Linux-Misc Digest #273, Volume #27 Sat, 3 Mar 01 06:13:03 EST
Contents:
Re: setuid shell script??? (David Efflandt)
Re: shutdown over telnet on redhat (David Efflandt)
Re: suidperl - where the hell is it? (David Efflandt)
Re: setuid shell script??? (John Hasler)
Re: Corrupted fonts after viewing binary file (Floyd Davidson)
kiosk system problem (Fung Wai Keung)
Re: "Dumb" terminal? (Floyd Davidson)
Re: http loopback taking 14 minutes (David Efflandt)
Re: "Dumb" terminal? (Ray Chason)
Re: kiosk system problem (Michael Heiming)
Re: Shutdown Linux without a keyboard (Marius)
Re: Linux freezes (Claus Atzenbeck)
Re: [Fwd: forwarding broadcast traffic] (Jon Masters)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (David Efflandt)
Subject: Re: setuid shell script???
Date: Sat, 3 Mar 2001 05:10:54 +0000 (UTC)
Reply-To: [EMAIL PROTECTED]
On 3 Mar 2001 03:02:53 GMT, Daniel Suen <[EMAIL PROTECTED]> wrote:
>
>Just wondering if anyone knows why the following happened:-
>
>I have a setuid root bash script that just cat /etc/shadow. However, it
>seems that normal users can't use it to get the successful output. What I
>am doing is just for test purpose. I have turned on the execution bit
>and that I am sure the file is owned by root, but still in vain.
The suid bit is usually ignored on scripts for security reasons. You
either need an suid C wrapper, or you could use 'suidperl' instead of
'perl' in the first line of a Perl script. Just be aware that anytime you
edit the script, the suid bit will be cleared, so you will need to reset
it. Also all input data and certain environmental variables may need to
be explicitly set, since suidperl does not trust any outside data. See
'perldoc perlsec' about how to untaint data.
--
David Efflandt [EMAIL PROTECTED] http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/
------------------------------
From: [EMAIL PROTECTED] (David Efflandt)
Subject: Re: shutdown over telnet on redhat
Date: Sat, 3 Mar 2001 05:15:08 +0000 (UTC)
Reply-To: [EMAIL PROTECTED]
On 3 Mar 2001 02:16:40 GMT, Dances With Crows <[EMAIL PROTECTED]> wrote:
>On Fri, 2 Mar 2001 17:47:51 -0800, mosinski staggered into the Black Sun
>and said:
>>Hello, I have a redhat server but I can't shut it down over telnet.
>>Where Can I configure it to allow shutdown over telnet
>
>Disable telnet, use ssh. telnet is asking for trouble.
>
>That said, ssh into the machine, then su to root, then shutdown -h now.
>Or edit /etc/shutdown.allow to include a list of authorized users, and
>add the -a option to shutdown.
Actually 'shutdown -h +1 &' to fork into the background and wait a minute
to give you time to logout. Or similarly you could use -r to reboot, but
then you should not have to do that in Linux.
--
David Efflandt [EMAIL PROTECTED] http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/
------------------------------
From: [EMAIL PROTECTED] (David Efflandt)
Crossposted-To: comp.os.linux.setup
Subject: Re: suidperl - where the hell is it?
Date: Sat, 3 Mar 2001 05:19:37 +0000 (UTC)
Reply-To: [EMAIL PROTECTED]
On Thu, 01 Mar 2001 05:39:41 GMT, Ken Williams <[EMAIL PROTECTED]> wrote:
>I've looked eveywhere, I do not have suidperl on my system, freshmeat, osdn,
>etc all do not have anything. Where can I get this?
Mine is in /usr/bin/suidperl and it works as long as you untaint what you
need to. If you don't find it there, you either need a package that
includes it or can compile Perl from source to include it.
--
David Efflandt [EMAIL PROTECTED] http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/
------------------------------
From: John Hasler <[EMAIL PROTECTED]>
Subject: Re: setuid shell script???
