On 26 Sep 2014 at 15:37, Gary Stainburn wrote:
From: Gary Stainburn <gary.stainb...@ringways.co.uk>
Organization: Ringways Garages Ltd
To: users@lists.fedoraproject.org
Subject: Re: shellshock - detect in Apache?
Date sent: Fri, 26 Sep 2014 15:37:35 +0100
Send reply to: Community support for Fedora users
<users@lists.fedoraproject.org>
> On Friday 26 September 2014 15:21:27 Michael D. Setzer II wrote:
> > Problem is you are still running the old bash bash -c should be ./bash -c
> >
> > The only issue that I see is that the make install isn't replacing the
> > /bin/bash, but is putting the new bash in
> > /usr/local/bin/bash
> >
> > Tried to copy bash to the /bin, but it seems to be in use?
> > But after the make install, it did work.
> > On one system, I needed to restart to get it to take affect, but have only
> > check a two systems with older versions of Fedora.
> >
>
> Doh :-)
>
> It now works as expected. I have copied the file to /usr/bin/bash - the
> existing / old version of bash is /bin/bash
>
> I have updated the shell field in /etc/passed for a test user and then logged
> in as that user. All looks okay. Next step is to replace the old bash and
> cross my fingers.
>
> If this works, I'll roll it out to the live servers too.
>
> Thanks again
Just as a test, I created a script to download and create the update bash
Note the strip option. The build creates an about 3m file, but after strip the
code is reduced to about 1m.
mkdir bash
cd bash
ncftpget ftp://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz .
tar -zxvf bash-4.3.tar.gz
cd bash-4.3
ncftpget ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/* .
for a in bash43-??? ; do
patch -p0 <$a ;
done
./configure
make
strip bash
#make install
Left the last step commented so far just to make sure it all worked with no
compile errors. The issue that if someone ran /bin/bash to run the old script.
Don't know if there is a trick to change the /bin/bash directly. The rpm update
seems to do it, so there must be something to it.
> --
> users mailing list
> users@lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org
+----------------------------------------------------------+
Michael D. Setzer II - Computer Science Instructor
Guam Community College Computer Center
mailto:mi...@kuentos.guam.net
mailto:msetze...@gmail.com
http://www.guam.net/home/mikes
Guam - Where America's Day Begins
G4L Disk Imaging Project maintainer
http://sourceforge.net/projects/g4l/
+----------------------------------------------------------+
http://setiathome.berkeley.edu (Original)
Number of Seti Units Returned: 19,471
Processing time: 32 years, 290 days, 12 hours, 58 minutes
(Total Hours: 287,489)
BOINC@HOME CREDITS
ROSETTA 19981840.971965 | SETI 33950436.647387
ABC 16613838.513356 | EINSTEIN 34233765.925899
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
