From shachar at shemesh.biz Fri Jan 4 21:29:03 2019 From: shachar at shemesh.biz (Shachar Shemesh) Date: Fri, 4 Jan 2019 21:29:03 +0200 Subject: How to signal kernel that shared library is not in use by any process anymore ? In-Reply-To: <23264791545917651@myt6-2fee75662a4f.qloud-c.yandex.net> References: <965981545402036@sas1-2b3c3045b736.qloud-c.yandex.net> <5ec84f86-a101-afe9-b06d-b66cbacf510e@shemesh.biz> <23264791545917651@myt6-2fee75662a4f.qloud-c.yandex.net> Message-ID: An HTML attachment was scrubbed... URL: From levonshe at yandex.com Sat Jan 5 10:36:59 2019 From: levonshe at yandex.com (Lev Olshvang) Date: Sat, 05 Jan 2019 11:36:59 +0300 Subject: How to signal kernel that shared library is not in use by any process anymore ? In-Reply-To: References: <965981545402036@sas1-2b3c3045b736.qloud-c.yandex.net> <5ec84f86-a101-afe9-b06d-b66cbacf510e@shemesh.biz> <23264791545917651@myt6-2fee75662a4f.qloud-c.yandex.net> Message-ID: <45007961546677419@sas1-fb8a605c4548.qloud-c.yandex.net> An HTML attachment was scrubbed... URL: From shachar at shemesh.biz Sat Jan 5 12:14:13 2019 From: shachar at shemesh.biz (Shachar Shemesh) Date: Sat, 5 Jan 2019 12:14:13 +0200 Subject: How to signal kernel that shared library is not in use by any process anymore ? In-Reply-To: <45007961546677419@sas1-fb8a605c4548.qloud-c.yandex.net> References: <965981545402036@sas1-2b3c3045b736.qloud-c.yandex.net> <5ec84f86-a101-afe9-b06d-b66cbacf510e@shemesh.biz> <23264791545917651@myt6-2fee75662a4f.qloud-c.yandex.net> <45007961546677419@sas1-fb8a605c4548.qloud-c.yandex.net> Message-ID: An HTML attachment was scrubbed... URL: From levonshe at yandex.com Sat Jan 5 17:30:01 2019 From: levonshe at yandex.com (Lev Olshvang) Date: Sat, 05 Jan 2019 18:30:01 +0300 Subject: How to forbid user space and kernel executable pages from becoming writable? Message-ID: <33504091546702201@myt2-cd7fa496c4f7.qloud-c.yandex.net> I am researching this issue and I am confused with the finding Some articles, ex https://shanetully.com/2013/12/writing-a-self-mutating-x86_64-c-program/ state that mprotect() can change protection of executable section. As I understanf pte entry has page protection bits set to RO so mprotect should change pte which is loaded to MMU/TLB. Why kernel can not refuse do perform this mprotect call(). Whu we do norhave kernel config options to forbid user-space mutable code as security feature? >From the other side, when run-time linker or elf_loader loads the executable it uses MAP_DENYWRITE which protect executable file from being overwritten. But writing to executable text will make page dirty and require the write-back which is disabled by MAP_DENYWRITE. (or it might be disable for other processes except current, I am not sure?) To add to the confusion, the following quote from the LWN articlle https://lwn.net/Articles/422487/ about CONFIG_DEBUG_SET_MODULE_RONX "Marking the kernel module pages as RO and/or NX is important not only because it is consistent with how the rest of the kernel pages are handled" Digging dipper I see that ARM since kernel version 4.11 has CONFIG_STRICT_KERNEL_RWX , and as I understand it is enforced in hardware. But I am not sure that some variant of pte_clear(), pte_mkexec(0 can not disable it. So let me cut to final qiestion: Suppose I want to cut off dynamic code instrumentation, like ftrace and friends. Is it achievable at least at ARM architecture to enforce RO+X at hardware or kernel? Thanks to all folks for reading till this point. Regards Lev From shachar at shemesh.biz Sat Jan 5 22:22:31 2019 From: shachar at shemesh.biz (Shachar Shemesh) Date: Sat, 5 Jan 2019 22:22:31 +0200 Subject: How to forbid user space and kernel executable pages from becoming writable? In-Reply-To: <33504091546702201@myt2-cd7fa496c4f7.qloud-c.yandex.net> References: <33504091546702201@myt2-cd7fa496c4f7.qloud-c.yandex.net> Message-ID: <7a371c33-269d-27ce-82d0-b4620f90b1e6@shemesh.biz> An HTML attachment was scrubbed... URL: From levonshe at yandex.com Sat Jan 5 23:22:52 2019 From: levonshe at yandex.com (Lev Olshvang) Date: Sun, 06 Jan 2019 00:22:52 +0300 Subject: is it possible to mount /proc