From: Digestifier To: Linux-Admin@senator-bedfellow.mit.edu Reply-To: Linux-Admin@senator-bedfellow.mit.edu Date: Thu, 1 Sep 94 23:13:14 EDT Subject: Linux-Admin Digest #12 Linux-Admin Digest #12, Volume #2 Thu, 1 Sep 94 23:13:14 EDT Contents: Re: Backing up to QIC-80 (Sid Boyce) Re: help for cpio backup (Richard Lippmann) [Q] chmod setting in /var/spool/mail (B.Bottarelli) Configure OSPF on gated 3.0.3 (Linux)? (Pete Kruckenberg) "newuser" programs? (Emarit Ranu) Re: Q: NFS, Linux -> Macintosh (Michael Firth) Re: Newbie Inetd.conf & telnetd question (andrew.reynhout@analog.com) Re: Re-sizing partitions under linux (Michael Firth) local news (richard) Re: FTP via TERM (Joonwoo Nam) CU sudo version 1.3.1 released (Todd C Miller) Re: Admin utils for linux ? (Darrel Hankerson) Script: Login Stats (George W. Pogue) Re: Pascal and ADA on Linux ? (Alan Cox) Re: NFS/pormapper security bug and fix (Linux) (Thomas Koenig) Re: PLIP: icmp, udp: yes, tcp NO! (Alan Cox) ---------------------------------------------------------------------------- From: szb50@ccc.amdahl.com (Sid Boyce) Subject: Re: Backing up to QIC-80 Reply-To: szb50@JUTS.ccc.amdahl.com (Sid Boyce) Date: Thu, 1 Sep 1994 15:58:25 GMT I do the following to write and extract files ..... tar cfv - . | gzip | dd of=/dev/ftape ** this backs up everything ** dd if=/dev/ftape | tar zxpfv - . *** to restore everything ** dd if=/dev/ftape | tar zxpfv - filename *** full pathnanme omitting the first / . this takes ages as it seems to read the whole tape, rewind and then reads forwards to extract it. I am sure there is a more elegant method .... later .... but it works fine. Regards Sid ... G3VBV ... Amdahl(UK) .... ------------------------------ Date: 31 Aug 1994 10:54:00 +0200 From: horshack@lucy.franken.de (Richard Lippmann) Subject: Re: help for cpio backup Reply-To: horshack@lisa.franken.de swrek@whoa.cosmic.com meinte am 27.08.94 zum Thema "help for cpio backup": > Does anyone have a good example of a cpio backup accross nfs > mounts using some kind of exclude patterns? For instance, I want > to use cpio to backup my network but I don't want to backup > /var/spool and some of the directories in /usr and /sbin. Backup all exclude /var/spool lisa$ cd / lisa$ find . -name var/spool -prune -o -print | cpio -ovcmudB >/dev/tape Greets Horshack -- horshack@lisa.franken.de Nur Beamte koennen... ... wie Beamte denken ------------------------------ From: bruno@vaimo.cce.unipr.it (B.Bottarelli) Subject: [Q] chmod setting in /var/spool/mail Date: 1 Sep 1994 15:04:54 GMT Hei dude!! We have installed Slackware Linux 1.0.8 on a 486 based PC. I have notice this _strange_ chmod setting into the directory /var/spool/mail drwxrwxr-x 2 root mail 1024 Sep 1 16:07 ./ drwxr-xr-x 19 root root 1024 Jun 6 11:34 ../ -rw-rw---- 1 paolo staff 0 Sep 1 13:47 paolo -rw-rw---- 1 marco guest 0 Jul 25 16:06 marco -rw-rw---- 1 stefan guest 10706 Jun 17 15:02 stefan -rw-rw---- 1 pier guest 0 Aug 31 00:00 pier ^^------- ???????????? This means that all the user in the same group can read their mail each other and this in in contrast with the privacy rules. I can change the modes via chmod every time I add a new user, but is there a way to avoid this automagically?? Thank you. Bruno. ------------------------------ From: kruckenb@sal.cs.utah.edu (Pete Kruckenberg) Crossposted-To: comp.protocols.tcp-ip Subject: Configure OSPF on gated 3.0.3 (Linux)? Date: 1 Sep 1994 17:07:53 GMT I need to figure out how to set up OSPF routing on my Linux (1.1.18) gateway. I'm using gated 3.0.3, with a current RIP configuration. Unfortunately, our new Internet access provider uses OSPF (only), and I've never used OSPF. What kinds of information do I need to get from them? I've got a few sample configurations (from the gated 3.5 Alpha) that have OSPF stuff, but I don't know if they'll even work (so far they haven't). I have tried a few things (ospf yes; in the gated.conf), but gated -c always gives a "parsing error at ospf", so I assume either gated doesn't support ospf (though it says it does), or I have to give it some more information. Also, will I have to have my Internet