Date: Tue, 20 Mar 2001 15:51:58 -0600 From: Mike Meyer <mwm@mired.org> To: "Doug Young" <dougy@bryden.apana.org.au> Cc: questions@freebsd.org Subject: Re: suroute ?? Message-ID: <15031.53502.186710.800014@guru.mired.org> In-Reply-To: <84630190@toto.iv>
next in thread | previous in thread | raw e-mail | index | archive | help
Doug Young <dougy@bryden.apana.org.au> types: > where did you see this mystical "suroute" you're > asking us to explain? :-) Sounds like a corruption of 'su root' to me > > The following is part of a message sent to me re a routing issue that > occurred on one of the local servers when I was interstate on the past > weekend. The person who sent it is currently unavailable, > but under the circumstances I can't imagine that he meant > "su root" > > "The root cause: suidperl lost its suid bit in the install, so > suroute failed to add network routes. But some of them still > seemed to happen, which I cannot explain" > > The situation is a remote FreeBSD 4.3 system with ethernet links > to other LAN machines / internet / etc, and several dialup LAN > connections. After the upgrade from 4.1 to 4.3 something broke > & consequently machines on the dialup LANs lost internet connectivity > (gateways were unaffected). I enabled NAT on as many systems as > possible as a short term workaround but I'd like to fix the problem > properly ASAP. I'm glad I didn't chime in with "I've got no idea what it is either." :-) Based on the diagnosis quoted, it's a locally maintained perl script for tweaking routes. Further, it's an suid perl script. For security reasons, FreeBSD by default installs the suidperl program without turning on the suid bit. The ASAP solution is to turn it on with "chmod u+s /usr/bin/suidperl". The long-term solution if you're building from sources is to set "ENABLE_SUIDPERL=true" in /etc/make.conf. If you're not building from sources but only installing RELEASE's, you'll have to get used to changing it after an install. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15031.53502.186710.800014>