From: Digestifier To: Linux-Admin@senator-bedfellow.mit.edu Reply-To: Linux-Admin@senator-bedfellow.mit.edu Date: Thu, 8 Sep 94 09:13:23 EDT Subject: Linux-Admin Digest #37 Linux-Admin Digest #37, Volume #2 Thu, 8 Sep 94 09:13:23 EDT Contents: Re: "write" with shell? (David Holland) [Q] Restrict root NFS access? (John Dashner) Re: Setting up term for everyone on system. (Patrick Reijnen) Re: UID 0 Passwd blues (Johan Myreen) Ftape...so close..THANKS TO ALL!!! (RYAN Colin Patrick) Re: [Q] Where are rpc.portmap, rpc.mountd, rpc.nfsd? (Hans de Hartog) Re: Monitoring TTY's .. (Alpha / Omega Enterprises) Wanted: Xconfig for Realtek vga 3106 (Eduardo Quero) Re: DNS & 'format error no SOA record...' (Maciej Otreba) Kernel panic: VFS: Unable to mount root fs (Ari Lampinen) Re: HP Laserjet 4M Plus on Linux remote printer (Stephen Vance) Re: ALEX, AFS on Linux? [Was: Is it possible to have NFS via TERM] (Maciej Otreba) Re: Mail in X (Maciej Otreba) Re: pppd works but... (Alan Cox) Re: Removing LILO ? How? (Sylvain NIERVEZE) Re: Whats the best ISA video card for Linux/Xfree? (Wolfgang_Karoly-Szoecs) Re: Linux as a firewall? (Wolfgang_Karoly-Szoecs) Re: CU sudo version 1.3.1 released (Ron Morley) ---------------------------------------------------------------------------- Subject: Re: "write" with shell? From: dholland@scws3.harvard.edu (David Holland) Date: 7 Sep 94 12:13:42 drranu@lamar.ColoState.EDU's message of 6 Sep 1994 19:01:37 GMT said: > On the AIX machine on campus here, the "/usr/bin/write" has > a nice fancy feature where one can type "!" as the first > character on a new line and everything typed afterwards > is interpreted by "/bin/sh". Why bother? Just ^Z the thing. -- - David A. Holland | -- "Do you have a moment?" -- "Yes. dholland@husc.harvard.edu | Unfortunately, it's a moment of inertia." ------------------------------ From: jdashner@crl.com (John Dashner) Subject: [Q] Restrict root NFS access? Date: 7 Sep 1994 18:34:00 -0700 I have read the man pages, tinkered a bit with settings, etc. and still have not been able to restrict other users on our net who are logged in as ``root'' from getting super user NFS priviledges on my box. (I, mean how can you have anything private like, *ahem*, a collection of gifs safe from prying eyes ;-) Here's my /etc/exports file: # # exports This file describes which parts of the local file # system are available for mounting by other systems # with the NFS system. It is used by "mountd". # # Version: @(#)/etc/exports 2.00 04/30/93 /usr dra1(rw,root_quash) # End of exports. -- ============================================================= John "Pappy" Dashner - Data Sciences Corp - jdashner@crl.com ------------------------------ Crossposted-To: comp.os.linux.help,comp.os.linux.misc From: patrickr@cs.kun.nl (Patrick Reijnen) Subject: Re: Setting up term for everyone on system. Date: Thu, 8 Sep 1994 07:05:22 GMT In <1994Sep7.174143.13047@ultb.isc.rit.edu> cws9669@ultb.isc.rit.edu (C.W. Southern) writes: >I want to setup term on my Linux box so everyone on my system can >use it. Right now I have it setup for me only. But I know that there >is a way set it up so more then one user can share the socket to >connect to the remote machine. Maybe run term as root... something >like that? Can anyone help. Get yourself the newest Term-HOWTO on sunsite. There it is described how to arrange this. If yoiu cannot find it let me know. I can send you a copy of it. In that case just tell me in what form you want to have it(ascii, postscript, latex). >chris. >cws9669@rit.edu >-- > ___ Internet: cws9669@ultb.isc.rit.edu > / / __ cws9669@cs.rit.edu > / /--- /-- . ( BITNET: CWS9669@RITVAX > \__ / / / / __) UUCP: !uucp!rit!cws9669 Patrick Reijnen (Term-HOWTO maintainer) -- ************************* Patrick Reijnen ************************* * Department of Computer Science, Catholic University of Nijmegen * * Email: patrickr@{sci,cs}.kun.nl * * WWW: http://{atlas,zeus}.cs.kun.nl:4080/homepage.html * ------------------------------ From: jem@snakemail.hut.fi (Johan Myreen) Subject: Re: UID 0 Passwd blues Date: 08 Sep 1994 07:06:28 GMT In article pclink@qus102.qld.npb.telecom.com.au (Rick) writes: >Recommended where? Take it from me - the fewer people who have access >to root privs, the better. I would go as far as to say that you should >NOT use a root account to do ANYTHING unless it is ABSOLUTELY essential >that it be done by the superuser. This is beside the point. What if it is ABSOLUTELEY essential that several people have root privileges? You can't run a medium sized site without having more than one person with root access. I'm not saying every user should be doing work with uid = 0 all the time, but what do you do when your administrator decides to go hitch-hiking in the Gobi desert for a week or two? >If your users need high privs to do system maintenance work, use su >or sudo. So how is this less dangerous? Using su means several people have to know root's password -- not a nice situation. I think this is what the original poster was also trying to avoid. >The bottom line is that UID means User Ident - meaning that it >identifies a user. If you assign multiple interactive logins to a >single UID, then confusion will reign. Several people have complained that confusion will reign or that you will run into serious trouble if several users have the same ID. So far NO ONE has pointed out a real problem, except for the bug (IMHO) in the passwd program. What IS the problem? -- Johan Myreen jem@vipunen.hut.fi 60 11' 55" N, 24 53' 30" E ------------------------------ Crossposted-To: comp.os.linux.misc From: ryan@ecf.toronto.edu (RYAN Colin Patrick) Subject: Ftape...so close..THANKS TO ALL!!! Date: Wed, 7 Sep 1994 23:19:23 GMT Well, I just wanted to thank all those who mailed me with advice on my Ftape problems. Once again proving that Linux has the best support in the world. Anyhow , I finally go ftape-1.13b going easily with kernel 1.1.35. Later, Colin ------------------------------ From: dehartog@kwetal.comcons.nl (Hans de Hartog) Crossposted-To: comp.os.linux.help Subject: Re: [Q] Where are rpc.portmap, rpc.mountd, rpc.nfsd? Date: 7 Sep 1994 19:14:33 +0100 Salem Reyen (m-sr0069@cs.nyu.edu) wrote: : A stupid but non FAQ question: : Where are rpc.portmap, rpc.mountd, rpc.nfsd for NFS mounting? I am sure these : are not included in the slackware distribution. Any help, flame will be well : accepted. : -- : Salem On Slackware 1.2: # which rpc.portmap or # find / -name rpc.portmap -print /usr/sbin/rpc.portmap /usr/sbin/rpc.portmap /cdrom/usr/sbin/rpc.portmap -- _____________________________________________________________________________ Hans de Hartog, dehartog@comcons.nl, Voice: +31 348033100, Fax: +31 348033181 Committed Consultancy BV, Korenmolenlaan 1b, 3447 GG Woerden, The Netherlands Home: dehartog@kwetal.comcons.nl, Voice/Data: +31 838038560, CIS: 100121,3301 ------------------------------ From: alpha@onramp.net (Alpha / Omega Enterprises) Crossposted-To: comp.os.linux.misc Subject: Re: Monitoring TTY's .. Date: 8 Sep 1994 07:10:57 GMT Ivan Parga (iparga@toconao.usach.cl) wrote: : > I'm running a Linux box and would like to find out if there is software : > that will allow me to monitor someone's tty. We have had some problems : > with people trying to break system security.. it would be nice to be able : > to monitor and record the actions of these people live, while it happens. There is some software available for this, but I have found a quick way to monitor access is to login as that user and then press the up arrow key. Keep pressing it, and it will show you all of the commands that the particular user executed in their last session. Of course it will not monitor what they did in different editors, and mail programs, but it is better than nothing. Thanks, alpha@onramp.net ------------------------------ From: equero@tolten.puc.cl (Eduardo Quero) Subject: Wanted: Xconfig for Realtek vga 3106 Date: Wed, 7 Sep 1994 02:52:12 GMT Hello: Thanks for read my post. equero@tolten.puc.cl ------------------------------ From: motreba@ray.boa.uni.torun.pl (Maciej Otreba) Subject: Re: DNS & 'format error no SOA record...' Date: 8 Sep 1994 10:22:02 GMT Timothy E. Onders (onders@netcom.com) wrote: : If you are using the SlackWare distribution named, I don't think it looks : in the right place for the data files. After having a similar problem : with getty_ps, I did a strings on the named binary, and didn't find any : references to any directories other than /etc. Right. But there is a directive 'directory' in named.boot file calling named where to find data files, e. g.: directory /usr/lib/named I have another question. How to tell named which DNS's should it ask if it doesn't find any answer in it's local database? Any answer will be appreciated, e-mail is preferred. Regards, Maciej -- ___________________________________________________ | / | | Maciej Otreba / E-MAIL: | |------------------------/--------------------------| | 87-116 Torun, POLAND / | | Dzialowskiego 4/4 / motreba@boa.uni.torun.pl | | phone +48-56-485645 / | |____________________/______________________________| ------------------------------ From: ala@tukki.jyu.fi (Ari Lampinen) Subject: Kernel panic: VFS: Unable to mount root fs Date: 8 Sep 1994 08:32:00 GMT I need to ask your help again in this embarrassing booting problem of mine. Here is a more detailed description of it. -ari ;-( The Pentium machine has a 1 GB SCSI disk that was partitioned as: 1) MS-DOS (C disk) 123 MB /dev/sda1 2) MS_DOS (D disk) 150 MB /dev/sda5 3) Linux tmp 200 MB /dev/sda6 4) Linux root 500 MB /dev/sda7 5) Linux swap 30 MB /dev/sda8 The original DOS partitioning (123/880) was done by the PC distributor. The DOS D disk was never used and was obviously not properly configured from the view of DOS because it prevented installation of some DOS software. So I removed the logical drive D (DOS FDISK showed the EXT partition size was 880 MB and the D disk held 150 MB). After this little oparation the DOS problems disappeared but linux does not boot at all. The boot msg when booting with LILO: linux root=/dev/sda, where n=3-8: .... Partition check: sda: sda1 sda2 < > MINIX-fs: unable to read superblock EXT-fs: unable to read superblock XIA-fs: read super_block failed (inode.c 74) MSDOS bread failed Kernel panic: VFS: Unable to mount root fs on 08:0n (n=3-8) The boot msg when booting with LILO: linux root=/dev/sda2 .... Partition check: sda: sda1 sda2 < > (MS-DOS FS Rel. 12 .......) (...) Kernel panic: .... The boot msg when booting with LILO: linux root=/dev/sda1 ... VFS: Mounted root (msdos filesystem) readonly (nothing happened after this) ------------------------------ From: srvance@unix.secs.oakland.edu (Stephen Vance) Subject: Re: HP Laserjet 4M Plus on Linux remote printer Date: 8 Sep 1994 10:11:12 GMT In article (Hendrik Klompmaker) writes: >Hi, > >Can anybody help me on this one. I have a Laserjet 4M Plus on ethernet (mio) >that bootp's from my linux box. Thats no problem but the laserjet manual >states an option to TFTP additional info to the printer like SMNP info etc >etc. Well that stuff is only available on Sun and HPUX platforms. I don't >know if I need it but I'm having problems sending ASCII file to the printer. >Postscript files are fine with the entry I made in the printcap file but >ASCII files won't print. Looks like I have to implment some kind of filter >but I've got no idea how to do that. Anybody who can help me ??? > >Thanks in advance. > >Hendrik > One of the last two Dr. Dobbs' Journal has an article expressly on writing a print filter in C for the LaserJet 4M, including printcap entry. You may want to check that out. Although he developed it under SunOS, he explicitly mentions Linux as another place it can be used. Steve ------------------------------ From: motreba@ray.boa.uni.torun.pl (Maciej Otreba) Subject: Re: ALEX, AFS on Linux? [Was: Is it possible to