Re: e-mail to root
On Dec 20, 2007 4:20 PM, jekillen <[EMAIL PROTECTED]> wrote: > Thank you kindly for the info; De nada - pass it along when you have the chance. > I have been reading the handbook. I have it installed as html on my > everyday work machine. Having a web server on localhost is great. > It does cover portupgrade, portsnap, ports and all that but it was just > the e-mails to root that had me confused. Does this also cover the > setuid question also? I don't remember, quite frankly. I just know that I get two emails each day from each of my machines, take a quick look at them, and act on them as appropriate. > I also have the new Absolute FreeBSD, and the hard copy manual > obtained through FreeBSD Mall. I had a problem with e-mail messages > to root some time ago that were showing up every 11 minutes. I look > into crontab and found one script that was set to run every 11 minutes. > I opened the script file and read the authors e-mail address and sent > him an e-mail on the problem. He responded scolding me for putting > commands in rc.conf. Sure enough, though I did not have explicit > commands > in it, I did have the syntax wrong. Who would have guess that a script > dealing with entropy would complain because of problems with rc.conf? > That is an example of question that might arise that could use some > specific coverage in documentation. Who would have guessed? Someone with more experience, or someone with good documentation in hand who's read it. If the documentation is lacking, I'll bet there are people who would appreciate your input. Seriously. I've absorbed my knowledge from so many sources (books, magazines, lists like this one) over such a long period of time, that I can no longer remember where I got any particular fact, in most cases. That's not always a good thing. BTW - If you're [contemplating] doing sysadmin work professionally, I'd highly recommend the following books. The first two are recommended even if you're doing this as a hobby. The Limoncelli book I recommend especially highly to anyone in their early-to-middle career as a sysadmin who wants a coherent way to look at the craft. I have just ordered the 2nd edition, after reading the 1st a couple of times. http://www.bookpool.com/sm/0130206016 http://www.bookpool.com/sm/0201702452 http://www.bookpool.com/sm/0596003439 http://www.bookpool.com/sm/0321492668 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: e-mail to root
On Dec 19, 2007, at 7:30 PM, Kurt Buff wrote: On Dec 19, 2007 6:54 PM, jekillen <[EMAIL PROTECTED]> wrote: Hello: Is there a manual or other publication that deals specifically with reading e-mail messages to root for FreeBSD? I have gotten a message: setuid diffs: --- /var/log/setuid.today Sat Sep 8 03:01:34 2007 +++ /tmp/security.9Jz0CWds Wed Dec 19 03:01:38 2007 followed by references to various programs then the next segment: Checking for a current audit database: Downloading fresh database. auditfile.tbz 46 kB 42 kBps New database installed. Database created: Wed Dec 19 14:40:00 PST 2007 Checking for packages with security vulnerabilities: followed by numerous references to programs and files on the FreeBSD site. and I do not know quite what this means. It means that you have portaudit installed, and it's run as part of the daily scripts. That's a good thing. I'd recommend consulting the portaudit man page What it's found are packages on your machine that have security bulletins against them - that is, the packages named have vulnerabilities known to the FreeBSD Security team, which they believe should be patched. There's a link to the bulletin for each one - I think you'll find it enlightening to read some or all of them. I'd do a 'pkg_add -r portupgrade' to install that package, do a cvsup to get a current ports tree, then assess, very carefully, what you want to upgrade. IMHO all of the packages mentioned should probably get upgraded, unless you have *exceptional* reasons not to. To upgrade you can do 'portupgrade ' for each package named, or if you're feeling bold, 'portupgrade -aRr'. I know that setuid is cause for concern. I have three other machines with FreeBSD, with one going back over a year of virtually continuous 24/7 operation and this is the first time I have seen this type of message. For the programs reported with security problems it begs the question of dependencies if they are removed or updated. Some references are to cups and fetchmail neither of which I use or have use for, that I am aware of. Portupgrade will take care of dependencies. No worries, though you should also peruse the man page for portupgrade to get your knowledge up. This particular machine is primarily a web server. It does have Postfix running but just uses local delivery and only listens on private network interface. I am also a little dubious about posting any specifics to a public mailing list. I am admittedly a novice at this (on all my own systems so no one else's behind is on the line). Short of paying consultation fees to someone, this is about the only live contact I have on the subject. Thanks in advance for info: We were all novices - I still am, in far too many ways. Don't sweat it, and keep asking questions. Also, start reading the FreeBSD Handbook - it's online, and also downloadable, and covers this very topic. Kurt Thank you kindly for the info; I have been reading the handbook. I have it installed as html on my everyday work machine. Having a web server on localhost is great. It does cover portupgrade, portsnap, ports