From: Digestifier To: Linux-Admin@senator-bedfellow.mit.edu Reply-To: Linux-Admin@senator-bedfellow.mit.edu Date: Mon, 17 Oct 94 03:14:19 EDT Subject: Linux-Admin Digest #207 Linux-Admin Digest #207, Volume #2 Mon, 17 Oct 94 03:14:19 EDT Contents: Re: shadow-332: -f bug present (Hal N. Brooks) Re: /tmp/ is not cleaned up (Breakdown) Re: UUCP Help (Breakdown) Re: XFree86-3.1 - Whoopee! (Jinwoo Shin) Re: Good Video Card For Linux (Sean A. Long) Re: Telnet in is slow (Kurt M. Hockenbury) A Couple term questions (x93frey3@wmich.edu) Re: mgetty -- how to setup?? (Klaus Lichtenwalder) Very stange ... or very smart modem or term 2.1.4 (Andrzej Jesmanowicz) Re: Programing using PHIGS (HARADA Koichi) RPC info / setup (Robert Sink) xvnews on linux + term (Donald Griffin) Re: help with FTape (BRAD A ODEGARD) Re: RFC931 server (Matti Aarnio) Re: Tar and z option with DAT drive (Mark Hahn) Re: Linux Mosaic using Athena (Tim Bass (Network Systems Engineer)) Network freeze until PING (Andrej Misik) ---------------------------------------------------------------------------- From: hal@pollux.cs.uga.edu (Hal N. Brooks) Subject: Re: shadow-332: -f bug present Date: 16 Oct 1994 15:45:19 GMT Reply-To: hal@pollux.cs.uga.edu (Hal N. Brooks) Btw, e-mail from here to chris@ideal.com bounced. In article chris@ideal.com (Chris Haos) writes: >Harald Milz (hm@ix.de) wrote: >: I installed the shadow-3.3.2 suite a couple of minute ago and found >: that the old -f bug is again in there. What's wrong? > >: -- >: Gordon's first law: >: If a research project is not worth doing, it is not worth doing >: well. >: -- >: Harald Milz (hm@ix.de) WWW: http://www.ix.de/editors/hm.html >: iX Multiuser Multitasking Magazine phone +49 (511) 53 52-377 >: Helstorfer Str. 7, D-30625 Hannover fax +49 (511) 53 52-378 >: Opinions stated herein are my own, not necessarily my employer's. > >Nothing is wrong. Shadow simply hasnt been patched yet. A quick hack is >to comment out the "case 'f'" in lmain.c. This will disable -f. I am >not sure what the correct patch to login was. Does anyone have the other >login.c patch? I will make up a new diff file if anyone does. For now >you are best to just remove that "feature" of login to prevent >unauthorized access. Here's the article in which John F. Haugh II gave the official patch. Though the article doesn't mention the version number, I believe the current version at the time was 3.2.2. ====================================================================== Hal N. Brooks Voice: (706) 546-7792 Internet: hal@cs.uga.edu ====================================================================== ====== Begin included post ===================== Newsgroups: comp.os.linux.development From: jfh@rpp386 (John F. Haugh II) Subject: Re: Regarding the rlogin security hole Message-ID: <1994Jun3.030559.10217@rpp386> Reply-To: jfh@rpp386.cactus.org (John F. Haugh II) Organization: River Parishes Programming, Austin TX References: <2shn88$apc@kralizec.zeta.org.au> Date: Fri, 3 Jun 1994 03:05:59 GMT Lines: 50 In article <2shn88$apc@kralizec.zeta.org.au> nick@kralizec.zeta.org.au (Nick And >In aab@cichlid.com (Andy Burgess) writes: > >>Are we vulnerable if we are using tcpwrapper to restrict rlogin and telnet >>access? > >Yes - to all sites which are allowed to rlogin in ... Here is the official patch for lmain.c. It should close all of the holes that have been posted and a few that haven't. The patch has been tested to insure that it can be applied to every version of lmain.c that has ever existed. -- *** lmain.c.orig Thu Jun 2 22:01:26 1994 --- lmain.c Thu Jun 2 22:01:38 1994 *************** *** 370,375 **** --- 370,376 ---- char tty[BUFSIZ]; int reason = PW_LOGIN; int retries; + int arg; int failed; int flag; int subroot = 0; *************** *** 388,393 **** --- 389,405 ---- */ name[0] = '\0'; + + /* + * Check the flags for proper form. Every argument starting with + * "-" must be exactly two characters long. This closes all the + * clever rlogin, telnet, and getty holes. + */ + + for (arg = 1;arg < argc;arg++) { + if (argv[arg][0] == '-' && strlen (argv[arg]) > 2) + usage (); + } /* * Get the utmp file entry and get the tty name from it. The -- John F. Haugh II [ NRA-ILA ] [ Kill Barney ] !'s: ...!cs.utexas.edu!rpp386!jfh Ma