[123002570010] |10 years ago Linux news (Sep, 1998)... [123002570020] |Below are some Linux news which were on top 10 years ago at e-news sites of of that time. [123002570030] |Preparing this post I didn’t know that it would be so interesting and cognitive operation to dig in old news, to find workable links to headlines below. [123002570040] |Well, sometimes this is more interesting and astonishing than we can find today in e-newspapers… [123002570050] |
  • Hats off to Linux!. [123002570060] |Intel and Netscape have announced investments in a small company developing the Linux operating system (RedHat).
  • [123002570070] |
  • Apache 1.3.2 is released. [123002570080] |Upgrade now!
  • [123002570090] |
  • Microsoft questions Linux’s free model. [123002570100] |Rich Gray, intellectual property attorney, thinks that the Linux model may not last.
  • [123002570110] |
  • MCI WorldCom Exec On Linux: Not So Fast. [123002570120] |Uunet has not yet decided whether to deploy Linux.
  • [123002570130] |
  • Caldera announces partnership with Sybase. [123002570140] |Caldera has made two announcements today: They will be shipping Sybase with their next release of OpenLinux, and OpenLinux 1.3 will be out on September 28th 1998.
  • [123002570150] |
  • Interview: Linux creator Linus Torvalds (in Real Audio).
  • [123002580010] |15+ "must have" Cisco Cheat Sheets [123002580020] |Below is the link list to essential Cisco related cheat sheets (collection of notes or quick reference guides whatever). [123002580030] |By the way, we don’t recommend to cheat anything and/or do a cheating of any sort by means of using these materials [123002580040] |1. Cisco IOS Versions what’s this?) [123002580050] |2. Physical Terminations/Connectors (what’s this?) 3. [123002580060] |VLANs (what’s this?) 4. [123002580070] |Quality of Service (what’s this?) 5. [123002580080] |MPLS (what’s this?) 6. [123002580090] |IP Access Lists what’s this?) [123002580100] |7. Spanning Tree (what’s this?) 8. [123002580110] |OSPF (what’s this?) 9. [123002580120] |EIGRP (what’s this?) 10. [123002580130] |BGP (what’s this?) [123002580140] |11. General Cisco IOS cheat sheet (router/switch commands etc.) 12. [123002580150] |Cisco Commands for Beginners 13. [123002580160] |Descriptive list of Cisco Commands (fresh) 14. [123002580170] |Cisco IOS Firewall Cheat Sheet (Official Design Guide) 15. [123002580180] |Cisco –Ethernet Encapsulation (in pdf)digg_url = http://www.linuxscrew.com/2008/10/10/15-must-have-cisco-cheat-sheets/; 16. [123002580190] |Mini CCNA Cheat Sheet 17. [123002580200] |CCNA Cheat Sheet (commands debugging) 18. [123002580210] |Connector Pinouts Cheat Sheets [123002580220] |Great thanks to Jeremy Stretch (author of packetlife.net) for the first 10 cheat sheets from above list (to get them all just download this package). [123002580230] |Information improvisation: You can get your 000-152 and 70-293 exam within days using latest 642-974 and other resources of 1z0-515 exam certifications; you can get a wonderful JN0-343 booklet. [123002590010] |The Manga Guide to Databases [123002590020] |Just came across one amusing book… Here is what Mana Takahashi (the author) says: [123002590030] |Princess Ruruna is stressed out. [123002590040] |With the king and queen away, she has to manage the Kingdom of Kod’s humongous fruit-selling empire. [123002590050] |Overseas departments, scads of inventory, conflicting prices, and so many customers! [123002590060] |It’s all such a confusing mess. [123002590070] |But a mysterious book and a helpful fairy promise to solve her organizational problems—with the practical magic of databases. [123002590080] |In The Manga Guide to Databases, Tico the fairy teaches the Princess how to simplify her data management. [123002590090] |We follow along as they design a relational database, understand the entity-relationship model, perform basic database operations, and delve into more advanced topics. [123002590100] |Once the Princess is familiar with transactions and basic SQL statements, she can keep her data timely and accurate for the entire kingdom. [123002590110] |Finally, Tico explains ways to make the database more efficient and secure, and they discuss methods for concurrency and replication. [123002590120] |Examples and exercises (with answer keys) help you learn, and an appendix of frequently used SQL statements gives the tools you need to create and maintain full-featured databases. [123002590130] |By the way, does anybody know where to buy manga illustrated guide to MPLS (Multiprotocol Label Switching)? [123002600010] |WPA Wi-Fi encryption is now cracked [123002600020] |Network security researcher Erik Tews found a way to brake TKIP (Temporal Key Integrity Protocol) used by WPA in order to read the data being sent from router to Wi-Fi laptop or PC. [123002600030] |It takes from 12 to 15 minutes to crack WPA encryption according to statements made by PacSec conference organizers where Erik will demonstrate the procedure. [123002600040] |PacSec 2008 Conference will be held on November 12/13, 2008, at Aoyama Diamond Hall in Tokyo, Japan. [123002600050] |The presentation is planned as “Gone in 900 Seconds, Some Crypto Issues with WPA –Erik Tews”. [123002600060] |WPA (Wi-Fi Protected Area) is widely used to protect many corporate and personal wireless networks. [123002600070] |This protocol implements IEEE 802.11i standard and is a successor of WEP algorithm which was cracked in 2001. [123002600080] |Read more here: Once thought safe, WPA Wi-Fi encryption is cracked. [123002610010] |FAQ: How to scrollback in GNU SCREEN? [123002610020] |Q: I was compiling kernel using GNU Screen utility but something happened during the compilation and I want to see full error’s output but I can’t just scrollback using Ctrl+PageUp. [123002610030] |How to scrollback in GNU Screen? [123002610040] |A: In GNU Screen press Ctrl + a + [ to enter Copy Mode, then scroll up/down using keys j or k. Below are some other navigation keys: [123002610050] |By the way, in order to define scrollback buffer size start screen with the following key (5000 lines in this example): [123002610060] |screen -h 5000 [123002610070] |Quick info about GNU Screen utility: it is Unix tool that allows to run multiple applications in several “virtual” windows. [123002610080] |It is very useful when you need, let’s say, to see hardware resources consumption caused by started application in different console etc. [123002610090] |GNU screen is also good option to run applications remotely via ssh: just run application in screen and log off until it’s finished, then just “pick up” screen session and see how the application’s output. [123002610100] |Update: You can use activate copy mode of GNU Screen also by Ctrl + Esc that might be more useful than Ctrl + a + [ shortcut (thanks to Yu-Jie Lin for this tip). [123002610110] |Information improvisation: You can get score highest marks in 000-119 exam using 642-971 and 642-481 which are prepared by top certified professionals, mcp certification 642-631; both are marvelous in their nature. [123002620010] |FAQ: How to change Duplex and/or Auto-Negotiation NIC settings in Linux? [123002620020] |Q: How to disable auto-negotiation option of my network interface card and set up half/full duplex mode manually from Linux command line (CLI)? [123002620030] |By the way, how to see current settings? [123002620040] |A: There are several Linux utilities coming with almost any distribution including Debian, Ubuntu, Fedora, RedHat, Mandriva, Centos whatever. [123002620050] |See details below. [123002620060] |ethtool [123002620070] |This is rather powerful utility can display and change settings of ethernet network interface card. [123002620080] |You can easily disable/enable autonegotiation option for your NIC, also it’s possible to manually set up duplex mode, configure wake-on-lan options, set speed settings. [123002620090] |Just look through full manual page for ethtool. [123002620100] |Here are several ethtool usage examples: [123002620110] |ethtool eth0 –shows current NIC settings [123002620120] |ethtool -s eth0 duplex half autoneg off –disables auto-negotiation, enables Half Duplex. ethtool -s eth1 duplex full speed 1000 autoneg off –disables auto-negotiation, enables Falf Duplex and sets up Speed to 1000 Mb/s. [123002620130] |mii-tool [123002620140] |According to manual it allows to manipulate and see media-independent interface status. [123002620150] |Let’s see examples: [123002620160] |bash-3.1# mii-tool eth0 eth0: negotiated 100baseTx-FD, link ok –shows 100 Mbps speed, Full Duplex, Auto-negotiation is on. bash-3.1# mii-tool eth0 -F 10baseT-HD –enables 10 Mb/s Half Duplex connection. [123002620170] |Information improvisation: Are you worried about 642-983 exam prep and Brain dumps? [123002620180] |Check out our latest resources for 650-251 dumps and F50-531 exam questions for practice with definite guarantee of 000-119. [123002630010] |FTP port forwarding through Linux router [123002630020] |Well, let’s imagine rather trivial situation: you have Linux router connected to Internet via e.g. ADSL modem and some local network comprising several computers and servers connected to that router via switches and/or Wi-Fi access points. [123002630030] |Done? [123002630040] |Ok. [123002630050] |There is one public IP assigned to WAN interface of the router while FTP server (of course run by Linux as well) has IP something like 192.168.123.14 or 172.16.*.* or 10.*.*.*. [123002630060] |Moreover you want to allow people to access your FTP from every corner of Internet… So, there are several ways how to apply this but let’s talk about how to achieve this by means of using port forwarding feature that is available in any router’s functions list. [123002630070] |So, let’s say we have the following configuration: [123002630080] |Internet <-> [a] router [b] <-> [c] FTP server [123002630090] |[a] is WAN interface with 212.213.214.215 (just an example) IP assigned to it, [b] is NIC with 192.168.0.1 and [c] is server’s interface with IP 192.168.0.2. [123002630100] |All what we need is that users from Internet can access FTP server using 212.213.214.215 IP and default 21 TCP port. [123002630110] |One of the main problems is that passive mode of FTP service uses any port from range 1024 to 65535 so it’s not enough to forward 21/20 ports to FTP server and let the ball rolling. [123002630120] |So, go to servers’ CLI and open configuration file of an FTP service. [123002630130] |It would be vsftpd, proftpd whatever. [123002630140] |Let’s say we have vsftpd so we have to add the following lines to /etc/vsftpd.conf: [123002630150] |pasv_min_port=12000 pasv_max_port=13000 [123002630160] |When changes are saved restart vsftpd server. [123002630170] |Now access router’s CLI and type the following: [123002630180] |iptables -t nat -I PREROUTING -d 212.213.214.215 -p tcp -m tcp --dport 21 -j DNAT --to-destination 192.168.0.1 iptables -t nat -I PREROUTING -d 212.213.214.215 -p tcp -m tcp --dport 12000:13000 -j DNAT --to-destination 192.168.0.1 [123002630190] |This will add netfilter port forwarding rules which will redirect traffic coming at routers’ public IP through 21 TCP port to FTP server and will properly handle passive FTP mode. [123002630200] |Wuala –it’s a finish. [123002640010] |Convert WMA to MP3 in Ubuntu [123002640020] |In order to convert WMA file into MP3 format in Ubuntu (or Debian) you should install the following requirements first: [123002640030] |1. mplayer (sudo aptitude install mplayer) 2. lame (sudo aptitude install lame) 3. win32 codecs (sudo aptitude install ubuntu-restricted-extras) [123002640040] |and then convert file.wma into file.mp3 using the following console command: [123002640050] |mplayer -vo null -vc dummy -af resample=44100 -ao pcm:waveheader file.wma;lame -m s -V 3 audiodump.wav;mv audiodump.wav.mp3 file.mp3;rm audiodump.wav [123002640060] |This also works for Fedora / Centos / Redhat family Linux distributions (requirements should be installed by yum package manager via third-party software repositories). [123002650010] |Find location of the program in Ubuntu [123002650020] |It’s rather trivial task for people who use Ubuntu for a long time but newbies usually have problems with adding program to startup if location of the program is unknown or it is required to specify full path to the program somewhere e.g. when opening attachment in mail client. [123002650030] |There are two most popular ways to find this out: [123002650040] |1. which gedit 2. type gedit [123002650050] |Both will show full path to certain program (gnome editor in our example): /usr/bin/gedit: [123002660010] |Open .docx documents in Linux (OpenOffice) [123002660020] |Well, as for now it is not a problem anymore to open Microsoft Office 2007 .docx documents in any Linux distribution coming with OpenOffice suit. [123002660030] |It may be Ubuntu (Feisty, Gutsy, Interpid whatever), almost any version of Fedora/RedHat/Centos, *SUSE, Mandriva and of course Debian (as per my personal opinion it’s the best one). [123002660040] |What is .docx actually? [123002660050] |It’s Microsoft’s file format representing word processor documents and named OpenXML (as an attempt to create open and free international standard). [123002660060] |Today .docx is default format for Microsoft’s word processor Word. [123002660070] |There are myriads of online converters between OpenXML and OpenOffice formats including .docx, .xlsx, .odt and many etc but sometimes it’s much more better to just open received .docx file in Linux offline (if there is temporarily no Internet connection or for security/private reasons etc). [123002660080] |So, just download the following package to certain directory like /usr/src, here are the commands to do it: [123002660090] |1. cd /usr/src 2. sudo wget http://blog.mypapit.net/imej/odf_filter.tar.bz2 [123002660100] |The next step is to unpack the contents of the archive (.tar.bz2 is definitely well compressed file) and copy 3 files to OpenOffice’s system directories: [123002660110] |3. sudo tar -xvjf odf_filter.tar.bz2 4. sudo cp OdfConverter /usr/lib/openoffice/program/ 5. sudo cp MOOXTypeDetection.xcu /usr/lib/openoffice/share/registry/modules/org/openoffice/TypeDetection/Types/ 6. sudo cp MOOXFilter_cpp.xcu /usr/lib/openoffice/share/registry/modules/org/openoffice/TypeDetection/Filter/ [123002660120] |As you can see from picture below now it’s possible to natively open .docx files in openoffice under Linux. [123002660130] |Of course such “native” support may imply some artefacts in opened files due to file