Linux

You are currently browsing articles tagged Linux.

My Almost Three Years with Mac OS X

Wednesday, March 29, 2006 in Macintosh by slowe

A blog entry by Giles Turnbull a few days ago titled “My five years with Mac OS X” got me to thinking about my own experiences with Mac OS X.  As I started thinking about it, I realized that it’s been almost three years for me.

Like Giles, I was more of a lurker than a switcher as the news and coverage surrounding Mac OS X grew in intensity.  I had followed the development of Mac OS X, watching with interest as a platform I had once used (back in the System 7.x days) was transformed into something completely new.  I had tried switching away from Microsoft Windows a couple of times (to various distributions of Linux), but kept coming back—primarily because using Linux just took too much time and too much effort for me to get my job done.

It wasn’t until the release of “Jaguar” (Mac OS X 10.2) that I really started paying attention.  Linux had matured quite significantly, but still had issues (at least for me) as an everyday use OS on a laptop.  Windows, on the other hand, was bogged down in Windows XP, and the next version of Windows was (and still is) quite a ways off.  Further, with Microsoft’s track record of cutting features during product development (can anyone say WinFS?), there was no telling what would actually make it into the final product.  There was also the strong upswing in malware (that rise still continues).

Despite Linux’s limitations, I loved the idea of Linux, and the power that it offered.  Could it be that Mac OS X would be the answer?  Fortunately for me, Apple had opened a retail store not too far from my house, and I started making regular visits there to get some hands-on time with Mac OS X.  I started conducting extensive research online, looking up feedback and reviews and impressions of the product.  Most importantly, I took a hard look at the tasks that I do on a day-to-day basis, and I made sure that Mac OS X had applications that allowed me to get my job done.

Finally, I took the plunge.  I bought a 15“ PowerBook G4 1GHz and a copy of Microsoft Office X for the Mac.  From that point forward, I don’t think I’ve looked back.  Since that time, I’ve uncovered so many fabulous applications that I use everyday to make my life easier.

So, here I am, almost three years later, and still loving being a Mac OS X user.  In fact, as I am sitting here writing this entry, I am connected to two different networks (one wireless, one wired), uploading files to two different servers via SFTP, logged into several IM networks, running multiple Remote Desktop sessions to Windows-based servers, and pulling e-mail from multiple e-mail accounts simultaneously.  How could I not love it?

Tags: , ,

Installing VMware Workstation on Ubuntu

Wednesday, March 22, 2006 in Linux, Virtualization by slowe

Once I’d gotten Ubuntu up and running on my HP nc8230 laptop, the next order of business was—due to business needs—get a copy of Windows XP Professional running under VMware Workstation on Ubuntu.  While I’m not a huge Windows fan (I prefer Mac OS X and Linux to Windows, generally), I also recognize the need for Windows in a world where your customers all run Windows.

I’d never installed VMware Workstation on a Linux host before, so this would be a new experience for me.  It couldn’t be that hard, right?  Well, it wasn’t as easy as I had hoped it would be, that’s for sure.

In order to get VMware Workstation 5.5.1 to install on Ubuntu 5.10, here’s what I had to do:

  1. Copy the VMware Workstation 5.5.1 software onto the machine.
  2. Using apt-get, install gcc, g++, and the appropriate Linux headers.
  3. Untar the VMware Workstation software and run the installation script.  When prompted, go ahead and compile a custom vmmon module.

That should do it.  One site I found while preparing for this also suggested installing the “build-essential” package, but I didn’t install this and VMware Workstation seems to run just fine.

Coming up soon:  installation of Solaris x86 under VMware Workstation running on Ubuntu Linux!

Tags: , , ,

Installing Ubuntu on an HP Compaq nc8230

Wednesday, March 22, 2006 in Linux by slowe | 2 comments

I was issued a new HP Compaq nc8230 laptop today, with the standard corporate image of Windows XP Professional Service Pack 2 and the assorted applications.  One of the very first things I did was install Ubuntu 5.10.  Here’s some additional information on a few of the hurdles involved (there aren’t many, fortunately).

I was already familiar with Ubuntu 5.10, having already installed it for my daughters on two older Compaq laptops.  However, I’d never installed it on brand-new equipment, so I was a bit concerned that all the hardware wouldn’t be detected properly.  A bit of searching came up with this article indicating that Ubuntu 5.04 had installed succesfully, so I felt fairly confident that everything would be fine.

