Linux-Misc Digest #623, Volume #25 Wed, 30 Aug 00 13:13:04 EDT
Contents:
linuxembedded.com for sale ("Sébastien Huet")
PS2 mouse stopped working after reconfig (Philip Brown)
Re: setuid (John Hasler)
Re: Solaris x86 won't boot from LILO (Paul Lew)
Lightweight X (Patrik Linell)
Help me with this error message (Dave Barcelo)
Re: Linux, XML, and assalting Windows ([EMAIL PROTECTED])
Re: setuid (Andreas Kahari)
Re: cracker's file (Andrew Stephenson)
Re: Linux, XML, and assalting Windows ([EMAIL PROTECTED])
Re: Lightweight X (The Darkener)
Re: W2K and Linux (Greg F Walz Chojnacki)
Re: Headless X86 Linux system (David Steuber)
Re: cracker's file (The Darkener)
Re: Help! Urgent problem with gzip (Michel Bardiaux)
----------------------------------------------------------------------------
From: "Sébastien Huet" <[EMAIL PROTECTED]>
Subject: linuxembedded.com for sale
Date: Wed, 30 Aug 2000 17:14:30 +0200
http://linux-embedded.com
make offer
------------------------------
From: [EMAIL PROTECTED] (Philip Brown)
Subject: PS2 mouse stopped working after reconfig
Reply-To: [EMAIL PROTECTED]
Date: Wed, 30 Aug 2000 15:19:31 GMT
I was trying to get an intel etherexpress ISA card working, on my box that
is running debian2.2 + M$98
I tried various things (modconf for eexpress, epro), but no luck.
And noticed my PS/2 mouse had stopped working.
I looked in /etc/modutils, and removed "eexpress" and "epro".
Ran update-modules. Rebooted.
And mouse still isn't working under Linux.
Even tried power cycle.
Where should I go from here?
[nope, dont have original "modules.conf" file :-(]
--
[Trim the no-bots from my address to reply to me by email!]
[ Do NOT email-CC me on posts. Pick one or the other.]
S.1618 http://thomas.loc.gov/cgi-bin/bdquery/z?d105:SN01618:@@@D
The word of the day is mispergitude
------------------------------
From: John Hasler <[EMAIL PROTECTED]>
Subject: Re: setuid
Date: Wed, 30 Aug 2000 14:22:03 GMT
Rasputin writes:
> lthough suid scripts are supposedly a bad idea (as you can read the
> script to find badly constructed code that would allow you to run
> arbirary code),....
Any suid script would be a security hole, regardless of the quality of the
code. It's due to a race condition that permits an attacker to substitute
a different script for the one the user intended to run.
> I don't think they're diallowed by the system.
They are.
--
John Hasler
[EMAIL PROTECTED] (John Hasler)
Dancing Horse Hill
Elmwood, WI
------------------------------
From: [EMAIL PROTECTED] (Paul Lew)
Crossposted-To: comp.unix.solaris,alt.solaris.x86
Subject: Re: Solaris x86 won't boot from LILO
Date: Wed, 30 Aug 2000 15:41:28 GMT
On Wed, 30 Aug 2000, Philip Brown <[EMAIL PROTECTED]> wrote:
>On Tue, 29 Aug 2000 20:52:05 GMT, [EMAIL PROTECTED] wrote:
>>
>>After installing Solaris 8 x86, I reconfigured LILO on Linux with
>>
>>other = /dev/hdb
>> label = solaris
>
>err.. isn't taht supposed to be
>
>other = /dev/hdb1
>
>or something like that?
>
And, unless it was my configuration, I wasn't able to boot Solaris 7 for
the 2nd harddrive with System Commander either; had to put the Solaris
boot partition on the 1st drive before Solaris 7 would boot. Just a thought.
------------------------------
From: Patrik Linell <[EMAIL PROTECTED]>
Subject: Lightweight X
Date: Wed, 30 Aug 2000 15:52:20 GMT
I've recently (finally) started my transition from Windows to Linux and
am currently running Red Hat 6.1. As I only rarely use X (I have only a
few applications that require it, and am not planning to get anymore) I
was wondering which version of X is the lightest and most feature-free.
I just want it to start, quit and operate as quickly as possible. It
doesn't need to look good either, as long as it functions.
