On Sat, 4 Jun 2005, Chuck Hast wrote:
> Went to log into a machine that I use as a packet switch I got some weird
> messages and noticed that there was a error message on 'logoutd' in the
> start up screens. I went and looked at it, it is S20logoutd in the rc5.d file
> it is pointed to logoutd in /etc/init.d
> logoutd in that directory was a empty file, logoutd is suppose to handle
> functions dealing with login timeout and other things. I am trying to figure
> out what happened to it, in the mean time I have tried to get a new file
> but to no avail.
> I tried apt-get and also went in and looked on the cd... It is nowhere to
> be found. Any ideas? I am running Knoppix, I think this is 3.3 on this
> machine.
Evidence shows logoutd is part of the shadow password utilities. Their home
"page" is ftp://ftp.pld.org.pl/software/shadow/ . Maybe somebody didn't
like being logged out, and exploited a bug in some program to overwrite
/etc/rc5.d/S20logoutd ? Change wouldn't show until reboot. I'd find out
how that was done and fix it, or else it'll happen again.
-- -eben ebQenW1@EtaRmpTabYayU.rIr.OcoPm home.tampabay.rr.com/hactar TAURUS: You will never find true happiness - what you gonna do, cry about it? The stars predict tomorrow you'll wake up, do a bunch of stuff and then go back to sleep. -- Weird Al----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:58:38 EDT