May
10
I was looking at some of the most popular posts on my blog, as reported by my awstats installation, and I noticed that one of the most popular is a post outlining common keyboard shortcuts for Compiz-Fusion on Ubuntu 7.10. Apparently everybody loves their eye-candy!
I thought, now that Ubuntu 8.04 “Hardy” is released, I’d update the basic configuration suggestions and hopefully help a few more of you get your bling-on.
The Compiz-Check Script
Recently I saw a post over at Forlong’s Blog releasing a script that will check your hardware in regards to Compiz support. From the article:
Compiz-Check is a script to test if Compiz is able to run on your system/setup and if not, it will tell you the reason why.
If you’ve had issues with Compiz support in the past I’d suggest running this script and pay attention to the output towards reasons why it appears to be unsupported. In some cases it is simply a matter of poor hardware. In other cases its only a matter of software changes, and may help you get things going.
To download and run the script:
wget http://blogage.de/files/3729/download -O compiz-check
chmod +x compiz-check
./compiz-check
If everything comes out as “OK” you should be able to activate Compiz as seen in the Compiz configuration instructions.
Driver Support With Envy
Another very useful tool I’ve found is the Envy tool, which will install required non-free driver support for nvidia or ATI cards for you. I’ll admit that I’ve only used this occasionally, considering I have intel graphics cards on my main laptops, but in the situations where I have needed it things have worked great.
If you are using Ubuntu 8.04 “Hardy” you can try the newer EnvyNG, which is available in the universe repository. How to install EnvyNG on Ubuntu 8.04.
If you are still using a previous version of Ubuntu you can try the legacy version of Envy, instructions here.
Are there any other common tips that I’ve missed? If you know of any other great resources for Compiz support tests, nvidia or ATI driver installation, or basic Compiz tweaks please comment and share with the rest of us.
I post tutorials very regularly on this site. You may want to consider subscribing to the RSS feed. Or if you'd prefer these tips sent to your inbox you can use Email Subscriptions.
May
9
A Root Shell On Ubuntu : The Right Way
Filed Under Ubuntu | 24 Comments
Just the other day we were having a discussion on using the root shell in Ubuntu. Now, remember, the root user account is disabled with no assigned password on a default Ubuntu system so administrative tasks need to be done using the sudo command. For nearly all of the administration you would need sudo will be adequate. There are occasionally those fringe cases where you might require a root shell. Below I have a few alternatives and then, if you must, the correct way of opening a root shell.
For more information please see the RootSudo page on the Ubuntu Community Wiki.
Alternatives To A Root Shell
One of the most common reasons that a user might need a root shell is due to output redirection not working as expecting while using sudo. This can be bypassed fairly easily. Let me outline an example:
sudo echo “foo” > /root/somefile
The above example will not work because the normal user does not have access to write to the root user home directory, and combining the redirection in the command we’ve lost sudo access.
An alternative that will work would look something like this:
echo "foo" | sudo tee /root/somefile
This will echo the output on the console but the tee command ('man tee‘ for more information) will also take that output and write it to the file as expected. Also note that 'tee -a' will work in the same fashion as >>, appending the data to the current file vs overwriting.
The Proper Way To A Root Shell
If you still need a root shell (perhaps you’ve come across a different scenario? perhaps you’re just lazy? perhaps you’re coming from another distribution?) let me outline the proper way to gain a root shell.
DISCLAIMER: This should be avoided if at all possible. It is not suggested to run a root shell on an Ubuntu system. Use at your own risk. See examples above, etc.
sudo -i
The command sudo -i is the equivalent to the 'su -' command. This will properly change to the root user, switch to the root user’s home directory, use his (her?) environment values, etc.
sudo -s
The command sudo -s is the equivalent to the 'su' command. This will change to the root user but will not properly use his (her?) environment values, etc.
The WRONG Way To A Root Shell
Please DO NOT use the following methods to gain root access:
sudo bash, sudo sh, sudo su -, sudo su, sudo -i -u root
If you currently do use these methods this post was written for you!
UPDATE: Based on the feedback in the comments for this post I’ll try to expand the reasoning on *why* the right way is the preferred way.
First of all we need to understand some background information. When a user creates a session there are a number of environment values that are set. To have a look at some of these try this command:
env
This will output a number of details about the current working environment. These environment values may be different for different users. Some of the values are generated by way of the .bashrc file (assuming a bash shell, of course), the .bash_profile, etc. Take a look at the .bashrc in your users home directory and compare it with the .bashrc in root’s home directory.
diff -u ~/.bashrc /root/.bashrc
You should see some differences, and this is just from one of the multiple files that are read during a proper login.
