From: Digestifier To: Linux-Admin@senator-bedfellow.mit.edu Reply-To: Linux-Admin@senator-bedfellow.mit.edu Date: Tue, 6 Sep 94 09:15:14 EDT Subject: Linux-Admin Digest #29 Linux-Admin Digest #29, Volume #2 Tue, 6 Sep 94 09:15:14 EDT Contents: Re: [Q] chmod setting in /var/spool/mail (Jason Haar) TL5212 driver (Davyd Luque) kernel panic: can not find root fs (Ari Lampinen) Re: UID 0 Passwd blues (Kevin Lentin) [Q] Substitute for 'mail' (Jonathan Bradshaw) Re: WARNING about shadow-mk package (Patrick Reijnen) Re: colors with DJ550C ?? (pellmont@urz.unibas.ch) Re: Curses problems with kterm (Stephen J. Turnbull) Re: colors with DJ550C ?? (Robert Wolter) ---------------------------------------------------------------------------- From: jasonh@chineham.euro.csg.mot.com (Jason Haar) Subject: Re: [Q] chmod setting in /var/spool/mail Date: 6 Sep 1994 07:34:25 GMT B.Bottarelli (bruno@vaimo.cce.unipr.it) wrote: : Hei dude!! : We have installed Slackware Linux 1.0.8 on a 486 based PC. : I have notice this _strange_ chmod setting into the directory : /var/spool/mail : drwxrwxr-x 2 root mail 1024 Sep 1 16:07 ./ : drwxr-xr-x 19 root root 1024 Jun 6 11:34 ../ : -rw-rw---- 1 paolo staff 0 Sep 1 13:47 paolo : -rw-rw---- 1 marco guest 0 Jul 25 16:06 marco : -rw-rw---- 1 stefan guest 10706 Jun 17 15:02 stefan : -rw-rw---- 1 pier guest 0 Aug 31 00:00 pier : ^^------- ???????????? : This means that all the user in the same group can read their mail each : other and this in in contrast with the privacy rules. I can change the modes : via chmod every time I add a new user, but is there a way to avoid this : automagically?? This is obviously wrong. I think you will find that the local mailer that your system uses for delivering mail (defined as 'Mlocal' in sendmail.cf if you are running sendmail) is setgid guest instead of setgid mail as it should be. As you see, the actual directory /var/spool/mail is set group mail (as it should be); everything within it should be group mail too. Do a "chgrp mail " to reset the local mailer to the appropriate group. Then you will need to reset the gid again (chmod g+s ). -- Cheers, Jason ------------------------------ From: davyd@si.upc.es (Davyd Luque) Crossposted-To: comp.os.linux.development,comp.os.linux.help,comp.os.linux.misc Subject: TL5212 driver Date: 5 Sep 1994 16:05:52 GMT Reply-To: davyd@si.upc.es Hi All! I'm trying to use a 3200 bpi tape for reading a backup from a Nixdorf mainframe , and I've got a TL5212 Overland Data tape, controlled by a Peltec controller board. I've got DOS drivers, but I have nothing for UNIX. Does anybody know where to find drivers for SCO or LINUX? Thanks in advance!! --- .oooO _ _ Oooo. e-mail: davyd@si.upc.es Fax:343-440-0899 ( ) / ) ( \ ( ) davyd@diable.upc.es Data:343-440-0899 \ ( / ( ) \ ) / http://www.upc.es/~davyd ----\_)( ) ( )(_/---|)/\/`/(|- .oooO-Oooo. Todo lo que me gusta es inmoral ilegal o engorda. ------------------------------ From: ala@tukki.jyu.fi (Ari Lampinen) Subject: kernel panic: can not find root fs Date: 6 Sep 1994 10:41:23 GMT The reason for this was that I deleted with dos fdisk a logical D disk from dos ext partition where linux partitions also are. The operation clearly removed some linux pointers, too, and now linux boot can not find the linux partitions. How can I recover? -ari ;-( ------------------------------ From: kevinl@bruce.cs.monash.edu.au (Kevin Lentin) Subject: Re: UID 0 Passwd blues Date: 6 Sep 1994 11:01:47 GMT Anton de Wet (adw@Chopin.rau.ac.za) wrote: > I ran accross an inconvenient ``feature'' of the passwd program yesterday. > On one of our Linux boxes we have 3 UID 0 users --- root and two others. > Since initial setup a week ago, everything was working fine, but suddenly > the root password was invalid :-( After some investigation and experimenting > we found that one of the users had changed his password and that this changes > all the UID 0 passwords to the same thing. Having multiple accounts with the same