Posts Tagged ‘linux distribution’

Linux: how to Start multiple X sessions – Connect to remote Linux GNOME with no need for VNC by exporting display

Thursday, October 10th, 2013

start multiple X server Xorg sessions export graphic X display to use Linux gui from another Linux like dumb terminal
It is useful sometimes in Linux to run multiple Xservers and from there to start few Window Managers (lets say one with Window Maker and one with GNOME and FluxBox). Running second / 3rd etc. X session is nice especially when you you'd like to access remotely your Desktop (lets say from another Linux).

To start second Xsession with only terminal from which you can invoke any GUI environment use:

xinit -- :1

For third one do

xinit -- :2

First Xsession is working on screen :0 (e.g. xinit — :0). To access and navigate later via various X sessions depending on the Linux distribution and how it is configured to which console to start new sessions use

ALT + F5, ALT + F6, ALT + F7.

On GNU / Linux distributions where default Xorg server is running on TTY7 to switch to 2nd and 3rd Window Manager use instead:

ALT + F7, ALT + F8, ALT + F9

Alternative command to issue to launch multiple sessions with lets say GNOME (if that's default set GUI environment) use:
 

startx -- :1

and

startx -- :2

Whether you want to launch GUI environment from another Linux after connecting through SSH or telnet term client (i.e. you have old machine hardware with Linux with no graphical environment and would like to use 2nd machine with decent hardware and Xorg + GNOME running fine), way to do is via:

xhost +

and exporting DISPLAY to remote IP host.

Here is example how to launch second Xsession with GUI environment from remote Linux host.
For example we assume host which will host 2nd X session is 192.168.1.1 and host from which remote Xorg with GNOME will be accessed is 192.168.1.2.

a. Use ssh from 192.168.1.2 to 192.168.1.1

# ssh user@192.168.1.1
xorg-machine:~# xhost +

Above command allows all hosts to be able to connect to 192.168.1.1.

To enable just single host to be able to connect to Xorg server on 192.168.1.1:

xorg-machine:~# xhost +192.168.1.1

b. On xorg-machine (192.168.1.1) its necessary export display to 192.168.1.2

xorg-machine:~# export DISPLAY=192.168.1.2:0.0

To make Xorg + default GUI window manager popup then on 192.168.1.2

xorg-machine:~# startx

Configure GNOME 3 to support dual / multiple monitors / Fix broken workspaces

Sunday, September 22nd, 2013

gnome3 dual 2 monitors not showing right workspace display issue how to fix

If you're using some GNU / Linux distribution with GNOME 3 and you would like to show output of screen in two connected Monitors to the machine you will stumble upon really unusual behavior. For some unknown reason GNOME environment developers make second monitor to keep fixed on on First Workspace, so whether you try changing Desktops to second / third etc. Virtual Desktop you end up with your secondary monitor focused on Workspace 1. Logically the use of Dual monitor configuration is to show all GUI output identically on both monitors so this behavior is "wrong" ….

Fortunately there is setting that control this weird behavior in GNOME through gconf-editor and simply changing that switches monitors to show properly.

To fix it:

Start Run Command or Press Alt + F2 to invoke GNOME Run menu

Navigate to registry path Desktop -> Gnome -> Shell -> Windows and Uncheck selection on workspaces_only_on_primary 

gconf-editor-gnome3-fix-dual-monitor-improperly-showing-workspaces

To make new changes take effect its necessary to Log Off or Restart PC.

There is another easier way for command line oriented people to apply changes without using / having installed gconf-editor by issuing:

gsettings set org.gnome.shell.overrides workspaces-only-on-primary false 

How to create user with only FTP access on Linux

Saturday, May 11th, 2013

Linux access only to ftp How to prohibit ssh access on GNU Linux

Creating user with access only through FTP is vital in daily routine system administration job. The reason why it is good to disable SSH access to users which don't need it is of course better security. Disabling access to ssh shell for users which don't need it prevents you for user to run malicious code usually exploits or some DDoS Fork bombs – like the infamous Linux shell Denial of Service string;

:(){ :|:&};:

Better not try above string on productive server 😉
So back to the topic here how to add Linux FTP only user;

1. Create a regular user with adduser or useradd (depending) on GNU / Linux distribution

adduser is available across most Linux distributions nowadays, however I remember in past there was some distros which had useradd instead. Anyways for most adduser should be ok. As of time of writting both 3 main stream Linux distributions Slackware, Debian and Fedora has adduser.

linux:~#  adduser new-user-for-ftp-only

Adding user `new-user-for-ftp-only' …
Adding new group `new-user-for-ftp-only' (1006) …
Adding new user `new-user-for-ftp-only' (1005) with group `new-user-for-ftp-only' …
Creating home directory `/home/new-user-for-ftp-only' …
Copying files from `/etc/skel' …
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for new-user-for-ftp-only
Enter the new value, or press ENTER for the default
    Full Name []: New Linux User Only for FTP access  
    Room Number []:
    Work Phone []:
    Home Phone []:
    Other []:
Is the information correct? [Y/n] Y

linux:~#

2. Change user shell /bin/bash to /bin/false

Again depending on Linux distribution by default /bin/bash /bin/sh or /bin/whatever shell will get added. To make just created user access to SSH disabled. Change shell to /bin/false – a tiny program which just returns a FALSE value and quits immediately.

There are two ways to do so;

a) Edit directly /etc/passwd with vim / joe

linux:~# vim /etc/passwd

Go to end of file and find the record for user, should be smth like:

new-user-for-ftp-only:x:1005:1006:New Linux User Only for FTP access,,,:/home/new-user-for-ftp-only:/bin/bash

Change to;

new-user-for-ftp-only:x:1005:1006:New Linux User Only for FTP access,,,:/home/new-user-for-ftp-only:/bin/false

b) Use chsh cmd

linux:~# chsh new-user-for-ftp-only

Changing the login shell for new-user-for-ftp-only
Enter the new value, or press ENTER for the default
    Login Shell [/bin/bash]: /bin/false

linux:~# grep -i new-user-for-ftp-only /etc/passwd

new-user-for-ftp-only:x:1005:1006:New Linux User Only for FTP access,,,:/home/new-user-for-ftp-only:/bin/false

3. Testing if ssh access to new user is disabled

linux:~# ssh new-user-for-ftp-only@localhost

new-user-for-ftp-only@localhost's password:
Linux noah 2.6.32-5-amd64 #1 SMP Mon Feb 25 00:26:11 UTC 2013 x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Connection to localhost closed.

How to configure old ISA sound card on Debian / Ubuntu / Xubuntu Linux

Tuesday, March 5th, 2013

isa old soundcard make work on Debian Ubuntu Xubuntu Fedora GNU / Linux
If you happen to install a modern GNU / Linux distribution to a relatively old computer hardware with an ISA non-PNP (Plug and Play) soundcard it will be not visible neither among PCI devices list with (lspci) command nor in USBs list (lsusb). Thus with ISA cards, the way to configure a 16 bit SoundBlaster is via a special kernel modules snd-es18xx and snd-sb16 which thanksfully is still existent even on latest Linux distros. Without this two modules enabled in the kernel trying alsamixer command will be unable to launch the mixer as the soundcard is not detected on run of /etc/init.d/alsa start – ALSA enabling boot script – loaded during the system enters runlevel 2.

For one time test of sound card driver, I tested by running:

manastir-pomorie@manastir-pomorie:~# /sbin/modprobe snd-es18xx
manastir-pomorie@manastir-pomorie:~# /sbin/modprobe snd-sb16
 

On enabling enabling the sound card via above two drivers on the speakers – volume raised to Loud a kind of beep sound was heard, this led me to thoughts now it might work. Before testing the sound in running Youtube Video with sound in Firefox, I launched alsamixer to see if volume settings for SoundBlaster are not muted. Not surprisingly they were set raised to lowest level as you can see on picture:

alsamixer xubuntu configuring isa old sound card on deb based distro

After raising the volume level for PCM and testing in browser thanksfully soundblaster worked fine.
To make the two kernel modules making the ISA card work, I added the modules to /etc/modules

manastir-pomorie@manastir-pomorie:~# echo 'snd-es18xx' >> /etc/modules
manastir-pomorie@manastir-pomorie:~# echo 'snd-sb16' >> /etc/modules

Even after restarting XUbuntu sound drivers gets loaded. Though I tested this on Xubuntu as Xubuntu is Debian based, same kernel module should be working fine on Ubuntu and Debian. The exact Xubuntu version and kernel on which the ISA card worked is;

manastir-pomorie@manastir-pomorie:~$ cat /etc/issue
Ubuntu 12.04.2 LTS \n \l

manastir-pomorie@manastir-pomorie:~$ uname -a;
Linux manastir-pomorie 3.2.0-38-generic #61-Ubuntu SMP Tue Feb 19 12:20:02 UTC 2013 i686 i686 i386 GNU/Linux

Why I never liked Mandrake Linux / Mankdrake Linux has took its name from an 1930s comics Mandrake the Magician

Wednesday, May 9th, 2012

I never liked Mandrake Linux, since day 1 I saw it.
Historically Mandrake Linux was one of the best Linux distributions available for free download in the "Linux scene" some 10 to 12 years ago.

Mandrake was simple gui oriented and trendy. It also one the Linux distribution with the most simplified installer program and generally a lot of GUI software for easy configuration and use by the end user.

Though it's outside nice look, still for me it was like an "intuition" that Mandrake is not so good as it appeared.

Now many years later I found by chance that Mandrake has been sued to change their Operating System name with another, due to a law suit requit by the copyright holders of Mandrake The Magician comics. "Mandrake the Magician" used to be a very popular before the Second World war in the 1930's.

Mandrake the Magician Comics Magazine from 1930's Cover, Mandrake the Black Magic Magician

It obviously not a co-incidence that the Mandrake names was after this comics and not the mandrake herb plants available in Europe, Africa and Asia. This is clear in Mandrake Linux distro earlier mascot, you see below:

Mandrake Linux old distribution logo, magician penguin

Later on they changed Mandrake's logo to loose the connection with Mandrake The Magician and used another new crafted logo:

Mandrake GNU Linux newer logo
Its quite stunning nowdays magician obsession, has so heavily infiltrated our lives that even something like a Free Softwre Linux distribution might have some kind of reference to magician and occult stuff (I saw this from the position of being Christian) …

Later due to the name copyright infringement Mandrake Linux was renamed first to Mandragora Linux.
Instead of putting some nice name non related to occultism or magic stuff the French commercian company behind Mandrake rename it to another non-Christian name Mandragora.
Interestingly the newer name Mandragora as one can read in wikipedia means:
 

Mandragora (demon), in occultism

Well apparently, someone from the head developers of this Linux distribution has a severe obsession with magic and occultism.

Later MandrakeSoft (The French Company behind Mandrake Linux) renamed finally the distribution to Mandriva under the influence of the merger of Mandrake with the Brazillian company Connectiva this put also an over to the legal dispute copyright infringement dispute with Hearst Corporation (owning the rights of Mandrake the Magician).

Having in mind all fact on current Mandriva "dark names history", I think it is better we Christians avoid it …

Installing Linux on old hardware PC. Few thoughs on Puppy and Xubuntu Linux

Tuesday, January 24th, 2012

I needed a G/Linux distribution that will work fine on an old PC with hardware configuration:

guest@xubuntu-desktop:~$ grep -i cpu /proc/cpuinfo; free -m; df -h
cpu family : 6
cpu MHz : 797.613cpuid level : 2
total used free shared buffers cachedMem: 497 470 26 0 35 259-/+ buffers/cache: 176 321Swap: 1454 10 1444File System Size Used Free % Mounted on
/dev/sda1 37G 4,3G 31G 13% /

I've read a lot on the internet and come to the conclusion I have basicly two popular Linux distros as option to install on archaic x86 hardware:

1. Puppy Linux
2. Xubuntu Linux

I first give Puppy Linux a try. It worked quite nice, but the interface was too old school and the desktop felt like a bit out-dated.
Besides that many of the Puppy Linux shipped programs were not a mainstream programs available across most of the other Linux distributions.

Many of the programs shipped with Puppy are great, but more suitable for a computer geek than for a Windows accustomed GUI user.
Puppy Linux Screenshot

My opinion on Puppy (from what I've seen) is that its great distro for old school hardcore Linux users.
Anyways its not suitable for absolutely "uniniated" users who encounter Linux for a first time.

Secondly I installed Xubuntu. Most of the archaic hardware on the PC was detected during install time (a pleasently surprise).
Xubunto works fast and Xfce menus opens "light fast" as on the old 800Mhz pc with 512 mem of ram. Generally the GUI worked quick and responsive.
To conclude I liked Xubuntu a lot and I strongly recommend it to anyone who want to quickly roll on Linux on an old PC.
Xubuntu GNU / Linux theme

What impressed me most is the minimalistic look & feel and simplicity.

I'm sure Debian will be working great on old hardware as well, however configuring it will be hell a lot of work. Thus I think Xubuntu is a good choice for people who want save some time in obscure configurations and easily have a neat Linux ready for desktop use.

A sysctl Linux variable to change randomly temporary the PC mac address for IPv6 and increase anonymity on IPv6 networks

Tuesday, September 20th, 2011

To prevent tracking and increase anonymity in IPv6 networks the Linux kernel has a variable to change randomly the MAC identifier. This feature will be very useful in terms of security in the short future, when all the IPv4 IP addresses are finished. The UIE (Extended Unified Udentifier) for an ipv6 address can be changed with command:

sysctl -w net.ipv6.conf.all.use_tempaddr=2 Microsoft Windows Vista and Windows 7 has the UIE enabled by default, enabling the random MAC changes automatically for a host cvan be done as usual by adding the net.ipv6.conf.all_use_tempaddr=2 to /etc/sysctl.conf

On an IPv6 network every ifconfig eth0 down and ifconfig eth0 up will instruct the lan card to be set a different MAC address for the ipv6 ip on the interface.

