Troubles running KDM after upgrading Xorg v7
Hello list. I am running a box with debian testing and I had some troubles running KDM after upgrading to Xorg v.7. After watching syslog the fix was simple: the file /usr/bin/X was missing. I just created a link /usr/bin/X -> /usr/bin/Xorg. Perhaps I shall better modify some init script variable to make it launch 'Xorg' instead of 'X' ? I did just breake it by accident or someone else has experienced the same kind of trouble with the Xorg upgrade ? Cheers! Josep SERRANO -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Troubles related to VMWare after upgrading Debian to Xorg v7
Hello list. Here some hints related to VMWare I found after upgrading a debian box to Xorg7 in a hosted system. If you download a package xserver-xorg-video-all it will install for you all video drivers. Actually you just need the package xserver-xorg-video-vmware and you can remove all other packages installed by the xserver-xorg-video-all. So fra it works good. Now if you want to use a VMWare mouse driver you don't find it in the list of xserver-xorg-input-* packages. The quick fix is: 1- Install vmware tools if don't have it already. 2- cp /usr/lib/vmware-tools/configurator/XOrg/6.8.x/vmmouse_drv.o /usr/lib/xorg/modules/input/. 3- Modify your xorg.conf to use the mouse driver 'vmmouse'. Hope it helps. Josep SERRANO -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: security issues with apache!
Hello Petter The actual list for security issues is debian-security. The address of this list its on the CC. We can now leave debian-user and switch our discussion into debian-security. This is quite hole! Can't believe there's such a big spot in Apache / Sarge and we didn't heard of it. Can you please share more details with us? Give us your current package versions of apache (using dpkg -s for example). If you suspect the installation could be compromised run a test on the checksums. Your access logs could contain precious information. Have a look at them and post to the list any significant parts (removing any ip/host address you don't want to get published). We still don't know for what do you use your apache. Most of the problems come from poor PHP scripts. What scripts/services are you running in this server? Can you post a sample of your netstat, your list of process for user www-data, and a sample of the files you find in your /tmp ? Regards, Josep SERRANO > Hi > > I'm not completely new to Debian or Linux, but I wouldn't classify > myself as a battlescarred sysadmin just yet :) > > Anyways. My problem is security-related, and I hope that I'm posting to > the correct list as well as hoping that someone can help me out here. > > Recently I've noticed that my Apache-installation gets violated and that > an intruder somehow manages to put stuff in /tmp and /var/tmp. Then it > makes Apache execute these. Unfortunately these are some rather nasty > things, mostly portscanners and bruteforce-attacks. They are all easily > detected with netstat, and at least once a day I have to go in and kill > the processes spawned by www-data (the user that runs Apache) as well as > delete the offending files. > > Now, like I said - I'm not a pro, I'm trying to learn by doing. > Unfortunately how this happens is way over my experience, and now I > could really use some help in fixing this leak. I've narrowed it down to > Apache only, but I have no clue as to how to seal the leak. I'm running > a small server in my home using (mostly) Debian Sarge. This is a real > Frankenstein-machine as it was originally a Woody-box, but it's been > upgraded with bits from all over. It's been running pretty much > constantly for three years. Of course I apply security fixes when they > arrive, but I don't know if the source of these intrusions is Apache or > just that I have managed to fubar some setting somewhere, allowing an > attacker to make Apache execute code. > > Essentially the machine is Debian Sarge, with MySQL and PHP4. There are > other services running on it, but I've noticed that the > intrusions/code-executions only happen through Apache. MySQL only > listens on localhost and accepts no connections from the outside. Hence, > I hope that this is limited to Apache. Apache is 1.3.x, MySQL 4.0.24 and > PHP 4.3 > > I deeply appreciate any help that can make me seal this leak! Thank you > all in advance! > > /petter senften > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sitebar
Thanks for your reply Jon >> I tried contacting the maintainer but had no answer. Is this package >> dead? > > How long ago? See "Dealing with inactive and/or unreachable maintainers" > in the Developer's Reference[1]. > Just one week. I read the reference you pointed. I'll wait some more time and eventually I'll send another reminder. I really like sitebar. > If the maintainer doesn't wake up then you will have to wait until > someone else does the package -- a NMU (non maintainer upload) by a > different developer or by a non-DD (e.g. you) sponsored by an existing > DD. I hope the maintainer is still there. I don't have any experience building debian packages :-( Cheers, Josep SERRANO -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Sitebar
Any debianites are using sitebar? I do and I wonder why it is stalled in version 3.2.6-7 since last year:(http://packages.qa.debian.org/s/sitebar.html) I tried contacting the maintainer but had no answer. Is this package dead? There are a few open bugs in the current debian version. The actual stable version at sitebar.org is 3.3.7. Can we expect any updates to the debian package? Thanks, Josep SERRANO -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cleaning /tmp regularly using bootclean.sh + crond
Hello all again. So what do we do? What is the cron/multi-user safe way to clean up regularly /tmp ? I checked the way bootclean.sh is implemented: if cd /tmp && [ "`find . -maxdepth 0 -perm -002`" = "." ] then # First remove all old files. find . -depth -xdev $TEXPR $EXCEPT \ ! -type d -print0 | xargs -0r rm -f # And then all empty directories. find . -depth -xdev $DEXPR $EXCEPT \ -type d -empty -exec rmdir \{\} \; rm -f .X*-lock fi So, "find" doesn't follow symlinks by default right? Where is the risk in removing other files outside /tmp by means of symlinks? Man find says: (...) -P Never follow symbolic links. This is the default behaviour. When find examines or prints information a file, and the file is a symbolic link, the information used shall be taken from the properties of the symbolic link itself. cheers Josep SERRANO >> Yes, tmpreaper does the job. But here I was preteding to simply reuse the >> bootclean.sh by simply making a symlink. Why installing an addittional >> package if you already have the stuff to the the job? >> >> Maybe I am wrong and it is a bad idea using bootclean.sh in crond ? > > Generally speaking, unless you know for sure, you don't want to assume > something is cron-safe. > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cleaning /tmp regularly using bootclean.sh + crond
> On Friday 17 February 2006 07:29, Josep Serrano wrote: >> Do you guys clean regularly your /tmp ? > > Yup. The tmpreaper package is great for that. > Yes, tmpreaper does the job. But here I was preteding to simply reuse the bootclean.sh by simply making a symlink. Why installing an addittional package if you already have the stuff to the the job? Maybe I am wrong and it is a bad idea using bootclean.sh in crond ? Cheers Josep SERRANO. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Cleaning /tmp regularly using bootclean.sh + crond
Do you guys clean regularly your /tmp ? There's a nice script in /etc/init.d/bootclean.sh that does the job. It is called from mountall.sh at boot time. And it is so nice that is reads the configuration in /etc/default/rcS where you can set TMPTIME to the number of days you want hold old files in /tmp. But it only runs at boot time. I was thiking I'll make my own clean-up script that will be launched by crond. But why remake the wheel? Can I simply symlink /etc/init.d/bootclean.sh in /etc/cron.daily ? If this strategy is good, can we suggest that debian implements so by default? Eventually a new variable somewhere in /etc/default would enable/disable the execution of bootclean.sh by crond. BTW: Why bootclean.sh is the only script in /etc/init.d which is not flagged as executable? Your comments are welcome, Josep SERRANO. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Cleaning /tmp regularly using bootclean.sh + crond
Do you guys clean regularly your /tmp ? There's a nice script in /etc/init.d/bootclean.sh that does the job. It is called from mountall.sh at boot time. And it is so nice that is reads the configuration in /etc/default/rcS where you can set TMPTIME to the number of days you want hold old files in /tmp. But it only runs at boot time. I was thiking I'll make my own clean-up script that will be launched by crond. But why remake the wheel? Can I simply symlink /etc/init.d/bootclean.sh in /etc/cron.daily ? If this strategy is good, can we suggest that debian implements so by default? Eventually a new variable somewhere in /etc/default would enable/disable the execution of bootclean.sh by crond. BTW: Why bootclean.sh is the only script in /etc/init.d which is not flagged as executable? Your comments are welcome, Josep SERRANO. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Unable to use sftp with root account
Hi lucato > > the init.d script that start sshd is the debian default: (..) > $SSHD_OPTS is an empty variable in /etc/default/ssh: If you are using default init with enpty options then sshd reads the configuration file in /etc/ssh/sshd_config. That's fine. Now your local sftp client log has some good information: (...) > debug1: Next authentication method: password > [EMAIL PROTECTED]'s password: > debug1: Authentication succeeded (password). The login handshake works. At this point you did login in ssh with sucess. > debug1: channel 0: new [client-session] > debug1: Entering interactive session. > debug1: Sending environment. > debug1: Sending env LANG = [EMAIL PROTECTED] > debug1: Sending subsystem: sftp > Received message too long 538976288 Here something is messing up the protocol. It may happen because of some startup file or because of some weird setting. Did you change any environment/startup file recently? Check all your .profile .login ... files. The ones for the root user but also the system wide ones. Something is breaking the ssh protocol when your root environment is being initialized. Perhaps you can find what "message too long" is being send with the following command: ssh [EMAIL PROTECTED] /bin/true It should print whatever is being send at the initialization. The point is that sftp doesn't expect such a long message. Good luck, Josep SERRANO. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Unable to use sftp with root account