Bell: (512) 251-2151 [GOP][DoF #17][PADI][ENTJ] @'s: jfh@rpp386.cactus.org There are three documents that run my life: The King James Bible, the United States Constitution, and the UNIX System V Release 4 Programmer's Reference. ====== End included post ===================== ------------------------------ From: root@beast.oau.org (Breakdown) Subject: Re: /tmp/ is not cleaned up Date: Sun, 16 Oct 1994 03:30:32 GMT Patrick J. Volkerding (gonzo@magnet.mednet.net) wrote: : /usr/tmp in Slackware is a symbolic link to /var/tmp, and you're : correct. Not much of anything in Slackware does use /var/tmp. Yes, there's 1 prog that uses /var/tmp, which I guess isn't overused by many. Ever heard of locate? IT creates a database of all the filenames on your partition so that you wouldn't have to do a find each time and take up CPU time. Well /var/tmp is used by a complementary program to locate, and that is updatedb. When you run updatedb, it places some files in /var/tmp. updatedb is the prog that does the find for all the files on your partition and saves them in a file. locate later on, looks in that file to see if the file is present, assuming the databse is current. you run updatedb once or twice a day and you should be ok. Genie ------------------------------ From: root@beast.oau.org (Breakdown) Subject: Re: UUCP Help Date: Sun, 16 Oct 1994 03:34:32 GMT Get the smail3.1.28 sources and compile them. Then only thing you will need for UUCP, is the smart_host, and a couple of other things in there to run UUCP+Cnews. Make sure you also get the newspak(I don't know where to find the latter one). smail sources is on ftp.uu.net, and on ftp.engr.ucf.edu as well. Find the newspak somehow, where the config files for smail are and compile. The default of smail compiled, works for UUCP. No hard configuration is needed. L8r Genie mbguest@ins.infonet.net wrote: : I have two problems . I cannot send external mail and cannot get : Local produced news postings to my UUCP feed . I have read the : appropriate Orilley books and the Linux Docs and Howto's and : still am stumped . ------------------------------ From: jwshin@nitride.EECS.Berkeley.EDU (Jinwoo Shin) Subject: Re: XFree86-3.1 - Whoopee! Date: 16 Oct 94 21:54:23 GMT kfandre@comp..uark.edu (Kevin C. Fandre) writes: >Does Xfree86 3.1 "feel" like a memory hog to anyone? I've recompiled Several possibilities exist. If you are running pre-3.1 dynamically linked binaries, then you are loading those old libraries on the top of new ones. Mosaic's case might just be this. Also, you might want to leave off all the unwanted extensions on your server using link kit. I've been using the release since the day of introduction and I find it generally comparable to 2.1 in speed and memory usage. -- Jinwoo Shin jwshin@eecs.berkeley.edu System Administrator Berkeley Sensor and Actuator Center ------------------------------ From: LONGSA%DFCS@dfmail.usafa.af.mil (Sean A. Long) Subject: Re: Good Video Card For Linux Date: Tue, 11 Oct 1994 18:00:26 GMT In article <37afta$pmg@geraldo.cc.utexas.edu> ronb@mail.utexas.edu (Ron Blancarte) writes: >My Brother-in-Law is getting a PC to run Linux on one partition, and >Windows/Dos on the other one. Now anyone can make Win/Dos Drivers, but we are >looking for a Video card that has really good Linux drivers. Things to take >note when giving advice: We are not looking for a 64 bit Video card, so >please don't recomend them, unless they are the best card hands down. >Please e-mail responces back to me. I don't frequent this group. >RonB For cheap and easy and "good enough" performance, try just about any 1 meg cirrus 5426 or 5428 card. Works great for me, faster drivers than MSWindoze, no annoying ghosting or bugging or anything for me at 1024x768. Could even get virtual 1152x8something I think, but I don't like the virtual screen sliding around like that... -=>Sean Long ------------------------------ From: kmh@linux.stevens-tech.edu (Kurt M. Hockenbury) Subject: Re: Telnet in is slow Date: Sun, 16 Oct 1994 15:42:12 GMT Orjan Stromberg (connor@tekla) wrote: : Yes, I know this is subject to another thread, but I couldn't find it at the : moment, and wanted to get this posted. : My problem seems slightly different though. : The lines out are as fast as