Linux-Setup Digest #744, Volume #20 Sat, 3 Mar 01 15:13:08 EST
Contents:
Kernal panic ("enness")
Re: setting IP on hp network printer ("Jacques-Andr� Petit")
Re: 1024 cylinder limit (John Thompson)
Re: Do daemons corrupt system security? (Glen Trevino)
Re: Kernel Panic, or hang off boot disk... ("Tauno Voipio")
Re: How do I apply a kernel patch? (Armond Perretta)
Re: setting IP on hp network printer (Stefano Ghirlanda)
How do I get my hard disk to boot Win 2000 again? ("Stevie T")
Trouble installing RedHat 6.2 ("Replicon")
Re: Mike Perry --Re: cannot update from 7 to 7.1 scsi devices??????????? (Mike Perry)
Redhat 7.0 Kernel 2.4.2 upgrade & pppd (Rick Angell)
Lilo stops on LI (Luca)
Disabling Telnet ("Mark Bennett")
Re: How do I apply a kernel patch? ("Gene Heskett")
Re: SOLVED: ip on hp network printer ("Gene Heskett")
2.4.2 kernel does not boot (Frederik Himpe)
Re: Do daemons corrupt system security? (John Hasler)
----------------------------------------------------------------------------
From: "enness" <[EMAIL PROTECTED]>
Subject: Kernal panic
Date: Sat, 03 Mar 2001 17:14:44 GMT
I am using LM7.2. I had some free space between my Win95 and linux
partition. I used "cfdisk" and created a small (20Mb) Logical partition at
the end of free space. When I rebooted afterwards, Linux wont boot up and
hangs with a message "Kernal panic: VFS: unable to mount root fs on 03:05".
Nothing more can be done. The book I refer just mentions that it is a kind
of emergency landing (??!!), but no more info about how to correct.
I have no data at all so nothing to worry, I am only in trial & error
learning stage.
Any help is appreciated.
Thanks
Sri
------------------------------
From: "Jacques-Andr� Petit" <[EMAIL PROTECTED]>
Subject: Re: setting IP on hp network printer
Date: Sat, 3 Mar 2001 18:23:36 +0100
You don't have to move to their building.
Let's take an example...
Imagine the IP-address of the box is 123.456.789.123, with a subnet-mask of
255.255.255.0
You simply put a second address to you machine, wich is 123.456.789.124 and
the same netmask of 255.255.255.0
In such a way, you are on the same network (logically and physically)
As you are on the same network, the gateway is no more necessary, and you
can directly talk to the box, and the box will directly respond to you,
without using the gateway.
By the way, I think it is a bad thing to put a gateway in your printer box,
unless mandatory for a particular use (different networks printing on the
printer) as you make your printer "worldwid reacheable" wich is not always
recommanded.
If you cannot put a second address on your computer, then change the one you
have by the new one, make the changes to the box, and then take your old
address again.
The first solution is the best, as when you will change the address of the
box in the new network, when you will reconnect, you will use your "first"
address in place of the second one.
An other way, I think, is to ping the box.
You first have to change your arp-table by adding the new ip-address and the
MAC-address of the box in your arp table (arp add -s .... make a man arp to
get the right syntax) then ping the box.
Normally, the box, once pinged that way, should "take" the new address...
>From there, you can telnet into, and make the next changes.
Regards
Stefano Ghirlanda <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Rasmus B�g Hansen <[EMAIL PROTECTED]> writes:
>
> > > Thanks! But I have a problem with telnet because the wrong gateway is
> > > set on the printer so it cannot be reached... our local network is
> > > routed through a different gateway.
> > >
> > > Other suggestions?
> >
> > Temporarily set a box on the same subnet as the printer, telnet to the
> > printer and set correct IP configuration on the printer and revert the
> > box' IP configuration to normal.
>
> Ok, we're getting closer... but this other subnet is in a building a
> few hundred meters away. I *could* knock on their door with the
> printer on my back and say: "Hi, can I just hook this up somewhere?"
> but I would rather avoid it...
>
> > If you have a kernel with IP aliasing, you can even define an IP alias
> > for the same subnet as the printer - this way you can continue normal
> > network operation in the meantime...
