SUDO and adduser... not allowing group of wheel

2004-03-19 Thread Eric Six 
Hi all,

I have an admin question regarding sudo. I want a user to be able to use sudo with 
adduser, but not be able to add users to the group wheel. How would I go a bout doing 
this?

Cmnd_Alias  NOWHEEL = !/usr/sbin/adduser -group wheel

I tried the above and that doesn't seem to do it..

TIA
Eric

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Alpha and Unaligned access errors.

2003-02-14 Thread Eric Six 
Et All,

I am running 5.0-release on axp. Using ipfw I am getting alot of:

pid 643 (ipfw): unaligned access: va=0x1200a80b4 pc=0x120001780
ra=0x120001764 op=ldq
pid 643 (ipfw): unaligned access: va=0x1200a80bc pc=0x120001784
ra=0x120001764 op=ldq
pid 643 (ipfw): unaligned access: va=0x1200a8104 pc=0x120001780
ra=0x120001764 op=ldq
pid 643 (ipfw): unaligned access: va=0x1200a810c pc=0x120001784
ra=0x120001764 op=ldq

Messages whenever I do a ipfw -* commands. I know I can add a
unaligned_print=NO to rc.conf to stop these errors, but what I am
wondering is: Is this normal or is this a sign of a software problem with
ipfw?

TIA
Eric Six

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

RE: Break sequence under Cisco 2500series...

2003-02-13 Thread Eric Six 
There is no break sequence via telnet. You have to be consoled into the
router and send the break sequence as the router boots.


www.cisco.com



Eric Six

-Original Message-
From: Mynx [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 10:24 AM
To: [EMAIL PROTECTED]
Subject: Break sequence under Cisco 2500series...


Hi all, my question is: I want to know what is the break sequence
key to interrupt the connection when I´m making telnet to a router (Cisco
2500series), ´cause I want to change all my passwords. Any help welcome,
thanks...



To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

RE: network issue

2003-02-13 Thread Eric Six 
What is your default gateway and subnet mask for your lan?

Cheers,
Eric Six

-Original Message-
From: Brian Henning [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 13, 2003 11:37 AM
To: freebsd
Subject: network issue


My local network (192.168.1.0) consists of two machine BSD1 (192.168.1.40)
and
BSD2 (192.168.1.42).
There is a third machine (192.168.1.254, ip address from isp) that acts as a
gateway router. When my internet connection goes down for whatever reason I
loose connections in my local network. For example, i can't ping
192.168.1.40
from 192.168.1.42. is there any explaination for this? is it because my
default
route is set to be external?

Thanks,

Brian

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

Open ports after install..

2003-02-11 Thread Eric Six 
I just installed 5.0AXP and am locking it down a bit and I have two open
ports I cannot figure out what they are:

Port   State   Service
22/tcp openssh 
1433/tcp   filteredms-sql-s
1434/tcp   filteredms-sql-m 

# netstat -a
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address  Foreign Address(state)
tcp4   0  0  brennans.ssh   esix.dra.com.2790
ESTABLISHED
tcp4   0  0  localhost.smtp *.*CLOSED
tcp4   0  0  *.ssh  *.*LISTEN
tcp6   0  0  *.ssh  *.*LISTEN
udp4   0  0  *.syslog   *.*
udp6   0  0  *.syslog   *.*
Active UNIX domain sockets
Address  Type   Recv-Q Send-QInode Conn Refs  Nextref Addr
fc001235d518 stream  0  00 fc001235d5e00
0
fc001235d5e0 stream  0  00 fc001235d5180
0
fc001235dc20 dgram   0  00 fc0012bde0000
fc001235dce8
fc001235dce8 dgram   0  00 fc0012bde0000
0
fc0012bde000 dgram   0  0 fc001294e0000
fc001235dc200 /var/run/log



No sql on this box.. I am stumped...


Eric

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

RE: Open ports after install..

2003-02-11 Thread Eric Six 
Nevermind all, turns out this is an acl on our campus switch to block that
sql worm.


Cheers,
Eric

-Original Message-
From: Eric Six [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 11, 2003 1:40 PM
To: '[EMAIL PROTECTED]'
Subject: Open ports after install..


I just installed 5.0AXP and am locking it down a bit and I have two open
ports I cannot figure out what they are:

Port   State   Service
22/tcp openssh 
1433/tcp   filteredms-sql-s
1434/tcp   filteredms-sql-m 

# netstat -a
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address  Foreign Address(state)
tcp4   0  0  brennans.ssh   esix.dra.com.2790
ESTABLISHED
tcp4   0  0  localhost.smtp *.*CLOSED
tcp4   0  0  *.ssh  *.*LISTEN
tcp6   0  0  *.ssh  *.*LISTEN
udp4   0  0  *.syslog   *.*
udp6   0  0  *.syslog   *.*
Active UNIX domain sockets
Address  Type   Recv-Q Send-QInode Conn Refs  Nextref Addr
fc001235d518 stream  0  00 fc001235d5e00
0
fc001235d5e0 stream  0  00 fc001235d5180
0
fc001235dc20 dgram   0  00 fc0012bde0000
fc001235dce8
fc001235dce8 dgram   0  00 fc0012bde0000
0
fc0012bde000 dgram   0  0 fc001294e0000
fc001235dc200 /var/run/log



No sql on this box.. I am stumped...


