[buug] Problems installing open-ssh

Zeke Krahlin zk_lists at yahoo.com
Tue Jul 25 01:47:33 PDT 2000 

(Rick, I accidentally sent you my last message,to your private mailbox.
Please forward it to our list. Sorry!)

--- Rick Moen <rick at linuxmafia.com> wrote:
> Quite right -- and a scandal that is, too.  In light of which, I'm even
> more glad to have provided the URLs I did, earlier.  You will also find
> links to some more good articles inside my ssh-clients file, referenced
> earlier.

I have a better grasp now, of the file system hierarchy...but I still
can't
figure out how "/etc" got its name. All the others I now understand:
"/var"
means "variable", "/bin" means "binaries", "/home" for users' location,
etc. Since "/etc" stores configuration files, perhaps the "c" mean
"configuration", but I sure as heck don't know!

So, I have applied the security instructions in "Building a Secure
Gateway,
part II", by Chris Stoddard. However, there are glitches...most likely due
to my own newbie ignorance. Here they are:

=====glitch 1:

Under the section "SUID Programs",  when I run this command:

	ls -alF `find / -perm -4000` > /root/suid.txt

I get a failed result:

	Try 'ls --help' for more information.

I even tried the command with spaces closed after the first apostraphe,
like so:

 	ls -alF `find/-perm-4000`>/root/suid.txt

But then I get this error:

	ls: find/-perm-4000: No such file or directory.

The file "suid.txt" is created, but it is empty, so I get no list of  SUID
programs. So I just went ahead and ran "chmod a-s" on the files he listed
inthat section:  /usr/bin/chage, /usr/bin/gpasswd, /usr/bin/wall,
/usr/bin/chfn, /usr/bin/chsh, /usr/bin/newgrp, /usr/bin/write,
/usr/sbin/usernetctl, /usr/sbin/traceroute, /bin/mount, /bin/umount,
/bin/ping, and /sbin/netreport.


=====glitch 2:

After making all the changes laid out in his essay, I reboot (using the
reboot option in the KDE log-out box), only to get this screen report:

---begin screen report: 
 
System: '/usr/X11R6/lib/X11/xkb/xkbcomp -w 1 -R/usr/X11R6/lib/X11/xkb -xkm
-m us -em1 "The XKEYBOARD keymap compiler (xkbcomp) reports:" -emp "> "
-eml "Errors from xkbcomp are not fatal to the X server" keymap/xfree86
compiled/xfree86.xkm' 
: command not found 
: command not found 
: command not found 
' not found: ` 
' not found: ` 
: command not found 
: command not found 
: command not found 
: command not found 
: command not found 
' not found: ` 
' not found: ` 
: command not found 
: command not found 
System: '/usr/X11R6/lib/X11/xkb/xkbcomp -w 1 -R/usr/X11R6/lib/X11/xkb -xkm
-m us -em1 "The XKEYBOARD keymap compiler (xkbcomp) reports:" -emp "> "
-eml "Errors from xkbcomp are not fatal to the X server" keymap/xfree86
compiled/xfree86.xkm' 
INIT: Switching to runlevel: 6 
INIT: Sending processes the TERM signal 
INIT: cannot execute "/etc/rc.d/rc" 
INIT: no more processes left in this runlevel 
 
---end screen report

So since I can't shutdown or reboot in any safe manner, I must do a cold  
reboot, which then forces "fsck" next time I log on: 
 
	/dev/hda6 was not cleanly unmounted, check forced. 

Now, logging off again, I get this screen report:

---begin 2nd screen report:

' not found: `
: command not found
: command not found
AUDIT: Tue Jul 25 01:07:11 2000: 122 X: client 2 rejected from local host
Xlib: connection to ":0.0" refused by server
Xlib: Client is not authorized to connect to Server
xsetroot: unable to open display ':0'
AUDIT: Tue Jul 25 01:07:11 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:11 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:11 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:13 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:14 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:14 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:14 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:15 2000: 122 X: client 2 rejected from local host
AUDIT: Tue Jul 25 01:07:15 2000: 122 X: client 2 rejected from local host
System: `/usr/X11R6/lib/X11/xkb/xkbcomp -w 1 -R/usr/X11R6/lib/X11/xkb -xkm
-m us
from xkbcomp are not fatal to the X server" keymap/xfree86
compiled/xfree86.xkm'
AUDIT: Tue Jul 25 01:07:17 2000: 122 X: client 2 rejected from local host
INIT: Switching to runlevel: 6
INIT: Sending processes the TERM signal
INIT: cannot execute "/etc/rc.d/rc"
INIT: no more processes left in this runlevel

---end 2nd screen report

So, judging by phrase "Client is not authorized",  I must have somehow
locked myself out of the system. I'll need to retrace my steps, and see
what's up with this.

=======glitch 3:

Also, now I can't log on as a user, just as root. When I ltry to log on as
user,  I am just brought back to the log-in screen. This is *not the same
as logging in with an unrecognzed name or password, as the log-in box does
not gray-out like it usually does in such a situation. It just reloads the
log-in screen.  BTW, I have only one user account on my system.

So, I am posting to you via Windoze, rather than expose myself as root, on
the Internet.



=====
Zeke Krahlin
zk_lists at yahoo.com
---
Linux: the people's OS.
A billion communists can't be wrong!

__________________________________________________
Do You Yahoo!?
Get Yahoo! Mail – Free email you can access from anywhere!
http://mail.yahoo.com/

More information about the buug mailing list