From: Digestifier To: Linux-Admin@senator-bedfellow.mit.edu Reply-To: Linux-Admin@senator-bedfellow.mit.edu Date: Sat, 25 Sep 93 16:14:09 EDT Subject: Linux-Admin Digest #76 Linux-Admin Digest #76, Volume #1 Sat, 25 Sep 93 16:14:09 EDT Contents: Re: [Not] enough SLS bashing (Chaz Gillanders) Re: What's the Difference? (X) (Sunando Sen) Re: Linux Administration books (Mark A. Horton) Re: [Summary] /etc/shutdown by non-root (James Chacon) Re: SECURITY HOLE in SLS (anyone can shutdown!) [FIX] (Patrick J. Volkerding) Re: SECURITY HOLE in SLS [NOT-QUITE-FIX] (Patrick J. Volkerding) Re: help for X of linux (nho@nguyen.ruhr.de) Re: e2fsck exit codes (Remy CARD) PC for linux (TODOROV Krassimir) Re: SECURITY HOLE in SLS [NOT-QUITE-FIX] (Jeffrey M. Simon) Re: [Not] enough SLS bashing (Al Lonyear) Re: SECURITY HOLE in SLS [NOT-QUITE-FIX] (Damien Neil) Re: Linux Administration books (Robert Stockmann) ---------------------------------------------------------------------------- From: chaz@egger-uk.demon.co.uk (Chaz Gillanders) Subject: Re: [Not] enough SLS bashing Date: Mon, 20 Sep 1993 14:45:48 +0000 Hang on 'ere a mo. I'm led to believe rightly or wrongly that prices for hardware are cheaper in the US than over here in the UK, and whilst this has nothing to do with the argument given here I am astounded at the suggestion a 3.5 inch drive should cost $75. I can buy (in fact I just have done so) a 3.5 inch drive in the UK for 20GBP, so even at a rather sad exchange rate 1 pound 2 dollars that still only comes to 40 dollars. Are you really suggesting it should cost $75 for a 3.5 inch drive.......... Chaz. +-----------------------+-----------------------------------------------------+ | Chaz Gillanders | The world is your exercise book, the pages on | | Analyst/Programmer | which you do your sums. | | Egger (UK) Ltd | It is not reality, although you can express | +-----------------------+ reality there if you wish. | | Tel: (0434) 602191 | You are also free to write nonsense, or lies, | | Fax: (0434) 605153 | or to tear the pages. | +-----------------------+-----------------------------------------------------+ ------------------------------ From: sens@FASECON.ECON.NYU.EDU (Sunando Sen) Crossposted-To: comp.os.linux.misc,comp.os.linux.help,comp.windows.x Subject: Re: What's the Difference? (X) Date: Sat, 25 Sep 1993 05:49:42 GMT In article <27ve4eINNou2@uwm.edu> rick@ee.uwm.edu (Rick Miller) writes: >I've had a hell of a time getting things working right under the latest >TAMU Linux release. Now, finally, everything *works*... except "more". > >No, it's *not* a permissions problem, and yes, I *know* that "less" would >still work... but it really makes me nervous. What could be the difference >between logging in then doing startx and logging in through xdm? Why on >earth would it screw up "more"??? > >Here's the scoop: > >In the beginning (when I installed Linux [TAMU.99pl12+] onto a clean drive), >all I had to do was login as root and type "startx"... and everything worked. > (Actually, I had to futz with the Xconfig, but that's beside the point.) >Then I thought, "It's not good to be root all the time." So I created "rick". > >I copied all the 'hidden' files from / to /home/rick, then logged in as >rick. Then I tried to "startx"... The "File Manager" and "xclock" came >up alright, but no "xterm". Flipping back to virtual console #1 showed >me that xterm couldn't find "//libXaw.so.3". Well, I thought that was >strange, since LD_LIBRARY_PATH was properly set in my .profile. > >Why wasn't the proper library path searched for "rick" even though it >showed no problem for "root"? > > >WHERE SHOULD I DEFINE LD_LIBRARY_PATH SO THAT IT WILL GET SEARCHED??? > > >Starting "xdm" showed similar troubles, which I'm still sorting out. > >I've got an interim solution (a workaround, really) where all of the >shared libraries in /usr/X386/lib are symbolically linked up to the >root directory. It's *ugly*, folks. ...and "more" doesn't work. > > >It's really wierd! Any user, logging in then using "startx", has no >problems at all. It works great. But if I use "xdm", *NOBODY* can get >"more" to work properly. It displays the first 24 lines, then exits. > > >Can anyone give me a clue what could cause "more" to behave this way??? > The shells launched via xdm do not read your .profile, so whatever is in there is not taking effect. If you want the shell to read your .profile, then start xterm with the `-ls' (login shell) option. So, this is why your LD_LIBRARY_PATH does not work. How have you set up the links? Do you have libXaw.so.3 symlinked to libXaw.so.3.0.1? Just