From: Digestifier To: Linux-Admin@senator-bedfellow.mit.edu Reply-To: Linux-Admin@senator-bedfellow.mit.edu Date: Mon, 10 Oct 94 23:13:40 EDT Subject: Linux-Admin Digest #173 Linux-Admin Digest #173, Volume #2 Mon, 10 Oct 94 23:13:40 EDT Contents: Spline (Jussi Kantola) Re: Bug in Linux 'mv'? (Christopher Gori) Re: strange lockups, bizarre networking... (Steve Kneizys) Re: Why doesn't ftp work?? (Matti Aarnio) Re: SLIP w/Dynamic IP Addresses (Diane L. Calleson) Clock freq. for WD90C30?? (Josh N. Pritikin) Re: catman in linux (Andries Brouwer) Re: [help] user cannot update password (Bob Collie) Re: Ftape works...Not yet (Bigfoot) Re: Security hole - has noone noticed so far? (Damien P. Neil) Linux box as Router ?? (Tony Schwartz) WANTED: Contract Person for Linux - Routers (Tony Schwartz) Re: XFree86-3.1 - Whoopee! (Dan Pop) Re: Where to find acct for 1.1.49+? (Robert Sink) Re: eth0: Inf. loop in interrupt, sometimes, with a 3c509 (Donald Becker) Re: Please don't post security holess... (M. K. Shenk) Solaris secondary DNS can't suck zones from Linux primary DNS (Kurt Klingbeil) ---------------------------------------------------------------------------- From: jkantola@paju.oulu.fi (Jussi Kantola) Subject: Spline Date: 10 Oct 1994 15:33:16 GMT In our DECStation, there's a program called spline that interpolates smooth curves... now, my roommate says it is part of System IV. It seems like this is program is associated with something called 'graph'. Anyway, given these very poor hints, could someone direct me to the source of this program? I'd like it running in my linux box (so the linux binary will do just as well). Answers in email please, I don't read the newsgroup. -- email: Jussi.Kantola@Oulu.Fi (Jussi Kantola) IRC: jute Nobody passes the test of time ------------------------------ From: cgori@isengard.stanford.edu (Christopher Gori) Subject: Re: Bug in Linux 'mv'? Date: 10 Oct 1994 11:34:29 GMT (fox@graphics.cs.nyu.edu (David Fox)) wrote: >In article <1994Oct6.232625.625@spectre.apana.org.au> rjl@spectre.apana.org.au (Richard Lindner) writes: > >] : cp doesn't copy symlinks. If you want a completely messed up file tree, go >] ^^^^^^^^^^^^^^^^^^^^^^^^^ >] hmm - could've fooled me (and cp - better tell it that it's getting it wrong!!) > >Well, There's GNU cp and "Unix" cp. If you need to use cp >in a script or an alias, or you frequently find yourself >sitting in front of different types of unix boxes, you may >not want to assume that the cp -a option exists, better to >stick to tar. Thanks - I guess I didn't really read the man page for GNU cp very thoroughly. Raised on Sun's - you use tar not cp, for the reason I gave. (no symlinks copy) I guess the cp -a is OK, but as David says - don't expect it to always work portably. I'd like to know if that's what the person who said "tar is safer" meant - or if there is something else I'm not catching. Sorry for any confusion. Chris Gori cgori@isengard.stanford.edu ------------------------------ Crossposted-To: comp.os.linux.development,comp.os.linux.help Subject: Re: strange lockups, bizarre networking... From: STEVO@acad.ursinus.edu (Steve Kneizys) Date: 10 Oct 94 11:26:37 EST Rob Newberry (rob@eats.com) wrote: : As was posted several days ago, my machine is one of those which has been : having strange lockups the past weeks. Basically, when I upgraded from 1.1.10 : to 1.1.45 (and now 1.1.50), my system will occasionally hang hard. A : power-reset is the only thing to bring it back. [stuff deleted] : Finally, one more bit of information. Often times the hangs are preceded by : periods of sluggish network performance. My telnet logins to the machine will : simply sit there as I type commands, then eventually they'll work. : Also, tonight something VERY strange happened. My Linux machine stopped : responding to my LAN, so I ran "arp -a". Only two machines were listed, but : both had a hardware address of 00:00:00:00:00:00. [more stuff deleted] Some people notice, including me, that ARP did not seems to start up correctly on these .45+ kernels. I had to put in a PING to another machine on my site to get ARP jump-started in my rc.local ... very strange. Steve... ------------------------------ From: mea@utu.fi (Matti Aarnio) Subject: Re: Why doesn't ftp work?? Date: Mon, 10 Oct 1994 19:19:42 GMT tom@metronet.com (Tom Griffing) writes: >The title says it ... Why doesn't ftp work? > >It work from a remote machine with the anonymous user id, >but won't work from any other id. I've modified the >files /etc/ftpusers and /etc/ftpaccess, but am certainly >missing something ... seems like defining a class with >"real" in the typelist doesn't work. > >Can anybody offer any soultions? You may have a version which uses /etc/shadow for the passwords -- or which doesn't, and all other systems use it.. If your /etc/passwd has crypted passwords (12 chars) in the second field, then your system doesn't use shadow-passwords, and your ftpd should neither. (Yes, it did bite me..) >-- > _____________________________________________________ >| Thomas L. Griffing | | >| tom@metronet.com | (214) 352-3441 | >|__________________________|__________________________| /Matti Aarnio ------------------------------ From: dc3i@fermi.clas.Virginia.EDU (Diane L. Calleson) Subject: Re: SLIP w/Dynamic IP Addresses Date: Mon, 10 Oct 1994 23:27:44 GMT HELP!!!! I have tried and tried but still NO luck! Whenever I try to start up DIP dipscript or DIP -t I get: (none): HOst lookup failure Interestingly enough the (none) part is also in my prompt. The default profile has PS1= \h:\s or something.... what is this '\h' supposed to be? I have read lots of other peoples posts who have also had this "hostname lookup failure " error and I tried implementing some of the suggested fixes to no avail.... I still get the same problem. The NAG isn't much help either..... it really doesn't address STANDALONE DIP. What do you do if you don't have a TCPIP network in your home and simply want to use SLIP to get to a DYNAMIC slip server..... I have /etc/hosts with: 127.0.0.1 localhost 127.0.0.1 calleson.virginia.edu calleson 128.143.2.7 nameserver I have all of the nameservers in my resolv.conf My understanding about the dynamic slip is that DIP will go ahead and let you connect then it will let you set up the routes and default etc.... Please help me!!!!! -- Diane L. Calleson calleson@virginia.edu Computer Systems Administrator UVA Dept. of Economics-Rouss Hall B12 UVA Dept.of Mathematics-MAB 127 924-3539 924-3774 ------------------------------ From: joshp@panix.com (Josh N. Pritikin) Subject: Clock freq. for WD90C30?? Date: 10 Oct 1994 19:38:03 -0400 Does anyone have the clock frequencies for the WD90C30 (actually WD90C24)? I tried X -probeonly and I get this, which is wrong: (**) SVGA: chipset: wd90c30 (--) SVGA: videoram: 512k (--) SVGA: clocks: 28.26 28.32 28.27 28.26 28.27 28.27 28.30 28.27 (--) SVGA: clocks: 28.27 28.26 28.27 28.28 28.26 28.27 28.27 28.31 (--) SVGA: clocks: 44.29 (--) SVGA: Maximum allowed dot-clock: 90.000 MHz (--) SVGA: There is no defined dot-clock matching mode "640x480" Any suggestions? Thanks! -- joshp@panix.com ------------------------------ From: aeb@cwi.nl (Andries Brouwer) Subject: Re: catman in linux Date: Mon, 10 Oct 1994 23:21:03 GMT hoang1@litwin.com (Ted Hoang) writes: >Does linux use catman? Linux is an operating system, not a manual pager. But there are several manual pagers around that will use, say, /usr/man/cat1, to save a formatted version of /usr/man/man1, provided that such a directory exists. ------------------------------ From: collieb@iia.org (Bob Collie) Subject: Re: [help] user cannot update password Date: 6 Oct 1994 17:50:29 GMT Andrew_R._Mitz (arm@helix.nih.gov) wrote: : In case this is of some value, running ls -l to see /etc gives: : drwxr-xr-x 10 root root [stuff deleted] etc/ In this case, the values for the /etc directory are not as important as the values for the passwd program. From the root user, you chould do a chown root.root passwd and then make sure that it is set with s [SUID] value. You can correct this by using chmod +s passwd. Let me know if this helps, Bob Collie collieb@iia.org : Any suggestions? : -- andy : -- : ---------------------------------------------------------------------------- : Andrew Mitz, Biomedical Eng., National Institutes | Opinions are mine alone : of Health Animal Center, Poolesville, MD | arm@helix.nih.gov : ---------------------------------------------------------------------------- ------------------------------ From: bigfoot@pentagon.io.com (Bigfoot) Subject: Re: Ftape works...Not yet Date: 10 Oct 1994 20:25:09 -0500 I could not compile ftape1.13b under Linux 1.1.52. Anybody knows if I have to apply some kind of patch to ftape 1.13b, to be able to compile it ? ------------------------------ From: damien@b63519.student.cwru.edu (Damien P. Neil) Subject: Re: Security hole - has noone noticed so far? Date: 8 Oct 1994 06:04:16 GMT In article , Lee Silverman wrote: >There's a good one! A sendmail bug was just reported a few months >ago, adding yet another to the DOZENS of bugs reported about sendmail. Sendmail is used on a very, very large number of machines, however. When a bug is found, it gets fixed. The large user base means that bugs are discovered faster, as well. Incidentally, anyone have a history of Linux bug reports? :> Any system of any real size has bugs. >Sendmail (The standard one, >anyway, 8.6.9) arguably the single hardest unix package to configure >correctly. I really don't think so. Maybe if you decide to write a sendmail.cf from scratch. I can't comment on v5 sendmail (never used it), but v8's .cf generation scripts make setting sendmail up an almost completely painless process. I was able to compile and install sendmail from scratch in a few hours. The one time I tried to install smail from scratch, I spend an entire day wading through the manpage, trying to figure out which configuration file affects which other configuration file. Of course, you can use a canned configuration for smail. (The current one supplied with Slackware appears to contain a major security hole, as has been pointed out.) You can do the same for sendmail. I have a sendmail.cf that should work for just about any machine using only SMTP to deliver mail, with no funny tricks. Funny tricks are possible, but mean you need to modify the configuration file. >Smail is a damn good program, and I use it all the time. I used smail for a while, because everyone told me sendmail was impossibly difficult to set up and configure. Now that I've tried sendmail, I'm never going to go back. >I am going to check out Zmailer 2.97, but in the meantime, for ease >and understandability, and for security reasons, I'm going to stick to >smail rather than risk using sendmail. For reasons including security and ease of use, I'm going to stick with v8 sendmail. The fact that I can easily gain root access on any machine running a current version of smail does not make me especially enthralled with the security of it. It is quite possible that a similar bug lurks in sendmail. However, I'd rather stick with a proven, mature product. Of course, to each his own. If smail does what you want, by all means use it. However, sendmail is not the bug-ridden, horrendously difficult security hole that you paint it as. - Damien ------------------------------ From: tony@teleport.com (Tony Schwartz) Subject: Linux box as Router ?? Date: Fri, 7 Oct 1994 22:41:44 I seemed to have missed the thread that was going a few weeks ago about using a Linux system as a router. If there are any FAQs or other info, please pass it my way. I would love to hear from someone who has used a Linux system as their router. My company is considering doing it for flexibility, cost, etc. Is it a good idea??? Tony Schwartz Transport Logic Portland OR ------------------------------ From: tony@teleport.com (Tony Schwartz) Subject: WANTED: Contract Person for Linux - Routers Date: Fri, 7 Oct 1994 22:43:51 If anyone has some experience in setting Linux up as a router, I would be interested in talking with them. If interested, we might want to contract with that person to get a system setup and operational (router portion). Please reply by email if interested. Tony Schwartz Transport Logic Portland, OR tony@teleport.com (Not related to teleport. Only a client) ------------------------------ From: danpop@cernapo.cern.ch (Dan Pop) Subject: Re: XFree86-3.1 - Whoopee! Date: Mon, 10 Oct 1994 17:05:30 GMT In iialan@iifeak.swan.ac.uk (Alan Cox) writes: >In article <36p94u$ltd@interport.net> carlos@interport.net (Carlos Dominguez) writes: >>Will fvwm and its modules work in Xfree3.11? > >I can't get any of openlook or fvwm to work. I'm inclined to think this is >probably X11R6 incompatibilities with these packages rather than bugs. So >until they appear fixed I shall stay with 2.1.1. > The X11R5 fvwm does work with the Xfree3.1 servers if you still have the X11R5 libraries installed. I've tested it on my laptop with the VGA256 and VGA2 servers. Dan -- Dan Pop CERN, CN Division Email: danpop@cernapo.cern.ch Mail: CERN - PPE, Bat. 31 R-004, CH-1211 Geneve 23, Switzerland ------------------------------ From: sinkr@universe.digex.net (Robert Sink) Subject: Re: Where to find acct for 1.1.49+? Date: 10 Oct 1994 11:32:51 -0400 andrewp@itwhy.bhp.com.au (Andrew PRUSEK) writes: >Some time ago I had the address for the ftp site that had the process >accounting patch for kernel above 1.1.18. >As you may have guessed I have lost this address and therefore am now >begging for someone to enlighten me as to where I might find this. >I have looked in the regular places but have come up empty handed. Good luck -- I have looked hard as well to no avail. I don't understand why it isn't incorporated into the kernel distribution; it is a 'standard' UNIX feature. And comprehensive ICMP support would be nice, too.. But that's in a whole 'nother realm. -- ------------------------------------------------------------------------- |:| Robert Sink | "I don't want to start any blasphemous |:| |:| sinkr@universe.digex.net | rumors, but I think that GOD has a sick |:| |:|--------------------------| sense of humor and when I die I expect |:| |:| (c) 1994 Gurkware, Inc. | to find him laughing." -- Depeche Mode |:| ------------------------------------------------------------------------- *PGP 2.6 Public Key Available By Fingering This Account* *or via the PGP Server: pgp-public-keys@pgp.mit.edu* ------------------------------ From: becker@cesdis.gsfc.nasa.gov (Donald Becker) Subject: Re: eth0: Inf. loop in interrupt, sometimes, with a 3c509 Date: 5 Oct 1994 15:51:00 -0400 In article , Tod Olson wrote: >I'm stumped on this and hoping that one of you kind souls on the net >has a few words of wisdom to share about this problem. Please reply >by email, as this is probably not of general interest. > >I've got an AST Power Premium 4/33 (486, 33MHz, EISA) with a 3Com >3c509 card, and an Adaptek 1510A SCSI card with a Hitachi CDR-6750 CD >drive hanging off of it. I'm running Linux 1.1.0 from the Yggsdrasil >Summer 1994 CD. > >The Problem: networking is unreliable, and I don't know whether to >blame the card, the software, my config files, or the phase of the >moon. > >The Symptoms: Sometimes I boot, log in, and have perfect network >access. Sometime I boot, log in and any network access (eg. ping or >telnet) will cause the following to loop infinitely on the screen: > > eth0: Infinite loop in interrupt, status 2013 This is bad. It probably means the processor couldn't keep up with removing packets from the 3c509. About the only way this could happen is if you had some really slow or processor-intensive device. BTW, I assume you have the card switched to EISA mode, right? That should speed up transfers to the 3c509. >and I have to do a hardware reset. Sometimes I boot, log in, and my >first one or two attempts at network access will generate one of the >following two messages: > > eth0: Missed interrupt, status then 2013 now 2013 Tx 00 Rx 3a1c >or > eth0: transmit timed out, tx_status 00 status 2002 This is a known problem with warm boots -- the interrupt isn't reset. Fixed in the driver for 1.1.52. >Also, syslogd sometimes spews messages like the following until I >reboot; I've noticed no correlation between syslogd's spewage and the >above eth0 messages: > >Sep 29 06:22:25 test-tod routed[32]: adding route to net/host 192.217.215.0 through gateway 192.217.215.0: Network is unreachable Are you running 'routed'? Don't. -- Donald Becker becker@cesdis.gsfc.nasa.gov USRA-CESDIS, Center of Excellence in Space Data and Information Sciences. Code 930.5, Goddard Space Flight Center, Greenbelt, MD. 20771 301-286-0882 http://cesdis.gsfc.nasa.gov/pub/people/becker/whoiam.html ------------------------------ From: mkshenk@u.washington.edu (M. K. Shenk) Subject: Re: Please don't post security holess... Date: 11 Oct 1994 01:19:24 GMT In article <37c7kn$auc@hermes.sibylline.com>, Patrick D. Ashmore wrote: >M. K. Shenk (mkshenk@u.washington.edu) wrote: > > >> Oh, criminals. Give me a break. The criminals are the ones that mess with >> things. > >So, someone who breaks into your house/apartment, looks around, and then >leaves is okay, and not a criminal? > Oh, my. I didn't expect this argument. I am suddenly enlightened. How facile. In the strict denotative sense: someone who breaks the law. Yes they are a criminal. However, most people are unable to think of a criminal as someone who simply has broken the law. They have to be able to think other bad things about the person. It's the law. A set of rules enforced (notice the word force in enforced) by a dominant group holding a geographical area by force. Nothing magical or holy about it. In the best cases it is pragmatic. And that is a good thing. NOTE: first time of many. A dwelling space is not a computer system. Make of this what you will. It is simply a fact. Inferences are yours. > >That's not the point. If security is breached in any way, sensitive >information, etc. may be at risk. > *may* be at risk. National security *may* be at risk. May is different from is. That is *a* point. There are many points. Ooh, *sensitive information* I think you should have used the phrase "could be comprimised" there. It sounds more official and governmental. >> I got in, to get in, or to use a compiler. Nothing criminal about >> that (except in the eyes of the law.) (note here I meant criminal in the sense most people have to think about criminals...my error in being vague.) > >Someone breaks into your house, wanders around, then makes a few phone >calls... Now, tell me... is there anything criminal about that? (He got >in to get in, or to use the telephone.) > Criminal in the strict "against the law" sense. Lack of flexibility denotes a weak mind. Along with the tendency to fight an opponents worst possible meaning rather than a better one. Yes, it is criminal, in its denotative sense. Criminal in my mind? No. If I can be sure he did nothing else and put nobody at risk--I can't be. I said myself I wouldn't like it from an admin's pt of view. But ( a stretch of the imagination here, but go for it...) are you capable of imagining a situation in which this could happen that you'd be ok with, knowing nothing else happened? It all pretty much has to do with expectations--you don't mind folks looking through the glass at the contents of your car (tho not too closely, because this might make you think they wanted to break in) because you expect that. You know not to leave anything you don't want seen there. Your house, different--your personal dwelling space, and animals invest this with a lot of weight..you expect to be able to do what you like without being watched, be safe, leave what you like around. Do you expect these exact things with a computer system? Some of them, if it is a personal system. But it's not a dwelling space, and it can be very easily argued (of course, antyhing can be easily argued by most folks) that infringements on a virtual space, a computer system, should not be treated as seriously as those on a dwelling space. It does not need to be argued that these are sigificantly different things. The big one: no physical danger. This is why humans have and have had such a strong reaction to burglars and trespassers in the past. Also: often no "breaking" occurs in situation 2. Can you differentiate a physical space from a virtual one? Sometimes I think the GUI is a bad thing... It is entirely possible to want to fight dogmatic views even when one is on the same side. I don't want anybody crawling around inside my system. I never said I did. I merely said that responses to this sort of thing can be way off the scale. >> Penetrating the security of a >> computer system is totally harmless in and of itself. > >This is your opinion, and you would probably find that 99% of >administrators will disagree with you. > No. This is a true statement. READ. "In and of itself." Meaning--when