|
|
|
|||||||||||||||||||||||||||||||||||||
![[tm]](../gx/tm.gif)
,
The Mailbag
Kylix
More 2¢ Tips!
Fvwm Buttons
Greetings from Heather Stern|
............... Various applications find System.map themselves, based on a standardized search path and name scheme. The non-specific name version "System.map" is the last taken, first it tries to find it as: System.map-${uname -r} Now if you have "System.map", and multiple kernels, without specifically named System.map files, then only one boot kernel will find the right System.map. Not everything needs kernel symbols to work right, but some do, those are the ones that will have problems. Perhaps even with different kernels, the symbol search scheme will still find the right place for the symbol it needs (I'm not sure what scheme it uses, e.g., it might be a simple offset). Lilo itself does not have any knowledge of System.map, as far as I know (I'm not 100% certain, but probably about 90% certain). Now one place that is searched is the standard kernel build source location, /usr/src/linux/ (or maybe /usr/src/linux-2.4/ in some cases), and so if you install from that, and do not alter System.map in that directory, then you symbols should be resolved until you build a new kernel and overwrite the old one. ............... |
Thank you all (there are so many names to list!) for your quick responses
to my question. I'm gonna do some detective work. My perception was that
the system locked up. The only thing that I really know is that the console
and the network did not respond. I got two serial ports on my system. I
dedicate one to the modem, and I use the other for kermitting around. I
think that I am going to use my nonmodem serial port for a login session.
Would it not be funny if the system was still running and only my network
stuff failed as a result of an X lockup?
That would seem odd, though. Since I was running X via my local console (you know -- with the keyboard and display), I would expect Unix domain sockets to be used, thus, bypassing TCP (the network stream stuff).
You all gave me lots of good ideas, and thanks much again. This email response is like a broadcast thanks to all of you!
How to send email without a DNS server?
From Faber Fedor
Answered By John Karns, Mike "Iron" Orr, Mike Martin, Heather Stern, Ben Okopnik
Hi Gang!
A client of mine is discovering the Joy That Is Linux. He recently asked me if it was possible to send email from applications (written in JBASE, a PICK shell that runs on Linux). I mentioned that you could do this:
mail -s "Some Subject" user1@domain.com < output_from_app
and he was impressed. He has since come up with several time- and resource-savings applications of that simple redirection to the mail command.
He has raised an intersting (to me) question and although I can come up with two solutions, I'm looking for a better one. Also, it's generated a question that I can't answer, hence this posting.
The question is: How do you send mail between two linux boxen if there is no DNS server from which to query for an MX record?
Now, I'm not asking for the impossible here. The two boxen run sendmail/postfix and they are on the same internal network (the sender is 10.10.10.1 and the receiver is 10.10.10.2).
I could tell him to install a DNS server, which he would do (I love
clients that listen to me
but there should be a simpler solution.
We could send the email to a local user on .1 and fetchmail the mail
from .2, but that's too much of a kludge for my taste.
I've been through the HOWTOS and google and didn't find anything
applicable (at this point Ben walks in, donning his mirrored
sunglasses, executes a google search using 1.5 words (without quotes),
finds The Canonical Page that answers this question and makes me look
like a fool (again
).
Ideas?
[Ben] <mock growl> Don't do that, Faber; the fact that one of us has the answer _does not make the rest of us look like fools. Unproductive attitude there, sir. Me, I'm always happy when I see one of the other Gangsters come up with an answer to something I don't know (how d'you think I got this smart?
Some mail transfer agents may balk at it, but I've found it to work most of the time.
If you are sending externally you would need a DNS either locally or via the isp anyway
Using SuSE 7.x & sendmail, and a psuedodomain I use, I've come up with the following solution to that problem:
edit /etc/mailertable to add entries like the following
mylinuxServer1.my.domain smtp:mylinuxServer1.my.domain mylinuxServer2.my.domain smtp:mylinuxServer2.my.domain
I don't have DNS setup, as the servers are isolated, but sendmail via dialup. I do have the hostnames listed in the hosts file on each server though. In this way, any mail addressed to user@mylinuxServer1.my.domain only goes out when connected to that server.
You can't use nullmailer for these even if it's only two boxes, because that won't accept mail for local deliveries. You could keep all the mail on only one of 'em and use nullmailer on the rest of the machines though. At that point the machine becomes a very tiny server and also needs to run a pop or IMAP daemon to allow mail pickup. At which point you may as well also set up a dummy local DNS, maybe for a silly domain name that won't be used by the outside world because there are no root servers for it, like fabershouse.local -- which would serve A and MX records for say... livingroom.fabershouse.local, den.fabershouse.local, etc.
You could skip mail and drop notes in a samba share at each other, or ssh in and share a kibitz session using your favorite text editor. Which means somebody becomes a server but may bother people a lot less.
Starting many X sessions
Answered By Ashwin M, Heather Stern, Jay R. Ashworth, Chris Gianakopoulos, Robos
I am a relative newbie to Linux, hence this tip may be common or may have been already published.
To start a new X session get to a terminal session (F1 - F6) and type "startx -- :1". A new X session starts up. Now to go back to the older X session, use Ctrl-Alt-F7. For the new X session use Ctrl-Alt-F8.
(For more X sessions use the next numbers after 1 like 2,3 and so on. They don't have to be in order like 1 next 2 and so on. No matter what number you use here the Ctrl-Alt-Fx number will be assigned the next available number after 7)
Of course if you do that too, make sure Xdm or its cousins don't think they are supposed to take a console used by a text getty.
- To use different window managers at the same time like KDE and GNOME.
- To run X sessions logged in as different users.
- To try out things with the XFree86 system (like fonts and such)
You may think "why would I need this?". But, once you know this trick you will find new ways to use it for your work
Note: I found this not to work on some (very few) systems with old video cards and less VRAM.
thanks, Ashwin
- Jim and I are both using the machine... so we want our own X session each. Since we're running in different chroot spaces (for an experiment) on one of the machines around here that's kind of handy.
- to have different native bit depths, also for experiment. Happily getting to be rare, but there is occasionally software that is happiest only at one color depth. If you're designing graphics for use at multiple color depths I swear this is the fastest way to tell which colors will wash out.
In the modern era you could also use Xnest to provide the reduced depth to the stupid app, but it's less confusing to do the above than to make sure you're running something inside the nest.
Not that it's hard mind you - make the nest's first client an xterm with a custom color fg and bg, then launch things you want in the nest from the special xterm.
[Robos]
Well, I knew this, but did you know that the keyboard and mouse are
bound to one? Meaning you can't - like I tried - run two xsessions on
two grafik cards and share the keyboard between them. This is only
possible if you use a ps/s keyboard and a usb version. I want to do
that, but I haven't got the usb keyboard yet that I would like: small
form factor (84 keys), english layout (I'm in germany) and usb...
And indeed, a quick test proves that you can.
RH 7.1, and whichever X ships with that. I did Ctrl-Alt-F1 to a text login, logged in as root, did 'startx -- :1', and was whisked over to tty8, where I got a KDE desktop as root (that being the default choice on my laptop).
Ctrl-Alt-F7 switched me right back to the desktop I'm on (KDE under KDM, logged in as myself), and I could C-A-F8 right back to the other one; mouse and keyboard worked in both.
And indeed they should: X switches to a free vt before it binds the hardware, and what it gets is the virtualization of the hardware that it produced by the multi-console driver. It doesn't bind directly to the hardware.
[Robos]
Well, a misunderstanding and a wrong memory on my part (I run
memtest86 later on me, it always takes so long...). I meant that I
wanted to run two xservers on two graphic cards and have two keyboards
too. My motivation: Running quake3 and chatting with my pals in irc at
the same time. Thought about either two xservers or one xserver and
one mga framebuffer. But, as said, no usb keyboard yet.
[Robos]
And cheaper than two computers, not to mention the noise reduction.
X 4 lets you designate entirely different screen layouts to be stored in its config file, and you can specify which one to use by passing -layout "layout[1]" (or whatever ID you named it) down to X. Of course your usual methods of starting X may try to protect you from doing this, but with startx it's pretty easy: startx -- -layout secondhead :2
With X 3.3.x you probably have to just keep seperate config files.
If anyone out there is crazy enough to be trying this, let us know how it works out for you. And then there's always the Linux Terminal Server Project: http://www.ltsp.org
Or better yet the K-12 Linux Terminal Server Project: http://k12ltsp.org/contents.html
Playing CD Music Digital Output
Questions From Bill Parks, Mithra
Answered By Lennart Benschop, Dave Maxwell, Serkan Akdag, Rob McMeekin, Robos
This thread is in response to Issue 79, Help Wanted #2 and all of these people sent in Tips. I'm sure there's really at least a quarter's worth here; that'd be Two Bits instead of Two Cents
I purchased an eMachine to run Linux on. It came with (sorry) XP which I
used to check out the hardware. It plays music CD's fine but uses digital
data over the IDE buss rather than a cable from the CD drive to the sound
input.
Loaded Red Hat 7.3 and it plays sounds fine but it won't play music CD's...the player just runs and the CD spins along.
How do I configure the CD/sound system to pick up the digital sound data on the IDE buss to play the music?
Thank You, Bill Parks
cdda2wav -D /dev/cdrom -t 1 -eN
will play track 1, if the KDE sound system isn't keeping /dev/dsp busy. The -eN options cause cdda2wav to echo the data to the soundcard and not write the ridded data to a file.
You can also try to connect an analog cable between the CD-ROM drive and the sound cards, as most PC's have.
ftp://mud.stack.nl/pub/OuterSpace/willem
The version numbers are a little confusing. The latest version is:
xmms-cdread-0.14a.tar.gz
The one labeled 0.9a is not it. XMMS comes with a cd player plugin that is supposed to do this but it didn't work for me. To play a cd, start XMMS and open your /dev/cdrom device or whichever device the cdrom drive actually is. I'm currently playing a cd from a drive without it's audio cable so I suppose that means it works
Another nice thing about this plugin is it will pull title data from Freedb and let you play individual tracks by name. The stock plugin won't do this.
Oh yeah! Be sure to disable the stock plugin before attempting to use this one. Right click on XMMS and choose Preferences.
And, since someone may also want to play other sorts of fun noise with their player, and most easily find this thread instead... -- Heather
[Mithra]
Hai,
I use Caldera Linux . i Would like to watch movies in my syatem. But There is no s/w that would play .Dat file for me. Can any one suggest me a downloadable s/w that can Play .dat files.
Mandrake 8.1 fd0 unknown device, and downloading pictures from a digital camera
Questions From F F, Mike "Iron" Orr
Answered By Chris Gianakopoulos, Ben Okopnik, Mike "Iron" Orr, Heather Stern
I can't read the FLoPPY disk! both cd roms works properly, but there's no way to access the flp! (Yeah, it is! in the drive)
Does someone have the solution?
If it is a regular floppy, and you know that the floppy works, I would check the bios settings on your computer and see if the floppy controller is enabled.
Also type "dmesg" and see if a floppy controller has been detected. If the floppy controller was detected, I would check the cables to the floppy drive and its power connector.
The last resort -- swap the floppy drive with another known good drive.
I hope that this helps.
