I'm Linux Girl: 2008

Thursday, June 19, 2008

openSUSE 11.0 Release Notes

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included as the file fdl.txt.

The release notes are under constant development. Download the newest version as part of the Internet test or refer to http://www.suse.com/relnotes/i386/openSUSE/11.0/RELEASE-NOTES.en.html.

These release notes cover the following areas:

General: Information that everybody should read.
Update: Changes that are not mentioned in the Reference Guide, Chapter 5.
Technical: This section contains a number of technical changes and enhancements for the experienced user.

In the Start-Up Manual, find information about installation and basic system configuration. In the Reference Guide, the system configuration is explained in detail. Find basic information on GNOME and KDE in the QuickStart Guides. Detailed information on using AppArmor is provided by the AppArmor Administration Guide.

General

Update

Technical

General

Press Ctrl-Alt-Backspace Twice to Terminate the X Server

Pressing Ctrl-Alt-Backspace on GNOME, KDE, or any other graphical desktop does not terminate the X server any longer. If you press Ctrl-Alt-Backspace within 2 seconds again, it terminates the X server. On most hardware you hear a beep after the first Ctrl-Alt-Backspace press.

In the past it was possible to accidentally terminate an X server using this key combination. Nevertheless, if you want to continue to use this key combination to terminate your X server, remove the following line from the ServerFlags section of the /etc/X11/xorg.conf file:

Option "ZapWarning" "on"

For more information, see the xorg.conf manpage.

YaST Gtk and Qt Front-Ends

By default, the new YaST gtk front-end runs on the GNOME desktop, and the YaST qt front-end on all the other desktops. Feature-wise, the gtk front-end is very similar to the qt front-end described in the manuals.

An exception is the gtk software management module (see the Start-Up guide in Chapter 3), which differs considerably from the qt port. To start the qt flavor on the GNOME desktop, invoke it as root at the command-line with:

yast2 --qt

Vice versa on KDE, if you are interested in the gtk front-end:

yast2 --gtk

Update

Squid 3.0

Squid 3.0 is now available. This version supports the Internet Content Adaptation Protocol (ICAP) and Edge Side Includes (ESI).

Check your /etc/squid/squid.conf manually— that is only required after an update. For example, after the update proceed as follows:

cp /etc/squid/squid.conf /etc/squid/squid.conf.2.6
cp /etc/squid/squid.conf.rpmnew /etc/squid/squid.conf

Then transfer settings done for version 2.6 from /etc/squid/squid.conf.2.6 to /etc/squid/squid.conf. For reference, /etc/squid/squid.conf.default coming with squid 3.0 is also available.

Note the following changes:

changes in logging file access.log
squid.conf has new, renamed, and removed configuration options.

Features not available any longer:

  • refresh_stale_hit option. Not yet ported.
 • ability to follow X-Forwarded-For. Not yet ported.
 • Full caching of Vary/ETag using If-None-Match. Only basic Vary cache
   supported. Not yet ported.
 • Mapping of server error messages. Not yet ported.
 • http_access2 access directive. Not yet ported.
 • Location header rewrites. Not yet ported.
 • umask directive. Not yet ported.
 • wais_relay. Feature dropped as it's equivalent to cache_peer +
   cache_peer_access.
 • urlgroup. Not yet ported.
 • collapsed forwarding. Not yet ported.

For more information, see file:/usr/share/doc/packages/squid3/RELEASENOTES.html after package installation.

Xgl Versus AIGLX

On openSUSE 11.0 it is no longer possible to enable or disable Xgl with a graphical tool (such as gnome-xgl-settings in the past). Only the command line tool xgl-switch is still left to do this job. Instead AIGLX is now always enabled on supported hardware. There are still some issues with AIGLX (e.g., Xvideo is usually slower, OpenGL applications are misplaced when you rotate compiz' cube), but the majority of our customers are requesting to have AIGLX enabled by default. If you prefer Xgl over AIGLX use the command line tool xgl-switch to enable it:

xgl-switch --enable-xgl

If there are problems after enabling it (Xserver crashes, etc.) disable it again by running

xgl-switch --disable-xgl

The proprietary NVIDIA driver needs neither AIGLX nor Xgl for running with compositing managers as it provides its own framework.

To enable Compiz, use "Desktop Effects (simple-ccsm)" application from the application menu.

Technical

RPM Packages Now LZMA Compressed

RPM Packages in openSUSE 11.0 are now LZMA compressed. LZMA provides a better compression rate and is faster on decompression.

The rpm packager in openSUSE 10.3 and earlier cannot handle such RPM packages. If you want to open or install LZMA compressed RPMs on 10.3, install the rpm packager from 11.0 on your 10.3 system first. Note, this is not supported by Novell.