>
> MY IP aliasing knowledge is 0. I will read the HOWTO. I want also try
> to minimize disturbance to the network. Can I do something like
> connecting the printer directly to the ethernet port of a machine that
> is temporarily set to have the IP of the gateway the printer is set to
> go through? And then telnet form the fake gateway...
>
> Thanks for these ideas,
>
> --
> Stefano - Hodie quinto Nonas Martias MMI est
------------------------------
From: John Thompson <[EMAIL PROTECTED]>
Subject: Re: 1024 cylinder limit
Date: Sat, 03 Mar 2001 09:48:14 -0600
Javier wrote:
> What is the 1024 cylinder limit? Does that mean anything under 8GB? If
> not, how do you calculate what the 1024 cylinder limit is?
The 1024 cylinder limit is a limitation inherent in the 80x86
architecture, where the processor has to start in real-mode using
the real-mode BIOS and all the limitations that entails. Ten
years ago, the 1024 cylinder limit meant that any partition on a
HD device that extended past 1024 cylinders (about 504MB) was
invisible to the BIOS and therefore unbootable. As HD devices
became larger, a work-around was developed in which the HD
controller would lie to the BIOS about the number of cylinders so
the BIOS thought it only saw 1024 or fewer cylinders while the
controller translated the real addresses and fabricated addresses
on the fly to keep the BIOS happy ("LBA"). This brought the 1024
cylinder limit up to about 8GB, but in the last couple years even
that has not been enough.
Bottom line: If you have a relatively modern machine that
supports LBA just keep your bootable partitions below the first
8GB of the HD device. That way the BIOS can boot your operating
system, which in turn can load protected-mode drivers to access
the rest of the HD.
--
-John ([EMAIL PROTECTED])
------------------------------
From: Glen Trevino <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux,alt.os.linux.suse
Subject: Re: Do daemons corrupt system security?
Date: Sat, 03 Mar 2001 13:00:16 -0500
Most 'system' daemons do run as root, as they should and
need to. In the case of httpd (Apache) you should only run
the parent process as root and the children (the only processes
actually accepting connections) as user 'nobody'. The 'syslogd'
needs to run as root because it writes sensitive log data to protected
files that only root can read/write. Traditionally, the most commonly
troubled/exploited *nix daemon was 'sendmail' (SMTP) and 'named'
(BIND/DNS). No software/OS/system/box is 100% secure. One
can only be 'more secure'. These programs have arguably become
more secure as of lately. Of course they found several new holes
in BIND about 6 weeks ago. You just have to keep up with your
patches, just as you must with ANY operating system whether it's
Linux, the BSDs, Windows95/98/NT/2000, HP-UX, OS/400, etc...
As for your particular daemon, do what the vendor tells you to do. If
they say DO NOT run as root, don't. There is probably a VERY good
reason for it. Think what would happen if vi was a daemon running as
root (or more realistic, running SUID root). That would mean that anybody
running vi would become root for the while using it. They would be given
privledges not needed and definately dangerous to the system (could edit
the passwd/shadow file, inetd, etc...). Same with your daemon, it may be
dangerous to run as root.
For more information on host/network/general computer security go to
www.linuxsecurity.com. They can articulate what I'm trying to say much
better, as I am currently ill and can't think too straight : ( Also keep up
with the bug reports and patches by subscribing to their Linux Advisory
Watch newsletter that is emailed to you weekly and also emergency
advisories as they come out.
Erik Leunissen wrote:
> L.S.
>
> I've got some software (which manages licenses for licensed software),
> which consist of two daemons. The documentation of this software
> repeatedly an strongly disencourages to run these daemons as user root
> because - in general - doing so, constitutes a system security risk.
>
> Encouraged by this warning, I've been checking all daemons that are
> launched automatically at system boot by my Linux installation (SuSE
> version 6.4). What do i find: THEY ALL RUN AS USER ROOT!
>
> Not being very introduced to the subject of system security, I find this
> peculiar. Either the licensing software vendor seems somewhat paranoia
> about system security, or SuSE seems to be neglecting system security
> offensively.