as read-only on embedded system Message-ID: <50239291546723372@myt5-96980ae04900.qloud-c.yandex.net> Hello all, I am trying to harden the embedded system. Is it possible and safe to mount /proc file system in a read-only mode and how to do this? I have embedded system with systemd where /proc is mounted rw. I suspect that systemd mounts it when it bebins to bootsrtap user space. On my very simple QEMU busybox system with no systemd I was able to remount /proc read-only. But when I changed fstab to mount it as a read-only it is still mounted rw,relatime after reboot So at what s boot stage and how I can mount /proc read-only ? Perhaps it is hardcoded in busybox init or in systemd ? Regards, Lev From shachar at shemesh.biz Sun Jan 6 05:25:12 2019 From: shachar at shemesh.biz (Shachar Shemesh) Date: Sun, 6 Jan 2019 05:25:12 +0200 Subject: How to forbid user space and kernel executable pages from becoming writable? In-Reply-To: <7a371c33-269d-27ce-82d0-b4620f90b1e6@shemesh.biz> References: <33504091546702201@myt2-cd7fa496c4f7.qloud-c.yandex.net> <7a371c33-269d-27ce-82d0-b4620f90b1e6@shemesh.biz> Message-ID: <66eb1102-f438-9be4-ea08-939c612723e7@shemesh.biz> An HTML attachment was scrubbed... URL: From levonshe at yandex.com Sun Jan 6 14:40:06 2019 From: levonshe at yandex.com (Lev Olshvang) Date: Sun, 06 Jan 2019 15:40:06 +0300 Subject: systemtap on Amazon kernel v4.4.160 failes to recognizaze @avg, @max aggregate Message-ID: <46085601546778406@sas1-87f9feb8d943.qloud-c.yandex.net> Hi, I debugged systemtap scripts which monitor __kmalloc() which are coming from my my 2 module MOD1.KO, MOD2.ko and they are working perfectly on my Ubuntu 16.10 kernel 4.8.17 VM with gcc 6.2.0 and systemtap package v3.0-7 amd64 . This is a custom kernel and I compiled it with debuginfo myself Then I moved this scripts to Amazon ?Ubuntu VM 16 I again compiled kernel with debuginfo myself. My modules are compiled with EXTRA_CFLAGS += -g -DDEBUG gcc on this host is v5.5.0 I tried systemtap 3.1, 3,3 4.0 , same error sudo /usr/local/stap_v4.0/bin/stap -v -d MOD1.ko -d MOD2 ./kmalloc_argus.stp 1 1 Pass 1: parsed user script and 472 library scripts using 91988virt/65864res/5032shr/61236data kb, in 260usr/50sys/320real ms. Pass 2: analyzed script: 5 probes, 7 functions, 1 embed, 6 globals using 131248virt/106220res/5972shr/100496data kb, in 640usr/70sys/711real ms. WARNING: missing unwind/symbol data for module 'MOD1.ko' WARNING: missing unwind/symbol data for module 'MOD2.ko' Pass 3: translated to C into "/tmp/stap7YDmYH/stap_9b711e9d9caac3ad6af772118b2bf956_4495_src.c" using 131248virt/106476res/6228shr/100496data kb, in 350usr/500sys/850real ms. Pass 4: compiled C into "stap_9b711e9d9caac3ad6af772118b2bf956_4495.ko" in 38820usr/166550sys/191672real ms. Pass 5: starting run. ERROR: empty aggregate near operator '@max' at ./kmalloc_argus.stp:58:3 WARNING: Number of errors: 1, skipped probes: 0 WARNING: /usr/local/stap_v4.0/bin/staprun exited with status: 1 Pass 5: run completed in 130usr/1160sys/1748real ms. Pass 5: run failed. [man error::pass5] From levonshe at yandex.com Tue Jan 8 17:56:42 2019 From: levonshe at yandex.com (Lev Olshvang) Date: Tue, 08 Jan 2019 18:56:42 +0300 Subject: How to signal kernel that shared library is not in use by any process anymore ? In-Reply-To: References: <965981545402036@sas1-2b3c3045b736.qloud-c.yandex.net> Message-ID: <37527851546963002@sas2-2074c606c35d.qloud-c.yandex.net> An HTML attachment was scrubbed... URL: From levonshe at yandex.com Tue Jan 8 18:00:57 2019 From: levonshe at yandex.com (Lev Olshvang) Date: Tue, 08 Jan 2019 19:00:57 +0300 Subject: Solved systemtap on Amazon kernel v4.4.160 failes to recognizaze @avg, @max aggregate In-Reply-To: <46085601546778406@sas1-87f9feb8d943.qloud-c.yandex.net> References: <46085601546778406@sas1-87f9feb8d943.qloud-c.yandex.net> Message-ID: <55835441546963257@iva7-bd007c44f58e.qloud-c.yandex.net> An HTML attachment was scrubbed... URL: From levonshe at yandex.com Sat Jan 12 15:19:00 2019 From: levonshe at yandex.com (Lev Olshvang) Date: Sat, 12 Jan 2019 16:19:00 +0300 Subject: Security-What can be done in kernel to