As a side note, I'm also looking for a good word processor for Linux. I
tried StarOffice but I find it too heavy and pretentious. In my opinion
it tries doing and being a lot more than it should, or at least a lot
more than I need it to. I'm going to try Corel WordPerfect, any other
alternatives?
Thanks in advance for any help you can give.
Patrik Linell
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Dave Barcelo <[EMAIL PROTECTED]>
Subject: Help me with this error message
Date: Wed, 30 Aug 2000 11:19:28 -0500
Reply-To: [EMAIL PROTECTED]
I get this error message on the console of my box:
RPC: garbage, retrying 425
RPC: garbage, retrying 425
RPC: garbage, exit EIO
does anyone know what this means?
Dave
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.os.linux,comp.text.xml,comp.os.linux.setup
Subject: Re: Linux, XML, and assalting Windows
Date: Wed, 30 Aug 2000 16:21:30 GMT
In article <pb_q5.545915$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Centuries ago, Nostradamus foresaw a time when [EMAIL PROTECTED]
> would say:
> >Sure you could use xml, as long as your install program can write it.
> >It would equivalent to the registry in WinX or the assorted /etc
files
> >(and more) in *x. But these mechanisms work (ugly as they may be in
> >their own unique ways). Why are you trying to fix the part of
software
> >installation & configuration that isn't broken?
>
> Indeed.
>
> What the world could use is some Better Tools for managing /etc files.
>
> For that purpose, I find I very much like cfengine
> <http://www.iu.hioslo.no/cfengine/>,
> which provides a rule-oriented system with operators for setting up
> directory links, modifying text-based config files (which is _very_
> nice for modifying things like /etc/hosts, /etc/fstab, and such),
> copying files into place, and Lots Of Other Stuff.
>
> There would be _some_ merit to creating an XML or SGML DTD to describe
> cfengine rules, thereby allowing cfengine configuration files to be
> managed using the fabled "generic XML editing tools," and validated
> before being dropped into place to give at least some _limited_
> guarantees of good behaviour.
>
> That would essentially amount to things like:
>
> <filestatusrules>
> <filestatusrule>
> <filename> /etc/printcap </filename>
> <mode> 644 </mode>
> <owner> root </owner>
> <action> fixplain </action>
> </filestatusrule>
> <!-- replacing "/etc/printcap m=644 o=root action=fixplain" -->
> <filestatusrule>
> <filename> /usr/sbin/sendmail </filename>
> <mode> 755 </mode>
> <owner> root </owner>
> <action> fixplain </action>
> </filestatusrule>
> <!-- replacing "/usr/sbin/sendmail m=755 o=root action=fixplain" -
->
> </filestatusrules>
> <editfiles>
> <editfile>
> <filename>/etc/apt/sources.list </filename>
> <appendifnosuchline> deb file:/brownes/knuth/debianstuff unstable
main
> </appendifnosuchline>
> <appendifnosuchline> deb http://alpha.onshore.com/debian local/
> </appendifnosuchline>
> <appendifnosuchline> deb http://hops.harvestroad.com.au/ debian/
> </appendifnosuchline>
> </editfile>
> <editfile>
> <filename> /etc/hosts </filename>
> <appendifnosuchline> 192.168.1.5 knuth.brownes.org knuth
cache
> </appendifnosuchline>
> <appendifnosuchline> 192.168.1.1 dantzig.brownes.org dantzig
> </appendifnosuchline>
> <appendifnosuchline> 192.168.1.7 godel.brownes.org godel
> </appendifnosuchline>
> </editfile>
> </editfiles>
>
> Mind you, the existing cfengine syntax _works_, which means that it
> would be likely to take some convincing to "force" anyone to move over
> to using an XML parser for this.
The cfengine does indeed cover much of the ground we need to cover.
And you have made a very insightful observation in that XML could be
used to describe in general what a software component requires. But I
do not think the right approach would be to simply write cfengine
syntax rules directly into the XML. Instead, why not render the XML
into cfengine rules?
What you need to do is simply identify the data structures that will
need to be referenced by the cfengine. Then use a translator to
produce the cfengine rules. So, in your example, those constructs such
as machine names, ip addresses, filenames, etc. that may vary from
system to system should instead be referenced by a XML variable.
