pigeon5566
asked on
uucp command
we are using HP-UX 10.2
My application is interacting with another application via uucp. Now the interface with other application system is going to be removed. So i need to remove the details about the another system in my system so that it doesnt send/receive files to us. I am able to see a directory /etc/uucp and /usr/lib/uucp. There are a lot of file under it. Which file contain entries about other machines. What i need to remove the entries about the other machine.
My application is interacting with another application via uucp. Now the interface with other application system is going to be removed. So i need to remove the details about the another system in my system so that it doesnt send/receive files to us. I am able to see a directory /etc/uucp and /usr/lib/uucp. There are a lot of file under it. Which file contain entries about other machines. What i need to remove the entries about the other machine.
ASKER
I am able to find the below files under /etc/uucp
ls -ltr /etc/uucp
-r--r--r-- 1 bin bin 15 Nov 6 1995 Dialcodes
-r--r--r-- 1 bin bin 2 Nov 6 1995 Maxuuxqts
-r--r--r-- 1 bin bin 2 Nov 6 1995 Maxuuscheds
-r-------- 1 root sys 3248 Sep 10 1998 Systems_s
-r--r--r-- 1 root sys 1007 Sep 11 1998 Permissions_s
-r--r--r-- 1 bin bin 2361 Dec 21 1998 Devices
-r--r--r-- 1 bin bin 1483 Dec 21 1998 Permissions
-r--r--r-- 1 bin bin 12435 Dec 21 1998 Dialers
-r--r----- 1 uucp daemon 3594 Apr 10 2001 Systems_old
-r--r--r-- 1 bin bin 649 Sep 21 2004 Poll
-r--r----- 1 root scc 3774 Sep 22 2004 Systems_0922
-r--r----- 1 uucp daemon 3776 Sep 22 2004 Systems
-rw-r--r-- 1 root sys 29622180 Jul 12 08:06 cron.log
I am not able to find the sys,port,dial and config files in the /etc/uucp directory
ls -ltr /etc/uucp
-r--r--r-- 1 bin bin 15 Nov 6 1995 Dialcodes
-r--r--r-- 1 bin bin 2 Nov 6 1995 Maxuuxqts
-r--r--r-- 1 bin bin 2 Nov 6 1995 Maxuuscheds
-r-------- 1 root sys 3248 Sep 10 1998 Systems_s
-r--r--r-- 1 root sys 1007 Sep 11 1998 Permissions_s
-r--r--r-- 1 bin bin 2361 Dec 21 1998 Devices
-r--r--r-- 1 bin bin 1483 Dec 21 1998 Permissions
-r--r--r-- 1 bin bin 12435 Dec 21 1998 Dialers
-r--r----- 1 uucp daemon 3594 Apr 10 2001 Systems_old
-r--r--r-- 1 bin bin 649 Sep 21 2004 Poll
-r--r----- 1 root scc 3774 Sep 22 2004 Systems_0922
-r--r----- 1 uucp daemon 3776 Sep 22 2004 Systems
-rw-r--r-- 1 root sys 29622180 Jul 12 08:06 cron.log
I am not able to find the sys,port,dial and config files in the /etc/uucp directory
The Systems file should contain the details of 'other' systems.
If you want to remove a complete 'line/connection' then you would edit Devices.
Cheers
JJ
PS - do a 'man cu' for some background reading.
ASKER
I want disable the uucp communication with another system. My system is sending/receiving files to/from another system. If i remove an entry in systems file will it stop both sending and receiving from another system. Do i need to remove entries in some other file for stopping the receiving files from another system.
Changing you systems file will stop sendin to the remote system.
You cannot stop recieving (from anyone) - unless you start to protect yourself by one or more of:
1. Removing the uucp functionality.
2. Changing passwords used by the remote system.
3. Removing your system details from their systems file.
4. Changing privileges on inbound directories.
5. Setting up firewalling.
Probably some other 'hardening' techniqueues, but I'm not aware of any uucp configurative ways of doing it, but it has been 15 years years since I used it !!
Cheers
JJ
It depends on how your system is set up, but start with Systems (as already mentioned) and Permissions. Looking at the modification dates in the file list you posted, you might also want to look at Poll (I never used it and can't remember what it's for, but if it has an entry for that other computer, I'd delete it, or comment it out).
