Re: apt-get issue(s)
Kenneth Pronovici, 2001-Aug-12 21:49 -0500: >Err http://security.debian.org potato/updates/main Packages > Could not connect to security.debian.org (132.229.131.40). > My guess is that this was a temporary server or network outage. I just did an apt-get update with this same source. It hung and 99% the first try and I C to break and immediately ran it again and it worked fine. jc -- Jeff CoppockNortel Networks Systems Engineerhttp://nortelnetworks.com Major Accts.Santa Clara, CA
Re: apt-get issue(s)
I had a similar question in regard to where partidcular packages which have security patches should be downloaded from - the obvious question is the security server, however it doesn't seem to work that way all the time ... I don't have my sources.list at hand, unfortunately, but I have noticed that from where I am in the network, the security site often will time out during a download of a particular .deb file which has been updated ... that's not really the problem - the problem is that apt appears to then continue fetching the file from the normal archive rather than from the secure one. The fetched .deb appears to have exactly the same version and revision details as the secure version, and unpacks and installs fine ... but I would have thought that for security's sake that apt should only have attempted to fetch the package from the secure URL rather than the (possibly less secure) main site ... unless the user intervened of course ... Presumably if someone were able to poison the main site with a carefully constructed .deb I could be in trouble if the download from the secure site failed part-way through ... Just a thought ... -- Malcolm HerbertThis brain intentionally [EMAIL PROTECTED]left blank
apt-get issue(s)
I'm cross-posting this to user and security, because there are really two (possibly-related) issues here. Feel free to take replies to just one list or the other. On my firewall (running potato), I have been using these apt sources.list entries: deb http://security.debian.org potato/updates main contrib non-free deb http://http.us.debian.org/debian/ potato main non-free contrib deb http://non-us.debian.org/debian-non-US/ potato/non-US main contrib non-free However, suddenly, 'apt-get update' started failing with errors of the form: Err http://security.debian.org potato/updates/main Packages Could not connect to security.debian.org (132.229.131.40). for each of the entries. I've finally worked around this by using these sources.list entries: deb ftp://security.debian.org/debian-security potato/updates main contrib non-free deb ftp://http.us.debian.org/debian/ potato main non-free contrib deb ftp://non-us.debian.org/debian-non-US/ potato/non-US main contrib non-free First question: any idea why the original http source.list entries suddenly stopped working? The URLs that apt-get complains about seem to be available via lynx, so connectivity is apparently not the issue. Running strace on 'apt-get update' shows me an error "400 URI Failure", but I'm not sure where that leads me. I can go dig through the code next, but... Second question: what's up with the security URL that I needed for FTP? I would have expected to use "ftp://security.debian.org";, but the "dists" directory exists under "ftp://security.debian.org/debian-security"; instead. Thanks in advance for the information. I guess I've worked around this for now, but I'd like to know what happened. KEN -- Kenneth J. Pronovici <[EMAIL PROTECTED]> Personal Homepage: http://www.skyjammer.com/~pronovic/ "I have zero tolerance for zero-tolerance policies."