formats incompatibility so it’s also a good option to ask your friends to convert .docs into .pdf before sending you [123002660140] |P.S. Thanks to guys from mypapit. [123002660150] |P.S. [123002660160] |Here are several online converters .doc(x) <-> .odf <-> .pdf: [123002660170] |1. ZAMZAR (possibly the best converter), 2. http://docx-converter.com/. [123002670010] |Use iTunes in Linux including Apple Music Store [123002670020] |Quick Introduction to iTunes [123002670030] |Apple iTunes is one of the most popular proprietary digital media players in the whole world. [123002670040] |Using this no doubts outstanding application you can organize, play music/video files in very comfortable and user friendly way (it’s not an advertisement but real truth). [123002670050] |Moreover iTunes is the only way to access Apple’s onilne music store and thus people often seeks the possibility to seamlessly access it after moving to Linux from Mac or Windows. [123002670060] |Well, unfortunately Apple doesn’t believe in magic so there is no native support of iTunes in Linux. [123002670070] |At the same time none would deny that Wine does and guys from this project do their best to make things with iTunes in Linux better. [123002670080] |In our example we use iTunes 7.3 which comes with Quick Time player 7.1.6, Apple iPhone support and of course iPods of any version, family and generation. [123002670090] |Install Apple iTunes 7.3 in Linux [123002670100] |1. Download iTunes 7.3 from apple.com or filehippo.com [123002670110] |2. Prepare Wine for itunes installation (if not installed do “apt-get install wine -y” or “yum install wine -y” in Ubuntu/Debian or Fedora/Redhat/Centos respectively): [123002670120] |$winecfg wine: creating configuration directory ‘/home/artemn/.wine’… fixme:midi:OSS_MidiInit Synthesizer supports MIDI in. [123002670130] |Not yet supported. wine: ‘/home/artemn/.wine’ created successfully. [123002670140] |Select your audio driver, it may be something like OSS or Alsa so use one u actually use Set Hardware Acceleration to “Emulation” option. [123002670150] |All other Wine settings are per your consideration e.g. Graphics tab. [123002670160] |3. Update richedit30 (Win32 Cabinet Self-Extractor): [123002670170] |cd ~/.wine/drive_c/windows/system32 mv richedit32.dll richedit32.bak mv richedit20.dll richedit20.bak wine richedit30.exe [123002670180] |Set richedit20.dll and richedit32.dll as native through winecfg. [123002670190] |4. $wine iTunesSetup.exe It will open iTune’s installation program under wine so you just install itunes as usually you did it in Windows. [123002670200] |If error happens just re-run installer. [123002670210] |See screenshot below: [123002670220] |5. Now you can start itunes and go through first run setup (all related screenshots are here). [123002670230] |Just don’t care about errors thrown into the console: [123002670240] |$ cd ~/.wine/drive_c/Program\ Files/iTunes $ wine itunes.exe [123002670250] |6. That’s it! [123002670260] |Now u can use iTunes in Linux as you did it before in other operatin system: [123002670270] |P.S. [123002670280] |By the way there are numerous Linux really native alternatives to itunes for comfortable music/video organizing and iPod management. [123002670290] |At the same time latter can’t be as native and seamless as it’s in iTunes because those playes use Apple’s proprietary file storage system. [123002670300] |But I definitely recommend banshee, amarok and… exaile [123002670310] |null [123002680010] |VMware server console keyboard problem in Ubuntu Intrepid Ibex [123002680020] |Few days ago I have upgraded my Ubuntu to latest 8.10 (Intrepid Ibex) and found that keyboard just doesn’t work in VMware Server Console. [123002680030] |The problem was that I couldn’t use keyboard under guest operating system including Windows, Linux etc. [123002680040] |After few hours of research I found simple solution which works for me: [123002680050] |$ setxkbmap $ echo "xkeymap.nokeycodeMap = true" >>~/.vmware/config [123002680060] |After this restart vmware-server-console and see if it helps. [123002680070] |If not you can see other solutions of the same problem at this site: http://nthrbldyblg.blogspot.com/2008/06/vmware-and-fubar-keyboard-effect.html [123002680080] |I hope it helps! [123002680090] |P.S. [123002680100] |Here are vmware-server-console’s libs I use: [123002680110] |Information improvisation: We are the world leaders in providing best 000-104 117-102 exams prep solutions. [123002680120] |Our incredible offers for 70-663 and 156-215.70 exams are accessible at reasonable prices; 650-195 is very rare in IT world sense. [123002700010] |Ubuntu Iptables Firewall [123002700020] |Ubuntu as any other Linux distribution comes with netfilter iptables as default firewall. [123002700030] |This is one of the best firewall software for Unix family operating systems: it allows to perform various filtering operations and makes it possible to match packets using numerous ways starting from data in IP packet header and ending with Layer 7 packet inspection (but this is another topic). [123002700040] |Below you can find a list of articles on the Web helping to understand the logic of Ubuntu iptables setup as well as create powerful firewall from your Ubuntu system: [123002700050] |1. Official Ubuntu Iptables How To: [123002700060] |There is a wealth of information available about iptables, but much of it is fairly complex, and if you want to do a few basic things, this How To is for you. [123002700070] |2. Simple firewall for Ubuntu using iptables [123002700080] |Don’t forget to look through page’s comments as there is a lot of useful staff there. [123002700090] |3. Setting Up An Iptables Firewall On Ubuntu With Firehol from Howtoforge: [123002700100] |FireHOL is a stateful iptables packet filtering firewall configurator. [123002700110] |It is abstracted, extensible, easy and powerful. [123002700120] |It can handle any kind of firewall, but most importantly, it gives you the means to configure it, the same way you think of it. [123002700130] |4. Basic sshd and iptables security in Ubuntu [123002700140] |5. Use iptables as firewall with a daemon on system startup [123002700150] |This howto is intended to set up a firewall without installing firestarter (useful if you don’t use any wm, eg: servers). [123002700160] |It uses iptables which is available with a fresh Ubuntu install, and a init.d script to run it as a daemon on boot. [123002700170] |6. Set up Ubuntu as a firewall/gateway router with webmin [123002700180] |7. Netfilter &Iptables in Ubuntu (French) [123002700190] |8. Set a custom firewall (iptables) and Tips [Beginners edition] [123002700200] |9. Set a custom firewall (iptables) and Tips [Advanced user only] [123002700210] |10. iptables premier [123002700220] |“Do I need a firewall?” is a FAQ on the Ubuntu Forums. [123002700230] |In order to answer that question we need to understand what you want to do accomplish by using (configuring) a firewall. [123002700240] |The purpose of this post is to introduce iptables and encourage appropriate use. [123002700250] |11. Block brute force attacks with iptables in Ubuntu or Turning away the bruters [123002700260] |Without proper protection your server is a sitting duck waiting for a bot to guess the right combination and hit the jackpot. [123002700270] |But with just 2 commands we can stop that. [123002700280] |Of course you can try google to find more articles about how to configure iptables in Ubuntu Linux but I am sure that above mentioned links will help you to move forward with configuring Ubuntu iptable and take the first steps on builing secure and stable iptables firewall box. [123002700290] | [123002710010] |Midnight Commander 4.6.2: Back to the future [123002710020] |
    Midnight Commander (mc) is one of the most popular console applications with text user interface that displays file system; it also has the ability to view the contents of RPM files, edit files (with powerful highlighting), connect to samba shares, ftp server etc. and etc. [123002710030] |Try "sudo apt-get install mc" in Ubuntu or "sudo yum install mc" in Fedora/Redhat/Centos to install this app. [123002710040] |After almost four years of stagnation developers of GNU Midnight Commander released fresh version of this mega popular file manager. [123002710050] |Well, good news for text file managers fans. [123002710060] |The latest version 4.6.2 contains numerous updates since previous version which were released in 2005, here are some of them: [123002710070] |Officially mc doesn’t support utf-8 locale while there is corresponding patch available. [123002720010] |Distribution of the week: BackTrack —Network Security Suite [123002720020] |BackTrack is Live distribution for penetration and security tests. [123002720030] |This is how its developers describe it. [123002720040] |But there are plenty of tools, utilities, programs behind this brief description. [123002720050] |Let’s dig into. [123002720060] |This distribution started from the merge of two ones: WHAX (or Whoppix) and Auditor Security Collection (the swiss army knife for security assessments). [123002720070] |The latest stable version (BackTrack 3) contains more than 300 tools (including such monsters as wireshark, nmap, hping and others) which will be appreciated by every security professional. [123002720080] |All tools are categorized into: [123002720090] |1. Information gathering 2. [123002720100] |Network Mapping 3. [123002720110] |Vulnerability Identification 4. [123002720120] |Penetration 5. [123002720130] |Privilage Escalation 6. [123002720140] |Maintaining Access 7. [123002720150] |Covering Tracks 8. [123002720160] |Radio Network Analysis (Wi-Fi and Bluetooth) 9. [123002720170] |VoIP and Telephony Analysis 10. [123002720180] |Digital Forensics 11. [123002720190] |Reverse Engineering [123002720200] |The full list of tools with descriptions you can find at official BackTrack wiki, screenshots and documentation are here. [123002720210] |Download Now: CD Image, USB Image. [123002720220] |More? [123002730010] |Mount remote filesystem via ssh protocol using sshfs and fuse [Fedora/RedHat/Debian/Ubuntu way] [123002730020] |
    Imagine the following situation: you have to compile some Linux/Unix application or kernel module that requires kernel source present at your hard drive, say, in /usr/src/kernels/kernel-2.6.21-i386/ or elsewhere. [123002730030] |But there is not enough disk space to copy these sources or install kernel-devel or linux-source packages (in Fedora/RedHat or Ubuntu/Debian distros respectively)… Sounds familiar? [123002730040] |Believe me, sometimes it happens [123002730050] |As a solution you can mount the directory of some remote PC that contains needed kernel source. [123002730060] |It can be done via several protocols like smb, ftp etc. [123002730070] |In this article we will mount remote directory using ssh protocol that is one the most popular for remote and secure access to Linux boxes over the network. [123002730080] |Below are the steps which should be taken to get the ball rolling. [123002730090] |We need two packages: sshfs and fuse-utils. [123002730100] |1. Install necessary packages: [123002730110] |a. Ubuntu/Debian: [123002730120] |sudo aptitude install fuse-utils sshfs [123002730130] |b. Fedora/Centos/RedHat: [123002730140] |yum install fuse-sshfs fuse fuse-libs [123002730150] |c. [123002730160] |Other Linux: download and compile sshfs/fuse from sources [123002730170] |2. Check that kernel module fuse is loaded: [123002730180] |lsmod | grep fuse [123002730190] |There should be the line containing “fuse” in the output (of not try modprobe fuse). [123002730200] |3. Mount remote filesystem using something like this (two commands): [123002730210] |mkdir -p /mnt/sshfs/ sshfs remote-user@remote-machine:/some/directory /mnt/sshfs [123002730220] |where remote-user is the username allowed to login remote-machine via ssh protocol. [123002730230] |It will ask you to type the password so just type it and press return [123002730240] |4. That’s it. [123002730250] |Good luck! [123002740010] |The fastest way to disable PC speaker in Ubuntu [123002740020] |There are several ways to disable usually noisy PC speaker in Ubuntu Linux (this is what beeps every time you wish to keep silent). [123002740030] |The fastest one is just to unload its kernel module/driver: [123002740040] |sudo modprobe -r pcspkr [123002740050] |Add the the line “blacklist pcspkr” to /etc/modprobe.d/blacklist to turn off the speaker forever [123002740060] |Information improvisation: Our 117-102 exam prep course braindumps oracle include the latest set of HP0-J41 practice questions and 642-974 dumps with 100% guarantee for victory in F50-532. [123002750010] |Watching HD Media on Linux made easy [123002750020] |This article is presented to you by LaptopLogic.com. [123002750030] |Go there to read the latest info on the top rated laptops and the best laptop accessories. [123002750040] |digg_url = http://www.linuxscrew.com/2009/04/01/watching-hd-media-on-linux-made-easy/;The High Definition (HD) content is everywhere these days, from HD and Blue Ray Discs to streaming HD media. [123002750050] |Although HD content gives best picture quality, it also uses a lot of computational power to decode and play. [123002750060] |This was made easy for Windows by the introduction of new drivers from graphics card manufacturers, Nvidia and ATI, which allowed the whole media to be decoded on the dedicated graphics card, saving cost in computational power, and the need to have a stronger processor. [123002750070] |Nvidia recently released a new set of drivers for Linux supporting PureVideo technology for its line of graphics hardware, enabling full hardware HD-decoding, and giving smooth HD content playback, even on less powerful computers. [123002750080] |The 180 series supports PureVideo decode acceleration. [123002750090] |These drivers adds a new VDPAU API, which provides PureVideo like features on Linux, adds CUDA support, X Render optimizations, new workstation performance optimizations and some other improvements. [123002750100] |The new versions offer optimizations and support for a wide range of Nvidia hardware, and is expected to improve with future releases. [123002750110] |Linux uses X-Video (Xv) as output extensions, where as X-Video MotionCompensation (XvMC) is an X-Video extension which offers some video decoding on GPU. [123002750120] |With the new drivers, Nvidia implements VDPAU (Video Decode and Presentation API for UNIX). [123002750130] |VDAPU is capable of