BTW, those variations on Systems and Permissions, like Systems_old and Permissions_s, are presumably just copies of the files that someone made. Systems and Permissions should be the "live" files.
Which computer initiates the connection, yours or the other computer?
If it's yours, take the other computer out of Systems and your computer can't connect to it any more (via uucp), even if it wants to.
If the other computer initiates the connection, taking it out of Systems may be enough to keep it from getting in. It's been a while and I can't remember for sure if an entry in Systems is absolutely required. I think there might be settings that allow connections from "anonymous" computers, in which case simply taking that computer out of Systems may not be enough, depending on how your system is set up.
You should also look at Permissions. It can control which directories a computer is allowed to access, whether it can send or request files, etc. FWIW, you could try to use Permissions to restrict that computer's access, so that it couldn't do what it wanted to do (eg. don't allow it to send files), but it would be better to prevent it from getting into your computer, or even trying to connect to it, for that matter. So, while I think it'd be worthwhile to look at Permissions and see if that other computer is there, there may not actually be much point in trying to change anything there.
If you want to be absolutely sure that that other computer can not connect to your computer, you could find out what login that computer uses to connect to your computer and remove the login or change the password, but if other computers use the same login, they won't be able to get in either unless they are changed to use the new password, or a different login. The login they use may be in a log file (probably under /usr/lib/uucp somewhere, I think). Otherwise, check the Systems file on that computer (Systems has the name of each known system, and the connection and login info used to connect to that system).
Whichever computer is initiating the connection, if it's done automatically, you probably want to stop that, so it doesn't try to establish the connection anymore. There are various ways it could be done, but the first place to look would be in the cron files (traditionally in /usr/spool/cron/crontabs).
Hope this helps.
James
BTW, those variations on Systems and Permissions, like Systems_old and Permissions_s, are presumably just copies of the files that someone made. Systems and Permissions should be the "live" files.
Which computer initiates the connection, yours or the other computer?
If it's yours, take the other computer out of Systems and your computer can't connect to it any more (via uucp), even if it wants to.
If the other computer initiates the connection, taking it out of Systems may be enough to keep it from getting in. It's been a while and I can't remember for sure if an entry in Systems is absolutely required. I think there might be settings that allow connections from "anonymous" computers, in which case simply taking that computer out of Systems may not be enough, depending on how your system is set up.
You should also look at Permissions. It can control which directories a computer is allowed to access, whether it can send or request files, etc. FWIW, you could try to use Permissions to restrict that computer's access, so that it couldn't do what it wanted to do (eg. don't allow it to send files), but it would be better to prevent it from getting into your computer, or even trying to connect to it, for that matter. So, while I think it'd be worthwhile to look at Permissions and see if that other computer is there, there may not actually be much point in trying to change anything there.
If you want to be absolutely sure that that other computer can not connect to your computer, you could find out what login that computer uses to connect to your computer and remove the login or change the password, but if other computers use the same login, they won't be able to get in either unless they are changed to use the new password, or a different login. The login they use may be in a log file (probably under /usr/lib/uucp somewhere, I think). Otherwise, check the Systems file on that computer (Systems has the name of each known system, and the connection and login info used to connect to that system).
Whichever computer is initiating the connection, if it's done automatically, you probably want to stop that, so it doesn't try to establish the connection anymore. There are various ways it could be done, but the first place to look would be in the cron files (traditionally in /usr/spool/cron/crontabs).
Hope this helps.
James
ASKER
Thanks a lot for the info .In the program i am able to see its using uucp command to transfer the file to remote system. If i modify the Systems and Permissions file do i need to restart any daemon or uucp command will automatically know about the modification in the config file?
Traditionally, uucp commands read the Systems, etc. files every time they are run, so no restarts should be necessary.
FYI, uucico is the program that actually performs file transfers.
James
FYI, uucico is the program that actually performs file transfers.
James
ASKER
Thanks a lot for the info
1. Remote system to which our system sending is ocdpp01. To stop our system sending files to external systemIn system file i need to delete or comment the line number 40 . Hope i am correct
System
******
33 ########## interface to OCDDB ##########
34
35 nspmprod Any TCP "" \r in:--in: nuucp word: dragon
36 ocddb Any;30 DK,g Any mo/kscygw/4002 "" "" in:--in: topas word: n0sc0re.
