I am the master of not getting around to what I wanted to say. The only thing I was worried about is, on the off chance that my server was hacked when I was logged in to the hlds/srcds console, with the root tty chmodded to 666, would there be any chance that they could gain root access to the server box through the tty? hlds/srcds do not run as the root user, although I am embarrassed to admit, they used to...
Drek Joseph Laws wrote: > Same with me. > > Root console = keyboard/mouse in front of system (or KVM/IP). > > Using root within SSH I'd consider su root...nobody allows root login > via SSH and typically people force a su to root, sudo or something else > to get root privileges. > > My setup is symlinked for all files except those which clients need the > ability to write/update to. So I would give them write access to quite > a few folders but not allow overwrite on anything linked. The symlink > ownership really doesn't seem to matter but the launch scripts are > chowned to root.root w/ 755 chmod so the user can execute the script in > their environment. We typically have a start/stop script..the start > script simply sets the SCREEN variables and launches the actual server > script. If I ever want to debug the console I will launch the server > script as user...I don't mess around with intercepting and closing > screens. Anything that is going to happen is going to happen live on a > re-execute. > > J T wrote: > >> Depends on what terminology you're using. The root console usually means >> that you're logged in as root on the console "keyboard and mouse". If you're >> on the console, you haven't logged in and have to login as root with your >> login and password. >> >> On Fri, Nov 14, 2008 at 2:21 PM, Crazy Canucks <[EMAIL PROTECTED]>wrote: >> >> >> >>> Just out of curiosity, if you have access to the root console, is that >>> the same thing as having root access? >>> >>> Drek >>> >>> J T wrote: >>> >>> >>>> There is a reason why the tty is owned by the user and with specific >>>> permissions. Changing this is basically allowing any user on the system >>>> access to the screen. >>>> >>>> If you do make these changes, there will be security implications. >>>> >>>> On Fri, Nov 14, 2008 at 1:33 PM, Crazy Canucks <[EMAIL PROTECTED] >>>> wrote: >>>> >>>> >>>> >>>> >>>>> I figured out what my problem was. I needed to "screen -r xxx" as the >>>>> user I started the screen as. Anyway, I wrote a simple script that >>>>> chmods /dev/pts/0 to 666 then su's the "screen -r" command. Works >>>>> perfectly. >>>>> >>>>> Had nothing to do with su, as usual with my problems with Linux, it was >>>>> permissions and ignorance.... :) >>>>> >>>>> Drek >>>>> >>>>> Anthal wrote: >>>>> >>>>> >>>>> >>>>>> Why not just create a user, like l4d, and run the process from that >>>>>> account. Whenever you need to re-attach, just su to l4d, and 'screen -r >>>>>> $game' (whatever $game may be) >>>>>> >>>>>> Crazy Canucks wrote: >>>>>> >>>>>> >>>>>> >>>>>> >>>>>>> I use su to run screen to run my servers under a different user, and I >>>>>>> nice the process. It works well, but when I do this I am unable to >>>>>>> reattach to the console. Does anyone have any suggestions on how I >>>>>>> could get around this problem? >>>>>>> >>>>>>> These are the relevant lines from my startup script: >>>>>>> >>>>>>> server_command="screen -A -m -d -S $game ./$game"_run" -tos -game $mod >>>>>>> +map `cat ./$mod/starting_map` +maxplayers $server_size -heapsize >>>>>>> $heap_size +ip 192.168.0.101 -pidfile $game.pid >>>>>>> >>>>>>> >>>>>>> >>>>> -debug$extra_config_options" >>>>> >>>>> >>>>> >>>>>>> nice -n -20 su -c "$server_command" cc-server >>>>>>> >>>>>>> It may look a bit complicated, but I think the variable names make it >>>>>>> pretty clear what is going on. >>>>>>> >>>>>>> Drek >>>>>>> >>>>>>> P.S.: I'm a Linux nub, so go easy on me... ;) >>>>>>> >>>>>>> Ronny Schedel wrote: >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> Hi, i am now using screen to start my server as daemon. >>>>>>>>> But i know that professional hosters uses diferent ways. >>>>>>>>> >>>>>>>>> i have reasons to think that screen is freezing my servers. >>>>>>>>> >>>>>>>>> so... How do you start your server? >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> With screen. No, screen does not freeze your servers, plugins do. >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> To unsubscribe, edit your list preferences, or view the list >>>>>>>> >>>>>>>> >>> archives, >>> >>> >>>>> please visit: >>>>> >>>>> >>>>> >>>>>>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> _______________________________________________ >>>>>>> To unsubscribe, edit your list preferences, or view the list archives, >>>>>>> >>>>>>> >>>>>>> >>>>> please visit: >>>>> >>>>> >>>>> >>>>>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> _______________________________________________ >>>>>> To unsubscribe, edit your list preferences, or view the list archives, >>>>>> >>>>>> >>>>>> >>>>> please visit: >>>>> >>>>> >>>>> >>>>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> _______________________________________________ >>>>> To unsubscribe, edit your list preferences, or view the list archives, >>>>> please visit: >>>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>>> >>>>> >>>>> >>>>> >>>> >>>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>> >>> >>> >> >> >> > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
