SUDO and adduser... not allowing group of wheel
Hi all, I have an admin question regarding sudo. I want a user to be able to use sudo with adduser, but not be able to add users to the group wheel. How would I go a bout doing this? Cmnd_Alias NOWHEEL = !/usr/sbin/adduser -group wheel I tried the above and that doesn't seem to do it.. TIA Eric ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Alpha and Unaligned access errors.
Et All, I am running 5.0-release on axp. Using ipfw I am getting alot of: pid 643 (ipfw): unaligned access: va=0x1200a80b4 pc=0x120001780 ra=0x120001764 op=ldq pid 643 (ipfw): unaligned access: va=0x1200a80bc pc=0x120001784 ra=0x120001764 op=ldq pid 643 (ipfw): unaligned access: va=0x1200a8104 pc=0x120001780 ra=0x120001764 op=ldq pid 643 (ipfw): unaligned access: va=0x1200a810c pc=0x120001784 ra=0x120001764 op=ldq Messages whenever I do a ipfw -* commands. I know I can add a unaligned_print=NO to rc.conf to stop these errors, but what I am wondering is: Is this normal or is this a sign of a software problem with ipfw? TIA Eric Six To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: Break sequence under Cisco 2500series...
There is no break sequence via telnet. You have to be consoled into the router and send the break sequence as the router boots. www.cisco.com Eric Six -Original Message- From: Mynx [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 13, 2003 10:24 AM To: [EMAIL PROTECTED] Subject: Break sequence under Cisco 2500series... Hi all, my question is: I want to know what is the break sequence key to interrupt the connection when I´m making telnet to a router (Cisco 2500series), ´cause I want to change all my passwords. Any help welcome, thanks... To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: network issue
What is your default gateway and subnet mask for your lan? Cheers, Eric Six -Original Message- From: Brian Henning [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 13, 2003 11:37 AM To: freebsd Subject: network issue My local network (192.168.1.0) consists of two machine BSD1 (192.168.1.40) and BSD2 (192.168.1.42). There is a third machine (192.168.1.254, ip address from isp) that acts as a gateway router. When my internet connection goes down for whatever reason I loose connections in my local network. For example, i can't ping 192.168.1.40 from 192.168.1.42. is there any explaination for this? is it because my default route is set to be external? Thanks, Brian To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Open ports after install..
I just installed 5.0AXP and am locking it down a bit and I have two open ports I cannot figure out what they are: Port State Service 22/tcp openssh 1433/tcp filteredms-sql-s 1434/tcp filteredms-sql-m # netstat -a Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address(state) tcp4 0 0 brennans.ssh esix.dra.com.2790 ESTABLISHED tcp4 0 0 localhost.smtp *.*CLOSED tcp4 0 0 *.ssh *.*LISTEN tcp6 0 0 *.ssh *.*LISTEN udp4 0 0 *.syslog *.* udp6 0 0 *.syslog *.* Active UNIX domain sockets Address Type Recv-Q Send-QInode Conn Refs Nextref Addr fc001235d518 stream 0 00 fc001235d5e00 0 fc001235d5e0 stream 0 00 fc001235d5180 0 fc001235dc20 dgram 0 00 fc0012bde0000 fc001235dce8 fc001235dce8 dgram 0 00 fc0012bde0000 0 fc0012bde000 dgram 0 0 fc001294e0000 fc001235dc200 /var/run/log No sql on this box.. I am stumped... Eric To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: Open ports after install..
Nevermind all, turns out this is an acl on our campus switch to block that sql worm. Cheers, Eric -Original Message- From: Eric Six [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 11, 2003 1:40 PM To: '[EMAIL PROTECTED]' Subject: Open ports after install.. I just installed 5.0AXP and am locking it down a bit and I have two open ports I cannot figure out what they are: Port State Service 22/tcp openssh 1433/tcp filteredms-sql-s 1434/tcp filteredms-sql-m # netstat -a Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address(state) tcp4 0 0 brennans.ssh esix.dra.com.2790 ESTABLISHED tcp4 0 0 localhost.smtp *.*CLOSED tcp4 0 0 *.ssh *.*LISTEN tcp6 0 0 *.ssh *.*LISTEN udp4 0 0 *.syslog *.* udp6 0 0 *.syslog *.* Active UNIX domain sockets Address Type Recv-Q Send-QInode Conn Refs Nextref Addr fc001235d518 stream 0 00 fc001235d5e00 0 fc001235d5e0 stream 0 00 fc001235d5180 0 fc001235dc20 dgram 0 00 fc0012bde0000 fc001235dce8 fc001235dce8 dgram 0 00 fc0012bde0000 0 fc0012bde000 dgram 0 0 fc001294e0000 fc001235dc200 /var/run/log No sql on this box.. I am stumped... Eric To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Cron script problem....
