[buug] Problems installing open-ssh
Zeke Krahlin
zk_lists at yahoo.com
Tue Jul 25 01:47:33 PDT 2000
(Rick, I accidentally sent you my last message,to your private mailbox.
Please forward it to our list. Sorry!)
--- Rick Moen <rick at linuxmafia.com> wrote:
> Quite right -- and a scandal that is, too. In light of which, I'm even
> more glad to have provided the URLs I did, earlier. You will also find
> links to some more good articles inside my ssh-clients file, referenced
> earlier.
I have a better grasp now, of the file system hierarchy...but I still
can't
figure out how "/etc" got its name. All the others I now understand:
"/var"
means "variable", "/bin" means "binaries", "/home" for users' location,
etc. Since "/etc" stores configuration files, perhaps the "c" mean
"configuration", but I sure as heck don't know!
So, I have applied the security instructions in "Building a Secure
Gateway,
part II", by Chris Stoddard. However, there are glitches...most likely due
to my own newbie ignorance. Here they are:
=====glitch 1:
Under the section "SUID Programs", when I run this command:
ls -alF `find / -perm -4000` > /root/suid.txt
I get a failed result:
Try 'ls --help' for more information.
I even tried the command with spaces closed after the first apostraphe,
like so:
ls -alF `find/-perm-4000`>/root/suid.txt
But then I get this error:
ls: find/-perm-4000: No such file or directory.
The file "suid.txt" is created, but it is empty, so I get no list of SUID
programs. So I just went ahead and ran "chmod a-s" on the files he listed
inthat section: /usr/bin/chage, /usr/bin/gpasswd, /usr/bin/wall,
/usr/bin/chfn, /usr/bin/chsh, /usr/bin/newgrp, /usr/bin/write,
/usr/sbin/usernetctl, /usr/sbin/traceroute, /bin/mount, /bin/umount,
/bin/ping, and /sbin/netreport.
=====glitch 2:
After making all the changes laid out in his essay, I reboot (using the
reboot option in the KDE log-out box), only to get this screen report:
---begin screen report:
System: '/usr/X11R6/lib/X11/xkb/xkbcomp -w 1 -R/usr/X11R6/lib/X11/xkb -xkm
-m us -em1 "The XKEYBOARD keymap compiler (xkbcomp) reports:" -emp "> "
-eml "Errors from xkbcomp are not fatal to the X server" keymap/xfree86
compiled/xfree86.xkm'
: command not found
: command not found
: command not found
' not found: `
' not found: `
: command not found
: command not found
: command not found
: command not found
: command not found
' not found: `
' not found: `
: command not found
: command not found
System: '/usr/X11R6/lib/X11/xkb/xkbcomp -w 1 -R/usr/X11R6/lib/X11/xkb -xkm
-m us -em1 "The XKEYBOARD keymap compiler (xkbcomp) reports:" -emp "> "
-eml "Errors from xkbcomp are not fatal to the X server" keymap/xfree86
compiled/xfree86.xkm'
INIT: Switching to runlevel: 6
INIT: Sending processes the TERM signal
INIT: cannot execute "/etc/rc.d/rc"
INIT: no more processes left in this runlevel
---end screen report
So since I can't shutdown or reboot in any safe manner, I must do a cold
reboot, which then forces "fsck" next time I log on:
/dev/hda6 was not cleanly unmounted, check forced.
Now, logging off again, I get this screen report:
---begin 2nd screen report:
' not found: `
: command not found
: command not found
AUDIT: Tue Jul 25 01:07:11 2000: 122 X: client 2 rejected from local host
Xlib: connection to ":0.0" refused by server
Xlib: Client is not authorized to connect to Server
xsetroot: unable to open display ':0'
AUDIT: Tue Jul 25 01:07:11 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:11 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:11 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:13 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:14 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:14 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:14 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:15 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:15 2000: 122 X: client 2 rejected from local host
System: `/usr/X11R6/lib/X11/xkb/xkbcomp -w 1 -R/usr/X11R6/lib/X11/xkb -xkm
-m us
from xkbcomp are not fatal to the X server" keymap/xfree86
compiled/xfree86.xkm'
AUDIT: Tue Jul 25 01:07:17 2000: 122 X: client 2 rejected from local host
INIT: Switching to runlevel: 6
INIT: Sending processes the TERM signal
INIT: cannot execute "/etc/rc.d/rc"
INIT: no more processes left in this runlevel
---end 2nd screen report
So, judging by phrase "Client is not authorized", I must have somehow
locked myself out of the system. I'll need to retrace my steps, and see
what's up with this.
=======glitch 3:
Also, now I can't log on as a user, just as root. When I ltry to log on as
user, I am just brought back to the log-in screen. This is *not the same
as logging in with an unrecognzed name or password, as the log-in box does
not gray-out like it usually does in such a situation. It just reloads the
log-in screen. BTW, I have only one user account on my system.
So, I am posting to you via Windoze, rather than expose myself as root, on
the Internet.
=====
Zeke Krahlin
zk_lists at yahoo.com
---
Linux: the people's OS.
A billion communists can't be wrong!
__________________________________________________
Do You Yahoo!?
Get Yahoo! Mail Free email you can access from anywhere!
http://mail.yahoo.com/
More information about the buug
mailing list