Ubuntu Tutorials

As I mentioned a few days back in my article regarding Installing Dropbox on Kubuntu, I’ve been tinkering with KDE recently and I am enjoying my time with it. I know I’ve written in the past regarding some frustrations with KDE, but I have to admit that many of my frustrations have gone away as the KDE 4.x series has matured. Again, if you haven’t tried KDE in a while I would invite you to do so.

In this article I will outline how to activate the kubuntu-ppa (Personal Package Archive), which will allow you to install the latest KDE packages. These instructions are specific to the KDE 4.4 RC (Release Candidate) packages, which are offered for feedback and testing. If you would like to try the latest that Kubuntu has to offer (even potentially unstable), you’ll want to continue reading.

Requirements

In order to download and install the latest KDE packages you’ll need to configure and activate the Kubuntu PPA. This is a Personal Package Archive, hosted on Launchpad, which is maintained by the Kubuntu Developers, and allows for staging and testing new packages. To activate the repository, run the command:

sudo add-apt-repository ppa:kubuntu-ppa/beta

The Kubuntu PPA, particularly the RC packages, should now be configured and activated on your machine. You’ll still need to refresh your repository and install the updates, which I will cover next.

Installing KDE RC Packages

There are two approaches we can take to installing these packages. The first is for people who are already running Kubuntu (KDE) and want to simply update their installed packages to those offered in the RC repository.

To upgrade your existing installation to KDE 4.x RC, run the following two commands:

sudo apt-get update
sudo apt-get dist-upgrade


The second method is for people interested in trying KDE 4.x RC who do not have KDE installed currently.

To install KDE 4.x RC packages, use the following:

sudo apt-get update
sudo apt-get dist-upgrade
sudo apt-get install kubuntu-desktop

I consider the KDE 4.x series to be very mature at this point, with a plethora of features and effects. I think the KDE Team has done a great job on improving the Linux Desktop over the past few years, and I continue to enjoy my time using it. I continue to use GNOME as well, but KDE 4.x has rebuilt the bridges that previous experiences had burned.

I am interested in hearing what you think about these RC packages, and how stable you find them to be. Do you enjoy being on the bleeding edge? If you run into problems, you might try looking for support in our Forum.

We’ve got one more security vulnerability to announce this morning. This one likely does not affect as many users, but it should require attention nonetheless.

Detail follow:

• Tim Starling discovered that LibThai did not correctly handle long strings. A remote attacker could use specially-formed strings to execute arbitrary code with the user’s privileges.

You can apply this patch using the graphical Update Manager utility, or by running the following two commands from the Terminal:

sudo aptitude update

sudo aptitude safe-upgrade

In general, a standard system upgrade is sufficient to effect the necessary changes.

We’ve got a load of security vulnerabilities to announce for Pidgin today. The patched packages should be available for download at most Ubuntu mirrors. I would advise that you update as soon as possible.

Details follow:

• It was discovered that Pidgin did not properly handle certain topic messages in the IRC protocol handler. If a user were tricked into connecting to a malicious IRC server, an attacker could cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 8.10 and Ubuntu 9.04. (CVE-2009-2703)
• It was discovered that Pidgin did not properly enforce the “require TLS/SSL” setting when connecting to certain older Jabber servers. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This issue only affected Ubuntu 8.04 LTS, Ubuntu 8.10 and Ubuntu 9.04. (CVE-2009-3026)
• It was discovered that Pidgin did not properly handle certain SLP invite messages in the MSN protocol handler. A remote attacker could send a specially crafted invite message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 8.10 and Ubuntu 9.04. (CVE-2009-3083)
• It was discovered that Pidgin did not properly handle certain errors in the XMPP protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.10 and Ubuntu 9.04. (CVE-2009-3085)
• It was discovered that Pidgin did not properly handle malformed contact-list data in the OSCAR protocol handler. A remote attacker could send specially crafted contact-list data and cause Pidgin to crash, leading to a denial of service. (CVE-2009-3615)
• It was discovered that Pidgin did not properly handle custom smiley requests in the MSN protocol handler. A remote attacker could send a specially crafted filename in a custom smiley request and obtain arbitrary files via directory traversal. This issue only affected Ubuntu 8.10, Ubuntu 9.04 and Ubuntu 9.10. (CVE-2010-0013)

Pidgin for Ubuntu 8.04 LTS was also updated to fix connection issues with the MSN protocol.

USN-675-1 and USN-781-1 provided updated Pidgin packages to fix multiple security vulnerabilities in Ubuntu 8.04 LTS. The security patches to fix CVE-2008-2955 and CVE-2009-1376 were incomplete. This update corrects the problem.

