Chat on IRC |
Free shells
Posted by Psion [send private reply] at June 13, 2001, 07:38:48 AM
Here that idea is again. So, who thinks he'll be able to have a networked UNIX machine soon, on which he could install a standard set of dev tools and have a network file system connecting his machine with those of others who agree to this? It would be pretty nifty to have tutorials designed specifically for this environment. You could even get a something.tpu.org hostname!
Posted by AngelOD [send private reply] at June 13, 2001, 08:05:57 AM
I might be able to soon.. Will take a look at it, and at the restrictions for my cable ISP.
Posted by taubz [send private reply] at June 13, 2001, 09:49:19 AM
I'm ignoring the restrictions of my cable ISP. :-) I plan on turning off all outgoing packets on ports != 22/80 (maybe NFS, anything else system critical?) and putting a 5MB quota on accounts so the box could only be used (practically) for playing around. It (hopefully) won't be a bandwidth hog, then, and my ISP won't notice or won't care.
It'll be up in two weeks. I'm waiting for my dad to buy a new computer. Around that time I figure I'll also start writing the CGI scripts to set up accounts and such. I also want to include mySQL and all of the web development languages, since that's pretty important too. - taubz
Posted by gian [send private reply] at June 13, 2001, 04:53:57 PM
Maybe, I've got a linux box... when I get ADSL I might consider it.
Posted by taubz [send private reply] at June 17, 2001, 08:54:31 AM
I was thinking about setting up the box and I realized, how am I going to create user accounts automatically? www can't run it, unless I somehow change the permissions of adduser, but would that be a security hole? Do I write out a list of users that I want to add to a file and have a root cron job actually add the users?
Any ideas would be appreciated. - taubz
Posted by drdevil [send private reply] at June 17, 2001, 03:15:19 PM
just write your own script to add the user, build it into the CGI script.
and then just setuid the cgi script, thats what i do for controlling pppd on my firewall... Not a security hole if you code safely (which i dont :P) Thanks Gaz
Posted by taubz [send private reply] at June 17, 2001, 09:08:32 PM
Can't... passwd/shadow are root access only, and I'll probably be using SuEXEC in Apache, so I can't have the CGI script suid.
- taubz
Posted by lordaerom [send private reply] at June 17, 2001, 10:53:37 PM
Would some human intervention necessarily be a bad thing? Either yourself/you and the other admins, approving accounts, so someone doesn't cretae 10 just for the hell of it? =]
Posted by Psion [send private reply] at June 18, 2001, 07:51:58 AM
I think you should consider how to have these accounts shared across the machines of participating donors, if that is feasible.
Posted by taubz [send private reply] at June 18, 2001, 12:01:14 PM
Yeah.... I suppose that's a good idea, Lord. I'd rather not, but I guess I will need an approval system.
Psion, I'm not sure if that is feasible. Unless other machines copy my passwd file and then just run off of NFS. That would only help to soften the CPU burden, though. The other way around would be to have my machine take the drives exported from other machines, which would help with disk space. Neither of which should be a major problem (at least, yet). Would there be a way to tie DevLocus accounts with this thing? - taubz
Posted by Psion [send private reply] at June 18, 2001, 01:51:08 PM
I'm sure there would be, but that would be very Ghetto. I know it's possible to share UNIX accounts, because every university and large business in existence does it. :P
Posted by lordaerom [send private reply] at June 18, 2001, 07:00:37 PM
YPServ?
Something like that, iirc. http://www.suse.de/~kukuk/nis-howto/HOWTO/index.html Yes, that seems right
Posted by drdevil [send private reply] at June 19, 2001, 12:58:41 PM
Taubz, if you suid the cgi script and chown it to root, then it runs as root, so you can access the shadow+passwd file, thats what i meant in my cgi script controlling pppd, the script runs as root so it can control pppd...
I know you can do it other ways, but i also need to beable to shut down the machine via the web, and suid-ing the script seemed the easiest method... Try that out... Thanks Gaz
Posted by taubz [send private reply] at June 20, 2001, 09:00:38 PM
Apache with SuEXEC won't run CGI scripts that are suid and it wont run as root. Maybe that would work if SuEXEC isn't running, but that would be bad for allowing users to have /~username web sites (for learning Perl/PHP/etc), or maybe it would work on a virtual host without USER and GROUP directives. I don't think it will, but I'll try when I get it set up.
- taubz
Register as a new user | ||||||||||||||||