Thread: never compile as root!

I had just had a lot of fun. On my linux box I downloaded a package for mySQL. And I am an idiot. I was in a hurry to get it done and over with so I could get my Server running again. The objective: to compile a more updated version of mySQL so I could utilize more and better features.

First mistake: After I had downloaded it to /tmp under a regular user I changed ownership to root.

Second mistake: I neglected to check the md5sum

First Success: Backed up all important documents and configurations.

Third Mistake: I backed up the corrupted package without veriifying...

Fourth Mistake: I unzipped (so to say) the package. (as root)

Fifth Mistake: ran './configure' as root

Sixth Mistake (FATAL): I ran make as root.
Now normally this is just bad but how unlucky for me, for the FIRST time I make an exception to my security policy about NO ROOT, I get screwed. The package was corrupted and because it took so long to compile I let it run over night (like I did before as a REGULAR USER). In Make (I assume) there was a hidden surprise... 'crash-me' After compiling it, it ran it (i assume again) and well... Next morning I see that the monitor is not getting anythiung. I try telnetting... nothign, i try thousands of methods I normally use. Nothing, the computer is officially SHOT.
I restart it, it runs up as normal, here comes the file system check.

Code:

Filesystem: / has an unacceptable amount of disconstigencies and corrupted blocks, please run fsck.
Enter root passwd for system repair:

And I do so, and run through the normal process of point->fix->check->format blocks
That took a while... And that was a lot of fun.
So I restart again, come back to it, my other file systems were all right, I guess the 'crash-me' was just trying to ........ me off.
I ran the backup, got everything back to normal, and checked the md5sum of the file. It ALMOST matched it. The first 3 chars were the same but the last 3 chars were different (normally, for speed I just check the first 3 and last 3 because it is hard to duplicate a program that matches).
Well, now LInux is working again. I didn't need to reformat or anything but this is a perfect example of why you shouldn't perform user tasks as root!

I really REALLY should have known better. My JOB is security. I guess I don't take security very seriously at home...

I don't know if it was a virus or just some stupid program to mess up my filesystem but whatever it is, its rare, and rarely effective on linux, if the user has half a brain. I guess I misplaced mine today.

So, this is just a life story and an example, now I need to re-evaluate my system, my skills and my policies for security. SIGH


-LC

Also, as a further note...
'crash-me' is a program that is distributed with mySQL. CLEVER!

Oh and another thing, I found out when running through fsck that a possible cause or something (I forgot what it actually said) was: Constingency root located (or something) at: [path to mysql on tmp]/crashme/
or something...
so let this be 2 lessons
check the md5sums and never compile as root.

as a regular user you run ./configure and make
but as root you run 'make install'

RPMs are far worse. People get away with hiding things in RPMs than they do in Source code.

I was just really unfortunate...

basically you recompile in a temporary location, then bring down the server, put on the backup, switch the routing. run 'make install' to overwrite all the existing software and install the new. Then bring up the server, and switch the routing, and bring down the backup. (or leave the backup on and write a routing script in case one goes down, but this is for my home server).

-LC

Yeah, I used to have a bad habit of:

# ./configure && make && make install

Don't do that. (That's root by the way, notice the #.) Instead recently I use:

$ ./configure && make
$ su
# make install

A newbies first mistake is usually that. Or just logging in as root all the time.

ALSO: Lynux-Penguin, why do you use Kernel 2.2.16-22? If I recall correctly there is no iptables with 2.2.x, only ipchains. Definatly upgrade to 2.4.21 (newest stable, try the newest 2.5.x if your daring, and 2.6.0-test3 if you're bold).

Don't bump month-old posts.

I have my reasons for not upgrading on one of my computers the rest are all updated.

-LC