and all that but it was just the e-mails to root that had me confused. Does this also cover the setuid question also? I also have the new Absolute FreeBSD, and the hard copy manual obtained through FreeBSD Mall. I had a problem with e-mail messages to root some time ago that were showing up every 11 minutes. I look into crontab and found one script that was set to run every 11 minutes. I opened the script file and read the authors e-mail address and sent him an e-mail on the problem. He responded scolding me for putting commands in rc.conf. Sure enough, though I did not have explicit commands in it, I did have the syntax wrong. Who would have guess that a script dealing with entropy would complain because of problems with rc.conf? That is an example of question that might arise that could use some specific coverage in documentation. Jeff K ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: e-mail to root
On Dec 19, 2007 6:54 PM, jekillen <[EMAIL PROTECTED]> wrote: > Hello: > Is there a manual or other publication that deals specifically with > reading e-mail messages to root for FreeBSD? I have gotten a > message: > > setuid diffs: > --- /var/log/setuid.today Sat Sep 8 03:01:34 2007 > +++ /tmp/security.9Jz0CWds Wed Dec 19 03:01:38 2007 > > followed by references to various programs > > then the next segment: > Checking for a current audit database: > > Downloading fresh database. > auditfile.tbz 46 kB 42 kBps > New database installed. > Database created: Wed Dec 19 14:40:00 PST 2007 > > Checking for packages with security vulnerabilities: > > followed by numerous references to programs and > files on the FreeBSD site. > > and I do not know quite what this means. It means that you have portaudit installed, and it's run as part of the daily scripts. That's a good thing. I'd recommend consulting the portaudit man page What it's found are packages on your machine that have security bulletins against them - that is, the packages named have vulnerabilities known to the FreeBSD Security team, which they believe should be patched. There's a link to the bulletin for each one - I think you'll find it enlightening to read some or all of them. I'd do a 'pkg_add -r portupgrade' to install that package, do a cvsup to get a current ports tree, then assess, very carefully, what you want to upgrade. IMHO all of the packages mentioned should probably get upgraded, unless you have *exceptional* reasons not to. To upgrade you can do 'portupgrade ' for each package named, or if you're feeling bold, 'portupgrade -aRr'. > I know that setuid is cause > for concern. I have three other machines with FreeBSD, with one > going back over a year of virtually continuous 24/7 operation and > this is the first time I have seen this type of message. For the > programs > reported with security problems it begs the question of dependencies > if they are removed or updated. Some references are to cups and > fetchmail > neither of which I use or have use for, that I am aware of. Portupgrade will take care of dependencies. No worries, though you should also peruse the man page for portupgrade to get your knowledge up. > This > particular > machine is primarily a web server. It does have Postfix running but just > uses local delivery and only listens on private network interface. > I am also a little dubious about posting any specifics to a public > mailing > list. > I am admittedly a novice at this (on all my own systems so no one > else's behind is on the line). Short of paying consultation fees to > someone, this is about the only live contact I have on the subject. > Thanks in advance for info: We were all novices - I still am, in far too many ways. Don't sweat it, and keep asking questions. Also, start reading the FreeBSD Handbook - it's online, and also downloadable, and covers this very topic. Kurt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
e-mail to root
Hello: Is there a manual or other publication that deals specifically with reading e-mail messages to root for FreeBSD? I have gotten a message: setuid diffs: --- /var/log/setuid.today Sat Sep 8 03:01:34 2007 +++ /tmp/security.9Jz0CWds Wed Dec 19 03:01:38 2007 followed by references to various programs then the next segment: Checking for a current audit database: Downloading fresh database. auditfile.tbz 46 kB 42 kBps New database installed. Database created: Wed Dec 19 14:40:00 PST 2007 Checking for packages with security vulnerabilities: followed by numerous references to programs and files on the FreeBSD site. and I do not know quite what this means. I know that setuid is cause for concern. I have three other machines with FreeBSD, with one going back over a year of virtually continuous 24/7 operation and this is the first time I have seen this type of message. For the programs reported with security problems it begs the question of dependencies if they are removed or updated. Some references are to cups and fetchmail neither of which I use or have use for, that I am aware of. This particular machine is primarily a web server. It does have Postfix running but just uses local delivery and only listens on private network interface. I am also a little dubious about posting any specifics to a public mailing list. I am admittedly a novice at this (on all my own systems so no one else's behind is on the line). Short of paying consultation fees to someone, this is about the only live contact I have on the subject. Thanks in advance for info: Jeff K ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"