37 irdwsvr2 Any TCP "" \r in:--in: nuucp word: dragon
38 # ocdpp01 Any;30 DK,g Any az/mscdd/2222 "" \r\r\c in:--in: topuucp word: ftuucp
39 #ocdpp01 Any;30 DK,g Any 727/385/2222 "" \r\r\c in:--in: topuucp word: ftuucp
40 #ocdpp01 Any;30 DK,g Any 727/404/2222 "" \r\r\c in:--in: topuucp word: ftuucp
41 ocdpp01 Any TCP "" \r in:--in: topuucp word: ftuucp
42 #ocdpp01 Any;30 DK,g Any 685/207/0709.uucp"" \r\r\c in:--in: topuucp word: ftuucp
43
2. Remote system ocddp01 is putting the files in our local machine's /topas/reports/ocdd directory.
So if i want to stop the external system sending to our directory in line number 17,18 i need to remove /topas/reports/ocdd directory entry. Hope i am correct? Also do i need to remove the line between 47 and 51 or is it sufficient to remove the directory entry /topas/reports/ocdd in line number 48.
Permissions
***********
16 LOGNAME=nuucp \
17 READ=/var/spool:/topas/rep
18 WRITE=/var/spool/uucppubli
19 REQUEST=yes SENDFILES=no \
20 COMMANDS=rmail:lp:uux:/usr
47 MACHINE=ocdpp01 \
48 READ=/topas/reports/ocdd:/
49 WRITE=/var/spool/uucppubli
50 REQUEST=yes \
51 COMMANDS=rmail:lp:uux:/usr
52
3. Also what is purpose of Machine entry and logname entry in permissions entry?
1. Remote system to which our system sending is ocdpp01. To stop our system sending files to external systemIn system file i need to delete or comment the line number 40 . Hope i am correct
System
******
33 ########## interface to OCDDB ##########
34
35 nspmprod Any TCP "" \r in:--in: nuucp word: dragon
36 ocddb Any;30 DK,g Any mo/kscygw/4002 "" "" in:--in: topas word: n0sc0re.
37 irdwsvr2 Any TCP "" \r in:--in: nuucp word: dragon
38 # ocdpp01 Any;30 DK,g Any az/mscdd/2222 "" \r\r\c in:--in: topuucp word: ftuucp
39 #ocdpp01 Any;30 DK,g Any 727/385/2222 "" \r\r\c in:--in: topuucp word: ftuucp
40 #ocdpp01 Any;30 DK,g Any 727/404/2222 "" \r\r\c in:--in: topuucp word: ftuucp
41 ocdpp01 Any TCP "" \r in:--in: topuucp word: ftuucp
42 #ocdpp01 Any;30 DK,g Any 685/207/0709.uucp"" \r\r\c in:--in: topuucp word: ftuucp
43
2. Remote system ocddp01 is putting the files in our local machine's /topas/reports/ocdd directory.
So if i want to stop the external system sending to our directory in line number 17,18 i need to remove /topas/reports/ocdd directory entry. Hope i am correct? Also do i need to remove the line between 47 and 51 or is it sufficient to remove the directory entry /topas/reports/ocdd in line number 48.
Permissions
***********
16 LOGNAME=nuucp \
17 READ=/var/spool:/topas/rep
18 WRITE=/var/spool/uucppubli
19 REQUEST=yes SENDFILES=no \
20 COMMANDS=rmail:lp:uux:/usr
47 MACHINE=ocdpp01 \
48 READ=/topas/reports/ocdd:/
49 WRITE=/var/spool/uucppubli
50 REQUEST=yes \
51 COMMANDS=rmail:lp:uux:/usr
52
3. Also what is purpose of Machine entry and logname entry in permissions entry?
First of all, I hope you edited those Systems lines. Otherwise, you just posted the logins and passwords that your system uses to connect to those systems. The sequence at the end of the line is a login sequence. Basically, it tells uucp to look for "in:" (as in the end of "login:"), then send the next field (eg. nuucp), then look for "word:" (as in the end of "password:"), then send the next field. uucp doesn't encrypt or alter those fields in any way. Those are the actual logins and passwords it uses, unless you altered them.