Date: Sat, 3 Mar 2001 04:27:29 GMT
Daniel Suen writes:
> I have a setuid root bash script...
No you don't. Linux does not permit scripts to be setuid: they are
fundamentally insecure.
--
John Hasler
[EMAIL PROTECTED]
Dancing Horse Hill
Elmwood, Wisconsin
------------------------------
From: Floyd Davidson <[EMAIL PROTECTED]>
Subject: Re: Corrupted fonts after viewing binary file
Date: 02 Mar 2001 19:51:18 -0900
Donald Arseneau <[EMAIL PROTECTED]> wrote:
>Floyd Davidson <[EMAIL PROTECTED]> writes:
>
>> Simon Andrews <[EMAIL PROTECTED]> wrote:
>> >
>> >Whist working in a vga bash shell I accidentally "more"d a binary file
>> >(I think it was boot.map). For some reason this caused the screen font
>> >for that shell to become corrupted.
>
>> Put this into your ~/.bashrc file:
>>
>> alias sane='echo -e "\\033c";tput is2;stty sane line 1 rows $LINES columns
>$COLUMNS'
>
>What has happened is "you" told the terminal to switch to the ansi
>"alternate character set", which is for line drawing and other
>special things. The control-N character (^N, 14, octal 016,
That is probable, and may be true in this case. But there are
several other ways to scramble your terminal. The above method
of re-initializing the terminal is intended to be generic enough
to fix _any_ of the several ways of scrambling a terminal.
Hence, while
> alias earthling='echo -e "\\017"'
> alias martian='echo -e "\\016"'
might work, it will not do much in other cases. The "sane" alias
above resets the terminal itself, reinitializes it (tput is2),
and then reconfigures the device driver for appropriate line
characteristics and window size. That is generally going to do
the job no matter what condition the terminal has been put into.
--
Floyd L. Davidson <http://www.ptialaska.net/~floyd>
Ukpeagvik (Barrow, Alaska) [EMAIL PROTECTED]
------------------------------
From: Fung Wai Keung <[EMAIL PROTECTED]>
Subject: kiosk system problem
Date: 3 Mar 2001 08:02:18 GMT
Hi all,
I am building a robot transportation system which has Redhat 5.1 as its
running OS. Since the users are not experts in computer and linux, I have
to make my control program to run automatically when the users power on
the robot. I set the linux to boot up in runlevel 4 (the kiosk mode) and
follow the instructions in Kiosk-HOWTO and homepage "The Linux Touchscreen
kiosk" (http://www.charweb.org/webinfo/kiosk/). My control program can be
re-run if it is killed as I use a while loop to guide the launching of the
program, as in Kiosk-HOWTO.
The robot manufacturer has created scripts to load and unloaded necessary
modules and services during bootup and shutdown respectively in runlevel
3 and the robot can cut its power off automatically. I then make symbolic
links of necessary scripts in /etc/rc.d/rc3.d to /etc/rc.d/rc4.d.
In runlevel 4, I
have the robot and my control program bootup sucessfully. However, when I
power down the robot (while my control program and X-windows is running),
the modules and services loaded in bootup cannot be un-loaded and the
message "The system is halted" shows up. It seems that all the K??xxx
scripts have not been executed when shutdown and the robot power cannot be
cut off by itself and the robot computer has been shutdown-ed. On the
other hand, if I quit X-windows (by pressing Ctrl-Alt-Backspace) and then
power off the robot, the shutdown process run smoothly as in the
case of runlevel 3 (ie. I can see shutting services message coming out
in screen and the robot can cut its power automatically). I
don't want the users to kill the X-server before powering off the robot
(to have a normal shutdown) as all user inputs are handled with a
touchscreen monitor.
Is there a way to force the system to run K??xxx scripts when shutdown in
runlevel 4?
Thanks in advance.
