NEW features of cdrtools-1.10a04:
We are now only a few releases away from the final libscg that includes
SCSI low level command transport.
cdrtools-1.10a04 adds significant new features to the SCSI transport.
If you have wishes/hints for remote SCSI, please send me a mail.
All:
- Fourth phase of libscg restructuring
- scg_havebus() routine made consistent for several OS.
- Now even all debug messages from libscg go to stderr
- Remote-SCSI (SCSI Anywhere) protocol added in librscg
Note that remote SCSI is also a good method for
formal (experimental) verification of the libscg interface.
A remote transport implementation may only implement
known "official" features of a library interface.
The fact that rscsi now works for 4 weeks helped me to fix
several small problems in the interface. Since about a
week, no problem has been observed.
- libdeflt enhanced to allow multiple labels
Rscsi:
- This is the first external release of the Remote-SCSI protocol
which gives you SCSI-Anywhere features.
There are three possible ways to control access to the remote users:
- Let the remote scsi lib log in as a standard user.
In this case rscsi will be called via sh -c /opt/schily/sbin/rscsi
NOTE: In this case, rscsi must be installed suid root.
--- This would need to allow any valid local user to access SCSI ----
It could be a security problem.
- Log in as root and call rscsi via sh -c /opt/schily/sbin/rscsi
NOTE that this will fore you to allow remote logins as root
which is considered to be a security hole.
- Create one or more special user(s) that have /opt/schily/sbin/rscsi
as login shell with their own home directory.
You then may create special .rhost files for each user.
NOTE: In this case, rscsi must be installed suid root.
**** This is the preferred method ****
To enable remote SCSI via the login shell method you should do the following:
- Add an entry to /etc/passwd in the form:
rscsi:x:1999:1000:Tape:/export/home/rscsi:/opt/schily/sbin/rscsi
(modify this according to your OS). And don't forget to
modify /etc/shadow the way it needs to be on your OS.
- Create a home directory for this user and add a .rhosts file
to allow access to all users you like.
- Install rscsi suid root into /opt/schily/sbin
- Install a file /etc/default/rscsi and define access rights.
Without this file, rscsi will not work at all.
The template for this file is: rscsi/rscsi.dfl
RSCSI Security:
- When rscsi starts, it checks if /etc/default/rscsi exists.
If not, it dies.
- If rscsi is not called by a user listed in /etc/default/rscsi
it dies.
- To acess a SCSI target there must be an entry that lists the user
rcsi hast been started from, the hostname and the SCSI target.
rscsi compares the hostname field in /etc/default/rscsi
to the peername retrived from STDIN:
- legal host name IP connection
- "ILLEGAL_SOCKET" Not an IP socket
- "NOT_IP" Not a socket
RSCSI Security hints:
- Do not generally allow other users to see your boot disk via RSCSI.
All people who see this disk may edit yhour passwd file.
- If you are in doubt, only export CD-ROM drives, scanners and similar
devices that are not directly security sensitive.
If anybody sees a security hole in my security precautions, plese send me a mail!
RSCSI usage:
- To use remote SCSI devices you need to know how to access a specific remote
SCSI target.
- dev=REMOTE:host: or dev=REMOTE:host
will allow you to do SCSI bus scanning while you log in as yourself
- dev=REMOTE:user@host: or dev=REMOTE:user@host
will allow you to do SCSI bus scanning while you log in as "user"
If you use the setup described above, you should use:
dev=REMOTE:rscsi@babbel:
to do SCSI Bus scanning on host babbel
- To access a specific SCSI device, you must specify
dev=REMOTE:host:<target spec> or dev=REMOTE:user@host:<target spec>
<target spec> is the SCSI target specification as it is needed
on the remote host
dev=REMOTE:rscsi@babbel:1,3,0
Will let you log in as rscsi on host babbel and open Target 3 lun 0
on SCSI bus #1
- If you use cdrecord -vv ...., cdrecord will on startup print some
information about the remote libscg version used for the connection.
- To be able to use the remote SCSI client code from win32 you need to create
a file /etc/passwd with a corect entry for the user you are on win32.
Call 'id' to get the right user id.
RSCSI speed:
- On a Ultra-10 running Solaris 8, the command overhead time is 400 usec.
You may achieve up to 9900 kB/s via a 100MB/s ethernet connection
bewteen two of such machines.
- With 100 MB/s, 12x recording should be no problem.
- With 10 MB/s, 4x recording is the maximum. Do tests before!