have NFS via TERM] Date: 8 Sep 1994 10:36:15 GMT Dan Connolly (connolly@hal.com) wrote: : I recall some references to ALEX, some ftp-based filesystem. : I asked archie, and came up empty. I can't find any more : info on the ALEX filesystem. Anybody out there wanna send : me some pointers? : By the way... has anybody tried AFS on Linux? I'm curious : to know what folks' experiences were. I tried to compile/run Alex on my very small Linux box (386DX/40, 8MB RAM, HDD 210 MB). It is possible to compile it, using special patch for Linux. It worked after several changes in script files, due to slow line (38kbps) I could only ls something. Sorry, but I can't remember any details - it was some time ago. greetins, Maciej -- ___________________________________________________ | / | | Maciej Otreba / E-MAIL: | |------------------------/--------------------------| | 87-116 Torun, POLAND / | | Dzialowskiego 4/4 / motreba@boa.uni.torun.pl | | phone +48-56-485645 / | |____________________/______________________________| ------------------------------ From: motreba@ray.boa.uni.torun.pl (Maciej Otreba) Subject: Re: Mail in X Date: 8 Sep 1994 10:49:58 GMT Tracy R. Reed (treed@ucssun1.sdsu.edu) wrote: : What is the proper way to start Xbiff when X windows starts? : Can I put a line in the system.fvwmrc to do this? You'd better place it to Your private .xinitrc file. This is much better. You could also start it with xon from another machine, if You don't work on Your mail exchanger (just as me now). : Also, what happens when a user in X receives a talk request, but there : are no shells open? Nothing. Maybe it could be seen on text screen under X (use Ctrl-Alt-F1 to switch to it). You should hear bell, when someone tries 'talk' to You. : Last, I like being notified of new mail when it arrives, so I went out : and got the biff source and installed biff on my machine. I have biff set : to yes, but when mail arrives, nothing happens. Any ideas? The : installation instructions (very simple) and the man page don't mention : anything helpful. Have You set proper paths to mailboxes, while compiling biff? Maybe it's easier to get binary xbiff from Slackware? Maciej -- ___________________________________________________ | / | | Maciej Otreba / E-MAIL: | |------------------------/--------------------------| | 87-116 Torun, POLAND / | | Dzialowskiego 4/4 / motreba@boa.uni.torun.pl | | phone +48-56-485645 / | |____________________/______________________________| ------------------------------ From: iialan@iifeak.swan.ac.uk (Alan Cox) Subject: Re: pppd works but... Date: Thu, 8 Sep 1994 09:17:49 GMT In article graphix@iastate.edu (Kent A Vander Velden) writes: >Ok, got this set of net-tools and have noticed a problem. >/tmp|Sun8:49am} hostname >dial221.tele >/tmp|Sun8:52am} domainname >dial221.tele >Why should domainname not return: Domainname is _not_ your DNS domainname (hostname -f) but your NIS domain name for when you are running things like yppasswd. Alan -- ..-----------,,----------------------------,,----------------------------,, // Alan Cox // iialan@www.linux.org.uk // GW4PTS@GB7SWN.#45.GBR.EU // ``----------'`----------------------------'`----------------------------'' ------------------------------ From: nierveze@supelec.fr (Sylvain NIERVEZE) Subject: Re: Removing LILO ? How? Date: 8 Sep 1994 11:07:01 GMT Daniel Lau (laud@cs.curtin.edu.au) wrote: : Hi there, : I currently have LILO running as the boot manager. But now I would : like to remove that. I believe once I removed it, there will be no boot : manager, thus my MS-DOS partition won't be reached? : Can someone direct me in nicely removing LILO so that either my MS-DOS : partition will boot up, or my new OS will boot up? I think that there are mainly two methods : - lilo -u would remove lilo if you kept the file that describes your partition map before lilo installation (normally, in /boot directory, if you are slackware and FSSTND) - more basically, if you want to boot dos and