binutils 2.15.91.0.1 + PaX patch for Debian SID
Hi all, I've done new binutils with PaX patch for Debian SID (unstable) usage. Add: deb http://debian.linux-systeme.com sid main deb-src http://debian.linux-systeme.com sid main to your sources.list, run apt-get update, apt-get upgrade. Have fun. I hope someone need this as I do :-) P.S.: ATM there are x86 packages only, but if you have non-x86 machines, get the source, build it and I'll upload it to that location for non-x86. Next on my todo is newest libc which works with NOVSYSCALL from PaX. I don't want to wait another 2 years for Debian to fix that up :p -- ciao, Marc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: STARTTLS wierdness in sendmail 8.12.10-1
On Friday 19 September 2003 17:59, Brian Rectanus wrote: Hi Brian, I cannot get STARTTLS to work with the newest snendmail in unstable. It *always* complains that the key file is group readable! Now, before you scream RTFM, I did use GroupReadableKeyFile! please copy /usr/share/sendmail/examples/starttls.m4 to /etc/mail/tls and execute 'sendmailconfig' after you copied the file over. It's an updated file you have to use by now. You should have read the install message by the sendmail update and the changelog too ;p You have to do the same with SASLv2 m4 if you use SASLv2. Anyone else see this? yes, Solution above. Anyway, even after that, TLS does not work anylonger. I always get verify=NOT if I try to send mail with my other clients. 8.12.9-latest from SID before 8.12.10-1 works fine. -- ciao, Marc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: STARTTLS wierdness in sendmail 8.12.10-1
On Friday 19 September 2003 23:27, Richard A Nelson wrote: Hi Richard, aha... in my case (all my boxen, in fact) the certificate just expired !!! I ran /usr/share/sendmail/update_tls new to create a new set of certificates and things are now kosher ! Sep 19 21:22:20 renegade sendmail[22155]: STARTTLS=client, relay=localhost.badlands.org., version=TLSv1/SSLv3, verify=OK, cipher=DHE-RSA-AES256-SHA, bits=256/256 Sep 19 21:22:20 renegade sm-mta[22156]: STARTTLS=server, relay=localhost [127.0.0.1], version=TLSv1/SSLv3, verify=OK, cipher=DHE-RSA-AES256-SHA, bits=256/256 so, if you get a FAIL message, please check your expiration dates! #openssl x509 -in /etc/mail/tls/sendmail-{server,client}.crt -enddate that was my first try after I saw verify=NOT and it does not help at all, at least not for me. My certificates are valid until January 2004! -- ciao, Marc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: STARTTLS wierdness in sendmail 8.12.10-1
On Friday 19 September 2003 17:59, Brian Rectanus wrote: Hi Brian, I cannot get STARTTLS to work with the newest snendmail in unstable. It *always* complains that the key file is group readable! Now, before you scream RTFM, I did use GroupReadableKeyFile! please copy /usr/share/sendmail/examples/starttls.m4 to /etc/mail/tls and execute 'sendmailconfig' after you copied the file over. It's an updated file you have to use by now. You should have read the install message by the sendmail update and the changelog too ;p You have to do the same with SASLv2 m4 if you use SASLv2. Anyone else see this? yes, Solution above. Anyway, even after that, TLS does not work anylonger. I always get verify=NOT if I try to send mail with my other clients. 8.12.9-latest from SID before 8.12.10-1 works fine. -- ciao, Marc
Re: STARTTLS wierdness in sendmail 8.12.10-1
On Friday 19 September 2003 23:27, Richard A Nelson wrote: Hi Richard, aha... in my case (all my boxen, in fact) the certificate just expired !!! I ran /usr/share/sendmail/update_tls new to create a new set of certificates and things are now kosher ! Sep 19 21:22:20 renegade sendmail[22155]: STARTTLS=client, relay=localhost.badlands.org., version=TLSv1/SSLv3, verify=OK, cipher=DHE-RSA-AES256-SHA, bits=256/256 Sep 19 21:22:20 renegade sm-mta[22156]: STARTTLS=server, relay=localhost [127.0.0.1], version=TLSv1/SSLv3, verify=OK, cipher=DHE-RSA-AES256-SHA, bits=256/256 so, if you get a FAIL message, please check your expiration dates! #openssl x509 -in /etc/mail/tls/sendmail-{server,client}.crt -enddate that was my first try after I saw verify=NOT and it does not help at all, at least not for me. My certificates are valid until January 2004! -- ciao, Marc
Re: kernel-source 2.4.20 + grsecurity + freeswan