Original advisory details:

• It was discovered that Pidgin did not properly handle file transfers containing a long filename and special characters in the MSN protocol handler. A remote attacker could send a specially crafted filename in a file transfer request and cause Pidgin to crash, leading to a denial of service. (CVE-2008-2955)
• It was discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. (CVE-2009-1376)

To apply these fixes, please update your system as soon as possible. You can use the graphical Update Manager tool, or use the following two commands from the Terminal:

sudo aptitude update
sudo aptitude safe-upgrade


After a standard system upgrade you need to restart Pidgin to effect the necessary changes.

I just read the news that Linux Journal Editor Shawn Powers lost his home today due to a fire. He and his family all escaped unharmed, but they lost their home and family pets. I don’t have many details (I’ve not been able to find many elsewhere either), but I wanted to pass on the news. Their local community and church have stepped up today to help them with basic shelter as I understand. Beyond this a call has gone out for community donations towards helping them get back on their feet.

If you are so inclined, please visit this page and donate what you can. I’m sure it would be very, very appreciated.

I know many people are curious regarding which Ubuntu kernel is available, and how the kernels differ between distributions. I thought it would be interesting to create a reference outlining each of the supported and available kernels on Ubuntu, and which release they correspond to. I will try to keep this page updated with the latest information regarding Ubuntu kernel versions, including:

• Ubuntu Release (supported releases only)
• Kernel Version (including main and updates)
• Installation / Upgrade Instructions (how to install a specific kernel)

I hope this ends up becoming a useful quick reference for the community.

Ubuntu Kernel Versions

I’ve included a screenshot of the initial data. Please note that this screenshot is not kept up to date. Please download the latest PDF linked below.

Download the latest .pdf here.

I recently installed Kubuntu 9.10 to have a look at the latest that KDE has to offer in the Ubuntu arena. I have to say, I find it very polished and far less buggy than previous releases that I’ve used! If you haven’t tried KDE recently, I invite you to give it a try. In this article I’ll outline how to install Dropbox on KDE (Kubuntu) without using the packages, or requiring the GNOME dependencies that are required for Nautilus integration.

Installation

Because we’ll be installing Dropbox manually, outside of the package management system, the first thing you’ll need to do is download the binary for your running architecture. I’ve included direct download links to the 32bit and 64bit releases below:

• 32bit Dropbox Linux Client
• 64bit Dropbox Linux Client

After you’ve downloaded the .tar.gz file, unpack it and move its contents to your home folder. Assuming your default Download location is your ~/Downloads folder, do the following to unpack and move the dropbox files:

tar xf dropbox-lnx*.tar.gz

mv .dropbox-dist/ ~/

Lastly, assuming you want Dropbox to autostart when you login, you’ll want to create a symlink to your Autostart folder. You can do this using the command:

ln -s ~/.dropbox-dist/dropdoxd ~/.kde/Autostart/

Launch Dropbox

At this point you can either logout and log back in to have Dropbox launch, or manually launch by issuing the command:

~/.dropbox-dist/dropboxd

You should be prompted to enter your account information, and you’re set!

Getting Dropbox

If you don’t have a Dropbox account, I’d invite you to check it out. It’s a very, very useful tool for sharing files and doing off-site backups. If the program is still in place, you’ll get a 250M storage bonus for using this link.

This post is an update to an article I wrote some years ago. There have been some changes in the configuration between now and then, so I felt this warranted an update. The original article in question is: Clearing or Resetting the GNOME keyring. This article addresses the issue where a user may have forgotten or otherwise become locked out of their keyring. The keyring, of course, allows for the management of SSH, GPG and other keys through a central tool and interface.

The problem

You are prompted by the system to enter your keyring passphrase in order to unlock additional keys. None of your passphrases work–somehow you have become locked out of your keyring. In this situation you may not be able to unlock needed keys, such as passwords, SSH or GPG keys.

The solution

The only solution that I’ve been able to come up with is to delete the keyring contents, including the incorrect or corrupt passphrase. Note: this will destroy all stored keys in the keyring, requiring that they be re-imported. Other than the need to “start over” with the keyring manager, this solution should be otherwise harmless.

Method 1:

It is possible to clobber your keyring passphrase and settings from the Terminal. Open a terminal (Applications > Accessories > Terminal), and run the command:

rm ~/.gnome2/keyrings/login.keyring

On older systems you may need to try:

rm ~/.gnome2/keyrings/default.keyring

Method 2:

The second method bypasses the Terminal and uses the graphical interface strictly. To delete your current keyring, follow the steps below:

1. Navigate to Applications > Accessories > Passwords and Encryption Keys
2. Select the far-right tab “Passwords”
3. Select your keyring
4. Right-click and attempt “Change Password” or, if that doesn’t work, select “Delete”

Additional:

If you continue to have problems I would suggest looking for additional tips in the comments here or here.

