Re: e-mail to root

[Kurt Buff]

On Dec 20, 2007 4:20 PM, jekillen <[EMAIL PROTECTED]> wrote:



> Thank you kindly for the info;

De nada - pass it along when you have the chance.

> I have been reading the handbook. I have it installed as html on my
> everyday work machine. Having a web server on localhost is great.
> It does cover portupgrade, portsnap, ports and all that but it was just
> the e-mails to root that had me confused. Does this also cover the
> setuid question also?

I don't remember, quite frankly. I just know that I get two emails
each day from each of my machines, take a quick look at them, and act
on them as appropriate.

> I also have the new Absolute FreeBSD, and the hard copy manual
> obtained through FreeBSD Mall.  I had a problem with e-mail messages
> to root some time ago that were showing up every 11 minutes. I look
> into crontab and found one script that was set to run every 11 minutes.
> I opened the script file and read the authors e-mail address and sent
> him an e-mail on the problem. He responded scolding me for putting
> commands in rc.conf. Sure enough, though I did not have explicit
> commands
> in it, I did have the syntax wrong. Who would have guess that a script
> dealing with entropy would complain because of problems with rc.conf?
> That is an example of question that might arise that could use some
> specific coverage in documentation.

Who would have guessed? Someone with more experience, or someone with
good documentation in hand who's read it. If the documentation is
lacking, I'll bet there are people who would appreciate your input.
Seriously.

I've absorbed my knowledge from so many sources (books, magazines,
lists like this one) over such a long period of time, that I can no
longer remember where I got any particular fact, in most cases. That's
not always a good thing.

BTW - If you're [contemplating] doing sysadmin work professionally,
I'd highly recommend the following books. The first two are
recommended even if you're doing this as a hobby. The Limoncelli book
I recommend especially highly to anyone in their early-to-middle
career as a sysadmin who wants a coherent way to look at the craft. I
have just ordered the 2nd edition, after reading the 1st a couple of
times.

http://www.bookpool.com/sm/0130206016

http://www.bookpool.com/sm/0201702452

http://www.bookpool.com/sm/0596003439

http://www.bookpool.com/sm/0321492668
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: e-mail to root

[jekillen]

On Dec 19, 2007, at 7:30 PM, Kurt Buff wrote:


On Dec 19, 2007 6:54 PM, jekillen <[EMAIL PROTECTED]> wrote:

Hello:
Is there a manual or other publication that deals specifically with
reading e-mail messages to root for FreeBSD?  I have gotten a
message:

setuid diffs:
--- /var/log/setuid.today   Sat Sep  8 03:01:34 2007
+++ /tmp/security.9Jz0CWds  Wed Dec 19 03:01:38 2007

followed by references to various programs

then the next segment:
Checking for a current audit database:

Downloading fresh database.
auditfile.tbz   46 kB   42 
kBps

New database installed.
Database created: Wed Dec 19 14:40:00 PST 2007

Checking for packages with security vulnerabilities:

followed by numerous references to programs and
files on the FreeBSD site.

and I do not know quite what this means.


It means that you have portaudit installed, and it's run as part of
the daily scripts. That's a good thing.

I'd recommend consulting the portaudit man page

What it's found are packages on your machine that have security
bulletins against them - that is, the packages named have
vulnerabilities known to the FreeBSD Security team, which they believe
should be patched. There's a link to the bulletin for each one - I
think you'll find it enlightening to read some or all of them.

I'd do a 'pkg_add -r portupgrade' to install that package, do a cvsup
to get a current ports tree, then assess, very carefully, what you
want to upgrade. IMHO all of the packages mentioned should probably
get upgraded, unless you have *exceptional* reasons not to.

To upgrade you can do 'portupgrade ' for each package
named, or if you're feeling bold, 'portupgrade -aRr'.


I know that setuid is cause
for concern. I have three other machines with FreeBSD, with one
going back over a year of virtually continuous 24/7 operation and
this is the first time I have seen this type of message. For the
programs
reported with security problems it begs the question of dependencies
if they are removed or updated. Some references are to cups and
fetchmail
neither of which I use or have use for, that I am aware of.


Portupgrade will take care of dependencies. No worries, though you
should also peruse the man page for portupgrade to get your knowledge
up.


This
particular
machine is primarily a web server. It does have Postfix running but 
just

uses local delivery and only listens on private network interface.
I am also a little dubious about posting any specifics to a public
mailing
list.
I am admittedly a novice at this (on all my own systems so no one
else's behind is on the line). Short of paying consultation fees to
someone, this is about the only live contact I have on the subject.
Thanks in advance for info:


We were all novices - I still am, in far too many ways. Don't sweat
it, and keep asking questions. Also, start reading the FreeBSD
Handbook - it's online, and also downloadable, and covers this very
topic.