On Thursday 05 June 2003 22:32, Vinai Kopp wrote: Hi Vinai, There seem to be problems using both the grsecurity and the freeswan patches (at least I haven't been successfull applying the patches - I tried the debian versions and the official ones from the different project sites of the patches and the kernel sources). Does anybody have debian/stable boxes running kernels with grsecurity and freeswan? Any hints/experiences to share? http://sf.net/projects/wolk/ http://sourceforge.net/forum/forum.php?forum_id=272768 -- ciao, Marc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: kernel-source 2.4.20 + grsecurity + freeswan
On Thursday 05 June 2003 22:32, Vinai Kopp wrote: Hi Vinai, There seem to be problems using both the grsecurity and the freeswan patches (at least I haven't been successfull applying the patches - I tried the debian versions and the official ones from the different project sites of the patches and the kernel sources). Does anybody have debian/stable boxes running kernels with grsecurity and freeswan? Any hints/experiences to share? http://sf.net/projects/wolk/ http://sourceforge.net/forum/forum.php?forum_id=272768 -- ciao, Marc
Re: Advice Needed On Recent Rootings
On Sunday 25 May 2003 20:04, Jayson Vantuyl wrote: Hi Jayson, We've had a number of hacked boxen recently. It appears a certain person (Romanian we think) is specifically targeting us and our customers (looks like he hit a machine and found connections from others in their logs, went from there). I have two boxen running connected to the internet, one is Debian Kernel Image + all latest available security fixes for debian, the other one is almost the same but with 2.4.20-wolk4.1s enabled all grsecurity stuff. Both machines are connected for a long time now, both on the same ip subnet and I've announced a hackcontest privately to some people some time ago (the machines intention is for hacking ;). The first, debian kernel image machine, was hacked 37 times in 1 year, the other one was hacked 0 times, looking into the logs I see _tons_ of PaX: from IP terminating $foobar. So the way to go is absolutely grsecurity if you want to be very safe even against exploits and security holes in userspace applications which are not known yet. The part that bothers me is that all of these systems were updated to the newest versions on debian.security.org (if apt-get was doing its job) and firewalled down to just the ports we needed (22, 25, 53, 80). what mailserver do you run on 25? what type of webserver (if so on port 80) and what nameserver? Bind? ;) While I don't like this (OpenSSH is open and it should be that way), has anyone else had this kind of experience? Is there some big hack I should know about? No public exploits are known for the most recent OpenSSH version v3.6.1p2, which does _not_ mean there are no exploits. I've checked CERT and the SANS list. Both of them were helpful, but most of the answers said run the newest version of X, which I have assumed apt-get fixed (in stable at least). I mean, some versions were older, but I had heard most of them had backported fixes. Is this happening to anyone else? yes, with the machine/software packages w/o grsecurity/PaX support. Personally I don't trust those so called security updates. I always compile relevant software for myself from the servers programs homepage. Don't get me wrong. I don't say that the security updates are not safe. It is just my personal choice of doing it on my own!! -- ciao, Marc
Re: grsec patch over debian 2.4.20 kernel
On Tuesday 22 April 2003 15:12, [EMAIL PROTECTED] wrote: Hi, Ted Bukov [EMAIL PROTECTED] 22.04.2003, 14:17:56: I got the last 2.4.20 kernel with apt-get install. I want to patch it with grsec, but I met many times the follow message: Reversed (or previously applied) patch detected! Assume -R? [n] When I answered yes to all questions, the kernel compilation had failed. I think grsec patch have conficts with already patched debian kernel source, so is there any debian kernel sources with grsec applied? I don't want to use plain (vanilla) kernel, because of its ptrace vulnerability. Thanks in advance. I have the same problem as I can not apply the patch on the 2.4.20-sources. I've tried this some month ago (also on 2.4.20) for my home workstation, the patch did apply. Now I've had a look at Trusted Linux. However, I am not quite shure, because apt-get will update 127 packages, but just 180 packages are installed. reading the changelog of _both_ might help :P grsecurity has the ptrace-fix included. debian's 2.4.20 kernel has the ptrace-fix included. so, unpatch that kernel with the ptrace-fix and apply grsec and it'll work. -- ciao, Marc
Re: [PATCH] ALERT!! - 2.2.x i386 Linux kernel has DoS same as 2.4.x!!!!
