| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12
Comments:
<0> ok
<1> the security measures that prevent injection break apt
<0> so what is a godo secure os
<2> rofl.. does it resize NTFS ? j/k.. thanks I will give that a try..
<0> ok I can still run up2date though?
<2> cio
<1> two|face centos is good, might give centos 4x a shot
<1> two|face yes it doesn't break yum or up2date (yum is definately better than up2date btw)
<3> so ... anyone any ideeas on how can I see my system's temperature ?
<0> ok
<4> redr: are they updating apt so the security protections don't break it?
<1> apt for debian creates temporary executables in /tmp and making it noexec breaks it
<1> not that i've heard
<0> I'm still curious as to where it came from though, I try to write all my scripts with security in mind butI have other people on the server too
<1> i really like debian but i can't use it
<1> i wont run a web server without /tmp and /var/tmp shutdown these days
<5> "temporary executables"?
<3> like ..
<3> they're executables for 1 or 2 seconds
<3> and then you can't run them ? :))
<0> shutdown as in not allow execution?
<1> mwilson apt apparently writes stuff to /tmp that it executes for installation/upgrade of packages
<1> if you make /tmp noexec on a debian system you effectively kill apt
<5> According to whom?
<1> two|face yes
<0> crap, I found the scripts they were using in /tmp and I tried to move them they are gone now
<0> had some sort of log eraser too
<1> mwilson i've tested it
<1> its either the noexec or the nosuid (cause i use both)
<1> but it definately breaks apt
<5> *How* does it "break apt"?
<1> mwilson if you have a debian install, then do this
<1> mount -t tmpfs -o size=1024m,noexec,nosuid none /tmp
<1> then run apt
<1> it wont work
<1> if you have a dedicated /tmp partition then you can just mount -o remount,noexec,nosuid
<6> http://www.debian-administration.org/articles/57
<1> mwilson maybe it was /var/tmp then
<5> Interesting...
<0> is that second way more secure?
<1> i do know i did some security adjustments on a debian system to stop injections and it broke apt
<6> it's tmp, at least was. I run into the same problem.
<1> we had to take the restrictions off /tmp or /var/tmp to get it to work
<5> It's meaningless anyway... ***uming it has the problem, you mount it exec so you can do whatever update you think you need to do, then you mount it noexec again.
<1> oh i like that fix
<6> very clean :)
<1> two|face you will need to add an fstab entry for the new /tmp if you want it on reboot
<1> very nice indeed
<7> pls how can i select with sed character 5 to 10 ?
<5> Looks like it's only preconfigure scripts that might have the problem. It's certainly not an *apt* problem.
<0> haha yeah I want it :)
<0> thakns for telling me
<5> padge: Did I ask you to /msg me, and just don't remember it?
<1> two|face some additional things some of us do are using acl to prevent apache from executing perl, wget, and other things
<5> What a package script might or might not do isn't apt-get's problem.
<5> padge: Please do not /msg me again.
<3> padge, .. you'll regret it ! :D
<8> fine
<8> I'll say in in the channel
<7> pls how can i select with sed character 5 to 10 ?
<1> argg back to start on this freakin spell checker again
<3> you'll regret that too ! :D
<4> redr: sure you are starting on it... :P
<7> pls how can i select with sed character 5 to 10 ?
<1> starting over yet again
<8> I'd like a little help, but I'd also like it if you didn't ***ume anything you don't really know. Since you're clearly unwilling to help, I'd appreciate it if you'd stay out of it.
<1> sun1 try man sed
<8> and I will not msg you again
<0> heh its back, draining all the cpu, same perl process
<0> new different upload files in /tmp
<0> saying I'm hacked
<3> two|face, tried checkin' the crontab ?
<4> padge: here the rules are pretty simple, ask in the channel, and if anyone can help you they will... don't be upset if someone asks you not to message them
<5> padge: Uh, perhaps you didn't notice, but YOU started annoying ME, not the other way around. I didn't speak to you in #linuxhelp in any way, nor was I the person who bounced you out of #linux.
<0> I maent to but I forgot
<3> see the crontab entries ..
<3> well .. go check !