provider "feed" me OSPF updates (as I had to do with RIP)? Actually, the best thing would be to give me a good source on gated and OSPF configuration. The O'Reilly _TCP/IP_Network_Administration_ is pretty out of date on gated and OSPF, so a more up-to-date source would be great. I would appreciate any response on this, and the sooner, the better. I'm working on this right now, and need help. If possible, email to pete@dswi.com or kruckenb@sal.cs.utah.edu would be best, and I will summarize to this group. Thanks. Pete. ------------------------------------------------------------------------ Pete Kruckenberg School: kruckenb@sal.cs.utah.edu University of Utah Work: pete@dswi.com Computer Engineering For even more addresses, "finger pete@dswi.com" ------------------------------ From: drranu@lamar.ColoState.EDU (Emarit Ranu) Subject: "newuser" programs? Date: 31 Aug 1994 17:33:57 -0600 Any good "newuser" programs available for Linux? -- -Emarit drranu@lamar.ColoState.EDU KG0CQ _._ __. _____ _._. __._ -- -Emarit drranu@lamar.ColoState.EDU KG0CQ _._ __. _____ _._. __._ ------------------------------ From: mfirth@visual.bt.co.uk (Michael Firth) Subject: Re: Q: NFS, Linux -> Macintosh Date: 1 Sep 1994 15:25:49 GMT For the record there IS a program to let you access HFS 1.44MB floppies from Linux, in the same way as mtools lets you for DOS floppyies. It's called xhfs, and is available in the utils/disk-management directory on Sunsite as xhfs0_3.tgz It works well enough for my purposes, but I can't wait for something better. Michael mfirth@cee.hw.ac.uk ------------------------------ Crossposted-To: comp.unix.admin From: andrew.reynhout@analog.com Subject: Re: Newbie Inetd.conf & telnetd question Date: Thu, 1 Sep 1994 22:14:47 GMT In article <3442uu$kj5@news.ysu.edu> s0017210@cc.ysu.edu (Steve DuChene) writes: >Rashid Karimov (root@sarnode.saratov.su) wrote: >: Hi ! > >: : S. Kharbanda TM (anam@netcom.com) wrote: >: : : I am trying to setup our internet server to accept telnet connections at >: : : a specific port and directly login to an account (so that the user does >: : : not see a login prompt). Any ideas on how i go about doing this ? >: : : I have seen it done, just don't see how to do it, have looked at the >: : : inetd.conf file trying to figure it out... > Stuff deleted... >: I'd just say this is _real security hole. You( i mean Mr.Kharbanda) > > I would have to agree with the above opinions! If someone tried to > do this sort of thing on our campus I couldn't imagine the uproar > in the computer center! If you don't realize it puting this sort of > account on the Internet is a security hole that affects everone with a > computer on the net not just your installation. I would imagine your > network provider could easily yank your connection if a problem arose > because of this practice. Calm down guys. It's no more unsafe than a passwordless account. Remember, he never said he was going to log this account into a shell. And BTW- him putting this kind of account on the Internet is absolutely no threat to the security at my site. And if you're doing your job, it isn't a threat to your site either, any more than all the newly created student accounts at schools across the world are. -- Andrew Reynhout Analogue Devices, 3 Technology Way (617)461-3987 fax: -4241 Norwood, Massachusetts 02062-2634 meow ------------------------------ From: mfirth@visual.bt.co.uk (Michael Firth) Subject: Re: Re-sizing partitions under linux Date: 1 Sep 1994 15:33:17 GMT Barber Dan (barber@sde.mdso.vf.ge.com) wrote: : I have a question about re-sizing existing linux partitions. : I have allocated 200MB Linux. I originally created a partition : /hda2 of 100MB, and /hda4 of 100MB. Root is mounted on hda2 : and /usr is mounted on /hda4. Being an admin novice, I have : found my partitioning ratio to be incorrect. I should have : allocated 150 to /usr and 50 to root. Can I change this? : Can I mount a sub-directory from one partion to the next ? : Thanks for your help and patience! You could probably get around your difficulty with Symbolic links. For example: cd / mkdir things cd things (cd /usr ; tar