Linux-Misc Digest #659, Volume #20 Wed, 16 Jun 99 12:13:09 EDT
Contents:
Re: gz files? (Thomas Ruedas)
Re: Repartition EXT2 without data loss? (Geoff Short)
Re: quoted-printable & 8bit, again... (Tom Christiansen)
SSH & SSHD config files (Jeremy Douglas)
Shared libraries: DLL hell for Linux (Christopher Wong)
Re: firewall login (Dr Vincent C Jones PE)
searching for specific program (A Dark Elf)
Re: redhat website down? (Tina)
Afterstep doesn't show top window bar & no text in xwindows is visible (Scott
Chapman)
samba-server does not appear in the network neightbourhood (Hauke Luethje)
Re: cp,scp etc. corrupt large files (Michael Hanke)
Re: gz files? (Phil Rule)
Re: Could Microsoft Cheat On The New Mindcraft Benchmark? (was: Mindcraft Retest
News (Miguel Cruz)
Re: Shared libraries: DLL hell for Linux (J.H.M. Dassen (Ray))
Re: kernel mode programs (yes, this is on topic) (Scott Lanning)
----------------------------------------------------------------------------
Date: Wed, 16 Jun 1999 15:18:07 +0200
From: Thomas Ruedas <[EMAIL PROTECTED]>
Subject: Re: gz files?
.gz is the extension of the GNU zip compression. Use gzip for
compressing and gunzip for uncompressing.
tar is the Unix "tape archive". To see the contents of your tarfile, do
tar -tf hylafax.tar
to extract, do
tar -xf hylafax.tar
You actually could also do uncompressing and untarring in one step by
tar -zxf hylafax.tar.gz
There are man pages for both programs.
HTH,
--
============================================
Thomas Ruedas
Institute of Meteorology and Geophysics,
J.W. Goethe University Frankfurt/Main
Feldbergstrasse 47 D-60323 Frankfurt/Main, Germany
Phone:+49-(0)69-798-24949 Fax:+49-(0)69-798-23280
e-mail: [EMAIL PROTECTED]
http://www.geophysik.uni-frankfurt.de/~ruedas/
============================================
------------------------------
From: [EMAIL PROTECTED] (Geoff Short)
Crossposted-To: comp.os.linux.setup,comp.os.linux.hardware
Subject: Re: Repartition EXT2 without data loss?
Date: 16 Jun 1999 14:02:43 GMT
Joe Robertson ([EMAIL PROTECTED]) wrote:
: Greets.. I am running a server with a moderate amount of users.. we have
: installed disk quotas, but unfortunately we have put everything on 1
: partition. That means that any user who is over his/her quota, once
: expired, will not be able to receive any more e-mail, because the quota
: affects the mailbox size as well.
: Therefore, I would like to reduce this filesystem by about 1GB, and move
: /var to a new filesystem, without quotas. Is this possible, and how? I've
: fooled around in fdisk, but I'm afraid to do anything.. there's no
: clear-cut path on this issue(as far as fdisk mans go).
Don't even think about mucking about with a partition which has all your
users' files on it. Do it properly: bring the machine down, repartition
as you want it, then restore from the backups.
If you don't backup your user data then now is the time to start ...
Geoff
--
============================================================================
Ever sit and watch ants? They're always busy with Geoff Short
something, never stop for a moment. I just [EMAIL PROTECTED]
can't identify with that kind of work ethic. http://kipper.york.ac.uk/~geoff
------------------------------
From: Tom Christiansen <[EMAIL PROTECTED]>
Crossposted-To: comp.mail.sendmail,comp.os.linux.setup
Subject: Re: quoted-printable & 8bit, again...
Reply-To: [EMAIL PROTECTED] (Tom Christiansen)
Date: 16 Jun 1999 07:45:31 -0700
[courtesy cc of this posting mailed to cited author]
In comp.os.linux.misc,
[EMAIL PROTECTED] writes:
:I need to have a program that converts quoted-printable characters in a
:mail file to their original 8bit characters.
This is a very simple procedure.
