Linux-Misc Digest #206, Volume #27 Fri, 23 Feb 01 18:13:01 EST
Contents:
Re: runlevel 5 vs runlevel 3 + startx (Johan Kullstam)
autofs (Ean WS)
Re: Please visit my 3D graphics site (Jeff Silverman)
mirror terminal window to remote? (steve)
Re: What is this? (Johan Kullstam)
Re: writing to tape (DLT 8000) (Jean-David Beyer)
rh7 & wu-ftp2.6.1 ("Scot Mc Pherson")
Re: how to print man pages in good quality (Jean-David Beyer)
Quick security tips for hosting mailing lists? ("Matt O'Toole")
Re: surviving in a Windows only environment? (Lee Webb)
Re: Legal GIF File Creation Under Linux ([EMAIL PROTECTED])
Re: mount cdrom fails (David)
Re: mirror terminal window to remote? (Bob Hauck)
Re: surviving in a Windows only environment? (Bob Hauck)
Re: Seperate firewall machine delema ([EMAIL PROTECTED])
Re: Routing.....Arrrggggh...Help!! ([EMAIL PROTECTED])
SSH to RH6.2 through a firewall?? (Bo Berglund)
Odd Question (Lipid)
----------------------------------------------------------------------------
From: Johan Kullstam <[EMAIL PROTECTED]>
Subject: Re: runlevel 5 vs runlevel 3 + startx
Date: 23 Feb 2001 14:55:44 -0500
[EMAIL PROTECTED] (Andrew Purugganan) writes:
> Harlan Grove ([EMAIL PROTECTED]) wrote:
> [ profiles? I use the latter approach with the account I set up for my oldest
> [ kid on my home computer. I don't always use X myself, and there are times I
>
> The keyword here is "home". I don't think the X police will break your
> door down because you prefer to type startx ;-)
>
> This familiarity will pay off later when you decide to upgrade (grafix
> card, mouse, etc)
>
> OTOH if you wanted to multitask right away, X is there. For the console
> buff who needs to multitask there's always twin, but that's another
> story...
linux multi-tasks regardless of display device. i can background a
computation and keep right on going no matter if i'm at console or in
X. similarly, daemons keep right on running even if there is *no*
*display* *whatsoever*.
--
johan kullstam l72t00052
------------------------------
From: Ean WS <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: autofs
Date: Fri, 23 Feb 2001 20:20:24 -0300
Hi
I have been having problems with autofs. Here is a description of the
problem,
1. I have two RH7.0 systems. One the server and one the client. The
server serves NFS/automount and NIS.
2. On the client machine everything works fine
3. On the server machine the NIS works fine. But the automounter will
not work properly. If I su to a user from root, it does not find the
home account, then if I exit the user, then try again, it logs in, with
a link put in /home to the real location of the user account.
Does anybody have experience with this problem?
Laters
Ean
------------------------------
From: Jeff Silverman <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.hardware,comp.os.linux.networking,comp.os.linux.questions,comp.os.linux.redhat,comp.os.linux.security,comp.os.linux.setup
Subject: Re: Please visit my 3D graphics site
Date: Fri, 23 Feb 2001 12:11:50 -0800
==============6CF4730735FE2BB24D52D53F
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Robert Francois wrote:
> http://www.geocities.com/bernardfrancois_1999
>
> --
> Greetz,
>
> Bernard Fran�ois - http://www.geocities.com/bernardfrancois_1999
It doesn't work properly with Netscape 4.74 under Linux 2.2.17.
Jeff
--
Jeff Silverman, sysadmin for the Research Computing Systems (RCS)
University of Washington, School of Engineering, Electrical Engineering Dept.
Box 352500, Seattle, WA, 98125-2500 FAX: (206) 221-5264 Phone (206) 543-9378
[EMAIL PROTECTED] http://rcs.ee.washington.edu/~jeffs
==============6CF4730735FE2BB24D52D53F
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
Robert Francois wrote:
<blockquote TYPE=CITE><a
href="http://www.geocities.com/bernardfrancois_1999">http://www.geocities.com/bernardfrancois_1999</a>
<p>--
<br>Greetz,
<p>Bernard François - <a
href="http://www.geocities.com/bernardfrancois_1999">http://www.geocities.com/bernardfrancois_1999</a></blockquote>
It doesn't work properly with Netscape 4.74 under Linux 2.2.17.