Hi All, I am having a weird problem on a freebsd 4.7. I have two perl scripts I am running via cron, one is run as root to make a backup of a directory and the files in it, the second is run as a user to scp files to another box. What I am encountering is the second script is running but dying after the first ssh remote command. Here is what second script does; it uses ssh remote command to create a directory on the remote server with todays date, the next command is the actual recurise scp command. Here is what the script looks like; ~begin~ #!/usr/bin/perl -w # tar cf filename.tar pathtotar/ chomp ($SCP=`which scp`); chomp ($SSH=`which ssh`); $pathtomakebackup=/bind_backups; chomp ($today=`date`); my ($day,$month,$date,$time,$timezone,$year) = split (' ',$today); $archive_date=$month-$date-$year; `$SSH backupuser\@server13.blah.com mkdir ~/bind_backups/nsX/$archive_date /var/log/ssh.log 21`; `$SCP -vr $pathtomakebackup/$archive_date/ backupuser\@server13.blah.com:~/bind_backups/nsX/ /var/log/scp.log 21`; ~end~ If I run the script interactively, it works fine. From CRON it dies after the SSH command makes the directory on the remote server. Here is how I have it setup in cron; 05 22 * * 1,3,5 perl /adminscripts/erics/bind_backup_scp.pl It works fine from cron on Solaris and Linux... anyone have any ideas? TIA Eric To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: Cron script problem....
Interactively, I am running the script as the backup account that cron uses to run the copy script. And it runs correctly interactively. I try the ssh -v and see if that says anything.. Is there a timeout issue that cron might be seeing? Anyone know? hmm.. I am stumped. Eric -Original Message- From: Norbert Koch [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 11, 2002 1:50 PM To: Jack L. Stone Cc: Eric Six; '[EMAIL PROTECTED]' Subject: Re: Cron script problem Jack L. Stone [EMAIL PROTECTED] writes: Hi! Eric: I'm no script expert, but perhaps if you added the full path to perl in the cron line. That's usually a problem Shouldn't be the case here, because then, the script wouldn't start at all, but as Eric has pointed out it runs up to the first SSH call. Eric, it might be a good idea to call ssh with the -v switch and capture the output of the command. Maybe it sheds some light into your problem. Do you use the same user for interactive and cronjob operation? norbert. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: Cron script problem....
I've added the verbose flag to ssh. Here is snipet from the log.. The connection is built, directory made, and connection torn down. It seems as if ssh is sending a kill or exit after it runs?? debug1: Reading configuration data /etc/ssh/ssh_config^M debug1: Applying options for *^M debug1: Rhosts Authentication disabled, originating port will not be trusted.^M debug1: restore_uid^M debug1: ssh-userauth2 successful: method publickey^M debug1: Entering interactive session.^M debug1: client_init id 0 arg 0^M debug1: Sending command: mkdir /bind_backups/ns3/Dec-11-2002^M debug1: client_input_channel_req: channel 0 rtype exit-status reply 0^M debug1: channel 0: rcvd close^M debug1: channel 0: is dead^M debug1: channel_free: channel 0: status: The following connections are open:^M #0 client-session (t4 r0 i8/0 o128/0 fd -1/-1)^M ^M debug1: channel_free: channel 0: dettaching channel user^M That's the last line of the log.. nothing else is run. SCP should be invoked from there... Eric -Original Message- From: Eric Six [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 11, 2002 1:53 PM To: 'Norbert Koch' Cc: '[EMAIL PROTECTED]' Subject: RE: Cron script problem Interactively, I am running the script as the backup account that cron uses to run the copy script. And it runs correctly interactively. I try the ssh -v and see if that says anything.. Is there a timeout issue that cron might be seeing? Anyone know? hmm.. I am stumped. Eric -Original Message- From: Norbert Koch [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 11, 2002 1:50 PM To: Jack L. Stone Cc: Eric Six; '[EMAIL PROTECTED]' Subject: Re: Cron script problem Jack L. Stone [EMAIL PROTECTED] writes: Hi! Eric: I'm no script expert, but perhaps if you added the full path to perl in the cron line. That's usually a problem Shouldn't be the case here, because then, the script wouldn't start at all, but as Eric has pointed out it runs up to the first SSH call. Eric, it might be a good idea to call ssh with the -v switch and capture the output of the command. Maybe it sheds some light into your problem. Do you use the same user for interactive and cronjob operation? norbert. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Perl question... calculating difference in time..
I know this isn't a perl list, but this is a perl on freebsd question! ;) I have a script that is sorting log files. I want to calculate the total time between log entrys. Here is the format of the log files: Dec 05 09:51:48.452 info info.info data ... Dec 05 09:53:49.543 info info.info data The output should return something along the lines of: total time between log entries 02:01:01.091. I have the time fields pulled out but I cannot figure out how to seprate them into a calculatable format. And if this was run from after midnight and the log files rolled back to 23:00, how to calculate this..Any help is much appreciated! TIA Eric To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
SSH and public key authentication..