Eric

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

Cron script problem....

2002-12-11 Thread Eric Six 
Hi All,

I am having a weird problem on a freebsd 4.7. I have two perl scripts I am
running via cron, one is run as root to make a backup of a directory and the
files in it, the second is run as a user to scp files to another box. What I
am encountering is the second script is running but dying after the first
ssh remote command. Here is what second script does; it uses ssh remote
command to create a directory on the remote server with todays date, the
next command is the actual recurise scp command. Here is what the script
looks like;

~begin~
#!/usr/bin/perl -w
# tar cf filename.tar pathtotar/

chomp ($SCP=`which scp`);
chomp ($SSH=`which ssh`);

$pathtomakebackup=/bind_backups;
chomp ($today=`date`);

my ($day,$month,$date,$time,$timezone,$year) = split (' ',$today);
$archive_date=$month-$date-$year;

`$SSH backupuser\@server13.blah.com mkdir ~/bind_backups/nsX/$archive_date 
/var/log/ssh.log 21`;
`$SCP -vr $pathtomakebackup/$archive_date/
backupuser\@server13.blah.com:~/bind_backups/nsX/  /var/log/scp.log 21`;
~end~

If I run the script interactively, it works fine. From CRON it dies after
the SSH command makes the directory on the remote server. Here is how I have
it setup in cron;

05 22 * * 1,3,5 perl /adminscripts/erics/bind_backup_scp.pl


It works fine from cron on Solaris and Linux... anyone have any ideas? 

TIA
Eric

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

RE: Cron script problem....

2002-12-11 Thread Eric Six 
Interactively, I am running the script as the backup account that cron uses
to run the copy script. And it runs correctly interactively. I try the ssh
-v and see if that says anything.. Is there a timeout issue that cron might
be seeing? Anyone know? hmm.. I am stumped.

Eric

-Original Message-
From: Norbert Koch [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 11, 2002 1:50 PM
To: Jack L. Stone
Cc: Eric Six; '[EMAIL PROTECTED]'
Subject: Re: Cron script problem


Jack L. Stone [EMAIL PROTECTED] writes:

Hi!

 Eric: I'm no script expert, but perhaps if you added the full path to perl
 in the cron line. That's usually a problem

Shouldn't be the case here, because then, the script wouldn't start at
all, but as Eric has pointed out it runs up to the first SSH call.

Eric, 

it might be a good idea to call ssh with the -v switch and capture the
output of the command.  Maybe it sheds some light into your problem.

Do you use the same user for interactive and cronjob operation?

norbert.

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

RE: Cron script problem....

2002-12-11 Thread Eric Six 

I've added the verbose flag to ssh. Here is snipet from the log.. The
connection is built, directory made, and connection torn down. It seems as
if ssh is sending a kill or exit after it runs??

debug1: Reading configuration data /etc/ssh/ssh_config^M
debug1: Applying options for *^M
debug1: Rhosts Authentication disabled, originating port will not be
trusted.^M
debug1: restore_uid^M

debug1: ssh-userauth2 successful: method publickey^M

debug1: Entering interactive session.^M
debug1: client_init id 0 arg 0^M
debug1: Sending command: mkdir /bind_backups/ns3/Dec-11-2002^M

debug1: client_input_channel_req: channel 0 rtype exit-status reply 0^M
debug1: channel 0: rcvd close^M
debug1: channel 0: is dead^M
debug1: channel_free: channel 0: status: The following connections are
open:^M
  #0 client-session (t4 r0 i8/0 o128/0 fd -1/-1)^M
^M
debug1: channel_free: channel 0: dettaching channel user^M

That's the last line of the log.. nothing else is run. SCP should be invoked
from there...


Eric
-Original Message-
From: Eric Six [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 11, 2002 1:53 PM
To: 'Norbert Koch'
Cc: '[EMAIL PROTECTED]'
Subject: RE: Cron script problem


Interactively, I am running the script as the backup account that cron uses
to run the copy script. And it runs correctly interactively. I try the ssh
-v and see if that says anything.. Is there a timeout issue that cron might
be seeing? Anyone know? hmm.. I am stumped.

Eric

-Original Message-
From: Norbert Koch [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 11, 2002 1:50 PM
To: Jack L. Stone
Cc: Eric Six; '[EMAIL PROTECTED]'
Subject: Re: Cron script problem


Jack L. Stone [EMAIL PROTECTED] writes:

Hi!

 Eric: I'm no script expert, but perhaps if you added the full path to perl
 in the cron line. That's usually a problem

Shouldn't be the case here, because then, the script wouldn't start at
all, but as Eric has pointed out it runs up to the first SSH call.

Eric, 

it might be a good idea to call ssh with the -v switch and capture the
output of the command.  Maybe it sheds some light into your problem.

Do you use the same user for interactive and cronjob operation?

norbert.

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

Perl question... calculating difference in time..