--
Regards,
Wai Keung, Fung
Department of Automation and Computer-Aided Engineering,
The Chinese University of Hong Kong,
Shatin, N.T.,
Hong Kong
Tel: (852)26098056 Fax: (852)26036002
Email: [EMAIL PROTECTED]
------------------------------
From: Floyd Davidson <[EMAIL PROTECTED]>
Subject: Re: "Dumb" terminal?
Date: 02 Mar 2001 23:53:31 -0900
Robert Jones <[EMAIL PROTECTED]> wrote:
...
>info: Terminal type "dumb" is not smart enough to run Info
>
>Any clues? I'm running RH6.0.
Do "echo $TERM" and presumably it will print out "dumb".
If you do "export TERM=xterm" or "export TERM=linux" or
whatever is appropriate, all should be well.
You can also logout and login and that should reset your
entire environment. I suppose you could also reboot or
reinstall the OS too, but this isn't made by MicroSoft
so that is going a little too far... :-)
--
Floyd L. Davidson <http://www.ptialaska.net/~floyd>
Ukpeagvik (Barrow, Alaska) [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (David Efflandt)
Crossposted-To: comp.os.linux.development.system,comp.os.linux.setup
Subject: Re: http loopback taking 14 minutes
Date: Sat, 3 Mar 2001 09:22:05 +0000 (UTC)
Reply-To: [EMAIL PROTECTED]
On Thu, 01 Mar 2001, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>
>> [EMAIL PROTECTED] wrote:
>> >
>> > I have a java app which calls httpd. Both httpd and my java app are on
>> > the same box, but I address the server with its name, i.e.
>> > http://www.nowhere.com:8080/my.jsp. I can see that "my.jsp" has
>> > finished, by its having written to a log, but may java app, which is
>> > acting as the client, does not get a response for as long as 14 minutes.
>> >
>> > What could create the delay? I can ping in 0.1ms, but this http
>> > response...
>> >
>> > - Craig
>>
>> Your name lookup is most likely timing out on one DNS server, then going
>> to the next. The lag is the timeout. You can verify this by using your
>> numeric/dotted-decimal ip address in place of "www.nowhere.com"...if
>> dotted-decimal form is fast, then it is your DNS source, whereby the
>> first one does not know the answer and takes its time getting to the
>> second source (and then maybe the third). A place to look is
>> /etc/resolv.conf, and /etc/host.conf. Be sure your /etc/hosts file is
>> searched first before DNS, and that DNS servers are listed correctly.
>> That way if "www.nowhere.com" is listed in /etc/hosts, it'll be found
>> instantly.
>
>My host.conf looks like this:
> order host,bind
> multi on
>
>My resolv.conf, like this:
> domain nowhere.com
> nameserver 172.16.0.240
> nameserver 172.16.0.241
> search nowhere.com nowhere.net
>
>and a nslookup returns (very quickly):
> # nslookup europa.nowhere.com
> Server: ns1.nowhere.com
> Address: 172.16.0.240
>
> Non-authoritative answer:
> Name: europa.nowhere.com
> Address: 172.16.0.42
>
> #
>
>Anything look wrong...
Yes, there could be confusion with the REAL nowhere.com. You should use a
fictional domain for private IPs. What does 'nslookup 172.16.0.42' return
(does your reverse lookup work)?
> set q=any
> nowhere.com
Server: localhost
Address: 127.0.0.1
Non-authoritative answer:
nowhere.com nameserver = NS1.nowhere.com
nowhere.com nameserver = NS2.nowhere.com
nowhere.com internet address = 204.29.203.70
Authoritative answers can be found from:
nowhere.com nameserver = NS1.nowhere.com
nowhere.com nameserver = NS2.nowhere.com
NS1.nowhere.com internet address = 169.207.160.20
NS2.nowhere.com internet address = 206.190.29.173
--
David Efflandt [EMAIL PROTECTED] http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/
------------------------------
From: Ray Chason <[EMAIL PROTECTED]>
Subject: Re: "Dumb" terminal?