hardware acceleration and the decoding of MPEG-1, MPEG-2, VC-1 and H.264 bit streams. [123002750140] |It also provides an API for post-processing of decoded video in order to apply operations such as noise reduction and temporal and spatial de-interlacing, timestamp-based presentation of final video frames, and compositing of sub-picture elements. [123002750150] |AMD also supports hardware acceleration through X-Video Bit stream Acceleration or XvBA API. [123002750160] |The recent drivers can take advantage of Unified Video Decoder (UVD2). [123002750170] |These new technologies are also supported by new video playback softwares, which can fully utilize the Graphics Hardware for video playback, providing smooth frames in HD and Blue-Ray movies. [123002750180] |The VDPAU supported players include libavcodec, mplayer and ffmpeg. [123002750190] |CUDA support is also provided with 180 series drivers for Linux, and it can also be used to accelerate videos, and also to do any processing involved, like CoreAVC 1.9.0 is the first media player to offer this decoding. [123002750200] |The video acceleration on Linux came late, but certainly, with these new advancements by Graphics chips manufacturers, Linux users will be able to experience HD media playback, even on less powerful systems. [123002760010] |Faces behind Linux —Part #1 [123002760020] |What/who you imagine when you hear the names “Ubuntu”, “Debian”, “Slackware”, etc? [123002760030] |Is this tux, penguin, disribution logo? [123002760040] |Have you ever wondered who is behind certain Linux distribution? [123002760050] |Ian Murdock (left) founded Debian while a student in 1993. [123002760060] |He named Debian after himself and his then-girlfriend Debra, now his ex-wife, thus Deb(ra) and Ian. [123002760070] |From Ian’s blog: [123002760080] |Debian was one of the first Linux distributions and arguably the first open source project that explicity set out to be developed in a decentralized fashion by a group of volunteers. [123002760090] |Today, over 1,000 volunteers are involved in Debian’s development, and there are millions of Debian users worldwide. [123002760100] |Mark Shuttleworth (right) who founded Ubuntu Linux was the second space tourist and one of Debian’s key developers. [123002760110] |His biography is too interesting to be published here so just use google to get more facts. [123002760120] |Mark: [123002760130] |I can pay, however, because ten years ago when I was still studying at the University of Cape Town in South Africa… Linux allowed me to compete with the best companies in the world, without any obstacles between me and success. [123002760140] |That made me a billionaire; so I could fly into space and do many other wonderful things. [123002760150] |Gaël Duval (left) was born 1973. [123002760160] |He is a graduate of the Caen University in France where studied networks and documentary applications. [123002760170] |In July 1998, he created Mandrake Linux (now Mandriva Linux), a Linux distribution originally based on Red Hat Linux and KDE. [123002760180] |He was also a co-founder of MandrakeSoft (now merged in Mandriva) with Jacques Le Marois and Frédéric Bastok. [123002760190] |Gaël Duval was responsible for communication in the Mandriva management team until he was laid off by the company in March 2006, in a round of cost-cutting. [123002760200] |Duval suspected part of the reason for his dismissal was disagreement with management over the company’s future strategy, resulting in a lawsuit against the company. [123002760210] |Gael: [123002760220] |It was clear for me that Linux had the potential to be an excellent alternative to Windows, or maybe even a full replacement, and at the time I thought that it would be good to provide a Linux distribution that would be as easy to use as Windows. [123002760230] |Patrick Volkerding (right) was born 20th October 1966. [123002760240] |He is the founder and maintainer of the Slackware Linux distribution. [123002760250] |He is the “Slackware Benevolent Dictator for Life”. [123002760260] |Volkerding earned a Bachelor of Science in computer science from Minnesota State University Moorhead in 1993. [123002760270] |Patrick in 1994: [123002760280] |Linux is my big fun project right now –gets pretty crazy sometimes trying to keep up with all of the development going on; for instance, last week the new C libraries, GCC, and kernel were all released within a couple days of each other. [123002760290] |Luckily, I like keeping my machine current. [123002760300] |Judging from the mail I get when things fall a bit behind, so does everyone else. [123002760310] |Daniel Robbins (left) is best known as a founder of Gentoo Linux project. [123002760320] |During his time as a system administrator at the University of New Mexico in Albuquerque Robbins first came into contact with Linux. [123002760330] |He became a developer on Stampede Linux, and later formed his own distribution Enoch Linux, which was later renamed Gentoo in 2002. [123002760340] |Daniel in 2007: [123002760350] |The logic is as follows: it is impossible to write a kernel module without it being a derivative work of the kernel, which is GPL, so in turn the module itself must be distributed under the terms of the GPL and thus cannot be binary-only/proprietary in nature. [123002760360] |To be continued… [123002770010] |Tiny bash scripts: check Internet connection availability [123002770020] |Sometimes it is necessary to check whether server you want to run some big bash script is connected to Internet. [123002770030] |Usually it makes sense while running scripts periodically using cron. [123002770040] |Below is the tiny bash script for this purpose: [123002770050] |As you see it tries to download google’s index page, if it’s not empty script returns “yes”, if there is not Internet connection available script will return “no”. [123002770060] |If it is impossible to fetch the page in more than 5 seconds script will return “no” as well. [123002770070] |Anything to add? [123002770080] |You are welcome! [123002780010] |Sort CLI output by line length [123002780020] |Want to sort file contents by each line’s lenght? [123002780030] |No problems: [123002780040] |For reverse sort, use the following command: [123002780050] |Source: www.opennet.ru [123002780060] |Information improvisation: Check out our latest 70-620 dumps ccda certification written by our 646-046 certified teams to help you in pass real HP2-Z16 exam NS0-153 dumps. [123002790010] |Install Ubuntu Chromium browser (Google Chrome for Linux) [123002790020] |Update: Using Ubuntu Lucid Lynx? [123002790030] |Here is corresponding article for you: Install Google Chrome (Chromium) on Ubuntu Lucid Lynx. [123002790040] |One of the easiest way to try Chromium browser in Ubuntu Linux (Google Chrome browser for Unix/Linux operating system is named as Chromium) is to use daily binary builds at https://launchpad.net/chromium-project. [123002790050] |Today Ubuntu is the most popular Linux disributions for desktops so there are daily builds available for the following Ubuntu versions: hardy, intrepid, jaunty, karmic. [123002790060] |First let your Ubuntu know where it should find chromium-browser deb package: [123002790070] |vi /etc/apt/sources.list [123002790080] |add the following lines: [123002790090] |deb http://ppa.launchpad.net/chromium-daily/ppa/ubuntu jaunty main deb-src http://ppa.launchpad.net/chromium-daily/ppa/ubuntu jaunty main [123002790100] |Replace jaunty with hardy, intrepid or karmic depending which version you run at your computer. [123002790110] |If you feel this information is not sufficient for you, follow this link to get Ubuntu official information on this matter or follow Launchpad help. [123002790120] |The next step is to install Chromium browser: [123002790130] |sudo apt-get update sudo apt-get install chromium-browser or sudo aptitude install chromium-browser [123002790140] |Once you press enter Ubuntu will download around 18 MB of data from launchpad’s server and will install Chromium with gnome menu entries and shortcuts. [123002790150] |Now you can go to System menu –>Internet –>Chromium Web Browser in order to launch Google browser. [123002790160] |Ubuntu Chromium Google browser (Google Chrome Ubuntu) [123002790170] |As you might know there is still no official release of chromium/chrome available for Linux, so these daily builds from launchpad are for testing/observations purposes only. [123002790180] |For example, there is no flash plugin available so you will be able to see html pages like this one and no swf/flash content. [123002790190] |Anyway thanks to Google for great browser which has all chances to become “browser number one” for Linux or even for the rest of operating system such as Windows or Mac. [123002790200] |Who knows? [123002790210] |You might also find this page using Google and the following keywords: Ubuntu Chrome, Google Chrome Ubuntu, Chrome for Ubuntu and others. [123002790220] |Information improvisation: Remarkable online HP0-S23 and a+ braindumps training programs will lead you to success in the 350-050 and HP2-E31 exams. [123002790230] |We also offer latest 642-731 dumps with 100% success guarantee. [123002800010] |Postgresql: show tables, show databases, show columns [123002800020] |PostgreSQL is one of the best database engines for an average web project and many who moves to psql from mysql (for example) often ask the following questions: what is the analog of “show tables” in postgres? or how can I get the list of databases in postgres like “show databases” in mysql? [123002800030] |The answers are short: [123002800040] |mysql: SHOW TABLES postgresql: \d postgresql: SELECT table_name FROM information_schema.tables WHERE table_schema = 'public'; [123002800050] |mysql: SHOW DATABASES postgresql: \l postgresql: SELECT datname FROM pg_database; [123002800060] |mysql: SHOW COLUMNS postgresql: \d table postgresql: SELECT column_name FROM information_schema.columns WHERE table_name ='table'; [123002810010] |Google Chrome Operating System [123002810020] |Here is astonishing news I came across today at Google Official Blog: [123002810030] |We’re announcing a new project that’s a natural extension of Google Chrome — the Google Chrome Operating System. [123002810040] |It’s our attempt to re-think what operating systems should be. [123002810050] |Google Chrome OS is an open source, lightweight operating system that will initially be targeted at netbooks. [123002810060] |Later this year we will open-source its code, and netbooks running Google Chrome OS will be available for consumers in the second half of 2010. [123002810070] |Because we’re already talking to partners about the project, and we’ll soon be working with the open source community, we wanted to share our vision now so everyone understands what we are trying to achieve. [123002810080] |… [123002810090] |The software architecture is simple — Google Chrome running within a new windowing system on top of a Linux kernel. [123002810100] |Read more >> [123002810110] |Another pulications on the topic: [123002810120] |1. Alas, poor Microsoft at PCWorld 2. [123002810130] |Google Chrome: Lookout Windows and OS X at Gizmodo 3. [123002810140] |Google Chrome lives at arctechnica [123002820010] |Visual Linux HTML editor [123002820020] |This post is dedicated to quality html editors for Linux and Ubuntu operating system in particular. [123002820030] |You may think that nowadays nobody uses offline editors as there are so many content management systems (CMS) like Drupal (my favourite one), Wordpress, Joomla etc. which contain embedded visual html editors. [123002820040] |But today I made sure myself that sometimes it’s real pain to draw a 10×20 table using Wordpress’s editor… [123002820050] |Text editors like gedit, emacs, nano or vi will certainly live forever but thankfully there are numerous visual html editors for my Ubuntu They are sometimes called WYSIWYG editors, it mean “What You See Is What You Get”. [123002820060] |1. Quanta Plus [123002820070] |This is KDE/Qt visual html editor available as binary package for numerous Linux distributions including Debian and Ubuntu. [123002820080] |From developers’ site: [123002820090] |Quanta Plus is a highly stable and feature rich web development environment. [123002820100] |The vision with Quanta has always been to start with the best architectural foundations, design for efficient and natural use and enable maximal user extensibility. [123002820110] |In order to install it in Debian/Ubuntu run the following CLI command: [123002820120] |sudo apt-get install quanta [123002820130] |Fedora, Centos, Redhat users type this: [123002820140] |sudo yum install kdewebdev [123002820150] |I found Quanta html editor extremely useful, this is just an outstanding application of this field. [123002820160] |2. Bluefish [123002820170] |Bluefish is a powerful editor targeted towards programmers and webdesigners, with many options to write websites, scripts and programming code. [123002820180] |Bluefish supports many programming and markup languages, and it focuses on editing dynamic and interactive websites. [123002820190] |I found this really versatile html editor. [123002820200] |Besides HTML/CSS it handles C, Java, Perl, Python, XML and others. [123002820210] |Ubuntu and Debian users type: [123002820220] |sudo apt-get install bluefish [123002820230] |Fedora/Redhat/Centos: [123002820240] |sudo yum install bluefish [123002820250] |Gentoo: [123002820260] |emerge bluefish [123002820270] |3. Screem [123002820280] |SCREEM is a web development environment. [123002820290] |It’s purpose is to increase productivity when constructing a site, by providing quick access to commonly used features. [123002820300] |While it is written for use with the GNOME desktop environment in mind it does not specifically require you to be running it, just have the libraries installed. [123002820310] |This is one of the most user-friendly Gnome HTML editor. [123002820320] |Its simple interface brings extremely powerfull HTML editor so if like minimalistic design Screem is your choice. [123002820330] |Update: below is the bottom line from Linux.com’s review of three Linux HTML editors (Quanta Plus, Blowfish, Screem). [123002820340] |I found that review after I wrote this post. [123002820350] |
  • If you use GNOME, use Screem. [123002820360] |It’s a fast, simple, and powerful tool for web editing. [123002820370] |However, it does not have the large feature sets that Bluefish and Quanta Plus have, especially for languages other than those directly related to Web page editing.
