Monthly Archives: March 2009

New Features In The Upcoming Ubuntu 9.04 “Jaunty”

With the recent release of Ubuntu 9.04 “Jaunty” alpha 6 this last week I thought I’d outline some of the upcoming new features awaiting us this April.  I’d love to hear from those of you that have already been using the alpha releases and tell us your experience with some of the features listed here.  Whether you’ve had good or bad experiences with the alpha releases please share what you’ve found with the community.

For more information on these upcoming features see the Ubuntu 9.04 alpha 6 notes.

  • Xorg Server 1.6
  • Font Size Optimization
  • New Notifications and Preferences
  • Linux Kernel 2.6.28
  • Ext4 Filesystem Support

Xorg Server 1.6

The latest X.Org server, version 1.6, is available in Jaunty. For a little while, this will again cause increased instability for some users while the proprietary video drivers catch up.

Font Size Optimization

Font dot-per-inch settings are now optimized based on your monitor’s capabilities, rather than defaulting to 96 dpi. You can further customize your dpi settings via System → Preferences → Appearance → Fonts → Details…

New Style for Notifications and Notification Preferences

Included in Jaunty is a simple menu which can be used to set preferences for notification icons, such as where they pop up on the taskbar. There is a possibility that Ubuntu 9.04 will get a whole new notification system, as shown in the Flash movie here:

http://www.markshuttleworth.com/wp-content/uploads/2008/12/jaunty904_notifications_example1_web_092.swf

Linux Kernel 2.6.28

Alpha 6 includes the 2.6.28-8.26 kernel based on 2.6.28.7. 

Ext4 Filesystem Support
Alpha 6 supports the option of installing the new ext4 file system. ext3 will remain the default filesystem for Jaunty, and we will consider ext4 as the default for the next release based on user feedback.

Configure Postfix for Multiple ISP Client SMTP Authentication

Some time ago I blogged about configuring Postfix to relay outgoing email through your gmail account. One of the commenters left a question asking how to achieve the same result, but use unique relays for each account attempting to send email. I’ve only just now been able to find time to write up an answer and find a good solution. This post will outline how to configure specific users of your mail server to relay through unique providers for outgoing email. For example:

user1@server1.com must relay through smtp.isp1.com
user2@server2.com must relay through mail.isp2.org
user3@server3.com must relay through mx.isp3.net
all others must relay through the default, smtp.hugecorp.biz

Note: This is only supported on Postfix version v2.3+ and later. If you are using a recent version of Ubuntu or Debian you should be fine. To find out your current installed version you can run:

dpkg -l postfix

Step 1

Open your main.cf file:

vim /etc/postfix/main.cf

Add these lines to the configuration:

smtp_sender_dependent_authentication = yes
sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_map
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/passwd
relayhost = [smtp.hugecorp.biz]:submission

Step 2

Create /etc/postfix/relayhost_map file:

vim /etc/postfix/relayhost_map

Append entries for each unique sender => isp relay mapping you need. (note: our default relay, smtp.hugecorp.biz, is not included here):

# Per-sender provider
user1@server1.com [smtp.isp1.com]
user2@server2.com [mail.isp2.org]
user3@server3.com [mx.isp3.net]

Step 3

Update the /etc/postfix/passwd file with the user authentication information:

# Per-sender authentication
user1@server1.com user1@server1.com:SecretP@ssw0rd1
user1@server2.com user2@server2.com:SecretP@ssw0rd2
user1@server3.com user2@server3.com:SecretP@ssw0rd3
# Login for the default relayhost
[smtp.hugecorp.biz] defaultUsername:defaultPassword

Step 4
Hash the config files. Restart Postfix:

postmap hash:/etc/postfix/passwd
postmap hash:/etc/postfix/relayhost_map
/etc/init.d/postfix reload

Following these instructions you should be able to configure each of your users, or a specific subset of users, to relay their outgoing email through specific ISPs or even specific gmail accounts.  If my previous post is too limited for you–you don’t want everything authenticating and relaying through a single gmail account–these instructions should give you more flexibility.

Source: nixCraft

How To Install Droid Fonts on Ubuntu 9.04 “Jaunty”

UPDATE: This post has been updated to include instructions for Ubuntu 9.10 “Karmic”, 9.04 “Jaunty” and 8.10 “Intrepid”

Based on this recent post regarding Getting Android’s Fonts on Ubuntu by Stefano Forenza I have installed these new fonts on my machine(s) and I’m enjoying them very much.  I thought I’d pass on the instructions for how to install ttf-droid, the Android fonts, on your Ubuntu machine.

As you may have read in his post (linked above), the fonts are only available in the official repositories for Ubuntu 9.04 “Jaunty” and beyond.  If you are using a previous version you’ll have to install them manually.  Here is how we’ll do it:

Ubuntu 9.10 “Karmic”

sudo aptitude install ttf-droid

Ubuntu 9.04 “Jaunty”

sudo aptitude install ttf-droid

Ubuntu 8.10 “Intrepid”

Download ttf-droid package

  • Double-click downloaded file to install

OR

  • dpkg -i ~/Desktop/ttf-droid*.deb

I think these fonts look really clean and crisp. The ttf-droid fonts have now replaced the Red Hat Liberation fonts I was previously using on both of my work machines.

I’m curious what other fonts people generally use.  I’ve run into people that are absolutely passionate about using the right font, while at the same time others don’t really care and have never changed them from their defaults.  Which type are you?

