[ Prev ][ Table of Contents ][ Front Page ][ FAQ ][ Next ]


(?) The Answer Gang (!)


By Jim Dennis, Ben Okopnik, Dan Wilder, Chris Giamakopolous, the Editors of Linux Gazette... and You!
Send questions (or interesting answers) to


Contents:

¶: Greetings From Heather Stern
(!)Baffled
(?)A rather unique query (I hope)
(?)info needed --or--
What is Linux?
the screensavers look great!
(?)Linux Installation question
(?)Abt.. Michael Lauzon's Q in issue 60.. --or--
Tell me about the K guys
SCI-Linux project to use multiple package types?
(?) minimum configuration Linux ? --or--
Data Recovery Vendor Seeks Linux Basics RAIDs do not guarantee safety for your data
(?)a question --or--
Linux, UNIX, what's the difference?
(?)linux question
(?)Red Hat 7.0 Crackerz!
(?)Transmitting PaperPort files with .max Definitely some Windows file format
(?)Help Me Delete Linux
(?)Removing Linux: Sacrilege!
(?)uninstall linux --or--
Another uninstall: Getting to a Root Prompt to Blow it All Away
(?)setting root password
(?)I can't seem to write to my vfat (Windoze) file system with any user other than root.
(?)For Jim Dennis...Hello from South Texas --or--
Firewall for a SOHO
Small World, isn't it?
(?)Something comparable to Services in NT
(?)Editing fstab file for tape backup
(?)Mail gets nowhere?
(!)Loading SuSE Linux 6.4 via NFS
(?)RE: classified disk
(?)multiple subnets, one DNS
(?)Linux vs. DESQview??? --or--
responding to DESQview/386 Die Hards into the Next Millennia
(?)DOS partition from Linux
(?)e-mails not getting through
(?)exit X & shutdown --or--
Exiting X and Rebooting with One Keystroke
(?)Multiplexing ppp connections
(?)[Tony@thermo-king.com: new to Linux]
(?)Trident Providia 9685
(?)The New network On The BLock
(?)Mail Daily sylog message to remote e-mail
(?)automation for minicom --or--
Scripted Serial Sessions
(?)About Epson Stilus Color 670 --or--
Setting up print filters.
(?)Xwindows
(?)diald on a smoothwall box
(?)...a bulk friendly ISP?

(¶) Greetings from Heather Stern

Hello everyone, and welcome once again to The Answer Gang. As the fog starts to lift this morning I am enjoying the fluffy greyness and savoring a good cup of coffee. I leave it entirely to your imagination whether I'm talking about the weather or my clouded thoughts.

We have some really juicy threads this month and I hope you like them. I'd like to encourage anybody who feels like asking us questions, to consider the following guidelines:

Spam seems to be down this month, and I don't think we got any non-computing questions this time around. Must be a Christmas present :)

It's a new year and I look forward to some interesting New Year's resolutions. In past years I've made selections such as 1600x1200 (the year I got the beautiful monitor I use daily) and 600 dpi (a printer, of course)...


(!) Baffled

From Patrick Green

Answered By Jim Dennis

James I am at a loss here so I thought I would give you a try. I exited out of a root session (not su) and I go back a couple hours later to login. I enter my user name and lo and behold, no password prompt. So I cold boot it (hate that) comes back up just fine, go to login ...no password prompt. Any ideas?

(!) [Jim] First you'll want to get to a shell prompt. I'd treat this as though your /etc/passwd or /bin/login files are corrupt. So, start Linux using the init=/bin/sh kernel parameter (passed from the LILO: prompt --- or LOADLIN, GRUB or whatever boot loader you're using.
If that doesn't work, get out a rescue diskette or CD. Remember Tom's (http://www.toms.net/rb).
Once you've done that try to confirm that your /etc/passwd, /etc/group and various /etc/pam.d files are sane. They should "look right" (if you've seen copies before).
If you have backups of your /etc/passwd and /etc/group files, restore them to an alternate location (/tmp) and run diff on them. See if the differences seem reasonable.
If this is an RPM based system try the rpm -Va command to verify the integrity of your /bin/login and other binaries. (If you have a full tar backup of your root and /usr filesystems you can use the 'tar df' or 'tar dzf' directives to report on differences between your current files and those in your backup.
If you're running Debian there are several ways to check the integrity of your files; none of them is as easy to explain and/or type as rpm -Va (that's one of the very few deficiencies in the apt and dpkg systems). You can run debsums or tripwire or aide if you have any of them --- but that's probably a matter of closing the barn door while the horses are already astray in this case.
There is a possibility that your /bin/login program is corrupt or that an attacker has compromised your system and attempted to replace /bin/login (or some other files) with a broken version (perhaps linked against some library you don't have even just having the wrong permissions or something like that).
Of course I'd also check the /var/log/messages and related files to see if there are any clues in there; do a fsck on your root filesystem, try to run /bin/login from a rescue shell prompt, etc. You can even temporarily replace /bin/login with a one-line wrapper script. Rename it to login.binary or some such an write a shell script like:
       #!/bin/sh
       exec /usr/sbin/strace -o /tmp/login.strace/$$.out /bin/login.binary
... then try to login (rebooting as necessary, or just start a shell on one of your virtual console with an appropriate line in your /etc/inittab files).
It's an unusual problem, but these sorts of techniques will help you narrow down what's happening.
(Obviously your kernel, your root filesystem and the init program are working. Your getty seems to be working enough to display an "issue" file and accept a username. So we've already narrowed it down to getty and login --- either getty is failing to successfully execute the login command, or the login command is failing to emit a password prompt. Since the latter is somewhat more likely we focus on it.)

(?) A rather unique query (I hope)

From Karen Gartner

Answered By Ben Okopnik, Mike Orr

Running RH 7 - Dell Precision 420, 18GB SCSI HD @ 10K rpm, 1 CD-ROM, 1 CD-RW, 19" screen w. Diamond Fire GL1 video card and therein is the start of my problem.

The latest version of the Diamond fire GL1 driver for linux will only work with kernel 2.2.14. RH 7 uses 2.2.16 so I have to backtrack to an earlier kernel in order to use Gnome & KDE (I'm stuck in consoleland right now).

(!) [Ben] Interesting. The first possibility that I would explore would be to search the web (or possibly contact the author) for a patch for the Diamond video code, rather than downgrading the kernel. Chances are relatively high that the necessary changes would be trivial (on the other hand, it may require a major code rewrite, but it wouldn't hurt to check.)

(?) Indeed I have installed the new (old?) kernel but on booting, only 1 scsi host is recognized where there should be 3, there's an IDE recognition problem, and ultimately I get the message "kernel panic: VFS: unable to mount root fs 08:02". I have checked lilo.conf and all is well there.

(!) [Ben] Well, the "kernel panic" message says that it's not finding a bootable device/useable boot record on device 08:02 (if I recall correctly, that means "device with major number 8, minor number 2", otherwise known as "/dev/sda2", the 2nd partition of your 1st SCSI HD.) Is that what your boot device is supposed to be? (side query: have you re-run "lilo"? It never hurts to do so, and if you've changed anything having to do with booting - and you have - you must do so.)
(!) [Mike] Not finding the root partition to mount. The boot sector is a different story, and if you made it this far, it's functioning correctly.
At least your panic message has the word "root" in it. When it happens to me, I get a cryptic "unable to open initial VC" (=virtual console) or something like that. Because displaying a login: prompt requires a virtual console, which requires a device in the /dev/ directory, which requires a root partition to be mounted.
(!) [Ben] If you are unable to mount the root partition (you are correct in that regard - I misspoke), I don't think that you will ever get anywhere near the login prompt; the boot will fail at that point. It is true, though, that a missing or damaged "/dev" directory will cause the "VC" message - as will a "no virtual terminals" setting in the kernel configuration.
(!) [Ben] Where did the new (old?) kernel come from? If it's a "stock" RedHat kernel, I would be rather surprised - RH compiles theirs with every bell, whistle, and gilliwhillikin included. I certainly haven't had any fail to detect SCSI hosts/devices, but that may just be because I've done only a few "RH on SCSI" installations. I certainly have not had any SCSI detection problems with Debian, even SCSI-emulation setups (that being what I have at home.)
If it's a kernel that someone else compiled, I would definitely check the configuration... scratch that. I would not use a custom-compiled kernel while bringing up a new system in the first place. I recommend that you don't either.
By the way, are you certain that you should see 3 SCSI hosts, rather than three SCSI devices? There is a difference, and it's an important one. The host adapters are interfaces between the PC and the SCSI devices; it would be exceedingly rare (if even possible) to find three of them in one system.
(!) [Mike] You should find out which device it's complaining about. Look in Documentation/devices.txt in your kernel source. Block device 8:2 is indeed /dev/sda2.
(You can also look in the /dev/MAKEDEV script, because this is the script that made all those device files. However, I find it harder to read.)
(!) [Ben] It's even easier to look in the "/dev" directory using Midnight Commander, and scroll down until you see a match for those numbers. Possibly simplest of all would be
ls /dev|grep "8, *2 "
(!) [Mike] Provided the /dev directory is there and is intact.
Note also that there are two types of devices, "block" and "character". Disk drives are block devices. The same major number may be assigned to one block device and a different character device.

(?) What I would like to do is take the config file from 2.2.16 and copy it to 2.2.14. Everything but the video card works tickety boo in 2.2.16. The problem is, where do I find the config file from 2.2.16? 2.2.14 is in usr/src/linux of course, which was created on the install, but where does the old .config file reside?

Is that even a good idea to solve the issue? Any and all help is mightily appreciated.

(!) [Ben] I would say that this is not a good idea at all. Configurations - and thus, config files - vary wildly between kernel versions. On the other hand, printing out the old configuration and walking through the new one to make sure that it's as close as possible to the original would be very useful. On my system (I'm running Debian, but I don't think it would be very different on others), the config file is in
"/usr/src/kernel-source-<version>/.config"
(!) [Mike] This is the normal Linux convention. Actually, you can place your build tree anywhere, but you should make /usr/src/linux a symlink to it so that the compiler will find the include files. (Is this still required now that glibc has its own kernel headers?)
(!) [Ben] Good luck in resolving your problem.

(?) What is Linux?

the screensavers look great!

From David Cruz

Answered By Mike Orr, Heather Stern

i live in south africa and find it hard to source help from anyone here.i recently saw a friend how is running his pc on linux software.very impressive.i myself have windows 2000,which works well but when it comes to graphics and proffessional look you're way ahead.i've been trying hard searching the net for the last week for your softwear but came up with nothing.

(!) [Mike] The following URLs contain material on what Linux is, what you can do with it, and where to find it:
http://www.linuxresources.com , sections:
http://www.linuxdoc.org/HOWTO/META-FAQ.html This is the Linux Meta-HOWTO, which gives an overview of where to find different kinds of Linux information.
http://www.linuxdoc.org Home site for Linux documentation. Click on "mirrors" and find a mirror in South Africa to read; it will be faster and cheaper than using the USA server.
http://www.linuxnewbie.org A site dedicated to helping new Linux users and those who just want to see what Linux is before deciding whether to run it.
http://www.linuxstart.com A site which tries to be a "user-friendly index of Linux information".

(?) .the one thing i found incredible was your screensavers- radar, bumps(the blue torch searching in the dark,compass

(!) [Mike] Does anybody know which programs he's talking about? Is it the standard X screensavers (xlockmore), the xscreensaver package, or something that comes with KDE or Gnome?
I don't use screensavers; I prefer to make the screen go black and switch to power-saving mode. If I want to watch "eye candy", I'll run an application which does this. Fortunately, xscreensaver screen savers can also be run as applications in their own windows, not just as screen savers.
(!) [Heather] The radar screensaver he is talking about is one of the utilities which can be used as an xscreensaver module, or simply run as a seperate app. By default it just looks cute, but it has command line options to "ping" some specified hosts your local network and thus be more realistic "sonar" for your situation. Several of the nicer toys like this need to be fetched seperately from xscreensaver package itself.
Gnome uses a GTK based front end to xscreensaver, which shows a number of these sorts of descriptions, including for the extras (it mentions their homesites, so you know where to get them from. Maybe handy even if you hate Gnome?) I have to say it was useful when I was trying to decide which modules to not bother using. I don't really like the idea of a truly random screen toy, as some of these artsy things are just plain ugly.
I don't remember what K uses. Anyways asking whether a given module is in xscreensaver or in xlockmore is a lost cause. The two are always in a race and at any given time, both have lots of cool eye candy, and a lot of it is GPL so you could port it if you felt like. You can have both installed, but only run one or the other at a time.

(?) Linux Installation question

From Layne Gossett

Answered By Mike Orr, Heather Stern

Is there an option for specifying that I would like to be prompted for all of the kernel options during installation, much like you get when building your own kernel?

(!) [Mike] I assume that by "during installation" you mean you want to customize the kernel options at each boot, not the first time you install Linux using your distribution's install program.
You cannot set the compile-time options (=the "make menuconfig" options) at boot time. However, there are lots and lots of other kernel options you can set from the LILO: promit or by adding an
append="myoption1 myoption2=myvalue1,myvalue2"
line in /etc/conf.lilo and re-running lilo. See the Bootprompt-HOWTO for all the options you can set. http://www.linuxdoc.org/HOWTO/BootPrompt-HOWTO.html
Some other options can be set at runtime via the /proc filesystem. For instance,
echo 1 >/proc/sys/net/ipv4/ip_forward
will turn on IP forwarding. Echoing a zero will turn it off. Documentation for these files is in the appropriate subsystems' docs and HOWTOs. (And actually, most are not documented very well.)

(?) Although I have read the HOWTOs on building my own kernel, I still have not been able to get it to work out yet. I've had a lot of luck installing Red Hat from the CD, but I'd like to have firewalling and IP Masq capabilities from a "clean" installation (and remove things like PCMCIA, etc.).

(!) [Mike] For masquerading, you must compile the kernel with IP forwarding and IP masquerading. Then you need to enable it in one of your boot scripts. For instance, my Debian /etc/init.d/rc.firewall contains:
/sbin/modprobe ip_masq_ftp # Only neded if masquerading non-passive FTP.
echo "1" > /proc/sys/net/ipv4/ip_forward # Turn on IP forwarding.
/sbin/ipchains -M -S 7200 10 160 # Debian default timeouts.
/sbin/ipchains -P forward DENY # Deny any other kinds of forwarding.
/sbin/ipchains -A forward -s 10.0.0.0/8 -j MASQ
# Masquerade from the 10.0.0.0 network to the outside world.
Try running these commands manually and see if you can get masquerading working with your current kernel.
For more security, you can build a more elaborate set of ipchains rules. (Note: ipchains requires a 2.2.x kernel, which I assume is what you have.)
(!) [Heather] The Debian installer does ask about these things, but just to prepare the modules listing, not to prepare a whole kernel. And its prompts are rather wimpy - you really have best luck if you already know what you are looking for.

(?) Tell me about the K guys

SCI-Linux project to use multiple package types?

From Manoj Warrier

Answered By Heather Stern, Mike Orr

Dan is right. Use one of the user friendly, mouth feeding distros and U stay a newbie unless U make a habit of reading the Linux Gazette and Linux Journal articles out of curiosity as to what happens under the hood...

But, my ears picked up at Heather's comment -> "I think the K guys have the right idea, writing a front end that deals with more than one package type". It sounds exactly like something I need. We are compiling a set of software (most of the links provided at "http://Scilinux.freeservers.com") which we think go into making an Enviornment for scientific computing on Linux. We plan to make a CDROM by April 2001 (GPL) with the sources / RPMs / other binaries and have a Tcl/Tk interface to install these on a existing Linux/GNU PC. We are still wondering if there is "a front end GUI that can deal with more than 1 pacakage type".

