maemo.org - Talk

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Applications (https://talk.maemo.org/forumdisplay.php?f=41)
-   -   The Nmap Thread (https://talk.maemo.org/showthread.php?t=48673)

terminal3 2010-03-29 16:29

The Nmap Thread
 
What is Nmap?

Quote:

Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes a flexible data transfer, redirection, and debugging tool (Ncat), and a utility for comparing scan results (Ndiff).
The Nmap suite also includes an advanced GUI and results viewer (Zenmap), but it is not optimized for Fremantle.

The Nping utility is now also included with the Nmap suite.

What can I do with Nmap?

Nmap is typically used to scan networks for hosts and their available ports/services. The latest versions include the ability to execute pre-packaged scripts, which can do everything from service detection and interrogation to finding hosts that are potentially susceptible to worm infection. If you administer a network in any capacity, Nmap is your friend!

Nmap on Maemo 5/Fremantle

Nmap 5.59BETA1 is now available in Extras-testing!
Quote:

The software hosted in extras-testing is not ready for normal users!
PLEASE use it only for testing purposes. Be ready to file proper bug reports instead of posting complaints.
Potential problems: crashes, battery drain, poor system performance, full disk space & more - SERIOUSLY!

Backing up your data is recommended. In case of trouble you might need to re-flash your device.
Extras-testing - Nmap 5.59BETA1

Nmap 5.50 is currently available for Fremantle in Extras.

Extras - Nmap 5.50

Some Nmap scanning operations (such as OS fingerprinting) require root privileges. This Nmap package gives you the ability to use 'sudo nmap'.

Screenshots of Nmap on the N900

Running an OS fingerprint scan against localhost (an N900)
http://i40.tinypic.com/11a9yyq.png

Running an OS fingerprint scan against a Windows XP virtual machine
http://i42.tinypic.com/ehkmt4.png

Running the 'SMB OS Discovery' script to show Windows OS specific details
http://i39.tinypic.com/98ra5l.png

Running the 'SMB Security Mode' script to show supported authentication types
http://i41.tinypic.com/24qpp8n.png

Using the 'SMB Check Vulns' script to show that this host is potentially vulnerable to the Conficker worm
http://i41.tinypic.com/2mnm4pi.png

More coming soon!

Zenmap on the N900

Zenmap does run on the N900, and can be executed from the command line by running 'zenmap'. Several changes are needed to make Zenmap run properly on Fremantle, including some interface adjustments to make the user experience as smooth as possible.

Check back, updates will be posted here!


More information

Nmap Homepage

Official Nmap documentation

Scanning Windows Deeper with the Nmap Scanning Engine [PDF]

Detecting Conficker with Nmap

terminal3 2010-03-30 14:16

Re: The Nmap Thread
 
bump, added more interesting screenshots

GameboyRMH 2010-03-30 14:31

Re: The Nmap Thread
 
Nice, I already have nmap installed, can't wait for zenmap :)

terminal3 2010-05-26 17:50

Re: The Nmap Thread
 
Update: Nmap 5.21 now available in Extras!

terminal3 2011-02-01 19:36

Re: The Nmap Thread
 
Update: Nmap 5.50 is now available in Extras-testing!

A lot of updates since the last version of Nmap on Fremantle (5.21), including the addition of the Nping utility as well as a bunch of new scripts.

You can find the latest changelog for 5.50 here: http://nmap.org/changelog.html

terminal3 2011-07-13 23:55

Re: The Nmap Thread
 
Update: Nmap 5.59BETA1 has been promoted and is now in Extras-testing!

Additions include 40 new scripts, 7 new protocol libraries, and improved service detection.

Nmap changelog is located at http://nmap.org/changelog.html

Chrome 2011-07-14 05:12

Re: The Nmap Thread
 
There's a bug with beta version:

Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-07-14 08:13 IDT
route_dst_netlink: can't find interface "wlan0"

edit: this happens only when running as root.

Estel 2011-07-14 09:19

Re: The Nmap Thread
 
Positive, except that for me it's complaining about "lo" interface being missing. Non-root work fine.

terminal3 2011-07-14 14:57

Re: The Nmap Thread
 
There seems to be a few issues with libnetutil included in 5.59BETA1, it underwent a few changes to handle IPv6 support. BTW, I haven't yet had a chance to do thorough testing with IPv6 scanning under Maemo, if one of you guys beats me to it please post your findings!

