lostecho/oldlinux-files
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
oldlinux-files/docs/mail-archive/linux-admin/Volume2/digest188
gohigh 9912ec445d add directory docs
2024-02-19 00:23:35 -05:00

606 lines
22 KiB
Plaintext
Raw Permalink Blame History

From: Digestifier <Linux-Admin-Request@senator-bedfellow.mit.edu>
To: Linux-Admin@senator-bedfellow.mit.edu
Reply-To: Linux-Admin@senator-bedfellow.mit.edu
Date: Thu, 13 Oct 94 15:14:12 EDT
Subject: Linux-Admin Digest #188
Linux-Admin Digest #188, Volume #2 Thu, 13 Oct 94 15:14:12 EDT
Contents:
Re: Mystery Chip...AMD (Marten Liebster)
Re: Telnet & ftp freeze! (Trevor Lampre)
Re: Please don't post security holess... (Matthew Donadio)
Re: fsck during boot: already mounted (Harvey J. Stein)
Re: New Adeptec SCSI not detected (Mark A. Horton KA4YBR)
Accidentally 'bash' file permissions are made 000. Thus I am unable to (N B Venkateswarlu)
Re: Please don't post security holess... (Matthew Dharm)
Re: Extreme delays telnetting into linux box (David - Morris)
Re: Has anyone gotten ftape to work? (Another Totoro)
Re: Ftape works...Not yet (Another Totoro)
Re: Security hole - has noone noticed so far? (Eberhard Moenkeberg)
Re: Xfig (DAVID L. JOHNSON)
Re: Security hole - has noone noticed so far? (Matthew Donadio)
Re: Ethernet NE2000 clone installation problem (Donald Becker)
Re: Security hole - has noone noticed so far? (Ralph Sims)
Re: Security hole - has noone noticed so far? (Ralph Sims)
----------------------------------------------------------------------------
From: mmarten@panix.com (Marten Liebster)
Crossposted-To: comp.sys.ibm.pc.hardware.systems,comp.os.linux.misc
Subject: Re: Mystery Chip...AMD
Date: 13 Oct 1994 12:22:57 -0400
Gregory Urban (urban@cs.umbc.edu) wrote:
: In article <37jjnd$9m6@panix2.panix.com>,
: Marten Liebster <mmarten@panix.com> wrote:
: >
: >So when is AMD comming out with a 486dx4-120? :-)
: >
: >Marten
: NO, NO, NO !!!!!!!!!!
: Only Intel uses STUPID names for their chips. AMD will produce a DX3/120
: (clock tripled, 40mhz external, 120mhz internal).
Isn't a DX3 an IBM chip? If AMD used dx3 it would seem that they were cloning
an IBM chip rather than the real Chip. I thought that dx3s are used in the
blue lightning system? I am probably way off, but that is not anything new :)
Marten
--
========================================
Marten M. Liebster Please no flames for spelling,
mmarten@panix.com I already know I can't spell!!
------------------------------
From: trevor@xanax.apana.org.au (Trevor Lampre)
Crossposted-To: comp.os.linux.help,comp.os.linux.misc,comp.os.linux.development
Subject: Re: Telnet & ftp freeze!
Date: 11 Oct 1994 16:45:31 +0930
In article <3714bd$1bn7@tornews.torolab.ibm.com>,
Colin Beckmann <coling@ivory.torolab.ibm.com> wrote:
>Ralph Sims (ralphs@halcyon.halcyon.com) wrote:
>: root@jaguar.tigerden.com (System Administrator) writes:
>
>: >Trevor Lampre (trevor@xanax.apana.org.au) wrote:
>
>[stuff deleted]
>: >for confirming what we've been seeing! I suggest we keep this thread
>: >open and fill it with additional information until the problem gets the
>: >attention it needs. I'm not a programmer, much less a kernel hacker, so
>: >I can only voice frustration with the situation.
>
>: And what about those of us that DON'T see it? Basic setup is a
>: dedicated PPP link on a 14.4 dialup, NET-3 stuff, ppd 2.1.2a,
>: etc., with an InfoMagic/TransAmeritech CD-ROM combined install.
