Content-Type: text/plain
debian-user-digest Digest Volume 2015 : Issue 51
Today's Topics:
Re: Directories changing their side [ The Wanderer <wanderer@fastmail.fm> ]
Re: Directories changing their side [ Pertti Kosunen <pertti.kosunen@pp.n ]
Re: Find obsolete packages without u [ Fredrik Jonson <fredrik@jonson.org> ]
Re: Directories changing their side [ Ric Moore <wayward4now@gmail.com> ]
problem with corrupted root password [ Comer Duncan <comer.duncan@gmail.co ]
Re: problem with corrupted root pass [ Rob Owens <rowens@ptd.net> ]
Re: Have I been hacked? [ Brian <ad44@cityscape.co.uk> ]
Re: Have I been hacked? [ Brian <ad44@cityscape.co.uk> ]
Re: Have I been hacked? [ John Hasler <jhasler@newsguy.com> ]
Re: problem with corrupted root pass [ Gary Dale <garydale@torfree.net> ]
Re: Have I been hacked? [ Bob Proulx <bob@proulx.com> ]
Re: Disable server so it does not st [ Bob Proulx <bob@proulx.com> ]
Re: problem with corrupted root pass [ Bob Proulx <bob@proulx.com> ]
Date: Wed, 14 Jan 2015 09:25:28 -0500
From: The Wanderer <wanderer@fastmail.fm>
To: debian-user@lists.debian.org
Subject: Re: Directories changing their side when copied!
Message-ID: <[🔎] 54B67C58.5090703@fastmail.fm">[🔎] 54B67C58.5090703@fastmail.fm>
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="1nbMw8HPgnp8BtgCwbQMCbxTNmMPHT7kE"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--1nbMw8HPgnp8BtgCwbQMCbxTNmMPHT7kE
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
On 01/14/2015 at 09:16 AM, Rodolfo Medina wrote:
> Hi all.
>=20
> I realized that the same directory, once copied onto vfat pendrive
> with `cp' or also `rsync', have a size (detected with `du') that
> doesn't match with the source.
>=20
> Please help.
This is probably because du reports "size on disk" - that is, the amount
by which the available space on the disk would be increased if the file
weren't present - rather than the actual number of bytes in the file,
and the difference between those two numbers will vary depending on what
filesystem the file is sitting on.
Specifically, FAT-based filesystems have different overhead from EXT*
filesystems, which are probably what a modern Debian system is using by
default. Thus, since du reports "total size including filesystem
overhead", the space consumed by a file on a FAT FS will likely be
different from the space consumed by that file on an EXT FS.
The principle underlying this has been reported by Windows at least as
far back as Windows 95. If you right-click on a file in the Windows
file-manager program (Windows Explorer) and choose Properties, the
resulting dialog will give you two different file-size values; I believe
they're labeled "size in bytes" and "size on disk". The latter is what
du reports, and is what differs depending on what filesystem the file is
sitting on.
--=20
The Wanderer hopes that this is less confusing to read than it felt
like when he was writing it
The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw
--1nbMw8HPgnp8BtgCwbQMCbxTNmMPHT7kE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJUtnxhAAoJEASpNY00KDJr1NIQAI3Jz9JbnSED0CeovRT3uruV
DVooDpFVQwKQWDcjKDTsMG3xx3kaJbAvmvy2HtoSdT8UT7ZqCmvrv1aiNIxubhfi
h7G0Vll717LpOh7EBr/GYy3KoACBfTwIwFTXGgRSWVA8hKbub11n1smJtgOrh1dX
M1peYUVNH6Oqy7EQhIZCZwouU3bXBjSZilGVmSJEdvN+wkRiFKC27xc+lNC5IcR7
+qZwFwrTrcHJo71p65c2h6r7Jz8pLWLplNymtC2wer9wBc3gfKRt7XcLm6H0Vt6V
PWg+qag5ufivfV+bOCAlf8kMLx8hYHNXmrs87GuI315iIJHzNUG6U16PsdgWawWd
Llp6Lk9pNBUWewidw/t5Dz3HwlgVq/Ppo+WMxNnXBwiQfDipNFlue0JZq+WFWt2g
mY8UQ25X6ixoWzyhsTioCyR9uN0cL3wBT6cEs0o3vbOjam9vV6tn+mBuC9awZ1Zn
avWrP55F7DOBzXYNjnNeR89BXRfphVJ1/nTH73BjW13SayO3sHCiv2NCFmDp1Mwp
Fh/5KDSogSt6Xst1FGBtkO3fUJ1Uedome71elLFhG/2NjSuOaq99+gbLNYzNpSDg
hMxqOQi25v46tQOXYjPoqVrbUzshX13XBV1DAyL8ag27WTH/HXXYTgCuOyfw1vcL
fS9Xmu/H7lhhQT9pM9sQ
=XcsO
-----END PGP SIGNATURE-----
--1nbMw8HPgnp8BtgCwbQMCbxTNmMPHT7kE--
Date: Wed, 14 Jan 2015 16:21:46 +0200
From: Pertti Kosunen <pertti.kosunen@pp.nic.fi>
To: debian-user@lists.debian.org
Subject: Re: Directories changing their side when copied!
message-id: <[🔎] 54B67B7A.8000002@pp.nic.fi">[🔎] 54B67B7A.8000002@pp.nic.fi>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
On 14.1.2015 16:16, Rodolfo Medina wrote:
> Hi all.
>
> I realized that the same directory, once copied onto vfat pendrive with `cp' or
> also `rsync', have a size (detected with `du') that doesn't match with the
> source.
diff -r /original/dir /pendrive/dir
Date: 14 Jan 2015 16:32:18 GMT
From: Fredrik Jonson <fredrik@jonson.org>
To: debian-user@lists.debian.org
Subject: Re: Find obsolete packages without using aptitude?
Message-ID: <[🔎] slrnmbd6gi.g6k.fredrik@biggles.jonson.org">[🔎] slrnmbd6gi.g6k.fredrik@biggles.jonson.org>
Bob Proulx wrote:
> Try this:
>
> apt-show-versions | grep -v uptodate
>
> Or read my answer posted here Saturday:
>
> https://lists.debian.org/debian-user/2015/01/msg00358.html
Thanks, excellent. I'll try to improve the variety of my search phrases,
and digging deeper in the archive before posting next time.
--
Fredrik Jonson
Date: Wed, 14 Jan 2015 14:07:52 -0500
From: Ric Moore <wayward4now@gmail.com>
To: debian-user@lists.debian.org
Subject: Re: Directories changing their side when copied!
Message-ID: <[🔎] 54B6BE88.4070607@gmail.com">[🔎] 54B6BE88.4070607@gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
On 01/14/2015 09:16 AM, Rodolfo Medina wrote:
> Hi all.
>
> I realized that the same directory, once copied onto vfat pendrive with `cp' or
> also `rsync', have a size (detected with `du') that doesn't match with the
> source.
Different block sizes.
http://lists.slug.org.au/public/slug/2004/07/msg00003.html
:) Ric
--
My father, Victor Moore (Vic) used to say:
"There are two Great Sins in the world...
..the Sin of Ignorance, and the Sin of Stupidity.
Only the former may be overcome." R.I.P. Dad.
Linux user# 44256
Date: Wed, 14 Jan 2015 15:07:09 -0500
From: Comer Duncan <comer.duncan@gmail.com>
To: debian-user@lists.debian.org
Subject: problem with corrupted root password
Message-ID: <CAEL1xhCd-G3zeDf_UG7N7Ah=YJzPDa_0WPvfCPGHjfRtwhpRXw@mail.gmail.com>
Content-Type: multipart/alternative; boundary=089e013d1734d0ec9b050ca24892
--089e013d1734d0ec9b050ca24892
Content-Type: text/plain; charset=UTF-8
I recently got wheezy up and running. I installed xfce4 and like it.
However, today in the process of trying to spawn a root terminal (in
Accessories) and going through a cycle of trying to get authorized but
being prevented by repeated complaints that the system password I used was
not correct, I now find that I can not get logged in in single-user mode!
I have thus royally screwed up. So, how can I get the system password
changed to something new?
Thanks for help and apologies for making such an error.
