[A guest commentary from our News Bytes editor. I asked him to summarize the controversy on Slashdot regarding SSH/SSL vulnerabilities, and to assess whether we need an article on it. -Mike]

Date: Thu, 28 Dec 2000 16:55:56 +0000 Subject: Re: Late News Bytes additions
From: Michael Conry michael.conry@softhome.net

Hi Mike, please find attached the <A HREF="lg_bytes61.html">news bytes 61 file</A>. I did go through the SSH issues, and summarised them briefly. I kind of skirted around the SSL because it seemed less clear cut, and very much an issue of implementation and protecting users from themselves. Most discussion in the links focussed on SSH in any case.

I would recommend, not an article on Holes in SSH, but rather an article on security in general. Lots of contradictory messages on Slashdot indicate that people still don't really understand what is going on or how exactly to administer a public key system.

The issues are not new, but are inherent in public key systems. pgp,gnupg is the same (how can i be sure the key i think is yours is really yours?). The biggest issue is probably users (lusers) ignoring warning messages.

The new dsniff software is probably worth commenting on also. I included a link in my short discussion, but have not studied it. What could be very interesting would be for an article to highlight how to use tools like this to strengthen your system/network by scrutinising it and probing it. Focus tends to be on how these tools allow malicious people to break other people's systems.

bye for now
michael

[There were several other messages this month, but it's 10:45pm on New Year's Eve, and I want to publish LG and get to the club by 12. The letters will be printed next month. -Mike.]

"Linux Gazette...making Linux just a little more fun!"

Contents: Distro News News in General Software Announcements

Selected and formatted by Michael Conry

Submitters, send your News Bytes items in PLAIN TEXT format. Other formats may be rejected without reading. You have been warned! A one- or two-paragraph summary plus URL gets you a better announcement than an entire press release.

January 2001 Linux Journal

The January issue of Linux Journal is on newsstands now. This issue focuses on Multimedia. Click here to view the table of contents, or here to subscribe. All articles through December 1999 are available for public reading at http://www.linuxjournal.com/lj-issues/mags.html. Recent articles are available on-line for subscribers only at http://interactive.linuxjournal.com/.

Vendors: Linux Journal's 2001 Buyer's Guide wants your product listings! Listings are absolutely FREE of charge, however you must register your products by January 15, 2001. The deadline is firm so make certain to get your free listings in today. http://www.linuxjournal.com/bg/.

Caldera

OREM, UT-December 19, 2000- Caldera Systems, Inc., announced that they have contracted with Richard Sharpe of the Samba team to create a client library that will make Linux and Microsoft integration easier for developers. The Caldera-funded project includes the development of library source code, associated reorganization and reuse of Samba code and documentation of the library API. The library and documentation will be available under the General Public License (GPL). Caldera's engineering group will work with the Samba team to complete the project by February 2001.

"Richard Sharpe is perfectly suited for this project," said John Terpstra, vice president of technology and Open Source strategist for Caldera Systems, "We believe this library built with Samba code will become the standard for developers writing software that integrates with Microsoft networks."

Developers interested in more technical detail on the project can visit the Samba Web page.

Mandrake

CAMBRIDGE, MASSACHUSETTS, USA (December 4, 2000) - Integrated Computer Solutions, Inc. (ICS), the leading supplier of commercial OSF/Motif products and support, and MandrakeSoft, publisher of the Linux-Mandrake operating system, announced the immediate availability of Open Motif optimized for the Linux-Mandrake operating system. More details are available in the press release

Open Motif optimized for the Linux-Mandrake 7.2 operating system is available for free downloads at the MotifZone, ICS's Motif portal site (www.motifzone.net). Open Motif is also bundled with the Linux-Mandrake 7.2 PowerPack Deluxe.

Red Hat

RESEARCH TRIANGLE PARK, N.C.--December 11, 2000-- Red Hat, Inc. today announced that Cradle Technologies, Inc., is leveraging a broad set of Red Hat's embedded technologies and services as part of its strategy to supply a revolutionary silicon platform for stream processing applications.

The Cradle contract includes consulting services and porting of Red Hat's GNUPro embedded development tools, eCos and embedded Linux operating systems, to Cradle's Universal Microsystem platform (UMS). Cradle's UMS platform will make it possible for new embedded systems to be developed simply by redesigning software, rather than by constantly rebuilding the entire chip hardware.

RESEARCH TRIANGLE PARK, N.C.--December 13, 2000-- In further embedded Linux developments, Red Hat announces a deal with Rymic Systems that will put Red Hat Linux (uClinux) behind as many as 50,000 Army trucks and fighting vehicles. These vehicles will run a next-generation Rymic appliance that assesses, in real time, the likelihood of vehicle failure.

The device will monitor dozens of specific variables on an array of military vehicles, and provide decision-makers with additional information when considering which forces to deploy, which fighting vehicles to pull back from the battlefield and which vehicles require immediate maintenance and repairs.

For more information on Red Hat Embedded Linux please visit www.redhat.com/embedded.

SuSE

Oakland, Calif., USA (December 1, 2000) -- SuSE Linux announced a new strategic alliance with SGI. Under the alliance agreement, SGI will make an equity investment in SuSE Linux and will co-operate on the development, deployment and support of the Linux operating system and infrastructure code.

Earlier this year, the companies successfully introduced Linux FailSafe, a scalable and modular high-availability solution based on IRIS FailSafe system software developed for the SGI IRIX operating system. Linux FailSafe offers advanced clustering capabilities to Linux. SuSE, SGI and others also cooperated in the highly regarded IA-64 Trillian Linux effort.

SuSE have also brought it to our attention that there is integrated backward-compatible Pentium 4 recognition in the standard Linux kernel 2.2.16 included in SuSE Linux 7.0. A boot disk image of the kernel can be downloaded from their ftp site

Upcoming conferences and events

SSH/SSL Vulnerability

There have been a few articles going around regarding possible security risks associated with the use of SSH and SSL. Kurt Seifried has written several times on this subject, as far back as September 1999. More recently he has returned to the topic in an article on www.SecurityPortal.com, and a follow up article responding to some of the feedback he got from readers. This topic seems to have stirred up quite a reaction, and has been further discussed by the contributors to Slashdot.

Without wanting to repeat too much of the discussion that has gone before, the issue basically boil down to one of key exchange and trust. The only real risk to SSH security is in the initial contact with a machine when you do not know whether it is in fact the host you think it is. This is not an SSH problem, as such, but rather is a difficulty with any public key encryption system. The trick is to find a secure way to distribute your public key that does not inconvenience your users too much.

Also, the largest risk to security is not, in general, software problems. Many problems actually originate from users who ignore or do not understand warning signs that something is wrong. The problems with software highlighted in these articles are the extent to which they leave themselves open to poor use.

It is certainly worth pointing out that none of these links highlight any NEW flaw in the SSH/SSL system or implementation. The main reason for the recent focus on these issues is the release of a new piece of software: dsniff, which makes easy interception of SSH traffic more convenient for a wider number of people. This is not because it exploits any weakness, rather it provides some handy tools to automate the interception process. However, wide availability of these tools does increase the chance of casual attacks on systems.

The take-home message is that the best way to keep a system secure is by educating yourself your boss and your users about security. It is only by understanding what is going on that you have any chance of keeping your system healthy (hardly earth-shattering news, but true none-the-less).

Linux Clusters Powering Genome Research

SALT LAKE CITY, UTAH, Dec. 14, 2000 - Linux NetworX, Inc., a provider of large-scale clustered computer solutions announced that the Lawrence Berkeley National Laboratory, Berkeley Calif., has selected a Linux NetworX cluster computer system for its Drosophila Genome Project.

Using the Linux NetworX cluster system with 40 processors, Berkeley Lab is analyzing and sequencing the Drosophila (fruit fly) genome. The Drosophila's 15,000 genes are similar to a human's 100,000 genes and have been used extensively in the past as a model organism for research studies.

"The Linux NetworX cluster is much more cost efficient than the systems we've used in the past," said Erwin Frise, systems manager and biomedical scientist, Lawrence Berkeley National Laboratory. Frise also explains that because clusters are highly scalable, Berkeley Lab will in the future be able to add additional compute modules to the system to keep it up to date, something not feasible with a supercomputer.

New look for ShowMeLinux

Vancouver, British Columbia. December 1st, 2000 - LuteLinux.com, a Canadian-based Linux developer announces the unveiling of ShowMeLinux's exciting new look. LuteLinux had previously announced the addition of ShowMeLinux to their family of services, LuteLinux is hosting all future issues and has taken over as publisher of ShowMeLinux. The new look was created by Adam Puchalski, a welcomed new addition to both LuteLinux and ShowMeLinux, as their Graphic/Web designer, and co-editor of ShowMeLinux.

ShowMeLinux is published with the goal of helping readers develop an in-depth understanding of the Linux movement through rich, beginner friendly content. It explores practices for configuring, deploying and maintaining the latest Linux technology.

HP and Sprint PCS Form Wireless Email Alliance

Linux based BizRelations Inc. Announces First Fully Functional Wireless Email in time for Holidays

BizRelations have largely based their IT infrastructure on an Open Source Linux foundation. BizRelations has successfully been using the Linux Virtual Server (LVS) along with RedHat's Piranha clustering tool to provide high availability and scalability for web, email and SQL services. Sybase ASE 11.0.3.3 for Linux was the SQL server chosen by BizRelations, while the email solution chosen was qmail Another core function is monitoring the availability of systems and networks. To fill this requirement NetSaint was used. "If there are any problems, an email gets sent to the support cellphone stating the nature of the problem." says Patrick Petersen (President of BizRelations). After running with RedHat Linux for over a year, even if Windows 2000 was a free alternative, BizRelations would willingly shell out the money for Linux.

Linux Links

Salon take a look at free wireless TCP/IP networks in the US. The originators see it as an extension of the Open-Source/Free-Software ethos.

ZD-Net take an in-depth look at running Linux on laptops. (For anyone wanting to turn their shiny new toy into a real computer!)

Newsforge comment on Bruce Perens' move to HP as head of the company's Linux and open-source strategies. This is being touted as the first Open-Source foray into the upper echelons of Big Business

East Bay Express looks at a life in a TelCo call centre. Makes you look a bit differently at those frustrating periods on hold.