When creating a root shell by using ‘sudo bash‘ you are not incorporating the root environment properly. You are creating a shell with root privileges but the env output is still that of your user. Each user, whether unprivileged or root, should have unique environment settings to truly be that user. This will be the case for ‘sudo bash‘, ‘sudo su‘ and ‘sudo sh‘.
May
4
Why ufw Does Not Need A GUI
Filed Under Security | 11 Comments
I’ve been hearing more and more recent requests (at OpenWeek -chat and in blog comments) regarding a request for a GUI on top of ufw. I wanted to take a second and outline more clearly what ufw is, which will likely stop these requests. I think its just a simple matter of not truly understand what ufw does which leads to these. Bottom line, there are already a number of GUI firewall applications, adding one for ufw would be basically pointless. (Before you argue that point, keep reading.)
What is ufw?
ufw, or “uncomplicated firewall”, is simply a management tool for creating kernel-level firewall rules which is done via the netfilter kernel module and iptables userspace tool. iptables has been around for quite a long time, is very, very robust and very widely used. It is installed by default on any Ubuntu system, but no “rules” have historically been applied to it. (Technically, every Linux system has a firewall utility built into the kernel, but if no rules are applied to that filter nothing is actually being specifically allowed or denied.)
The reason ufw was developed (I sat in on the sprint at UDS for this) is that we wanted to create a server-level firewalling utility that was a little bit more “for human beings”. While iptables is already installed and available for use, the syntax can be complicated. For example, lets say you wanted to block all connections from the IP address 10.100.0.5:
iptables : sudo iptables -A INPUT -s 10.100.0.5 -j REJECT
ufw: sudo ufw deny from 10.100.0.5
Another slightly more complicated example could be written for blocking specific ports and protocols:
iptables: sudo iptables -A INPUT --dport 22 -s 10.100.0.5 -j REJECT
ufw: sudo ufw deny from 10.100.0.5 to any port 22
ufw is creating the iptables / netfilter rule “under the hood”, but allowing us to create the rules in a simpler way. Both of the commands above basically do the same thing, ufw simply “uncomplicates” the process.
For those that are looking for a GUI on top of ufw, remember that you already have tools such as Firestarter or lokkit, etc. Those are graphical tools which create and manage iptables / netfilter rules “under the hood”. ufw is simply a command-line tool to manage iptables / netfilter rules “under the hood”.
The existing GUI tools (Firestarter) and ufw both use iptables underneath, so adding a GUI to ufw would basically be re-creating Firestarter, which is not really needed. ufw is simply a less complicated way to create firewall (iptables) “rules” on the command line.
May
3
Now that most of the modern world has upgraded to Ubuntu 8.04 I’ve begun to see comments regarding VMware Server no longer working. You may have used my previous article, Installing VMware Server on Ubuntu 7.10, which has worked great. Now that 8.04 “Hardy” is installed things have become a bit more complicated unfortunately.
The problem is that VMware has not updated their latest versions to make use of the latest kernel, GCC or gnome libraries. So, we’ve got two options.
- Wait for a new VMware release and hope they patch everything.
- Follow the rest of this tutorial and get your hands dirty on the terminal. We can make it work, but we have to hammer it into submission.
So, I’ll assume because you’re still reading that you’ve opted for the hammer into submission option. Let’s get started.
Downloading the Requirements
The first step, of course, is to download VMware Server 1.0.5. You’ll have to agree to the EULA (actually twice. Once before download and once during installation. Remember, VMware is free-as-in-beer but not free-as-in-speech.)
The second step is to install some development tools that we’ll need to get things running. Use the following command or click the package names to install the requirements:
sudo aptitude install build-essential linux-kernel-devel linux-headers-generic xinetd
The third step is to download one more tool to help in the manual build process for VMware Server 1.0.5. What we need is a script which will help in the custom config hosted at Google Code. Download the vmware-any-any-update-116.tgz.
You will also need to generate a serial number to run VMware Server. Visit this link to register and generate the number of codes you might want. Remember to print the codes or write them down because in my experience they are not emailed to you.
OK, at this point we should have all of the requirements, now we can get to work…
Installation and Configuration
Let’s unpack the VMware archive that we downloaded and run the VMware installer. NOTE: After some basic configuration it will ask you to run vmware-config.pl. DO NOT RUN vmware-config.pl, WE ARE NOT READY YET.
tar xf VMware-server-1.0.5
cd vmware-server-distrib
sudo ./vmware-install.pl
When it asks you to run vmware-config.pl you want to answer “no” and this is where the vmware-any-any-116.tgz patch comes in.
cd ..
tar xf vmware-any-any-update-116.tgz
cd vmware-any-any-update116
sudo ./runme.pl
After this runs it will ask you again if you want to run vmware-config.pl. At this point select “yes”.
