From: Digestifier To: Linux-Admin@senator-bedfellow.mit.edu Reply-To: Linux-Admin@senator-bedfellow.mit.edu Date: Thu, 23 Sep 93 14:23:10 EDT Subject: Linux-Admin Digest #72 Linux-Admin Digest #72, Volume #1 Thu, 23 Sep 93 14:23:10 EDT Contents: Re: Compiling the new Elm 2.4 (n.h.chandler) Freeware Linux BBS - READ! (Ken Geis) Slackware Disk Sizes, was Re: [Not] enough SLS bashing (Kevin Fluet) security and Linux binaries (John Ritchie) Re: [Q] How to make modem hangup (Greg Patten) Re: [Summary] /etc/shutdown by non-root (Joachim Schnitter) Re: eth0 receiver overrun...please repost (or email me) the patch (Wolfgang Thiel) Re: [Q] How to make modem hangup (David Liebert) Modem Lights (Noahal A. Mundt) Juergen,where are you? (Azad Hessamoddini) Problem with sysinstall (Erik Ratcliffe) Re: [Summary] /etc/shutdown by non-root (Malcolm Beattie) Re: 3.5 boot floppies. Not really Re: [Not] enough SLS bashing anymore (Wolfgang R. Mueller) SMAIL: problems with MXed sites in SLS (Michael 'Moose' Dinn) Re: crond output=>mail problem (Bernd Meyer) ---------------------------------------------------------------------------- From: nhc@cbnewsj.cb.att.com (n.h.chandler) Subject: Re: Compiling the new Elm 2.4 Date: 23 Sep 93 02:02:16 GMT In article <1993Sep21.122618.17429@nrao.edu>, rzm@oden.oso.chalmers.se (Rafal Maszkowski) writes: > John Henders (jhenders@jonh.wimsey.bc.ca) wrote: > : Has anyone compiled elm 2.4with kernel 99pl12, gcc2.4.5 and the > : 4.2.2.libraries? ? I tried everything in the newspak7 doc, including > > I compiled only 2.4.23beta2 (wuarchive.wustl.edu:packages/mail/elm/ > elm.beta.tar.Z) without any problems. What are yours? > I compiled elm-2.4 pl23beta2 using gcc-2.4.5 with lib-4.4.1 and encountered no problems. --N. Chandler -- ================================================================= Neville H. Chandler || AT&T Bell Laboratories nhc@mtdcr.att.com || Middletown, NJ 07748 ================================================================= ------------------------------ From: bogart@ucsee.Berkeley.EDU (Ken Geis) Subject: Freeware Linux BBS - READ! Date: 23 Sep 1993 02:13:07 GMT I've seen a lot of conversation on the Linux and BBS newsgroups recently about running a freeware Linux BBS. The responses haven't been too appealing, especially from the 'freeware' standpoint. I've got an idea that's perfect for the Linux environment. Why can't we write one? I'm not up to it myself, but I'd be glad to contribute whatever knowledge and coding I could. Let's talk, Ken ------------------------------ From: user1@valis.ampr.ab.ca (Kevin Fluet) Subject: Slackware Disk Sizes, was Re: [Not] enough SLS bashing Date: Wed, 22 Sep 1993 20:29:47 GMT In <748599609snz@cmkrnl.demon.co.uk> gregh@cmkrnl.demon.co.uk (Greg Hennessy) writes: >Leave it out, the Slackware distribution is free pro gratis and costs nothing, >5.25 is dead as a format, I install software every day, I havent seen 5.25 >ship in a standard distribution with over 2 years. Well, you must be installing certain packages then or asking for 3.5's. Like I said before, my entire system sofware (DOS/Windows/Word/etc) came on 5.25's less than a year ago. 5.25 is still VERY common. I have yet to see software that didn't have a 5.25 option. > If it doesn't work well 'Tough Turnips' a 3.5 drive is a very cheap > option. If Microsoft said 'Tough Turnips' this often, they would be dead now. (we all wish) The POINT is that a person who has never tried Linux might have to go out and BUY another drive just to see it run. This means that LOTS of people WON'T BOTHER TRYING LINUX. Lots of people aren't even willing to switch their floppy drives to try installing something (thus the development of a Slackware 5.25 boot image). I am speaking as someone who runs a BBS, and who is trying to keep available a version of Linux everyone can try. Restricting who can run Linux in any way will only hurt it. > I dont want to hear >stories about lack of drive bays, bios problems or other bollocks. I don't think anyone has mentioned anything about this. > If you are not statisfied get the sources and roll your own and shut up > whining