<p>Jeff
<br>
<pre>--
Jeff Silverman, sysadmin for the Research Computing Systems (RCS)
University of Washington, School of Engineering, Electrical Engineering Dept.
Box 352500, Seattle, WA, 98125-2500 FAX: (206) 221-5264 Phone (206)
543-9378
[EMAIL PROTECTED] <A
HREF="http://rcs.ee.washington.edu/~jeffs">http://rcs.ee.washington.edu/~jeffs</A></pre>
</html>
==============6CF4730735FE2BB24D52D53F==
------------------------------
From: [EMAIL PROTECTED] (steve)
Subject: mirror terminal window to remote?
Date: Fri, 23 Feb 2001 20:36:30 -0000
Reply-To: [EMAIL PROTECTED]
I would like to login remotely to a Linux box (running X) and open
an xterm on the remote host's display that would echo my keystrokes.
In this way, someone at the console of the remote host could watch
what I'm doing. I'm sure this can be done, but not exactly sure how
to do this. If it's easy, can someone enlightem me, or, if it's hard,
point me to the right docs.
thanx,
steve
--
Steve S.
yubdub
[EMAIL PROTECTED]
remove CLOTHES before replying
------------------------------
From: Johan Kullstam <[EMAIL PROTECTED]>
Subject: Re: What is this?
Date: 23 Feb 2001 15:27:24 -0500
"rc" <[EMAIL PROTECTED]> writes:
> My domain is ccsn.com
> I havbe had hackers in before. I rebuilt the system and turned a bunch of
> stuff off. I don;t think the a-hole was able to relay anything. I did some
> tests and I think it's safe. I wish I know how to block idiots like that
> even more.
get a packet firewall. imho *every* linux box directly attached to
the internet at large *needs* a packet firewall. you can get an
ipchains firewall from robert ziegler's site. he provides a web
interface to a firewall generating script. it's tedious to work, but
you only need to do it once.
<URL:http://www.linux-firewall-tools.com/linux/>
choose the "firewall design tool" and follow the prompts.
this gave me a nice firewall and hopefully it can help you too.
--
johan kullstam l72t00052
------------------------------
From: Jean-David Beyer <[EMAIL PROTECTED]>
Subject: Re: writing to tape (DLT 8000)
Date: Fri, 23 Feb 2001 15:48:28 -0500
Christoph Kukulies wrote (in part):
>
> : I suggest writing only one backup to each tape. In the old days,
> : when tape cost was an issue, you might have been able to justify
> : writing a full backup and a few incrementals to the same tape. But
> : for my DDS-2 drive, 8 Gigabyte tapes are only about $8.00 each. And
> : with the disk capacity machines have these days, it is all you can
> : do to get a full backup onto a single tape as it is.
>
> : If you have, say, a full backup and a few incrementals on the same
> : tape, and the tape goes bad, you lose everything (just to save
> : $8.00). If you put your backups on separate tapes, you lose only one
>
> I don't know where you get your DLT media from but is it just 8.00 $/tape
> media? Also using one tape/backup file is tedious in so far, as
> the media has to be changed every day (daily backups provided), meaning
> operator intervention required.
>
> Leaving in the tape for a couple of weeks would be nicer.
Sorry for the confusion; I am using DDS-2 tapes at that price per
cassette. Some people use DAT, DLT, and DDS interchangeably, and I
confess to being guilty of that here.
I would really advise against using the same tape for two weeks. By
Murphy's law, the tape would get scrambled after 13 1/2 days and you
would be two weeks behind when trying to restore stuff. Having tapes
24 hours old is bad enough, but I accept that and rarely write an
extra backup during the day.
I have it arranged that I can get nearly a full backup every morning
starting a little after 1AM (it finishes by about 3:30AM). This
backup omits 2 2Gigabyte partitions where my DB-2 dbms database
resides. I save them separately, when the need arises, during the
day using IBM's backup utility for that.
When my hard drives fill up some more, I guess I will switch to
doing full backups on Sundays and incremental backups the rest of
the week. But on separate tapes.
>
> : day's work (which is bad enough). Do not save money by writing more
> : than one backup on a tape.
>
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ Registered Machine 73926.
