Linux-Misc Digest #687, Volume #26 Tue, 2 Jan 01 09:13:02 EST
Contents:
Re: suid root not working on RH7 2.2.16-22 ? (M. Buchenrieder)
Re: IP Firewall, MASQ??????? (Derek)
HELP: Samba won't start! (Bo Berglund)
HELP: Samba won't start! (Bo Berglund)
Re: HELP: Samba won't start! ("Peter T. Breuer")
Re: nfs client ("Peter T. Breuer")
Re: suid root not working on RH7 2.2.16-22 ? ("Peter T. Breuer")
Re: Hidden gnome taskbar. (kristian ragndahl)
Re: HELP: Samba won't start! (Bo Berglund)
Re: Samba won't start! ("Roy Batty")
Re: HP Laserjet weirdness (webqueen, queen of the web)
Gnapster for Linux (Banjo)
Re: Is nfs incompatible with proper use of a UPS? (Jean-David Beyer)
Re: FTP connect does not work in RH6.2??? (Stephane Montpetit)
Re: Accounting software? (Jean-David Beyer)
Re: Backup Windows 2000 partition from Linux (Lee Allen)
help getting started ("saint")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (M. Buchenrieder)
Subject: Re: suid root not working on RH7 2.2.16-22 ?
Date: Tue, 2 Jan 2001 08:23:39 GMT
"Peter T. Breuer" <[EMAIL PROTECTED]> writes:
>M. Buchenrieder <[EMAIL PROTECTED]> wrote:
[...]
>> SetUID scripts have never worked that way, as the Linux
>> kernel ignores the setUID bit on non setUID-aware shells, anyways.
>> Either your former setup included wrappers to call the scripts,
>> or you have been using "sudo" for it.
>Agreed. But RH have done something new. It appears that suid programs
>no longer can spawn processes that are also property of the program
>owner. They revert to the real uid. (the workaround is to change both
>reuid and euid when you go super user). I imagine that this is messing
>up the suid shell that used to run his scripts.
Interesting. Thanks for the information. I'm wondering, though, whether
this really improves security that much to allow a broader access to suid
scripts. If the setUID script can be fowled into opening a root shell,
the whole concept would still be hosed , anyways. So is there really any
gain in allowing setUID scripts to be working? Apart from a questionable
need in a corporate environment, where the administrator might want to
run the same scripts as on all other UN*X systems, I can hardly see
any reason for allowing this to be working.
Michael
--
Michael Buchenrieder * [EMAIL PROTECTED] * http://www.muc.de/~mibu
Lumber Cartel Unit #456 (TINLC) & Official Netscum
Note: If you want me to send you email, don't munge your address.
------------------------------
From: Derek <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.networking,comp.os.linux.security
Subject: Re: IP Firewall, MASQ???????
Date: Tue, 02 Jan 2001 11:23:34 GMT
Michael Mueller wrote:
>
> Hi Derek,
>
> you wrote:
> > Suse 7 does not come with squid and I tried loading it off the old disks
>
> You must have missed it. Suse 7.0 comes with two versions of squid. From
> there FTP server:
>
> 250-squid2.rpm: Squid V2.2 WWW proxy server (stable version)
> 250-squid23.rpm: Squid V2.3 WWW proxy server (new version)
>
> > start and continue to run. I have tried configuring
> > /etc/rc.d.config/rc.firewal.config but I cannot seem to acces the
> > internet because I am using Netscape with proxy server setting that
> > needs
> > a port number to connect to.
>
> Why do you not simply disable the proxy setting of netscape while you
> have no proxy running?
>
> Malware
I have a 4 port hub with 2 computers and the cable modem hooked to them,
I have only one NIC and need to have the other computers going through
the server somehow, and I got the CD's for Suse7.0 and they do not
contain Squid. I did download it from the site and install but it also
did not work because all the permissions were screwed up and would not
let it write to itsown cache and log dir.