disable forever executable memory modificaton Message-ID: <589971547299140@myt5-f9d71769b752.qloud-c.yandex.net> Hi All, The fact that the text segment could be modified is bad news from the security standpoint. For example, in order to set a breakpoint GDB should map a text segment with MAP_PRIVATE flag which allows kernel to ignore the dirty bit that MMU sets on this page. Somewhere in the middle of this mapping, perhaps in mprotect, permission bits of page's PTE entry are modified as well from their original RO+X to RWX I am not sure whether it is actually happening, perhaps instead new pages are allocated, sort of COW (copy on write). And here I am getting to the point : Is there any way to disable the change of permission bits of PTE? Is it possible in the hardware (ARM) or should kernel be patched? Regards to All, Happy new year. Lev. From shachar at shemesh.biz Sun Jan 13 21:22:54 2019 From: shachar at shemesh.biz (Shachar Shemesh) Date: Sun, 13 Jan 2019 21:22:54 +0200 Subject: Security-What can be done in kernel to disable forever executable memory modificaton In-Reply-To: <589971547299140@myt5-f9d71769b752.qloud-c.yandex.net> References: <589971547299140@myt5-f9d71769b752.qloud-c.yandex.net> Message-ID: <1139bbf9-0a49-d3d5-be6b-ca73696c3dc8@shemesh.biz> An HTML attachment was scrubbed... URL: From elazarl at gmail.com Thu Jan 17 11:26:24 2019 From: elazarl at gmail.com (Elazar Leibovich) Date: Thu, 17 Jan 2019 11:26:24 +0200 Subject: Security-What can be done in kernel to disable forever executable memory modificaton In-Reply-To: <1139bbf9-0a49-d3d5-be6b-ca73696c3dc8@shemesh.biz> References: <589971547299140@myt5-f9d71769b752.qloud-c.yandex.net> <1139bbf9-0a49-d3d5-be6b-ca73696c3dc8@shemesh.biz> Message-ID: What you probably want, is something similar to Windows VBS HVCI, which is usually achieved via underlying hypervisor. It forces you to pass the security boundary of the hypervisor, even if security boundary between user/kernel is bypassed. Have a look at Bromium or QubeOS for a full solution (not even sure they offer HVCI, but maybe) Note you'll need to disable things like kprobe and BPF JIT. I guess you can hack something with standalone Xen. I'm far from expert, and can consult if other solutions are available. Also have a look at grx, which offer hardening in general and maybe have VBS-like solutions. Ping me in private if you need additional help, I can refer you to relevant people. On 13/01/2019 21:22, Shachar Shemesh wrote: > On 12/01/2019 15:19, Lev Olshvang wrote: >> Hi All, >> >> >> >> The fact that the text segment could be modified is bad news from the security standpoint. >> For example, in order to set a breakpoint GDB should map a text segment with MAP_PRIVATE flag which allows kernel to ignore the dirty bit that MMU sets on this page. >> >> Somewhere in the middle of this mapping, perhaps in mprotect, permission bits of page's PTE entry are modified as well from their original RO+X to RWX >> I am not sure whether it is actually happening, perhaps instead new pages are allocated, sort of COW (copy on write). >> >> And here I am getting to the point : >> >> Is there any way to disable the change of permission bits of PTE? Is it possible in the hardware (ARM) or should kernel be patched? >> >> Regards to All, >> >> Happy new year. >> >> Lev. >> >> > I am 86.3%^1 certain that this change will not bring about what you > want this change to do. For example, if protecting against ptrace is > what you're after, please note that fakeroot-ng completely changes > what a process is running without making any changes to the text > segment at all. > > > Anyways, it is not the kernel that maps the text segment into memory > using private mapping. It is the dynamic linker. If you need to change > that to shared mapping, change the dynamic linker. > > > Shachar > > > 1- Following the 80% rule, which states that 92.7% of statistics > people quote are made up on the spot. > > > _______________________________________________ > Linux-il mailing list > Linux-il at cs.huji.ac.il > http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -------------- next part -------------- An HTML attachment was scrubbed... URL: From elazarl at gmail.com Thu Jan 17 11:35:29 2019 From: elazarl at gmail.com (Elazar Leibovich) Date: Thu, 17 Jan 2019 11:35:29 +0200 Subject: Security-What can be done in kernel to disable forever executable memory modificaton In-Reply-To: References: <589971547299140@myt5-f9d71769b752.qloud-c.yandex.net> <1139bbf9-0a49-d3d5-be6b-ca73696c3dc8@shemesh.biz> Message-ID: <90f5d61f-e578-31c5-4793-a3591184fc08@gmail.com> Another thing you should note, that if you do not protect boot integrity, you're grinding water, because all your hypervisor based protection and magnificent hardening would be null and void after the next reboot. Generally speaking, I really recommend you to get paid consultancy from a real security professional (e.g., not me), because there are probably other concerns you and me are not even considering now. On 17/01/2019 11:26, Elazar Leibovich wrote: > > What you probably want, is something similar to Windows VBS HVCI, > which is usually achieved via underlying hypervisor. > > It forces you to pass the security boundary of the hypervisor, even if > security boundary between user/kernel is bypassed. > > Have a look at Bromium or QubeOS for a full solution (not even sure > they offer HVCI, but maybe) > > Note you'll need to disable things like kprobe and BPF JIT. > > I guess you can hack something with standalone Xen. > > > I'm far from expert, and can consult if other solutions are available. > Also have a look at grx, which offer hardening in general and maybe > have VBS-like solutions. Ping me in private if you need additional > help, I can refer you to relevant people. > > > On 13/01/2019 21:22, Shachar Shemesh wrote: >> On 12/01/2019 15:19, Lev Olshvang wrote: >>> Hi All, >>> >>> >>> >>> The fact that the text segment could be modified is bad news from the security standpoint. >>> For example, in order to set a breakpoint GDB should map a text segment with MAP_PRIVATE flag which allows kernel to ignore the dirty bit that MMU sets on this page. >>> >>> Somewhere in the middle of this mapping, perhaps in mprotect, permission bits of page's PTE entry are modified as well from their original RO+X to RWX >>> I am not sure whether it is actually happening, perhaps instead new pages are allocated, sort of COW (copy on write). >>> >>> And here I am getting to the point : >>> >>> Is there any way to disable the change of permission bits of PTE? Is it possible in the hardware (ARM) or should kernel be patched? >>> >>> Regards to All, >>> >>> Happy new year. >>> >>> Lev. >>> >>> >> I am 86.3%^1 certain that this change will not bring about what you >> want this change to do. For example, if protecting against ptrace is >> what you're after, please note that fakeroot-ng completely changes >> what a process is running without making any changes to the text >> segment at all. >> >> >> Anyways, it is not the kernel that maps the text segment into memory >> using private mapping. It is the dynamic linker. If you need to >> change that to shared mapping, change the dynamic linker. >> >> >> Shachar >> >> >> 1- Following the 80% rule, which states that 92.7% of statistics >> people quote are made up on the spot. >> >> >> _______________________________________________ >> Linux-il mailing list >> Linux-il at cs.huji.ac.il >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -------------- next part -------------- An HTML attachment was scrubbed... URL: From levonshe at yandex.com Thu Jan 17 16:58:46 2019 From: levonshe at yandex.com (Lev Olshvang) Date: Thu, 17 Jan 2019 17:58:46 +0300 Subject: Why read only memory segment is dirty? Message-ID: <29911601547737126@sas2-f23a2383e77b.qloud-c.yandex.net> An HTML attachment was scrubbed... URL: From shlomif at gmail.com Thu Jan 17 23:34:59 2019 From: shlomif at gmail.com (Shlomi Fish) Date: Thu, 17 Jan 2019 23:34:59 +0200 Subject: Fwd: Fw: [Inkscape-devel] Inkscape 0.92.4 bugfix release In-Reply-To: <20190117225021.766d6ffb@telaviv1.shlomifish.org> References: <20190117225021.766d6ffb@telaviv1.shlomifish.org> Message-ID: ---------- Forwarded message --------- From: Shlomi