Menu
▾
▴
Re: Running CoLinux as a service (WAS Re: [coLinux-devel] Wishlist)
|
From: Jaroslaw K. <ja...@zd...> - 2004-04-01 20:20:14
|
Thanks for your comments, Chris. Regarding the security issue for Stop - I know it's not secure at all. The worst thing is that any network port scanner can shutdown your machine without your "only_from" comment is something that I've just updated in the zip file. As for using ssh to shutdown the machine - I'm not sure if we can guarantee that "ssh" can be safely called because windows may be in the process of shutting down. AFAIR spawning new processes isn't guaranteed to succeed at this moment. I may be wrong though. BTW. The "ssh" would be run in a LocalSystem context - that means: no profile, no HKEY_CURRENT_USER, and so on. Have you ever used ssh.exe in this environment? How would it handle "known_hosts"? I'm not sure I can release my source code to the public because it uses portions of microsoft's sample code "service.c". As soon as I get rid of this, I'll publish the sources so that everyone can play with them. Jarek ----- Original Message ----- From: <ch...@to...> To: "Jaroslaw Kowalski" <ja...@zd...> Cc: <col...@li...> Sent: Thursday, April 01, 2004 9:50 PM Subject: Re: Running CoLinux as a service (WAS Re: [coLinux-devel] Wishlist) > I just downloaded http://jaak.sav.net/colinux/CoLinuxService.zip but don't > have time to try it today. Looks like a really cool idea. One thing that > you might want to add to the readme is that if the machine is setup for > bridged networking then It would be a good idea to add > > only_from = windowsIPaddress > > to the /etc/xinetd.d/shutdown file to add at least a moderate amount of > security. For the truely paranoid it may be a good idea to add the ability > to do something like > > [stop] > cmd ssh -i c:\Coshutdownid 192.168.0.40 shutdown -h now > > of course an unencrypted key pair would need to be generated for this so > it probably would not be much more secure than the current method with the > only_from added unless the id was readable only by the administrator > group. > > chris > > > > Here's my quick and dirty way to run coLinux as a service in a reliable > > manner. > > > > I have written a small service process, called CoLinuxService. When > > started > > it spawns a new instance of "colinux-daemon.exe". The service terminates > > whenever the colinux-daemon.exe dies (something difficult to achieve with > > srvany.exe). > > > > I needed a way to reliably shutdown the coLinux instance, so I developed a > > quick hack. The linux machine has a special "xinetd" listener that listens > > on port 15555 does nothing but shutting down the machine. > > > > With this mechanism in place, whenever CoLinuxService receives "Stop" > > command it just connects to the specified port and this initiates the safe > > shutdown sequence. If "connect()" call fails the colinux-daemon.exe is > > terminated. > > > > The mechanism somewhat proved to reliable and I had no problems with it > > for > > 4, and that's why I decided to publish it. > > > > Binary of CoLinuxService.exe is available at > > http://jaak.sav.net/colinux/CoLinuxService.zip > > Setup instructions inside. > > > > Contact me if you want to get access to the source code. > > > > Jarek > > ----- Original Message ----- > > From: "JOSE MIGUEL MARTINEZ" <tx...@cl...> > > To: <col...@li...>; > > <col...@li...> > > Cc: <tx...@eu...> > > Sent: Thursday, April 01, 2004 6:15 PM > > Subject: [coLinux-devel] Wishlist > > > > > >> > >> First of all, congratulations and thanks for this great software. > >> Now I can get rid of vmware and cygwin and use something more useful and > >> open ;-) > >> > >> I wanted to add something to the whislist, it is something I would find > >> really useful. I use colinux for getting a handy debian system when I > >> have to work in Windows. But I would like to get rid of the two windows > >> opened when colinux starts. I do not need them as I connect to colinux > >> through ssh, and I would thank put them in a small icon in the task bar. > >> (as messenger and getright do). > >> > >> Another thing I would like is having a colinux machine running as a > >> service, not needing to log in a Windows session to have it runnning and > >> being started when windows starts. Later I could log in via ssh and this > >> way I could do a lot of things I like to do on Unix machines (tunnels, > >> cron jobs...) in Windows machines I cannot migrate. > >> > >> Thanks for all and congratulations again for this great piece of > >> software, > >> txemi. > >> > >> -- > >> ______________________________ > >> < hola, soy una firma horrible > > >> ------------------------------ > >> \ ^__^ > >> \ (oo)\_______ > >> (__)\ )\/\ > >> ||----w | > >> || || > >> > >> mail: txemi <tx...@eu...> > >> web: http://txemi.webhop.org > >> mirror: http://txemi2.webhop.org > >> > >> > >> > >> > >> ------------------------------------------------------- > >> This SF.Net email is sponsored by: IBM Linux Tutorials > >> Free Linux tutorial presented by Daniel Robbins, President and CEO of > >> GenToo technologies. Learn everything from fundamentals to system > >> administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click > >> _______________________________________________ > >> coLinux-devel mailing list > >> coL...@li... > >> https://lists.sourceforge.net/lists/listinfo/colinux-devel > >> > > > > > > > > ------------------------------------------------------- > > This SF.Net email is sponsored by: IBM Linux Tutorials > > Free Linux tutorial presented by Daniel Robbins, President and CEO of > > GenToo technologies. Learn everything from fundamentals to system > > administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click > > _______________________________________________ > > coLinux-devel mailing list > > coL...@li... > > https://lists.sourceforge.net/lists/listinfo/colinux-devel > > > |