<4> padge: people in here are more then willing to help if they can, so please ask away and if someone can help, they will
<0> crontab is cool, for root anyway, do useres have their own crontabs?
<3> yeah ..
<0> ahh, anyway to check them all at once
<5> two|face: root is a user.
<8> mwilson: thanks.
<8> digiobi: thanks, too.
<0> I'm just gona disable uploads for now and see if that fixes it
<3> lewl
<3> what perl process ?
<3> locate it !
<7> !sed
<9> Sed is a stream editor. A stream editor is used to perform basic text transformations on an input stream (a file or input from a pipeline). Sed is located at ftp://ftp.gnu.org/pub/gnu/sed/ or a pain in the ***, or see http://www-h.eng.cam.ac.uk/help/tpl/unix/sed.html for common usages and examples
<8> I was wondering if someone would list, in their most general form, the steps involved in making a kernel?
<0> bitlbee know where I can find it? :) I looked in /proc/<pid> and it says its /usr/bin/proftpd
<3> well .. someone is starting that pid ..
<0> there are some odd files in the /tmp like .balum and .alekshah
<3> see what is starting it ..
<3> did you run rkhunter by any chance ?
<1> two|face those are the injections
<3> service crond stop and check the entries
<0> nope
<0> yeah
<0> tmp was just cleared
<1> BitlBee odds are against a full hack, just injections from php
<0> wodner if I can get his IP :)
<3> ow ..
<4> padge: now please don't get upset, but there is a great linux kernel howto on tldp.org
<5> Why is this box still up where someone can get at it?
<4> gives you good detailed step by step instructions
<8> digiobi: That's basically what I got in #linux, only they were much less helpful about it. I did glance some of the stuff on tldp, and indeed have some of it up.
<5> No, actually we all told you that you had no reason to be building your own kernels.
<5> (my sole comment on the subject)
<8> mwilson: I wasn't looking for help determining if I needed to build a kernel.
<10> that channel ****s
<8> mwilson: but I appreciate the valuable parts of your input anyway.
<5> And there's the difference between the help you want and the help you need.
<4> well we won't get into if we like #linux or not lol
<8> it's not as bad as #UNIX on EFnet
<4> padge: generally we like to point in the right direction, and if you have specific issue that comes up we try to help... but general subject like how to compile a kernel is very hard to discuss in a channel
<8> well
<8> I see the step-by-step stuff
<4> I get stuffed in a box for keeping the peace, I love it lol
<8> and I am kinda hung up
<4> hung up on what?
<8> Digital Hermit seems to think that there are software requirements
<3> the README files are cool .. so are the INSTALL's .. and all the doc/'s
<8> and I was told otherwise elsewhere
<8> the README, I thought, was particularly hairy
<8> didn't think to check the INSTALL
<11> digiobi, it was to save you! :)
<8> I found this:
<8> http://www.digitalhermit.com/linux/Kernel-Build-HOWTO.html
<4> padge: in order to be able to compile a kernel, you have to understand your hardware
<11> digiobi, do you visit more frequently from now on?
<4> tuxxboxx: do I visit what more frequently?
<8> digiobi, and that is something I need to know about when I go to configure, right?
<3> digiobi, does it need food ? :D
<3> or only W's ?!
<7> pls how can i select with sed character 5 to 10 ?
<11> digiobi, this linux place
<4> oh, I used to be a regular, I started on here I want to say about 7 or 8 years ago
<8> so, I went through to see if I had the required versions of these programs listed on that guide, and some I don't even have.
<8> I recognize them as packages I didn't install because I didn't think I'd need their services
<8> Are they going to be required, anyway, to build a kernel?
<11> digiobi, i seen you telling a person that you are quite busy. but you are funny and i was wondering if you find more time to chat now :)
<4> padge: yes, there are development libraries and software needed, I'd follow what it says
<8> Great(I was told otherwise), and that's where I'm at.
<12> hi
<8> Now, suppose I don't have a package component, like depmod
Return to
#linuxhelp
or
Go to some related
logs:
virtualmin how to * subdomains
#java
#mirc
#MissKitten
berettaextreme2
#linuxhelp
xet tamel
#linux
#windows
#linux
|
|