These variables represent decision points in how the software component
should be rendered, and vary from machine to machine, and network to
network.
The values for these variables can be collected by prompting the user,
or as supplied by a separate XML description.
The question is, why use XML if I can just write the cfengine rules
myself?
In the middleware world, the importance of separating the business
rules (what your application does) from the data model (what actual
storage model [database, transaction processing layer, etc.] supports
those business rules) is kept apart. The presentation layer is also
kept separate.
This makes a great deal of sense. Developers cannot know what the
presentation layer is to be through time (phone, Web, Java, ATMs, some
future tech), and they should not hard code the storage model and
transport requirements, because they may change through time as well.
So to be able to reuse business rules when changes in platform and
implementation are assumed, the need to separate logic from these other
two layers is obvious.
We have (in the cfengine) the need for the same kind of separation.
The use of cfengine requires a large scripting base which can define
the installation and health of a collection of systems on a network.
The generation of these scripts is the hardest part of the cfengine
approach. I am not a big user of cfengine, but I am unaware of any
standard for distributing applications that allows them to simply "drop
into" cfengine scripts.
Do you think it would help if software were defined in XML abstractions
that could be combined and rendered into cfengine scripts in an
automated way? Or is there something about cfengine scripts that would
make this too difficult. In your XML example, the only problem I see
is that you hard coded IP addresses, machine names, directories, and
file names, some of which may need to vary if the description were to
be generalized. Some of the operations are pretty platform dependent,
but that I think is okay.
It is easier to have independent platform sections in the XML than to
try and generalize everything into one discription meaningful to all
platforms. (This observation seems to be repeatedly lost on many that
have posted in this thread)
Paul Snow
[EMAIL PROTECTED]
"XML is just another way to describe structured data.
If you don't like XML, substitute your own favorite
structured data format and structured rendering
technology. If you still feel you must knock XML,
make sure you are clear that your complaint is that
the statement that bothers you does so because no
structured data format can satisfy its requirements"
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Subject: Re: setuid
From: [EMAIL PROTECTED] (Andreas Kahari)
Date: 30 Aug 2000 18:33:01 +0100
In article <Yg8r5.442$[EMAIL PROTECTED]>,
Rasputin <[EMAIL PROTECTED]> wrote:
>[EMAIL PROTECTED] <Peter T. Breuer> wrote:
>>Rasputin <[EMAIL PROTECTED]> wrote:
>>: Don't think that's right. Although suid scripts are supposedly a bad idea
>>: (as you can read the script to find badly constructed code that would
>>: allow you to run arbirary code), I don't think they're diallowed by
>the system.
>>
>>Then you would be completely wrong. See the Linux FAQ.
>
>Well you live and learn. How about a link to the FAQ?
>
>--
>
>Rasputin.
>Jack of All Trades - Master of Nuns.
FAQs and HOWTOs are available from the LDP at
<URL:http://www.linuxdoc.org/>.
>From the Advanced Bash-Scripting HOWTO: Making scripts "suid" is
generally a bad idea, as it may compromise system security.
Administrative scripts should be run by root, not regular users.
Related HOWTO:
<URL:http://www.linuxdoc.org/HOWTO/Secure-Programs-HOWTO/> ("Secure
Programming for Linux and Unix HOWTO").
/A
--
Andreas Kähäri, <URL:http://hello.to/andkaha/>.
All junk e-mail will be reported to the appropriate authorities.
========================================================================
The important thing is not to stop questioning.
------------------------------
From: [EMAIL PROTECTED] (Andrew Stephenson)
Subject: Re: cracker's file
Date: Wed, 30 Aug 00 16:35:02 GMT
Reply-To: [EMAIL PROTECTED]
In article <8oi2il$6qn$[EMAIL PROTECTED]>
[EMAIL PROTECTED] "Hello World" writes:
> a cracker leave the following file in my server. can somebody
> tell me what is the use of this?
> [...]
Whatever it does (and I didn't bother to read far down), it is
not very well written. I saw at least one place where the code
should eventually fall over messily. (Obviously I won't reveal
where, lest it has a malicious purpose and gets fixed.)
Have you asked on (AFAIR) comp.lang.c?
