Re: [Leaf-devel] More on dates
David Douthitt wrote: > > On 2/8/02 at 5:23 AM, Mike Noyes <[EMAIL PROTECTED]> > wrote: > > > At 2002-02-08 00:43 -0600, David Douthitt wrote: > > > > >So how important is setting the time/date with date? Is rdate > > >(or ntpclient) enough? > > > I think it's important to have the correct date. My ISP > > NOC wont accept abuse reports without valid time stamps in > > syslog. > > That doesn't answer my questions > > > I use rdate on my current floppy to set the time on boot. > > rdate connects a server on my lan, and my server connects > > to a timeserver on the Internet with xntpd. I use this > > setup for two reasons. One, I feel it's more secure than > > having the router/firewall accessing a time server on the > > Internet. Two, rdate connections are refused by most > > timeservers on the Internet. > > WIth rdate, I'd say that's the way to go for all the reasons you > mentioned. So - can you do without "date -s" ? Frankly, managing nearly ten leaf/lrp systems, I do not have any problem with keeping time within one (1) second across all of them, using rdate. So, no -s is OK with me. However, since we are limited to shell scripting and my recent work on leaf has required me to compare dates and times, a working-as-advertised -d operation would simplify alot for me . . . What do you think? -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Preferred package/filesystem location ???
David Douthitt wrote: > > On 2/8/02 at 1:08 PM, Michael D. Schleif <[EMAIL PROTECTED]> wrote: > > > Hence, my interest in filesystem and file location standards . . . > > This is exactly the reason for the restrictive djbtools license - he > wants his code to be in EXACTLY the SAME place in EVERY SYSTEM, and > wants his code to work EXACTLY the SAME way EVERYWHERE. Go read his > explanation... > > This is also the reason for the Linux Filesystem Standard (LFS). > > I've already described how there are multiple "standards" - where does > the kernel go, for example? Where do new add-on packages go? > > Under HP-UX every new package goes in /opt// and new libraries, > manpages, and binaries get their paths added to the appropriate files. > The PATH and MANPATH are quite long > > Also under HP-UX, the use of /usr/local is discouraged; one is > encouraged to use /usr/contrib > > I don't place a lot of faith in standardizing on binary locations... I'm a devout believer in systems and process. We are dealing with a very small system with LEAF. The process of reaching consensus on conventions, such as filesystem management and program location, may seem trivial and without value to some; but, as this system grows, I guarantee that willy-nilly file placement is going to result in some application stomping on some namespace or another that some other application insists is its own ;< Having dealt with systems and processes for more than thirty (30) years, I place a high value on convention and standards. I am *NOT* talking about blind restrictions and stricture that chokes the creative spirit; rather, some simple, commonsense rule-of-thumb that guides the creative spirit. It's that spirit that brought me to this venture -- how about you? Personally, I have enough to do putting out fires in the bigger world, I do not have any compulsion to spend countless hours begrudging LEAF any type of quality control at all! What do you think? -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Re: ADM Write Protect
OK, a little back-ground on me, so maybe this makes a little more sense to follow. I have had 3 years of electronics schooling, a little over 2 years of Electrical engineering, and been a licensed electrician for around 4 years after a 5 year apprenticeship with specialties in digital control design and instrumentation. This doesn't mean a hill of beans other than I have a small notion how digital electronic devices are controlled on some level. My logic is somewhat different than a programmer when looking at devices such as data drives much of the time. I've been posting my thoughts without really going into an explanation of any depth ... maybe this will clarify what _is_ going on in _my_ head. > > a zero-ohm resistor is for circuit protection and yes pin 30 is > > ground on regular IDE as is pin 2. > > What does "circuit protection" mean? Ok, let's assume something internal in the ADM shorts out in a bad place We will also assume you are using the ADM as designed to use software via a special IDE controller to specify when and what is write-protected. This resistor has _no_ effect on the circuit _other_ than limiting the amount of current and voltage running across it. It technically should overload and burn out this resistor and protect the precious motherboard you just paid all this money for. In reality, this is almost never the case, but it is accepted good engineering practice from my experience. > I said the writing of *commands* not data. The lack of commands > is what yields the lockup, from my understanding. I was not > claming that write protect is possible by blocking DIOW or DIOR. > Rather it's the exact opposite as you found. Yes, I understood that, but I didn't state that I felt WP is possible w/o defining a software filter of _any_ kind, which is what I'm interpreting you saying on an extremely low-level here. You are defining what the manufacturer is intending to do and sell at a much higher price than a plug-in adapter to a toggle switch. > > > > If pin 30 is grounded (as normally done) and you add R8, > > R8 then grounds out pin 1 (reset) and _then_ the drive is write > > protected. > > The schematic show R8 exists. That's CS and my question > at this point, "Does R8 exist on an LD017 controller?" Probably not, the drive wasn't shipped to write-protect .. especially with a non-compliant ATA controller. They probably save around a nickel by not putting it in at all. The only reason pin 30 is used at all is for software filtering as stated on the data sheet. I interpet the data sheet as saying a jumper between pins 1 & 2 can be used _or_ pin 30 for software controller depending on the high/low state. > > Apparently the BIOS updated itself after the first boot and decided > > to work for me. > > > > What BIOS are you referring to, and how does it update itself? The motherboard BiOS. I can't really explain this. When you put a 20 Gig harddrive in a Cyrix 333, why does it hang for ~30 seconds before booting. Checking the drive tables for a known drive type , then uses the best guess if not known, I guess. I really don't know anything about how BIOS hd detection really works. > > > In a nutshell, jumpering pins 1 & 2 on a regular IDE setup from > > around 1996 will write-protect a regular IDE drive. I will try this > > with a harddrive as soon as I get around to Syslinux'ing one. > > I don't follow. Have you disconnect to wires to pins 1 and 2 on the > drive, left them floating, and tied pins 1 and 2 of the cable side > together? OK, you have two IDE connectors on the ribbon cable. Plug one into the drive. Now put a jumper, or wire in a switch, between wires 1 & 2 on the other drive plug. This simply grounds out pin 1 (reset) as the data sheet and the hardware tech alluded to. Is this going to work perfect on all drives/mb's/BIOS's ??? I don't know, it is now working on the one machine I tried with no problems. I can't say for anything else. > > Can anyone else try and verify this for me ??? > > I have a cable and an old IBM drive I can doink with. > I'll let you know. Thanks, I think this could be of use to a couple of people besides myself anyway. > Can I be a little lazy and ask you what the logic is that > your trying to accomplish? What does grounding the reset > line do? Something that will allow me to write-protect an IDE flash or CF drive in a 1U half-slot rack case. Write-protection will be pure hardware ideally. Maybe I'm just nuts, but it's lying there working as I wanted right now. I like to thank everyone for inspiring to make strange opinions and attempt weird tricks. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] More on dates
On 2/8/02 at 5:23 AM, Mike Noyes <[EMAIL PROTECTED]> wrote: > At 2002-02-08 00:43 -0600, David Douthitt wrote: > > >So how important is setting the time/date with date? Is rdate > >(or ntpclient) enough? > I think it's important to have the correct date. My ISP > NOC wont accept abuse reports without valid time stamps in > syslog. That doesn't answer my questions > I use rdate on my current floppy to set the time on boot. > rdate connects a server on my lan, and my server connects > to a timeserver on the Internet with xntpd. I use this > setup for two reasons. One, I feel it's more secure than > having the router/firewall accessing a time server on the > Internet. Two, rdate connections are refused by most > timeservers on the Internet. WIth rdate, I'd say that's the way to go for all the reasons you mentioned. So - can you do without "date -s" ? -- David Douthitt UNIX Systems Administrator HP-UX, Unixware, Linux [EMAIL PROTECTED] ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Preferred package/filesystem location ???