/( )\ Shrewsbury, New Jersey
^^-^^ 3:40pm up 2 days, 23:14, 3 users, load average: 2.17, 2.19,
2.12
------------------------------
From: "Scot Mc Pherson" <[EMAIL PROTECTED]>
Subject: rh7 & wu-ftp2.6.1
Date: Fri, 23 Feb 2001 20:55:35 GMT
I have recently upgraded my machine from rh6.2 to rh7. File structure is
very apparently different. I am trying figure out how to change the root
directory of the wu-ftp anon public folders. In the older version of rh6.2 I
knew how to do it, but I cannot find any information on redhat's or wu-ftp's
site about the new configuration setup regarding wu-ftp file structure.
Any assistance would be much appreciated.
--
Scot Mc Pherson
http://www.behomet.net
N27� 19' 56"
W82� 30' 39"
------------------------------
From: Jean-David Beyer <[EMAIL PROTECTED]>
Subject: Re: how to print man pages in good quality
Date: Fri, 23 Feb 2001 16:00:07 -0500
James Silverton wrote:
>
> Jean-David Beyer wrote:
> >
> > Bob Tennent wrote:
> > >
> > > On Thu, 22 Feb 2001 17:40:49 +0100, bv wrote:
> > > >
> > > >Can anyone tell me how to print man pages in really good quality?
> > >
> > > man -t <command> | lpr
> > >
> > That works pretty well for me for almost all commands, but some are
> > screwed up the same way as if you do man command | lpr instead of
> > man command | col -b | lpr . I.e., some stuff obviously meant to be
> > in bold is sloppily overtyped on my HP 660Cse printer that otherwise
> > does very well.
> >
> >>>>>>>>>>>Deletions<<<<<<<<<<<<<<<<
>
> The method that seems to work for me is to go to the originals and thus
> give, for example:
>
> zcat /usr/man/man1/foo.1.gz | groff -mandoc | lpr
>
> This works even tho' I am using a non-PostScript printer with apsfilter.
>
Well, I have no vacation.1.gz anywhere. I do have
/usr/man/man1/vacation.1 and I tried piping that through | groff
-mandoc | lpr
and it is just as lousy as ever. (Recall that most commands come out
just fine; there are just a few that are loused up.)
--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ Registered Machine 73926.
/( )\ Shrewsbury, New Jersey
^^-^^ 3:50pm up 2 days, 23:24, 3 users, load average: 2.11, 2.12,
2.10
------------------------------
From: "Matt O'Toole" <[EMAIL PROTECTED]>
Subject: Quick security tips for hosting mailing lists?
Date: Fri, 23 Feb 2001 13:14:13 -0800
I want to set up a mail server to host a couple of mailing lists for friends
and collegues. I haven't plowed through the docs yet, but I'm sure I'll
have no trouble setting up Sendmail or Postfix. However, I'm concerned
about security issues that might not be immediately apparent. Right now, I
have the usual pmfirewall/ipchains setup for typical home internet access,
plus a low-grade web server. I can run pmfirewall again, and just accept
what it gives me, but I'm concerned there might be something else I've
overlooked. Any tips? I'm running Mandrake 7.2
Matt O.
------------------------------
From: [EMAIL PROTECTED] (Lee Webb)
Subject: Re: surviving in a Windows only environment?
Date: 23 Feb 2001 21:16:42 GMT
Reply-To: [EMAIL PROTECTED]
On Fri, 23 Feb 2001 17:46:55 +0100, Georg Schwarz wrote:
>Is there a way to survive (with Linux) in a Windows only environment?
>More precisely, the company is using W2K and Office 2K. There's heavy
>usage of Word and PowerPoint attachments as well as Outlook's calendar
>function. The only mail server is MS Exchange and does not speak POP3 or
>IMAP (AFAIK). File access is provided by Netbui over TCP/IP. There's no
>NTP server to synchronize clocks (just some proprietary Windows method).
>
>Could Sun's StarOffice be of help here? Any other ideas?
>
Not much help from me here but...
MS Exchange Server *does* support POP3: it just has to be explicitly enabled.
That's one problem done. Five to go ;-)
Lee.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Legal GIF File Creation Under Linux
Date: Fri, 23 Feb 2001 21:22:23 -0000
On Mon, 29 Jan 2001 22:55:16 -0800 OpenMind <**Mail Free America**> wrote:
| I'd like to convert bitmap files to GIFs, especially animated GIFs, under
| Linux/Unix.
|
| Ideally, it should be controllable entirely from the command line. Barring
| that, the process should be invocable from a script.
|
| Equally important, I would like the files created to be LEGAL for web
| publication under the UniSys LZW licensing requirements. This means that
| any application or utility which creates then must have a UniSys license.
|
| Any suggestions?