Hmm. I'm going to try something that might be useful here. The idea behind this is "how would I phrase the querent's question if I was having this kind of a problem?" The question, when properly phrased, should contain the solution - as they very often do. Perhaps modeling clueful behavior may be a useful thing...
|
............... Dear Answer Gang, I am having a problem reading a floppy that I made under Wind*ws; I'm running Mandrake 8.1. I can see the files on that same floppy under Wind*ws, using the same machine and drive, so I know the hardware itself is OK. I've issued a "mount -t vfat /dev/fd0 /floppy" command to mount it (there were no errors when I did), have made sure that I do have a "/floppy" directory, and am using "ls -l /floppy" to check it; (A reference to exactly which command coughed up the complaint "fd0 unknown device" would fit here nicely.) I get no output other than "total 0" (an empty directory). I've made sure that the drive light comes on when I try to read it, so it seems like the drive is being accessed - but I still can't see any of the files. Any help would be appreciated. ............... |
I have to remind the Answer Gang to read subjects as well as messages. though. It usually isn't much but every clue is something.
I note that if you have a bad /etc/mtab then just running 'mount' to ask the system what is mounted can provide strange and wrong results. To be sure you're getting the real info, ask the proc filesystem: cat /proc/mounts
Thanks for that constructive input, Ben.
Congrats to Ben for an excellent answer. And maybe one that belongs in ask-the-gang.html somewhere. -- Mike
It's easy to assume the querent is having the same problem you've had before. And since I have used Linux exclusively for several years ... I forget what kind of assumptions Windows users make. So you are not the only one who answers an ambiguous question with a Linux answer and doesn't even realize it. -- Mike
I also forgot to suggest to the querent to try booting off of the floppy using a dos-based disk. I had a similar problem when helping a coworker install a SuSE distribution on a Compaq DeskPro computer. I noticed that the system would not boot from the floppy drive, and, upon closer inspection, I realized that the floppy drive was an LS-120 drive. As a result, the mtools stuff did not work. We went ahead and looked at /etc/fstab and saw an entry that corresponded to the LS-120 drive.
Kinda sucky.
Mandrake 8.1 fd0 unknown device, and digital camera
From Mike 'Iron' Orr
Answered By Ben Okopnik
And since I have used Linux exclusively for several years (except a few times a year to download pics from my digital camera), ...
The camera is a Canon Elf S100, which uses compact flash memory. It was
working with gphoto2 command-line mode at one point. Then the USB
device entry disappeared in the middle of a download. Usually that
meant the battery went dead and I try it again with a recharged battery.
But the last time, it wouldn't acknowledge the device at all. Then in
Windows it stopped recognizing the device too, so I figured the camera's
USB interface was defective, because the card works fine in the camera.
So I bought one of those little USB card readers. Not only do you not have to worry about batteries, but supposedly the card shows up like a removable disk drive, with ordinary files, bypassing the ideosyncracies of each camera driver. But Windows wouldn't mount the card, it just said "invalid filesystem format" or something like that.
So I hooked up the camera to
Windows again, and this time it recognized the camera. For software I
had the Kodak Imaging program that came with the camera, and Photoshop.
Photoshop's "import..." menu option was disabled for some unknown reason
even though I had used it before. So I tried the Imaging program. But
that program is too horrible to use. It takes a lot of clicks to
download each picture, and I had 150 of them. And it kept trying to
save in TIFF format, taking forever to save one image and insisting on
using TIFF format, which is big, and somehow it used all 100 MB of free
disk space and I had to kill the program, and every time I tried to save
it did something similar. So that was useless.
So I downloaded kernel 2.4.18 and was delighted to see there's a USB driver for my card reader. I'm hoping when I try it out it will work, and that it will recognize the card's filesystem.
Is there a floppy reader for compact flash?
I found gphoto and gphoto2 to be a total pain. My camera was only
in gphoto2, which was an unreleased development version at the time
so there was no Debian package. Of course, the usage instructions
I had were for the old version, and the GUI front end had been
replaced by something else that I think was missing something.
Maybe it's better now. But having the images appear as files is
really what I want to do anyway.
Update some time later
I finally got my pictures out. I compiled a new kernel with the basic
USB stuff in, and used Debian's gphoto 2.0 final. To download all photos:
gphoto2 --camera "Canon PowerShot S100" --port usb --get-pictures
Or to download certain pictures by index number (starting at 1):
gphoto2 --camera "Canon PowerShot S100" --port usb --list-files >files
gphoto2 --camera "Canon PowerShot S100" --port usb --get-picture 5-10
Deiconifying the xconsole window helped too because it showed that the
USB system was sending syslog messages. Often there was a timeout error
but it would recover. But not infrequently it wouldn't recover, and I'd
press the camera power switch a couple times but not get the message I get
when it's successful. Then I'd have to reboot the computer and try again.
(Perhaps if I'd compiled the USB as modules, I could have unloaded and
reloaded the modules.)
I had less luck with the Lexar card reader although it did download some
images. For this, you need not only the kernel USB support but also SCSI
"generic device" support (not just SCSI disk support). You also need the
USB Storage module. With all this in place, when you stick the Compact
Flash card in the reader, it shows up as a SCSI disk, /dev/sda1, which you
can mount as an msdos filesystem or use (the ordinary) mtools on. (The
mtools configuration line is, 'drive c: file="/dev/sda1"'.) But the problem
with this is that after twenty-five pictures at the beginning (or after three
or even one picture later), the light on the card reader would go off and it
would play dead. This isn't a battery problem because the reader gets its
power from the USB bus. The processes would be in "D" state ("uninterruptable
sleep" in the ps listing) so they can't be killed. Also, they make the
system unable to shut down cleanly: 'halt', 'reboot' and the vulcan nerve
pinch just hang at "Sending processes the TERM signal" until you ctrl-C and
continue. So I have to do a cold boot with the power switch. To prevent
disk corruption, I upgraded my ext2 partitions to ext3 (journalled):
tune2fs -j /dev/hdc10
then changing "ext2" to "ext3" in /etc/fstab. This hang, reboot, restart
cycle went several times before I gave up on the card reader. Defective
reader? Buggy USB drivers? I don't know.
But it was satisfying seeing my card reader more compatible with Linux than with Windows 2000/XP. Windows would try to mount the card reader and give up silently or say "invalid filesystem format". Take that, Windows!
How to optimize space usage for multiple files on multiple CDs
From Michiel van Leening
Answered By Thomas Adam (The LG Weekend Mechanic), Ben Okopnik, Karl-Heinz Herrmann
With our kind thanks to Michiel for granting publication permission
Hi Gang,
I've got a bunch of files which will roughly fill up 12 CDR's. My question is, how can i best optimize the space used for these files, so as to use as little CD's as possible?
Here's a reasonable one: sort your files. Grab the largest one, subtract that from MAX_SIZE; now, find the largest file that will fit in the remaining space. Iterate until the remaining space is smaller than your smallest file. Repeat the above process for every one of your CDs. You're done - and in linear time, too.
I've tried just looping through all the files and as long as the sum of the
already seen files stays below the CD size limit, the file is added to a list.
As soon as a file goes above the size limit, it starts a new list with
filenames. These list are then used to burn the CD's with either mkisofs or
Gcombust.
See attached fill-it-up.bash.txt
I'd actually like a program to figure out the best spread of files over the
CD's (eg. CD1 has files 3,5,8 and CD2 has files 1,2,4 and CD3 has files 6,7,9)
so as to minimize wasted space. What i've programmed myself has the
disadvantage that if the next file in line is big enough to cross the size
limit, it is put on the next CD, thereby wasting space on the current CD.
Now i could go and program such a thing, find out afterwards that something
like this exists and tear my hairs out in frustration. So, does a program
exist that can do this? Maybe someone has a script lying around. Ofcourse
intensive Googling for a week hasn't turned up anything.
Thanks for any input on the matter.
Now, all I've got to do is figure out the purpose of your script, above... what it does is obvious, why you'd care about the result (if there _was any) isn't.
see:
http://www.joat.ca/software/cddump.html
That's excatly what i was looking for. Thanks a lot.
@todo = sort { ${$b}[2] <=> ${$a}[2] } @todo;
...
foreach $file (@todo) {
if ($thissize + ${$file}[2] < $remaining) {
$thissize += ${$file}[2];
push(@{$thisdo[${$file}[0]]}, ${$file}[1]);
It's not a bad approximation; the only degenerate case is where you have no-to-few small files and lots of large ( > MAX_SIZE/2 ) ones. If you have an average file spread, it works well.
/dev/scd0 is not a valid block device?
From Simeon Nevel
Answered By Mike Martin, Neil Youngman, Heather Stern
With our kind thanks for publication permission. -- Heather
Dear Answer Gang,
I'm trying to get my cd and cdrw working in RH7.3. I've read through both articles on CD Writing in issue 57 and looked at the CD-Rom HOWTO as well.
I've got to proper invocation in grub:
title Red Hat Linux (2.4.18-3) root (hd1,0) kernel /vmlinuz-2.4.18-3 ro root=/dev/hdb7 hdc=ide-scsi hdd=ide-scsi initrd /initrd-2.4.18-3.img
lsmod shows that the various ide-scsi modules are loaded:
Module Size Used by Not tainted [other modules snipped for brevity] sr_mod 16920 0 (autoclean) (unused) autofs 12164 0 (autoclean) (unused) ide-scsi 9664 0 scsi_mod 108608 2 [sr_mod ide-scsi] ide-cd 30272 1 cdrom 32192 0 [sr_mod ide-cd]
- Example configuration for /etc/modules.conf from
- http://www.tldp.org/HOWTO/CD-Writing-HOWTO-2.html
|
............... make sure you include the options-line from the next listing. The last three lines of that listing are generally suggested to further automate the loading of the required modules. options ide-cd ignore=hdb # tell the ide-cd module to ignore hdb alias scd0 sr_mod # load sr_mod upon access of scd0 #pre-install ide-scsi modprobe imm # uncomment for some ZIP drives only pre-install sg modprobe ide-scsi # load ide-scsi before sg pre-install sr_mod modprobe ide-scsi # load ide-scsi before sr_mod pre-install ide-scsi modprobe ide-cd # load ide-cd before ide-scsi Listing: ............... |
If that doesn't help then have a look at the output from dmesg and see if it offers any clues.
The kernel support notes (very easy to read in "make menuconfig", a little plainer in /usr/src/linux/Documentation/Configure.help) make it clear that:
|
............... If both ATAPI and generic scsi support is provided, the native services will be used. ............... |
For my IDE/ATAPI cd-recorder, I don't have any of these loaded automatically. I do have the append line (in my case, 'hdd=ide-scsi'). When I:
modprobe ide-scsi
then I run:
cdrecord -scanbus
it says (sorry if hascii, Joerg has his name spelled properly here):
Cdrecord 1.11a05 (i686-suse-linux) Copyright (C) 1995-2001 Jörg Schilling
Linux sg driver version: 3.1.22
Using libscg version 'schily-0.5'
scsibus0:
0,0,0 0) 'SAF ' 'CD-RW2224 ' '2.06' Removable CD-ROM
0,1,0 1) *
0,2,0 2) *
0,3,0 3) *
0,4,0 4) *
0,5,0 5) *
0,6,0 6) *
0,7,0 7) *
And the drive becomes addressable as scd0, recordable in theory as sr0 but in practice I give the dev by host and lun number:
cdrecord dev=0,0 speed=4 some-random.iso
At least I hope speed 4 works, because it takes ages to make them at lesser speeds. I do have to wonder if something in my setup is slowing it all down horribly, but hey, I'm not a big CD pressing house, I just wanna burn a CD once in a while ... and that's what I get for having had a cd writer for so long, the newer ones are faster.
Looking at that list again, maybe I've got too many modules involved.
Maybe I've got some sort of conflict?