Hello lucato You have enabled remote root login in your sshd_config. Anyway doucle check that this is the actual configuration file being read when sshd starts (see your init scripts). To debug your problem try to use sftp in the local server from command line: sftp -v [EMAIL PROTECTED] paste your results back to the list and we'll help you. Josep SERRANO. On Thursday 16 February 2006 07:15 pm, [EMAIL PROTECTED] wrote: > Hello, I am used to connect to my LAN server using sftp (with tectia > client), logging in as "root". > My server is a Debian testing updated day by day. > Since 2 or 3 days I am unable to connecto to the server as "root". > If I try to connect with another account I get in; seems that some software > are blocking me if I try root access. > I looked in /etc/ssh/sshd_config and pam config but nothing's wrong. I also > tried to restore old configuration but nothing. > Any idea ? > > > /etc/ssh/sshd_config > > Port 22 > Protocol 2 > HostKey /etc/ssh/ssh_host_rsa_key > HostKey /etc/ssh/ssh_host_dsa_key > UsePrivilegeSeparation yes > KeyRegenerationInterval 3600 > ServerKeyBits 768 > SyslogFacility AUTH > LogLevel INFO > LoginGraceTime 120 > PermitRootLogin yes > StrictModes yes > RSAAuthentication yes > PubkeyAuthentication yes > IgnoreRhosts yes > RhostsRSAAuthentication no > HostbasedAuthentication no > PermitEmptyPasswords no > ChallengeResponseAuthentication no > X11Forwarding yes > X11DisplayOffset 10 > PrintMotd no > PrintLastLog yes > KeepAlive yes > AcceptEnv LANG LC_* > Subsystem sftp /usr/lib/openssh/sftp-server > UsePAM yes > > /etc/pam.d/login > > auth requisite pam_securetty.so > auth requisite pam_nologin.so > session required pam_env.so readenv=1 > @include common-auth > auth optional pam_group.so > @include common-account > @include common-session > sessionrequired pam_limits.so > sessionoptional pam_lastlog.so > sessionoptional pam_motd.so > sessionoptional pam_mail.so standard > @include common-password > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: install grub to second hard drive after raid installation
Hello Rodney Your strategy to mount grub to boot from a second HDD is right. Some comments: You'll need a hardware capable of booting from another HDD. Most of the modern PC BIOS allow to choose your boot media (HDD, CD, FLOPPY, even USB). > /boot/grun/menu.list > > title Debian GNU/Linux, kernel 2.6.8-2-686-smp > root(hd0,0) > kernel /boot/vmlinuz-2.6.8-2-686-smp root=/dev/md0 ro > initrd /boot/initrd.img-2.6.8-2-686-smp > savedefault > boot > > title Debian GNU/Linux, kernel 2.6.8-2-686-smp (recovery mode) > root(hd0,0) > kernel /boot/vmlinuz-2.6.8-2-686-smp root=/dev/md0 ro single > initrd /boot/initrd.img-2.6.8-2-686-smp > savedefault > boot > If you are building a RAID-1, you might configure a second entry in your grub menu to boot using your second disk as root. If your first disk is gone and you get to boot grub in your second disk, you'll need to run a root partition in the second disk, dont you? Regards, Josep SERRANO. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: different resolution on notebook LCD and VGA
Hello I have a laptop with widescreen LCD and I didn't manage to have a dual head configuration for both widescreen and external monitor at the same time. I have to different xorg configuration files and a set of scripts which can swtich between configurations and restart my X server. New ideas are welcome. Regards, Josep SERRANO. > maybe this is nonsense... is it possible to run x windows with > different resolution on the notebook LCD and different on the VGA out at > the same time? ideally i'd like to have the output 1024x768 on the LCD > and 1280x1024 sent to the VGA output (i want to connect it to another > LCD that has this resolution - 1024x768 indeed looks ugly on it...) > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim4 & SSL support
Marco, Do you have enabled the TLS macro somewhere? MAIN_TLS_ENABLE = true TLS will run in port 25. I guess this is also the rule with SSL. > log_selector = +tls_cipher +tls_peerdn > tls_advertise_hosts = * > tls_certificate = /etc/ssl/certs/exim4cert.pem > tls_privatekey = /etc/ssl/certs/exim4key.pem > > When exim is started, if I try a netstat -punta |grep exim4 command I > have this output : > tcp0 0 0.0.0.0:25 0.0.0.0:* > LISTEN 3781/exim4 > Exim don't use the port 465 (for smtps). > > Infact, if I try to connect with an TLS encryption is OK, but if I try > to connect with an SSL encryption (on port 25) > the connection fail. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Howto package squirrelmail plugins the Debian way (Was Re: Sieve client)