Some links courtesy of Slashdot:

• NSA Linux distribution is discussed in a Slashdot article and in a different tone on the official website where, incidentally, you can download it for yourself. Look it up soon, though, because they still aren't 100% sure they can continue to distribute it.
• Linux 2000 timeline
• Turbolinux have demonstrated the use of a Linux cluster to crack 5-character NT passwords in just one minute. Read more here. (Please note, Turbolinux does not endorse breaking passwords, they just like building good clusters!)
• A look at why UCITA is BAD. The issues are complicated, but this is a very important issue to the future of software distribution and engineering.

• For those wanting to keep in touch with the BSD side of things, the Duke of URL has a review of Free BSD 4.2 (even draws comparisons against Linux).
• The Finnish Software Engineering distribtion Best Linux 2000 R3 is out. Read the review and find out how good Linux is in the homeland.

The Linuxcare support Database is available online if you have some problems you need solutions for.

OS Opinion take a look at the difficulties with complicated software, in particular the ramifications of OSX's UNIX/BSD heritage.

Some highlights from Linux Weekly News:

• If anyone is still in doubt what Linux IS, and would like a smile, check out this article.
• Those of an artistic temperament should look at Penguin Art.
• Also, courtesy of LWN comes this link to Salon's round up of tech stories and non-stories of 2000AD.

KDE 2.0.1

KDE have announced release of KDE 2.0.1. The official announcement is available here.

There is also a KDE Beta available for download.

XFree86 4.0.2

XFree86 have released XFree86 4.0.2, and the Duke of URL has posted a review . Highlights include ATI Radeon support.

For the official news, refer to the XFree86 news section. Before you actually download or use this you will also probably want to check out the Release Notes

Smart Batteries

SoftTools Technology, Inc. has announced their new Linux Smart Battery System Software Suite (Linux SBS3). The Linux SBS3 is a complete software solution for Portable systems that provides support for systems that incorporate Smart Battery System components under Linux. A User Friendly applet with a GUI for multiple smart batteries and/or regular batteries that read and provide accurate information to the user is also available.

Free Download of Configuration Management System Elego ComPact

The establishment of elego Software Solutions GmbH has been announced in Berlin. The new company specializes in software configuration management (SCM), and offers a wide range of support, service, and general consulting in the area of configuration management (CM).

Elego ComPact is a full-featured configuration management (CM) system based on the well-known and reliable version control system CVS. Elego ComPact extends CVS capabilities by adding new functions and concepts, including build management and component model. Elego ComPact may be used freely for all non-commercial purposes; commercial users must obtain a license.

Elego ComPact claims to add missing features and concepts to the basic CVS system:

You may download a current development snapshot of Elego ComPact for evaluation purposes or free private use via FTP or HTTP from their download page.

For more information see www.elego-software-solutions.com

VMware Enters Server Market

PALO ALTO, Calif., December 5, 2000 - VMware, Inc.. For the latest VMware press releases, check out: www.vmware.com/news/.

VMware have made a number of announcements around two new server products:

• - VMware Enables Intel Server Customers to Scale their Internet Computing Infrastructures Safely, Reliably and on Demand
• - VMware Announces Initial Adopters of its New Server Products - CenterBeam, Inc., eOnline, Inc., Merrill Lynch, and ProTier
• - Compaq, Dell, IBM and VA Linux are Founding Partners in VMware's Preferred Server Hardware Vendor Program
• - VMware Forms Professional Services Organization and Announces New Offerings to Ensure Customer Success

WARP Aim to Improve Web Performance

NEW YORK, NY * November 1, 2000 * WARP Solutions, Inc., providers of Web infrastructure software for the area of optimum performance of Internet applications, have launched the WARP Performance Suite, initially consisting of WARP Intelligent Content Distributor, WARP Global Load Balancer and WARP Load Balancer. Additional products - - WARP Dynamic Content Director, WARP Cache Master and WARP Secure - - are being rolled out on an individual basis during the fourth quarter and early next year. This suite of modules aim to enhance web-server performance with emphasis on "performance, reliability, scalability, security, speed and interoperability". WARP's initial launch will run on Solaris, Compaq Tru64 and Linux platforms.

ACCESS Introduces Linux-based Browser Development Kit

MILPITAS, Calif./TOKYO, Japan - December 11, 2000 - ACCESS Co., Ltd. introduced a NetFront 2.6 Linux Software Development Kit (SDK) for the worldwide market. This should speed the integration of ACCESS' popular NetFront browser into Linux-based Internet appliances and other non-PC applications.

Since its introduction in 1995, NetFront browsers have been shipped in over 18 million embedded devices from 40 manufacturers. NetFront is an ideal browser for Internet TVs, PDAs (personal digital assistants), set-top boxes, car navigation systems, smart phones, web/screen phones, vertical Internet terminals, video game consoles and Internet kiosks.

The browser kernel is less than 270 KB of code and fits in 1.3 megabytes of ROM and 2 megabytes of RAM. It supports the full HTML 3.2 specification and selected portions of HTML 4.0. It supports frames, JavaScript, cookies, web printing and multilingual capabilities.

This SDK lets developers customize the user interface to their desired look and feel and add plug-in applications tailored for specific applications. NetFront version 2.6 SDK for Linux will be available as a full source code package. The SDK includes the NetFront version 2.6 browser kernel, a sample user interface module and PIM suite, the Internet mail module, a sample library for peer interface layer and graphics layer (GTK/SDL), and documentation. An SDK with five-seat development license is available for $40,000 including three months support.

Linux-Based Intranet Broadcast Solutions

The first system offered by the alliance is a Linux-based server solution, providing users a viable means to stream broadcast-quality transmissions. It includes 2netFX's StreamRider client and ThunderCast/IP server software and Zapex's ZL-330 encoder with Dolby digital audio and MPEG-2 video. It is the first encoder of its type to achieve Dolby certification for Linux operating systems, and it eliminates inherent lip-sync issues by providing Transport Stream multiplexing within the Zapex encoder.

The ZL-330 produces high quality video images at low bit rates. "The resulting low-bandwidth video stream from the ZL-330 permits an unlimited number of users to access a multicast video," says Gary Marsh, Zapex vice president of sales and marketing. "Coupled with the 2netFX software, PC users can interactively select which programming they wish to view, then capture and store the video locally. Effectively, customers can select their own viewing schedules, depending on application."

Linux2order.com

Fox On Linux

Fox on Linux is a commercial Linux application, providing businesses with a sophisticated, graphical software package to deal with their core financial accounting needs. Fox on Linux can be integrated with other corporate front-end applications and comes with online support and training. Flexible in its operation, multi-user, and with a 12KBS low bandwidth requirement it can be accessed over the Internet. Installation is claimed to be easy, so a system can be up and running in a very short time. For further briefing or a chance to trial Fox on Linux software go to www.foxonlinux.com.

Other Software

Copyright © 2000, Michael Conry and the Editors of Linux Gazette.
Copying license http://www.linuxgazette.com/copying.html
Published in Issue 61 of Linux Gazette, January 2001

Contents:

¶: Greetings From Heather Stern

Baffled

A rather unique query (I hope)

info needed --or--

What is Linux?
the screensavers look great!

Linux Installation question

Abt.. Michael Lauzon's Q in issue 60.. --or--

Tell me about the K guys
SCI-Linux project to use multiple package types?

minimum configuration Linux ? --or--

Data Recovery Vendor Seeks Linux Basics RAIDs do not guarantee safety for your data

a question --or--

Linux, UNIX, what's the difference?

linux question

Red Hat 7.0 Crackerz!

Transmitting PaperPort files with .max Definitely some Windows file format

Help Me Delete Linux

Removing Linux: Sacrilege!

uninstall linux --or--

Another uninstall: Getting to a Root Prompt to Blow it All Away

setting root password

I can't seem to write to my vfat (Windoze) file system with any user other than root.

For Jim Dennis...Hello from South Texas --or--

Firewall for a SOHO
Small World, isn't it?

Something comparable to Services in NT

Editing fstab file for tape backup

Mail gets nowhere?

Loading SuSE Linux 6.4 via NFS

RE: classified disk

multiple subnets, one DNS

Linux vs. DESQview??? --or--

responding to DESQview/386 Die Hards into the Next Millennia

DOS partition from Linux

e-mails not getting through

exit X & shutdown --or--

Exiting X and Rebooting with One Keystroke

Multiplexing ppp connections

[Tony@thermo-king.com: new to Linux]

Trident Providia 9685

The New network On The BLock

Mail Daily sylog message to remote e-mail

automation for minicom --or--

Scripted Serial Sessions

About Epson Stilus Color 670 --or--

Setting up print filters.

Xwindows

diald on a smoothwall box

...a bulk friendly ISP?

Greetings from Heather Stern

Hello everyone, and welcome once again to The Answer Gang. As the fog starts to lift this morning I am enjoying the fluffy greyness and savoring a good cup of coffee. I leave it entirely to your imagination whether I'm talking about the weather or my clouded thoughts.

We have some really juicy threads this month and I hope you like them. I'd like to encourage anybody who feels like asking us questions, to consider the following guidelines:

• Please use a real subject. We hate having to reply to "your mail" (the classic default coughed up by our mailers, when replying to a blank subject line). "Help" or "Linux trouble" is not much help to us. I know it sounds strange, there's a batch of us here, but it will probably greatly increase your chance of being one of the lucky souls who gets a direct answer. Try actually stating your linux flavor, and what kind of trouble. Examples: "RH 7 sound config?" "SuSE NFS install" etc.
• This is a Linux webzine - ask us questions about free software. For those of you from AOL, if the members' help forum can't answer you, don't expect us to be any help at all (unless it's about Linux). Windows has its own magazines and sites, and frankly most of the Gang hasn't used Windows except in a cross-platform context in a long time.
  That said, If you work for a Windows 'zine, you should really read one or two of the items this issue...
• Requests for anonymity are honored here. But if you don't want us to publish your question and the answers, don't expect us to be interested in helping you much. Several of us are consultants for a living, so unless it's helping a few hundred people at once, we're not inclined to do freebies.
• If you're using a foreign language and can manage to use an English subject, please give a shot at asking your question in English, too. We're quite forgiving of spotty English, if we can tell what you're asking. Otherwise there's a couple of months lag while we have a translator look at your stuff, if we even have someone to translate for your language. Babelfish is only good for a laugh.
• We reserve the right to be curmudgeonly. So flaming us for a lack of formality will get you laughed at. We've also got ethics here and if you don't, you'll get a serious drubbing. However, we don't bother publishing answers that don't have some meat to them.

Spam seems to be down this month, and I don't think we got any non-computing questions this time around. Must be a Christmas present

It's a new year and I look forward to some interesting New Year's resolutions. In past years I've made selections such as 1600x1200 (the year I got the beautiful monitor I use daily) and 600 dpi (a printer, of course)...