>
> Anyway, I've got a very hard time trying to make the information
> correspond.
> Shouldn't I take the licensing software seriously, or should I adjust
> the initialization scripts of all daemon processes that came with the
> SuSE installation, with respect to the users they are run as?
>
> I'd appreciate it very much, if someone more knowledgeable about system
> security issues, gave me some advice.
>
> Thanks in advance,
>
> Erik Leunissen.
>
> --
>
> Remove fake from the e-mail address to reply.
------------------------------
From: "Tauno Voipio" <[EMAIL PROTECTED]>
Crossposted-To: linux.redhat.misc,linux.redhat.install,comp.os.linux.misc
Subject: Re: Kernel Panic, or hang off boot disk...
Date: Sat, 03 Mar 2001 17:58:30 GMT
"Terry Denbo" <[EMAIL PROTECTED]> wrote in message
news:Ip9o6.201$[EMAIL PROTECTED]...
> I had to replace my SCSI card, unfortunately it was with a different
brand.
> When booting up, I get a kernel panic, because it's loading the wrong
> drivers. I try booting off a boot disk, type "linux single", but it get's
> to a certian point and hangs at this point:
>
> VFS: Mounted root (ext2 filesystem) readonly.
> change_root: old root has d_count=1
> Trying to unmount old root ... okay
> Freeing unused kernel memory: 64k freed
>
>
> Will not go past this point. Please help! It's dead in the water until
> this is fixed!!
>
You need another, running Linux system. You need to change the inital
ramdisk contents on the boot disk to match the new controller. See
Bootdisk-HOWTO.
Tauno Voipio
tauno voipio @ iki fi
------------------------------
From: Armond Perretta <[EMAIL PROTECTED]>
Subject: Re: How do I apply a kernel patch?
Date: Sat, 3 Mar 2001 13:01:48 -0500
Gene Heskett wrote:
>
> The patchfiles are ALWAYS made against the last major.minor number
> of the kernel release ...
[good detail snipped]
Thanks for the detailed instructions. BTW since you appear well
informed on patching the latest sources, have you any idea if the
supermount 0.5.3 patch works in 2.4.2?
--
Good luck and good sailing.
s/v Kerry Deare of Barnegat
http://kerrydeare.tripod.com
------------------------------
From: Stefano Ghirlanda <[EMAIL PROTECTED]>
Subject: Re: setting IP on hp network printer
Date: 03 Mar 2001 19:06:32 +0100
"Jacques-Andr� Petit" <[EMAIL PROTECTED]> writes:
> By the way, I think it is a bad thing to put a gateway in your printer box,
> unless mandatory for a particular use (different networks printing on the
> printer) as you make your printer "worldwid reacheable" wich is not always
> recommanded.
Thanks for this tip - I hadn't realised that the gw was unnecessary.
--
Stefano - Hodie quinto Nonas Martias MMI est
------------------------------
From: "Stevie T" <[EMAIL PROTECTED]>
Subject: How do I get my hard disk to boot Win 2000 again?
Date: Sat, 3 Mar 2001 18:28:39 -0000
Brethren,
10Gig hard Drive - Partitioned 5Gigs for Win 2000 Server and later
(yesterday!) I put on Mandrake 7.2.
I used the "default" settings and the Grub?, took the MBR for Linux.
Now I would use Grub for my boot manager, but Win 2000 server runs slower
with this configuration. Also when booting into Win 2000 it reports "NTLDR
missing", then tries to boot the CD, before going into "slow" Win 2000.
I tried to get Win 2000 to be the MBR, by using the repair console. This
does not work (I ask it to re-write the MBR, but no joy). I don't want to
reload Win2000 and lose my reg settings for the Program Files, I've loaded.
I have 1st Master (the 10Gig Win 2000/Linux), 1st slave (5Gig FAT32), CD
ROM, 2nd slave (2Gig FAT16) which I think has caused Linux to move some of
the Win files else where.
I have to admit, I prefer to use the "boot.ini" file for booting. Sorry!
Any help offered?
Steve
Dump the "spamdump" if emailing.
