View previous topic :: View next topic |
Author |
Message |
jellyfisharepretty n00b
Joined: 05 May 2005 Posts: 32 Location: Kingston, Canada
|
Posted: Thu May 05, 2005 1:21 am Post subject: Help! local.start hang |
|
|
Please help! After installing LCDproc, I wanted to start it at boot time, so here's what I wrote in
/etc/conf.d/local.start :
Problem is, once the LCDproc server is started, it just hangs... Of course, I think I should have written
I tried loading a Knoppix LiveCD to change it, but I'm only able to read the file in read-only mode. Is there any way to make the boot sequence ignore local.start ? Or any other way to fix this ?
Thanks,
jellyfish |
|
Back to top |
|
|
Gherald Veteran
Joined: 23 Aug 2004 Posts: 1399 Location: CLUAConsole
|
Posted: Thu May 05, 2005 1:27 am Post subject: |
|
|
ctrl+c doesn't work?
you could try pressing "e" in grub and adding "single" to your kernel's command line
failing that, KNOPPIX should be able to mount rw. Try:
Code: | mount -o remount,rw /dev/PARTITION | (replace PARTITION with something from fdisk -ls) |
|
Back to top |
|
|
jellyfisharepretty n00b
Joined: 05 May 2005 Posts: 32 Location: Kingston, Canada
|
Posted: Thu May 05, 2005 1:34 am Post subject: |
|
|
Nah crtl-c doesn't work...
thanks for the quick reply
the remount worked , which means my system is super not secure, if anyone can boot a LiveCD and change config files ! |
|
Back to top |
|
|
Gherald Veteran
Joined: 23 Aug 2004 Posts: 1399 Location: CLUAConsole
|
Posted: Thu May 05, 2005 1:46 am Post subject: |
|
|
jellyfisharepretty wrote: | Nah crtl-c doesn't work...
thanks for the quick reply
the remount worked , which means my system is super not secure, if anyone can boot a LiveCD and change config files ! |
You expected something different...? With physical access to the hardware and the ability to reboot, one can do anything. Gentoo makes it trivially easy since pressing "e" in grub to add "single" to the kernel line means YOU DO NOT NEED A PASSWORD TO LOG IN AS ROOT, and you don't even need a CD to do it.
here is some discussion and here is a guide to some real security |
|
Back to top |
|
|
jellyfisharepretty n00b
Joined: 05 May 2005 Posts: 32 Location: Kingston, Canada
|
Posted: Thu May 05, 2005 2:14 am Post subject: |
|
|
Quote: | You expected something different...? |
Yes I did. Well, I assumed since at first Knoppix wouldn't let me write, that something was embeded in the filesystem that prevented exactly what I was trying to do, seeing how I wasn't the real root user of the system.
Guess that proves I still have a lot to learn, Thanks for the links, I'll check them out. |
|
Back to top |
|
|
Gherald Veteran
Joined: 23 Aug 2004 Posts: 1399 Location: CLUAConsole
|
Posted: Thu May 05, 2005 2:21 am Post subject: |
|
|
jellyfisharepretty wrote: | I assumed since at first Knoppix wouldn't let me write, that something was embeded in the filesystem that prevented exactly what I was trying to do, seeing how I wasn't the real root user of the system. | Nope, anytime you boot from a LiveCD be it Knoppix or Gentoo's and then chroot to a mounted hard drive, you are the real root user and can change the root password or pretty much do anything else you want.
The only reason Knoppix wouldn't let you write is that by default it is configured to not make any permanent changes. It's primary design goal is to be a "temporary" operating system. |
|
Back to top |
|
|
CitizenX Apprentice
Joined: 11 Sep 2004 Posts: 158 Location: Fresno, CA
|
Posted: Thu May 05, 2005 5:08 am Post subject: |
|
|
IIRC, this is what Trusted Computing is supposed to solve. You write a list of trusted OS's into the chip on the board, and when somebody tries a Knoppix boot, it doesnt allow it. Hopefully, this will have certain idiot proof features, such as the ability to override this option with some sort of password/key. You'd only be able to boot into Knoppix if you knew the password....which negates the reason for using a LiveCD to crack your system.
The controversy is if the chip is written on at the factory and is delivered to you read-only. Then you can only use an OS that is pre-approved by your vendor. Leads to serious abuse of the system. |
|
Back to top |
|
|
Gherald Veteran
Joined: 23 Aug 2004 Posts: 1399 Location: CLUAConsole
|
Posted: Thu May 05, 2005 5:24 am Post subject: |
|
|
CitizenX wrote: | IIRC, this is what Trusted Computing is supposed to solve. You write a list of trusted OS's into the chip on the board, and when somebody tries a Knoppix boot, it doesnt allow it. Hopefully, this will have certain idiot proof features, such as the ability to override this option with some sort of password/key. You'd only be able to boot into Knoppix if you knew the password....which negates the reason for using a LiveCD to crack your system.
The controversy is if the chip is written on at the factory and is delivered to you read-only. Then you can only use an OS that is pre-approved by your vendor. Leads to serious abuse of the system. |
If they have physical access to the computer, they can still move your drive to some other machine and chroot into it there. Encryption is your only defense against someone that determined.
The functionality of Trusted Computing that you describe is equivalent to a non-resetable CMOS password.
Trusted Computing is far more encompassing. It's primary funtion is vendor lock-in. |
|
Back to top |
|
|
|