Kurt



Thank you kindly for the info;
I have been reading the handbook. I have it installed as html on my
everyday work machine. Having a web server on localhost is great.
It does cover portupgrade, portsnap, ports and all that but it was just
the e-mails to root that had me confused. Does this also cover the
setuid question also?
I also have the new Absolute FreeBSD, and the hard copy manual
obtained through FreeBSD Mall.  I had a problem with e-mail messages
to root some time ago that were showing up every 11 minutes. I look
into crontab and found one script that was set to run every 11 minutes.
I opened the script file and read the authors e-mail address and sent
him an e-mail on the problem. He responded scolding me for putting
commands in rc.conf. Sure enough, though I did not have explicit 
commands

in it, I did have the syntax wrong. Who would have guess that a script
dealing with entropy would complain because of problems with rc.conf?
That is an example of question that might arise that could use some
specific coverage in documentation.
Jeff K

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: e-mail to root

[Kurt Buff]

On Dec 19, 2007 6:54 PM, jekillen <[EMAIL PROTECTED]> wrote:
> Hello:
> Is there a manual or other publication that deals specifically with
> reading e-mail messages to root for FreeBSD?  I have gotten a
> message:
>
> setuid diffs:
> --- /var/log/setuid.today   Sat Sep  8 03:01:34 2007
> +++ /tmp/security.9Jz0CWds  Wed Dec 19 03:01:38 2007
>
> followed by references to various programs
>
> then the next segment:
> Checking for a current audit database:
>
> Downloading fresh database.
> auditfile.tbz   46 kB   42 kBps
> New database installed.
> Database created: Wed Dec 19 14:40:00 PST 2007
>
> Checking for packages with security vulnerabilities:
>
> followed by numerous references to programs and
> files on the FreeBSD site.
>
> and I do not know quite what this means.

It means that you have portaudit installed, and it's run as part of
the daily scripts. That's a good thing.

I'd recommend consulting the portaudit man page

What it's found are packages on your machine that have security
bulletins against them - that is, the packages named have
vulnerabilities known to the FreeBSD Security team, which they believe
should be patched. There's a link to the bulletin for each one - I
think you'll find it enlightening to read some or all of them.

I'd do a 'pkg_add -r portupgrade' to install that package, do a cvsup
to get a current ports tree, then assess, very carefully, what you
want to upgrade. IMHO all of the packages mentioned should probably
get upgraded, unless you have *exceptional* reasons not to.

To upgrade you can do 'portupgrade ' for each package
named, or if you're feeling bold, 'portupgrade -aRr'.

> I know that setuid is cause
> for concern. I have three other machines with FreeBSD, with one
> going back over a year of virtually continuous 24/7 operation and
> this is the first time I have seen this type of message. For the
> programs
> reported with security problems it begs the question of dependencies
> if they are removed or updated. Some references are to cups and
> fetchmail
> neither of which I use or have use for, that I am aware of.

Portupgrade will take care of dependencies. No worries, though you
should also peruse the man page for portupgrade to get your knowledge
up.

> This
> particular
> machine is primarily a web server. It does have Postfix running but just
> uses local delivery and only listens on private network interface.
> I am also a little dubious about posting any specifics to a public
> mailing
> list.
> I am admittedly a novice at this (on all my own systems so no one
> else's behind is on the line). Short of paying consultation fees to
> someone, this is about the only live contact I have on the subject.
> Thanks in advance for info:

We were all novices - I still am, in far too many ways. Don't sweat
it, and keep asking questions. Also, start reading the FreeBSD
Handbook - it's online, and also downloadable, and covers this very
topic.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

e-mail to root

[jekillen]

Hello:
Is there a manual or other publication that deals specifically with
reading e-mail messages to root for FreeBSD?  I have gotten a
message:

setuid diffs:
--- /var/log/setuid.today   Sat Sep  8 03:01:34 2007
+++ /tmp/security.9Jz0CWds  Wed Dec 19 03:01:38 2007

followed by references to various programs

then the next segment:
Checking for a current audit database:

Downloading fresh database.
auditfile.tbz   46 kB   42 kBps
New database installed.
Database created: Wed Dec 19 14:40:00 PST 2007

Checking for packages with security vulnerabilities:

followed by numerous references to programs and
files on the FreeBSD site.

and I do not know quite what this means. I know that setuid is cause
for concern. I have three other machines with FreeBSD, with one
going back over a year of virtually continuous 24/7 operation and
this is the first time I have seen this type of message. For the 
programs

reported with security problems it begs the question of dependencies
if they are removed or updated. Some references are to cups and 
fetchmail
neither of which I use or have use for, that I am aware of. This 
particular

machine is primarily a web server. It does have Postfix running but just
uses local delivery and only listens on private network interface.
I am also a little dubious about posting any specifics to a public 
mailing

list.
I am admittedly a novice at this (on all my own systems so no one
else's behind is on the line). Short of paying consultation fees to
someone, this is about the only live contact I have on the subject.
Thanks in advance for info:
Jeff K

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"