Derek
------------------------------
From: [EMAIL PROTECTED] (Bo Berglund)
Crossposted-To: comp.os.linux.networking,comp.os.linux.help
Subject: HELP: Samba won't start!
Reply-To: [EMAIL PROTECTED]
Date: Tue, 02 Jan 2001 11:21:12 GMT
I don't get this - no matter what I do samba won't start. I can use
SWAT no problem but as soon as I want to start samba it fails. No
matter if I do it on the command line or through SWAT it simply will
not start. And the only thing I can see in the logfile is:
[2001/01/02 12:03:52, 1] smbd/files.c:file_init(216)
file_init: Information only: requested 10000 open files, 1014 are
available.
[2001/01/02 12:03:52, 0] lib/util_sock.c:open_socket_in(821)
Get_Hostbyname: Unknown host linuxpc
So it complains about the host being unknown???
Where can I make my linux machine hostname 'linuxpc' known to samba?
I have use SWAT to set the netbios name to 'LINUXPC'.
I have entered 192.168.0.1 linuxpc into the HOSTS file
I have restarted networking
I have tried to restart samba a zillion times
Nothing works! I must have done something basically wrong, but what???
Bo Berglund
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Bo Berglund)
Crossposted-To: comp.os.linux.networking,comp.os.linux.help
Subject: HELP: Samba won't start!
Reply-To: [EMAIL PROTECTED]
Date: Tue, 02 Jan 2001 11:24:31 GMT
I don't get this - no matter what I do samba won't start. I can use
SWAT no problem but as soon as I want to start samba it fails. No
matter if I do it on the command line or through SWAT it simply will
not start. And the only thing I can see in the logfile is:
[2001/01/02 12:03:52, 1] smbd/files.c:file_init(216)
file_init: Information only: requested 10000 open files, 1014 are
available.
[2001/01/02 12:03:52, 0] lib/util_sock.c:open_socket_in(821)
Get_Hostbyname: Unknown host linuxpc
So it complains about the host being unknown???
Where can I make my linux machine hostname 'linuxpc' known to samba?
I have use SWAT to set the netbios name to 'LINUXPC'.
I have entered 192.168.0.1 linuxpc into the HOSTS file
I have restarted networking
I have tried to restart samba a zillion times
Nothing works! I must have done something basically wrong, but what???
System: RedHat 6.2 workstation, KDE, dual homed, installed three days
ago, I am not used to Linux but need the machine as a test tool for
web development.
Bo Berglund
[EMAIL PROTECTED]
------------------------------
From: "Peter T. Breuer" <[EMAIL PROTECTED]>
Subject: Re: HELP: Samba won't start!
Crossposted-To: comp.os.linux.networking,comp.os.linux.help
Date: Tue, 02 Jan 2001 12:05:09 GMT
In comp.os.linux.help Bo Berglund <[EMAIL PROTECTED]> wrote:
> So it complains about the host being unknown???
> Where can I make my linux machine hostname 'linuxpc' known to samba?
In the normal place: /etc/hosts. You MUST have your hostname (FQDN) in
the /etc/hosts file or most things on your computer will fail.
> I have use SWAT to set the netbios name to 'LINUXPC'.
Well, OK. Harmless.
> I have entered 192.168.0.1 linuxpc into the HOSTS file
Incorrect. You need a domainname too. And is this IP number the number
of an interface of yours? Which?
> I have restarted networking
> I have tried to restart samba a zillion times
Why is it trying to open 10000 files? Use a higher debugging level, and
strace it too.
Peter
------------------------------
From: "Peter T. Breuer" <[EMAIL PROTECTED]>
Subject: Re: nfs client
Date: Tue, 02 Jan 2001 12:15:12 GMT
A. Ramos <[EMAIL PROTECTED]> wrote:
> one client/server faster and fiability product, rpc.nfsd is very
> slowly and unstable for my purporses (netapp or mc2 etc)
Talk to the authors about it. But it strikes me you simply don't know
what you are talking about. Have you read the NFS HOWTO? I would guess
not, or at least that you haven't noticed the default blocksize on
transfers, or the other options. And neither have you started to
consider kernel nfsd, nor nvs v3 ....
