友人把这笑话转发。觉得它完完全全的反映当今的大马。
小明的作业要用国家、社会、党、人民来造句。他不理解,就去问爸爸。
爸爸:国家就象你奶奶,地位最高,但是实际上管不了什么事。党就象我,咱家里我说了算,社会就象你妈,为你奶奶、我、你,我们大家服务。人民就象你,我们谁的话你都得听。
晚上小明还是不太明白,就再去爸爸的房间问爸爸,爸爸正和妈妈两人XX,一脚就把他给踢了出来,他哭着去找奶奶,可是奶奶已经睡下了。小明没办法,随便造了句就去睡觉了。
转天爸爸接到学校老师的电话。
老师:小明的造句是谁给造的?
爸爸:他造得不好吗?
老师:是造的太好了,让我们以为不是他造的。
爸爸:他怎么造的?
老师:”国家在沉睡,党在玩社会,社会在呻吟,人民在哭泣。“
Thursday, February 21st, 2008
On my previous post, I encountered problem with ssl-cert in chrooted environment. By installing ssl-cert via apt-get, these processes were triggered.
root 27799 0.0 0.4 4676 2256 pts/2 Ss+ 04:33 0:00 /usr/bin/dpkg --status-fd 13 --configure ssl-cert
root 27800 0.4 1.3 10016 7132 pts/2 S+ 04:33 0:00 /usr/bin/perl -w /usr/share/debconf/frontend /var/lib/dpkg/info/ssl-cert.postinst configure
root 27806 0.0 0.2 3804 1192 pts/2 S+ 04:33 0:00 /bin/sh -e /var/lib/dpkg/info/ssl-cert.postinst configure
root 27808 0.0 0.2 3820 1280 pts/2 S+ 04:33 0:00 /bin/bash -e /usr/sbin/make-ssl-cert generate-default-snakeoil
root 27812 0.0 0.2 3780 1448 pts/2 S+ 04:33 0:00 openssl req -config /tmp/tmp.OXerK27810 -new -x509 -days 3650 -nodes -out /etc/ssl/certs/ssl-cert-snakeoil.pem -keyout /etc/ssl/private/ssl-cert-snakeoil.key
Further investigation showed that process 27812 stuck. Running the openssl command manually brings up:
27830:error:0E065068:configuration file routines:STR_COPY:variable has no value:conf_def.c:629:line 5
The error message is exactly same as what Michael Prokop has found out.
The content of /tmp/tmp.OXerK27810 is:
#
# SSLeay example configuration file.
#
RANDFILE = $ENV::RANDFILE
[ req ]
default_bits = 1024
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
prompt = no
policy = policy_anything
[ req_distinguished_name ]
commonName = myshinnybox
DIRTY SOLUTION
As I’m only interested to get packages such as Postfix, Postgresql Apache mod SSL to install, killed the “apt-get install ssl-cert” process and fired up vi and removed the line RANDFILE = $ENV::RANDFILE from /tmp/tmp.OXerK27810.
# openssl req -config /tmp/tmp.OXerK27810 -new -x509 -days 3650 -nodes -out /etc/ssl/certs/ssl-cert-snakeoil.pem -keyout /etc/ssl/private/ssl-cert-snakeoil.key
Generating a 1024 bit RSA private key
................................................++++++
.......++++++
writing new private key to '/etc/ssl/private/ssl-cert-snakeoil.key'
-----
# apt-get install ssl-cert
Reading package lists... Done
Building dependency tree
Reading state information... Done
ssl-cert is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0B of additional disk space will be used.
Setting up ssl-cert (1.0.15) ...
#
I don’t understand why the package ssl-cert exist in the first place when user can just use “openssl” command to generate ssl certificate. Yet making the situation worst, ssl-cert was added as dependency to many packages. Duh! In additional, chroot seems to be buggy under Linux.
Wednesday, February 20th, 2008
Ran into some issues with ssl-cert 1.0.15 installation on Debian chroot environment. But looks like I’m not alone. The issue was reported by Michael Prokop.
molecule:/# apt-get install ssl-cert
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
ssl-cert
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0B/7938B of archives.
After this operation, 90.1kB of additional disk space will be used.
Preconfiguring packages ...
Selecting previously deselected package ssl-cert.
(Reading database ... 27065 files and directories currently installed.)