I’m sorry this notice is a day late. I didn’t catch it in my Inbox when it first came through–somehow it got filed away without me catching it. In any case, the second Alpha release of the upcoming “Lucid Lynx” release is now available for download. This is a perfect opportunity to fire up Virtualbox on Ubuntu 9.10 and give it a spin–help shape what will become the next flagship LTS (Long Term Supported) release!

Release announcement:

Welcome to Lucid Lynx Alpha 2, which will in time become Ubuntu 10.04 LTS.

Pre-releases of Lucid are *not* encouraged for anyone needing a stable system or anyone who is not comfortable running into occasional, even frequent breakage.  They are, however, recommended for Ubuntu developers and those who want to help in testing, reporting, and fixing bugs.

Alpha 2 is the second in a series of milestone CD images that will be released throughout the Lucid development cycle.  The Alpha images are known to be reasonably free of showstopper CD build or installer bugs, while representing a very recent snapshot of Lucid. You can download it here:

http://cdimage.ubuntu.com/releases/lucid/alpha-2/ (Ubuntu)
http://uec-images.ubuntu.com/releases/lucid/alpha-2/ (Ubuntu Server for UEC and EC2)
http://cdimage.ubuntu.com/ports/releases/lucid/alpha-2/ (Ubuntu ARM)
http://cdimage.ubuntu.com/kubuntu/releases/lucid/alpha-2/ (Kubuntu)
http://cdimage.ubuntu.com/xubuntu/releases/lucid/alpha-2/ (Xubuntu)
http://cdimage.ubuntu.com/edubuntu/releases/lucid/alpha-2/ (Edubuntu)
http://cdimage.ubuntu.com/mythbuntu/releases/lucid/alpha-2/ (Mythbuntu)

See http://wiki.ubuntu.com/Mirrors for a list of mirrors.

Alpha 2 includes a number of software updates that are ready for wider testing.  Please refer to http://www.ubuntu.com/testing/lucid/alpha2 for information on changes in Ubuntu.

This is quite an early set of images, so you should expect some bugs.  For a list of known bugs (that you don’t need to report if you encounter), please see:

http://www.ubuntu.com/testing/lucid/alpha2

If you’re interested in following the changes as we further develop Lucid, have a look at the lucid-changes mailing list:

http://lists.ubuntu.com/mailman/listinfo/lucid-changes

We also suggest that you subscribe to the ubuntu-devel-announce list if you’re interested in following Ubuntu development. This is a low-traffic list (a few posts a week) carrying announcements of approved specifications, policy changes, alpha releases, and other
interesting events.

http://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-announce

Bug reports should go to the Ubuntu bug tracker:

https://help.ubuntu.com/community/ReportingBugs

Enjoy!

I am, as I’m sure many of you are, avid users of virtualization. Virtualization allows us to test new releases, other distributions, and otherwise sandbox operating systems and applications that we wouldn’t otherwise be able to (or want to!) run on our stable system. In this article I will outline how to install the latest VirtualBox release using the VirtualBox / Sun repository. This will ensure your installation remains up to date, and stays within the package management system.

Requirements

In order to install the latest VirtualBox release we’ll need to configure and activate the VirtualBox repository. This is done by following the steps below:

1. (GNOME) Navigate to: System > Administration > Software Sources
2. (KDE) Navigate to: System Settings > Add and Remove Software > Settings > Edit Software Sources
3. Select the “Other Software” tab.
4. Add: deb http://download.virtualbox.org/virtualbox/debian karmic non-free

You’ll also want to import the package signing key, using the command:

wget -q http://download.virtualbox.org/virtualbox/debian/sun_vbox.asc -O- | sudo apt-key add -

Installation

Once you have the upstream VirtualBox repository activated, you’re able to install the latest VirtualBox release using the command below. You may also click on the linked package name:

sudo aptitude install virtualbox-3.1

Use

Before you are able to use VirtualBox you will need to add yourself to the required group. This facilitates access to the vboxdrv system device. Use the following command to add yourself to the required group:

sudo gpasswd -a <username> vboxusers

Once you have applied this change you will need to logout and log back in. This is required for the group-access change to take effect.

After you are logged back in you should be able to successfully launch VirtualBox from: Applications > System Tools > VirtualBox

I realized today that this blog could do far more to reach Ubuntu Users worldwide than it currently is. For that reason I have created a Facebook page for Ubuntu Tutorials! If you are a fan of this blog, please become a fan on Facebook as well. I would like to be able to better reach Ubuntu Users, and the best way to do that is through the largest, most popular site in the world!

To become a fan of Ubuntu Tutorials on Facebook, follow these two simple steps:

1. Visit the Ubuntu Tutorials page. Click “Become a Fan” at the top of the page
2. Invite your Facebook friends to become fans as well!

Becoming a fan will allow you to follow blog updates via Facebook, including links to full articles. I’ll also be including additional Facebook-only contests and events

Help get things moving, become a fan today!