I've changed the links in /dev:
lrwxrwxrwx 1 root root 9 May 29 21:39 /dev/cdrom0 -> /dev/scd0 lrwxrwxrwx 1 root root 9 May 29 21:44 /dev/cdrom1 -> /dev/scd1 brw-rw---- 1 root disk 11, 0 Apr 11 07:25 /dev/scd0 brw-rw---- 1 root disk 11, 1 Apr 11 07:25 /dev/scd1
I've got the mount points defined in /mnt:
drwxr-xr-x 2 root root 4096 May 12 04:39 cdrom drwxr-xr-x 2 root root 4096 May 29 21:47 cdrom0 dr-xr-xr-x 1 root root 2048 Nov 20 1999 cdrom1
but whenever I try to mount either of the cd-rom devices like so:
mount -t iso9660 /dev/scd0 /mnt/cdrom0
or
mount -t iso9660 /dev/cdrom0 /mnt/cdrom0
I get:
mount: /dev/scd0 is not a valid block device
also, "cdrecord -scanbus" doesn't seem to find anything.
Although in theory if your CD writer is really DVD capable too, you may be able to write UDF filesystems to the disc (as hdc and hdd). I've never tried that, and only UDF support on another machine would let them read the disc. So it probably wouldn't be useful unless all your friends have DVD bays.
What am I doing wrong? I'm sure it's probably something really stupid,
but I just can't see it.
A clue would be vastly appreciated.
adTHANKSvance!
Simeon
first cat /proc/devices (I think)
- You need the IDE interface itself, because that handles the IDE controller.
- You -probably- need IDE standard hard disk support for your main drives so you can boot. Unrelated to the cd bays, except for being on the IDE controllers too.
- You -do not- want IDE cdrom services.
- IDE floppy services (those would be for LS-120 bays) or IDE tape services have no effect either way on ATAPI CD-RW's.
- You -do- need ide-scsi, and from the scsi subsection you need sg (scsi generic) support. sg gets autoloaded when ide-scsi behaves correctly and cdrecord is asked to scan the bus. At least from my setup it doesn't appear that SCSI-cdrom is used at all either.
-=: gemini :=- ~ # mount /dev/scd0 /mnt/cd mount: block device /dev/scd0 is write-protected, mounting read-only -=: gemini :=- ~ # lsmod Module Size Used by sg 28352 0 (autoclean) ide-scsi 7312 1
(and a whole bunch of sound card modules. working, as far as my dings and talking-computer noises can tell
For the record the system this is on is SuSE 7.3, but I'm using a locally built kernel - this answer is totally distro independent.
[sig block] If you're not outraged, you're not paying attention
(But, this isn't a politics thread. Don't get me started. If this bothers you too go help the EFF, http://www.eff.org.)
/dev/scd0 is not a valid block device?
From Simeon ben Nevel
Answered By Mike Martin
Hmm,
> > options ide-cd ignore=hdb # tell the ide-cd module to ignore hdb
I thought the Grub/lilo incantation of hdc=ide-scsi & hdd=ide-scsi would take care of this?
> > alias scd0 sr_mod # load sr_mod upon access of scd0
Would I also have to to "alias scd1 sr_mod" ?
I've read on several occasions that if you have 2 cd-rom devices on the same ide interface, you really have to set them both up with the ide-scsi modules.
> > pre-install sg modprobe ide-scsi # load ide-scsi before sg > > pre-install sr_mod modprobe ide-scsi # load ide-scsi before sr_mod > > pre-install ide-scsi modprobe ide-cd # load ide-cd before ide-scsi
I did, indeed forget the modules.conf magic but I want to let you know that my problem vanished when I rebooted my machine even without having made the suggested changes.
I have a strong suspicion that on reboot the module loading was corrected.
Just that if anyone searches for the same problem you had it is nice to see the solution as well as the problem
<sigh>
As much as I enjoy learning more about my linux system, it often seems that the solution to various problems involves magical spells of one sort or another.
Anyway, thanks again for taking the time to lend me a hand.
Sincerely,
Simeon ben Nevel
This page edited and maintained by the Editors
of Linux Gazette
Copyright © 2002
Published in issue 80 of Linux Gazette July 2002
HTML script maintained by Heather Stern of Starshine Technical Services, http://www.starshine.org/
"Linux Gazette...making Linux just a little more fun!"
|
Contents: |
Submitters, send your News Bytes items in PLAIN TEXT format. Other formats may be rejected without reading. You have been warned! A one- or two-paragraph summary plus URL gets you a better announcement than an entire press release. Submit items to gazette@linuxgazette.net
July 2002 Linux Journal
![[issue 99 cover image]](misc/bytes/lj-cover99.png)
The July issue of Linux
Journal is on newsstands now.
This issue focuses on interoperability. Click
here
to view the table of contents, or
here
to subscribe.
All articles through February 2002 are available for
public reading at
http://www.linuxjournal.com/magazine.php.
Recent articles are available on-line for subscribers only at
http://interactive.linuxjournal.com/.
Legislation and More Legislation
Palladium
Back in January, we mentioned that Microsoft had been granted a patent claim for a `Digital rights management operating system'. It appears their plans are developing further. A recent article at MSNBC/Newsweek provides an "exclusive first look" at the new technology. It begins:
"An exclusive first look at Microsoft's ambitious-and risky-plan to remake the personal computer to ensure security, privacy and intellectual property rights. Will you buy it?"Frankly, I don't buy it! The article is almost entirely uncritical and does not raise any of the many legitimate concerns surrounding such a technology.
The Register has published a some excellent articles on Palladium, by John Lettice, Richard Forno and Thomas C Greene. The third of these focuses specifically on what effect Palladium could have on the Linux community, and the indications are not good (unsurprisingly, given that it would mean a large part of the hardware industry could end up dancing almost exclusively to Microsoft's tune). Indeed, as Robert Cringely has written, Palladium could be bad news for the entire infrastructure of the internet.
If you want more information on Palladium, and DRM (digital rights management) technology in general, cryptome has some useful links along with the text of the original MS DRM OS patent. Of particular interest is Ross Anderson's TCPA / Palladium Frequently Asked Questions (TCPA=Trusted Computing Platform Alliance).
Governments and Linux
The BBC has reported that Germany has signed a contract with IBM and SuSE for a large public sector Linux-based computer contract. Among the reasons for the decision given by German representatives were cost and security. The BBC article gives quite a nice background to the story also, which is worth reading. Also of interest is SuSE's press release, and other reports of this news at The Register and at Slashdot.
In other good news, it has been reported by DesktopLinux.com and by LinuxToday that Finnish MP's have signed a bill requesting national and local agencies to migrate their IT systems to the Linux operating system. This could be part of a trend. Slashdot has reported a similar development in Taiwan, which "...will start a national plan to jump-start the development and use of Free (libre) Software". IDG.net has published a survey of countries which making moves toward open-source software and attempting to reduce dependence on Microsoft.
Linux Links
The following articles are in the July/August issue of the E-zine
LinuxFocus:
- A Hardware watchdog and shutdown button
- Securing a heterogeneous network with free software tools
- Plugins and Mozilla 1.0
- Receiving faxes with efax.
- Bookreview: Beginning Databases with MySQL
- Compile your own Linux kernel
- Light, Camera, Action... Kino!
Article at IBM.com on installing and configuring CVS for Linux.
Interview with RMS. Among other topics, this deals with UnitedLinux.
Salon describes how FCC decisions are allowing a few big ISPs (the ones owned by the cable companies and telcos) to squeeze out all the little ones. Gives an analysis of what this will mean for the market.
Some stories from the The Register related to the Linux world:
- A look at NSA and SELinux
- Apache admins ambushed by premature vuln report.
- Ralph Nader recommends US Federal Government should develop software alternatives.
- NY Times sicks FBI on MSNBC journalists in hacking investigation, neglects press freedoms.
- How to read Xbox security key, legally apparently, and maybe even get Linux in there.
- US courts rule against library net censorship filters.
- Ruling on BT hyperlink patent expected soon.
- MS Passport as arbiter of public decency
- EasyGroup uses heavy handed tactics to acquire domain names.
Links from the O'Reilly stable of websites
- Trojaned networking tools, and other security information.
- Getting the most out of one computer by running multiple operating systems on it. Looks at WINE, DOSEMU, Bochs and User-Mode Linux.
- Open Source Bibliography.
- Tracking changes in CVS, a look at the functions and commands used in CVS.
- A look at the new GNU/Linux based Sharp Zaurus SL-5500 palmtop computer
Some Linux Journal web article that might be of interest:
- Learning to Use X11: A simple example program with a line-by-line walk through that explains key concepts for programming with X11.
- Doc Searls on GeekPAC and its mission to save the Net from Hollywood and other corporate interests.
- An introduction to the arch Version Control System.
- Review of four open-source accounting packages: Emma, GnuCash, jGnash and QHacc.
- Maddog visits the 20th anniversary of the Swiss Open Systems Group in Zurick, gives a talk, takes pictures, drinks the water (it's fresh).
The Linux Buyer's Guide is a service provided by Linux Journal; it lists software (both commercial and free), hardware, distributions, books, etc. There are ten major categories and dozens of subcategories, and a search page for searching names, descriptions and price ranges. The service is always free to users, and vendors likewise can list their products for free. (Vendors can also sign up for paid premium services; e.g., banner ads.) Entries are added by the vendor through the web, so they reflect which vendors have visited the site and chosen to list their products. Free software developers are invited to register as "vendors" and list their software, so that the public can comparison shop between free and commercial items. Just designate one person to be the Buyer's Guide contact, who will update the product listing as the product changes. (All listings must be updated or verified at least once a year or they will be dropped; this prevents stale listings from remaining.)
Some links from Slashdot that should appeal to you:
- Ransom Love answers questions from Slashdot readers about UnitedLinux. Love was Caldera's CEO at the time of the interview, but now he's full time with UnitedLinux.
- A Fictional story in Popular Science magazine about how much information an average Joe leaves about himself during the course of a day.
- European commission sponsors Linux audio distribution
- A map of spam. Who sends it, who advertises through whom, and how the bulk of them interrelate.
- Broadband by the bootstraps: How a group of neighbours built their own high-speed network
Joel Spolsky has written a well thought out article outlining his theories on the economics underlying open source software. This was discussed on Slashdot. While on the theme of economics, Linux Journal have an article entitled A Successful Linux/Open-Source Business Model which might be worth looking through.
LWN
Linux Weekly News has a new look, "making light use of style sheets", which you should take a look at. There are further changes and enhancements including a more dynamic front page, login-preferences, and article talkbacks (which you will see at the bottom of the announcement of the new look). The old LWN site and content is available as old.lwn.net.
Of course, not only does LWN have a new and attractive style, it also has lots of good content! The following are some highlights of the past month that might interest you:
- Jon Corbet's report from the 2002 Kernel Developers' Summit. Has lots of information on where the Linux Kernel project actually is, and where it is heading.
- Commentary on the contradictions in how Disney's policies and aims interact with Linux.
