Linux-Setup Digest #329, Volume #20 Tue, 2 Jan 01 18:13:10 EST
Contents:
problem with partitions (Sean)
Re: Strange passwd (R.E.Ballard ( Rex Ballard ))
Re: thoroughly hacked off with linux install (Phil Edwards)
Re: Strange passwd ("Chaz")
Re: Partition Check: mdb : Stop Interrupt!!! ([EMAIL PROTECTED])
Re: Strange passwd (Marble Head)
Re: Running Linux in RAM (Marble Head)
Re: Compaq Presario 1400, 14XL340 (Marble Head)
Telnet into Mandrake 7.2 box (Walter Harms)
Installing from hard drive not CDROM?
Re: Strange passwd ("Aaron R. Kulkis")
what is minimum components to install for console based gateway/proxy/firewall?
("Ralph A Freeman")
Re: what is minimum components to install for console based (David)
Re: Running Linux in RAM ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: Sean <[EMAIL PROTECTED]>
Subject: problem with partitions
Date: Tue, 02 Jan 2001 16:13:49 -0500
Hi, I am having problems with Redhat 6.1 and setting up
some additional partitions using cfdisk. The space is there and
the partition can be allocated but I cannot get it to the correct type
"ext2"??? I simply get the error unable to set type to extended? Does
anyone have an Idea how I can correct this??
thanks
ron
------------------------------
From: R.E.Ballard ( Rex Ballard ) <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.security,comp.os.linux.misc,comp.os.linux.advocacy
Subject: Re: Strange passwd
Date: Tue, 02 Jan 2001 21:07:38 GMT
In article <[EMAIL PROTECTED]>,
Martin <[EMAIL PROTECTED]> wrote:
> I installed 2 Turbolinux at 2 separate machine A and B. I want to make
> some users who do not need a password when they are login.
>
Take a look at the Beowulf howtos and documentation.
Typically, you want a front-end or gateway machine with full security
and a back-end machine with less security (to make transaction
processing faster.
You can create rhosts and ~/.rhosts files on each user's home on the
back-end system.
You can also use NIS and Netgroups which will allow you to set up
groups which allow only specific users from specific machines to
issue requests without a full authentication. You can also set up
firewall software that will only allow connections from your gateway
hosts.
For a bit more transparent authentication, you can use Kerberos
and LDAP (the real ones not Active Directory) and have a security
server manage access control for all systems. The user establishes
an identity on the gateway server, and the back-end servers can
trust the identity (using Kerberos tickets) but perform access
checking on each resource before it is used (typically on the Open
or connect request).
You can have transparant security without giving up security. Again,
a review of the Beowulf and PAM documentation is in order.
The problem isn't that there is no way to do what you want. The
problem is that there are many ways to get the effect you want while
still having a secure system. You need to review the documentation
to see which is the best fit.
You may want to get a Linux Consultant or a UNIX security consultant
to assist you in this matter if one is available in your area. Some
may even be willing to consult via e-mail at a reduced rate. Some can
even do the configuration for you via remote connection (which you
will seal shut once he's done.
========================================================================
-
>
> In Machine A, I tried as following:
>
> >passwd -d user123
> >passed -S user123
> Changing password for user user123
> Empty password.
>
> (and I can login this user without a password.)
>
>
========================================================================
-
>
> In Machine B, I got something different as following:
>
> >passwd -d user123
> >passed -S user123
> Changing password for user user123
> No Password set.
>
> (and I CAN'T login with this user without a password.)
>
>
========================================================================
-
>
> Why this happened? The two machines are have same linux version and
same
> config, and I tried to delete the problem user in machine B, and
> recreate again, but problem still exists.
> Thanks for any helps!
>
> Martin.
