Re: FEC doesn't build on 5.0
Hello, Also, I believe you have used the implementation from wpaul's website. Nope, it was the in-tree one, but I also tried the one from wpaul's site... Thanks for the fix! --[ Free Software ISOs - http://www.fsn.hu/?f=download ]-- Attila Nagy e-mail: [EMAIL PROTECTED] Free Software Network (FSN.HU)phone @work: +361 210 1415 (194) cell.: +3630 306 6758 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
pw(8): $ (dollar sign) in username
Hi all, I've recently had the pleasure of configuring a FreeBSD machine as a Samba Primary Domain Controller. In smb.conf, one can specify an add user script directive to automate the creation of machine accounts. Otherwise, you have to manually create accounts for each machine on the network. See: http://us1.samba.org/samba/ftp/docs/htmldocs/Samba-PDC-HOWTO.html Problem is, smb requires a '$' at the end of the username, which our pw(8) doesn't allow. Allowing the $ is a one-character change to usr.sbin/pw/pw_user.c . Aside from the obvious pain of accidentally inserting shell variables as part of a username if the $ is not escaped, are there any specific problems with this change? Others would probably benefit from this. Is the change worth committing? Or would it be better to push this to pw.conf? --- usr.sbin/pw/pw_user.c.orig Sat Nov 16 21:55:28 2002 +++ usr.sbin/pw/pw_user.c Fri Dec 27 11:17:33 2002 @@ -1195,7 +1195,7 @@ pw_checkname(u_char *name, int gecos) { int l = 0; - char const *notch = gecos ? :!@ : ,\t:+#%$^()!@~*?=|\\/\; + char const *notch = gecos ? :!@ : ,\t:+#%^()!@~*?=|\\/\; while (name[l]) { if (strchr(notch, name[l]) != NULL || name[l] ' ' || name[l] == 127 || - Ryan -- Ryan Thompson [EMAIL PROTECTED] SaskNow Technologies - http://www.sasknow.com 901-1st Avenue North - Saskatoon, SK - S7K 1Y4 Tel: 306-664-3600 Fax: 306-244-7037 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: pw(8): $ (dollar sign) in username
On Fri, Dec 27, 2002 at 11:35:45AM -0600, Ryan Thompson wrote: Problem is, smb requires a '$' at the end of the username, which our pw(8) doesn't allow. The same patch which you proposed was suggested on the freebsd-current list. See the thread pw_user.c change for samba: http://docs.freebsd.org/mail/archive/2002/freebsd-current/20021201.freebsd-current.html http://docs.freebsd.org/mail/archive/2002/freebsd-current/20021208.freebsd-current.html I'm not sure what the outcome of the discussion was. -- Craig Rodrigues http://www.gis.net/~craigr [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: pw(8): $ (dollar sign) in username
Craig Rodrigues wrote to Ryan Thompson: On Fri, Dec 27, 2002 at 11:35:45AM -0600, Ryan Thompson wrote: Problem is, smb requires a '$' at the end of the username, which our pw(8) doesn't allow. The same patch which you proposed was suggested on the freebsd-current list. See the thread pw_user.c change for samba: Heh. Apparently I missed that. I don't get out much these days. :-) Thanks, - Ryan -- Ryan Thompson [EMAIL PROTECTED] SaskNow Technologies - http://www.sasknow.com 901-1st Avenue North - Saskatoon, SK - S7K 1Y4 Tel: 306-664-3600 Fax: 306-244-7037 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Login directly as root.
Hello hackers... I'm wondering why there is insecure options in /etc/ttys for virtual consoles. As we all know, insecure for ttyvX means that we can't directly log in as root, but insecure for console field in /etc/ttys means only that we will be asked for root's password in single mode. Hmm, if I got psyhical access to machine and ttyvX are in insecure mode and I know root's password I can just reboot machine and log in as root. So if insecure mode is a security feature, shouldn't this be in that way (in single mode): Login: wheel group member Password: wheel group member's password Root's password: root's password ? -- Pawel Jakub Dawidek UNIX Systems Administrator http://garage.freebsd.pl Am I Evil? Yes, I Am. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: pw(8): $ (dollar sign) in username
On Fri, 27 Dec 2002, Ryan Thompson wrote: Hi all, I've recently had the pleasure of configuring a FreeBSD machine as a Samba Primary Domain Controller. In smb.conf, one can specify an add user script directive to automate the creation of machine accounts. Otherwise, you have to manually create accounts for each machine on the network. See: http://us1.samba.org/samba/ftp/docs/htmldocs/Samba-PDC-HOWTO.html Problem is, smb requires a '$' at the end of the username, which our pw(8) doesn't allow. Well, the $ is only required for machine accounts! In Samba 3.0, and possibly in the latest 2.2.x releases, there is a separate 'add machine script' parameters. I think it would be better to simply frob the entry in the master.passwd in that script. While I have not tried it myself, I am lead to believe that once you edit the entry and run the appropriate command, things work. Allowing the $ is a one-character change to usr.sbin/pw/pw_user.c . Aside from the obvious pain of accidentally inserting shell variables as part of a username if the $ is not escaped, are there any specific problems with this change? Others would probably benefit from this. Is the change worth committing? Or would it be better to push this to pw.conf? --- usr.sbin/pw/pw_user.c.orig Sat Nov 16 21:55:28 2002 +++ usr.sbin/pw/pw_user.c Fri Dec 27 11:17:33 2002 @@ -1195,7 +1195,7 @@ pw_checkname(u_char *name, int gecos) { int l = 0; - char const *notch = gecos ? :!@ : ,\t:+#%$^()!@~*?=|\\/\; + char const *notch = gecos ? :!@ : ,\t:+#%^()!@~*?=|\\/\; while (name[l]) { if (strchr(notch, name[l]) != NULL || name[l] ' ' || name[l] == 127 || - Ryan -- Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Login directly as root.
