On Mon, Jun 04, 2001 at 03:01:31PM +0200, Oystein Viggen wrote:
> > It seems that a glibc package build is larger than 918 megs. =(
>
> Would it be possible to do this the "old fashioned" unix way, and just
> mount (, translate or whatever we call it) another filesystem on
> ./debian/ or somewh
On Tue, Jun 05, 2001 at 04:17:11PM -0400, Igor Khavkine wrote:
> Just how fast is plex86 on your machine? Last time I tried it (a couple
> of weeks ago) it was extreeemly slow. It took 30 seconds just to draw
> the GRUB menu.
You can see how it draws it, but it is drawn in one second or so.
Vi
> There is no self contained installation, although you can boot linux from
> a floppy and install the big tar file from there.
>
> The self contained installation will involve the new debian-installer
If you can boot from the Philip's CDs, then you have a self contained
installer.
On Tue, 5 Jun 2001, Thomas A Langan wrote:
> HURD for those who do not have Linux installed. Is it necessary that I
> install Debian? What is The Right Way to install HURD right now if you
> don't have any OS installed?
>
There are Hurd installation CDs available. Include in the Easy Guide?
P
On Mon, Jun 04, 2001 at 03:43:27PM +0200, Robert Bihlmeyer wrote:
> Marcus Brinkmann <[EMAIL PROTECTED]> writes:
>
> > Then there is the problem that you can't chown to -1 (as -1 means skip
> > that). I am not sure what this means, though.
>
> That's a feature.
Well, I know so much, I've just n
After researching this, and from some responses that I have recieved
on this, I agree that it would be a rather pointless and also monumental
task to accomplish this. My time would be much better spent adding
more comments to the Mach sources and just working with them.
And so that's what I'm d
a) I used it today :)
b) I am still in the process of installing so I will probably use it some
more this week. I'm having some trouble with hardware compatibility (the
boot disk in marcus' alpha.gnu.org/pub/hurd/contrib folder dies at some
point), but I also find myself in the awkward position
Quoth Marcus Brinkmann:
> I thought about first opening a socket and bind to it, then drop uids.
> That's not so good as running without any ids in the first place, but
> better than keeping those uids around, isn't it?
If you're talking about sockets as in TCP/IP networking, this is good
enough
karim ben djedidia <[EMAIL PROTECTED]> writes:
> - I thought (maybe because I haven't any useful doc ;)) that there
> was a binary compatibility between linux and hurd, but no linux
> command works (file not found or something like that). Why ?
The plan is that the glibc ABI should be the same on
Russell Coker <[EMAIL PROTECTED]> writes:
> On Monday 04 June 2001 00:59, Julian Gilbey wrote:
> > On Sun, Jun 03, 2001 at 02:37:19PM +0200, Russell Coker wrote:
> > > Another thing any package that depends on the creation of nodes under
> > > /dev MUST depend on "makedev | devfsd". People who ru
(This ended up horribly long.. I'm sorry :)
Quoth Marcus Brinkmann:
> Anyway, the code is there, but processes started at boot time are not in
> different login groups, I think. You would want them to be there, though.
> In fact, I think you would loose all security at the login shell if there
> > It's a good thing that I finally got a second box. Right now I'm trying
> > to set it up so I could comunicate with it through the serial port.
> > BTW, does anyone have suggestions for serial line communication programs
> > other then minicom and `cat >/dev/ttyS1' and `cat /dev/ttyS1' in two
>
On Tue, Jun 05, 2001 at 08:18:21AM +0200, Niels Möller wrote:
> The plan is that the glibc ABI should be the same on Hurd and Linux
> (on each hardware platform).
[...]
> But we're not there yet, as far as I know.
One word: pthreads.
I believe that is the missing bit.
Marcus
--
`Rhubarb is
On Sun, Jun 03, 2001 at 03:40:24PM -0400, Roland McGrath wrote:
> > We have an entry in /etc/passwd for the login user, with uid 100. Maybe we
> > should change that to -1?
>
> I've never understood what uid 100 was about exactly.
The idea was to add the login user automatically in the Hurd pos
On 4 Jun 2001, Oystein Viggen wrote:
> Quoth Neal H Walfield:
>
> > ext2fs and ufs memory map the partition. I32 has a 4GB virtual address
> > space of which 2GB is owned by the kernel. Of the remaining 2GB, a task
> > has stack, the program image etc. That leaves just over a gig of
> > conti
I have just upgraded my old hurd installation by using the F2 main CD.