--
Andrew Stephenson
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.os.linux,comp.text.xml,comp.os.linux.setup
Subject: Re: Linux, XML, and assalting Windows
Date: Wed, 30 Aug 2000 16:28:25 GMT
In article <8ohnp2$9m2$[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]> wrote:
>
> Bob Hauck <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
>
> > I don't think I said it was impossible. I think I said that it was
> > much more difficult that you seem to think it is. You are
describing
> > abstractions and just ignoring the nitty-gritty implementation
details
> > that make it complicated to actually do. If you think it is worth
what
> > might be years of effort, well, then you are free to start work. If
> > you come back in six months with a prototype that does a subset of
what
> > you want and it shows promise, then some folks might actually want
to
> > help you. That's how it works.
>
> I have noticed that Paul has not yet posted the concrete example of
the
> encoding for "touch" or "yes" to could be used for the meta installed
that
> he seems to be arguing for. Perhaps he is admitting that the details
are
> tricker than he tought when he glossed over them.
<touch>filex<touch/> or <touch filename="filex">
<yes/> or <question isInstalled="yes">
Of course you haven't really given me a context that makes these
encodings interesting in any way.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: The Darkener <[EMAIL PROTECTED]>
Subject: Re: Lightweight X
Date: Wed, 30 Aug 2000 16:51:08 GMT
I use BlackBox. It's entire design is based around being light and fast.
No eye-candy, but you can customize it to do anything you want (I have mine
tricked out pretty well). Extremely light in resources. Works perfect for
me.
http://blackbox.alug.org/ = Blackbox Homepage
http://bb.themes.org = Blackbox theme site (you probably don't want this
but it's fun to look at anyway)
As far as word processors, ya got me. =) If you don't like StarOffice I'd
try Corel. Can't really think of any others offhand.
Good luck!
Patrik Linell wrote:
> I've recently (finally) started my transition from Windows to Linux and
> am currently running Red Hat 6.1. As I only rarely use X (I have only a
> few applications that require it, and am not planning to get anymore) I
> was wondering which version of X is the lightest and most feature-free.
> I just want it to start, quit and operate as quickly as possible. It
> doesn't need to look good either, as long as it functions.
>
> As a side note, I'm also looking for a good word processor for Linux. I
> tried StarOffice but I find it too heavy and pretentious. In my opinion
> it tries doing and being a lot more than it should, or at least a lot
> more than I need it to. I'm going to try Corel WordPerfect, any other
> alternatives?
>
> Thanks in advance for any help you can give.
>
> Patrik Linell
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
--
- The Darkener
"I'm Doug, I have greasy hair and no muscles. You're Principal
Wheeler, you have a mustache and you smell like coffee." -The State
------------------------------
From: Greg F Walz Chojnacki <[EMAIL PROTECTED]>
Subject: Re: W2K and Linux
Date: 30 Aug 2000 16:57:07 GMT
Since most computer users struggle with whatever OS and apps come with their
computer from CompUSA (or whatever), the real question, I think, is how
would an average user fare with a well-installed Linux w/ KDE/Gnome,
Netscape, and a suite like StarOffice or Corel?
Probably the biggest issue would be finding people to help: Right now, one
is more likely to find a co-worker, friend, family member who's been dealing
with Windows, and who can help them, say, restore the normal view to
Word after it's been switched to page layout view (for example).
Beyond that, I'd say the experiences wouldn't be terribly different, for the
average user -- although the Linux users would crash less often! :=)
Greg
--
[EMAIL PROTECTED] UW-Milwaukee News Services & Publications 414/229-4454
http://www.uwm.edu/News/ FAX:414/229-6443
------------------------------
Subject: Re: Headless X86 Linux system
From: David Steuber <[EMAIL PROTECTED]>
Date: Wed, 30 Aug 2000 17:00:02 GMT
Hallvard Paulsen <[EMAIL PROTECTED]> writes:
' Strange, I have worked quite a lot with linux/UNIX systems, and have yet
' to find anything I can't do provided I have a shell login and the root
' access. (I once added harddisk to a computer locaded 500 km away, using
' a modem and windows-95 hyperterminal! ;)
What did you use to teleport the harddisk into the computer? And how
did you manage to install it with the power on? Well, I guess if you
could teleport the disk over...