As a packager, remember to build packages for 10.3 and earlier without LZMA compression. Do not expect user to install a new rpm packager on old systems.

Printing Legacy Encoded Text Files

The printing system based on CUPS 1.3.x (Common UNIX Printing System) no longer converts legacy encoded text files such as ISO-8859-1, windows-1252, and Asian encodings on its own. Only UTF-8 and thus ASCII is supported.

As a work-around to print legacy encoded text files, convert before sending them to the CUPS server. To print an ISO-8859-1 text file, use:

iconv -f iso-8859-1 -t utf-8 filename.txt | lp -d printer

Note, printing of PDF or PS or such binary files (JPEG, PNG, etc.) works as before.

CUPS (Common UNIX Printing System) and UTF-8 Encoding

Since CUPS 1.3.4 the cupsd accepts only UTF-8 encoded data. Because this change is backward incompatible, older CUPS clients such as CUPS 1.1 may no longer work—for example, see http://www.cups.org/newsgroups.php?gcups.general+T+Q%22unsupported+charset%22.

Applications communicating with the cupsd such as hp-setup or the YaST printer configuration, do no longer work if neither a plain 7-bit ASCII nor a UTF-8 locale is used. The problem does not occur if you use a default UTF-8 locate as pre-configured on openSUSE since several years.

Major Update of dhcpcd (1.x to 3.x)

A major update of the dhcpcd package (from 1.x to 3.x) is available. Command line options are different. For a complete list check the dhcpcd manpage and the /usr/share/doc/packages/dhcpcd/dhcpcd-1-vs-3 file.

Inode Size on the Ext3 Filesystem Increased

The inode size on the ext3 filesystem is increased from 128 to 256 by default. This change breaks many existing ext3 tools such as the windows tool EXTFS.

If you depend on such tools, install openSUSE with the old value.

SuSEfirewall2: New Variables Starting with `FW_SERVICES_ACCEPT_RELATED_`

SuSEfirewall2 implements a subtle change regarding packets that are considered RELATED by netfilter.

For example, to allow finer grained filtering of Samba broadcast packets, RELATED packets are no longer accepted unconditionally. The new variables starting with FW_SERVICES_ACCEPT_RELATED_ have been introduced to allow restricting RELATED packets handling to certain networks, protocols and ports.

This means adding connection tracking modules (conntrack modules) to FW_LOAD_MODULES does no longer automatically result in accepting the packets tagged by those modules. Additionally, you must set variables starting with FW_SERVICES_ACCEPT_RELATED_ to a suitable value.

Fingerprint Reader Devices and Encrypted Home Directories

If you want to use a fingerprint reader device, you must not encrypt the home directory. Otherwise logging in will fail, because decrypting during login is not possible in combination with an active fingerprint reader device.

To work around this limitation, set up a separate directory outside of the home directory and encrypt it manually.

TabletPC Configuration: xsetwacom Parameters

Use the following xsetwacom Parameters now:

For normal orientation (0° rotation):

xrandr -o 0 && xsetwacom set "Mouse[7]" RotateNONE

For 90° rotation (clockwise, portrait):

xrandr -o 3 && xsetwacom set "Mouse[7]" Rotate CW

For 180° rotation (landscape):

 xrandr -o 2 && xsetwacom set "Mouse[7]" Rotate HALF

For 270° rotation (counterclockwise, portrait):

 xrandr -o 1 && xsetwacom set "Mouse[7]" Rotate CC

Monday, June 9, 2008

NEW • Distribution Release: Damn Small Linux 4.4

Robert Shingledecker has announced the release of Damn Small Linux 4.4, a Debian-based mini-distribution for the desktop. What's new? "New Lua/Fltk re-factored for enhanced performance; new Fltk library now available for C/C++ programs; new fldiff - a file diff GUI viewer; update to rsync 3.0.2; updated mydslBrowser - new feature 'Download Only'; modified 'X Window Snapshot' to save image file with date; added dfm association for easy display of 'X Window Snapshot' images; restored Firefox default search engines; new low resource background and theme; new font added, smoothansi, used in JWM menu; new .luafltkrc for Lua/Fltk theme and defaults; updated dmix; modified nfs-common to also start Portmap when needed; patched kbdconfig to properly select keymaps; modified .bash_profile to eliminate an extra login shell...." See the full changelog for further details. Download: dsl-4.4.iso (49.7MB, MD5).