#!/usr/bin/perl -p
# unqp - [EMAIL PROTECTED]
s/[ \t]+?(\r?\n)/$1/g; # rule #3 (trailing space must be deleted)
s/=\r?\n//g; # rule #5 (soft line breaks)
s/=([\da-fA-F]{2})/chr(hex($1)))/ge;
If you want something more formal, and you have the MIME
modules installed, you could put it this way:
#!/usr/bin/perl
use MIME::QuotedPrint;
while ($encoded = <ARGV>) {
$decoded = decode_qp($encoded);
print $decoded;
}
--tom
--
"The computer programmer is a creator of universes for which he alone is
responsible. Universes of virtually unlimited complexity can be created in
the form of computer programs." --Joseph Weizenbaum
------------------------------
From: Jeremy Douglas <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.security,comp.os.linux.networking,comp.security.ssh
Subject: SSH & SSHD config files
Date: Wed, 16 Jun 1999 10:18:45 -0400
This is a multi-part message in MIME format.
==============9E566BBBB62EA12A5BA561D2
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I have ssh 1.2.27-5i running on Linux. I am trying to log in through
ssh as a user and I am getting this message: "Privileged ports can only
be forwarded by root", what does this mean and how can I fix it.
my ssh.config file looks like this:
Host *
ForwardAgent no
ForwardX11 no
RhostsAuthentication no
RhostsRSAAuthentication yes
RSAAuthentication no
TISAuthentication no
PasswordAuthentication yes
FallBackToRsh no
UseRsh no
BatchMode no
StrictHostKeyChecking no
IdentityFile ~/.ssh/identity
Port 22
Cipher idea
EscapeChar ~
Compression no
HostName 192.168.1.12
KeepAlive yes
NumberOfPasswordPrompts 5
#FTP
LocalForward port host:port
#Telnet
LocalForward port host:port
# post and host:post are filled in with personnal information
and my sshd.config file looks like this:
Port 22
ListenAddress 192.168.1.12
HostKey /etc/ssh/ssh_host_key
RandomSeed /etc/ssh/ssh_random_seed
ServerKeyBits 512
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin no
IgnoreRhosts no
StrictModes yes
QuietMode no
X11Forwarding no
X11DisplayOffset 10
FascistLogging no
PrintMotd yes
KeepAlive yes
SyslogFacility DAEMON
RhostsAuthentication no
RhostsRSAAuthentication yes
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords yes
UseLogin no
# CheckMail no
PidFile /var/run/sshd.pid
AllowHosts myIP
# DenyHosts lowsecurity.theirs.com *.evil.org evil.org
# Umask 022
# SilentDeny yes
#DenyHosts myIP
What changes do I have to make to my config files so that I can have
people login through ssh without having keys passing back and forth
between client and server. All I want is to have it ask ofr
authorization when someone tries to telnet or ftp in or type in ssh -l
username hostname or ssh hostname.
==============9E566BBBB62EA12A5BA561D2
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Mozilla-Status2: 00000000
Message-ID: <[EMAIL PROTECTED]>
Date: Wed, 16 Jun 1999 09:22:09 -0400
From: Jeremy Douglas <[EMAIL PROTECTED]>
X-Mailer: Mozilla 4.6 [en] (Win98; I)
X-Accept-Language: en
MIME-Version: 1.0
Newsgroups: comp.security.ssh
To: [EMAIL PROTECTED]
Subject: SSH & SSHD config files
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I have ssh 1.2.27-5i running on Linux. I am trying to log in through
ssh as a user and I am getting this message: "Privileged ports can only
be forwarded by root", what does this mean and how can I fix it.
my ssh.config file looks like this:
Host *
ForwardAgent no
ForwardX11 no
RhostsAuthentication no
RhostsRSAAuthentication yes
RSAAuthentication no
TISAuthentication no
PasswordAuthentication yes
FallBackToRsh no
UseRsh no
BatchMode no
StrictHostKeyChecking no
IdentityFile ~/.ssh/identity
Port 22
Cipher idea
EscapeChar ~
Compression no
HostName 192.168.1.12
KeepAlive yes
NumberOfPasswordPrompts 5
#FTP
LocalForward port host:port
#Telnet
LocalForward port host:port
# post and host:post are filled in with personnal information
and my sshd.config file looks like this:
Port 22
ListenAddress 192.168.1.12
HostKey /etc/ssh/ssh_host_key
RandomSeed /etc/ssh/ssh_random_seed
ServerKeyBits 512
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin no
IgnoreRhosts no
StrictModes yes
QuietMode no
X11Forwarding no
X11DisplayOffset 10
FascistLogging no
PrintMotd yes
KeepAlive yes
SyslogFacility DAEMON
RhostsAuthentication no
RhostsRSAAuthentication yes
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords yes
UseLogin no
# CheckMail no
PidFile /var/run/sshd.pid
AllowHosts myIP
# DenyHosts lowsecurity.theirs.com *.evil.org evil.org
# Umask 022
# SilentDeny yes
#DenyHosts myIP
What changes do I have to make to my config files so that I can have
people login through ssh without having keys passing back and forth
between client and server. All I want is to have it ask ofr
authorization when someone tries to telnet or ftp in or type in ssh -l
username hostname or ssh hostname.
==============9E566BBBB62EA12A5BA561D2==
------------------------------
Crossposted-To: comp.os.linux.development.apps
From: [EMAIL PROTECTED] (Christopher Wong)
Subject: Shared libraries: DLL hell for Linux
Date: Wed, 16 Jun 1999 13:50:23 GMT
Reply-To: [EMAIL PROTECTED]
I would like to hear some advice (and perhaps a pointer to a URL, if
any) on handling shared library versioning in Linux. Each new Linux
distribution brings with it another set of upgraded shared
libraries. Far too many times, I download an RPM only to be told of
failed dependencies due to my not having the very latest shared
libraries. Is this the curse of a Linux user: forced frequent
upgrades?
Perhaps somebody could point me to a howto or primer on shared
libraries under Linux. Looking under /usr/lib, I see (for example), a
libglib.so.1.0.4, a libglib.so.1.0.6, and a link to
libglib.so. Obviously, there can only be one libglib.so, so is there a
purpose to having multiple versions of the library around?
Perhaps my main concern is in commercial applications: imagine a
vendor sending binary distributions to customers. A vendor may not be
able to ask customers to all upgrade their Linux distributions in
lockstep. Yet, that vendor may be developing on a relatively
up-to-date set of libraries. Does the only viable solution consist of
shipping statically linked executables?
(Please pardon the duplicate post that may appear eventually from
HarvardNet. Their NNTP server is just plain busted.)
Chris
------------------------------
Crossposted-To: comp.os.linux.security
Subject: Re: firewall login
Reply-To: Dr Vincent C Jones PE <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED] (Dr Vincent C Jones PE)
Date: Wed, 16 Jun 1999 08:26:47 -0400
In article <[EMAIL PROTECTED]>,
Jeremy Douglas <[EMAIL PROTECTED]> wrote:
>I am trying to figure out how to login to the firewall and then and only
>then allow access to other computers and services on the network. I
>also want this to occure when a person tries to login using telnet and
>ftp. With telnet and ftp I want to be able to conferm access to the
>network before the usual telnet and ftp login occures.
>
>Is there any program, freeware, or setup in either Redhat 6.0 or Socks5
>that are able to do this.
>
Think before you do this...any logins and services not ABSOLUTELY
essential on a firewall make it that much harder to track whats
happening on the firewall and that much more likely that a break through
will occur before you can detect and stop it.
Far better to use the firewall to protect a gateway machine, which then
handles the logins for external users. The firewall can protect the
gateway from attacks other than those which look like ftp and telnet
requests and the gateway can concentrate on authenticating those users
and protecting its FTP and Telnet daemons.
--
Dr. Vincent C. Jones, PE Expert advice and a helping hand
Computer Network Consultant for those who want to manage and
Networking Unlimited, Inc. control their networking destiny
14 Dogwood Lane, Tenafly, NJ
http://www.networkingunlimited.com
[EMAIL PROTECTED] +1 201 568-7810 Fax: +1 201 568-6626
------------------------------
From: A Dark Elf <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.advocacy
Subject: searching for specific program
Date: Tue, 15 Jun 1999 20:37:55 GMT
Hi,
I'm looking for a program that could take a MySQL database and create charts,
graphs, and spreadsheets out of them.. anyone knows of such a program?
--
Patrick Lambert
Software Developer, System Administrator and Security Specialist
================================================================
[EMAIL PROTECTED] http://www.darkelf.net
------------------------------
From: Tina <[EMAIL PROTECTED]>
Subject: Re: redhat website down?
Date: Tue, 15 Jun 1999 21:30:19 +0200
cooter wrote:
> Is it just me, or is the redhat site unreachable lately?
hmmm...it's working for me ;)
--
Tina "diffuze" Johnsson
ICQ# 37210680
[http://www8.tripnet.se/~chjo/]
------------------------------
From: [EMAIL PROTECTED] (Scott Chapman)
Subject: Afterstep doesn't show top window bar & no text in xwindows is visible
Date: Tue, 15 Jun 1999 20:23:55 GMT
I'm running AfterStep on RedHat 6.0. Afterstep doesn't show the top
bar on an open window, which is the only way to close some
applications. Am I missing something?
It shows it in lots of other applications and dialog boxes.
I also get no text when I do an XTerm. It may be the same color as the
backgroun (black) and therefore not visible. The computer is executing
what I type in but I can't see any of it. I also can't see what it
outputs to me.
--
Scott Chapman
[EMAIL PROTECTED]
- remove the second d for my working e-mail address.
Spammers: don't bother.
------------------------------
From: Hauke Luethje <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.networking
Subject: samba-server does not appear in the network neightbourhood
Date: Tue, 15 Jun 1999 22:12:53 +0200
Hi, all together,
I have a problem with a samba-server (version 2.0.3) with
SUSE Linux 6.1.
My network looks like this:
2 Windows NT 4.0 Servers (SP4) as PDC and BDC
1 Windows NT 4.0 Workstation (SP4) with Firewall-SW as primary DNS
1 Linux PC (SUSE 6.1 with Samba 2.0.3) as secondary DNS
some Win95 and Win98 Clients.
The samba-server work fine but he does not appear in the network
neightbourhood windows of the windows servers and clients.
With "search computer" the samba-server will be found and its shares
will be displayed.
The services smbd and nmbd are started through scrips in the
file rc.config and not in the file inetd.conf.
There is another fact that can be important for the solution of the
problem:
when i call "nmblookup -d 2 '*'", then i only receive an answer (got
positive name query response) from the samba-server itself. The other
machines in the network dont give a response, but they are in
the same subnet ( net:172.16.x.x subnetmask: 255.255.0.0).
does anybody have a solution for this problem?
Hauke
A copy of my smb.conf:
[global]
netbios name = teslixa
workgroup = TESCOM
guest account = nobody
server string = Samba Server
keep alive = 10
os level = 33
interfaces = 172.16.0.12/255.255.0.0
security = domain
password server = tesnt4b
encrypt passwords = yes
domain master = no
local master = no
preferred master = no
wins support = no
[homes]
comment = Heimatverzeichnis
browseable = no
read only = no
create mode = 0750
[all]
comment = root
path = /
valid users = luethje
browseable = yes
writeable = yes
read only = no
public = no
[temp]
comment = temp
path = /tmp
browseable = yes
writable = yes
public = yes
------------------------------
From: Michael Hanke <[EMAIL PROTECTED]>
Subject: Re: cp,scp etc. corrupt large files
Date: 16 Jun 1999 16:41:39 +0200
Michael Hanke <[EMAIL PROTECTED]> writes:
> We have _two_ machines with the same configuration which exhibit
> similiar problems.
...and on both the copy from a large file (600MB) differs from the
original. Every time at another bit. Is this the same hardware problems
on both machines ?
--
___________________________
Michael
4:35pm up 113 days, 4:33, 34 users, load average: 1.26, 1.34, 1.37
------------------------------
From: Phil Rule <[EMAIL PROTECTED]>
Subject: Re: gz files?
Date: Wed, 16 Jun 1999 14:30:07 +0100
Try using gunzip to uncompress, then 'tar' to get the individual files
gunzip hylafax.tar.gz
this should result in a new (larger) file, probably called hylafax.tar,
which is several smaller files all bundled together. so next use tar to
get them out.
tar xvf hylafax.tar
This will list the files as it extracts them from the 'tar' file.
--
Phil Rule
------------------------------
Crossposted-To:
comp.os.linux.networking,comp.os.linux.advocacy,comp.infosystems.www.servers.unix
Subject: Re: Could Microsoft Cheat On The New Mindcraft Benchmark? (was: Mindcraft
Retest News
From: [EMAIL PROTECTED] (Miguel Cruz)
Date: Wed, 16 Jun 1999 14:36:18 GMT
In article <[EMAIL PROTECTED]>, Mark S. Bilk <[EMAIL PROTECTED]> wrote:
> The tests would have to be repeated on hardware that is known to have
> unmodified microcode, and with software and configuration data that are
> also known not to have been meddled with. The precautions to ensure this
> would have to take into account the fact that executing any program
> furnished by the Microsoft team could modify the hardware microcode and
> the software in a stealthy manner. So the MS software would have to be
> bought shrinkwrapped, and set up by hand to match the configuration used
> by MS for the Mindcraft test. There would be no way to permit patches to
> be applied to it.
But with this sort of lead time, and the way MS products fly off the shelves
into the arms of grateful consumers, how do you know they haven't planted a
Deep Cover software mole into NT Server for the specific purpose of the day
when they're called upon to conduct the benchmark with a shrinkwrapped
copy?
No, I think the only fair solution is for them to show the source.
miguel
------------------------------
From: [EMAIL PROTECTED] (J.H.M. Dassen (Ray))
Crossposted-To: comp.os.linux.development.apps
Subject: Re: Shared libraries: DLL hell for Linux
Date: 16 Jun 1999 15:07:27 GMT
Christopher Wong <[EMAIL PROTECTED]> wrote:
>Perhaps somebody could point me to a howto or primer on shared libraries
>under Linux. Looking under /usr/lib, I see (for example), a
>libglib.so.1.0.4, a libglib.so.1.0.6, and a link to libglib.so. Obviously,
>there can only be one libglib.so, so is there a purpose to having multiple
>versions of the library around?
Yes. The ".so" link without versions is the one that is used by the linker
i.e. when building binaries. The ".so.[numbers]" files and links are used by
the dynamic loader, i.e. when running binaries.
It is most certainly possible, and useful, to have multiple versions of
shared libraries around, as it makes it possible to run binaries that were
built for them.
>Perhaps my main concern is in commercial applications: imagine a vendor
>sending binary distributions to customers. A vendor may not be able to ask
>customers to all upgrade their Linux distributions in lockstep. Yet, that
>vendor may be developing on a relatively up-to-date set of libraries. Does
>the only viable solution consist of shipping statically linked executables?
No. Vendors can for example build on several machines with different version
of the libraries, or provide the shared libraries they use separately in
case the customer's system doesn't provide them.
Ray
--
ART A friend of mine in Tulsa, Okla., when I was about eleven years old.
I'd be interested to hear from him. There are so many pseudos around taking
his name in vain.
- The Hipcrime Vocab by Chad C. Mulligan
------------------------------
From: [EMAIL PROTECTED] (Scott Lanning)
Crossposted-To: comp.lang.functional
Subject: Re: kernel mode programs (yes, this is on topic)
Date: 16 Jun 1999 15:12:19 GMT
Ketil Z Malde ([EMAIL PROTECTED]) wrote:
: http://www.kt.opensource.org
^^^^^^^^^^
opensrc
Turn off auto-expansion mode... :)
--
Scott Lanning: [EMAIL PROTECTED], http://physics.bu.edu/~slanning
"Windows was designed to keep the idiots away from Unix so we could
hack in peace. Let's not break that." --Tom Christiansen
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.misc) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Misc Digest
******************************