As others have suggested, there is PNG. Animation is still in question
with PNG. I've never seen it work, though people are saying it should
be working soon.
Another alternative is uncompressed GIF. Since only the LZW algorithm
is subject to the patent held by Unisys, if you avoid compression, then
you avoid the patent issue. This is suitable for small GIFs.
Unisys goes out of their way to try to make it impossible for you to
get a license. Specifically, they don't want to license free software,
probably because they can't get a revenue stream from people copying
that software around. I know this because I actually tried.
So my GIF generating library does not include compression at all.
That is a big disadvantage. But it can do animation and true-color
GIFs (combining animation and true color doesn't work right no most
browsers, although separately, they work everywhere).
http://phil.ipal.org/freeware/angif/
--
=================================================================
| Phil Howard - KA9WGN | Dallas | http://linuxhomepage.com/ |
| [EMAIL PROTECTED] | Texas, USA | http://phil.ipal.org/ |
=================================================================
------------------------------
From: David <[EMAIL PROTECTED]>
Subject: Re: mount cdrom fails
Date: Fri, 23 Feb 2001 21:17:53 GMT
[EMAIL PROTECTED] wrote:
>
> mount -t iso9660 /dev/cdrom /cdrom/ gives the error message:
>
> mount: block device /dev/cdrom is write-protected, mounting read-only
> isofs_read_super: bread failed, dev=16:40, iso_blknum=16, block=32
> mount: wrong fs type, bad option, bad superblock on /dev/cdrom,
> or too many mounted file systems
> (aren't you trying to mount an extended partition,
> instead of some logical partition inside?)
>
> ls -l /dev/cdrom
> lrwxrwxrwx 1 root root 3 Feb 11 12:26 /dev/cdrom -> hdd
> ls -l /dev/hdd
> brw-rw---- 1 root disk 22, 64 Nov 30 10:22 /dev/hdd
> ls -l /cdrom
> drwxr-xr-x 2 root root 4096 Nov 30 10:24 cdrom
>
> /etc/fstab has the line:
> /dev/cdrom /cdrom iso9660 defaults,ro,user,noauto 0 0
>
> I installed from the CD (a Debian 2.2r2), but now no CD will mount.
> dmesg shows:
> hdd: WPI CDS-32X, ATAPI CDROM drive
>
> --
> [EMAIL PROTECTED]
With the /dev/cdrom line in /etc/fstab all you should have to use is:
mount /cdrom
--
Confucius say: He who play in root, eventually kill tree.
Registered with the Linux Counter. http://counter.li.org
ID # 123538
Completed more W/U's than 99.083% of seti users. +/- 0.01%
------------------------------
From: [EMAIL PROTECTED] (Bob Hauck)
Subject: Re: mirror terminal window to remote?
Reply-To: hauck[at]codem{dot}com
Date: Fri, 23 Feb 2001 22:03:20 GMT
On Fri, 23 Feb 2001 20:36:30 -0000, steve <[EMAIL PROTECTED]> wrote:
>I would like to login remotely to a Linux box (running X) and open
>an xterm on the remote host's display that would echo my keystrokes.
>In this way, someone at the console of the remote host could watch
>what I'm doing.
VNC allows more than one viewer to connect to a display using the
"-shared" switch. You and the remote user could both connect to the
same VNC server and view each other's actions. Would that be close
enough to solve your problem?
--
-| Bob Hauck
-| Codem Systems, Inc.
-| http://www.codem.com/
------------------------------
From: [EMAIL PROTECTED] (Bob Hauck)
Subject: Re: surviving in a Windows only environment?
Reply-To: hauck[at]codem{dot}com
Date: Fri, 23 Feb 2001 22:12:19 GMT
On Fri, 23 Feb 2001 17:46:55 +0100, Georg Schwarz
<[EMAIL PROTECTED]> wrote:
> The only mail server is MS Exchange and does not speak POP3 or IMAP
> (AFAIK).
Exchange Server _can_ speak both of those if it is enabled. I use Pine
and IMAP with Exchange just fine, as well as Netscape Mail. You can see
shared folders this way, but not the Calendar.
Pine 4.30+ and Netscape also support LDAP address books, which provides
a way to access the Exchange global address book. Works great here with
Exchange 5.5.
You might want to just try IMAP and/or POP3. Many Exchange admins seem
to have them enabled without knowing it.
> File access is provided by Netbui over TCP/IP.