- Logging into a remote machine and running cdrecord on the remote machine
causes the buffer cache on that machine to be trashed. The main user
is disturbed.
- Doing cdrecording via Remote SCSI causes only the rscsi command with less
than 200kB to be needed on the remote machine hosting the CD recorder.
The main user on that machine is not disturbed.
The buffer cache of the machine running cdrecord is trashed.
- It is desirable to use a Burn-Proof recorder to make sure that network
load will not cause buffer underruns.
Cdrecord:
- Fixed a bug in drv_mmc.c that caused cdrecord to core dump if a drive
returns speed == 0
- Call scg_settarget() in scsi_scan() to get a valid SCSI * when
trying to get the SCSI hostadapter ID
- Add several workarounds for Philips ATAPI firmare found e.g. in Iomega Zip USB
drives and possibly many other other Philips OEM based systems.
Philips drives have the worst firmware I've ever seen. In addition, Philips
rejects to give me samples. If there was not the sample I got from
Iomega there would have been no chance to support these drives.
- Add a workaround for a bug in the mode sense implementation
in Philips ATAPI firmware. The drive sends too many bytes
if a program reqests less than 4 bytes with a 10 byte mode sense
command. This causes a DMA overrun which may only be cured by
a reset (at least if the drive is connected via a ATAPI/USB bridge).
Note that the method cdrecord uses (and which causes the problem)
is explicitly noted as the official method to find out whether a
drive supports a certain mode page.
- Enhance the number of bytes transferred at minimum for read ATIP
from 2 to 4 bytes because Philips ATAPI drives otherwise cause
a DMA overrun.
- read_disk_info()
- Issue a test_unit_ready() before trying to check for a ATAPI drive
to circumvent a bug in Philips ATAPI firmware that causes the drive
to be reset on some SCSI commands.
NOTE: To get USB drives working on Linux, you should know that USB-SCSI
support on Linux-2.4test8 is buggy and for this reason too old.
You need usb-storage.c from 4.10.2000 or newer.
To check if your kernel is OK, issue a cdrecord -toc dev=....
with no mdia loaded. If the output looks like this:
cdrecord: I/O error. test unit ready: scsi sendcmd: no error
CDB: 00 00 00 00 00 00
status: 0x2 (CHECK CONDITION)
Sense Bytes: 70 00 02 00 00 00 00 0A 00 00 00 00 3A 01 00 00 00 00
Sense Key: 0x2 Not Ready, Segment 0
Sense Code: 0x3A Qual 0x01 (medium not present - tray closed) Fru 0x0
Sense flags: Blk 0 (not valid)
cdrecord: No disk / Wrong disk!
your kernel is OK, if you only see the last line, you should run
cdrecord -V
and check for the SCSI error messages.
If you see:
status: 0x1 (GOOD STATUS)
instead of
status: 0x2 (CHECK CONDITION)
you have a buggy USB-SCSI driver.
Cdda2wav:
- Now allows Remote SCSI too
Readcd:
- Now allows Remote SCSI too
Mkisofs:
- Now allows Remote SCSI too
- add a warning when Joliet extensions are used without Rock Ridge
TODO:
- better Rock Rodge recognition for multi-session
- read Joliet filenames with multi-session if no TRANS.TBL
or RR is present. I am looking for a volouteer for this task:
Peter Berendi <[EMAIL PROTECTED]> announced that he likes
to be the volounteer for this task.
- implement Yellow book compliant XA extended dir attributes
- add libecc/edc for CDI and similar.
- add UDF support
CYGWIN NT-4.0 NOTES:
To compile on Cygwin32, get Cygwin32-beta20 and install it.
then create a symlink from /bin to the .../bin directory where bash is located.
Now run 'make' ...
For more information read README.win32
The files are located on:
ftp://ftp.fokus.gmd.de/pub/unix/cdrecord/alpha ...
NOTE: These tar archives are 100% ansi compatible. Solaris 2.x tar and GNU
tar may get some minor trouble.
WARNING: Do not use 'mc' to extract the tar file!
All mc versions before 4.0.14 cannot extract symbolic links correctly.
WARNING: Do not use 'winzip' to extract the tar file!
Winzip cannot extract symbolic links correctly.
J�rg
EMail:[EMAIL PROTECTED] (home) J�rg Schilling D-13353 Berlin
[EMAIL PROTECTED] (uni) If you don't have iso-8859-1
[EMAIL PROTECTED] (work) chars I am J"org Schilling
URL: http://www.fokus.gmd.de/usr/schilling ftp://ftp.fokus.gmd.de/pub/unix
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
