From: Digestifier To: Linux-Admin@senator-bedfellow.mit.edu Reply-To: Linux-Admin@senator-bedfellow.mit.edu Date: Tue, 11 Oct 94 06:13:45 EDT Subject: Linux-Admin Digest #174 Linux-Admin Digest #174, Volume #2 Tue, 11 Oct 94 06:13:45 EDT Contents: Re: Experiences with Archive's Python Re: /etc/utmp not writable by xterm's. Why? (Jim Ockers) Re: mpeg_play for linux (Tom Vaughan) Re: Please don't post sec (Riku Saikkonen) sendmail + _IDA_ ? (Riku Saikkonen) Re: Yggdrasil & large SCSI disk??? (Jeff Kesselman) Re: what's wrong with my agetty? (Kenneth H. Gantz) Re: Please don't post security holess... (S L Herbert) Re: SCSI vs IDE (Alan Cox) Re: SCSI vs IDE (Alan Cox) Re: Inn on a Linux box! (Kenneth Tan) where does screenlock get passwd from? (Kenneth H. Gantz) Re: Problem allowing users to mount floppies (Uwe Bonnes) Smail: How to set sender name? (Ted Harding) Cron Problems - Script runs from shell but not cron (Ted Harding) Re: What's failed after Bogomips (Eberhard Moenkeberg) Re: Ftape works...Not yet (Janne Sinkkonen) Where to find acct for 1.1.49+? (Andrew PRUSEK) ---------------------------------------------------------------------------- From: Subject: Re: Experiences with Archive's Python Date: Mon, 10 Oct 94 10:51:28 CST Reply-To: On 8 Oct 1994 16:40:06 -0500, Louis LaBash wrote: >Hi, >I'm soliciting experiences with Archive's "Python" tape drives, >either 430NT, or 4520 models. > >Thanks. >Louis-ljl-{labashl@daisy.ac.siue.edu} > Louis, We use the 430NT. Had some problems with an earlier kernel (.99pl15) and the GNU-mt program unable to do "setblk". Upgraded to 1.0.9 and was able to use "setblk". The thing works fine. ====================================================================== Robert J Brashear brashear@oneoff.com Technical Services Manager 76450.3557@compuserve.com The One-Off CD Shop Minneapolis 74660.2625@compuserve.com 612-374-4643 (voice) 612-374-3901 (fax) ------------------------------ From: ockers@carnot02.maem.umr.edu (Jim Ockers) Subject: Re: /etc/utmp not writable by xterm's. Why? Date: Sun, 9 Oct 1994 22:07:25 GMT Reply-To: ockers@umr.edu Lars Hofhansl (lars@hboix1.enet.dec.com) wrote: : In article <1994Oct4.164349.8307@excaliber.uucp>, joel@wam.umd.edu (Joel M. Hoffman) writes: : > : >The /etc/utmp file doesn't seem to record any logins via xterms --- : I noticed this behavior too, and I wondered how the good old : xterm managed writing to utmp. It's quite simple: xterm is setuid root. : So I set rxvt uid root, and it works. : So far I could not see any security holes... Is that true?! As I understand it having suid root xterms is a security hole, although I can't give a specific example. It just makes me nervous. I don't know what would happen on a suid root xterm if someone were to do something like xterm -e . Regardless, the problem seems to be non-init clients (such as xterm or rxvt) reporting themselves to init as logins. xdm actually supports this; look into the sessreg command. I have been unable to get sessreg to work however because the sysVinit that I have does wierd things with utmp and wtmp such that sessreg cannot write to them. I have not seen a drop-in solution to the sessreg problem and am still waiting to see if one turns up. I have a program that someone wrote which handles the sessreg function but the author said that it functioned unreliably when he started using a getty on his modem; then init was messing up the utmp and wtmp files and his program was unable to write to them correctly. If you want to see the program I can mail it to you... However if someone telnets in and starts an xterm then sessreg wouldn't see it and you still wouldn't have a record of the login. -- Jim (ockers@umr.edu) Ask me about Linux! PGP public key available upon request, or from my web pages. GE d? p c++ l++ u++ e++ m++(--) s n-(+) h+ f !g w+ t+ r !y home page ------------------------------ From: vaughan@beast.nhn.uoknor.edu (Tom Vaughan) Subject: Re: mpeg_play for linux Date: 7 Oct 94 15:10:52 GMT klevemmc@miner.usbm.gov (Klevemann) writes: >Anyone know where I can get an mpeg_play for linux ? grep INDEX.whole from sunsite.unc.edu Thomas ------------------------------ Subject: Re: Please don't post sec From: riku.saikkonen@compart.fi (Riku Saikkonen) Date: Mon, 10 Oct 94 20:17:00 +0200 >>I'm rather unconfortable with the posting of all of these security holes. >I disagree completely. This information should be disseminated freely. >I want to know everything about any real or potential security problems >with my computer. The