> m450 backups # ls -al /
> total 72
> drwxr-xr-x 18 root root 4096 Apr 29 13:38 .
> drwxr-xr-x 18 root root 4096 Apr 29 13:38 ..
> drwxr-xr-x 2 root root 4096 May 19 10:36 bin
> drwxr-xr-x 2 root root 4096 May 17 18:07 boot
> drwxr-xr-x 16 root root 13460 May 25 14:39 dev
> drwxr-xr-x 57 roo
Mick wrote:
On Tuesday 29 May 2007 22:04, Paul Varner wrote:
On Fri, 2007-05-25 at 20:14 -0700, maxim wexler wrote:
[EMAIL PROTECTED] ~ $ ls /
ls: cannot open directory /: Permission denied
[EMAIL PROTECTED] ~ $
What does 'ls -ld /' and 'ls -ld /etc' return?
Both of them should look like:
drw
On Tuesday 29 May 2007 22:04, Paul Varner wrote:
> On Fri, 2007-05-25 at 20:14 -0700, maxim wexler wrote:
> > [EMAIL PROTECTED] ~ $ ls /
> > ls: cannot open directory /: Permission denied
> > [EMAIL PROTECTED] ~ $
>
> What does 'ls -ld /' and 'ls -ld /etc' return?
>
> Both of them should look like:
On Fri, 2007-05-25 at 20:14 -0700, maxim wexler wrote:
> [EMAIL PROTECTED] ~ $ ls /
> ls: cannot open directory /: Permission denied
> [EMAIL PROTECTED] ~ $
What does 'ls -ld /' and 'ls -ld /etc' return?
Both of them should look like:
drwxr-xr-x 20 root root 4096 May 29 04:40 /
drwxr-xr-x 56 root
> you. Try to see if
> it is some security-related problem as proposed by
> Arturo.
There are two options under Security in the .config;
neither are set. Is there someplace else to check?
mw
Pinpoint
cu
maxim wexler <[EMAIL PROTECTED]> writes:
>
> If by "successful" you mean the call returns >= 0,
> then they're successful.
Yes,
>
> There is this, however:
> <...>
> open("/etc/default/nss", 0_RDONLY) =-1 ENODENT (No
> such file or directory)
> <...>
> connect(4,{sa_family=AF_FILE,
> path="/var/
> You should aslo check for any of setuid seteuid
> setreuid or
> setresuid. any call to any of those must be
> succesfull.
If by "successful" you mean the call returns >= 0,
then they're successful.
There is this, however:
<...>
open("/etc/default/nss", 0_RDONLY) =-1 ENODENT (No
such file or dir
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Maybe you're running sudo frm withing a chrooted/restricted shell, or some
kernel with security
options that is not allowing /etc/sudoers to be read?
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
OpenPGP for HTTP
maxim wexler <[EMAIL PROTECTED]> writes:
>> root. Look for other occurences of geteuid in
>> strace output.
>
> Most similar instance is following the line:
> <...>
> readlink("/proc/self/fd/0, "/dev/tty2", 4095) = 9
> getuid32() = 0
You should aslo check for any o
maxim wexler <[EMAIL PROTECTED]> writes:
> Most similar instance is following the line:
> <...>
> readlink("/proc/self/fd/0, "/dev/tty2", 4095) = 9
> getuid32() = 0
>^
> note: no 'e'
Yes that's also interesting, uid is zero, which is should be since you
are runn
> root. Look for other occurences of geteuid in
> strace output.
Most similar instance is following the line:
<...>
readlink("/proc/self/fd/0, "/dev/tty2", 4095) = 9
getuid32() = 0
^
note: no 'e'
>
> Check also that root actually has uid=0 on that
> machine.
>
maxim wexler <[EMAIL PROTECTED]> writes:
> strace:
> <...>
> open("/etc/sudoers", O_RDONLY) = -1 EACCES
> (Permission denied)
> geteuid32() = 1
hmm, strange, geteuid should return euid which should be zero for
root. Look for other occurences of geteuid in str
> FS corruption. Check dmesg for any errors, but fsck
> the filesystem
> containing this file ASAP even if you don't see
> anything.
/dev/hda3 unmounted
#reiserfsck -l check.log /dev/hda3
"No corruptions found"
check.log empty.
No errors in dmesg for /dev/hda3
mw
___
On Friday 25 May 2007, maxim wexler <[EMAIL PROTECTED]> wrote about 'Re:
[gentoo-user] Re: two identical /etc/sudoers -- only one works':
> strace:
> <...>
> open("/etc/sudoers", O_RDONLY) = -1 EACCES
> (Permission denied)
FS corruptio
> Example:
>
> $ pwd
> /usr/bin
> $ ls -li sudo
> 8803772 ---s--x--x 2 root root 107240 2007-05-21
> 11:11 sudo*
> $ find . -inum 8803772
> ./sudo
> ./foo
> $ ls -li foo
> 8803772 ---s--x--x 2 root root 107240 2007-05-21
> 11:11 foo*
>
>
> Unfortunately I do not know what's wro
I was wrong. Sorry.
I realize now that this cannot be your problem, sudo tell you that it
is not setuid if it's not.
$ sudo chmod -s sudo
$ sudo ls
sudo: must be setuid root
>
> Thanks Christer, never saw that command before, but
> like I told Walter, a listing for sudo is indeed:
> ---s-
> $ls -l `which sudo`
> ---s--x--x 1 root root 107240 2007-05-21 11:11
> /usr/bin/sudo*
>^ ^
>setuidroot
>
> --
> Christer
Thanks Christer, never saw that command before, but
like I told Walter, a listing for sudo is indeed:
---s--x--1 2 root root
"Walter Dnes" <[EMAIL PROTECTED]> writes:
> On Wed, May 23, 2007 at 06:14:53PM -0700, maxim wexler wrote
>> Hi group,
>>
>> I connect to the web using
>>
>> $sudo /usr/sbin/pon
>>
>> on one machine(2.6.20-gentoo-r6). On another
>> machine(2.6.19-gentoo-r5), I get
>>
>> :sudo: can't open /etc
18 matches
Mail list logo