>
>
--
Rex Ballard - VP I/T Architecture
Linux Advocate, Internet Pioneer
http://www.open4success.com
Linux - 60 million satisfied users worldwide
and growing at over 9%/month! (recalibrated 10/23/00)
Sent via Deja.com
http://www.deja.com/
------------------------------
From: [EMAIL PROTECTED] (Phil Edwards)
Subject: Re: thoroughly hacked off with linux install
Date: 2 Jan 2001 16:23:43 -0500
Phil <[EMAIL PROTECTED]> wrote:
+ I attempted another re-install of redhat 7.0 again and it fails as
+ follows:-
+
+ ###################
+ Running anaconda - this may take some time to load
+ install exited abmormally - recieved signal 4
+ sending termination signals
+ ...
+ ####################
+ then advises to reboot !!
+
+ I have also tried using the "update image" from the redhat 7 errata
+ which relates to a booting problem but this doesn't seem to make any
+ difference.
Maybe this is the same problem, maybe not. The booting problem they mention
on their page is easily worked around by just not using the GUI installer.
That thing crashed in a number of different ways when I tried to use it --
the installation itself would be going fine, and then the GUI would get
its shorts in a knot and fail.
Use the text installer.
As far as the 3Com card goes, I wrestled with that for a while too.
The kernel shipped with RH7 worked fine, but a newer replacement kernel
did not. I posted my results here, and what I did to get it working,
for a 3c905 card (note, not 509).
Phil
------------------------------
From: "Chaz" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.security,comp.os.linux.misc,comp.os.linux.advocacy
Subject: Re: Strange passwd
Date: Tue, 2 Jan 2001 21:32:05 -0000
He could sipmly make the appropriate changes to hosts.allow and hosts.deny
"Bill Unruh" <[EMAIL PROTECTED]> wrote in message
news:92t94a$3ed$[EMAIL PROTECTED]...
> In <[EMAIL PROTECTED]> Martin <[EMAIL PROTECTED]> writes:
>
> ]I installed 2 Turbolinux at 2 separate machine A and B. I want to make
> ]some users who do not need a password when they are login.
>
> Why in the world do you want to do this? If those machines are connected
> to the net in any way, you have just made them a hackers dream. They can
> use them to launch attacks on others without fear of being found out.
> And you have opened yourself to liability lawsuits. Bad idea.
>
>
> ]>passwd -d user123
> ]>passed -S user123
> ]Changing password for user user123
> ]No Password set.
>
> ](and I CAN'T login with this user without a password.)
>
> Look at the PAM setup on machine B. You can set it up so that it will
> not work without a password.
>
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Partition Check: mdb : Stop Interrupt!!!
Date: Tue, 02 Jan 2001 21:20:32 GMT
Thanks for the info David, however, I can't get to a prompt. The boot
disk doesn't even give me a prompt as I hang up on the loader portion..
Any further suggestions?
In article <[EMAIL PROTECTED]>,
David <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> >
> > I just installed Linux on a dual OS system. I actually have Linux
> > installed on it's own partition in which all the hardrives check out
> > fine. When I boot the system it checks all my drives and it
appears to
> > have a problem when it gets to my Iomega Zip drive. It recognizes
in
> > the upper part of the loading but when it checks for partitions it
> > errors with mdb: Stop Interrupt and is in a constant loop. I never
> > have gotten to a command prompt so I can't modify anything (if I
even
> > knew what to modify) to stop checking for this drive. Any help
would
> > be appreciated. (I've even re-installed Linux and still errors on
the
> > same place).
> > Thanks,
> >
> > Sent via Deja.com
> > http://www.deja.com/
>
> I think you would edit /etc/fstab and change the line for the zip
drive
> so that it doesn't check the file system on zip drive.
>
> /dev/hddX /mnt/zip ext2 noauto,user,rw 0 0
>
> Try to boot "linux 1" and use vi to edit if you can get to a prompt.
>
> --
> Confucius say: He who play in root, eventually kill tree.
