Archive for the ‘linux and unix’ Category

« Older Entries

tomorrow the world

Monday, January 30th, 2012

A slightly breathless new post over at omgubuntu proudly boasts that the market share of Linux on the desktop jumped “from 0.96% in January 2011 to 1.41% by the year’s end.” (That could equally be be written as a close to 50% rise in Linux’ popularity). No doubt this will scare the pants off Steve Ballmer.

I can’t help being amused by the comments below this post which run like this:

1. Thanks to Unity!

2. Despite unity.

3. Despite unity & gnome shell.

4. Thanks to gnome & despite unity.

5. Thanks to Ubuntu.

6. Thanks to Linux Mint.

This sort of united, combined front in opposition to proprietary software is exactly what will drive free software to say, oh around 2% of the desktop.

Tags: ,
Posted in free software, linux and unix, trivial musing | No Comments »

the amnesic incognito live system

Tuesday, December 20th, 2011

Or “tails” if you prefer, is a live CD/USB distribution based on debian which aims to help you preserve your privacy and anonymity when out and about. As the home website says, tails helps you to:

  • use the Internet anonymously almost anywhere you go and on any computer:
    all connections to the Internet are forced to go through the Tor network;
  • leave no trace on the computer you’re using unless you ask it explicitly;
  • use state-of-the-art cryptographic tools to encrypt your files, email and instant messaging.

This is a good thing (TM).

I already have a system at home which allows me to use the tor network whenever I want to be anonymous, but tails allows me to do the same thing when I’m away from that setup. I like the idea so much that I now provide a mirror for the tails distribution to complement my tor exit node. Every little helps.

Tags: , , ,
Posted in linux and unix, network (in)security, privacy, trivial musing | No Comments »

tunnelling X over ssh

Monday, December 19th, 2011

OK, yes, I know there are probably already a gazillion web pages on the ‘net explaining exactly how to do this, but I got caught out by a silly gotcha when I tried to do this a couple of days ago, so I thought I’d post a note.

Firstly, X is not exactly a secure protocol, nor is it easy to filter at NAT firewalls, so the ability to tunnel it over ssh is hugely welcome. In fact, ssh can be used to tunnel practically any other protocol you care to name, so it should be your first port of call should you wish to connect to a remote system using an insecure protocol. (I use it to wrap rsync for example).

I don’t run X on my VMs (there is no need, they don’t run desktop software) and I had not previously seen the need to run X based graphical programs on those servers. However, a couple of days ago I thought it would be really useful to run etherape on one particular remote server so that I could watch the traffic patterns. Normally I use iptraf (which is ncurses based) when I want to monitor network traffic in real time, but etherape is pretty cool and gives a nice graphical view of your network connections. But it runs on an X based gui.

So. I changed the remote server’s sshd_config to enable X forwarding (“X11Forwarding no” becomes “X11Forwarding yes”) and restarted sshd. On my desktop I similarly changed my local ssh_config file to allow X forwarding (“ForwardX11 no” becomes “ForwardX11 yes”) to obviate the need to use the -X switch on the command line. I then installed etherape on the remote server and fired it up only to get the message “Error: no display specified”. Sure enough “echo $DISPLAY” showed nothing. But I had thought (and everything I had read confirmed) that ssh should take care of setting the appropriate display when X11 forwarding was set.

So I then tried setting a display manually (export DISPLAY=localhost:10.0 on the remote server) and then got the response “Error: cannot open display: localhost:10.0″. So, still no deal. I spent some time scratching my head (and reading man pages) and sent off a query to my local Linux User group in parallel asking for advice. They were gentle with me.

The first, and rapid, response, said:

On the server:

sudo apt-get install xauth

Then disconnect and reconnect the client.

Jobs a good un.

Thank you Brett.

So the moral is, make sure that you have X authorisation working properly on the remote system (check for the existence of $HOME/.Xauthority) if you experience the same symptoms I did.

