From owner-freebsd-security Wed Nov 15 11:54:44 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail.sageian.com (ns.sage-consult.com [208.201.118.11]) by hub.freebsd.org (Postfix) with ESMTP id F0CF037B479 for ; Wed, 15 Nov 2000 11:54:40 -0800 (PST) Received: from pricli012 (proxy.sageian.com [208.201.118.126]) by mail.sageian.com (Postfix) with SMTP id 4CDE76A92B for ; Wed, 15 Nov 2000 14:54:39 -0500 (EST) Message-ID: <003f01c04f3e$3c77e170$4c00000a@sage> Reply-To: "Rossen Raykov" From: "Rossen Raykov" To: References: Subject: problem using sysinstall Date: Wed, 15 Nov 2000 14:57:08 -0500 Organization: SageConsult, Princeton MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1251" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I've received strange results after using sysinstall on 4.1.1-RELEASE FreeBSD. On preinstalled system I start /stand/sysinstall From the menu I select "Configure" -> "Distributions" . I select only bin from the distributions and start install from the primary ftp server. Everything ware fine except that that I started the installation remotely (thru firewall) and at some point after the transfer finished my ssh connection timeout and I loosed the connection with the server. I assume that the bin (re) installation finished fine. An hour later I went in the server room where box is and I try to login like root. For my surprise the system didn't prompt mi with a password but give me the root command prompt?! This off cource was not all. When I look at the /etc/password it ware completely new one! The root was without password, the root alias toor was with * for a password and without a shell! All other users accounts ware missing! I put a password for root and toor and try to login like toor. The result was that I received the root command prompt even if the account was without a shell in /etc/passwd?! The shell that I received was /bin/sh. My question is : is it normal to achieve such a results after this action? Is the sysinstall behavior correct? Why there ware no warnings about changes in /etc/passwd? Is it normal the behavior on toor alias? I believe the answer on all this questions is NO! I that is true then what wrong have I did? My sysinstall options are: Options Editor Name Value Name Value ---- ----- ---- ----- NFS Secure NO Media Timeout 300 NFS Slow NO Package Temp /usr/tmp Debugging NO Newfs Args -b 8192 -f 1024 No Warnings NO Config save YES Yes to All NO Re-scan Devices <*> DHCP NO Use Defaults [RESET!] FTP username ftp Editor /usr/bin/ee Tape Blocksize 20 Extract Detail high Release Name 4.1.1-RELEASE Install Root / Browser package lynx Browser Exec /usr/local/bin/lynx Media Type Use SPACE to select/toggle an option, arrow keys to move, ? or F1 for more help. When you're done, type Q to Quit. Please send copy to my e-mail address since I'm not on the list. Regards, Rossen Raykov To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message