the system says "Password:" and I say "Susan" and I hang up, this is totally harmless IN AND OF ITSELF. If 99% of admins disagree, well, then 99% of admins can't think straight. I did not say "just getting in and not doing anything." I said "penetrating the security" and "in and of itself." True statement. A password is not a door. A computer is not a house. Anyone who can not get his mind away from standard ideas long enough to give the issue a thorough turning-over without preconceptions has a weak one. I'm not on the side of system crackers. I am against the side of dogma, even when it seems to do good. Even when people like it. It's still dogma, and evidence of a lapse of critical thought. >> It's the defacing >> of what one finds, or the spreading of info that are the problems, and >> have made folks so paranoid they 'throw the book' at anybody who pokes >> around a little. Hey, I'm gonna see where I can go. > >Where do you draw the line? If someone breaks in, and I know who it is, >I'm not going to simply "bounce them off" and forget about it. I'm going >to make sure this person doesn't get the chance to do it again or worse. > "Where do you draw the line?" My, you are so insightful, Socrates. You draw it where you draw it. Dependant on the situation. Like a flexible human and not a mousetrap. What you are responding to is an imagined threat, not necessarily a real one. You don't know that they will do "worse." How about telling them you know who they are and that they're not welcome? This would've worked every time on me in HS. You jump to the extreme not necessarily out of prudence, but some sort of viciousness. It's ok for admins to keep people out, but do it like a balanced human being and not a rabid dog. Why go to extremes when less will do? Have they personally offended you by getting into your system? Have you allowed animal territorial instincts to extend to a computer system? Is it even yours? (i.e. are you someone's watchdog? you don't even own the system, but the owners count on your territorial instinct to keep their system safe?) Lighten up. Do your job, but "throwing the book" at someone is usually an act of viciousness, a small one. If they make it necessary, sure. Try to think about these people as possibly just curious human beings, rather than having to make them something nasty in your head by imagining what they *might* do. You've got a job to do. Do it. But when I see admins actually brought down to animal viciousness by something like this, it is truly pathetic. > >Breaking into and poking around is bad enough, and I don't consider it >"pathetic and fascist." I consider it secure. (Relatively secure, that >is... if you want a truly secure machine, turn the power off, put it in a >safe, and bury it in 6 feet of concrete.) > Do you have need to be secure? (this is just a question. I'll make a statement when that is what I mean to do.) Are there "trade secrets" "sensitive info" etc? Do you back up your system? How "mission critical" is your system (I hate that cliche.) Ever try a login warning message that sounds like it is from a real person and not out of a law book or "throw-the-book-at-them-speak?" I think often sysadmins respond in a territorial way when "their" system is compromised. Most systems have very little need of security. I think a lot of it is just very self-important. (I know I'll catch flack here..) >> Depends on how ingenious their attempts to enter a system are. This is a >> dogmatic view. "Hacker" and "non-malicious-system-tourist" are not non- >> intersecting sets. Back in HS i performed entries that qualified as >> hacks. > >"Hacker" is not malicious at all... I would consider myself somewhat of a >hacker. You're looking for the word "cracker." (I believe someone pointed >the definitions out... check the jargon300.txt.gz at a GNU site.) No. I'm not. Read. I was stating: "the sets of 1> people who are hackers in its original sense and 2> people who have bypassed security on a system at some point are NOT DISJOINT SETS." "You believe someone pointed the definitions out.." No shit, eh? It was in the post I was responding directly to. That exact paragraph, in fact, is responding to