------------------------------
From: "Replicon" <[EMAIL PROTECTED]>
Subject: Trouble installing RedHat 6.2
Date: Sat, 3 Mar 2001 13:04:32 -0800
Hi, I'm a first time user, and am having some problems installing RedHat
6.2.
First, I'd like to point out that after booting from the disk, I cannot use
the graphical version of the setup... I have to type "text" before... But
that's ok, that's not the problem.
See, after selecting all the options and stuff, it starts copying the files
and everything, but about 6 minutes or so before the end, the bottom of the
screen turns red, with black text, and it says something like
"setup abnormally terminated, sending kill signal, ejectong cd...
you may safely reboot your PC."
And it ejects the CD. Does anyone know why it does that? Some additional
info about my computer might help:
C:\ (hda1) is my mani 30 gig HD, with windoze installed (FAT32)
My other HD (1.2 gig), hdc, is where I want to install RedHat. The
partitions I have selected consist of just a 200MB swap partition, and a
1000mb '/' partition. I don't need/want anything else, cause I won't be
doing any "upgrade, etc" stuff with it. I'm setting it up as a learning
system, not a big multiuser server and stuff.
some hardware info, cause i know someone will ask:
Intel Pentium 200MMX
96MB EDO RAM (yeah yeah old system, crucify me! =) )
i have an ATI 3d-xpression (essencially MACH2 with a lame 3d acceleration
chip... one of the first ones) with 2 mb on it
diamond monster 3d, voodoo1 chipset (old, but can i still use it in linux,
btw?)
anyway, if you need other info, just feel free to ask.
Thank you in advance for all your help.
RK
------------------------------
From: [EMAIL PROTECTED] (Mike Perry)
Subject: Re: Mike Perry --Re: cannot update from 7 to 7.1 scsi devices???????????
Date: Sat, 03 Mar 2001 18:54:09 -0000
On Sat, 03 Mar 2001 01:31:05 +0000, dad <[EMAIL PROTECTED]> wrote:
>Hi Mike
>I would love to remove the SCSI module - I am now a 3 day old Linux user and
>haven't the first idea how to do it.
>I found a linux disc on a magazine (which I have long since thrown out) and
>finally plucked up the courage to try it. The book I bought to help me had
>Linux 7.1 on board and I thought to upgrade -- OOOPS!
>
>Any help asnd adfvice deeply appreciated
>
>
Not guaranteeing that this will work... Go into the existing system and
become root on it. Now type lsmod ide-scsi and see if that module is
loaded. If so, you will need to have it not load at boot time. Check out
whether it is being loaded in /etc/conf.modules or modules.conf... I always
get those confused these days :). Search the conf.modules (modules.conf)
file for ide-scsi. If you find it, just place a # in front of the line as
the very first character. Now hopefully when you reboot the system, it will
not load the ide-scsi driver.
I am not totally sure that this is the issue so it may take a bit more
checking to find the culprit.
--
Michael Perry
[EMAIL PROTECTED]
==================
------------------------------
From: [EMAIL PROTECTED] (Rick Angell)
Subject: Redhat 7.0 Kernel 2.4.2 upgrade & pppd
Date: Sat, 03 Mar 2001 19:25:01 -0000
Greetings,
I'm running Redhat 7.0, and I downloaded and installed Kernel
2.4.2 as well as pppd 2.4. When I try to connect to the internet, I get a
message back from pppd that says I don't have kernel support for pppd
compiled in. I selected PPP support when I ran "make xconfig". Is there any
way to make sure I selected the correct options?
Thanks, Rick
------------------------------
From: Luca <[EMAIL PROTECTED]>
Subject: Lilo stops on LI
Date: Sat, 03 Mar 2001 19:28:10 GMT
I just set up Mandrake 7.2 as the second OS on my system (the other being
Wind 98). I'm trying to get Lilo to work so I can boot either OS at
startup.
My setup:
Windows on hde
Linux on hdg (I'm using an Abit KT7a-raid mb - the hard drives are each
master on the raid controller's (Highpoint HPT370) two channels. However,
no raid is set up. The drives work independently.