Peter
------------------------------
From: "Peter T. Breuer" <[EMAIL PROTECTED]>
Subject: Re: suid root not working on RH7 2.2.16-22 ?
Date: Tue, 02 Jan 2001 12:15:11 GMT
M. Buchenrieder <[EMAIL PROTECTED]> wrote:
> "Peter T. Breuer" <[EMAIL PROTECTED]> writes:
>>M. Buchenrieder <[EMAIL PROTECTED]> wrote:
>>Agreed. But RH have done something new. It appears that suid programs
>>no longer can spawn processes that are also property of the program
>>owner. They revert to the real uid. (the workaround is to change both
>>reuid and euid when you go super user). I imagine that this is messing
>>up the suid shell that used to run his scripts.
> Interesting. Thanks for the information. I'm wondering, though, whether
> this really improves security that much to allow a broader access to suid
> scripts. If the setUID script can be fowled into opening a root shell,
> the whole concept would still be hosed , anyways. So is there really any
> gain in allowing setUID scripts to be working? Apart from a questionable
I often need them (yes, you can code it into C, but that takes 10 times
the debugging time). The redhat change (kernel or shell? kernel, I suppose)
only makes it more difficult to write functioning setuid scripts, not
impossible.
> need in a corporate environment, where the administrator might want to
> run the same scripts as on all other UN*X systems, I can hardly see
> any reason for allowing this to be working.
Setuid scripts in themselves have never worked on linux; one needs to
invoke a suid interpreter in the first line of the script. What redhat
have done is make that mechanism less easy to use. I had to rewrite my
suid interpreter to work around their attempted block, after figuring it
out. Another reason for me to hate RedHat.
Peter
------------------------------
From: [EMAIL PROTECTED] (kristian ragndahl)
Crossposted-To: alt.os.linux.mandrake
Subject: Re: Hidden gnome taskbar.
Date: 2 Jan 2001 12:42:45 GMT
Thaddeus L Olczyk <[EMAIL PROTECTED]> wrote:
: I have a problem in that I generally have a lot of windows open, and
: wind up having to hunt for the gnome taskbar by minimising windows.
: Is there some way to pull it in front of everything else?
Panel -> Properties -> Hiding policy
--
kristian ragndahl, http://www.ragndahl.cx/
------------------------------
From: [EMAIL PROTECTED] (Bo Berglund)
Crossposted-To: comp.os.linux.networking,comp.os.linux.help
Subject: Re: HELP: Samba won't start!
Reply-To: [EMAIL PROTECTED]
Date: Tue, 02 Jan 2001 12:43:12 GMT
Thanks for your answer!
1. I did put the hostname into the hosts file without domain added as
192.168.0.1 linuxpc
because:
- the IP is the IP I want the samba share to go out on
- There was already an entry like this 127.0.0.1 localhost
- I don't have a domain name to add, it is only a local network at
home with a few computers on it. Where can I get a domain name???
Here is how it looks like:
127.0.0.1 localhost.localdomain localhost
192.168.0.1 linuxpc
How should it really read?
2. Opening 10000 files?
I have absolutely now clue to this. When I installed RH6.2 I checked
the samba part in order to get connectivity from my main workstation
which is an NT4 WS. All else must have been set up automatically
except it does not work....
3. Interfaces
I have two network cards in the box, both 3Com 3C509 Combos. One is on
192.168.0.1 the other is 192.168.1.1 just to get it out of the way for
now. I will add the correct IP later when everything is running OK and
then the Linux machine will also route between the networks. But for
now only one interface is in use.
Thanks,
/Bo
PS: Found the 10000 files item in SWAT help:
max open files (G)
This parameter limits the maximum number of open files that one smbd
file serving process may have open for a client at any one time. The
default for this parameter is set very high (10,000) as Samba uses
only one bit per unopened file.