Tags: , , , , ,
Posted in coding and admin, free software, linux and unix, network (in)security, networks and networking, security, tips, tricks and howtos, trivial musing | No Comments »

ubuntu de-throned

Wednesday, November 9th, 2011

For the first time since early 2005, Ubuntu has fallen off the top spot on distrowatch. The new number one, by page hit ranking, is Linux Mint.

I’m not at all surprised.

Tags: , ,
Posted in free software, linux and unix, trivial musing | No Comments »

dis-unity

Wednesday, November 9th, 2011

The reaction to Ubuntu’s move to Unity seems to be getting wider coverage. Over at LWN, Bruce Byfield blogged recently about the rift between the Ubuntu developers and its users. In particular he highlights Tal Liron’s entry to the Ubuntu launchpad bug wiki under bug number 882274. In that entry, entitled “Community engagement is broken” Liron gently rebukes the developers for their apparent lack of enegagement with the community, saying:

“The bug is easy to reproduce: open a Launchpad bug about how Unity breaks a common usage pattern, and you get a “won’t fix” status and then radio silence. The results of this bug are what seems to be a sizable community of disgruntled, dismayed and disappointed users, who go on to spread their discontent and ill will.”

Both Liron’s bug entry (and the subsequent commentary) and Byfield’s analysis of that discussion bear reading. I found myself frustrated by the obvious lack of understanding of (and impatience with) Liron’s position apparent in Mark Shuttleworth’s responses. Byfield concludes that:

“[Suttleworth] sounds impatient, resorting to personal attacks and invoking his personal authority or the necessities of design or standard practice instead of offering explanations. At times, he seems to address issues that at best approximate what others in the discussion are saying. Exactly why this change has happened is uncertain, but it adds a sting to Shuttleworth’s once-humorous title of Benevolent Dictator for Life.”

Meanwhile, over at El Reg, Liam Proven offers his analysis of the Ubuntu upheaval. In that article, Proven describes the differences between GNOME 3, GNOME 2 and Unity and explains how these changes (or more properly, the management of these changes) have led to the difficulties now facing a wide range of users. Proven concludes:

“Ubuntu is gambling that Unity will attract floods of new Linux users in such numbers as to outweigh those abandoning it for its spin-offs and rivals. If it’s correct, then Ubuntu will continue its rise to near-total dominance of the Linux desktop. But if it’s wrong, it will leave the Linux world more fragmented than ever.”

In my view Ubuntu (or more precisely Canonical and Shuttleworth himself) is wrong and will regret this decision not to properly engage with its user base. I don’t blame them for changing the desktop, after all, the GNOME developers have forced that change upon them. But I do agree strongly with Liron’s position. Ubuntu could do well to listen more.

And in a nice summary of Xfce, Scott Gilbertson today explains why previous GNOME users are moving to that desktop in the wake of the GNOME 3 and Unity changes. It seems I’m in the company of a growing number of other users.

Tags: , , ,
Posted in free software, linux and unix, trivial musing | No Comments »

fully minted

Sunday, November 6th, 2011

After exploring the alternatives to Ubuntu, I finally settled on Linux Mint Debian Edition (LMDE) running Xfce as the desktop. I am now Ubuntu free and have a desktop that looks the way /I/ want it to look rather than the way some design nut wants it to look. I am also hopeful that the desktop will stay that way in future.

My main desktop now looks like this:

image of linux desktop

and my netbook looks like this:

image of linux desktop on my netbook

(click on either image to get full sized views)

I chose LMDE rather than Xubuntu partly out of pique with the way Canonical is taking Ubuntu, and partly out of a genuine desire to move to a distro which is closer to the ideals of the FOSS community which Ubuntu used to espouse and which Debian always has done. For me, LMDE now offers the best compromise between a truly useable modern desktop (with all that implies for proprietary codecs) and the purity and stability of Debian. I know where things are in Debian and I much prefer the Debian package manager to RPM (which immediately rules out Fedora or SUSE). Having now spent some time playing with Xfce I find myself surprised that I didn’t move to it much earlier. It is clean, relatively lightweight, fast and eminently configurable.

On my main desktop machine (which is running the 64 bit version to take full advantage of the 8 Gig of RAM I have installed) everything works as it should – even the dreaded flash (yes, I occasionally watch youtube). On the netbook (32 bit version) everything except the RHS card reader works. Hot plugging works on the left, and the right /will/ work if there is an SD card in place on boot. (But no, I /still/ can’t read Sony memory sticks. I have sort of given up on that now anyway since I no longer use the PSP to watch videos.)

Now to convert my wife.

Tags: , , , , ,
Posted in free software, linux and unix, trivial musing | 4 Comments »

time to ditch ubuntu?

Wednesday, October 19th, 2011

I’ve used Ubuntu on my desktops/laptops and netbook for some time now. I think my first installation was 6.06 (the version 6.04 which was late by two months) and my desktops currently all run 10.04 LTS. I got over the minor irritation of the move of the window control buttons from the top right to the top left (a la Mac OSX). But I disliked the first version of 10.10 I tried on the netbook (sporting an early version the unity desktop) so much I quickly switched that back to to 10.04.

I have used the LTS versions of Ubuntu because, in my view, it provides the best trade off between bleeding edge and stability. I’m a huge fan of Debian and use it on my servers and slugs, but Debian is too conservative (and too purist about non-free software such as multimedia codecs) to make it a truly attractive OS for the modern desktop without a lot of additional work. So, the fact that Ubuntu was based on Debian, but with a rather faster release schedule and added usability has made it an obvious choice for some time. And it has become hugely popular. It still ranks number one at distrowatch and there are many other distributions which are based upon it. But Canonical have been taking some controversial decisions of late, many of which have split the user base.

After trialling the unity desktop on the netbook edition in Ubutu 10.10, Canonical merged the netbook and desktop versions into one with 11.04. This meant that users upgrading from an earlier (GNOME based) version were suddenly faced with a radically different looking desktop. The GNOME desktop (called Ubuntu classic) was still available as a fallback from unity in 11.04, but from the latest release (11.10) this is no longer the case, instead you get a 2D version of unity. So, you have unity or you have a worse version of unity.

Ubuntu may be using the GNOME libraries (and it is now using the GNOME 3 libraries rather than those for GNOME 2 as it did when unity was first launched) but many people, myself included, cannot understand why Canonical did not simply work with the GNOME project on version 3. But Canonical have form here. As a company they have been criticised many times in the past for taking rather too much from the FOSS community and not putting enough back. Without Debian, Ubuntu would never have existed. Ian Murdock (the “ian” in Debian) himself expressed concern some time ago that the Ubuntu codebase could diverge too much from Debian unless Canonical developers pushed changes back into the upstream projects. Furthermore, unlike companies such as Intel and Redhat, Canonical developers seem to be almost entirely absent from the linux kernel development community. An interesting, indeed almost comical, statistic emerged recently showing that Microsoft was the fifth most productive contributor to the Linux 3.0 kernel behind only Redhat, Intel, Novell and IBM respectively. As admin magazine notes however, this position owes much to the fact that Microsoft employee K. Y. Srinivasan made 343 changes. Most of those changes were to clean up the code implementing a driver for Hyper-V virtualization. But this is just a statistical blip – I fully expect Microsoft to drop out of the top five, or even top twenty five, shortly.

Canonical also got into a spot of bother when they ditched the GNOME audio player Rhythmbox in favour of Banshee. Rythmbox is decidedly “free software” and links users to free music downloads from Jamendo and paid for music from Magnatune, whilst Banshee looks far more commercially oriented (it linked to Amazon’s MP3 store for downloads in mid 2010 and Canonical used it to link to its own Ubuntu One music store in the 11.04 release. Such decisions can upset people (and make Canonical begin to look like Apple). If they introduce any form of DRM then there will be hell to pay.

With the release of 11.04, Ubuntu Studio, the Ubuntu based distro aimed at multimedia creators, defaulted to retaining GNOME in preference to unity, saying in its release notes “Ubuntu Studio does not currently use Unity. As the user logs in it will default to Gnome Classic Desktop (i.e. Gnome2)”. Shortly thereafter, in May of this year, Scott Lavender, the project lead for Ubuntu Studio announced that they would move away from unity (and GNOME) and use the lightweight Xfce desktop as the default environment in future.

Criticism of Ubuntu (and of Canonical the company) has become so loud and frequent of late that Jono Bacon, the Ubuntu Community “spokesman” reacted by founding openrespect.org apparently as a means of deflecting some of that criticism. The openrespect website says:

“OpenRespect was founded out of a concern that discussion and discourse in the Open Source, Free Software, and Free Culture community has become a little too fiery and flamey in recent years. The goal of OpenRespect is simple: to provide a simple declaration that distills some of the core elements of showing respect to other participants in discussions.”

But as itwire points out, the timing here is rather odd since it is only now “when Canonical has its feet held to the fire, we have a new website called OpenRespect.org registered and volumes of spiel being generated by Bacon.” Quite so.

Jono Bacon has also popped up in a variety of fora getting all defensive about Canonical’s design decisions. He even fronted an article in the July 2011 issue of LinuxFormat magazine where he “interviewed” four key players at Canonical (including Mark Shuttleworth). That interview included such unbiased questions as “Unity is an exciting new vision. What are your goals and inspirations?” Worse, the article did not bother to mention that Bacon was a key Canonical employee.

I have no doubt that Canonical will make unity work. The installed base of Ubuntu users is so large that developers will be forced to make it work, but I don’t have to like it. My problem is that GNOME itself has also changed radically in the move from 2.30 to 3.0. And I don’t like that either. I find myself in good company though, back in July of this year, Linus Torvalds called GNOME 3.0 an “unholy mess” and announced that he was ditching it in favour of Xfce. Although unlike Linus, I never liked KDE, even before the KDE 4 debacle

Tags: , , , ,
Posted in free software, linux and unix, trivial musing | 6 Comments »

webcam mark II

Tuesday, September 27th, 2011

Upgrading the slugs to squeeze killed the webcam. At first I thought that squeeze was missing the necessary gspca drivers, but no, a quick look in /dev revealed an entry for video0 and “lsmod” reported “gspca_zc3xx” loaded correctly. This is a different driver to that which my camera loaded in lenny (spca5xx) but a quick search around the web confirmed that the camera should be happy with the new driver. So clearly the webcam program itself was at fault (confirmed by checking the output when running the program by hand). Time to find an alternative.

A scan of the debian repositories turned up a bunch of possibilities, some of which I had looked at in the past when first installing the camera. I eventually plumped for fswebcam because it was quick and easy to install and configure, it seemed to be actively supported (unlike Gerd Knorr’s old program) and it didn’t need a GUI. More to the point, it works with my old Logitech camera.

The program can be run from the command line with option switches or configured to read its options from a config file. And despite being advertised as a tiny, it has quite a rich feature set. It can even perform simple manipulation of the captured image, such as resizing, averaging multiple frames or overlaying a caption on the image. Nifty.

My current config file is shown below as an example. I may change this because I’m not quite happy with the brightness/contrast mixture and I’m still playing with the options available. Still, a recommended package.

# /etc/fswebcam.conf
#
# config file for fswebcam utility
#
# device and input are defaults
device /dev/video0
input 0
# log messages – only use this is debugging setup
# log /var/log/fswebcam.log
# repeat image capture every 30 seconds
loop 30
# set number of frames to skip if the camera sends bad frames on startup.
# Note – this is only necessary when using the camera for video capture
# skip 10
# background the webcam process
background
# set resolution of image (default is 384 x 288)
resolution 320X240
# set the palette to use in the output format (here JPEG) and the jpeg quality
# (my camera doesn’t like this option so it is commented out)
# palette JPEG
jpeg 95
# set some additional controls
# (use “fswebcam -d v4l2:/dev/video0 –list-controls” to see options)
set brightness=55%
set contrast=40%
# place the banner at the bottom of the image (default)
bottom-banner
# and colour it black
banner-colour #000000
# set the font to use in the banner title and timestamp
font /usr/share/fonts/truetype/msttcorefonts/arialbd.ttf
# set the title and timestamp to display in the banner – (timestamp uses strftime format)
title “Webcam on the Slug”
timestamp “%d %B %Y at %H:%M:%S”
# where we save the image
save /home/web/webcam.baldric.net/images/webcam.jpeg
#
# end

Tags: , , , , , ,
Posted in linux and unix, multimedia, tips, tricks and howtos, trivial musing | No Comments »

squeezing the slugs

Monday, September 26th, 2011

Debian 6 (squeeze) has been the current stable version since February 2011. The latest version (6.02) was released in late June. I have put off updating my slugs from lenny (old stable) for a while because I wanted to see how others faired before committing myself. Indeed, initial reports on the debian arm list indicated that the upgrade could be problematic. Worse, a completely clean install of squeeze turns out to be impossible because the debian installer uses more memory than is physically available on the slugs. So the only way to go, even for a clean new installation, is to install lenny first, then upgrade.

Given that both my slugs are operational, and are now an integral part of my network, I decided to invest in a new one as a development machine to test the upgrade rather than risk fritzing a perfectly good setup. (Back in the day I would have been happy to “fix it ’till it broke”, but these days I don’t really need to experiment that much and I’d rather keep a working system, well, working).

Second hand slugs go for around £25 on ebay, and there are still plenty about, so I bid for one that had only about a day to go and was successful. Unfortunately, when it turned up I found that the power supply was fsckd and so I had to switch off one of my operational slugs in order to test the new one. Happily it appeared to boot up OK so I fired off a disgruntled email to the seller and then ordered a new PSU. The seller claimed that it “worked OK when I boxed it” and didn’t offer to pay for the replacement PSU so I wasn’t too happy with him. I became even less happy when the new PSU arrived and I booted up the slug in preparation for reconfiguration to match my network before installing debian.

The debian installation process is handled via an SSH shell. You need to know the address of the slug in order to connect and install. The installer also needs the addresses of a local DNS server and the default route to the outside world (so it can find the servers containing the installation packages). Now the default, factory settings, for slugs includes a fixed IP address of 192.168.1.77. If this does not match your requirements, it must be changed before reflashing with debian. Guess what? The default address didn’t work, so the previous owner must have reconfigured the slug to match his network and he had not bothered to reset to factory default before selling. Nor had he been considerate enough to let me know the new configuration. Needless to say I won’t be buying anything else from him. Nor did he get decent feedback.

I couldn’t reconfigure the new slug until I could connect so I needed to find out what address it was using. A quick nmap scan of the 192.168.1.0/24 netblock showed that it wasn’t even on the default network range so I fired up wireshark and etherape on one of my machines in the hope of catching the slug arping and getting the address from the request. In the event, etherape proved to be quicker (and easier) in providing the answer since the slug quickly popped up and disclosed its IP address as 192.168.2.10. Adding a route to the 192.168.2.0/24 net then allowed me to finally connect and reconfigure the new beast to suit my network. I then rebooted and started a fresh installation of lenny (as previously described in one of my earlier posts). About four hours later I had a nice new clean slug running lenny.

However, since the main purpose of getting the new slug was to allow me to test the upgrade to squeeze in safety I really needed to make it look like my main operational slug. That slug is my DNS and DHCP server, and primary rsync backup for my desktops. It also runs a webserver. Like most (lazy) sysadmins my system documentation tends to lag somewhat behind reality so I can’t rely on the various readme files I routinely create on my boxes to be completely up to date (or even accurate). Fortunately for me though, debian provides a neat way of snapshotting installed packages on a system. You can then use this snaphot to create a mirror of that system which will include all the same packages. Here’s how:

On the source system:

dpkg –get-selections | grep -v deinstall > packages.txt

This lists all active packages, except those deinstalled, and sticks the list in a text file.

Now copy that file to the target system, ensure that the target system’s “sources.list” file matches that on the source, and then run:

dpkg –clear-selections
dpkg –set-selections < packages.txt
apt-get dselect-upgrade

This will download and install all the packages necessary to get the target system matching the source.

All that is now left to do is copy across any relevant configuration files so that the two systems fully match and then rebooot the target to check that everything looks OK.

New slug now finally matching old slug it was time to upgrade to squeeze. Martin Michalmayr’s excellent website documents the upgrade process in meticulous detail. The key points to note here are his recommendation that you read the release notes for debian 6.0. In particular, note and follow the chapter on upgrades from debian 5.0 before attempting an actual upgrade. One of the main differences between 5.0 and 6.0 is the use of UUIDs to reference disks. In my case this meant changing my /etc/fstab from this:

# /etc/fstab: static file system information.
#
#
proc /proc proc defaults 0 0
/dev/sda2 / ext3 errors=remount-ro 0 1
/dev/sda1 /boot ext2 defaults 0 2
/dev/sda5 none swap sw 0 0

to this:

# /etc/fstab: static file system information.
#
#
proc /proc proc defaults 0 0
UUID=db57451a-e3e5-4d8a-95b9-494c48bb5e8d / ext3 errors=remount-ro 0 1
UUID=022bc211-1c52-4848-9ee1-e211e72b28e4 /boot ext2 defaults 0 2
/dev/sda5 none swap sw 0 0

Before finally starting the upgrade I opened two separate SSH sessions to the slug. In one I ran the upgrade process as below:

first a partial upgrade as recommended at Section 4.4.4, “Minimal system upgrade”

apt-get update
apt-get upgrade

then install the required linux kernel image and udev as outlined in Section 4.4.5. “Upgrading the kernel and udev”

apt-get install linux-image-2.6-ixp4xx
apt-get install udev

followed by

reboot

and

apt-get upgrade
apt-get dist-upgrade

to complete the system upgrade.

Now here is where the second SSH session is most useful. The final upgrade and distribution upgrade installs the file indexing package “apt-xapian-index”. Correspondents on the debian arm list have noted that this package consumes more memory than is available on the poor old slug and it starts swapping itself to death. The process must be killed immediately and the package removed. If you leave it too long after the upgrade has completed you will find it impossible to log in until the initial indexation has completed (in excess of 24 hours or more has been reported) because the system is too busy. I ran “top” in the second shell during the dist-upgrade process and kept an eye on the load averages. As soon as they started climbing above 3 I knew that it was time to watch out for the apt-xapian-indexer and kill it. Once the system load returned to normal I was then able to finalise the upgrade with:

apt-get purge apt-xapian-index
apt-get autoremove

to remove the offending indexer and clean up any residual unneeded packages. A final reboot to check all was well was sufficient to convince me that it was safe to upgrade my two operational slugs using the same process. Testing the upgrade on the new slug in the way I did also meant that I now had a backup slug configured exactly like my main DNS server but running squeeze. Any failure on the remaining upgrade would not then be critical.

I must be getting old. I never used to be this cautious.

Tags: , , , ,
Posted in coding and admin, linux and unix, tips, tricks and howtos, trivial musing | No Comments »

one reason I don’t use apple

Saturday, July 2nd, 2011

Being a linux and FLOSS fan has its advantages, not least the fact that most, if not all of the software I would want to use (and indeed, /all/ of the software that I actually do use) is free as in beer as well as free as in speech. And given the much smaller target offered by my chosen desktop in comparison to the widely used proprietary offerings, my systems are amost entirely unbothered by malware.

Most of my friends use proprietary systems. A few insist on paying over the odds for Apple products and, perversely, seem to take some pride in doing so. One or two even seem to think that simply buying Apple products marks them as more discerning, cultured and intelligent than the great unwashed who buy their systems from PC World.

In the course of a recent series of email exchanges on this topic, I was therefore delighted to receive this image from another friend. I know he uses windows 7 – I’ve seen it.

(copyright “stickycomics.com” gratefully acknowledged.)

Tags: , , ,
Posted in linux and unix, trivial musing | 6 Comments »

« Older Entries