Stop Microsoft
Operating Systems => Linux and UNIX => Topic started by: Stryker on 25 January 2003, 12:32
-
i just got slackware 8.1 and it's great. I have a few questions about it though.
1.) is there a command like chkconfig?
2.) if not then how do i disable/enable services?
3.) how do i turn off the random messages at login?
4.) why is it faster than redhat?
5.) how do i restart a service?
6.) why does it take 3.6gb from just 1 cd?
7.) anything different from redhat that i should know i haven't discovered yet?
i'm loving it though, i'm in the process of putting it on my laptop now.
-
welcome to slack!
quote:
2.) if not then how do i disable/enable services?
in "/etc/rc.d" there are a number of scripts that turn on various services. On startup, rc.S is run, then for multi-user mode (runlevel 3) rc.M is run. That does some setups and invokes other scripts (rc.inet1, rc.inet2, rc.syslog, etc etc); but it (should) do a check to see if the script is executable.
if the script is invoked without that check, you can make the hand edits necessesary. Then, to disable a service at startup,
But that's not all, also in the "/etc" directory, there is a file called "inetd.conf". copy this to "inetd.conf-8.1" and edit the original. comment out any lines for the services you do not want to start.
Now, as for the other part, my only beef with slackware, is that it has no default firewall. These lines should give you some protection until you get a better script:
create file: /etc/rc.d/rc.ipfilter
If you are on dialup, change the "eth0" to "ppp0".
Add this to one of the startup scripts (prefereably before your outside connection gets initialized, i recommend the top of "rc.netdevice" if your ethernet module gets loaded by that script; the top of "rc.inet1" is another good one):
Or, you can go to netfilter guruz page (http://www.linuxguruz.org/iptables/) and get a good script that should suit you. they are heavily commented, so you will learn a thing or two by tripping thru them.
slackware is a very do-it-yerself distro (not so much as gentoo or LFS tho ;) ), and tools like "linuxconf" are not in there.
What do you mean by "random messages at login?"
You can change the login prompt by writing this to the file "/etc/rc.d/rc.local":
you can also get rid of the fortune message by chmod'ing the script "/etc/profile.d/bsd-games.sh" to non-execution, just like the startup scripts.
and if you miss the graphical login; change the following line in "/etc/inittab":
hope this helps.
-
thanks, that did help. Sorry this is so short, but I'm kind of in a hurry right now. You know why I can't login through ftp?
be back later, and thanks again.
-
quote:
Originally posted by Stryker:
thanks, that did help. Sorry this is so short, but I'm kind of in a hurry right now. You know why I can't login through ftp?
Maybe you forgot to lube your muffler bearings?
-
quote:
Originally posted by void main:
Maybe you forgot to lube your muffler bearings?
huh? i'm confused. I dont have a car, or know anything about them (mechanically). I mean the ftp server on the slackware distrobution isn't accepting any logins. I feel lost now, i'm not sure if you are teasing me, saying something off topic to confuse me, or that is the actual answer and i'm just stupid. all well, maybe i worry too much.
-
quote:
Originally posted by Stryker:
huh? i'm confused. I dont have a car, or know anything about them (mechanically). I mean the ftp server on the slackware distrobution isn't accepting any logins. I feel lost now, i'm not sure if you are teasing me, saying something off topic to confuse me, or that is the actual answer and i'm just stupid. all well, maybe i worry too much.
It was a joke (common mechanics joke). Muffler bearings do not exist. I use this phrase periodically and it's my sick way of saying "need more information". I thought you had been around long enough to know me by now. Sorry about that.
There are two ways that most FTP servers can be spawned. Either in daemon mode or from inetd (or xinetd). If you have an /etc/inetd.conf file edit it and you should find a line that is commented out containing "ftp". Uncomment it and "kill -1" the PID number for the "inetd" process. If you are using "xinetd" there should be a /etc/xinetd.d directory containing a file called "ftp" or "ftpd". In that file there might be a line "disable = yes". Change it to "no" and "kill -1" the xinetd process.
If you are using PROFTPD for an FTP server you also have the option to run it in daemon mode rather than from inetd. This is done in PROFTPD's configuration file "/etc/proftpd.conf". Of course if you run it in daemon mode you will have to start it in the startup script that your other daemons are started with. It's been 8 years since I've used Slack so I'm not sure which FTP server and inetd packages it includes today.
If you could tell me which FTP server you have installed, and whether you have either the inetd or xinetd packages installed, that would be a big help.
[ January 25, 2003: Message edited by: void main ]
-
it's proftp running on inetd. it's running and everything, it prompts me for a login when i connect. it just doesn't accept any credentials i give it (except anonymous, which i disabled).
-
it's proftp running on inetd. it's running and everything, it prompts me for a login when i connect. it just doesn't accept any credentials i give it (except anonymous, which i disabled).
And i have been here long enough, but i just never heard you use that phrase before.
(Edit), someone please delete the other one, I accidently pressed post twice cause it was going slow.
[ January 25, 2003: Message edited by: Stryker ]
-
quote:
Originally posted by Stryker:
it's proftp running on inetd.
It can't be both. If it is started from inetd and no one is trying to connect there should be no ftpd process running. inetd will start an instance of it at login time. If it is running then that means you are starting it as a daemon and it should be commented out in your /etc/inetd.conf file so as not to fight over port 21.
