vsFTPd and invalid shells

Posted by micdah in linux, server on April 14, 2010

Recently I have been helping one of my mates with installing and configuring a new server for their business (Komunikado), and in doing so we came across a feature of vsFTPd (very secure ftp daemon) I had encountered prior myself; All local users must have a valid shell to be able to login to the ftp server.

Often though one desires to disallow anonymous logins but neither have SSH login for users of the server (i.e. only ftp access), this might be the case for say web hosting or similar services.

What having a valid shell means, is that the binary pointed to by the user configuration (/etc/passwd in the 6th and last column) must be listen in the /etc/shells file to be considered valid. To disallow SSH login on a local user, you would normally set the users login shell to something non-existent such as /bin/false, /bin/nologin, /dev/null or similar. But doing so will make vsFTPd disallow logins for any such user.

As it turns out, there are two ways to fix this. The choice is up to you.

Fix 1. – Disabling valid shell check for vsFTPd

This fix will make vsFTPd skip the “valid shell” check altogether. As vsFTPd uses the PAM (Pluggable Authentication Modules) system,  the fix is as easy as opening /etc/pam.d/vsftpd and uncomment the following line using your favorite editor:

#auth   required        pam_shells.so

The line is often located at the end of said file. The pam_shells.so module, is specifically made for checking that a given user has a valid shell, thus there is no loss in security by dropping it from vsFTPd’s authentication. Now restart your vsFTPd server (in case you are running it in standalone mode) by issuing:

$ /etc/init.d/vsftpd restart

If you are using inetd or similar, the changes will take effect on the next session instantiated with the ftp server.

Fix 2. – Adding invalid shell to shells file

This fix will make whatever invalid binary you have put in your user configuration (/bin/false, /bin/nologin or similar) look like a valid shell without being it (as it’s a non-existent binary). All you have to do is simply append your invalid shells to the /etc/shells file:

$ echo "/bin/nologin" >> /etc/shells

This will make PAM think /bin/nologin is a valid shell and thus the valid shell check will pass for vsFTPd (and any other service!) without the user actually being able to do a SSH login.

Personally  I prefer the first fix as this surgically disables the faulting check in vsFTPd without changing the premise for any other services or changing the system wide environment in general. Adding the invalid shell to the shells file, may or may not adversely affect other services (probably not).

, , , , ,

1 Comment

Funny Provision problem

Posted by micdah in math on March 22, 2010

Recently I ran into a situation where I wanted to calculate a provision so that it was equal to a certain percentage of the total price but I only knew the production price. It quickly became obvious that is wasn’t as trivial as I had thought.

So stating the problem more clearly; We know the production cost c of some product and we which to determine a provision p_v so that it is equal to a percentage p_r of the sales price s.

We know that the sales price is the production cost plus the provision:
s = c + p_v

Our requirement can thus be stated as:

s(1 - p_r) = s - p_v
(c + p_v)(1 - p_r) = c
c(1 - p_r) + p_v(1 - p_r) = c
c(1 - p_r) - c = -p_v(1 - p_r)
\frac{c(1 - p_r) - c}{1 - p_r} = -p_v
p_v = -\frac{c(1 - p_r) - c}{1 - p_r}

Thus we can use this formula directly to calculate a provision matching a certain percentage of the sales price knowing the production cost and said percentage only.

As an example say you have a production cost of 242,- and want 15% of the sales price to go to provision, then we can calculate how much you should add in provision and by definition what your sales price should be:

c = 242, p_r = \frac{15}{100}
p_v = -\frac{242(1-\frac{15}{100})-242}{1-\frac{15}{100}} = \frac{726}{17} \approx 42.71
s = c + p_v \approx 284,71

, ,

No Comments

Now with my own T-Shirt Shop

Posted by micdah in Uncategorized on March 21, 2010

Quite often you may find yourself, as I sometimes do, coming up with ideas for ridiculous T-Shirt slogans and one liners. Yet again this evening in a conversation with  nullpointer he talked about a project he hadn’t gotten onto a repository yet – which led me to the single liner “everything is better with a Repository”.  So instead of just giggling a bit over my own silliness and let that be that, I thought it would be fun if I could actually put this on a T-Shirt for real instead of just thinking about it.

So that is exactly what I did and as of today I officially have my own line of micdah Designed T-Shirts, go check it out at micdah.spreadshirt.dk.

So from now on, all my slogans and single-liners need not dissipate anymore, instead it can get printed onto a cool T-Shirt for all the world to see and ponder about.

, ,

1 Comment

Forcing Logitech G-Series Key Profiler to load game profile

Posted by micdah in hacks, windows on March 21, 2010

I recently ran into an annoying problem with my Logitech G15 keyboard or more specifically the software (Logitech G-Series Key Profiler) which would not recognize all the games I have installed (using “Scan for new games”) so I couldn’t retrieve the pre-defined profiles the software comes with for a large portion of games.

Naturally all “official” solutions were to uninstall  the software and do a clean install – but that should never be the solution. But a quick look around the resources that come with the software I discovered the file:

C:\ProgramData\Logitech\G-series Software\Keyboard\Profiles\LGDDefault.lgp

Which is one large XML file describing each and every profile for the games the software can recognize. The quick hack is then to simply import this profile file from the Logitech software (via Profile -> Import), but this will import each and every profile resulting in a rather large list of profiles (most of which you probably don’t have the game for).