(!) [Heather] kpackage is allegedly able to deal with both .deb and .rpm package types. I assume that you still need the underlying libraries, so it knows what to call. It may also be strongly dependent on alien, a script which eases the conversion between package types.
If you're going to write your own GUI, definitely take a look at alien, the packaging APIs, and the apps which already exist to deal with these package types alone. Just make sure not to mix licenses in any incompatible ways...

(?) So who are this K guys? KDE develoment team? ...

(!) [Heather] Yes. The full name of KDE is "the K Desktop Environment" where according to the FAQ, K stands for Kool. But they refer throughout their docs to K, for example, the K menus, the K button, etc.
(!) [Mike] Of course, it was named after CDE, the Common Desktop Environment GUI that many commercial Unices use.

... to which Manoj replies ...

(?) Hi and thanks,

Elaborating more on my task at hand,

Work to be done -> Create a CDROM with scientific software which can be installed on a PC already running Linux.

Problem faced -> There are various distros of Linux, various versions of Linux software, therefore a binary which works on one may not work on the other.

(!) [Heather] This is more a matter of the library dependencies than the limits of any one distro. ldd <binaryname> would tell you which libraries it expects, and if those are really already present, you can force it to install, over its packagemaneger's objection, and it will work.

(?) (1) Thanks. I did not know this.

(!) [Heather] In some cases the kernel may lack something, in which case providing a usable kernel with modules would be a good idea. Don't forget pcmcia modules and setup if you want to gracefully handle laptops.

(?) Not planning on this (at least not in the pre-alpha version). Also wondering where I can keep the CDROM for free downloading (Power cuts, etc, are quiet common this place).

(?) Policy -> Do not want to creae another distro of Linux (Linux from scratch is the way to do it ... am I right??) on which we can then make pre-compiled binaries.

(!) [Heather] Sort of contrary to this, people call "Bastille Linux" a distro even though it's strictly symbiotic to RedHat. You might look at Rock Linux (designed to put the whole thing together from sources) or piggyback on Slackware (which was an early distro, and is pretty strong in the compiler department) or on debian (if it's got the packages you want already, since it has so many).

(?) Therefore plan -> Have the sources, binaries (*.rpm, slackware *.tgz, *.deb, etc..) on a CDROM and have a Tcl/Tk script to install your choice. The script would try to compile the sources for your Linux distro if none of the binaries packed with the CDROM works for you. I realise that a script that compiles from source for your distro of linux will take a loooooot of time, and it is close to impossible to make it work for all distros .. SO ANY IDEAS??

(!) [Heather] with the aid of alien I use rpm's on my debian box and .deb's on my SuSE box fairly freely. Admittedly I did grab 3 deb's to bring lynx-ssl over but it was worth it... and not very hard, debian's dependency tree was accurate.

(?) (2) Using alien seems to be a stop gap solution ( I still have to check it out ).

(!) [Heather] If you also provide the basic libraries that your packages expect, and you are really careful about adding them, you could do okay. The tricky part is things like libjpeg6a versus libjpeg6b (for example). If you get some app that really only wants a specific libary and nothing else will do, you'll have to use LD_PRELOAD variables.

(?) (3) Hopefully we will not need to use LD_PRELOAD. Providing basic libraries is most appealing (after using ldd "binaryname" to find the library dependencies for all the softwarewe plan to pack).

(!) [Heather] The point of using LD_PRELOAD would be if using this with an unknown locally installed system - if your users will be booting from your CD-ROM, then you'll know their environment is correct, and LD_PRELOAD will be unnecessary.
You can use them anyway, and keep all your known support libraries in a little link farm, or something. Probably don't even need hardlinks.

(?) Why go into it at all -> At my Institute (Insttute for plasma research, Ahmedabad, India) we have a lot of ppl using Linux and most of them do not have Octave, Scilab, Numerical libraries, yorick, xfig, lyx, AbiWord, pvm, mpich, ftncheck, etc. etc. etc... on thier Linux PCs. It would be convinient to therefore have a CDROM which would install these on thier PCs.

(!) [Heather] Just offhand I've seen most of those in a debian capt list. Make note, I do point at non-free and non-US, so you may need to do that, or fight licensing hassles, to distribute them.

(?) Never used Debian (Indian PC mags have never given a free version). Here RedHat sems to rule the roost. We get at least 2 CDROMS every year..

(?) Another problem is getting started using these new software. Detailed 100+page manuals are very useful after you get started. therefore we have plans of short getting started guides for these software. I guess there are other people who also might find such a CDROM useful. Thats why we started this.

(!) [Heather] All my best wishes go to you, the Linux world needs more documenters :)

(?) Meanwhile Ill be exploring alien and kpackage. kpackage would probably need the underlying libraries ... Not everybody has this.

(!) [Heather] There are tricks for unwrapping an rpm or a deb without having the library installed yet. The Linuxcare Bootable Business Card (BBC) does this to install ssh on-the-fly since when they began the project, the U.S. still had overly eager anti-crypto laws. (It can be argued that they're still rather crazy - see the EFF - but I'll leave that be for now.) You can get the BBC at its new site: http://open-projects.linuxcare.com/BBC

(?) Which leads me to ask -> Dont youll think fondly about the window manager which you could work on within 5 seconds of typing "startx" at your console on your 16 MB RAM 486? This could be a silly sentiment ...

(!) [Heather] I recommend looking at fvwm2, it's what I use for a lightweight setup that still offers "normal" menus. And flwm (fast light window manager) comes highly recommended from the debian-laptops mailing list.

(?) I use fvwm. flwm sounds good. Must check it out.

(!) [Heather] If you're going to write your own GUI, definitely take a look at alien, the packaging APIs, and the apps which already exist to deal with these package types alone. Just make sure not to mix licenses in any incompatible ways...

(?) and YES !! we have to check out licenses in detail (the least attractive part of the project), but I guess we might be able to distribute most of it since this is never going to be a commercial CDROM. Ill put it up for free downloading (Is there anyone who will provide this service - A mount point for a CDROM having a tar gzipped version of it?). Dont know if I can convince my Institute to CDwrite and mail the CDROM to whoever requests it and pays mailing charges. In fact dont know if anybody will want it, but we learn quiet a lot (ldd "binary name", alien, etc..) doing this.

(?) Thanks once again.

Manoj

Then there was this great - user friendly OS which overwrote your MBR whenever you installed it...

(!) [Heather] You're welcome, and good luck in your project.

(?) Data Recovery Vendor Seeks Linux Basics

RAIDs do not guarantee safety for your data

From Support

Answered By Jim Dennis, Mike Orr

I wonder if you could point me to a FAQ that would answer the following question:

We are a small company specializing in Data Recovery. HardDisk "crashes" and the like.

We have a client that used a network Disk Drive from a company called NETGEAR. It appears that they have built their product round Linux (The good news !)

(!) [Jim] Yes. I've heard that the Netgear NAS (network attached storage) products use an embedded Linux system). However I don't know any details about their configuration.
(!) [Mike] I have a bit of sympathy in my heart for data recovery companies, because we had to use one at the hospital I worked at in 1994. I was doing data entry into a FoxPro database and the Novell server crashed. To top it off, this was 3pm on Christmas Eve and most people were gone. Troubleshooting proved that the server would reliably crash when accessing the middle of certain files in the NetWare filesystem--and these were the database data files.
It took a week to recover. We were between sysadmins and didn't have a backup, because our disk capacity was 2 GB but our tape drive had not kept pace -- it was still a measly 250 MB model. A guest sysadmin from the hospital-wide pool came, did the standard bindery tests (akin to fsck), called a couple consultants who didn't help, called a CNE but didn't engage him since he wouldn't have done more than we'd already done--but would have charged $50 anyway!
We discovered that disk mirroring is not always a good thing. The mirror drive was supposed to be our backup. And it did backup well: it backed up the corrupted data!
The sysadmin noted my comments about the hard drive making noises, and wrote in a report, "It done sound like a car need bearings." We sent the drive to OnTrack; they took it apart, charged $2000, and sent back a tape containing all the files they could recover. Out of all the consultants and CNEs we called, they were the only competent ones in this whole process. They also sent back an amusing analysis report: "Severe hard drive damage. Drive should be replaced." Duh!
We replaced both drives, because the other one was acting up too. Both were part of a bad Maxtor batch that were causing problems in other parts of the hospital as well. They had 12-month warranties, and the drives were failing in the 11th or 13th months.

(?) Thus far, we have regrettably no experience of Linux. I wish to Install a minimum configuration of Linux on a Win98 test PC in order that i may copy the data on their (undamaged) harddisk to another FAT32 harddisk and thereafter backup to CD's.

Right now i'm downloading 2 * 675Mb of "Linux" in ISO format. I doubt that i need 10% of it for this task, but i have no knowledge of the required files to get a minimal system running. Is there an FAQ that would explain to a willing but uneducated guy, how to proceed.

(!) [Jim] You don't mention which ISO images you're downloading. It's probably excessive in any event. Generally you can install a fairly full Linux distribution from one CD (the second CD on many distributions contains source code and/or extra software, sometimes including shareware and other "non-free" stuff (demoware, etc)).

(?) 1. how to install a minimum version of Linux

(!) [Jim] This is a very difficult question to answer given that you haven't told me which distribution you're downloading. Distributions differ more in their installation and initial configuration than in any other regard.
It would also be difficult, even if you had provided this information, since it requires essentially a chapter length exposition.
(!) [Mike] If you want just a minimal Linux installation to just copy data off a Linux partition, consider Tom's Root Boot. It's a minimal Linux system on a bootable floppy, with the utilities needed in a typical rescue situation. Our sysadmins swear by it for all manner of workstation setup tasks.
http://www.toms.net/rb
However, I echo Jim's statement that you need to know the basics of Linux utilities in order to do an effective data transfer. Many people have had to embark on an unanticipated self-taught crash course, but it means spending a weekend with the HOWTOs and manual pages or a book.

(?) 2. how to copy files from a Linux Partition on one disk to a fat 32 partition on a second disk.

(!) [Jim] This part would be quite easy once you have Linux installed. Linux support FAT32 and MS-DOS filesystems (including the VFAT long filename support). So you'd use a command sequence something like this:
  mkdir /mnt/netgear
  mkdir /mnt/windows
  mount -t ext2 /dev/hdb1 /mnt/netgear
  mount -t vfat /dev/sda1 /mnt/windows
  cd /mnt/netgear && cp -ax . /mnt/windows
... this assumes that you have installed Linux unto your first IDE drive (the master on the primary controller) which is called /dev/hda under Linux. It therefore assumes that the hard drive which you've extracted from the Netgear NAS unit is the second IDE drive (slave on the primary IDE controller) which is called /dev/hdb under Linux. This all presumes that you made the necessary changes to the pin settings on your hard drives to get the hardware working.
I also assume that you're using a SCSI disk (though you could use a third or fourth IDE drive --- or even a fifth, sixth, etc). /dev/sda is the first SCSI hard drive on any normal Linux system (though this may change in the future, with devfs).
So, this example makes many assumptions about how you've installed Linux and what hardware you have available. There are MANY other ways to do this.
Other than that the example basically makes a pair of mountpoints (places at which filesystem can be connected), mounts the Netgear drive to one and the Win '9x drive/filesystem to another changes to the top of the netgear directory tree and copies everything on that filesystem (recursively) unto the VFAT partition.
Note: I'm also assuming that the Netgear is not functioning as a NAS and that you're removing the hard disk from it and connnecting it to one of your lab machines. That seems pretty obvious to me, since you'd just attach to it via the network directly from a Win '9x/NT box if the NAS services were working; right?
I'm also assuming that Netgear is using ext2 (the dominant Linux native filesystem). If they're using Reiserfs or some other filesystem --- then you'd have to do things a bit differently. If that is the case; you'd be best advised to use the SuSE distribution which already includes support for Reiserfs --- otherwise you'd have to patch and build your own custom kernels; which is not a task to be undertaken by novices.
(S.u.S.E. is the only major distribution that already supports Reiserfs. Netgear might have patched their system to support it given that Reiserfs' "journaling" features would be very desirable on any Linux-based headless NAS device!)

(?) 3. Am i inventing work unnecessarily. maybe there exist tools to read Linux partitions and copy DATA to Fat32. Something in the Style of Partition magic ( but to actually COPY files.)

(!) [Jim] There used to be a set of ext2 (Linux extended filesystem version 2) utilities for OS/2 and Win32 (NT and '9x). However I'm not sure that they are the best for your purposes.
It would probably be best to buy a nice large hard drive (6Gb or better), put it in one of your lab workstations, install Linux from CD (I prefer Debian; but S.u.S.E. might be more to your liking --- S.u.S.E. is the most popular distribution in Europe and has very good support for various continental languages).
Once you have Linux installed and the Netgear drive attached you can "dump" a raw (bitwise) image of the entire drive into a single Linux file using a command like:
   dd if=/dev/hdb of=/some/path/with/lots/of/free/space bs=1024k
... or you could dump each filesystem/partition by using the commands:
   fdisk -l /dev/hdb
... and then (for each of the partitions listed there: let's say it's 1, 2, 3, 5 and 6; skipping 4 since it might/would be the extended partiton container:
   for i in 1 2 3 5 6; do
      dd if=/dev/hdb$i of=/lots-of-space/netgear-image.hdb$i.bin
      done
(This last is a bit fancy for a novice. However, you can just type the commands one at a time until that little snippet of shell code makes sense). (Obviously you'll need to put in your own names in place of the of= paths that I've listed here).
NOTE: if the netgear filesystems are larger than 2Gb then you might need a very new kernel with LFS (large filesystem support) or you could use "raw" partitions (unallocated space) on your new large Linux disk.
This "dd" approach is handy if you want to preserve a full snapshot of the filesystem (in it's damaged state) before attempting data recovery. That way, if your filesystem check and repair efforts cause more damage you can always start from scratch.
In general I'd say that there is way too much about Linux to learn before you'd understand how to do filesystem or data recovery. As I'm sure you know from your experience with FAT/VFAT/FAT32 based filesystems, one must generally be expert in an OS prior to being competant at data recovery under it.

(?) I would be most grateful for any advice you could offer.

(!) [Jim] You could look for a good Linux training consultant to come in and give you're team a crash course. You'll find that Linux really is a data recovery person's dream tool suite. Although it's not "easy to use" it does offer full access to the system hardware and has very good support for the filesystems of various operating systems.

(?) My best Christmas greetings from Sweden, Tony Kvarnstrom


(?) Linux, UNIX, what's the difference?

From Alex

Answered By Heather Stern

Hi, I have a question that's been on my mind lately. I've looked around the web and gotten some roundabout answers. The question is, what is Linux?

(!) [Heather] Linux began life as a kernel that would act like Minix but run on Linus' 80386 and mount up his minix filesystems. He shared it and was encouraged by folks submitting their own patches. People just can't make their mouth say "Linus' Minix" for very long, but I can't pinpoint when it got compressed to Linux. Maybe one of our readers could :)
(!) [Mike] Vaguely I recall Lars Wirzenius mentioning the origin of the name Linux in a talk at Linux Expo 1998. I think he said something like it wasn't Linus who came up with the name. He just uploaded it to the FTP site and the FTP admin had to come up with a label for it, so he called it Linux. But I may be remembering wrong.
Where's that message where Linus recounts how his first success in building Linux was to develop a multitasker that allowed one process to write "a" repeatedly to the screen while another process wrote "b"? I think in there it mentions that one of his early names for the system, when he was in an extremely frustrated mood, was Buggix.
(!) [Heather] As time rolled on and "distributions" were gathered and sold, the press likes to call the distributions Linux too, while others argue that only the kernel is Linux and the rest is (for example) Red Hat or SuSE or whatever.