Saturday, April 12, 2008

Linux Distro Comparison: OpenSUSE 10.3 vs. Mandriva 2008

The successor to Mandrake takes on the open version of SUSE...
Mandriva and openSUSE are two well-established Linux distributions worthy to be considered elite. Both have successfully conquered the hearts of many Linux enthusiasts long before Ubuntu and PCLinuxOS took the stage. With their latest releases namely Mandriva Linux 2008 and openSUSE 10.3, they remained a force to be reckoned with.

In case you are wondering which is better among the two, then you are in luck because it is time once again for our distrowar.

http://junauza.blogspot.com/2007/12/battle-of-elite-opensuse-vs-mandriva.html

Mandriva Directory Server on Debian

This document describes how to set up the Mandriva Directory Server (MDS) on Debian Etch. The resulting system provides a full-featured office server for small and medium companies - easy to administer via the web-based Mandriva Management Console (MMC).

http://www.howtoforge.com/mandriva-directory-server-on-debian-etch

Review: Mandriva Powerpack 2008.0 Linux

Another look at the latest Mandriva Linux distribution...
Mandriva PowerPack edition is unique among desktop Linux distributions in that it doesn't try to remove the technical complexity from the operating environment -- it isn't "dumbed down." It's the perfect balance between automation and control; this is especially welcome in a desktop Linux realm where distributors are increasingly focusing on eliminating control in favor of automation in an attempt to appeal to low-knowledge users.

http://www.softwareinreview.com/cms/content/view/86/

Virtual users, domains with Postfix, MySQL on Mandriva

This document describes how to install a Postfix mail server that is based on virtual users and domains, i.e. users and domains that are in a MySQL database. I will also demonstrate the installation and configuration of Courier (Courier-POP3, Courier-IMAP), so that Courier can authenticate against the same MySQL database Postfix uses. The resulting Postfix server is capable of SMTP-AUTH and TLS and quota (quota is not built into Postfix by default, I will show how to patch your Postfix appropriately). Passwords are stored in encrypted form in the database (most documents I found were dealing with plain text passwords which is a security risk). In addition to that, this tutorial covers the installation of Amavisd, SpamAssassin and ClamAV so that emails will be scanned for spam and viruses. read more...
http://www.howtoforge.com/virtual-users-domains-postfix-courier-mysql-mandriva2008.0

Set up a server on Mandriva 2008 Free

This is a detailed description about how to set up a Mandriva 2008 Free (Mandriva 2008.0) server that offers all services needed by ISPs and hosters: Apache web server (SSL-capable), Postfix mail server with SMTP-AUTH and TLS, BIND DNS server, Proftpd FTP server, MySQL server, Courier POP3/IMAP, Quota, Firewall, etc. This tutorial is written for the 32-bit version of Mandriva 2008, but should apply to the 64-bit version with very little modifications as well. read more... at
http://www.howtoforge.com/perfect_server_mandriva_2008.0

Saturday, April 5, 2008

Chroot in OpenSSH / SFTP Feature Added To OpenSSH

For regular user accounts, a properly configured chroot jail is a rock solid security system. I’ve already written about chrooting sftp session using rssh. According to OpenBSD journal OpenSSH devs Damien Miller and Markus Friedl have recently added a chroot security feature to openssh itself:

Unfortunately, setting up a chroot(2) environment is complicated, fragile and annoying to maintain. The most frequent reason our users have given when asking for chroot support in sshd is so they can set up file servers that limit semi-trusted users to be able to access certain files only. Because of this, we have made this particular case very easy to configure.

This commit adds a chroot(2) facility to sshd, controlled by a new sshd_config(5) option “ChrootDirectory”. This can be used to “jail” users into a limited view of the filesystem, such as their home directory, rather than letting them see the full filesystem.

more

Saturday, March 22, 2008

Mandriva : Install Socks Proxy using dante-server

Add repo using kambing

urpmi.addmedia main http://kambing.ui.edu/mandriva/official/2008.0/i586/media/main/release/ with media_info/synthesis.hdlist.cz

urpmi.addmedia contrib http://kambing.ui.edu/mandriva/official/2008.0/i586/media/contrib/release/ with media_info/synthesis.hdlist.cz

Done...

Then

urpmi dante-server

more..

Game Online : Imperia

Ingin main Game Online lewat Internet tanpa harus install Client Game Software ? Ini dia salah satu Game Online yang bisa di mainkan lewat Browser saja.

Nama Game Online nya adalah Imperia Online. Klik disini untuk Game Online via Web Browser Lainnya .

Keterangannya :

Imperia Online is a web-based massively multiplayer real time strategy online game. It doesn't need any installation - it can be played from any computer as long as it has internet. The world of Imperia Online is in an age before gunpowder. For your victories on the battlefield you can count only on hard cold steel. Imperia Online never sleeps. Whether you are online or not, your empire collects resources and grows. Everything that you do is in real time. Imperia Online does not have turns or ticks, the action happens as it would in the real world.

