UNSCRIBE
___ Debian-live-devel mailing list Debian-live-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/debian-live-devel
Bug#400247: casper: non-standard mount option syntax is confusing
FYI: fixed in live-initramfs SVN. -- Address:Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist Email: [EMAIL PROTECTED] Internet: http://people.panthera-systems.net/~daniel-baumann/ ___ Debian-live-devel mailing list Debian-live-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/debian-live-devel
error with persistent home
I have noticed a bug while using persistent home directory with USB pendrive. I have booted my computer using persistent statement (live vga=794 toram persistent). Pendrive was labeled using e2label as a casper-rw. Everything was good untill I have connected to the running system the second pendrive also labeled as casper-rw containing a very similar directories structure. At that moment system became completely crazy. As a result - many broken files and both pendrives had to be reformatted. Has anybody noticed such a failure? best regs. -- /michal rucinski/. ___ Debian-live-devel mailing list Debian-live-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/debian-live-devel
Security risks?
Having created a live Debian for a USB stick with 'make-live' using among others the '--username usblive' option I noticed that the USB stick always boots into the 'usblive' user account. And any command which require root privileges are to be preceded by the 'sudo'. Questions: Is this really a secure setup? Why doesn't 'sudo' prompt for a root password? How exactly was it configured so as not to even prompt for a password for the normal user after bootup? And how exactly was it configured so as not to have a root account? Is all the magic done via the /etc/sudoers file only? J.Neuhoff ___ Debian-live-devel mailing list Debian-live-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/debian-live-devel
Re: Security risks?
[EMAIL PROTECTED] wrote: Is this really a secure setup? no :) well, better.. not yet. Why doesn't 'sudo' prompt for a root password? because we configured it like this. How exactly was it configured so as not to even prompt for a password for the normal user after bootup? And how exactly was it configured so as not to have a root account? look at 10adduser resp. 15autlogin in live-initramfs/scripts/live-bottom/ resp. casper/scripts/casper-bottom/. Is all the magic done via the /etc/sudoers file only? yep. Today, I've added 'noautologin', 'noxautologin' and 'nosudo' boot parameters to disable the respective features in live-initramfs in SVN. Will think of a 'clever' way to have --user-password and --root-password or similar in live-helper. -- Address:Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist Email: [EMAIL PROTECTED] Internet: http://people.panthera-systems.net/~daniel-baumann/ ___ Debian-live-devel mailing list Debian-live-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/debian-live-devel
Re: Security risks?
On Fri, 18 May 2007 18:59:22 +0200 Daniel Baumann [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote: Is this really a secure setup? no :) True. But it's not as bad as it might at first appear. You can't login remotely to a livecd system. And even if you were to start an ssh server, you wouldn't be able to login to an account with no password set on it. Basically, anyone with physical access to the machine would have root on it unless the livecd contains software that is remotely exploitable, and if that's the case, you have bigger problems than just not requiring a password for sudo. Ben -- ,-. nSLUGhttp://www.nslug.ns.ca [EMAIL PROTECTED] \`' Debian http://www.debian.org[EMAIL PROTECTED] ` [ gpg 395C F3A4 35D3 D247 1387 2D9E 5A94 F3CA 0B27 13C8 ] [ pgp 7F DA 09 4B BA 2C 0D E0 1B B1 31 ED C6 A9 39 4F ] ___ Debian-live-devel mailing list Debian-live-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/debian-live-devel
live-helper 1.0~a9-1 MIGRATED to testing
FYI: The status of the live-helper source package in Debian's testing distribution has changed. Previous version: (not in testing) Current version: 1.0~a9-1 -- This email is automatically generated; [EMAIL PROTECTED] is responsible. See http://people.debian.org/~henning/trille/ for more information. ___ Debian-live-devel mailing list Debian-live-devel@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/debian-live-devel