(?) The most popular answer on the net seems to be "Linux is a UNIX-like OS". Well, then what is UNIX? And why isn't Linux UNIX?

(!) [Heather] There is someone who presently administers the trademark work UNIX and they don't feel like branding Linux with it for free. FreeBSD has the same "problem" - both are at this point well established systems that people already experienced in UNIX will find comfortable features in.
The trademark began life as AT&T Bell Labs UNIX, and has been traded and sold a number of times since. For a while Novell owned it ... in fact, for a brief time it looked like Novell could become the source of a new, completely non Microsoft based system, because they had Netware, they had DR DOS, they had WordPerfect and its family of apps... but they either didn't see it or had so many internal politics they couldn't do it.
The current trademark holders are the Open Group. Their babble about rights to use their trademark is at: http://www.unix-systems.org/trademark.html
Anyways, UNIX shouldn't be used as a generic term, because that's against the principles of trademark. Let me illustrate with an example that a few more people will understand. You can't call something Coca-Cola (http://www.coca-cola.com) that's not. You're not supposed to call it Pepsi either (http://www.pepsi.com, but you can't use the site at all from lynx; try their investor relations site, http://www.pepsico.com instead) unless it's really Pepsi. But you can call it a "Coca-Cola like soda" or say something "tastes kinda like Pepsi" and you're safest with "a cola" or "a soda pop". For the curious out there, I drink either, but prefer RC (http://www.rccola.com).
So Linux is "an operating system" which only "tastes like MS Windows" if you select a window manager with a theme that tries really hard to do that, but tends to "taste like UNIX". Admittedly it tastes a bit more like these if you go the extra mile and run WINE or have the iBCS compatability module around so you could try to run the respective binaries.
(!) [Mike] Funny, just today I saw a story in Linux Weekly News where Sun claims Solaris is a version of Linux because it can run programs compiled for Linux, and maddog says this proves we've never come to a consensus on what "Linux" really means. Purists say Linux means just the kernel, but maddog cites Linus as predicting that mainframes with highly-customized kernels will also be "Linux sytems" in the future.
http://www.lwn.net/2000/1221

(?) Is AIX or Solaris or SunOS or HP-UX a UNIX?

(!) [Heather] AIX and Solaris are blessed with this trademark under "UNIX 98", HP-UX and Tru64 among others are blessed under "UNIX 95". (You can see the Open Group's Registered Product Catalog if you care: http://www.opengroup.org/regproducts/catalog.htm
I don't think SunOS ever got so blessed; it was a BSD derivitive after all. You can read some about the confusions between SunOS and Solaris in this handy note: http://www.math.umd.edu/~helpdesk/Online/GettingStarted/SunOS-Solaris.html

(?) If so, what makes them a UNIX and Linux not a UNIX? Is it kernel specific? What's the deal?

(!) [Heather] I hope this helped.

(?) linux question

From Ted Mims

Answered By Dan Wilder

I hope you can help me out. I am running a box with Linux 6.0. I had a hacker a few weeks ago that primarily set up some shielded irc channels and modified my dns for his needs (exactly what they were, I am not sure). Anyway, somehow he made it so that my securetty file is ignored. I am having no luck locking root out of telnet. securetty has the correct format and permissions and pam_securetty.so is not commented in the /etc/pam.d/login file. Do you happen to have any suggestions? All I want to do is re-restrict direct-in root access. I would greatly appreciate any elightenment you can offer. Thanks

Ted H. Mims

(!) [Dan] The executive summary: reinstall, secure the new system, copy data from the old.
Unfortunately, once a system is compromised, you can't trust the pieces. The skilful cracker, or even the less skilled in this day of script kiddees, will have replaced system binaries such as /bin/login, /bin/ls, /bin/ps, and on and on. This places you in a shifting hall of mirrors when you attempt repair on a running system. Especially if you attempt this repair while the system is connected to the network. I know very few sysadmins who would be up to this challenge, fewer still who would be assured of success, and almost none who would attempt it except on a wager or as a sport. I would be the last to suggest you attempt this based on a few pointers.
The prudent course of action is a fresh install on a new hard drive. Do this on a system without any connection to an outside network.
Upgrade named. http://www.isc.org/products/BIND is the URL. Use bind-8.2.2 patchlevel 7 for an easy upgrade from what's on most 6.0 distributions. Or, see if the ftp site for your distribution has an upgrade. Eight bugs, including one allowing remote exploit and providing the attacker with full access at whatever privilege level named runs at, have been located in older versions of bind.
Eliminate all services the system does not need, by turning them off in /etc/inetd.conf or the equivalent xinetd config files.
Establish secure passwords for all accounts.
At that point, take the hard drive from the old system and mount it for example on /mnt. Copy valuable data from the old hard drive to the new. Examine all configuration files you may copy over carefully.
Don't allow telnet from remote systems. The password is transmitted in plaintext, not a very good idea in this age of sniffers.
Consider instead installing ssh or openssh, if remote access is needed, or if you're on a LAN with more than a handful of hosts or with users who are not highly trusted employees. Be aware that even ssh is not 100% proof against "man in the middle" compromise.
<digression> That "6.0" doesn't mean much if you don't specify the distribution, for example "Red Hat" or "SuSE" Each Linux distribution maintains its own versioning system, with only very rough equivalence between distributions. </digression>

.... Ted found the breakage ...

(?) I just needed to actually pen the question to someone. I figured it out all by my lonesome. Thanks anyway. He had bypassed pam and sent it back to the login.defs file which of course did not have a CONSOLE directive.

Ted H. Mims


(?) Red Hat 7.0

Crackerz!

From George Hawthorn

Answered By Ben Okopnik, Heather Stern

Answer Guy,

I've searched every Linux site I can find to understand why after months of trouble free operation, I am unable to login to my RH 7.0 server at the terminal. Everything is working fine, web server, ftp, router but I simply cannot login as root or anybody else for that matter. I can do a 'linux single' boot but under a normal boot, when I get the login: prompt and type root, I'm back at the login prompt again. I realize this is an imposition, but I'm getting desperate.

Thanks for your time,

George Hawthorn

(!) [Ben] First, a quick possibility: Take a look at my '"Cannot execute /bin/bash: Permission denied" - solved!' article in Issue #52 of the Linux Gazette. It may contain an answer to your question. Note also that people are able to log in if your ftp, etc. services are usable - they are logging in as a very low-privilege user ("nobody", or "ftp"), but they are logging in.
(!) [Heather] Here's an even faster possibility (maybe even the same) - did you upgrade PAM recently by any chance? The default files from a PAM upgrade usually are not the same as your normal policy. One time I ended up only being able to get in via ssh ... and that, only because my key was already in place, so it wasn't dropping down to standard authentication.
(!) [Ben] Second - when you do log in via 'single', what does the system look like? Has the password file changed? (Hint: it is a Good Idea to have dated snapshots of "/etc" along with your regular backups; a tarred/gzipped archive should easily fit on a floppy.) Try making a copy of "/etc/passwd" (or "/etc/shadow" if you use shadow passwords), then edit it to remove the password hash for root -
root:1XaFDYn7EapuP:0:0:root:/root:/bin/bash
Chop out the second field:
root::0:0:root:/root:/bin/bash
When you next log in as "root", you won't need a password - just make sure to create one immediately. If you still cannot log in, then something in the system itself is giving you problems; once again, refer to the above article.
As to reasons why this happened in the first place: well, the scary-but- obvious reason could be that some "script-kiddie" got into your system and did a dance on it. Not to panic; as long as you've got good backups, the damage can be undone (and if you're running a publicly accessible server and _don't_ have backups, I'm afraid you've gone beyond any help I can give.) It could also be that some program you've installed - and I haven't heard of anything like this with progs from established distributions, whereas just slapping in a random tarball could do this - has messed up your libraries or other vital files.
In my experience with Linux, I've come to an expectation that I did not have with MS Windows or OS/2 - "stuff" doesn't just happen. There is a reason for this; whether a security problem caused by random services enabled in "/etc/inetd.conf" (I strongly suggest reading the Security-HOWTO if you have not done so previously) or a problematic program installation, you need to track it down and resolve it. Particularly in the case of a break-in, it is not something you want to happen again.
Good luck

... George adds some context ...

(?) Ben,

Thanks so much for the speedy reply. I'm going to read through your e-mail very carefully. I can tell you that I've done nothing to the server for months accept FTP files to it, Telnet to it, add a couple of users etc. It's been running perfectly since August of this year, and so I "think" I can rule out my actions as the cause. I haven't installed any additional programs. As for the security issue, this was and still is my immediate concern. I wonder if someone has got in and done "something". I did see a couple of bad login attempts using lastb. I do have copies of ALL important files, and so could simply reinstall the OS, but then I'd be no better off...just waiting for it to happen again. Thanks once again for your help. I'll let you know if I find the cause.

... then following Ben's advice, investigates more carefully ...

(?) Ben, Following your article in issue #52, I looked at /bin/login (using linux single) and noticed that it is owned by root and lp (have no idea what lp is ...sounds like a print queue).

(!) [Ben] Just to hazard a guess - since I don't know the layout of your system or anything else about it - an attacker may indeed have come in via your remote print system; there are exploits (if I remember correctly) that use it, since it requires a high level of privilege to access the hardware ports. I would at least check into security measures involving the print system - the first of which would be to make sure that I'm running "rlpr" or "lprng" for my remote services. The second would most likely be a search of COTSE <http://www.cotse.com/unix.htm>;, Insecure.org <http://www.insecure.org/sploits_linux.html>;, or NetworkICE <http://www.networkice.com/advice/Exploits>; for known exploits against whatever I am running.

(?) I booted up another pc with RH 7.0 and noticed that its /bin/login ownership is root and root. I tried chown root.root login, but get the 'permission denied response'. I also edited /etc/shadow with no luck. I agree with your theory that reinstalling teaches you nothing. My master plan was to FTP the login "program" from a working pc to the server in the hope that login is somehow corrupted on the server.

(!) [Ben] "/bin/login" and "/bin/bash" are typically good things to check when looking for intrusion "footprints", especially a "/bin/bash" that's been set SUID (this means that anyone running that shell has full root privileges!) The fact that you're unable to chown "login" means that FTPing a good "login" binary will not help - you probably won't be able to delete the old one. In fact, it's a pretty strong indicator that...

(?) I rebooted the server using the linux single command, and then SU to login as root. I was scrolling through previous commands and was surprised to see many commands that I didn't enter. Someone created a user called "Poped" as far as I can tell, and then entered commands such as

rm -f /bin/login chattr -i /bin/login

It would seem that someone gained access. What do you think?

(!) [Ben] ...somebody got in. I assume I don't need to mention that you need to immediately take your system off the network - given that he has root access, your attacker could easily wipe out your entire system.
I would guess, even though you haven't mentioned this, that they ran a "chattr +i" on the "/bin/login" that they had installed - this would be the reason that you can't delete "/bin/login". You can remove the "immutable" flag set by "chattr" by running "chattr -i /bin/login"; this should allow you to delete/replace it with a non-'rootkit' "login".
By the way - one of the ways you can usually tell the replacements is by looking at the size of the executable. The 'rootkit' types, due to the fact that they can't be dynamically linked (they have to be able to work on a system whether it has their required libraries or not), are normally much larger.
In a way, you should consider yourself lucky - a really knowledgeable cracker would have replaced your "/sbin/syslogd" and cleaned up your logfiles. You would never have known that anyone had been in there. Also, the very fact that he screwed up "login" to that degree shows him to be an amateur - a successful system crack is nowhere nearly that obvious or crude.
Once again, I strongly recommend reading the Security-HOWTO and doing some research. Leave your system off-line until you're satisfied 1) that you understand how the attacker got in, 2) have securely patched that hole, and 3) have done a general security survey of your system and are reasonably satisfied with its state. If you're setting up a publicly- accessible server and have not studied the security aspect, you're letting yourself in for a large heap of trouble - as you have found out.

(?) Thanks for any help.

P.S. so much for my firewall.

(!) [Ben] Ah, more reading to do! :) Firewall setup is not as "automatic" as a lot of folks think. Most of the time, it's not particularly difficult - but it does require attention and a bit of study. See the (are you surprised?) Firewall-HOWTO.

... George will go one better ...

(?) Ben, I'm really grateful for your excellent responses. You've been a tremendous help and I plan on taking your advice. I bought "Building Linux and Open BSD Firewalls" a few months ago and will delve more deeply into the book.

Happy Christmas, and thanks once again.

(!) [Ben] Glad I could be of help, George; sounds like you're taking an effective tack to resolve the problem. Merry Christmas to you as well, and the best of luck.

(?) Transmitting PaperPort files with .max

Definitely some Windows file format

From Elizabeth Sedgwick

Answered By Mike Orr, Heather Stern, Don Marti

Gees, I hope you can help me.

I just loaded PaperPort software for windows, which is used with a scanner for photographs, etc. onto my computer. The extension for the software is .max. When I send photographs to friends, they can’t open them. Do they have to have the software on their computer to open the files?

In trying to solve this problem, I saved the photos with a .jpeg extension and am sending them this way. Some of my friends do not have .jpeg type software in their computers. Is there some way to download jpeg software from the internet if you don’t have it on your computer?

Your help with be so appreciated? Elizabeth

(!) [Mike] This is Linux Gazette, not Windows Gazette. You'd get a better answer by asking a Windows group.
.max is not a normal image extension like .jpg, .gif, .png. It is very likely the recipient does not have a .max reader installed. Nowadays they probably DO have a .jpg viewer of some sort already installed. How to view the image depends totally on the recipient's mail program and other software. At worst, they can save the .jpg's as files and view them in Netscape or Internet Explorer using a URL like file:/directory/filename.jpg . (May need "\" or "\\" and a "c:" prefix under Windows?)
IF they are running Windows, it's possible something called "File Associations" has a bad configuration. This is a table that tells Windows which program to use to open a .jpg or .jpeg file when you double-click it. In Win95, it was a setting in Windows Explorer off one of the menus somewhere. In Win98/2000, I have no idea where it is.

... Great help, but Elizabeth is confused ...

(?) Thank you for your help.

When I transmitted my email, it was sent to . How it reached you is beyond me.

Thanks for your ideas!! You're right about jpeg.

For your info, I learned that jpeg software comes with Microsoft Explorer. I tried it, and the photos were highly enlarged at the receiver's end. It worked, but you had to look through several screens to see the whole photo. The photo was smaller than screen size when I sent it.

I did find a solution that seems to work. I use the extension of .exe and people are able to open the file without special software.

Thanks again!!!

(!) [Mike] was originally an alias for Jim Dennis, who answered the questions and collected the threads to publish in Linux Gazette. To ease the burden on him, we expanded it to The Answer Gang (), a mailing list with about ten subscribers. All of them see the questions and try to respond. This also improves the quality of the answers.

... Elizabeth is right to wonder ...

(?) Does answer questions about windows?