> Registered with the Linux Counter. http://counter.li.org
> ID # 123538
> Completed more W/U's than 98.973% of seti users. +/- 0.01%
>
Sent via Deja.com
http://www.deja.com/
------------------------------
From: [EMAIL PROTECTED] (Marble Head)
Crossposted-To: comp.os.linux.security,comp.os.linux.misc,comp.os.linux.advocacy
Subject: Re: Strange passwd
Date: 2 Jan 2001 21:25:55 GMT
Martin <[EMAIL PROTECTED]> wrote in <[EMAIL PROTECTED]>:
>I installed 2 Turbolinux at 2 separate machine A and B. I want to make
>some users who do not need a password when they are login.
>
>-------------------------------------------------------------------------
>
>In Machine A, I tried as following:
>
>>passwd -d user123
>>passed -S user123
>Changing password for user user123
>Empty password.
>
>(and I can login this user without a password.)
>
>-------------------------------------------------------------------------
>
>In Machine B, I got something different as following:
>
>>passwd -d user123
>>passed -S user123
>Changing password for user user123
>No Password set.
>
>(and I CAN'T login with this user without a password.)
>
>-------------------------------------------------------------------------
>
>Why this happened? The two machines are have same linux version and same
>config, and I tried to delete the problem user in machine B, and
>recreate again, but problem still exists.
>Thanks for any helps!
>
>Martin.
>
I agree with everyone else -- It's a terrible idea to eliminate passwords,
in nearly all situations. However, if you really know what you're doing
(which you probably don't, if you asked this question) then...
Simply edit your /etc/passwd file (or /etc/shadow) and remove the jibberish
that comes in between the first : and the second : characters.
------------------------------
From: [EMAIL PROTECTED] (Marble Head)
Crossposted-To: comp.os.linux.portable
Subject: Re: Running Linux in RAM
Date: 2 Jan 2001 21:38:09 GMT
[EMAIL PROTECTED] wrote in <92rcue$toa$[EMAIL PROTECTED]>:
>I have a Linux machine in an industrial setting. The machine needs to
>be able to withstand any type of power interruption by rebooting itself
>without any user interaction.
>
>I checked out ReiserFS, but it seems that it still might require some
>intervention, and it's really not the right solution to my problem.
>
>I really want to run all of the kernel bits in RAM, and have the HDD
>mounted read only for all of the support software. The computer does
>not need to save any information permanently to the hard disk. It just
>needs to support multiuser mode.
>
>Is there some way to make an image, copy it to ramdisk, then launch
>from ramdisk?
>
>
>Sent via Deja.com
>http://www.deja.com/
>
A beautiful example of such a thing is the Jumpstart CD for Alpha
processors, made by Compaq.
If you don't have an Alpha system handy to tinker with, here's the general
idea:
It mounts a ramdisk as / It then mounts the CD on /read-only (I made
that up.) In the / filesystem, there's not a single file to be found.
It's all softlinks to /read-only/whatever. (I probably made that up too.
Some files must be present, but they are minimal.)
Hope that helps. But either way --
By approaching the problem of power failures, by thinking about the FS, I
think you're a little off the mark.
If you have a UPS, when the power fails, the kernel will be notified, a
timeout will be set, and the system will automatically power itself down
before the UPS is exhausted. If power is restored during that time, the
shutdown will be cancelled. If you have "Wake-on-power-on" or something
similar, the system will automatically power-on when the power comes back
on.
...
That is, if you have it all configured properly.
It is far easier to configure your UPS than to configure your entire
distribution to be read-only.
------------------------------
From: [EMAIL PROTECTED] (Marble Head)
Subject: Re: Compaq Presario 1400, 14XL340
Date: 2 Jan 2001 21:53:46 GMT
>--------------64C07A3FF539989CE0006D37
>My friend installed RH in Compaq machine. He had problem with
>configuring the Sound drivers and the display drivers as they are not
>found in the RH distribution. The rpm can be downloaded from the compaq
>website and need to be installed.
>
>Regards
>Siva
Could you tell me more?
I can't find any RPM on Compaq's site for my computer. Haven't tried
looking for other ones though.
Mine is a 14XL340 Presario 1400 notebook.
Thanks...