>
>: I move many megabytes of files around via FTP daily, and another
>: many megs around with mosaic and lynx. Sendmail+IDA's been
>: rock-solid.
>
>[stuff deleted]
>
>If your not seeing be thankful and provide your system configuration
>so the experts can see whats working and whats not working
>
>I am NOT seeing th problem, Have a 14.4 modem using NET-3 pppd 2.2.2a with
>slackware 1.2 , and kernel 1.1.30. I have downloaded 20 and 30 megs in a
>single session via ftp and never had a problem. I regularly rlogin to
>other sites, once again without problem
>
The problem is not with telneting or ftping out from the machine but with
incoming connections. Not all daemons suffer from it. On my machine it has
been telnet mostly, ftp rarely, sendmail 8.6.9 rarely, routed rarely. INN
never has a problem even though it gets about 60M of news a day.
Trevor Lampre
------------------------------
From: donadio@mxd120.rh.psu.edu (Matthew Donadio)
Subject: Re: Please don't post security holess...
Date: 10 Oct 1994 02:10:29 GMT
Steve Kneizys (STEVO@acad.ursinus.edu) wrote:
: If there was a security developers group, then the holes could
: be emailed to them for evaluation so as not to publicize the hole
: long before the fix. Or make a moderated comp.os.linux.security
: group?
Why? That's what comp.security.announce is for. The vast majority of
software used under linux is not linux specific. The only real stuff
that linux specific is in /etc or /sbin and a good chunk of that is
generic unix software.
--
Beaker aka Matt Donadio | Life is short, --- __ o __~o __ o
donadio@mxd120.rh.psu.edu | ride like ---- _`\<, _`\<, _`\<,
--- Penn State Cycling ---| the wind. --- ( )/( ) ( )/( ) ( )/( )
====================================URL: http://mxd120.rh.psu.edu/~donadio
------------------------------
Subject: Re: fsck during boot: already mounted
From: hjstein@sunset.huji.ac.il (Harvey J. Stein)
Date: 11 Oct 94 10:12:03
In article <376j1e$6ga@geraldo.cc.utexas.edu>
slc@PROBLEM_WITH_INEWS_DOMAIN_FILE (Scott L. Crutchfield) writes:
I am running Yggdrasil P&P (summer 1994). It used to check the
filesystems every once in a while when during startup, even if they
were clean ("maximal mount-count reached"). Now it always complains
that the partitions are already mounted and it's aborting the checks.
I always shut down with "halt". I don't think I did anything to
/etc/rc or /etc/rc.local, but it's been a while so I can't be sure.
If you recompiled the kernel, you need to run rdev to modify the boot
image so that it mounts the root read-only.
Also, how about adding a .signature with your email address, since
your news post doesn't include a proper email address for you.
--
Harvey J. Stein
Berger Financial Research
hjstein@math.huji.ac.il
------------------------------
From: mah@ka4ybr.com (Mark A. Horton KA4YBR)
Subject: Re: New Adeptec SCSI not detected
Date: Mon, 10 Oct 1994 01:41:31 GMT
Mark Curtis (leadfoot@leftlane) wrote:
: I can't change it. I have other hardware that is using that port
: address. My MMU-401 MIDI card is using 330 and IRQ 2. All the
: MIDI software and games using general MIDI all assume 330. If I move
: the MIDI card to some other address and then move the 1542CF to
: 330 I'll have MIDI software sending strange stuff to my SCSI adapter.
: Some of the MIDI software can be configured, but much of it just
: assumes 330, the factory default for MIDI cards.
: The SCSI controller supports 130, 134, 230, 234, 330, and 334. I
: have the Adaptec SCSI bios at the factory default address, but I
: did move the port base to 230. In DOS/Windows this all works fine.
: I'd try hacking on the driver, but I have to get the system loaded
: before I can do that. I can't load the system because all my
: disks, CDROM, and tape drive all run off the SCSI controller.
: I'm Stuck!