you can possible wish, but as soon as I try to : telnet in to the machine it goes SLOOW. People have been telnetting into the : machine, and stopped at the login for five minutes. If I check locally, they : are logged in, but they are still stuck on the login-screen. : Anybody know what it could be? Or perhaps how to solve it at least? Check your /etc/resolv.conf and /etc/host.conf - this sounds like a clasic nameserver problem. Check to see that the nameserver you have defined in your resolv.conf is the correct IP number, or if you're not using a nameserver, remove bind from host.conf. If that's not it, try removing the tcpwrapper on telnetd in /etc/inetd.conf - if you're telnetting in from a PC, it might be trying an ident lookedup, and timing out (since many PC TCP/IP stacks don't reject connections when they should). Remember to killall -HUP inetd before testing your changes to any of these. -Kurt Hockenbury P.S. I tried to mail this, but you don't have a valid email address in your newsheader - you should get that fixed. ------------------------------ From: x93frey3@wmich.edu Crossposted-To: comp.os.linux.help,comp.os.linux.misc Subject: A Couple term questions Date: 16 Oct 94 17:48:24 EDT I have term running and I was wondering if someone could help me write a simple script. My problem is that I have autologout on my remote system after 30 minutes of inactivity. I was wondering if I could have a script that executes ever 10 minutes or so just sending something over the link so that it doesn't show that I am idle. I would really appreciate. The other question that I have is if I can somehow fix the remote hostname My second question is about remote hostname passing over term. When ever I use this I get that the remote host is localhost and I would like to find a way to pass the host name. Thanks for this help in advance Jeffrey Frey 99frey@lab.cc.wmich.edu ------------------------------ From: klaus@gaston.m.isar.de (Klaus Lichtenwalder) Subject: Re: mgetty -- how to setup?? Date: Sun, 16 Oct 1994 12:53:44 GMT 93812053@comp.hkp.hk (To Siu Pong (BACS2 student)) writes: > I've got the mgetty and have installed, however how can I config > it?? The modem doesn't answer when a there's a call and when > I type "mgetty", it said that > mgetty FATAL : no line give > What should I do now?? I'd suggest RTFM (in this case, mgetty.texi) :-> Klaus -- __________________________________________________________________________ Klaus Lichtenwalder, Dipl. Inf., Buschingstr. 65 D-81677 Muenchen, F.R. Germany, Fax +49-89-98292755 email: Lichtenwalder@ACM.org, klaus@gaston.m.isar.de ------------------------------ From: andre@post.its.mcw.edu (Andrzej Jesmanowicz) Subject: Very stange ... or very smart modem or term 2.1.4 Date: 14 Oct 1994 19:55:12 -0500 I have encountered very strange behaviour of my modem 14,400. Here I use Linux (1.0) and there is HP-735. I can run on both machines term and then trsh. I run it mainly when I need to transfer binary files. Otherwise I don't use term. Modem connection is fine, exact like for 14400 baud speed. At first when I make data transfer using tupload, my log file is growig about ten time faster then transfered file. All messages are about garbage packages. The transfer is with a speed of about 100 bytes/sec. Looks like a telphone line is noisy. WRONG! After several minutes, suddenly, my log file stop to grow, and transfer of subsequent files goes with ta speed of about 1300 bytes per second, rather impressive number for a not compressing modem as is mine. And it continues, and editor is no more jumpy, and so on and on without any error messages for hours. Who is so smart? Modem? Unix on other side? or smart telephone line? ;) When I disconnect myself and reconect modems again, the whole problem repeats itself again. Could it be the problem of running process (term) on other side and its priority? Kind of readjustment? I know that computer on other side is working hard, some programs run for several hours extensively using floating point multiplications. When I started this printing, the text was jumpy and now is OK. My log file grew to 58845 bytes and now stay at this level without any change. Have I bad luck, or is it more common problem? Andre ------------------------------ From: harada@humpty.mis.hiroshima-u.ac.jp (HARADA Koichi) Subject: Re: Programing using PHIGS Date: Mon, 17 Oct 1994 03:20:12 GMT mesfin@epx.cis.umn.edu wrote: > Hi folks > I am trying to program in X-Windows under linux using Phigs, and am > successful in to compiling it and getting an executable file, but when I > execute it I got a run time error saying that my PEX is incompatable. I am > helpless if any body have done programing in phigs please share your > experience so I can continue, It is a graphics class project. > later Have you built your XF86_SVGA (or an equivalent image) such that it supports PEX? If not, read README in /usr/X11R6/lib/Server. With XFree86-2.1.1 or older one, you can complile sources that need Phigs library. However, XFree86-3.1 (== X11R6) does not include libphigs.a in its binary distribution. libphigs.a is now optional, and you need to compile to get it from contrib-0.tar.gz. I have not made success in this step. -- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Koichi Harada Hiroshima University harada@aspen.mis.hiroshima-u.ac.jp 81(Japan) 824-24-6475 (voice) 824-24-0756 (FAX) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ------------------------------ From: sinkr@universe.digex.net (Robert Sink) Subject: RPC info / setup Date: 11 Oct 1994 14:42:33 -0400 I have installed a couple rpc functions on my system primarily just to learn what all is entailed. I have my inetd.conf set up correctly, I have /etc/rpc, I run rpc.portmap and I have this one problem. I was under the impression that inetd would run rpc.rusersd apon receiving the request, however it does not. It just sits there and the other end gets RPC: program not registered. However, if I type rpc.rusersd beforehand and load it up, it works fine. Is this correct, or am I missing something? -- ------------------------------------------------------------------------- |:| Robert Sink | "I don't want to start any blasphemous |:| |:| sinkr@universe.digex.net | rumors, but I think that GOD has a sick |:| |:|--------------------------| sense of humor and when I die I expect |:| |:| (c) 1994 Gurkware, Inc. | to find him laughing." -- Depeche Mode |:| ------------------------------------------------------------------------- *PGP 2.6 Public Key Available By Fingering This Account* *or via the PGP Server: pgp-public-keys@pgp.mit.edu* ------------------------------ From: Donald Griffin Subject: xvnews on linux + term Date: 14 Oct 1994 22:06:04 GMT Reply-To: dgriffin@suntan.eng.usf.edu I am running xvnews 2.2 patch 1 on a linux 1.0.9 box through a term connection. Everything seems to work fine except for two things. First, when I first lauch xvnews, it takes about 4-5 minutes to come up. I checked the term connection and it is maxed incoming for about 1100 K of data. The newsserver I am using has about 5000 newsgroups available and I believe that xvnews is reading the name and available messages on all these news groups. This doesnt appear to have anything to do with retreiving messages or the list of messages per group because when I read those, it is obviously reading them from the server on the spot. Because I am only subscribed to 12 groups, it is very innefficent for the newsreader to scan all those newsgroups. My question is, is their anyway to prevent this initial scan or to limit it to subscribed newsgroups?? My second question is: Is their anyway to keep the groups with no unread messages from dissappearing from the newsgroup view?? Thanks for any info Chris Dgriffin@suntan.eng.usf.edu ------------------------------ From: odeg0008@eel.micro.umn.edu (BRAD A ODEGARD) Subject: Re: help with FTape Date: Tue, 11 Oct 1994 18:59:25 GMT okay, i took someone's advice and upgraded my kernel again to 1.1.52 and that seems to have solved one problem, but another has popped up when i try to compile the ftape module under 1.1.52 now :( once again: ftape-1.13b kernel 1.1.52 and i get this while trying to compile the ftape module... fdc-io.c: In function `fdc_grab_irq_and_dma': fdc-io.c:949: warning: implicit declaration of function `irqaction' fdc-io.c:954: too few arguments to function `request_dma' make: *** [fdc-io.o] Error 1 any ideas? thanks Brad ------------------------------ From: mea@utu.fi (Matti Aarnio) Subject: Re: RFC931 server Date: Sun, 16 Oct 1994 17:40:55 GMT root@PROBLEM_WITH_INEWS_DOMAIN_FILE (root) writes: > >Where can I find an RFC931 authentification daemon? > >I found reference to ftp.lysator.liu.se, but this site refused my anonymous >login. > >Thanks, > Paul Murray On Slackware distribution the daemon is known as in.indentd -- try to see if it is already in place. ("indentd" or "in.identd") /Matti Aarnio ------------------------------ From: hahn@neurocog.lrdc.pitt.edu (Mark Hahn) Subject: Re: Tar and z option with DAT drive Date: 14 Oct 1994 22:27:57 GMT > >>I'm going to buy a DAT drive in a few days, and I was wondering about > >>using the z option with the DAT drive... I assume that it slows > >>the speed of the backup, but does it have any other effect? > > > >Physically it slows it down so that the streaming is disturbed, so the > >tape will not hold as much data and the volume/minute may drop > >drastically. > The volume/minute doesn't bother me, since it will be an automated backup. > ... However, the streaming problem does bother me... > If I buy one of the big DAT drives that claim 88Meg/minute and my > computer can't possibly keep up with that pace.. I lose tape capacity?? > This doesn't make me happy. the traditional solution is to buffer appropriately: most machines can probably feed even a fast DDS drive, which writes, uncompressed, to the tape at 550K/s. compression on the host is a win if the host is quite fast, since gzip will probably compress better than DDS/DC. most DDS drives have a significant hardware buffer, so elaborate speed-matching processes on the host are probably a lose. > Do most do the hardware compression? I've been looking at a sony drive > that claims 8 gig uncomp, 16 compressed... they lie. the largest currently-available DDS drive delivers 4G native on a 120M cassette. DDS1 drives offer 1.2 or 2.0G capacities based on 60 or 90M tapes. the 8 and 16 are _only_ for compressible data, which excludes a lot. in our case, we have dozens of G of images which are already compressed. regards, mark hahn. -- operator may differ from spokesperson. hahn@neurocog.lrdc.pitt.edu ------------------------------ From: bass@cais2.cais.com (Tim Bass (Network Systems Engineer)) Subject: Re: Linux Mosaic using Athena Date: 14 Oct 1994 22:13:21 GMT Timothy J. Kordas (tjk@nostromo.eeap.cwru.edu) wrote: : you want someone to port the Motif calls to Athena ? No, I've got Mosaic on at least 5 servers and a linux laptop and I'm happy with Motif. The original poster asked specifically about Athena. Maybe he likes Athena, who knows? ------------------------------ From: misik@dcs.fmph.uniba.sk (Andrej Misik) Subject: Network freeze until PING Date: Mon, 17 Oct 1994 00:22:27 GMT Reply-To: misik@dcs.fmph.uniba.sk Hello all! I'm fresh sysadmin to Linux, so maybe solution to my problem is simple. Here it is: I got Linux 1.0.9 (it's in /etc/issue) and all conections to the outside world are frozen until I log on console and try to connect outside. E.g. I boot, try to ping linux, no answer, log on console, ping other_machine and now ping linux works! I've done workaround bye putting "ping machine" in rc.local, but there must be a better solution. Can you advise me please? miso Please reply directly to my mail address: Andrej.Misik@fmph.uniba.sk ============================================================================== Andrej Misik Dept. of Computer Science Email: Andrej.Misik@fmph.uniba.sk Faculty of Mathematics and Physics WWW : http://www.dcs.fmph.uniba.sk/~misik Comenius University Phone: +42 7 726 635 Mlynska dolina Fax : +42 7 727 041 842 15 Bratislava, Slovakia ============================================================================== ------------------------------ ** FOR YOUR REFERENCE ** The service address, to which questions about the list itself and requests to be added to or deleted from it should be directed, is: Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU You can send mail to the entire list (and comp.os.linux.admin) via: Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU Linux may be obtained via one of these FTP sites: nic.funet.fi pub/OS/Linux tsx-11.mit.edu pub/linux sunsite.unc.edu pub/Linux End of Linux-Admin Digest ******************************