[PATCH] set sticky bit when creating /var/tmp mount-point
Dear list, partition_config::mount_partition() uses mode 01777 when creating /tmp as a mount-point, but doesn't for /target/var/tmp. A fix is: Index: boot-floppies/utilities/dbootstrap/partition_config.c === RCS file: /cvs/debian-boot/boot-floppies/utilities/dbootstrap/partition_config.c,v retrieving revision 1.116 diff -u -r1.116 partition_config.c --- boot-floppies/utilities/dbootstrap/partition_config.c 2001/11/11 01:00:33 1.116 +++ boot-floppies/utilities/dbootstrap/partition_config.c 2001/11/13 09:36:48 @@ -572,7 +572,9 @@ while (1) { if ((p = strchr(p + 1, '/')) != NULL) *p = '\0'; - WithMode = strcmp(real_mount_point,/target/tmp) ? 0755 : 01777; + WithMode = strcmp(real_mount_point,/target/tmp) + strcmp(real_mount_point,/target/var/tmp) +? 0755 : 01777; DEBUGMSG(making mount point %s, real_mount_point); if (! mkdir(real_mount_point, WithMode)) { chmod(real_mount_point, WithMode); Regards, Mark. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [PATCH] set sticky bit when creating /var/tmp mount-point
On Tue, Nov 13, 2001 at 10:53:16PM +1300, Mark van Walraven wrote: Dear list, partition_config::mount_partition() uses mode 01777 when creating /tmp as a mount-point, but doesn't for /target/var/tmp. A fix is: what good will this do? the permissions of the mount point directory are irrelevant as they will be replaced by the permissions of the root directory of the mounted filesystem. Index: boot-floppies/utilities/dbootstrap/partition_config.c === RCS file: /cvs/debian-boot/boot-floppies/utilities/dbootstrap/partition_config.c,v retrieving revision 1.116 diff -u -r1.116 partition_config.c --- boot-floppies/utilities/dbootstrap/partition_config.c 2001/11/11 01:00:33 1.116 +++ boot-floppies/utilities/dbootstrap/partition_config.c 2001/11/13 09:36:48 @@ -572,7 +572,9 @@ while (1) { if ((p = strchr(p + 1, '/')) != NULL) *p = '\0'; - WithMode = strcmp(real_mount_point,/target/tmp) ? 0755 : 01777; + WithMode = strcmp(real_mount_point,/target/tmp) +strcmp(real_mount_point,/target/var/tmp) + ? 0755 : 01777; DEBUGMSG(making mount point %s, real_mount_point); if (! mkdir(real_mount_point, WithMode)) { chmod(real_mount_point, WithMode); Regards, Mark. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Ethan Benson http://www.alaska.net/~erbenson/ msg12175/pgp0.pgp Description: PGP signature
Re: [PATCH] set sticky bit when creating /var/tmp mount-point
Ethan Benson [EMAIL PROTECTED] writes: On Tue, Nov 13, 2001 at 10:53:16PM +1300, Mark van Walraven wrote: partition_config::mount_partition() uses mode 01777 when creating /tmp as a mount-point, but doesn't for /target/var/tmp. A fix is: what good will this do? the permissions of the mount point directory are irrelevant as they will be replaced by the permissions of the root directory of the mounted filesystem. It enables the use of vi for non-root users even when /var/tmp isn't mounted ... uh ... No, actually, if you use tmpfs for /var/tmp, it will use the same permissions as the mount point, since there is no other place to store that persistent configuration. Kjetil T. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: library reduction problems in recent rootdisk.sh
Ethan Benson [EMAIL PROTECTED] writes: On Mon, Nov 12, 2001 at 02:09:52PM -0500, Adam Di Carlo wrote: Goswin Brederlow [EMAIL PROTECTED] writes: Good that you start telling. What do you mean by that? I reported this *months* ago, pleading that someone fix it. It still has the atexit problem? What libc version do you have? I was able to fix this problem on PowerPC I think by fixing the hardcoded ld.so bit in the script. no that doesn't fix it. i made the same changes and it fixed nothing. I can investigate more if needed... I've got the DEBUG_SPAM output now and from that it should work. I deduces that it needs atexit from the libc and tells gcc to include that in the stripped version. But then it won't appear in the stripped version. It looks eigther like a gcc bug or the atexit symbol is defined in a strange way that prevents it from resolving in the stripped version of the libc. Can someone with this problem try to run the library reduction on #include stdlib.h void bla(void) {} int main() { atexit(bla); return 0; } and the libc with nothing else cluttering the output. Its the same behaviour the broken libc had on i386. MfG Goswin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies by sgybas
Repository: boot-floppies who:sgybas time: Tue Nov 13 03:49:02 PST 2001 Log Message: Remove unneeded PAM modules from s390 root disk and create cutsom /etc/pam.d/other which allows logins without a password Files: changed:rootdisk.sh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/s390-specials by sgybas
Repository: boot-floppies/s390-specials who:sgybas time: Tue Nov 13 03:49:02 PST 2001 Log Message: Remove unneeded PAM modules from s390 root disk and create cutsom /etc/pam.d/other which allows logins without a password Files: added: other.pam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/scripts/rootdisk by sgybas
Repository: boot-floppies/scripts/rootdisk who:sgybas time: Tue Nov 13 03:49:03 PST 2001 Log Message: Remove unneeded PAM modules from s390 root disk and create cutsom /etc/pam.d/other which allows logins without a password Files: changed:EXTRACT_LIST_s390 SMALL_BASE_LIST_s390 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/debian by sgybas
Repository: boot-floppies/debian who:sgybas time: Tue Nov 13 03:49:02 PST 2001 Log Message: Remove unneeded PAM modules from s390 root disk and create cutsom /etc/pam.d/other which allows logins without a password Files: changed:changelog -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [PATCH] set sticky bit when creating /var/tmp mount-point
On Tue, Nov 13, 2001 at 12:02:18PM +0100, Kjetil Torgrim Homme wrote: Ethan Benson [EMAIL PROTECTED] writes: On Tue, Nov 13, 2001 at 10:53:16PM +1300, Mark van Walraven wrote: partition_config::mount_partition() uses mode 01777 when creating /tmp as a mount-point, but doesn't for /target/var/tmp. A fix is: what good will this do? the permissions of the mount point directory are irrelevant as they will be replaced by the permissions of the root directory of the mounted filesystem. It enables the use of vi for non-root users even when /var/tmp isn't mounted ... uh ... and why would that happen? from a security point of view i think the directory under mountpoints like tmp should not be world writable, if the admin has a different filesystem/partition mounted there he probably did so to keep users from gaining write permission to the underlying filesystem (esp in the case of /). No, actually, if you use tmpfs for /var/tmp, it will use the same permissions as the mount point, since there is no other place to store that persistent configuration. this is not true: root@dogbert /# mkdir foo root@dogbert /# ls -ld foo/ drwxr-xr-x2 root root 1024 Nov 13 04:14 foo/ root@dogbert /# mount -t tmpfs tmpfs foo root@dogbert /# ls -ld foo/ drwxrwxrwt2 root root0 Nov 13 04:14 foo/ root@dogbert /# uname -a Linux dogbert 2.4.14 #1 Sun Nov 11 01:20:42 AKST 2001 ppc unknown default permissions for the tmpfs root is 1777 if you want something different you have to use the mode= mount option. -- Ethan Benson http://www.alaska.net/~erbenson/ msg12182/pgp0.pgp Description: PGP signature
cvs commit to boot-floppies/debian by sgybas
Repository: boot-floppies/debian who:sgybas time: Tue Nov 13 06:40:26 PST 2001 Log Message: s390: don't ask for kernel 2.0 compatibility in mke2fs Files: changed:changelog -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/utilities/dbootstrap by sgybas
Repository: boot-floppies/utilities/dbootstrap who:sgybas time: Tue Nov 13 06:40:26 PST 2001 Log Message: s390: don't ask for kernel 2.0 compatibility in mke2fs Files: changed:partition_config.c -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies by sgybas
Repository: boot-floppies who:sgybas time: Tue Nov 13 06:45:24 PST 2001 Log Message: wrote replacement for /bin/login on s390 and drop PAM from the root disk Files: changed:Makefile rootdisk.sh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/make by sgybas
Repository: boot-floppies/make who:sgybas time: Tue Nov 13 06:45:25 PST 2001 Log Message: wrote replacement for /bin/login on s390 and drop PAM from the root disk Files: changed:s390.rules -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/debian by sgybas
Repository: boot-floppies/debian who:sgybas time: Tue Nov 13 06:45:25 PST 2001 Log Message: wrote replacement for /bin/login on s390 and drop PAM from the root disk Files: changed:changelog -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/scripts/rootdisk by sgybas
Repository: boot-floppies/scripts/rootdisk who:sgybas time: Tue Nov 13 06:45:25 PST 2001 Log Message: wrote replacement for /bin/login on s390 and drop PAM from the root disk Files: changed:EXTRACT_LIST_s390 SMALL_BASE_LIST_s390 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/s390-specials by sgybas
Repository: boot-floppies/s390-specials who:sgybas time: Tue Nov 13 06:45:25 PST 2001 Log Message: wrote replacement for /bin/login on s390 and drop PAM from the root disk Files: changed:Makefile inetd.conf added: .cvsignore login.c -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Freeware for the AS400: CAT produces a catalog of files in a library.
FREEWARE: AS400 Library Catalog Software (source included.) As thanks for visiting our web site at www.rapidfire400.com, we would like you to have our CAT Freeware package. You can use CAT to gather information about the files in a library and print reports; by Date Last Used, by File Size, by File Name. We have included the source code with CAT. We used RapidFire400 to automatically generate the programs for the reports. RAPIDFIRE400 ! Free DEMO How would you like to cut your applications development time in half? What if your programmers could produce RPG ILE code for reports and file manipulations in a tenth of the time it now takes them? Our program generator is easy to learn and run. If you know AS400 query, there is almost no learning curve! Rapidfire400 takes AS400 Query definitions and creates source programs ready for testing! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: library reduction problems in recent rootdisk.sh
On Tue, Nov 13, 2001 at 12:43:03PM +0100, Goswin Brederlow wrote: It looks eigther like a gcc bug or the atexit symbol is defined in a strange way that prevents it from resolving in the stripped version of the libc. Can someone with this problem try to run the library reduction on #include stdlib.h void bla(void) {} int main() { atexit(bla); return 0; } and the libc with nothing else cluttering the output. Its the same behaviour the broken libc had on i386. i just tried both your test and a full powerpc b-f build and this time i had no problems with mklibs.py. libc6 is 2.2.4-5 we still cannot use mklibs.py until someone fixes the gratuitous i386ism regarding what ld is called i have to use the following patch to make it work correctly (well ignore DEBUG_SPAM): Index: scripts/rootdisk/mklibs.py === RCS file: /cvs/debian-boot/boot-floppies/scripts/rootdisk/mklibs.py,v retrieving revision 1.4 diff -u -r1.4 mklibs.py --- scripts/rootdisk/mklibs.py 2001/08/11 06:55:18 1.4 +++ scripts/rootdisk/mklibs.py 2001/11/13 15:14:55 @@ -53,7 +53,7 @@ DEBUG_VERBOSE = 2 DEBUG_SPAM= 3 -debuglevel = DEBUG_NORMAL +debuglevel = DEBUG_SPAM def debug(level, *msg): if debuglevel = level: @@ -352,7 +352,7 @@ base_name = so_pattern.match(library).group(1) # libc needs its soinit.o and sofini.o as well as the pic if base_name == libc: -extra_flags = find_lib(ld-linux.so.2) +extra_flags = find_lib(ld.so.1) extra_pre_obj = /usr/lib/libc_pic/soinit.o extra_post_obj = /usr/lib/libc_pic/sofini.o else: @@ -396,6 +396,6 @@ os.remove(dest_path + / + lib) # Make the dynamic linker executable -ld_file = find_lib(ld-linux.so.2) +ld_file = find_lib(ld.so.1) ld_file_name = os.path.basename(ld_file) os.chmod(dest_path + / + ld_file_name, 0755) -- Ethan Benson http://www.alaska.net/~erbenson/ msg12191/pgp0.pgp Description: PGP signature
cvs commit to boot-floppies/s390-specials by sgybas
Repository: boot-floppies/s390-specials who:sgybas time: Tue Nov 13 07:25:23 PST 2001 Log Message: Added REXX script to IPL from a VM reader Files: removed:other.pam added: iplrdr.exec -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies by eb
Repository: boot-floppies who:eb time: Tue Nov 13 07:29:52 PST 2001 Log Message: lilo setup checks for XFS formatted / /boot partitions and disallows installation there if they are indeed XFS. thus no longer a todo Files: changed:todo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Free Software Gift!
FREE SOFTWARE GIFT! Don't forget your free software gift! Great for holiday gift giving! Many popular titles to choose from. Hurry! This offer is only good While supplies last! Click Here: http://www.passionup.com/free.htm?lk=ob3 Let someone know how much you care! Send a Free PassionUp Greeting Card! http://www.passionup.com?lk=ob4 Remove yourself from this list by either: Entering your email address below and clicking REMOVE: OR Reply to this message with the word remove in the subject line. This message was sent to address [EMAIL PROTECTED] pmguid:ud.tcy.83c8q -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies by pb
Repository: boot-floppies who:pb time: Tue Nov 13 10:26:11 PST 2001 Log Message: tweak arm release stuff some more: avoid making bf-image-*.tar.gz with nothing in them Files: changed:release.sh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: library reduction problems in recent rootdisk.sh
Ethan Benson [EMAIL PROTECTED] writes: On Tue, Nov 13, 2001 at 12:43:03PM +0100, Goswin Brederlow wrote: It looks eigther like a gcc bug or the atexit symbol is defined in a strange way that prevents it from resolving in the stripped version of the libc. Can someone with this problem try to run the library reduction on #include stdlib.h void bla(void) {} int main() { atexit(bla); return 0; } and the libc with nothing else cluttering the output. Its the same behaviour the broken libc had on i386. i just tried both your test and a full powerpc b-f build and this time i had no problems with mklibs.py. libc6 is 2.2.4-5 fine. So alpha, ppc, i386 and m68k work. Anyone other experiences? we still cannot use mklibs.py until someone fixes the gratuitous i386ism regarding what ld is called i have to use the following patch to make it work correctly (well ignore DEBUG_SPAM): Index: scripts/rootdisk/mklibs.py === RCS file: /cvs/debian-boot/boot-floppies/scripts/rootdisk/mklibs.py,v retrieving revision 1.4 diff -u -r1.4 mklibs.py --- scripts/rootdisk/mklibs.py 2001/08/11 06:55:18 1.4 +++ scripts/rootdisk/mklibs.py 2001/11/13 15:14:55 @@ -53,7 +53,7 @@ DEBUG_VERBOSE = 2 DEBUG_SPAM= 3 -debuglevel = DEBUG_NORMAL +debuglevel = DEBUG_SPAM def debug(level, *msg): if debuglevel = level: @@ -352,7 +352,7 @@ base_name = so_pattern.match(library).group(1) # libc needs its soinit.o and sofini.o as well as the pic if base_name == libc: -extra_flags = find_lib(ld-linux.so.2) +extra_flags = find_lib(ld.so.1) extra_pre_obj = /usr/lib/libc_pic/soinit.o extra_post_obj = /usr/lib/libc_pic/sofini.o else: @@ -396,6 +396,6 @@ os.remove(dest_path + / + lib) # Make the dynamic linker executable -ld_file = find_lib(ld-linux.so.2) +ld_file = find_lib(ld.so.1) ld_file_name = os.path.basename(ld_file) os.chmod(dest_path + / + ld_file_name, 0755) I have the following on my system: mrvn@dual:~% ls -l /lib/ld* -rwxr-xr-x1 root root94561 Oct 30 23:44 /lib/ld-2.2.4.so* lrwxrwxrwx1 root root 18 Mar 13 2001 /lib/ld-linux.so.1 - ld-linux.so.1.9.11* -rwxr-xr-x1 root root24817 Mar 7 2001 /lib/ld-linux.so.1.9.11* lrwxrwxrwx1 root root 11 Nov 4 05:54 /lib/ld-linux.so.2 - ld-2.2.4.so* -rwxr-xr-x2 root root99568 Mar 7 2001 /lib/ld.so* -rwxr-xr-x2 root root99568 Mar 7 2001 /lib/ld.so.1.9.11* 2fca30cbaccb4c9eccfe46cc26d1317b /lib/ld-2.2.4.so d4a2c961c9306a2e556aa01b9f3578a8 /lib/ld-linux.so.1.9.11 77328b80b0c4956fa82bbec45cfd8fd1 /lib/ld.so 77328b80b0c4956fa82bbec45cfd8fd1 /lib/ld.so.1.9.11 So which one should be used? Which ones don't work? Do all archs have an /lib/ld.so and does that work for all? I would hate to do things differently for each arch or libc version. I thought with ld-linux.so.2 would be provided by all current glibcs. May the Source be with you. Goswin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#119337: marked as done (boot-floppies: dbootstrap looks for Release file in wrong location)
Your message dated Tue, 13 Nov 2001 14:01:40 -0600 with message-id [EMAIL PROTECTED] and subject line Bug#119337: boot-floppies: dbootstrap looks for Release file in wrong location has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Darren Benham (administrator, Debian Bugs database) -- Received: (at submit) by bugs.debian.org; 12 Nov 2001 18:59:17 + From [EMAIL PROTECTED] Mon Nov 12 12:59:17 2001 Return-path: [EMAIL PROTECTED] Received: from relativity.phy.olemiss.edu [130.74.16.250] (postfix) by master.debian.org with esmtp (Exim 3.12 1 (Debian)) id 163MIf-0007FH-00; Mon, 12 Nov 2001 12:59:17 -0600 Received: by relativity.phy.olemiss.edu (Postfix, from userid 541) id 0982D4B4A6; Mon, 12 Nov 2001 12:59:17 -0600 (CST) From: Chris Lawrence [EMAIL PROTECTED] To: Debian Bug Tracking System [EMAIL PROTECTED] Subject: boot-floppies: dbootstrap looks for Release file in wrong location X-Reportbug-Version: 1.33 X-Mailer: reportbug 1.33 Date: Mon, 12 Nov 2001 12:59:16 -0600 Message-Id: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Package: boot-floppies Version: 3.0.15-2001-10-18 Severity: important This version of boot-floppies looks for the Release file on a CD-ROM or mounted medium in the directory /instmnt/dists/woody; however, the Release file is stored in /instmnt/dists/woody/main/binary-$ARCH. This may be an issue with the included debootstrap udeb, rather than boot-floppies per se. The error messages make it hard to tell. (This may be fixed in .16 [I can't tell], but there is no .16 release for Intel in the archive...) -- System Information Debian Release: testing/unstable Architecture: i386 Kernel: Linux relativity 2.4.12-ac3 #1 Wed Oct 17 12:24:10 CDT 2001 i686 Locale: LANG=C, LC_CTYPE=en_US --- Received: (at 119337-done) by bugs.debian.org; 13 Nov 2001 20:01:44 + From [EMAIL PROTECTED] Tue Nov 13 14:01:44 2001 Return-path: [EMAIL PROTECTED] Received: from host251.auditing.olemiss.edu [130.74.162.251] ([dz1B9mITiBOL2d0dLJRt5EoMce2efB7c]) by master.debian.org with esmtp (Exim 3.12 1 (Debian)) id 163jke-DF-00; Tue, 13 Nov 2001 14:01:44 -0600 Received: by host251.auditing.olemiss.edu (Postfix, from userid 1000) id 291628662A; Tue, 13 Nov 2001 14:01:40 -0600 (CST) Date: Tue, 13 Nov 2001 14:01:40 -0600 From: Chris Lawrence [EMAIL PROTECTED] To: Ethan Benson [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Bug#119337: boot-floppies: dbootstrap looks for Release file in wrong location Message-ID: [EMAIL PROTECTED] References: [EMAIL PROTECTED] [EMAIL PROTECTED] Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: [EMAIL PROTECTED] User-Agent: Mutt/1.3.23i Organization: The University of Mississippi (Standard Disclaimer Applies) X-Operating-System: Linux/i686 2.4.13-ac5 Delivered-To: [EMAIL PROTECTED] On Nov 12, Ethan Benson wrote: On Mon, Nov 12, 2001 at 12:59:16PM -0600, Chris Lawrence wrote: Package: boot-floppies Version: 3.0.15-2001-10-18 Severity: important This version of boot-floppies looks for the Release file on a CD-ROM or mounted medium in the directory /instmnt/dists/woody; however, the Release file is stored in /instmnt/dists/woody/main/binary-$ARCH. wrong. dists/woody/Release is the correct file. if its missing your CD is broken. the Release files under binary-$arch are not complete. Ah... for some reason or another, my partial mirroring script wasn't picking those Release* files up, and the CD scripts didn't complain that they were missing. Thanks for the pointer. Chris, closing the report -- Chris Lawrence [EMAIL PROTECTED] - http://www.lordsutch.com/chris/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [PATCH] set sticky bit when creating /var/tmp mount-point
On Tue, Nov 13, 2001 at 04:20:36AM -0900, Ethan Benson wrote: On Tue, Nov 13, 2001 at 12:02:18PM +0100, Kjetil Torgrim Homme wrote: Ethan Benson [EMAIL PROTECTED] writes: - what good will this do? the permissions of the mount point directory are irrelevant as they will be replaced by the permissions of the root directory of the mounted filesystem. It enables the use of vi for non-root users even when /var/tmp isn't mounted ... uh ... And many other things too! Bash, for instance uses TMPDIR for 'here documents'. and why would that happen? from a security point of view i think the directory under mountpoints like tmp should not be world writable, if the admin has a different filesystem/partition mounted there he probably did so to keep users from gaining write permission to the underlying filesystem (esp in the case of /). It might happen because the admin temporarily un-mounted /var/tmp to alter its size. Or perhaps the filesystem was damaged and the admin decided to bring the system up without mounting it before trying to recover the data. Maybe we simply one day decide we don't need /var/tmp separate from /var. Differing permissions on a filesystem and its mountpoint - in the absence of admin intervention - violate the principle of least surprise for most mount-points (obvious exceptions are /mnt, /cdrom and /floppy). The inconsistency with /tmp is itself surprising. If I want to stop users writing into the /tmp and /var/tmp mountpoint directories when nothing is mounted on them, then I change the directory permissions in a deliberate act. However, since the system will not automatically boot into multi-user mode without mounting all the filesystems in fstab, I need not fear the mountpoints being exposed without administrative fiat. Regards, Mark. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: library reduction problems in recent rootdisk.sh
On Tue, Nov 13, 2001 at 08:33:13PM +0100, Goswin Brederlow wrote: Index: scripts/rootdisk/mklibs.py === RCS file: /cvs/debian-boot/boot-floppies/scripts/rootdisk/mklibs.py,v retrieving revision 1.4 diff -u -r1.4 mklibs.py --- scripts/rootdisk/mklibs.py 2001/08/11 06:55:18 1.4 +++ scripts/rootdisk/mklibs.py 2001/11/13 15:14:55 @@ -53,7 +53,7 @@ DEBUG_VERBOSE = 2 DEBUG_SPAM= 3 -debuglevel = DEBUG_NORMAL +debuglevel = DEBUG_SPAM def debug(level, *msg): if debuglevel = level: @@ -352,7 +352,7 @@ base_name = so_pattern.match(library).group(1) # libc needs its soinit.o and sofini.o as well as the pic if base_name == libc: -extra_flags = find_lib(ld-linux.so.2) +extra_flags = find_lib(ld.so.1) extra_pre_obj = /usr/lib/libc_pic/soinit.o extra_post_obj = /usr/lib/libc_pic/sofini.o else: @@ -396,6 +396,6 @@ os.remove(dest_path + / + lib) # Make the dynamic linker executable -ld_file = find_lib(ld-linux.so.2) +ld_file = find_lib(ld.so.1) ld_file_name = os.path.basename(ld_file) os.chmod(dest_path + / + ld_file_name, 0755) I have the following on my system: mrvn@dual:~% ls -l /lib/ld* -rwxr-xr-x1 root root94561 Oct 30 23:44 /lib/ld-2.2.4.so* lrwxrwxrwx1 root root 18 Mar 13 2001 /lib/ld-linux.so.1 - ld-linux.so.1.9.11* -rwxr-xr-x1 root root24817 Mar 7 2001 /lib/ld-linux.so.1.9.11* lrwxrwxrwx1 root root 11 Nov 4 05:54 /lib/ld-linux.so.2 - ld-2.2.4.so* -rwxr-xr-x2 root root99568 Mar 7 2001 /lib/ld.so* -rwxr-xr-x2 root root99568 Mar 7 2001 /lib/ld.so.1.9.11* 2fca30cbaccb4c9eccfe46cc26d1317b /lib/ld-2.2.4.so d4a2c961c9306a2e556aa01b9f3578a8 /lib/ld-linux.so.1.9.11 77328b80b0c4956fa82bbec45cfd8fd1 /lib/ld.so 77328b80b0c4956fa82bbec45cfd8fd1 /lib/ld.so.1.9.11 i386 So which one should be used? Which ones don't work? Do all archs have an /lib/ld.so and does that work for all? I would hate to do things differently for each arch or libc version. I thought with ld-linux.so.2 would be provided by all current glibcs. unless you want to figure out what the libc version is you have to. boot-floppies already have a mechenism to know what ld is on a certain architecture. eb@dogbert ~$ ls -l /lib/ld* -rwxr-xr-x1 root root 115464 Oct 30 09:44 /lib/ld-2.2.4.so lrwxrwxrwx1 root root 11 Nov 10 03:36 /lib/ld.so.1 - ld-2.2.4.so eb@dogbert ~$ dpkg -s libc6 | grep ^Ver Version: 2.2.4-5 eb@dogbert ~$ uname -m ppc furthermore from looking at rootdisk.sh more archs use ld.so.1 then use ld-linux.so.2. look at the list for yourself. -- Ethan Benson http://www.alaska.net/~erbenson/ msg12200/pgp0.pgp Description: PGP signature
Re: [PATCH] set sticky bit when creating /var/tmp mount-point
On Wed, Nov 14, 2001 at 11:07:49AM +1300, Mark van Walraven wrote: On Tue, Nov 13, 2001 at 04:20:36AM -0900, Ethan Benson wrote: On Tue, Nov 13, 2001 at 12:02:18PM +0100, Kjetil Torgrim Homme wrote: Ethan Benson [EMAIL PROTECTED] writes: - what good will this do? the permissions of the mount point directory are irrelevant as they will be replaced by the permissions of the root directory of the mounted filesystem. It enables the use of vi for non-root users even when /var/tmp isn't mounted ... uh ... And many other things too! Bash, for instance uses TMPDIR for 'here documents'. your missing the point: what good will this do? the permissions of the mount point directory are irrelevant as they will be replaced by the permissions of the root directory of the mounted filesystem. this patch ONLY affects creation of the mountpoint directory which will be covered up by whatever partition/filesystem is mounted there. unless your mounting a partition on /var/tmp we don't create it at all, base-files does. It might happen because the admin temporarily un-mounted /var/tmp to alter its size. Or perhaps the filesystem was damaged and the admin decided to bring the system up without mounting it before trying to recover the data. Maybe we simply one day decide we don't need /var/tmp separate from /var. and for that reason he probably doesn't want lusers filling up /var while he is working. Differing permissions on a filesystem and its mountpoint - in the absence of admin intervention - violate the principle of least surprise for most mount-points (obvious exceptions are /mnt, /cdrom and /floppy). The inconsistency with /tmp is itself surprising. i disagree, lusers suddenly gaining write permission to a filesystem its not granted to them due to mountpoints is a surprise. i would bet the only reason there is a special case kludge in boot-floppies here is due to severe misunderstanding of something by some other coder, i found many many instances of mkdir(/foo/bar, 1777) which does not work. the permission you specify is always ORed with the current umask, and the first digit is always ignored. you can't create a sticky directory with mkdir(blah, somemode) afaikt. if anything this sillyness regarding mountpoint directories should be removed, not expanded. If I want to stop users writing into the /tmp and /var/tmp mountpoint directories when nothing is mounted on them, then I change the directory permissions in a deliberate act. However, since the system will not automatically boot into multi-user mode without mounting all the filesystems in fstab, I need not fear the mountpoints being exposed without administrative fiat. yes so you agree the permissions of the mountpoint dir don't need to be fiddled with. -- Ethan Benson http://www.alaska.net/~erbenson/ msg12201/pgp0.pgp Description: PGP signature
Re: library reduction problems in recent rootdisk.sh
On Tue Nov 13, 2001 at 06:16:23AM -0900, Ethan Benson wrote: # Make the dynamic linker executable -ld_file = find_lib(ld-linux.so.2) +ld_file = find_lib(ld.so.1) ld_file_name = os.path.basename(ld_file) os.chmod(dest_path + / + ld_file_name, 0755) You want to use something like the following makefile snippet: SYSTEM_LDSO=$(shell for each in `$(CC) -print-search-dirs| \ grep ^libraries| sed -e 's/^libraries: //' -e 's/:/ /g'`;\ do ls $$each/ld.so.* 2/dev/null;done) -Erik -- Erik B. Andersen http://codepoet-consulting.com/ --This message was written using 73% post-consumer electrons-- msg12202/pgp0.pgp Description: PGP signature
cvs commit to boot-floppies/debian by aph
Repository: boot-floppies/debian who:aph time: Tue Nov 13 19:03:56 PST 2001 Log Message: Colin Walters, fix a problem with the waitpid() used in dbootstrap when waiting for debootstrap to end Files: changed:changelog -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/utilities/dbootstrap by aph
Repository: boot-floppies/utilities/dbootstrap who:aph time: Tue Nov 13 19:04:04 PST 2001 Log Message: Colin Walters, fix a problem with the waitpid() used in dbootstrap when waiting for debootstrap to end Files: changed:extract_base.c -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/make by aph
Repository: boot-floppies/make who:aph time: Tue Nov 13 19:06:53 PST 2001 Log Message: LANG_CHOOSER dependancy fix Files: changed:root -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/debian by aph
Repository: boot-floppies/debian who:aph time: Tue Nov 13 19:11:01 PST 2001 Log Message: recent change Files: changed:changelog -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/utilities/dbootstrap/po by aph
Repository: boot-floppies/utilities/dbootstrap/po who:aph time: Tue Nov 13 21:43:13 PST 2001 Log Message: remove a duplicate message definition Files: changed:es.po -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/utilities/dbootstrap/po by aph
Repository: boot-floppies/utilities/dbootstrap/po who:aph time: Tue Nov 13 21:50:40 PST 2001 Log Message: run update-po Files: changed:cs.po da.po de.po eo.po es.po fi.po fr.po gl.po hr.po hu.po it.po ja.po ko.po pl.po pt.po ru.po sk.po sv.po tr.po zh_CN.po -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/utilities/dbootstrap by aph
Repository: boot-floppies/utilities/dbootstrap who:aph time: Tue Nov 13 22:16:36 PST 2001 Log Message: mostly back out my recent changes, which wouldn't build, but the effect of Colin's patch is retained Files: changed:extract_base.c -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: language-chooser and keyboard configuration
In message [EMAIL PROTECTED], Adam Di Carlo writes: So this bug is fixed in CVS and 3.0.17? YOu didn't mark it as closable in the changelog file though, any reason why not? The bug mentions some other stuff too; I wasn't sure whether it was all fixed. p. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
cvs commit to boot-floppies/documentation/fr by aph
Repository: boot-floppies/documentation/fr who:aph time: Tue Nov 13 23:59:51 PST 2001 Log Message: argh, one char missing in french docs broke the build, fixed Files: changed:kernel.sgml -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]