Since it is running I will assume that you have it set to run in standalone mode (ServerType standalone) in the /etc/proftpd.conf. Can you paste in a copy of your /etc/proftpd.conf so I can look it over?
You might also want to search for ftp related login messages in your /var/log/messages and /var/log/secure logs:
# grep ftp /var/log/messages | tail
# grep ftp /var/log/secure | tail
quote:
And i have been here long enough, but i just never heard you use that phrase before.
Judging from your user# I would say that you haven't been here long enough (unless you read this forum long before you registered).
[ January 25, 2003: Message edited by: void main ]
-
My browsers being weird, i edited this post about 3 times to get it right. this is the uncommented code in /etc/proftpd.conf.
I assure you it is running with inetd. the problem is not getting it to connect, but getting it to login after you connect. From what you've told me it seems like you are trying to advise me on getting it running.
And I did read here before i signed up. And even still I read all those old posts.
[ January 25, 2003: Message edited by: Stryker ]
-
Have you looked in your /var/log/proftpd.log file for login error messages? If there are error messages could you let me know what they are?
Also, do you have iptables firewall configured? If so could you let me know what "iptables -L" shows?
Also, when you try and log in from a client, what is the "exact" message that is displayed?
[ January 25, 2003: Message edited by: void main ]
-
useradd doesn't automatically add the shell or create the hoome directory in slackware (at least for me). i didn't figure out the shell part until now, i set it to /bin/bash and it works fine now.
-
Aha. Now for the question I should have asked first. Why FTP and not SSH/SCP/SFTP?
Also, if you must use FTP you might want to read over the proftpd site. Lot's of good information:
http://www.proftpd.org/ (http://www.proftpd.org/)
-
quote:
Originally posted by void main:
Aha. Now for the question I should have asked first. Why FTP and not SSH/SCP/SFTP?
Also, if you must use FTP you might want to read over the proftpd site. Lot's of good information:
http://www.proftpd.org/ (http://www.proftpd.org/)
Well most people don't have support for ssh/scp/sftp, i will certainly try to make more secure options for people, but i'd like to be as supportive as possible. and i didn't check the website because this is much faster, and if i(or anyone) runs into a similar problem then can search here and find this thread. You know where i can get information on more secure file transfers? i've never tried it before.
-
Ahh, so this is going to be used by more than just you, possibly the general public? There are plenty of Windows clients out there that work with SSH (WinSCP is very much like WS_FTP (except WinSCP is free)). I personally would force users to use SSH over ftpd. Too many security issues with FTP. But if you have explored all the alternatives and must use FTP then proftpd is my choice. But please keep up on the security sections at the proftpd web site. Of course you want to keep up on security about any piece of software you have running on an internet connected machine, including ssh.
[ January 25, 2003: Message edited by: void main ]
-
If windows came with a client I would force them to use it, but i do not want to force people to use something. ftp is pretty common, i will put a warning on the welcome for ftp about it's insecurity. but there are lots of people that are on restricted machines and cannot add programs or anything. and there are those people who just don't know how. I'm not so sure how to go about setting it up though, i want something more secure available.
and it won't be public until i get dsl back, it's sitting behind a gateway on a dialup conncetion right now.
-
If all you want to expose is ftp you can just forward the ftp ports from that ftp machine to your gateway by adding the appropriate forwarding rules to your gateway (assuming your gateway is Linux running ipchains or iptables or any other standard firewall appliance).
[ January 25, 2003: Message edited by: void main ]
-
Heh heh, I'm a loser if I search for crap like this, but I used the term "muffler bearings" just last month in a similar situation in a thread you had posted in (but it wasn't directed to you):
http://forum.fuckmicrosoft.com/cgi-bin/ultimatebb.cgi?ubb=get_topic&f=5&t=001369&p=2 (http://forum.fuckmicrosoft.com/cgi-bin/ultimatebb.cgi?ubb=get_topic&f=5&t=001369&p=2)
[ January 25, 2003: Message edited by: void main ]
-
minor point:
use adduser, not useradd, and it will create the directory for you. actually it cp's /etc/skel to /home/newuser.
[ January 26, 2003: Message edited by: beltorak ]
-
i used to have proftp set up on my box; here's what i use:
I have it running standalone (not inetd).
I added the users i want to allow to connect to the ftp service to the file "/etc/ftphosts": "allow username".
my firewall is set up to allow RELATED traffick on the ftp-data port (20; technically ftp_control - 1).
my firewall is also set up to accept new connections to the ftp_control port (21).
I wish i could help more, but i gave up running ftpd after i realised that i wasn't going to be able to keep up with the security implications....
and i haven't slept since last night (graveyard shift sux sometimes).
I do remember that the problem of not being able to login being puzzling, i think the /etc/ftphosts fixed it tho...
-
PuTTy == Free SSH client
FileZilla == Free Sftp/ftp client
I've noticed that slackware on my machine also runs much faster than redhat.
I assume that this has to do with the fact that slackware is bare-bone, Runs a vanilla kernel, and not nearly as many services/scripts run default.<br> Also.. with slackware I generally compile everything from source, which optimizes it for my specific CPUs
Another thing you can do is download and install the Preempt kernel patch.
[ January 27, 2003: Message edited by: Scorchen ]Preempt Kernel Patch (http://www.tech9.net/rml/linux)
[ January 27, 2003: Message edited by: Scorchen ]