From owner-freebsd-stable@FreeBSD.ORG Mon Dec 3 17:50:48 2007 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8A71716A421 for ; Mon, 3 Dec 2007 17:50:48 +0000 (UTC) (envelope-from mailman.msc@gmail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.181]) by mx1.freebsd.org (Postfix) with ESMTP id 6352213C461 for ; Mon, 3 Dec 2007 17:50:48 +0000 (UTC) (envelope-from mailman.msc@gmail.com) Received: by wa-out-1112.google.com with SMTP id k17so5713831waf for ; Mon, 03 Dec 2007 09:50:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=OY+fnPvade4RbKEYm8KGnwfdwwbyq68MndP3mblVrPo=; b=agaWLGj+yrAtlTMig/8zcuAEVjTKKTyr1HxOuzV1q7eo0qTVFWzF+/LgCCXuB/vBE4E32pVOXsm6SUrIbhUOU0Jgi1WjrTDXi83ovTIfbMgaPhpBMDIsP0pCDnWGF79+HOFFS4aF9Sz4ZQfmNRT20787xGuDPbWLA9QNQIKJsZc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=DTc0TWttbfHUUnAW63LOReI8eWYSj9RqgAoy8h6fCOonPDR2UrrD9GxSgO4YR2bbSbv7nTm0BHuvhfLS2KQp35ViSIxlY3PKpSApYhttaE0v56s2nf6vJn71QGmeUF293kHboWlR5x8HCpGSr9ZJHL3AM4mYeM5TsQon6RiSfqE= Received: by 10.114.179.1 with SMTP id b1mr1827693waf.1196704247930; Mon, 03 Dec 2007 09:50:47 -0800 (PST) Received: by 10.115.110.4 with HTTP; Mon, 3 Dec 2007 09:50:47 -0800 (PST) Message-ID: Date: Tue, 4 Dec 2007 01:50:47 +0800 From: "Anjang Aki" To: "Michael Proto" In-Reply-To: <47543008.7040902@jellydonut.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <47543008.7040902@jellydonut.org> Cc: freebsd-stable@freebsd.org Subject: Re: FreeBSD 6.3-PRERELEASE unable to change file permission X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Dec 2007 17:50:48 -0000 i just got the answer.. i need to run init 1 and do chflags -R 0 /usr/bin/rlogin and then i can change the file permission using chmod thanks for your advice On 12/4/07, Michael Proto wrote: > Anjang Aki wrote: > > hi!.. i'm not able to change file permission to disable rlogin and > > login on my box even as root > > > > # ls -lo /usr/bin/login /usr/bin/rlogin > > -r-sr-xr-x 1 root wheel schg 19996 Dec 1 13:04 /usr/bin/login > > -r-sr-xr-x 1 root wheel schg 10140 Dec 1 13:04 /usr/bin/rlogin > > > > # chflags -R nouchg login rlogin > > chflags: /usr/bin/login: Operation not permitted > > chflags: /usr/bin/rlogin: Operation not permitted > > > > # chmod a=rx /usr/bin/login /usr/bin/rlogin > > chmod: /usr/bin/login: Operation not permitted > > chmod: /usr/bin/rlogin: Operation not permitted > > > > it makes me uneasy as my users can still use login and rlogin to gain > > access to the box > > > > my system: > > # uname -a > > FreeBSD k3.college.edu 6.3-PRERELEASE FreeBSD 6.3-PRERELEASE #1: Sun > > Dec 2 18:51:02 MYT 2007 root@college.edu:/usr/obj/usr/src/sys/EDU > > i386 > > > > thanks for advice > > > > It looks like these files have the system-immutable flags set (schg), > not the user-immutable (uchg). What happens if you do "chflags noschg > /usr/bin/login /usr/bin/rlogin"? > > > -Proto > -- -- Anjang Aki --