topic Re: rexec illegal seek in Operating System - Linux

rexec illegal seek

K.G.V.S.Prasad — Wed, 21 May 2003 06:10:08 GMT

Hello,
I am trying to execute simple "ls" command on remote machine using rexec command. But I am getting following error messages
---------------------------
rexec: Error in rexec system call
rexec: (The following system error may itself be in error)
rexec: Illegal seek
-----------------------------

Can any body tell me what is the problem..?
Regards,
Prasad.

Re: rexec illegal seek

Jerome Henry — Wed, 21 May 2003 06:27:42 GMT

Many possible source.
Make sure that REXEC has been enabled on the target system as a service controlled by xinetd (from desktop, check "System, Service Configuration"). Additionally "rexec" has to be added to the file /etc/securetty as well in this case.
Can also be a PAM problem. Try this first and post if it doesn't solve.
J

Re: rexec illegal seek

K.G.V.S.Prasad — Wed, 21 May 2003 08:18:21 GMT

Hello Jerome,
I have made the "rexec" service as "automatic" service, and hence it should get started when system started. Is there a way to check whether it is running or not..?

"/etc/security" folder has many files. which file shall I need to modify...?
How can I know whether it is PAM problem or not..?

regards,
Prasad.

Re: rexec illegal seek

Jerome Henry — Wed, 21 May 2003 09:00:52 GMT

Yes !
chkconfig --list | grep rexec

It's not security, but securetty, a shorter file indeed, just edit it and check that 'rexec' is in it. If not, just add it at the end.
J

Re: rexec illegal seek

K.G.V.S.Prasad — Wed, 21 May 2003 09:25:37 GMT

Hello Jerome,
Thanks for the reply.
The command "chkconfig --list | grep rexec" shown that rexec is "on".

I thought that securetty is a typo of security. Sorry for this.

I have added "rexec" to "/etc/securetty.org" but no use. Still same error is coming. Any other suggestions..?
Regards,
Prasad.

Re: rexec illegal seek

Jerome Henry — Wed, 21 May 2003 10:53:29 GMT

Hi,
back after lunch. It's securetty, not .org, isn't it ?
Basically, prob is that you do not have rw rights on the remote machine. Being local root doesn't make you remote root. Are you remote root ?
Is the service running on remote machine ?
Read this step by step about it :
http://www.auggy.mlnet.com/ibm/3376c48.html
BTW? r-utilities are nevertheless considered as very dangerous on a network, as they send password in plain text. That's why most recent distro block them, that's the role of PAM module here.
Why not use ssh instead ? It'll be easier to set up than turning off all the security of your systems...
Read this :
http://www.linuxdocs.org/HOWTOs/Security-HOWTO-4.html
and this to set up ssh :
https://www.itso.iu.edu/howto/ssh-unix.epl
J

Re: rexec illegal seek

K.G.V.S.Prasad — Wed, 21 May 2003 11:53:41 GMT

Hello,
The file /etc/securetty is not there in my system. For ur information I am working on Linux Red Hat 7.2.

I am root on local meanchine and remote machine as well.

The problem was found. That is, in the remote machine rexec port has been under linux system firewall. I have modified the /etc/sysconfig/ipchains file to accept rexec port 512 and restarted the machine and it is working fine.
Regards,
Prasad.

Re: rexec illegal seek

Jerome Henry — Wed, 21 May 2003 12:00:05 GMT

great !
But still pay attention to this security leak on your system...
J

Re: rexec illegal seek

Zeev Schultz — Wed, 21 May 2003 14:57:36 GMT

All right,
/etc/securetty used to specify ports on which
root user can do login to the system (get from getty).If it doesn't exist - root can login freely (not advised).Usually should put console there.
And no need to restart computer if you change firewall settings :)

Best Wishes

Zeev

Re: rexec illegal seek

K.G.V.S.Prasad — Thu, 22 May 2003 08:06:27 GMT

Hello Jerome and Zeev,
Could u please send me a copy of securetty file, so that I will also try with that.

After modifying ipchains file, rexec is not working with out restarting the system. I dont know whether restarting is mandatory or not, but that is my experience.

Thanks and regards,
Prasad.

Re: rexec illegal seek

Jerome Henry — Thu, 22 May 2003 08:47:25 GMT

Here is my securetty (I do not have rexec allowed, it should be added at the end).
Ipchains ? You do not use iptables ? Do you run kernel 2.4 ? then iptbles would be a better idea.
After setting sth in ipchains, rebooting normally flushes the rules, unless you have saved them. It seems that you ruleset is preventing your rexec.
To restart something, better use /etc/rc.d/init.d/service_name restart than restarting the whole machine.
J

Re: rexec illegal seek

K.G.V.S.Prasad — Mon, 26 May 2003 04:51:32 GMT

Hello Jerome,
I tried with securetty file but not working. I did the following.
I have created a file with name "securetty" and put it in "etc" directory. The file contents are same as yours and also "rexec" added at the end. Also restarted the machine.

Yes . I am running Kernal 2.4.
Regards,
Prasad.

Re: rexec illegal seek

Vitaly Karasik_1 — Mon, 26 May 2003 05:23:04 GMT

- does it work for normal users?

- does rsh work?

Vitaly