE amounts of noise and traffic because much of the growing readership never bothered to READ the newsgroup; they only posted questions. The same thing will happen with the new newsgroups unless you read the FAQ (found on sunsite.unc.edu in the file pub/Linux/docs/FAQ) and read the newsgroup for some time before posting questions. Chances are, your question has already been recently answered, and a simple browsing of the newsgroup will answer it. We suggest using a threaded newsreader such as "trn" which will allow you to browse and mark articles by subject, so you don't have to read each and every article in each newsgroup. * Crossposting between the Linux newsgroups is STRONGLY discouraged. If you do crosspost questions between Linux newsgroups, expect to be flamed to oblivion. The reason we have a newsgroup split is to categorize discussions into separate newsgroups. Crossposting negates this effect. If your posting cannot fit into ONE of the newsgroups c.o.l.admin, c.o.l.help, or c.o.l.development, then you should post it to c.o.l.misc. The one exception is for announcements. Occasionally, an important announcement (such as this one) will be crossposted between c.o.l.announce and one or more of the other c.o.l.* groups. These announcements must be approved by the .announce moderator; see below. * Reply to questions via e-mail if at all possible. While discussion in the newsgroups is encouraged, if someone is asking a simple question to which the answer is well-known, there is no reason to post the reply. Don't assume that the person posting the question actually reads the newsgroup or will even note your followup if they do. Reply via e-mail unless the reply is of general interest. * Don't flame newbies. Over the course of the past few months, the Linux community has developed an oversensitive ego and a reputation for being unfriendly towards newcomers, mostly because of unwarranted flaming by a handful of righteous individuals. If someone posts, saying, "Hi! I'm new to this group! What is Linux?" (which will inevitably happen as the new newsgroups are propagated), DO NOT FLAME THEM. When someone sees a new newsgroup pop up within "rn", they are justifiably curious about the new group and probably don't know that well over 80,000 people who know EVERYTHING about Linux read the group. Right? Instead of being rude, you can send a polite note to the poster, saying, "Hello, Linux is a free implementation of UNIX for the 386 and 486. You can get the FAQ from sunsite.unc.edu in /pub/Linux/docs. Let me know if I can be of help!". That's all. Not difficult, eh? You can even save your stock reply in a file and simply send form-letters to newbies if you wish. But there is very little point in flaming or ever being rude. It goes against everything that Linux can and should be. Just remember that nobody knows everything---not even Linus--- and that you were a newbie once, too. :) comp.os.linux.announce ========================================================================= Comp.os.linux.announce is a moderated newsgroup for Linux announcements and source patches. The purpose of this group was to get all of the ``important'' Linux information out of the regular newsgroup and into a place where all Linux users could see the important announcements without having to wade through a jungle of other postings. So far, this group has been very successful. The moderators for this group are myself (Matt Welsh, mdw@tc.cornell.edu) and Lars Wirzenius (wirzeniu@cc.helsinki.fi). We will be sharing the moderator duty, and backing each other up to make sure that postings to this group will be approved as soon as possible after they're submitted. Submissions to this group should be mailed to the address: linux-announce@tc.cornell.edu If you have any problems or questions about c.o.l.announce, please send mail to the moderators at linux-announce-request@tc.cornell.edu Or simply mail us directly. This is not a request address for mailing list subscription; see below. A separate posting details the guidelines for submitting to this group. I plan to approve just about anything that's posted to this group, except for questions or discussions about Linux. So, please, post away. :) There are also archives of comp.os.linux.announce available at a number of Linux FTP sites: check sunsite.unc.edu:/pub/Linux/docs/linux-announce.archive There is a mailing list mirror of the comp.os.linux.announce newsgroup; to join, send mail to linux-activists-request@niksula.hut.fi With the line X-Mn-Admin: join ANNOUNCE at the top of the body (not in the subject). Approved postings to c.o.l.announce will automatically be mailed to this mailing list channel. comp.os.linux.admin ========================================================================= This newsgroup was created simply to thwart the unique newsgroup acronym "c.o.l.a", previously used by c.o.l.announce. However, this newsgroup is also used for discussions and questions about running Linux systems, either in a single-user or multi-user environment. Clearly, there