your dos version is higher than 5.0 you can try at the dos prompt : fdisk /MBR . This command replaces your current MasterBootRecord with the DOS one. (all of that is explained clearly in the file : sunsite.unc.edu:/pub/Linux/Linux-boot/lilo/lilo.u.14.ps.gz). : Thanks in advance. : - Daniel : ========================================================================== : | Real Name : Daniel Lau || Honours Research Student | : | User Name : laud@cs.curtin.edu.au || Department of Computer Science | : | LAN Name : SLAUD || Curtin University of Technology | : | Telephone : 619-351-2110 || CS-Office FAX: 619-351-2819 | : | URL Address -> http://www.cs.curtin.edu.au/~laud (NEW) | : +========================================================================+ -- ============================================================== Sylvain NIERVEZE ! Supelec Etudiant a Supelec (3eme annee) ! Plateau de Moulon nierveze@esesd1.supelec.fr ! 91190 Gif-sur-Yvette Cedex nierveze_syl@lsi.supelec.fr ! ============================================================== ------------------------------ From: s561635@tfh-berlin.de (Wolfgang_Karoly-Szoecs) Subject: Re: Whats the best ISA video card for Linux/Xfree? Date: 8 Sep 1994 10:27:33 GMT : : I had very good experience with an ATI Graphics Ultra Pro. It's ISA, : : it's fast, the driver for it seems to be in excellent shape... works : : like a charm. : : : Here's another vote for the ATI Graphics Ultra Pro. The ATI Mach32 : drivers work like a charm, and the speed is excellent for an ISA card! I fully agree with these two opinions. ...and even the older Mach8 Card is better than any stupid-VGA ------------------------------ From: s561635@tfh-berlin.de (Wolfgang_Karoly-Szoecs) Subject: Re: Linux as a firewall? Date: 8 Sep 1994 10:41:05 GMT ...stuff deleted : BTW allowing only outgoing telnet/ftp is pointless : anyone can telnet to a freenet site or a public service and use that to : access other services. ...but You can forbid services. There is the file inetd.sec Here you can specify services and address-patterns for allowing and denying inet-services. Wolfgang Szoecs ------------------------------ From: rmorley@dumptruck.mi04.zds.comn (Ron Morley) Crossposted-To: comp.unix.admin,comp.unix.aix,comp.sys.hp.hpux Subject: Re: CU sudo version 1.3.1 released Date: 8 Sep 1994 11:17:20 GMT Scott Denham (denham@wg.waii.com) wrote: : Todd C Miller (millert@clytemnestra.cs.colorado.edu) wrote: : : Version 1.3.1 of the CU version of sudo has been released. Sudo is a : : program that allows a system administrator to give limited root : : access to users and logs copiously. Version 1.3.1 is based on The Root : : Group's sudo 1.1 and is covered under the GNU Copyleft. : : The differences between 1.3 and 1.3.1 consist mostly of bug fixes, : : minor featur additions, portability changes, and code reorganization. : : See the CHANGES file for all the gory details. : : Todd C. Miller Sysadmin--University of Colorado millert@cs.Colorado.EDU Where is this source available at? I just ran an archie search and only found references to sudo v1.2. Thanks in advance, Ron Morley Zenith Data Systems -- Disclaimer: My opinions are my own...no one else wants them. "The only two things a pirate'll |"The least flexible component of any run for is money and public office" |system is the user" Lowell Jay Arthur - Yosemite Sam | "Never underestimate the power of human stupidity" Lazarus Long ------------------------------ ** FOR YOUR REFERENCE ** The service address, to which questions about the list itself and requests to be added to or deleted from it should be directed, is: Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU You can send mail to the entire list (and comp.os.linux.admin) via: Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU Linux may be obtained via one of these FTP sites: nic.funet.fi pub/OS/Linux tsx-11.mit.edu pub/linux sunsite.unc.edu pub/Linux End of Linux-Admin Digest ******************************