Firestarter On Startup

[Matt]

I installed the Firestarter Firewall, but it appears that it does not start when I boot up. I was reading the FAQ here: http://www.fs-security.com/docs/faq.php#trayicon

But when I try to add the line

matt ALL= NOPASSWD: /usr/sbin/firestarter

to /etc/sudoers it says:

You are trying to save the file on a read-only disk. Please check that you typed the location correctly and try again.

I was told I need to change permissions somewhere. How do I do that?

Thanks!

[shanenin]

To change the file /etc/sudoers to be writable. You need to use the chmod command.

To read how it works try using the man page

man chmod

to add write permission to the file /etc/sudoers, just do this

chmod +w /etc/sudoers

[Matt]

Hi shanenin, thanks for the help. I believe that I was able to change the chmod of the file and edit it successfully. However, I got this:

root@linux:/home/matt# gedit /etc/sudoers

(gedit:8125): GnomeUI-WARNING **: While connecting to session manager:
Authentication Rejected, reason : None of the authentication protocols specified are supported and host-based authentication failed.

I ignored that, and went ahead and edited the file.

Now I'm getting:

matt@linux:~$ sudo su
sudo: /etc/sudoers is mode 0640, should be 0440
matt@linux:~$

Did I break something?

[shanenin]

Keep in mind i have had a few cocktails tonight, so take my advice with a grain of salt. I think it is telling you to change the permission back to read only, 0440(because you made them writable)

now you should just do this

chmod -w /etc/sudoers

[Matt]

Yeah, that's what I thought too, but when I try I still get:

matt@linux:~$ sudo chmod -w /etc/sudoers
sudo: /etc/sudoers is mode 0640, should be 0440

[shanenin]

what does the command below give for output. Th ls -l command should show the permsisons.

ls -l /etc/sudoers

Edited August 2, 2007 by shanenin

[Matt]

matt@linux:~$ ls -l /etc/sudoers
-rw-r----- 1 root root 446 2007-08-01 23:31 /etc/sudoers

[shanenin]

that is the numeric equivilant of 0640. It appears you did not change them back to read only

you can also use the chmod command using the permssions represented as numbers

sudo chmod 0440  /etc/sudoers

now after doing that comand your ls -l should look like mine

shane@mainboxu:~$ ls -l /etc/sudoers
-r--r----- 1 root root 403 2006-06-04 08:32 /etc/sudoers

Edited August 2, 2007 by shanenin

[Matt]

Maybe I'm missing something really obvious here:

matt@linux:~$ chmod 0440 /etc/sudoers
chmod: changing permissions of `/etc/sudoers': Operation not permitted
matt@linux:~$ sudo chmod 0440 /etc/sudoers
sudo: /etc/sudoers is mode 0640, should be 0440

[shanenin]

I forget you are using ubuntu and sudo. you need root privledges

sudo chmod 0440 /etc/sudoers

[shanenin]

I see what happened. it appears we broke sudo by changing the permissions :-)

[Matt]

I keep trying that, but whenever I do any command with sudo, it says

matt@linux:~$ sudo chmod 0440 /etc/sudoers
sudo: /etc/sudoers is mode 0640, should be 0440

Edit: ahhh, lol no sudo anymore.....

[shanenin]

I am sure you could boot your ubuntu system with a live cd, then mount you ubuntu partition, then change the files permission back using the unbroken sudo on the live cd. Let me see if their is anothe way to do it. by any chance have you set a root password?

[Matt]

There is no root password that I am aware of. By any chance would this help?

http://www.psychocats.net/ubuntu/sudo

I think that adding matt ALL= NOPASSWD: /usr/sbin/firestarter was what actually broke it. Too bad I can't edit it any more...

[shanenin]

me telling you to change permsisions of your /etc/sudoers file was bad. I changed the permissions on my file also and broke sudo.

another option to fix your system is to boot using "single user" mode. This may be an option in you boot menu. If you boot with "single user" mode, you will have root priveldegs. This will allow you to change the permsions of your sudoers fiel without using sudo.

If you do not have a "single user" boot option. You may be able to change it on the fly

http://lists.slug.org.za/pipermail/slug-te...May/001219.html

Edited August 2, 2007 by shanenin

[shanenin]

I read that link you left. recovery mode is the same as "single user" mode

[Matt]

Hi shane. Yep it fixed it. I booted into recovery mode, changed the permissions on sudoers and removed that line I added. I booted back, and sudo works again. Yay!

Now, I still don't have a firewall that loads on startup. Any suggestions on this bit?

[shanenin]

Back when I used Redhat9, I also used firestarter(before my router). Firestarter creates a script which needs to be run to start the firewall. I think I just needed to have this script run at startup. this should work with ubuntu. This is untested

First you need to copy the script to your /etc/init.d directoy

sudo cp /etc/firestarter/firestarter.sh /etc/init.d

then you need to make sure it is executable

sudo chmod +x /etc/init.d/firestarter.sh

now you need to use the command update-rc.d to set the correct sym links. This will make sure the script starts at bootup

update-rc.d  firestarter.sh defualts

[Matt]

Hi shane, I've gotten here:

matt@linux:~$ sudo update-rc.d  firestarter.sh defualts
usage: update-rc.d [-n] [-f] <basename> remove
	   update-rc.d [-n] <basename> defaults|multiuser [NN | sNN kNN]
	   update-rc.d [-n] <basename> start|stop NN runlvl [runlvl] [...] .
				-n: not really
				-f: force

Unsure on what to do now

[shanenin]

I misspelled defaults. My old ubuntu system has firefox 1.5, which does not have spell check, I depend on it horribly bad.

sudo update-rc.d  firestarter.sh defaults

[Matt]

ahhh, I missed that too. Ok, so I've done that, does that mean it should now load on startup?

[shanenin]

I think so. Reboot, then goto "shields up" and test it.

[shanenin]

I think(guessing) you can show if your script got loaded by checking if your iptables chains are loaded.

iptables --list

Edited August 2, 2007 by shanenin

[Matt]

Well, I used HackerWatch.org instead. When I had the firewall running manually, all scanned ports would return 'Secure'. On bootup, they do not, the scan does not show them as secure, so I don't believe the firewall was running. I manually started it again.

[shanenin]

I wonder if the script needs to be run from its location in the firestarter directory, do to relative paths. Try rebooting, then run the script like this:

cd  /etc/firestarter
sudo ./firestarter.sh

Now see if the firewall is working.

Edited August 2, 2007 by shanenin