Changing the UIE randomly however also have security downsides if the host gets infected with a Virus or Worm. The security downsides of the enabled UIE affects mainly Windows hosts on IPv6 networks as UIE variable is enabled by default there.I’ve found this great tip in an article in the latest Linux Magazine October 2011. Its the first time I saw a paper Linux Magazine, the magazine contains a lot of helpful info on the latest Linux developments and latest trends in the Linux world. Subscription to receive the magazine via normal post is for the magazine costs 6.65 EUR per month (80 EUR) yearly. The 80 euro yearly includes 12 CDS (each magazine is bundled with a newly launched new version of a Linux distribution).
There is also a cheaper subscription for the magazine which costs 64.90 EUR.

How to set up Path to .exe GNUWin32 binary files in Windows XP / Vista / 2003 / 2008 (Setting PATH to executables on Windows)

Tuesday, August 23rd, 2011

I’ve been working on a servers running Windows 2003 and Windows 2008 these days.
As I wanted to be more flexible on what I can do from the command line I decided to install GNUwin (provides port of GNU tools), most of which are common part of any Linux distribution).
Having most of the command line flexibility on a Windows server is a great thing, so I would strongly recommend GNUWin to any Windows server adminsitrator out there.

Actually it’s a wonderful thing that most of the popular Linux tools can easily be installed and used on Windows for more check GnuWin32 on sourceforge

One of the reasons I installed Gnuwin was my intention to use the good old Linux tail command to keep an eye interactive on the IIS server access log files, which by the way for IIS webserver are stored by default in C:WindowsSystem32LogFilesW3SVC1*.log

I’ve managed to install the GNUWin following the install instructions, not with too much difficulties. The install takes a bit of time, cause many packs containing different parts of the GNUWin has to be fetched.

To install I downloaded the GNUWin installer available from GNUWin32’s website and instructed to extracted the files into C:Program FilesGnuwin
Then I followed the install instructions suggestions, e.g.:

C:> cd c:Program FilesGnuWin
C:Program FilesGnuWin> download.bat
...
C:Program FilesGnuWin> install c:gnuwin32
...

After the installation was succesfully completed on the two Windows machines, both of which by the way are running 64 bit Windows, it was necessery to add the newly installed GNU .exe files to my regular cmd.exe PATH variable in order to be able to access the sed, tail and the rest of the gnuwin32 command line tools.

In order to add C:GnuWin32bin directory to the windows defined Command line Path , I had to do the following:

a. Select (Properties) for My Computer

Start (button) -> My Computer (choose properties)

b. Select the My Computer Advanced (tab)

Then, from the My Computer pane press on Advanced tab

c. Next press on Environment Variables

Windows environment variables screenshot

You see in above’s screenshot the Environment Variables config dialog, to add the new path location in System Variables sectiom, between the list I had to add the c:GNUwin32bin path locatiion. To find I pressed on Edit button scrolled down to find the Variable and hence added at the end of the long list defined paths.
After adding in GNUwin, the Windows path looks like this:

C:Program Files (x86)EWANAPI;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:Program Files (x86)IntelNGSMSMPFiles;C:Program Files (x86)Microsoft SQL Server100ToolsBinn;C:Program FilesMicrosoft SQL Server100ToolsBinn;C:Program FilesMicrosoft SQL Server100DTSBinn;C:Program Files (x86)Microsoft SQL Server100ToolsBinnVSShellCommon7IDE;C:Program Files (x86)Microsoft Visual Studio 9.0Common7IDEPrivateAssemblies;C:Program Files (x86)Microsoft SQL Server100DTSBinn;C:WINDOWSsystem32WindowsPowerShellv1.0;C:gnuwin32bin

Further on, I launched the tail command to intercatively take an eye on who is accessing the IIS webserver.
Sadly this worked not, trying to use tail with the IIS ex10116.log log;

C:WindowsSystem32LogfilesW3SVC1> tail -f ex10116.log

Spit an error tail: ex10116.log: Bad file descriptor

Since I couldn’t use tail -f I looked for alternative and a quick search led me to Tail 4 Win32 . Lest the name suggests it is supposed to work on 32 bit arch Windows the version on tailforwin32’s website is working perfectly fine on 64 bit Windows as well.
What it does is to simulate a normal tail -f command inside a very simplistic window interface. You see it in action with opened IIS log on below’s screenshot:

GUI Tail for Windows screenshot

Finally my goal is achieved and I can take an eye interactively on IIS logs. End of the article, hope it wasn’t too boring 😉