Upcoming conferences and events
Listings courtesy Linux Journal. See LJ's Events page for the latest goings-on.
|
O'Reilly Open Source Convention (O'Reilly) | July 22-26, 2002 San Diego, CA http://conferences.oreilly.com/ |
|
USENIX Securty Symposium (USENIX) | August 5-9, 2002 San Francisco, CA http://www.usenix.org/events/sec02/ |
|
LinuxWorld Conference & Expo (IDG) | August 12-15, 2002 San Francisco, CA http://www.linuxworldexpo.com |
|
LinuxWorld Conference & Expo Australia (IDG) | August 14 - 16, 2002 Australia http://www.idgexpoasia.com/ |
|
Communications Design Conference (CMP) | September 23-26, 2002 San Jose, California http://www.commdesignconference.com/ |
|
IBM eServer pSeries (RS/6000) and Linux Technical University | October 14-18, 2002 Dallas, TX http://www-3.ibm.com/services/learning/conf/us/pseries/ |
|
Software Development Conference & Expo, East (CMP) | November 18-22, 2002 Boston, MA http://www.sdexpo.com/ |
News in General
Simile.D
LinuxSecurity.com have
reported on a virus
that can affect both Windows and Linux. Called Simile.D, it is only a
serious risk to a Linux user if she reads email attachments as root.
Security risk is therefore relatively small.
If you want more information, you can see further details
on Vnunet's website, and also
on Symantec's website
A better bet is to read Robin "Roblimo" Miller's article at NewsForge: "One of the great defects in Linux compared to Windows is that it is not infected by cool viruses."
HP, Oracle and Red Hat Combine Engineering Expertise to
Further Develop Linux Solutions for the Enterprise
HP have announced that it has combined engineering resources with software company Oracle, and Red Hat, to certify and deliver Red Hat Linux Advanced Server on an 8-Node Oracle9i Real Application Clusters environment running on ProLiant DL580 servers from the new HP.
More information on HP's Linux initiatives is available at www.hp.com/linux
This move has had some press coverage. Siliconvalley internet.com has interpreted it as a move to unseat IBM as the dominant Linux vendor. IDG has characterised the development as a reaction to the UnitedLinux development. Don Marti has also commented on the role Oracle's favouring of RedHat will have on the distribution market.
United Linux
One of the biggest earthquakes in the Linux Distribution landscape in a long time was the announcement by Caldera, SuSE, Turbolinux and Conectiva that they were going to team up to form UnitedLinux. Speculation about what exactly this development will mean for Linux began even before the announcement was formally made. RedHat, which would be an obvious target of the newly formed UnitedLinux, has made little comment on the development and is reported to be cautiously optimistic. However Dennis Powell, writing at Linux and Main, sees this as the beginning of a larger battle between UnitedLinux on one side and Dell Red Hat and Oracle on the other.
Among the features of UnitedLinux which have attracted attention are the refusal to distribute free binaries, and talk of per seat licensing. It would appear that not all details in these areas have yet been worked out.
Alexis de Tocqueville Institution
One of the most contentious happenings of the past month was the release by the Alexis de Tocqueville Institution of a whitepaper entitled Opening the Open Source Debate. Among the points made in this document was that
Terrorists trying to hack or disrupt U.S. computer networks might find it easier if the federal government attempts to switch to "open source" as some groups propose.'Unsurprisingly, this led to an outcry among many associated with open source software.
Happily, for those of us who believe free and open software is a good thing, it appears that these contentions are not being blindly accepted. Indeed there have been some very well considered rebuttals of the whitepaper's theories. David F. Skoll at the Sydney Morning Herald has made detailed arguments (also at Roaring Penguin) against the specific points raised as has Thomas C. Greene at The Register and Karl O. Pinc at NewsForge,
Some commentators such as Michelle Delio at Wired have suggested that Microsoft may have paid to have the paper written. Whoever were the original funders of the paper, if you want to read it, you will have to stump up $5.29, as reported by NewsForge. It is possible to download the original version from a non-ADTI server, which was linked from the Slashdot report on this story. Apparently, the main differences between the different versions of the document are in spelling and grammar (Anthony Awtrey at Linux and Main goes through them in detail).
For a more positive analysis of the role of open/free software in government and military applications, you could look at the MITRE paper on the subject. Finally, for the ultimate irony, NewsForge had the pleasure of reporting that the ADTI's own website runs Apache.
MobiliX wins Against Obelix
In a recent court hearing in Germany, the owners of the name Mobilix have defeated a challenge brought against them by Les Éditions Albert René, owners of the popular Asterix comic book series. The Asterix comic features a character named Obelix, and it was the contention of lawyers representing Les Éditions Albert René that the name Mobilix was a violation of their trademarks. Mobilix is a website devoted to Mobile Unix (in particular Linux and BSD on laptops, PDA's, cell phones, etc.,). The court eventually ruled that there was little chance of the names being mixed up, especially given the very different markets they are aimed at.
The documentation of the case is available online (also in German), and includes letters from MobiliX lawyers Jaschinski Biere Brexl.
Distro News
Debian
Debian Weekly News have reported the availability of preliminary XFree86 4.2.0 Packages. Branden Robinson and Ishikawa Mutsumi's announcement is available here. Werner Heuser has set up a Mini HOWTO about Debian-XFree86 v4.2. Download from a mirror if possible.
Also reported by DWN was the availability of updated Woody MiniCD images for alpha, i386, m68k, and PowerPC.
Gentoo
Gentoo Linux 1.2 was released June 10.
Phat
The fourth release of Phat Linux has arrived on FTP servers. It includes updates such as Ximian GNOME and a 2.4.18 kernel. Phat aims to be installable on a Windows computer without repartitioning.
Slackware
Slackware has announced the release of Slackware 8.1. Highlights of this release include KDE 3.0.1, GNOME 1.4.1 (with new additions like Evolution), the long-awaited Mozilla 1.0 browser, support for many new filesystems like ext3, ReiserFS, JFS, and XFS, and support for several new SCSI and ATA RAID controllers. You can buy it at store.slackware.com, or download it from one of many mirrors. The new release has been reviewed by Linux Planet, and also reported by Slashdot.
SuSE
SuSE plans a developers' release of UnitedLinux, and won't have a per-seat license. This does not directly affect the other distributions participating in UnitedLinux.
SuSE Linux have announced the mid-June availability of SuSE Linux Pro-Office CD with Sun Microsystems' StarOffice 6.0. Additionally, the Pro-Office CD for SuSE Linux 8.0 features the latest edition of the ultimate desktop environment KDE 3.0.1, as well as important patches for the SuSE Linux 8.0 operating system. With the Pro-Office CD, SuSE Linux users can equip their home computers with state-of-the-art Linux desktop technology.
SuSE Linux have also announced the release of an updated version of the SuSE Linux Groupware Server. The interweaving of the Linux operating system with the newly released Lotus Application Server 5.0.10 makes the SuSE Linux Groupware Server a powerful Lotus solution for Intel and AMD 32-bit processors.
Software and Product News
Mozilla 1.0
Few can have missed this particular piece of news, but just in case you have been living under a rock all June, Mozilla 1.0 has been released.
Note that there are a few contributors to the project who still need to be contacted before Mozilla can be made 100% GPL. Maybe you can help track them down.
Linux Game Publishing: Majesty
Linux Game Publishing have released the first screenshot from the Linux version of Majesty. Majesty is a real-time strategy game currently in development at LGP.
Faximum Announces New Fax Software for Linux and Windows
Faximum Software, a developer of fax server software, has announced a major new release of its Fax Messaging Server (FMS) product. FMS 2 runs on Linux, integrates with an organisation's existing email server, and enables Windows, Mac, and Linux users to send and receive faxes as easily as (and using the same tools as) email. It is possible to try out the software running on one of Faximum's servers at www.faximum.com/demo.
Mammoth PostgreSQL Free Evaluation Now Available
Command Prompt, Inc. is pleased to announce the immediate availability of an evaluation version of Mammoth PostgreSQL for RedHat Linux 7.2/7.3. The release contains a 5 connection Mammoth PostgreSQL, LXP the XML application server for PostgreSQL and Mammoth Browser a GUI based data management application.
The product is available for immediate electronic distribution by visiting the Command Prompt, Inc. website at www.commandprompt.com.
Cylant IDS Upgrade Announced
Cylant, a provider of host-based intrusion detection and rejection systems for the Linux and FreeBSD server platforms, have announced the release of version 1.2.3 of CylantSecure. CylantSecure applies a preventative, behavioural approach to security, utilising kernel monitoring to detect attacks without needing continual signature or rule-set updates.
Benefits of CylantSecure's new version 1.2.3 include:
- Improved instrumentation for better kernel level behavioural measurement.
- More flexible IP profiling for superior recognition of port scans and connection hijacking attempts.
- Watcher performs faster over previous versions.
- Includes new self-training mandatory access control system.
Reliaty Announces New Data Protection Product
Reliaty, a provider of advanced data protection, have introduced Reliaty Backup, a data protection software developed on a Network Data Management Protocol (NDMP) foundation. This allows backup and recovery of data from any point within a storage environment to any device, regardless of the server and storage platforms or location of the connections. Reliaty Backup offers this seamless methodology for multiplatform environments, creating a new level of cost savings, ease-of-use, and faster data recovery. This standards-based software can be used with Network Attached Storage (NAS) devices, and also with UNIX, Linux, and Windows systems even if NAS is not present.
Pricing for Reliaty Backup starts at $2500. The software will be available in July.
IBM Linux Center
In response to growing customer demand for Linux solutions, IBM have announced the opening of the first center in New York City to help the financial services industry deploy Linux. The Linux center, which will be based in Manhattan, will include hardware, software and services from IBM as well as its partners, designed to help financial services customers evaluate and plan Linux implementations. SunGard, JD Edwards,Veritas, and Sybase are among the premier partners whose technologies will be available in the IBM Linux Center.
Arkeia Announces Plasmon Tape Library Certification
Arkeia Corporation, a Southern California-based supplier of the Arkeia network backup software, has completed compatibility tests with Plasmon automated data storage libraries. Arkeia 4.2 tested compatible with Plasmon V-Series devices, as did the Beta version of the soon-to-be-released Arkeia 5. Philippe Roussel, CEO of Arkeia Corp. said that this "...brings to Plasmon libraries new perspectives in the Linux and Unix environments."
Plug `n' Play Security Blade Appliance
Developed by OmniCluster Technologies of Boca Raton, Florida (an IBM spinoff), the SlotShield 1000 and SlotShield 3000 blade servers are redefining the security appliance market. OmniCluster has partnered with Check Point Software Technologies, to develop a security appliance integrating Check Point's VPN-1/FireWall-1 with OmniCluster's SlotShield appliance blade technology. Both products are plug n play security solutions that are PCI compatible and can be installed within minutes inside any industry standard server system. The SlotShield 3000's plug-n-play capabilities enable installation as easily as replacing a server's Network Interface Card. The SlotShield 3000 supports any server running Windows NT service pack 6, Windows 2000, Windows XP and Linux kernel 2.2x and 2.4x.
OmniCluster currently offers three variations in its blade security appliances. They include:
- Single-server firewalls
- High availability firewalls (HAFW) for server "farms
- Multiple applications for URL, virus screening, email screening, intrusion detection
New PXI Systems from MEN Micro
MEN Micro; a company that designs, manufactures and sells board-level industrial real-time and embedded computer products; has announced the release of two new PXI systems. MEN's new PXI systems come in two sizes, a 19-in. 7U rack with as many as 21 PXI slots and a 4U high rack with seven PXI slots. Pentium-based 6U and 3U MEN F7 PXI controllers are at the heart of the processing platform for these PXI systems. By the end of 2002, MEN plans to release a Pentium IV-based PXI system controller. The MEN product lines support the most widely used operating systems, including Windows NT, VxWorks, OS-9, QNX and Linux.