So I popped in the Ubuntu installation CD, pressed Enter when prompted, and was soon greeted with a blank screen.  That was odd.  I rebooted, and got the same behavior.  Upon the next reboot, I pressed F1 at the “boot:” prompt to review some parameters.  I quickly stumbled onto the “vga=771” parameter.  At the boot prompt, I used “linux vga=771” and the system booted into the installation menu.  My first hurdle was overcome.

The rest of the installation seemed to go smoothly, right up until the point where the installation crashed with a message that it couldn’t copy files from the CD-ROM.  In fact, it couldn’t detect that the CD-ROM drive even existed.

I rebooted, tried again, got a little bit farther, and got the same message again.  Examining the CD a bit closer, I didn’t see anything wrong with the disc (no obvious scratches, dirt, smudges, etc.), but cleaned the CD nevertheless and tried again.  This time the installation process was successful, and everything was golden.

Until the X Server didn’t work on the final reboot.  Sigh.  Referring back to this article I’d found earlier, I followed the instructions to remove (if possible) and reinstall the xorg-driver-fglrx package and then reconfigure X.  When I had finally completed those steps, the X Window System started up and dropped me onto a customized GNOME desktop.  Finally!

From there, I proceeded to install a 686 kernel (instead of the generic 386 kernel) and run an “apt-get upgrade” to pick up the latest packages from the Ubuntu repositories.  So far (knock on wood), everything has been pretty stable and pretty functional.

UPDATE:  Scratch that functional part.  The laptop has locked up more times in one afternoon than my PowerBook has in the 2+ years that I’ve owned it.  I’m not really sure what’s going on with this thing, but clearly something isn’t quite right.

Tags: , ,

Creating Users for a Postfix-Based Mail Relay

Wednesday, March 1, 2006 in Linux by slowe | 2 comments

This is a really, really, really simple task, but to save me the time of looking it up on those rare occasions when I need to do it I’m capturing the information here.  This is how to create, delete, or modify users for a Postfix-based mail relay using SASL.

All of these examples assume that SASL is configured to use “sasldb” as the authentication mechanism.

To create a new user, use the following syntax:

saslpasswd2 -c -u <domain> <username>

For simplicity’s sake, it’s easiest to make both the domain and the username in the command above the same as the domain and the username in the user’s e-mail address.  This will make their full username the same as their e-mail address.

To change an existing user’s password:

saslpasswd2 -u <domain> <username>

This will prompt for password and password verification.  To delete an existing user:

saslpasswd2 -d -u <domain> <username>

Finally, to list the available users on the system, simply use:

sasldblistusers2

This will list all the SASL users defined in the SASL database.  Please note that the users’ passwords will show up only as “userPassword”, so it’s not possible to see their existing passwords (at least, not without some effort).

There—now, the next time I need to do this, I’ll be able to easily remember the instructions.

Tags: , , ,

A Pair of Asterisk Articles

Monday, February 20, 2006 in Networking by slowe

There’s been a bit of an Asterisk convergence recently, or at least for me.  I’ve come across a couple of articles that share one thing in common:  the open source Asterisk VoIP PBX software.  From wireless routers to virtual machines, Asterisk is making some noise.

First, there was this article from Nerd Vittles about a prebuilt Asterisk@Home virtual machine (instead to be used with the free VMware Player, but conceivably also usable with the upcoming free VMware Server) available from vmwarez.com.  For all of us who’ve thought about experimenting with Asterisk, now we have no more excuses.  With a prebuilt VM that has already taken the tedium from building an Asterisk PBX, now all we have to do is load it up and start tinkering.  (Nerd Vittles also has a great article on the setup of Asterisk@Home 2.5.)

(Note:  Asterisk@Home is a project that combines Asterisk with the base operating system—CentOS 4.2—and a number of associated applications for easy installation and deployment.)

Then, I find this article from NewsForge about Asterisk@Home running on OpenWrtOpenWrt is a Linux distribution designed for wireless routers; specifically, the Linksys WRT54 series.  It’s cool enough being able to load a full Linux distribution onto a wireless router, but it’s even cooler being able to turn that wireless router into an open source VoIP PBX as well.  What will they think of next?

Tags: , , , , , , ,

The Year of the OS X Exploit

Thursday, February 16, 2006 in Macintosh by slowe | 1 comment

UPDATE:  A problem with the original title and the resulting URL for this posting caused some problems, so I reposted with a better title and a clean URL.  Sorry!