I used the opportunity of having my laptop on a network to also
donwload the latest versions of oskit and gnumach (haven't found
oskit-mach yet).
Crosscompiling gnumach worked nicely, though I haven't yet checked
with the latest
I've added a feature to mig that prints out a list of RPC names and message
ID numbers, as might be useful to process into something that drives rpctrace.
I've declared this version 1.2 of mig, but I haven't uploaded a distribution
anywhere yet. Anybody can check the mig module out of cvs (see
ht
Quoth Neal H Walfield:
> > A nice project would be looking into completely removing the 1GB
> > limit on filesystems/stores (perhaps for the 1wk part). Also looking
> > at ways to improve the speed of filesystem access for the hurd,
> > especially for ext2, would be great.
>
> I think that this
On Tue, Jun 05, 2001 at 12:15:19PM +0200, Jonathan Liger wrote:
>
> Hi, I just wanted to know wether mach provided any functions similar to
> the linux kernel in[bwl] or out[bwl] ...
>
> Thank you in advance, :)
>
> Jonathan Liger.
There are in[bwl] and out[bwl] functions defined in the M
Marcus Brinkmann <[EMAIL PROTECTED]> writes:
> Then there is the problem that you can't chown to -1 (as -1 means skip
> that). I am not sure what this means, though.
That's a feature. You wouldn't want to have this uid own files,
anyway.
BTW, what's the difference to Unix's nobody?
--
Robbe
Marcus Brinkmann <[EMAIL PROTECTED]> writes:
> One word: pthreads.
That's not a word. I tried it, and now my screen is dripping.
[sorry]
(To the rest of the list: I've included a list of things here that I
feel that *anyone* wishing to hack the Hurd should probably be able to
do. I'd like to include this text in a getting started page, so
feedback is appreciated. Especially if someone who's been through
these recently can assess h
Jonathan Liger <[EMAIL PROTECTED]> writes:
> Hi, I just wanted to know wether mach provided any functions similar to
> the linux kernel in[bwl] or out[bwl] ...
Yes. #include and note that Mach has
outb(port, val) but Linux has outb(value, port).
This happens in single user mode for some reason. Reboot without the
-s after the gnumach line.
If that doesn't do it, there's something wrong with your install, and
you need to give us some bootup error messages.
On Wed, Jun 06, 2001 at 06:56:13AM +1000, Aquila wrote:
> Hi, I've just installed
> BTW, what is the correct way to cross-build glibc?
Generally, the gcc-i386-gnu package takes care of all of this. However,
I have not been cross compiling lately.
Quoth Jeff Bailey:
> It seems that a glibc package build is larger than 918 megs. =(
Would it be possible to do this the "old fashioned" unix way, and just
mount (, translate or whatever we call it) another filesystem on
./debian/ or somewhere else in the build directory? I figure if you
were
On Tue, Jun 05, 2001 at 09:03:31PM +0200, Oystein Viggen wrote:
> It also seems that root is still god and can do whatever he wants, also
> killing these processes, but two different rmauth'ed oysteivi's can not
> frob each others processes.
Yes, uid == 0 usually overrides any other checks.
[...
On Tue, Jun 05, 2001 at 11:07:43PM +0200, Robert Bihlmeyer wrote:
> > a) Bad cross-compiler (I had this alot before I got it right a few
> > years ago. Now I'm using the debian packages, and I have no reason to
> > trust them)
>
> BTW, what is the correct way to cross-build glibc? I used the "che
Hi, I just wanted to know wether mach provided any functions similar to
the linux kernel in[bwl] or out[bwl] ...
Thank you in advance, :)
Jonathan Liger.
Jeff Bailey <[EMAIL PROTECTED]> writes:
> It seems that a glibc package build is larger than 918 megs. =(
Darn. I also wanted to (re)build glibc (2.2.2-1) in my case, and the
Hurd ran into space problems. Have given up and went back to
cross-compiling for now.
> a) Bad cross-compiler (I had th
> We also need to change to using libio in glibc, which requires a whole
> bunch of work in the exec server. I don't know the difficulty level
> of this change.
All the work to switch to libio has already been done. We could do it any
time we wanted to deal with the libc soname change. I have a
Quoth Marcus Brinkmann:
> Will the following scenario work?
>
> glibc is changed, so that "setuid(-1)" means: Drop all (effective?) user ids.