Wolfram Research Announces Release of Mathematica 4.2
Wolfram Research, have released Mathematica 4.2. New packages, XML functionality, and Java connectivity have been added in this release.
Other software
The Samba Team is proud to announce the release of Samba 2.2.5, the latest stable release of Samba
Galeon 2.5 was released on June 8. Features Mozilla 1.0 compatibility.
Copyright © 2002, Michael Conry and
the Editors of Linux Gazette.
Copying license http://www.linuxgazette.net/copying.html
Published in Issue 80 of Linux Gazette, July 2002
"Linux Gazette...making Linux just a little more fun!"
Pl/Python and Cursors in Pl/Pgsql for PostgreSQL
By Mark Nielsen
- Purpose
- Compiling PostgreSQL
- Executing Pl/Python and Pl/PgSQL with Cursors
- Suggestions for Future
- Conclusion
- References
Purpose
The purpose of this article is to get people more familiar with some new programming techniques with procedural languages in PostgreSQL 7.2. I am really a big fan of procedural languages, and overall, PostgreSQL rocks when it comes to stored procedures. You can create many different types of functions like : SQL, Pl/PgSQL, Pl/Perl, and Pl/Tcl. Recently in 7.2, you also have Pl/Perlu and Pl/Python --- unrestricted Perl and Python. The ability to use other programming languages inside a database server makes life a lot easier for a programmer (even if there is some inefficiency with Perl and Python). For a few years, I was irritated by the fact procedural languages couldn't return more than one item. That has sort of been taken care of, but not perfectly. One of the last areas to make my life ten times easier is to have procedural languages return more than item. We will see we can sort of do this, but I have suggestions to make it better.NOTE: I am using Red Hat 7.2 as a base for this article. Things will be different with your version of Linux.
Compiling PostgreSQL
There are three things you need to know when compiling PostgreSQL:- Edit src/pl/plperl/Makefile.PL and comment out lines 14 through 34.
- Edit src/include/pg_config.h.in and change
#define INDEX_MAX_KEYS 16
to
#define INDEX_MAX_KEYS 512 - Use this command to compile PostgreSQL:
adduser postgres
mkdir /usr/local/pg72
./configure --prefix=/usr/local/pg72 --with-libraries=/usr/lib/perl5/5.6.0/i386-linux/CORE/libperl.a --with-perl --with-python
make
make install
chown -R postgres /usr/local/pg72
mkdir /home/postgres
chown postgres /home/postgres
su -l postgres
-
PATH=/usr/local/pg72/bin:$PATH
export PATH
LD_LIBRARY_PATH=/usr/local/pg72/lib
export LD_LIBRARY_PATH
export PGDATA=/usr/local/pg72/data
export PGLIB=/usr/local/pg72/lib - initdb
- /usr/local/pg72/bin/pg_ctl -D /usr/local/pg72/data -l /tmp/pg_logfile start
- createlang plperl template1
- createlang plpython template1
- createlang plpgsql template1
- createdb postgres
Executing Pl/Python and Pl/PgSQL with Cursors
Here are a list of commands you can execute using the command "psql template1". This assumes the database "postgres" has been created.Execute these commands:
\c postgres
drop table contact;
create table contact (
first text, last text, phone text, address text,
city text,state text, zip text
);
drop function replace_e_to_a(text);
CREATE FUNCTION replace_e_to_a(text) RETURNS text AS
'
import re
Text1 = re.sub(''e'', ''a'',args[0])
return Text1
'
LANGUAGE 'plpython';
drop function replace_numbers_to_z(text);
CREATE FUNCTION replace_numbers_to_z(text) RETURNS text AS
'
import re
Text1 = re.sub(''[0-9]'', ''z'',args[0])
return Text1
'
LANGUAGE 'plpython';
insert into contact values ('Mark','Nielsen','123-123-1234',
'1234 Somewhere St.', 'Some City 123', 'TX','12345-1234');
insert into contact values ('Mark','Nielsen2','123-123-1234',
'3456 Somewhere St.', 'Some City 444', 'MI','12345-1234');
insert into contact values ('Mark','Nielsen3','123-123-1234',
'5678 Somewhere St.', 'Some City 654', 'AX','12345-1234');
select first, last, address from contact;
drop function select_contact();
CREATE FUNCTION select_contact () RETURNS refcursor AS '
DECLARE
cursor1 CURSOR FOR select replace_e_to_a(first)as first,
replace_e_to_a(last) as last,
replace_numbers_to_z(address) as address
from contact;
BEGIN
open cursor1;
return (cursor1);
END;
' LANGUAGE 'plpgsql';
begin;
select select_contact();
FETCH cursor1; FETCH cursor1;FETCH cursor1;
end;
and the output should look like:
DROP CREATE DROP CREATE DROP CREATE INSERT 255188 1 INSERT 255189 1 INSERT 255190 1 first | last | address -------+----------+-------------------- Mark | Nielsen | 1234 Somewhere St. Mark | Nielsen2 | 3456 Somewhere St. Mark | Nielsen3 | 5678 Somewhere St. (3 rows) DROP CREATE BEGIN select_contact ---------------- cursor1 (1 row) first | last | address -------+---------+-------------------- Mark | Nialsan | zzzz Somewhere St. (1 row) first | last | address -------+----------+-------------------- Mark | Nialsan2 | zzzz Somewhere St. (1 row) first | last | address -------+----------+-------------------- Mark | Nialsan3 | zzzz Somewhere St. (1 row) COMMITFrom this example, you can see how the Pl/pgSQL executes the Python procedures (the Pl/Python procedures). You don't need Pl/pgSQL to execute Pl/Python procedures, I just did it that way. You can only use Perl and Python to manipulate data, not change data in the tables. Perl and Python just input and output data, they don't do anything to the database directly. Also, pl/perlu gets installed when you compile Perl into PostgreSQL, which is nice.
Suggestions for Future
I still have three big complaints/suggestions:- Procedures seem to be able to only return one "item'. It can't return two items. For me, I would like to be able to return at least two items -- a cursor and a flag saying if the cursor is good or not. Cursors DO NOT make procedures return more than one value, they return the cursor which you can consider to be a reference to many items, not the items themselves. The way I compile my procedures is that they can take upto 512 variables of input, but they can only return one "item". I am dumbstruck as to why that is. I tried to read of the discussions on the mailing lists and docs, but I got lost.
- There doesn't seem to be very many things you can do to cursors, like see how many entries there are, if there are any entries left, if there are any entries at all, if it executed correctly, etc. Cursors need to be advanced some more. Perhaps I just don't have enough experience with cursors to comment on them.
- Procedures can't return rows of data. Besides the fact it can only return one item, it can't return rows of one items or rows which contain multiple items. Being able to return multiple rows with multiple fields would be cool. Even if we only want to return one row of data, it would be nice to return a cursor as one item, and then its status (good, bad, how many, etc) as well. If you can return more than one item, you might as well make it unlimited or limited by a compile-time number (like inputs are).
This isn't really a complaint of cursors, but of DBD:Pg for Perl, and possibly other interfaces to PostgreSQL -- cursors really aren't supported, as far as I can tell. Thus, if Pl/PgSQL could return multiple rows of multiple items, it would take care of this problem.
The only other way I know to store data from a procedure is into a temporary table which can be accessed after the procedure has finished. To me, that is a bit extreme for 99% of the data I want to get. It is extreme because usually I just want one row of data and creating a table just for one row of data isn't worth the effort.
Conclusions.
Pl/Python will finally let me let go of Perl once and for all (I have converted myself to Python). Pl/PgSQL is getting closer to something that makes it easy for me to program and create complicated procedures -- I just wish it could actually return multiple items and not just a reference to a cursor or other single item.The sad thing is, my version of DBD::Pg for Perl and my Python interface don't support cursors, and so, it is useless for me to the most part, but at least it is getting better. I found some things at http://developer.postgresql.org/todo.php which look promising. Since cursors really aren't supported in the programming languages I use, if I truly need to store lots of data, I will probably have to use temporary tables. I still don't understand why a procedural language can't return data like you can in a normal sql command. Whatever the limitation is, it would be nice to overcome.
References
- Standard Database Setup with Perl and PostgreSQL: Part 3
- Part 2: PostgreSQL: Perl procedures with PL/pgSQL
- Part 1: PostgreSQL: Perl procedures with PL/pgSQL.
- An older article setting of Web and Database Servers.
- Branden Williams articles on PostgreSQL.
- http://techdocs.postgresql.org/oresources.php
- http://techdocs.postgresql.org/
- Some links which have nothing to do with this article, but I am
considering for future articles.
- http://authpg.sourceforge.net/.
- http://www.digitalstratum.com/pglogd/
- http://www.giuseppetanzilli.it/mod_auth_pgsql/
- http://www.zort.ca/postgresql/ -- very nice and I will use this. I tried it, and it grouped all my tables together, so I had to ungroup it and separate out the tables.
- http://www.brasileiro.net/postgres/cookbook/
- If this article changes, it will be available at http://www.gnujobs.com/Articles/26/nielsen.html
Mark Nielsen
Mark works at
AudioBoomerang.com
which creates, delivers, and tracks personalized multimedia email, web,
and newsletter campaigns. He works as a consultant delivering end products
to AudioBoomerang.com clients, such as advanced customized statistical
reports used for demographic or pyschological profiles for future campaigns.
In his spare time, he writes articles relating to Free Software (GPL) or
Free Literature (FDL) and is involved with the non-profit learning center
eastmont.net.
Copyright © 2002, Mark Nielsen.
Copying license http://www.linuxgazette.net/copying.html
Published in Issue 80 of Linux Gazette, July 2002
"Linux Gazette...making Linux just a little more fun!"
Red Hat and USB devices
By Mark Nielsen
- Purpose
- The Emperor Linux Computer I have and USB
- The USB Optical Mouse
- USB HP PhotoSmart 318 camera
- BUSLink 40G USB external hard drive
- Suggestions for Future
- Conclusion
- References
Purpose
The Purpose of this article is to get my USB mouse, USB camera, and USB hard drive to work with Linux.The Emperor Linux Computer I have and USB
I started to use Red Hat 7.3. Although it has come a long way and I really like how all the Linux Distributions are turning out, Red Hat 7.3 makes me mad for only a few reasons:- OpenOffice doesn't appear to be in the distribution. Whatever the reason is, it needs to be overcome. KDE Office and Gnome Office are cool, but not including OpenOffice is a big big big mistake. OpenOffice is one of the key suites to convert people to Linux. Having the choice of 3 office suites, Gnome Office, KDE Office, and OpenOffice (along with lots of other cool software like GIMP. Mozilla, Evolution, PovRay, etc) can really convert people over.
- The kernel under /usr/src/linux for Red Hat 7.3 doesn't seem to be configured the way they installed the kernels onto your system. I tried searching on Red Hat's website, but I didn't anywhere. Isn't it a little stupid that that don't supply (or make it easy to find) the configs files they used to compile the kernels? Perhaps I am blind, but it wasn't obvious to me where their custom config file was. It makes me mad because whenever I try to compile the kernel, I can never get all the features I want without it being too large (even though I try to modularize everything).
- The kernel installed apparently won't let you add modules that you create yourself. At least, when I tried to compile the usbide module outside the source tree of the kernel, it was giving some weird error saying it wasn't allowed to do it. However, on the computer I bought from Emperor Linux (Red Hat 7.2), I didn't have that problem (the kernel was compiled by the company and I was able to compile the usbide module without recompling the kernel).
