===========================================================
                        LINUX NEWS
                http://www.Cramsession.com
                August 1, 2002 -- Issue #92
===========================================================

-----------------
TABLE OF CONTENTS
-----------------

1) Sean's Notes

2) Linux News

	Unix.com Safe For Now
	Honeypots Turn The Tables On Hackers (sic)
	Red Hat Drops Netscape
	Linux Poised To Plug In USB 2

3) Linux Resources

	Help With IPSEC VPNs
	Better Security
	The Road to Better Programming
	Small Business Accounting
	The Developer's Nightmare

4) App o' the Week


~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~

Free Quizzer for all Cramsession subscribers. Your choice of
Win2K Professional, A+, Network+, CCNA, CCNP, or MetaFrame.
Hundreds of Free multiple-choice questions/answers and
detailed explanations, and lots of free reference material
in our adaptive simulation test engine. Limit one per
Cramsession subscriber. Download your FREE Quizzer at:

http://ad.brainbuzz.com/?RC06&AIU34

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For information on how to advertise in this newsletter
please contact mailto:adsales@CramSession.com or visit
http://cramsession.com/marketing/default.asp

===========================================================
1) Sean's Notes
===========================================================

There is one file in /etc that controls a lot of how the
system operates, but is rarely understood. It's the "inittab"
file. Some of you might remember it as the one that you use
to change the default runlevel, and you'd be right. However,
this one file does so much more.

Runlevels need some explanation, first. At any point in time,
the system is in one runlevel or another. It's just a state.
Here are some examples:

0 - halt
1 - single user
3 - multiuser, text console
5 - multiuser, X console
6 - reboot

That's from my Red Hat system; there's nothing saying that
it has to be that way. For instance, X doesn't need to be
it's own runlevel, there are different ways it can be
started up. Normally, the system boots up in runlevel 1, and
then switches to 3 or 5 depending on how it's configured.

"How it's configured?" How *is* it configured? /etc/inittab
is where it goes:

id:5:initdefault:

Lines in /etc/inittab (other than the comments, prefaced by
#), have the form of:

id:runlevels:action:process

(that's right out of the inittab(5) man page).

id - unique sequence of 1-4 characters
runlevels - what runlevels does this apply to?
action - a keyword that specifies when the command applies
process - what to do?

The "initdefault" action just tells the system (specifically,
process ID 1, called "init") what runlevel to go into after
booting. The parameter goes in the runlevels field, and the
process field is ignored.

So, to make sure the system boots into runlevel 3, I'd have:

id:3:initdefault:

in /etc/inittab.

"init" is the process that handles runlevels (and a lot of
other things). To change a runlevel, you enter:

init runlevel

So, to halt my system, I could run:

init 0

Or, to get into the GUI console:

init 5

What differentiates a runlevel from another is what's being
run at the time.  The difference between runlevel 3 and 5
is that a display manager is running.  The system that does
this is complex, yet elegant, and you guessed it, starts in
/etc/inittab.

l0:0:wait:/etc/rc.d/rc 0
l1:1:wait:/etc/rc.d/rc 1
l2:2:wait:/etc/rc.d/rc 2
l3:3:wait:/etc/rc.d/rc 3
l4:4:wait:/etc/rc.d/rc 4
l5:5:wait:/etc/rc.d/rc 5
l6:6:wait:/etc/rc.d/rc 6

The "wait" action tells init to run the command given in
the fourth column when it enters the runlevel specified in
the second column. Here, /etc/rc.d/rc is being run whenever
you change into a new runlevel, with the new runlevel being
given as the parameter.

The "rc" script is where the dirty work happens. Upon entry
into a new runlevel, the following occurs:

- processes that aren't supposed to be running are stopped
- processes that are supposed to be running are started

To distinguish these from another, each runlevel has its own
directory, called /etc/rc.d/rcN.d, where N is the runlevel.
Each process or service the system runs has a file in this
directory. Each filename begins with K or S, meaning "kill"
or "start" respectively. Following this letter is a two digit
number, giving each a relative priority. Thus, something with
"K01" is killed before "K99". After the number is a word
describing the script, such as:

K30sendmail

To make things simpler, each service uses the same script to
start and stop the file. The rc script is nice enough to pass
"start" or "stop" to the file depending on what it wants.
Thus, K30sendmail will be run as:

K30sendmail stop

I don't know about you, but I've got 62 startup/shutdown
scripts on my machine. 62 * 6 runlevels is a lot of files.
So, something was done to fix that.

/etc/rc.d/init.d is a directory containing all of the
startup scripts (even though they're startup and shutdown
scripts, just call 'em startup scripts). Each rcN.d
directory has a symbolic link back to the appropriate
script in init.d, with the name taking the format as above.
So, sendmail will have:

/etc/rc.d/init.d/sendmail

with symbolic links...

/etc/rc.d/rc0.d/K30sendmail -> ../init.d/sendmail

to stop it in runlevel 0, and...

/etc/rc.d/rc3.d/S80sendmail -> ../init.d/sendmail

...to start it in runlevel 3.

