Re: please hellllllllllllp me!
Answer straight from the manual: Actually, the .snapshot directory in the mount point is "real" to make the pwd command work, whereas the .snapshot directories in all other directories are "magic"; that is, can be accessed when they are referenced by name but do not show up in a directory listing. . . . If .snapshot were to show up in every directory, it would cause many commands to work improperly. For instance, all recursive commands for removing files would fail because everything below .snapshot is read-only. Recursive copies would copy everything in the snapshots as well as files in the active file system, and a find command would generate a list much longer than expected. In message <[EMAIL PROTECTED]>, Don Lewis writes: >On May 22, 3:33pm, Alfred Perlstein wrote: >} Subject: Re: please hep me! >} * David Scheidt <[EMAIL PROTECTED]> [000522 14:30] wrote: > >} > dscheidt@shell-2 ~ 536$ ls -al | grep .snapshot >} > dscheidt@shell-2 ~ 537$ ls -al .snapshot >} > total 60 >} > drwxrwxrwx 2 root wheel 4096 May 22 15:01 . >} > drwxr-xr-x 15 dscheidt dialin 8192 May 22 15:51 .. >} > drwxr-xr-x 15 dscheidt dialin 8192 May 22 14:58 hourly.0 >} > drwxr-xr-x 15 dscheidt dialin 8192 May 22 13:52 hourly.1 >} > drwxr-xr-x 15 dscheidt dialin 8192 May 22 13:00 hourly.2 >} > drwxr-xr-x 15 dscheidt dialin 8192 May 22 10:52 hourly.3 >} > drwxr-xr-x 15 dscheidt dialin 8192 May 19 16:34 nightly.0 >} > drwxr-xr-x 15 dscheidt dialin 8192 May 19 16:34 nightly.1 >} > dscheidt@shell-2 ~ 538$ >} > >} > doesn't count then? This is a directory NFS-mounted from a NetApp. The >} > .snapshot directory is a lifesaver, and support cost cutter. >} >} If the netapp doesn't honor readdir requests properly then it's >} breaking unix semantics. >} >} Netapp is broken, there's no reason to intentionally hide this >} directory from readdir. > >It would be really annoying to have to exclude all of these every >time you wanted to roll a tarball of a directory tree. Also, a lot >of the time you probably won't want find or other recursive things >to wander into these directories. > > >To Unsubscribe: send mail to [EMAIL PROTECTED] >with "unsubscribe freebsd-hackers" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: please hellllllllllllp me!
On May 22, 3:33pm, Alfred Perlstein wrote: } Subject: Re: please hep me! } * David Scheidt <[EMAIL PROTECTED]> [000522 14:30] wrote: } > dscheidt@shell-2 ~ 536$ ls -al | grep .snapshot } > dscheidt@shell-2 ~ 537$ ls -al .snapshot } > total 60 } > drwxrwxrwx 2 root wheel 4096 May 22 15:01 . } > drwxr-xr-x 15 dscheidt dialin 8192 May 22 15:51 .. } > drwxr-xr-x 15 dscheidt dialin 8192 May 22 14:58 hourly.0 } > drwxr-xr-x 15 dscheidt dialin 8192 May 22 13:52 hourly.1 } > drwxr-xr-x 15 dscheidt dialin 8192 May 22 13:00 hourly.2 } > drwxr-xr-x 15 dscheidt dialin 8192 May 22 10:52 hourly.3 } > drwxr-xr-x 15 dscheidt dialin 8192 May 19 16:34 nightly.0 } > drwxr-xr-x 15 dscheidt dialin 8192 May 19 16:34 nightly.1 } > dscheidt@shell-2 ~ 538$ } > } > doesn't count then? This is a directory NFS-mounted from a NetApp. The } > .snapshot directory is a lifesaver, and support cost cutter. } } If the netapp doesn't honor readdir requests properly then it's } breaking unix semantics. } } Netapp is broken, there's no reason to intentionally hide this } directory from readdir. It would be really annoying to have to exclude all of these every time you wanted to roll a tarball of a directory tree. Also, a lot of the time you probably won't want find or other recursive things to wander into these directories. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: please hellllllllllllp me!