Unglue yourself! ;)
Use port address 0x334 for the Adaptec.
According to the code in /usr/src/linux/drivers/scsi/aha1542.c :
(always the best source of documentation!)
/* The adaptec can be configured for quite a number of addresses, but
I generally do not want the card poking around at random. We allow
two addresses - this allows people to use the Adaptec with a Midi
card, which also used 0x330 */
static unsigned int bases[]={0x330, 0x334};
Hope this helps out.
-- Mark
--
"Linux! Guerrilla UNIX Development Venimus, Vidimus, Dolavimus."
============================================================
Mark A. Horton ka4ybr mah@ka4ybr.atlanta.com
P.O. Box 747 Decatur GA US 30031-0747 mah@ka4ybr.atl.ga.us
+1.404.371.0291 : 33 45 31 N / 084 16 59 W mah@ka4ybr.com
------------------------------
From: venkat@scs.leeds.ac.uk (N B Venkateswarlu)
Subject: Accidentally 'bash' file permissions are made 000. Thus I am unable to
Date: Wed, 12 Oct 1994 09:23:49 +0100 (BST)
Hi,
While I am compressing executables with 'gexe', I have changed permissions
of 'bash' file (shell executable) as 000 such that it will not be compressed
by 'gexe'. Just after compressing all binaries, without rechanging the
permissions of 'bash', I have logged off the system. Now, I am unable to login.
It says 'No-Shell' is vailable (obvious). I tried to login from custom made
boot floopy and also boot/root floppies. But could not succeed. I am using
slackware version. Any ideas how I have to tackle this.
Thanks in advance.
Venkat
------------------------------
From: mdharm@muddcs.cs.hmc.edu (Matthew Dharm)
Subject: Re: Please don't post security holess...
Date: 10 Oct 1994 01:58:33 GMT
I think that the one reason that we must keep posting security holes
is so that the "good guys" know about them.
I'll admit, right now I do not run Linux (but I hope to be in a couple
of days).
But, I don't think that changes the fact that I have to be concerned
about security. I have allready recorded several attempted
"break-ins" for my system. Some people just don't expect that I've
set up FTP properly...
But, consider how a security hole is discovered. Someone, who is most
likely trying to break into a system, discovers it. I don't know how
they look for them, or how they dream up how to use them, but they do.
This means: HACKERS ARE THE FIRST TO KNOW ABOUT A HOLE!
Naturally, they don't want us (the sysadmins, the "good guys" in the
white hats) to know about it. If we did, they would have one less
tool with which to break into our systems.
If a hacker is the first to know about a hole in my system, you better
believe that I want to be the second. The third person I want to know
is the guy who is going to give me the fix. Since I don't know person
1 and 3, I have to rely on groups like this one to provide me with the
information I need.
This is gonna cause some flames, but I'll say it anyway...
-->> We have a responsibility as sysadmins to help each other plug
these holes. If we know of a security hole and don't report it,
aren't we a guilty as those who spread word of the hole so people can
crash systems?
These are just my thoughts. Wish me luck on installing Linux on my
box.
Matthew Dharm
mdharm@hmc.edu
P.S. -- Is there a distribution with a patch for the smail bug?
------------------------------
From: dwm@shell.portal.com (David - Morris)
Subject: Re: Extreme delays telnetting into linux box
Date: 12 Oct 1994 04:39:47 GMT
barkerc@GRAPHICS.CS.NYU.EDU (Chris Barker) writes:
>After swithching to Yggdrasil Fall 94 Kernel 1.1.47 I have experienced extreme
>delays when telnetting into my box from my PC over ethernet. Upto a minute of
I have conducted an experiment with TELNET from my LAN PC (running
IBM TCP/IP-DOS and my LINUX machine. When the LAN PC IP address
was unknown to LINUX it took a *LONG* time to get the LOGIN
prompt. I added the IP address to /etc/hosts and bingo, nice
and quick.
YGGDRASIL F/94 uses INETD to launch in.telnetd. I suspect that
INETD attemps to resolve the IP address to a host name for
logging or whatever and hence one waits for all the DNS trials,
etc. before the connection to whatever INETD service is requested
procedes. Could be telnetd, or perhaps *both*. Might be that
Ygg/fall/94 added this reverse resolution?
Anyway, make sure your LAN PC has a host name known to your
LINUX box *and* the resolution order (DNS or etc/hosts first)
matches where the name is defined.
I had no problem with PINGs so perhaps this is unrelated.
Dave Morris
------------------------------
From: kkfong@netcom.com (Another Totoro)
Subject: Re: Has anyone gotten ftape to work?
Date: Mon, 10 Oct 1994 01:23:37 GMT
[all stuff deleted]
I don't know for sure if my setup works, but I manage to do:
mt -f /dev/nftape rewind
mt -f /dev/nftape reten
mt -f /dev/nftape erase
tar cvf /dev/nftape files
tar df /dev/nftape files
And I manage to do this with kernel 1.0.9, gcc 2.4.5, ftape-0.9.10.a.tar.gz,
and modutils-0.99.15.tgz, and whatever libraries and linker I have (I can't
tell the version. They are from Slackware 1.1.0)
I have to admit that I had a lot of problem with /dev/ftape (which is rft0).
There were a lot of warning with rewind, reten, and erase command. The
warning looks something like this:
fdc-io.c (fdc command) fdc-write timeout, retry
Personally I have some questions about the ftape thing. First, what are the
valid options for mt besides the above mentioned ones? Also, what's the
differences with /dev/ftape and /dev/nftape (/dev/rft0 & /dev/nrft0
respectively). I also see quite a few scripts on sunsite under system/backup
directory. Which one is easier for newbie like me?
BTW, I am using Conner TapeStor 250 with Teac DualDrive on a generic floppy
controller. Is there any pitfall I have to look out for? I did remove jumper
6 from the tape drive as the manual suggested.
Thanks for your input.
------------------------------
From: kkfong@netcom.com (Another Totoro)
Subject: Re: Ftape works...Not yet
Date: Mon, 10 Oct 1994 01:29:28 GMT
May I ask which version of modutil are you using now? With 0.99.15 modutil,
it will complain whenever I load up ftape.o (something like request_dma()
not defined or something). And when I tried to compile modules.tar.gz (I
suppose this is the newest one), it complain about something that's undefined
and bomb out with the make process (making insmod).
I did manage to make ftape 0.9.10a and modutil 0.9.15 work together.
BTW, I am running kernel 1.0.9, gcc 2.4.5, and the version of ld that doesn't
accept the -qmagic flag.
Dennis Flaherty (dennisf@denix.elk.miles.com) wrote:
: In article <1994Oct3.094519.32836@cobra.uni.edu>,
: Jonathan Williams <williamj@cs.uni.edu> wrote:
: >
: > Well, I thought I had ftape working, but I guess I was wrong. I'm running
: > Linux kernel version 1.0.9 and ftape version 1.13b patched for the conner bug
: > and compiled with the -DCONNER_BUG flag.
: Glad you got that working. Now you can use the tapes you just formatted
: with Conner's buggy tape formatting software.
------------------------------
Date: Tue, 11 Oct 1994 22:25:43 +0100
From: Eberhard_Moenkeberg@p27.rollo.central.de (Eberhard Moenkeberg)
Subject: Re: Security hole - has noone noticed so far?
Hello Shawn D. McPeek and all others,
on 10.10.94 Shawn D. McPeek wrote to All in USENET.COMP.OS.LINUX.ADMIN:
SDM> : Scanning the CERT archives, the
SDM> : list is split about halfway betweeen local-only holes and remote
SDM> : holes.
SDM>
SDM> Where can one find these CERT archives?
Originally, at ftp.cert.org. Mirrored for example at ftp.gwdg.de:/pub/cert.
Greetings ... Eberhard
------------------------------
From: dlj0@Lehigh.EDU (DAVID L. JOHNSON)
Crossposted-To: comp.windows.x,comp.windows.x.i386unix
Subject: Re: Xfig
Date: 10 Oct 1994 01:54:48 GMT
In article <1994Oct7.183040.8963@ivax>, icqo409@iupui.edu (jon m) writes:
>In article <36tg1pE8uq@uni-erlangen.de>,
>Uwe Bonnes <bon@lte.e-technik.uni-erlangen.de> wrote:
>
>>Look at the messages of the last time. This has been answered many times
>>before:
>>There's a cyclic reference in the application-defaults
>NOW. why does just about EVERY blasted X program have this in their
>app-defaults!!!!!!!!!!!!!! (a cyclic reference)
>
That has not been my experience. It wasn't mine for Xfig, but then I read
my defaults files and set them up before I run the program.
>>--
>>Uwe Bonnes bon@lte.e-technik.uni-erlangen.de
>
>jon
>--
>jon madison
>oit consultant in training
>"A year spent in artificial intelligence is enough to make one believe
>in God." -anonymous, from a fortune program on one of my accounts. :)
--
David L. Johnson dlj0@lehigh.edu or
Department of Mathematics dlj0@chern.math.lehigh.edu
Lehigh University
14 E. Packer Avenue (610) 758-3759
Bethlehem, PA 18015-3174 (610) 828-3708
------------------------------
From: donadio@mxd120.rh.psu.edu (Matthew Donadio)
Subject: Re: Security hole - has noone noticed so far?
Date: 10 Oct 1994 02:16:42 GMT
Lee Silverman (lee@netspace.students.brown.edu) wrote:
: There's a good one! A sendmail bug was just reported a few months
: ago, adding yet another to the DOZENS of bugs reported about sendmail.
: Most of the bugs reported in sendmail give *outside* users access to
: your machine; this smail bug was only available to users who have
What version of sendmail are you talking about? The last few holes
that I remmeber reading about have been in vendor verions or in 5.6.7.
Berkeley 8.6.? has been pretty secure.
: already logged in. Big difference. Sendmail (The standard one,
: anyway, 8.6.9) arguably the single hardest unix package to configure
: correctly. Smail is a damn good program, and I use it all the time.
Huh? The m4 macros make 8.6.9 pretty easy to set up. You just have
to have a bit of knowledge about the net you are on or you could just
have it forward all mail to a smarter host.
--
Beaker aka Matt Donadio | Life is short, --- __ o __~o __ o
donadio@mxd120.rh.psu.edu | ride like ---- _`\<, _`\<, _`\<,
--- Penn State Cycling ---| the wind. --- ( )/( ) ( )/( ) ( )/( )
====================================URL: http://mxd120.rh.psu.edu/~donadio
------------------------------
From: becker@cesdis.gsfc.nasa.gov (Donald Becker)
Crossposted-To: comp.os.linux.help
Subject: Re: Ethernet NE2000 clone installation problem
Date: 9 Oct 1994 22:16:29 -0400
In article <1994Oct7.185452.2361@nosc.mil>,
Malcolm B. Sylvester <sylveste@nosc.mil> wrote:
>In article <edwardmCwyy9w.4z8@netcom.com> edwardm@netcom.com (Edward F. Munro) writes:
>>Herbert Rosmanith (herp@wildsau.idv.uni-linz.ac.at) wrote:
>>: Aka Zodiac (mcsdc2smt@zippy.dct.ac.uk) wrote:
>>: : In article <34k7df$2va@mis.cpc.ku.ac.th>, oanek@ku.ac.th (Anek Vorapanya) writes:
>>: : > Dear all,
>>[snip]
>>: : > IP Protocols: ICMP, UDP, TCP
>>: : > PPP: version 0.2.7 (4 channels) NET02D OPTIMIZE_FLAGS
>>: : > TCP compression code copyright 1989 Regents of the University of California
>>: : > PPP line discipline registered.
>>: : > SLIP: version 0.7.5 (4 channels)
>>: : > CSLIP: code copyright 1989 Regents of the University of California
>>: : > Net2Debugged PLIP 1.01 (from plip.c:v0.15 for 0.99pl12+, 8/11/93)
>>: : > plip1: configured for parallel port at 0x378, IRQ 7.