You can mount SMB volumes using smbmount. If you just want to get/put
files and print, you can use smbclient.
>Could Sun's StarOffice be of help here? Any other ideas?
It does a very good (but not perfect) job of reading/writing the Office
file formats. It also has a mail program that I've never tried.
--
-| Bob Hauck
-| Codem Systems, Inc.
-| http://www.codem.com/
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Seperate firewall machine delema
Date: Fri, 23 Feb 2001 22:15:36 GMT
Warren Bell <[EMAIL PROTECTED]> wrote:
> behind the firewall. How can I pass all requests for HTTP, FTP and mail
> through the firewall machine to the internal one? Can I do this with
> ipchains? I've heard this is the best way to set up a firewall but
> can't figure out what to use for this.
Use "ipmasqadm portfw" for this (there are other ways, but that's what
I use).
Something like this in your firewall script:
ipmasqadm portfw -a -P tcp -L xxx.xxx.xxx.xxx 80 -R 192.168.0.xxx 80
The "xxx.xxx.xxx.xxx" is the IP of your firewall machine, as visible
from the outside world. the "192.168.0.xxx" is the address of the
machine on your local subnet, as visible on your LAN. This is for port
80, http.
Naturally, you have to open up your firewall so that outside machines
can connect on the port you want them to.
I also had to recompile my kernel to add port forwarding, it was not
in the kernel I had been using.
Be *very* careful doing this. If you allow people to connect from the
outside world to a daemon with a security hole, they'll be able to
exploit it on the machine you're forwarding to. Consider only letting
known IP's connect, say your work machine, and your friends
machines. Study the whole matter too, and think about it. This is
deliberately opening up a hole in your firewall, a risky thing to do.
--
Jim Buchanan [EMAIL PROTECTED] [EMAIL PROTECTED]
=================== http://www.buchanan1.net/ ==========================
"The power of accurate observation is commonly called cynicism
by those who have not got it." -George Bernard Shaw
================= Visit: http://www.thehungersite.com ==================
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Routing.....Arrrggggh...Help!!
Date: Fri, 23 Feb 2001 22:22:53 GMT
Adam Evans <[EMAIL PROTECTED]> wrote:
> I've done that, but it doesn't work........
> I just can't get my routing tables to look anywhere near the same.
What does "netstat -rn" show?
This works between to ethernet cards on @home, it was similar, but
with ppp0 instead of eth1 when I was using dialup.
jbuchana@grimalkin$ netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
24.22.216.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 24.22.216.1 0.0.0.0 UG 0 0 0 eth1
jbuchana@grimalkin$
--
Jim Buchanan [EMAIL PROTECTED] [EMAIL PROTECTED]
=================== http://www.buchanan1.net/ ==========================
"Baroque music is structured like a weaving on a loom, and it's no
accident that punch cards were invented to run looms before they were
used to run computers." -Larry Wall
================= Visit: http://www.thehungersite.com ==================
------------------------------
From: [EMAIL PROTECTED] (Bo Berglund)
Crossposted-To: comp.os.linux.security
Subject: SSH to RH6.2 through a firewall??
Reply-To: [EMAIL PROTECTED]
Date: Fri, 23 Feb 2001 22:53:28 GMT
How can I connect to my RH 6.2 machine if I install SSH?
The machine sits behind a NAT firewall (dedicated box) on which I can
set up port forwarding to any computer inside the firewall. By default
only outgoing connections are allowed but I can open up any TCP or UDP
port and specify which internal computer should handle the traffic.
So how do I set this up so I can connect through the Internet to my
Linux box, but only using SSH?
Bo Berglund
[EMAIL PROTECTED]
------------------------------
Subject: Odd Question
From: [EMAIL PROTECTED] (Lipid)
Date: Fri, 23 Feb 2001 23:07:12 GMT
THis is kind of funny...
I was tar'ing some files the other day and I created a file that can not
be deleted. Basically, I used the tar cvf option, but instead of putting my
filename after the 'f', I accidently used the '--attime-preserve' option.
This created a huge file called '--attime-preserve' and I can not delete
it.
When I try, it gives me the following errors:
# rm --atime-preserve
rm: unrecognized option `--atime-preserve'
Try `rm --help' for more information.
Tried to rename it then delete:
# mv --atime-preserve
mv: unrecognized option `--atime-preserve'
Try `mv --help' for more information.
Any suggestions?
Thanks,
Bo
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to comp.os.linux.misc.
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Misc Digest
******************************