I can boot Linux with a floppy, however the kernel is loaded from the
floppy. Once booted, I can access all drives with no problems.
lilo.conf reads like this:
boot = /dev/hde
map = /boot/map
timeout = 50
linear
prompt
message = /boot/message
default = win
vga = normal
append = "hdc=ide-scsi"
root = /dev/hdg6
read-only
install=/boot/boot.b
keytable=/boot/us.klt
menu-scheme=wb:bw:wb:bw
image = /boot/vmlinuz-secure
label = linux
vga = 791
append = " hdc=ide-scsi"
image = /boot/vmlinuz
label = linux-up
append = " hdc=ide-scsi"
image = /boot/vmlinuz
label = failsafe
The file was created by mandrake setup. I tried to change "linear" to
"lba32" with no success.
I thank you in advance for any help. Please give instructions in detail
since I'm fairly new to Linux.
Luca
------------------------------
From: "Mark Bennett" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.help,linux.redhat
Subject: Disabling Telnet
Date: Sat, 3 Mar 2001 12:32:47 -0700
Hi,
I'm just learning how to set up a Linux server and would like to know how I
can disable the telnet services? I run a RedHat 7.0 box, which comes with
SSH already installed and operating. I would much rather run SSH than
telnet. Can anyone tell me what I can do to shut telnet off, or at the very
least block access to it from other computers on the Internet? Thanks,
-Mark
------------------------------
Date: 3 Mar 2001 12:49:52 -0500
From: "Gene Heskett" <[EMAIL PROTECTED]>
Subject: Re: How do I apply a kernel patch?
Gene Heskett sends Greetings to Gene Heskett;
Yes, I know, its considered poor form to talk to oneself, particularly
when it appears the talk isn't in normal language, like this echo.
Unforch, the echo of this message points out a potential gotcha, a big
one!
GH> Gene Heskett sends Greetings to Bora Ugurlu;
BU>> David wrote:
>>> Pumpkinhead wrote:
>>>>
>>>> i have rh6.2 running 2.2.18 and wish to apply patch-2.2.18.gz.
>>>>
>>>> has anyone done this before?
>>>>
>>>> i go:
>>>>
>>>> % cd /usr/src
>>>> % patch -p0 < patch-2.2.18
>>>>
>>>> and get something like:
>>>>
>>>> previous reversed patch detected. assume -R [n]
>>>>
>>>> does anyone have any clue of what's happening?
>>>>
>>>> peter
>>>
>>> I think you need to unpack the patch and then.
>>>
>>> cd /usr/src/linux
>>> patch -p0 < /full/path/to/patch.diff
>>>
BU>> And then?
BU>> Recompile the kernel or what?
GH> The patchfiles are ALWAYS made against the last major.minor
GH> number of the kernel release. This means that a patchfile called
GH> *2.4.2-ac10, to use the latest one, is intended to be applied to
GH> a PRISTINE unpack of the 2.4.2 release. Its not very hard to
GH> write a bash script that does all that for you, and then all you
GH> have to do is run 'make oldconfig' etc.
GH> The script looks like this, executed from /usr/src:
GH> -------
GH> #!/bin/bash
GH> VER=2.4.2-ac10
GH> cd /usr/src/linux
consider:
GH> cp -f .config /var/.config
which should display as
cp -f .config slash var slash dot config (without the spaces)
The same error occurs at several locations in this.
Now here, I have a button that turns off ALL styling of the message, but
some folks are not so blessed as to be using THOR, on an Amiga, so the
above would be *very* confusing. Sorry.
GH> cp -f .config.old /var/.config.old
GH> cp -f makeit /var/makeit
GH> cd ..
GH> rm -f linux
GH> bunzip2 patch-$VER.bz2
GH> tar xIvf /pub/dlds/linux-2.4.2.tar.bz2
GH> mv linux linux-$VER
GH> ln -s linux-$VER linux
GH> cd linux
GH> patch -p1 <../patch-$VER
GH> mv /var/.config .
GH> mv /var/.config.old .
GH> mv /var/makeit .
GH> --------
GH> Edit the paths and VER to suit.