There look to be some updates in the SVN, I'll see if these fix the route_dst_netlink issues.

terminal3 2011-07-15 16:08

Re: The Nmap Thread
 
No relevent changes in SVN, I'm tracking down some changes in libnetutil and the libdnet included with Nmap to find the source of the issue.

In the meantime, can I get a few people to run 'nmap --iflist' with both root and non-root privileges? I'm also interested if you're running power-kernel and busybox-power or the stock kernel and/or busybox. Thanks!

Estel 2011-07-15 16:29

Re: The Nmap Thread
 
without root:

INTERFACES: NONE FOUND(!)
ROUTES: NONE FOUND(!)

with root - surprisingly - same output.

Kernel-power v47 and busybox-power here.

terminal3 2011-07-18 15:13

Re: The Nmap Thread
 
Those were my results and configuration, I'm wondering if someone with a stock kernel has the same issues.

michaelxy 2011-07-22 02:48

Re: The Nmap Thread
 
Quote:

Those were my results and configuration, I'm wondering if someone with a stock kernel has the same issues.
Yes - same issue here with the default kernel und without CSSU

casketizer 2011-07-22 09:37

Re: The Nmap Thread
 
KP47, busybox-power, no cssu

Same result.
Went back to 5.50-2 for now.

lmnice 2011-07-26 02:44

Re: The Nmap Thread
 
Quote:

Originally Posted by Chrome (Post 1050595)
There's a bug with beta version:

Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-07-14 08:13 IDT
route_dst_netlink: can't find interface "wlan0"

edit: this happens only when running as root.

It happened to me as well. It appears to happen only when my wireless card is in injection mode (airmon-ng start <interface>). If I disable injection mode, nmap goes back to normal.

Hope that helps.

ajack 2011-07-26 09:18

Re: The Nmap Thread
 
Quote:

Originally Posted by terminal3 (Post 1051641)
No relevent changes in SVN, I'm tracking down some changes in libnetutil and the libdnet included with Nmap to find the source of the issue.

In the meantime, can I get a few people to run 'nmap --iflist' with both root and non-root privileges? I'm also interested if you're running power-kernel and busybox-power or the stock kernel and/or busybox. Thanks!

in root and user mode:

Quote:

INTERFACES: NONE FOUND(!)
ROUTES: NONE FOUND(!)
Using PK47

g0r 2011-08-21 20:53

Re: The Nmap Thread
 
Any news on update ??

same here:

without root:
INTERFACES: NONE FOUND(!)
ROUTES: NONE FOUND(!)

with root:
INTERFACES: NONE FOUND(!)
ROUTES: NONE FOUND(!)

Kernel-power v47 and busybox v1.19.0power1

g0r 2011-08-22 19:44

Re: The Nmap Thread
 
Just upgraded to kernel-power v48 and still as above

tuxsavvy 2011-09-18 04:14

Re: The Nmap Thread
 
*technical bump* for users with nmap 5.59beta1 installed (from extras-devel repository), the issue is with nmap itself. I have kernel-power48, mp-fremantle-community-pr=20.2010.36-2maemo16.8, busybox-power=1.19.2power1 installed.

When I ran nmap=5.59beta1 with exactly the same configuration above. I got:
Code:

Nokia-N900:~# nmap -sS xxx.xxx.xxx.xxx

Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-09-18 13:35 EST
route_dst_netlink: can't find interface "wlan0"

I ran the `nmap --iflist' command:
Code:

Nokia-N900:~# nmap --iflist

Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-09-18 13:38 EST
INTERFACES: NONE FOUND(!)
ROUTES: NONE FOUND(!)

So I decided to downgrade nmap 5.59beta1 back to 5.50 as it worked in the case of casketizer's post:
Code:

Nokia-N900:~# apt-get install nmap=5.50-2
Reading package lists... Done
Building dependency tree     
Reading state information... Done
The following packages were automatically installed and are no longer required:
  supertux-data-stable
Use 'apt-get autoremove' to remove them.
The following packages will be DOWNGRADED:
  nmap
0 upgraded, 0 newly installed, 1 downgraded, 0 to remove and 35 not upgraded.
Need to get 0B/3469kB of archives.
After this operation, 1454kB disk space will be freed.
Do you want to continue [Y/n]?
dpkg - warning: downgrading nmap from 5.59BETA1 to 5.50-2.
(Reading database ... 70405 files and directories currently installed.)
Preparing to replace nmap 5.59BETA1 (using .../nmap_5.50-2_armel.deb) ...
Unpacking replacement nmap ...
Processing triggers for catoriseplus ...
###########################################################################################################################################################################################################################################################
No changes to hildon menu.
Setting up nmap (5.50-2) ...