(!) [Mike] No. Sometimes we will anyway, but generally not.
I used to do Windows support at a hospital, so I remember the tricks I used then. But I haven't used Windows hardly at all since 1998.
(!) [Don] About Windows/Linux interoperability, yes. If there's no Linux in the picture at all, then no.
Any technology distinguishable from magic is insufficiently advanced.
(!) [Heather] We actually try to answer questions, but only have any interest in answering Linux questions. There are lots of sites dedicated to Windows.
Perhaps a better question would be, if one of the Gang feels inclined to answer a Windows question anyway, do we publish it? Usually not. If it involves interoperability, or it looks like Linux users might also somehow benefit from the answer, or it gives our crew an opportunity to advocate Linux a bit, then we do.

... Fair enough, but then ...

(?) Thank you for corresponding with me. Is there another web location I can contact to obtain answers to Windows questions?

(!) [Mike] Not that I know of in particular. There are USENET newsgroups (comp.os.ms-windows.* I think), which you can access at www.deja.com.
Or go to Google (http://www.google.com) and type some keywords.
(!) [Heather] There's a tips area at winfiles.com, but it's nothing like we have. Here is a real nice opportunity for one of the Windows related magazines to do a Windows Answers column like ours on their website...

(?) Help Me Delete Linux

From Antony

Answered By Mike Orr

(?) Hi, I recently attempted to install Linux Mandrake, but I did it wrong and know Windows has been deleted and linux won't work, all I want to do is Delete linux so I can reinstall Windows and be happy again, I cant even install windows at the moment because linux is taking up too much room on the hard drive. Mum is heaps annoyed as she can't use the computer so can you please help me quickly? Thanks

(!) [Mike] Hmm, three questions about uninstalling Linux in two days. I wonder what that means.
Doesn't the Windows setup program allow you to repartition your disk as part of the process? If not, that's a big omission.
Anybody here use Mandrake? Does it come with a boot floppy that can be used as a rescue disk? If so, you should be able to boot from the floppy, press Alt-F2 to go to the second virtual console, run "cfdisk" or "fdisk" and delete the Linux partitions (or all the partitions), and then reboot and run the Windows install program.

(?) Removing Linux: Sacrilege!

or: /bin/dd is your friend!

From Kevin Gray

Answered By Mike Orr, Jim Dennis

hello i was just wondering how to remove linux from my system. I have two hard drives one with linux and the other with windows 98. Everything works fine but I just never use linux and since I don't have the time or technical know how as to operate linux i would like to get my hard drive back. Is there a way to do this? Any help would be appreciated. Thank you.

Until your next letter I remain,
Sincerely Yours,
Kevin Gray

(!) [Mike] Is Linux on your primary drive or second drive? If it's on your second drive, use Windows fdisk program to delete the Linux partitions and create DOS partition(s). If you can't find a graphical fdisk program under the start menu, open a DOS box and type "fdisk". Choose the option to switch drives if necessary), then the option to print partition information. Verify which are the Linux partition(s) and delete them. Then either make one big DOS partition or several small ones. Close and reboot, open My Computer, right-click on each new partition and choose "Format" from the menu.
If Linux is on your primary drive, can you switch the drive cables and/or jumpers to make Windows the primary drive? Be warned that Windows programs tend to go into convulsions if you change drive letters on them. Windows assigns drive letters according to which partitions it finds first, so moving drives around or changing DOS partitions changes the drive letters. Use the Windows utility to make a rescue floppy first.
If you're using LILO to boot, you can eliminate it by using "fdisk /mbr", an undocumented option to Windows' fdisk program. This replaces the master boot record on the disk with Windows' default version. Note that Windows' boot loader is primitive: it won't give you a menu, it'll just boot whichever primary partition is active (on the first disk only). You must first make that partition active (=bootable) using fdisk, and ensure ONLY ONE partition is active.
(!) [Jim] Note that most versions of MS FDISK will refuse to remove non-MS-DOS partitions. You can use Linux fdisk to remove partitions or you can use dd to complete wipe out all data on the Linux disk which will make it look like it's fresh from the factory so far as MS is concerned.
Also note that swapping drive letters out from under a MS OS installation is basically guaranteed to hurt worse than backing up your data to floppies, re-installing the OS from scratch, re-installing all applications and restore copies of your data into place. (This re-installation process has the added benefit of ensure that you have backups and of cleaning out all of the cruft that tends to accumulate in Microsoft based operating systems over time).
(!) [Mike] When I use it, it just asks, "Delete non-DOS partition?" and does it.
You can use Linux fdisk to delete the partition, but be careful, because then Linux won't exist but will still be running. Do it in single-user mode (type "linux single" at the LILO prompt), then reboot immediately after exiting the program. Even better would be to boot from a Linux rescue floppy (which probably came with your distribution) so that you're not deleting the currently-running system.

... and the real nitty gritty instructions ...

(!) [Jim] Let's assume that you have two IDE drives and that you have Linux installed on what MS-DOS/MS Windows would call your "D:" drive (/dev/hdb or /dev/hdc or even possibly /dev/hdd under Linux). Obviously that could be /dev/sda if you're using a combination of IDE and SCSI or /dev/sdb if you have two SCSI drives.
So, let's assume that MS Windows is installed on /dev/hda and that Linux is on /dev/hdc (perhaps your CD-ROM drive is /dev/hdb /dev/hdd).
To remove Linux as though it had NEVER been there you can follow these steps:
      lilo -u /dev/hda
... should attempt to copy /boot/boot.0300 back into /dev/hda (that should have been the backup copy of your original master boot record --- MBR). If that does work then prepare an MS-DOS boot floppy (ask Microsoft how to do that with newer versions of Win'9x; they'll swear that Win'9x isn't really DOS anymore, but they're lying, of course).
Now to wipe out EVERYTHING from /dev/hdc.

WARNING!!!
The following will irrevocably wipe out all data on a hard drive! Mistyping it can wipe out everything on the wrong drive! IF YOU CARE ABOUT ANY OF YOUR DATA, BACK IT UP! MAKE COPIES DON'T AND DON'T COME CRYING TO US IF YOU FLUB THIS UP!!!!
WARNING!!!

     dd if=/dev/zero of=/dev/hdc bs=1024k  # DANGER! Will Robinson!
... this will scribble streams of ASCII "zeroes" (NUL characters) all over /dev/hdc --- wiping out Linux.
When you reboot Linux will be gone (the kernel and the dd program were in memory, but that's cleaned up on a system reboot).
If your system doesn't boot from its hard drive after this, then pull out that MS-DOS boot floppy. By the way, you should have one of those around for various recovery reasons --- it is a vital part of running MS-DOS and recovery from any virus that your system catches. Then run:
     FDISK /MBR
(That's a DOS command that should create a new boot record for you).
If it still doesn't come up after this than refer to the huge WARNING that precedes this dangerous command example. Sigh, re-install MS-Windows and restore from backup.

(?) Another uninstall: Getting to a Root Prompt to Blow it All Away

From Lynn Johnson

Answered By Jim Dennis

I am trying to remove linux - i logged in as root but where do I type fdisk? I don't see a place to type anything - pls help - thanks, lynn

(!) [Jim] I'm going to guess that you're logging through some graphical service (xdm, kdm, gdm, etc). That would be the most common case where you could log in as root and not see a text console and a shell prompt.
So, assuming that this is the case the question becomes:
How do I get to a root shell prompt?
There are many possibilities. X can be configured to run any of a number of GUIs (graphical user interfaces) such as KDE, GNOME, twm, fvwm, etc. Any of those can be configured to offer a very limited number of menus (possibly no menus at all).
Typically you access your GUI's menus under X by clicking on the "wall paper" (or screen "background" which is technically called the "root window" in X parlance). That will bring up the "root menu." (The windows and menus in X are thought of as a tree, just as your filesystems are trees of directories, and subdirectories (branches) and files (leaves). You might have to click with your right or middle mouse buttons. That is configurable in most X window managers. There might even be different menus that come up for each mouse button. Typically one set of them would be the main set of menu options and the other(s) would contain some special window manager features to resize, raise, lower, move and destroy windows, select "minimized" or "hidden" applications etc.
When you find the main menu tree you can search it for some entry such as "xterm" or "rxvt" or "eterm" or "kterm" or for entries that are referred to as "shells." Since X is completely configurable the labels on the menus can be anything.
All of that aside it's probably easiest to skip all of this GUI rigamarole. There are a couple of ways to do this. On most systems you could switch away from X (and/or any of the display managers -- the various graphical login tools) using the following keystrokes:
[Ctrl]+[Alt]+[F1]
(That's holding down the "control" and the "alt" keys and typing in the first function key). That should bring you to a text mode login console (which is a virtual terminal/console running any of the "getty" programs, usually mingetty under Linux.
From there you can log in as root and you should be presented with a shell prompt (usually ending in a "#" hash/pound sign which conventionally indicates a root prompt).
If that fails then you'll probably want to "break in" by rebooting. It's possible for someone to configure a Linux box such that there are no getty's running on any virtual consoles. It's even possible to configure one to run multiple different X sessions concurrently. I have a workstation at my new office which is running four different xdm sessions.
So, if you system has been configured to remove the text virtual consoles, or if you're running a distribution that only makes a GUI available by default, then you'll want to reboot.
The easiest way to reboot from a graphical session under Linux is to type:
[Ctrl]+[Alt]+[Backspace], [Ctrl]+[Alt]+[Del]
...in rapid succession. The first keystroke combination will kill the X server, the other one will signal init (the process manager under Linux) to perform a reboot.
Of course either of these features might also be disabled! If that's the case then just hit the reset button on your system, or flip the power switch (wait about 30 seconds and turn it back on) or pull the power plug.
While it's booting wait for the keyboard lights to flash a couple of times (while the system counts its memory, checks it's floppies, etc). There will probably be a LILO prompt (possibly this will be quite brief. So, as soon as you see the keyboard caps lock, scroll lock, and num lock lights flicker, turn on the caps and/or scroll lock. If they flick back off in a second, turn them back on and hold down any shift or control key.
All of these shenanigans are intended to interrupt LILO (the most popular Linux loader) and convince it to give you a prompt. At that prompt type:
           linux init=/bin/sh rw
Actually you might have to replace the first word in that line with something else. What else? That depends. LILO can be configured to call the Linux installations or "stanzas" by any name you'd like. Also LILO can be configured not to allow any interruption or it can be configured to require a password to boot or to bypass the normal boot procedure.
However, more than 99% of all the Linux boxes in the world today will give you a root prompt if you follow this last procedure. There are only a few freaks like me that know enough about Linux to configure LILO with passwords and/or to ignore all attempts to get at a LILO prompt. (Of course there are other boot managers for Linux. In particular newer versions of Mandrake might use GRUB --- the grand unified bootloader; and I haven't studied that one at all.
In the highly unlikely event that you still can't get at a root prompt then you'll want to boot from a floppy or a CD (such as the Linuxcare bootable business card or one of its clones). I'm not going to go into the details on that for right now. If you need to know how to do that just search Google! (http://www.google.com/linux) for "recovery disk" or go to Tom Oehser's site and read about Tom's "root/boot" disk images (http://www.toms.net/rb).
Notice that most of the difficulty here is that I have no idea how your Linux system is configured, nor do I have any idea what distribution you're running. As you might have guessed from this long set of directions Linux is a bit configurable.
Obviously once you get to a root prompt you can just use the command:
        fdisk /dev/hda
... to work on the partitions on your primary IDE drive. (You can use /dev/hdb for the secondardy IDE on the first controller, /dev/hdc for the primary drive on the secondary controller, etc; and you can use /dev/sda, /dev/sdb, etc if you're using SCSI drives).

(?) setting root password

From Tom Weingarten

Answered By Ben Okopnik

I've managed to work myself into quite the dilemma. Somehow my root password has been deleted, so I can no longer enter my system except by a second login, which does not have write permissions on anything or the ability to acces linuxconf or userconf. I'm using RedHat Linux on a dual-pentium box. However, I've found that the RedHat cd is far from adequate for rescue purposes, so I created a mandrake cd, and can use it to edit files. What do you suggest I do? Thanks in advance for your time

(!) [Ben] I've found that the RedHat CD (or boot floppy) actually works reasonably well as a rescue disk - flipping to the 2nd console via "Alt-F2" and mounting the existing hard drive is the answer (RedHat tech support told me it couldn't be done and I should reinstall. <sigh> ;) Whichever you choose, fixing the root password problem is pretty easy - and before anybody starts storming about it being a HUGE security hole, remember that "physical access=root access". Period. It's the reason that locked server closets and machine rooms exist. If you want just that tiny bit of extra security (your eight-year-old computer genius has been trying random passwords against "root" or some such), disable the floppy/CD boot and password the BIOS (write your hard drive's cylinder/head/sector info on the side of the PC case and *don't* lose that password; resetting the BIOS can be a touchy business.)
So - boot your machine via a boot disk or CD. Mount the offending drive - for this example, we'll say you have it under "/mnt". Edit "/mnt/etc/passwd" (or "/mnt/etc/shadow" if you use shadow passwords) and clear out the second field in the "root" entry (fields are separated by colons) - that's the encrypted password. In other words, given an entry that looks like this:
root:2St5fADe4oOcSE:0:0:root:/root:/bin/bash
you should end up with this:
root::0:0:root:/root:/bin/bash
Save the file and reboot, this time without the boot disk. Log in as root (no password necessary) and immediately assign one using the "passwd" utility. No muss, no fuss, no greasy aftertaste. And, umm, keep a close watch on Junior: he might be reading this too... :)

... Ben's a hero! ...

(?) Thanks a million. You've saved me the fate of hundreds of users asking what the heck happened to their character files (I run an online game). Also, btw, while searching desperately for a solution, I found that if you edit /etc/pam.d/login and change everything to optional, you can login as root with the wrong password. Then you can change the password, all from the boot cd. Although, your method is infinitely simpler. :-)

Thanks again for your help. Tom


(?) I can't seem to write to my vfat (Windoze) file system with any user other than root.

From John Fox

Answered By Ben Okopnik

I currently run Red hat 7.0 and am attempting to follow the suggested procedures of not logging on as root unless I absolutely have to. When I am logged in to the system as my non-root user id, I am unable to write files to the vfat file system.

I have tried to chown the mount point, I have even gone so far as to try to chown and change the file permissions of a file on the vfat file system(to no avail). I have checked the mount and all the vfat mounts all show (rw).

The following is the error message I receive when I attempt to copy a file: cp: cannot create regular file `filename.ext': permission denied.

Does anyone have any idea?

(!) [Ben] Yep; I remember cursing and scratching my head over this one quite a while ago. You've got the right idea in looking at the permissions/ownership of the mount point - but as you've found out, you can't just change them.
Here's the solution that I've used. I like this one, since it would work well on a multiuser system as well as a regular home system. First, create a group called "msdos". Note its GID (the number associated with that group; take a look with 'vigr'.) Add yourself to that group -
adduser jfox msdos
(assuming your username is 'jfox'.) Now, in your '/etc/fstab', add the "noexec", "umask" and "gid" parameters to the appropriate partition:
/dev/hda3  /mnt/msdos  vfat  noexec,umask=003,gid=1001  0 0
Obviously, the GID would be that of the "msdos" group.
What we're doing here is mounting that partition with the appropriate group ID and setting the umask - this masks out the permissions that the mounted partition will have. The "noexec" parameter works with in concert with the other two to produce the following conditions:
Directory access under the mountpoint is allowed to members of GID 1001 All files under the mountpoint are readable and writable by GID 1001 The files are "read-only" to the other users None of the files are executable (does not apply to DOS emulation)
It takes a bit to get used to this three-parameter control system, but it is actually very flexible and can be used to set up just about any combination of permissions and directory accessibility you could want.
From this point on, if you want to give a user on your system read/write access to the files on that partition, simply add them to the "msdos" group.