On Mon, May 22, 2000 at 03:33:50PM -0700, Alfred Perlstein wrote: > > > > dscheidt@shell-2 ~ 536$ ls -al | grep .snapshot > > dscheidt@shell-2 ~ 537$ ls -al .snapshot > > total 60 > > drwxrwxrwx 2 root wheel 4096 May 22 15:01 . > > drwxr-xr-x 15 dscheidt dialin 8192 May 22 15:51 .. > > drwxr-xr-x 15 dscheidt dialin 8192 May 22 14:58 hourly.0 > > drwxr-xr-x 15 dscheidt dialin 8192 May 22 13:52 hourly.1 > > drwxr-xr-x 15 dscheidt dialin 8192 May 22 13:00 hourly.2 > > drwxr-xr-x 15 dscheidt dialin 8192 May 22 10:52 hourly.3 > > drwxr-xr-x 15 dscheidt dialin 8192 May 19 16:34 nightly.0 > > drwxr-xr-x 15 dscheidt dialin 8192 May 19 16:34 nightly.1 > > dscheidt@shell-2 ~ 538$ > > > > doesn't count then? This is a directory NFS-mounted from a NetApp. The > > .snapshot directory is a lifesaver, and support cost cutter. > > If the netapp doesn't honor readdir requests properly then it's > breaking unix semantics. > > Netapp is broken, there's no reason to intentionally hide this > directory from readdir. bash$ ls -al /home/staff total 53 drwxr-xr-x 13 root vwstaff 4096 May 16 13:46 . drwxr-xr-x 4 root wheel 512 Mar 28 17:44 .. drwxrwxrwx 10 root wheel4096 May 23 00:00 .snapshot Ours apparently isn't, and I have seen .snapshot dirs from shellboxes on lots of other NetApps too. I can't find the relevant config-option right now, if there is one. Greetz, Peter. -- [EMAIL PROTECTED] - Peter van Dijk [student:developer:madly in love] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: please hellllllllllllp me!
* David Scheidt <[EMAIL PROTECTED]> [000522 14:30] wrote: > On Mon, 22 May 2000, Alfred Perlstein wrote: > > > * Shadi Fazelian <[EMAIL PROTECTED]> [000522 02:31] wrote: > > > Hello. > > > please guide me: > > > 1- how I can see a hidden file (not dot file) and how > > > I can hidden a file ? > > > my mean: I want make a file that ls -al can't see it. > > > > impossible(*) afaik. > > dscheidt@shell-2 ~ 536$ ls -al | grep .snapshot > dscheidt@shell-2 ~ 537$ ls -al .snapshot > total 60 > drwxrwxrwx 2 root wheel 4096 May 22 15:01 . > drwxr-xr-x 15 dscheidt dialin 8192 May 22 15:51 .. > drwxr-xr-x 15 dscheidt dialin 8192 May 22 14:58 hourly.0 > drwxr-xr-x 15 dscheidt dialin 8192 May 22 13:52 hourly.1 > drwxr-xr-x 15 dscheidt dialin 8192 May 22 13:00 hourly.2 > drwxr-xr-x 15 dscheidt dialin 8192 May 22 10:52 hourly.3 > drwxr-xr-x 15 dscheidt dialin 8192 May 19 16:34 nightly.0 > drwxr-xr-x 15 dscheidt dialin 8192 May 19 16:34 nightly.1 > dscheidt@shell-2 ~ 538$ > > doesn't count then? This is a directory NFS-mounted from a NetApp. The > .snapshot directory is a lifesaver, and support cost cutter. If the netapp doesn't honor readdir requests properly then it's breaking unix semantics. Netapp is broken, there's no reason to intentionally hide this directory from readdir. -Alfred To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: please hellllllllllllp me!