If those were actual logins and passwords, you might want to delete this thread (AFAIK, you can't delete a single message) and start over (I plan to save a copy of my messages, just in case), but the fact is, they're already "out there". You should at least change the passwords. That means changing the password on a remote system and then changing the password for that system in the Systems file on every system that initiates a uucp connection to that system.
James
If those were actual logins and passwords, you might want to delete this thread (AFAIK, you can't delete a single message) and start over (I plan to save a copy of my messages, just in case), but the fact is, they're already "out there". You should at least change the passwords. That means changing the password on a remote system and then changing the password for that system in the Systems file on every system that initiates a uucp connection to that system.
James
Now, getting back to your questions:
For the record, I haven't used uucp under HP-UX. My answers are based on using uucp under various other versions of Unix. But uucp is an old and, in my experience, fairly standardized package. The HP-UX version should be basically the same.
Systems:
> To stop our system sending files to external system
> In system file i need to delete or comment the line number 40
If you want to prevent any outgoing connections with ocdpp01, I would also delete/comment line 41 and any other line that references ocdpp01.
However, removing these entries doesn't specifcally prevent your system from sending files to, or receiving files from, ocdpp01. It keeps your system from initiating a connection to ocdpp01. But it doesn't necessarily keep ocdpp01 from initiating a connection to your system, and if a connection is established, file transfers (sending or receiving) can be initiated by _either_ system.
See if you have a remote.unknown file on your system. It may be in /usr/lib/uucp, or it may be somewhere else. This is a standard script file that uucp uses to decide what to do if a system that is _not_ listed in Systems connects to your system. I think the traditional operation is:
If remote.unknown is found and is executable, it records in a log file that an unknown system tried to connect and the connection is denied.
If remote.unknown is not found or is not executable, uucp will allow unknown systems, _any_ unknown systems, to establish uucp connections to your system.
For the purposes of not allowing connections from ocdpp01, you'd want the first option. If your system is set up to allow connections from unknown systems for some reason, you might want to try to change it. ocdpp01 aside, allowing unknown systems to initiate uucp connections presents obvious security issues.
FWIW, the remote.unknown script could also theoretically be modified to perform specific operations, like allow connections from some systems and not others.
Permissions:
> So if i want to stop the external system sending to our directory in
> line number 17,18 i need to remove /topas/reports/ocdd directory entry.
It depends, but you probably don't want to do that.
LOGNAME means login name. Changing any of those settings will affect every uucp connection to your system that uses that login. nuucp is a standard/default login. If you have other systems that initiate uucp connections to your system and use that same login, which seems likely based on what I've seen so far, changing the entries for LOGNAME=nuucp will affect those other systems as well.
To prevent any uucp operations between your system and ocdpp01:
The simplest answer would be to delete/comment all references to ocdpp01 in Systems, provided that your system will not allow "unknown" systems to initiate uucp connections to your system. That may be determined by a remote.unknown script. At least, that's the first thing I'd look for.
The next simplest thing would probably be to change your Systems file _and_ the Systems file on ocdpp01. If you eliminate every reference to your system from the Systems file on ocdpp01, it should not be able to initiate a uucp connection to your system either. If neither system can initiate a uucp connection to the other, the settings in Permissions, etc. should be moot.
In case you're wondering, you shouldn't need to worry if there is a remote.unknown script on ocdpp01. If you eliminate ocdpp01 from your Systems file, your system can't initiate a uucp connection to ocdpp01, so a remote.unknown script on ocdpp01 shouldn't be an issue. Likewise, if you eliminate your system from Systems on ocdpp01, ocdpp01 can't initiate a uucp connection to your system, in which case a remote.unknown script on your system wouldn't be an issue either.
There are various other possibilities, like changing the login used by ocdpp01 and/or any other systems that initiate uucp connections to your system, so you can control what they can/can't do using Permissions; or simply lock ocdpp01 out by setting it up to use an invalid login/password, so it can't login (that would involve changing the Systems file on ocdpp01, not your Systems file). But they all seem a lot more complicated than just removing the appropriate system names from the Systems files on both systems.
For the record, it's been a long time, but I think it may be possible to have uucp transfer files indirectly (systemA to systemB to systemC), by giving it a list of system names. In that way, it might be possible to transfer files between your system and ocdpp01 indirectly, by way of another system that your system and ocdpp01 are both communicating with. But you have to issue specific commands to do that. It won't just happen automatically. It's presumably not anything you need to worry about, but I have no idea how the files are being transferred, so I just wanted to mention it. If some files do show up, that might be worth looking into.
> 3. Also what is purpose of Machine entry and logname entry in permissions entry?
I already covered LOGNAME. MACHINE is used to control the permissions a remote system has when _your_ _system_ initiates the connection. IOW,
When a remote system initiates a uucp connection to your system, it uses a login/password and the LOGNAME entry for that login controls which directories your system will allow that system to access, etc.
When your system initiates a uucp connection to a remote system, the MACHINE entry for that system controls which directories that system can access, etc.
Basically, they both control what a remote system can do on your system via uucp. The difference is which end initiates the connection.
You can find a description of the Permissions file at:
http://publib.boulder.ibm.com/infocenter/pseries/v5r3/topic/com.ibm.aix.doc/files/aixfiles/Permissions.htm
Technically, it's for AIX (another version of Unix), but, like I said, this uucp stuff has been around a long time and is pretty well standardized. It should all, or just about all, apply to your system. If you click on the Index link on that page you'll get a long list of files and you can find other things there, like Systems.
FWIW, I found that page doing a Google search for "uucp logname" (without the quotes). It was the first hit. Google is your friend. :-) A little searching would probably turn up something for HP-UX. That page gave me what I was looking for (trying to refresh my memory on some things), so I didn't look any further.
James
For the record, I haven't used uucp under HP-UX. My answers are based on using uucp under various other versions of Unix. But uucp is an old and, in my experience, fairly standardized package. The HP-UX version should be basically the same.
Systems:
> To stop our system sending files to external system
> In system file i need to delete or comment the line number 40
If you want to prevent any outgoing connections with ocdpp01, I would also delete/comment line 41 and any other line that references ocdpp01.
However, removing these entries doesn't specifcally prevent your system from sending files to, or receiving files from, ocdpp01. It keeps your system from initiating a connection to ocdpp01. But it doesn't necessarily keep ocdpp01 from initiating a connection to your system, and if a connection is established, file transfers (sending or receiving) can be initiated by _either_ system.
See if you have a remote.unknown file on your system. It may be in /usr/lib/uucp, or it may be somewhere else. This is a standard script file that uucp uses to decide what to do if a system that is _not_ listed in Systems connects to your system. I think the traditional operation is:
If remote.unknown is found and is executable, it records in a log file that an unknown system tried to connect and the connection is denied.
If remote.unknown is not found or is not executable, uucp will allow unknown systems, _any_ unknown systems, to establish uucp connections to your system.
For the purposes of not allowing connections from ocdpp01, you'd want the first option. If your system is set up to allow connections from unknown systems for some reason, you might want to try to change it. ocdpp01 aside, allowing unknown systems to initiate uucp connections presents obvious security issues.
FWIW, the remote.unknown script could also theoretically be modified to perform specific operations, like allow connections from some systems and not others.
Permissions:
> So if i want to stop the external system sending to our directory in
> line number 17,18 i need to remove /topas/reports/ocdd directory entry.
It depends, but you probably don't want to do that.
LOGNAME means login name. Changing any of those settings will affect every uucp connection to your system that uses that login. nuucp is a standard/default login. If you have other systems that initiate uucp connections to your system and use that same login, which seems likely based on what I've seen so far, changing the entries for LOGNAME=nuucp will affect those other systems as well.
To prevent any uucp operations between your system and ocdpp01:
The simplest answer would be to delete/comment all references to ocdpp01 in Systems, provided that your system will not allow "unknown" systems to initiate uucp connections to your system. That may be determined by a remote.unknown script. At least, that's the first thing I'd look for.
The next simplest thing would probably be to change your Systems file _and_ the Systems file on ocdpp01. If you eliminate every reference to your system from the Systems file on ocdpp01, it should not be able to initiate a uucp connection to your system either. If neither system can initiate a uucp connection to the other, the settings in Permissions, etc. should be moot.