Hi all.. I am trying to use public key authentication between a freebsd 4.6 box and a sun box. I have numerous other sun boxes doing publickey authentication, mainly for scp scripts. I have setup the bsd box so it is configured the same. I have generated the keys and copyied the id_dsa.pub to the sun server and placed it in the authorized_keys file. However, everytime I invoke scp or ssh on the bsd box, it is forcing password authentication. Output with -v -v; debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1: ssh_connect: getuid 1001 geteuid 1001 anon 1 debug1: Connecting to filestore [10.203.60.137] port 22. debug1: temporarily_use_uid: 1001/1001 (e=1001) debug1: restore_uid debug1: temporarily_use_uid: 1001/1001 (e=1001) debug1: restore_uid debug1: Connection established. debug3: No RSA1 key file /home/esix/.ssh/id_dsa.pub. debug1: identity file /home/esix/.ssh/id_dsa.pub type 2 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.0.2p1 debug1: match: OpenSSH_3.0.2p1 pat ^OpenSSH debug1: Local version string SSH-1.5-OpenSSH_2.9 FreeBSD localisations 20011202 debug1: Waiting for server public key. debug1: Received server public key (768 bits) and host key (1024 bits). debug3: check_host_in_hostfile: filename /home/esix/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host 'filestore' is known and matches the RSA1 host key. debug1: Found key in /home/esix/.ssh/known_hosts:1 debug1: Encryption type: 3des debug1: Sent encrypted session key. debug1: Installing crc compensation attack detector. debug1: Received encrypted confirmation. debug1: Doing password authentication. If I do the same on the sun boxes, I see it's authenticating via publickey,password,interactive. What will get ssh on fbsd to do this? TIA Eric To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
SSH and public key authentication..
Hi all.. I am trying to use public key authentication between a freebsd 4.6 box and a sun box. I have numerous other sun boxes doing publickey authentication, mainly for scp scripts. I have setup the bsd box so it is configured the same. I have generated the keys and copyied the id_dsa.pub to the sun server and placed it in the authorized_keys file. However, everytime I invoke scp or ssh on the bsd box, it is forcing password authentication. Output with -v -v; debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1: ssh_connect: getuid 1001 geteuid 1001 anon 1 debug1: Connecting to filestore [10.203.60.137] port 22. debug1: temporarily_use_uid: 1001/1001 (e=1001) debug1: restore_uid debug1: temporarily_use_uid: 1001/1001 (e=1001) debug1: restore_uid debug1: Connection established. debug3: No RSA1 key file /home/esix/.ssh/id_dsa.pub. debug1: identity file /home/esix/.ssh/id_dsa.pub type 2 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.0.2p1 debug1: match: OpenSSH_3.0.2p1 pat ^OpenSSH debug1: Local version string SSH-1.5-OpenSSH_2.9 FreeBSD localisations 20011202 debug1: Waiting for server public key. debug1: Received server public key (768 bits) and host key (1024 bits). debug3: check_host_in_hostfile: filename /home/esix/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host 'filestore' is known and matches the RSA1 host key. debug1: Found key in /home/esix/.ssh/known_hosts:1 debug1: Encryption type: 3des debug1: Sent encrypted session key. debug1: Installing crc compensation attack detector. debug1: Received encrypted confirmation. debug1: Doing password authentication. If I do the same on the sun boxes, I see it's authenticating via publickey,password,interactive. What will get ssh on fbsd to do this? TIA Eric To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: ncsd
Run Bind as a caching only server. Ncsd is a sun program if I am correct.. I don't ever recall seeing it anywhere else (aix, *bsd). Cheers, Eric -Original Message- From: Steven Garrett [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 08, 2002 2:40 PM To: [EMAIL PROTECTED] Subject: RE: ncsd yes, but we already have dns servers. we do alot of name resolution at my site and would like to have some type of caching on the web servers themselves so as to reduce the load on our dns servers. I haven't been able to determine if ncsd is part of the freebsd build, as I didn't see it anywhere on our servers or source cds. Thanks, Steve -Original Message- From: Thomas T. Veldhouse [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 08, 2002 1:53 PM To: Kris Kennaway; Steven Garrett Cc: [EMAIL PROTECTED] Subject: Re: ncsd It is for name caching. It is supplied as part of the GNU C library. isc-bind fills the role nicely. Tom Veldhouse - Original Message - From: Kris Kennaway [EMAIL PROTECTED] To: Steven Garrett [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, October 08, 2002 12:40 PM Subject: Re: ncsd To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
PicoBSD wireless support...
All; I recently came across Warlinux, a bootable linux cd that has wireless support and a load of network utilites for wireless(802.11b). I began wondering if anyone has ventured into this for FreeBSD... Has anyone? Cheers, Eric To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message