------------------------------
From: Walter Harms <[EMAIL PROTECTED]>
Subject: Telnet into Mandrake 7.2 box
Date: Tue, 02 Jan 2001 13:53:29 -0800
I have set up a Mandrake 7.2 box at work for learing. I have been unable
to telnet into it from any outside machine. I have updated hosts.deny
and hosts.allow. I have checked that inetd.conf has telnet uncommented.
I have made sure that inetd is running. What else should I check? From
the box itself, and can telnet other machines.
Walter
------------------------------
From: <[EMAIL PROTECTED]>
Subject: Installing from hard drive not CDROM?
Date: Tue, 02 Jan 2001 22:30:05 -0000
I download a cd image for Linux Mandrake but I dont have a CDRW yet, is
there any way I can get linux to look for the installation files on my
primary slave hard drive and install to the master?
Email me at [EMAIL PROTECTED] if you think you can help.
--
Posted via CNET Help.com
http://www.help.com/
------------------------------
From: "Aaron R. Kulkis" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.security,comp.os.linux.misc,comp.os.linux.advocacy
Subject: Re: Strange passwd
Date: Tue, 02 Jan 2001 17:34:06 -0500
Martin wrote:
>
> I installed 2 Turbolinux at 2 separate machine A and B. I want to make
> some users who do not need a password when they are login.
>
> -------------------------------------------------------------------------
>
> In Machine A, I tried as following:
>
> >passwd -d user123
> >passed -S user123
> Changing password for user user123
> Empty password.
>
> (and I can login this user without a password.)
>
> -------------------------------------------------------------------------
>
> In Machine B, I got something different as following:
>
> >passwd -d user123
> >passed -S user123
> Changing password for user user123
> No Password set.
>
> (and I CAN'T login with this user without a password.)
>
> -------------------------------------------------------------------------
>
> Why this happened? The two machines are have same linux version and same
> config, and I tried to delete the problem user in machine B, and
> recreate again, but problem still exists.
> Thanks for any helps!
>
> Martin.
simple remove all characters from the password field of the /etc/passwd
(or /etc/shadow ) files for the usernames in question.
for mor info see
man passwd
man 5 passwd
man shadow
--
Aaron R. Kulkis
Unix Systems Engineer
DNRC Minister of all I survey
ICQ # 3056642
H: "Having found not one single carbon monoxide leak on the entire
premises, it is my belief, and Willard concurs, that the reason
you folks feel listless and disoriented is simply because
you are lazy, stupid people"
I: Loren Petrich's 2-week stubborn refusal to respond to the
challenge to describe even one philosophical difference
between himself and the communists demonstrates that, in fact,
Loren Petrich is a COMMUNIST ***hole
J: Other knee_jerk reactionaries: billh, david casey, redc1c4,
The retarded sisters: Raunchy (rauni) and Anencephielle (Enielle),
also known as old hags who've hit the wall....
A: The wise man is mocked by fools.
B: Jet Silverman plays the fool and spews out nonsense as a
method of sidetracking discussions which are headed in a
direction that she doesn't like.
C: Jet Silverman claims to have killfiled me.
D: Jet Silverman now follows me from newgroup to newsgroup
...despite (C) above.
E: Jet is not worthy of the time to compose a response until
her behavior improves.
F: Unit_4's "Kook hunt" reminds me of "Jimmy Baker's" harangues against
adultery while concurrently committing adultery with Tammy Hahn.
G: Knackos...you're a retard.
------------------------------
From: "Ralph A Freeman" <[EMAIL PROTECTED]>
Subject: what is minimum components to install for console based
gateway/proxy/firewall?
Date: Tue, 2 Jan 2001 14:34:04 -0800
I need to setup a proxybox for my home/home-office LAN of up to 16
(currently 7) windoze and Linux PC's.
Hardware is a P-133, 32M RAM, 1G HD.
I have been using Winproxy under win98, but I want the reliability of Linux.