Date: Sat, 03 Mar 2001 09:42:00 -0000
Robert Jones <[EMAIL PROTECTED]> wrote:
>I don't remember what I was trying to do originally earlier today but I
>finally tried
>
>$ man man
>and was greeted with this cryptic msg:
>
>WARNING: terminal is not fully functional
>- (press RETURN)
>
>(which seems like a direct descendant of the infamous "kbd not detected
>press F1 to continue". I never did discover the missing functionality
>until I tried
>
>$info man
>and got a somewhat more informative:
>
>info: Terminal type "dumb" is not smart enough to run Info
>
>Any clues? I'm running RH6.0.
The TERM environment variable is not set, or is set to "dumb". If
you're in an xterm, it should be xterm or xterm-color; if at a full
screen console, it should be linux.
Xterms normally set this automatically, so I assume you're at a full
screen console. Use this command:
export TERM=linux
You can drop it in your .profile if you want.
--
--------------===============<[ Ray Chason ]>===============--------------
PGP public key at http://www.smart.net/~rchason/pubkey.asc
Delenda est Windoze
------------------------------
Date: Sat, 03 Mar 2001 10:15:15 +0100
From: Michael Heiming <[EMAIL PROTECTED]>
Subject: Re: kiosk system problem
Fung Wai Keung wrote:
> Hi all,
>
> I am building a robot transportation system which has Redhat 5.1 as its
> running OS.
Why do you use such an acient distro, sure it's prone to security problems.
> Since the users are not experts in computer and linux, I have
> to make my control program to run automatically when the users power on
> the robot. I set the linux to boot up in runlevel 4 (the kiosk mode) and
> follow the instructions in Kiosk-HOWTO and homepage "The Linux Touchscreen
> kiosk" (http://www.charweb.org/webinfo/kiosk/). My control program can be
> re-run if it is killed as I use a while loop to guide the launching of the
> program, as in Kiosk-HOWTO.
>
> The robot manufacturer has created scripts to load and unloaded necessary
> modules and services during bootup and shutdown respectively in runlevel
> 3 and the robot can cut its power off automatically. I then make symbolic
> links of necessary scripts in /etc/rc.d/rc3.d to /etc/rc.d/rc4.d.
>
> In runlevel 4, I
> have the robot and my control program bootup sucessfully. However, when I
> power down the robot (while my control program and X-windows is running),
> the modules and services loaded in bootup cannot be un-loaded and the
> message "The system is halted" shows up.
This is expected if you enter runlevel 0 (SuSE - check your /etc/inittab)
Perhaps your mobo is not able to shut power off, if runlevel 0 has been
reached,
check the manual, try the manufactors web site, if you don't have it handy.
> It seems that all the K??xxx
> scripts have not been executed when shutdown and the robot power cannot be
> cut off by itself and the robot computer has been shutdown-ed. On the
> other hand, if I quit X-windows (by pressing Ctrl-Alt-Backspace) and then
> power off the robot, the shutdown process run smoothly as in the
> case of runlevel 3 (ie. I can see shutting services message coming out
> in screen and the robot can cut its power automatically). I
> don't want the users to kill the X-server before powering off the robot
> (to have a normal shutdown) as all user inputs are handled with a
> touchscreen monitor.
>
> Is there a way to force the system to run K??xxx scripts when shutdown in
> runlevel 4?
What K??xxx scripts, they are normaly just symlinks back to the script that
stops/starts/possibly_more
the service, this is an example from my machine:
lrwxrwxrwx 1 root root 9 Jan 29 2000 K20apache -> ../apache
Check those scripts that come with your distro, maybe they give you an idea.
Good luck
Michael Heiming
>
>
> Thanks in advance.