The Last Step
If you attempt to run vmware at this point you might notice that it spits out some nasty errors and complains at you. There is one more thing we need to setup. (Hey, VMware, if you’re reading this will you please incorporate these fixes into your official download already!)
Basically VMware is missing and complaining about some cairo libraries and gcc. So, the simple fix for this is to point to them by using a symbolic link:
sudo ln -sf /usr/lib/gcc/i486-linux-gnu/4.2.3/libgcc_s.so /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1
sudo ln -sf /usr/lib/libpng12.so.0 /usr/lib/vmware/lib/libpng12.so.0/libpng12.so.0
At this point you should be able to launch vmware and enjoy some virtualization goodness. Please stay tuned for virtualization updates regarding virtualbox and the new KVM!
sources: I want to throw a big thanks to my buddy Igor for helping figure out these tweaks. Check out his blog, with these and other instructions, here.
UPDATE: based on some of the comments below I’ve added the “-f” to the symbolik link options.
May
1
I wanted to throw out a quick thank-you to all those that attended my OpenWeek Presentation today. I think things went really well and had some great questions and suggestions from those in attendance. If you missed the presentation and would like to catch up on the logs you can find them here.
It also appears that we’ve formed a loose new team/group, dedicated to advancement of Ubuntu support on the EeePC. If you’d like to participate please drop me a note (see my contact page) or drop by the #ubuntu-eeepc irc channel for discussion. Our goal is to have 100% support out-of-the-box by Ubuntu 8.10 “Intrepid”. Think we can do it? 
Apr
29
Follow My MOTU Journey…
Filed Under Development | 2 Comments
The packaging presentation this morning really got me excited about getting involved in that area of Ubuntu so I put a few things together in order to try and keep me on this road.
- I took a lot of notes and have a lot of links for reference and study.
- I’m putting together a schedule to try and keep me on track.
- I put together a new blog to document my progress and pitfalls.
If you’re interested in following my journey toward MOTU add http://blog.zelut.org/feed/ to your Feed Reader.
I’d love to get other people interested and educated about packaging by way of that blog. If you are MOTU and want to help keep me on track please stop by. If you’re a casual user that would like to start participating please also stop by. Remember, the more skilled people we have handling and improving packages the better Ubuntu will be!
Apr
29
I just finished attending the Ubuntu OpenWeek Session: Packaging 101, presented by dholbach, King of the MOTU! ;). It was a great presentation and I learned quite a bit. I have studied packaging before and I always ran into issues. I think his presentation made things very clear and he was great in answering the questions we ran into.
We packaged ed, a standard Unix line editor that nobody (except for one of my co-workers) actually uses, but it was a good practice run. Even with such a simple package we learned how the basic principle works, which should carry over to more real-world packages.
If you’ve been interested in packaging this is a great time to dive in. We’ve got a small window before Ubuntu 8.10 “Intrepid” starts and there will be help needed in merging everything and getting that release ready. I would *love* to be a part of the actual packaging for that release so you may hear more about my journey toward MOTU during this release cycle. I invite you to attend the remaining packaging related sessions at Ubuntu OpenWeek and pickup what you can. Ubuntu’s success is very much based on the strength of the MOTU and the number of quality packages it offers.
If you haven’t yet, go check out OpenWeek. Drop by #ubuntu-classroom on irc.freenode.net and join the fun!
Apr
28
I’ve blogged in the past about setting up extended display on the MacBook (second gen), but I thought I’d update the post for Ubuntu 8.04. I notice there are some small differences, which are likely caused by the updates to Xorg. I’ll post my steps and my xorg.conf file below.
Extended Display on the MacBook
First, I tried to use the new Screen Resolution tool but it did not detect either monitor properly. It does detect the MacBook display when it is the only display, but when my external monitor is plugged in everything gets screwed up.
I had to do things by hand using xrandr, and I had to add three lines to my xorg.conf file. There isn’t much to it, but not as straight-forward as it could be with the graphical tools.
- The first step is to figure out the sum of both resolutions. ie; 1280×800 + 1440×900 = 2720 x 1700. Take the resolutions from your MacBook (which should be 1280×800) and add it to the resolution of your external monitor. Make note of the result.