On 2/8/02 at 1:08 PM, Michael D. Schleif <[EMAIL PROTECTED]> wrote: > Hence, my interest in filesystem and file location standards . . . This is exactly the reason for the restrictive djbtools license - he wants his code to be in EXACTLY the SAME place in EVERY SYSTEM, and wants his code to work EXACTLY the SAME way EVERYWHERE. Go read his explanation... This is also the reason for the Linux Filesystem Standard (LFS). I've already described how there are multiple "standards" - where does the kernel go, for example? Where do new add-on packages go? Under HP-UX every new package goes in /opt// and new libraries, manpages, and binaries get their paths added to the appropriate files. The PATH and MANPATH are quite long Also under HP-UX, the use of /usr/local is discouraged; one is encouraged to use /usr/contrib I don't place a lot of faith in standardizing on binary locations... -- David Douthitt UNIX Systems Administrator HP-UX, Unixware, Linux [EMAIL PROTECTED] ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Re: ADM Write Protect
Mike Noyes wrote: > Matt, > You're assuming that I understood what the SST engineer was telling me, and > that I was able to express it correctly in my post. Neither of these things > is guaranteed, as I know next to nothing about electrical engineering. No problemo. We'll get it figured out soon enough. It's just the only thing interesting in my life right now. I'll find something else to do for a bit. Matt ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Re: ADM Write Protect
guitarlynn wrote: > > On Friday 08 February 2002 22:00, Matt Schalit wrote: > > > ATA-Disk module (ADM) and it's write-protect features: > > > > >Here is the 40pin 5V ADM schematic. This is using the LD017 > > > > >controller. In the schematic R8 is used as an option for WP. > > > > I think this is the crux. It's being used. It's being > > tied to ground by the presense of ground on IDE cable pin 30, > > and the existence of a zero-ohm resistor, ie. a short to gnd. > > a zero-ohm resistor is for circuit protection and yes pin 30 is ground > on regular IDE as is pin 2. What does "circuit protection" mean? > > Not a general feature if IDE I would agree. For a regular IDE drive, > > disconnecting or strapping an IDE pin low or high, such as DIOW or > > DIOR (23 or 25 I think) would interrupt the writing of command > > signals to the drive's onboard controller. At least that's how I > > understand it so far. > > Nope, pin 23 drops the acknowledgement of the drive itself out of the > BIOS "no drive found to boot". I tried this a couple of days ago > thinking the same thing. I said the writing of *commands* not data. The lack of commands is what yields the lockup, from my understanding. I was not claming that write protect is possible by blocking DIOW or DIOR. Rather it's the exact opposite as you found. > > > - If R8 is vacent, the device behaves normally (ie no > > > write-protect) > > > > I see the exact opposite. It's gnd now according to the docs with R8 > > present and it's write enabled. If you remove R8, then you are > > trying to do the opposite, ie protect it. But is floating it > > correct? > > If pin 30 is grounded (as normally done) and you add R8, > R8 then grounds out pin 1 (reset) and _then_ the drive is write > protected. The schematic show R8 exists. That's CS and my question at this point, "Does R8 exist on an LD017 controller?" > > If you've now read this far, you get the cookie. Earlier today I hacked > a jumper in an IDE cable between pin 1 (reset) and pin 2 (grnd) and > started the P166. The BIOS acknowledged the flash drive (not a CF, > but a regular IDE flash drive) and kept trying to reset the drive. It > started to boot and failed. I thought, "well that sucks" and left it > there. Just a couple of minutes ago, I was working by it and thought > I might just boot it again, which I did, but this time it wasn't > cycling the "reset" as it had before and booted. I logged in and tried > to mount the drive . it gave me io errors and would not mount the > drive. I rebooted 4 more times with the same exact results. I took the > jumper out and booted again, I could mount and write to the drive. Interesting. > Apparently the BIOS updated itself after the first boot and decided > to work for me. > What BIOS are you referring to, and how does it update itself? > In a nutshell, jumpering pins 1 & 2 on a regular IDE setup from around > 1996 will write-protect a regular IDE drive. I will try this with a > harddrive as soon as I get around to Syslinux'ing one. I don't follow. Have you disconnect to wires to pins 1 and 2 on the drive, left them floating, and tied pins 1 and 2 of the cable side together? > Can anyone else try and verify this for me ??? I have a cable and an old IBM drive I can doink with. I'll let you know. > I won't guarentee anything at this point other than it worked for me > on the only box I've tried it on. Can I be a little lazy and ask you what the logic is that your trying to accomplish? What does grounding the reset line do? Regards, Matthew ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Re: ADM Write Protect
At 2002-02-08 20:14 -0800, Matt Schalit wrote: >On the other hand, the tech told Mike the following: > > > I just got off the phone with one of the tech support > > guys at SST. He sent me the schematic for the ADM device. They > > placed a resister R-8 on the ADM that can be shunted to ground to > > enable WP. He said this will work with standard IDE/motherboard > > configurations. > >So the tech says that the resistor can be shunted to ground. >I thought that's what the schematic says it's doing because >pin30 on the IDE cable is ground. Matt, You're assuming that I understood what the SST engineer was telling me, and that I was able to express it correctly in my post. Neither of these things is guaranteed, as I know next to nothing about electrical engineering. I told the SST engineer that I would pass the schematic on to people who would be able to assess it's viability for our application. -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf.sourceforge.net/content.php?menu=1000&page_id=4 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Re: ADM Write Protect
On Friday 08 February 2002 22:00, Matt Schalit wrote: > > ATA-Disk module (ADM) and it's write-protect features: > > > >Here is the 40pin 5V ADM schematic. This is using the LD017 > > > >controller. In the schematic R8 is used as an option for WP. > > I think this is the crux. It's being used. It's being > tied to ground by the presense of ground on IDE cable pin 30, > and the existence of a zero-ohm resistor, ie. a short to gnd. a zero-ohm resistor is for circuit protection and yes pin 30 is ground on regular IDE as is pin 2. > Not a general feature if IDE I would agree. For a regular IDE drive, > disconnecting or strapping an IDE pin low or high, such as DIOW or > DIOR (23 or 25 I think) would interrupt the writing of command > signals to the drive's onboard controller. At least that's how I > understand it so far. Nope, pin 23 drops the acknowledgement of the drive itself out of the BIOS "no drive found to boot". I tried this a couple of days ago thinking the same thing. > > - If R8 is vacent, the device behaves normally (ie no > > write-protect) > > I see the exact opposite. It's gnd now according to the docs with R8 > present and it's write enabled. If you remove R8, then you are > trying to do the opposite, ie protect it. But is floating it > correct? If pin 30 is grounded (as normally done) and you add R8, R8 then grounds out pin 1 (reset) and _then_ the drive is write protected. If you've now read this far, you get the cookie. Earlier today I hacked a jumper in an IDE cable between pin 1 (reset) and pin 2 (grnd) and started the P166. The BIOS acknowledged the flash drive (not a CF, but a regular IDE flash drive) and kept trying to reset the drive. It started to boot and failed. I thought, "well that sucks" and left it there. Just a couple of minutes ago, I was working by it and thought I might just boot it again, which I did, but this time it wasn't cycling the "reset" as it had before and booted. I logged in and tried to mount the drive . it gave me io errors and would not mount the drive. I rebooted 4 more times with the same exact results. I took the jumper out and booted again, I could mount and write to the drive. Apparently the BIOS updated itself after the first boot and decided to work for me. In a nutshell, jumpering pins 1 & 2 on a regular IDE setup from around 1996 will write-protect a regular IDE drive. I will try this with a harddrive as soon as I get around to Syslinux'ing one. Can anyone else try and verify this for me ??? I won't guarentee anything at this point other than it worked for me on the only box I've tried it on. I apologize for being off-topic for using IDE instead of a ADM that I do not have. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Possible virus?
