You wrote:
> $HOME/.rhosts is used to give super user access
True, but incomplete. Each user has their own home directory (to which the HOME variable is set) so the statement should read:
$HOME/.rhosts is used to give users on other systems access to the local system
> /etc/hosts.equiv is used for all other users.
/etc/hosts.equiv can indeed give users on other systems access to the local system but it is not the only method (see above). NOTE: hosts.equiv can be a serious security risk.
> /var/adm/inetd.sec
This file is service filter to allow or disallow certain IP addresses from accessing your local system. Although it resides in /var (for historical reasons), it is indeed a system-wide configuration file. Suppose you only want certain machines to access your system through telnet. You would then allow only those specific addresses (or range of addresses) to get through by editing inetd.sec. The man page for inetd.sec is very helpful.
> Is there any good manual for ssh?
The O'Reilley book for ssh is a good reference:
http://www.oreilly.com/catalog/sshtdg/although there are numerous quick reference docs posted here in the forums. I've attached Chris Vail's quick reference for SHH.
> Whats wrong with having root's home @ /?
/ is THE most dangerous directory in the system. If this is root's home directory, the most dangerous commands will destroy the entire system, requiring a complete re-installation. The most dangerous commands in Unix:
rm -r
mv
cp
chmod -R
chown -R
(there other dangerous commands that are not sensitive to the filesystem structures like dd and mediainit) So why is / very bad as root's HOME? Consider this fairly common mistake:
cd /temp
rm -rf *
If root just logged in, the computer is now being destroyed. The reason? The directory name is misspelled (/temp should have been /tmp) and the superuser forgot to look for a warning message (sh: /temp: not found.) after the cd command. The rm -rf will silently remove *EVERY* directory and file on the entire computer (or at least until HP-UX crashes) and if bad permissions were given to access NFS-mounted directories, the command will also destroy files and directories on remote computers. Only your CDROM is safe.
cd is often overused by root. Root is too powerful for casual use so if you need to remove a directory, *always* use a fullpath. Repeat: always use a fullpath. In the above example, changing the rm command from
rm -rf *
to
rm -rf /temp/*
would have done nothing and reported an error message. Similarly, a common sysadmin mistake is not understanding pattern matching and regular expressions. For example, to remove a user's files, novice sysadmins might do this:
cd /home/billh
rm -rf *
But then find out that .profile and other . files are still there. So they will issue this command:
rm -rf .*
Again, a major mistake. .* says: match all files and directories that start with . and have ZERO or more characters following. No problem with .profile, .sh_history and so on, but as an exercise, try this command in your $HOME directory:
echo .*
The first two filenames that are matched will be . and .. which is a big surprise to a newbie sysadmin. Yes, .. is a real directory and it happens to be the parent, in this case, /home. So the rm command will start recursively removing every directory and file in .. (/home) thus destroying all the user files. This isn't nearly as bad as / but certainly not a nice way to start the day. Whenever I am about to use a recursive rm (or mv, cp) command, I'll put echo in front to see exactly what the shell sees:
echo rm .*
Hint: you can avoid . and .. directories by using [!.] which is a character class to exclude (not match) the . as a character string. Try this:
echo .*
echo .[!.]*
and you'll see the . and .. directories disappear from the list. Of course, there are always obscure exceptions, in this case, any file or directory that starts with 2 dots (ie, ... or ..abc) will be missed. But that's a small consequence to the possibility of removing every user's HOME directory.
I ALWAYS alias the 3 commands for file destruction to have the -i option in root's .profile:
alias rm="/usr/bin/rm -i"
alias mv="/usr/bin/mv -i"
alias cp="/usr/bin/cp -i"
So the first thing that a sysadmin will do in setting up a new system, even before adding patches and applications, is to move root's HOME. Don't worry, HP-UX is not alone with this setup--many other flavors of Unix have the same default HOME for root and they all need to be fixed to control the "oops" factor. The most common technique is:
umask 077
mkdir /root
vipw
The command vipw is the recommended editing method for changing the passwd file. Not only does it save a lot of keystrokes (vipw versus vi /etc/passwd) but it creates a lockfile so another root user won't accidently edit the same file. In vi, change the second to last field from :/: to :/root: and then save the result. While leaving a root login window open, try logging in as root in another window. If all is well, you can type pwd in the current window and you'll see /root. Now you can move all files (not directories) into /root. NOTE: Some bad applications may require ordinary files in / so make sure you know if there are such files in /. Naturally, you can always move them back from /root to / if necessary.
All good questions. I'll be covering a lot of these techniques March 22 in Amsterdam (actually, the HP office in Amstelveen).
Bill Hassell, sysadmin