it. You're really paying attention. Inform thyself before you start arguing. I am well aware of what each of the terms means. Don't tell me what I mean. Ask. Now I suggest you go back and read the entire original response, reading only what is there. With your mind and not your emotions. Don't read what you want to. Read what is there. I avoided the word "Cracker" because most folks are not logical beings and the word has emotional baggage and may imply more than I meant. many people append "+smasher" on to the end of "cracker." I was trying to avoid that, and hopefully allow people to see that someone who secussfully logs in to an account that is not his, or finds he is able to get root, is not a bad guy. You may throw the book at him if you like, it is the mental tricks you have to do to do it that disgust me. Not your actions, but muddy thinking. > >Now "Cracker" and "non-malicious-system-tourist" are the same, IMO, if >the "tourist" got in by bypassing system security. > As long as you are not appending "smasher" to "cracker." >> Barring that, I might still poke around. Curiosity is not a crime. > >No, but breaking and entering is. Trespassing is. What is the difference >whaehter they are breaking into your house and looking around, or >breaking into your machine and looking around? > What is the difference? Well, you just stated it. One is breaking into your house, one into your system. If you can't see a difference, you are blind. They are different acts. One is the act of (usually) destroying some locking mechanism to enter the physical dwelling space of one or more people, usually with the intent of leaving with valuable objects. Very few burglars enter w/curiosity in mind. The other is the pressing of various buttons in such a way that one is allowed to enter the virtual space of a computer system. No one "lives" there. No one is going to get shot by this burglar. And his reason is often mere curiosity. He will not leave with physical objects, but info. That info will also still be there if he didn't wreck it. There, many differences. If the only thing you are able to do when faced with new situations is draw (bad) parallels to old situations and act mechanically, you are less than human. Note--above, did I make value judgements on either act? No. I stated facts. Don't assume anything. I don't care about which is 'worse' or relative badness. I care about the fact that you asked "what is the difference?" between two discrete acts. That is frightening. Now go look up "devil's advocate" -- I'm not saying I want intruders in my system or yours--I am saying that there is a lot of dogma and bad thinking going on, and you can oppose something without losing mental integrity to do so. Now, go back and read every word. Don't skip up to something that triggers an emotional response and respond. Read every word. ------------------------------ From: kurtk@ee.ualberta.ca (Kurt Klingbeil) Subject: Solaris secondary DNS can't suck zones from Linux primary DNS Date: 6 Oct 1994 07:21:57 GMT I expect that it's YASB (yet another solaris bug), but would like some insight as to how to debug/workaround the problem. We're using Linux as a primary NS for our subdomain. Everything checks out functionally, with doc, and with dnswalk. Problem is that the SOlaris NS which serves as primary to our parent domain, and secondary to our subdomain, can't suck the fwd and rev zones from our primary. All the other parallel subdomain NS's happen to be Solarii as well. I vaguely remember something about Sun doing some non-standard optimizations, but the other end insists that we're the cause of the problem. ANy ideas ? thx, kk ------------------------------ ** FOR YOUR REFERENCE ** The service address, to which questions about the list itself and requests to be added to or deleted from it should be directed, is: Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU You can send mail to the entire list (and comp.os.linux.admin) via: Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU Linux may be obtained via one of these FTP sites: nic.funet.fi pub/OS/Linux tsx-11.mit.edu pub/linux sunsite.unc.edu pub/Linux End of Linux-Admin Digest ******************************