Matt

Firestarter On Startup

Recommended Posts

I installed the Firestarter Firewall, but it appears that it does not start when I boot up. I was reading the FAQ here: http://www.fs-security.com/docs/faq.php#trayicon

But when I try to add the line

matt ALL= NOPASSWD: /usr/sbin/firestarter

to /etc/sudoers it says:

You are trying to save the file on a read-only disk. Please check that you typed the location correctly and try again.

I was told I need to change permissions somewhere. How do I do that?

Thanks!

Share this post


Link to post
Share on other sites

To change the file /etc/sudoers to be writable. You need to use the chmod command.

To read how it works try using the man page

man chmod

to add write permission to the file /etc/sudoers, just do this

chmod +w /etc/sudoers

Share this post


Link to post
Share on other sites

Hi shanenin, thanks for the help. I believe that I was able to change the chmod of the file and edit it successfully. However, I got this:

[email protected]:/home/matt# gedit /etc/sudoers

(gedit:8125): GnomeUI-WARNING **: While connecting to session manager:
Authentication Rejected, reason : None of the authentication protocols specified are supported and host-based authentication failed.

I ignored that, and went ahead and edited the file.

Now I'm getting:

[email protected]:~$ sudo su
sudo: /etc/sudoers is mode 0640, should be 0440
[email protected]:~$

Did I break something?

Share this post


Link to post
Share on other sites

Keep in mind i have had a few cocktails tonight, so take my advice with a grain of salt. I think it is telling you to change the permission back to read only, 0440(because you made them writable)

now you should just do this

chmod -w /etc/sudoers

Share this post


Link to post
Share on other sites

what does the command below give for output. Th ls -l command should show the permsisons.

ls -l /etc/sudoers

Edited by shanenin

Share this post


Link to post
Share on other sites

that is the numeric equivilant of 0640. It appears you did not change them back to read only

you can also use the chmod command using the permssions represented as numbers

sudo chmod 0440  /etc/sudoers

now after doing that comand your ls -l should look like mine

[email protected]:~$ ls -l /etc/sudoers
-r--r----- 1 root root 403 2006-06-04 08:32 /etc/sudoers

Edited by shanenin

Share this post


Link to post
Share on other sites

I am sure you could boot your ubuntu system with a live cd, then mount you ubuntu partition, then change the files permission back using the unbroken sudo on the live cd. Let me see if their is anothe way to do it. by any chance have you set a root password?

Share this post


Link to post
Share on other sites

me telling you to change permsisions of your /etc/sudoers file was bad. I changed the permissions on my file also and broke sudo.

another option to fix your system is to boot using "single user" mode. This may be an option in you boot menu. If you boot with "single user" mode, you will have root priveldegs. This will allow you to change the permsions of your sudoers fiel without using sudo.

If you do not have a "single user" boot option. You may be able to change it on the fly

http://lists.slug.org.za/pipermail/slug-te...May/001219.html

Edited by shanenin

Share this post


Link to post
Share on other sites

Hi shane. Yep it fixed it. I booted into recovery mode, changed the permissions on sudoers and removed that line I added. I booted back, and sudo works again. Yay! :)

Now, I still don't have a firewall that loads on startup. Any suggestions on this bit?

Share this post


Link to post
Share on other sites

Back when I used Redhat9, I also used firestarter(before my router). Firestarter creates a script which needs to be run to start the firewall. I think I just needed to have this script run at startup. this should work with ubuntu. This is untested

First you need to copy the script to your /etc/init.d directoy

sudo cp /etc/firestarter/firestarter.sh /etc/init.d

then you need to make sure it is executable

sudo chmod +x /etc/init.d/firestarter.sh

now you need to use the command update-rc.d to set the correct sym links. This will make sure the script starts at bootup

update-rc.d  firestarter.sh defualts

Share this post


Link to post
Share on other sites

Hi shane, I've gotten here:

[email protected]:~$ sudo update-rc.d  firestarter.sh defualts
usage: update-rc.d [-n] [-f] <basename> remove
update-rc.d [-n] <basename> defaults|multiuser [NN | sNN kNN]
update-rc.d [-n] <basename> start|stop NN runlvl [runlvl] [...] .
-n: not really
-f: force

Unsure on what to do now

Share this post


Link to post
Share on other sites

I misspelled defaults. My old ubuntu system has firefox 1.5, which does not have spell check, I depend on it horribly bad.

sudo update-rc.d  firestarter.sh defaults

Share this post


Link to post
Share on other sites

I think(guessing) you can show if your script got loaded by checking if your iptables chains are loaded.

iptables --list

Edited by shanenin

Share this post


Link to post
Share on other sites

Well, I used HackerWatch.org instead. When I had the firewall running manually, all scanned ports would return 'Secure'. On bootup, they do not, the scan does not show them as secure, so I don't believe the firewall was running. I manually started it again.

Share this post


Link to post
Share on other sites

I wonder if the script needs to be run from its location in the firestarter directory, do to relative paths. Try rebooting, then run the script like this:

cd  /etc/firestarter
sudo ./firestarter.sh

Now see if the firewall is working.

Edited by shanenin

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...