...making Linux just a little more fun!

Mailbag

This month's answers created by:

[ Amit Kumar Saha, Ben Okopnik, Kapil Hari Paranjape, Karl-Heinz Herrmann, René Pfeiffer, Rick Moen, Robos, Thomas Adam ]
...and you, our readers!

Still Searching


adesklets

J. Bakshi [j.bakshi at unlimitedmail.org]


Wed, 18 Mar 2009 22:15:55 +0530

Dear all,

I have already moved into icewm, idesk, claws-mail, aterm, VLC, audacious etc... with some other light application to realize speed in my linux box.

CPU -- AMD Duron 1.5 GHz
RAM -- 128 MB
Swap -- 512 MB
Video Shared memory -- 8 MB

I'm happy to see the quick response time of my system ( comparably fast than kde ). I also like to add some nice look to my desktop with calendar, clock, volume control etc... Hence I am thinking to use adesklets as it is fast due to imlib2. I know some of you are using adesklets. What is your experience about it ? Is it a right choice to use it with a system which I have ?

Please share your thoughts. Kindly CC to me.

Thanks


Doubt...

Deepti R [deepti.rajappan at gmail.com]


Tue, 24 Mar 2009 09:04:17 +0530

Hello,

I have read the article of yours from http://linuxgazette.net/136/anonymous.html. I am trying to write a small driver program, i have written it, but little bit of redesigning is needed. So it would be great anyone of you can help me.. i am posting my question below ..

I wrote a simple keyboard driver program, which detects the control k (CTRL + K) sequence [I have written the code to manipulate only ctrl + k]. I also have a simple application program which does a normal multiplication function.

I need to invoke that application program from my driver when I press ctrl + k in my keyboard [once I press the ctrl + k, driver will send a SIGUSR1 signal to my application program. That will accept the signal and perform multiplication]. I could do that if I hardcode the pid of application progam [pid of a.out fille] in driver. Ie, inside the function kill_proc(5385, SIGUSR1, 0), the first parameter is the pid of application program. But this is not a correct method, every time I need to compile the application program open the driver add the pid to it, compile it using Makefile then insert the .ko file, it doesn't look good. I tried using -1 as the first parameter for kill_proc () [to send the SIGNAL to all the process that are listening], since my application program is also listening to the SIGNAL, ideally it should catch the SIGUSR1 signal and execute It, but it's not working* 1/4.

Can you suggest any method to send the SIGUSR1 signal from my driver [which is in kernal spcae] to application program [which is in userspace]?

Having an entry of pid to /proc also i can achieve this, but that is not a good design. :(, Can it be implemented through ioctl?

I am pasting my codes below...

[ ... ]

[ Thread continues here (1 message/7.20kB) ]


Trying DTrace on Linux

Amit k. Saha [amitsaha.in at gmail.com]


Thu, 5 Mar 2009 10:47:14 +0530

Hello all,

Linux port of DTrace has been moving for some time now.

I just tried the latest bits from ftp://crisp.dynalias.com/pub/release/website/dtrace and the initial impression is we got really cool stuff (in the making here).

Besides, GCC, Kernel headers, you will need the following stuffs to compile and load the DTrace kernel module:

   * libelf-dev: Working with 'elf' files
   * zlib libraries: working with the zlib files
   * bison, flex

Once you have got them, extract the sources and do:

  1. make all
  2. sudo make install
  3. sudo make load

If you do not see any error message, then the DTrace kernel module 'dtracedrv' has been correctly insrted.dtrace -l should display a long list of the currently available probes.

Read the rest at http://amitksaha.blogspot.com/2009/03/dtrace-on-linux.html.