uid and different names are bound to cause trouble. Some programs may use other methods besides getuid() to figure out who you are. $LOGNAME. getlogin(), who knows what they might return. I presume the reason you are doing this is you want multiple root users with different passwords so you can revoke one's access at some time without the others having to change password. I can't see why this is necessary. Do your root users change so frequently that it's aproblem? Why not just have one root account and let the people all use 'su'? If you must have multiple users, could you not put them all in one group (eg wheel) and then have a setuid root shell that is only executable by group wheel. I'm sure this opens up a security hole but probably nothing worse than you're already faced with. > Is this supposed to be so? I think not. What is the easiest way to fix it? > (I'm using Slackware 2.0 distribution) > Thanx > Anton -- [==================================================================] [ Kevin Lentin |___/~\__/~\___/~~~~\__/~\__/~\_| ] [ kevinl@bruce.cs.monash.edu.au |___/~\/~\_____/~\______/~\/~\__| ] [ Macintrash: 'Just say NO!' |___/~\__/~\___/~~~~\____/~~\___| ] [==================================================================] ------------------------------ From: jonathan@nova.decio.nd.edu (Jonathan Bradshaw) Subject: [Q] Substitute for 'mail' Date: 6 Sep 1994 11:45:22 GMT =====BEGIN PGP SIGNED MESSAGE===== Yes, I know about deliver and procmail -- and am using procmail myself for the MDA from sendmail but I just installed INN and it uses 'mail' to send status messages. There must be something I can install that will make this work. I'd appreciate a solution, INN isn't the only program expecting a real 'mail' program and not a link to procmail. - -- Jonathan Bradshaw | E-Mail is: Jonathan.Bradshaw@nd.edu | Packet: N9OXE@N0ARY PGP Key is available by finger, keyserver or mail me with subject 'send key' "If the women don't find you handsome, they should at least find you handy" =====BEGIN PGP SIGNATURE===== Version: 2.2 iQCVAgUBLmxWS1A1bhXvqhbrAQGrNgP7B6cORVSvzbSpBwhj9GpsMM+SVaJtmIxF D+0qlgeNu6AX014j+sG6FKKiMVryXvbhLo01+7r8FORSpqIi4T5kh9lqm0Ifc2O0 WE9VONZjHeLaBEwiO3f1D2Jdbuie7b0HSvE0cxoUypF4KqwoqU7ipDAzptwQjZ+b EKiwrUpIKo4= =qoGx =====END PGP SIGNATURE===== ------------------------------ Crossposted-To: comp.os.linux.development,comp.os.linux.help,comp.os.linux.misc From: patrickr@cs.kun.nl (Patrick Reijnen) Subject: Re: WARNING about shadow-mk package Date: Tue, 6 Sep 1994 11:29:27 GMT In im14u2c@cegt201.bradley.edu (Joe Zbiciak) writes: >-----BEGIN PGP SIGNED MESSAGE----- >This post is in regards to the login.secure program included in >the shadow-mk package authored by Mohan Kokal. I, Joseph R.M. Zbiciak, >am the sole author of this program, and would like to dispell any >rumors labeling it as the tool of a "cracker." >Included in this post is the source code for my /bin/login replacement. >The binary included in the shadow-mk package distributed by Mohan Kokal >was apparently compiled under GCC 2.4.5, using libc 4.4.4. I base this >statement on the fact that the binary was indeed compiled by me on my >personal Linux box, "asylum," prior to June 9th. On June 9th, I upgraded >to GCC 2.5.8, and libc 4.5.26. >Inspection of the login.secure binary will reveal that it was indeed >linked with libc 4.4.4. >Therefore, I seek corroboration of the following, since I cannot >do this myself (my system has no room to dl libc 4.4.4 and gcc 2.4.5 to >try this): >The login.secure binary was most probably compiled as follows: >gcc -o login.secure -s -N -O6 -fomit-frame-pointer -m386 login1.c >(as I said, under GCC 2.4.5, and libc 4.4.4) >Using GCC 2.5.8 and libc 4.5.26 yeilds an executable of 1328 bytes >with these options. >Let me remind you that the /bin/login on my system has been and continues >to be the login.secure binary that was included in shadow-mk. (Size: >1124 bytes. CRC: a4abbb26) >I have PGP-signed this post to ensure its authenticity. My public key >is available via finger. Please finger im14u2c@cegt201.bradley.edu. >Pipe the output to a file and run pgp -ka on the file to add the key >to your keyring. This key is primarily for private messages. I do not >yet have a well established key for business use. One will be forthcoming. >Please: I urge *ANYONE* that has any questions, problems, etc. relating >this program to CONTACT ME IMMEDIATELY. My email address is, once again, >im14u2c@cegt201.bradley.edu. Should that address fail, there's also >im14u2c@camelot.bradley.edu. Should both of those addresses fail for one >reason or another, email Mohan Kokal at magnus@cegt201.bradley.edu, with >instructions to forward the mail to me. >And again: I do apologize for any inconvenience this may have caused >anyone. The shadow-mk package is not insecure. The login.secure is >indeed what it was titled. I do hope that this post lays to rest any >suspicion about the shadow-mk package, its contents, and its author. >I also apologize to Mohan Kokal for not realizing that such a small piece >of code would cause such a large number of people to label him as a >cheap-and-dirty cracker. Hmm, some people just over react a bit every now and then. Don't bother.. >Here's the source code: >==FILE: login1.c== >/* Preprocessor for /bin/login */ >/* Corrects /bin/login security hole regarding -f */ >/* Also disables -h for non-root users. */ >/* (c) 1994, Joseph R. M. Zbiciak */ >#include >#include >#include >main (int argc, char * argv[], char * envp[]) >{ > char **av=argv; > int ac=argc; > if (argc>1) { > while(--ac>0) { > if (**(++av)=='-' && strlen(*av)>1) { > *((*av)+2)=0; > if (*((*av)+1)=='h' && getuid()>100) { > fprintf(stderr,"You cannot specify a new host.\n"); > exit (1); > } > } > } > } > execve("/bin/_login",argv,envp); > return 0; >} >==END OF FILE== >- --Joseph R.M. Zbiciak > Systems Administrator & Programmer > Texas Networking Systems, Inc. >DISCLAIMER: Neither this post, nor any other post made by me, reflects > the opinions of my various employers, unless EXPLICITLY > stated. All opinions stated herein are mine unless otherwise > noted. > := Joe Zbiciak == im14u2c@ =: > :- - cegt201.bradley.edu - -: > If it works, Don't fix it. : - camelot.bradley.edu - : > :-Finger for PGP Public Key-: > :===========================: >-----BEGIN PGP SIGNATURE----- >Version: 2.3a >iQCVAgUBLmwUH/1glWhKqKRRAQHCAgP6AqTd3G9kzRm12GqiE29aL1VHjkYxb/hU >FW4F0+TEIM7RbUcbfFPilwtnb2n08btgcLW+92YZRGf4FmzteVLEMhecz/+wB9Wd >/Dr8rH5rUrJw2Lclx7ZmiLDLfBVHLahcRNQ/oH/itLg9UJXLzLKq8igEniIpyxgW >LevHNAnbWgM= >=VIIl >-----END PGP SIGNATURE----- Patrick Reijnen -- ************************* Patrick Reijnen ************************* * Department of Computer Science, Catholic University of Nijmegen * * Email: patrickr@{sci,cs}.kun.nl * * WWW: http://{atlas,zeus}.cs.kun.nl:4080/homepage.html * ------------------------------ From: pellmont@urz.unibas.ch Subject: Re: colors with DJ550C ?? Date: 6 Sep 94 12:27:53 MET > I have a print filter setup that has the calls to ghostscript > in it with one of the deskjet550c drivers and I get color > postscript out put fine. What are you trying to send to your > deskjet and from what package was it created? I converted it to Postscript (with XV, I think) and tried to print it with ghostscript, but I don't know if the PS-File is greyscale or my filter allows only to print black & white. I used the standard-filter for Deskjet. How must I setup the filter to print colors (I think it's a setup problem) ? If XV convert pictures to greyscale PS-files, what should I use to convert GIF, TIF, TGA, ... -> PS ? =============================================================== Pascal Pellmont, Institute for physics, university of Basel ------------------------------ From: turnbull@turnbull.sk.tsukuba.ac.jp (Stephen J. Turnbull) Subject: Re: Curses problems with kterm Date: 6 Sep 94 11:49:30 GMT Reply-To: turnbull@shako.sk.tsukuba.ac.jp This doesn't exactly belong here, but my DNS won't let me get mail so I've been lazy about setting up my mailer. But I won't give up trn for vnews or mnews! AIA to all bandwidth.cops. In article <34862f$ar1@newt.mrj.com>, George Wilson wrote: >I have a curses based application that I am trying to use >with kterm. It seems to get confused about the cursor position >and what to display when working with JIS Japanese data. According to the man page, kterm assumes the zenkaku characters are twice as wide as hankaku. What is probably happening is that your app is double-counting zenkaku characters (ie, counting each byte once). Thus, if you try to backspace over a kanji, it backs up one byte and transmits a backspace. kterm backs up over the kanji. Now your app is in the middle of a kanji, and the display gets munged. backspace again, you are now at a 2-byte character boundary, so redisplay should give the correct display (sort of) but another backspace is transmitted and your cursor position is wrong. The escape sequences probably aren't going to help keep a correct count, either. If this is true, you're going to have to rewrite your app. >Straight display works fine, but when you move the cursor Does it matter whether it's the mouse or the arrow keys? Presumably you're app will still get confused when kterm tells it the cursor position, but if you're really really lucky.... >and update the screen, the display is wrong and it does not >have the expected position on the screen. Everything works >fine on English-only texts. > >There is a library called pcurses in the linux JE >package. pcurses seems to be for EUC encoding only. >My application is not 8-bit clean, so I want to use Shudder. A heathen. I will pray for the repose of your soul. >JIS. Also, I have not seen pcurses for the Sun. Can >I use pcurses or some other library with JIS on both >linux and Suns? If you have JLE for the Sun, my man page seems to say that the JLE provides curses with international extensions. Thus you wouldn't need pcurses. Otherwise, pcurses is PDS, I believe, go ahead and port it. >TIA, >George Wilson >gwilson@mrj.com ------------------------------ From: wolter@wppc9.physik.Uni-Wuppertal.DE (Robert Wolter) Subject: Re: colors with DJ550C ?? Date: 6 Sep 1994 12:12:12 GMT pellmont@urz.unibas.ch wrote: : > I have a print filter setup that has the calls to ghostscript : > in it with one of the deskjet550c drivers and I get color : > postscript out put fine. What are you trying to send to your : > deskjet and from what package was it created? : I converted it to Postscript (with XV, I think) and tried to : print it with ghostscript, but I don't know if the PS-File is : greyscale or my filter allows only to print black & white. : I used the standard-filter for Deskjet. How must I setup the : filter to print colors (I think it's a setup problem) ? : If XV convert pictures to greyscale PS-files, what should I use : to convert GIF, TIF, TGA, ... -> PS ? : --------------------------------------------------------------- : Pascal Pellmont, Institute for physics, university of Basel Here is my /etc/printcap entry for the HP Deskjet 550c: file /etc/printcap: ---snip--- # HP Deskjet [...] lpdj|deskjet|HP Deskjet 550c:\ :lp=/dev/lp1:\ :sd=/var/spool/lp1:\ :sh:sf:\ :mx#0:\ :lf=/var/spool/lp1/lp-errs:\ :of=/usr/local/lib/deskjetof: [...] ---snip--- The shell script /usr/local/lib/deskjetof, used as output filter, was written by Andreas Klemm : file /usr/local/lib/deskjetof: ---snip--- #!/bin/bash # HP Deskjet 500 - output filter - RELEASE 1.1 # # by Andreas Klemm # where do you have diskspace # TmpDir=/home/tmp # Temp. filename TmpFile=$TmpDir/deskjetof.$$ # Who should be notified by e-mail in case of print problems ? NOTIFY=root # write print data from stdin to temp file cat - > $TmpFile # # reset printer to power on values before print job # echo -ne '\033E' # determine file type # set output of the ``file'' command to new script arguments $1, $2, ..., $n # set -- `file $TmpFile` # throw away $1 since that is the *file name* # shift # the rest is a "string" which consist of one or multiple words # describing the file type. For example: "Korn Shell Script" # FileType=$* case $FileType in PostScript*) # # pipe ps data through ghostscript # /bin/cat $TmpFile \ | /usr/bin/gs -q \ -sDEVICE=deskjet \ -sPAPERSIZE=a4 \ -dNOPAUSE \ -dSAFER \ -sOutputFile=- \ - \ /usr/local/lib/ghostscript/quit.ps \ || echo -ne '\033&l0H' # ^ if an error occurs, then # | eject already loaded paper ;; *text*|*script*) # # print normal text with # - cr/nl conversion # - draft quality # - 66 lines/page # - left margin # - 12 cpi pitch # # Landscape Mode \E & l 1 O # Landscape Mode \E & l 1 O # Landscape Mode \E & l 0 O #echo -ne '\033&l1O' # Line distance # # # echo -ne '\033&19D' # Lines per page # # echo -ne '\033&l100P' echo -ne '\033&l100F' # Point Size \E ( s # V # # echo -ne '\033(s5V' echo -ne '\033(s7H' # LINE TERMINATION \E & k # G # 0 = CR=CR ; LF=LF ; FF=FF (default) # 1 = CR=CR+LF; LF=LF ; FF=FF # ** 2 = CR=CR ; LF=CR+LF; FF=CR+FF # 3 = CR=CR+LF; LF=CR+LF; FF=CR+FF echo -ne '\033&k2G' # QUALITY \E ( s # Q # ** 1 = draft = 240cps # 2 = letter = 120cps (default) echo -ne '\033(s1Q' # Text Scale Mode \E & k # W # 5 = off (default) # 6 = on # ignored in landscape mode # echo -ne '\033&k5W' # Perforation Skip Mode \E & l # L # 0 = off = 0.0 in Top Margin # 1 = on = 1/2 in Top Margin (default) echo -ne '\033&l0L' # Left Margin \E & a # L # # Value = column number # default = 0 = 1/8 in left margin # used = 8 for additional margin echo -ne '\033&a8L' # Pitch \E ( s # H # # = cpi # default = 10 characters per inch # ** 12 cpi echo -ne '\033(s12H' # print tmp file /bin/cat $TmpFile ;; *data*) # # print binary files # # LINE TERMINATION \E & k # G # ** 0 = CR=CR ; LF=LF ; FF=FF (default) # 1 = CR=CR+LF; LF=LF ; FF=FF # 2 = CR=CR ; LF=CR+LF; FF=CR+FF # 3 = CR=CR+LF; LF=CR+LF; FF=CR+FF echo -ne '\033&k0G' # print tmp file /bin/cat $TmpFile ;; *) # # Rest is an unknown file type ...... sorry ;-) # - has somebody else further filter ideas ? # echo "deskjetof: unknown filetype $FileType" > /dev/console echo "deskjetof: $TmpFile: unknown filetype $FileType" \ | mail $NOTIFY NotOk=1 ;; esac # # keep print job, that couldn't be printed because of errors.... # if [ ! "$NotOk" = "1" ] then rm -f $TmpFile fi # # reset printer to power on values after print job # echo -ne '\033E' #---------------------------------------------------------------- # Some hints about used utilities/programs/options #---------------------------------------------------------------- # ghostscript parameters... # ========================= # # -q quiet mode, no messages # -dNOPAUSE don't wait for RETURN when doing showpage # -sDEVICE=deskjet printer (deskjet or djet500 if gs-2.6) # -sOutputFile=- output on stdout # -dSAFER prevent security whole # forbidds ps file operations # from: hein@student.tu-clausthal.de # - input from stdin # -sPAPERSIZE=a4 papersize # /usr/local/lib/ghostscript/quit.ps terminate cleanly ---snip--- My shell script for converting *.ps to HP Deskjet printer files looks like this: (gs=ghostscript, version 2.61) file /usr/local/bin/ps2dj: ---snip--- gs -q -dNOPAUSE -sPAPERSIZE=a4 -sDEVICE=cdj550 -sOutputFile=$2 $1 /usr/lib/ghostscript/quit.ps ---snip--- Usage: a) "ps2dj *.ps *.prn" b) "lpr -Plpdj *.prn" Hope this helps, Robert wolter@wppc9.uni-wuppertal.de ------------------------------ ** FOR YOUR REFERENCE ** The service address, to which questions about the list itself and requests to be added to or deleted from it should be directed, is: Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU You can send mail to the entire list (and comp.os.linux.admin) via: Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU Linux may be obtained via one of these FTP sites: nic.funet.fi pub/OS/Linux tsx-11.mit.edu pub/linux sunsite.unc.edu pub/Linux End of Linux-Admin Digest ******************************