Thursday, March 13, 2008

Webmin configuration

Initial Webmin Config

We need to secure webmin by editing /etc/webmin/miniserv.conf and make the following changes:

* Using SSL only:

SSL=1

* Change the port to 443 and bind to the second nic only:

port=443 bind=192.168.1.6

* Disable UDP broadcasts:

#listen=10000

* Change host lockout on login failures to 3 :

blockhost_failures=3

* Increase host lockout timeout to 120:

blockhost_time=120

* Change user lockout on login failures to 3:

blockuser_failures=3

* Change user lockout timeout to 120:

blockuser_time=120

* Change the realm to something else:

realm=cpanel

* Log logins to utmp:

utmp=1

How To Reset A Forgotten Root Password With Knoppix

Version 1.0
Author: Falko Timme
Last edited 02/26/2008

This guide explains how you can reset a forgotten root password with the help of the Knoppix Linux Live-CD. Afterwards you can log in to your system as root again.

I do not issue any guarantee that this will work for you!

1 Preliminary Note

The method I'm describing here works only on systems to which you have physical access. If your server is in a remote datacenter, for example, you can't boot it from the Knoppix CD, but most hosters provide a rescue system that you can use in the same way to reset your password.

Welcome to easys GNU/Linux, the modern Open Source desktop operating system. easys offers a bunch of new concepts and improvements that lets you be more productive with your computer system than ever before.

Starting up with our well structured installation program, even a computer novice is able to perform an installation of this professional Linux operating system. Only with a few mouse clicks.

We make use of the highly awarded K(DE) desktop environment which has been customized for easier usage. After a default install, easys offers single-purpose applications instead of including several similar utilities that may lead to confusion.

With easys you can listen to your music, surf the web, chat, make documents, watch movies and much more.

easys GNU/Linux is Slackware-based. Slackware is the oldest surviving and active distribution. Some of its outstanding features are: stability, speed, ease of use, ease of maintenance and long time security support. easys GNU/Linux only includes unmodified Slackware packages to guarantee 100% compatibility.

We offer a transparent development process and are interested in communicating with our userbase. Your opinion is highly appreciated! Please come and join our online forums to talk to other users and to the development team.

Wednesday, March 12, 2008

SlackFire

$ whatis slackfire

SlackFire is an iptables script written especially for Slackware, my favourite Linux distribution in this corner of the Galaxy. The main purpose of the script is to protect a stand-alone machine or a small network with a stateful firewall that can be configured easily but in big detail.

SlackFire isn't perfect (yet) but I hope that README and this screenshot will give an idea of how it works and how it doesn't.

SlackFire may be freely used, modified, and distributed under the terms of the GNU General Public License with any Linux distribution except Caldera and those RedHat releases which are not legally available for free download.

Your comments, ideas, and bug reports are welcome. It will be nice if you mention SlackFire in the Subject line. ;-)

The program has been last updated on January 13, 2008.

Enjoy!

--
uckpeHHe,
Muxau/\

P.S. Recommended companions: junkview and fwlogwatch. Here you can find my brief comments on using the above two programs.

Mandriva relaunches its OS Refugees operation targetting linked sales

Mandriva relaunches its OS Refugees operation targetting linked sales

Following the success of previous years, Mandriva,
Europe's leading editor of Linux, has relaunched its programme fighting
linked sales: OS Refugees.

The recent European anti-trust ruling confirming the European
Commission's
condemnation of Microsoft for abusing its position has been
strengthened by
the European free market think-tank Globalisation Institute's
report "Unbundling Microsoft Windows".

The freedom for users to choose an alternative operating system has
been
reinforced. Simplicity of installation and use are the spearheads of
the free
software community and form the basics of Mandriva whose principal
fundamentals embrace simplicity, innovation and openness.

Mandriva, signatories of the « Non aux racketiciels » "Say No to
software
racket" movement, wishes to join the fight on linked sales spearheaded
by the
AFUL's Détaxe/Racketiciel working group supported by APRIL, by
relaunching
its OS Refugees operation from 3rd March 2008 until April, the 8th ,
2008.

" OS Refugees" is adressed to all those who have acquired a commercial
licence
for another operating system but wish to take advantage of the openness
and
simplicity of Mandriva Linux. Mandriva pledges to reimburse up to 35%
of the
price of any purchase of products in this range to users submitting
proof of
their possession of another OS licence. Products included in this offer
are
Mandriva Powerpack 2008, Mandriva Flash 2008 and the Mandriva Linux
subscription.