Baffled

From Patrick Green

Answered By Jim Dennis

James I am at a loss here so I thought I would give you a try. I exited out of a root session (not su) and I go back a couple hours later to login. I enter my user name and lo and behold, no password prompt. So I cold boot it (hate that) comes back up just fine, go to login ...no password prompt. Any ideas?

[Jim] First you'll want to get to a shell prompt. I'd treat this as though your /etc/passwd or /bin/login files are corrupt. So, start Linux using the init=/bin/sh kernel parameter (passed from the LILO: prompt --- or LOADLIN, GRUB or whatever boot loader you're using.

If that doesn't work, get out a rescue diskette or CD. Remember Tom's (http://www.toms.net/rb).

Once you've done that try to confirm that your /etc/passwd, /etc/group and various /etc/pam.d files are sane. They should "look right" (if you've seen copies before).

If you have backups of your /etc/passwd and /etc/group files, restore them to an alternate location (/tmp) and run diff on them. See if the differences seem reasonable.

If this is an RPM based system try the rpm -Va command to verify the integrity of your /bin/login and other binaries. (If you have a full tar backup of your root and /usr filesystems you can use the 'tar df' or 'tar dzf' directives to report on differences between your current files and those in your backup.

If you're running Debian there are several ways to check the integrity of your files; none of them is as easy to explain and/or type as rpm -Va (that's one of the very few deficiencies in the apt and dpkg systems). You can run debsums or tripwire or aide if you have any of them --- but that's probably a matter of closing the barn door while the horses are already astray in this case.

There is a possibility that your /bin/login program is corrupt or that an attacker has compromised your system and attempted to replace /bin/login (or some other files) with a broken version (perhaps linked against some library you don't have even just having the wrong permissions or something like that).

Of course I'd also check the /var/log/messages and related files to see if there are any clues in there; do a fsck on your root filesystem, try to run /bin/login from a rescue shell prompt, etc. You can even temporarily replace /bin/login with a one-line wrapper script. Rename it to login.binary or some such an write a shell script like:

       #!/bin/sh
       exec /usr/sbin/strace -o /tmp/login.strace/$$.out /bin/login.binary

... then try to login (rebooting as necessary, or just start a shell on one of your virtual console with an appropriate line in your /etc/inittab files).

It's an unusual problem, but these sorts of techniques will help you narrow down what's happening.

(Obviously your kernel, your root filesystem and the init program are working. Your getty seems to be working enough to display an "issue" file and accept a username. So we've already narrowed it down to getty and login --- either getty is failing to successfully execute the login command, or the login command is failing to emit a password prompt. Since the latter is somewhat more likely we focus on it.)

A rather unique query (I hope)

From Karen Gartner

Answered By Ben Okopnik, Mike Orr

Running RH 7 - Dell Precision 420, 18GB SCSI HD @ 10K rpm, 1 CD-ROM, 1 CD-RW, 19" screen w. Diamond Fire GL1 video card and therein is the start of my problem.

The latest version of the Diamond fire GL1 driver for linux will only work with kernel 2.2.14. RH 7 uses 2.2.16 so I have to backtrack to an earlier kernel in order to use Gnome & KDE (I'm stuck in consoleland right now).

[Ben] Interesting. The first possibility that I would explore would be to search the web (or possibly contact the author) for a patch for the Diamond video code, rather than downgrading the kernel. Chances are relatively high that the necessary changes would be trivial (on the other hand, it may require a major code rewrite, but it wouldn't hurt to check.)

Indeed I have installed the new (old?) kernel but on booting, only 1 scsi host is recognized where there should be 3, there's an IDE recognition problem, and ultimately I get the message "kernel panic: VFS: unable to mount root fs 08:02". I have checked lilo.conf and all is well there.

[Ben] Well, the "kernel panic" message says that it's not finding a bootable device/useable boot record on device 08:02 (if I recall correctly, that means "device with major number 8, minor number 2", otherwise known as "/dev/sda2", the 2nd partition of your 1st SCSI HD.) Is that what your boot device is supposed to be? (side query: have you re-run "lilo"? It never hurts to do so, and if you've changed anything having to do with booting - and you have - you must do so.)

[Mike] Not finding the root partition to mount. The boot sector is a different story, and if you made it this far, it's functioning correctly.

At least your panic message has the word "root" in it. When it happens to me, I get a cryptic "unable to open initial VC" (=virtual console) or something like that. Because displaying a login: prompt requires a virtual console, which requires a device in the /dev/ directory, which requires a root partition to be mounted.

[Ben] If you are unable to mount the root partition (you are correct in that regard - I misspoke), I don't think that you will ever get anywhere near the login prompt; the boot will fail at that point. It is true, though, that a missing or damaged "/dev" directory will cause the "VC" message - as will a "no virtual terminals" setting in the kernel configuration.

[Ben] Where did the new (old?) kernel come from? If it's a "stock" RedHat kernel, I would be rather surprised - RH compiles theirs with every bell, whistle, and gilliwhillikin included. I certainly haven't had any fail to detect SCSI hosts/devices, but that may just be because I've done only a few "RH on SCSI" installations. I certainly have not had any SCSI detection problems with Debian, even SCSI-emulation setups (that being what I have at home.)

If it's a kernel that someone else compiled, I would definitely check the configuration... scratch that. I would not use a custom-compiled kernel while bringing up a new system in the first place. I recommend that you don't either.

By the way, are you certain that you should see 3 SCSI hosts, rather than three SCSI devices? There is a difference, and it's an important one. The host adapters are interfaces between the PC and the SCSI devices; it would be exceedingly rare (if even possible) to find three of them in one system.

[Mike] You should find out which device it's complaining about. Look in Documentation/devices.txt in your kernel source. Block device 8:2 is indeed /dev/sda2.

(You can also look in the /dev/MAKEDEV script, because this is the script that made all those device files. However, I find it harder to read.)

[Ben] It's even easier to look in the "/dev" directory using Midnight Commander, and scroll down until you see a match for those numbers. Possibly simplest of all would be

ls /dev|grep "8, *2 "

[Mike] Provided the /dev directory is there and is intact.

Note also that there are two types of devices, "block" and "character". Disk drives are block devices. The same major number may be assigned to one block device and a different character device.

What I would like to do is take the config file from 2.2.16 and copy it to 2.2.14. Everything but the video card works tickety boo in 2.2.16. The problem is, where do I find the config file from 2.2.16? 2.2.14 is in usr/src/linux of course, which was created on the install, but where does the old .config file reside?

Is that even a good idea to solve the issue? Any and all help is mightily appreciated.

[Ben] I would say that this is not a good idea at all. Configurations - and thus, config files - vary wildly between kernel versions. On the other hand, printing out the old configuration and walking through the new one to make sure that it's as close as possible to the original would be very useful. On my system (I'm running Debian, but I don't think it would be very different on others), the config file is in

"/usr/src/kernel-source-<version>/.config"

[Mike] This is the normal Linux convention. Actually, you can place your build tree anywhere, but you should make /usr/src/linux a symlink to it so that the compiler will find the include files. (Is this still required now that glibc has its own kernel headers?)

[Ben] Good luck in resolving your problem.

What is Linux?

the screensavers look great!

From David Cruz

Answered By Mike Orr, Heather Stern

i live in south africa and find it hard to source help from anyone here.i recently saw a friend how is running his pc on linux software.very impressive.i myself have windows 2000,which works well but when it comes to graphics and proffessional look you're way ahead.i've been trying hard searching the net for the last week for your softwear but came up with nothing.

[Mike] The following URLs contain material on what Linux is, what you can do with it, and where to find it:

http://www.linuxresources.com , sections:

• "What is Linux"?
• "About Linux distributions" (general information)
• "Linux distributions" (information about each major distribution)
• "GLUE" (look for a Linux users group in South Africa)

http://www.linuxdoc.org/HOWTO/META-FAQ.html This is the Linux Meta-HOWTO, which gives an overview of where to find different kinds of Linux information.

http://www.linuxdoc.org Home site for Linux documentation. Click on "mirrors" and find a mirror in South Africa to read; it will be faster and cheaper than using the USA server.

http://www.linuxnewbie.org A site dedicated to helping new Linux users and those who just want to see what Linux is before deciding whether to run it.

http://www.linuxstart.com A site which tries to be a "user-friendly index of Linux information".

.the one thing i found incredible was your screensavers- radar, bumps(the blue torch searching in the dark,compass

[Mike] Does anybody know which programs he's talking about? Is it the standard X screensavers (xlockmore), the xscreensaver package, or something that comes with KDE or Gnome?

I don't use screensavers; I prefer to make the screen go black and switch to power-saving mode. If I want to watch "eye candy", I'll run an application which does this. Fortunately, xscreensaver screen savers can also be run as applications in their own windows, not just as screen savers.

[Heather] The radar screensaver he is talking about is one of the utilities which can be used as an xscreensaver module, or simply run as a seperate app. By default it just looks cute, but it has command line options to "ping" some specified hosts your local network and thus be more realistic "sonar" for your situation. Several of the nicer toys like this need to be fetched seperately from xscreensaver package itself.

Gnome uses a GTK based front end to xscreensaver, which shows a number of these sorts of descriptions, including for the extras (it mentions their homesites, so you know where to get them from. Maybe handy even if you hate Gnome?) I have to say it was useful when I was trying to decide which modules to not bother using. I don't really like the idea of a truly random screen toy, as some of these artsy things are just plain ugly.

I don't remember what K uses. Anyways asking whether a given module is in xscreensaver or in xlockmore is a lost cause. The two are always in a race and at any given time, both have lots of cool eye candy, and a lot of it is GPL so you could port it if you felt like. You can have both installed, but only run one or the other at a time.

Linux Installation question

From Layne Gossett

Answered By Mike Orr, Heather Stern

Is there an option for specifying that I would like to be prompted for all of the kernel options during installation, much like you get when building your own kernel?

[Mike] I assume that by "during installation" you mean you want to customize the kernel options at each boot, not the first time you install Linux using your distribution's install program.

You cannot set the compile-time options (=the "make menuconfig" options) at boot time. However, there are lots and lots of other kernel options you can set from the LILO: promit or by adding an

append="myoption1 myoption2=myvalue1,myvalue2"

line in /etc/conf.lilo and re-running lilo. See the Bootprompt-HOWTO for all the options you can set. http://www.linuxdoc.org/HOWTO/BootPrompt-HOWTO.html

Some other options can be set at runtime via the /proc filesystem. For instance,

echo 1 >/proc/sys/net/ipv4/ip_forward

will turn on IP forwarding. Echoing a zero will turn it off. Documentation for these files is in the appropriate subsystems' docs and HOWTOs. (And actually, most are not documented very well.)