Charles Steinkuehler wrote: > > > > I'm currently trying to verify this, and track down exactly what the > > > Obsidian virus is supposed to do. If anyone has any information on this > > > virus, or can help verify the file is/is not infected, I would greatly > > > appreciate it. Ok I scanned it with Norton AV 7.07.23D with today's virus defs and didn't find anything. Obsidian is not one of the virus listed in the def's though :) Matt ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Re: ADM Write Protect
Sorry to resend this. I sent it before I was done accidentally Charles Steinkuehler wrote: > > Mike Noyes got the sst guys to send a schematic and some details about their > ATA-Disk module (ADM) and it's write-protect features: > > > >Here is the 40pin 5V ADM schematic. This is using the LD017 > > >controller. In the schematic R8 is used as an option for WP. I think this is the crux. It's being used. It's being tied to ground by the presense of ground on IDE cable pin 30, and the existence of a zero-ohm resistor, ie. a short to gnd. > > >The ADM using the LD016 was never released to production. It was build > > >for customer evaluation purpuses, only, and it does not support the WP > feature. > > > > > ><> > > Looking at the schematic, taking into account the information above, it > looks like the ADM *DOES* support a write-protect function, but it's not in > the form of an easily accessible jumper. What I have determined: > > * If you have an ADM module using the LD017 controller chip, you can enable > a write-protect function (per above comments). Note that the write-protect > feature is particular to THIS SPECIFIC DEVICE, and is not a general feature > of IDE devices. Not a general feature if IDE I would agree. For a regular IDE drive, disconnecting or strapping an IDE pin low or high, such as DIOW or DIOR (23 or 25 I think) would interrupt the writing of command signals to the drive's onboard controller. At least that's how I understand it so far. > * There is a zero-ohm resistor (used as a build-time configuration option) > to connect the write protect line of the controller IC to pin 30 of the IDE > interface (from the above comments, and the schematic). > - If R8 is populated, pin 30 controls the write-protect Isn't pin30 gnd on the IDE cable? If so, then the R8 being populated with a short means this gnd is present on the DOM controller, and the fact that the module is write capable in this configuration infers that gnd=write capable. > - If R8 is vacent, the device behaves normally (ie no write-protect) I see the exact opposite. It's gnd now according to the docs with R8 present and it's write enabled. If you remove R8, then you'll float that line. But is floating it proper, and does that write-protect the device? On the other hand, the tech told Mike the following: > I just got off the phone with one of the tech support > guys at SST. He sent me the schematic for the ADM device. They placed a > resister R-8 on the ADM that can be shunted to ground to enable WP. He said > this will work with standard IDE/motherboard configurations. So the tech says that the resistor can be shunted to ground. I thought that's what the schematic says it's doing because pin30 on the IDE cable is ground. > Interpolating a bit, since I don't have a unit to test, and the PDF doc > indicates a WP# jumper that doesn't exist: Agreed. It's not in the schematic. > The device should be write-protected if you tie the write-protect line from > the controller chip to ground. Since R8 is between the controller's > write-protect signal and IDE pin 30 (which should be ground on a standard > IDE cable), it should be possible to place a switch across the pads of the > (presumably missing) resistor R8. If the switch is "on", or shorted, the > device should be write-protected. If the switch is "off", or open, writes > should be possible. I agree with all this, but I have a problem because the schematic says that it's already tied to pin30 that's listed as ground. If in fact the R8 is missing, then as you mentioned, shunting this to ground means write-protect. But I'll claim, on the other hand, that if it has an R8 in place already, then it should be tied to Vcc to do the opposite. Why would floating it be appropriate. I dunno, I've been out of building circuits for a bit. Best, Matthew ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Re: ADM Write Protect
Charles Steinkuehler wrote: > > Mike Noyes got the sst guys to send a schematic and some details about their > ATA-Disk module (ADM) and it's write-protect features: > > > >Here is the 40pin 5V ADM schematic. This is using the LD017 > > >controller. In the schematic R8 is used as an option for WP. I think this is the crux. It's being used. It's being tied to ground by the presense of ground on IDE cable pin 30, and the existence of a zero-ohm resistor, ie. a short to gnd. > > >The ADM using the LD016 was never released to production. It was build > > >for customer evaluation purpuses, only, and it does not support the WP > feature. > > > > > ><> > > Looking at the schematic, taking into account the information above, it > looks like the ADM *DOES* support a write-protect function, but it's not in > the form of an easily accessible jumper. What I have determined: > > * If you have an ADM module using the LD017 controller chip, you can enable > a write-protect function (per above comments). Note that the write-protect > feature is particular to THIS SPECIFIC DEVICE, and is not a general feature > of IDE devices. Not a general feature if IDE I would agree. For a regular IDE drive, disconnecting or strapping an IDE pin low or high, such as DIOW or DIOR (23 or 25 I think) would interrupt the writing of command signals to the drive's onboard controller. At least that's how I understand it so far. > * There is a zero-ohm resistor (used as a build-time configuration option) > to connect the write protect line of the controller IC to pin 30 of the IDE > interface (from the above comments, and the schematic). > - If R8 is populated, pin 30 controls the write-protect Isn't pin30 gnd on all mainboards? If so, then the R8 being populated means this gnd is present on the DOM controller and the fact that it's write capable infers that gnd=write. > - If R8 is vacent, the device behaves normally (ie no write-protect) I see the exact opposite. It's gnd now according to the docs with R8 present and it's write enabled. If you remove R8, then you are trying to do the opposite, ie protect it. But is floating it correct? > Interpolating a bit, since I don't have a unit to test, and the PDF doc > indicates a WP# jumper that doesn't exist: > > The device should be write-protected if you tie the write-protect line from > the controller chip to ground. Since R8 is between the controller's > write-protect signal and IDE pin 30 (which should be ground on a standard > IDE cable), it should be possible to place a switch across the pads of the > (presumably missing) resistor R8. If the switch is "on", or shorted, the > device should be write-protected. If the switch is "off", or open, writes > should be possible. > > Can someone with one of these units physically look to see if there is a > missing resistor "R8" anywhere on the board? One end should go to pin 30 on > the IDE connector, while the other end goes to pin 62 of the controller > chip, according to the schematic I recieved. > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) > > ___ > Leaf-devel mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-devel ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
Matt Schalit wrote: > How about this one, Mike? It has write protect: Some older mainboards had a certain BIOS Security menu with a Write Protect All Sectors option to write protect the whole ide drive. For example, the AOpen DX6G. In addition to that, a Fujitsu IDE drive and a Micropolis drive both had write protect jumpers. Those would be hard to find as would the right mainboard, but it's worth checking your BIOS at least. All for now, Matt ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
Matt Schalit wrote: > > How about this one, Mike? It has write protect: And then there's Mite-Pc: http://www.iptel-now.de/HOWTO/MITE-PC/mite-pc.html Pretty neat. Matt ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
Matt Schalit wrote: > How about this one, Mike? It has write protect: http://www.m-sys.com/files/dataSheets/ffd/FFD_IDE_250_Spec.pdf ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
[Leaf-devel] Software write-protect