Now when I test nmap again, this time running 5.50-2 and it works:
Code:

Nokia-N900:~# nmap -sS -vv xxx.xxx.xxx.xxx

Starting Nmap 5.50 ( http://nmap.org ) at 2011-09-18 13:50 EST
Initiating ARP Ping Scan at 13:50
Scanning xxx.xxx.xxx.xxx [1 port]
Completed ARP Ping Scan at 13:50, 0.04s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 13:50
Completed Parallel DNS resolution of 1 host. at 13:50, 0.17s elapsed
Initiating SYN Stealth Scan at 13:50
Scanning xxx.xxx.xxx.xxx [1000 ports]
Discovered open port 53/tcp on xxx.xxx.xxx.xxx
Discovered open port 23/tcp on xxx.xxx.xxx.xxx
Discovered open port 80/tcp on xxx.xxx.xxx.xxx
Discovered open port 5431/tcp on xxx.xxx.xxx.xxx

Nokia-N900:~#


psychologe 2012-03-14 06:12

Re: The Nmap Thread
 
i compiled and make install Nmap 5.61TEST5 on my N900,,but the same result. nmap --iflist ,output:INTERFACES: NONE FOUND(!) ,ROUTES: NONE FOUND(!)

has somebody can fix it .nmap is the best network scaner!

indeo 2012-08-23 00:52

Re: The Nmap Thread
 
Quote:

Originally Posted by tuxsavvy (Post 1090807)
*technical bump* for users with nmap 5.59beta1 installed (from extras-devel repository), the issue is with nmap itself. I have kernel-power48, mp-fremantle-community-pr=20.2010.36-2maemo16.8, busybox-power=1.19.2power1 installed.

When I ran nmap=5.59beta1 with exactly the same configuration above. I got:
Code:

Nokia-N900:~# nmap -sS xxx.xxx.xxx.xxx

Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-09-18 13:35 EST
route_dst_netlink: can't find interface "wlan0"

I ran the `nmap --iflist' command:
Code:

Nokia-N900:~# nmap --iflist

Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-09-18 13:38 EST
INTERFACES: NONE FOUND(!)
ROUTES: NONE FOUND(!)

So I decided to downgrade nmap 5.59beta1 back to 5.50 as it worked in the case of casketizer's post:
Code:

Nokia-N900:~# apt-get install nmap=5.50-2
Reading package lists... Done
Building dependency tree     
Reading state information... Done
The following packages were automatically installed and are no longer required:
  supertux-data-stable
Use 'apt-get autoremove' to remove them.
The following packages will be DOWNGRADED:
  nmap
0 upgraded, 0 newly installed, 1 downgraded, 0 to remove and 35 not upgraded.
Need to get 0B/3469kB of archives.
After this operation, 1454kB disk space will be freed.
Do you want to continue [Y/n]?
dpkg - warning: downgrading nmap from 5.59BETA1 to 5.50-2.
(Reading database ... 70405 files and directories currently installed.)
Preparing to replace nmap 5.59BETA1 (using .../nmap_5.50-2_armel.deb) ...
Unpacking replacement nmap ...
Processing triggers for catoriseplus ...
###########################################################################################################################################################################################################################################################
No changes to hildon menu.
Setting up nmap (5.50-2) ...

Now when I test nmap again, this time running 5.50-2 and it works:
Code:

Nokia-N900:~# nmap -sS -vv xxx.xxx.xxx.xxx

Starting Nmap 5.50 ( http://nmap.org ) at 2011-09-18 13:50 EST
Initiating ARP Ping Scan at 13:50
Scanning xxx.xxx.xxx.xxx [1 port]
Completed ARP Ping Scan at 13:50, 0.04s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 13:50
Completed Parallel DNS resolution of 1 host. at 13:50, 0.17s elapsed
Initiating SYN Stealth Scan at 13:50
Scanning xxx.xxx.xxx.xxx [1000 ports]
Discovered open port 53/tcp on xxx.xxx.xxx.xxx
Discovered open port 23/tcp on xxx.xxx.xxx.xxx
Discovered open port 80/tcp on xxx.xxx.xxx.xxx
Discovered open port 5431/tcp on xxx.xxx.xxx.xxx

Nokia-N900:~#


Downgrading worked well for me

Estel 2012-08-23 01:25

Re: The Nmap Thread
 
Nathan
(terminal3, author of 5.59beta1 port) is MIA (last seen in april) - meantime, upstream nmap6 got released, and bugfixed already.

Maybe someone skilled enough, could compile and package it for Maemo (with chance, that "root bug" won't be still present)? Pretty please?

/Estel

Spoofy 2013-01-09 16:06

Re: The Nmap Thread
 
I made a new version of nmap - 6.25.
It's fully working, also with zenmap and other goodies.
Package is optified. After the migration finish, when garage.maemo will be available I'll upload it to the repo.

mr_pingu 2013-01-09 18:08

Re: The Nmap Thread
 
Spoofy, can you upload the deb in the meantime?

Spoofy 2013-01-09 22:02

Re: The Nmap Thread
 
Ugh. I would like to wait and upload it into repository or wait until PPP (the polishpwniephone image) release.

mr_pingu 2013-01-09 23:15

Re: The Nmap Thread
 
Will all programms found in PPP be uploaded in the repository too? I mean we already have dozens of tools in the repositories but updated tools in repositories are much more prefered than 1 big image packed with all tools. It gives freedom of choice. Ofcourse not all programs can be uploaded, I guess. Metasploit is a bit hard in the repos but updated Nmap, aircrack-ng and ettercap are great examples of tools which easily can go into the repositories (and some of the already are).
Is hamster and ferret for example included in PPP? While it's maybe to be included in PPP only, it would be even better if these tools are in the repositories, given that they work....

Where can I find some info about PPP and about included tools ?

Spoofy 2013-01-10 13:28

Re: The Nmap Thread
 
First of all - Sorry for my english - It's not my primary language :)

We don't know already how the PPP will be released. In fact all of tools that can be "debd" will be available with sources, but for the moment we prefer to focus on updating (and MAKING) as much as we can. Yesterday I spoke with Doc on irc and there is such a possibility that all .debs will not be uploaded into maemo.org repo but on our own repo. Metasploit will NOT be available on .deb package but all of updated dependencies (We found out the solution to run newest metasploit updated via subversion, fully functionall - loaded less then 3 minutes and not freezing whole system). However all of info about PPP and our work will be available on www.meegoforum.pl or (when we finish our project and website) on other subpage like www.meegoforum.pl/PolishPwniePhone/ .

Ugh. I think we start an offtopic about pentesting tools here :P

All maemo users are one big family and we should stick together and share our work, but IMO we focus too much on newer "core" of maemo (like new release of CSSU) and forget about the functionality.
The n900 is still the best phone to do some real-life "hacky" things.

However, I'll upload the nmap package soon and give you an url ;)

Edit:
Description:
nmap - Command line open-source network and security scanning tool

Format: 1.0
Source: nmap
Version: 6.25-1
Binary: nmap
Maintainer: Sp00Fy <spoofy@os.pl>
Architecture: any
Standards-Version: 3.7.2
Build-Depends: debhelper (>= 5), autotools-dev, openssl, libssl-dev, libssl0.9.8, bluez, python, python-central [some python-gtk for zenmap :) ]


DOWNLOAD

mr_pingu 2013-01-10 21:39

Re: The Nmap Thread
 
First of all your english is fine to me ;) English isn't my first language either but as long as we can comprehend eachother, we are fine :)

About the polish part, I really hope it's targeted at the whole maemo community and that all tools + documentation will be in english. (I can volunteer to help on this matter.) Just that the polish part of PPP is because the authors are polish. Anyway good luck, you are doing a great job!


An new repostory for all tools sound awesome to me. With enabling of one repository on your N900 you could turn your N900 to pwnie phone yourself and skip the tools you don't need or want. I have quite a few pentesting programs on my N900 and I like the idea of the image but I never bothered to install the full image. If you know what I mean ;) Sure there are some things that won't fit easy in a repository so it will be better in tarball or indeed, a image.
My wish would be that everything could be installable by using 3 tools: apt(dpkg), wget and tar

Estel 2013-07-04 01:37

Re: The Nmap Thread
 
I just wonder, have it got anywhere? Migration ended long time ago, and I haven't noticed new nmap in repos (correct me if I'm wrong, just stumbled accidentaly into this thread, again.

Thanks for efforts, no matter what.

/Estel

Spoofy 2013-07-05 16:04

Re: The Nmap Thread
 
Quote:

Originally Posted by Estel (Post 1356663)
I just wonder, have it got anywhere? Migration ended long time ago, and I haven't noticed new nmap in repos (correct me if I'm wrong, just stumbled accidentaly into this thread, again.

Thanks for efforts, no matter what.

/Estel

For the past half year, the work took me all the free time.
I think I'll take care of the PPP right now ;)

Estel 2013-07-06 21:08

Re: The Nmap Thread
 
Do I understand it correctly as "no plans for putting it into repos, as I'll work on PPP"?

xes 2014-05-29 13:15

Re: The Nmap Thread
 
Just uploaded to the auto builder the new nmap 6.46 with fixed zenmap to run with python 2.5.

Nmap version 6.46 ( http://nmap.org )
Platform: arm-unknown-linux-gnueabi
Compiled with: nmap-liblua-5.2.3 openssl-0.9.8n nmap-libpcre-7.6 nmap-libpcap-1.2.1 nmap-libdnet-1.12 ipv6
Compiled without:
Available nsock engines: epoll poll select

Enjoy the power of nmap scripts!

Examples:
nmap -sV -d --script=ssl-heartbleed domain.com
nmap --script ssl-enum-ciphers.nse domain.com
nmap -sV -d --script=broadcast-upnp-info

Mentalist Traceur 2014-05-30 05:11

Re: The Nmap Thread
 
So I see NMap got updated (awesome) and that the prior devel version was pushed to testing (what?).

Now, I get that we're a dwindling community and the users of testing probably number in the single digits, but there was a reason why the original maintainer never pushed the update to testing: it simply didn't work on the stock driver like the prior versions, and only worked on the injection-capable one (I think something about interfaces changed and the new one had it while the old one didn't).

So what, we pushed a package that simply does not work with the stock driver, into testing? And we did NOT update the dependency list to specify that any of the packages that provide the injection drivers (that also provide whatever else we still need)? As maintainers we shouldn't be doing that.

I guess it's partly my fault: I actually failed to step up as maintainer myself (but in my defence, I also didn't know I was maintainer until about a month or two ago, no idea when my maintainer request got approved; and I have been trying to finish college and secure a fulltime well-paying job so that I could afford to contribute to things like this later.)

xes: All of the above said, I really appreciate you getting this release out (whether it's one release or indefinite maintenance).Thank you for taking the time and effort to do so.

Mentalist Traceur 2014-05-30 05:55

Re: The Nmap Thread
 
Quote:

Originally Posted by Mentalist Traceur (Post 1427345)
(I think something about interfaces changed and the new one had it while the old one didn't).

Just did a cursory test with the new devel version: it works with both stock and injection drivers. That's awesome - maybe this was already addressed in this thread and I missed it, but in either case, props to whoever fixed it (whether those props have to bubble up the maintaner chain to nmap's maker or they stay down here with xes or whoever).

Now this to me seems much more worthy of promotion to testing than the 5.59-BETA1 or whatever was pushed to testing previously, simply by strenth of the increased compatibility and useful ease of usability alone.

Quote:

Originally Posted by Mentalist Traceur (Post 1427345)
xes: All of the above said, I really appreciate you getting this release out (whether it's one release or indefinite maintenance).Thank you for taking the time and effort to do so.

QFT, because saying it once doesn't emphasize how much I feel this.

Mentalist Traceur 2014-06-23 06:53

Re: The Nmap Thread
 
Oh, one more thing: I kinda half-flipped when I saw this, but been so busy couldn't get around to making a note of it here (seriously, someone please yell at me like once a week until it's addressed):

The aforementioned version of this in extras-devel added nmap and ncat to 'NOPASSWD' sudoers. This introduces a security issue. Why? Because ncat can launch arbitrary programs and then connect up to them. So even if you have a fairly locked down N900 with sudo password protected across all invocations (as I do on mine), that update comes in, and unless you KNOW it has been thus tweaked (which I didn't just getting the update over apt-get), that extra sudoers entry just opens the door to everything, because now effectively any process on the device can run 'sudo ncat [parameters to run 'sh' or arbitrary command]', and either do another ncat instance to connect up to that very root shell, or just sit back and let the aforementioned arbitrary command does it's thing.

...honestly, the more I think about it, the more I hate the convention we have here in our repos of adding entries to sudoers to let people run things at their leisure, because such habits cause things like this.

If no one else thinks of something better, what I'd like to do is push a separate package that provides the sudoers entries (like "nmap-sudoers") and that's it, and then push an upgrade that removes these new sudoers entries from the main nmap package.

xes 2014-06-23 08:11

Re: The Nmap Thread
 
I really appreciate your security worries and i would see more checks like this for all the crucial packages we have here.

Latest package followed the insane approach to make an intense use of sudo because the previous one was prepared in the same way and evaluating the long time since last update the painless step and more reasonable way (to me) was to pick up the package and update following the previous situation.

Now, since all the feedback received here sounds like a silent/consent to the last package version, we (I / YOU) can proceed with further changes.

Anyway, i think that have an updated nmap version is very important considering the package purpose and leaving it there "just sleeping" for 3 years sounds like abandoned and not acceptable.

I was expecting for the new version 6.47 to be released to prepare another package, but, if you have more time than me to take care of it, as older maintainer, feel free to go ahead!

peterleinchen 2014-06-23 20:50

Re: The Nmap Thread
 
I also appreciate your efforts.
But:
this is for one package only.
Even we/techstaff would find a solution, it is so much easy to put a postinst script adding whatever you do not like. So security wise one would need to throw a look into each deb you install.

Another but: go ahead, please. :)
Fixing it one by one is our only chance.

--
Just to clarify:
I just wanted to express that a 'safe' package needs to be checked either way. One could use such sudoers or just some postinst script to break into your device. But this is surely not the thing here but probably mis-packaging (like sudser package which I re-configured pretty early). So I would propose to change this behaviour in the sudoers file.

reinob 2014-06-25 07:29

Re: The Nmap Thread
 
Re: sudoers

I think it would be too much effort to clean-up all packages to remove the package-specific sudoers files.

What might work nicely would be to re-work /usr/sbin/update-sudoers (part of sudo package), which is the one actually generating the sudoers file based on the files available under /etc/sudoers.d/ (which is where packages place their sudo-stuff).

My idea would be to patch update-sudoers so that it does nothing (hence preventing a rogue postint from breaking your system before you have a chance to fix it) and then make a customized version of update-sudoers (called "update-sudoers-really" or something to that effect), which either does everything automatically (like now) or interactively ("do you want to integrate nmap.sudoers in your sudoers list? [y/N]") or using some rule file ("01sudoers = Y, nmap = N, powertop = Y, default = ask", etc.)

I guess the issue is not so critical for now (after all, each one can take care of his/her sudoers file), but adapting the script would be quite easy.

Then we could provide a package like "sudo-sanitize" which could replace update-sudoers using some debian-fu (alternatives) to keep dpkg and apt-get happy with replacing a file which is part of the sudo package.

I'll add it to my list.

peterleinchen 2014-06-25 16:56

Re: The Nmap Thread
 
Yeah, good idea.

But that would help us geeks. Normal user does not know about sudoers. And maybe should not know ?

Some packages need some sudo voodooo (I do) to get things working. And to ask the user to run update-sudoers as root?

But I will accept any other good reason/explanation! :)

Estel 2014-07-21 11:46

Re: The Nmap Thread
 
I'm getting following error when trying to install latest nmap package:

Code:

dpkg: error processing /var/cache/apt/archives/nmap_6.46-1maemo2_armel.deb (--unpack):
 trying to overwrite `/opt/maemo/usr/share/man', which is also in package mtd-utils
dpkg-deb: subprocess paste killed by signal (Broken pipe)

WTF?

For the record, there was other error that was breaking configure (trying to optify /usr/share/doc/nmap, which doesnmt exist), but it is well-known and workaround consist of just touch /usr/share/doc/nmap.

/Estel


All times are GMT. The time now is 01:08.

vBulletin® Version 3.8.8