Even though my USB camera and mouse works in Red Hat 7.3, because I couldn't use the usb hard drive with it (without compiling a new kernel from scratch which I always screw up), I decided to use the usb hard drive and camera with the Linux laptop I got from Emperor Linux.
The USB Optical Mouse
I have 3 USB optical mice (different brands) and they all worked with Red Hat 7.3, Red Hat 7.2, and my Emperor Linux computer. I don't know if the default kernel in Red Hat 7.2 works with the optical mice because I compiled different kernels (to get my wireless network cards to work right).NOTE: Whoever likes to use trackball mice compared to optical mice has to be an idiot. The optical usb/ps2 mice are very cheap these days and the balls on the standard mice always get cluttered with junk and wear out. Go out and replace the stupid trackball mice with an optical mouse today.
The USB HP PhotoSmart 318 camera
My HP PhotoSmart 318 camera really rocks. Here is a help page I found.http://lhd.datapower.com/db/dispproduct.php3?DISP=3101
It rocks because on a price/performance ratio, it was the best camera out there for $179. All the other cameras that could do the same (or even less) were easily two or three times more expensive. I think the market changed and a lot of older models haven't dropped in price yet. For my needs it was perfect. It had enough resolution, it saved jpg images, and I could get memory expansion if I needed it (8 megs is fine so I will never need to get the expansion).
Bottom line, in Red Hat 7.3 and my Emperor Linux computer, just as the article said:
- Changed the camera to hard drive mode.
- usb-uhci worked fine (in the article it didn't).
- In my /etc/fstab,
### for my camera. /dev/sda1 /mnt/camera vfat noauto,sync,nosuid,user,unhide 0 0
- mkdir -p /mnt/camera
- mount /mnt/camera
I think ultimately most people will be using digital cameras within 5 years and the standard camera industry will be dead except for photographers and the little cameras you buy for one-time events. Digital cameras will be able to contain so much memory in the next few years, hopefully within 5 years you can store hundreds of images on a simple small camera. Why would you want a film camera?
BUSLink 40G USB external hard drive
My USB external hard drive was a pain in the butt. It was easy once I found this webpage, http://bravin.home.cern.ch/bravin/usbide/usbide.html. It was a pain because I kept on trying and trying to figure what to do to get it to work.
- Downloaded usbide-1.2.2-b.tgz
- tar -zxvf usbide-1.2.2-b.tgz
- cd usbide
- make
- make install
- I had to make a symbolic link from /usr/src/linux pointing to my copy of the Linux kernel source.
- The hard drive can only have one partition because it won't save changes if you try to change the heads/sectors/cylinders.
- When I stress-tested the hard drive by copying lots of data over, after 1 gig, it froze on me and gave me a weird error. I haven't had a problem since.
- For whatever reason, the standard Red Hat 7.3 wasn't configured right to let me compile my own module and add it to the modules under /lib/modules. Personally, I think that is stupid.
- For whatever reason, I couldn't find a config file for kernel compiling to get the exact same kernel Red Hat has installed on my system. If I had to compile a new kernel, I would want the exact same one with just a few of my changes. Maybe you can do it and their config file exists somewhere, as I didn't try that hard, but it wasn't obvious (which it should be). Thus I just used the computer I got from Emperor Linux.
Suggestions for Future
I have a webcam I was interested in trying out. Look at http://webcam-osx.sourceforge.net/cameras.html. My IBM NetCam is not supported on that list, bummer. They are cheap enough. I will just consider buying a new webcam.Conclusions.
Using USB devices is really cool. I used to hate USB devices, but now that I can have tons of stuff attached to my Linux boxes without them using up all the resources, I like it. I just wish more companies would help create Linux drivers for their products. I would never use a USB hard drive for anything except backups and I wouldn't rely on USB for stuff that requires a lot of cpu power. Firewire is good for heavy stuff. All the other USB devices (mice, keyboards, printers, webcam, camera, etc) are a good match for USB because they require low overhead.I copied over 3 gigs of data to my hard drive and I got seek errors. I thought there could have been bad sectors, so I ran mkfs with the "-c" option, and it took all day. Eventually, mkfs bombed, so I am going to wait a little longer before I use the external hard drive with Linux. Most likely, I will check hardware compatibility and go out and buy a new external hard drive (maybe firewire instead of USB).
References
- http://lhd.datapower.com/db/dispproduct.php3?DISP?3101
- http://bravin.home.cern.ch/bravin/usbide/usbide.html
Mark Nielsen
Mark works at
AudioBoomerang.com
which creates, delivers, and tracks personalized multimedia email, web,
and newsletter campaigns. He works as a consultant delivering end products
to AudioBoomerang.com clients, such as advanced customized statistical
reports used for demographic or pyschological profiles for future campaigns.
In his spare time, he writes articles relating to Free Software (GPL) or
Free Literature (FDL) and is involved with the non-profit learning center
eastmont.net.
Copyright © 2002, Mark Nielsen.
Copying license http://www.linuxgazette.net/copying.html
Published in Issue 80 of Linux Gazette, July 2002
"Linux Gazette...making Linux just a little more fun!"
Configuring GDM 2.2
By Mark Nielsen
Introduction
GDM, or GNOME Display Manager, is a graphical login service for your computer when it boots up. Basically, it makes a nice pretty screen to look at before you log in. With the standard installation of RedHat, and I assume other distributions, GDM is really cool. As a user, you can run the program "gdmphotosetup" to set the picture of you that will show up in GDM when your computer starts. As the "root" user, you can configure GDM with "gdmconfig" which lets you set a lot of cool options. So why am I writing this article when you can do all this yourself? I will show you some bad things you are not suppose to do.Configuring GDM naughtily.
In the gdm.conf file, I changed these options (which you can also probably do in the gui setup program).TitleBar=true Browser=true LockPosition=false SetPosition=true PositionX=0 PositionY=700
Here is my /etc/X11/gdm/Init/Default script.
#!/bin/sh
/usr/X11R6/bin/xsetroot -solid "#363047"
### This next item is a huge security risk.
### It basically sets up an xterm with the user "mark".
xterm -r -fn 6x12 -geometry +0+25 -e '/etc/X11/gdm/mark.sh' &
#xterm -r -fn 6x12 -geometry +0+25 -e '/etc/X11/gdm/dummy.sh' &
### This puts a picture on the background.
/usr/bin/xsri -geometry 500x500+600+300 /etc/X11/gdm/im000048.jpg
### This puts xeyes on the screen to watch your mouse pointer.
xeyes -geometry +800+650 -bg white -fg green -outline blue &
### Christmas all year round.
xsnow -santaspeed 10 -santa 2 -snowflakes 1000 -whirl 4 -windtimer 30 &
### A clock down to the second.
xclock -digital -geometry +600+650 -update 1 &
### The popular mine game. Sorry, doesn't seem like you can position it.
### it just pops up in the middle of the screen.
gnomine &
### Maelstrom is pretty cool.
Maelstrom &
## xboard pops up behind GDM, so we can't use it.
#xboard &
### Chromium is a cool arcade-like old fashioned game.
chromium-setup &
### Look at the light shining on the earth.
kworldclock -geometry +750+0 &
### A silly creature for your desktop.
amor &
Now the contents of '/etc/X11/gdm/mark.sh'.
#!/bin/bash trap "" HUP trap "" INT trap "" QUIT trap "" KILL trap "" TSTP su -l mark exit exitWhy is the above script dangerous? Well, people can do stuff without logging in. That is why I put a bunch of traps in the script and made it exit as soon as someone quits as the user 'mark'. I don't want anyone to execute root commands, so you have to make it so root exits as soon as the user 'mark' quits and you have to trap the script so that someone doesn't cancel the quit -- which would leave them logged in as root. Still, the whole thing is bad and you shouldn't do it, even though I do. As an alternative to my xterm session, you could use "chroot", which I did successfully. It can be a little tricky to setup a chroot environment, but you can do it. Here is a sample of an account I calld "dummy". Remember, the /chroot/named environment has to look like the root directory with a /bin, /sbin, /lib, and all the other directories if you want the user to be able to do anything at all, and of course /etc/passwd.
Now the contents of '/etc/X11/gdm/dummy.sh'.
#!/bin/bash trap "" HUP trap "" INT trap "" QUIT trap "" KILL trap "" TSTP chroot /chroot/dummy su -l dummy exit exit
Conclusion
GDM is really cool, and I assume KDM is just a cool. I just like to configure GDM to be nice to look at when I or someone else sits down at them.You might want to have other games playing in the background of your gdm session. I tested various games, some work and some don't. Remember, every program you run is a potential security hole if someone can somehow execute commands through the program or know how to screw it up causing your computer to get messed up. Obviously, doing something like this on a client computer should get you fired.
References
- Configuring GDM 2.2
- Gnome Display Manager
- 6-24-1999 Setting up xdm.
- If this article changes, it will be available http://www.gnujobs.com/Articles/19/GDM.html
Mark Nielsen
Mark works at
AudioBoomerang.com
which creates, delivers, and tracks personalized multimedia email, web,
and newsletter campaigns. He works as a consultant delivering end products
to AudioBoomerang.com clients, such as advanced customized statistical
reports used for demographic or pyschological profiles for future campaigns.
In his spare time, he writes articles relating to Free Software (GPL) or
Free Literature (FDL) and is involved with the non-profit learning center
eastmont.net.
Copyright © 2002, Mark Nielsen.
Copying license http://www.linuxgazette.net/copying.html
Published in Issue 80 of Linux Gazette, July 2002
"Linux Gazette...making Linux just a little more fun!"
The Foolish Things We Do With Our Computers
By Mike Orr
Here, Mousie....
By Harry DrummondIf you're reading this, you're probably well at ease with your mouse by now. Some of us got the idea fairly easily, while others had to struggle. One of the roots of failure, I've observed, is that beginners often hold the mouse from above, like a cat that's just pounced on it and is determined that it isn't going to get away from them. Then they punch the button ferociously, and the mouse sheers wildly off target in terror.
I've persuaded several such people to relax their death-grip; to let their hand lie on the surface behind the mouse, just guiding it quietly with thumb and little finger, and gently clicking the buttons when necessary. And if their hand-eye co-ordination was shakey, then to work in L-shapes (e.g. down then across), and allow direct movement to creep in in its own time. These people have all come back a week later, pleased to report that they've got much better.
But in earlier days of computer mice, when they were still alien objects to many people, it was not uncommon for me to watch students put a mouse on its back and twiddle the mouse ball with their finger tips. The screen behaviour was wonderfully erratic, and as a method of selection it had distinct problems with clicking buttons, too.
On one occasion I watched two girls doing this and in friendly fashion showed them the proper way of using a mouse. They smiled, said thank you, and a few minutes later the mouse was on its back again. Not foolish - just their way of working. Or maybe I was seeing the birth of the trackerball...
[If you have a story about something foolish or ingenious you did to your computer, send it to gazette@linuxgazette.net-Iron.]
Mike Orr
Mike ("Iron") is the Editor of Linux Gazette. You can read what he has
to say in the Back Page column in this issue. He has been a Linux enthusiast
since 1991 and a Debian user since 1995. He is SSC's web technical
coordinator, which means he gets to write a lot of Python scripts.
Non-computer interests include Ska/Oi! music and the international language
Esperanto. The nickname Iron was given to him in college--short for Iron Orr,
hahaha.
Copyright © 2002, Mike Orr.
Copying license http://www.linuxgazette.net/copying.html
Published in Issue 80 of Linux Gazette, July 2002
"Linux Gazette...making Linux just a little more fun!"
Qubism
By Jon "Sir Flakey" Harsem
[These cartoons are scaled down to fit into LG. To see a panel in all its clarity, click on it. -Editor (Iron).]
![[cartoon]](misc/qubism/qb-lightsnoop.jpg)
![[cartoon]](misc/qubism/qb-ps2linux.jpg)
All Qubism cartoons are
here
at the CORE web site.
When I first started
working on Linux some years back I did rely on a standby Windows OS
installed in another partition in case something would fail. But soon
I realized that this Open Source OS had everything to offer without
my spending a penny. However, there are still times when I feel the
need to fire up some application that's written exclusively for Windows. What
do you do in such a situation? The answer is Wine. Wine has nothing to do with liquor ! There are products
like VMWare & Win4Lin that will let you run another OS (usually
Windows) on a running Linux machine so that you can run
your Windows programs. You could also go in for a more traditional
approach of having another partition with Windows installed on
it.However, these alternatives are more of an overhead on your system
than a solution. Wine stands apart from all these options, Wine, which stands for
“WINE Is Not an Emulator”, doesn't require you to buy a
Windows licensed copy. It it accomplishes this by rewriting the
complete Win32 APIs which differs from the Microsoft Code. Let's Raise a Toast If you would like
to try WINE, you can get the latest sources from the WINE
headquarters at http://www.winehq.com.
Building from source may not be necessary. The site has links to
daily builds in many different formats. Should you wish to obtain the
source and build for yourself, you’ll find that it is pretty
straightforward. The following steps can
be taken to accomplish your task:
You will see a steady stream of files coming into a directory called
“wine” relative to your current directory. After the
whole process is complete you can follow the same procedure of
compilation as above. Wine Configuration We will need a configuration file called “config” in the
“~/.wine/” directory. You can copy the a sample of
the same from the source directory:
The “config” file might appear daunting at a first glance
but you better stick to the defaults and change only the critical
parts that relate to your system.You will encounter a section
something like this: [Drive A] [Drive C] [Drive D] Wine actually tries to emulate a DOS-like drive and folder
structure so the section which starts with “[Drive C]”
indicates the mapping of a hypothetical drive C: to your linux
directory which in our case is “/c”. Next, some system folders like “windows” and
“system” are also mapped like this in the “[wine]”
section: "Windows" = "c:\\windows"
The “[DllOverrides]”
section of the config file handles the DLLs that are supplied with
Wine to be used in place of their Windows counterpart and some native
Windows DLLs that you might want to use:
; Be careful here,
wrong DllOverrides settings have the potential Various Ports and devices also can be configured in the
“[serialports]”
section:
The general appearance of the windows can be changed in the
“[Tweak.Layout]”
section. ;; supported styles are
'Win31'(default), 'Win95', 'Win98'
Next, we need to install a default registry which will exactly match
the way registry exists on a Windows Box.But before you do this we
need to make minor changes to “/etc/ld.so.conf”
. We'll add a line “/usr/local/lib/wine”,
which relates to all the libraries used by the software to mimic a
Windows atmosphere. Don't forget to run “/sbin/ldconfig”
after this step. Next, we will use regapi to install a default registry.
From the Wine source directory issue the following command:
Let's Fire it up!! Without waiting any further let's try
our hands on our Wine installation to run a simple Windows App.We
will try to run the standard Calculator which comes with Windows
(“calc.exe”). You can mount your windows partition
or copy the file “calc.exe”
with a floppy to your system in the folder “/c/windows”
and use any one of the ways to start it up: cd /c/windows; wine calc.exe This is the way it appears on my Linux
box. Pretty amazing isn't it!
Bye Bye for now! Wine is pretty indispensable when you
have to run Windows executables on your Linux box but one thing to
note here is that not all of your Applications will work on Wine, you
will have to figure out ways and tweaks to make your favorite App.
work fine. But for many cases Wine proves to be of a great help.
This article explains the steps I
take to secure my home computer and data
communications.
If you are an active proponent of computer
security, this article will be a review.
If you do not have any security practices
currently, you should read on to get a
general idea of how to secure a Linux box.
This obviously isn't a complete security
reference - I take security seriously,
but I'm not as vigilant as I could be with
my computer.
You will have to see for yourself
whether or not the items in this article
provide enough security for your needs.
I run a Debian Linux box here at home. I keep it powered
up and connected to the Internet at all times.
There are two reasons I want to keep this computer secure -
to hide my data from those who shouldn't see it,
and to protect my computer resources from those
who shouldn't be using them. I keep important stuff
on my machine - data that shouldn't be read (and
certainly not modified) by anyone but me. And I don't
want an intruder to be able to use my machine as a
staging ground for attacks on other targets. I'd be pretty
pissed if I found out someone was using my machine to
try to break into other systems.
After a fresh install, the first thing I do right off the bat is
configure iptables
in my kernel. Iptables
allows me to block any packets entering or leaving my
computer. This is important because I am constantly
connected to the net, which leaves my computer open for an
attack. Configuring iptables isn't for the faint of heart - it
requires downloading the kernel source code, configuring it correctly,
and installing it without screwing anything up. If you
have never done this before, you should check out the
Linux Kernel HOWTO, and practice compiling your kernel
a few times before trying to configure iptables.
Next is LIDS - the
Linux Intrusion Detection System. LIDS consists of a patch
for the kernel, and two userspace utilities - lidsconf and
lidsadm. The purpose of this system is to increase the
level of security of your computer by restricting access to files and
processes, and alerting you when attempts to break these restrictions
occur.
The great part about LIDS
is that you can even restrict the root account's permissions. This
reduces the power of the root account, and limits the damage that
can be done if an intruder gets root privileges.
I use LIDS to protect my system binaries, my log files in /var/log,
and my configuration files in /etc. The binaries I mark as READONLY
so that no user, including root, can modify or delete them.
The log files I mark as APPEND so that programs can write data to files in
this directory, but cannot delete or change existing data.
The next thing I do is
minimize the number of services running
on the computer. The less services I run, the less
chance there is for someone to be able to break into my
machine. Distributions tend to let a lot of daemons run by
default, which is a bad thing in my opinion. I turn off telnet,
FTP, named, and all of the R* daemons, to name a few. I basically
turn everything off so that I don't have to worry about keeping
them updated with security fixes and such. For the services that
I do run, I install any security patches that are created
as soon as possible. And if a situation occurs where there is
a vulnerability made public without the proper fix, I will
turn off the service.
After reducing the number of services running on my computer,
I type "netstat -l" to see what sockets are listening for connections.
I do this just to make sure I haven't missed any services that
I don't need. Every once in a while I'll miss something important,
and catch it later on with netstat.
After an installation, I run
chkrootkit about
every week or so. This program will alert me to the presence
of any rootkits on my computer. A rootkit is a set of tools that a cracker
can use to hide his tracks - the kit contains trojaned(altered)
versions of various utilities like ps, ifconfig, and
others. If an intruder broke into my machine and installed
a rootkit, he could basically use my computer resources for
whatever he wanted, and I could only detect him if
I was paying very close attention to my system.
You can download and analyze various rootkits (for educational
use only!) at
packetstorm
. The one I've seen mentioned the most is LRK5, which is listed
about half way down the page.
When downloading files off of the Internet, I generate checksums
for them using
md5sum. Most sites that provide downloadable files
also list their checksums, so that I can check to see that the files
I download match the files they are providing. This is a simple
check, and reassures me that I am getting the right bits.
There is of course the possibility that both the files and the
checksums have been tampered with, but in this situation the
web site will probably figure it out quickly, and fix the problem.
All of the security in the world cannot guarantee that
your machine will be safe from crackers. I can honestly say
that I don't think my computer has ever been compromised,
but I'm not 100% sure. For the first couple of months that I
used Linux, I didn't give a squat about security - I was just
trying to get the operating system working. I was more
interested in learning the basic userspace commands, and
didn't want to be bothered by anything else.
I was wide open for an attack.
I had a VA Linux machine with a stock Redhat system they put on
there. I probably was running many servers, and didn't even know it.
Poor guy.
Well, If my machine ever becomes compromised in the future, I will
first head over to the main site for
The Coroner's Toolkit. TCT is a set of tools
that allow you to figure out what happened on a
compromised machine. You run them, and sit back and relax
while they collect data from your hard drive. I haven't
personally used these tools, but from what the web site says,
they do a pretty decent job. Another impression I get from the web
site is that the tools are extremely difficult to use for novices,
so you are in for a lot of reading and learning if you don't have any
experience with TCT. On
the bottom of the main page they have a couple of links to HOWTO
documents, so your best bet is to start there.
I would also check out the
Honeynet Project.
The purpose of this project is to perform research in forensics
analysis, and present this research to the public in the hopes of
raising awareness about security. They have a monthly
forensics contest, where they present information about
a real compromise on their network, and ask for write-ups
on how to investigate the intrusion. The archive for this
contest has a lot of great submissions by security professionals -
I actually learned about The Coroner's Toolkit by seeing
it mentioned in a handful of these investigations. Anyone
interested in computer forensics should go to this site
and read as much information as they can find - there's
enough to keep you busy for a while.
Transmissions by default are insecure. Your
data just flies across the Internet for everyone
to see, and you can't do anything about it. You can use
the traceroute program to see an example of this in
action. Type "traceroute www.google.com" at your command
prompt, and you'll
see every machine that gets to look at the data you
send google during a web search.
I make sure that whenever I am logging in to a site,
I use the secure page - https. HTTPS uses SSL, which
encrypts your data while in transit. If I didn't do
this, my password could be sniffed by a compromised machine.
For example, Yahoo! provides a method of secure login
when submitting my username and password for their
various web services. I have a Yahoo! email account, and
use this secure login whenever I am checking my mail.
For remote administration, I use
ssh and scp.
These two programs are replacements for telnet and FTP.
They are easy to install, and work just as well
as the programs they replace. Once installed, I
open up the corresponding ports in my iptables
configuration so that I can connect to the machine from outside.
For email, I use
GnuPG to encrypt data that
I don't want anyone reading. When I am sending sensitive
information to someone, I use their public key to encrypt it.
I ask the same of people sending sensitive information to me.
My public key is downloadable from my
web site,
and also available on various
public key servers.
These steps assure me that I'm the only one reading the email
destined for my inbox.
I hope you enjoyed this article - I tried to explain,
as clearly as possible,
the steps I take to secure my computer and data communications.
If you feel there are any glaring
errors or omissions, by all means
let me know. My security policy is far from perfect,
and I'm very eager to hear about your practices
and experiences.
The following is a list of sites I visit regularly to get
information on various security topics:
I installed SpamAssassin (SA)
and instantly developed a new pastime. Even funnier than reading spam is
reading what SA has to say about it. SA is a filter daemon (or standalone
program) that reads an e-mail message and analyzes it for spam, adding a
couple headers to give its verdict. If it thinks the message is spam, it also
puts a "***SPAM***" prefix in the Subject: and adds some structured comments to
the body saying what's suspicious about the message. Those comments in the
body are where the funny parts are. SA is so amusing that I've given up my
two other recent pastimes: collecting Klez worms and Nigeria scams. I just
/dev/null the Klez worms now.
Well well well well well, I do declare. What's the most interesting
piece of spam this month? Tsk, tsk. (For background info about this company,
see the News Bytes column in LG #71-76.)
Happy Linuxing!
Mike ("Iron") Orr
Jon is the creator of the Qubism cartoon strip and current
Editor-in-Chief of the
CORE News Site.
Somewhere along the early stages of
his life he picked up a pencil and started drawing on the wallpaper. Now
his cartoons appear 5 days a week on-line, go figure. He confesses to
owning a Mac but swears it is for "personal use".
Jon "SirFlakey" Harsem
Copyright © 2002, Jon "Sir Flakey" Harsem.
Copying license http://www.linuxgazette.net/copying.html
Published in Issue 80 of Linux Gazette, July 2002
"Linux Gazette...making Linux just a little more fun!"
Wine: Raising a toast to your Windows Apps on Linux
By Gaurav Taneja
gunzip Wine-20020411.tar.gz
tar -xvf Wine-20020411.tar
cd wine-20020411
./configure
make depend
make
make install
If you are interested in the bleeding-edge version of Wine and as a matter of fact any major software you should
follow the path of CVS.The latest source in the CVS tree might prove to be more efficient in terms of raw performance.
The following procedure can be followed to grab the latest source:
export CVSROOT=:pserver:cvs@cvs.winehq.com:/home/wine
cvnpres login
When asked for password, provide 'cvs':
cvs -z 3 checkout wine
cp documentation/samples/config ~/.wine/config
"Path" = "/mnt/fd0"
"Type"
= "floppy"
"Label" = "Floppy"
"Serial"
= "87654321"
"Device" = "/dev/fd0"
"Path" = "/c"
"Type"
= "hd"
"Label" = "MS-DOS"
"Filesystem"
= "win95"
"Path" = "/cdrom"
"Type"
= "cdrom"
"Label" = "CD-Rom"
"Filesystem"
= "win95"
; make sure that device is correct and has
proper permissions !
"Device" = "/dev/cdrom"
"System"
= "c:\\windows\\system"
"Temp" = "e:\\"
"Path"
= "c:\\windows;c:\\windows\\system;e:\\;e:\\test;f:\\"
"Profile"
= "c:\\windows\\Profiles\\Administrator"
"GraphicsDriver"
= "x11drv"
; Wine doesn't pass directory symlinks to
Windows programs by default.
; Enabling this may crash some
programs that do recursive lookups of a whole
; subdir tree in
case of a symlink pointing back to itself.
;"ShowDirSymlinks"
= "1"
"ShellLinker" = "wineshelllink"
We will have to create some the basic Windows directory
structure (“windows” , “system”
directories as mentioned in the “[wine]” section in
the “config” file:
cd /c
mkdir -p windows/system
mkdir -p windows/Start\ Menu/Programs
; to pretty much
kill your setup.
[DllOverrides]
"commdlg" = "builtin,
native"
"comdlg32" = "builtin, native"
"ver"
= "builtin, native"
"version" = "builtin,
native"
"shell" = "builtin, native"
"shell32"
= "builtin, native"
"shfolder" = "builtin,
native"
"shlwapi" = "builtin,
native"
"shdocvw" = "builtin,
native"
"lzexpand" = "builtin, native"
"lz32"
= "builtin, native"
"comctl32" = "builtin,
native"
"commctrl" = "builtin,
native"
"advapi32" = "builtin,
native"
"crtdll" = "builtin, native"
"mpr"
= "builtin, native"........Com1=/dev/ttyS0
Com2=/dev/ttyS1
Com3=/dev/modem,38400
Com4=/dev/modem
;; this has *nothing* to do
with the windows version Wine returns:
;; use cmdline option
--winver if you want that.
"WineLook" = "Win98"
Remember the Windows Registry ?
programs/regapi/regapi setValue < winedefault.reg
wine
/c/windows/calc.exe
wine "c:\windows\calc.exe"
I work as a Technical Consultant in New Delhi,India in Linux/Java/XML/C++.
I'm actively involved in open-source projects, with some hosted on
SourceForge. My favorite leisure activities include long drives, tennis,
watching movies and partying. I also run my own software consulting company
named BroadStrike Technologies.
Gaurav Taneja
Copyright © 2002, Gaurav Taneja.
Copying license http://www.linuxgazette.net/copying.html
Published in Issue 80 of Linux Gazette, July 2002
"Linux Gazette...making Linux just a little more fun!"
My Guide To Linux Security
By Rob Tougher
1. Introduction
2. Securing My Linux Box
2.1 Installation
2.2 Post-installation
2.3 Post-compromise forensics (nobody's perfect)
3. Secure Transmissions
4. Conclusion
a. References
Rob is a C++ software engineer in the NYC area.
When not coding on his favorite platform, you can
find Rob strolling on the beach with his girlfriend, Nicole,
and their dog, Halley.
Rob Tougher
Copyright © 2002, Rob Tougher.
Copying license http://www.linuxgazette.net/copying.html
Published in Issue 80 of Linux Gazette, July 2002
"Linux Gazette...making Linux just a little more fun!"
The Back Page
Wacko Topic of the Month
SpamAssassin
SPAM: -------------------- Start SpamAssassin results ----------------------
SPAM: This mail is probably spam. The original message has been altered
SPAM: so you can recognise or block similar unwanted mail in future.
SPAM: See http://spamassassin.org/tag/ for more details.
SPAM:
SPAM: Content analysis details: (16.2 hits, 5 required)
SPAM: Hit! (2.2 points) BODY: As seen on national TV!
SPAM: Hit! (1.5 points) BODY: Asks you to click below
SPAM: Hit! (0.2 points) BODY: No such thing as a free lunch (1)
SPAM: Hit! (-0.1 points) BODY: Claims you can be removed from the list
SPAM: Hit! (2.1 points) BODY: Talks about opting in
SPAM: Hit! (3.0 points) URI: Uses a dotted-decimal IP address in URL
SPAM: Hit! (0.1 points) URI: Uses non-standard port number for HTTP
SPAM: Hit! (3.5 points) URI: URL of page called "remove"
SPAM: Hit! (-0.8 points) BODY: JavaScript code which can easily be executed
SPAM: Hit! (-0.5 points) BODY: HTML mail with non-white background
SPAM: Hit! (1.8 points) BODY: Tells you to click on a URL
SPAM: Hit! (3.2 points) HTML-only mail, with no text version
SPAM:
SPAM: -------------------- End of SpamAssassin results ---------------------
SPAM: Hit! (0.6 points) Invalid Date: header (wierd month)
SPAM: Hit! (0.5 points) BODY: A WHOLE LINE OF YELLING DETECTED
SPAM: Hit! (3.0 points) URI: Uses a dotted-decimal IP address in URL
SPAM: Hit! (-0.8 points) BODY: Image tag with an ID code to identify you
SPAM: Hit! (-0.4 points) BODY: Contains a line >=199 characters long
SPAM: Hit! (1.8 points) BODY: Tells you to click on a URL
SPAM: Hit! (3.2 points) HTML-only mail, with no text version
SPAM: Hit! (2.0 points) Received via a relay in relays.osirusoft.com
SPAM: [RBL check: found 148.167.27.64.relays.osirusoft.com., type: 127.0.0.4]
SPAM: Hit! (3.0 points) DNSBL: sender is Confirmed Spam Source
SPAM: Hit! (1.0 point) From: ends in numbers
SPAM: Hit! (0.5 points) Subject has an exclamation mark
SPAM: Hit! (0.4 points) Subject has lots of exclamation marks
SPAM: Hit! (-0.5 points) BODY: Contains 'Dear Somebody'
SPAM: Hit! (2.7 points) BODY: Nigerian scam key phrase ($NN,NNN,NNN.NN)
SPAM: Hit! (2.4 points) BODY: Nigerian scam key phrase
SPAM: Hit! (4.3 points) BODY: Nigerian Bank or Petroleum scam, cf http://www.snopes2.com/inboxer/scams/nigeria.htm
SPAM: Hit! (2.2 points) BODY: Risk free. Suuurreeee....
SPAM: Hit! (-0.4 points) BODY: Contains a line >=199 characters long
SPAM: Hit! (4.3 points) Reply-To: is empty
SPAM: Hit! (2.4 points) 'Message-Id' was added by a relay (2)
SPAM: Hit! (2.2 points) From: has a malformed address
SPAM: Hit! (1.5 points) Message-Id is not valid, according to RFC-2822
SPAM: Hit! (1.3 points) Message-Id has no @ sign
SPAM: Hit! (0.5 points) Possibly-forged 'Received:' header found
SPAM: Hit! (2.1 points) BODY: FONT Size +2 and up or 3 and up
SPAM: Hit! (3.2 points) HTML-only mail, with no text version
SPAM: Hit! (1.0 point) From: ends in numbers
SPAM: Hit! (0.5 points) Subject has an exclamation mark
SPAM: Hit! (0.4 points) Subject has lots of exclamation marks
SPAM: Hit! (0.9 points) URI: Filename is just a '\#'; probably a JS trick
SPAM: Hit! (-0.8 points) BODY: JavaScript code which can easily be executed
SPAM: Hit! (0.0 points) BODY: Includes a URL link to send an email
SPAM: Hit! (3.2 points) HTML-only mail, with no text version
SPAM: Hit! (1.9 points) Subject is all capitals
SPAM: Content analysis details: (6.2 hits, 5 required)
SPAM: Hit! (1.1 points) BODY: Contains a large block of hexadecimal code
SPAM: Hit! (-0.6 points) BODY: Frame wanted to load outside URL
SPAM: Hit! (1.8 points) No MX records for the From: domain
SPAM: Hit! (1.9 points) Subject is all capitals
SPAM: Hit! (2.0 points) Subject contains a unique ID number
SPAM: Content analysis details: (10.1 hits, 5 required)
SPAM: Hit! (1.2 points) Valid-looking To "undisclosed-recipients"
SPAM: Hit! (0.5 points) Subject has an exclamation mark
SPAM: Hit! (0.4 points) Subject has lots of exclamation marks
SPAM: Hit! (0.2 points) BODY: Contains at least 3 dollar signs in a row
SPAM: Hit! (0.2 points) BODY: No such thing as a free lunch (1)
SPAM: Hit! (2.3 points) BODY: List removal information
SPAM: Hit! (1.9 points) BODY: List removal information
SPAM: Hit! (1.0 point) BODY: No such thing as a free lunch (3)
SPAM: Hit! (0.5 points) Forged hotmail.com 'Received:' header found
SPAM: Hit! (1.9 points) Subject is all capitals
SPAM: Content analysis details: (12.6 hits, 5 required)
SPAM: Hit! (2.0 points) From: contains numbers mixed in with letters
SPAM: Hit! (1.0 point) From: ends in numbers
SPAM: Hit! (0.6 points) From: does not include a real name
SPAM: Hit! (2.7 points) BODY: Claims you can be removed from the list
SPAM: Hit! (1.9 points) BODY: List removal information
SPAM: Hit! (0.1 points) BODY: List removal information
SPAM: Hit! (1.3 points) URI: Includes a link to a likely spammer email address
SPAM: Hit! (-0.4 points) BODY: Contains a line >=199 characters long
SPAM: Hit! (0.5 points) Forged hotmail.com 'Received:' header found
SPAM: Hit! (1.0 point) Received via a relay in orbs.dorkslayers.com
SPAM: [RBL check: found 17.98.187.210.orbs.dorkslayers.com.]
SPAM: Hit! (1.9 points) Subject is all capitals
World of Spam
From: "ElcomSoft, Inc"
Editor, Linux Gazette, gazette@linuxgazette.net
Copyright © 2002, the Editors of Linux Gazette.
Copying license http://www.linuxgazette.net/copying.html
Published in Issue 80 of Linux Gazette, July 2002