The security advantages—real or perceived—of Mac OS X have been tossed around by many, including some so-called security experts.  Some say that Mac OS X is only more secure because it is less common and therefore less tempting to a cracker.  Others say that Mac OS X’s underlying Unix architecture makes it inherently more secure, regardless of popularity.  This SecurityFocus article on a hacked Apple PowerBook seems to give credence to the former instead of the latter.

According to reports, a security researcher’s “hardened” Apple PowerBook was compromised at a recent hacking conference.  It is believed that an unknown exploit allowed the compromise to take place.  However, forensic analysis conducted afterward could not show any trace of a compromise or intrusion.  Fact, or fiction?  It’s anybody’s guess at this point, but the rumors are flying that this is “the year of the OS X exploit.”

I’m not so sure I believe that, but I also don’t believe that it’s impossible, either.  I do believe that as Mac OS X gains in popularity, crackers will begin to target the platform more heavily than they are right now.  At the same time, I also believe that Mac OS X is inherently more secure than Windows, due in large part to two factors:

  • Mac OS X’s underlying Unix architecture
  • Lack of driving need for “backward compatibility”

The Mac’s greatest vulnerability is, strangely enough, its ease of use.  Many users, unaware of the dangers of untrusted binaries and lured into complacency by the slick user interface, won’t think twice about authenticating with administrative credentials when prompted to do so.  But who’s to know what’s really going on under the hood?  And from a consumer’s perspective, who cares what’s going on under the hood?  (When’s the last time you looked under the hood of your car?)

It’s almost certain that Mac OS X will come under greater scrutiny in the coming months.  It’s not quite so certain that a widely-exploitable flaw will be uncovered, nor is it certain that built-in Mac OS X security features won’t be able to quickly mitigate such a flaw.  As with all aspects governing security, the best approach is to remain vigilant.

(Meanwhile, don’t even get me started about how Mac OS X on x86 will be less secure than Mac OS X on PowerPC.)

Tags: , , ,

Open Source Hardware

Wednesday, February 15, 2006 in Interoperability by slowe

Sun joins IBM in trying to use the open source software model to help with hardware as well.  (Thanks to Linux-Watch for the news.)  Creating a new project called OpenSPARC, Sun is open sourcing the specifications for its latest SPARC processor, the UltraSPARC T1, code-named “Niagara.”

According to the Linux-Watch article, the effort is intended to help drive the development of ports of Linux and BSD that can take full advantage of the CoolThreads technology in the UltraSPARC T1, which provides 32 threads of execution.  This allows the T1 to provide much greater throughput at lower clock speeds with dramatically lower power consumption.

In addition to the processor architecture and code, Sun is also open sourcing its HyperVisor API information.  Like other vendors’ hypervisor efforts, the idea is to allow multiple operating systems or multiple instances of an operating system to run simultaneously on the same hardware.  Again, ports of Linux and BSD that are designed to take full advantage of the UltraSPARC T1 architecture and HyperVisor API are beneficial to Sun because they can help drive sales of their hardware.

It’s a good idea, really, if you think about it.  Sun’s big into open source these days, after creating the OpenSolaris project in an effort to open source the entire Solaris operating system.  However, Solaris is really the only operating system that can run well on Sun’s SPARC hardware, and helping other alternatives to run equally well on SPARC hardware would encourage more people to buy SPARC hardware.  With any luck, Sun could create the kind of momentum and mystique around their SPARC hardware as they’ve done with their AMD-based “Galaxy” servers.

It’ll be interesting to see how it plays out.

Tags: , , , , ,

Bonjour on Linux

Tuesday, January 31, 2006 in Linux by slowe

A while back, I experimented with a multicast DNS (mDNS) responder for Linux.  (For those not already “in the know,” so to speak, multicast DNS is one of the key components of Bonjour, Apple’s automatic service discovery functionality—formerly known as Rendezvous).  For some strange reason, I had an urge to try it again today.  Here’s what I found.

First, I started looking for an “official” RPM package for a CentOS 4.2-based server that I manage.  Despite numerous Google hits that implied an official RPM existed, I could not find one.  (Pointers and/or URLs are welcome.)  I finally found a few RPMs on one of the CentOS mirrors, and installed it without any major issues.  The problem was, there was no documentation.  It installed an executable file called mdnsd, along with a directory in /usr/share/doc and a matching init script.  But how to configure it?  How to tell it what services to advertise via mDNS?

Having no luck whatsoever finding any additional documentation, I turned to a POSIX-compliant mDNS responder I had downloaded from Apple’s developer site and compiled on Red Hat Linux 9.0 some time ago.  I also had a simple init script for it, which (if I recall correctly) had been created by Rui Carmo of Tao of Mac (great site, by the way—I recommend it).  Fortunately for me, all I had to do was just copy the files over to the CentOS-based server and place the files in the right place, and it worked flawlessly.