reasons for this should be obvious. Linux, in I too am for reporting everything at once. How else will the things get fixed? And, the truth often is that once someone discovers a security hole, it soon spreads to the 'crackers'. Isn't it better for every sysadmin to know and be able to fix the thing than for only a small group of crackers to know it? -=- Rjs -=- riku.saikkonen@compart.fi - IRC: Rjs "From cavern pale the moist moon eyes / the white mists that from earth arise / to hide the morrow's sun and drip / all the grey day from each twig's tip." - J. R. R. Tolkien ------------------------------ Subject: sendmail + _IDA_ ? From: riku.saikkonen@compart.fi (Riku Saikkonen) Date: Mon, 10 Oct 94 20:17:00 +0200 Stupid question, I know... What is the difference between sendmail and sendmail+IDA? E-mail, I'll summarise. -=- Rjs -=- riku.saikkonen@compart.fi - IRC: Rjs "From cavern pale the moist moon eyes / the white mists that from earth arise / to hide the morrow's sun and drip / all the grey day from each twig's tip." - J. R. R. Tolkien ------------------------------ Crossposted-To: comp.os.linux.help From: jeffpk@netcom.com (Jeff Kesselman) Subject: Re: Yggdrasil & large SCSI disk??? Date: Sat, 8 Oct 1994 20:24:43 GMT In article <372d0l$don@news.onramp.net>, wrote: > >In article , writes: >> >> I dunno if this will help you any, but what I did with my ncr5380 generic >> driver (which can't read geometry either) was to boot up DOS and run my >> old DOS format utility (SpeedStor in my case) and it showed me the right >> values for the drive, which I then wrote into the front of my linux manual. >> > >Jeff, > >as it turned out, the Summer '94 Yggdrasil has a Rev. B boot diskette >(available via ftp) which supports the NCR 53C810 SCSI chip. So you can >install Linux this way. But since the 1.0.19 kernel is not on the CD-ROM, >it does not get copied to the SCSI disk - and you get an unbootable >system. Is this different from the ncr5380 driver that is on the fall94 cd-rom? I'm wondering because I'm currently using that driver with my Trantor 130B, an if there is a newer more rpeferrabled river I'll switch (I have rev b., but I haven't really examined it beyond getting my sony-cd to work.) > >This is probably good enough if you have an IDE disk plus a SCSI disk >hanging off the NCR chip. Then you can install from CD-ROM with the Rev.B >boot disk and replace the kernel by the one from the boot disk. But it >doesn't work too well if the SCSI disk is all you have. I may be dense, but I'm not following this. Once I found out my disk geometry using speedstor, I was able to enter it with linux fdisk and parition my drive. I boot fine at the moment, though not off of my HD becuase I haven't installed the cd-rom fix yet (new kernel from rev. b). As I understand the situation (and I may be wrong...) is that the only time Linux actually needs the disk geometry info is during lILO boot (I'm pretty sure I read that somewhere.) There is a table you can hand to LILO that will set the gemoetry staticly in cases like mine, which was what I was planning on doing some weekend when I had nothing better to do. (Altough if this new rev b. kernel fixes the problem, I guess Ill just finish installing it.) In any case, my setup at the moment looks like this: Floppy Drive A: - Boot Disk /dev/hda - Small DOS parition and large swap partition /dev/sda1 - root partition /dev/sda2 - 'home' partition ------------------------------ From: kgantz@iglou.iglou.com (Kenneth H. Gantz) Subject: Re: what's wrong with my agetty? Date: Sun, 9 Oct 1994 00:02:50 GMT gert@greenie.muc.de (Gert Doering) writes: >kgantz@iglou.iglou.com (Kenneth H. Gantz) writes: >>I'm trying to add a dumb terminal to my linux machine. >>Here's what I've done so far. I've connected an ADDS terminal >>to my comm 3 port via a null modem cable. I placed the following >Just a guess: try a full-featured cable, or change your cable to make sure >that the CTS, DSR and DCD lines are active on the Linux side (wire them to >DTR). Possibly the kernel flow control gets confused by not connected >(i.e. floating) control lines. >gert >-- >Yield to temptation ... it may not pass your way again! -- Lazarus Long > //www.muc.de/~gert >Gert Doering - Munich, Germany gert@greenie.muc.de >fax: +49-89-3243328 gert.doering@physik.tu-muenchen.de Actually, now that I've done some more testing, I think I have a plain old irq conflict. I have a mouse on com 2, my modem on com 1 and the dumb terminal on com 3. According to everything I've read com 1 and com 3 share the same irq as does com 2 with com 4. My BIOS lets me choose different irq settings from what the defaults are supposed to be but I noticed that when I boot linux it says that com 1 and 3 are set to irq 4 (even though my BIOS says com 1 is on 4 and com 3 is on 5). I tried moving the dumb terminal to com 4 and it worked fine but, as expected, my mouse died. So how is one supposed to get the convenience of a mouse and a modem and still be able to connect an dumb terminal at the same time? -- Ken Gantz kgantz@iglou.com Work - 502.329.3724 IT IS NOT A PROBLEM OF WHETHER MACHINES THINK, FAX - 502.329.6199 BUT WHETHER MEN DO. - B.F. Skinner ------------------------------ From: cs1slh@stoat.shef.ac.uk (S L Herbert) Subject: Re: Please don't post security holess... Date: 10 Oct 1994 19:15:55 GMT Isis Leslie (sheela@er7.rutgers.edu) wrote: : I'm rather unconfortable with the posting of all of these security holes. : For a while I was under the impression that this was a no-no, and that : while sure, posting a "fix" or "work around will tell those in the know : just what the whole is, at least it makes it a little tougher. Go read comp.unix.security, where there's a lot more information on this. Having the *complete* information on what a fault is can be essential - if you are running a network which includes machines of different types, being able to check the bug on all these machines makes a big difference. Simply knowing there is an unspecified bug for a small list of platforms is hardly ideal - how do you know that whoever compiled the list bothered to check all your platforms? : I had the smail hole fixed for a while, but none the less imediately after : the post to the announce group I had about 15 incidents of people trying to : mail to /etc/passwd. (Remotely and they were too stupid to not make it : so I couldn't get their user id's...go figure) If someone uses this stuff to break your box - that's what the police are there for. Just because you give someone a car, it don't mean that they've the right to run you down. Stuart -- Stuart Herbert Academic Computing Services, University of Sheffield UNIX Support (0114) 282 4254 (External) / Ext 4254 (Internal) ------------------------------ From: iialan@iifeak.swan.ac.uk (Alan Cox) Subject: Re: SCSI vs IDE Date: Mon, 10 Oct 1994 18:42:08 GMT In article wvi@dasc.nl (Wouter Visscher) writes: >every disk attached to without having to wait for the disk ( controller ) >to finish, this in contrast with IDE where you wait. For this reason >the new ENHANCED IDE has two busses 1 for fast devices and one for slow >devices, notably cdroms. Even with SCSI you often have two scsi controllers as CD-ROMS often tie the bus for ages with their low transfer rate. I'm in the middle of finishing sorting out our computer society system once we get a bigger case - then it will be 2 IDE controllers, 3 IDE drives, 2 SCSI drives on a SCSI controller, 4 serial ports, 3 parallel ports, ethernet and floppy on one ISA bus. I suspect bus contention becoming a performance issue 8) Alan -- ..-----------,,----------------------------,,----------------------------,, // Alan Cox // iialan@www.linux.org.uk // GW4PTS@GB7SWN.#45.GBR.EU // ``----------'`----------------------------'`----------------------------'' ------------------------------ From: iialan@iifeak.swan.ac.uk (Alan Cox) Subject: Re: SCSI vs IDE Date: Mon, 10 Oct 1994 18:47:55 GMT In article <36t84s$pb0@dhp.com> panzer@dhp.com (Panzer Boy) writes: >Umm, I have three LED's on my computer, plus a panel for stupid speed. I >have 3 drive controllers hooked up to the "HD, Turbo, and Power" LED's. >I don't anyone who uses turbo for more than minor kicks, and if you can't >tell you're computer is on, maybe you need your head examined. Of >course, if you only have 1 led, this could be a problem. Definitely we need more LEDs. I've got the turbo wired to the carrier detect on the amateur radio PI2 card 8) Alan -- ..-----------,,----------------------------,,----------------------------,, // Alan Cox // iialan@www.linux.org.uk // GW4PTS@GB7SWN.#45.GBR.EU // ``----------'`----------------------------'`----------------------------'' ------------------------------ From: kenneth@bbs.sas.ntu.ac.sg (Kenneth Tan) Subject: Re: Inn on a Linux box! Date: 8 Oct 1994 01:20:52 GMT Nathan Stratton (nstn@netcom.com) wrote: >This is what my syslog look like: >Oct 2 16:46:23 NovaNet innd: ME bad_newsfeeds no feeding sites in /usr/lib/news/newsfeeds make sure you have the entry: ME\ :*,!control,!junk:: >Oct 2 16:46:24 NovaNet innd: ME internal no control and/or junk group You will also have to create (just for the heck of it), two newsgroups, known specifically as "control" and "junk". Just put these into the /usr/lib/news/active file (the hard way). The proper way is to use ctlinnd to create the groups for you (dunno how... just do it the hard way:) Good Luck! Kenneth "Automan" Tan ------------------------------ From: kgantz@iglou.iglou.com (Kenneth H. Gantz) Subject: where does screenlock get passwd from? Date: Sun, 9 Oct 1994 00:12:08 GMT I sure home someone can help me with this. I just finished installing util-linux-1.10.bin.gz and I thought I followed the instructions and warnings carefully but now I have a problem. If I lock the screen with xlock it doesn't believe my password when I try to unlock the screen. I have no trouble logging into multiple virtual consoles so I know both I and my system know the correct password. This happens to all user accounts. How do I get xlock to believe real passwords again? -- Ken Gantz kgantz@iglou.com Work - 502.329.3724 IT IS NOT A PROBLEM OF WHETHER MACHINES THINK, FAX - 502.329.6199 BUT WHETHER MEN DO. - B.F. Skinner ------------------------------ From: bon@lte.e-technik.uni-erlangen.de (Uwe Bonnes) Subject: Re: Problem allowing users to mount floppies Date: Sat, 8 Oct 1994 09:27:57 GMT Jonathan Mohr (mohrj@augustana.ab.ca) wrote: > I added a line to /etc/fstab to try to allow users to mount floppies on /mnt: > /dev/fd0 /mnt msdos user,rw,noauto,sync > However, when trying to mount a floppy as a normal user, I got the error > message: > can't create lock file /etc/mtab~: Permission denied > To avoid this, should I: > 1. Make /etc writable by users? [Seems like overkill] > 2. Make 'mount' suid? [Sounds dangerous] > 3. Use the package 'usermount' instead? If you have an unpatched 1.1.51 kernel, get 1.1.52. It fixes some floppy-bugs. Even more recent floppy-developments can be followes on ftp.imag.fr:pub/Linux/ZLIBC. -- Uwe Bonnes bon@lte.e-technik.uni-erlangen.de ------------------------------ From: Ted.Harding@nessie.mcc.ac.uk (Ted Harding) Subject: Smail: How to set sender name? Date: 11 Oct 1994 05:38:17 -0400 Reply-To: Ted.Harding@nessie.mcc.ac.uk (Ted Harding) I too have got precisely as far as Andy Dickinson (see below) and encountered exactly the same problems. The only solution I have been able to implement is to create a user account on my own machine in the same name ("efh") as on the mail-server wich I connect to, and to be logged in on my own machine as "efh" for mail purposes, even though I would like to send mail from "root" or "ted" on my machine. This is feasible, even though inconvenient, on a Linux machine because of tghe ease of switching between virtual consoles. Using "selection" to copy chunks of text between consoles also helps. My smail is Smail3.1.28.1 #28.1. *** I would however like to ask for anyone who knows how "smail" *** *** works to explain why the "sender_env_variable" option in the *** *** smail config file apparently does not work - or how to get *** *** it to work. Alternatively, since there is apparently scope *** *** for the config file to do some processing in its programming *** *** language, is there something one can do on this front? This *** *** would enable something else which would be very useful: my *** *** wife also uses the machine, so a config which could achieve *** *** the following would be very helpful: *** *** *** *** if $user="ted" or $user="root" then user="efh" *** *** else if $user="cigdem" then user="cb" *** *** *** *** so that mail appears to be sent by either "efh" or "cb" as *** *** appropriate. Despite repeated attempts to achieve this by *** *** all apparent plausible means, nothing has been achieved. *** | I am trying to configure smail to send out mail messages with a sender | name which is different than my login name. I need to do this because | I cannot receive mail on my local machine -- I use a SLIP connection. | | I need to make mail messages appear as though they were sent from the | machine which actually receives my mail so that people will be able to | reply to them. | | I've figured out part of this problem -- by setting the "visible_name" | attribute in the config file I can make messages appear as though they | were sent from my mail-receiving machine. | | The problem is, however, that the messages are still sent out with my | local username. My username on my local machine is different from my | username on the