Fish Date: Thu, Jan 17, 2019 at 10:50 PM Subject: Fw: [Inkscape-devel] Inkscape 0.92.4 bugfix release To: HaMakor Begin forwarded message: Date: Thu, 17 Jan 2019 12:24:51 -0800 From: Bryce Harrington To: inkscape-announce at lists.sf.net Cc: inkscape-user at lists.sf.net, inkscape-devel at lists.sf.net Subject: [Inkscape-devel] Inkscape 0.92.4 bugfix release Inkscape has launched version 0.92.4 with increased stability. This update delivers some notable performance improvements for filter rendering, saving and moving paths (with a live path effect), and the measure tool. Download Inkscape 0.92.4 packages here: https://inkscape.org/release/ The key improvements in this version will enable Inkscape users to do or experience the following: * Align multiple objects as a group relative to a single object * Write image data to standard output * Experience extensions working faster within complex documents * See improved speed when deselecting a path with many nodes * Ungroup text elements won?t result in changed font size of children * Able to print and / or print correct paper size with printers (especially Canon, EPSON, Konica Minolta) * See improved performance of the measure tool when grids are visible * See proper opacity of partially transparent embedded bitmap images in PDF export * Able to Shift/Ctrl-click on control handles of shapes without crashing * Build Inkscape with up-to-date poppler library 0.72.0 ? useful for Mac users building with Homebrew Translation and documentation updates ------------------------------------- The Icelandic and Brazilian Portuguese user interface (UI) translations have been updated. Inkscape?s Ukranian and Hungarian documentation translations have also been revised in this version. Join an Inkscape project team ----------------------------- There is always room for developers, especially those who can help with the following: * Package version 0.92.4 for Mac * Prepare the upcoming Inkscape 1.0 to be usable on MacOS * Help with programming a great UI for some of the new features in 1.0 * Help fix bugs and implement new features * Wrangle Python Head here https://inkscape.org/contribute/ to find out more about joining the ranks. Inkscape is always happy to welcome new contributors to help complete documentation and other elements of the project that are translated into many different languages. The project is seeking support with interface, documentation and other content translation. If you would like to contribute, head to https://inkscape.org/contribute/translations/ Another great way to help Inkscape is through Vectors, who are the marketing, outreach, and promotion team for Inkscape. Designers, artists, marketers, writers, and anyone enthusiastic about bringing Inkscape to more people in more places, is welcome to join. Inkscape alpha version 1.0 seeking testers ------------------------------------------ As the project advances towards an alpha release of version 1.0, the Inkscape teams are seeking developers interested in testing the alpha ahead of release. Download 1.0 alpha at: https://inkscape.org/release/inkscape-1.0alpha0/ Report new issues in Inkscape's Inbox: http://inkscape.org/inbox Watch Inkscape.org https://inkscape.org/ and social media channels for the latest details on the progress of the 1.0 development work. Mac OS: Inkscape needs your help -------------------------------- As few Inkscape volunteer developers use Mac, the project needs someone who knows how to automatically package a .dmg file, to enable Mac users to test the alpha version, along with Mac equipment to run continuous integration jobs. If you're interested in working on this, please introduce yourself on one of our discussion channels, and keep an eye out for other Mac volunteers to work with on this important task. -- ----------------------------------------------------------------- Shlomi Fish http://www.shlomifish.org/ Parody of "The Fountainhead" - http://shlom.in/towtf When Chuck Norris orders Pizza, it arrives before he presses the OK button. ? http://www.shlomifish.org/humour/bits/facts/Chuck-Norris/ Please reply to list if it's a mailing list