>
> --
>
> Regards,
> Wai Keung, Fung
>
> Department of Automation and Computer-Aided Engineering,
> The Chinese University of Hong Kong,
> Shatin, N.T.,
> Hong Kong
>
> Tel: (852)26098056 Fax: (852)26036002
> Email: [EMAIL PROTECTED]
------------------------------
From: Marius <[EMAIL PROTECTED]>
Subject: Re: Shutdown Linux without a keyboard
Date: Sat, 03 Mar 2001 11:58:06 +0100
Thank you all for your response.
I do not want to shut it down over network for 2 reasons:
1. This router should not be accessible over any network, for security
reasons.
2. It is a router in a heterogen environment: win98 and linux. Win and
Linux clients use the router. If only the win client is on, it will be
difficult to login over ssh. (By the way, other clients will be added
(Psion epoc system))
3. I would like to stop the router over a simple "button press". (this
is fast and easy)
I know that there are possibilities with ups programmes (for example
greenpower). They check the serial port and shut the machine down when
Powerfail is indicated. However, this only works with more or less
complicated circuit:
______________o DSR
|
____|______________o DTR
|
|
_|_
| |
| |
| | R= 10 kOhms DSR, DTR, DCD and GND are
|_ _| the connection to the serial
| cable.
|
|
__|___________________oDCD
|
\
\ (Output of Relais, which tests if power is present)
|
|______________________o GND
Signal: 9 pin Serial Cable 25 pin Serial Cable
________________________________________________________
DSR pin no 6 pin no 6
DTR pin no 4 pin no 20
DCD pin no 1 pin no 8
GND pin no 5 pin no 7
_________________________________________________________
The relais is connected to a low voltage transformator (with an output
of 6 volts for example) which again is connected to the public power
network. (240 volts). If power fails, the relais which is connected to
the low voltage transformator opens; GND and DCD are not connected any
longer. Now, the programm greenpower shuts down the computer.
However, this indicates that I have to switch off something (connected
to the relais) to shut down the router, after that, I would have to
swichtch off powersupply for the router.
Is there not an easier solution??
Hartmann Schaffer wrote:
> On Fri, 02 Mar 2001 23:28:08 +0100, Marius staggered into the Black Sun
> and said:
>
>> I have S.u.S.E. Linux installed on a slow machine which I am using as a
>> router. I do not need a screen for it but before I switch off power, I
>> have to let it shut down of course.
>>
>> I do not want do do it with a keyboard (Ctrl+Alt+Del) any more (too big)
>>
>> Does anybody know how to shut a linux machine down over another hardware
>> (like just pressing a button on my desk) ? Is there some software that
>> recocnizes short circuit on com 1... which then shuts down the machine?
>
>
> obviously your machine is on a network. how about shutting it down remotely
> (rsh, ssh etc)?
>
> hs
------------------------------
From: Claus Atzenbeck <[EMAIL PROTECTED]>
Subject: Re: Linux freezes
Date: Sat, 3 Mar 2001 11:27:52 +0100
[EMAIL PROTECTED] wrote on Fri, 02 Mar 2001 17:40:34 GMT:
> What does your dmesg say?
I put the output of my dmesg on my web site. Please take a look at it:
http://www.atzenbeck.de/dmesg.txt
(text file, size: 7k)
The only thing which I changed after the freeze is installing VMware
(evaluation copy). Therefore the vmnet stuff which is shown by dmesg was
not there when the computer was freezing.
Thanks so much for your help!
Claus.
------------------------------
From: Jon Masters <[EMAIL PROTECTED]>
Crossposted-To: uk.comp.os.linux
Subject: Re: [Fwd: forwarding broadcast traffic]
Date: Sat, 03 Mar 2001 10:27:40 +0000
Trevor Hennion wrote:
> Does the desktop communicate via the router successfully for ather
> traffic? If not then you may need to ensure that 'ip_forward' is set.
It's nothing that simple :P I'm quite happy with ordary traffic
forwarding and I'm familiar with linux networking...
currently the linux networking stack does a few things with broadcasts
that I disagree with and I don't think I'm going to find the kludge I
want :(
--jcm
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to comp.os.linux.misc.
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Misc Digest
******************************