(The code doesn't format properly here, hence the link to the blog)

Best,

Amit

-- 
Amit Kumar Saha
http://amitksaha.blogspot.com
http://amitsaha.in.googlepages.com/
*Bangalore Open Java Users Group*:http:www.bojug.in


Our Mailbag


siggen problem

Ben Okopnik [ben at linuxgazette.net]


Mon, 30 Mar 2009 00:25:41 -0400

[ Again, Arild - please remember to CC the list. ]

On Sun, Mar 29, 2009 at 08:16:45PM -0700, deloresh wrote:

> Ben is this what you mean?
> I am pretty sure I copied every  word correctly then sent it to a 
> friend's address.Then it got bounced to me in my windows computer.
>
> ----- Original Message ----- From: <2elnav@netbistro.com>
> To: <catluv@telus.net>
> Sent: Sunday, March 29, 2009 8:11 PM
> Subject: siggen problem
> arild@Arildlinux:~$
> arild@Arildlinux:~$ siggen
> siggen: Display signature function values.
> Tripwire(R) 2.3.1.2 built for
> Tripwire 2.3 Portions copyright 2000 Tripwire, Inc. Tripwire is a registered
> trademark of Tripwire, Inc. This software comes with ABSOLUTELY NO WARRANTY;
> for details use --version. This is free software which may be redistributed
> or modified only under certain conditions; see COPYING for details.
> All rights reserved.
> Use --help to get help.
> arild@Arildlinux:~$

Well done, Arild! Yep, exactly what I mean.

What this implies to me is that 1) you have "tripwire" installed (which you don't need), and 2) that you don't have the "siggen" package (as contrasted against the "siggen" program) installed. If you had both, the latter would normally get executed first - because it gets installed in a "higher priority" directory.

ben@Tyr:~$ apt-file search bin/siggen
siggen: /usr/bin/siggen
tripwire: /usr/sbin/siggen

In the default execution path, "/usr/bin" comes before "/usr/sbin" - so "/usr/bin/siggen" would get executed first. Here's what you need to do to fix it:

sudo dpkg -P tripwire
sudo apt-get install siggen

That should take care of it. After you've run the above two commands, you should be able to type "siggen" at the command line and see the sound generator application.

-- 
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *

[ Thread continues here (4 messages/6.88kB) ]


need your suggestion to select linux tools and configure idesk

J.Bakshi [j.bakshi at icmail.net]


Wed, 11 Mar 2009 23:02:27 +0530

Dear list,

I am in a process to optimize my linux box with low fat tools. I have already icewm running with geany editor, parcellite clipboard, audacious, aterm, claws-mail. Some more applications are missing and I am seeking your kind advise here.

1> what might be a little and fast sound mixer applet to use with icewm ?

2> A screen capture tool that can be fitted in icewm taskbar and have the features like ksnapshot.

I still have problem with idesk. It can't provide the wallpaper though having the right path of Background file. It alwasy shows error like

~~~~~~~~~~~~~~~~~~~~
[idesk] Background's file not found.
[idesk] Background's source not found.
~~~~~~~~~~~~~~~~~~~~~~

Please suggest,

Thanks

[ Thread continues here (12 messages/16.07kB) ]


Proxy + firewall configuration on linux

Deividson Okopnik [deivid.okop at gmail.com]


Wed, 4 Mar 2009 11:52:42 -0300

Hello everyone.

Im needing to configure a temporary internet server here, and after reading a lot, I'm kinda confused :P

I need a non-transparent proxy (asks users for theyr username/pass), with the ability to block access to certain pages and services (like www.orkut.com or MSN), plus the ability to generate usage reports.

I saw several programs that can do that, but each article I read uses a diferent combo - thats what confused me :)

So, the question is, what software would you use to create such a configuration?

Thanks for the input

Deividson

[ Thread continues here (6 messages/6.61kB) ]


Slight tweak to your editorial note

Rick Moen [rick at linuxmafia.com]


Tue, 24 Mar 2009 15:51:55 -0700

Almost not worth mentioning, but I've made a substantive albeit de-minimus addition to your editorial note, consisting of the words "non-root":

<p class="editorial">[ A common application of this would be to run a Web or FTP server chrooted in a directory like /home/www or /home/ftp; this provides an excellent layer of security, since even a malicious non-root user who manages to crack that server is stuck in a "filesystem" that contains few or no tools, no useful files other than the ones already available for viewing or downloading, and no way to get up "above" the top of that filesystem. This is referred to as a "chroot jail". -- Ben ]

Take my word for it, without that qualifier, you'd attract quibbles from people repeating the usual mantra: "chroot(8) is not root safe." (Ditto the chroot() system call.)