Re: apt-get issue(s)
Kenneth Pronovici, 2001-Aug-12 21:49 -0500: >Err http://security.debian.org potato/updates/main Packages > Could not connect to security.debian.org (132.229.131.40). > My guess is that this was a temporary server or network outage. I just did an apt-get update with this same source. It hung and 99% the first try and I C to break and immediately ran it again and it worked fine. jc -- Jeff CoppockNortel Networks Systems Engineerhttp://nortelnetworks.com Major Accts.Santa Clara, CA -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: apt-get issue(s)
I had a similar question in regard to where partidcular packages which have security patches should be downloaded from - the obvious question is the security server, however it doesn't seem to work that way all the time ... I don't have my sources.list at hand, unfortunately, but I have noticed that from where I am in the network, the security site often will time out during a download of a particular .deb file which has been updated ... that's not really the problem - the problem is that apt appears to then continue fetching the file from the normal archive rather than from the secure one. The fetched .deb appears to have exactly the same version and revision details as the secure version, and unpacks and installs fine ... but I would have thought that for security's sake that apt should only have attempted to fetch the package from the secure URL rather than the (possibly less secure) main site ... unless the user intervened of course ... Presumably if someone were able to poison the main site with a carefully constructed .deb I could be in trouble if the download from the secure site failed part-way through ... Just a thought ... -- Malcolm HerbertThis brain intentionally [EMAIL PROTECTED]left blank -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
apt-get issue(s)
I'm cross-posting this to user and security, because there are really two (possibly-related) issues here. Feel free to take replies to just one list or the other. On my firewall (running potato), I have been using these apt sources.list entries: deb http://security.debian.org potato/updates main contrib non-free deb http://http.us.debian.org/debian/ potato main non-free contrib deb http://non-us.debian.org/debian-non-US/ potato/non-US main contrib non-free However, suddenly, 'apt-get update' started failing with errors of the form: Err http://security.debian.org potato/updates/main Packages Could not connect to security.debian.org (132.229.131.40). for each of the entries. I've finally worked around this by using these sources.list entries: deb ftp://security.debian.org/debian-security potato/updates main contrib non-free deb ftp://http.us.debian.org/debian/ potato main non-free contrib deb ftp://non-us.debian.org/debian-non-US/ potato/non-US main contrib non-free First question: any idea why the original http source.list entries suddenly stopped working? The URLs that apt-get complains about seem to be available via lynx, so connectivity is apparently not the issue. Running strace on 'apt-get update' shows me an error "400 URI Failure", but I'm not sure where that leads me. I can go dig through the code next, but... Second question: what's up with the security URL that I needed for FTP? I would have expected to use "ftp://security.debian.org";, but the "dists" directory exists under "ftp://security.debian.org/debian-security"; instead. Thanks in advance for the information. I guess I've worked around this for now, but I'd like to know what happened. KEN -- Kenneth J. Pronovici <[EMAIL PROTECTED]> Personal Homepage: http://www.skyjammer.com/~pronovic/ "I have zero tolerance for zero-tolerance policies." -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Mutt and inline gpg
