Sunday, November 23, 2008

Avoiding to remove /tmp automatically


In my Debian etch server, the /tmp was deleting after each restart. I was looking for some schedule task or some trojan/rootkit in the kernel that can delete /tmp without any authorizing.

At last I found /etc/default/rcS which has some jobs scheduled after each system boot up. According to its man page:
rcS - variables that affect the behavior of boot scripts

This file had some entry about TMPTIME:
On boot the files in /tmp will be deleted if their modification time is more than TMPTIME days ago. A value of 0 means that files are removed regardless of age. If you don't want the system to clean /tmp then set TMPTIME to a negative value (e.g., -1) or to the word infinite.

I change my TMPTIME to -1 and everything became natural :D
Thanks to this mailing list.
Posted by at No comments:

Sunday, November 9, 2008

WSUS Logs on Clients

I installed WSUS 3 on Windows 2003 SP2 and configured my Windows XP Professional SP3 clients to use it to update. (I defined this in Group Policy of windows)

But after that I need a way to test whether it works or not. At last I found a log file located at: %Windir%\WindowsUpdate.log

This file contains a lot of useful information about the client and server interaction. The sample log is here:


+++++++++++ PT: Synchronizing server updates +++++++++++
+ ServiceId = {SomeID}, Server URL = http://MyServer/ClientWebService/client.asmx
WARNING: Cached cookie has expired or new PID is available
Initializing simple targeting cookie, clientId = SomeID, target group = , DNS name = MyPC
Server URL = http://MyServer/SimpleAuthWebService/SimpleAuth.asmx
* Added update {11D06C29-6F79-4843-AF63-02811FF01887}.100 to search result
* Added update {AE9F992A-D0A6-44FF-BFC2-CB87ACCF701B}.100 to search result
* Added update {D1F84C75-F914-4FC7-94D5-446DC7987844}.102 to search result
* Added update {79AE03DF-D6EB-4DE2-B59F-37E963D7A69E}.100 to search result
* Added update {E174AF91-A808-44CE-8936-B425F4581B03}.100 to search result
* Added update {26DA5716-5999-4AB2-8806-800F7AF93C93}.107 to search result
* Added update {D3AC165E-D7C4-4BDF-83F0-E249ECBE873B}.104 to search result
* Added update {2BE6143C-5547-4FEE-AFC6-37CD3D2D585D}.101 to search result
* Added update {ED0D8850-60F4-48FC-BD76-49EED8A6F341}.106 to search result
* Added update {278BB66C-CE54-40FB-A5A2-AE55804C3917}.106 to search result
* Added update {70D41FF9-0796-4EB6-A699-61C04CB395FE}.100 to search result
* Added update {27D0A4B7-77C3-48A9-90D3-F67368BB0E37}.107 to search result
* Added update {EDABB0FE-1B6A-478B-806B-7FFFD044B2EE}.100 to search result
* Added update {44F3BFC5-1C64-41E2-839D-A91407634BAB}.101 to search result
* Added update {D5EADB3B-4FD7-4087-8B9D-4ACB2B41210E}.109 to search result
* Found 15 updates and 46 categories in search; evaluated appl. rules of 545 out of 776 deployed entities
*********
** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
*************

Thanks to WSUS wiki for its good article.
Posted by at No comments:
Subscribe to: Posts (Atom)