> Change the nobody entry in the passwd file so that it lists -1 as uid.
>
> This will make Unix programs which conventionally switch to user nobody very
Hi, I've just installed Debian/Hurd, following the "easy guide"...
everything seems to be working, except when I run something (e.g. ping)
and I want to ^C it, it doesn't work? In fact all of the "usual" Linux
control codes (^C, ^Z, ^S, ^Q, etc.) doesn't seem to work on the Hurd
console. What do I
Quoth Thomas A Langan:
> I am a student planning on starting a masters thesis project in the near
> future and I'm looking for both some information and some advice.
A nice project would be looking into completely removing the 1GB
limit on filesystems/stores (perhaps for the 1wk part). Also loo
> A nice project would be looking into completely removing the 1GB
> limit on filesystems/stores (perhaps for the 1wk part). Also looking
> at ways to improve the speed of filesystem access for the hurd,
> especially for ext2, would be great.
I think that this will take a bit longer than a week.
"B. Douglas Hilton" <[EMAIL PROTECTED]> writes:
> I am thinking that the Mach uKernel is severely hampering
> the Hurd project. As lond as Hurd only relies on mach.h it
> would be very effective to rewrite oskit-mach in Ada.
I don't think rewriting any or all pieces in a different language
would
On Tue, Jun 05, 2001 at 04:34:52PM +0200, Marcus Brinkmann wrote:
> > The plan is that the glibc ABI should be the same on Hurd and Linux
> > (on each hardware platform).
>
> [...]
>
> > But we're not there yet, as far as I know.
>
> One word: pthreads.
>
> I believe that is the missing bit.
Hi folks,
For some time now, I've had very little feedback about the
Easy Guide. Is this because a) no-one uses it any more, b) it's
perfect or c) feedback is being provided where I dont' read it?
Thanks,
Matthew
--
"At least you know where you are with Microsoft."
"True. I just wish
Marcus Brinkmann <[EMAIL PROTECTED]> writes:
> Right, and I think it is a good idea to not dynamically create this entry
> either, as the uid must not change anyway.
Yup, no "adduser" involved, no problem.
> > BTW, what's the difference to Unix's nobody?
>
> Nobody is just another user, though
On Tue, Jun 05, 2001 at 04:34:52PM +0200, Marcus Brinkmann wrote:
> On Tue, Jun 05, 2001 at 08:18:21AM +0200, Niels Möller wrote:
> > The plan is that the glibc ABI should be the same on Hurd and Linux
> > (on each hardware platform).
>
> [...]
>
> > But we're not there yet, as far as I know.
>
On Wednesday 06 June 2001 07:06, Matthew Vernon wrote:
> Hi folks,
>
>
> For some time now, I've had very little feedback about the
> Easy Guide. Is this because a) no-one uses it any more, b) it's
> perfect or c) feedback is being provided where I dont' read it?
>
> Thanks,
>
> Matthew
Well
On Tue, Jun 05, 2001 at 11:07:43PM +0200, Robert Bihlmeyer wrote:
> > a) Bad cross-compiler (I had this alot before I got it right a few
> > years ago. Now I'm using the debian packages, and I have no reason to
> > trust them)
>
> BTW, what is the correct way to cross-build glibc? I used the "ch
On Tue, Jun 05, 2001 at 04:27:21PM +0200, Robert Bihlmeyer wrote:
> > Nobody is just another user, though usually with special semantics.
>
> Hmm, all the security punduits continously preach that "nobody" was
> only meant as a no-rights-at-all target to map root to in NFS.
> "nobody" actually own
Marcus Brinkmann <[EMAIL PROTECTED]> writes:
> Anyway, the code is there, but processes started at boot time are not in
> different login groups, I think. You would want them to be there, though.
> In fact, I think you would loose all security at the login shell if there
> were processes without
> It's a good thing that I finally got a second box. Right now I'm trying
> to set it up so I could comunicate with it through the serial port.
> BTW, does anyone have suggestions for serial line communication programs
> other then minicom and `cat >/dev/ttyS1' and `cat /dev/ttyS1' in two
> differe
On Tue, Jun 05, 2001 at 05:57:17PM +0200, Oystein Viggen wrote:
> Quoth Marcus Brinkmann:
>
> > Will the following scenario work?
> >
> > glibc is changed, so that "setuid(-1)" means: Drop all (effective?) user
> > ids.
> > Change the nobody entry in the passwd file so that it lists -1 as uid.
On Mon, 4 Jun 2001, Jeff Bailey wrote:
> It would be useful if you could provide more information about your
> capabilities and timeframe.
In terms of my capabilities, I do not have any experience hacking a
real-world OS (ie, I have never worked on Linux internals, etc) although I
have taken an
On Tue, Jun 05, 2001 at 10:42:49PM +0200, Robert Bihlmeyer wrote:
> Marcus Brinkmann <[EMAIL PROTECTED]> writes:
>
> > Anyway, the code is there, but processes started at boot time are not in
> > different login groups, I think. You would want them to be there, though.
> > In fact, I think you wo
On Tue, Jun 05, 2001 at 08:17:45PM -0400, Thomas A Langan wrote:
>
> a) I used it today :)
>
> b) I am still in the process of installing so I will probably use it some
> more this week. I'm having some trouble with hardware compatibility (the
> boot disk in marcus' alpha.gnu.org/pub/hurd/contr
On Tue, Jun 05, 2001 at 09:46:15PM +0200, Marcus Brinkmann wrote:
> Hi,
>
> if you want to boot gnumach in plex86, make sure you disable FPE by
> commenting out the line in i386/bogus/fpe.h Otherwise Mach will panic in
> fpe_init().
>
> Now it comes as far as probing devices, but I have no time
Hi Matthew,
the link at the bottom of the page:
http://angg.twu.net/a/the_hurd_links.html
needs to be changed to:
http://angg.twu.net/the_hurd_links.html
Jim
-Original Message-
From: Matthew Vernon [mailto:[EMAIL PROTECTED] Behalf
Of Matthew Vernon
Sent: Tuesday, June 05, 2001 4:06 PM
*Moving to Debian-Hurd*
On Wed, Jun 06, 2001 at 11:06:24AM -0500, Neal H Walfield wrote:
> Further strangeness is that I have been getting:
>
>/dev/hd2s5 is mounted.
>
>WARNING!!! Running e2fsck on a mounted filesystem may cause SEVERE
>filesystem damage.
>
>Do you really want
Marcus Brinkmann <[EMAIL PROTECTED]> writes:
> > The strangeness kicks in when the files are created in /tmp. No matter
> > who I rmauthed from, the files will appear owned by user and group root
> > with the default umask. This means that I can 'cat > /tmp/somefile',
> > and actually get what I
Oystein Viggen <[EMAIL PROTECTED]> writes:
> Combined with some kind of capabilities support, this could prove quite
> a versatile (and did I mention cool ;) security feature for the hurd,
> though.
Capabilites seem easy enough. This is how...
Let's look at the ftpd example. You create a server/
Quoth Niels Möller:
> Well, it could refuse to create any files by default.
This is the boring solution, but perhaps as good as any.
> And then have some mechanism for making exceptions to this rule. An
> example of such a mechanism (which I don't know if it makes sense): If
> the directory is
Quoth Niels Möller:
> Now, you start the ftpd with something like
>
> rmauth /real/ftpd
> There may be some better way to create and inherit the port than to
> bind it to the stdin fd.
Would opening the port in the beginning of main() before doing something
like rmauth(getpid()) count as a
On Wed, Jun 06, 2001 at 11:22:38PM +0200, Oystein Viggen wrote:
> (you cannot give access for "the bind process running as no-user",
> "the no-user that was previously root", or "the no-user with this login
> group ID" and since anybody can go no-user, no-user access is world
> access).
>
> Thinkin
Weeks ago, I wrote:
> > I'll try doing that tonight, when/if I get at the machine.
> > Because getsockopt(sock, 0, ...) is definitely horked, it always
> > returns the same bogus data, without flagging an error.
The culprit is libc, this short function, to be exact:
int
getsockopt (fd, level, op
Oystein Viggen <[EMAIL PROTECTED]> writes:
> Also, without some proper filesystem support for this, there will be
> problems for all services actually wanting to store something on disk.
> I thought for a moment about how you could run BIND uid-less, until I
> came to think of the problems you wou
Oystein Viggen <[EMAIL PROTECTED]> writes:
> Would opening the port in the beginning of main() before doing something
> like rmauth(getpid()) count as a better way?
Perhaps. To me it seems somewhat cleaner to have the wrapper script
setup the proper environment, but it's a question of taste, I gu
Oystein Viggen <[EMAIL PROTECTED]> writes:
> Quoth Niels Möller:
>
> > And then have some mechanism for making exceptions to this rule. An
> > example of such a mechanism (which I don't know if it makes sense): If
> > the directory is writable by no-user processes, and if it has the
> > setuid b
I was wondering what the status is of FAT support? Is it possible to
mount FAT12 floppies or FAT hard drives? I noticed Marcus had an
implementation about a year old. How much does it take to implement
something like that? If I've got some FAT libraries that I wrote for
another project (that
On Wed, Jun 06, 2001 at 08:09:55PM -0400, Thomas A Langan wrote:
>
>
> I was wondering what the status is of FAT support? Is it possible to
> mount FAT12 floppies or FAT hard drives? I noticed Marcus had an
> implementation about a year old. How much does it take to implement
> something like
On Tue, Jun 05, 2001 at 04:34:07PM -0400, Roland McGrath wrote:
> > It's a good thing that I finally got a second box. Right now I'm trying
> > to set it up so I could comunicate with it through the serial port.
> > BTW, does anyone have suggestions for serial line communication programs
> > other
Thanks, I've put your fix into libc.
Quoth Niels Möller:
> But I don't see any big advantage, compared to simply running the
> process in question with userid foo, so I agree that it seems a little
> pointless.
The biggest difference is perhaps that anybody could rmauth a process on
their own and effectiively perform a local DoS on
Quoth Niels Möller:
> I don't know. I would expect the code to create a socket and bind it
> to port 20 to be isolated to one or two functions, but I haven't read
> nor written any real ftp daemon.
That would be correct. But in the general ftp daemon, you _might_ also
need to be able to setuid(
Quoth Marcus Brinkmann:
> Let's not give up so fast ;) A special translator could provide a
> filesystem that provides seperate name spaces for different login groups.
> I think it requires a new interface in proc to reliably compare login groups
> of processes (the string is not reliable!).
Th
Quoth Robert Bihlmeyer:
> I claim ignorance in how bind works. But I don't see a problem with it
> opening zone cache files r/w, and keeping them open until termination.
>
> Opening is done while still owning privileges (maybe root), so on the
> next start it is still possible to r/w.
Making bi
On Thu, Jun 07, 2001 at 09:08:49AM +0200, Oystein Viggen wrote:
> Quoth Marcus Brinkmann:
>
> > Let's not give up so fast ;) A special translator could provide a
> > filesystem that provides seperate name spaces for different login groups.
> > I think it requires a new interface in proc to relia
Quoth Marcus Brinkmann:
> All users of the login shell are in login groups named "login", but they are
> all distinct to proc.
Pointers to different strings containing "login", then?
> > Unless you pre-open this directory, how can you reliably make sure that
> > a program/daemon running as no-u
On Thu, Jun 07, 2001 at 02:04:43PM +0200, Oystein Viggen wrote:
> > > Unless you pre-open this directory, how can you reliably make sure that
> > > a program/daemon running as no-user gets access to the same files the
> > > next time you start it? Let's say BIND is started in the system boot
> > >
Quoth Marcus Brinkmann:
> Right. You have to decide if you want isolation or control.
Actually, I want both to the biggest possible degree ;)
> A few mails ago, you wondered if one nouser could gain control over
> other nousers, and the answer is if and only if they are in the same
> login g
> > I don't know. I would expect the code to create a socket and bind it
> > to port 20 to be isolated to one or two functions, but I haven't read
> > nor written any real ftp daemon.
>
> That would be correct. But in the general ftp daemon, you _might_ also
> need to be able to setuid() to some
On Thu, Jun 07, 2001 at 10:10:34AM -0500, Neal H Walfield wrote:
> > That would be correct. But in the general ftp daemon, you _might_ also
> > need to be able to setuid() to some user (to provide logins), and to
> > chroot (which is not a privileged operation for the hurd anyway). If
> > you wan
> "MB" == Marcus Brinkmann <[EMAIL PROTECTED]> writes:
MB> Yes, that's fine.
MB> If apt doesn't work, you have to go to
MB> http://http.us.debian.org/pool/g/guile and fetch the most
MB> recent dsc, orig.tar.gz and diff.gz (if any) manually. Then
MB> you can do
MB> dp
Quoth Marcus Brinkmann:
> It is probably useful to add here that the server responsible for that is
> the password server, which hands out auth handles with uids in exchange for
> the password. This server runs as root and sits on /servers/password.
Hmm. Now this _is_ nice.
I figure this is t
77 matches
Mail list logo