The limit of the number of open files is usually set by the UNIX
per-process file descriptor limit rather than this parameter so you
should never need to touch this parameter.
Default: max open files = 10000
On Tue, 02 Jan 2001 12:05:09 GMT, "Peter T. Breuer"
<[EMAIL PROTECTED]> wrote:
>In comp.os.linux.help Bo Berglund <[EMAIL PROTECTED]> wrote:
>> So it complains about the host being unknown???
>> Where can I make my linux machine hostname 'linuxpc' known to samba?
>
>In the normal place: /etc/hosts. You MUST have your hostname (FQDN) in
>the /etc/hosts file or most things on your computer will fail.
>
>> I have use SWAT to set the netbios name to 'LINUXPC'.
>
>Well, OK. Harmless.
>
>> I have entered 192.168.0.1 linuxpc into the HOSTS file
>
>Incorrect. You need a domainname too. And is this IP number the number
>of an interface of yours? Which?
>
>> I have restarted networking
>> I have tried to restart samba a zillion times
>
>Why is it trying to open 10000 files? Use a higher debugging level, and
>strace it too.
>
>
>Peter
Bo Berglund
[EMAIL PROTECTED]
------------------------------
From: "Roy Batty" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.networking,comp.os.linux.help
Subject: Re: Samba won't start!
Date: Tue, 2 Jan 2001 13:58:40 +0100
What Linux distribution are you using?
Are there more error messages in the log file, or
is the unknown-hosts one the last?
You may also want to post the [global]-section of your
smb.conf file (it is probably located in /etc) to help
diagnosing the problem.
- Roy
"Bo Berglund" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I don't get this - no matter what I do samba won't start. I can use
> SWAT no problem but as soon as I want to start samba it fails. No
> matter if I do it on the command line or through SWAT it simply will
> not start. And the only thing I can see in the logfile is:
>
> [2001/01/02 12:03:52, 1] smbd/files.c:file_init(216)
> file_init: Information only: requested 10000 open files, 1014 are
> available.
> [2001/01/02 12:03:52, 0] lib/util_sock.c:open_socket_in(821)
> Get_Hostbyname: Unknown host linuxpc
>
> So it complains about the host being unknown???
> Where can I make my linux machine hostname 'linuxpc' known to samba?
>
> I have use SWAT to set the netbios name to 'LINUXPC'.
> I have entered 192.168.0.1 linuxpc into the HOSTS file
> I have restarted networking
> I have tried to restart samba a zillion times
>
> Nothing works! I must have done something basically wrong, but what???
>
>
> Bo Berglund
> [EMAIL PROTECTED]
------------------------------
From: webqueen, queen of the web <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware
Subject: Re: HP Laserjet weirdness
Date: Tue, 02 Jan 2001 12:57:42 GMT
Thank-You BOTH for these replies- I appreciate it. This one is
expecially helpful and I'll try this edit tonight..
Yes, RH7, that's me ;).. Fortunately, my issues have been pretty minor
compared to a lot that I've read about here. Once you get xinetd figured
out the rest seems pretty easy.
HUG,
WQ
In article <4wO36.841$[EMAIL PROTECTED]>,
John Wingate <[EMAIL PROTECTED]> wrote:
> webqueen, queen of the web <[EMAIL PROTECTED]> wrote:
> > I configured my HP laserjet4 with printtool, using the HP Laserjet
> > 4/5/6 drivers. When I print an ASCII file now I get:
>
> > "No way to print this type of input file: fsav (linux) virus
(8293-117)"
>
> Using Red Hat 7.0, by any chance?
>
> This arises from an erroneous entry in /usr/share/magic which causes
> /usr/bin/file to classify any file of length at least 12 with a
> linefeed (0x0a) at offset 8 and a nonzero byte at either offset 11 or
> 12 as an "fsav (linux) virus" file. (The numbers will vary).
>
> > Then if I vi the file and add an empty line at the top & bottom, it
> > prints fine.
>
> The empty line at the top shifts the linefeed at offset 8 to offset 9,
> and the file gets classified as text.
