Segfault in dirname and su
So here's the scoop. I am running Slackware 13.1 and all was well, I tried to install PHP from source and ran into issues. There are some issues with the install but I am more concerned about some other issues. After installing php I noticed it took a long time to get from entering my password to a usable shell prompt, hitting control+c brought me to a usable prompt but with no colors and the prompt was missing the CWD. I have renamed dircolor and now can log in quickly. Last year I was rooted though a proftp exploit and had a similar symptom, and had to reinstall from scratch. this time I went and downloaded chkrootkit and it indicates system is clean. But su and dirname both segfault when called so I am wondering what to do.
|
You should have rkhunter set up right from the beginning of your next system, but now you should unplug your server from the network now and reinstall.
|
you could try reinstalling the package using upgradepkg --reinstall parameter
|
Quote:
|
su is in shadow
sudo is in sudo |
you can use slackpkg to help you :)
Code:
willysr@desktop:~$ slackpkg file-search sudo |
Thanks folks. I reinstalled shadow, coreutils and no more segfault on su or dirname, BUT after a reboot I can no longer login at console. I type user name hit return and rather than password prompt it returns login prompt. I can login remotely via SSH from my smartphone (server is a home firewall/router/fileserver and webhost for family photos. Currently we don't have a PC due to a bad power supply taking out desktop mobo
|
Sorry about the disjointed posts just downloaded the LQ app previously was using web interface on my phone so was a bit hard to read and type. Also am somewhat stressed about machine
|
check the content of your /etc/shadow
probably it's overwritten |
Quote:
Quote:
Now I'll move this thread to the Linux Security forum to see if there's any cause for concern. |
Quote:
- What services does the machine expose (DNS, HTTP, SSH, or what else) and what is provided through the web stack (bulletin boards, web log software, shopping carts, statistics, web-based management panels, what else)? - Do you keep off-site backups and if you do how far back do they go? Quote:
- Please don't say "issues" but name and describe each one of them as they may be related of provide an indication. Quote:
- How did you diagnose this other than running Chkrootkit? Looked at login records? Logs? Anything else worth mentioning? |
Since reinstall last year I use the machine as:
Router/Firewall using homeLanSecurity script for iptables. DHCP for home network Fileserver using Samba for my windows 7 box and wii (softmodded streaming videos over SMB with WiiMC) Subsonic (standalone java web based media streamer) Static webhost (links to some videos and photos for family) the only services I intended to expose externally were SSH/HTTP/Subsonic After the power supply blew (smoke and all) in my windows box I decided to start using the slackware box a desktop so am now using xfce4 as WM basically the only apps I ever run are run ktorrent and firefox. Problems arose when I decided to install Gallery2 to host the pictures from my wedding and allow people to upload to the server, I had done something similiar 2.5 years ago when my daughter was born but simply hadn't gotten around to reinstalling the application after reformat last year. I reallized I didn't have PHP installed and so I wen to install the package but the package kept hanging during installpkg. (was distracted by said 2.5 year old) so I decided to simply compile from source and be done with it, (by the time it was finished compiling, mom would be awake with toddler) when I attempted make install I noticed it took a LONG time (10+ minutes) but then it seemed fine. I enabled modphp in httpd.conf but then ran into 403 errors, played with the DirectoryIndex and added index.php and if I renamed index.html to index.php it worked fine but if I specified index.html it simply spat out the html source. Not having time to mess with it I simply disabled php and figured I would try again another day. Next day, I logged in at the console and it took appeared to hang while logging in, I hit ctl+c and got bash prompt, but without CWD in the prompt and no directory colors, I then switched virtual terms and logged in again, switched back and ran ps auxw noticed that dircolor was hanging, renamed /bin/dircolor and then could login without delay, I then ran chkroot because I had similar issues in the past. I checked /var/log/messages and noticed that dirname was segfaulting (thus causing installpkg issues) Thats when I tried to su and got segfault as well. I then attempted to installpkg shadow but then couldn't login at console, fine through SSH To get a usable (log in to copy wedding photos (just copied to machine this week and haven't made backup yet) machine, I have extracted shadow and coreutils then copied dirname, login and su to there correct places I am now downloading slack 13.37 and am going to reinstall from scratch hopefully doing a better job of securing the system next time. (rkhunter installed at the getgo) and limit my open services. Quote:
|
Quote:
Quote:
|
All times are GMT -5. The time now is 09:13 PM. |