... wishing the docs were better ...

(?) Ben,

Thanks for your help. That did the trick. I think they could have made it easier by putting somthing in the faq. On their site.

(!) [Ben] You're welcome - glad I could help! Just as an idea, if you perceive this as a topic that lacks coverage in the Linux community, consider writing a HOWTO - the Linux Documentation Project, under whose auspices the LG operates, is always on the lookout for more useful info that can be shared. It's yet another way to put something back in as a return for the effort that other Linux folks have put out - and this kind of feedback is precisely what allows a community to grow.

... you can do it John! ...

(?) Will do Ben,

I would be happy to contribute to the community. I thought you had to be hooked up with the right people in order to contribute. I will seriously consider writing something up. Especially considering that I am on Vacation until the end of the year and will have plenty of free time on my hands.


(?) Firewall for a SOHO

Small World, isn't it?

From Tom Bynum

Answered By Jim Dennis

Actually, hello from your mom's next door neighbor (...well....two doors...damn it...close enough...). Anyway, I was talking with her out in the cul-de-sac Sunday evening and she lent me her copy of your book to browse.

(!) [Jim] Mom mentioned that she'd been chatting with you.
(!) [Mike] Jim wrote a book?
(!) [Heather] Yeah, Linux System Administration by New Riders Publishing. purple edge stripe, "landmark" series with a view of the French river (the Seine I think) on the cover's top quarter stripe.
Wherein the first half describes policies so real decisions can be made, and the second half describes practicum, so sysadmins can Do Cool Stuff. eg. to have an awk script "vette" the logs of all the boring ordinary stuff amd leave you the stuff that looks new or weird.
It's a good thing :>
(!) [Mike] That's cool that New Riders has a Linux book. Several of us at SSC have been very impressed with the two New Riders' books on Python and PHP, so I'll have to take a look at this one. The other two books are very concise: they give you a lot of information in a small space, and answer questions you didn't think to ask, more so than books three times their size.

(?) I spend about 99.8% of my time in Windoze.......(snore.....) so please forgive some rather newbie questions, but I have an idea that incorporates Linux in a big way.

Let me give you a short Linux bio... I was first exposed to Linux back in 1997 when someone at my ISP mentioned using it for an internal mail server. I figured "...how hard can it be..". I went and bought a book which included 3 distros. I ended up using Caldera Openlinux Lite 1.0. (because it was the only one that would install) In about a week I got Sendmail to work with the ISP through a dial-up SLIP/PPP connection. At that time we only had a single company dial-up account so I had the machine using a crontab to dial-up and kick the SMTP server every 3 hours or so. The "kicking" part was something I found to make SMTP work through a dynamic dial-up account. Later I installed ISDN and a router and got a static IP so we were live and just had to turn off the crontab. I got burned on "relaying" with that server and didn't know how to turn it off so I installed Caldera OpenLinux 2.3 because it contained the new distribution of Sendmail with relaying blocked out-of-the-box.

(!) [Jim] Yes. Sendmail has a near vertical learning curve (and qmail is even more confusing for me). I actually like Postfix (now that I've tried it) but I'm NOT recommending that you switch to a new MTA (mail transport agent). You got something that works well enough. You've learned enough to get by; and if you need to hire a consultant than there are LOTS of them that know sendmail and very few who understand the corresponding intricacies of qmail, Postfix, exim or any other MTA.
There is a really cool option to consider. You could buy the commercial sendmail package and use it's little configuration system. You'd still be running the same sendmail that you are now; but you'd have a somewhat less gruesome interface for doing the basic configuration. (If you later had really special needs you could have someone start with those basic configuration files.
Look at http://www.sendmail.com for information on pricing and all of that.
As for setting the "maximum message size" limit: you should be able to edit your .../sendmail.cf file (either in /etc/ or in /etc/mail/ depending on your distribution) and find a line that looks something like:
#O MaxMessageSize=1000000
... to make that work just remove that first character (the '#' or hash sign) which "uncomments" that line. The value is in characters or octets (I'm not really sure which --- but they are the same for ASCII and I doubt that you're getting alot of Unicode or UTF8 traffic yet).
If you don't find this line then insert it somewhere in the first section of the .cf file. That means to put it before the first line that starts with a P (which looks like the following line in one of my sendmail.cf files):
Pfirst-class=0
Sendmail isn't terribly picky about what order the options appear in, but it can be picky about which "section" they're in. (In other words the options should all be grouped together near the top of the cf file, the re-writing rules should all be grouped together near the end of the file.
Note: It's better if you're using a macro config file (usually named <something>.mc). So, here's a simple sample .mc file showing a valid confMAX_MESSAGE_SIZE definition:
divert(-1)
# After the `divert(0)' all lines starting with `dnl' are
# comments until the next newline character.
include(`/usr/share/sendmail/m4/cf.m4')
divert(0)dnl
VERSIONID(`Linux Dec 19 16:43:03 PST 2000')
OSTYPE(`linux')dnl
dnl
define(`confMAX_MESSAGE_SIZE', `1234567890')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn')dnl
define(`LUSER_RELAY', `local:postmaster')dnl
FEATURE(`nocanonify')dnl
FEATURE(use_cw_file)dnl
FEATURE(`always_add_domain')dnl
MASQUERADE_AS(`PUT_YOUR_DOMAIN_HERE')dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(`allmasquerade')dnl
MAILER(`local')dnl
MAILER(`procmail')dnl
MAILER(`smtp')dnl
MAILER(`uucp')dnl
MAILER(`bsmtp')dnl
MAILER(`fido')dnl
dnl
LOCAL_CONFIG

Most of represents a typical sendmail .mc file. In order to use this to generate a .cf file (which is what sendmail uses) we issue a command like:
       m4 < $THIS_MC_FILE_NAME > /etc/sendmail.cf
(Note: DON'T DO THIS using the sample I've given. You'll wipe out your existing sendmail.cf file!)
The idea here is not really that complicated. sendmail uses the cf file which is in a format that's convenient for the program. For years people maintained cf files directly (using a text editor). For some of us (myself included) it is still easier to make a small change to an existing .cf file then it is figure out the corresponding .mc file directive.
However, most of the text in the .cf file looks like line noise. So mere mortals among us prefer to create shorter files that summarize what we want sendmail to do. Then we pass these shorter .mc files through a macro expansion tool (the m4 program) and they get expanded into the .cf files that sendmail uses.
But enough about sendmail. On to your question.

(?) "Whew"...all right, here I am today. The box runs, I don't screw with it. Every now and then some bozo over in drafting tries to stuff a CAD drawing in an email message, but after a little staff chastising and a re-boot, everything's back to normal. BTW, I've seen that "max message size" line in the sendmail.cf, but everytime I try and make the line active, the server issues an error when booting the sendmail daemon so I had to rem it out again...sorry, back to my point...

(!) [Jim] (See above)

(?) I want to set up a Linux box to implement Firewall and Proxy services. For you that might be straight forward, but all the information I find is sending me in mental circles...

This is what we currently have setup...Static address from ISP --> Router (with ISDN modem) using NAT --> Private address on the Lan side of the router. DHCP running on the network tells all the clients that the router address is the gateway. All works...thanks for shopping at Kmart. Not very safe...

(!) [Jim] I like to use pictures when I'm designing networks.
It sounds like you have this:
                                         * eth0
                                         v
               +---------+     +--------+     +-----+
               |   ISP   |-----| Router |--+--| LAN |
               +---------+     +--------+  |  +-----+
                              ^            |
                              * eth1       |   +-----------+
                                           +---| Linux Box |
                                               +-----------+
... but it's not clear. Clearly your Linux box cannot be receiving mail from the Internet if it's using a "private" (non-routable RFC1918) IP address. That is to say that you can't advertise a 192.168.*.*, 10.*.*.* or 172.16.*.* through 172.31.*.* address to the Internet as your MX (mail exchanger). If you did so, then no one would be able to route SMTP (or any other IP traffic) to you.
However, it's possible that you could have a feature/rule on your router such that it relayed any incoming traffic on TCP port 25 on eth1 (the outer interface) to the same port on your Linux box.
This is one way to put a "hidden" server behind a router. However, it assumes that you have a router that is capable of doing such relaying (or "transparent proxying"). There are a number of programs capable of doing this for Linux.
(Another, less interesting and less useful solution would be for your ISP to act as a your MX record AND for them to maintain their own routes to your RFC1918 network. Of course then you'd have to co-ordinate this with your ISP and they'd have to assign different RFC1918 address blocks to each of their customers that wanted this service, and you'd have to maintain split DNS, and ... anyway forget I mentioned that).
Another option would be to use the Linux box as both the router and the sendmail host. This is possible (so long as you can connect your ISDN modem or TA to your Linux box).
Yet another option would be to have your ISP give you more than one static IP address. Two would be sufficient; four would be a relatively normal subnet, though only two would be usable in that.
Note: most of these configurations are NOT recommended. They offer little or no protection for the sendmail boxes, and nothing protects your internal network from a potentially compromised sendmail box.

(?) Here's what I want. (It sounds safer....so I'm gonna try and draw you a mental picture here so bear with me...)

Static address from ISP --> Router (with ISDN modem) using NAT --> Firewall (eth1 on linux box) --> Firewall/Proxy/NAT services running inside box --> Gateway (eth0 on linux box)--> Network

(!) [Jim] It sounds like you're saying that you want something like:
               +---------+     +--------+    +-----+
               |   ISP   |-----| Router |----| LAN |
               +---------+     +---+----+    +-----+
                                   |
                                   |   +-----------+
                                   +---| Linux Box |
                                       +-----------+
This is a reasonable configuration. You still need to have some way of routing traffic to the Linux box. That can still be a TCP relay utility or feature running on the router and redirecting all inbound SMTP (TCP port 25) traffic to the Linux mail host. It could be a different DRIP (directly routable IP address) from your ISP.
It could even be a hack where all your incoming mail gets stored by your ISP and is fetched into your domain via POP or IMAP. (I suspect that this is the way you were doing it when you were in dial-up. I suppose it might be what you're still doing; it's not clear from your message). Another trick is for your ISP to be your primary MX, and for them to relay it to you via UUCP (over TCP).
I used to get my mail via UUCP, and that was only a couple years ago.

(?) Basically just insert it between the network and the router. Does that make sense? Here's the reason for the router being on the end...it has my ISDN modem built-in. It's the only device I have that can run the ISDN connection. Things are too $tight$ to get a nice connection like a T1 with expensive firewalls and such, so I'm trying to make this work cheap! I also want the logging and auditing provided by the proxy.

(!) [Jim] The problem here is getting the incoming traffic to your Linux box. I'm guessing that you might have something like a Trancell Webramp ISDN TA/router. You could replace that with an ISDN card or an external ISDN "modem" (which connects to your Linux box via a serial port).
In those cases you'd have the routing and mail services running on a single system (which is not a good security profile since a compromise of your mail host constitutes a loss of control of all of your routing).

(?) The final effect is, a second "private" network between the linux box and the router. So I will have one subnet for the LAN in general and eth0 of the box on that side. A second private address space and "subnet" available only between eth1 and the router, and then of course our static IP on the outside. To me it kind of resembles a "DMZ" which most modern routers have built in. Let's call it a poor man's "DMZ".

(!) [Jim] Oh you mean:
               +---------+     +--------+                  +-----+
               |   ISP   |-----| Router |            +-----| LAN |
               +---------+     +---+----+            |     +-----+
                                   |                 |
                                   |   +-----------+ |
                                   +---| Linux Box |-+
                                       +-----------+
... that's O.K. In this case Linux is acting as an interior router (and as a mail host). Even better would be:
               +---------+     +--------+                     +-----+
               |   ISP   |-----| Router |               +-----| LAN |
               +---------+     +---+----+               |     +-----+
                                   |                    |
                                   |   +--------------+ |
                                   +---| Linux Router |-+
                                   |   +--------------+
                                   |
                                   |   +-------------------+
                                   +---| Linux Mail Server |
                                       +-------------------+
Where you use two different Linux boxes, one as a router and the other as a mail server.
You'd still want your ISP to give you one or two more DRIP addresses (for the exterior interface on your Linux box(es)).

(?) Does this sound off the wall? Every "how-to" I find for using Linux as a firewall talks about it being the "router" at the end of the line between the LAN/WAN. I haven't heard of it being used as I have described and I'm really not sure where to go from here. It all sounds good on paper..."...Client on the net ships a packet off to the gateway (eth0)...The linux box runs it's firewall/proxy voodoo magic stuff and ships it out the other side (eth1) to the router which of course really ships it out...". But how about on the return trip? With the firewall and the router both using NAT...the router won't care, but how about inside the linux box? Will the packets still back and forth to each client OK?

(!) [Jim] Linux can be used as a border router and/or as an interior router.
An even better configuration would be:
               +---------+     +--------+                     +-----+
               |   ISP   |-----| Router |               +-----| LAN |
               +---------+     +---+----+               |     +-----+
                                   |                    |
                         Note ---> |   +--------------+ |
                                   +---| Linux Router |-+
                                       +------+-------+
                                              |
                                              |
                                       +------+-------+
                                       | Linux Server |
                                       +--------------+
... where you have three ethernet interface in your Linux Router (a three legged firewall).
Note: this could be an ether crossover cable between the ISDN router and the Linux box, or it could be a serial connection between the Linux box and an external ISDN modem/TA (terminal adapter) or the whole thing could be replaced with an internal ISDN card that's plugged into the Linux Router. (In that last case, think of this line as being the Linux Router's internal PCI or ISA bus).
The advantage here is that all traffic passes through the Linux Router (where you can do packet filtering, IP redirection, logging). However, if the Mail Server gets compromised then it can't be easily used to attack the LAN machines. (The mail server is not trusted by the LAN machines, it is only allowed to received outbound mail, and POP or other mail fetching connections from ther internal hosts.
You can also sequester other services on the Linux Server. You can put a DNS server on it, etc. Note that each service that you run on the Linux Server the greater the risk that one of those services can be used as a whole through which an attacker can compromise that machine. So, if you run mail, DNS, web and FTP all on that one Linux server, then any exploit in any one of those can affect the whole server, and thus compromise all of your DNS, mail, web, and FTP services.
That's why we don't run those services on the router. On my router at home, there are NO services running (not even ssh). I cannot access it remotely. I must sit at the keyboard and work from the console directly. In fact there are IP packet filtering rules that prevent that system from accepting any packets that are addressed to it. You can't even ping it! (It will only permit traffic that is supposed to go through it, not to it).
You could hang as many seperate Linux servers off of this eth2 interface (DMZ network segment) as you like. However, you'll either need to have separate real IP addresses (DRIPs) for each, or you'll have to configure the Linux router to do TCP and UDP redirection for each service to each server.

(?) I feel like a five year old asking why the sky is blue... I did find out one thing this past weekend...IPchains works in here somewhere...that's about all I know.

(!) [Jim] Actually your question is reasonably sophisticated, and your criticism of the HOWTOs is well taken.
The biggest issue here is that you have two different problems to solve. First you need routing to work. You need more IP addresses or you need to install some form of TCP/UDP redirect utility. Keep in mind that the TCP/UDP redirect utilities might be running as 'root' (if they are listening on "privileged" ports) and, therefore might be a security risk on the router. There's a way to use IPChains to redirect TCP traffic into a Unix domain socket and I think there should be a utility to relay connections from a Unix domain socket back to a TCP connection. However, I haven't looked for one recently and I don't remember if there was one the last time a question like this came up.
(The advantage of this approach would be that it would allow the redirection utilities to run as "nobody", or (better yet) as a set of mutually non-trusting "nobody" UIDs --- which minimizes the risk to the router).
That's why the router in a firewall is called a "bastion." You want it to be relatively simple with as few windows, doors as possible and NO ornamentation.
I currently have a block of IP addresses, so I haven't had to resort to incoming IP redirection. (Otherwise I'd tell you the name of the utility that I was using).

(?) I've said more than enough...time for a beer. Hope to hear from you soon.

(!) [Jim] I agree. I'm off to BALUG (http://www.balug.org) where I'll fill up on Tsing Tao and other chinese food.

(?) Something comparable to Services in NT

From Michael Swanson

Answered By Mike Orr

I've been playing with Linux for years, and just recently decided that I wanted to learn more about it. At this point I feel as though I know nothing. I have compiled and installed a proxy server in my Mandrake 7.1 system. But I have to log in as ROOT to run it. And I must run it everytime I reboot. I would like to have this run at start everytime. As I understand it, anything run at startup is root, and this program (squid) says it changes user after initialization. The documentation mentions how the program will respond after being automatically started, but gives no mention at all on how to achieve this.

(!) [Mike] See if Mandrake uses the System V init scheme like Red Hat and Debian do. You have one directory containing start/stop scripts, and other directories containing symlinks to those scripts. On Debian (which I'm familiar with), the script directory is /etc/init.d, and the normal symlink directory is /etc/rc2.d . In that directory, put a link called S##squid pointing to the script. (Replace "##" with a 2-digit number indicating which order to run it--lower numbers get started first.) Mandrake is probably the same but the directories may be named slightly differently.
Look for a README in the script directory, /usr/doc/sysvinit, "man init", etc. There's also a HOWTO "From Power Up to the Bash Prompt" (http://www.ssc.com/mirrors/LDP/HOWTO/From-PowerUp-To-Bash-Prompt-HOWTO.html) that explains everything that happens when the computer boots up; this is worth looking through even just to know what info is available in it.

(?) Editing fstab file for tape backup

From Michael Dodge

Answered By Mike Orr, Dan Wilder

Dear Answer Guy:

I have installed a tape drive onto a 586 intel. The tape drive is an HP SCSI drive. I had someone that I know compile the Kernel to support SCSI, but I wasn't able to mount the tape drive. I think that it is because I haven't proplerly edited the fstab file.

I reads:

/mnt/N tape

(!) [Mike] I haven't actually used a tape drive, but I've never seen any that are mountable in the way floppy disks are. So you don't need an entry in fstab. (If you did, it would be
/dev/DEVICE    /mnt/N    FILESYSTEM_TYPE   OPTIONS   0  0
) You would especially want the "noauto" option to prevent it from automatically mounting the tape at boot time. (Which would cause an unpleasant delay if there was no tape in the drive.)
But as I said, I doubt you can mount tapes at all anyway.
Normally, you must figure out which device it is, and then use that as the "filename" argument to your backup program (e.g., tar). E.g.,
tar tvf /dev/rmt8 /home/me
You use the "mt" command to skip forward or backward over one or more tarfiles on the tape, rewind the tape, retension it, etc.
There is a ftape HOWTO. Although that's not the kind of tape drive you have, section 7 ("Backing up and restoring data") may be of help.

... thanks, now to make the backup ...

(?) Tag,

Thanks for the advice. I have another question though. I use the tar command to read from the tape, but how do I write to the tape. I would greatly appreciate any advice on this matter. Thanks.

(!) [Dan] To write to tape:
  tar cf /dev/st0 files-to-tar
To read from tape:
  tar xf /dev/st0 files-to-tar
"c" means "create" archive, "x" means "extract". In this case, "/dev/st0" is your archive.
The answers to this and many other questions about "tar" are found if you type
  man tar

... kudos gang! ...

(?) I would like to thank Dan for the final piece of advice on this matter. You have helped me solve a problem that I have been working on for some time. I know that this stuff is probably cake for you guys at tag, but for someone not as experienced with LINUX (myself for example), these tips really save the day.

Sincerely,
Mike Dodge


(?) Mail gets nowhere?

From anonymous

Answered By Mike Orr

Do I ask you what does it mean when I get permanent fatal errs for

 MAILER-DAEMON@aol.com <mailto:MAILER-DAEMON@aol.com>  transcript of session
 follows while talking to yd.mx.aol.com
 RCPT to:MAILER-DAEMON@aol.com <mailto:MAILER-DAEMON@aol.com>
 <<550MAILER-DAEMON@aol.com <mailto:550MAILER-DAEMON@aol.com> >...User
 unknown
(!) [Mike] "User unknown" really does mean user unknown. aol.com has no user "MAILER-DAEMON".
If something comes "from" MAILER-DAEMON, it's an error message, probably reporting a previously-failed message.

(?) If I am asking the wrong person please direct me to the appropriate person. What prompt to e-mail MAILER-DAEMON was an user unknown message from an aol subscriber.

(!) [Mike] Then either the person's account expired or AOL is messed up. You did verify you typed the address correctly, no? If you think AOL is at fault, complain to . (Ditto for any other site.) There's no reason to write to MAILER-DAEMON, because there's nobody there to read it.

(?) Thank you for your prompt reply.


(!) Loading SuSE Linux 6.4 via NFS

Answer By Chris Gianakopoulos

Hi all,
This weekend, I decided to load SuSE Linux 6.4 onto my son's IBM PS/ValuePoint computer.
The network configuration is illustrated below.
      -----------------------                      -------------------------
      |                     |  10Base2 Ethernet    |                       |
      |      IBM            |----------------------| Linux Machine         |
      | PS/ValuePoint       |                      | Host: stargate        |
      | Host: strikeforce   |                      | with CDROM            |
      -----------------------                      -------------------------
       Target machine for                                    NFS server for
       Linux install                                          Linux install
I have NFS running on my Linux machine, so I decided to install Linux onto the IBM machine via NFS. I installed a minimal system so that I could install user accounts in case problems occurred when I added more packages to the system.
Once I had a minimal system up and running, I decided to use YAST (the installation program) to added more packages into the system. Everything worked fine until I was prompted to install CD2 of the distribution. I was told that I was loading the wrong CD!
I investigated the problem by executing "tcpdump" on my Linux machine so that I could observe traffic over the ethernet. To my surprise, I found that the IBM machine was being denied access to CD2 (the second CD of the SuSE distribution).
I then logged in as a user (not root) and then changed myself to root with the 'su' command. This allowed me to mount remote filesystems using NFS (for example:
I decided to continue observing ethernet traffic while I manually (for example: mount -t nfs stargate:/cdrom myMountDirectory, where myMountDirectory is a local directory on host strikeforce). I now had a controlled experiment, and I was able to determine that, out of the 6 CDs supplied with SuSE 6.4, CD number 2 could not be viewed, and this was confirmed by the denied access packets observed via tcpdump on host stargate.
It turned out that, on CD number two the directory "." only had root priviledges. On the other CDs, there existed read and execute priviledge for group and world.
My solution was to copy the image of CD2 onto a top level directory of my Linux machine (host stargate), make sure that group and world had read and execute rights, and modify /etc/exports (the NFS export file which allows other users to view your filesystem) to reference the directory.
The lines in /etc/exports looks like this:
--------------------------------------- start of file ----------------
# used for all other CDs
/cdrom    strikeforce(ro)
# used for CD number 2
/test/cdrom  strikeforce(ro)
--------------------------------------- end of file ------------------
I noticed one odd thing during this exercise (installing Linux via NFS).
Even though host strikeforce had unmounted the remote filesystem on
host stargate (I confirmed this via a telnet session onto host strikeforce), I could not unmount my cdrom. In order to unmount the cdrom, I had to comment out the line, in /etc/exports, which refers to /cdrom, restart the NFS server by typing "nfsserver restart", and then typing "unmount /dev/cdrom". I could then unmount the cdrom, change the cdrom, mount the new cdrom, uncomment the abovementioned line in /etc/exports, and restart the NFS server.
Perhaps, you do not have to unmount cdroms before changing them, but, I would think that you would have to in order to maintain the proper notion of the contents of the mounted cdrom.
The bottom line: My copy of SuSE Linux 6.4 does not have group and world access rights to CD number 2, thus, you have to install from an image copied onto the hard disk of the NFS server.
Perhaps this message is too long winded (I tend to ramble) for a 2 cent tip. I'll let all of you decide if this message is worth posting. All I know is that if I did not have strong networking and protocol experience (my NFS knowledge is questionable), I wouldn't have known how to use tcpdump, and I wouldn't have solved the problem in the speedy 5 hours that it took me.
Keep up the fantastic work, and thanks for all of your hard work for this fine magazine!
Chris G.

(?) RE: classified disk

From Anonymous

Answered By Ben Okopnik, Dan Wilder

Hey there gang! I was in the Air Force for almost 21 years and worked in the intelligence career field. Depending on the level of classification the overwrite method is not always allowable. Shane Welton needs to contact his security manager for clarification. I took several computer security courses taought by the NSA (yeah, I know the None Such Agency) and they would not allow overwriting because they were able to recover all the data.

(!) [Ben] Heh. When I was in the Military Intelligence (yep, it's a non-sequitur like "giant shrimp"), we dealt with NoneSuch; their "set in stone because we say so" policies provoked a lot of comment among my fellow soldiers.
The ability to recover data through a simple format is the reason for the 7X overwrite method with random garbage. As long as 15 years ago, I remember there being a guy in California who had a SQUID (Super-Conducting Quantum Interference Detector) that could pull up a relatively high percentage of data from a hard drive that had been through six low-level formats (of course, he charged a few pennies for the privilege - $60k was the figure I heard.) Those are typically just overwrites with all zeroes, and he simply had to dig for a faint-but-present remainder of the original ones and zeroes. He would try, but did not promise anything, with a single data overwrite (I believe he was relying on the blank spots in the current data.) After seven overwrites with random bits, there's nothing of the original data left to be read - there's absolutely no way to distinguish a '1' written seven overwrites ago from a '1' two overwrites ago.
(!) [Dan] If that's true, why not just overwrite seven times with all "0" or all "1", on alternating passes? Or run "badblocks -w" which writes all 0xaa, 0x55, 0xff, then 0x00, several times? Seems like it'd be a lot faster than waiting for entropy on the /dev/*random. And, it guarantees that every bit gets flipped multiple times.
(!) [Ben] <Shrug> I always thought it would be sufficient, but the government spec requires randomness. Given that "/dev/urandom" is non-blocking, I can't see it as being much slower than any of the above, and I believe that a pseudo-random source still qualifies - but given that my familiarity with the pertinent regulations is from many years back, Your Mileage May Vary.
If a company's the security policy disallows this kind of a solution, fine; the technology is still a valid one.

... to which our spooky querent replies ...

(?) Yeah, I know what you mean. I dealt with SCI material, we couldn't even think of declassifying anything. We finally got permission for me only since in a prior life i was a machinist (my dad owned a machine shop) to be able to take a hard drive apart, chuck up the drive platter and remove the top .030 (thirty thousandths) on each side AND then we had to smash the platter. The easiest thing was to just box up any drives and have the courier take them up to Fort (Fumble) George G. Meade for them to destroy.

Hey, thanks for the trip down memory lane. Linux lives!!!


(?) multiple subnets, one DNS

From Damir Horvat

Answered By Dan Wilder

Hello!

I have one linux server and 2 subnets on private network.

I would like to have this: If the request (nslookup) come from subnet #1, DNS server would show only the subnet #1 net table. And the other way around. The two subnets should not "see" eachother.

any ideas?

kind regards,
damir horvat

(!) [Dan] A so-called "split DNS" arrangement will do that.
Each subnet runs its own DNS server, which considers itself authoritative for your domain. Each server forwards other requests to one or more third servers, possibly those of your ISP, which handle all other requests.
The server on subnet #1 has entries in its zone table only for hosts on subnet #1, and for any outside hosts belonging to your domain that need to be reachable from subnet #1. Likewise, subnet #2.
Assuming your local subnets are 192.168.1.0 and .2.0 and that your ISPs nameservers are 10.0.0.1 and 10.0.0.2, with BIND-8.2, your boot file (often /etc/named.conf), has stanzas containing:
options {
        directory "/var/named";
        allow-query { 192.168.1.0/24; 127.0.0.1; };
        notify no;
        allow-transfer { none; };
        datasize 20M;
        forward only;
        forwarders {
        10.0.0.1;
        10.0.0.2;
        };
};

zone "your.domain." IN {
        type master;
        file "your.domain.zone";
};
along with any other options and stanzas you need.
"/var/named/your.domain.zone" on each subnet lists all hosts belonging to your domain that are visible from that subnet. This includes any hosts off the subnet, as this setup will not query the third-party DNS for hosts it doesn't know about in your domain.
Substitute the proper IPs. Subnet #1 lists 192.168.1.0 network in its allow-query field; subnet #2, 192.168.2.0. Hosts on each subnet point to their own nameserver. If the subnet is large enough to warrant the effort, set up two nameservers on each subnet, the second a slave to or a mirror of the first, so the subnet won't be left without name service if you have to take the nameserver down.
If you have only one Linux server to implement this with, run two copies of BIND, each listening only on the IP connected to its respective subnet. Use the "listen-on" directive for that; for more information, see "man named.conf.5".

... Damir replies ...

(?) Hello!

Thank you. Yesterday I've done some reading myself, and successfuly setup one box with two NICs.

Kind Regards.


(?) responding to DESQview/386 Die Hards into the Next Millennia

From Jim Barnett

Answered By Heather Stern

Jim,

I'm beginning the serious stage of a large AI project. For several reasons I (naturally) looked to Linux. However, what I really need is a robust but SIMPLE multitasking OS that will juggle my ANSI C code and stay out of the way. So far it looks like it may take the rest of my life to learn Linux, all the while I make no progress on my real project.

Then I remembered DESQview.

In a previous comment,

(!) [Jim] I presume that Quarterdeck's aquisition by Symantec has spelled complete obscurity and orphanage to DV. They probably didn't even have the decency to release the sources to a "free world."

You might be far better off with a combination of Linux and its DOSEMU or VMWare. It's a pity that you'd lose DESQview's UI (I'd really like to see a Linux console manager that would match the features and feel of the DESQview popup menu system --- but add configurability like DV/X). However you gain support for modern hardware (including CD's, CD-R, CD-RW, DVD and DVD-RAM) and procotols (running DV under a TCP/IP stack used to be like waltzing with a bear in a china shop!). You also lose all problems with memory management (forget about conventional vs. EMS and "largest program size").

All that and you get the sources, too. (A feature that would be even more exciting if I were a real programmer, and not just the occasional hack).

you said it would probably not be possible to get Dv drivers for modern devices like CDROMs. Just doing some preliminary surfing today, it looks like you may be right. However, if I can find a copy of the actual program (there are tons of add-ons & utilities online), I'd like to give DESKview a shot.

Assuming I stick with Linux, do you have any suggestions for shortening my learning curve? Is there a small, non-network, non-graphics release of Linux you would recommend?

Trying not to fall down the learning curve,
Jim

(!) [Heather] Sorry to run a mite late, but you can easily consider Tom's Root Boot (it runs off a floppy, needs no graphics whatsoever, and lives in RAMdisks) or Debian base (the install is a bit annoying, tho) - I think LibraNet can give you a somewhat easier Debian setup without attempting to use graphics.
TomsRtbt is a libc5 based Linux system. Tom Oehser says he lives in it day to day, and I assume he is able to use a compiler in it, since he creates the code for new small utilities on his disk. It does have networking.
The advantage of Debian would be the ability to use their apt-get package manager to fetch new applications or languages if you need them, eg. Lisp, scheme, etc. The full-screen textmode utility 'console-apt' is also worth the time to download, since you can use that to read descriptions of packages that you're considering.

