On Monday 25 June 2001 23:37, you wrote:
> On Mon, 25 Jun 2001, Dennis M. wrote:
> > On Monday 25 June 2001 22:30, you wrote:
> > > I've neved seen this before...
> > >
> > > ---------
> > > su -
> > > Password:
> > > File size limit exceeded
> > > --------
> > >
> > > -Ross
> >
<snip>
> Sorry, but I'm missing something here. I'm trying to log in as su...I don't
> see what that would have to do with the firewall or file sizes?
>
> I enter "su -" (or just "su")
>
> It asks for "Password:"
>
> I give it the password for root.
>
> It responds "File size limit exceeded"
>
> I've searched the list archive for the above response and I found only one
> reference, and that related to Squid.
>
> Thanks...
>
> -Ross (the confused)
Didn't mean to confuse you. The file size is a limit put on by Bastille to
keep unauthorized crackers and such from accessing through the super user
permissions. Bastille release candidate 3 (I believe) had something going on
in its scripts such that once some files reached a certain size it would
disable the su function. You will find that if you logoff and then login as
root you can do what ever it is you were trying to do. So the solution is to
change the file size allowed in " /etc/Bastille/config " or run
"InteractiveBastille" as I indicated before and deselect the option to limit
file sizes. If you initially set it up with the tinyfirewall selection or
what ever it was called then that is the same as Bastille, just a default
configuration. Also I did not disable the suidusernetctrl or any of the other
suid choices, since my LAN is a small 4 computer system.
the answer to disable suid usernetctl=N
the answer to configureMiscPam.limitsconf=N
Also, I would go to the Bastille web page and down load the final release on
that page. Uninstall the old bastille and Install the newer one as directed
on the web page. I have tested the firewall on a couple of the linux probe
ports sites and it will lock down tight and show no ports open. A good start
on security. For what it's worth, now it's up to you.........
--
Dennis M. registered Linux user #180842