  • [123002820380] |
  • If you use GNOME and need the more powerful features of Quanta Plus, load the required libraries and run it.
  • [123002820390] |
  • If you use KDE and want a code editor, choose Quanta Plus. [123002820400] |Ignore the WYSIWYG capabilities and take advantage of the tremendous editing capabilities, especially for CSS style sheets.
  • [123002820410] |
  • If you use Xfce, Quanta Plus should run fine. [123002820420] |Screem would still require loading additional libraries.
  • [123002820430] |
  • Finally, if you use GNOME, find that Screem does not meet all your needs, and you don’t want to bother with loading the KDE-native Quanta Plus, then load Bluefish. [123002820440] |It is nearly as capable as Quanta Plus, but will run well without a lot of fussing with libraries.
  • [123002820450] |Information improvisation: Pass your 70-293 exams in first try by using our guaranteed cissp exam questions HP0-Y31 tutorials and best quality 70-686 dumps along with HP0-S23. [123002830010] |Poker and Linux [guest post] [123002830020] |Most online poker players take it as a given that they are going to need Windows to play online poker on their favorite site. [123002830030] |Windows is the most popular operating system anyway, so this isn’t even something most poker players worry about. [123002830040] |However, what if you are a Linux user? [123002830050] |Shouldn’t there be a way for you to play your favorite game with your favorite operating system? [123002830060] |Does Windows somehow have a monopoly on the online poker industry? [123002830070] |The answer is no. [123002830080] |In fact, you can play online poker using Linux. [123002830090] |One way to play at the best Linux poker sites is with the Wine application. [123002830100] |This is essentially an open source application that creates compatibility for Linux to run Windows programs. [123002830110] |No actual Windows software is necessary, as Wine mimics Windows using entirely non-Microsoft code. [123002830120] |However, the Wine application will allow you to run programs more commonly run in Windows, such as, in this case, online poker. [123002830130] |To get Wine, simply visit Wine HQ online to download/install Wine and WineTools. [123002830140] |After completing the setup process, you can run or install poker client software with the wine command. [123002830150] |Once complete, you should be able to enjoy online poker with your Linux operating system. [123002830160] |Wine enables online poker Linux play for such prestigious online poker sites as PokerStars, UltimateBet, Party Poker, Titan Poker and Paradise Poker. [123002830170] |If you are interested in another poker site, you can do some online research to see other sites that Wine allows Linux to work with, or you can experiment yourself. [123002830180] |However, the above sites probably represent about 90 percent of online poker traffic. [123002830190] |You should be able to get what you want using one of these services. [123002830200] |Once you’ve been able to install poker software and register for a site, you might want to spend some time watching the action before jumping in with your own money. [123002830210] |It’s free to watch, and you might learn a few things about poker from your Windows-using brethren that can help you earn more of their money down the road. [123002850010] |Google Chromium OS! [123002850020] |Today Google has announced operating system Google Chromium OS. [123002850030] |It still not ready to end users as is under deep development but now everyone can see its concepts, benefits and nature. [123002850040] |Astonishing news as for me. [123002850050] |There were a lot of rumors about Google OS (gos) before it was presented to the public in real. [123002850060] |Now it’s clear that the most promising OS these days is based on Linux kernel. [123002850070] |Let’s see what Google just have presented in details: [123002850080] |
  • All apps are web apps. [123002850090] |The entire experience takes place within the browser and there are no conventional desktop applications. [123002850100] |This means users do not have to deal with installing, managing and updating programs.
  • [123002850110] |
  • Because all apps live within the browser, there are significant benefits to security. [123002850120] |Unlike traditional operating systems, Chrome OS doesn’t trust the applications you run. [123002850130] |Each app is contained within a security sandbox making it harder for malware and viruses to infect your computer. [123002850140] |Furthermore, Chrome OS barely trusts itself. [123002850150] |Every time you restart your computer the operating system verifies the integrity of its code.
  • [123002850160] |
  • We are obsessed with speed. [123002850170] |We are taking out every unnecessary process, optimizing many operations and running everything possible in parallel. [123002850180] |This means you can go from turning on the computer to surfing the web in a few seconds.
  • [123002850190] |
  • Chromium OS User Interface Concepts (video)
  • [123002850200] |
  • Design Documents: Software Architecture, Security Overview
  • [123002850210] |VMware Virtual Machine with Chromium OS can be found here (torrent). [123002860010] |Problem with Vmware Server 1.0.* and kernel 2.4.37 [123002860020] |While today 2.6.32 is the mainline version of Linux kernel, 2.4 branch is still supported by Linux community developers who fix security bugs there but don’t add any new functionality (unlike 2.6 that grows with new features like a snowball). [123002860030] |Sometimes it happens that Linux box runs too much services which cannot be stopped so that admin is not allowed to migrate from 2.4 to 2.6 to keep those services online. [123002860040] |In my example the box runs 2.4.37.7 kernel but Vmware Server 1.0.* fails on it with segmentation fault throwing into the logs the errors below in this post. [123002860050] |Does that look familiar to anybody? [123002860060] |Is there any solution to run Vmware Server at 2.4.37 kernel? [123002860070] |Thank you! [123002880010] |13 Linux lethal commands [123002880020] |digg_url = http://www.linuxscrew.com/2009/12/03/13-linux-lethal-commands/;In this post I will collect all commands which SHOULD NEVER be executed in Linux. [123002880030] |Any of them will cause data loss or corruption, can freeze or hang up running system. [123002880040] |NEVER RUN THESE COMMANDS IN LINUX BOX CLI! [123002880050] |Even if somebody advises you in forum/im to do it. [123002880060] |1. Any of these commands will erase everything from your home directory, root or just will clear up whole disk: [123002880070] |
  • sudo rm -rf /
  • [123002880080] |
  • rm -rf .*
  • [123002880090] |
  • dd if=/dev/zero of=/dev/sda
  • [123002880100] |
  • mkfs.ext3 /dev/hda
  • [123002880110] |
  • whatever >/dev/hda
  • [123002880120] |
  • cd ~; for x in `ls`; do mv -f $x $y; y=$x; done
  • [123002880130] |
  • find -type f -mtime +30 -exec mv {} /dev/null \;
  • [123002880140] |
  • mv ~ /dev/null
  • [123002880150] |
  • mv / /dev/null
  • [123002880160] |2. Causes kernel panic or freezes Linux box: [123002880170] |
  • dd if=/dev/random of=/dev/port
  • [123002890010] |Google Public DNS: 8.8.8.8 and 8.8.4.4 [123002890020] |Today Google unveiled its new project: Google Public DNS. [123002890030] |It means now anybody can use Google’s DNS managed servers for resolving domain names into IP addresses and back. [123002890040] |According to Google it should speedup browsing as well as security. [123002890050] |Hope I won’t see adsense ads once tried to load expired domain name (that’s how OpenDNS acts today). [123002890060] |Here are easy-to-remember Google Public DNS IP addresses: 8.8.8.8 and 8.8.4.4. [123002890070] |In order to set up Google public DNS to your Linux settings place the following lines into /etc/resolv.conf: [123002890080] |nameserver 8.8.8.8 nameserver 8.8.4.4 [123002890090] |Use command dig @8.8.8.8 linuxscrew.com to test how long it takes to resolve linuxscrew.com: [123002890100] |artiomix@artiomix-laptop:~$ dig @8.8.8.8 linuxscrew.com ... ;; ANSWER SECTION: linuxscrew.com. 51844 IN A 69.164.195.222 [123002890110] |;; Query time: 80 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Thu Dec 3 21:53:29 2009 ;; MSG SIZE rcvd: 48 [123002900010] |Best of Linux Cheat Sheets [123002900020] |Below list of Linux cheat sheets can be used by everybody who administer Linux operating system including beginners/newbies and bearded gurus. [123002900030] |PDF | Command Line Interface (CLI), Security, Networking [123002900040] |
  • Unix/Linux Command Reference by fosswire.com
  • [123002900050] |
  • THE ONE PAGE LINUX MANUAL (A summary of useful Linux commands)
  • [123002900060] |LINUX System Call Quick Reference [123002900070] |
  • LINUX Admin Quick Reference
  • [123002900080] |
  • Linux quick reference card
  • [123002900090] |
  • Linux Shell quick reference guide
  • [123002900100] |
  • Linux Security Quick Reference Guide
  • [123002900110] |
  • tcpdump cheat sheet
  • [123002900120] |
  • Wireshark display filters
  • [123002900130] |
  • Netcat cheat sheet
  • [123002900140] |HTML | CLI, Gnome/KDE [123002900150] |
  • DOS to Linux cheatsheet
  • [123002900160] |
  • Unix toolbox
  • [123002900170] |
  • Treebeard’s Unix cheat sheet
  • [123002900180] |
  • Linux terminal shortcuts
  • [123002900190] |
  • Just Linux cheat sheet
  • [123002900200] |
  • Computerworld’s Linux cheat sheet
  • [123002900210] |
  • Linux CLI reference for common operations
  • [123002900220] |
  • Peter Lombardo’s Linux cheat sheet
  • [123002900230] |
  • EZ Linux Cheat Sheet
  • [123002900240] |
  • Gnome/KDE shortcuts
  • [123002900250] |
  • Linux related reference sheets by suso.com
  • [123002900260] |
  • Bonus: Linux/UNIX and Microsoft Cheat Sheet
  • [123002900270] |PDF | Linux Distributions Cheat Sheets [123002900280] |
  • Ubuntu
  • [123002900290] |
  • Debian
  • [123002900300] |
  • Top Ubuntu Cheat Sheets
  • [123002900310] |HTML/PDF | vi, sed, awk [123002900320] |
  • Vi Cheat Sheet
  • [123002900330] |
  • Vim Tips Cheat Sheet
  • [123002900340] |
  • Awk, Nawk Cheat Sheet
  • [123002900350] |
  • Sed Stream Editor Cheat Sheet
  • [123002900360] |
  • Vi/Vim Cheat Sheets (Lessons)
  • [123002900370] |Information improvisation: Our incredible deals of HP2-Q04 practice exam and free 642-467 dumps tutorials make your success certain for the final OG0-093 exam and you can get HP0-S30 exam dumps 642-456. [123002910010] |Sexy Christmas Wallpapers [123002910020] |Ho-ho-ho, see below a set of Sexy Christmas Wallpapers… [123002910030] |Happy holidays! [123002910040] |P.S. Previous hot post is here. [123002920010] |FAQ: How to install manual pages in Solaris? [123002920020] |In order to use install man pages for various commands in Solaris it is necessary to get two packages: SUNWman and SUNWdoc. [123002920030] |You can check if they are already installed using commands ‘pkginfo SUNWdoc' and 'pkginfo SUNWman', or just try ‘man man‘. [123002920040] |If they are not present in your system you can install them from Solaris 10 cd-rom (I guess you’re using exactly this version of Sun’ operating system): [123002920050] |1. Mount cd-rom: [123002920060] |mount -F hsfs /dev/dsk/c0t1d0s2 /mnt/ [123002920070] |where c0t1d0s2 is identifier of your cd-rom and may differ from system to system. [123002920080] |2. Install Packages: [123002920090] |pkgadd -d /mnt/Solaris_10/Product SUNWman pkgadd -d /mnt/Solaris_10/Product SUNWdoc [123002930010] |Cisco GRE example setup [123002930020] |Hosts from LAN1 should be able to access hosts at LAN2 and vice-versa through GRE tunnel between R1 and R2. [123002930030] |ISP doesn’t care what networks are behind R1 and R2 so the only way to establish connection between LAN1 and LAN2 is to use VPN, in this example we use GRE. [123002930040] |GRE setup example topology [123002930050] |R1’s startup-config (part of it) [123002930060] |! [123002930070] |R2’s startup-config (part of it) [123002930080] |! [123002930090] |Results [123002940010] |Install Ruby 1.8.7 from sources in Centos 5.5 [123002940020] |Centos 5.5 official repository is rather outdated for today so the latest Ruby available there is 1.8.6. [123002940030] |If you need a newer version e.g. 1.8.7 you should install if from sources: [123002940040] |0. Install prerequisites: [123002940050] |1. Download the latest version of Ruby from project’s FTP: [123002940060] |2. Check ruby’s version is 1.8.7: [123002940070] |That’s it! [123002950010] |Fastest way to create ramdisk in Ubuntu/Linux [123002950020] |I hope many of you will agree that sometimes it’s really good idea to have some small amount of RAM mounted as a filesystem. [123002950030] |It may be necessary when running some bash or perl script that handles, say, thousands of small files so it’s much more effective not to waste computer resources on reading/writing data on hard disk but keep those files directly in memory. [123002950040] |This idea is known as Virtual RAM Drive or ramdisk and can be setup in Ubuntu or almost any other Linux distribution using the following commands under root (to become root in Ubuntu use "sudo -s“): [123002950050] |# mkdir /tmp/ramdisk; chmod 777 /tmp/ramdisk # mount -t tmpfs -o size=256M tmpfs /tmp/ramdisk/ [123002950060] |where 256M is amount of RAM you wish to allocate for ramdisk. [123002950070] |It’s clear that this value should be