post - http://shlom.in/reply . _______________________________________________ Inkscape-devel mailing list Inkscape-devel at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/inkscape-devel _______________________________________________ Discussions mailing list Discussions at hamakor.org.il http://hamakor.org.il/cgi-bin/mailman/listinfo/discussions -- Shlomi Fish http://www.shlomifish.org/ Buddha has the Chuck Norris nature. Please reply to list if it's a mailing list post - http://shlom.in/reply . -------------- next part -------------- An HTML attachment was scrubbed... URL: From shlomif at gmail.com Mon Jan 21 12:47:21 2019 From: shlomif at gmail.com (Shlomi Fish) Date: Mon, 21 Jan 2019 12:47:21 +0200 Subject: How come the initrd cpio archives are so large? Message-ID: Hi all! root at telaviv1:~/initrd/good/unpack # ls -l ../img -rw------- 1 root root 11419609 Jan 21 11:42 ../img root at telaviv1:~/initrd/good/unpack # cpio -i < ../img 26 blocks root at telaviv1:~/initrd/good/unpack # du . 16K ./kernel/x86/microcode 20K ./kernel/x86 24K ./kernel 32K . root at telaviv1:~/initrd/good/unpack # ==> why is the initrd cpio image so large in comparison to its contents? I am trying to debug this kernel bootup problem - https://bugs.mageia.org/show_bug.cgi?id=24203 - it happens with all kernels I tried - compiled from source or not except for those that were prepared in the past. Any help would be appreciated. -- Shlomi Fish http://www.shlomifish.org/ Buddha has the Chuck Norris nature. Please reply to list if it's a mailing list post - http://shlom.in/reply . -------------- next part -------------- An HTML attachment was scrubbed... URL: From shlomif at gmail.com Tue Jan 22 14:46:09 2019 From: shlomif at gmail.com (Shlomi Fish) Date: Tue, 22 Jan 2019 14:46:09 +0200 Subject: Fwd: [Bug-cpio] Fw: How come the initrd cpio archives are so large? In-Reply-To: <20190122101821.7d01817e@telaviv1.shlomifish.org> References: <20190121155918.20f1cf89@telaviv1.shlomifish.org> <20190122101821.7d01817e@telaviv1.shlomifish.org> Message-ID: Problem solved. ---------- Forwarded message --------- From: Shlomi Fish Date: Tue, Jan 22, 2019 at 10:25 AM Subject: Re: [Bug-cpio] Fw: How come the initrd cpio archives are so large? To: Reuti Cc: , Shlomi Fish Hi, On Mon, 21 Jan 2019 18:47:43 +0100 Reuti wrote: > Hi, > > > Am 21.01.2019 um 14:59 schrieb Shlomi Fish : > > > > Hi all! > > > > Can anyone address my concern? > > > > Begin forwarded message: > > > > Date: Mon, 21 Jan 2019 12:47:21 +0200 > > From: Shlomi Fish > > To: Linux-IL > > Subject: How come the initrd cpio archives are so large? > > > > > > Hi all! > > > > root at telaviv1:~/initrd/good/unpack # ls -l ../img > > -rw------- 1 root root 11419609 Jan 21 11:42 ../img > > root at telaviv1:~/initrd/good/unpack # cpio -i < ../img > > 26 blocks > > root at telaviv1:~/initrd/good/unpack # du . > > 16K ./kernel/x86/microcode > > 20K ./kernel/x86 > > 24K ./kernel > > 32K . > > root at telaviv1:~/initrd/good/unpack # > > > > > > ==> why is the initrd cpio image so large in comparison to its contents? > > Because it contains more than a single file, i.e. a compressed directory tree > is attached: > > https://unix.stackexchange.com/questions/163346/why-is-it-that-my-initrd-only-has-one-directory-namely-kernel > Thanks! Yes, as I discovered one should use dracut's lsinitrd - http://man7.org/linux/man-pages/man1/lsinitrd.1.html - possibly with "--unpack" to extract an initrd. > -- Reuti > -- ----------------------------------------------------------------- Shlomi Fish http://www.shlomifish.org/ NSA Factoids - http://www.shlomifish.org/humour/bits/facts/NSA/ Objective Visual Turbo Global jIronOpenPerl++.NET? Enterprise Edition? Professional Home Premium Ultimate 64-bit Single-user. ? based on a Freenode #perl conversation ( http://is.gd/cCUBY2 ) Please reply to list if it's a mailing list post - http://shlom.in/reply . -- Shlomi Fish http://www.shlomifish.org/ Buddha has the Chuck Norris nature. Please reply to list if it's a mailing list post - http://shlom.in/reply . -------------- next part -------------- An HTML attachment was scrubbed... URL: