Ubuntu Tutorials

It was pointed out to me recently that the graphical tool for sharing files and folders no longer displayed within the Main Menu.  I’m not sure if this is reported as a bug anywhere (I haven’t looked), but I thought I would mention how you can still use the tool, or even better, manually add it to your menu.  This tutorial is for anyone that wants to simply share files and folders via samba or NFS.

Sharing Folders with Shares Admin

First, lets take a look at the shares-admin tool.  It is a graphical management tool for sharing files and folders by way of NFS or samba.  If you’re not familiar with these protocols, samba is generally used for sharing within a Windows network, and NFS for Linux/Unix networks.

To launch the shares-admin tool type:

ALT-F2: shares-admin

You’ll be asked to “Unlock” access for your user, and then you’ll be able to create a share.

Click “Add” to create a new share.  Select the folder you want to share, the protocol you want to share it with, and the name you want to give it.  It’s that simple!

Adding Shares-Admin to your Main Menu

If this is something you find you might use often you may want to add it to your Main Menu.  This can be done pretty easily, by using the Main Menu Editor.  I posted about this recently, Edit The Main Menu with Two Clicks on Ubuntu 8.04.

If this article has been helpful, please consider linking to it.

The Ubuntu team is proud to announce the release of Ubuntu 6.06.2 LTS, the second maintenance release of “Dapper Drake”. This release includes updated Server installation CDs for the i386 and amd64 architectures.

About Ubuntu
————
Ubuntu is a full-featured Linux distribution for desktops, laptops, and servers, with a fast and easy install and regular releases. A tightly-integrated selection of excellent applications is included, and an incredible variety of add-on software is available from a global network of mirrors with just a few clicks.

Professional technical support is available from Canonical Limited and hundreds of other companies around the world. For more information about support, visit http://www.ubuntu.com/support

To Get Ubuntu 6.06.2 LTS
————————
Download it here:

http://www.ubuntu.com/getubuntu/download

About Ubuntu 6.06.2 LTS
———————–
This is the second maintenance release of Ubuntu 6.06 LTS, which continues to be supported with maintenance updates and security fixes until June 2009 on desktops and June 2011 on servers. This maintenance release focuses on improving hardware support for popular server platforms, including updated server installation media.

Over 600 post-release updates have been integrated, so that fewer updates will need to be downloaded after installation, and a number of bugs in the installation system have been corrected. These include security updates and corrections for other high-impact bugs, with a focus on maintaining stability and compatibility with Ubuntu 6.06 LTS.

See http://www.ubuntu.com/usn for a list of Ubuntu security updates. As of 2008-01-10, all updates affecting packages on the CD have been applied.

A summary of notable updates follows. See https://bugs.launchpad.net/ubuntu for specific information about a particular bug number.

Server updates
————–
Hardware-independent installer fixes:

• Configuring LVM with using RAID partitions as physical volumes works now. (#22899)
• An occasional indefinite hang during installation on multiprocessor systems has been fixed. (#62986)

Installation on HP ProLiant DL3xx server platforms:

• Detection of the DAC960 RAID controller (#31035)
• Detection of HP Virtual Keyboard (#55495)
• Detection of Broadcom NetXtreme II BCM5708 (#73647)
• Installation of Lilo with the HP/Compaq SmartArray RAID controller (#103291)

Installation on Dell PowerEdge server platforms:

• Detection of I2O-based hardware RAID controllers, such as the Adaptec 2xxx series (#22220)
• Detection and handling of PERC/MegaRaid controllers (#32752, #55138, #56854)

Desktop Updates
—————

• Fix polling of CD-ROMs which previously caused problems like failed hibernation, failed hotswapping CD drives, and lockups. (#58953)
• Fix the Gnome printer notification icon and other printing client programs getting stuck in an endless loop, consuming 100% CPU resources. (#44196)

General Updates
—————

• Handling of proxy disabling (Acquire::http::Proxy “false”) in apt configuration (#47044)
• NFS mounts on 64 bit platforms (#89801)
• Printing of documents with certain international characters in the title (#57445)

Helping Shape Ubuntu
——————–
If you would like to help shape Ubuntu, take a look at the list of ways you can participate at

http://www.ubuntu.com/community/participate/

If you have a question, or if you think you may have found a bug but aren’t sure, try asking on the #ubuntu channel on IRC.FreeNode.net, on the Ubuntu Users mailing list, or on the Ubuntu forums:

http://lists.ubuntu.com/mailman/listinfo/ubuntu-users
http://www.ubuntuforums.org/

More Information
—————-
You can find out more about Ubuntu on our website:

http://www.ubuntu.com/

I’ve been tinkering with the XO laptop this morning and I thought I’d share some specs with everyone that is interested. I’m still exploring the machine, but here are some interesting details that I found.  I’ve included hardware details from processor, memory and hard disk to software details including running kernel, included software, etc.  It’s a really impressive little tool.  This is one great representation of what Free Software can do!

Machine Specs

[olpc@xo-10-AC-5E ~]$ cat /proc/cpuinfo
processor : 0
vendor_id : AuthenticAMD
cpu family : 5
model : 10
model name : Geode(TM) Integrated Processor by AMD PCS
stepping : 2
cpu MHz : 430.960
cache size : 128 KB
fdiv_bug : no
hlt_bug : no
f00f_bug : no
coma_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 1
wp : yes
flags : fpu de pse tsc msr cx8 sep pge cmov clflush mmx mmxext 3dnowext 3dnow
bogomips : 862.98
clflush size : 32

[olpc@xo-10-AC-5E ~]$ cat /proc/meminfo
MemTotal: 237844 kB
MemFree: 48172 kB
Buffers: 0 kB
Cached: 87496 kB
SwapCached: 0 kB
Active: 107988 kB
Inactive: 59784 kB
SwapTotal: 0 kB
SwapFree: 0 kB
Dirty: 0 kB
Writeback: 0 kB
AnonPages: 80296 kB
Mapped: 24764 kB
Slab: 15088 kB
SReclaimable: 4568 kB
SUnreclaim: 10520 kB
PageTables: 792 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
CommitLimit: 118920 kB
Committed_AS: 140844 kB
VmallocTotal: 794604 kB
VmallocUsed: 17740 kB
VmallocChunk: 776592 kB
HugePages_Total: 0
HugePages_Free: 0
HugePages_Rsvd: 0
Hugepagesize: 4096 kB

[olpc@xo-10-AC-5E ~]$ df -Th
Filesystem Type Size Used Avail Use% Mounted on
mtd0 jffs2 1.0G 333M 692M 33% /
tmpfs tmpfs 35M 0 35M 0% /dev/shm

The machine comes with built-in wireless, three USB ports, headphone and microphone jacks and an SD card reader. A set of built-in speakers, an integrated camera for doing still or video shots. Touchpad and nearly full (very small!) keyboard. Some of the other things I’ve found are that they screen can not only be physically rotated (180 degrees) and laid down for display there is also a software rotate button to rotate the contents of the screen. The rotate button rotates the screen contents through four different directions.

It was very easy to connect the XO to my wireless network (no encryption). Wired connection can be done via a USB-to-ETH0 adaptor if needed. Connecting my USB mouse worked just fine. Attaching a vfat USB device connected fine as well as a an ext3. The vfat was recognized by Sugar and allowed me to “umount” via the Journal activity. The ext3 automounted but I could only seem to find it from the Terminal activity (yes, OLPC prefers to call applications “activities”).

Software Info

[olpc@xo-10-AC-5E ~]$ uname -r
2.6.22-20071121.7.olpc.af3dd731d18bc39

[olpc@xo-10-AC-5E ~]$ cat /etc/*release
Fedora release 7 (Moonshine)
Fedora release 7 (Moonshine)

[olpc@xo-10-AC-5E ~]$ uname -a
Linux xo-10-AC-5E.localdomain 2.6.22-20071121.7.olpc.af3dd731d18bc39 #1 PREEMPT Wed Nov 21 00:39:06 EST 2007 i586 i586 i386 GNU/Linux

The software is really pretty intuitive I think and once you figure out the basics it supports multi-tasking pretty well. You can launch multiple applications “Activities” and then switch back to “Home” to see them on the circular status bar. Some of the applications “Activities” available:

Chat - for use, as far as I can tell, between XO machines over the Mesh networks

Browse - simple web browser, defaults to Google search

Write - document creator complete with fonts and formatting tools

Record - still, video and audio recording tool

Paint - simple graphic editor-type application "activity"

Pippy - I really like this one, its a Python learning tool. Shows example code that can be edited and teaches basic Python

Calculator - basic and advanced calculator

Measure - measure aucoustic frequencies and visually see the wavelengths

Memorize - a basic memory game matching integrating mathematics

News Reader - RSS reader

Terminal - basic shell, and the first application I found (does that say something about me?)

Analyze - analyze basic interface information

Acoustic Tape Measure - measure a distance (in meters) between two XO machines!

More!

It should be noted that this is not really a “production” laptop. This is an educational tool. Don’t get one of these if you want a small, lightweight machine. Its for kids–even the keyboard is kid-size. Young kids that want an educational teaching tool are a great market for this (and, of course, the educational goals of the 3rd world as the primary goal!). “This is an education project, not a laptop project” – Nicholas Negroponte, OLPC.

There is still time left in the Give One, Get One program if you have children that this would be a good tool for. Also, if you’d like to do development for the project it’d be a good fit. Remember, the Give One, Get One program donates one of these machines to a developing nation and also gives one to you. Now is the season for giving, right?

Today’s post isn’t so much a tutorial but more of a discussion or educational topic on grub.  It was inspired by the original post here and continued discussion in the comments.  I thought I would outline some suggestions on securing the grub boot loader and why Ubuntu adding a “rescue mode” entry in grub is not a security flaw and is really not any less secure than any other distribution.

(based on how long this entry has become I added the split post.  If you’d like to read a long entry, click read more.  If you’re not in the mood for a 10min read, relax and forget it.)

To understand this you’ll need to be familiar with Linux runlevels.  There are six default runlevels in the Linux base system.

0 (zero) is basically the shutdown runlevel.

1 (one) is single user mode.

2 (two) is a multi-user mode, minus NFS support.

3 (three) is a multi-user, command line based mode.

4 (four) user-defined / undefined.

5 (five) multi-user, graphical mode.  This is generally the default runlevel on desktop / laptop machines.

6 (six) is basically the reboot runlevel.

For the most part you don’t often use runlevel 1 or 2, primarily only use 3 on servers and 0 and 6 are used when you shutdown or reboot the machine.  5 is most likely the default on your system now.

The reason that I outline this topic in relation to grub, security and “rescue mode” is that the option included in Ubuntu for “rescue mode” is basically just an entry that boots the machine into runlevel 1 instead of the default 5.

The default behaviour for runlevel 1 is to boot to a basic shell, not require a login and allow the user to do recovery or maintenance.  Some people feel that this is a security flaw and that allowing root access to a machine via an entry in grub is simply absurd.  This same access can be achieved on most Linux distributions.

If you’d like to try it yourself (yes, this also applies to Fedora, RHEL, etc) boot your machine and press a key at grub.  You should see a menu for your available kernels and can boot any of them by selecting them and pressing ENTER.

You’ll also notice a small paragraph of command tips below the menu.  This outline explains that you can edit grub entries within this interface by pressing ‘e’ or ‘a’ to append to the entry.  To boot your machine to the “recovery mode” that Ubuntu creates simply ‘a’ (to append) and add one of the following to the kernel line: 1, s, S, or single.  These options will boot your machine to runlevel 1 or single user mode, give you a shell prompt for maintenance or recovery and not prompt you for a password.

Again, this can be done on most other distributions.  It is not limited to Ubuntu and is not a security flaw.  It is built this way to allow a user to recover a lost password, update or recover configuration files, and otherwise fix an unbootable machine.

Now that we understand that the system is designed this way and this access can be granted on most any machine you have local access to we might want to discuss how to lock down the grub system to not allow grub editing.  Securing grub will, of course, further harden your machine from this potential threat but also lock you out of recovery if you forget the passphase to access grub.

Now if you decide you’d like to lockdown grub to not allow any editing you’ll need to edit the /boot/grub/menu.lst file.  This file includes any available bootable kernels you have, the Ubuntu recovery mode entries, memtest86+ and any other OS you have setup.  Most of this file is pretty straight forward, but because of the method Debian/Ubuntu use to update this file you need to make updates in certain places.  If these changes are not made in the right place they will be overwritten the next time you update your kernel.

There is an AUTOMATIC KERNELS LIST section which builds the basis for your kernel updates within grub.  We don’t need to edit anything within this section (as it will be overwritten on the next update anyway).  What we can do though, is update some of the global options that you see near the top of the file.  These include the ‘default’ value, ‘timeout’ and ‘hidemenu’.   These don’t offer any security though.  What we can add is a password entry that will limit any grub updates or alteration without the password.

The first step to do this is run the ‘grub-md5-crypt’ command.  This will generate an md5 hash of a password of your choice which can be then added to grub.

Add a line entry in grub (anywhere in the same area of the options mentioned above) using the following syntax:

password --md5 (two dashes md5) <hash>

replace <hash>, of course, with the hash value outputted by grub-md5-crypt.  You’ll end up with something like:

password --md5 $1$nL5d0$36n6u8TaxOX9guBdKaGFx0

At this point, since this password is at the top of the file and not specific to any one entry, (which can also be done by adding the same syntax to individual entries) any updates to grub will require this password.  At this point, even local access to the machine will require a password before being able to suggest an alternate runlevel or using Ubuntu’s “recovery mode”.

Your Linux machine is now one step closer to being a hardened gauntlet.  Enjoy.

I was working on a project the other day with a friend and he was having some trouble burning an .iso image of one of the Ubuntu 7.04 Herd releases. He asked me about installing gnomebaker or K3B for burning the image. While I have used both of those programs I found that a disk image can be burned very easily directly from the the file location. Here are a few steps to burning a disk image in three clicks.

1. First, you’ll need to have a .iso image available for burning. This could be located on your desktop, home folder or I’ve even burned an image using this method over on NFS connection. You’ll also need a blank CD or DVD in the drive.
2. Once you’ve selected your disk image you can right-click the .iso file and select “Write to disk…” (two clicks)
3. This will open a dialog box letting you verify the disk type, size and burn speed. If all is correct (which it normally is) you can click Burn. Sit back and relax. Your disk will be finished in just a few minutes. (one click)

Done. When finished it’ll ask if you’d like to Eject, Burn Another Copy or if you’re just Done. So very easy.

I find this method much faster and a little more intuitive than the other cd / dvd burning applications. Not to say they aren’t great apps, but if you’re just burning a simple disk image this should be a bit faster. I’ve also had far fewer coasters using this method than I have with the others.

Let me tell you, I’m a busy man. I’m always on the go and my trusty laptop is the only thing to keep me company much of the time. Despite being here, there and everywhere I still need access to my files and folders at home. But how can I access my files, securely, from anywhere on the planet? It is simple with SSH.

If you’re not familiar with SSH you’ll definitely want to check it out. SSH stands for Secure SHell and is probably one of the most used programs on the internet with its long list of uses. It is always encrypted, always secure and easy to use. I have long used it on a daily basis and here is how you can do the same.

You should have outgoing SSH access from a default Ubuntu machine. To check that you do try the following to a machine you have ssh access to: (do you have two machines on your network? On the remote machine make sure you’ve install ssh-server and then try):

ssh [user]@[machine]

Now that you know you can ssh you can also try to remotely mount a folder to your local machine. Before you’re able to do this you need to install a package to offer that support.

sudo aptitude install sshfs

sshfs stands for SSH file system. It’s a beauty. As mentioned it allows you to securely mount and access folders over the network or internet all day long. One of the packages that comes along with sshfs is something called fuse. You’ll need to load fuse as a kernel module before you can use it. You would do so using the following:

sudo modprobe fuse

You also might want to have fuse auto-load at boot time with the rest of your modules. You can use the following command to do so:

sudo sh -c "echo 'fuse' >> /etc/modules"

(Note: make sure you are careful to use the >> instead of a single >. >> appends the entry to the file, meaning it is added to the end. A single > simply writes the information to the file and could seriously screw up your system.)
At this point you have all of the tools necessary to mount a remote filesystem or folder on your machine. You just need a few pieces of information.

1. username (do you have access to the remote machine? if so, what username)
2. IP or hostname (what machine are you connecting to? works via name, domain or IP)
3. remote folder (what remote folder address do you want?)
4. local folder to use (where to you want to store the remote contents?)

An example of a command to mount a remote system, including the above peices, would be something like:

sshfs user@hostname:/path/to/folder /local/folder

If this doesn’t return any errors you should be able to then navigate to /local/folder and find your precious files there. When you are done, or you no longer need access to those files (for this session) you can safely “unconnect” using the umount command.

sudo umount /local/folder

Ooh, and one other option that you might find useful is to have this remote folder mounted automagically each time you boot your machine. Wouldn’t that be a nice feature. Well, …ok I’ll tell you.

The /etc/fstab file is a list of the boot-time auto-mounted filesystems or partitions. If you take a look at the file you’ll see your current setup. Normally your /, /swap, etc. You can add a new listing to the same file and have your remote folders automagically mounted via sshfs at each boot. Use something like:

[hostname/IP]:/path/to/folder /local/folder fuse defaults 0 0

Now that you’re more acquainted with SSH and sshfs why don’t you take ‘er for a spin. Enjoy. You might also enjoy my previous post about Network File Systems.

You also might be interested in a post at the Ubuntu Blog on the same topic.

technorati tags:ssh, sshfs, linux, network, mount

One of you contacted me recently with a few questions regarding my previous post, Network File System (NFS) : Ubuntu (6.06.1 / 6.10). I wanted to post some follow up information on that to help clarify a few of the steps. Some of this may be very simple for many of you, for others it will hopefully open your eyes to a few more powerful aspects of an Ubuntu Linux system. Here goes.

Question: How did you modify the /etc/hosts file to use the ‘media’ shortcut?

Editing the /etc/hosts file is really simple and you can do quite a bit with it. Ever wish you could simple visit “mysite” in your browser and it’d know where you wanted to go? Ever wish you could give nicknames to your local network machines instead of trying to remember the IP address? Here is the place to do it.

To edit the file you would want to use a quick command within a terminal:

sudo gedit /etc/hosts

Simply add a line to your /etc/hosts file to create a network shortcut using the following syntax: ip.address shortcut. Example (on my network):

127.0.0.1 localhost
127.0.1.1 notebook.local notebook

192.168.0.3 media
192.168.0.8 silverbox
192.168.0.2 blackbox

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

The three lines in italics are my additions. You can use the same syntax to update your /etc/hosts file and go wherever you want! The above is an example of using a shortcut for the local network but the same goes for the outside world. Try something like:

google.com 42
ubuntu-tutorials.com bestsiteever

…and the next time you type “42″ in your browser it’ll come right up with google (yes, the answer to life, the universe and everything!), or put in “bestsiteever” and come right back here for some more great tutorials!

Update: This post has been updated based on comments by users. See comments for more details.

I realize that this might be something understood by many people but last night I went to set it up and realized I needed some documentation. The documentation that I did find was rather limited so I thought I would put together a quick tutorial for setting up NFS on an Ubuntu system.

For those that aren’t familiar with NFS here is a quick breakdown of what it might be used for.

• Commonly used data can be stored centrally over an NFS share and accessible by networked machines.
• Centrally store user /home directories on an NFS share allowing them to take their user settings with them on any locally networked machine.
• Centrally share CDROM drives, USB drives and more over the network. If a machine does not have a CDROM simply share that device over NFS and get access.

Below are quick steps on installing and configuring an NFS share on your network. I set this up last night in about 5 minutes to share my media (video and audio) to the other machines on my network.

• sudo aptitude install nfs-kernel-server (install on the central machine you want to share)
• sudo <editor of choice> /etc/exports (this is the configuration file for NFS)

At this point you’ll have to list the devices or locations that you’d like to share and any specifics of that share. Below is an example of my entry and an explanation of each section.

/media/video *(ro,sync)

The first part of this entry, /media/video, represents the location that I want to “export” or share to the network. This, if you hadn’t guessed is the location of my video files.

The second part begins with *. *, as you probably know, represents everything or in this case everyone on the network. You can replace this with a hostname to limit just who can connect to your NFS share. In my case I want all of my local machines to connect so I’ve left it with *.

After that you see ro which defines “read-only”. All of my local machines can access the folder but none can make changes to any of the files. For now this is what I’d prefer. I’d hate for someone to “accidentally” erase half of the video files so its look but don’t touch access.

Now for the good part. How do I use the share that I’ve just setup? It’s quick and easy and uses our good friend the “mount” command. Below is an example of how I would mount the share I created above.

sudo mount media:/media/video /media/video

Here is a quick breakdown of that command. sudo, of course, to gain the privelege of running that command. mount is the same that you’d use to mount a cdrom or usb flash drive. media: represents the machine on the network. Why isn’t that an IP? I’ve specified media in my /etc/hosts file so I can make that shortcut. /media/video is the name of the remote share (as defined above) and /media/video is the location that I would like to mount to. I know it looks like some repetition but I like the organization. You could easily use anything in those places. (ie; sudo mount server:/home/user /home/Desktop/user)

note: the mount destination must already exist and must be empty to properly function.
Quickly, before I wrap this up. Below is an example of how you can set the NFS share to auto-mount on each boot. This would be helpful if you wanted to take advantage of the example above by centrally sharing /home folders.

sudo <editor of choice> /etc/fstab

Add the following entry (replacing with your specifics) to the bottom of that file.

example.hostname:/share_location /mount_location nfs rw,hard,intr 0 0

You’ll notice that the first part of the entry is very similar to the example for manually mounting the share. The last part, beginning with nfs, specifies the file system type (nfs, vfat, ext3, etc) and the last part specify the rest of the details for that nfs system.

I hope this helps anyone new to setting up an NFS share on their network. Some argue that a problem with Linux is lack of helpful documentation. Well, stick this in your pipe and smoke it.

technorati tags:nfs, network, filesystem, ubuntu, 6.06, 6.10