> What if during the initial boot process you mount your hard disk as a > read-only device then delete the mount command? Would this be sufficient > protection for a HD? (i.e. Is there any other program that could be used > to remount the HD?) > > Saving config changes could be handled by mounting a config floppy during > the init process that never gets umounted during normal operation. This definately throws up a road-block, but as with any software write protect, it can ultimately be undone. If only software (or a lack thereof) prevents writing to your storage media, and you assume some nasty has obtained root access, it's only a matter of how many hoops you have to jump through... Don't have a mount command? Copy it off the 'net or call the kernel functions to mount directly from your HackerApp. No utilities to copy from the 'net? Cobble something together with nc, or just "echo -e "\000\001\002" >HackerApp.bin until you've got the whole executable. Removed the kernel module to talk to your storage device? Just copy or re-build it (same as above). Swapped to a new kernel that doesn't have modular support, and doesn't know how to talk to your storage device? Just talk to the hardware directly...it's not that hard to read/write directly to an IDE device with no OS intervention. And so on... In general, if something's write-protected by software, it can be un-write-protected by software with enough determination, cleverness, and access privliges. The exception is in some embedded systems, where they specifically create hardware write-protection that's triggerable by software (but this is fundamentally hardware write protection, not software write-protection). Basically, software can access a device until such time as the software goes through a (usually somewhat convoluted, to avoid accidents) locking process. At this point, the hardware write-protectes itself, and does not reset without a cold boot, or some other form of manual intervention (perhaps pressing a reset button or something). Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
On Fri, Feb 08, 2002 at 02:57:44PM -0800, Mike Sensney wrote: > At 09:29 AM 2/8/2002 -0600, guitarlynn wrote: > ... > >In other words, how many folks have said: "Can I run LEAF on a > >harddrive (IDE)". We say, "you can, but it is a security risk compared > >to a floppy". What would it mean to be able to say: "You can use a hd, > >but if you want it as secure as the floppy, a $10-20 add-in IDE module > >is available here (link)." I think a lot of people would find this > >useful, IMHO, or maybe I'm thinking too hard and flogging a dead dog! > > A simple question: > > What if during the initial boot process you mount your hard disk as a > read-only device then delete the mount command? Would this be sufficient > protection for a HD? (i.e. Is there any other program that could be used > to remount the HD?) > > Saving config changes could be handled by mounting a config floppy during > the init process that never gets umounted during normal operation. >From my point of view, i would like to put my config data on a flashdisk or a harddisk as i do not trust floppies very much. What i would like to have is a switch connected or whatever that lets me physically enable write protection on the fly and not only at boot, cause i want to be able to update my system without the need to reboot. I just don't know how to do this for now, but that's my personal goal. So the router is protected as long as the switch is on "write protection", if i change something i have to physically press a switch on this machine... Only achieving protection for the hd could be done using other methods, maybe, like looking for a way to let linux only mount it read only in the kernel or whatever (maybe use grsecurity massivly or LIDS). But i used the Flashdisk cause i wanted to get rid of the floppy drive... So maybe there are different needs out there. --arne ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
At 09:29 AM 2/8/2002 -0600, guitarlynn wrote: ... >In other words, how many folks have said: "Can I run LEAF on a >harddrive (IDE)". We say, "you can, but it is a security risk compared >to a floppy". What would it mean to be able to say: "You can use a hd, >but if you want it as secure as the floppy, a $10-20 add-in IDE module >is available here (link)." I think a lot of people would find this >useful, IMHO, or maybe I'm thinking too hard and flogging a dead dog! A simple question: What if during the initial boot process you mount your hard disk as a read-only device then delete the mount command? Would this be sufficient protection for a HD? (i.e. Is there any other program that could be used to remount the HD?) Saving config changes could be handled by mounting a config floppy during the init process that never gets umounted during normal operation.
[Leaf-devel] Re: ADM Write Protect
Mike Noyes got the sst guys to send a schematic and some details about their ATA-Disk module (ADM) and it's write-protect features: > Fwd: FW: LD017 SADM sch > >From: Tanvir Sadique <[EMAIL PROTECTED]> > >To: [EMAIL PROTECTED] > >Subject: FW: LD017 SADM sch > >Date: Fri, 8 Feb 2002 10:44:02 -0800 > >X-Mailer: Internet Mail Service (5.5.2653.19) > > > >Hello Mike, > >Here is the schematic we spoke about. The following comments were from > >one of our product guys on Write Protect. > > > >Best Regards, > > > >Tanvir Sadique > >Staff Applications Engineer > >Customer Support > >Ph. 408.523-7768 > >Fx. 408.523-7757 > >www.superflash.com > > > > > > > >Here is the 40pin 5V ADM schematic. This is using the LD017 > >controller. In the schematic R8 is used as an option for WP. > > > >The ADM using the LD016 was never released to production. It was build > >for customer evaluation purpuses, only, and it does not support the WP feature. > > > ><> Looking at the schematic, taking into account the information above, it looks like the ADM *DOES* support a write-protect function, but it's not in the form of an easily accessible jumper. What I have determined: * If you have an ADM module using the LD017 controller chip, you can enable a write-protect function (per above comments). Note that the write-protect feature is particular to THIS SPECIFIC DEVICE, and is not a general feature of IDE devices. * There is a zero-ohm resistor (used as a build-time configuration option) to connect the write protect line of the controller IC to pin 30 of the IDE interface (from the above comments, and the schematic). - If R8 is populated, pin 30 controls the write-protect - If R8 is vacent, the device behaves normally (ie no write-protect) Interpolating a bit, since I don't have a unit to test, and the PDF doc indicates a WP# jumper that doesn't exist: The device should be write-protected if you tie the write-protect line from the controller chip to ground. Since R8 is between the controller's write-protect signal and IDE pin 30 (which should be ground on a standard IDE cable), it should be possible to place a switch across the pads of the (presumably missing) resistor R8. If the switch is "on", or shorted, the device should be write-protected. If the switch is "off", or open, writes should be possible. Can someone with one of these units physically look to see if there is a missing resistor "R8" anywhere on the board? One end should go to pin 30 on the IDE connector, while the other end goes to pin 62 of the controller chip, according to the schematic I recieved. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Possible virus?
> > I'm currently trying to verify this, and track down exactly what the > > Obsidian virus is supposed to do. If anyone has any information on this > > virus, or can help verify the file is/is not infected, I would greatly > > appreciate it. > > I can't test the file because I can't find it. > Why don't you email it to me, or put it on your > ftp site somewhere? The suspect file, /usr/bin/tr is part of my earlier IPSec packages, available as: http://lrp.steinkuehler.net/files/packages/IPSec1.5/ipsec.lrp http://lrp.steinkuehler.net/files/packages/IPSec1.4/ipsec.lrp http://lrp.steinkuehler.net/files/packages/IPSec1.3/ipsec.lrp Or from the various mirror locations. To browse to the old IPSec files, start at the latest IPSec package page: http://lrp.steinkuehler.net/Packages/ipsec1.91.htm NOTE: All versions above should contain an identical /usr/bin/tr command. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] How to gzip *only* a new application's files ???
Matt Schalit wrote: > > And remember, mds, there's: > > make -n install > > to output the commands but not execute them. Cool! I didn't know that one . . . -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] How to gzip *only* a new application's files ???
And remember, mds, there's: make -n install to output the commands but not execute them. Matt ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
[Leaf-devel] Re: Preferred package/filesystem location ???