Hi Marc, * Marc Leeman <[EMAIL PROTECTED]> [09-08-01 11:55]: > Due to the flexibility of mutt, I would guess that I can solve the > problem in my config, but as I said, I haven't found a solution quite > yet. I use the following procmail rules and a little script (attached) to convert the content-type of attachments to application/pgp: :0 * !^Content-Type: message/ * !^Content-Type: multipart/ * !^Content-Type: application/pgp { :0 fBw * ^-BEGIN PGP MESSAGE- * ^-END PGP MESSAGE- | formail -i "Content-Type: application/pgp; format=text; x-action=encrypt" :0 fBw * ^-BEGIN PGP SIGNED MESSAGE- * ^-BEGIN PGP SIGNATURE- * ^-END PGP SIGNATURE- | formail -i "Content-Type: application/pgp; format=text; x-action=sign" } :0 fBw * ^-BEGIN PGP PUBLIC KEY BLOCK- * ^-END PGP PUBLIC KEY BLOCK- | formail -i "Content-Type: application/pgp-keys; format=text;" :0 * ^Content-Type: multipart/ { :0 fBw * ^-BEGIN PGP MESSAGE- * ^-END PGP MESSAGE- | $MAILFILTER_PGP_ATTACHMENT - } If you want textmode-encryption for some people use this macro and press 'xfoo' before you send the message: macro compose xfoo "Fgpg -es --textmode --armor -r $your-key-ID -r $recipient-key-ID\ny" Janto -- "Open Source" heißt, jeder Anwender erhält eine Kopie des Quellcodes. Dabei stoßen Entwickler, die mit Linux arbeiten, häufig auf Sicherheitslücken. Auf Microsoft Windows trifft dies nicht zu.- Microsoft eval '(exit $?0)' && eval 'exec perl -S $0 ${1+"$@"}' & eval 'exec perl -S $0 $argv:q' if 0; ($script = $0) =~ s#.*/(.*)$#$1#; $USAGE = " # Usage: $script mail # # Task: This script converts the Content-Type of attachments to # application/pgp ... # if the attachment is pgp encrypted. # The output will be the stdout. # # Version : 1.0 # Author: [EMAIL PROTECTED] # "; $user=`whoami`; $date=`date`; die "$USAGE" if @ARGV == 0; $header = 1; while (<>) { $line = $_; if ( $header && $line =~ /^[\s\t]*$/ ) { $header = 0; print "$line"; next; } if ( $header == 1 ) { # skip header print "$line"; next; } if ( !$header && $line =~ /^--.*/ ) { print "$line"; $aheader = 1; @lines1 = (); $content_type = ""; @lines = (); while (<>) { $line = $_; if ( $aheader && $line =~ /^Content-Type:.*/) { # save Content-Type separately @lines1 = @lines; $content_type = $line; @lines = (); next; } if ( $aheader && $line =~ /^[\s\t]*$/ ) { # look for header of attachment $aheader = 0; push(@lines, $line); next; } if ( $aheader == 1 ) { push(@lines, $line); next; } if ( !$aheader && $line =~ /^-BEGIN PGP MESSAGE-.*/ ) { # attachment pgp encrypted $content_type = "Old-${content_type}Content-Type: application/pgp; format=text; x-action=encrypt\n"; push (@lines, $line); next; } if ( !$aheader && $line =~ /^--.*/ ) { # next attachment begins print join '',@lines1; print "$content_type"; print join '',@lines; print "$line"; $aheader = 1; @lines1 = (); $content_type = ""; @lines = (); next; } push(@lines, $line); } print join '',@lines1; print "$content_type"; print join '',@lines; last; } print "$line"; } pgpeez1xExLv5.pgp Description: PGP signature
Re: Mutt and inline gpg
Hi Marc, * Marc Leeman <[EMAIL PROTECTED]> [09-08-01 11:55]: > Due to the flexibility of mutt, I would guess that I can solve the > problem in my config, but as I said, I haven't found a solution quite > yet. I use the following procmail rules and a little script (attached) to convert the content-type of attachments to application/pgp: :0 * !^Content-Type: message/ * !^Content-Type: multipart/ * !^Content-Type: application/pgp { :0 fBw * ^-BEGIN PGP MESSAGE- * ^-END PGP MESSAGE- | formail -i "Content-Type: application/pgp; format=text; x-action=encrypt" :0 fBw * ^-BEGIN PGP SIGNED MESSAGE- * ^-BEGIN PGP SIGNATURE- * ^-END PGP SIGNATURE- | formail -i "Content-Type: application/pgp; format=text; x-action=sign" } :0 fBw * ^-BEGIN PGP PUBLIC KEY BLOCK- * ^-END PGP PUBLIC KEY BLOCK- | formail -i "Content-Type: application/pgp-keys; format=text;" :0 * ^Content-Type: multipart/ { :0 fBw * ^-BEGIN PGP MESSAGE- * ^-END PGP MESSAGE- | $MAILFILTER_PGP_ATTACHMENT - } If you want textmode-encryption for some people use this macro and press 'xfoo' before you send the message: macro compose xfoo "Fgpg -es --textmode --armor -r $your-key-ID -r $recipient-key-ID\ny" Janto -- "Open Source" heißt, jeder Anwender erhält eine Kopie des Quellcodes. Dabei stoßen Entwickler, die mit Linux arbeiten, häufig auf Sicherheitslücken. Auf Microsoft Windows trifft dies nicht zu.- Microsoft eval '(exit $?0)' && eval 'exec perl -S $0 ${1+"$@"}' & eval 'exec perl -S $0 $argv:q' if 0; ($script = $0) =~ s#.*/(.*)$#$1#; $USAGE = " # Usage: $script mail # # Task: This script converts the Content-Type of attachments to # application/pgp ... # if the attachment is pgp encrypted. # The output will be the stdout. # # Version : 1.0 # Author: Daniel.Kollar\@bigfoot.de # "; $user=`whoami`; $date=`date`; die "$USAGE" if @ARGV == 0; $header = 1; while (<>) { $line = $_; if ( $header && $line =~ /^[\s\t]*$/ ) { $header = 0; print "$line"; next; } if ( $header == 1 ) { # skip header print "$line"; next; } if ( !$header && $line =~ /^--.*/ ) { print "$line"; $aheader = 1; @lines1 = (); $content_type = ""; @lines = (); while (<>) { $line = $_; if ( $aheader && $line =~ /^Content-Type:.*/) { # save Content-Type separately @lines1 = @lines; $content_type = $line; @lines = (); next; } if ( $aheader && $line =~ /^[\s\t]*$/ ) { # look for header of attachment $aheader = 0; push(@lines, $line); next; } if ( $aheader == 1 ) { push(@lines, $line); next; } if ( !$aheader && $line =~ /^-BEGIN PGP MESSAGE-.*/ ) { # attachment pgp encrypted $content_type = "Old-${content_type}Content-Type: application/pgp; format=text; x-action=encrypt\n"; push (@lines, $line); next; } if ( !$aheader && $line =~ /^--.*/ ) { # next attachment begins print join '',@lines1; print "$content_type"; print join '',@lines; print "$line"; $aheader = 1; @lines1 = (); $content_type = ""; @lines = (); next; } push(@lines, $line); } print join '',@lines1; print "$content_type"; print join '',@lines; last; } print "$line"; } PGP signature
Re: strangelog
On Sun, 12 Aug 2001, Steven Barker wrote: > On Sun, Aug 12, 2001 at 05:33:34PM +0200, Rudy Gevaert wrote: > > > This weekend I got a strange log: > > > > Unusual System Events > > =-=-=-=-=-=-=-=-=-=-= > > Aug 11 06:25:03 alhandra su[3584]: + ??? root-nobody > > Aug 11 06:25:03 alhandra PAM_unix[3584]: (su) session opened for user > > nobody by > > +(uid=0) > > This is root (uid=0) becoming nobody. It's surely a cron job that is setup > to change user to nobody before running. The locate package runs updatedb > as nobody every day, for example. Ah, k! Thanks for the quick reply! -- Rudy Gevaert -- [EMAIL PROTECTED] Beifeld's Principle: The probability of a young man meeting a desirable and receptive young female increases by pyramidical progression when he is already in the company of (1) a date, (2) his wife, (3) a better-looking and richer male friend. -- R. Beifeld
Re: strangelog
On Sun, Aug 12, 2001 at 05:33:34PM +0200, Rudy Gevaert wrote: > This weekend I got a strange log: > > Unusual System Events > =-=-=-=-=-=-=-=-=-=-= > Aug 11 06:25:03 alhandra su[3584]: + ??? root-nobody > Aug 11 06:25:03 alhandra PAM_unix[3584]: (su) session opened for user > nobody by > +(uid=0) This is root (uid=0) becoming nobody. It's surely a cron job that is setup to change user to nobody before running. The locate package runs updatedb as nobody every day, for example. -- Steven Barker [EMAIL PROTECTED] Woolsey-Swanson Rule: People would rather live with a problem they cannot solve rather than accept a solution they cannot understand. PGP Key Fingerprint: 272A 3EC8 52CE F22B F745 775E 5292 F743 EBD5 936B Get it at http://www.students.uiuc.edu~/scbarker/pubkey.asc
Re: strangelog
On 2001-08-12, Rudy Gevaert wrote: >This weekend I got a strange log: [...] >Aug 11 06:25:03 alhandra su[3584]: + ??? root-nobody >Aug 11 06:25:03 alhandra PAM_unix[3584]: (su) session opened for user >nobody by >+(uid=0) [...] >I'm sure I was asleep at that time... What is this? Did someone log in? Nope, noone logged in. >Or was it a service who su'ed? (I doubt it). It was one of your cron jobs, I suppose. Jakub. -- (0> Jakub Jankowski "Beauty is skin deep; //\ [EMAIL PROTECTED]ugly goes right V_/_ [EMAIL PROTECTED]to the bone."
strangelog
Hello, This weekend I got a strange log: Unusual System Events =-=-=-=-=-=-=-=-=-=-= Aug 11 06:25:03 alhandra su[3584]: + ??? root-nobody Aug 11 06:25:03 alhandra PAM_unix[3584]: (su) session opened for user nobody by +(uid=0) I'm sure I was asleep at that time... What is this? Did someone log in? Or was it a service who su'ed? (I doubt it). Anybody have some tips for me? Thanks, -- Rudy Gevaert -- [EMAIL PROTECTED] Beifeld's Principle: The probability of a young man meeting a desirable and receptive young female increases by pyramidical progression when he is already in the company of (1) a date, (2) his wife, (3) a better-looking and richer male friend. -- R. Beifeld