Although I have read the HOWTOs on building my own kernel, I still have not been able to get it to work out yet. I've had a lot of luck installing Red Hat from the CD, but I'd like to have firewalling and IP Masq capabilities from a "clean" installation (and remove things like PCMCIA, etc.).

[Mike] For masquerading, you must compile the kernel with IP forwarding and IP masquerading. Then you need to enable it in one of your boot scripts. For instance, my Debian /etc/init.d/rc.firewall contains:

/sbin/modprobe ip_masq_ftp # Only neded if masquerading non-passive FTP.
echo "1" > /proc/sys/net/ipv4/ip_forward # Turn on IP forwarding.
/sbin/ipchains -M -S 7200 10 160 # Debian default timeouts.
/sbin/ipchains -P forward DENY # Deny any other kinds of forwarding.
/sbin/ipchains -A forward -s 10.0.0.0/8 -j MASQ
# Masquerade from the 10.0.0.0 network to the outside world.

Try running these commands manually and see if you can get masquerading working with your current kernel.

For more security, you can build a more elaborate set of ipchains rules. (Note: ipchains requires a 2.2.x kernel, which I assume is what you have.)

[Heather] The Debian installer does ask about these things, but just to prepare the modules listing, not to prepare a whole kernel. And its prompts are rather wimpy - you really have best luck if you already know what you are looking for.

Tell me about the K guys

SCI-Linux project to use multiple package types?

From Manoj Warrier

Answered By Heather Stern, Mike Orr

Dan is right. Use one of the user friendly, mouth feeding distros and U stay a newbie unless U make a habit of reading the Linux Gazette and Linux Journal articles out of curiosity as to what happens under the hood...

But, my ears picked up at Heather's comment -> "I think the K guys have the right idea, writing a front end that deals with more than one package type". It sounds exactly like something I need. We are compiling a set of software (most of the links provided at "http://Scilinux.freeservers.com") which we think go into making an Enviornment for scientific computing on Linux. We plan to make a CDROM by April 2001 (GPL) with the sources / RPMs / other binaries and have a Tcl/Tk interface to install these on a existing Linux/GNU PC. We are still wondering if there is "a front end GUI that can deal with more than 1 pacakage type".

[Heather] kpackage is allegedly able to deal with both .deb and .rpm package types. I assume that you still need the underlying libraries, so it knows what to call. It may also be strongly dependent on alien, a script which eases the conversion between package types.

If you're going to write your own GUI, definitely take a look at alien, the packaging APIs, and the apps which already exist to deal with these package types alone. Just make sure not to mix licenses in any incompatible ways...

So who are this K guys? KDE develoment team? ...

[Heather] Yes. The full name of KDE is "the K Desktop Environment" where according to the FAQ, K stands for Kool. But they refer throughout their docs to K, for example, the K menus, the K button, etc.

[Mike] Of course, it was named after CDE, the Common Desktop Environment GUI that many commercial Unices use.

... to which Manoj replies ...

Hi and thanks,

Elaborating more on my task at hand,

Work to be done -> Create a CDROM with scientific software which can be installed on a PC already running Linux.

Problem faced -> There are various distros of Linux, various versions of Linux software, therefore a binary which works on one may not work on the other.

[Heather] This is more a matter of the library dependencies than the limits of any one distro. ldd <binaryname> would tell you which libraries it expects, and if those are really already present, you can force it to install, over its packagemaneger's objection, and it will work.

(1) Thanks. I did not know this.

[Heather] In some cases the kernel may lack something, in which case providing a usable kernel with modules would be a good idea. Don't forget pcmcia modules and setup if you want to gracefully handle laptops.

Not planning on this (at least not in the pre-alpha version). Also wondering where I can keep the CDROM for free downloading (Power cuts, etc, are quiet common this place).

Policy -> Do not want to creae another distro of Linux (Linux from scratch is the way to do it ... am I right??) on which we can then make pre-compiled binaries.

[Heather] Sort of contrary to this, people call "Bastille Linux" a distro even though it's strictly symbiotic to RedHat. You might look at Rock Linux (designed to put the whole thing together from sources) or piggyback on Slackware (which was an early distro, and is pretty strong in the compiler department) or on debian (if it's got the packages you want already, since it has so many).

Therefore plan -> Have the sources, binaries (*.rpm, slackware *.tgz, *.deb, etc..) on a CDROM and have a Tcl/Tk script to install your choice. The script would try to compile the sources for your Linux distro if none of the binaries packed with the CDROM works for you. I realise that a script that compiles from source for your distro of linux will take a loooooot of time, and it is close to impossible to make it work for all distros .. SO ANY IDEAS??

[Heather] with the aid of alien I use rpm's on my debian box and .deb's on my SuSE box fairly freely. Admittedly I did grab 3 deb's to bring lynx-ssl over but it was worth it... and not very hard, debian's dependency tree was accurate.

(2) Using alien seems to be a stop gap solution ( I still have to check it out ).

[Heather] If you also provide the basic libraries that your packages expect, and you are really careful about adding them, you could do okay. The tricky part is things like libjpeg6a versus libjpeg6b (for example). If you get some app that really only wants a specific libary and nothing else will do, you'll have to use LD_PRELOAD variables.

(3) Hopefully we will not need to use LD_PRELOAD. Providing basic libraries is most appealing (after using ldd "binaryname" to find the library dependencies for all the softwarewe plan to pack).

[Heather] The point of using LD_PRELOAD would be if using this with an unknown locally installed system - if your users will be booting from your CD-ROM, then you'll know their environment is correct, and LD_PRELOAD will be unnecessary.

You can use them anyway, and keep all your known support libraries in a little link farm, or something. Probably don't even need hardlinks.

Why go into it at all -> At my Institute (Insttute for plasma research, Ahmedabad, India) we have a lot of ppl using Linux and most of them do not have Octave, Scilab, Numerical libraries, yorick, xfig, lyx, AbiWord, pvm, mpich, ftncheck, etc. etc. etc... on thier Linux PCs. It would be convinient to therefore have a CDROM which would install these on thier PCs.

[Heather] Just offhand I've seen most of those in a debian capt list. Make note, I do point at non-free and non-US, so you may need to do that, or fight licensing hassles, to distribute them.

Never used Debian (Indian PC mags have never given a free version). Here RedHat sems to rule the roost. We get at least 2 CDROMS every year..

Another problem is getting started using these new software. Detailed 100+page manuals are very useful after you get started. therefore we have plans of short getting started guides for these software. I guess there are other people who also might find such a CDROM useful. Thats why we started this.

[Heather] All my best wishes go to you, the Linux world needs more documenters

Meanwhile Ill be exploring alien and kpackage. kpackage would probably need the underlying libraries ... Not everybody has this.

[Heather] There are tricks for unwrapping an rpm or a deb without having the library installed yet. The Linuxcare Bootable Business Card (BBC) does this to install ssh on-the-fly since when they began the project, the U.S. still had overly eager anti-crypto laws. (It can be argued that they're still rather crazy - see the EFF - but I'll leave that be for now.) You can get the BBC at its new site: http://open-projects.linuxcare.com/BBC

Which leads me to ask -> Dont youll think fondly about the window manager which you could work on within 5 seconds of typing "startx" at your console on your 16 MB RAM 486? This could be a silly sentiment ...

[Heather] I recommend looking at fvwm2, it's what I use for a lightweight setup that still offers "normal" menus. And flwm (fast light window manager) comes highly recommended from the debian-laptops mailing list.

I use fvwm. flwm sounds good. Must check it out.

[Heather] If you're going to write your own GUI, definitely take a look at alien, the packaging APIs, and the apps which already exist to deal with these package types alone. Just make sure not to mix licenses in any incompatible ways...

and YES !! we have to check out licenses in detail (the least attractive part of the project), but I guess we might be able to distribute most of it since this is never going to be a commercial CDROM. Ill put it up for free downloading (Is there anyone who will provide this service - A mount point for a CDROM having a tar gzipped version of it?). Dont know if I can convince my Institute to CDwrite and mail the CDROM to whoever requests it and pays mailing charges. In fact dont know if anybody will want it, but we learn quiet a lot (ldd "binary name", alien, etc..) doing this.

Thanks once again.

Manoj

Then there was this great - user friendly OS which overwrote your MBR whenever you installed it...

[Heather] You're welcome, and good luck in your project.

Data Recovery Vendor Seeks Linux Basics

RAIDs do not guarantee safety for your data

From Support

Answered By Jim Dennis, Mike Orr

I wonder if you could point me to a FAQ that would answer the following question:

We are a small company specializing in Data Recovery. HardDisk "crashes" and the like.

We have a client that used a network Disk Drive from a company called NETGEAR. It appears that they have built their product round Linux (The good news !)

[Jim] Yes. I've heard that the Netgear NAS (network attached storage) products use an embedded Linux system). However I don't know any details about their configuration.

[Mike] I have a bit of sympathy in my heart for data recovery companies, because we had to use one at the hospital I worked at in 1994. I was doing data entry into a FoxPro database and the Novell server crashed. To top it off, this was 3pm on Christmas Eve and most people were gone. Troubleshooting proved that the server would reliably crash when accessing the middle of certain files in the NetWare filesystem--and these were the database data files.

It took a week to recover. We were between sysadmins and didn't have a backup, because our disk capacity was 2 GB but our tape drive had not kept pace -- it was still a measly 250 MB model. A guest sysadmin from the hospital-wide pool came, did the standard bindery tests (akin to fsck), called a couple consultants who didn't help, called a CNE but didn't engage him since he wouldn't have done more than we'd already done--but would have charged $50 anyway!

We discovered that disk mirroring is not always a good thing. The mirror drive was supposed to be our backup. And it did backup well: it backed up the corrupted data!

The sysadmin noted my comments about the hard drive making noises, and wrote in a report, "It done sound like a car need bearings." We sent the drive to OnTrack; they took it apart, charged $2000, and sent back a tape containing all the files they could recover. Out of all the consultants and CNEs we called, they were the only competent ones in this whole process. They also sent back an amusing analysis report: "Severe hard drive damage. Drive should be replaced." Duh!

We replaced both drives, because the other one was acting up too. Both were part of a bad Maxtor batch that were causing problems in other parts of the hospital as well. They had 12-month warranties, and the drives were failing in the 11th or 13th months.