>Message: 7 >Date: Thu, 07 Feb 2002 19:32:40 -0600 >From: "Michael D. Schleif" <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >Organization: mds resource >To: LEAF-dev <[EMAIL PROTECTED]> >Subject: [Leaf-devel] Preferred package/filesystem location ??? > >Is there some kind of standard whereby, when building a new LEAF >package, we know *where* particular files belong? > [snip] > >If there isn't a standard, there *SHOULD BE* -- no? > >What do you think? > busybox tar uses (usually GNU's) fnmatch with FNM_PATHNAME | FNM_LEADING_DIR flags and the exclusion list as a PATTERN, not a node name. This tar uses the exclusion list in a peculiar way for relative paths by matching the tail end of the file name (that is etc/modules matches boot/etc/modules). Fortunately, all LEAF backups are done relative to root and all package lists are concatenated in a single list. It is easy to force relative paths for everything on both sides (inclusion and exclusion lists) and therefore ensure a proper comparison. This takes into account Charles partial backup lists where files from a package are excluded for a partial backup and included for a full backup. We are left with two cases: 1) the user is doing a backup for some other package than yours and your package .list has an entry that reads some/dir without trailing / or /*. busybox tar will not back up anything from some/dir regardless how the other package is speced. 2) the user is doing a backup for your package and you are at the mercy of evil.lrp :-) such is life. The small diff below applies to every package including the initial RAM disk and then processes the RAM disk separately. This later idea is from Jacques Nilo's Bering code and works very well also. If you don't process the RAM disk separately, then you must use ctar which normalize node names relative to /. Dachstein 1.02 always uses ctar, for example. Bering beta 3 uses ctar for everything and busybox tar to extract to the RAM disk. ctar is an optional package in Oxygen 1.8. Unfortunately, busybox tar is used if ctar is not installed and node names are not normalized before being passed to busybox tar: You will get strange results if some other package has a filename that matches the end of one of yours. Also, when ctar is not installed, you will also destroy root.lrp because nothing will match ./* and the resulting tgz file will contain all of your filesystem. I think the need for the standard you are seeking becomes less urgent once you enumerate explicitly the files in your package and you enumerate explicitly the directories that you claim for this package. The rest belongs to the backup code. YMMV. I no longer uses ctar and make sure everything I specify is as explicit as possible. Dropping ctar changes the way the backup is done for the initial RAM disk if using LRP kernel patches. Regards, Serge Caron ___BEGIN DIFF__ diff -urN before/lrcfg.back.script sbin/lrcfg.back.script --- before/lrcfg.back.script Fri Jan 25 11:02:22 2002 +++ sbin/lrcfg.back.script Wed Feb 6 10:40:16 2002 @@ -4,6 +4,7 @@ #Linux Router Project # # Seriously hacked by Charles Steinkuehler +# Mildly hacked by Serge Caron (Feb 2002): ctar is gone... if [ $# -lt 3 ]; then echo "Bad call to $(basename $0)" @@ -24,6 +25,12 @@ EXCLUDE="/tmp/EXCLUDE" INITRD="`sed 's/.*initrd=//;s/.lrp.*//' /proc/cmdline`" +# Force relative paths for every node in the list +filter () { +sed -e "s/^[[:space:]]*//g" -e "s/[[:space:]]*$//g" \ + -e "/^[^./]/s/^./.\/&/1" -e "/^[/]/s/^./.&/1" $1 +} + mk_inc_part () { if [ -r $LOCAL ] ; then sed -n '/^[iI]/{ @@ -79,11 +86,18 @@ mv $PKGSAVE $PKGLIST >/dev/null 2>&1 echo -n "Creating $PACKAGE.lrp Please wait: " +# busybox tar uses fnmatch with FNM_PATHNAME | FNM_LEADING_DIR flags +# and the exclusion list as a PATTERN, not a node name. +# Therefore, a package can take exclusive control of a directory +# by specifying only the node name in the package list. +# This is probably OK for everything except /etc :-) +# so I force a trailing / to make sure that only dir names match. +filter $EXCLUDE | sed -e "s/^[.][\/]etc$/&\//1" > ${EXCLUDE}.tmp + ticker cd / - #tar cf - -T $INCLUDE -X $EXCLUDE| gzip >$DIR/$PACKAGE.lrp - ctar `cat $INCLUDE` -X `cat $EXCLUDE` | gzip >$DIR/$PACKAGE.lrp + tar -c -X ${EXCLUDE}.tmp `filter $INCLUDE` | gzip >$DIR/$PACKAGE.lrp [ $PACKAGE = $INITRD ] && /usr/sbin/lrcfg.back.initrd $DIR $PACKAGE >/dev/null 2>&1 @@ -92,6 +106,7 @@ rm $INCLUDE rm $EXCLUDE +rm ${EXCLUDE}.tmp if [ "$WTMP" = "ON" ]; then ___END DIFF ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
Mike Noyes wrote: > > At 2002-02-08 12:57 -0600, guitarlynn wrote: > >On Friday 08 February 2002 13:00, Mike Noyes wrote: > > > Lynn, > > > You're not wrong. I just got off the phone with one of the tech > > > support guys at SST. He sent me the schematic for the ADM device. > > > They placed a resister R-8 on the ADM that can be shunted to ground > > > to enable WP. He said this will work with standard IDE/motherboard > > > configurations. > > > >This changes everything as we know it ... > >I'll have it tested today!!! > > Lynn, > Do you already have one of the ATA-Disk Modules? If so, where did you get > it, and what did you pay for it? How about this one, Mike? It has write protect: http://www.ssti.com/ata_disk/index.html which is explained further in here: http://www.ssti.com/products/58sd_ld.html Matt ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
On Friday 08 February 2002 13:10, Mike Noyes wrote: > Lynn, > Do you already have one of the ATA-Disk Modules? If so, where did > you get it, and what did you pay for it? No, Mike, I don't have one your not grasping the scope I see here. I just tried it, but it doesn't work as expected ... I'll have to engineer a module to work with it and a system patch ... but I can do this. THIS CAN BE MADE TO WORK WITH _ANY_ IDE DEVICE! -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
guitarlynn wrote: > > On Friday 08 February 2002 08:39, Charles Steinkuehler wrote: > > Um...you won't find any standard motherboards that support the usage > > of pin 30 for write-protect, and even if you could, it would probably > > be controlled by software, not a switch, which kind of defeats the > > whole purpose. That's the entire reason the WP jumper is on the > > device in the first place...you can use the pin 30 interface if > > you're designing a custom board...folks with standard hardware can > > just use the jumper (or optionally wire the jumper to a manual > > switch). > > OK, this is where I might be confused myself, and confusing others such > as Matt. Hey! Someone might be interested in an assembly code software write-protect program for IDE devices that intercepts int13 calls (or something like that, I don't get it all) http://wcarchive.cdrom.com/pub/simtelnet/msdos/diskutil/protect.asm Download the file and read it. Very interesting. Not sure if anyone can make it executable on Linux though. Matt ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Preferred package/filesystem location ???
On Fri, 8 Feb 2002, Matt Schalit wrote: > Jack Coates wrote: > > > > > Hm, so the backup process checks the list files of all other .lrps? > > Yup. That's how it works. Include everything listed in the .list > while excluding everything listed in every other .list. Creative > things like this keep LEAF interesting. I'm pretty certain that's > how it's hobbled together. You can see the impetus for a new > packaging system :) > > Matt > Heh... only if the improved system is smaller :-) Seriously, one of the things I really _like_ about LEAF is that so much of it is built on elegant scripting hacks like this. About a year ago I was able to take apart an EigersteinBETA2 image and figure out the whole process from boot to prompt just by reading scripts. I'm sure the same thing can be done with the latest distributions. I've tried to do the same with some of the various Mandrake versions I've used (6.0 through 8.0) and it's a hell of a lot tougher. -- Jack Coates Monkeynoodle: A Scientific Venture... ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
At 2002-02-08 12:57 -0600, guitarlynn wrote: >On Friday 08 February 2002 13:00, Mike Noyes wrote: > > Lynn, > > You're not wrong. I just got off the phone with one of the tech > > support guys at SST. He sent me the schematic for the ADM device. > > They placed a resister R-8 on the ADM that can be shunted to ground > > to enable WP. He said this will work with standard IDE/motherboard > > configurations. > >This changes everything as we know it ... >I'll have it tested today!!! Lynn, Do you already have one of the ATA-Disk Modules? If so, where did you get it, and what did you pay for it? -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf.sourceforge.net/content.php?menu=1000&page_id=4 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
On Friday 08 February 2002 13:00, Mike Noyes wrote: > Lynn, > You're not wrong. I just got off the phone with one of the tech > support guys at SST. He sent me the schematic for the ADM device. > They placed a resister R-8 on the ADM that can be shunted to ground > to enable WP. He said this will work with standard IDE/motherboard > configurations. This changes everything as we know it ... I'll have it tested today!!! -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Preferred package/filesystem location ???