So the way cleaner solution is to manually retrieve the relevant profiles from the “master” profiles file and put them into another XML file also ensuring said file has the correct formatting as expected by the Logitech software. The following is a step-by-step guide to doing that.

1. Retrieving the profile(s)

Open the file “C:\ProgramData\Logitech\G-series Software\Keyboard\Profiles\LGDDefault.lgp” and do a string-search for the game title in question, which will lead you (assuming there is a profile for that game) a profile description tag, like:

<profile guid="{BBB9D9AF-1F92-4AD9-9DA5-79D8927403A0}" name="Lord of the Rings Online" revision="3.00" lock="0">
 <description/>
 <macros>
 <macro name="F6" guid="{DCF50AE2-0005-4381-000D-4F0F5A9E9803}" type="singlekey">
 <event type="key" keyname="F6"/>
 </macro>
 ...
 </macros>
 <assignments>
 <assignment gamekey="G26" shiftstate="1" macroguid="{AD0FFB44-1449-46C7-AC06-C0108BB259B6}" playmode="oneshot" family="lhc"/>
 ...
 </assignments>
 <script/>
 <signature key="HKEY_LOCAL_MACHINE" subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\12bbe590-c890-11d9-9669-0800200c9a66_is1" value="InstallLocation" executable="lotroclient.exe"/>
 </profile>

Now copy the entire profile tag (from <profile…> to and including </profile>) for usage in the next step.

2.  Creating single profile from copied content

Create a new file with your favorite XML editor (or Notepad if you have nothing else, it really doesn’t matter) and wrap your copied profile from step 1., with the following XML to make it readable by the Logitech software.

<?xml version="1.0" encoding="UTF-8"?>
<profiles>
 <profile guid="{BBB9D9AF-1F92-4AD9-9DA5-79D8927403A0}" name="Lord of the Rings Online" revision="3.00" lock="0">
 ...
 </profile>
</profiles>

Now just go ahead and save this XML file anywhere with the extension .lgp (like “lotro.lgp”) as this is the extension the software expects (I suspect it is a acronym for Logitech Gaming Profile).

3.  Importing the new gaming profile

Load up the Logitech G-Series Key Profiler and navigate to “Profile -> Import” and select and open the file you created in step 2. Now you will have a new profile in your profiles list for the game you just retrieved with all the macro’s available for that particular game.

Happy hacking.

No Comments

Archive: IJVM Machine Code Example

Posted by micdah in code, examples on March 14, 2010

Yet another blog post from ye’ old blog.

This post was originally titled “IJVM Machine Code Example” and posted on the 8th of September, 2007

This is a little addition to my IJVM/ISA theme/posts. Now I will be going a little further into the whole Opcode part of IJVM/ISA.

First let me introduce you to a little “fun” machine code snippet (Hex representation of IJVM Machine Code):

00 01
00 00
10 ff
a7 ff fe

It might not be that obvious, but this little 9 byte machine code, will actually make an endless loop, pushing fe (-1) onto the stack for each iteration. The end result will of course be a stack growing until there are no more memory.

Lets try to look at the machine code, and describe how the bytes are formatted/arranged. The first 4-bytes defines how many arguments and local variables there are. The first 2-bytes is a number representing how many arguments there are, and the next 2-bytes how many locals. In this particular case we have:

00 01 = 1 argument
; there is always the Obj-Ref/Link Pointer
00 00 = 0 locals
; the code isn't using any locals

Next we have the actual start of the code, from now on, each byte is a representation of either a Opcode, or an argument for the last Opcode. Each opcode, defines how many arguments it is taking. Here are some examples.

Opcode Symoblic name Argument size Description
0×10 BIPUSH 1-byte

Pushes the next 1-byte argument (representing an Integer in the range [-128, 127]) onto the stack
0×59 DUP 0-byte

This duplicates (copy) the top-word on the stack
0xa7 GOTO 2-byte

Jumps the execution to the new part in the memory. Moves the pointer relatively to the current pointer by the number of words defined in the 2-byte argument representing an integer in the range [-32.768, 32.767]

Now lets see what the last 5-bytes of the machine code example, is actually doing.

10 ff = bipush -1
; 10 is the opcode for bipush, and takes a 1-byte argument (ff) which is an integer representation of -1
a7 ff fe = goto -2
; a7 is the opcode for goto, and this takes a 2-byte argument (ff fe), which is an integer representation of -2

So it pushes the number -1 onto the stack, and goes back two bytes (words). Since the pointer is at the 0xa7 instruction when executing, it will go two bytes back, to the 0×10 instruction, which again will make it push another number -1, onto the stack, and so fourth.

To execute this machine code in the IJVM Virtual Machine, you have to add some extra information though. Information of where the main method is starting, and information on the constant pool. Also remember to use UNIX formatting of the file, for example if you are using Windows to edit the files.

Now lets look at this example, wrapped with the information for the virtual machine executer.

main index: 0
method area: 9 bytes
00 01 00 00 10 ff a7 ff fe
constant pool: 1 words
00000000

So that is it, for this example.

, , , ,

No Comments