In case you're wondering, you shouldn't need to worry if there is a remote.unknown script on ocdpp01. If you eliminate ocdpp01 from your Systems file, your system can't initiate a uucp connection to ocdpp01, so a remote.unknown script on ocdpp01 shouldn't be an issue. Likewise, if you eliminate your system from Systems on ocdpp01, ocdpp01 can't initiate a uucp connection to your system, in which case a remote.unknown script on your system wouldn't be an issue either.
There are various other possibilities, like changing the login used by ocdpp01 and/or any other systems that initiate uucp connections to your system, so you can control what they can/can't do using Permissions; or simply lock ocdpp01 out by setting it up to use an invalid login/password, so it can't login (that would involve changing the Systems file on ocdpp01, not your Systems file). But they all seem a lot more complicated than just removing the appropriate system names from the Systems files on both systems.
For the record, it's been a long time, but I think it may be possible to have uucp transfer files indirectly (systemA to systemB to systemC), by giving it a list of system names. In that way, it might be possible to transfer files between your system and ocdpp01 indirectly, by way of another system that your system and ocdpp01 are both communicating with. But you have to issue specific commands to do that. It won't just happen automatically. It's presumably not anything you need to worry about, but I have no idea how the files are being transferred, so I just wanted to mention it. If some files do show up, that might be worth looking into.
> 3. Also what is purpose of Machine entry and logname entry in permissions entry?
I already covered LOGNAME. MACHINE is used to control the permissions a remote system has when _your_ _system_ initiates the connection. IOW,
When a remote system initiates a uucp connection to your system, it uses a login/password and the LOGNAME entry for that login controls which directories your system will allow that system to access, etc.
When your system initiates a uucp connection to a remote system, the MACHINE entry for that system controls which directories that system can access, etc.
Basically, they both control what a remote system can do on your system via uucp. The difference is which end initiates the connection.
You can find a description of the Permissions file at:
http://publib.boulder.ibm.com/infocenter/pseries/v5r3/topic/com.ibm.aix.doc/files/aixfiles/Permissions.htm
Technically, it's for AIX (another version of Unix), but, like I said, this uucp stuff has been around a long time and is pretty well standardized. It should all, or just about all, apply to your system. If you click on the Index link on that page you'll get a long list of files and you can find other things there, like Systems.
FWIW, I found that page doing a Google search for "uucp logname" (without the quotes). It was the first hit. Google is your friend. :-) A little searching would probably turn up something for HP-UX. That page gave me what I was looking for (trying to refresh my memory on some things), so I didn't look any further.
James
ASKER
James , Thanks a lot for the info .You had posted me a long one. Will read it and reply you back.
ASKER
James,
I will remove the line number 41 in systems file which has details about the remote machine ocddp01. I will be unable to remove the entry about my machine from systems file in remote machine ocddp01. I am able to see a remote.unknown file in /user/lib/uucp directory which has the below contents
# @(#) $Revision: 72.1 $
#
FOREIGN=/var/uucp/.Admin/F
echo "`date`: call from system $1" >> $FOREIGN
You had said
" See if you have a remote.unknown file on your system. It may be in /usr/lib/uucp, or it may be somewhere else. This is a standard script file that uucp uses to decide what to do if a system that is _not_ listed in Systems connects to your system. I think the traditional operation is:
If remote.unknown is found and is executable, it records in a log file that an unknown system tried to connect and the connection is denied.?"
If i remove the entry of the remote machine ocdpp01 in systems file in my local machine and after that remote machine ocdpp01 communicates to my machine the connection would be denied since remote.unknown file is found in /usr/lib/uucp file. So there is no need for me to modify the permissions file to deny the remote machine sending files to my machine. Hope i am correct. Only i need to modify systems file and there is no need to modify permissions file.
I will remove the line number 41 in systems file which has details about the remote machine ocddp01. I will be unable to remove the entry about my machine from systems file in remote machine ocddp01. I am able to see a remote.unknown file in /user/lib/uucp directory which has the below contents
# @(#) $Revision: 72.1 $
#
FOREIGN=/var/uucp/.Admin/F
echo "`date`: call from system $1" >> $FOREIGN
You had said
" See if you have a remote.unknown file on your system. It may be in /usr/lib/uucp, or it may be somewhere else. This is a standard script file that uucp uses to decide what to do if a system that is _not_ listed in Systems connects to your system. I think the traditional operation is:
If remote.unknown is found and is executable, it records in a log file that an unknown system tried to connect and the connection is denied.?"
If i remove the entry of the remote machine ocdpp01 in systems file in my local machine and after that remote machine ocdpp01 communicates to my machine the connection would be denied since remote.unknown file is found in /usr/lib/uucp file. So there is no need for me to modify the permissions file to deny the remote machine sending files to my machine. Hope i am correct. Only i need to modify systems file and there is no need to modify permissions file.
Make sure the remote.unknown file has execute permissions. If the permissions won't allow uucp to execute remote.unkown, uucp won't use it. If you're not sure how to check the permissions, post the results of "ls -l /usr/lib/uucp/remote.unkno
Or, just look for a /var/uucp/.Admin/Foreign file (as shown in remote.unknown). If Foreign exists and has been modified recently, remote.unknown is probably working.
Once you've removed any other references to ocdpp01 in Systems, wait until ocdpp01 should have tried to contact your system (How often is that?) and see if one or more entries for ocdpp01 have been added to the end of Foreign. If so, that should confirm that remote.unknown is blocking incoming connections from ocdpp01.
> So there is no need for me to modify the permissions file to
> deny the remote machine sending files to my machine.
As long as remote.unkown is doing its thing then yeah, I think you can leave Permissions as is.
James
PS: If those were actual passwords in that one message, I hope you changed them.
Or, just look for a /var/uucp/.Admin/Foreign file (as shown in remote.unknown). If Foreign exists and has been modified recently, remote.unknown is probably working.
Once you've removed any other references to ocdpp01 in Systems, wait until ocdpp01 should have tried to contact your system (How often is that?) and see if one or more entries for ocdpp01 have been added to the end of Foreign. If so, that should confirm that remote.unknown is blocking incoming connections from ocdpp01.
> So there is no need for me to modify the permissions file to
> deny the remote machine sending files to my machine.
As long as remote.unkown is doing its thing then yeah, I think you can leave Permissions as is.
James
PS: If those were actual passwords in that one message, I hope you changed them.
ASKER
ls -l /usr/lib/uucp/remote.unkno
-r--r--r-- 1 bin bin 107 May 30 1996 /usr/lib/uucp/remote.unkno
ll /var/uucp/.Admin/Foreign
-rw-r--r-- 1 root sys 0 Jul 26 05:00 /var/uucp/.Admin/Foreign
I am able to see the /var/uucp/.Admin/Foreign had been updated yesterday.(Jul 26). Am not sure whether the permission file needs to be modified. If permissions file need to be modified i just need to remove the directory entry /topas/report/ocdd to which remote machine is sending files from line number 17,18 and change it as below
17 READ=/var/spool:/topas/rep
18 WRITE=/var/spool/uucppubli
Also i need to remove the lines between line number 47 and 51 which has a MACHINE entry of remote machine. Pls correct me if i am wrong. Also how do i delete this thread?
-r--r--r-- 1 bin bin 107 May 30 1996 /usr/lib/uucp/remote.unkno
ll /var/uucp/.Admin/Foreign
-rw-r--r-- 1 root sys 0 Jul 26 05:00 /var/uucp/.Admin/Foreign
I am able to see the /var/uucp/.Admin/Foreign had been updated yesterday.(Jul 26). Am not sure whether the permission file needs to be modified. If permissions file need to be modified i just need to remove the directory entry /topas/report/ocdd to which remote machine is sending files from line number 17,18 and change it as below
17 READ=/var/spool:/topas/rep
18 WRITE=/var/spool/uucppubli
Also i need to remove the lines between line number 47 and 51 which has a MACHINE entry of remote machine. Pls correct me if i am wrong. Also how do i delete this thread?
I've never tried to delete a question, but I think a moderator may have to do it. Post a 0 point question over in the Community Support section asking them to delete the question (include the URL for this question).
I suppose you might ask if they can edit this thread and either edit that one message and remove the passwords, or delete that one message, instead of the whole thread.
https://www.experts-exchange.com/Community_Support/
It's interesting that Foreign shows it was just modified, but it's empty (0 bytes). There may be some uucp administration process that updated it (eg. to start new log files). You could see if there's anything in /var/uucp/.Old/Foreign .