Normally the priorities don't matter too much, they're just
there so you can force stuff to happen before other stuff.
For example, you want to have your firewall come up before
your network interfaces, and your network interfaces to come
up before your network daemons. Priorities make sure this
happens. In terms of the shutdown priorities, I generally
use 100-startup priority, so that they come down in the
opposite order they came up in. From the example above, of
30 and 80, you can see it's not a hard and fast rule.

So, when you change initlevels, the init process consults
/etc/inittab to find out what to do. One of the actions is
to run /etc/rc.d/rc, which takes care of starting up and
shutting down daemons. Each script is a simple shell script
that is fed either "start" or "stop", and it goes about its
business.

So, to make sure that sendmail doesn't start in any runlevel,
replace all the S??sendmail symlinks with K??sendmail
symlinks. Not surprisingly, it isn't fun, which is why there
are good GUI (tksysv) or command line (chkconfig) tools out
there. Again, there are many others you can use.

Before I go, I'll leave you with a thought. Even though X
comes up in runlevel 5, it doesn't have a script in
/etc/rc.d/init.d on most systems. How do you think it gets
started?  That, and some more trivia about inittab, will be
answered next week.


Long live the Penguin,

Sean
mailto:swalberg@cramsession.com


===========================================================
2) Linux News
===========================================================

------------------------------------------------------------
Unix.com Safe For Now
------------------------------------------------------------
Earlier, I told you about Unix.com being disputed by the
X/Open group. The ruling came back, and the owners of
Unix.com can keep their name. What I found interesting in
this document was both side's arguments--the current owner
basically said that "unix is now generic". The panel didn't
say they agreed with him, but they said that X/Open's
arguments to the contrary weren't effective.

http://www.unix.com/pdfs/UNIX_COM_WIPO_Administrative_Decision.pdf


------------------------------------------------------------
Honeypots Turn The Tables On Hackers (sic)
------------------------------------------------------------
Here's some news on using Honeypots to catch crackers in the
act. A honeypot's job is to be broken into, and to log
everything, giving you more information about your attacker.

http://itmanagement.earthweb.com/secu/article/0,,11953_1436291,00.h
tml


------------------------------------------------------------
Red Hat Drops Netscape
------------------------------------------------------------
The next version of Red Hat (7.4 or 8.0) has hit the FTP
servers in beta form, but the following note is included:
The Netscape Web browser has been removed. I've been happy
with Mozilla for some time, but it's still quite the event.

http://mozillaquest.com/Linux02/RHAT_7-4_beta-2-released_story-01.h
tml


------------------------------------------------------------
Linux Poised To Plug In USB 2
------------------------------------------------------------
The upcoming releases of the Linux kernel are going to
support USB 2, which will surely help out its adoption.
There's some interesting words about Linux in general.

http://zdnet.com.com/2100-1104-946529.html


===========================================================
3) Linux Resources
===========================================================


------------------------------------------------------------
Help With IPSEC VPNs
------------------------------------------------------------
Free S/WAN is an IPSEC implementation for Linux, funded by
John Gilmore, a noted advocate of Internet freedom. This
document is a step-by-step list of how to install the S/WAN
modules, and how to configure an IPSEC tunnel between two
networks.

http://www.linuxlabs.biz/articles/ipsec.htm


------------------------------------------------------------
Better Security
------------------------------------------------------------
This isn't as much a howto document as it is a description
of all the security measures that one person takes to secure
his system. However, there is lots of useful advice, and it
even has a section on what to do if you end up being
compromised. There are links to several great projects, such
as LIDS, which adds measures into the kernel that even root
can't bypass.

http://www.linuxgazette.com/issue80/tougher.html


------------------------------------------------------------
The Road to Better Programming
------------------------------------------------------------
This series of chapters, five in all, present techniques to
improve your Perl programming. Alas, it assumes you already
know Perl, and wish to become better. If you're just learning
the language, it's got some good hints, but you'll appreciate
it more once you've become more familiar with it. The link is
to the final chapter, which has links to the previous four.

http://www-106.ibm.com/developerworks/linux/library/l-road5.html


------------------------------------------------------------
Small Business Accounting
------------------------------------------------------------
Windows has several good accounting packages, but Linux
seems to be lacking, especially when it comes to the small
business. This website, which has lots of useful information
for that demographic, has put together a comparison of the
major packages.

http://linux4smallbiz.com/Members/l4sb/articles/Po10272758870


------------------------------------------------------------
The Developer's Nightmare
------------------------------------------------------------
So, you've started a job as a developer. You've inherited an
existing application, but all the senior guys have left.
What do you do? This article is full of helpful advice.

http://www.kuro5hin.org/?op=displaystory;sid 02/7/26/43016/0846


===========================================================
4) App o' the Week
===========================================================
PAN is my favourite newsreader. I just noticed that they've
made a release, so I thought I'd share the link with you.

http://pan.rebelbase.com/


===========================================================
(C) 2002 BrainBuzz.com, Inc. All Rights Reserved.
===========================================================
_______________________________________________________

          This message is from CramSession

You are currently subscribed to the following list
   Hottest Linux News and Resources
   as: sean@ertw.com

To un-subscribe from this newsletter by e-mail,
   send a blank email message to:
   mailto:leave-linuxnews-3825955Y@list.cramsession.com

To subscribe to this newsletter and many others visit
our site at:
http://newsletters.cramsession.com/signup/default.asp

-------------------------------------------------------