Thus far, we have regrettably no experience of Linux. I wish to Install a minimum configuration of Linux on a Win98 test PC in order that i may copy the data on their (undamaged) harddisk to another FAT32 harddisk and thereafter backup to CD's.

Right now i'm downloading 2 * 675Mb of "Linux" in ISO format. I doubt that i need 10% of it for this task, but i have no knowledge of the required files to get a minimal system running. Is there an FAQ that would explain to a willing but uneducated guy, how to proceed.

[Jim] You don't mention which ISO images you're downloading. It's probably excessive in any event. Generally you can install a fairly full Linux distribution from one CD (the second CD on many distributions contains source code and/or extra software, sometimes including shareware and other "non-free" stuff (demoware, etc)).

1. how to install a minimum version of Linux

[Jim] This is a very difficult question to answer given that you haven't told me which distribution you're downloading. Distributions differ more in their installation and initial configuration than in any other regard.

It would also be difficult, even if you had provided this information, since it requires essentially a chapter length exposition.

[Mike] If you want just a minimal Linux installation to just copy data off a Linux partition, consider Tom's Root Boot. It's a minimal Linux system on a bootable floppy, with the utilities needed in a typical rescue situation. Our sysadmins swear by it for all manner of workstation setup tasks.

http://www.toms.net/rb

However, I echo Jim's statement that you need to know the basics of Linux utilities in order to do an effective data transfer. Many people have had to embark on an unanticipated self-taught crash course, but it means spending a weekend with the HOWTOs and manual pages or a book.

2. how to copy files from a Linux Partition on one disk to a fat 32 partition on a second disk.

[Jim] This part would be quite easy once you have Linux installed. Linux support FAT32 and MS-DOS filesystems (including the VFAT long filename support). So you'd use a command sequence something like this:

  mkdir /mnt/netgear
  mkdir /mnt/windows
  mount -t ext2 /dev/hdb1 /mnt/netgear
  mount -t vfat /dev/sda1 /mnt/windows
  cd /mnt/netgear && cp -ax . /mnt/windows

... this assumes that you have installed Linux unto your first IDE drive (the master on the primary controller) which is called /dev/hda under Linux. It therefore assumes that the hard drive which you've extracted from the Netgear NAS unit is the second IDE drive (slave on the primary IDE controller) which is called /dev/hdb under Linux. This all presumes that you made the necessary changes to the pin settings on your hard drives to get the hardware working.

I also assume that you're using a SCSI disk (though you could use a third or fourth IDE drive --- or even a fifth, sixth, etc). /dev/sda is the first SCSI hard drive on any normal Linux system (though this may change in the future, with devfs).

So, this example makes many assumptions about how you've installed Linux and what hardware you have available. There are MANY other ways to do this.

Other than that the example basically makes a pair of mountpoints (places at which filesystem can be connected), mounts the Netgear drive to one and the Win '9x drive/filesystem to another changes to the top of the netgear directory tree and copies everything on that filesystem (recursively) unto the VFAT partition.

Note: I'm also assuming that the Netgear is not functioning as a NAS and that you're removing the hard disk from it and connnecting it to one of your lab machines. That seems pretty obvious to me, since you'd just attach to it via the network directly from a Win '9x/NT box if the NAS services were working; right?

I'm also assuming that Netgear is using ext2 (the dominant Linux native filesystem). If they're using Reiserfs or some other filesystem --- then you'd have to do things a bit differently. If that is the case; you'd be best advised to use the SuSE distribution which already includes support for Reiserfs --- otherwise you'd have to patch and build your own custom kernels; which is not a task to be undertaken by novices.

(S.u.S.E. is the only major distribution that already supports Reiserfs. Netgear might have patched their system to support it given that Reiserfs' "journaling" features would be very desirable on any Linux-based headless NAS device!)

3. Am i inventing work unnecessarily. maybe there exist tools to read Linux partitions and copy DATA to Fat32. Something in the Style of Partition magic ( but to actually COPY files.)

[Jim] There used to be a set of ext2 (Linux extended filesystem version 2) utilities for OS/2 and Win32 (NT and '9x). However I'm not sure that they are the best for your purposes.

It would probably be best to buy a nice large hard drive (6Gb or better), put it in one of your lab workstations, install Linux from CD (I prefer Debian; but S.u.S.E. might be more to your liking --- S.u.S.E. is the most popular distribution in Europe and has very good support for various continental languages).

Once you have Linux installed and the Netgear drive attached you can "dump" a raw (bitwise) image of the entire drive into a single Linux file using a command like:

   dd if=/dev/hdb of=/some/path/with/lots/of/free/space bs=1024k

... or you could dump each filesystem/partition by using the commands:

   fdisk -l /dev/hdb

... and then (for each of the partitions listed there: let's say it's 1, 2, 3, 5 and 6; skipping 4 since it might/would be the extended partiton container:

   for i in 1 2 3 5 6; do
      dd if=/dev/hdb$i of=/lots-of-space/netgear-image.hdb$i.bin
      done

(This last is a bit fancy for a novice. However, you can just type the commands one at a time until that little snippet of shell code makes sense). (Obviously you'll need to put in your own names in place of the of= paths that I've listed here).

NOTE: if the netgear filesystems are larger than 2Gb then you might need a very new kernel with LFS (large filesystem support) or you could use "raw" partitions (unallocated space) on your new large Linux disk.

This "dd" approach is handy if you want to preserve a full snapshot of the filesystem (in it's damaged state) before attempting data recovery. That way, if your filesystem check and repair efforts cause more damage you can always start from scratch.

In general I'd say that there is way too much about Linux to learn before you'd understand how to do filesystem or data recovery. As I'm sure you know from your experience with FAT/VFAT/FAT32 based filesystems, one must generally be expert in an OS prior to being competant at data recovery under it.

I would be most grateful for any advice you could offer.

[Jim] You could look for a good Linux training consultant to come in and give you're team a crash course. You'll find that Linux really is a data recovery person's dream tool suite. Although it's not "easy to use" it does offer full access to the system hardware and has very good support for the filesystems of various operating systems.

My best Christmas greetings from Sweden, Tony Kvarnstrom

Linux, UNIX, what's the difference?

From Alex

Answered By Heather Stern

Hi, I have a question that's been on my mind lately. I've looked around the web and gotten some roundabout answers. The question is, what is Linux?

[Heather] Linux began life as a kernel that would act like Minix but run on Linus' 80386 and mount up his minix filesystems. He shared it and was encouraged by folks submitting their own patches. People just can't make their mouth say "Linus' Minix" for very long, but I can't pinpoint when it got compressed to Linux. Maybe one of our readers could

[Mike] Vaguely I recall Lars Wirzenius mentioning the origin of the name Linux in a talk at Linux Expo 1998. I think he said something like it wasn't Linus who came up with the name. He just uploaded it to the FTP site and the FTP admin had to come up with a label for it, so he called it Linux. But I may be remembering wrong.

Where's that message where Linus recounts how his first success in building Linux was to develop a multitasker that allowed one process to write "a" repeatedly to the screen while another process wrote "b"? I think in there it mentions that one of his early names for the system, when he was in an extremely frustrated mood, was Buggix.

[Heather] As time rolled on and "distributions" were gathered and sold, the press likes to call the distributions Linux too, while others argue that only the kernel is Linux and the rest is (for example) Red Hat or SuSE or whatever.

The most popular answer on the net seems to be "Linux is a UNIX-like OS". Well, then what is UNIX? And why isn't Linux UNIX?

[Heather] There is someone who presently administers the trademark work UNIX and they don't feel like branding Linux with it for free. FreeBSD has the same "problem" - both are at this point well established systems that people already experienced in UNIX will find comfortable features in.

The trademark began life as AT&T Bell Labs UNIX, and has been traded and sold a number of times since. For a while Novell owned it ... in fact, for a brief time it looked like Novell could become the source of a new, completely non Microsoft based system, because they had Netware, they had DR DOS, they had WordPerfect and its family of apps... but they either didn't see it or had so many internal politics they couldn't do it.

The current trademark holders are the Open Group. Their babble about rights to use their trademark is at: http://www.unix-systems.org/trademark.html

Anyways, UNIX shouldn't be used as a generic term, because that's against the principles of trademark. Let me illustrate with an example that a few more people will understand. You can't call something Coca-Cola (http://www.coca-cola.com) that's not. You're not supposed to call it Pepsi either (http://www.pepsi.com, but you can't use the site at all from lynx; try their investor relations site, http://www.pepsico.com instead) unless it's really Pepsi. But you can call it a "Coca-Cola like soda" or say something "tastes kinda like Pepsi" and you're safest with "a cola" or "a soda pop". For the curious out there, I drink either, but prefer RC (http://www.rccola.com).

So Linux is "an operating system" which only "tastes like MS Windows" if you select a window manager with a theme that tries really hard to do that, but tends to "taste like UNIX". Admittedly it tastes a bit more like these if you go the extra mile and run WINE or have the iBCS compatability module around so you could try to run the respective binaries.

[Mike] Funny, just today I saw a story in Linux Weekly News where Sun claims Solaris is a version of Linux because it can run programs compiled for Linux, and maddog says this proves we've never come to a consensus on what "Linux" really means. Purists say Linux means just the kernel, but maddog cites Linus as predicting that mainframes with highly-customized kernels will also be "Linux sytems" in the future.

http://www.lwn.net/2000/1221

Is AIX or Solaris or SunOS or HP-UX a UNIX?

[Heather] AIX and Solaris are blessed with this trademark under "UNIX 98", HP-UX and Tru64 among others are blessed under "UNIX 95". (You can see the Open Group's Registered Product Catalog if you care: http://www.opengroup.org/regproducts/catalog.htm

I don't think SunOS ever got so blessed; it was a BSD derivitive after all. You can read some about the confusions between SunOS and Solaris in this handy note: http://www.math.umd.edu/~helpdesk/Online/GettingStarted/SunOS-Solaris.html

If so, what makes them a UNIX and Linux not a UNIX? Is it kernel specific? What's the deal?

[Heather] I hope this helped.

linux question

From Ted Mims

Answered By Dan Wilder

I hope you can help me out. I am running a box with Linux 6.0. I had a hacker a few weeks ago that primarily set up some shielded irc channels and modified my dns for his needs (exactly what they were, I am not sure). Anyway, somehow he made it so that my securetty file is ignored. I am having no luck locking root out of telnet. securetty has the correct format and permissions and pam_securetty.so is not commented in the /etc/pam.d/login file. Do you happen to have any suggestions? All I want to do is re-restrict direct-in root access. I would greatly appreciate any elightenment you can offer. Thanks

Ted H. Mims

[Dan] The executive summary: reinstall, secure the new system, copy data from the old.

