Linux-Development-Sys Digest #581, Volume #6 Sun, 4 Apr 99 12:13:55 EDT
Contents:
Re: Idea: Make a seperate "i686" tree for Redhat Linux 6.0 (Alexander Viro)
Re: Help - want to add users and passwds not as root. (Elmo Recio)
Clueless Users Are Bad for Debian - was Re: After Week 1 With Linux -- (Sid Boyce)
Re: FAT/VFAT FS-types not case sensitive? (Joseph Sarkes)
Re: glib 1.2.0 and slackware (Richard Back)
Re: Proposal: "Linux 2000 Platform" (Jeremy Crabtree)
Re: no setuid for scripts (H. Peter Anvin)
Re: ext2 documentation / explanation (Aki M Laukkanen)
Re: no setuid for scripts (H. Peter Anvin)
Re: Put another way: Linux from the Ground Up (H. Peter Anvin)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Alexander Viro)
Crossposted-To:
comp.os.linux.misc,linux.redhat.misc,alt.linux,alt.os.linux,comp.os.linux.hardware
Subject: Re: Idea: Make a seperate "i686" tree for Redhat Linux 6.0
Date: 4 Apr 1999 06:34:21 -0400
In article <[EMAIL PROTECTED]>,
Enkidu <[EMAIL PROTECTED]> wrote:
>James Goldman wrote:
>>
>> <snip description of lusers>
>>
>Alexander did miss the the bit about "unable to read a manual or
>other documentation". Tho' some of that may be not knowing where
>to look, which in itself doesn't make someone a "luser".
"...extremely short attention span..."
As in "any manual longer than 2 paragraphs will be treated so: 5-6 random
sentences glanced over, everything else ignored".
--
"You're one of those condescending Unix computer users!"
"Here's a nickel, kid. Get yourself a better computer" - Dilbert.
------------------------------
From: Elmo Recio <[EMAIL PROTECTED]>
Subject: Re: Help - want to add users and passwds not as root.
Date: Sun, 04 Apr 1999 07:12:31 -0500
This is a multi-part message in MIME format.
==============98FABF8EBB786A867BC80A82
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Phil Howard wrote:
> On Sun, 04 Apr 1999 03:58:21 -0400 Nico Zigouras ([EMAIL PROTECTED]) wrote:
>
> | I need your help desperately. I am setting up a web site and I want to
> | have users be able to add themselves to my linux system through a web
> | page. They should be able to add themselves as a user and set their
> | passwords.
>
>
> Maybe someone has written such a thing in C/C++ already.
>
>
I wrote a similar program for SAMBA. It's a CGI C++ program that runs as nobody. Then
an
admin program that run's in root's crontab every... say minute or so... It looks for a
special database file whose permissions are set to 0400, owned by root. And when the
cron job kicks up, it runs the smbpasswd command using the data in the file. However,
it
WILL NOT change the user's password if his old one doesnt check out with what he said
his old password was.
But like i said... it was designed for SAMBA password. Prolly a few hours of hacking
some bad code (my boss needed it right away) and you can make it work for the regular
unix passwd.
> Phil Howard KA9WGN
> [EMAIL PROTECTED] [EMAIL PROTECTED]
ps: phil ehhe, n2wog here! ;)
cheers,
elmo
--
"We're really missing you
and you've only just gone
You were punched, you fell, and
you felt embarrassed
My heart goes out to you
So I offered love and it was not
Required
What else can I do?"
-Morrissey (Sunny)
==============98FABF8EBB786A867BC80A82
Content-Type: text/x-vcard; charset=us-ascii;
name="elmo.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Elmo Recio
Content-Disposition: attachment;
filename="elmo.vcf"
begin:vcard
n:Recio;Elmo
tel;pager:215-314-2622
tel;cell:215-681-5612
tel;fax:215-503-2OIT
tel;home:215-563-3555
tel;work:215-503-0991
x-mozilla-html:FALSE
url:http://polywog.navpoint.com
org:Thomas Jefferson University;Office of Information Technology
version:2.1
email;internet:[EMAIL PROTECTED]
title:SysAdmin @ Marr
adr;quoted-printable:;;2220 Walnut Street=0D=0A#502;Philadelphia;PA;19103;USA
x-mozilla-cpt:207.206.42.28;15520
fn:Elmo Recio
end:vcard
==============98FABF8EBB786A867BC80A82==
------------------------------
From: Sid Boyce <[EMAIL PROTECTED]>
Subject: Clueless Users Are Bad for Debian - was Re: After Week 1 With Linux --
Date: Wed, 31 Mar 1999 17:50:11 +0000
As if to emphasise the points I made below, I just read this on
slashdot......
Clueless Users Are Bad For Debian
Posted by Hemos on Wednesday March 31,
@08:38AM EDT
from the interesting-to-read dept.
Helmholtz writes "I just got done reading a very
interesting article about Debian and Clueless Users that
appeared on
the Debian Weekly News site. I think this article would be a very good
thing for
users of all distributions to read, as it touches upon what might become
a very real problem.
Now that the word "Linux" has been splashed around by such
'heavyweights'
as CNN and NPR, everyone who want to be seen as a 'cool computer guy'
is trying
to get Linux up. This of course is done without any heed to the absolute
requirement that some learning to occur. This is a concept that the
Debian article holds at its core, I believe. "
===============================================================================
Sid Boyce wrote:
>
> John Myers wrote:
> >
> >
> > Nor am I a "newbie" (except where linux is concerned). I have configured
> > and maintained DOS, Windows, and NetWare systems for many years, and have
> > at least a rudimentary understanding of C. After one very frustrating
> > month with debian linux, I can't even get this box to send garbage to the
> > printer... X-Windows is installed and working, but seems to be simply
> > a "brighter" version of the command line...very impressive!
> >
> Perhaps you should get an easier distribution like RedHat or Suse where
> printer configuration amongst other things is a cinch. If you think
> Xwindows is simply that, you should see other people's desktops or go to
> the KDE, GNOME, WX-Windows, Afterstep, fvwm2-95 or other homepages and
> look at some screen shots, then rewrite that statement. It's getting so
> crowded in that area that on a recent visit to our HQ in Sunnyvale,
> Calif., I was sitting using a linux box and didn't know it for a couple
> of days, nor did I recognise Linux on a Sparc box in our European HQ. If
> I tell you that a MS Windows desktop looks very jaded by comparison, I'm
> not kidding and you can check it out yourself.
>
> > I won't requote your entire message, but it did my heart good to read it.
> > I have read this forum extensively, and as a result have been hesitant to
> > submit my own basic questions. The standard response ...read the docs
> > (/usr/doc/whatever/examples/examples/examples/what.the.#%&#$%!!!!), is
> > somewhat insulting. I have read hundreds of pages of docs, FAQs, man pages
> > and have found precious few answers to seemingly simple questions. The
> > resultant conclusion from geekdom, of course, is that I must be a moron.
> > I've been thought of and called worse, but this does not answer my
> > questions, or help to get my system operating.
> >
> As suggested above, perhaps a distribution that does most of the work
> for you is in order. I've seen many guys without your expansive
> experience cope very well with Linux, many of them straight out of
> DOS/Windows, so I don't know if that casts any aspertions your way. I
> can tell you that recently a number of colleagues have installed either
> RedHat or Suse and have commented on how easy the setup was, one told me
> he had everything up and running including X, but had a bit of a tussle
> with setting up PPP, but eventually got it going. There are some nice
> tools for setting up PPP very easily if you know them. If you ask for
> help and the question is specific, with pertinent details of what you
> are seeing, then it's easy for anyone to help, too often we've seen a
> "XXX don't work, I need help" appeal which leaves you quite cold, you
> don't know anything of the environment or the specific problem, but you
> are asked to conjure up a solution out of thin air. Personally, I've
> offered considerable help to people over the years and my approach, once
> I have something concrete to work on, is to tell the person exactly what
> needs to be typed in to fix the problem and may be an example that's
> very easy to follow. I have read many HOWTO's in my time and have found
> that if followed to the letter logically, they are excellent, though a
> few times when I've hit a dead end, a re-read of the HOWTO has often
> showed that I missed some simple but critical point.
>
> > I was interested in a multi-tasking, multi-user operating system for use
> > in my office. To accomplish real work. I am not interested in endlessly
> > playing with a sophisticated "geek toy". I am willing to put in the time
> > and effort required, so long as that investment remains reasonable and
> > shows SOME return. To date debian. X-Windows, Samba have not met this
> > requirement.
> >
> I'm not too au fait with debian, I've usually brewed my own or started
> from a base system like slackware when a rogue motherboard wrecked my
> filesystem. X-windows configuration tools are around that make the job
> simplicity itself if you know just a few points gleaned from the manuals
> that accompany your video card and monitor. I even have a friend who has
> an old 14" monitor with no specs, but have done a little guess work
> based on the age of the monitor and it works fine. You have perhaps not
> heard of sambaconfig or kcmsamba (for KDE), linuxconf, or Webmin, though
> for some of them you need X and for Webmin you need a browser also.
>
> > I have not given up on linux, yet, but if I have learned anything from
> > this project it is that Mr. Gates needn't lose any sleep over the "linux
> > threat"
> >
> > Still trying (for a while, anyway)
> >
> I find it difficult to see how you've become so confusticated (if not a
> dictionary word, it's a colloquialism used here in the UK to signify
> total loss of bearings).
> On a daily basis, for WORK, with Linux ONLY, I use Netscape for mail
> and Web browsing, x3270, Citrix Winframe client, acroread,
> StarOffice/Applixware (for Word/Excel) and that's besides lots of other
> things I do in the personal area. Whatever innovation the Corporation
> has introduced, I've been able to fall in with on Linux.
> As for Mr. Gates, we don't lose any sleep over him and we wish him many
> peaceful nights with pleasant dreams, but that won't help him to produce
> an OS that's not full of gremlins, nor applications that are not prone
> to ad-infinitum attacks like Happy-99 and Melissa viruses, I'm sure the
> guys that write them too have peaceful nights at the thought of a job
> well done and wake up full of the joys of spring for a fresh set of
> endeavours they know will also be successful and will make IT managers
> more nervous than the FUD Gates&Co. throw at Linux. All it needs is for
> some to do their homework on realising that Windows is not industrial
> strength and the consequences will follow, or they can just take the
> grief and losses as part of life's rich tapestry.
>
> > Thanks for listening
> >
> > John Myers
> >
> Here's hoping your troubles will melt away on getting one of the more
> mature distributions, so that like the rest of us, you can get to using
> Linux for some serious work and perhaps like us, you can one day say,
> "I'm sorry, Bill doesn't live here anymore".
> Regards
> --
> ... Sid Boyce...Amdahl(Europe)...44-121 422 0375
> Any opinions expressed above are mine and do not necessarily represent
> the opinions or policies of Amdahl Corporation.
--
... Sid Boyce...Amdahl(Europe)...44-121 422 0375
Any opinions expressed above are mine and do not necessarily represent
the opinions or policies of Amdahl Corporation.
------------------------------
From: [EMAIL PROTECTED] (Joseph Sarkes)
Subject: Re: FAT/VFAT FS-types not case sensitive?
Date: Sun, 04 Apr 1999 14:22:30 GMT
Greg White ([EMAIL PROTECTED]) wrote:
: Chris J/#6 wrote:
: >
: > Hiya,
: >
: > Found what could be a possible bug in Linux's support for FAT/VFAT
: > filesystems. If someone knows where the problem lies, or if I'm doing
: > something wrong, please get in touch. Linux kernel version 2.0.35.
I also have had case problems from time to time myself. My solution
was to avoid windows and dos software to a greater degree. However,
it seems that linux likes to use lower case letters in some applications
where dos is using upper case. I also get weird problems from this
using samba at times. What would be really nice is if somebody really
knows what is happening, and what the rules are, they could post
what the things to avoid are, or how to configure to not have difficulties.
: >
: > I mount my Win95 c:\ drive as type vfat from fstab with the following
: > line:
: >
: If you want the filesystem to be case-insensitive, try:
: mount /dev/hda1 /c -t msdos
This will kill the long filenames completely.
--
Joseph Sarkes mailto:[EMAIL PROTECTED]
------------------------------
From: Richard Back <[EMAIL PROTECTED]>
Subject: Re: glib 1.2.0 and slackware
Date: Sun, 04 Apr 1999 09:31:09 -0500
I was able to build and install the glib package using: configure
--disable-threads
I have had problems with the header files after builbing the gtk+-1.2.1 package,
this package installs, however the gtk-engines package will not configure
because of version error between the library 1.2.1 and the headers 1.0.2?
Robert Modell wrote:
> Why do i need to install the pthread libraries before compiling glib and why
> doesn't it make when I do have compiled the pthread libraries (I think the
> headers are wrong).
>
> I have slackware 3.5.0.
------------------------------
From: [EMAIL PROTECTED] (Jeremy Crabtree)
Crossposted-To: alt.os.linux,comp.os.linux.advocacy,comp.os.linux.misc
Subject: Re: Proposal: "Linux 2000 Platform"
Date: 3 Apr 1999 21:16:08 GMT
Reply-To: [EMAIL PROTECTED]
Christopher B. Browne allegedly wrote:
>On 3 Apr 1999 02:27:44 GMT, Jeremy Crabtree <[EMAIL PROTECTED]> posted:
>>Christopher B. Browne allegedly wrote:
>>>-> Doubtless there are some Grail partisans...
>>
>>Is that the awful beast written in TCL/Tk ?
>
>I'm not aware of any "awful beasts written in TCL/Tk;" Grail is one of
>the longstanding sample applications written in Python.
I may be confused, but ISTR seeing a Web browser written entirely in
TCL/Tk. <SHUDDER>
[SNIP, chimera]
>>>-> Who knows? The Mnemonic guys might get theirs "productionized,"
>>> and it might well be preferable to Netscape.
>>
>>I've not heard of that one.
>
>It's written in C++, and they're presently proceeding with using CORBA
>a whole lot with it.
>
>Those that can remember back to *last* March, Mnemonic was getting a
>lot of attention last Feb/March as the "componentized" web browser
>where you'd just load in the parts that you really needed. Interest
>dropped instantly as soon as Netscape released Mozilla source code.
>
>Dumb move on peoples' parts, but entirely predictable based on the
>widespread excitement about "Netscape going Open Source!!!!!!"
>
>It is worthy of note that there is not, even yet, a "production"
>release of Mozilla. I ran the "M3" beta-edition a few weeks ago once;
>suffice it to say that it needs some work before anyone will care to
>use it as a replacement for any of the other "browsing options."
>
>Anyway, Mnemonic efforts seem to be back under way; see
><http://www.mnemonic.browser.org/> for details.
Hrmm...cool...I'll go have a look in a bit.
>>>Frankly, I think that the "best" standardization would be done much as
>>>with EDITOR/VISUAL; one would set the environment variables
>>>HELP_BROWSER, SSL_BROWSER, BROWSER, and the system pick one on
>>>demand...
>>>
>>>Further multiplexing would be doable by setting those variables to run
>>>shell scripts that check on system configuration and dynamically
>>>figure out what to do.
>>
>>Interesting...sounds a mite complex, but still interesting.
>
>The following little script is what I reference with EDITOR and
>VISUAL; it checks to see if XEmacs or GNU Emacs are running, and
>latches onto them if possible. Alternatively, it runs "jed."
Why not just use an editor that works in both places?
(like GNU emacs, or wpe)
>(Apparently that means I'm an Emacs person; go shoot me...)
Nah...personally, I'm an EMACS/Vi/MCEDIT/WPE kinda guy.
[SNIPped script...nifty]
>
>I use something roughly equivalent to pass URLs from the shell to
>Netscape;
Like from tty1 to Netscape? OR just from an XTerm to Netscape?
If it's the former, PLEASE share, if the latter, nevermind.
(I use X and multiple text consoles a lot, so being able to send
stuff from a console to X would be incredibly useful)
> it spawns a Netscape process if one isn't already present.
>It would doubtless be easy enough to build up more complex schemes to
>search for other web browsers that might be running.
Or, SHOULD be as easy...actaully passing info to them, however,
might not work if they don't all share some base-level of functionality.
>Not rocket science.
No...but it still seems to go againt the KISS principle.
--
"Being myself a remarkably stupid fellow, I have had to unteach myself
the difficulties, and now beg to present to my fellow fools the parts
that are not hard" --Silvanus P. Thompson, from "Calculus Made Easy."
------------------------------
From: [EMAIL PROTECTED] (H. Peter Anvin)
Subject: Re: no setuid for scripts
Date: 4 Apr 1999 14:30:45 GMT
Reply-To: [EMAIL PROTECTED] (H. Peter Anvin)
Followup to: <7dd0j9$t50$[EMAIL PROTECTED]>
By author: Peter Samuelson <[EMAIL PROTECTED]>
In newsgroup: comp.os.linux.development.system
>
> The only way to prevent this sort of thing is to exercise control over
> exactly which shell script(s) can run through the wrapper -- a config
> file that lists all legit pathnames would work.
>
Actually, another way is to open the file, fstat() it to make sure it
is legit, and then pass it to the interpreter using a /proc path.
-hpa
--
"The user's computer downloads the ActiveX code and simulates a 'Blue
Screen' crash, a generally benign event most users are familiar with
and that would not necessarily arouse suspicions."
-- Security exploit description on http://www.zks.net/p3/how.asp
------------------------------
From: [EMAIL PROTECTED] (Aki M Laukkanen)
Subject: Re: ext2 documentation / explanation
Date: 4 Apr 1999 14:07:36 GMT
In article <[EMAIL PROTECTED]>, Dan Shechter wrote:
>Hi,
>I'm looking for a general explanation / documentation on how
>file system are built / designed, I'd gladly appreciate
>any links / docs whatever you've got...
Are you possibly looking for ext2 documentation?
http://step.polymtl.ca/~ldd/ext2fs/ext2fs_toc.html
Other than that, use the source:
/usr/src/linux/fs/ext2/ (the filesystem source itself)
You might want to check e2fsprogs, e2defrag and other
packages/programs which understand the ext2 filesystem.
--
D.
------------------------------
From: [EMAIL PROTECTED] (H. Peter Anvin)
Subject: Re: no setuid for scripts
Date: 4 Apr 1999 14:36:01 GMT
Reply-To: [EMAIL PROTECTED] (H. Peter Anvin)
Followup to: <[EMAIL PROTECTED]>
By author: John Burton <[EMAIL PROTECTED]>
In newsgroup: comp.os.linux.development.system
>
> I keep reading that setuid scripts are not safe but don't understand
> why. What's more unsafe about running a setuid script than a setuid
> program?
>
Actually, it isn't the issue of setuid scripts that is unsafe. It is
*setuid scripts the way na�ve users believe they should work*. When
the kernel execs a script, it honours the setuid bit *on the script
interpreter*. The interpreter, once it has opened the script, can
fstat() it, look for a setuid bit, and choose to honour it (possibly
invoking a more conservative mode of operation.) It is worth pointing
out that this mode allows each interpreter to be set by the sysadmin
to honour or not honour setuid scripts.
Na�ve users want the kernel to honour the setuid bits *on the
script*. This robs a substantial amount of control from the script
interpreter, and from the sysadmin. It also is not safe, since the
interpreter is passed a filename, rather than a file descriptor, and
hence it opens a race condition that can be exploited by unscrupulous
users.
Perl is a good example on an interpreter which handles setuid scripts
just fine, and securely.
-hpa
--
"The user's computer downloads the ActiveX code and simulates a 'Blue
Screen' crash, a generally benign event most users are familiar with
and that would not necessarily arouse suspicions."
-- Security exploit description on http://www.zks.net/p3/how.asp
------------------------------
From: [EMAIL PROTECTED] (H. Peter Anvin)
Subject: Re: Put another way: Linux from the Ground Up
Date: 4 Apr 1999 14:40:00 GMT
Reply-To: [EMAIL PROTECTED] (H. Peter Anvin)
Followup to: <7e1n18$mup$[EMAIL PROTECTED]>
By author: [EMAIL PROTECTED]
In newsgroup: comp.os.linux.development.system
>
> Hi everyone,
>
> Perhaps I didn't describe my question the right way. I have Linux
> running and have been using it just fine (RH 5.2)
>
> I am simply curious to build a Linux system WITHOUT using a
> distribution. I am perfectly fine with whatever it takes
> (time/compiling/etc). Can anyone show me the way? I have a spare
> system to play around with.
>
Take the disk from your spare system, put it as a secondary disk in
your main system, and start building up a filesystem. You can't start
with nothing; you need to get a system up with a working runtime and
development environment before you can use it to develop itself. To
start from zero you need the help of another system.
-hpa
--
"The user's computer downloads the ActiveX code and simulates a 'Blue
Screen' crash, a generally benign event most users are familiar with
and that would not necessarily arouse suspicions."
-- Security exploit description on http://www.zks.net/p3/how.asp
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.development.system) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Development-System Digest
******************************