GH> Note that I also saved another script called 'makeit', which is a
GH> similarly written script that does the compile, and in pseudocode
GH> it does:
GH> sets its VER
GH> make dep
GH> make bzImage
GH> copy's the bzImage to /boot/vmlinuz-$VER
GH> make modules
GH> removes any /lib/modules/VER.old directories
GH> moves the old /lib/modules/VER to VER.old
GH> make modules_install
GH> rm's the link from the current /boot/System.map
GH> installs a new /boot/System.map-VER
GH> links /boot/System.map-VER to /boot/System.map
GH> depmod -a $VER
GH> /sbin/lilo -v
GH> This assumes you have edited /etc/lilo.conf to add the new kernel
GH> by the time it gets around to running lilo.
GH> My script is longer than that as it steps out of the linux dir
GH> and rebuilds the sensors stuffs too, but thats the general
GH> outline. I would have copied them over directly and included
GH> them, but it appears that 2.4.2-ac10 has managed to kill samba,
GH> or this amiga needs a reboot.
It was NOT 2.4.2-ac10. I had fired up (autorunning it) a background
malloc debugging tool on this amiga, and it apparently has a major upset
tummy when confronted with Samba-2.0.7. It took many reboots of both
machines to confirm that, and there are no error messages logged when it
fails, none, nada.
GH> You of course are responsible for properly setting the compile up
GH> with the make oldconfig, make xconfig sequence. I find I have to
GH> tell xconfig that my system clock keeps time in UTC everytime,
GH> seems a make oldconfig doesn't detect that properly and resets it
GH> to localtime.
Cheers, Gene
--
Gene Heskett, CET, UHK |Amiga A2k Zeus040, Linux @ 500mhz
email gene underscore heskett at iolinc dot net
#Amiga based X10 home automation program EZHome, see at:#
<http://www.thirdwave.net/~jimlucia/amigahomeauto>
This messages reply content, but not any previously quoted material,
is � 2001 by Gene Heskett, all rights reserved.
--
------------------------------
Date: 3 Mar 2001 13:8:29 -0500
From: "Gene Heskett" <[EMAIL PROTECTED]>
Subject: Re: SOLVED: ip on hp network printer
Gene Heskett sends Greetings to Stefano Ghirlanda;
SG> Hi,
SG> I had been stupid here. The network settings could be configured
SG> directly from the printer's lcd panel, they where just a littel
SG> bit hidden.
SG> Thanks to all that helped!
That headache will probably go away once you quit slapping your
forehead.
:-)
Cheers, Gene
--
Gene Heskett, CET, UHK |Amiga A2k Zeus040, Linux @ 500mhz
email gene underscore heskett at iolinc dot net
#Amiga based X10 home automation program EZHome, see at:#
<http://www.thirdwave.net/~jimlucia/amigahomeauto>
This messages reply content, but not any previously quoted material,
is � 2001 by Gene Heskett, all rights reserved.
--
------------------------------
From: Frederik Himpe <[EMAIL PROTECTED]>
Subject: 2.4.2 kernel does not boot
Date: Sat, 3 Mar 2001 20:45:54 +0100
Hello,
I have just installed Debian Potato 2.2 rev.2 on a 486 system. Now I have
tried installing the 2.4.2 kernel. I have built it from the source on my
Pentium II running Mandrake, then mount the source tree to Debian via NFS
and did a make modules_install, copied the bzImage, and ran LILO.
When booting this kernel it just says:
ran out of input data
-- system halted
Does somebody have an idea what could be wrong?
Frederik
------------------------------
From: John Hasler <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux,alt.os.linux.suse
Subject: Re: Do daemons corrupt system security?
Date: Sat, 3 Mar 2001 18:33:33 GMT
Erik Leunissen writes:
> Shouldn't I take the licensing software seriously, or should I adjust the
> initialization scripts of all daemon processes that came with the SuSE
> installation, with respect to the users they are run as?
The licensing software is right, but some daemons must run as root in order
to do their jobs.
What you should do is review all those daemons, learn what they do, and get
rid of any that you don't need.
--
John Hasler
[EMAIL PROTECTED]
Dancing Horse Hill
Elmwood, Wisconsin
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to comp.os.linux.setup.
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Setup Digest
******************************