cf - X386 ) tar xvf - rm -rf /usr/X386 << Check that the previous step worked before doing this !! cd /usr ln -s /things/X386 . This would move the directory /usr/X386 into a directory called /things/X386, which would occupy space on your oversized root partition, and free space on your /usr partition. You could change X386 to any directory of your choice in /usr. E-mail me if there are any problems. Michael Firth mfirth@cee.hw.ac.uk ------------------------------ From: rpritz@panix.com (richard) Subject: local news Date: 1 Sep 1994 20:06:02 -0400 I'd like to create some local newsgroups that users can read with tin. I assume i'd need something like c news or inn to administer this? if so, which is better/easier? or is there another way? ------------------------------ From: nam@risky.ecs.umass.edu (Joonwoo Nam) Subject: Re: FTP via TERM Date: 31 Aug 1994 23:49:44 GMT Jagadeesh Krishnamurthy Venugopal (jkvg@everest.ccs.neu.edu) wrote: : Hi. : Unfortunately redirecting FTP this way fails. Ftp logs the user in but then : hangs and has to be killed. I have absolutely no idea why this is so. : If anyone has telnet and ftp running via term, could you please clue me in on : this? Try getting sunsite.unc.edu:/pub/Linux/apps/comm/termstuff/ftpd-term.tar.gz README.xxxx files will help configuring your box as ftp site. J. -- ======================================================================== Joonwoo Nam nam@nazgul.ecs.umass.edu Dept. of Electrical and Computer Engineering office: 413-545-4762 University of Massachusetts at Amherst fax : 413-545-4611 ======================================================================== ------------------------------ From: millert@clytemnestra.cs.colorado.edu (Todd C Miller) Crossposted-To: comp.unix.admin,comp.unix.aix,comp.sys.convex,comp.sys.hp.hpux,comp.sgi.admin,comp.sys.next.sysadmin,comp.unix.osf.osf1,comp.sys.sun.admin,comp.unix.ultrix Subject: CU sudo version 1.3.1 released Date: 31 Aug 1994 22:46:55 GMT Version 1.3.1 of the CU version of sudo has been released. Sudo is a program that allows a system administrator to give limited root access to users and logs copiously. Version 1.3.1 is based on The Root Group's sudo 1.1 and is covered under the GNU Copyleft. The differences between 1.3 and 1.3.1 consist mostly of bug fixes, minor featur additions, portability changes, and code reorganization. See the CHANGES file for all the gory details. Some of the changes include: Native solaris support, bsd compatibility libraries are no longer necesary for *any* architecture, posix functionality is used if present (signals, sysconf(), etc), -V, -v, and -k flags, shadow password support for some architectures, a configure script, and more. If you are running an older version of sudo I would highly suggest that you pick up the latest version. CU sudo 1.3.1 is known to work on the following platforms: AIX 3.x 4.3 BSD (including MORE/BSD) BSDI (BSD/386) ConvexOS 9.1 (C2 support untested) HP BSD 2.0 HP-UX 8.x and 9.x (w/ or w/o shadow passwords, see INSTALL) Irix 4.x and 5.x KSR OS Linux (shadow password support untested) NextStep 2.x and 3.x DEC OSF/1 1.x and 2.0 SunOS 3.5 and 4.x Solaris 2.x Ultrix 4.x (w/ or w/o enhanced security, see INSTALL) CU sudo 1.3.1 is available via anonymous ftp from ftp.cs.colorado.edu as pub/sysadmin/utilities/cu-sudo.v1.3.1.tar.Z - todd -- Todd C. Miller Sysadmin--University of Colorado millert@cs.Colorado.EDU ------------------------------ From: hankedr@mail.auburn.edu (Darrel Hankerson) Subject: Re: Admin utils for linux ? Date: Wed, 31 Aug 1994 23:38:07 GMT In article <33voc3$j37@rzsun02.rrz.uni-hamburg.de> hamdy@rzdspc1.informatik.uni-hamburg.de (Safuat Hamdy) writes: I started to write an accounttool under XView, which I considered as the starting point for a series of tools for the administrator. It should add/modify/remove users from the system [...] I heared about some tools writen with tcl/tk, but that's long ago and I've never seen them. You may be thinking about UserMaint. These are used in the Yggdrasil distribution, and they are nicely done. (There is a problem in editing GID, however.) I'd volunteer