Unfortunately, once a system is compromised, you can't trust the pieces. The skilful cracker, or even the less skilled in this day of script kiddees, will have replaced system binaries such as /bin/login, /bin/ls, /bin/ps, and on and on. This places you in a shifting hall of mirrors when you attempt repair on a running system. Especially if you attempt this repair while the system is connected to the network. I know very few sysadmins who would be up to this challenge, fewer still who would be assured of success, and almost none who would attempt it except on a wager or as a sport. I would be the last to suggest you attempt this based on a few pointers.

The prudent course of action is a fresh install on a new hard drive. Do this on a system without any connection to an outside network.

Upgrade named. http://www.isc.org/products/BIND is the URL. Use bind-8.2.2 patchlevel 7 for an easy upgrade from what's on most 6.0 distributions. Or, see if the ftp site for your distribution has an upgrade. Eight bugs, including one allowing remote exploit and providing the attacker with full access at whatever privilege level named runs at, have been located in older versions of bind.

Eliminate all services the system does not need, by turning them off in /etc/inetd.conf or the equivalent xinetd config files.

Establish secure passwords for all accounts.

At that point, take the hard drive from the old system and mount it for example on /mnt. Copy valuable data from the old hard drive to the new. Examine all configuration files you may copy over carefully.

Don't allow telnet from remote systems. The password is transmitted in plaintext, not a very good idea in this age of sniffers.

Consider instead installing ssh or openssh, if remote access is needed, or if you're on a LAN with more than a handful of hosts or with users who are not highly trusted employees. Be aware that even ssh is not 100% proof against "man in the middle" compromise.

<digression> That "6.0" doesn't mean much if you don't specify the distribution, for example "Red Hat" or "SuSE" Each Linux distribution maintains its own versioning system, with only very rough equivalence between distributions. </digression>

.... Ted found the breakage ...

I just needed to actually pen the question to someone. I figured it out all by my lonesome. Thanks anyway. He had bypassed pam and sent it back to the login.defs file which of course did not have a CONSOLE directive.

Ted H. Mims

Red Hat 7.0

Crackerz!

From George Hawthorn

Answered By Ben Okopnik, Heather Stern

Answer Guy,

I've searched every Linux site I can find to understand why after months of trouble free operation, I am unable to login to my RH 7.0 server at the terminal. Everything is working fine, web server, ftp, router but I simply cannot login as root or anybody else for that matter. I can do a 'linux single' boot but under a normal boot, when I get the login: prompt and type root, I'm back at the login prompt again. I realize this is an imposition, but I'm getting desperate.

Thanks for your time,

George Hawthorn

[Ben] First, a quick possibility: Take a look at my '"Cannot execute /bin/bash: Permission denied" - solved!' article in Issue #52 of the Linux Gazette. It may contain an answer to your question. Note also that people are able to log in if your ftp, etc. services are usable - they are logging in as a very low-privilege user ("nobody", or "ftp"), but they are logging in.

[Heather] Here's an even faster possibility (maybe even the same) - did you upgrade PAM recently by any chance? The default files from a PAM upgrade usually are not the same as your normal policy. One time I ended up only being able to get in via ssh ... and that, only because my key was already in place, so it wasn't dropping down to standard authentication.

[Ben] Second - when you do log in via 'single', what does the system look like? Has the password file changed? (Hint: it is a Good Idea to have dated snapshots of "/etc" along with your regular backups; a tarred/gzipped archive should easily fit on a floppy.) Try making a copy of "/etc/passwd" (or "/etc/shadow" if you use shadow passwords), then edit it to remove the password hash for root -

root:1XaFDYn7EapuP:0:0:root:/root:/bin/bash

Chop out the second field:

root::0:0:root:/root:/bin/bash

When you next log in as "root", you won't need a password - just make sure to create one immediately. If you still cannot log in, then something in the system itself is giving you problems; once again, refer to the above article.

As to reasons why this happened in the first place: well, the scary-but- obvious reason could be that some "script-kiddie" got into your system and did a dance on it. Not to panic; as long as you've got good backups, the damage can be undone (and if you're running a publicly accessible server and _don't_ have backups, I'm afraid you've gone beyond any help I can give.) It could also be that some program you've installed - and I haven't heard of anything like this with progs from established distributions, whereas just slapping in a random tarball could do this - has messed up your libraries or other vital files.

In my experience with Linux, I've come to an expectation that I did not have with MS Windows or OS/2 - "stuff" doesn't just happen. There is a reason for this; whether a security problem caused by random services enabled in "/etc/inetd.conf" (I strongly suggest reading the Security-HOWTO if you have not done so previously) or a problematic program installation, you need to track it down and resolve it. Particularly in the case of a break-in, it is not something you want to happen again.

Good luck

... George adds some context ...

Ben,

Thanks so much for the speedy reply. I'm going to read through your e-mail very carefully. I can tell you that I've done nothing to the server for months accept FTP files to it, Telnet to it, add a couple of users etc. It's been running perfectly since August of this year, and so I "think" I can rule out my actions as the cause. I haven't installed any additional programs. As for the security issue, this was and still is my immediate concern. I wonder if someone has got in and done "something". I did see a couple of bad login attempts using lastb. I do have copies of ALL important files, and so could simply reinstall the OS, but then I'd be no better off...just waiting for it to happen again. Thanks once again for your help. I'll let you know if I find the cause.

... then following Ben's advice, investigates more carefully ...

Ben, Following your article in issue #52, I looked at /bin/login (using linux single) and noticed that it is owned by root and lp (have no idea what lp is ...sounds like a print queue).

[Ben] Just to hazard a guess - since I don't know the layout of your system or anything else about it - an attacker may indeed have come in via your remote print system; there are exploits (if I remember correctly) that use it, since it requires a high level of privilege to access the hardware ports. I would at least check into security measures involving the print system - the first of which would be to make sure that I'm running "rlpr" or "lprng" for my remote services. The second would most likely be a search of COTSE <http://www.cotse.com/unix.htm>;, Insecure.org <http://www.insecure.org/sploits_linux.html>;, or NetworkICE <http://www.networkice.com/advice/Exploits>; for known exploits against whatever I am running.

I booted up another pc with RH 7.0 and noticed that its /bin/login ownership is root and root. I tried chown root.root login, but get the 'permission denied response'. I also edited /etc/shadow with no luck. I agree with your theory that reinstalling teaches you nothing. My master plan was to FTP the login "program" from a working pc to the server in the hope that login is somehow corrupted on the server.

[Ben] "/bin/login" and "/bin/bash" are typically good things to check when looking for intrusion "footprints", especially a "/bin/bash" that's been set SUID (this means that anyone running that shell has full root privileges!) The fact that you're unable to chown "login" means that FTPing a good "login" binary will not help - you probably won't be able to delete the old one. In fact, it's a pretty strong indicator that...

I rebooted the server using the linux single command, and then SU to login as root. I was scrolling through previous commands and was surprised to see many commands that I didn't enter. Someone created a user called "Poped" as far as I can tell, and then entered commands such as

rm -f /bin/login chattr -i /bin/login

It would seem that someone gained access. What do you think?

[Ben] ...somebody got in. I assume I don't need to mention that you need to immediately take your system off the network - given that he has root access, your attacker could easily wipe out your entire system.

I would guess, even though you haven't mentioned this, that they ran a "chattr +i" on the "/bin/login" that they had installed - this would be the reason that you can't delete "/bin/login". You can remove the "immutable" flag set by "chattr" by running "chattr -i /bin/login"; this should allow you to delete/replace it with a non-'rootkit' "login".

By the way - one of the ways you can usually tell the replacements is by looking at the size of the executable. The 'rootkit' types, due to the fact that they can't be dynamically linked (they have to be able to work on a system whether it has their required libraries or not), are normally much larger.

In a way, you should consider yourself lucky - a really knowledgeable cracker would have replaced your "/sbin/syslogd" and cleaned up your logfiles. You would never have known that anyone had been in there. Also, the very fact that he screwed up "login" to that degree shows him to be an amateur - a successful system crack is nowhere nearly that obvious or crude.

Once again, I strongly recommend reading the Security-HOWTO and doing some research. Leave your system off-line until you're satisfied 1) that you understand how the attacker got in, 2) have securely patched that hole, and 3) have done a general security survey of your system and are reasonably satisfied with its state. If you're setting up a publicly- accessible server and have not studied the security aspect, you're letting yourself in for a large heap of trouble - as you have found out.

Thanks for any help.

P.S. so much for my firewall.

[Ben] Ah, more reading to do! Firewall setup is not as "automatic" as a lot of folks think. Most of the time, it's not particularly difficult - but it does require attention and a bit of study. See the (are you surprised?) Firewall-HOWTO.

... George will go one better ...

Ben, I'm really grateful for your excellent responses. You've been a tremendous help and I plan on taking your advice. I bought "Building Linux and Open BSD Firewalls" a few months ago and will delve more deeply into the book.

Happy Christmas, and thanks once again.

[Ben] Glad I could be of help, George; sounds like you're taking an effective tack to resolve the problem. Merry Christmas to you as well, and the best of luck.

Transmitting PaperPort files with .max

Definitely some Windows file format

From Elizabeth Sedgwick

Answered By Mike Orr, Heather Stern, Don Marti

Gees, I hope you can help me.

I just loaded PaperPort software for windows, which is used with a scanner for photographs, etc. onto my computer. The extension for the software is .max. When I send photographs to friends, they can’t open them. Do they have to have the software on their computer to open the files?

In trying to solve this problem, I saved the photos with a .jpeg extension and am sending them this way. Some of my friends do not have .jpeg type software in their computers. Is there some way to download jpeg software from the internet if you don’t have it on your computer?

Your help with be so appreciated? Elizabeth

[Mike] This is Linux Gazette, not Windows Gazette. You'd get a better answer by asking a Windows group.

.max is not a normal image extension like .jpg, .gif, .png. It is very likely the recipient does not have a .max reader installed. Nowadays they probably DO have a .jpg viewer of some sort already installed. How to view the image depends totally on the recipient's mail program and other software. At worst, they can save the .jpg's as files and view them in Netscape or Internet Explorer using a URL like file:/directory/filename.jpg . (May need "\" or "\\" and a "c:" prefix under Windows?)