Unpacking ssl-cert (from .../ssl-cert_1.0.15_all.deb) ...
Setting up ssl-cert (1.0.15) ...
……took forever……
make-ssl-cert generate-default-snakeoil took forever. So it looks like no fun with ssl-cert in chroot’ed environment. Any solution out there? Buzz me. Thanks.
Monday, February 18th, 2008
Thanks to the whole HeX development team for continuous effort to make HeX possible! HeX System 1.0.3 is finally released. See official announcement. Grab it while it’s hot now!
Main Download
- http://bsd.ipv6.la/hex-i386-1.0.3.iso
- http://bsd.ipv6.la/hex-i386-1.0.3.iso.md5
- http://bsd.ipv6.la/hex-i386-1.0.3.iso.sha256
Thursday, February 14th, 2008
As Linux kernel vmsplice local root exploit in the wild and the Debian boxes in my office is vulnerable to the exploit, I have decided to upgrade their kernels. It’s sad to see rock-solid Linux boxes went down for the 1st time after running stable nearly 8 months.
17:01:25 up 230 days, 9:59, 3 users, load average: 0.00, 0.00, 0.02
17:02:31 up 231 days, 7:02, 1 user, load average: 0.18, 0.38, 0.18
After upgrade
chflags@mzimyklosb03:~$ ./c
———————————–
Linux vmsplice Local Root Exploit
By qaaz
———————————–
[+] mmap: 0×0 .. 0×1000
[+] page: 0×0
[+] page: 0×20
[+] mmap: 0×4000 .. 0×5000
[+] page: 0×4000
[+] page: 0×4020
[+] mmap: 0×1000 .. 0×2000
[+] page: 0×1000
[+] mmap: 0xb7e64000 .. 0xb7e96000
[-] vmsplice: Bad address
chflags@mzimyklosb03:~$ uname -smr
Linux 2.6.24.2 i686
Thursday, February 14th, 2008
In my previous post, FreeBSD : Compaq Presario V3417AU, I could not get broadcom wifi running with FreeBSD 7. Luckily, just before the Chinese New Year, I managed to get it working again. It’s timely for the CNY break. Sweet!!!!! 
Project Evil
# fetch ftp://ftp.hp.com/pub/softpaq/sp34001-34500/sp34152.exe
# cabextract -F ‘bcmwl5*’ sp34152.exe
# ndisgen bcmwl5.inf bcmwl5.sys
# cp bcmwl5_sys.ko /boot/modules/
# kldxref /boot/modules
# kldload bcmwl5_sys
Using ndis0 with wpa_supplicant
Set up /etc/wpa_supplicant.conf with your WIFI network information (an example of WEP protected WLAN with DHCP enabled). You may enable wpa_supplicant automatically by setting /etc/rc.conf with ifconfig_ndis0="WPA mywifi DHCP". To initialise it, run /etc/rc.d/netif start ndis0
Additional configurations
i) /boot/loader.conf
if_ndis_load="YES"
bcmwl5_sys_load=”YES”
wlan_scan_sta_load=”YES”
wlan_scan_ap_load=”YES”
wlan_wep_load=”YES”
wlan_ccmp_load=”YES”
wlan_tkip_load=”YES”
wlan_xauth_load=”YES”
wlan_acl_load=”YES
ii) /etc/rc.conf
ifconfig_ndis0="WPA mywifi DHCP"
iii) /etc/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
ap_scan=1
network={
ssid=”mywifi”
scan_ssid=1
key_mgmt=NONE
wep_tx_keyidx=1
wep_key1=your_104bit_wep_key
}
Thursday, February 14th, 2008
I’d like to wish all of my friends who are celebrating Chinese New Year on this coming 7th and 8th Feb, A happy,healthy,prosperous years ahead and may your all wishes come true. 新年快乐。
Monday, February 4th, 2008
This a just a short note for my own reference. 
1) Install postfix
# yum install postfix
2) Set default MTA to Postix via this command
# alternatives –set mta /usr/sbin/sendmail.postfix
3) Autostart Postfix (Optional but you really want to do it)
# chkconfig –levels 235 sendmail off
# chkconfig –levels 235 postfix on
# /etc/init.d/sendmail stop
# /etc/init.d/postfix start
Monday, February 4th, 2008
© Copyleft 2008 bsd.b3ta.org | Original theme by AGNWS