Should I use Linux from scratch, or a distro? I already have RH 6.2 and a
recent ver. of Corel. I do not want a GUI, just a console (remote)
interface. It would be nice to tuck this box in a closet somewhere.
Squid would seem to be overkill. I have considered Tinyproxy. Security is
a relatively minor issue, but I do want some sort of firewall.
If anyone has setup up such a system, or could provide any input or
guidance, it would be greatly appreciated.
Thanks
Ralph
------------------------------
From: David <[EMAIL PROTECTED]>
Subject: Re: what is minimum components to install for console based
Date: Tue, 02 Jan 2001 16:56:44 -0600
Ralph A Freeman wrote:
>
> I need to setup a proxybox for my home/home-office LAN of up to 16
> (currently 7) windoze and Linux PC's.
>
> Hardware is a P-133, 32M RAM, 1G HD.
>
> I have been using Winproxy under win98, but I want the reliability of Linux.
>
> Should I use Linux from scratch, or a distro? I already have RH 6.2 and a
> recent ver. of Corel. I do not want a GUI, just a console (remote)
> interface. It would be nice to tuck this box in a closet somewhere.
>
> Squid would seem to be overkill. I have considered Tinyproxy. Security is
> a relatively minor issue, but I do want some sort of firewall.
>
> If anyone has setup up such a system, or could provide any input or
> guidance, it would be greatly appreciated.
I haven't tried corel but I know that with redhat you can do a text
install, or expert install if you want more control of it. You don't
have to install X.
--
Confucius say: He who play in root, eventually kill tree.
Registered with the Linux Counter. http://counter.li.org
ID # 123538
Completed more W/U's than 98.973% of seti users. +/- 0.01%
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.portable
Subject: Re: Running Linux in RAM
Date: Tue, 02 Jan 2001 22:52:55 GMT
Thanks for the point. The thing is, the system must fail gracefully.
It is in an industrial vehicle that controls hydraulics. I have a
small UPS in there, but its job is to maintain stable power. When they
turn off a switch on the console, it chops power to all of the servos,
electronics and the computer.
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Marble Head) wrote:
> [EMAIL PROTECTED] wrote in <92rcue$toa$[EMAIL PROTECTED]>:
>
> >I have a Linux machine in an industrial setting. The machine needs
to
> >be able to withstand any type of power interruption by rebooting
itself
> >without any user interaction.
> >
> >I checked out ReiserFS, but it seems that it still might require some
> >intervention, and it's really not the right solution to my problem.
> >
> >I really want to run all of the kernel bits in RAM, and have the HDD
> >mounted read only for all of the support software. The computer does
> >not need to save any information permanently to the hard disk. It
just
> >needs to support multiuser mode.
> >
> >Is there some way to make an image, copy it to ramdisk, then launch
> >from ramdisk?
> >
> >
> >Sent via Deja.com
> >http://www.deja.com/
> >
>
> A beautiful example of such a thing is the Jumpstart CD for Alpha
> processors, made by Compaq.
> If you don't have an Alpha system handy to tinker with, here's the
general
> idea:
> It mounts a ramdisk as / It then mounts the CD on /read-only (I
made
> that up.) In the / filesystem, there's not a single file to be
found.
> It's all softlinks to /read-only/whatever. (I probably made that up
too.
> Some files must be present, but they are minimal.)
>
> Hope that helps. But either way --
> By approaching the problem of power failures, by thinking about the
FS, I
> think you're a little off the mark.
> If you have a UPS, when the power fails, the kernel will be notified,
a
> timeout will be set, and the system will automatically power itself
down
> before the UPS is exhausted. If power is restored during that time,
the
> shutdown will be cancelled. If you have "Wake-on-power-on" or
something
> similar, the system will automatically power-on when the power comes
back
> on.
> ...
> That is, if you have it all configured properly.
> It is far easier to configure your UPS than to configure your entire
> distribution to be read-only.
>
Sent via Deja.com
http://www.deja.com/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to comp.os.linux.setup.
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Setup Digest
******************************