for contibutions to such a project _if_ there will be a team. I've seen recent reports of several different projects. I'm new to Linux, but UserMaint looks like a very good starting point. -- --Darrel Hankerson hankedr@mail.auburn.edu ------------------------------ From: gwp@dithots.org (George W. Pogue) Subject: Script: Login Stats Date: Thu, 1 Sep 1994 14:08:36 GMT Ok, ok, don't sweat this one too much. I often write scripts just to learn something. This one was an excersize in gawk again. It process the /var/adm/wtmp file via the last command. It generates an output that could be useful to some. If you check the top of the file you'll note some parameters you can pass it. If you'll run it in a cron job once a month with the write option it'll keep running stats available that can be accessed. Really, simply, my /var/adm/wtmp was huge and I wanted a way to not lose all the information in it, but to also be able to delete it once a month. So I wrote this script. If you have any questions or comments, please let me know. #!/bin/ksh #************************************************************************* #* Program Name: User totals for /var/adm/wtmp #* Filename: LOGNSTAT #* Design: To generate user stats #* Author: George W. Pogue #* Date Created: August 31, 1994 #* Date Updated: September 1, 1994 #* Version: 2.0 #* #* 1989. Pogue Technologies Inc. Woodstock, Georgia. USA. #* 1990. Pogue Technologies Inc. Arlington, Texas. USA. #* 1991. Pogue Technologies Inc. Duluth, Georgia. USA. #* 1992. Pogue Technologies Inc. New London, North Carolina. USA. #* 1994. Pogue Technologies Inc. Roswell, Georgia. USA. #************************************************************************* # Set temporary variables INFILE=/var/adm/usertotal.log OUTFILE=/dev/null ONLYDO=ALL TMPFILE=/tmp/userstat.$$ # Are there any parameters? Check them out! invar=x$1 case $invar in xwrite) DOGLOBAL=YES; OUTFILE=$INFILE ;; xmonth) ONLYDO=month ;; xday) ONLYDO=day ;; xuser) ONLYDO=user ;; xmid) ONLYDO=mid ;; xtty) ONLYDO=tty ;; xglobal) DOGLOBAL=YES ;; *) ;; esac # Get the user stats! last >$TMPFILE # Begin processing the script cat $TMPFILE | awk ' BEGIN \ { # Define all the header and format statements hdr["user"]=" User Name Connections Total Time\n" hdr["tty"]=" TTY Name Connections Total Time\n" hdr["month"]=" Calendar Month Connections Total Time\n" hdr["day"]=" Calendar Day Connections Total Time\n" hdr["mid"]=" IP Connection Connections Total Time\n" hdrres="-------------------- ----------- ----------\n" fmt1="%20s %11d %10d\n" fmt2="%s %s %d %d\n" # Define all the areas! area["month"]; area["day"]; area["user"]; area["tty"]; area["mid"]; # Do we need the global values? if (match('\"$DOGLOBAL\"',"YES")) # Now read the file of values while (getline <'\"$INFILE\"' > 0) { # Is this the total line? if (match($1,"total")) { # Store the total total_c = $3; continue; } # Grab the existing values for (k in area) \ { # Have we found a match? if (match($1,k)) { # Store values in array stats[$1,$2] = $3; times[$2] = $4; } } } } { # Check the lines and make sure they are ok if (length($0) > 80) next; if (length($0) < 5) exit; # Make sure everything is correct if ( ! $2 ) next; # Grab the user definitions stats["user",$1] += 1; # Grab the tty definitions stats["tty",$2] += 1; # Check and see if we have got a valid third field if ( length($3) > 3 ) \ { # Grab the middle information stats["mid",$3] += 1; # Grab the month definitions stats["month",$5] += 1; # Grab the day definitions stats["day",$4] += 1; # Grab the time timer = $10; } else \ { # Grab the month definitions stats["month",$4] += 1; # Grab the day definitions stats["day",$3] += 1; # Grab the time timer = $9; } # Grab the hours & mins if (timer) if (index(timer,":")) { # Calculate the time timevalue = ((substr(timer,2,2) * 60) + (substr(timer,5,2))); # Store the time value times[$1] += timevalue; times[$2] += timevalue; times[$3] += timevalue; times[$4] += timevalue; times[$5] += timevalue; } # Increment the total counters total_c += 1; } END \ { # Process each area for (item in area) \ { # Check and see if this is what we need to display if (! match('\"$ONLYDO\"', "ALL")) if (! match('\"$ONLYDO\"', item)) continue; # Print header printf("\n%s%s", hdr[item], hdrres); # Process the statistics array now! for (stat in stats) \ { # Is this one of the ones we want to printout? if (index(stat,item)) { # Setup the item index itemindex = substr(stat, length(item)+1); # Must do this since two funny characters end up at beginning itemindex = substr(itemindex, 2); # Reset values timevalue = 0; # Grab times #for (tt in times) \ # if (match(itemindex,tt)) timevalue = times[itemindex]; # Now print the results printf(fmt1, itemindex, stats[stat], timevalue); printf(fmt2, item, itemindex, stats[stat], timevalue) > '\"$OUTFILE\"' } } } # Print Total printf("\nTotal connection: %d\n\n", total_c); printf(fmt2, "total", "total", total_c, total_c) >> '\"$OUTFILE\"' }' # Remove temporary files rm -f $TMPFILE ------------------------------ From: iialan@iifeak.swan.ac.uk (Alan Cox) Subject: Re: Pascal and ADA on Linux ? Date: Thu, 1 Sep 1994 11:06:23 GMT In article <1994Aug27.134540.394@schbbs.mot.com> RHK973@paccvm.corp.mot.com (K.K. Tung) writes: >Anyone know where to get a copy of the PASCAL or ADA >to run on the Linux ? Gnu pascal is in testing but seems not bad (its in with the debian release bits). There is also p2c (pascal to C) which can be combined with gcc to build pascal stuff. As to ADA there is GNATS in development, and I believe some kind of interpreted ada environment around too. Alan -- ..-----------,,----------------------------,,----------------------------,, // Alan Cox // iialan@www.linux.org.uk // GW4PTS@GB7SWN.#45.GBR.EU // ``----------'`----------------------------'`----------------------------'' ------------------------------ From: ig25@fg30.rz.uni-karlsruhe.de (Thomas Koenig) Subject: Re: NFS/pormapper security bug and fix (Linux) Date: 1 Sep 1994 22:20:51 GMT Reply-To: Thomas.Koenig@ciw.uni-karlsruhe.de H. Peter Anvin (hpa@ahab.eecs.nwu.edu) wrote in article : >By author: Thomas.Koenig@ciw.uni-karlsruhe.de >> >> Also note that there's a bug in all libc versions up to 4.5.26 (at >> least) which throws the portmapper into a forking loop under some >> conditions. To avoid this, you'll need to use one of the newer kernels >> with the CONFIG_I_AM_A_BROKEN_BSD_WEENIE option, or apply the (binary) >> patch to libc 4.5. 26 contained in portmap_3_rpcfix.shar.gz (to be >> found in sunsite's Incoming). >> >Dumb question: is the idea that we should ENABLE or DISABLE the >CONFIG_I_AM_A_BROKEN_BSD_WEENIE option? You've got two choices: either enable the option in the kernel, or patch your libc. Either will work. Sorry if this was less than clear :-) -- Thomas Koenig, Thomas.Koenig@ciw.uni-karlsruhe.de, ig25@dkauni2.bitnet. The joy of engineering is to find a straight line on a double logarithmic diagram. ------------------------------ From: iialan@iifeak.swan.ac.uk (Alan Cox) Subject: Re: PLIP: icmp, udp: yes, tcp NO! Date: Thu, 1 Sep 1994 11:09:34 GMT In article rbsmith@somnet.sandia.gov (Randall B Smith) writes: >I have the 1.1.18 OS running on two machines (Slakware 2.0) and >I am trying to get PLIP going. Ping (icmp) and tftp (udp) work Upgrade both machines. The TCP code in 1.1.18 knows that tcp frames from a multicast source are illegal. Alas the older PLIP makes up a fake multicast not unicast physical address. Thus you need to upgrade both ends. Alan -- ..-----------,,----------------------------,,----------------------------,, // Alan Cox // iialan@www.linux.org.uk // GW4PTS@GB7SWN.#45.GBR.EU // ``----------'`----------------------------'`----------------------------'' ------------------------------ ** FOR YOUR REFERENCE ** The service address, to which questions about the list itself and requests to be added to or deleted from it should be directed, is: Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU You can send mail to the entire list (and comp.os.linux.admin) via: Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU Linux may be obtained via one of these FTP sites: nic.funet.fi pub/OS/Linux tsx-11.mit.edu pub/linux sunsite.unc.edu pub/Linux End of Linux-Admin Digest ******************************