Matt Schalit wrote: > > Jack Coates wrote: > > > > > Hm, so the backup process checks the list files of all other .lrps? > > Yup. That's how it works. Include everything listed in the .list > while excluding everything listed in every other .list. Creative > things like this keep LEAF interesting. I'm pretty certain that's > how it's hobbled together. You can see the impetus for a new > packaging system :) Hence, my interest in filesystem and file location standards . . . -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Preferred package/filesystem location ???
Jack Coates wrote: > > Hm, so the backup process checks the list files of all other .lrps? Yup. That's how it works. Include everything listed in the .list while excluding everything listed in every other .list. Creative things like this keep LEAF interesting. I'm pretty certain that's how it's hobbled together. You can see the impetus for a new packaging system :) Matt ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
RE: [Leaf-devel] More on dates
> I figured out some of the confusion I was seeing: > 6) There is a NTP client - ntpclient appropriately - which > could replace rdate, if it is small enough... On my system, ntpclient is 12320 bytes compiled under uClibc (0.9.9+), 6474 bytes zipped at maximum compression. > David Douthitt > UNIX Systems Administrator > HP-UX, Unixware, Linux > [EMAIL PROTECTED] -Richard ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
At 2002-02-08 11:51 -0600, guitarlynn wrote: >On Friday 08 February 2002 10:52, Mike Noyes wrote: > > If I understand you correctly, you believe Apacer was telling > > Stefaan that Host Selectable (Close 2,3) mode wasn't supported, not > > that Connect to Ground (Close 1,2) didn't work. Since there is no > > WP jumper on the ADM, we need to create an adapter that jumpers pin > > 30 to ground when WP is desired. > >Pins #2 & 30 are ground on a typical ATA cable. > > > Did I get that right? Anyone willing to try this, and see if it > > works? > >I will see if I can try it today. > > > If it's this easy, I can't understand why SST/Apacer didn't add a > > two pin WP jumper (Close 1,2) to the ADM. > >Me either, I'm probably wrong ... so I'll use a MB I won't care to >lose just in case. If I'm guessing right, I'll manufacture the darn >things. Lynn, You're not wrong. I just got off the phone with one of the tech support guys at SST. He sent me the schematic for the ADM device. They placed a resister R-8 on the ADM that can be shunted to ground to enable WP. He said this will work with standard IDE/motherboard configurations. Anyone that wants the ADM schematic send me email off-list, and I'll send it to you. He had no explanation for why they chose not to include a two pin WP jumper on board the ADM. -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf.sourceforge.net/content.php?menu=1000&page_id=4 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
[Leaf-devel] /. link about runlevel 0 firewall
I don't like to forward links, but this is a nifty idea. http://www.samag.com/documents/s=1824/sam0201d/0201d.htm Basically, it's possible to alter the shutdown process so that the NICs remain active, the kernel remains loaded, and it continues to pass traffic with no userspace processes. Obviously dhcpcd and pppoe users need not apply. -- Jack Coates Monkeynoodle: A Scientific Venture... ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Possible virus?
Charles Steinkuehler wrote: > > I have been informed that Panda Antyvirus Platinum on Windows XP reports > that the file /usr/bin/tr contained as part of ipsec.lrp (apparently version > 1.5 or earlier, since there is no tr command included in my latest ipsec > 1.91 package) is infected by the Linux/Obsidian.E virus. > > I'm currently trying to verify this, and track down exactly what the > Obsidian virus is supposed to do. If anyone has any information on this > virus, or can help verify the file is/is not infected, I would greatly > appreciate it. I can't test the file because I can't find it. Why don't you email it to me, or put it on your ftp site somewhere? thanks, Matt > I currently have no idea if this is simply a false positive, or if there is > actually a problem, but wanted to let everyone know just in case. > > FYI: If memory serves, the tr and column programs included in my older > IPSec packages came from an aquaintence in San Diego, who managed to get > IPSec working before I did and sent me his LRP package. I used his versions > of these two utilities since they were smaller than the Debian counterparts. > Since the programs work properly, are quite small overall, and smaller than > their stripped Debian cousins, if there is a virus it can't be very large or > complex. > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] How to gzip *only* a new application's files ???
On Fri, 8 Feb 2002, Charles Steinkuehler wrote: > > Surely, all of you experienced LRP'ers have tackled this one! > > > > OK, I build a new application on a slink development box. Once I do > > `make install', how do I know an exhaustive list of *ALL* files to turn > > into the LRP file? > > There's probably an easier way, but I usually find myself crawling through > the makefile, and the saved output of "make install". I've also found > package file lists for mainstream releases (ie rpm & deb version) of > whatever I'm dealing with useful in this regard... > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) > You can also set the product root to a specific directory (e.g. /usr/local/foobar). Even if that's not the way you want to do the final package, you can still probably get away with something like ls /usr/local/foobar > package.list -- Jack Coates Monkeynoodle: A Scientific Venture... ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] How to gzip *only* a new application's files ???
> Surely, all of you experienced LRP'ers have tackled this one! > > OK, I build a new application on a slink development box. Once I do > `make install', how do I know an exhaustive list of *ALL* files to turn > into the LRP file? There's probably an easier way, but I usually find myself crawling through the makefile, and the saved output of "make install". I've also found package file lists for mainstream releases (ie rpm & deb version) of whatever I'm dealing with useful in this regard... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
[Leaf-devel] How to gzip *only* a new application's files ???
Surely, all of you experienced LRP'ers have tackled this one! OK, I build a new application on a slink development box. Once I do `make install', how do I know an exhaustive list of *ALL* files to turn into the LRP file? What do you think? -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
On Friday 08 February 2002 10:52, Mike Noyes wrote: > Lynn, > If I understand you correctly, you believe Apacer was telling Stefaan > that Host Selectable (Close 2,3) mode wasn't supported, not that > Connect to Ground (Close 1,2) didn't work. Since there is no WP > jumper on the ADM, we need to create an adapter that jumpers pin 30 > to ground when WP is desired. Pins #2 & 30 are ground on a typical ATA cable. > Did I get that right? Anyone willing to try this, and see if it > works? I will see if I can try it today. > If it's this easy, I can't understand why SST/Apacer didn't add a two > pin WP jumper (Close 1,2) to the ADM. Me either, I'm probably wrong ... so I'll use a MB I won't care to lose just in case. If I'm guessing right, I'll manufacture the darn things. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
At 2002-02-08 09:29 -0600, guitarlynn wrote: >As noted in the email and to a far lesser degree on the White >paper, pin #30 _can_ be used with a special MB to control the WP, in >particular with _partial_ software_named files/dirs to WP. The WP >used with the pins #1-2 does not require the special MB or ATA >instructions, simply a jumper or a jumper with switch, but you can't >do partials. Lynn, If I understand you correctly, you believe Apacer was telling Stefaan that Host Selectable (Close 2,3) mode wasn't supported, not that Connect to Ground (Close 1,2) didn't work. Since there is no WP jumper on the ADM, we need to create an adapter that jumpers pin 30 to ground when WP is desired. Did I get that right? Anyone willing to try this, and see if it works? If it's this easy, I can't understand why SST/Apacer didn't add a two pin WP jumper (Close 1,2) to the ADM. -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf.sourceforge.net/content.php?menu=1000&page_id=4 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
On Friday 08 February 2002 08:39, Charles Steinkuehler wrote: > Um...you won't find any standard motherboards that support the usage > of pin 30 for write-protect, and even if you could, it would probably > be controlled by software, not a switch, which kind of defeats the > whole purpose. That's the entire reason the WP jumper is on the > device in the first place...you can use the pin 30 interface if > you're designing a custom board...folks with standard hardware can > just use the jumper (or optionally wire the jumper to a manual > switch). OK, this is where I might be confused myself, and confusing others such as Matt. Let me explain it as I understand it, and everyone is welcome to thrash me into submission if wrong. As noted in the email and to a far lesser degree on the White paper, pin #30 _can_ be used with a special MB to control the WP, in particular with _partial_ software_named files/dirs to WP. The WP used with the pins #1-2 does not require the special MB or ATA instructions, simply a jumper or a jumper with switch, but you can't do partials. Now comes in my somewhat OT comments/thoughts of yesterday. Being that this jumper configuration does not require a special MB or ATA instructions beyond what is presently used, only a jumper that bypasses the disk itself (to ground) ... Is there any reason that this could not be implemented on any or all existing ATA run devices (CF, FlashDisk, IDE, etc), the jumper is bypassing the drive itself as far as the instructions on wire #1 is concerned The reason I bring this up at all is quite simple, I believe that the general population has old hardware that could be used for LEAF similar to mine roughly 30 old 486-P1 boxes that support IDE only (no SCSI support built in). The cost of a SCSI controller board is too expensive, or won't fit in the desired case restraints desired, so though it's a excellent option, it's not a desired option. I have flash and CF cards at present that I would like to use WP if possible through existing MB's ... a manual switch or even a $10-20 module would be more cost efficient and desired than simply trashing what I already have, hardware wise, to get WP, if possible. In other words, how many folks have said: "Can I run LEAF on a harddrive (IDE)". We say, "you can, but it is a security risk compared to a floppy". What would it mean to be able to say: "You can use a hd, but if you want it as secure as the floppy, a $10-20 add-in IDE module is available here (link)." I think a lot of people would find this useful, IMHO, or maybe I'm thinking too hard and flogging a dead dog! -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Preferred package/filesystem location ???
On Fri, 8 Feb 2002, Matt Schalit wrote: > Jack Coates wrote: > > > > A factor here is that most distributions will backup anything there into > > local.lrp, which doubles up your space usage. > > As far as I've seen, a properly coded .list file ensures > that any directory and/or files in my .list file won't get > backed up by other packages like local.lrp. Isn't that the > case? My pfw.lrp lives entirely under /usr/local and doesn't > get backed up in local.lrp. > > Hm, so the backup process checks the list files of all other .lrps? I guess I don't understand how that works. Your experience clearly shows that it does though. > > > The lrp file format > > prevents many of the cleanup issues that led to a filesystem standard > > being attempted in the first place, > > I've seen Charles discuss the deficiences of the .list file. > After reading that, I'm glad I don't make full distros for fun. > > > so I don't see an issue with package > > developers making everything they do act like it's part of the > > distribution (or making everything live in one dir, for that matter). > > > 'which' is always going to be a popular command :) > Matt > > ___ > Leaf-devel mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-devel > -- Jack Coates Monkeynoodle: A Scientific Venture... ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Re: [Leaf-user] Possible virus?
At 2002-02-08 06:59 -0800, Kenneth Hadley wrote: >http://www.virusbtn.com/vb2000/Programme/papers/kaminski.pdf > > From what I understand it infects ELF headers Kenneth, That's what I'm able to find out also. Here is a quote from the Virus Bulletin Conference, Sep. 2000 p. 8-9 http://google.com/search?hl=en&q=%22Obsidian+E%22+virus ~ Obsidian E(Telf.8000) ~ Even such an unimpressive set (in comparison to the macro or DOS ~ file infectors) includes viruses with a variety of infection and ~ replication techniques. Some of them prepend their code (like Bliss ~ or Obsidian); some are appending viruses (e.g. Mandragore), yet ~ others insert their code inside the original hosts (e.g. Siilov or ~ Vit). ~ Most of the viruses use direct infection methods, but some also stay ~ in memory infecting new files when they executed. Some viruses use ~ their own ELF headers (e.g. Bliss or Obsidian), or modify the ~ original headers redirecting the entry point to the virus code (e.g. ~ Mandragore or Vit), whilst others leave the entry point unchanged, ~ but modify instead the code pointed to by it (e.g. Siilov or ~ Diesel). -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf.sourceforge.net/content.php?menu=1000&page_id=4 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
[Leaf-devel] Re: [Leaf-user] Possible virus?
http://www.virusbtn.com/vb2000/Programme/papers/kaminski.pdf >From what I understand it infects ELF headers Though I couldn't find any info on this virus from Sophos or Trend Micro...which struck me as strange since both have Linux/Unix based Antivirus software and are big name companies. -Kenneth Hadley - Original Message - From: "Charles Steinkuehler" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Friday, February 08, 2002 6:21 AM Subject: [Leaf-user] Possible virus? > I have been informed that Panda Antyvirus Platinum on Windows XP reports > that the file /usr/bin/tr contained as part of ipsec.lrp (apparently version > 1.5 or earlier, since there is no tr command included in my latest ipsec > 1.91 package) is infected by the Linux/Obsidian.E virus. > > I'm currently trying to verify this, and track down exactly what the > Obsidian virus is supposed to do. If anyone has any information on this > virus, or can help verify the file is/is not infected, I would greatly > appreciate it. > > I currently have no idea if this is simply a false positive, or if there is > actually a problem, but wanted to let everyone know just in case. > > FYI: If memory serves, the tr and column programs included in my older > IPSec packages came from an aquaintence in San Diego, who managed to get > IPSec working before I did and sent me his LRP package. I used his versions > of these two utilities since they were smaller than the Debian counterparts. > Since the programs work properly, are quite small overall, and smaller than > their stripped Debian cousins, if there is a virus it can't be very large or > complex. > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
RE: [Leaf-devel] Scripting language
Can someone expound as to why TCL would be a bad choice. I thought there was a time when it was considered the standard for what you are wanting to do yet there has been no mention of it in this thread. Regards, Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of David Douthitt Sent: Friday, February 08, 2002 8:06 AM To: LEAF Development Subject: Re: [Leaf-devel] Scripting language On 2/8/02 at 12:54 AM, Matt Schalit <[EMAIL PROTECTED]> wrote: > What does a hello world in FORTH look like? : HELLO_WORLD ." Hello, World!" ; HELLO_WORLD > Maybe could you also post an example that asks > your full name then echos the first name and > last name on different lines? Text processing is not a basic part of FORTH - remember this is a low-level language like C (its main competition) or Assembly... It's been too long since I programmed Forth; here's an example that asks a name and echos it back. : GREET CR ." What's your name?" S0 @ 40 EXPECT 0 >IN ! 1 TEXT CR ." Hello, " PAD 40 -TRAILING TYPE ." , I speak FORTH." ; GREET > btw, for Java, the two examples are easier to make > as a gui app, but the answer for a terminal would be: > Those would be compiled with: > > javac *.java > > which creates Hello.class and Fullname.class. > Those are the executables, and they are run with: > > java Hello > java Fullname > > Java is very case sensative, and classes start > with a capital letter. FORTH was case-sensitive, but some modern versions are not. FORTH is an environment, not just a compiler - think of Smalltalk here. The Forth prompt is: ok (cute, eh?) Comments are ( this is a FORTH comment - cute, eh?) or \ This is a one line comment The examples above define a new "word" that extends the language (by using a : ... ; construct) then execute it by name. FORTH is what is called a "Threaded Language" - FORTH is made up of pointers, or pointers to pointers. The "interpreter" is constantly resolving pointers. In Modern Times, we have Postscript, OpenBOOT, and the FreeBSD boot loader - all of which are FORTH or FORTH-like. The corporation that embodies Forth - at least in terms of longevity, and early language luminaries - is Forth, Inc, and they are still going strong. Forth, in fact, is strong in embedded systems - you can get a complete Forth interpreter, with editor, assembler, and quite a few other things in way less than 64k. I can remember a 192k Apple II multitasking under FORTH quite nicely -- David Douthitt UNIX Systems Administrator HP-UX, Unixware, Linux [EMAIL PROTECTED] ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] CF (write protect) + IDE adapter
> Thanks for getting a definitive answer. Is Apacer willing to supply you > with a list of motherboards that support ADM WP# pin 30? I suspect they > wont be able to locate any. This is a good point to use when asking them to > implement the control logic in the ADM firmware. Um...you won't find any standard motherboards that support the usage of pin 30 for write-protect, and even if you could, it would probably be controlled by software, not a switch, which kind of defeats the whole purpose. That's the entire reason the WP jumper is on the device in the first place...you can use the pin 30 interface if you're designing a custom board...folks with standard hardware can just use the jumper (or optionally wire the jumper to a manual switch). Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
[Leaf-devel] Possible virus?
I have been informed that Panda Antyvirus Platinum on Windows XP reports that the file /usr/bin/tr contained as part of ipsec.lrp (apparently version 1.5 or earlier, since there is no tr command included in my latest ipsec 1.91 package) is infected by the Linux/Obsidian.E virus. I'm currently trying to verify this, and track down exactly what the Obsidian virus is supposed to do. If anyone has any information on this virus, or can help verify the file is/is not infected, I would greatly appreciate it. I currently have no idea if this is simply a false positive, or if there is actually a problem, but wanted to let everyone know just in case. FYI: If memory serves, the tr and column programs included in my older IPSec packages came from an aquaintence in San Diego, who managed to get IPSec working before I did and sent me his LRP package. I used his versions of these two utilities since they were smaller than the Debian counterparts. Since the programs work properly, are quite small overall, and smaller than their stripped Debian cousins, if there is a virus it can't be very large or complex. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
RE: [Leaf-devel] CF (write protect) + IDE adapter
At 2002-02-08 08:55 +0100, Stefaan Van Dooren wrote: >A message I just received from Apacer > > >Dear Stefaan, > >More information on the WP function. Apacer product is programmable >for WP. The WP pin is low active, so WP wll be activated whenever the >pin is asserted low. The system board, however, needs to have a WP >controll logic to enable/disable WP. Not many M/B's supports such a >control logic, so this is kind of a desgin-in feature. Partial WP by >block is not supported by the current firmware version. It is >technically feasible, but it depends on the quantity you required. > Stefaan, Thanks for getting a definitive answer. Is Apacer willing to supply you with a list of motherboards that support ADM WP# pin 30? I suspect they wont be able to locate any. This is a good point to use when asking them to implement the control logic in the ADM firmware. BTW, what price are you paying for an ADM? -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf.sourceforge.net/content.php?menu=1000&page_id=4 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] More on dates
At 2002-02-08 00:43 -0600, David Douthitt wrote: >So how important is setting the time/date with date? Is rdate >(or ntpclient) enough? David, I think it's important to have the correct date. My ISP NOC wont accept abuse reports without valid time stamps in syslog. I use rdate on my current floppy to set the time on boot. rdate connects a server on my lan, and my server connects to a timeserver on the Internet with xntpd. I use this setup for two reasons. One, I feel it's more secure than having the router/firewall accessing a time server on the Internet. Two, rdate connections are refused by most timeservers on the Internet. -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf.sourceforge.net/content.php?menu=1000&page_id=4 ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Scripting language
On 2/8/02 at 12:54 AM, Matt Schalit <[EMAIL PROTECTED]> wrote: > What does a hello world in FORTH look like? : HELLO_WORLD ." Hello, World!" ; HELLO_WORLD > Maybe could you also post an example that asks > your full name then echos the first name and > last name on different lines? Text processing is not a basic part of FORTH - remember this is a low-level language like C (its main competition) or Assembly... It's been too long since I programmed Forth; here's an example that asks a name and echos it back. : GREET CR ." What's your name?" S0 @ 40 EXPECT 0 >IN ! 1 TEXT CR ." Hello, " PAD 40 -TRAILING TYPE ." , I speak FORTH." ; GREET > btw, for Java, the two examples are easier to make > as a gui app, but the answer for a terminal would be: > Those would be compiled with: > > javac *.java > > which creates Hello.class and Fullname.class. > Those are the executables, and they are run with: > > java Hello > java Fullname > > Java is very case sensative, and classes start > with a capital letter. FORTH was case-sensitive, but some modern versions are not. FORTH is an environment, not just a compiler - think of Smalltalk here. The Forth prompt is: ok (cute, eh?) Comments are ( this is a FORTH comment - cute, eh?) or \ This is a one line comment The examples above define a new "word" that extends the language (by using a : ... ; construct) then execute it by name. FORTH is what is called a "Threaded Language" - FORTH is made up of pointers, or pointers to pointers. The "interpreter" is constantly resolving pointers. In Modern Times, we have Postscript, OpenBOOT, and the FreeBSD boot loader - all of which are FORTH or FORTH-like. The corporation that embodies Forth - at least in terms of longevity, and early language luminaries - is Forth, Inc, and they are still going strong. Forth, in fact, is strong in embedded systems - you can get a complete Forth interpreter, with editor, assembler, and quite a few other things in way less than 64k. I can remember a 192k Apple II multitasking under FORTH quite nicely -- David Douthitt UNIX Systems Administrator HP-UX, Unixware, Linux [EMAIL PROTECTED] ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
Re: [Leaf-devel] Scripting language
David Douthitt wrote: > [snip] > > You might say I enjoy FORTH - and you'd be understating things :) What does a hello world in FORTH look like? Maybe could you also post an example that asks your full name then echos the first name and last name on different lines? Just curious. Matt btw, for Java, the two examples are easier to make as a gui app, but the answer for a terminal would be: -- begin Hello.java // A comment starts with slash slash public class Hello { public static void main( String[] arg ) { System.out.println( "Hello World." ); } } --- end Hello.java - - begin Fullname.java -- import java.util.*; // these are like #includes import java.io.*;// but the dots seperate dirs public class Fullname { public static void main( String args[] ) throws Exception { BufferedReader keyb = new BufferedReader( new InputStreamReader( System.in ) ); System.out.print( "Please enter your full name : " ); String s = keyb.readLine(); StringTokenizer tokens = new StringTokenizer( s ); System.out.println( "Thanks, you entered " + s + ".\nAnd " + "split up thats..." ); while ( tokens.hasMoreTokens() ) { System.out.println( tokens.nextToken() ); } } // end of main } // end of class Fullname -- end of Fullname.java - Those would be compiled with: javac *.java which creates Hello.class and Fullname.class. Those are the executables, and they are run with: java Hello java Fullname Java is very case sensative, and classes start with a capital letter. ___ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel