[Arm-netbook] Mysteries of Lemote Yeeloong MIPS netbook
Sylvain L. Sauvage
Sylvain.L.Sauvage at free.fr
Fri Oct 19 01:54:37 BST 2012
Le vendredi 19 octobre 2012 à 00:13:04, freebirds at fastmail.fm a
écrit :
> On Thu, Oct 18, 2012, at 01:40 AM, Gordan Bobic wrote:
>[…]
> > normal, and nothing to worry about if you use reasonably
> > secure passwords. But there's nothing stopping you from
> > disabling it (check the documentation for your links
> > distro on how).
>
> Yeeloong has preinstalled a Chinese variant of Debian,
I thought it was based on Red Hat.
From wikipedia:
* Red Flag Linux is based on Asianux.
* Among others, Miracle Linux is a party in Asianux.
* Oracle owns Miracle Linux.
I don't see Oracle doing Debian. (And that might explain the
"CentOS" thing you talk about further.)
> not
> preinstalled OpenBSD. Bizarre a Debian distribution would
> run an OpenBSD by default.
Not bizarre at all.
First, Debian does not "run an OpenBSD", it runs a program
written by the OpenBSD project. Programs coming from the
OpenBSD project are free/libre software. They are thence
available for everyone to use.
Second, "OpenBSD secure shell server" just means "the program
written by the OpenBSD project that (the program) follows the
RFC 4251".
The OpenBSD sshd is, as Goran said, fairly common and safe
(provided you don't have a user with login "test" and password
"test" or "john"/"password", etc.).
> I am perplexed why an OpenBSD
> secure shell server and rsync remote offsite backup would
> start at shutdown unless I am being cracked. What is
> stopping me from disabling the server and rsync is: (1) I
> don't know how;
For a starter, you may just do 'chmod -x /etc/init.d/sshd' as
root.
You may also remove the programs packages.
But buy a book about how to admin a GNU/Linux (be it Debian or
another one): if you can't trust someone to administer for you
(and it seems the repair shops you talked about don't seem very
good at advicing you), then you have to learn to do it alone.
If you don't want to take the bus, learn to drive.
> and (2) I may not have the privilege.
If you are able to log as root ('su') or sudo ('sudo su'), and
you should, then you can.
>[…]
> I think you are correct that hpoj refers to HP OfficeJet.
> This is mentioned in the DMESG message. However, my printer
> is in storage. No printer is connected.
This program may just have been installed as a convenience in
case you want to use one of the fairly common HP
printer/scanner/kitchen sink.
> > > Starting file alteration monitor: FAM
> >
> > I'm guessing this is a security feature not dissimilar from
> > tripwire.
No, not for security. FAM is just a daemon that watches some
files or directories for modification. Its purpose is to lower
the burden of other programs that want to watch if a file or
directory is changed.
For example, local mail delivery puts files (the mails) in a
spool directory and the user programs have to check this
directory at regular interval to check for new mail, it's not
efficient. With FAM, they just tell FAM the directory and FAM
will tell them when, and only when, a change has occurred.
Gamin is another way to do that.
And, nowadays, the Linux kernel provides simpler means to do
that (inotify).
> FAM is not preinstalled in Debian. I didn't install it. Nor
> do I have access to its logs. FAM is available for BSD.
> http://sourceforge.net/projects/bsdfam/
Even if you didn't explicitely install FAM, it may:
* have been there from the beginning,
* or been pulled as a dependency from another package you
installed.
All the programs you are afraid of have simple and clear
articles to their names on Wikipedia (at least in the english
version). They also have their own website (often more technical
or less user friendly).
Looking up for them before crying wolf shouldn't be very
difficult.
> Second POST message screen:
>[…]
> df -h detected shm which I don't think is typical in a debian
> installation.
Oh yes it is. Very typical. Since a looong time ago.
>[…]
--
Sylvain Sauvage
More information about the arm-netbook
mailing list