is no large distinction between c.o.l.admin and c.o.l.help. However, .admin should be mostly used for discussions about RUNNING Linux, not USING or PROGRAMMING it. Unfortunately, especially with Linux, the line between system administrator and system user is very fuzzy. In short, we anticipate c.o.l.admin to be mostly about questions with installing, setting up, and configuring Linux systems, as well as other discussions relating to system administration. comp.os.linux.development ========================================================================= c.o.l.development, or "c.o.l.d" for short, is a newsgroup for questions and discussions about Linux kernel and systems-level development. Please note that this is a newsgroup about development OF Linux, not development FOR Linux. In other words, c.o.l.d isn't for questions about programming or porting software to Linux. Instead, this is a newsgroup for discussions about developing the Linux kernel itself, including writing device drivers, adding new features, and so on. In addition, discussions about development of shared libraries, and other essential systems-level projects, are welcome here. Hopefully, this newsgroup will embody some of the content and scope of the linux-activists mailing list channels such as GCC, KERNEL, SCSI, and NET. comp.os.linux.help ========================================================================= Comp.os.linux.help is perhaps the most general of Linux newsgroups. It is for any general user, programming, or setup questions and discussion about Linux. If your question is about Linux development, post to c.o.l.development. If it is about system administration, post to c.o.l.admin. However, if your question is of a more general nature, such as "How do I set up Linux for use with an NE2000 card?", c.o.l.help is your place. Remember that you should not crosspost between .help and other Linux newsgroups. This means that if you are asking for help in .development, that's fine, but .help is for those questions which don't fit into .admin and .development. comp.os.linux.misc ========================================================================= This group is the canonical ``catch-all'' for discussions and questions which don't fit into the other Linux newsgroups. While c.o.l.help is generally for questions, c.o.l.misc is for discussions of a general nature about Linux, such as setting up a file hierarchy standard, questions about Linus' personal life and virtual beer, and the inevitable flame war. Again, it should be noted that crossposting between c.o.l.misc and other Linux newsgroups is strongly discouraged. If your posting or question does not fit into ONLY ONE of the other Linux newsgroups, post it to .misc. Comments ========================================================================= If you have questions or comments about this document, please direct them to mdw@tc.cornell.edu. Flames to /dev/null; cheques and money orders to Linus Torvalds. Thanks. -- Matt Welsh, mdw@tc.cornell.edu "On the Internet, nobody knows you're a dog." -- Matt Welsh, mdw@tc.cornell.edu "On the Internet, nobody knows you're a dog." ------------------------------ From: mark@macs.ee.mcgill.ca (Mark Kassab) Subject: Re: Why use shadow? Reply-To: mark@macs.ee.mcgill.ca Date: Sun, 15 Aug 1993 13:27:59 GMT >>> On 14 Aug 93 23:39:18 EDT, eekim@husc11.harvard.edu (Eugene Kim) said: Eugene> file to add new users. Does anyone know why shadow is better Eugene> than passwd? The shadow passwd is there for security reasons. If the encrypted passwords are in the passwd file, anyone with access to your system can copy them and run the publicly available crack program on them, and chances are they'll crack quite a few. By shadowing the passwords, non-priviledged users simply cannot get access to the encrypted passwords. Mark =============================================================================== Mark Kassab | Lab : (514)398-3937 | Keep stress out of your MACS Laboratory | Home : (514)934-3718 | life. Give it to others McGill University | Email: mark@macs.ee.mcgill.ca | instead. Montreal, Canada | m.kassab@ieee.org | =============================================================================== ------------------------------ From: ede888f@monu6.cc.monash.edu.au (M.J. Glover) Subject: Help getting X started Date: Sun, 15 Aug 1993 06:22:38 GMT ------------------------------ From: david@ods.com (David Engel) Subject: Re: Why use shadow? Date: Sun, 15 Aug 1993 15:55:36 GMT Eugene Kim (eekim@husc11.harvard.edu) wrote: : Using shadow also prevents me from just editing the passwd : file to add new users. Does anyone know why shadow is better : than passwd? I don't know if the older version used in SLS supports it, but version 3.3 of the shadow password suite was just released a few days ago and it allows useradd to be compiled without shadow support. David -- David Engel Optical Data Systems, Inc. david@ods.com 1101 E. Arapaho Road (214) 234-6400 Richardson, TX 75081 ------------------------------ From: elkins@aerospace.aero.org (Michael Elkins) Subject: Linux standard for system UID/GIDs ?? Date: 15 Aug 1993 17:42:37 GMT I looked through the linux-standards, but I couldn't find any references for a standard list of UIDs and GIDs that a linux box should have. Obvsiouly, root is UID=0 and GID=0, but what about other "standard" users and groups such as bin, daemon, sys, etc...? It seems like it would be a good idea for everyone to be using roughly the same scheme for these things. me michael elkins elkins@aero.org computer science and technology subdivision aerospace corporation tel: +1 310-336-8040 el segundo, ca fax: +1 310-336-4402 ------------------------------ Crossposted-To: comp.os.linux From: muts@compi.hobby.nl (Peter Mutsaers) Subject: Re: What's the FASTEST FS? Date: Sat, 14 Aug 1993 17:32:18 GMT >> On Fri, 13 Aug 1993 02:15:49 GMT, dfox@hip-hop.suvl.ca.us (David >> Fox) said: DF> One thing I would like to see in SLS is a real etc/rc startup DF> procedure that runs e2fsck upon boot, and if the file system DF> gets modified by it, reboot. This is included in the bootutils package. It looks about like this: (fsck -A looks in /etc/fstab what type the filesystem is and wether to run e2fsck, xfsck etc.) # Check the integrity of all filesystems /etc/fsck -A -a # If there was a failure, drop into single-user mode. if [ $? -gt 1 ] ; then echo fsck failed. Please reboot. sh fi -- _____________________________________________ Peter Mutsaers, Bunnik (Ut), the Netherlands. ------------------------------ From: chris@surfcty.surfcty.com (Chris D. Johnston) Subject: cron listed as /USR/BIN/CRON ??? Date: Sun, 15 Aug 1993 20:18:53 GMT Running pl10, on startup when I have the cron daemon enabled in my /etc/inittab, I will get an entry that looks like: PID TT STAT TIME COMMAND 1 ? S 0:00 init 50 ? S 0:00 /usr/bin/crond 51 ? S 0:00 /USR/BIN/CROND Why is the entry for PID 51 there? I can kill it and it will go away. For an experiment, I restarted the machine and left it there. I see no ill side effects, just that it does not look right. Why is this happening, and does it cause problems? Chris chris@surfcty.com ------------------------------ From: chris@surfcty.surfcty.com (Chris D. Johnston) Subject: LILO like DOS executable Loader? Date: Sun, 15 Aug 1993 20:26:36 GMT Has anyone considered putting together a DOS-based loader that would allow you to link the zImage file into a DOS executable so that you could launch Linux from DOS? I use DOS for QMODEM so I can call out to other BBS type systems and download files. I then reboot to Linux and mount the DOS partition and copy the files into Linux directory space. Wouldn't it be neat if you could simply launch linux by typing in a DOS command line? Save the trouble of rebooting every time? Better yet, is there a version of minicom or something that works without having to reset the screen each time it scrolls off? I would rather not deal with DOS if at all possible. chris chris@surfcty.com ------------------------------ From: eblevitt@sales.GBA.NYU.EDU (Erik Levitt) Subject: Re: Why use shadow? Date: 15 Aug 93 22:29:15 GMT The advantage of shadow passwords is fairly simple .. if you can't physically see the passwords it's awfully hard to just simply run those characters through a decrypter ... There are other advantages too ... but someone with a lot more experience could probably explain it a little better. Erik Levitt ------------------------------ From: imcclogh@cs.ucsd.edu (Ian McCloghrie) Subject: Re: LILO like DOS executable Loader? Date: 15 Aug 93 22:32:09 GMT chris@surfcty.surfcty.com (Chris D. Johnston) writes: >Has anyone considered putting together a DOS-based loader >that would allow you to link the zImage file into a >DOS executable so that you could launch Linux from DOS? There is a "bootlin" program that can be used from a config.sys file to boot linux, allowing you to set a linux boot option from a multi-config.sys package. >Better yet, is there a version of minicom or something that >works without having to reset the screen each time it >scrolls off? I would rather not deal with DOS if at all possible. Back before getting a slip connection, I found kermit inside an xterm to be quite usable for this task. Setting the modem to ignore DTR, I could even do zmodem transfers by loading sz on the unix side (I dialed into my network accessable unix account, rather than a BBS, but that's irrelevant), closing kermit locally, and loading rz < /dev/ttys0 > /dev/ttys0. Inside the xterm, I got scrollback with the scrollbars, cut-and-paste, and real vt100 emulation. Basically the only comm program feature you're missing is a dialing directory, but that's simple to fix. Keep a list of your phone numbers in a text file, and grab one with the mouse, and paste it over into the modem :) I must say though, that I much prefer the slip connection :) -- /~> Ian McCloghrie | Commandant of Secret Police - Cal Animage Beta. < < /~\ |~\ |~> | | <~ | email: ian@ucsd.edu Net/2, USL 0! \_> \_/ |_/ |~\ |__| _> | Card Carrying Member, UCSD