mail-receiving machine. | | From reading the smail(5) man page, it looks as though I may be able | to do what I want by setting the sender_env_variable attribute in the | config file. This attribute is supposed to let users change the | sender name used in a mail message by setting an environment variable. | Unfortunately, this doesn't seem to work -- smail doesn't seem to use | this attribute. | | I've also tried setting the from_field and return_path_field | attributes to produce the desired username, but messages still arrive | with the local username instead of the one I specify. | | | Can someone tell me how to set the sender name in smail? | | I'm using Smail3.1.28.1 #28.5. | ------------------------------ From: Ted.Harding@nessie.mcc.ac.uk (Ted Harding) Subject: Cron Problems - Script runs from shell but not cron Date: 11 Oct 1994 05:38:17 -0400 Reply-To: Ted.Harding@nessie.mcc.ac.uk (Ted Harding) Brian Kramer asks:- | I am having trouble with some scripts running fine from a prompt, but not | from cron. Here's one of the scripts. Anyone else have problems like this? I notice that this script includes lines like backupmenu() { echo "Usage backup \n" echo ": full (Full backup) "; echo " root (Root partition /) "; echo " news (News Spool partition /usr/spool/news) "; echo " user (User partition /home/home1) "; echo " nn (NN partition /usr/spool/nndb) "; echo " inn (Inn partiton /usr/lib/news)\n "; } Now, where are the "echo"s supposed to appear when the script is run by cron? And what console is the input supposed to come from? When the script is run from a prompt, stdout (and stderr) will appear on the screen where the prompt is, which can be found out from the system admin files (utmp I think). Cron doesn't know what console the script is supposed to write to. One solution would be to reserve a particular console (I use /dev/tty1) as "system console", so that the 1st two lines above, for instance, could be changed to echo "Usage backup \n" > /dev/tty1 2>&1 echo ": full (Full backup) "; > /dev/tty1 2>&1 My guess is that if all lines of the script which write to stdout were changed to write >/devtty1 2>&1, and all lines which read from stdin were changed to read I found that when booting Linux, just after bogomips line, (33.. Ok), i EJT> get a failed that seems not to be related to anything. Does anybody know EJT> what is this about? The Sony CDROM driver is just telling you that you have failed to build your own kernel. ;-) Greetings ... Eberhard ------------------------------ From: janne@avocado.pc.helsinki.fi (Janne Sinkkonen) Subject: Re: Ftape works...Not yet Date: 11 Oct 1994 00:49:14 +0200 Peter Dalgaard SFE wrote: >GZIP=-1 time nice -n -18 tar cvzlb 58 / > >('b 58' == 58 512b blocks == 29k == 1 tape sector, fastest gzip >option, nice it to very high priority or X context switches get >in the way, 'l' == don't cross filesystems (in particular not >/proc !) Someone else said that just using the --block-compress >option works well too. I use a backup-1.0x utility from sunsite.unc.edu, that one which uses afio, a Conner drive, and I have been unable to make any backup with 1.1.52. because of tons of I/O errors. Anyone have this kind of combination? -- Janne.Sinkkonen@helsinki.fi ------------------------------ From: andrewp@itwhy.bhp.com.au (Andrew PRUSEK) Subject: Where to find acct for 1.1.49+? Date: Sun, 09 Oct 1994 10:06:44 +0930 Hello all Some time ago I had the address for the ftp site that had the process accounting patch for kernel above 1.1.18. As you may have guessed I have lost this address and therefore am now begging for someone to enlighten me as to where I might find this. I have looked in the regular places but have come up empty handed. Any pointer??? thanks Andrew -- Andrew PRUSEK Phone: +61 86 40 4590 BHP Information Technology Fax: +61 86 40 4720 PO Box 21 / Port Augusta Road Email: andrewp@itwhy.bhp.com.au Whyalla SA 5600 Prefered OS: Linux Australia Disclaimer: My opinions are my own. ------------------------------ ** FOR YOUR REFERENCE ** The service address, to which questions about the list itself and requests to be added to or deleted from it should be directed, is: Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU You can send mail to the entire list (and comp.os.linux.admin) via: Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU Linux may be obtained via one of these FTP sites: nic.funet.fi pub/OS/Linux tsx-11.mit.edu pub/linux sunsite.unc.edu pub/Linux End of Linux-Admin Digest ******************************