about it. I'm hardly whining. I'm just pointing out that the Slackware distribution is cutting people out where it doesn't have to. All that needs to be done is restrict the disk images to a size that fits on both types of disk. Is that so tough? Slackware looks to me like the best distribution around. I'm disappointed that it doesn't come in a format that everyone can use. Like I said, I only have room for one set of disks on my BBS, and for now that will have to stay SLS. >The amount of garbage spewed here on this topic is unreal, no one is Forcing >anyone to use any distribution, If it doesn't suit, well tough shit!!!!. We >are lucky to have distributions at all. Who's spewing garbage? I'm not the one swearing like a street urchin. Of course no-one is forcing anyone to do anything. I would just be nice if everyone could use the best. ====================================================================== Kevin Fluet Call V.A.L.I.S. Public Access Linux kevin or user1@valis.ampr.ab.ca Usenet, Email (403) 478-1281 fluet@ee.ualberta.ca Ask me about Linux, the FREE Unix clone! ------------------------------ From: ritchiej@osshe.edu (John Ritchie) Subject: security and Linux binaries Date: 22 Sep 93 18:00:20 GMT Hello fellow Linux sysadmins... Recently I was reading some Unix System's administration book or other, and in this book it mentioned that a security-conscious sysadmin should "never" use pre-compiled binaries supplied by an unknown (such as Public Domain) source, especially programs that run setuid root or handle sensitive things such as passwords. The book, furthermore, stated that a sysadmin should carefully read through any public-domain source code (or other source code of questionable, well, source) before compiling it, and not compile it if there is anything that isn't understood. Although I think that the above view is a bit on the paranoid side, it does raise a hairy question for the Linux community. Most Linux users are _extremely_ vulnerable to security attacks, especially since Linux is becoming so popular among Unix neophytes who install binaries packaged by a thousand different "vendors", without reading or understanding the source code. In such an environment of sharing and trust among Linux users it would be child's play to propagate any number of hidden surprises inside packages that would be freely passed around a huge community. I guess the point I want to make is three-fold: First, users, be aware of the possibility that binaries you use may not be as secure as you assume they are; Second, packagers (such as SLS or Slackware), many users are trusting your packages to contain clean binaries so YOU should be sure that they all are clean; and thirdly, this problem once again points out the importance of the Copyleft policy of having source-code freely available. If you can't find source code for something to inspect and compile yourself, realize that you're taking an increased risk by using that package. For example, users of "termtelnet," to name one, should think about the fact that this is a program for which we can't find the source code (I, and several other posters on comp.os.linux.help), that may pose a serious security risk (do we know everything that happens when we answer the "Password:" prompt?). I don't mean to denigrate Linux in any way with this post, I think that the whole Linux concept of freely shared development and use is part of what makes it such a fantastic operating system. But I do want to point out one danger that is inherent in such an environment. John Ritchie ritchiej@ucs.orst.edu ------------------------------ From: greg@loose.apana.org.au (Greg Patten) Subject: Re: [Q] How to make modem hangup Date: Thu, 23 Sep 1993 03:07:44 GMT david@omphalos.equinox.gen.nz (David Liebert) writes: >I have serial dial-in/out set up fine with one small problem: after >someone logs out on the serial port, the modem doesn't hang up. Have you got HANGUP=YES in your /etc/default/[uu]getty.ttyS? file? That's about all I could suggest. >This same problem is also reflected with uucp: if uucico exits with >a failed chat sequence I'm left connected to my uucp host. That's wierd. It could be a modem thing then. >PLEASE DON'T TELL ME TO SET -CLOCAL & HUP - no amount of fiddling >with these settings does any good. Yeah..I can't get these to work for me on the dumb terminal either. Even if you turn the computer off the person still stays logged in. Anyone? Cheers, -- _-_|\ Greg Patten. | greg@loose.apana.org.au / \ | or \_.-.*/ <---Melbourne, Australia. | s936079@minyos.xx.rmit.oz.au v ------------------------------ From: josch@pc.chemie.th-darmstadt.de (Joachim Schnitter) Crossposted-To: comp.unix.admin Subject: Re: [Summary] /etc/shutdown by non-root Date: 23 Sep 1993 08:00:00 GMT Kenneth H. Simpson (ken@kronos.arc.nasa.gov) wrote: : In article <27pjmeINNlqf@rs18.hrz.th-darmstadt.de> josch@pc.chemie.th-darmstadt.de (Joachim Schnitter) writes: : >Valdis Kletnieks (valdis@black-ice.cc.vt.edu) wrote: : >: In article <27d35q$bol@agate.berkeley.edu> boss@soda.berkeley.edu (Brion Moss) writes: : >: >(The script was then setuid root, of course). This seemed to work pretty : >: >well. : > : >: A set-UID root shell script is equivalent to giving every user on : >: the system unrestricted root access. : > : >: I suggest you find a way to do it without set-UID shell scripts. : > : >: Valdis Kletnieks : >: Computer Systems Engineer : >: Virginia Tech : > : >Sorry to say that this seems to be real nonsense. A script is simply fed : >into a shell or another interpreter. It is the shell's permissions which : >counts - not the script's. : > : >Try it out and you will see that you cannot give someone root permissions : >with a setuid root script as long as you do not make the shell run setuid : >root (The latter is equivalent to "rm -rf /" as root :-). : > : It depends upon which shell you use, e.g., if you use perl, it may or may : not ignore UID/GUID bits - it's a compile time option. If you use the : shell on a SPARC as in : /bin/sh : it will execute the command as root if the SUID bit is set on the script : and the script is owned by root. So is it the kernel or the script interpreter? What is necessary to enable or disable setuid execution of scripts? I think it must be in the kernel since a non-setuid shell cannot apply the setuid bit of a script to itself. It may ignore it if the kernel passes setuid permissions to the shell, but the other way around? Since this is a Linux newsgroup I suggest that we should mainly discuss Linux related stuff - especially in THIS newsgroup. I sometimes get a bit confused by postings about non-Linux systems without explicit statements about the system meant. So: Thank you for your note about SPARCs (which OS?). I think we are coming to the point where we need a grand wizard to clear our minds. On my Linux 0.99pl13 box the kernel and/or the shells (tcsh-6.04 and bash-1.12) ignore the setuid bit of scripts. I tried it! I do admit that I did not test it on older kernels. Are there older kernels which showed the feature discussed? BTW: I feel very satisfied of the discipline of this discussion - no flames, no injuries (maybe I had left this road a little bit. Sorry). -Joachim -- ______________________________________________________________________ Joachim Schnitter Tel.: +49 (61 51) 16-53 97 Technische Hochschule Darmstadt Fax : +49 (61 51) 16-42 98 Physikalische Chemie I Petersenstr. 20 64287 Darmstadt Germany E-Mail: josch@pc.chemie.th-darmstadt.de ------------------------------ From: upsyf173@psydiff2.uni-bielefeld.de (Wolfgang Thiel) Subject: Re: eth0 receiver overrun...please repost (or email me) the patch Date: Thu, 23 Sep 1993 08:14:00 GMT juphoff@uppieland.async.vt.edu (Uppie) writes: ... >I read a post that there is a patch out for this (apparently the >kernel is storing packets that aren't meant for it, as I understand >things). I'm running 0.99pl11. The same problem disappeared here with the new kernel 0.99pl13. For older kernels look for ip_forward(something) in net/inet/ip.c and comment out this line. Wolfgang ------------------------------ From: david@omphalos.equinox.gen.nz (David Liebert) Subject: Re: [Q] How to make modem hangup Date: Wed, 22 Sep 1993 22:43:53 GMT Thanks to those who sent me help following my original posting, but perhaps I wasn't very clear... Of course I know how to make my modem hang up using Hayes commands. The point is, if the serial device is configured correctly it should hang up the line after someone logs off, or when its baud rate is set to 0. This has got nothing to do with modem commands, but rather a particular line being set low. ------------------------------ From: nam@ccd.harris.com (Noahal A. Mundt) Subject: Modem Lights Date: Thu, 23 Sep 1993 00:58:55 GMT Fellow Linuxers, A while back, before I found Linux, I was an MS-DOS type and I remember a program that could be used for internal modem users to display the modem lights on your monitor. Does anyone know a similar program which works under Linux - preferrably under X. Any information is greatly appreciated. Thanks in advance. Regards, Noahal Mundt - System Administration - Harris Controls Division ============================================================================= | "A good magician never reveals his secret; the unbelievable trick becomes | | simple and obvious once it is explained. So too with UNIX." | ============================================================================= | INTERNET: nam@ccd.harris.com - Phone: (407) 242-5459 fax (407) 242-4453 | ============================================================================= ------------------------------ From: hessamod@uniwa.uwa.edu.au (Azad Hessamoddini) Subject: Juergen,where are you? Date: 23 Sep 1993 17:57:32 +0800 Hi, I'm looking for the author of the aha1522 driver. I found the patch in tsx-11.mit.edu and it was signed by "Juergen" with no address or anything. I need some non-proffesional(I'm not a scsi guru) hint on how to install my Linux when the kernel is not bootable. My scsi driver is aha-1520/1522 and I'm using a DECpc. Thanx for any kind of help. Azad. -- ....... This message was transmitted on 100% recycled photons. ........ ------------------------------ From: Erik.Ratcliffe@p6.f615.n109.z1.fidonet.org (Erik Ratcliffe) Subject: Problem with sysinstall Date: Wed, 22 Sep 1993 20:03:32 -0500 Organization: The University of Texas - Austin vg> I need to reinstall my X11 part of the Linux system. I am vg> using the /dev/fd1 (3.5 floppy) and do vg> sysinstall -instdev /dev/fd1 -series x vg> I get something like vg> insert disk x1 in floppy drive or enter q to quit. vg> I hit enter and I get the 'same' message again. vg> The script exits after repeating the above message thrice. Rajesh, I had this problem a few times myself. The way I got around it wasn't eloquent at all, and is quite uninformed, but for some reason it worked. One time, I "sync"ed and exited the shell I was in, then logged into another console (Alt-F2) and tried again. The other time, I "sync"ed, "reboot"ed, and tried it again; it worked. I don't know why the menu didn't work for me those two times, but then again I don't think that the menu was updated for the 1.03 SLS release. I could be wrong... That's all I can offer. -=|[ Erik Rat ]|=- ------------------------------ Crossposted-To: comp.unix.admin From: mbeattie@black.ox.ac.uk (Malcolm Beattie) Subject: Re: [Summary] /etc/shutdown by non-root Date: Thu, 23 Sep 1993 08:41:00 GMT In article doolitt@cebaf4.cebaf.gov (Larry Doolittle) writes: >In article <9326523.23936@mulga.cs.mu.OZ.AU>, fjh@munta.cs.mu.OZ.AU >(Fergus James HENDERSON) writes: >> >> I do have a patch to Linux which provides _secure_ setuid shell scripts, >> so long as there aren't any security problems with the shell itself. >> Linux's standard shell (bash) has only one security problem ($ENV) >> for which I also have a patch. If you install both of these patches, >> then you can have completely secure setuid shell scripts. >> (Of course, as with any setuid program, you still need to be careful!) > >Has anybody tried to make a setuid PERL script to handle floppy >mounts and dismounts? I have read the docs for PERL, and done >some simple string handling with it. The PERL docs suggest it >has the required level of security, but it also seems a little >lacking in sys-admin functionality. Sacrilege! Perl has excellent sys-admin functionality. Its security checks for suid scripts make them more secure than some naively written C code. I'm intrigued as to what features seem to be missing from perl from that documentation. --Malcolm -- Malcolm Beattie | I'm not a kernel hacker Oxford University Computing Services | I'm a kernel hacker's mate 13 Banbury Road, Oxford, OX2 6NN (U.K.) | And I'm only hacking kernels Tel: +44 865 273232 Fax: +44 865 273275 | 'Cos the kernel hacker's late ------------------------------ From: dvs@ze8.rz.uni-duesseldorf.de (Wolfgang R. Mueller) Subject: Re: 3.5 boot floppies. Not really Re: [Not] enough SLS bashing anymore Date: Thu, 23 Sep 1993 14:27:11 GMT In article ehhchi@maroon.tc.umn.edu (Ed H. Chi) writes: >What's all this fuss about making 5 1/4 boot disks?? Just use bootb, and >you won't ever have to make two seperate boot disk mediums. If there is only a 5-1/4 drive, this doubling cannot be avoided. If however the problem is a 3-1/2 B: drive, the solution is simple: At least with the slackware v1.03 bootdisk (I didn't test any other) you can boot LINUX from a 3-1/2 B: drive with the help of the bootb utility. Either unpack (a remainder from an early SLS distribution) clio.rz.uni-duesseldorf.de:linux/sls102/BOOTB.ZIP under msdos and use it to prepare a 5-1/4 floppy for your A: drive, or rawrite or dd (the 512 byte (!) result of a bootb usage) clio.rz.uni-duesseldorf.de:linux/slack103/BOOT5ATO.3B to a 5-1/4 floppy. Then boot with this 5-1/4 floppy in your A: drive and the slackware 3-1/2 bootdisk in B: holding down the left ALT key so you get to the lilo boot: prompt. There enter ramdisk root=/dev/fd1 and lilo will happily load the kernel from B: and the kernel will happily copy the ramdisk from there. Hope this helps, Wolfgang R. Mueller , Computing Centre, Heinrich-Heine-University, Duesseldorf, Germany. ------------------------------ From: dinn@ug.cs.dal.ca (Michael 'Moose' Dinn) Subject: SMAIL: problems with MXed sites in SLS Date: Thu, 23 Sep 1993 14:16:09 GMT smail doesn't seem to want to send mail to sites with only MX records and no "real" IP addresses. Anyone else find this problem, or have a fix? -- Michael Dinn, CS Student * dinn@ug.cs.dal.ca * Use your modem! (902) 461-4773 "make lots of money", "enjoy the work", "operate within the law": choose 2 ------------------------------ From: root@umibox.hanse.de (Bernd Meyer) Subject: Re: crond output=>mail problem Date: Wed, 22 Sep 1993 22:17:04 GMT rich@mulvey.com writes: >Hello: > I've recently installed the full slackware 1.03 distribution. ( Which >includes Vixie cron, smail, and elm. ) Normally, when cron runs, it >should redirect all output to mail which is then posted to the owner of >the crontab in question. [...] >which leaves an mbox.root file in /tmp. And never exits. So of course >no mail gets sent. ( And root can run elm until the file gets >deleted. ) >Has anyone else encountered this partiular problem? Better yet, any >solutions? :-) No, I have an even better one. Whenever crond tries to send mail to some user, it fails miserably and sends it to some adress mail remembers from earlier sent mails. Of course, I have removed the original "mail" and replaced it with a link to elm. Linking it to smail doesn't help at all. Bernie -- We both know that the earth is round | Bernd Meyer, EE-student So we can't see the way before us to its end | "Nobody is a failure who has We walk on this way, hand in hand, | friends" (from: "It's a And I hope you are still with me behind the horizon| wonderful life") ------------------------------ ** FOR YOUR REFERENCE ** The service address, to which questions about the list itself and requests to be added to or deleted from it should be directed, is: Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU You can send mail to the entire list (and comp.os.linux.admin) via: Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU Linux may be obtained via one of these FTP sites: nic.funet.fi pub/OS/Linux tsx-11.mit.edu pub/linux sunsite.unc.edu pub/Linux End of Linux-Admin Digest ******************************