Secret Islandia Club ------------------------------ From: byron@cc.gatech.edu (Byron A Jeff) Subject: Re: LILO like DOS executable Loader? Date: Sun, 15 Aug 1993 23:46:21 GMT In article <53381@sdcc12.ucsd.edu>, Ian McCloghrie wrote: >chris@surfcty.surfcty.com (Chris D. Johnston) writes: > >>Has anyone considered putting together a DOS-based loader >>that would allow you to link the zImage file into a >>DOS executable so that you could launch Linux from DOS? > > There is a "bootlin" program that can be used from a config.sys >file to boot linux, allowing you to set a linux boot option from >a multi-config.sys package. This all sounds like a bad idea. Let try to figure out a way to keep DOS out of this. > >>Better yet, is there a version of minicom or something that >>works without having to reset the screen each time it >>scrolls off? I would rather not deal with DOS if at all possible. > > Back before getting a slip connection, I found kermit inside >an xterm to be quite usable for this task. Setting the modem to >ignore DTR, I could even do zmodem transfers by loading sz on the unix >side (I dialed into my network accessable unix account, rather than a >BBS, but that's irrelevant), closing kermit locally, and loading rz < >/dev/ttys0 > /dev/ttys0. Inside the xterm, I got scrollback with the >scrollbars, cut-and-paste, and real vt100 emulation. Basically the only >comm program feature you're missing is a dialing directory, but that's >simple to fix. Keep a list of your phone numbers in a text file, and grab >one with the mouse, and paste it over into the modem :) Kermit has a phone directory. It also has a script language so yet can pick and choose who you want to dial. Here is my kermit .phonedir: gatech T853-0874 38400 none gatech44 T853-0844 38400 none The fields are name, number, baudrate and parity respectivly. once in kermit The use the dial command to dial a number. You can even put a script in .kermrc that is automatically executed every time you run kermit. Mine sets up some parameters, dials, logs me in, runs term both remotely and locally, and dumps me right back at a prompt. From here I can use term to do whatever I want. I don't even bother to exit kermit just push a shell to work from. When I'm done the script picks up where it left off by bringing down the remote term, logging me out, and hanging up the phone. It doesn't get much easier than that. If we're going to fire up one os from another let's make sure we do it the other way around. I'll bet DOSEMU can run your terminal program. But kermit, minicom, and seyon can all do the job. Later, BAJ --- Another random extraction from the mental bit stream of... Byron A. Jeff - PhD student operating in parallel! Georgia Tech, Atlanta GA 30332 Internet: byron@cc.gatech.edu ------------------------------ From: mdw@TC.Cornell.EDU (Matt Welsh) Crossposted-To: comp.os.linux.announce,comp.os.linux.help,comp.os.linux.development,comp.os.linux.misc Subject: Where to get the Linux FAQ (PLEASE READ) Date: 12 Aug 1993 21:20:16 -0400 NEW USERS: WHERE TO GET THE LINUX FAQ (please read) PLEASE: EVERYONE read the FAQ for this group before posting questions. Many people (myself included) worked hard to produce the FAQ to accurately answer all of your questions. The new version of the FAQ (with many updates, clarifications, etc.) will only come out every month! So you won't see it posted that often. In the meantime you'll have to get it in one of the following ways: 1) ftp to tsx-11.mit.edu. It's the directory /pub/linux/docs/FAQ. It's split up into 5 files: the table of contents and the four parts of the FAQ itself. Each part is about 50K. or ftp to sunsite.unc.edu. It's the file /pub/Linux/docs/FAQ. This is one big ASCII file containing the entire FAQ (about 200K). or ftp to any news.answers archive site. For example, you can find Linux-related postings from news.answers in the directory /usenet/comp.os.linux and /usenet/comp.os.linux.announce on ftp.uu.net. 2) If you don't have FTP access, you can retrieve it via the mailserver at rtfm.mit.edu. Send mail to mail-server@rtfm.mit.edu with the word "help" in the body. or If you simply can't find the FAQ, I will mail it to you myself. Just send me mail (mdw@tc.cornell.edu). 3) The most recent FAQ will be posted to comp.os.linux, comp.os.linux.announce, and news.answers every month (if you want to wait...). FOR FURTHER INFORMATION: Read the "Meta-FAQ" posted weekly to c.o.l.a (also available from the various FTP sites). It gives you all of the pointers on where to look for Linux information. Thanks. mdw -- Matt Welsh, mdw@tc.cornell.edu "On the Internet, nobody knows you're a dog." ------------------------------ Crossposted-To: comp.os.linux From: gomez@enuxsa.eas.asu.edu (JL Gomez) Subject: stale LCK file after uucp session Date: Sun, 15 Aug 1993 23:59:43 GMT I have a remote site that calls my machine for e-mail delivery. I never call this machine. However, uucico leaves a stale LCK file for this machine, even when the session is over. I'm running Slackware v1.01 with uucp1.04 