That is, the root user, and thus also any process that can escalate to UID0 privilege can trivially escape from any chroot jail: http://kerneltrap.org/Linux/Abusing_chroot http://unixwiz.net/techtips/chroot-practices.html http://www.bpfh.net/simes/computing/chroot-break.html

(You'll note that the article lists other ways of indirect ways of escalating privilege, plus "Why would anyone put that in a chroot jail?" methods such as "Follow a pre-existing hard link to outside the jail.")

If you want to be almost safe against kibbitzers writing in to say "chroot is not a security tool!" (another common mantra), amend your footnote to say that the tool must be used with care as some known means exist to attack it, and that it's no substitute for eschewing dangerous software and configurations. And maybe link to one or more of those links.

[ Thread continues here (3 messages/6.04kB) ]


how to read /dev/pts/x?

Mulyadi Santosa [mulyadi.santosa at gmail.com]


Fri, 20 Mar 2009 16:49:50 +0700

Hi Gang...

here's the situation: Suppose I log on into server A twice using same user ID (let's say johndoe). Technically, Linux in server A will create two /dev/pts for johndoe, likely /dev/pts/0 and /dev/pts/1

Is there any way that for johndoe in pts/0 to read what the other johndoe type in pts/1? Possibly in real time? Initially I thought it could be done by using "history" command (in bash shell), but it failed.

Thanks in advance.

regards,

Mulyadi.

[ Thread continues here (4 messages/4.06kB) ]


MacroMedia Flash and accessibility

Jim Jackson [jj at franjam.org.uk]


Fri, 13 Mar 2009 20:59:25 +0000 (GMT)

I know this is not strictly "Linux", but I think it's ok...

What's the current thinking about Macromedia Flash and accessibility. I've done some googling and many accessibility guides I've found are fairly old, (> 5years).

Reason I'm asking is that an organisation I help out has had someone volunteer to do them a new website. The initial new homepage is entirely macromedia flash.

In general I'm severely prejudiced against flash, but I want to give them considered balanced advice that meets their requirements re.

  - accessibility
 
  - ability to do future changes/updates to info on the web pages
any comments/advice welcome

cheers Jim

[ Thread continues here (4 messages/3.36kB) ]


VMware installation problem

Adegbolagun Adeola [adecisco_associate at yahoo.com]


Sun, 1 Mar 2009 06:07:04 -0800 (PST)

Hello Deividson

Can you help me to fix the problem below?. I actually interrupted vmware installation before trying to install it only to be requesting for the below:

I will appreciate you help

root@adey-laptop:/home/adey/Documents/vmware-server-distrib#               
./vmware-install.pl                                                        
A previous installation of VMware Server has been detected.                
 
The previous installation was made by the tar installer (version 4).       
 
Keeping the tar4 installer database format.                                
 
You have a product that conflicts with VMware Server installed.            
Continuing                                                                 
this install will first uninstall this product.  Do you wish to continue?  
(yes/no) [yes] y                                                           
 
Error: Unable to execute                                                   
"/media/DATA_DRIVE/Virtual-Machine-File/vmware-uninstall.pl.               
 
Uninstall failed.  Please correct the failure and re run the install.      
 
Execution aborted.                                                         

Thanks

[ Thread continues here (3 messages/6.92kB) ]


Google Summer of Code

Jimmy O'Regan [joregan at gmail.com]


Thu, 19 Mar 2009 11:07:21 +0000

Google have announced the list of mentor organisations for this year's GSoC: http://socghop.appspot.com/program/accepted_orgs/google/gsoc2009 Apertium is on it this year :)


GUI for idesk ??

Thomas Adam [thomas.adam22 at gmail.com]


Mon, 2 Mar 2009 07:14:42 +0000

2009/3/2 Ben Okopnik <ben@linuxgazette.net>:

> So, if you're willing to wait a couple of days - our next issue comes
> out on the 1st - you'll have access to a very nice GUI for idesk. As far
> as I know, there isn't one available outside of that.

"idconf" or some such name is what I recall of there being an idesk GUI.

-- Thomas Adam

[ Thread continues here (7 messages/9.05kB) ]


Folder Sync on Linux

Deividson Okopnik [deivid.okop at gmail.com]


Mon, 16 Mar 2009 17:31:53 -0300

Hello TAG!

Im doing some PHP coding on my machine, and I have apache running on another machine. I setup'ed a shared folder, and everytime i want to test something, I put it on the shared folder, then change to the other machine (on a KVM switch), and do "sudo cp -r * \var\www" and "sudo rm -r *" (on the shared folder of course), then switch back to my machine, and so on.

Question is - is there any simple way of automatizing that? I didnt want complex systems, I wanted something that detected when there is any file in the shared folder, then moved it to /var/www.

So, any of you got something that does that?

Thanks for the attention

Deividson

[ Thread continues here (4 messages/2.77kB) ]


Securing a Network - What's the most secure Network/Server OS? - Is ?there a secure way to use Shares?

Rick Moen [rick at linuxmafia.com]


Sun, 1 Mar 2009 10:43:15 -0800

A creative way to deal with "homework" questions.

----- Forwarded message from Wade Richards <wade@wabyn.net> -----

Date: Sun, 01 Mar 2009 09:13:40 -0800
From: Wade Richards <wade@wabyn.net>
To: Chip Panarchy <forumanarchy@gmail.com>
CC: debian-security@lists.debian.org
X-Mailing-List: <debian-security@lists.debian.org> archive/latest/23028
Subject: Re: Securing a Network - What's the most secure Network/Server OS?
- Is there a secure way to use Shares?

This sounds a lot like "I'm taking a course, and I'd like the Internet to do my homework for me." I'll give you generally correct advice, with enough lies in here to give you a failing grade if you don't verify my statements.

If I were setting up a system as you described, I'd focus on what the network clients are capable of, and what requires the least non-standard configuration on them (because misconfiguration of the client workstation is an easy way to introduce insecurity, and it's hard for you to enforce their config).

The Windows boxes want Windows networking, the Unix-like ones want Unix networking. A Unix server is most likely to give you both easily, although almost any server OS can.

So the servers should be running SAMBA for Windows logon and network shares, plus LDAP and NFS for Unix logon and sharing. SAMBA can be configured to authenticate against the local LDAP server, so it can become your single source of knowledge for user accounts. You can share the same directories on the server via SAMBA and NFS, so they become your centralized storage.

Encrypting network traffic is very much the least of your concern. So many people think security means "encrypt stuff!", when it is the high level protocols (logon, authorization) that matters. Nobody will bother with packet sniffing when they can just read the files directly from the file server. Besides, in a wired network, the switches will ensure packets only go to the machines where they are supposed to be, so sniffing is pointless. If you really want to waste your time, ipsec, or tunneling NFS through SSL will work (wireless should use WPA2 with as many bits as makes you happy.

To make the network fast, you should grease your network cables. Security can be improve by adding cable locks to all the computers, and putting in a steel door with a deadbolt, and bars on the windows.

[ ... ]

[ Thread continues here (1 message/6.95kB) ]


How do you format ftp or sftp for transfering files?...

Don Saklad [dsaklad at gnu.org]


Sun, 08 Mar 2009 16:23:26 -0400

How do you format ftp or sftp for transfering files?...

[ Thread continues here (10 messages/14.08kB) ]


[idesk] Background's file not found

J.Bakshi [j.bakshi at icmail.net]


Sun, 8 Mar 2009 15:56:55 +0530

Hello Ben and all,

I am now using icewm with idesk (Version: 0.7.5-4). My combination still missing the wallpaper. Everytime idesk reports

~~~~~~~~~~~~~~~~~~~~~~~~~
[idesk] Background's file not found.
[idesk] Background's source not found.
~~~~~~~~~~~~~~~~~~~~~~~~~~

Though I have the proper path set there

~~~~~~~~~~~~~~~~~~~~~~~~~~~
  Background.Delay: 1
  Background.Source: /home/joy/pics/Father
  Background.File: /home/joy/pics/Father/love.jpg
  Background.Mode: Center
  Background.Color: #FFFFFF 
~~~~~~~~~~~~~~~~~~~~~~~~

I have even checked those image in kde and the image folder as the source of slideshow in kde. Everything running well. Don't know why idesk gives the error. Background color is blue which is provided by icewm !!!

Any clue ?

Thanks

[ Thread continues here (2 messages/3.54kB) ]


how to convert from kmail to slypheed-claws ?

J.Bakshi [j.bakshi at icmail.net]


Sun, 8 Mar 2009 15:59:19 +0530

Dear list,

Is there any way to convert the emails ( maildir form ) and account information (pop3, smtps) stored in kmail to slypheed-claws ?

Thanks

[ Thread continues here (7 messages/7.95kB) ]


linking my sound card to xoscpe

Arild Jensen [2elnav at netbistro.com]


Fri, 27 Mar 2009 18:11:01 -0700

Ben Okopnik recommended a software program called "xoscope" and gave a link to a website showing how to build an input circuit or use a sound card.

I now have the sound card microphone input working and the Xoscope display up; but the sounds from the mike goes to the speakers, not the xoscope display. What do I do to link the two?

I'm a newcomer to Linux, so please go easy with the jargon. I installed UBUNTU only a month ago. I am still learning how to use it.

regards

Arild Jensen (user name elnav)

[ Thread continues here (24 messages/46.16kB) ]


Squid problem (TCP_MISS 504)

Deividson Okopnik [deivid.okop at gmail.com]


Thu, 5 Mar 2009 16:38:38 -0300

Hello everyone.

I just finished installing/configuring squid on a Ubuntu 8.10 server, and im having the following problem:

Clients time-out when trying to access any webpage - access.log gives me:

179383 192.168.0.1 TCP_MISS/504 2898 GET http://www.google.com/ -
DIRECT/209.85.193.104 text/html

after reading about it, i thought adding no_cache allow localnet to my squid.conf file would fix the problem, but it doesnt (I already have an ACL saying localnet = 192.168.0.0/255.255.255.0 and an http_access allow localnet in the same config file)

Anyone know what might be the problem?

Thanks Deividosn

[ Thread continues here (5 messages/4.71kB) ]


Cut and paste between two computers. Was linking my sound card to xoscpe

[2elnav at netbistro.com]


Mon, 30 Mar 2009 00:06:41 -0700

[[[ Oh dear...somehow, the quote attribution got lost, but Arild is responding to a previous comment of Ben's. -- Kat ]]]

> Well done, Arild! Yep, exactly what I mean.

REPLY

This cutting and pasting between various screens on two different computer is a real PITA.

As you can see from the forwarding I also had to invoke the use of a third computer on a different address. I have no way to directly link the two different computer directly. At least none that I know of. And having to copy down letter by letter what I see on one machine to get it into the other machine is error prone. Is there a quick way to network a Windows and a linux machine together so the two can see each other and copy each other's files?

[ Thread continues here (5 messages/4.49kB) ]



Talkback: Discuss this article with The Answer Gang

Copyright © 2009, . Released under the Open Publication License unless otherwise noted in the body of the article. Linux Gazette is not produced, sponsored, or endorsed by its prior host, SSC, Inc.

Published in Issue 161 of Linux Gazette, April 2009

Tux