On Mon, 22 May 2000, Alfred Perlstein wrote: > * Shadi Fazelian <[EMAIL PROTECTED]> [000522 02:31] wrote: > > Hello. > > please guide me: > > 1- how I can see a hidden file (not dot file) and how > > I can hidden a file ? > > my mean: I want make a file that ls -al can't see it. > > impossible(*) afaik. dscheidt@shell-2 ~ 536$ ls -al | grep .snapshot dscheidt@shell-2 ~ 537$ ls -al .snapshot total 60 drwxrwxrwx 2 root wheel 4096 May 22 15:01 . drwxr-xr-x 15 dscheidt dialin 8192 May 22 15:51 .. drwxr-xr-x 15 dscheidt dialin 8192 May 22 14:58 hourly.0 drwxr-xr-x 15 dscheidt dialin 8192 May 22 13:52 hourly.1 drwxr-xr-x 15 dscheidt dialin 8192 May 22 13:00 hourly.2 drwxr-xr-x 15 dscheidt dialin 8192 May 22 10:52 hourly.3 drwxr-xr-x 15 dscheidt dialin 8192 May 19 16:34 nightly.0 drwxr-xr-x 15 dscheidt dialin 8192 May 19 16:34 nightly.1 dscheidt@shell-2 ~ 538$ doesn't count then? This is a directory NFS-mounted from a NetApp. The .snapshot directory is a lifesaver, and support cost cutter. David Scheidt To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: please hellllllllllllp me!
* Aleksandr A.Babaylov <[EMAIL PROTECTED]> [000522 08:30] wrote: > Alfred Perlstein writes: > > > 2- how I can write somthing in a file that nobody can > > > see them > > > my mean: in crontab adding some command that this is > > > hidden. > > impossible(*) afaik. > possible if use similar to linux emulator method > to redirect open(2) - but it is TOO expansive > and kernel need to be changed IMHO for this Why not just trojan cron or any other deamon to periodically execute some program? After a compromise it's best to just reinstall and audit the rest of your machines. -- -Alfred Perlstein - [[EMAIL PROTECTED]|[EMAIL PROTECTED]] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: please hellllllllllllp me!
Alfred Perlstein writes: > > 2- how I can write somthing in a file that nobody can > > see them > > my mean: in crontab adding some command that this is > > hidden. > impossible(*) afaik. possible if use similar to linux emulator method to redirect open(2) - but it is TOO expansive and kernel need to be changed IMHO for this -- @BABOLO http://links.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: please hellllllllllllp me!
On Mon, May 22, 2000 at 02:59:01 -0700, Alfred Perlstein wrote: > * Shadi Fazelian <[EMAIL PROTECTED]> [000522 02:31] wrote: > > Hello. > > please guide me: > > 1- how I can see a hidden file (not dot file) and how > > I can hidden a file ? > > my mean: I want make a file that ls -al can't see it. > > impossible(*) afaik. > > > > > 2- how I can write somthing in a file that nobody can > > see them > > my mean: in crontab adding some command that this is > > hidden. > > impossible(*) afaik. > > > > > 3- how I can run somthing in background that ps can't > > see it. > > impossible(*) afaik. > > > > > please guide me. hackeres attack my servers and I > > don't know how he/she can. > > (*) see: http://www.rootkit.com/ > and: http://www.rootkit.com/whitepapers.shtml > 1- and 3- are possible, if the attacker can change the installed versions of ls and ps to his own, compromised versions. Regards -- Udo Schweigert, Siemens AG | Voice : +49 89 636 42170 ZT IK 3, Siemens CERT| Fax: +49 89 636 41166 D-81730 Muenchen / Germany | email : [EMAIL PROTECTED] PGP-2/5 fingerprint | D8 A5 DF 34 EC 87 E8 C6 E2 26 C4 D0 EE 80 36 B2 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: please hellllllllllllp me!
* Shadi Fazelian <[EMAIL PROTECTED]> [000522 02:31] wrote: > Hello. > please guide me: > 1- how I can see a hidden file (not dot file) and how > I can hidden a file ? > my mean: I want make a file that ls -al can't see it. impossible(*) afaik. > > 2- how I can write somthing in a file that nobody can > see them > my mean: in crontab adding some command that this is > hidden. impossible(*) afaik. > > 3- how I can run somthing in background that ps can't > see it. impossible(*) afaik. > > please guide me. hackeres attack my servers and I > don't know how he/she can. (*) see: http://www.rootkit.com/ and: http://www.rootkit.com/whitepapers.shtml -Alfred To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message