less than amount of free memory (use “free -m“). [123002950080] |BTW, if you specify too many MBs for ramdisk Linux will try to allocate it from RAM and then from swap so resulting performance would be very poor. [123002960010] |16 GB encrypted candy [123002960020] |Update: as far as cryptoloop is vulnerable and is not maintained I don’t recommend using below approach for creating encrypted for for those of you who require strong security. [123002960030] |Use truecrypt to create encrypted filesystem within a file instead. [123002960040] |Today it came to my mind that it is time to make sensitive information stored on my usb flash drive encrypted but still transportable and easy to use. [123002960050] |But I don’t want to have whole my 32 GB usb drive fully encrypted using truecrypt or something similar. [123002960060] |It is just toooo slow. [123002960070] |I also don’t want to use GPG for uncompressing files and directories every time I would like to read them and then create new GPG compressed file every time I save changes. [123002960080] |This eats too much of my time and system resources. [123002960090] |At the same time it is necessary to be able to use that usb drive under windows, mac, linux whatever (read/write files) but still have my directory structure with sensitive files encrypted. [123002960100] |Here is the solution: create encrypted filesystem within a file named, say, 16GB.candy.bin that could be stored on regular windows formatted usb flash drive and then mounted under Linux using the password. [123002960110] |When it becomes necessary I can mount that 16GB.candy.bin as the regular ext3 filesystem with all those stuff like permissions, ownership etc. that is available on ext3 but not in FAT or NTFS. [123002960120] |On my windows formatted flash drive candy takes only 16 GB so I can use the rest of space to store not so sensitive information like mp3, movies or photos. [123002960130] |Moreover I on windows or linux to read it. [123002960140] |Let’s create that 16GB.candy.bin file with encrypted ext3 filesystem (read below explanations below carefully before just to copy/paste commands into CLI): [123002960150] |[root@artemn root]# cd /path/to/candy/ [root@artemn root]# modprobe cryptoloop [root@artemn root]# modprobe aes [root@artemn root]# dd if=/dev/urandom of=16GB.candy.bin bs=1048576 count=16000 [root@artemn root]# losetup -e aes /dev/loop0 16GB.candy.bin [root@artemn root]# mkfs.ext3 /dev/loop0 [root@artemn root]# tune2fs -i 0 -c 0 /dev/loop0 [123002960160] |Here are some points: using above commands we create encrypted file of 16 GB so if you need to have more or less just change “count=16000″ in dd line. “count=16000″ means 16GB so “count=20″ means 20MB. [123002960170] |Path ‘/path/to/candy/’ is for example only so you should change it to real directory that is able to host encrypted file (16 GB in above example). [123002960180] |Command losetup is present in most Linux distributions (btw I recommend Ubuntu especially newly released Lucid Lynx) but if it is not use your disro’s packet manager to install it or compile from sources (for super geeks only, Mr. Stallman if you read this article —Hello). [123002960190] |Reader, you can replace “/dev/urandom” in dd line with “/dev/zero” that will make that command to finish faster but will lower security level of resulting file (read about AES for better understanding). [123002960200] |You will need to enter the password when running losetup command so make sure it safe and long enough like ‘6U2sAsR37Hn8122dGsaPrew1twt’ but not ‘abc123′ or ‘iloveyou’. [123002960210] |Once commands are done you will get 16GB.candy.bin containing encrypted ext3 filesystem. [123002960220] |You can store this file where ever you want, say, on a flash drive. [123002960230] |If you loose it nobody won’t be able to open it until he (or she!) cracked AES encryption (use long passwords to prevent this). [123002960240] |As the next step it is required to mount filesystem and store some files/directories in it: [123002960250] |[root@artemn root]# mkdir -p /mnt/candy [root@artemn root]# cd /path/to/candy/ [root@artemn root]# mount -t ext3 -o loop,encryption=aes 16GB.candy.bin /mnt/candy [root@artemn root]# cd /mnt/candy [root@artemn root]# #save files, edit them, view or anything you want [root@artemn root]# cd / [root@artemn root]# umount /mnt/candy [123002960260] |When you unmount 16GB.candy.bin the changes are already saved there so it’s not required to compress and encrypt anything unlike with GPG. [123002960270] |P.S. [123002960280] |This post is inspired by Loopback tricks article. [123002960290] |Thanks to the author. [123002960300] |Good luck! [123002980010] |Create Encrypted Filesystem Within a File (truecrypt way) [123002980020] |Some time ago I’ve written an article named 16 GB encrypted candy file describing how to create encrypted filesystem within regular file. [123002980030] |After quick research it became clear that cryptoloop is vulnerable and there is open exploit available on the web: see it here (thanks to everybody who commented that article). [123002980040] |So I don’t recommend to use cryptoloop but instead take a look at truecrypt that makes it possible not only to encrypt whole storage but also to create encrypted file just like I’ve described in 16 GB encrypted candy file article. [123002980050] |Truecrypt is cross platform disk/file encryption software that is available for windows, mac os and linux. [123002980060] |In order to get started visit www.truecrypt.org site and download the latest version of this software (direct link) and install it: [123002980070] |cd /usr/src sudo -s wget -c http://www.truecrypt.org/download/truecrypt-6.3a-linux-x86.tar.gz tar -xvzf truecrypt-6.3a-linux-x86.tar.gz ./truecrypt-6.3a-setup-x86 exit [123002980080] |When installation is finished you will see Trucrypt item in Gnome menu (if not or use different X manager —type truecrypt in command line). [123002980090] |Here how it looks like: [123002980100] |In order to create encrypted file press “Create Volume” button and follow instructions: [123002980110] |Use long passwords like “e07910a06a086c83ba41827aa00b26ed” instead of “123″ or “iloveyou”: [123002980120] |Once encrypted candy is created you can store it on usb flash drive or elsewhere, it doesn’t matter how that storage is formatted —it can be CD or windows formatter ipod. [123002980130] |Use the same utility to open the file —press “Select File” and point to newly created encrypted file, then choose first slot and select “Mount Volume” in drop down menu (it will ask for your sudo password and then password you typed when created the file): [123002980140] |As the result encrypted filesystem will be mounted into /media/truecrypt1 directory: [123002980150] |Copy your sensitive files there and unmount /media/truecrypt1 when done (select “Dismount” in drop down menu). [123002980160] |Good luck! [123002990010] |Install Google Chrome (Chromium) on Ubuntu Lucid Lynx [123002990020] |There are several approaches to install Google Chrome browser for Linux (another name Chromium) in Ubuntu Lucid Lynx. [123002990030] |According to the first approach you can download deb package compatible with Ubuntu Lucid Lynx just from Google Chrome website (direct link to deb) and get it installed using dpkg command line utility or gdebi (just open downloaded deb file with double-click). [123002990040] |Currently it is available as a beta so every time Google upgrades their google-chrome-beta_current_i386.deb package you will need to download fresh one and install it again over existing package. [123002990050] |This is not so effective as using apt package manager with Google Chrome repository for easy installation and automatic upgrades. [123002990060] |Once you installed Ubuntu Lucid Lynx on your computer and connected it to Internet open terminal (command line) and type there the following: [123002990070] |sudo aptitude update sudo aptitude install google-chrome-beta [123002990080] |This will install the latest version of Google Chrome (Chromium) browser and also will keep it up to date (Ubuntu checks for updates periodically and will notify you if fresh packages are available). [123002990090] |Instead of using command line you can try Synatic Package manager that comes with Ubuntu Lucid Lynx by default and makes it possible to select packages to install without any commands. [123002990100] |To open it go to System –>Administration –>Synaptic Package Manager, mark google-chrome-beta for installation and press Apply button. [123002990110] |In a few minutes Google Chrome will be installed and appear in Applications –>Internet Gnome menu. [123002990120] |As for me Chrome is much more faster than other browser I’ve been using for a long time like Firefox and Opera but due to lack of extensions I wouldn’t recommend Google Chrome as primary browser. [123002990130] |The most important extension for me is Nagios checker that is still in early stage of development for Chrome. [123002990140] |Anyway here is official repository of Chrome extensions: https://chrome.google.com/extensions, there are not so many plugins as for Firefox but growing. [123002990150] |Good browsing with Google Chrome! [123003000010] |radiotray: online radio player for Ubuntu [123003000020] |Just came across smart ubuntu online radio client —radiotray. [123003000030] |As it comes from its name radiotray sits in Ubuntu’s system tray and just plays online radio (see the screenshot taken on my Ubuntu Lucid Lynx). [123003000040] |You can of course stop playing or select different channel (there are four channels coming by default). [123003000050] |I found this utility useful when working as it doesn’t required to keep in RAM such monster like amarok just for listening the radio. [123003000060] |Nice and simple application. [123003010010] |youtube-dl: download youtube videos in Ubuntu using command line [123003010020] |If you use Ubuntu (or other Linux distribution) and you wish to download some video from youtube.com into .flv file you can try using youtube-dl command line utility. [123003010030] |It just downloads videos without any online applications, converters or etc. [123003010040] |Type the following command in terminal to get it installed: [123003010050] |sudo apt-get install youtube-dl Let’s imagine you would like to download the following video: http://www.youtube.com/watch?v=2leg8mUE9rs (this is part of Military Parade at Red Square in Russia at 9th of May 2010). [123003010060] |Just run youtube-dl download utility as follows: [123003010070] |youtube-dl http://www.youtube.com/watch?v=2leg8mUE9rs [123003010080] |and in a few minutes you will get 2leg8mUE9rs.flv file that could be viewed using almost any video player like my favorite one VLC. [123003020010] |Access real Cisco routers and switches for free [123003020020] |Preparing for Cisco certification exam and need real equipment required to accomplish all those CCNA or CCNP labs? [123003020030] |That’s not a problem any more. [123003020040] |This is due to availability of Packet Tracer for Linux and Community Lab hosted by people behind packetlife.net. [123003020050] |As for Packet Tracer it supports Linux natively now —Cisco offers it as deb package for Ubuntu or Debian and there is no need to use Wine to get Packet Tracer working in Linux. [123003020060] |Try searching the web for “packet tracer deb” and I am sure you’ll find where to download desired file shortly (we do not share pirated content here). [123003020070] |Anyways sometimes Packet Tracer as like as dynamips/gns3 are not a panacea when it’s necessary to emulate mid-sized network or test some specific ios features on real Cisco devices. [123003020080] |There are several options: the first and the easiest one means to buy Cisco device. [123003020090] |But we all know that Cisco’s pricing policy is far away from democratic in application to individual users so even used or refurbished Cisco router/switch will cost enough to think about another option. [123003020100] |Second option is to schedule access to Community Lab at packetlife.net. [123003020110] |Nice to know the access to it is absolutely free so anyone can get logon to Cisco routers, switches or ASAs once user reached his/her timeslot. [123003020120] |Here is the list of hardware you can have access to (there are multiple devices of the same model): [123003020130] |Cisco ASA 5505 Cisco 2811 (2xWIC-2T) Cisco 1841 (1xWIC-2T) Cisco Catalyst 3550-24 [123003020140] |Not bad for free lab as for me. [123003020150] |The lab is broken into two blocks so user can reserve only one block or both blocks simultaneously. [123003020160] |This is to make it possible to access the lab by multiple users simultaneously. [123003020170] |Devices are connected to each other according to predefined topology —see separate diagrams for Ethernet and Serial connections below (they are split to prevent overhead on the graph I guess). [123003020180] |All documentation as well as FAQs can be found here: here and here. [123003020190] |Thanks to Jeremy Stretch. [123003020200] |P.S. [123003020210] |By the way if you can share any other similar labs allowing people on the web to access Cisco (or some other networking devices) —you are welcome to share this information here. [123003020220] |Thanks! [123003030010] |Linux as slave USB drive? [123003030020] |Does anybody know if it’s possible to make Ubuntu/Linux laptop to work as a usb slave