Re: How to investigate kernel failure?
On Sat, 18 Oct 2003 01:33:24 +0200, aCaB <[EMAIL PROTECTED]> wrote in message <[EMAIL PROTECTED]>: > > The above are stack dumps. As you can see the most-recently invoked > > function in each case was getblk(), so I'd say you need to check > > your filesystem (and/or replace the hard drive). > > > > Marcin > > Thanks a lot for your help. Now everything seems a bit more clear. > But this leads to another question... > The disks are software raided so the failed one should have been > kicked out of the array which, in fact, didn't happen. Any hints? ..perfectly normal on raid0 etc. Raid1 or 5 etc; uhoh. Ext3fs? ..I saw "raid over net" somewhere, where? Testing? Sid? I allway keep finding stuff I can use, the next month. ;-) -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SSH access restrictions
Thanks Jason, > Usually you can't... as they have dependency problems. Well I think it may be OK to just use the 'testing' .deb. Why ? Because I just did. It all installed OK without any error's. I just downloaded it and dpkg -i it. I haven't used it yet as I'm still reading the readme but it has successfully put a pam_chroot.so in the /lib/security dir. and libpam-chroot in /usr/share/doc. Finger's crossed it'll work just fine. To be thorough I'll head over to http://www.apt-get.org now. Cheers Rudi. > > Hi, > > > > Just a quick question on libpam-chroot. > > > > This package is not availalbe in 'stable'. > > I've only ever used 'stable'. > > > > It should be OK to grab this package from 'testing' and use it hey ? > > Usually you can't... as they have dependency problems. What you need > is a "backport" to stable... search on Google for one > (http://www.apt-get.org/ is one) and see if anyone has a backport > for it. Hopefully they do... I'd be interested in CHROOT as well. > > I've heard of something called "jailshell" as offered on some control > panels like cPanel, but not sure what it actually is. So I know its > possible... just haven't found a reliable way. Advanced users can probably > figure out ways to break out of the jail, but at least it helps a bit. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SSH access restrictions
> Hi, > > Just a quick question on libpam-chroot. > > This package is not availalbe in 'stable'. > I've only ever used 'stable'. > > It should be OK to grab this package from 'testing' and use it hey ? Usually you can't... as they have dependency problems. What you need is a "backport" to stable... search on Google for one (http://www.apt-get.org/ is one) and see if anyone has a backport for it. Hopefully they do... I'd be interested in CHROOT as well. I've heard of something called "jailshell" as offered on some control panels like cPanel, but not sure what it actually is. So I know its possible... just haven't found a reliable way. Advanced users can probably figure out ways to break out of the jail, but at least it helps a bit. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SSH access restrictions
Hi, Just a quick question on libpam-chroot. This package is not availalbe in 'stable'. I've only ever used 'stable'. It should be OK to grab this package from 'testing' and use it hey ? Thanks again Regards Rudi. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SSH access restrictions
Thanks Marc, Thanks also to Russel. > I did it with pam_chroot which is really nice Great - I'll start looking here. Currently we only really offer FTP access but would like to include SSH access too. I know with the right permissions a user account cannot do any damage but I would just like to prevent these people from snooping around. I want to allow users to be able to SSH in and use things like Postgresql, mysql and cron but not read /etc/passwd or /etc/mail/virtusertable etc. etc. Many thanks. Best regards Rudi. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SSH access restrictions
* Rudi Starcevic schrieb am 18.10.03 um 03:23 Uhr: > Hi, > > Is there anyway to resistict a non-root user's shell account ? > > For example once he/she is logged in is there any way to deny, say, > reading the /etc/passwd file ? > Can they be restricted like the way a user can be restricted using FTP ? > > I know I could use a tool like Snort to watch whats going out , for > example /etc/passwd, except > using SSH because it's encrypted. > > To my knowledge so far I cannot prevent an SSH user from reading system > files. > > Cheers > Rudi. > > Hi Rudi, I had the same "problem". Finally I set up a chroot environment for ssh users. I did it with pam_chroot which is really nice.. -Marc -- ° what is the legal age to buy alcoholic in england ? ° ° you cant buy alcoholics ° ° but if you wink the right way, ° ° some of them will follow you home for free ° -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]