On Tuesday 19 November 2002 23:13, Matthew Grant wrote: Hi Matt, Here is the patch to fix 2.2: consider using this instead. -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. diff -urN linux.orig/arch/i386/kernel/entry.S linux/arch/i386/kernel/entry.S --- linux.orig/arch/i386/kernel/entry.S Tue May 21 01:32:34 2002 +++ linux/arch/i386/kernel/entry.S Thu Nov 14 21:39:36 2002 @@ -63,7 +63,9 @@ OLDSS = 0x38 CF_MASK = 0x0001 +TF_MASK = 0x0100 IF_MASK = 0x0200 +DF_MASK = 0x0400 NT_MASK = 0x4000 VM_MASK = 0x0002 @@ -139,6 +141,9 @@ movl CS(%esp),%edx # this is eip.. movl EFLAGS(%esp),%ecx # and this is cs.. movl %eax,EFLAGS(%esp) # + andl $~(NT_MASK|TF_MASK|DF_MASK), %eax + pushl %eax + popfl movl %edx,EIP(%esp) # Now we move them to their normal places movl %ecx,CS(%esp) # movl %esp,%ebx @@ -256,6 +261,9 @@ pushl $ SYMBOL_NAME(do_divide_error) ALIGN error_code: + pushfl + andl $~(NT_MASK|TF_MASK|DF_MASK), (%esp) + popfl pushl %ds pushl %eax xorl %eax,%eax @@ -266,7 +274,6 @@ decl %eax # eax = -1 pushl %ecx pushl %ebx - cld movl %es,%cx movl ORIG_EAX(%esp), %esi # get the error code movl ES(%esp), %edi # get the function address diff -urN linux.orig/arch/i386/kernel/traps.c linux/arch/i386/kernel/traps.c --- linux.orig/arch/i386/kernel/traps.c Thu Nov 14 21:19:40 2002 +++ linux/arch/i386/kernel/traps.c Thu Nov 14 21:40:01 2002 @@ -601,7 +601,7 @@ return; clear_TF: - regs-eflags = ~TF_MASK; + regs-eflags = ~(TF_MASK|NT_MASK); return; }
Re: [PATCH] ALERT!! - 2.2.x i386 Linux kernel has DoS same as 2.4.x!!!!
On Tuesday 19 November 2002 23:13, Matthew Grant wrote: Hi Matt, Here is the patch to fix 2.2: consider using this instead. -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred.diff -urN linux.orig/arch/i386/kernel/entry.S linux/arch/i386/kernel/entry.S --- linux.orig/arch/i386/kernel/entry.S Tue May 21 01:32:34 2002 +++ linux/arch/i386/kernel/entry.S Thu Nov 14 21:39:36 2002 @@ -63,7 +63,9 @@ OLDSS = 0x38 CF_MASK = 0x0001 +TF_MASK = 0x0100 IF_MASK = 0x0200 +DF_MASK = 0x0400 NT_MASK = 0x4000 VM_MASK = 0x0002 @@ -139,6 +141,9 @@ movl CS(%esp),%edx # this is eip.. movl EFLAGS(%esp),%ecx # and this is cs.. movl %eax,EFLAGS(%esp) # + andl $~(NT_MASK|TF_MASK|DF_MASK), %eax + pushl %eax + popfl movl %edx,EIP(%esp) # Now we move them to their normal places movl %ecx,CS(%esp) # movl %esp,%ebx @@ -256,6 +261,9 @@ pushl $ SYMBOL_NAME(do_divide_error) ALIGN error_code: + pushfl + andl $~(NT_MASK|TF_MASK|DF_MASK), (%esp) + popfl pushl %ds pushl %eax xorl %eax,%eax @@ -266,7 +274,6 @@ decl %eax # eax = -1 pushl %ecx pushl %ebx - cld movl %es,%cx movl ORIG_EAX(%esp), %esi # get the error code movl ES(%esp), %edi # get the function address diff -urN linux.orig/arch/i386/kernel/traps.c linux/arch/i386/kernel/traps.c --- linux.orig/arch/i386/kernel/traps.c Thu Nov 14 21:19:40 2002 +++ linux/arch/i386/kernel/traps.c Thu Nov 14 21:40:01 2002 @@ -601,7 +601,7 @@ return; clear_TF: - regs-eflags = ~TF_MASK; + regs-eflags = ~(TF_MASK|NT_MASK); return; }
Re: unsubscribe
On Friday 20 September 2002 10:45, leoricius wrote: unsubscribe most people will never learn ;) -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: unsubscribe
On Friday 20 September 2002 10:45, leoricius wrote: unsubscribe most people will never learn ;) -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred.
Re: You've Been Removed!
On Thursday 18 July 2002 19:22, Italyminutes wrote: Hi there, This message is to confirm the removal of your email address: debian-security@lists.debian.org from the Italyminutes Subscribe Me mailing list. We're sorry to see you go! If you feel you have received this notice in error, please visit the Italyminutes Subscribe Me mailing list at our website: http://www.bluebanner.net to add yourself automatically, or click on the link below to automatically re-subscribe yourself: http://www.bluebanner.net/cgi-lib/admail/s.cgi?a=1l=9e=debian-security=:l ists.debian.org Thank you, Italyminutes Could ANYONE please stop this shit? Thanks! -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at www.keyserver.net. Encrypted e-mail preferred. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: strange log.
On Thursday 16 May 2002 13:47, daniel mendoza wrote: Hi Daniel, May 15 03:50:01 sm-msp-queue[16143]: STARTTLS=client, error: load verify locs /etc/ssl/certs/, /etc/mail/ssl/sendmail-server.crt failed: 0 what can it be? create the SSL Certificates for sendmail or disable SSL/TLS Support for sendmail. -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at wwwkeys.pgp.net. Encrypted e-mail preferred. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: strange log.
On Thursday 16 May 2002 13:47, daniel mendoza wrote: Hi Daniel, May 15 03:50:01 sm-msp-queue[16143]: STARTTLS=client, error: load verify locs /etc/ssl/certs/, /etc/mail/ssl/sendmail-server.crt failed: 0 what can it be? create the SSL Certificates for sendmail or disable SSL/TLS Support for sendmail. -- Kind regards Marc-Christian Petersen http://sourceforge.net/projects/wolk PGP/GnuPG Key: 1024D/569DE2E3DB441A16 Fingerprint: 3469 0CF8 CA7E 0042 7824 080A 569D E2E3 DB44 1A16 Key available at wwwkeys.pgp.net. Encrypted e-mail preferred. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Heartbeat
Hi there, is any one on this whole wide world able to help me with the heartbeat package? I want to use it with debian sid, neither the sid package nor the rpm/tgz from the website linux-ha.org are working?! I will be very glad if anyone can help me!! -- Kind regards Marc-Christian Petersen
compile libc5 ...
Hi all, maybe or sure a little bit offtopic, but i don't know where to ask to get a REAL helpfull answer for my question. How can i compile a program with libc5 on a libc6 2.2 (glibc 2.2) system correctly ? Hope any one in here can help me out!! Thanks a lot! Kind regards, Marc
Re: Compiling HostSentry
Hi all, as of some ppl are trying to use hostsentry i was interessted in do it too :-) ... i have installed python with module support for utmp and dbm. I have changed hostsentry.conf according to the readme and of some mails i have read here. And now, if i want to use hostsentry, i get the following: root@codeman:/usr/local/hostsentry# ./hostsentry.py from: can't read /var/mail/hostSentryCore ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: POLL_DELAY: command not found ./hostsentry.py: VERSION: command not found ./hostsentry.py: line 59: syntax error near unexpected token `hostSentry(h' ./hostsentry.py: line 59: `class hostSentry(hostSentryCore):' I use Debian SID! Thanks for your help. Kind regards, Marc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Compiling Hostsentry
Hi all, here is a little c++ program which u can use to determine your utmp/wtmp format to use it correctly with hostsentry. It works fine for me and maybe it can be added to future releases of hostsentry cause it may be usefull for some ppl. :-) I have attached an C++ and C Version! Kind regards, Marc // to compile: gcc -o showwtmp showwtmp.c #include stdio.h #include utmp.h main() { int s_utmp, s_ut_type, s_pid_t, o_tty_name, s_tty_name, o_username, s_username, o_hostname, s_hostname; s_utmp= sizeof(struct utmp); s_ut_type = sizeof(short); s_pid_t = sizeof(pid_t); o_tty_name = s_pid_t + s_ut_type; s_tty_name = UT_LINESIZE; o_username = o_tty_name + s_tty_name + 4; //4=sizeof(abbrev. ttyname) s_username = UT_NAMESIZE; o_hostname = o_username + s_username; s_hostname = UT_HOSTSIZE; printf(size of utmp struct: %d\n, s_utmp); printf(size of ut_type: %d\n, s_ut_type); printf(size of pid_t: %d\n, s_pid_t); printf(offset of tty name: %d\n, o_tty_name); printf(size of tty name:%d\n, s_tty_name); printf(offset of username: %d\n, o_username); printf(size of username:%d\n, s_username); printf(offset of hostname: %d\n, o_hostname); printf(size of hostname:%d\n, s_hostname); printf(\nformat:\n); printf(\%d/%d:%d/%d:%d/%d:%d\\n, s_utmp, o_tty_name, s_tty_name, o_username, s_username, o_hostname, s_hostname); return 0; } // to compile: g++ -o showwtmp showwtmp.cpp #include stdio.h #include utmp.h int main(int argc, char **argv) { int s_utmp= sizeof(struct utmp), s_ut_type = sizeof(short), s_pid_t = sizeof(pid_t), o_tty_name = s_pid_t + s_ut_type, s_tty_name = UT_LINESIZE, o_username = o_tty_name + s_tty_name + 4, //4=sizeof(abbrev. ttyname) s_username = UT_NAMESIZE, o_hostname = o_username + s_username, s_hostname = UT_HOSTSIZE; printf(size of utmp struct: %d\n, s_utmp); printf(size of ut_type: %d\n, s_ut_type); printf(size of pid_t: %d\n, s_pid_t); printf(offset of tty name: %d\n, o_tty_name); printf(size of tty name:%d\n, s_tty_name); printf(offset of username: %d\n, o_username); printf(size of username:%d\n, s_username); printf(offset of hostname: %d\n, o_hostname); printf(size of hostname:%d\n, s_hostname); printf(\nformat:\n); printf(\%d/%d:%d/%d:%d/%d:%d\\n, s_utmp, o_tty_name, s_tty_name, o_username, s_username, o_hostname, s_hostname); return 0; }
Re: Compiling HostSentry
Hi all, as of some ppl are trying to use hostsentry i was interessted in do it too :-) ... i have installed python with module support for utmp and dbm. I have changed hostsentry.conf according to the readme and of some mails i have read here. And now, if i want to use hostsentry, i get the following: [EMAIL PROTECTED]:/usr/local/hostsentry# ./hostsentry.py from: can't read /var/mail/hostSentryCore ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: import: command not found ./hostsentry.py: POLL_DELAY: command not found ./hostsentry.py: VERSION: command not found ./hostsentry.py: line 59: syntax error near unexpected token `hostSentry(h' ./hostsentry.py: line 59: `class hostSentry(hostSentryCore):' I use Debian SID! Thanks for your help. Kind regards, Marc
Re: Compiling HostSentry
On Dienstag, 26. Juni 2001 11:20 you wrote: Hi Berend, i have tried your hint and it works fine. Shame on me that i did not recognize it myself :-) But now i have the following failure when i log in to my system: Jun 26 11:38:43 codeman login[1213]: ROOT LOGIN on `pts/9' Jun 26 11:38:43 codeman hostSentry[1174]: adminalert: Error reading/writing to TTY state database during logout processing. Thanks for your help. Kind regards, Marc
Re: Compiling Hostsentry
Hi all, here is a little c++ program which u can use to determine your utmp/wtmp format to use it correctly with hostsentry. It works fine for me and maybe it can be added to future releases of hostsentry cause it may be usefull for some ppl. :-) I have attached an C++ and C Version! Kind regards, Marc// to compile: gcc -o showwtmp showwtmp.c #include stdio.h #include utmp.h main() { int s_utmp, s_ut_type, s_pid_t, o_tty_name, s_tty_name, o_username, s_username, o_hostname, s_hostname; s_utmp= sizeof(struct utmp); s_ut_type = sizeof(short); s_pid_t = sizeof(pid_t); o_tty_name = s_pid_t + s_ut_type; s_tty_name = UT_LINESIZE; o_username = o_tty_name + s_tty_name + 4; //4=sizeof(abbrev. ttyname) s_username = UT_NAMESIZE; o_hostname = o_username + s_username; s_hostname = UT_HOSTSIZE; printf(size of utmp struct: %d\n, s_utmp); printf(size of ut_type: %d\n, s_ut_type); printf(size of pid_t: %d\n, s_pid_t); printf(offset of tty name: %d\n, o_tty_name); printf(size of tty name:%d\n, s_tty_name); printf(offset of username: %d\n, o_username); printf(size of username:%d\n, s_username); printf(offset of hostname: %d\n, o_hostname); printf(size of hostname:%d\n, s_hostname); printf(\nformat:\n); printf(\%d/%d:%d/%d:%d/%d:%d\\n, s_utmp, o_tty_name, s_tty_name, o_username, s_username, o_hostname, s_hostname); return 0; } // to compile: g++ -o showwtmp showwtmp.cpp #include stdio.h #include utmp.h int main(int argc, char **argv) { int s_utmp= sizeof(struct utmp), s_ut_type = sizeof(short), s_pid_t = sizeof(pid_t), o_tty_name = s_pid_t + s_ut_type, s_tty_name = UT_LINESIZE, o_username = o_tty_name + s_tty_name + 4, //4=sizeof(abbrev. ttyname) s_username = UT_NAMESIZE, o_hostname = o_username + s_username, s_hostname = UT_HOSTSIZE; printf(size of utmp struct: %d\n, s_utmp); printf(size of ut_type: %d\n, s_ut_type); printf(size of pid_t: %d\n, s_pid_t); printf(offset of tty name: %d\n, o_tty_name); printf(size of tty name:%d\n, s_tty_name); printf(offset of username: %d\n, o_username); printf(size of username:%d\n, s_username); printf(offset of hostname: %d\n, o_hostname); printf(size of hostname:%d\n, s_hostname); printf(\nformat:\n); printf(\%d/%d:%d/%d:%d/%d:%d\\n, s_utmp, o_tty_name, s_tty_name, o_username, s_username, o_hostname, s_hostname); return 0; }
Re: Pam 0.72-26 critically broken
Hi, have made some aliases for me to prevent such security things to break my system. Have a look :-) put the following into /root/.bashrc or .profile or whatever you use as your shell. holddeb() { if [ $# = 1 ]; then echo $1 hold | dpkg --set-selections echo Set $1 on hold so dist-upgrade cannot update: echo `dpkg -l|grep $1` else echo This is to set an debian package on hold so dist-upgrade cannot replace it :-) echo Usage: holddeb package-name fi } unholddeb() { if [ $# = 1 ]; then echo $1 install | dpkg --set-selections echo Set $1 on unhold so dist-upgrade can update: echo `dpkg -l|grep $1` else echo This is to set an debian package on unhold so dist-upgrade can replace it :-( echo Usage: unholddeb package-name fi } alias allonhold='dpkg -l|grep hi ' So, holddeb can be called within your shell with for example: holddeb tar. This one sets package tar on hold so only --force-hold can replace this package. undholddeb tar sets the package to installable again. allonhold displays your current all on hold packages. Maybe you need it or not, it's quite simple, but usefull for me. I have some packages on hold cause some don't work fine, like the following: hi gpm1.19.3-6 General Purpose Mouse Interface hi imwheel0.9.9pre5-2Program to support the wheel on some new m hi libpam-crackli 0.72-27PAM module to enable cracklib support. hi libpam-modules 0.72-27Pluggable Authentication Modules for PAM hi libpam-runtime 0.72-27Runtime support for the PAM library hi libpam0g 0.72-27Pluggable Authentication Modules library hi mc 4.5.42-11.pota Midnight Commander - A powerful file manager hi mc-common 4.5.42-11.pota Common files for mc and gmc hi sendmail 8.11.4+8.12.0. A powerful mail transport agent. hi tar1.13.17-2 GNU tar hi wmaker 0.65.0-3 NeXTSTEP-like window manager for X hi xchat 1.7.6-2A X11 (X Window System) IRC client, using th Why i use hold gpm and imwheel is cause i have selfcompiled packages of them with support for /dev/gpmwheel so i can use gpm with imwheel and mouse support in console and X at the same time. Midnight Commander cause all later versions are not able to browse to .deb files and browsing rpm files are broken too. Sendmail cause ...beta10-2 don't work fine, same as tar, you can find the bug at bugs.debian.org and wmaker, muaaah, i compiled at myself cause the packages of debian are horrible :-) ... Dark blue != dark blue but light cyan, very slow gfx output, and many many more and last but not least, i use selfmade xchat with some modifications :-) So, i hope i didn't write alot to much and maybe it helps anyone :-) Kind regards, Marc