If I had to take a guess, the reason normal user logins are disabled during insecure on single mode is because of the way authentication may be getting handled, among other things. First off, it's single-user mode, meant for only the root user; no one else has a need for the system at that point. Second, what if you're reading your usernames off of NIS and don't have anyone but root on your system? Then you'd get kind of screwed in single-user; your whole system would break. Well, I hope this helps you out. William Michael Grim Student, Southern Illinois University at Edwardsville Unix System Administrator, SIUE, Computer Science dept. Phone: (217) 341-6552 Email: [EMAIL PROTECTED] On Fri, 27 Dec 2002, Pawel Jakub Dawidek wrote: Hello hackers... I'm wondering why there is insecure options in /etc/ttys for virtual consoles. As we all know, insecure for ttyvX means that we can't directly log in as root, but insecure for console field in /etc/ttys means only that we will be asked for root's password in single mode. Hmm, if I got psyhical access to machine and ttyvX are in insecure mode and I know root's password I can just reboot machine and log in as root. So if insecure mode is a security feature, shouldn't this be in that way (in single mode): Login: wheel group member Password: wheel group member's password Root's password: root's password ? -- Pawel Jakub Dawidek UNIX Systems Administrator http://garage.freebsd.pl Am I Evil? Yes, I Am. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: pw(8): $ (dollar sign) in username
At 12:45 PM -0500 12/27/02, Craig Rodrigues wrote: On Fri, Dec 27, 2002 at 11:35:45AM -0600, Ryan Thompson wrote: Problem is, smb requires a '$' at the end of the username, which our pw(8) doesn't allow. The same patch which you proposed was suggested on the freebsd-current list. See the thread pw_user.c change for samba: http://docs.freebsd.org/mail/archive/2002/freebsd-current/20021201.freebsd-current.html http://docs.freebsd.org/mail/archive/2002/freebsd-current/20021208.freebsd-current.html I'm not sure what the outcome of the discussion was. The short-term outcome was that we were surprised to find out that the adduser script in 5-current was still using perl, and that there were some other perl scripts still in the base system. This was much more urgent to address than the $ in user-names. My intention was to write an update to allow $ as the last character in a userid and groupid, once we settled on a new version of adduser. I still have that around somewhere. I should look into that again. -- Garance Alistair Drosehn= [EMAIL PROTECTED] Senior Systems Programmer or [EMAIL PROTECTED] Rensselaer Polytechnic Instituteor [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Framebuffer howto?
Hello; I don't think we have a framebuffer, at least not like Linux. Check out the VESA module and wait for the KGI port to arrive (not soon but work is going on). cheers, Pedro. = --- Pedro F. Giffuni M.SC. Industrial Eng. University of Pittsburgh Mech. Eng. Universidad Nacional de Colombia --- Yahoo is powered by FreeBSDhttp://www.FreeBSD.org/ __ Yahoo! Cellulari: scarica i loghi e le suonerie per le tue feste! http://it.yahoo.com/mail_it/foot/?http://it.mobile.yahoo.com/index2002.html To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
NFS ACLS's ?
Are there any strange interactions between NFS and filesystems that are not UFS? E.g. UFS2? Does NFS support new features that these fs's may implement? Thanks, Joe To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: NFS ACLS's ?
joe mcguckin wrote: Are there any strange interactions between NFS and filesystems that are not UFS? E.g. UFS2? Does NFS support new features that these fs's may implement? NFS proxies the VFS requests it understands as RPC's to the server machine. Because these are proxied by RPC rather than descriptor, the only operations that are understood by an NFS client or server are the ones defined in the RFC's for NFS. If you need to proxy calls like ACL's and so on, probaqbly the correct thing to do is to implement a proxy VFS stacking layer. You can download source code for one of these from ftp.cs.ucla.edu, which was created at the time the Heidemann stacking VFS framework was implemented for the FICUS project (it's one of the examples in John Hedemann's master's thesis, located on that FTP site). The way it works is by proxying the descriptor contents, opaquely, to the other side. It's actually a much better approach, in most ways, than using NFS, since it can proxy any extensions you want to add to an FS, and you do not have to modify the proxying code. -- Terry To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Framebuffer howto?
Thats bad, we could have ported our desktop grade OS to BSD :( ~Mayuresh On Fri, 27 Dec 2002, [iso-8859-1] Pedro F. Giffuni wrote: Date: Fri, 27 Dec 2002 23:07:32 +0100 (CET) From: [iso-8859-1] Pedro F. Giffuni [EMAIL PROTECTED] To: Mayuresh Kathe [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Framebuffer howto? Hello; I don't think we have a framebuffer, at least not like Linux. Check out the VESA module and wait for the KGI port to arrive (not soon but work is going on). cheers, Pedro. = --- Pedro F. Giffuni M.SC. Industrial Eng. University of Pittsburgh Mech. Eng. Universidad Nacional de Colombia --- Yahoo is powered by FreeBSDhttp://www.FreeBSD.org/ __ Yahoo! Cellulari: scarica i loghi e le suonerie per le tue feste! http://it.yahoo.com/mail_it/foot/?http://it.mobile.yahoo.com/index2002.html To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message