IF they are running Windows, it's possible something called "File Associations" has a bad configuration. This is a table that tells Windows which program to use to open a .jpg or .jpeg file when you double-click it. In Win95, it was a setting in Windows Explorer off one of the menus somewhere. In Win98/2000, I have no idea where it is.

... Great help, but Elizabeth is confused ...

Thank you for your help.

When I transmitted my email, it was sent to linux-questions-only@ssc.com. How it reached you is beyond me.

Thanks for your ideas!! You're right about jpeg.

For your info, I learned that jpeg software comes with Microsoft Explorer. I tried it, and the photos were highly enlarged at the receiver's end. It worked, but you had to look through several screens to see the whole photo. The photo was smaller than screen size when I sent it.

I did find a solution that seems to work. I use the extension of .exe and people are able to open the file without special software.

Thanks again!!!

[Mike] linux-questions-only@ssc.com was originally an alias for Jim Dennis, who answered the questions and collected the threads to publish in Linux Gazette. To ease the burden on him, we expanded it to The Answer Gang (linux-questions-only@ssc.com), a mailing list with about ten subscribers. All of them see the questions and try to respond. This also improves the quality of the answers.

... Elizabeth is right to wonder ...

Does linux-questions-only@ssc.com answer questions about windows?

[Mike] No. Sometimes we will anyway, but generally not.

I used to do Windows support at a hospital, so I remember the tricks I used then. But I haven't used Windows hardly at all since 1998.

[Don] About Windows/Linux interoperability, yes. If there's no Linux in the picture at all, then no.

Any technology distinguishable from magic is insufficiently advanced.

[Heather] We actually try to answer questions, but only have any interest in answering Linux questions. There are lots of sites dedicated to Windows.

Perhaps a better question would be, if one of the Gang feels inclined to answer a Windows question anyway, do we publish it? Usually not. If it involves interoperability, or it looks like Linux users might also somehow benefit from the answer, or it gives our crew an opportunity to advocate Linux a bit, then we do.

... Fair enough, but then ...

Thank you for corresponding with me. Is there another web location I can contact to obtain answers to Windows questions?

[Mike] Not that I know of in particular. There are USENET newsgroups (comp.os.ms-windows.* I think), which you can access at www.deja.com.

Or go to Google (http://www.google.com) and type some keywords.

[Heather] There's a tips area at winfiles.com, but it's nothing like we have. Here is a real nice opportunity for one of the Windows related magazines to do a Windows Answers column like ours on their website...

Help Me Delete Linux

From Antony

Answered By Mike Orr

Hi, I recently attempted to install Linux Mandrake, but I did it wrong and know Windows has been deleted and linux won't work, all I want to do is Delete linux so I can reinstall Windows and be happy again, I cant even install windows at the moment because linux is taking up too much room on the hard drive. Mum is heaps annoyed as she can't use the computer so can you please help me quickly? Thanks

[Mike] Hmm, three questions about uninstalling Linux in two days. I wonder what that means.

Doesn't the Windows setup program allow you to repartition your disk as part of the process? If not, that's a big omission.

Anybody here use Mandrake? Does it come with a boot floppy that can be used as a rescue disk? If so, you should be able to boot from the floppy, press Alt-F2 to go to the second virtual console, run "cfdisk" or "fdisk" and delete the Linux partitions (or all the partitions), and then reboot and run the Windows install program.

Removing Linux: Sacrilege!

or: /bin/dd is your friend!

From Kevin Gray

Answered By Mike Orr, Jim Dennis

hello i was just wondering how to remove linux from my system. I have two hard drives one with linux and the other with windows 98. Everything works fine but I just never use linux and since I don't have the time or technical know how as to operate linux i would like to get my hard drive back. Is there a way to do this? Any help would be appreciated. Thank you.

Until your next letter I remain,
Sincerely Yours,
Kevin Gray

[Mike] Is Linux on your primary drive or second drive? If it's on your second drive, use Windows fdisk program to delete the Linux partitions and create DOS partition(s). If you can't find a graphical fdisk program under the start menu, open a DOS box and type "fdisk". Choose the option to switch drives if necessary), then the option to print partition information. Verify which are the Linux partition(s) and delete them. Then either make one big DOS partition or several small ones. Close and reboot, open My Computer, right-click on each new partition and choose "Format" from the menu.

If Linux is on your primary drive, can you switch the drive cables and/or jumpers to make Windows the primary drive? Be warned that Windows programs tend to go into convulsions if you change drive letters on them. Windows assigns drive letters according to which partitions it finds first, so moving drives around or changing DOS partitions changes the drive letters. Use the Windows utility to make a rescue floppy first.

If you're using LILO to boot, you can eliminate it by using "fdisk /mbr", an undocumented option to Windows' fdisk program. This replaces the master boot record on the disk with Windows' default version. Note that Windows' boot loader is primitive: it won't give you a menu, it'll just boot whichever primary partition is active (on the first disk only). You must first make that partition active (=bootable) using fdisk, and ensure ONLY ONE partition is active.

[Jim] Note that most versions of MS FDISK will refuse to remove non-MS-DOS partitions. You can use Linux fdisk to remove partitions or you can use dd to complete wipe out all data on the Linux disk which will make it look like it's fresh from the factory so far as MS is concerned.

Also note that swapping drive letters out from under a MS OS installation is basically guaranteed to hurt worse than backing up your data to floppies, re-installing the OS from scratch, re-installing all applications and restore copies of your data into place. (This re-installation process has the added benefit of ensure that you have backups and of cleaning out all of the cruft that tends to accumulate in Microsoft based operating systems over time).

[Mike] When I use it, it just asks, "Delete non-DOS partition?" and does it.

You can use Linux fdisk to delete the partition, but be careful, because then Linux won't exist but will still be running. Do it in single-user mode (type "linux single" at the LILO prompt), then reboot immediately after exiting the program. Even better would be to boot from a Linux rescue floppy (which probably came with your distribution) so that you're not deleting the currently-running system.

... and the real nitty gritty instructions ...

[Jim] Let's assume that you have two IDE drives and that you have Linux installed on what MS-DOS/MS Windows would call your "D:" drive (/dev/hdb or /dev/hdc or even possibly /dev/hdd under Linux). Obviously that could be /dev/sda if you're using a combination of IDE and SCSI or /dev/sdb if you have two SCSI drives.

So, let's assume that MS Windows is installed on /dev/hda and that Linux is on /dev/hdc (perhaps your CD-ROM drive is /dev/hdb /dev/hdd).

To remove Linux as though it had NEVER been there you can follow these steps:

      lilo -u /dev/hda

... should attempt to copy /boot/boot.0300 back into /dev/hda (that should have been the backup copy of your original master boot record --- MBR). If that does work then prepare an MS-DOS boot floppy (ask Microsoft how to do that with newer versions of Win'9x; they'll swear that Win'9x isn't really DOS anymore, but they're lying, of course).

Now to wipe out EVERYTHING from /dev/hdc.

     dd if=/dev/zero of=/dev/hdc bs=1024k  # DANGER! Will Robinson!

... this will scribble streams of ASCII "zeroes" (NUL characters) all over /dev/hdc --- wiping out Linux.

When you reboot Linux will be gone (the kernel and the dd program were in memory, but that's cleaned up on a system reboot).

If your system doesn't boot from its hard drive after this, then pull out that MS-DOS boot floppy. By the way, you should have one of those around for various recovery reasons --- it is a vital part of running MS-DOS and recovery from any virus that your system catches. Then run:

     FDISK /MBR

(That's a DOS command that should create a new boot record for you).

If it still doesn't come up after this than refer to the huge WARNING that precedes this dangerous command example. Sigh, re-install MS-Windows and restore from backup.

Another uninstall: Getting to a Root Prompt to Blow it All Away

From Lynn Johnson

Answered By Jim Dennis

I am trying to remove linux - i logged in as root but where do I type fdisk? I don't see a place to type anything - pls help - thanks, lynn

[Jim] I'm going to guess that you're logging through some graphical service (xdm, kdm, gdm, etc). That would be the most common case where you could log in as root and not see a text console and a shell prompt.

So, assuming that this is the case the question becomes:

How do I get to a root shell prompt?

There are many possibilities. X can be configured to run any of a number of GUIs (graphical user interfaces) such as KDE, GNOME, twm, fvwm, etc. Any of those can be configured to offer a very limited number of menus (possibly no menus at all).

Typically you access your GUI's menus under X by clicking on the "wall paper" (or screen "background" which is technically called the "root window" in X parlance). That will bring up the "root menu." (The windows and menus in X are thought of as a tree, just as your filesystems are trees of directories, and subdirectories (branches) and files (leaves). You might have to click with your right or middle mouse buttons. That is configurable in most X window managers. There might even be different menus that come up for each mouse button. Typically one set of them would be the main set of menu options and the other(s) would contain some special window manager features to resize, raise, lower, move and destroy windows, select "minimized" or "hidden" applications etc.

When you find the main menu tree you can search it for some entry such as "xterm" or "rxvt" or "eterm" or "kterm" or for entries that are referred to as "shells." Since X is completely configurable the labels on the menus can be anything.

All of that aside it's probably easiest to skip all of this GUI rigamarole. There are a couple of ways to do this. On most systems you could switch away from X (and/or any of the display managers -- the various graphical login tools) using the following keystrokes:

[Ctrl]+[Alt]+[F1]

(That's holding down the "control" and the "alt" keys and typing in the first function key). That should bring you to a text mode login console (which is a virtual terminal/console running any of the "getty" programs, usually mingetty under Linux.

From there you can log in as root and you should be presented with a shell prompt (usually ending in a "#" hash/pound sign which conventionally indicates a root prompt).

If that fails then you'll probably want to "break in" by rebooting. It's possible for someone to configure a Linux box such that there are no getty's running on any virtual consoles. It's even possible to configure one to run multiple different X sessions concurrently. I have a workstation at my new office which is running four different xdm sessions.

So, if you system has been configured to remove the text virtual consoles, or if you're running a distribution that only makes a GUI available by default, then you'll want to reboot.

The easiest way to reboot from a graphical session under Linux is to type:

[Ctrl]+[Alt]+[Backspace], [Ctrl]+[Alt]+[Del]

...in rapid succession. The first keystroke combination will kill the X server, the other one will signal init (the process manager under Linux) to perform a reboot.

Of course either of these features might also be disabled! If that's the case then just hit the reset button on your system, or flip the power switch (wait about 30 seconds and turn it back on) or pull the power plug.