- Update your xorg.conf file to include the new, combined, resolution (example below)
- Restart X (logout & login or ctrl-alt-bkspace)
- xrandr –output VGA –auto
- xrandr –output VGA –above LVDS
Here is a copy of my xorg.conf file. It is default except for the three additional lines:
# xorg.conf (X.Org X Window System server configuration file)
#
# This file was generated by dexconf, the Debian X Configuration tool, using
# values from the debconf database.
#
# Edit this file with caution, and see the xorg.conf manual page.
# (Type "man xorg.conf" at the shell prompt.)
#
# This file is automatically updated on xserver-xorg package upgrades *only*
# if it has not been modified since the last upgrade of the xserver-xorg
# package.
#
# If you have edited this file but would like it to be automatically updated
# again, run the following command:
# sudo dpkg-reconfigure -phigh xserver-xorg
Section “InputDevice”
Identifier “Generic Keyboard”
Driver “kbd”
Option “XkbRules” “xorg”
Option “XkbModel” “pc105″
Option “XkbLayout” “us”
Option “XkbOptions” “lv3:ralt_switch”
EndSection
Section “InputDevice”
Identifier “Configured Mouse”
Driver “mouse”
Option “CorePointer”
EndSection
Section “InputDevice”
Identifier “Synaptics Touchpad”
Driver “synaptics”
Option “SendCoreEvents” “true”
Option “Device” “/dev/psaux”
Option “Protocol” “auto-dev”
Option “HorizEdgeScroll” “0″
EndSection
Section “Device”
Identifier “Configured Video Device”
EndSection
Section “Monitor”
Identifier “Configured Monitor”
EndSection
Section “Screen”
Identifier “Default Screen”
Monitor “Configured Monitor”
Device “Configured Video Device”
# added SubSection “Display” until EndSubSection
SubSection “Display”
Virtual 2720 1700
EndSubSection
EndSection
Section “ServerLayout”
Identifier “Default Layout”
Screen “Default Screen”
InputDevice “Synaptics Touchpad”
EndSection
Apr
27
I hope by now you’ve heard some of the noise regarding Ubuntu OpenWeek which begins tomorrow, 15:00 UTC in #ubuntu-classroom. We’re going to have some really cool, really interesting presentations this time around! I’m trying to figure out when I’ll have time for work there are so many presentations that I want to attend!
I also wanted to mention that I’ll be presenting on Thursday, 16:00 UTC. I’ll be presenting on using Ubuntu on the EeePC. If you have an EeePC still running Xandros, if you have an EeePC running Ubuntu (or derivative), or if you’re just thinking about getting one I think it’d be a great presentation for you to join. I’ll be discussing current and future EeePC specs, how to install on Ubuntu and how to customize the Gnome desktop for such a small resolution.
I use my EeePC more than any of my other machines anymore. I take it on the road with me when I travel, I write code on it, I write blog posts on it. Nearly anything I would do on my MacBook I do on my EeePC. Yes, even Compiz! Its a great little machine!
If you are an EeePC user and have suggestions on items to include in the presentation please leave a comment. If you are not an EeePC user and have specific questions you’d like me to cover I also invite you to leave a comment. See everyone on Thursday!
Apr
25
Ubuntu 8.04 “Hardy” Rocks My Servers Socks!
Filed Under Upgrade | 7 Comments
I just finished the upgrade on this server from Ubuntu 7.10 ‘Gutsy’ to Ubuntu 8.40 ‘Hardy’ and all I have to say is Ubuntu 8.04 Rocks My Socks! Here is a bit how things played out…
I spent a bit of time backing things up and preparing for the upgrade (you know, just in case). I then switched my repository to a faster mirror than the local one I had been using and I installed the required package to handle upgrades (update-manager-core). After this I ran sudo screen do-release-upgrade and watched the fun happen. (Yeah, I ran it in screen because I didn’t know how long it might take and I wanted to be able to detach if needed..)
Guess how long it took? Less than nine minutes! In less time than it normally takes to even download the CD I was upgraded, rebooted and back in production! So far things are running great, the upgrade went as smooth as can be, and my world has been rocked by Ubuntu Server!
I just have to say, if you or your company has been wondering whether Ubuntu is ready for the server, all I have to say is HELL YEAH IT IS! Try to upgrade a production machine from one release to the next and have it back in production in less than 10 minutes another “Enterprise” Linux distribution. Ohh, and do it while its still in production without any CDs.. I dare ya!
-
Blogroll
Subscribe to the RSS feed!
Get Ubuntu!
Obama '08