If Foreign stays empty, I would try adding execute permissions to remote.unknown and see if something shows up in Foreign then.
chmod 555 /usr/lib/uucp/remote.unkno
As for Permissions, if you change lines 17 and 18, that will prevent _every_ system that logs in as nuucp from accessing that directory. If other systems use the same login and need to access that directory, that will be a problem.
James
I suppose you might ask if they can edit this thread and either edit that one message and remove the passwords, or delete that one message, instead of the whole thread.
https://www.experts-exchange.com/Community_Support/
It's interesting that Foreign shows it was just modified, but it's empty (0 bytes). There may be some uucp administration process that updated it (eg. to start new log files). You could see if there's anything in /var/uucp/.Old/Foreign .
If Foreign stays empty, I would try adding execute permissions to remote.unknown and see if something shows up in Foreign then.
chmod 555 /usr/lib/uucp/remote.unkno
As for Permissions, if you change lines 17 and 18, that will prevent _every_ system that logs in as nuucp from accessing that directory. If other systems use the same login and need to access that directory, that will be a problem.
James
Two other things:
uucp can use a file named Sysfiles to select alternate configuration files (eg. instead of the default Systems file). If you have a Sysfiles file, it would presumably be in the same directory as Systems, Permissions, etc., so if you don't see a Sysfiles in that directory, you probably don't have one. You could search the system for a file named Sysfiles if you wanted to make sure. If you do find a Sysfiles, see if there is anything in it.
The lines you posted from Systems also include phone numbers that your system would use to call another system. I'm assuming those are actual phone numbers. If that message is going to be edited to remove the passwords, or if you end up reposting those lines in another message, you should probably remove the phone numbers as well.
James
uucp can use a file named Sysfiles to select alternate configuration files (eg. instead of the default Systems file). If you have a Sysfiles file, it would presumably be in the same directory as Systems, Permissions, etc., so if you don't see a Sysfiles in that directory, you probably don't have one. You could search the system for a file named Sysfiles if you wanted to make sure. If you do find a Sysfiles, see if there is anything in it.
The lines you posted from Systems also include phone numbers that your system would use to call another system. I'm assuming those are actual phone numbers. If that message is going to be edited to remove the passwords, or if you end up reposting those lines in another message, you should probably remove the phone numbers as well.
James
ASKER
Is it sufficient if i leave the lines 17 and 18 as it is in permissions file and delete only the below lines from 47 to 51 alone in permission file because i know machine name ocddp01 is sending the file to this directory /topas/reports/ocdd.
47 MACHINE=ocdpp01 \
48 READ=/topas/reports/ocdd:/
49 WRITE=/var/spool/uucppubli
50 REQUEST=yes \
51 COMMANDS=rmail:lp:uux:/usr
47 MACHINE=ocdpp01 \
48 READ=/topas/reports/ocdd:/
49 WRITE=/var/spool/uucppubli
50 REQUEST=yes \
51 COMMANDS=rmail:lp:uux:/usr
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks a lot James for the info .Apologies for delay in my response. Finally i am going to remove the machine name in systems file and directory name from line number 17 and 18 in permissions file.
You're welcome.
> ... remove the ... directory name from line number 17 and 18 in permissions file
Those lines are for systems logging into your system as nuucp. If there are other systems that log into your system as nuucp and need to access that directory, that will be a problem. If not, then removing the directory from those lines is probably a good idea.
Good luck with it.
James
> ... remove the ... directory name from line number 17 and 18 in permissions file
Those lines are for systems logging into your system as nuucp. If there are other systems that log into your system as nuucp and need to access that directory, that will be a problem. If not, then removing the directory from those lines is probably a good idea.
Good luck with it.
James
the main configuration file for uucp is /etc/uucp/config -- contains information about all nodes
second one is /usr/lib/uucp/sys file this contains system specific information of sites to which you are linked
third one is /etc/uucp/port holds uucp port inforamtion
fourth one is /etc/uucp/dial holds per-dailer information
You need to remove entry from "config" file and related information about that node in "sys" and "dial" files
Hope this will solve your problem :)