(?) DOS partition from Linux

From Rick Rodgers

Answered By Mike Orr

(?) Does anyone know how to create a bootable DOS partition on a hardisk using Linux? It seems that fdisk doesn't do it right and FreeDOS can not boot.

(!) [Mike] First, the DOS partition has to be a primary partition (one of the first four partitions). Exactly one partition should be marked 'active' using fdisk. This is the partition that will boot. If the DOS partition is active, you will boot only into DOS. If your Linux partition is active AND you set up LILO, or if you set up LILO on the master boot record, you can choose Linux or DOS from the LILO menu. See the LILO documentation in /usr/doc/lilo/ or thereabouts, and the LILO HOWTO and the other HOWTOs at www.linuxdoc.org.
Actually, there is a DOS program called loadlin that will allow you to first boot DOS, then go into Linux, but usually people use LILO instead.
I don't know about FreeDOS, but in MS-DOS or you have to copy the system files in order to make a bootable disk. You can do that when you format the disk by using the /s option to the DOS FORMAT command, or by using the DOS SYS command to copy the system files from a disk that already has then (e.g., a bootable floppy: "SYS A: C:" ;). The required files are IO.SYS, MSDOS.SYS and COMMAND.COM. IO.SYS and MSDOS.SYS are hidden files in the root of your C:directory (or A:\ on bootable floppies). COMMAND.COM is the DOS shell that gives you the C:\> prompt. Without these three files, the DOS partition is not bootable.
In Windows95, these same three files and commands are used, and bring up Win95 in MS-DOS mode (without the GUI). For the GUI, you'll have to install Windows. If you have the Windows installation files on a CD, you can copy them to the DOS partition from Linux, boot DOS somehow, and then run the Windows SETUP.EXE program. You probably won't be able to use the CD-ROM from DOS without Windows; that's why you'd need to copy the setup files to the hard drive first.
All bets are off with Windows 2000.
If this doesn't answer your question, tell us more specifically what the problem is (what error messages you're getting, what partitions you have), and that may help us give a better answer.

(?) e-mails not getting through

From DJ Bellerose

Answered By Mike Orr

Dear James,

Could you please give me some info as to why my e-mails are not being recieved by the intended recipient. After sending them I do not get them back in my own mail saying that they were undeliverable. I have on occasion gotten some back but the ones I am sending to my boyfriend are not getting to him although it says they are being sent. I have sent a few and then have gone to his place so we could see what was happening but nothing shows in his mailbox. All my other e-mails do make it to whomever I send them to. Also the e-mails I have sent to my boyfriend before have made it but for some reason in the past week and a half none of them were sent to his mailbox. I know I have the right addy as he has been here with me when we sent some. I hope you can help with this. If you need his addy or mine I will send them to you upon request. When they do come back to me it is from Mailer Daemon.

(!) [Mike] This is the biggest clue right here. It should be an error message saying (perhaps cryptically) why the mail is being returned. Also look at the headers of the original message (which the error message will hopefully include). Every mail system the message passes through will add a Received: line before the other Received: lines. Did the message go all the way to his ISP? Can you write to his ISP's tech support address or to ? You need to determine whether it's only his address that's failing or all addresses at his ISP.
If you are on a Linux system (which you are, right, since you wrote to Linux Gazette?), look in your mail log (in /var/log/mail or /var/log/exim, etc) to verify the message was successfully sent off your computer and where it was sent to.

(?) Exiting X and Rebooting with One Keystroke

From stefan

Answered By Ben Okopnik, Jim Dennis

i've following problem: i've set up a couple linux-pc's with X, but w/o a windowmanager, on which i run an icaclient (citrix, u know!).

(!) [Ben] I'm not familiar with Citrix/ICA client, but a quick look at their website tells me that the solution that I had in mind would work, as long as you can create either desktop or toolbar icons.

(?) now for shutting down the computer the user first has to exit X (by ctrl+alt+backspace) an can then press ctrl+alt+del.

(!) [Ben] Try creating an icon that runs "super halt". A number of people out there don't like "super", but as far as I know, its security problems (particularly the "buffer overflow" bug) have been fixed, and it is very handy for something like this. "super" allows a user to run a specific command as if they were root, which "halt" requires. When I did this myself, initially, I was concerned about some possibility of creating a problem by not exiting X directly, but then realized that it was simply an old MS-Windows mental block: after all, "Ctrl-Alt-BkSp" kills X; what can shutting down do that's any worse?
(!) [Jim] If you always want to reboot after exiting X then just start X with a script like:
#!/bin/sh
startx
exec /sbin/shutdown -r now
... so any exit from X will then execute the next line of your shell script. I'm sure there are more elegant ways. You might even want to patch the X sources to use [Ctrl]+[Alt]+[Del] as the "Zap" key instead of [Ctrl]+[Alt]+[Backspace]. I don't know of an option to configure that. However, I haven't even looked at XFree86 version 4.x yet!

(?) but this is a little to complicated (very dumb users ; )). i'm looking for a possibility to assign a key-combination (eg. ctrl+alt+f12) for shutting down X and the pc in one step.

(!) [Ben] I don't know how this would be any different from simply hitting "Ctrl-Alt-Del", unless "ica-client" intercepts that. If it doesn't, simply make sure that your "/etc/inittab" contains lines that look like this:
# What to do when CTRL-ALT-DEL is pressed.
ca:12345:ctrlaltdel:/usr/bin/super /sbin/halt
Hint: if you make "halt" an alias for "super halt", everyone who is authorized via "/etc/super.tab" will be able to shut down the machine simply by typing "halt" in an xterm.

(?) thanks, stefan

ps: sorry for my bad english.

(!) [Ben] I find that most folks who apologize for their English - and yours is fine, by the way - tend to be far more understandable (since they make an effort to be understood) than native english speakers who write in with things like "dOOdz U got 2 hepl mE My proBlM nVIDIa caRD WhaT I dO noW?????????" It's not even the kOOl or 3l33t slang, but simply the fact that they don't take the trouble to relay any useful information... oops, one of my favorite rants. I'll stop now. :)

(?) Multiplexing ppp connections

From David Hunt

Answered By Ben Okopnik

Dear Answer Gang

I have a RedHat 6.1 box that we use for dial out internet access using ppp at 19200 baud. We would like to increase our bandwidth, but according to our ISP the only way we can do this, due to their system, is to have two dial out connections and multiplex them together or have one for outgoing and the other for incoming.

Is this possible to do in linux?

Where can I find documentation about how to do this?

(!) [Ben] Oh-oh. Time for me to put on The Curmudgeon Hat. The "baud vs. bps" confusion is one of my Rant Topics (don't worry; it's a general rather than a directed rant.)
If you are indeed connecting at 19200 baud (and that is far from certain), it means absolutely nothing - unless you're doing something like packet radio stuff, in which case you'd be dealing with the raw numbers. "baud" refers to the actual switching frequency of the modem, which, given the communication protocols in use today, bears less and less relation to the bps (bytes per second) transmitted or received - the only thing that we really care about, as it is the "real" data transfer rate (barring some esoteric considerations.)
(By the way, doing a search for "bps baud confused" on Google produces over 7,000 hits. Don't feel like you're alone. :)
Let's see... by using Deep Magic, I can see that you're coming out of (or at least e-mailing from) the Great State of Texas. Chances are pretty high that the average ISP down thataway will let you connect at speeds up to 56k (nominally, that is; 53k is the actual upper limit due to phone system voltage restrictions, unless they've changed it and forgot to notify me :) If your ISP is restricting you to something below that, changing your ISP is probably the best bet.
Now, all that out of the way - if you actually do want to multiplex two modems, and your ISP supports the scheme - and according to what you've written, they do, then, yes, Linux does indeed support modem multiplexing. Take a look at the "eql" package in the distribution, as well as
"/usr/src/kernel-source-<version>/Documentation/networking/eql.txt"
in the source tree. (This assumes that you have the kernel source installed.) Note that modem multiplexing of this sort does not decrease your latency, which is an entirely different issue and has quite a lot to do with perceived "speed" of communications.
Also, check out Robert Novak's "EQL HOWTO" -
http://home.indyramp.com/masq/eql/eql.html
Pretty good stuff for load balancing info, which sounds like what you're trying to do - unless switching ISPs is a better answer.

... David responds ...

(?) Thanks very much for your quick reply. This was exactly what I was after. After hearing about EQL from you I have since found a lot of info about it.

(!) [Ben] You are certainly welcome; I'm very glad that the information was of use to you.

(?) Just to let you know why I'm after multiplexing 2 19200bps lines. Firstly we are not in the States but in the middle of Asia.

(!) [Ben] Ah. 'sil.org' is in Texas, and I gather you're posting via their web/mail interface. If your ISP is AsiaOnLine.net, you have my profound sympathy; I have several acquaintances who are vehement about calling it AphasiaOnLine (it "forgets" a high percentage of their mail) and are unanimous in cursing it to high heaven.

(?) Also there is only one ISP in our area and for some reason or another they say the max connection speed is 19200bps. One last complication is we don't have a land line but only a microwave connection to the nearest town.

(!) [Ben] Well - sounds like load-balancing experimentation is not a hobby for you but more of a necessity. I must say that I find it interesting that your ISP supports EQL; I assume you realize that it has to be supported at both ends. Since they are the ones who suggested it, they most likely do. I wish you the best of luck.

(?) [Tony@thermo-king.com: new to Linux]

From Tony Ormsby

Answered By Heather Stern

Hi;

I am currently a Windows 98ME user. I have recently started studying Linux OS at Tech. I am looking at installing Linux onto an old PC at home to start with before looking at possibly replacing my current OS later on down the track. My old PC is a i386 with 8Mb of RAM and about 250Mb of HDD space. I am about to ask some silly questions which I hope you may be able to help me with.

Firstly, for such an old system, is there a Linux OS available for it? (with or without a GUI) Secondly, I have an old Linux OS (similar to the old MS-DOS 3.3 OS) which I am playing with and am looking at writing a script which will help me to do the following:

Actually, I'm also going through some old books but they don't five examples of how these scripts should be approached. I'm hoping that if I can get an example, it will give me more of an idea on how Linux directory system operates. It does appears that the floppy drive once mounted becomes part of the root directory rather than remain a seperate drive as in MS OS .

I would like to know more about Linux. I believe that in the next few years, it will grow more competitive and become a real alternative to Windows. I also have a copy of Red Hat 6.2 which I am looking at putting onto a spare i486 with 16MB RAM which I have in pieces. I have been told however, that Mandrake 7.0 is a much easier alternative when starting out in Linux. I guess I'm looking for some help in determining which direction I'm going.

kind regards; Tony Ormsby

(!) [Heather] Debian can run easily in the limitation you described - its "base" only uses about 60 Mb or so. (might be less, I haven't really counted it). Graphical setups cost a lot more space - you should avoid using weighty applications like Emacs, the big environments like Gnome, K or the Office Suites, because they will be very slow for you, if you even get them to fit.
You probably want to investigate some of the specialty distributions listed at Linux Weekly News (www.lwn.net).
Whichever distro you use for the 386, make sure that you are fairly minimal about what you allow it to install. You might even consider calling the staff for the companies (in the case of corporate distributions like Corel or Redhat) and asking them what is the minimum space they can be installed in, and the minimum RAM that configuration will run with.
The 486 you describe has a better chance of using something fairly ordinary, though you'll probably still want to be picky about how to use your disk space. Again, 16 Mb is okay but a bit low, so the weightier apps won't be all that happy in it.
Mandrake is a nice distro (when it works at all in your system) but since it is optimized for 586 or higher-powered processors only, it won't work on either of the two systems you mentioned. Sorry.
If you have to, you can always use a much earlier distribution (though it will have the security bugs that plagued those releases) or you can use a "mini" distribution - usually optimized for running from floppies, but many of them can be carefully set up to run from hard disks as well.
Tom's root boot is a nice tiny distro (floppy based) to use to learn more about things under Linux without getting too complex. It runs from RAM so you don't have to ruin any harddisks until you decide what you want to do. Of course, its documentation is very minimal, because too much wouldn't fit on a floppy. You can find his work at http://www.toms.net/rb
Best of Luck

(?) Trident Providia 9685

From J C White

Answered By Heather Stern

Hi There,

I was told you might be able to direct me to where I can find the drivers (Win98SE) for the Trident PV 9685...I have this PCI vid card with no drivers...I also have the AGP version...again no drivers

any assistance will be greatly appreciated

J C White

(!) [Heather] The card that you have has actually come up before in The Answer Guy column, in issue 31. (www.linuxgazette.com/issue31/tag_trident.html) It's been supported in Red Hat (at least on a hardware list) since at least version 4.2. So, the card's been around awhile, and we can at least assure you that it works for Linux...
Unfortunately that's not what you've asked. Sadly, we have no particularly great idea where to find just about anything specific for Windows (any revision)... that's not the OS we write about.
However, I do find an occasional gem for Windows (when I have to go looking) at either winfiles.com, or TUCOWS. That's short for: The Ultimate Collection Of Windows Software. They've of course spread out into more OS flavors and hardware such as Palm pilots andd our fave, Linux.
Under Linux, the card you mention works under Xfree86 version 3.3.6 as well as the new, restructured to be nice and fast, 4.0. I even saw a mention of a 64-bit version of it being okay (AGP wasm't mentioned over in the list at www.xfree86.org, but I'm guessing that's what you really have). Metro-X has a commercial server for it too.
Though it's mentioned in scattered references as "unsupported" I have to add that in Linux terms, that means Trident has been worthless in helping us use their stuff, so it doesn't mean exactly that it doesn't work, it means that we probably are not making the card behave at its very best. We might be - we might even do a better job than your missing Windows drivers - but we really can't tell. Not a lot of developers will throw extra money at more pieces of unusable hardware if they should fry one while trying to code things to make it work.
To be utterly fair to Trident, there aren't that many companies that are "supported" in the sense of really giving us data that we can use for coding up new X server support. It's kind of strange that vendors won't help, even with some raw information about expected input and output signals, since they claim they want to sell hardware. Even if it would somehow reveal some great secret about their hardware (I find this difficult to believe), you don't see very many companies helping us out even with their older cards, saving juicy protectionism for the Hottest New Toy. There are a few... SuSE and Precision Insight have given a lot of extra help to the X Free86 project by helping convince and aid vendors in going our route... as for the others, too bad for them. We tend to buy what we can use, and we're really good at friendly word of mouth for helpful vendors. So if things don't work out for you (though I hope they do), allow me to recommend 3D Labs, ATI (we handle so many ATI cards I stopped counting them. Get a Rage 128 and save yourself from wondering which server entry to pick), Matrox (Milleniums are excellent), 3Dfx, or any of the other vendors who've done XFCom servers. They can use the encouragement :)
[Note] 3dfx appears to be effectively out of business since Nvidia bought them, which might not matter to you, but it seemed wise to mention, as you might not want to buy cards that have been orphaned that way.

... John went on to find the REAL answer he needed ...

(?) found ALL drivers and will forward to list...even found jumper settings to use as SVGA, S-Vid, or NtSC output in Win95 or 95; again , will send....gimme addy where to upload these gems to as well as a Trident total support page with drivers for everything they ma(de)ke!!

Thanks Again

John

(!) [Heather] You can reply to and I'll publish ... mainly because the jumper details might be useful to Linux'ers too. If you create your own web page where you're keeping track of these, you can tell us the link. And, that'd make it pretty easy for you to submit the tip to Windows related sites, as well.
I don't know if Trident maintains such a "total support page" - do they? But as time marches on, lots of companies stop maintaining details for older cards.
[Note] John didn't forward the drivers, but if anybody needs to get ahold of him for these, send a note to The Answer Gang () and I'll forward it along to him.

(?) The New network On The BLock

From Robert Smith

Answered By Dan Wilder

Next year i'm hoping to set up a home network that will have internet connection through a firwall, then a DSL connection. With such a set up, is there any need to set up DNS services if we are to have a static IP address, or can we use the ISP's?

(!) [Dan] You can use the ISP's DNS services. Put internal hostnames in the /etc/hosts files, or equivalent for other OSs, and point all hosts to the ISPs nameservers for resolution of external hosts. On Linux, /etc/host.conf should read
order hosts,bind
multi on
and /etc/resolv.conf should have:
search your.internal.domain
nameserver IP.for.your.ISPs.nameserver
nameserver IP.for.another.of.your.ISPs.nameserver
"your.internal.domain" is whatever you call your network. No need for it to be a registered domain. "IP.for.your.ISPs.nameserver" is the IP number for your ISP's nameserver.
It becomes worthwhile to set up an internal nameserver when the internal network grows large enough to make propogating the /etc/hosts files (and equivalent) a nuisance. There are a couple of other reasons to set up internal nameservers ... consigning external banner ad servers to oblivion, for example ... but AFAIK, these are all amenities you can easily live without.

(?) Mail Daily sylog message to remote e-mail

From Ling Ling

Answered By Ben Okopnik

Hi,

I am sorry about the interruption. But I have no way to find a help except to try my luck everywhere I can (at least that's what I perceived). I have a RH 6.2 server running as FTP server. Upon customer response, I will have to send certain syslog message to their LAN account, like say admin@system.com. I have read all the manual and even posted up a question on the linux mailing list, but I have still no receiving the answer I want ... I now how to redirect to a file or a local user, but this users is not a local system users (but stay in the same domain), do you mind to guide me on this ??

(!) [Ben] I'm not exactly sure of what you're asking, but here is my best guess:
1) You have a user connecting via FTP. 2) On a response (What kind of response? What kind is possible via FTP?), you want to send e-mail to that user.
Assuming that the response - however it's done - contains the user's name and host, the answer is an easy one:
tail /var/log/messages | mail -s "Your syslog info"
The above, for example, would send the last 10 lines of "/var/log/messages" to the specified user. You can, of course, specify whatever information you want to send, and use whatever subject you want (the '-s' switch on the above command line) - this is purely an example, since you didn't say what it is that you wanted from the syslog. Note that you may have a decision to make with regard to file permissions, as most log files are only readable by 'root'.

(?) Thank you very much.

Regards, Ling Ling

(!) [Ben] You're welcome. If I'm off in my understanding of what you're trying to do, please feel free to write back.

(?) Scripted Serial Sessions

From nir

Answered By Jim Dennis

Hellow

I am qa engineer

I want to write send and recieve file script for minicom, so i will be able to check a lot off AT commands. do you know about any tools that could help me, or examples for those scripts.

(!) [Jim] Read the man pages:
RUNSCRIPT(1)                                         RUNSCRIPT(1)

NAME
       runscript - script interpreter for minicom

SYNOPSIS
       runscript scriptname [homedir]

DESCRIPTION
       runscript  is  a  simple  script  interpreter  that can be
       called from within the minicom communications  program  to
       automate  tasks  like  logging in to a unix system or your
       favorite bbs.
runscript is a utility that comes with minicom.
Of course, I can't just leave it at that. That would be far too simple an answer. I really have to put in a plug for Kermit if you're going to be doing any serious communications scripting. Kermit is a rich programming/scripting language for automating serial and network communications. I really suggest that you try it instead of minicom's runscript.
I must admit that I usually use minicom for most of my simple interactive serial terminal needs. However that's purely born of laziness. Minicom is included with most LInux distributions while I'd have to fetch kermit and build it from sources. If it was "apt-get'able" from the Debian archive system; I'd go back in a heartbeat.
All of that aside, runscript can probably do what you need, and if that doesn't give you enough power to do the job then look at the 'expect' programming language from Don Libes. That can automate any terminal/curses appllication under Linux/UNIX and it supports the full TCL programming language. There is also an "expect.pm" module for PERL if you prefer its syntax and features.

(?) Thank you.

Kermit is very good but their is one problem, i cant put AT commands in my script. i have the same problem in minicom (it dowsnt recognize AT commands) i try even to combine the both (minicom and kermit). i think kermit is powerful and thanks to you i learn it.

thanks again!!!
Nir


(?) Setting up print filters.

From Neo

Answered By Ben Okopnik

Hi,

I'm a totally newbie about Linux, but I found it a real great OS (I normally used Win98 !!!), but I have a small problem. I have just changed my printer, a brand new Epson Stilus Color 670, but my Linux box won't use it

(!) [Ben] The main reason, Neo, is - of course - that the Matrix has you. :)
Generally, I would not respond - few people would - to a request for help that gives so little useful information. The reason that I'm answering this question at all is because printing setups can be troublesome, and what I want to do here is write a sort of a mini-troubleshooting guide. "My Linux box won't use it" is rather useless; what does that mean? Are you physically unable to connect the printer to the box? Does it not fit on the same desk as the computer? Does it print perfectly except for skipping every other comma? There is no way to tell, and most of us aren't into guessing. Please try to make yourself clearer when asking for help; there's no such thing as "too much information" when doing so.
If there's one bit of advice that I'd want to emphasize to the newcomers in the Linux community, this would be it - make yourself as clear as possible when asking for help, and include as much information as you think necessary... and then add some more.
A quick check of Epson's website didn't give me any specs on this printer, just advertising crud. I suspect, though, that it is not a WinPrinter - that's what I wanted to check up on. If it was, you'd have a bit of trouble (software is available, but it's problematic.) In any case, WinPrinters are beyond the scope of what I want to cover. We'll assume that you have a real, honest-to-goodness printer with its own brain, and go from there.
Once you have connected the parallel cable (once again, USB printers are outside the scope - look up the USB-HOWTO on the Web), powered up the machine and the printer (DO NOT connect or disconnect parallel peripherals under power: you stand a high chance of frying the peripheral and the machine), and made sure that the printer's power light is on, it's time for the basic test. Pick a text file that is about 1k in size - the default "/etc/inittab" is a pretty fair example - and shove it straight out through the parallel port:
cat /etc/inittab > /dev/lp0
This assumes two things: 1) that you are logged in as root, and 2) that the first parallel port, "lp0" (known as "LPT1:" under DOS/Windows) is where your printer is connected.
If this doesn't work, look at any error messages that may be generated: "Permission denied" probably means that you *didn't* log in as root. "Device not configured" would mean that you either don't have the "lp" module loaded (check by typing "lsmod") or do not have the kernel parallel-port driver enabled, which would be a strange thing to do (but I've seen it happen.)
If no error messages are generated and there's still no output, try assuming that it's the other parallel port - there are rarely more than two on machines today; for that matter, more than one is becoming rare. Anyway, try
cat /etc/inittab > /dev/lp1
- it can't hurt.
One rare, odd thing that can make this test fail - check the parallel port settings in your BIOS. I've seen an "ECP/EPP" setting disable a Brother printer under both Linux and Windows; all other settings allowed it to work. Yes, Brother printers are weird - but this was about as strange as snake suspenders...
If none of the above works, check the hardware by booting into DOS or Windows and printing from there. If you still can't get it to print, there's a problem with your hardware - port, cable, or printer. Curse life, weep loudly, and replace whatever is necessary.
Install "lpr" or "lprng". For a home user, it makes no difference which one you choose. Either one handles the tricky bit with the permissions - you don't have to be root to print anymore. "cupsys", available with the new version of Debian (and probably other distros) takes care of this and the next (filtering) stage. Make sure your "/etc/printcap" is correct (see "man printcap") and test the system by typing
lpr /etc/inittab
If all you were going to do is print text, you'd be done at this point. However, most folks like their graphics and want to pretty-print stuff like Web pages, etc. For this, you need a series of "translators" that accept an arbitrary file type and turn it into language that is appropriate for your printer. "magicfilter" and "apsfilter", in my experience, can both be rather fussy about installation - I've had problems with both. Test the system by printing a small graphics file, preferably something like a black 4x4 pixel GIF or JPG - if you only get a dot (the correct output), try a larger image; if the filters are messed up, you won't get more than a page of random garbage.
At this point, you're done. The next move, as the original Neo said, is up to you.

(?) Xwindows

From Wes Ragle

Answered By Mike Orr, Heather Stern

(?) Is Xwindows a generic part of Linux? All I ever see while researching the question is xfree86?

(!) [Mike] "Linux" refers only to the kernel. All Linux software comes from third parties, including stuff that's necessary to boot and produce a shell prompt. X-windows is just a protocol; Xfree86 is a concrete implementation of that protocol.
(!) [Heather] Actually strictly speaking, X is the protocol, windows are what it is about painting, and people rarely see them apart unless they are programming an X based application. Especially if they're programming a window manager; window managers (whose names often end in wm: fvwm, qvwm, twm, flwm, icewm; but not necessarily: blackbox, enlightenment, sawfish) are responsible for listening to X protocol messages like "you got clicked" or "keystroke M" or "please repaint coordinates so-and-so" and telling the right applications what to do. It's the window manager that owns the scrollbars, the title bar, and the background.
(!) [Mike] XFree86 describes itself as "a non-profit organisation which produces XFree86, a freely redistributable open-source implementation of the X Window System that runs on UNIX(R) and UNIX-like (like Linux, the BSDs, Mac OS X (aka Darwin) and Solaris x86 series) operating systems and OS/2." (http://www.xfree86.org)
Linuxers adopted Xfree86 over other versions of X-windows because (1) it runs on the x86 CPUs (a sine que non), (2) it's affordable (back when X was unusable under Linux I almost bought BSDi [another UNIX-like OS] instead, but didn't because of its price tag), and (3) meets our standards for open source (not counting a few minor squabbles along the way).
Linuxers chose X-windows over other graphical systems (e.g., MGR) because almost all the graphical applications available for UNIX are designed for X.
(!) [Heather] There are other implementations of X, also... tinyX is one. You can read far more than any of us can say here by following some of the links at Kenton Lee's site: http://www.rahul.net/kenton/xsites.html
(!) [Mike] Four other graphical "systems" to look at are the framebuffer, SVGAlib, Berlin and GGI.
The framebuffer is an optional part of the Linux kernel that runs the video card in graphics mode. This is required for non-Intel systems (which don't have a text mode, so it must be emulated). It's also useful on Intel because X-windows normally takes control of the video card itself, and because X is such a huge beast, buggy X programs and drivers can crash the X server, freezing the screen+keyboard+mouse and necessitating a reboot. But with the framebuffer, the kernel retains control of the video card and can tell the X server where to go.
SVGAlib is a library that allows non-X programs to use graphics mode.
(!) [Heather] However, there's only one fellow in charge of it and video cards keep moving onward. Last I saw, he's not adding support for new cards - although many with VESA 2.0 compatability will work.
(!) [Mike] Berlin is/was a project to make a windowing system better than X. I can't find a URL for it, so I'm not sure if it still exists. (I thought it was www.berlin.org, but that goes to www.berlin.de, which contains tourist information about the city. Google and MetaCrawler don't seem to have any links to it.)
(!) [Heather] Funny, I went to Google, typed in the keywords "berlin" and "gui" and it popped right up: http://www.berlin-consortium.org
The trick is to make sure you don't get references to the city, by putting in a more limiting keyword to go with it :) They have news as of late November, so I guess the project is still alive.
(!) [Mike] GGI ("General Graphics Interface", http://www.ggi-project.org) is a portable graphics interface of the "write once, run anywhere" variety. It can run with X and/or the framebuffer and in other combinations.

(?) Would you please straighten me out as to exactly what is involved in generating nice graphics in Linux? Does Mesa only work with drivers for a select few video chips?

(!) [Mike] I'll let others answer these since I don't know.
(!) [Heather] I don't think that is the case... although certain video chips may get a significant boost from having OpenGL support directly, Mesa is software that allows non-supporting cards to display applications designed around OpenGL. Mostly. The author is very careful to state that it is not a licensed SGI implementation of OpenGL so if something isn't a perfect match, sorry. You can read all about that at the Mesa project homesite, again not quite obvious: http://www.mesa3d.org
Anyways I hope that helps a bit. Since I don't know what kind of nice graphics you're trying to do, I don't know if any of the APIs optimized for helping gamers might help you out too. But this should be a good start.

(?) Xfree 4.0.2

Definitely worth mentioning -- Xfree86 4.0.2 just came out. Release notes:
http://www.xfree.org/4.0.2/RELNOTES.html

(?) diald on a smoothwall box

From jim watkins

Answered By Mike Orr

This may be the wrong place to ask a question! in which case please take no notice.However if not......

I just made a box running smoothwall, a sucess until....I realized it did not dial on demand...then I found diald ....to me this looks like it should achieve what I want...

(!) [Mike]
1) What are you trying to do?
2) What's smoothwall?
Diald's main use is to automatically initiate a ppp connection when there's outgoing traffic at your site but the link is down, and then to tell ppp to hang up when the outgoing traffic has been idle for a certain period of time.
For an ordinary firewall situation with ppp and an analog modem, where you want the connection to go up and down automatically as needed, yes, you would use diald.
Note that diald cannot measure incoming traffic when the link is down. This would require something like diald at the ISP's end.

(?) ...a bulk friendly ISP?

From needbulkisp

Answered By Jim Dennis

[the editor notes that the querent sent his mail as all HTML. Yuck.]

(?) Hello!

I'm trying to find a bulk friendly ISP, to host a very small website. Can you help?

OR

Can you refer me to anyone?

Thanks very much,

HAPPY NEW YEAR!

From:

(!) [Jim] I don't know what you mean by "bulk friendly." However, you should be aware that the phrase carries very negative connotations to experience internet professionals.
To must of us that suggests that you are planning to spam (e-mail) people and you want to hook up with an ISP that will tolerate your abuse of the Internet and shield you from the wrath of the people that you offend.
Since you say it's a "very small website" I presume that you don't mean that you have a "bulk" of content that you wish to make available. Perhaps you mean that you have a small volume of content that you believe will get an immense amount of traffic. Obviously there are lots of ISP and co-location facilities out there. For commercial traffic they are very "bulk friendly" (since they charge for all the traffic --- the more traffic you generate, the more money they charge and the friendlier they get).
Anyway, I'll refrain from suggested actual companies here. Among other things I don't know enough about your needs and resources (money) to make any reasonable suggestions, and I'm not in the business of shopping for ISPs (bulk-friendly or otherwise).
However, I've left your name in this message since your e-mail address is clearly and solicitation for relevant advertising. I'm sure that "bulk friendly" ISPs will just be banging down your inbox within a few days. (Normally we filter e-mail addresses out of LG Answer Gang articles to protect or correspondents from spammers; however this appears to be a "trowaway" e-mail account which will be abandonned as soon as you've made your selection --- so I'll suggest to my editors that we make an exception in your case).


Copyright © 2001, James T. Dennis
Published in Linux Gazette Issue 61 January 2001
HTML transformation by of Starshine Technical Services, http://www.starshine.org/