>>: : > NE*000 ethercard probe at 0x300: 00 00 e8 c1 15 0a
>>: : > eth0: NE2000 found at 0x300, using IRQ 5.
>>: : > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>: : > * Autoprobing found the first (and my only) Ethernet card. Fine..
>>
>>: : yes....but merely DETECTING THE CARD Does *NOT* mean it is fine...it just means
>>: : it has found the card...
>>
>>
>>: In this case, it *DOES INDEED* mean the card is fine.
>>
>>
>>: : > ne.c:v0.99-15k 3/3/94 Donald Becker (becker@super.org)
>>: : > Linux version 1.0.9 (root@fuzzy) #3 Fri Jul 8 21:01:56 CDT 1994
>>: : > ...
>>: : >
>>: : > Sep 7 10:48:44 init[1]: Entering runlevel: 5
>>: : > Going multiuser...
>>
>>======> : : > SIOCADDRT: Network is unreachable <=====
>>[snip]
>>: : > eth0 Link encap UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
>>: : > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>
>>I had this same problem, the answer for me was to upgrade ifconfig.
>>After all, the kernel probe found the currect HWaddr, it only makes sense
>>that there is a problem with ifconfig.
>>
>>BTW, I too was using a NE2000 clone.
>>
>>edwardm@netcom.com
>>
>
>I too have had this same problem with a 3Com 503 card. If anyone comes
>up with the solution I would appreciate it very much if you would info
>me also.
It's the 'ifconfig' program that's broken, not the driver.
The 'ifconfig' program only prints the correct information with some
kernels. It's no big deal because, except for the misleading output, it
still sets the interface up correctly.
(Hasn't this already been posted about a dozen times?)
--
Donald Becker becker@cesdis.gsfc.nasa.gov
USRA-CESDIS, Center of Excellence in Space Data and Information Sciences.
Code 930.5, Goddard Space Flight Center, Greenbelt, MD. 20771
301-286-0882 http://cesdis.gsfc.nasa.gov/pub/people/becker/whoiam.html
------------------------------
From: ralphs@halcyon.halcyon.com (Ralph Sims)
Subject: Re: Security hole - has noone noticed so far?
Date: 10 Oct 1994 01:56:16 GMT
barr@pop.psu.edu (David Barr) writes:
>>There's a good one! A sendmail bug was just reported a few months
>>ago, adding yet another to the DOZENS of bugs reported about sendmail.
>Yes, but those were all fixed. There are no outstanding security
>bugs in sendmail, to my knowledge.
>>Big difference. Sendmail (The standard one,
>>anyway, 8.6.9) arguably the single hardest unix package to configure
>>correctly.
>Okay, I'll argue with you. I found smail to be a total pain to install.
>The documentation sucks, and the config file options aren't very obvious.
>Sendmail's documentation is much more complete.
Most of the "I-hates-sendmail" seems to be centered around the 8.6.9
release. I've found Sendmail+IDA to be much easier, both in its
installation and config. Plus, Neil Rickert's rather fast on the
keyboard when it comes to plugging any holes. Not a bad piece
of work, especially if you're routing mail in and out using
disparite transport mechanisms.
------------------------------
From: ralphs@halcyon.halcyon.com (Ralph Sims)
Subject: Re: Security hole - has noone noticed so far?
Date: 10 Oct 1994 01:56:45 GMT
smcpeek@isr0830.urh.uiuc.edu (Shawn D. McPeek) writes:
>David Barr (barr@pop.psu.edu) wrote:
>: recently require local access. Scanning the CERT archives, the
>: list is split about halfway betweeen local-only holes and remote
>: holes.
>Where can one find these CERT archives?
Ummm... ftp.cert.org for a start.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU
You can send mail to the entire list (and comp.os.linux.admin) via:
Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU
Linux may be obtained via one of these FTP sites:
nic.funet.fi pub/OS/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Admin Digest
******************************
Reference in New Issue View Git Blame Copy Permalink