2002-12-05 Thread Eric Six 
I know this isn't a perl list, but this is a perl on freebsd question! ;)

I have a script that is sorting log files. I want to calculate the total
time between log entrys. Here is the format of the log files:

Dec 05 09:51:48.452 info info.info data
...
Dec 05 09:53:49.543 info info.info data

The output should return something along the lines of: total time between
log entries 02:01:01.091.

I have the time fields pulled out but I cannot figure out how to seprate
them into a calculatable format. And if this was run from after midnight and
the log files rolled back to 23:00, how to calculate this..Any help is much
appreciated!

TIA
Eric

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

SSH and public key authentication..

2002-10-15 Thread Eric Six 

Hi all..

I am trying to use public key authentication between a freebsd 4.6 box and a
sun box. I have numerous other sun boxes doing publickey authentication,
mainly for scp scripts. I have setup the bsd box so it is configured the
same. I have generated the keys and copyied the id_dsa.pub to the sun server
and placed it in the authorized_keys file.  
However, everytime I invoke scp or ssh on the bsd box, it is forcing
password authentication. 

Output with -v -v;
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 1001 geteuid 1001 anon 1
debug1: Connecting to filestore [10.203.60.137] port 22.
debug1: temporarily_use_uid: 1001/1001 (e=1001)
debug1: restore_uid
debug1: temporarily_use_uid: 1001/1001 (e=1001)
debug1: restore_uid
debug1: Connection established.
debug3: No RSA1 key file /home/esix/.ssh/id_dsa.pub.
debug1: identity file /home/esix/.ssh/id_dsa.pub type 2
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.0.2p1
debug1: match: OpenSSH_3.0.2p1 pat ^OpenSSH
debug1: Local version string SSH-1.5-OpenSSH_2.9 FreeBSD localisations
20011202
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug3: check_host_in_hostfile: filename /home/esix/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'filestore' is known and matches the RSA1 host key.
debug1: Found key in /home/esix/.ssh/known_hosts:1
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Doing password authentication.

If I do the same on the sun boxes, I see it's authenticating via
publickey,password,interactive. What will get ssh on fbsd to do this?

TIA
Eric

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

SSH and public key authentication..

2002-10-15 Thread Eric Six 

Hi all..

I am trying to use public key authentication between a freebsd 4.6 box and a
sun box. I have numerous other sun boxes doing publickey authentication,
mainly for scp scripts. I have setup the bsd box so it is configured the
same. I have generated the keys and copyied the id_dsa.pub to the sun server
and placed it in the authorized_keys file.  
However, everytime I invoke scp or ssh on the bsd box, it is forcing
password authentication. 

Output with -v -v;
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 1001 geteuid 1001 anon 1
debug1: Connecting to filestore [10.203.60.137] port 22.
debug1: temporarily_use_uid: 1001/1001 (e=1001)
debug1: restore_uid
debug1: temporarily_use_uid: 1001/1001 (e=1001)
debug1: restore_uid
debug1: Connection established.
debug3: No RSA1 key file /home/esix/.ssh/id_dsa.pub.
debug1: identity file /home/esix/.ssh/id_dsa.pub type 2
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.0.2p1
debug1: match: OpenSSH_3.0.2p1 pat ^OpenSSH
debug1: Local version string SSH-1.5-OpenSSH_2.9 FreeBSD localisations
20011202
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug3: check_host_in_hostfile: filename /home/esix/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'filestore' is known and matches the RSA1 host key.
debug1: Found key in /home/esix/.ssh/known_hosts:1
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Doing password authentication.

If I do the same on the sun boxes, I see it's authenticating via
publickey,password,interactive. What will get ssh on fbsd to do this?

TIA
Eric

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

RE: ncsd

2002-10-08 Thread Eric Six 

Run Bind as a caching only server. Ncsd is a sun program if I am correct.. I
don't ever recall seeing it anywhere else (aix, *bsd).


Cheers,
Eric

-Original Message-
From: Steven Garrett [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 08, 2002 2:40 PM
To: [EMAIL PROTECTED]
Subject: RE: ncsd


yes, but we already have dns servers.  we do alot of name resolution at my
site and would like to have some type of caching on the web servers
themselves so as to reduce the load on our dns servers.  I haven't been able
to determine if ncsd is part of the freebsd build, as I didn't see it
anywhere on our servers or source cds.  

Thanks,

Steve

-Original Message-
From: Thomas T. Veldhouse [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 08, 2002 1:53 PM
To: Kris Kennaway; Steven Garrett
Cc: [EMAIL PROTECTED]
Subject: Re: ncsd


It is for name caching.  It is supplied as part of the GNU C library.
isc-bind fills the role nicely.

Tom Veldhouse

- Original Message -
From: Kris Kennaway [EMAIL PROTECTED]
To: Steven Garrett [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Tuesday, October 08, 2002 12:40 PM
Subject: Re: ncsd


To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

PicoBSD wireless support...

2002-09-23 Thread Eric Six 


All;

I recently came across Warlinux, a bootable linux cd that has wireless
support and a load of network utilites for wireless(802.11b). I began
wondering if anyone has ventured into this for FreeBSD...

Has anyone?


Cheers,
Eric 

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message