Comer
--089e013d1734d0ec9b050ca24892
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">I recently got wheezy up and running.=C2=A0 I installed xf=
ce4 and like it.<div><br></div><div>However, today in the process of trying=
to spawn a root terminal (in Accessories) and going through a cycle of try=
ing to get authorized but being prevented by repeated complaints that the s=
ystem password I used was not correct, I now find that I can not get logged=
in in single-user mode!=C2=A0 I have thus royally screwed up.=C2=A0 So, ho=
w can I get the system password changed to something new?=C2=A0</div><div><=
br></div><div>Thanks for help and apologies for making such an error. =C2=
=A0</div><div><br></div><div>Comer</div></div>
--089e013d1734d0ec9b050ca24892--
Date: Wed, 14 Jan 2015 16:26:14 -0500
From: Rob Owens <rowens@ptd.net>
To: debian-user@lists.debian.org
Subject: Re: problem with corrupted root password
Message-ID: <[🔎] 20150114212614.GA8836@ptd.net">[🔎] 20150114212614.GA8836@ptd.net>
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="jRHKVT23PllUwdXP"
Content-Disposition: inline
--jRHKVT23PllUwdXP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Jan 14, 2015 at 03:07:09PM -0500, Comer Duncan wrote:
> I recently got wheezy up and running. I installed xfce4 and like it.
>=20
> However, today in the process of trying to spawn a root terminal (in
> Accessories) and going through a cycle of trying to get authorized but
> being prevented by repeated complaints that the system password I used was
> not correct, I now find that I can not get logged in in single-user mode!
> I have thus royally screwed up. So, how can I get the system password
> changed to something new?
>=20
> Thanks for help and apologies for making such an error.
Boot using a Live CD, then as root:
mount /dev/sda1 /mnt/sda1 (or whatever device is your root partition)
chroot /mnt/sda1
passwd=20
--jRHKVT23PllUwdXP
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJUtt72AAoJEPb6Pr/i0F2KxBEP/RNlH5pQ0/2sydudHhY5nUVV
tExtS9gRfCeOqEPRPKj0oO23SpbBjnSaNRoZ69tysH9bYJ0OGWHM/sSAHQw9tEtp
NNezc2b/I6lRQDrEIVm08N3KFtzXFL7vKPwFrxxLN7n4fYinYijiYqLrD98aE4ho
HHHbwLTYwrXEIKGXKdt6Y2mbo/YxzurueF3FPxnptzBUeFd/CwkwGKhOoAbQHYMg
yv1Ua6QWWg/2a2F4OK+ZlvRnDxeGyguHLPyvfxB4WeU+vdoOKmtrqYOIceUUuL9u
cYJJmhDKUonEaA0AWITny+oozA+MF6WK9AIs5YPaYOqI4H3P/Lo3FDXBiSH6Y9WM
vh/7jRbU+rjXtGEZzVcQNoKLrX6XQdxj/q6iiQpIfPzoKJhmpUcdtvRHUko65Bf1
Ww2TL9hbqM2T+sA122i4+gc+uAup+dnwP5aJQbrYew45oxV0o8QXfXXylYQdj4p+
WU5HsCYDvGFnVRR2wCRjFayqyOC1SuqQRmQ7KPQPV4dFEdI+fiQMJxokvLUJZo14
k8BieHgMi0CVK2HmYdq1K8I8I4GHgdCXtx9F5Gc+pEPIUby2LB58ydq2n81QNmhe
in5Ux9aNlfwH1/gK/wytNCXmeTP3V5DNP7A2xPtBQnndnw9S7YRL4tvseYDOFoVM
+ZbaJsQ9D00lZeX6VQ/m
=9j3a
-----END PGP SIGNATURE-----
--jRHKVT23PllUwdXP--
Date: Wed, 14 Jan 2015 21:56:05 +0000
From: Brian <ad44@cityscape.co.uk>
To: debian-user@lists.debian.org
Subject: Re: Have I been hacked?
Message-ID: <[🔎] 20150114215605.GB15925@copernicus.demon.co.uk">[🔎] 20150114215605.GB15925@copernicus.demon.co.uk>
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
On Tue 13 Jan 2015 at 22:16:12 -0700, Bob Proulx wrote:
> Brian wrote:
> > Seeing that my argument that enforcing (if it is possible) an
> > unmemorable password is not in the best interests of security doesn't
> > gain any tracton, let me try a different tack.
> >
> > The password
> >
> > TwasBrilligAndTheSlithyToves
> >
> > strikes me as a pretty good one for an ssh login. (I have capitalised
> > some letters for readability, not to add complexity). Personally, I find
> > it easy to remember and associate with ssh and my account. I cannot see
> > why it is not a good password for me.
>
> Why passwords have never been weaker—and crackers have never been stronger
> http://arstechnica.com/security/2012/08/passwords-under-assault/
>
> Most importantly, a series of leaks over the past few years containing
> more than 100 million real-world passwords have provided crackers with
> important new insights about how people in different walks of life
> choose passwords on different sites or in different settings. The
> ever-growing list of leaked passwords allows programmers to write
> rules that make cracking algorithms faster and more accurate; password
> attacks have become cut-and-paste exercises that even script kiddies
> can perform with ease.
>
> To summarize the problem it is that you as a human are unique in the
> universe, just like everyone else. Analyzing 100 million passwords
> exposes the human bias that you introduce that you don't realize you
> are introducing. It is "big data" removing the uniqueness and
> reducing the search space.
A good article. There is a follow-up at
http://arstechnica.com/security/2013/03/how-i-became-a-password-cracker/
Although it affects a user, the lack of security at a site is not fixable by
him and is not his responsibility. If usernames and hashes are exposed to
an off-line attack I would agree the only certain protection is a long,
complex password comprising random characters. It would be beyond the
present techniques to match the hash in any realistic time.
I am still going to maintain that "TwasBrilligAndTheSlithyToves" is a
more than adquate password for logging in *on-line*. If I were to lack
trust in the maintenence of security at a site I might consider a change
of heart. But then - what would I base my judgement on. apart from the
theoretcal possibility?
> I won't say that the technique you show above is a bad thing. But the
> current wisdom is that it isn't good enough anymore because after
> analyzing millions of real world passwords, programs can now guess
> what humans will do much of the time. So what you really need is
> something other than what a human would produce.
We are still on off-line cracking? How does this sound?
Memorable passwords are good. Long, complex passwords are also good. One
needn't exclude the other.
I can remember "TwasBrilligAndTheSlithyToves" and associate it with an
account.
Before signing up I do
echo TwasBrilligAndTheSlithyToves | sha1sum | base64 | cut -c -30
The output is what I give to a site as a password.
Furthermore, before any future logins I can run the command again to get
the same password. Isn't this on-line and off-line cracking taken care
of?
Date: Wed, 14 Jan 2015 21:56:53 +0000
From: Brian <ad44@cityscape.co.uk>
To: debian-user@lists.debian.org
Subject: Re: Have I been hacked?
Message-ID: <[🔎] 20150114215653.GC15925@copernicus.demon.co.uk">[🔎] 20150114215653.GC15925@copernicus.demon.co.uk>
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
On Wed 14 Jan 2015 at 18:52:06 +0900, Joel Rees wrote:
> 2015/01/13 5:17 "Brian" <ad44@cityscape.co.uk>:
> >
> > strikes me as a pretty good one for an ssh login. (I have capitalised
> > some letters for readability, not to add complexity). Personally, I find
> > it easy to remember and associate with ssh and my account. I cannot see
> > why it is not a good password for me.
>
> Just remember that fail2ban only does temporary tarpitting, and only if the
> attacks are repeated to quickly.
How about
http://whyscream.net/wiki/index.php/Fail2ban_monitoring_Fail2ban#Warning:_pick_the_right_jail
> > The automated probes wouldn't get close to cracking it.
>
> Think of a bot farm continuously hitting a crowd of targets, once a second,
> cycling through spoofed IPs, using informed strategies instead of pure
> brute force. If they can spoof one IP, they can spoof another.
Does this increase the number of connections per second?
> > The danger might
> > be a directed attack - from friends, associates, colleagues etc. If they
> > knew about my fixation on Lewis Carroll they might have a go at breaking
> > in.
>
> If they think you have something they want, people you don't know will find
> out about your interests. Blog posts, posts here, etc.
500,000.000 million on the internet at least. It's not my turn yet.
> > Actually, it would be ok as a password for banking access too. There
> > surely cannot be a banking site which does not take action after a
> > number of failed logins. Maybe not using fail2ban, but a similar
> > approach which protects both parties.
>
> Means you end up going to the bank in person, to get the lock removed.
The telephone?
People would be heavily critical if a bank did not take steps to monitor
logins and act on unusual activity.
> Banks aren't perfect, though. You could come to considerable trouble
> should, for instance, a bank employee decide to do a little investigating
> passwords in her spare time, without permission.
>
> But it's your bank account. Go for it.
I have no knowledge or control over what goes on in a bank, Why lose
sleep over worrying about it?
Date: Wed, 14 Jan 2015 16:28:14 -0600
From: John Hasler <jhasler@newsguy.com>
To: debian-user@lists.debian.org
Subject: Re: Have I been hacked?
Message-ID: <[🔎] 87oaq1dmkh.fsf@thumper.dhh.gt.org">[🔎] 87oaq1dmkh.fsf@thumper.dhh.gt.org>
Content-Type: text/plain
Brian writes:
> I can remember "TwasBrilligAndTheSlithyToves" and associate it with an
> account.
> Before signing up I do
> echo TwasBrilligAndTheSlithyToves | sha1sum | base64 | cut -c -30
> The output is what I give to a site as a password.
> Furthermore, before any future logins I can run the command again to get
> the same password.
Or you can install one of the software packages that do that for you.
--
John Hasler
jhasler@newsguy.com
Elmwood, WI USA
Date: Wed, 14 Jan 2015 18:01:18 -0500
From: Gary Dale <garydale@torfree.net>
To: debian-user@lists.debian.org
Subject: Re: problem with corrupted root password
Message-ID: <[🔎] 54B6F53E.60206@torfree.net">[🔎] 54B6F53E.60206@torfree.net>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
On 14/01/15 04:26 PM, Rob Owens wrote:
> On Wed, Jan 14, 2015 at 03:07:09PM -0500, Comer Duncan wrote:
>> I recently got wheezy up and running. I installed xfce4 and like it.
>>
>> However, today in the process of trying to spawn a root terminal (in
>> Accessories) and going through a cycle of trying to get authorized but
>> being prevented by repeated complaints that the system password I used was
>> not correct, I now find that I can not get logged in in single-user mode!
>> I have thus royally screwed up. So, how can I get the system password
>> changed to something new?
>>
>> Thanks for help and apologies for making such an error.
> Boot using a Live CD, then as root:
>
> mount /dev/sda1 /mnt/sda1 (or whatever device is your root partition)
> chroot /mnt/sda1
> passwd
I'd change the chroot command to
chroot /mnt/sda1 bash
to ensure you get the correct shell. System Rescue CD, for example, uses
zsh by default so chrooting with specifying the shell will get you a
not-found error.
Date: Wed, 14 Jan 2015 17:37:04 -0700
From: Bob Proulx <bob@proulx.com>
To: debian-user@lists.debian.org
Subject: Re: Have I been hacked?
Message-ID: <[🔎] 20150114172259240251530.NoCcsPlease@bob.proulx.com">[🔎] 20150114172259240251530.NoCcsPlease@bob.proulx.com>
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="fUYQa+Pmc3FrFX/N"
Content-Disposition: inline
--fUYQa+Pmc3FrFX/N
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Brian wrote:
> Bob Proulx wrote:
> > Brian wrote:
> I am still going to maintain that "TwasBrilligAndTheSlithyToves" is a
> more than adquate password for logging in *on-line*. If I were to lack
> trust in the maintenence of security at a site I might consider a change
> of heart. But then - what would I base my judgement on. apart from the
> theoretcal possibility?
>=20
> > I won't say that the technique you show above is a bad thing. But the
> > current wisdom is that it isn't good enough anymore because after
> > analyzing millions of real world passwords, programs can now guess
> > what humans will do much of the time. So what you really need is
> > something other than what a human would produce.
>=20
> We are still on off-line cracking? How does this sound?
Oops. You caught me. Everyone else continued to talk about offline
cracking and I had pretty much given up and lost track of the topic.
But you were specifically said online and emphasized it. My bad.
Although I was trying to address specifically the trust in site
security. It is only a matter of time before a high profile site is
so mired in its own bureaucracy that they lose track of its own
security and expose this information. Historically speaking.
But the original poster was talking about a personal Debian system.
For a personal system one could probably get away with using a pretty
weak password. Your password method would be a pretty strong one for
a personal system. If the system is compromised to the point that
/etc/shadow with the hashes exposed for an offline attack then you
should scrape it clean and install from known good pristine sources
and start again using all different passwords than before. The weak
password wouldn't have been the problem in that case. The attack
could only have only have come through some other vector into the
machine.
Bob
P.S. Before leaving remote web sites entirely behind...
Most important is to use a unique password per site. Then using a
strong password only if I care about having that data cracked. I use
my fair share of weak throwaway passwords on weak throwaway sites.
But I never reuse them across sites.
--fUYQa+Pmc3FrFX/N
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlS3C7AACgkQ0pRcO8E2ULbg5QCffKfvVuN/u3HLdIxvcszWad8F
nIcAnRMtL5YwMXAg/RjmRBBqVmrJRSK5
=yJmm
-----END PGP SIGNATURE-----
--fUYQa+Pmc3FrFX/N--
Date: Wed, 14 Jan 2015 17:44:10 -0700
From: Bob Proulx <bob@proulx.com>
To: debian-user@lists.debian.org
Subject: Re: Disable server so it does not start on reboot (even after
upgrade)?
Message-ID: <[🔎] 20150114173803291331115.NoCcsPlease@bob.proulx.com">[🔎] 20150114173803291331115.NoCcsPlease@bob.proulx.com>
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="V0207lvV8h4k8FAm"
Content-Disposition: inline
--V0207lvV8h4k8FAm
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Tony Baldwin wrote:
> Andrei POPESCU wrote:
> > Xavi wrote:
> > > First I do:
> > >=20
> > > sudo update-rc.d -f apache2 remove
> > >=20
> > > and then, to assert the rc.d links are not recreated,=20
> > > I recreate them stopped in all runlevels:
> > >=20
> > > sudo update-rc.d apache2 stop 80 0 1 2 3 4 5 6 .
Was that associated with some previous thread?
> > Or one could just use 'disable'.
Or it could be removed. Why have it installed if it isn't going to be
running?
apt-get remove apache2
Personally I "purge" instead of remove but I know I have etckeeper
keeping /etc backed up along with a real off system backup too. So I
can purge things without thinking knowing if I didn't want that I
could recover the /etc conffiles from backup.
> Couldn't you just turn apache2 off in rcconf?
If one mentions rcconf then one might as well mention chkconfig too.
Basically the same thing but perhaps more familiar to people coming
=66rom other software distributions.
> Or did I miss something in this thread?
This thread has little context. :-(
Bob
--V0207lvV8h4k8FAm
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlS3DVoACgkQ0pRcO8E2ULagBQCfWv93IvWIUsAX4OuXJPBKM7j/
rOcAn08B5LNVbI5dMZl/GGTwWLzaiZfn
=BMsG
-----END PGP SIGNATURE-----
--V0207lvV8h4k8FAm--
Date: Wed, 14 Jan 2015 17:51:35 -0700
From: Bob Proulx <bob@proulx.com>
To: debian-user@lists.debian.org
Subject: Re: problem with corrupted root password
Message-ID: <[🔎] 20150114174838299279820.NoCcsPlease@bob.proulx.com">[🔎] 20150114174838299279820.NoCcsPlease@bob.proulx.com>
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="t0UkRYy7tHLRMCai"
Content-Disposition: inline
--t0UkRYy7tHLRMCai
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Comer Duncan wrote:
> However, today in the process of trying to spawn a root terminal (in
> Accessories) and going through a cycle of trying to get authorized but
> being prevented by repeated complaints that the system password I used was
> not correct, I now find that I can not get logged in in single-user mode!
> I have thus royally screwed up. So, how can I get the system password
> changed to something new?
Did you get added to the sudo group? If you are lucky then you did
and you can use your own password instead of root.
$ sudo passwd root
$ su -
#
Worth a try. Remember that sudo asks for your password not root's
password. Also you can use sudo to list what sudo actions are
available to you.
$ sudo -l
Bob
--t0UkRYy7tHLRMCai
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlS3DxcACgkQ0pRcO8E2ULZk0QCdG1JY1xrM7XMgYa3twd2nxsHA
qk8AnRY3QoKE7Q/AfQqrcW6qcPa78Q1v
=ad3/
-----END PGP SIGNATURE-----
--t0UkRYy7tHLRMCai--