>
> The quickest fix would be to comment out (or correct--I think the
third and
> following lines should begin with ">>") the bad entry in
> /usr/share/magic.
>
> --
> John Wingate Language serves three functions. One is to
> [EMAIL PROTECTED] communicate ideas, one is to conceal ideas,
and
> the third is to conceal the absence of ideas.
> --Otto
Jespersen
>
--
WHEN THE CATS ARE HUNGRY...
RUN FOR YOUR LIVES!
Alone, only a harmless pet...
One Thousand Strong, They Become a Man-Eating Machine!
-- The Night of a Thousand Cats (1972)
Sent via Deja.com
http://www.deja.com/
------------------------------
From: [EMAIL PROTECTED] (Banjo)
Subject: Gnapster for Linux
Date: Tue, 02 Jan 2001 13:40:00 -0000
Does anyone know where to get those nice themes/skins
for gnapster?
Thanks
------------------------------
From: Jean-David Beyer <[EMAIL PROTECTED]>
Subject: Re: Is nfs incompatible with proper use of a UPS?
Date: Tue, 02 Jan 2001 08:50:10 -0500
"Peter T. Breuer" wrote:
>
> Elliot Gingold <[EMAIL PROTECTED]> wrote:
> > I have already found this to be a problem when an nfs server dies for some
> > reason. I have not been able to break the connection from its clients. We
>
> Man mount. The soft and intr options.
>
> > had an nfs server go down semi-permanently and the only way I found to get
> > the other machines to stop trying to connect was to alter fstab, then try
>
> It's usual to IPalias for the server on the clients, and then dismount.
>
> > I am sure that both nfs and UPSs are used together in many medium and large
> > installations. But how?
>
> Shrug .. it depends how you want to run them. Servers don't normally go
> down. If they do, you have an abnormal situation. I run twin servers
> with IP failover to the second when the first goes down.
>
> Or you could look at CODA.
>
> Peter
I run two machines with APC Smart-UPS UPSs. Since each of my machines is
on its own UPS, and since my nfs setup is very simple (the one that
would power down first is a sink of nfs, not a source), there is little
problem. I use APC's PowerChute software.
What I should do is power both machines from the same UPS and tell
PowerChute that I am doing that. PowerChute looks at the UPS every 2
seconds to see if everything is OK, and if not, it does its powerdown
thing. It is capable of notifying the other machine through the LAN so
they can both shut down at once.
If some of your machines are on a UPS and some not, then too bad for
those that are not, since they will crash down before the UPS on the
other machines can do anything about it.
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ Registered Machine 73926.
/( )\ Shrewsbury, New Jersey
^^-^^ 8:45am up 1 day, 23:01, 2 users, load average: 2.06, 2.05, 2.00
------------------------------
From: Stephane Montpetit <[EMAIL PROTECTED]>
Subject: Re: FTP connect does not work in RH6.2???
Date: Tue, 02 Jan 2001 13:51:14 GMT
Check your /etc/hosts.allow and /etc/hosts.deny files.
Must have these:
hosts.deny:
ALL: ALL
hosts.allow:
ALL: 127.0.0.1
ALL: 192.168.0.
in.ftpd: ALL
If you want to be able to telnet your Linux box from anywhere on
internet, you can add:
in.telnetd: ALL in your hosts.allow file.
You can e-mail me if you need any help.
Happy new year!!!!!!!
Bo Berglund a �crit :
> I have just installed RH 6.2 workstation and I am testing it out from
> a Win NT box over the internal LAN.
> I can get Telnet login to work, but whatever I do when I try FTP I
> don't get connected.
> I am using Ws_Ftp32 on my NT machine and as soon as I click the
> connect button there is a lot of disk activity on the Linux machine
> but eventually there is no connect.... :-(
> Here is the log from Ws_Ftp32:
>
> WINSOCK.DLL: WinSock 2.0
> WS_FTP95 LE 4.50 97.05.17, Copyright � 1992-1997 Ipswitch, Inc.