Sure enough, I could now see this Linux-based server in Terminal.app’s “Connect to Server” dialog box.  I could not, however, see the server as an SFTP server in Cyberduck.  I briefly searched to see what kind of advertisements Cyberduck was expecting to see, but couldn’t find any information.  (Note, strangely enough, that Terminal.app could see the server as an SFTP server, but Cyberduck couldn’t.)

Now don’t ask me why exactly I was driven to tinker with this today, because I couldn’t tell you.

More information on multicast DNS, DNS Service Discovery, and related technologies can be found at the sites linked below:

DNS Service Discovery (DNS-SD) - http://www.dns-sd.org/
Multicast DNS - http://www.multicastdns.org/

Tags: , , , , , , ,

GSX Upgrade Much Smoother This Time

Tuesday, January 24, 2006 in Virtualization by slowe

Earlier today I completed another GSX Server upgrade (from version 2.5 to version 3.2.1) for a customer, and fortunately this upgrade was much smoother than the last GSX Server upgrade.

No BSODs (Blue Screens of Death) this time during the uninstallation, and the previous version uninstalled itself cleanly.  The installation of the new version went quickly and smoothly, and in practically no time we were booting up “legacy” VMs under the new version of GSX Server.

As with the previous upgrade, those VMs running Red Hat Linux 9.0 detected “new” hardware (specifically, a “new” network card and a “new” SCSI card; ironically, they are exactly the same virtual hardware as before) and seamlessly migrated over the configuration without any issues whatsoever.

Unfortunately, I was dismayed to find that a VM running CentOS 4.2 did not maintain the network configuration while setting up this “new” hardware, so I had to go back in and re-enter the network settings.  This was only a minor inconvenience, as the network reconfiguration was quick and easy.  It’s also nice to note that the time synchronization problems with CentOS 4.2 appear to have resolved themselves now under the new version of GSX Server.  (Note that even after the changes that mostly resolved the NTPd problems, time was still slightly off and lots of NTPd messages were being logged; even those issues have disappeared as well.)

The network reconfiguration on a VM running Windows Server 2003, on the other hand, was not quick and easy.  As before, the network configuration simply disappeared during the discovery of “new” hardware.  In the last upgrade for this customer, the only Windows-based VM we had to work with was an older Windows 2000-based server.  I had hoped that the problems we’d seen with that server would be resolved in Windows Server 2003.

Not so.  The VMware Tools installation removed the driver and installed a new driver, so even if the network configuration had made it through the “new hardware” discovery process, it would have been hosed at that point.  Eventually, after a couple of different reboots, I finally had the Windows server up and running with its original network configuration again.  If there is one area I’ve found so far that VMware really needs to work on, it’s this one.

Tags: , , , , , ,

Bypassing Root’s Password

Tuesday, January 24, 2006 in Linux by slowe

I had a situation today where a customer forgot the root password to a Debian GNU/Linux 3.1 system in their office.  That left it up to me to try to find a way to get into the system.  Here’s how I managed to gain access.

(Note: As far as I am aware, NONE of the information I’m going to list in this article will work across the network; you MUST have physical access to the server.  Therefore, I’m not too terribly worried about “making it easier for the hackers”.  If you don’t have physical security, then no amount of electronic security is going to help you!)

Here’s how it works:

  1. With physical console access, reboot the server.
  2. When the Grub menu comes up, press “e” to edit the menu selections.
  3. Use the arrow keys to select the Kernel line, then press “e” again.
  4. Add “single init=/bin/bash” to the end of the existing line.
  5. Press “b” to boot the modified line.
  6. The system will boot up into single-user mode.  Unfortunately, the root filesystem will be mounted read-only, so you’ll need to remount it using “mount -o remount,rw /”.
  7. Use the “passwd” command to change the password for root to whatever you like.
  8. Reboot the computer again and log in as root with the new password.

There are ways to protect against even this (a BIOS-based power-on password, or passwords in Grub to prevent casual editing of the boot configuration), and those steps may be necessary depending upon the other aspects of physical security.  If this system is out where people can get to it, then I’d highly recommend taking these additional steps to secure the server.

Please note that I’ve only done this on Debian GNU/Linux 3.1, but I would be reasonably confident that the steps will work elsewhere as well.

Tags: , ,

« Older entries § Newer entries »