Hello all, Well apparently some of us are interested in the squirrelmail plugins. We should definetely push it. >> .. I feel this would be the best option. Security updates are >> important since all of this will be exposed to the net. Size doesn't >> matter, even if you'd install all known plugins it would use only a >> small amount of diskspace. Most of all, as Josep mentioned, this way >> the plugins would be upgradable too when moving to a new debian >> release. If the user would like to free up diskspace, deleting some >> plugins is a trivial task, but would apt be able to notice the >> deletions and act appropiately when upgrading? > > Depends on what you think is appropriate: apt (or rather, dpkg) will > simply restore the deleted files on upgrade (it cannot know which ones > were deleted intentionally). > > As plugins are only exposed when enabled by the admin in some way via a > config option in /etc/squirrelmail, I too feel this would be the best > solution if we were to package the plugins ourselves. > Obviously the mainstream solution can never satisfy everyone. In this case the mainstream package would not meet the requirements of people who just want a single plugin and want to keep low their disk usage. For the rest of the prosperous Debian admins who have enough disk space this package would suit their needs since they would only enable those plugins they need. There are 206 plugins available for squirrelmail. Thinking on maintenance I recon it can be a hell keeping updated a package with integrates sources from quite a few different developers. In the other hand, if we had one small debian package for each plugin (206!), wouldnt it be also a nightmare maintaining so many packages? One last idea: what about a squirrelmail plugin installer? It could read the plugins through HTTP and let the user select which ones must be installed. Thijs et all, although I am not experienced maintaining debian packages I would be happy helping you on this effort. Please keep me in your loop. Are we getting out of the scope of the debian users mailing list? Lets keep discussing somewhere else? Perhaps some squirrelmail mailing list? Regards, Josep Serrano -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Howto package squirrelmail plugins the Debian way (Was Re: Sieve client)
I got it working. It wasn't hard to install. Big thanks go to Peter Teunissen. To install any plugin you have to download the tarball and detar the package into your squirrelmail plugins directory. Eventually for each particular plugin some configuration file might be edited. I guess new updates of squirrelmail will break the plugins installed manually. My question now is how I could package the plugins the Debian way? Can we generalize a method for evey plugin or perhaps setup a package with all plugins? PD. I included the mantained of squirrelmail package in CC since he can bring some enlightment. Regards, Josep Serrano > Look on the squirrelmail site under plugins / filters: > > http://www.squirrelmail.org/plugin_view.php?id=73 > > I use the old stable branch, but looking at the new features in the > devel branch that might be interesting to... > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Sieve client
Hello I am writting you from Squireelmail :-) You don't read 100% pure email with full headers??? X-D So, where can I find or how do I enable this plugin please ? Thanks, Josep SERRANO. > > Squirrelmail webmail server has a sieve plugin that let's you create > elaborate filter / alert etc. rules graphically. You'd get access to > your sieve scripts from anywhere and a webmailserver as an added > bonus ;-) > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim4 & SSL support
Hi Marco It doesn't matter if you are using either heavy or light packages. You need to enable the macro MAIN_TLS_ENABLE somwhere in your configuration files. It depends if you are using monolitic or distributed configuration. Read the file in /etc/exim4/conf.d/main/03_exim4_config_tlsoptions and you'll see this macro enables the rest of the TLS options. Then you need to create a set of SSL keys with openssl. You can use the utility script exim-gencert for this purpose. One last important thing, check that the user running your SMTP daemon has read access to your SSL keys. Regards, Josep SERRANO > I have exim4-daemon-heavy (v. 4.50-8) installed on my Linux Box with > Debian Sarge. > > Can exim4 work with SSL support (port 465)? > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: utility to grab a web site
wget and curl are powerful tools. they can handle passwords, but also cookies, you can build your own HTTP headers, etc. Regards, Josep Serrano. > Try 'wget', it can even handle passwords > > On Sun, 2006-01-22 at 18:16 -0500, Edward Shornock wrote: >> On Sun, Jan 22, 2006 at 05:44:57PM -0500, Haines Brown wrote: >> > I have a need to recursively capture the entire contents of a large >> > web site that uses frames. What utility would accomplish this and >> > automatically reproduce the directory structure and populate the >> > directories with the files and images from the site? >> >> I think "httrack" should be able to accomplish this... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Sieve client
Hello Do you know of a good sieve client app for cyrus? I know Kmail has some short sieve functionality (vacation message). Here I am thinking of a more complex filtering / alerts / etc. Thanks, Josep SERRANO. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]