Mandriva Linux Powerpack 2008 integrates a unique range of packaging
and
commercial services offering a complete Linux solution. The Powerpack
best-seller is the commercial version of Mandriva Linux and the logical
extension for users of the community version. Mandriva Linux Powerpack
2008
also features all required server and middleware components for
developers
and for small enterprise usage, like SQL databases or Web frameworks.

Mandriva Flash 2008 4GB operates as a genuine work station that the
user can
take wherever he wishes. It incorporates a new functionality - ezBoot -

which reboots under Linux without going through BIOS settings, and the
double
utilization of Windows and Linux system.
Plug in a USB key, start up your computer and in just a handful of
seconds the
Mandriva Linux 2008 operating system is ready for work, listening to
music or
surfing the Net. Mandriva Flash 2008 is an entirely operational system
which
fits into a pocket.


More information available on OS Refugees: 
http://www.mandriva.com/en/product/refugee-0

GNOME 2.22: A Truly Amazing Desktop!

Every six months, the GNOME team prepares a new and revolutionary release of the ever popular GNOME desktop environment. Today, we are proud to introduce you to the latest and greatest features of an 100% FREE and open source desktop. Whether you are on a Solaris machine or the latest Ubuntu distribution, GNOME is there and with every new release it makes your life... Simply Beautiful!

Let's have a look at the new features of GNOME 2.22:

more

Linux Mint 4.0 Daryna KDE Community Edition

The last time I investigated Linux Mint I decided that I "didn't get it" and I approached the latest release with that in mind. But it's actually come a long way and while it's not perfect, I now understand.

This release - Linux Mint 4.0 Daryna KDE Community Edition - is quite an ambitious stab at something new and that's not what I was expecting at all.

Technical Details

Mobile: take it everywhere and make any desktop your own!
Handy: everything for your office work, Internet and multimedia... on a stick!
Keep your personal data in your pocket!
Fast: high data transfer rates with USB 2.0
Storage: up to 3GB available for user files

Product Details

Product Dimensions: 3 x 0.5 x 1 inches ; 8 ounces
Shipping Weight: 1 pounds
ASIN: 2847981500
Item model number: 1.0
Average Customer Review: No customer reviews yet.
Date first available at Amazon.com: October 22, 2007

Product Description

Product Description
Mandriva Flash is a mobile 3D desktop that fits in your pocket and is the #1 Linux USB Key on the market. It contains a pre-installed Mandriva Linux distribution on a 4GB USB key. Plug in the key, take your Linux system everywhere with you, save and exchange your data in up to 3GB of free space! It is not only practical, easy and pleasant to use but also high-performing and innovative. Mandriva Flash will surprise you whether you are already a Linux user or not. Mandriva Flash is a mobile 3D desktop that fits in your pocket and is the #1 Linux USB Key on the market. It contains a pre-installed Mandriva Linux distribution on a 4GB USB key. Plug in the key, take your Linux system everywhere with you, save and exchange your data in up to 3GB of free space! It is not only practical, easy and pleasant to use but also high-performing and innovative. Mandriva Flash will surprise you whether you are already a Linux user or not. Enjoy the latest 3D desktop technology while on the move, and show your friends what their machine can really do with Linux. Stay connected wherever you are. Wherever you are, and whatever the type of available link, Mandriva Flash connects you with your friends, mail, music and online life. Offer Linux to the one you love. Protect your loved one from viruses and malware, offer them freedom of choice and the desktop of the future in a small, high-quality USB key.

Development Release: Mandriva Linux 2008.1 RC1

Adam Williamson has announced the first release candidate for Mandriva Linux 2008.1: "The fifth pre-release of Mandriva Linux 2008.1 is here. This pre-release includes the all-new artwork for the 2008.1 release, further improvements to the Mandriva software management tools, WPA-EAP support in the network configuration tools, KDE 3.5.9 and 4.0.1, some new default applications in KDE and GNOME, and the latest pre-release of OpenOffice.org 2.4. The beta is available in Free and One editions, with i586 and x86_64 DVDs for the Free edition and i586, KDE and GNOME CDs for the One edition. As far as testing goes, we are particularly interested in testing the NTFS support, making sure RPMdrake has no problems, PulseAudio, multimedia keyboard support, hardware detection and hibernation support." The release announcement, release notes. Download: mandriva...dvd-i586.iso (3,882MB, MD5), mandriva...dvd-x86_64.iso (3,894MB, MD5), mandriva...GNOME-int-cdrom-i586.iso (700MB, MD5), mandriva...KDE-int-cdrom-i586.iso (696MB, MD5).