drive? [123003030030] |Here are people who also need this but still didn’t find any workable solution: http://ubuntu-ky.ubuntuforums.org/showthread.php?p=7780737 [123003040010] |Split huge files in Ubuntu or any other Linux distro [123003040020] |Recently I’ve bought WD TV media player for streaming full HD movies (primarily in 1080p resolution) to my home TV from external storage like usb HDD or ipod classic. [123003040030] |You might already know that size of average HD movie rip is more than 4GB (e.g. full HD Avatar movie image is literally 21 GB mkv file) so it’s just impossible to store such huge files on any FAT32 formatted HDD or ipod. [123003040040] |My ipod classic 160 GB is windows formatted so it uses FAT32 filesystem where maximum file size is 4 GB. [123003040050] |As far as ipod cannot be formatted into ext3 but still be able to play music (just sweet dreams) I have to split huge files to 3.99GB parts and store them to my ipod for later reassemble. [123003040060] |When it’s time to watch the some HD movie stored at ipod it’s required to assemble those 3.99 GB parts into one solid file, transfer it to media player and then actually watch the movie. [123003040070] |Rather long preface but solution is quite simple. [123003040080] |If u run Ubuntu you can try lxsplit utility for breaking files into parts (binary packages for other Linux distributions as well as source code are available at lxsplit project’s homepage.): [123003040090] |sudo apt-get install lxsplit [123003040100] |In order to split some file in 3.99GB parts use the following command: [123003040110] |lxsplit -s /path/to/hugemoviefile.mkv 3999M [123003040120] |Depending on size of hugemoviefile.mkv you will get several parts hugemoviefile.mkv.001, hugemoviefile.mkv.002 and so on stored in current directory. [123003040130] |It means that if you’re going to store those parts on some external storage like ipod you can do the following: [123003040140] |cd /media/ipod/ lxsplit -s /path/to/hugemoviefile.mkv 3999M [123003040150] |and hugemoviefile.mkv.001.. will saved in /media/ipod/ directory regardless where hugemoviefile.mkv is located. [123003040160] |Now coming to assembling procedure. [123003040170] |It’s just as easy as splitting: [123003040180] |lxsplit -j hugemoviefile.mkv.001 [123003040190] |Once done you will get hugemoviefile.mkv saved in current directory. [123003040200] |Have an interesting article? [123003040210] |You’re welcome to contact me and get it published at LinuxScrew.com! [123003060010] |How to monitor traffic at Cisco router using Linux (Netflow) [123003060020] |By default Cisco IOS doesn’t provide any traffic monitoring tools like iftop or iptraff available in Linux. [123003060030] |While there are lots of proprietary solutions for this purpose including Cisco Netflow Collection, you are free to choose nfdump and nfsen open source software to monitor traffic of one or many Cisco routers and get detailed monitoring data through your Linux command line or as graphs at absolutely no cost. [123003060040] |Below is beginner’s guide that helps to quickly deploy netflow collector and visualizer under Linux and impress everybody by cute and descriptive graphs like these: [123003060050] |It is highly recommended to look through Netflow basics to get brief understanding of how it works before configuring anything. [123003060060] |For example, here is Cisco’s document that gives complete information about Netflow. [123003060070] |In a few words to get started you should enable netflow exporting on Cisco router and point it to netflow collector running under Linux. [123003060080] |Exported data will contain complete information about all packets the router has received/sent so nfdump and nfsen working under Linux will collect it and visualize to present you the graph like above example. [123003060090] |Cisco Router Setup [123003060100] |1. Enable flow export on ALL Cisco router’s interfaces that send and receive some traffic, here is an example: [123003060110] |2. Setup netflow export: [123003060120] |Where 1.1.1.1 is IP address of Linux host where you plan to collect and analyze netflow data. [123003060130] |23456 is port number of netflow collector running on Linux. [123003060140] |Linux Setup [123003060150] |1. Download and install nfdump. [123003060160] |2. Download and install nfsen. [123003060170] |It requires web server with php module and RRD so make sure you have the corresponding packages installed. [123003060180] |I hope you’re running httpd with php already so below are rrd/perl related packages installation hints only. [123003060190] |Fedora/Centos/Redhat users should type this: [123003060200] |Ubuntu/Debian: [123003060210] |If you run some exotic Linux distribution just install everything that is related to rrd + perl. [123003060220] |At last, nfsen installation: [123003060230] |In order to continue you should edit file etc/nfsen.conf to specify where to install nfsen, web server’s username, its document root directory etc. [123003060240] |That file is commented so there shouldn’t be serious problems with it. [123003060250] |One of the major sections of nfsen.conf is ‘Netflow sources’, it should contain exactly the same port number(s) you’ve configured Cisco with —recall ‘ip flow-export …’line where we’ve specified port 23456. [123003060260] |E.g. [123003060270] |Now it’s time to finish the installation: [123003060280] |In case of success you’ll see corresponding notification after which you will have to start nfsen daemon to get the ball rolling: [123003060290] |From this point nfdump started collecting netflow data exported by Cisco router and nfsen is hardly working to visualize it —just open web browser and go to http://linux_web_server/nfsen/nfsen.php to make sure. [123003060300] |If you see empty graphs just wait for a while to let nfsen to collect enough data to visualize it. [123003060310] |That’s it! [123003070010] |How to assign range of IP addresses in Linux? [123003070020] |As we know Linux allows to assign almost unlimited number of IP addresses to its interfaces. [123003070030] |Such additional IPs applied to the same NIC are known as secondary IP addresses or just secondaries. [123003070040] |Some time ago i faced a problem on how to apply about 500 IP addresses to one Linux box and then ensure that all of them get online after Linux reboots. [123003070050] |There are several ways to accomplish this taks so i would like to share them all. [123003070060] |

    Shell script with ifconfig commands

    [123003070070] |This is one of the most inefficient ways to get many IP addresses applied to one network interface. [123003070080] |Anyways it allows to create as many aliases for the interface as you like so you should create shell script and execute it every time Linux boots. [123003070090] |Now you should add there shell lines which will apply IP addresses, e.g. the following one applies 60 IP addresses to eth0 interface: [123003070100] |If you type ‘ifconfig’ now you will very long output like this one: [123003070110] |If you decide to delete those IPs you can run the following line as a remedy: [123003070120] |Once you finished editing /path/to/script.sh script you should add it to startup, so put the line /path/to/script.sh into /etc/rc.local file that Linux executes every time it boots. [123003070130] |Please notice that in various distributions this file may be missing so consult with distro’s docs to get where it is stored. [123003070140] |

    Redhat/Centos/Fedora network scripts

    [123003070150] |Users of these Linux distributions can apply ranges of IP addresses using ifcfg-eth0-range0 files which are read during initialization of network interfaces during boot up process. [123003070160] |The following example will make Linux to apply 200 IP addresses to eth1 during booting: [123003070170] |CLONENUM_START value specifies starting identifier of alias that will be applied to eth1 interface, in above example the first 192.168.1.1 will be assigned to eth1:10 alias. [123003070180] |The last IP of the range 192.168.1.200 will be applied to eth:210 sub-interface. [123003070190] |This is totally easy approach. [123003070200] |Did you know that by one line presented below you assign 1022 virtual IP addresses to your Linux system? [123003070210] |Here it is: [123003070220] |Now you can make sure of this by pinging IPs from that range (10.0.0.1 –10.0.3.254). [123003070230] |If you still feel that the first suggested way meets your requirements better than the third one please read more about loopback interface at wikipedia —loopbacks are much more useful than aliases in most cases. [123003070240] |Hope it helps! [123003090010] |Sendmail for virtual users with procmail, spamassassin and dovecot [123003090020] |Today I’d like to describe setup of sendmail that allows to establish receiving of e-mails for certain domain and sort incoming messages between virtual users. [123003090030] |Those users must be able to fetch received e-mails via POP3 or IMAP protocols with or without TLS encryption. [123003090040] |The key aspect of this kind of setup is that we will make sendmail working with virtual users which aren’t present in /etc/passwd so once it’s necessary to create new mailbox it’s not required to add new Unix/Linux account into system. [123003090050] |Also, unlike similar configurations based on postfix we will not run mysql or postgres databases to store list of users, their settings, mail routing etc. —everything is stored in text files. [123003090060] |Whole setup relies on the following components: sendmail –receives mails from MTAs around the Web and sorts incoming mails between users of mail system, procmail makes it possible to apply various custom configurations for selected users e.g. set up autoresponder, filter e-mails etc., spamassassin is well known spam filter, dovecot —POP3 and IMAP service daemon. [123003090070] |1. Sendmail installation procedure depends on your Linux distribution but in most cases it is enough to install corresponding binary package e.g. sudo yum install sendmail or sudo apt-get install sendmail. [123003090080] |But it is also natural idea to compile sendmail from sources to get the most fresh version —this is perfectly covered at sendmail.org. [123003090090] |2. If you run one of major Linux distributions you should just execute something like below in command line to get all other required components installed: [123003090100] |sudo apt-get install procmail spamassassin dovecot or sudo yum install procmail spamassassin dovecot [123003090110] |The possibility to install all the components from sources is still open [for geeks only]. [123003090120] |3. Sendmail’s configuration is stored in /etc/mail directory and by default it is configured not to receive mails for any domain. [123003090130] |We should change by adding ‘example.com’ domain to /etc/mail/local-host-names file. [123003090140] |Please notice that MX DNS entry for your domain e.g. “example.com” should point to server where you’re trying to set up sendmail. [123003090150] |4. There is another key configuration file /etc/mail/virtusertable that holds all mail routing information, e.g. below line tells sendmail that all incoming mails to test@example.com should go to user ‘user1.virtual’: [123003090160] |test@example.com user1.virtual [123003090170] |The following line routes rest incoming mails to user2.virtual: [123003090180] |@example.com user2.virtual [123003090190] |5. As it comes from their names user1.virtual and use2.virtual are virtual so they shouldn’t be present in /etc/passwd. [123003090200] |In order to make sendmail to deliver mails to virtual users it is required to specify them in /etc/alias file. [123003090210] |E.g. if we plan to route mails destined to test@example.com to user1.virtual we should add the following line to /etc/alias: [123003090220] |user1.virtual: |/etc/smrsh/user1.virtual [123003090230] |This line tells sendmail that it should execute script /etc/smrsh/user1.virtual to deliver mail to user1.virtual. [123003090240] |Please notice that if you place the script to ther directory than /etc/smrsh setup wont’ work. [123003090250] |Now let’s see the contents of /etc/smrsh/user1.virtual, it contains one line including the path to procmail binary and procmailrc script for user1.virtual user: [123003090260] |[root@server ~]# cat /etc/smrsh/user1.virtual /usr/bin/procmail /etc/procmail.d/user1.virtual [123003090270] |/etc/procmail.d/user1.virtual file includes all custom settings for user1.virtual virtual user, e.g. below is an example that will receive mails to test@example.com, check them for spam and store into user1.virtual’s inbox: [123003090280] |[root@server ~]# cat /etc/procmail.d/user1.virtual PATH=/bin:/usr/bin:/usr/contrib/bin:/usr/sbin:/usr/local/bin:/sbin MONTHYEAR=^Date +%y%m VHOME=/var/spool/virtual/example.com/mail/user1.virtual LOGFILE=/var/spool/virtual/example.com/logs/user1.virtual/log LOGABSTRACT=all VERBOSE=on # Spam filter :0fw | /usr/bin/spamc :0: * ^X-Spam-Status: Yes $VHOME/spam :0: $VHOME/inbox [123003090290] |As you can see spam mails will be stored in inbox while spam e-mails will be forwarded to file named ’spam’. [123003090300] |Later on you will be able to access inbox using POP3 and spam using IMAP service. [123003090310] |In order to prepare user1.virtual’s inbox you should do the following: [123003090320] |mkdir -p /var/spool/virtual/example.com/mail/user1.virtual mkdir -p /var/spool/virtual/example.com/logs/user1.virtual chown mail.mail /var/spool/virtual/example.com/mail/user1.virtual -R chown mail.mail /var/spool/virtual/example.com/logs/user1.virtual -R [123003090330] |As for spamassassin, it is comes configured by default so in order to start it you should start spamd daemon e.g. by command service spamd start or /etc/init.d/spamd start. [123003090340] |You can get more information about how to configure it at SA’s website. [123003090350] |From this point you may try sending mails to test@example.com and see log entries in /var/spool/virtual/example.com/logs/user1.virtual/log and incoming mails in /var/spool/virtual/example.com/mail/user1.virtual/inbox. [123003090360] |If something goes wrong it makes sense to look into /var/log/maillog sendmail’s main log file. [123003090370] |5. Default configuration of dovecot is rather useful and makes it possible to establish POP3 and IMAP services for virtual users in seconds. [123003090380] |Let’s imagine you’re running dovecot 2.x version, here are some configuration keys you should add into dovecot’s config, e.g. /etc/dovecot/dovecot.conf: [123003090390] |protocols = pop3 imap service pop3-login { inet_listener pop3 { port = 110 } } service imap-login { inet_listener imap { port = 143 } } ssl = yes ssl_cert = [123003090400] |Once you make sure your dovecot’s configuration includes mentioned lines you’re welcome to try starting dovecot either by service dovecot start or by just ‘dovecot’. [123003090410] |In case of success you will see 110 and 143 ports in output netstat -lnp or errors in dovecot’s log file /var/log/dovecot.log. [123003090420] |Let’s imagine it started without problems [123003090430] |Now it’s time to set up the password for user1.virtual user, according to dovecot’s configuration suggested above the passwords are stored in /etc/dovecot/passwd. [123003090440] |This is a text file, here is example line from it: [123003090450] |user1.virtual:{PLAIN}pass123:8:12 [123003090460] |In this example user1.virtual has password pass123 stored in plain text, 8 is UID of mail user in your /etc/passwd, 12 is GID of mail group (you can also check this in /etc/passwd). [123003090470] |Fin. [123003100010] |Quick Tip: Increase port range available for applications [123003100020] |By default an average Linux distribution allows applications to use the following TCP port range for outgoing connections: 32,786-65,536. [123003100030] |That’s why your system can handle up to 28,232 TCP sessions at time. [123003100040] |Notice, this is more than enough if your Linux system is installed on the laptop or desktop and you just use it for occasional visits to facebook.com, gmail.com and linuxscrew.com (yeah!). [123003100050] |But if you run proxy/webcache like squid or some other services which open a lot of outgoing TCP connections you will likely hit ceiling of 28,232 soon. [123003100060] |First of all, let’s see current port range available for TCP sessions: [123003100070] |cat /proc/sys/net/ipv4/ip_local_port_range [123003100080] |Most likely the output will show something like this one “32786 65536″. [123003100090] |In order to expand this range you can either echo modified range into above file in /proc filesystem (temporary solution) or add corresponding line into /etc/sysctl.conf (constant solution). [123003100100] |To temporarily expand port range from 28,232 to 40,000 do the following: [123003100110] |sudo -s echo "25000 65000" >/proc/sys/net/ipv4/ip_local_port_range [123003100120] |To make sure new port range will be applied after reboot add the following line to /etc/sysctl.conf: [123003100130] |net.ipv4.ip_local_port_range="25000 65000" [123003100140] |or just execute this: [123003100150] |sudo sysctl -n net.ipv4.ip_local_port_range="25000 65000" [123003110010] |Install nfdump and nfsen netflow tools in Linux [123003110020] |Using nfsen it is possible to view IP traffic statistics on Linux interfaces including the graphs showing data sent and received (see the screenshot to the right) as well as historical information about all data transfers. [123003110030] |So after you’ve configured nfsen and nfdump to monitor traffic on certain Linux server or router you’ll be able to answer the following example questions: What IP was downloading data through 48161 last Wednesday? or How many bytes were sent to IP 8.8.8.8 via 53 port from Linux server? [123003110040] |These are the only examples so nfdump and nfdump netflow tools gives you wide range of capabilities to monitor and analyze traffic on your Linux host. [123003110050] |Netflow is the protocol developed by Cisco to manage data about IP traffic. [123003110060] |In a few words using Netflow you can collect data about all IP data send/received on multiple Cisco/Linux/BSD/Juniper hosts and send it to central Netflow collector that will show you the nice graphs and also will allow to have a complete picture of what data was sent/received on those hosts (including destination and source IP, port, bytes transfered, int/out interfaces etc). [123003110070] |Nfdump is netflow collector. [123003110080] |Nfsen is graphical tools for generating graphs and querying Nfdump for historical traffic reports. [123003110090] |In this article you will see how to deploy all this staff in Linux. [123003110100] |Netflow probe is required to collect IP traffic data on Linux host. [123003110110] |In general this piece of sofware will sit in background, store every network activity on certain network interface and then send collected data to Netflow collector nfdump. [123003110120] |As Netflow probe I prefer fprobe that is totally simple application that just does its job. [123003110130] |If you feel that fprobe is not what you need or there are some problems with installing it you can try softflowd that can do the same job. [123003110140] |Install fprobe from sources: [123003110150] |Point fprobe to one of network interfaces of Linux host and make it to send data to Netflow collector: [123003110160] |In above example fprobe stores all data trasnfers on eth0 network interface and sends collected data to 11.22.33.44 host via 23456 UDP port (you may want to change firewall rules to make Netflow working over 23456 UDP port). [123003110170] |Install nfdump Netflow collector from sources: [123003110180] |When finished Netflow collector becomes ready so you can start capturing traffic from Netflow probe. [123003110190] |If you don’t need any graphical tools like nfsen described below you can just start collector and save Netflow data in /var/neflow/ directory (THIS STEP IS OPTIONAL): [123003110200] |In order to install nfsen from sources you have to get all its prerequisites, run one of below lines depending on what Linux distro you’re using (1st line is for Fedora, Centos, Redhat while 2nd line is for Ubuntu, Debian, Mint and similar): [123003110210] |or [123003110220] |Compile nfsen from sources: [123003110230] |In order to continue the installation you should edit file etc/nfsen.conf to specify where to install nfsen, web server’s username (yes, you have to install apache, lighttpd, nginx or any other web server first), its document root directory etc. [123003110240] |The major section of that config file is ‘Netflow sources’ that must list all hosts you’ve started Netflow probes at. [123003110250] |Here is an example section for monitoring above Linux host: [123003110260] |When finished it’s time to actually install nfsen using installation script: [123003110270] |In case of successful installation you will be notified with corresponding congratulations message so it would be proper time to start nfsen daemon: [123003110280] |Now you can open http://localhost/nfsen/nfsen.php at Linux host where nfsen was installed to start using this Netflow tool and see some graphs. [123003110290] |Notice that it takes about 5-10 minutes to see first bars at the graphs, if the graphs are still empty you will have to check at least the following: [123003110300] |1. If fprobe is able to communicate to Netwflow collector and can send Netflow data to it (use ‘ps ax | grep fprobe’ and Linux host being monitored and tcpdump tool at Netflow collector). [123003110310] |2. If Netflow collector is started and can receive data from Netflow probe. [123003110320] |Use ‘ps ax | grep nfcapd’ and tcpdump at Netflow collector Linux host. [123003110330] |If you can add anything —feel free to drop a comment below. [123003120010] |Cisco Load Balancing with Failover setup example [123003120020] |There is Cisco router of 7200 series with 4 FastEthernet interfaces (FE) and 2 serial ports. [123003120030] |It should act as load balancer and failover for LAN connected to it via one FE 1/0 interface while two identical Internet connections are going to FE 0/0 and FE 0/1 (let’s name these connections as ISP_1 and ISP_2). [123003120040] |No dynamic routing protocols are used by ISPs but only static routing. [123003120050] |The primary task is to ensure quick failover between two Internet connections so LAN users are automatically switched to ISP_2 if ISP_1 fails and vice versa. [123003120060] |When both ISP_1 and ISP_2 are online the traffic of LAN users should be shared between two links to double available bandwidth on uplink (Tx) and downlink (Rx), in other words the router should be configured for load balancing between the links. [123003120070] |You can see a network diagram below: [123003120080] |Load balancing setup description [123003120090] |There are two basic options available: per-destination or per-packet load balancing. [123003120100] |Since ISP_1 and ISP_2 connections have almost the same link characteristics including delay, jitter and bandwidth, it is reasonable idea to pick per-packet option. [123003120110] |In comparison to per-destination load balancing approach per-packet uses more router’s hardware resources but makes it possible to share traffic between connections more evenly. [123003120120] |For better forwarding performance the router will be configured for Cisco Express Forwarding or simply CEF per-packet load balancing. [123003120130] |Failover description [123003120140] |Every 30 seconds the router will ping two IP addresses through ISP_1 and two other IP addresses via ISP_2. [123003120150] |If both IPs via ISP_1 becomes unreachable (we assume that ISP_1 connection fails in this case) the router will delete ISP_1’s route from its routing table so ISP_2 becomes the only Internet connection for LAN users. [123003120160] |Meantime the router still continues pinging two ISP_1’s IP addresses and once they become reachable back ISP_1 is added to ISP_2 as an active Internet connection link. [123003120170] |Such failover scenario works in absolutely the same way for ISP_2. [123003120180] |Usually this is reasonable idea to ping IP addresses of each provider’s DNS servers when monitoring availability of each ISP. [123003120190] |Miscellaneous details [123003120200] |Notice that CEF per-packet load balancing requires IOS version of 12.0+ while failover setup described above needs 12.4+ IOS version so you have to make sure your Cisco router runs at least 12.4 version of operating system. [123003120210] |E.g. c7200-ik9o3s-mz.124-12c.bin would be ok. [123003120220] |Cisco router’s configuration with comments [124000010010] |Funding free software projects [124000010020] |Successful open source projects are usually initiated by someone with a clear vision and also the knowledge to set about turning that vision into reality. [124000010030] |But what happens when someone has an idea and also has the resources to hire programmers to execute that idea?My experience with SchoolTool v1 This note was inspired by Tom Hoffman’s blog entry which referenced SchoolTool and Chandler. [124000010040] |I thought he was touching on a subject which has interested me for some time –how best to fund open source development. [124000010050] |Trust me this is not easy. [124000010060] |Most open source projects are led by the person who had the original vision. [124000010070] |It’s much harder to HIRE people to work towards your own vision. [124000010080] |But if philanthropists are to invest in open source software, then we have to figure out how to do just that. [124000010090] |First, some more history on the SchoolTool project, because I think it nicely illustrates the phenomenon. [124000010100] |I hired a talented and diverse team to build SchoolTool just as I was heading to Russia to see if I could get into the Russian space program. [124000010110] |All of the team members were familiar with and fans of open source software and open source development. [124000010120] |There was no one at the Foundation that had experience managing an IT project, but I figured the that the team would have no trouble managing itself. [124000010130] |They should have the best of all worlds, with steady salaries to allow them to focus their time exclusively on an open source project. [124000010140] |Most open source projects are part-time efforts, with the team members constantly constrained in the time they can devote to their “hobby”. [124000010150] |While I was in Russia, the team sent me a series of regular reports on their progress. [124000010160] |They settled on Java, not an environment I like, and SQL database, a reasonable proposition. [124000010170] |So far so good. [124000010180] |But over the next few months I noticed that they were spending a lot of time solving problems that didn’t really need to be solved. [124000010190] |For example, we wanted SchoolTool to be cross-platform. [124000010200] |They invested a huge amount of effort designing an XML-based UI description system, which would then automatically generate a UI for each platform. [124000010210] |Why reinvent XUL, I asked? [124000010220] |It seemed as if, given free reign, the developers pursued their own personal interests rather than the goals of the project. [124000010230] |Sure, they could always argue that the tools they were developing were ultimately going to be USED by SchoolTool, but I was always left thinking that if I were in their shoes I would want to start solving the unique problems of school administration FIRST, and leave some of the other niceties till later. [124000010240] |After a while it became clear to me that the team was not going to produce a functional tool. [124000010250] |So I canned the project and shutdown the development office, letting the developers go. [124000010260] |This was a very unpopular decision, quite a few educational groups had pinned their hopes on SchoolTool. [124000010270] |Rather than keeping those hopes artificially alive I killed the project outright and said we would not develop SchoolTool further. [124000010280] |But at the back of my mind was still the belief that SchoolTool is a project that is both feasible and worthwhile, and that it should work in an open source environment once it has critical mass. [124000010290] |The issue, as I see it, is leadership. [124000010300] |Most open source projects are founded by one or two people who have a very clear idea of what they want to create and how they plan to do so. [124000010310] |They have an itch to scratch. [124000010320] |Once they have a basic framework together, other people start to use it and the stone soup effect kicks in… some of the users become developers, and the bazaar magic happens. [124000010330] |But here’s what’s critical –the success of the project continues to depend on it’s leadership, usually by the founders but sometimes in a more institutional way (like the Debian project). [124000010340] |Contrast this with my experience of hiring developers who had great skills but no personal attachment to the idea of having a SchoolTool out in the wild. [124000010350] |They did what all open source developers do –they scratched THEIR itch. [124000010360] |In a proprietary development scenario the company and hence the developers are driven to ship product –they get no sales without a shipping product, and thus no salaries without shipping code. [124000010370] |So there is an urgency and a pressure to ship something. [124000010380] |We have all seen that sometimes that pressure is not constructive, and code is shipped in barely working state. [124000010390] |Contrast this with open source developers who want a good, working tool out there –they ship it when it’s “done”. [124000010400] |But that assumes that they really want it out there. [124000010410] |If they are simply being paid to cut code, they cut the code they find most interesting, not necessarily the code that is on the critical path to ship the actual tool they’re working on. [124000010420] |Recognising this, I decided to cut the code myself. [124000010430] |The two month hiatus Tom describes was part of this time, with me trying to recreate the good old garage days when I could spend all day working on the code that ultimately became Thawte. [124000010440] |It took me that long to realise that times have changed –life’s too good these days. [124000010450] |Try as I might I don’t have the self-discipline to shut out the rest of the world when the phone keeps ringing, email keeps flooding in (although I did learn to ignore most of that, a useful exercise) and there are limitless opportunities to do fun stuff. [124000010460] |I quite enjoy life as a retired cosmonaut with some financial security, but that enjoyment comes at the expense of focus. [124000010470] |So much for plan B, what would be plan C? [124000010480] |I decided to hire the best Python developer I could to lead the project, then hire one or two other teams to work in collaboration with that core team. [124000010490] |Hence my search for and appointment of Steve, Marius and Albertus. [124000010500] |How will we avoid a simple repetition of the previous problem? [124000010510] |What makes this effort different? [124000010520] |Nothing, so far. [124000010530] |We once again have a bright team of developers who are at the end of the day motivated by a contract, not by a personal itch in education administration. [124000010540] |But this is only the story so far. [124000010550] |The next step will be to hire an additional team to collaborate with Steve’s. [124000010560] |It may seems strange to hire a separate team rather than bolster the core one, but there’s method in my madness. [124000010570] |Right now, a lot of the critical thinking and discussion happens inside an office in Vilnius, with no reference to the rest of the world. [124000010580] |That makes it efficient, but not necessarily effective, since it may be efficiently going down the wrong road. [124000010590] |Steve’s been pretty good about going to the list to get a sense of how different educational communities work whenever they start work on a new section of the project, for which I’m grateful. [124000010600] |But the problem still remains –a lot of SchoolTool development happens in a non-transparent manner. [124000010610] |By hiring a second team to collaborate on the core infrastructure I hope to force these discussions to happen online –in the mailing list and in wikis etc –in a way that makes them transparent and accountable. [124000010620] |That way outsiders will be able to comment, and more importantly, we will be able to go back and understand what was decided, and why. [124000010630] |As for directedness, I came away from my visit to Vilnius with the impression that Steve really wants to see SchoolTool reach its full potential. [124000010640] |There were some slight alarm bells (the dev team spent a lot of time showing me what their engine COULD do, and I spent a lot of time shifting the discussion back to what it DOES do), but at this stage I think we are still in reasonable shape. [124000010650] |Perhaps we should actually have one or two schools that will deploy their work, to keep their debates grounded in the real world… but that can come in due course. [124000010660] |Lessons Learned So the risk is that a well-funded open source team that is NOT led by someone with a personal interest in shipping the project will get distracted by other shiny tech toys and fail to actually ship something focused and constructive. [124000010670] |How are we dealing with that in the current round of work on SchoolTool? [124000010680] |First, I’m personally watching and asking the core team to focus on actual functionality. [124000010690] |They assure me that their engine work is “done”, and that they are currently working on a usable tool that can be tested by schools. [124000010700] |Time will tell. [124000010710] |And second, we will shortly have a second, collaborating team, that will I hope also bring much of the engineering work into a more public forum. [124000010720] |Time will tell. [124000010730] |These are expensive ways to learn, but I feel that the experiment is very much worth doing. [124000010740] |There are lots of tools I would like to see developed in the open source world that developers have not yet done for themselves, and which I would be prepared to fund. [124000010750] |Perhaps other philanthropists are in a similar position. [124000010760] |We need to learn how to do this effectively, and the only way to learn is to try. [124000010770] |Update: 2003/12/3 A further email exchange between Tom Hoffman and I went along these lines: [124000010780] |Tom: Coming up with an RDF version of your REST api is definitely luring me as a shiny geek toy, of the type Mark wants you to avoid getting sucked into. [124000010790] |I’ll start trying to delve into it though. [124000010800] |Me:The beauty of the open source process is that non-core developers ARE willing and able to play with shiny geek toys. [124000010810] |It’s the core team that I need to keep focused, they set the release schedule and core functionality / infrastructure pace of development. [124000010820] |But the fact that outsiders are able to think laterally, and experiment with code that can be proven outside of the main development process is what gives open source its real diversity and amazing ability to innovate. [124000010830] |So as long as it’s not on my dime, please scratch whatever itch interests you most [124000010840] |I didn’t make it clear originally that I was mainly talking about the CORE development team, which in most projects stays pretty focused on getting the job done using the chosen infrastructure rather than very “shiny” rewrites. [124000010850] |The beauty of open source development, however, is that non-core developers can spend as much time as they want experimenting, and it’s this experimentation which can result in dramatic and unexpected features being innovated outside the core tree and then incorporated once they are proven. [124000010860] |We don’t want to stop geek playfulness at all, we want to encourage it, but we need to keep the core team focused on getting the infrastructure reliable, usable and regularly released. [124000020010] |Launchpad hacking in Sau Carlos, Brazil [124000020020] |I’m in Sao Carlos, Brazil for a few weeks hacking on The Launchpad, and enjoying some of the local scenery. [124000020030] |It struck me on yesterday’s early morning run (Kiko’s suggestion –I don’t generally like running) how lucky I am to be able to take a few weeks and work with this team, despite the intensity of everything else that’s going on at Canonical. [124000020040] |Normally I guess the Founder or CEO of a project would not have the luxury of diving into the heart of the technical challenges we face, and you could argue I should be focused on some of the more corporate activities a startup needs to deal with. [124000020050] |But with the mix of non-profit and for-profit goals in Canonical and Ubuntu, I sort of feel it’s my great privilege to be able to participate in the hacking, too. [124000020060] |There’s plenty of time to build value that will grow the project beyond what I can provide philanthropically –for the moment it’s all about creating interesting platforms for collaboration in the open source world. [124000020070] |And that’s the part that I’m particularly interested in myself. [124000020080] |This week the focus has been Baz (the revision control system) as well as a web view of the distributed revision control world (all the branches people have publicly released) which we call “The Bazaar“. [124000020090] |At the moment it’s pretty vestigial –it just shows some stats about the number of baz branches we know about that are related to upstream projects we care about. [124000020100] |But in future it will let you see more details of each of those branches. [124000020110] |The idea being that you can get a high-level view of all the hacking that is going on AROUND a project upstream, not just on the mainline branch. [124000020120] |In a distributed revision control world, like the one the Linux kernel guys adopted initially with BK and now with Git, you might have lots of really interesting work going on outside of the mainline tree, so this web service will give you a view of all of that work. [124000020130] |That should help create better collaboration between people interested in a particular feature. [124000030010] |Zope3 packages could be better in Ubuntu [124000030020] |The Launchpad is all written in Python using the core parts of Zope 3. [124000030030] |We don’t use a full Zope 3 setup, we’re just interested in the core web app framework, not the full all-you-can-eat edition. [124000030040] |We’ve released most of the Zope 3 changes we’ve done internally, and Steve Alexander is making the case upstream for Zope 3 itself to adopt a more lean-and-mean approach, providing just the framework libraries and allowing people to install fully build web apps as genuinely useful standalone pieces, rather than the current Zope2-style glue-it-all-together-through-the-web approach. [124000030050] |I’d like to see more folks coding in Python and Zope 3, and I think providing them with this sort of framework would encourage it. [124000030060] |At the moment, Zope 3 is a little too much to swallow at first bite. [124000030070] |So, if anyone out there is interested in helping to produce some alternative Zope 3 packages for Ubuntu and Debian, let me know on #ubuntu-devel or #launchpad (talk to sabdfl or stevea). [124000030080] |The idea would be to have one package that provides the core libraries only, and a second package that provides a ready made sample Zope 3 instance. [124000030090] |So it would feel more like installing any other application –you would install the app you want (SchoolTool, or SchoolBell, or whatever) and it would bring in the Zope 3 libraries it needs. [124000030100] |And immediately after install you would have a useful app right there. [124000030110] |Sure, you could glue that component into another Zope 3 instance using the magic of ZCML, but you’d have something doing what you expect right out of the box.