doing a `cd /lib; ln -sf /usr/X386/lib/*so* .' will not be enough. About your problem with more, I would check the .bashrc (assuming you are using bash) to see if there is a `TERM=...' statement. As far as I can see, whenever I login to a vt, TERM is automatically set to `console', and whenver I start an xterm, it is set to` xterm'. Thus, I do not need to set the TERM variable at all. I hope this answers your question. Sunando Sen ------------------------------ From: mahmha@crl.com (Mark A. Horton) Subject: Re: Linux Administration books Date: 24 Sep 1993 22:20:58 -0700 rich@mulvey.com wrote: : Davor Cubranic (cubranic@whale.st.usm.edu) wrote: : : OK, I read quite a bit of Linux documentation, from old FAQ's to new : : HOWTO's and even ALPHA version of SAG, but I haven't found an answer : : to this question (which is why I'm posting it to this newsgroup): : : I'm going to install Linux on my machine within next two weeks. I'll : : be the sole user and administrator of it so I want to get a good : : sys admin book on this. I read a few bibliographies, and in Unix : : Review August 1992, Richard Morin writes "BSD (SunOS 4.x) administrators : : should get the classic _UNIX System Administrator's Handbook_. SVR4 : : (SunOS 5.x) administrators should buy UNIX System V Release 4 Admini- : : stration..." : : Well, here is the problem: which one of these is more applicable to : : Linux administration since it is neither/both BSD and SVR4?? Or maybe : : some of you have some other personal favorite that you could recommend to : : me? BTW, I've got the SAG ALPHA 1, and it is really ALPHA. I definitely : : need some other book in addition to it. : Personally, I use the Unix System V Release 4 Administration book : published by Hayden Books. I've been through just about every major : section, and have yet to find anything that didn't relate pretty : directly to Linux administration. It's a little simplistic at times, : but useful. : - Rich : -- : Rich Mulvey Amateur Radio: N2VDS Rochester, NY : rich@mulvey.com "Ignorance should be painful." IMHO - the O'Reilly book "Essential Systems Administration" would be a good bet for Linux since it covers virtually all flavors of Unix (bsd, sVr4, SunOs, and even "also"ix ;-) ) I think Lars is doing an excellent job on the Linux SAG, but as he says "TRUST THIS AND DIE" but hey, it beats just a stack of diskettes and a crumpled-up, tea-stained copy of the FAQ, right! In the meantime, I've been very pleased with the O'Reilly book - with coverage of so many *nixen, it provides a good perspective on the "Platypus". ;-) 73, mark,ka4ybr -- ================================================================================ Mark A. Horton | Email: mah@ka4ybr.com (soon) Mark Horton Associates | Voice: +1 (404) 371 0291 (office) Strategic Planning | Fax: +1 (404) 371 0291 (office) Performance Tuning | Data: +1 (404) 378 7046 (Linux bbs) "The opionions expressed here | Snail: P.O.Box 747, Decatur, GA US 30031-0747 DO represent those of myself." | ICBM: 33 45 N / 084 16 W | Cruise: 33 45 30 N / 084 16 50 W ================================================================================ "We may note that, for the purposes of these experiments, the symbol "=" has the meaning "may be confused with." - Anon. ================================================================================ ------------------------------ From: jmc@pawnee.telecom.ksu.edu (James Chacon) Crossposted-To: comp.unix.admin Subject: Re: [Summary] /etc/shutdown by non-root Date: 25 Sep 1993 03:15:52 -0500 mcrafts@dale.ksc.nasa.gov (Mark Crafts) writes: >smd@floyd.brooks.af.mil (Sten Drescher) writes: >># whoami >>root >Doesn't it only change your effective user id to root? >Not that it matters, I'm just nitpicking. Not that that really matters, since once your there its just as easy to reset your real uid as well: int main (int argc, char *argv[], char *envp[]) { setreuid ( geteuid (), -1); execve ("/bin/sh", argv, envp); } James ------------------------------ From: bf703@cleveland.Freenet.Edu (Patrick J. Volkerding) Subject: Re: SECURITY HOLE in SLS (anyone can shutdown!) [FIX] Date: 25 Sep 1993 10:16:52 GMT Reply-To: bf703@cleveland.Freenet.Edu (Patrick J. Volkerding) In a previous article, gold@wpfx01.physik.uni-wuerzburg.de (Werner Gold) says: >If you want to shutdown any Linux machine based on SLS try: > >rsh -l root /etc/halt > ^^^^^^^^ > or anything else !!! > >Do that from any host you like. > Ouch! This worked with Slackware, too. I don't know about other distributions. Anyway - source and a binary for an in.rshd that uses shadow passwords (and thus avoids this problem) can be found in /pub/linux/binaries on ftp.cdrom.com. I've merged it into the 1.0.4 disks I have here, so it will be fixed in the next release. In the meantime, *especially if you are on the net*, you should check the security of your in.rshd, and replace it if you need to. -- Patrick Volkerding volkerdi@mhd1.moorhead.msus.edu bf703@cleveland.freenet.edu ------------------------------ From: bf703@cleveland.Freenet.Edu (Patrick J. Volkerding) Subject: Re: SECURITY HOLE in SLS [NOT-QUITE-FIX] Date: 25 Sep 1993 10:24:45 GMT Reply-To: bf703@cleveland.Freenet.Edu (Patrick J. Volkerding) In a previous article, bf703@cleveland.Freenet.Edu (Patrick J. Volkerding) says: > >Anyway - source and a binary for an in.rshd that uses shadow passwords >(and thus avoids this problem) can be found in /pub/linux/binaries on >ftp.cdrom.com. I've merged it into the 1.0.4 disks I have here, so it >will be fixed in the next release. In the meantime, *especially if you >are on the net*, you should check the security of your in.rshd, and >replace it if you need to. > Upon further testing, I find that the new in.rshd will only execute commands for accounts with no password. Anyone know how to fix this? Oh well, it's still better (IMHO) than the in.rshd you could be using now. :^) -- Patrick Volkerding volkerdi@mhd1.moorhead.msus.edu bf703@cleveland.freenet.edu ------------------------------ From: nho@nguyen.ruhr.de Subject: Re: help for X of linux Date: Sat, 25 Sep 1993 12:39:10 GMT ghhwang@pllab1 wrote: : Dear friends, : I have installed the SLS1.03 yesterday. However, there are some problems. : (1) I cannot use "df" Here is my /etc/fstab : # my root partition, although it is automaticaly mounted by the kernel /dev/hda1 / ext2 defaults # my 2. HD mounted on /HDB /dev/hdb1 /HDB ext2 defaults # proc-FS for using top, ps, etc... /proc /proc proc defaults # my swap device /dev/hda5 / swap defaults I do not know exactly the context of /etc/mtab with df but it works. : (2) While I run X, the following message appeared: : >PEXExtensionInit : Couldn't open default PEX FONT ffile Roman_M I do not need PEX so I relinked the X-server (look in /usr/X386/lib/Server for some idea) without PEX support, that message then disappeared. I think that installing the right things (PEX-fonts, -libs, ..) may help (correct me if I am wrong) otherwise just ignore the message. : Please help me! : ghhwang@cs.nthu.edu.tw -- ================================================================ | Nguyen_Ho@nguyen.ruhr.de | DreiringPlatz 1, 45276 Essen (Germany) | TEL : +49 201 503124 ------------------------------ From: card@masi.ibp.fr (Remy CARD) Subject: Re: e2fsck exit codes Date: 25 Sep 1993 15:32:37 GMT In article thompsch@ccmail.orst.edu (Chris Thompson) writes: > >Does anybody know the exit code numbers, and if you do could you include a >short description. The error codes are described in David Engel's fsck front-end man page : The exit code returned by fsck is the sum of the following conditions: 0 - No errors 1 - File system errors corrected 2 - File system errors corrected, system should be rebooted if file system was mounted 4 - File system errors left uncorrected 8 - Operational error 16 - Usage or syntax error 128 - Shared library error e2fsck conforms to these error codes. >Thanks Chris >Thompsoc@kerr.orst.edu Remy -- Remy Card card@masi.ibp.fr ------------------------------ Crossposted-To: comp.os.linux.help,comp.os.linux.misc,comp.os.linux From: todorov@cui.unige.ch (TODOROV Krassimir) Subject: PC for linux Date: Sat, 25 Sep 1993 16:17:23 GMT Hello, Linux Users. I dont know if it is easy to answer to my questions, may be it is in the FAQ-s. What PC must I have to run linux on it? Or maybe is-it easier to enumerate what the PC MUST NOT HAVE? Ex.: - less than ??? MBytes RAM, and - a computer ???? bus, and - a ???? hard disk model ?????, and ..... Thank you for your answers! -- Krassimir ------------------------------------------------------------------- Krassimir TODOROV | Tel: + 41 (22) 705 7635 Centre Universitaire d'Informatique | Uni Dufour | Fax: 320 2927 24 rue du General-Dufour | 705 7659 CH-1211 Geneva 4 | SWITZERLAND | E-mail:todorov@cui.unige.ch ------------------------------------------------------------------- ------------------------------ From: jmsimon@acsu.buffalo.edu (Jeffrey M. Simon) Subject: Re: SECURITY HOLE in SLS [NOT-QUITE-FIX] Date: Sat, 25 Sep 1993 17:45:25 GMT In article <28169d$67v@usenet.INS.CWRU.Edu> bf703@cleveland.Freenet.Edu (Patrick J. Volkerding) writes: > >Upon further testing, I find that the new in.rshd will only execute >commands for accounts with no password. > >Anyone know how to fix this? Yup. All package admins could add a section to their respective README's that states: *** As all programs will not necessarily use the shadow *** *** password system, ensure that all passwords in your *** *** /etc/passwd file have a password of "*". As long as *** *** passwords are truly set in /etc/shadow, there will *** *** be little risk from old binaries. *** *** If you have an old binary that uses passwords from *** *** /etc/passwd, either get a newer version, try to fix *** *** it yourself, or copy all passwords from /etc/shadow *** *** into /etc/passwd on a regular basis (maybe an entry *** *** in your crontab and a shell script or perl program) *** Not that it isn't nice to see people trying to make the system foolproof, but a true fool will still find a way to hose their system :-) You can only do so much for people... >-- >Patrick Volkerding >volkerdi@mhd1.moorhead.msus.edu >bf703@cleveland.freenet.edu J -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Jeffrey M. Simon ATT:716. jmsimon@cs.buffalo.edu << INTERNET 51 Shirley Ave. 834.6180 jmsimon%cs.buffalo.edu@ubvm.bitnet << BITNET Buffalo, NY 14215 ...!{rutgers,uunet}!cs.buffalo.edu!jmsimon << UUCP ------------------------------ From: longyear@maddawg.sii.com (Al Lonyear) Subject: Re: [Not] enough SLS bashing Date: 25 Sep 1993 00:01:13 GMT Jerry Gaiser (jerryg@jaiser.rain.com) wrote: > Well, I don't know about Slackware, because it requires me to have a 3 1/2 > inch diskette to boot and, believe it or not, I don't. Then get some tape or glue and some cardboard. Cut the cardboard into 1.75" strips and attach them to a 3.5" diskette to make your own 5.25" diskette. :-) ------------------------------ From: damien@b63519.student.cwru.edu (Damien Neil) Subject: Re: SECURITY HOLE in SLS [NOT-QUITE-FIX] Date: 25 Sep 1993 18:56:43 GMT In article , Jeffrey M. Simon wrote: > *** If you have an old binary that uses passwords from *** > *** /etc/passwd, either get a newer version, try to fix *** > *** it yourself, or copy all passwords from /etc/shadow *** > *** into /etc/passwd on a regular basis (maybe an entry *** > *** in your crontab and a shell script or perl program) *** Copying passwords from /etc/shadow to /etc/passwd is pointless. It negates the whole purpose of having shadow passwords in the first place. If you do this, you might as well not install shadow passwords at all; it will save you many headaches and be just as secure. -- Damien Neil CMPS/EEAP "Until somebody debugs reality, the best damien@b63519.student.cwru.edu I can do is a quick patch here and there." dpn2@po.cwru.edu Case Western Reserve University - Erik Green ------------------------------ From: stock@dutsh7.tudelft.nl (Robert Stockmann) Subject: Re: Linux Administration books Date: Sun, 26 Sep 1993 02:09:59 GMT cubranic@whale.st.usm.edu (Davor Cubranic) writes: >OK, I read quite a bit of Linux documentation, from old FAQ's to new >HOWTO's and even ALPHA version of SAG, but I haven't found an answer >to this question (which is why I'm posting it to this newsgroup): >I'm going to install Linux on my machine within next two weeks. I'll >be the sole user and administrator of it so I want to get a good >sys admin book on this. I read a few bibliographies, and in Unix >Review August 1992, Richard Morin writes "BSD (SunOS 4.x) administrators >should get the classic _UNIX System Administrator's Handbook_. SVR4 >(SunOS 5.x) administrators should buy UNIX System V Release 4 Admini- >stration..." >Well, here is the problem: which one of these is more applicable to >Linux administration since it is neither/both BSD and SVR4?? Or maybe >some of you have some other personal favorite that you could recommend to >me? BTW, I've got the SAG ALPHA 1, and it is really ALPHA. I definitely >need some other book in addition to it. A Good book is: "Unix System administration handbook" by Evi Nemeth, Garth Snyder and Scott Seebass. Prentice Hall , Englewood Cliffs, 1989 ISBN 0-13-933441-6 Robert Stockmann ------------------------------ ** FOR YOUR REFERENCE ** The service address, to which questions about the list itself and requests to be added to or deleted from it should be directed, is: Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU You can send mail to the entire list (and comp.os.linux.admin) via: Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU Linux may be obtained via one of these FTP sites: nic.funet.fi pub/OS/Linux tsx-11.mit.edu pub/linux sunsite.unc.edu pub/Linux End of Linux-Admin Digest ******************************