Best of Technical Support
I installed Red Hat Linux 5.0 on my system which has a Cirrus Logic VGA card. I installed the X Window System and am running it with success. In my office, most of the systems have SIS 6215 VGA cards, and Linux 5.0 does not support this. I downloaded SIS drivers from Red Hat's site. I am using the PC-quest Red Hat Linux 5.0 CD which does not have SIS drivers. How do I insert the SIS drivers during installation, since I am installing from CD? Please clarify my doubts on how third-party drivers should be installed without CD during installation. —Munnangi Reddy, email@example.com
You can't. However, the installation doesn't use graphics, so you can install the system anyway. After installing, you can upgrade your X packages by installing the new RPM file using
rpm -i package
—Alessandro Rubini, firstname.lastname@example.org
If you want to use new XFree86-supported cards, you should upgrade both the XFree86 server (XFree86-SVGA...) and the Xconfigurator utility, which is used in order to generate an XF86Config file. All these packages are available from the Red Hat FTP server. —Pierre Ficheux, email@example.com
I am using Red Hat version 6.0. I have PPP configured and working for dial-out to my ISP. It uses a dynamic IP address assigned by the server. I also wish to allow dial-in on the same system to allow for administration and tech support. The documentation states that you put the IP address you wish to assign to the port for dial-in users in the /etc/ppp/options.ttySx file. However, as long as I put an IP number in the file which corresponds with the dial-out port, my PPP dial-out fails. I know it is possible to support both dial-in and dynamic dial-out on the same port. The PPP HOWTOs state that it can be done. What do I have to do to get it to work?
Note: the options.ttySx file has only the single entry. All other options are in the options file. —Gerry George, firstname.lastname@example.org
Actually, you would do this only if you have multiple serial ports and modems and you want to assign IP addresses dynamically to your users. If you have only one modem, you can simply assign the IP on the PPP command line. You could create a PPP user in /etc/password which launches this script in lieu of a shell:
#!/bin/sh IFS=" " export IFS /usr/bin/mesg n stty -tostop -echo exec /usr/sbin/pppd modem crtscts proxyarp -d\ -detach moremagic:ppp-guest
—Marc Merlin, email@example.com
We have several labs of Linux boxes available for student use at the University of Arizona Physics Dept., as well as a couple of older SPARCs which we are bringing somewhat up to date with the latest Linux releases. We have some security concerns about LILO and SILO. Several of these machines' consoles are openly available to the students, and we have been worried about the students forcing a reboot and bringing up Linux in single-user mode, gaining total access to the system. Admittedly, not much damage can be done from most of the machines, as most simply map their drives to the user directory of a more secure machine, but it's still a concern.
We've added the “password=/password/” and “restricted” lines to the respective /etc/lilo.conf and /etc/silo.conf files on each machine (and naturally added password protection to the BIOS to not allow booting from floppy); however, both lilo.conf and silo.conf are still readable to the average user. We want to retain the single-user mode availability for the lab crew and keep items contained in these config files, such as the image locations, available to those lab crew members without the security to modify the files. Is there a way to do this and yet prevent anyone from reading the password lines in lilo.conf/silo.conf? Should we forego using LILO/SILO altogether and use something else? —Sam Hart, firstname.lastname@example.org
Using another boot loader would be a good idea, but there's an alternative. The LILO configuration file is used ONLY when you actually run the LILO command. It's not required at boot time. Thus, you could put the file onto a floppy that only your lab crew has access to. They can mount it when necessary and use the -C option to specify its location when updating a kernel or changing a boot option. —Chad Robinson, email@example.com
I would get the source code from SILO and LILO and hard-code the password in there (make sure, then, that the binary is a 700, so that a user cannot run strings on them). —Marc Merlin, firstname.lastname@example.org
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems
Join editor Bill Childers and Bit9's Paul Riegle on April 27 at 12pm Central to learn how to keep your Linux systems secure.
Free to Linux Journal readers.Register Now!
- Considering Legacy UNIX/Linux Issues
- Cluetrain at Fifteen
- [<Megashare>] Watch Mrs Brown's Boys Movie Online Full Movie HD 2014
- New Products
- Getting Good Vibrations with Linux
- Memory Ordering in Modern Microprocessors, Part I
- Customizing Vim
- Tech Tip: Really Simple HTTP Server with Python
- Security Hardening with Ansible
- RSS Feeds