--
David Steuber | "Are you now, or have you ever been, a member
NRA Member | of the NRA?" --- HUAC, 2004
Happiness is a SAAB Gripen <http://www.gripen.saab.se/> in the
garage, an FN-FAL in the safe, and an HK P7M8 on the hip.
------------------------------
From: The Darkener <[EMAIL PROTECTED]>
Subject: Re: cracker's file
Date: Wed, 30 Aug 2000 17:03:00 GMT
Andreas Kahari wrote:
> In article <[EMAIL PROTECTED]>,
> Thomas Corriher <[EMAIL PROTECTED], abuse@[127.0.0.1],
>support@[127.0.0.1]> wrote:
> >On 30 Aug 2000 09:54:40 +0100, Andreas Kahari
> ><[EMAIL PROTECTED]> wrote:
> >
> >>> what is the working principle of this program?!
> >
> >> As a system administrator of The University of Hong Kong you
> >> should know this or at least how to find out what a DoS
> >> attack is without posting the tools for accomplish such
> >> an attack to the whole world.
> >>
> >> The original message has been forwarded to the appropriate
> >> place.
> >
> > (warning: sarcasm around the next curve)
> [cut]
> > (sarcasm over)
> >
> >Hey genius... Did you notice that you are posting in
> >an OPEN SOURCE group?
> >
> > fsck'ing idiot
> >
>
> Yes, I noticed. What's your point?
Don't be so close-minded about other people's questions. The original post was NOT an
attempt to
spread closed-source DoS attack code. He wanted to know what he should do because
someone
comprimized his box.
> Did you notice the little GNU sticker on the DoS attack code?
> Neither did I. So it's not about open source...
Open source NEWSGROUP.
> Code posted to Usenet forums (or accessed in other manners using the
> internet) are not open source nor public domain unless that is clearly
> stated. Did you know that? Did you know that comp.os.linux.misc is no
> warez forum?
>
> Judging from the posts in this forum I find it hard to believe that
> many people have ever read the ping(8) manual page. And judging from
> your post, I find it hard to believe that you read enough of the
> source of the packet storm program in the original post to see the
> differences between it and and the ping command.
And an over-inflated ego, at that!
> System administrators, which I consider anyone that says "my server"
> to be, should know better.
Let's all conform to your standards. Everyone now, all at once.... Ahh. That feels
better.
> Calling me an idiot was just plain stupid.
But not completely untrue.
Please try and understand that maybe, just MAYBE, the original poster was trying to
gather some
information about his comprimised box. Don't come down on him or others for trying to
do the right
thing.
--
- The Darkener
"I'm Doug, I have greasy hair and no muscles. You're Principal
Wheeler, you have a mustache and you smell like coffee." -The State
------------------------------
From: Michel Bardiaux <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.help
Subject: Re: Help! Urgent problem with gzip
Date: Wed, 30 Aug 2000 17:08:22 GMT
fred smith wrote:
[snip]
> If a file transfer was done (using ftp or kermit or whatever) in "ascii"
> or "text" (i.e., not "binary") mode, the issue is probably not with a
> stripped high-order bit, but rather with NL==>CR/NL conversions,... every
> linefeed (new line) was converted to a carriage-return/newline pair. If
> you try to transfer back the other way it'll undo all the ones it
> converted originally, but unfortunately it'll also undo any legitimate
> CR/NL pairs that were SUPPOSED to be there, so I think you're out of
> luck!
>
> But go ahead and try it anyway, i.e., transferring it BACK to the
> originating system in text mode just for fun, maybe you'll be lucky.
>
> Fred
> --
> ---- Fred Smith -- [EMAIL PROTECTED] ----------------------------
He will have to be *extremely* lucky. Assuming the compression was
maximal, all bytes and byte-pairs will be equiprobable; hence a 180MB gz
file will contain roughly 180*1024*1024/(2*256*256) or 1440 CR/NL
pairs...
Greetings.
--
Michel Bardiaux
Peaktime Belgium S.A. Rue Margot, 37 B-1457 Nil St Vincent
Tel : +32 10 65.44.15 Fax : +32 10 65.44.10
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.misc) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Misc Digest
******************************