New GDM Login Theme in Ubuntu 9.04 “Jaunty”

I’ve been playing with Ubuntu 9.04 in VirtualBox and after installing the 9.04 Alpha 5 I noticed the new GDM Login screen. Things sure have come a long way since I started using Ubuntu in 5.04! Below is a screenshot of the new Login screen. Thoughts?

Ubuntu 9.04 GDM Login Screen

Ubuntu 9.04 GDM Login Screen

Announcing the “Everything but Ubuntu” Blog: blog.zelut.org

Based on much of the feedback in regards to my desire to blog about more than just Ubuntu I’d like to announce a secondary blog, blog.zelut.org.  I’ve been using this site casually for the past few months, just for little things here and there, but I would like to try and focus now on expanding it to everything I’m working on.  Currently it has a number of posts about FreeBSD, including installation and running services.  I’ve started a section regarding Cisco, which I’m working with quite a bit now day to day.  It also has other things mixed in here and there.  I’m going to be spending some time migrating my scattered personal wiki notes onto that blog.  Topics that you’ll likely see soon:

  • Creating an RHN Satellite Server (without Red Hat Satellite) – CentOS
  • Creating SSH Jails – CentOS
  • Pinning Processes to Specific CPU – Linux
  • DBAN (Darik’s Boot-and-Nuke) via PXE – CentOS

…and more.

I’ve added an RSS Feed to the new theme which will display the latest posts from this alternate site.  You can find this in the upper-right corner of this blog.  You may also want to add blog.zelut.org to your RSS reader and get a wider variety of information.  I figure having two sites will be the best way to maintain a range of content while allowing for the reader to select what he does or does not want to read.

You’ll still be able to find Ubuntu related content here, and I’ll stick to that topic as closely as I can.  For all your other Linux needs, I hope you find blog.zelut.org helpful.

Trying Out a New Theme

After toying with a few new themes I have activated one of them on this blog today. I’d love to hear your thoughts on the change. Better? Worse? Anything missing? Drop by, leave a comment, and tell me what you think.

P.S. I know OpenID is broken. I’m looking into it..

SSH Pop Quiz

I spent a little bit of time trying to find an answer to this today but I was unsuccessful. I’m hoping one of you will have the secret for me.

Situation:
I’ve configured my .ssh/config file with profile and port information for the many servers I connect to on a regular basis.

Problem:
One of the servers I need to access requires bouncing through another server first. ie; In order to access machine2 I have to connect to machine1 first. How to automate this within the .ssh/config?

When I manually connect to this I use:

ssh -t machine1 ssh machine2

What I would like to do is configure my .ssh/config file to use that -t option when connecting to that specific machine. I would like to be able to simple run:

ssh machine1

and based on the configuration in the .ssh/config have this automatically connect to machine2.

Any ideas?

How To Find What Package Provided a File?

Earlier today I found myself in a situation where one Ubuntu machine was missing an executable available on the second. After trying to guess the package name a few times without success I pulled this little number out of my bag of tricks:

cedwards@monkey:~$ dpkg -S $(which host)
bind9-host: /usr/bin/host

As you can see, this returned the package name that provided the executable, host.  Using the -S option with dpkg directly is a really simple way to find out what package provided the file or executable you’re looking for.

This requires, of course, that the file exists on the machine you’re running the command on.  I should also note that the command-not-found package provides this functionality in recent versions of Ubuntu.  If you’re on an Ubuntu variant, or a Debian release that may not provide this service, this is a good tool to be aware of.. just in case.

Thinking About Covering More Than Just Ubuntu…

I’ve been doing some thinking about how I might be able to light a fire under this blog again and get back to a regular post schedule.  I feel like I’ve exhausted much of the Ubuntu subect matter that this blog has generally focused on.  In that regard I’ve been tempted to post a number of technical artices that relate to other *NIX systems, such as CentOS, FreeBSD, Arch Linux, etc.  The main reason that I have not is that the historic content and name of the blog make me feel like I’m limited to Ubuntu related content as much as possible.  (As well as being syndicated on the Ubuntu Planet)

So I am curious to hear back from you regarding your thoughts on opening this blog up to additional topics and platforms.

This would include many tips and tricks I’ve come across in working on RHEL/CentOS at work for the past six months as well as other systems I’ve been tinkering with, like FreeBSD, Gentoo and Arch Linux.

I realize there may be topics that extend beyond the current reader base, but my hope is that it’ll become a resource for much more than just the Ubuntu crowd.  We are all in the same boat after all.

I’m going to sit on this for a bit.. please comment and let me know your thoughts.  If you are open to the idea, what topics, distributions or tools are you interested in?

Automatically Logout SSH Sessions After Period of Inactivity

At work we maintain over a hundred machines, most of which are regularly accessed via SSH by our developers.  Due to the number of machines and the number of tasks that need completed, we found that many of the developers would often forget they were logged into a server and leave an idle SSH session open.  Due to the sensitive nature of the data on many of the servers we needed to find a solution to this.  We decided to implement an SSH feature to automatically logout SSH sessions after a period of inactivity.  Here is how we did it.

Inside the sshd_config file (/etc/ssh/sshd_config) there is a setting for ClientAliveInterval and ClientAliveCountMax.  Edit these two lines to look something like:

ClientAliveInterval 300
ClientAliveCountMax 0

Once these settings are changed you’ll need to restart your SSH server for them to take effect.

sudo /etc/init.d/ssh restart

Now, if an SSH session is connected with no activity for five minutes, it’ll be automatically logged out. Hopefully reducing the chance of an open connection becoming vulnerable at an idle workstation.