Re: Mandrake 8.1 Desktop Gone
- From: "ffitz2@xxxxxxxxx" <ffitz2@xxxxxxxxx>
- Date: 27 Mar 2007 09:00:36 -0700
On Mar 21, 7:45 pm, ibupro...@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin) wrote:
On 20 Mar 2007, in the Usenet newsgroup alt.os.linux, in article
<1174425448.294854.3...@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>, ffi...@xxxxxxxxx wrote:
I screwed up... but I'm not sure how. I'm afraid I'm knowledgable
enough to get into trouble, but not quite enough to get out of it.
That happens - that's how you learn
This is on Mandrake 8.1.
EIGHT POINT ONE??? Wow that is obsolete. Support for that ended
over three years ago. Is there any specific reason you have to be
using something that old?
What I wanted to do:
Tighten down permissions so that ms ie7 ftp wouldn't navigate into the
root.
Read the man page for the FTP server (what-ever it is) and look for the
word 'chroot'.
What I did:
Use chmod to remove "others" access to all directories in root.
And how exactly? Well, you know not to do THAT again.
What happened:
Websites were no longer accessible. GUI (KDE) wouldn't come up.
Then I restored the r-x for others for all directories in root.
Again - what did you do exactly? By the way, /tmp/ wants to be
'drwxrwxrws' which you get as 'chmod 1777 /tmp'
Websites came back up.
GUI (KDE) still down.
As root '/bin/rpm -Va' and see what all has gotten screwed. It's
probably going to be a lot. You can use rpm to restore permissions
of the stuff it knows about using
[compton ~]$ rpm --help | grep -A2 -- --set
--setperms - set the file permissions to those in the package
database using the same package specification
options as -q
--setugids - set the file owner and group to those in the
package database using the same package
specification options as -q
[compton ~]$
so if I read this correctly, that would be 'rpm --setperms -a' but no
guarantees. Repeat the 'rpm -Va' and see how it improves things.
So...
1. How do I prevent IE7 ftp from getting to places it shouldn't
get to, without killing websites.
You don't give access to idiots using IE7 as root. If you do want to give
them access and want to limit their access, man the FTP server and look at
setting it up in a chroot jail. AT THE VERY LEAST set them up in an
account with minimal access.
[compton ~]$ whatis chroot
chroot (1) - run command or interactive shell with special root directory
chroot (2) - change root directory
[compton ~]$
Warning - this can be more hassle than it's worth. Better way is to not to
allow idiots near the system.
2. How do I get KDE back?
Install a current distribution. The permissions of /tmp are probably wrong
as well.
Old guy
Thank you Old guy.
You got it in 1. The /tmp permissions were the problem on the KDE.
I've tried to talk the owners into a more recent distribution, but
they don't wanna. I support all the windows systems here, and I
don't get enough practice on *ix to stay current. (I forget too
fast.)
The FTP daemon is proftpd.
It worked just fine for users on MSIE 6, ws-ftp, etc.
When MSIE 7 came around, after a user logs in, they can
navigate anywhere.
Based on your reference to chroot, I checked the proftpd.conf
and the users have "DefaultRoot" directories assigned.
I now think this must be a proftpd bug.
-- Frank
.
- Follow-Ups:
- Re: Mandrake 8.1 Desktop Gone
- From: Moe Trin
- Re: Mandrake 8.1 Desktop Gone
- References:
- Mandrake 8.1 Desktop Gone
- From: ffitz2@xxxxxxxxx
- Re: Mandrake 8.1 Desktop Gone
- From: Moe Trin
- Mandrake 8.1 Desktop Gone
- Prev by Date: Re: How do I configure a sound card?
- Next by Date: Re: Bash script questions.
- Previous by thread: Re: Mandrake 8.1 Desktop Gone
- Next by thread: Re: Mandrake 8.1 Desktop Gone
- Index(es):
Relevant Pages
|