> - -
> connecting to 192.168.0.1 ...
> Connected to 192.168.0.1 port 21
>
> ! Connection failed
>
> I have checked that ftp is switched on in inetd.conf, but where can I
> set up permissions and such (if that is what is failing)???
>
> Bo Berglund
> [EMAIL PROTECTED]
------------------------------
From: Jean-David Beyer <[EMAIL PROTECTED]>
Subject: Re: Accounting software?
Date: Tue, 02 Jan 2001 08:53:20 -0500
Thaddeus L Olczyk wrote:
>
> Is there some accounting package, like Peachtree or quickbooks
> available for linux?
> TIA
GnuCash?
http://www.gnucash.org/
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ Registered Machine 73926.
/( )\ Shrewsbury, New Jersey
^^-^^ 8:50am up 1 day, 23:06, 2 users, load average: 2.02, 2.02, 2.00
------------------------------
From: [EMAIL PROTECTED] (Lee Allen)
Subject: Re: Backup Windows 2000 partition from Linux
Reply-To: [EMAIL PROTECTED]
Date: Tue, 02 Jan 2001 13:56:54 GMT
On Sat, 30 Dec 2000 11:07:23 +0100, "Eric en Jolanda"
<[EMAIL PROTECTED]> wrote:
>> I have a system that has Windows 2000 Server on one disk, and Linux on
>> another. I would like to backup the W2K partition from Linux, delete
>> it, and restore it later.
>>
>> Is this possible?
>
>I don't see why not
>
>> The W2K disk looks like this, according to Linux fdisk:
>>
>> Device Boot Start End Blocks Id System
>> /dev/sdc1 * 1 548 4401778+ 7 HPFS/NTFS
>>
>> I am thinking of something like this:
>>
>> # copy raw W2K partition to file
>> dd if=/dev/sdc1 of=/tmp/sdc1.dd
>> # copy MBR to file
>> dd if=/dev/sdc of=/tmp/mbr.dd bs=512 count=1
>> # backup both files to tape
>> cd /tmp
>> tar -cf /dev/st0 sdc1.dd mbr.dd
>> # (maybe put a 'z' in the tar args to compress it, to make it
>> # fit on a single tape)
>
>or all at once:
>
>dd if=/dev/hdc of=hdc.img
>
>dd'ing it back, will restore the snapshot you made
>
>> To restore, I would ensure the disk is partitioned exactly the same,
>> and then reverse the above steps.
>
>wouldn't matter, if you overwrite the MBR again, the partitiontable will be
>overwritten too. It's a part of the MBR
Wonderful!
>> Would this work?
>> Would this enable me to perform a "bare metal" recovery of my W2K
>> system, assuming I recreate the partitions exactly as they are now?
>
>No problem I'd say
>It will solve no problems you may have with win2K though. You will restore
>it exactly as it is now. (I don't know why you want to do this, unless you
>want to copy the NT install to multiple machines, which must then be
>physically identical!)
My goal is not to solve problems, but to:
1) set aside a working W2K configuration containing some very critical
software and data
2) test some Linux RAID installation procedures on the same machine --
this will clobber W2K
3) get W2K back again
>> I know so little about W2K...
>
>Me too, but hey what do you expect, this is a linux NG. If you want windows
>info, go to another NG
But of course, they wouldn't grok the Linux dd & tar stuff.
Many thanks for your response, I will try this out later this week.
-Lee Allen
------------------------------
From: "saint" <[EMAIL PROTECTED]>
Subject: help getting started
Date: Tue, 2 Jan 2001 15:01:40 +0100
Hi.
I am a Windows user and would like to get into that whole linux thing......
Now what I need is a dumbass-foolproof guide how to install linux (i.e.
which distribution, where/what to download, how to install).
I'd be glad if u could help me out or "redirect" me to a site with auch a
dumbass-guide.
-StoffMan
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to comp.os.linux.misc.
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Misc Digest
******************************