binaries. Thanks for any info! -- gomez@enuxsa.eas.asu.edu ------------------------------ From: tgl@netcom.com (Tom Lane) Subject: NFS mount fails with authentication error Date: Mon, 16 Aug 1993 01:15:03 GMT I'm a new user of Linux, so please bear with me if this is a FAQ. (Couldn't find anything about it in the NET-2 FAQ though...) I'm trying to network SLS 1.03 with a couple of HP workstations. I can't get Linux to NFS-mount the workstations' filesystems; it fails with this message: rpc mount: RPC: Authentication error; why = Invalid client credential Everything else I've tried works great, including mounting the Linux machine's filesystems via NFS on the workstations. I can invoke other RPC-based servers like rstat without problems. The two workstations can NFS-mount each other, and yes I have the Linux machine added to /etc/hosts, /etc/hosts.equiv, and /etc/exports. It's possible that this is an HP bug, but I see the same results with machines running both HPUX 7.0 and HPUX 8.0. Seems more likely that Linux is failing to adhere to the RPC authentication protocol. Or perhaps there is a configuration file I haven't set up correctly? Any info gratefully accepted ... thanks, tom lane ------------------------------ From: sdh@fishmonger.nouucp (Scott D. Heavner) Subject: Re: cron listed as /USR/BIN/CRON ??? Date: Sun, 15 Aug 1993 21:32:33 GMT Reply-To: sdh@po.cwru.edu Chris D. Johnston (chris@surfcty.surfcty.com) wrote: > Running pl10, on startup when I have the cron daemon enabled in > my /etc/inittab, I will get an entry that looks like: > PID TT STAT TIME COMMAND > 1 ? S 0:00 init > 50 ? S 0:00 /usr/bin/crond > 51 ? S 0:00 /USR/BIN/CROND > Why is the entry for PID 51 there? I can kill it and it will go > away. For an experiment, I restarted the machine and left it > there. I see no ill side effects, just that it does not look > right. /USR/BIN/CROND signifies an active cron event. When crond notices that it's time to do something, it spawns a new process to execute it. I would assume that PID 51 should go away after a while, if it doesn't, maybe the process would be better invoked from /etc/rc rather than cron. Scott sdh@po.cwru.edu ------------------------------ From: imp@boulder.parcplace.com (Warner Losh) Subject: Re: Why use shadow? Date: Mon, 16 Aug 1993 03:02:32 GMT Eugene Kim (eekim@husc11.harvard.edu) wrote: : Using shadow also prevents me from just editing the passwd : file to add new users. Does anyone know why shadow is better : than passwd? If you have a machine that will have at least one user who does not also have root, then it will increase your security. The file /etc/passwd contains the encrypted passwords for everybody on the system. It also contains useful information about all the users, like uid, names, home directory, etc. You want to keep the former secure to prevent dictionary attacks. The latter is generally considered public information (to the sytem at least) and need to be readable by finger, ps, ls, most shells and any other program that needs to know about users in general (like expanding ~bob, for example). What shadow does is to separate out the public stuff from the private stuff. So, the encrypted passwords go into a file that only root (or a certain group, in some implementations) can read, while the rest of the stuff goes into a file that everybody can read. The passwords are kept in /etc/shadow (this varies from os to os), while the public information is still in /etc/passwd. Most programs that need it can get to it. There is at least one bug in the shadow password stuff that will make your system LESS secure if you use it. When a user has a password in the shadow file, the password entry in the /etc/passwd file is null (rather than "*" or somethine else like in other implementations). Certain programs that haven't been hacked to use Linux's shadow commands will assume that a user (say root) can go ahead and log in w/o a password. Programs to watch out for are rshd, ftpd or any other that asks for a user name and password. I think ftpd has been fixed, but I don't know if rshd has yet or not. The shadow that is on SLS 1.03 definitely behaves like this (I just tried it), so be careful out there. This will likely bite you if you are trying to port software to linux. It is a severe bug in the shadow implementation, since it does not work with "prior art" very well. Warner -- Warner Losh imp@boulder.parcplace.COM ParcPlace Boulder I've almost finished my brute force solution to subtlety. ------------------------------ ** FOR YOUR REFERENCE ** The service address, to which questions about the list itself and requests to be added to or deleted from it should be directed, is: Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU You can send mail to the entire list (and comp.os.linux.admin) via: Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU Linux may be obtained via one of these FTP sites: nic.funet.fi pub/OS/Linux tsx-11.mit.edu pub/linux sunsite.unc.edu pub/Linux End of Linux-Admin Digest ******************************