While it's booting wait for the keyboard lights to flash a couple of times (while the system counts its memory, checks it's floppies, etc). There will probably be a LILO prompt (possibly this will be quite brief. So, as soon as you see the keyboard caps lock, scroll lock, and num lock lights flicker, turn on the caps and/or scroll lock. If they flick back off in a second, turn them back on and hold down any shift or control key.

All of these shenanigans are intended to interrupt LILO (the most popular Linux loader) and convince it to give you a prompt. At that prompt type:

	    linux init=/bin/sh rw

Actually you might have to replace the first word in that line with something else. What else? That depends. LILO can be configured to call the Linux installations or "stanzas" by any name you'd like. Also LILO can be configured not to allow any interruption or it can be configured to require a password to boot or to bypass the normal boot procedure.

However, more than 99% of all the Linux boxes in the world today will give you a root prompt if you follow this last procedure. There are only a few freaks like me that know enough about Linux to configure LILO with passwords and/or to ignore all attempts to get at a LILO prompt. (Of course there are other boot managers for Linux. In particular newer versions of Mandrake might use GRUB --- the grand unified bootloader; and I haven't studied that one at all.

In the highly unlikely event that you still can't get at a root prompt then you'll want to boot from a floppy or a CD (such as the Linuxcare bootable business card or one of its clones). I'm not going to go into the details on that for right now. If you need to know how to do that just search Google! (http://www.google.com/linux) for "recovery disk" or go to Tom Oehser's site and read about Tom's "root/boot" disk images (http://www.toms.net/rb).

Notice that most of the difficulty here is that I have no idea how your Linux system is configured, nor do I have any idea what distribution you're running. As you might have guessed from this long set of directions Linux is a bit configurable.

Obviously once you get to a root prompt you can just use the command:

        fdisk /dev/hda

... to work on the partitions on your primary IDE drive. (You can use /dev/hdb for the secondardy IDE on the first controller, /dev/hdc for the primary drive on the secondary controller, etc; and you can use /dev/sda, /dev/sdb, etc if you're using SCSI drives).

setting root password

From Tom Weingarten

Answered By Ben Okopnik

I've managed to work myself into quite the dilemma. Somehow my root password has been deleted, so I can no longer enter my system except by a second login, which does not have write permissions on anything or the ability to acces linuxconf or userconf. I'm using RedHat Linux on a dual-pentium box. However, I've found that the RedHat cd is far from adequate for rescue purposes, so I created a mandrake cd, and can use it to edit files. What do you suggest I do? Thanks in advance for your time

[Ben] I've found that the RedHat CD (or boot floppy) actually works reasonably well as a rescue disk - flipping to the 2nd console via "Alt-F2" and mounting the existing hard drive is the answer (RedHat tech support told me it couldn't be done and I should reinstall. <sigh> Whichever you choose, fixing the root password problem is pretty easy - and before anybody starts storming about it being a HUGE security hole, remember that "physical access=root access". Period. It's the reason that locked server closets and machine rooms exist. If you want just that tiny bit of extra security (your eight-year-old computer genius has been trying random passwords against "root" or some such), disable the floppy/CD boot and password the BIOS (write your hard drive's cylinder/head/sector info on the side of the PC case and *don't* lose that password; resetting the BIOS can be a touchy business.)

So - boot your machine via a boot disk or CD. Mount the offending drive - for this example, we'll say you have it under "/mnt". Edit "/mnt/etc/passwd" (or "/mnt/etc/shadow" if you use shadow passwords) and clear out the second field in the "root" entry (fields are separated by colons) - that's the encrypted password. In other words, given an entry that looks like this:

root:2St5fADe4oOcSE:0:0:root:/root:/bin/bash

you should end up with this:

root::0:0:root:/root:/bin/bash

Save the file and reboot, this time without the boot disk. Log in as root (no password necessary) and immediately assign one using the "passwd" utility. No muss, no fuss, no greasy aftertaste. And, umm, keep a close watch on Junior: he might be reading this too...

... Ben's a hero! ...

Thanks a million. You've saved me the fate of hundreds of users asking what the heck happened to their character files (I run an online game). Also, btw, while searching desperately for a solution, I found that if you edit /etc/pam.d/login and change everything to optional, you can login as root with the wrong password. Then you can change the password, all from the boot cd. Although, your method is infinitely simpler.

Thanks again for your help. Tom

I can't seem to write to my vfat (Windoze) file system with any user other than root.

From John Fox

Answered By Ben Okopnik

I currently run Red hat 7.0 and am attempting to follow the suggested procedures of not logging on as root unless I absolutely have to. When I am logged in to the system as my non-root user id, I am unable to write files to the vfat file system.

I have tried to chown the mount point, I have even gone so far as to try to chown and change the file permissions of a file on the vfat file system(to no avail). I have checked the mount and all the vfat mounts all show (rw).

The following is the error message I receive when I attempt to copy a file: cp: cannot create regular file `filename.ext': permission denied.

Does anyone have any idea?

[Ben] Yep; I remember cursing and scratching my head over this one quite a while ago. You've got the right idea in looking at the permissions/ownership of the mount point - but as you've found out, you can't just change them.

Here's the solution that I've used. I like this one, since it would work well on a multiuser system as well as a regular home system. First, create a group called "msdos". Note its GID (the number associated with that group; take a look with 'vigr'.) Add yourself to that group -

adduser jfox msdos

(assuming your username is 'jfox'.) Now, in your '/etc/fstab', add the "noexec", "umask" and "gid" parameters to the appropriate partition:

/dev/hda3  /mnt/msdos  vfat  noexec,umask=003,gid=1001  0 0

Obviously, the GID would be that of the "msdos" group.

What we're doing here is mounting that partition with the appropriate group ID and setting the umask - this masks out the permissions that the mounted partition will have. The "noexec" parameter works with in concert with the other two to produce the following conditions:

Directory access under the mountpoint is allowed to members of GID 1001 All files under the mountpoint are readable and writable by GID 1001 The files are "read-only" to the other users None of the files are executable (does not apply to DOS emulation)

It takes a bit to get used to this three-parameter control system, but it is actually very flexible and can be used to set up just about any combination of permissions and directory accessibility you could want.

From this point on, if you want to give a user on your system read/write access to the files on that partition, simply add them to the "msdos" group.

... wishing the docs were better ...

Ben,

Thanks for your help. That did the trick. I think they could have made it easier by putting somthing in the faq. On their site.

[Ben] You're welcome - glad I could help! Just as an idea, if you perceive this as a topic that lacks coverage in the Linux community, consider writing a HOWTO - the Linux Documentation Project, under whose auspices the LG operates, is always on the lookout for more useful info that can be shared. It's yet another way to put something back in as a return for the effort that other Linux folks have put out - and this kind of feedback is precisely what allows a community to grow.

... you can do it John! ...

Will do Ben,

I would be happy to contribute to the community. I thought you had to be hooked up with the right people in order to contribute. I will seriously consider writing something up. Especially considering that I am on Vacation until the end of the year and will have plenty of free time on my hands.

Firewall for a SOHO

Small World, isn't it?

From Tom Bynum

Answered By Jim Dennis

Actually, hello from your mom's next door neighbor (...well....two doors...damn it...close enough...). Anyway, I was talking with her out in the cul-de-sac Sunday evening and she lent me her copy of your book to browse.

[Jim] Mom mentioned that she'd been chatting with you.

[Mike] Jim wrote a book?

[Heather] Yeah, Linux System Administration by New Riders Publishing. purple edge stripe, "landmark" series with a view of the French river (the Seine I think) on the cover's top quarter stripe.

Wherein the first half describes policies so real decisions can be made, and the second half describes practicum, so sysadmins can Do Cool Stuff. eg. to have an awk script "vette" the logs of all the boring ordinary stuff amd leave you the stuff that looks new or weird.

It's a good thing

[Mike] That's cool that New Riders has a Linux book. Several of us at SSC have been very impressed with the two New Riders' books on Python and PHP, so I'll have to take a look at this one. The other two books are very concise: they give you a lot of information in a small space, and answer questions you didn't think to ask, more so than books three times their size.

I spend about 99.8% of my time in Windoze.......(snore.....) so please forgive some rather newbie questions, but I have an idea that incorporates Linux in a big way.

Let me give you a short Linux bio... I was first exposed to Linux back in 1997 when someone at my ISP mentioned using it for an internal mail server. I figured "...how hard can it be..". I went and bought a book which included 3 distros. I ended up using Caldera Openlinux Lite 1.0. (because it was the only one that would install) In about a week I got Sendmail to work with the ISP through a dial-up SLIP/PPP connection. At that time we only had a single company dial-up account so I had the machine using a crontab to dial-up and kick the SMTP server every 3 hours or so. The "kicking" part was something I found to make SMTP work through a dynamic dial-up account. Later I installed ISDN and a router and got a static IP so we were live and just had to turn off the crontab. I got burned on "relaying" with that server and didn't know how to turn it off so I installed Caldera OpenLinux 2.3 because it contained the new distribution of Sendmail with relaying blocked out-of-the-box.

[Jim] Yes. Sendmail has a near vertical learning curve (and qmail is even more confusing for me). I actually like Postfix (now that I've tried it) but I'm NOT recommending that you switch to a new MTA (mail transport agent). You got something that works well enough. You've learned enough to get by; and if you need to hire a consultant than there are LOTS of them that know sendmail and very few who understand the corresponding intricacies of qmail, Postfix, exim or any other MTA.

There is a really cool option to consider. You could buy the commercial sendmail package and use it's little configuration system. You'd still be running the same sendmail that you are now; but you'd have a somewhat less gruesome interface for doing the basic configuration. (If you later had really special needs you could have someone start with those basic configuration files.

Look at http://www.sendmail.com for information on pricing and all of that.

As for setting the "maximum message size" limit: you should be able to edit your .../sendmail.cf file (either in /etc/ or in /etc/mail/ depending on your distribution) and find a line that looks something like:

#O MaxMessageSize=1000000

... to make that work just remove that first character (the '#' or hash sign) which "uncomments" that line. The value is in characters or octets (I'm not really sure which --- but they are the same for ASCII and I doubt that you're getting alot of Unicode or UTF8 traffic yet).

If you don't find this line then insert it somewhere in the first section of the .cf file. That means to put it before the first line that starts with a P (which looks like the following line in one of my sendmail.cf files):

Pfirst-class=0

Sendmail isn't terribly picky about what order the options appear in, but it can be picky about which "section" they're in. (In other words the options should all be grouped together near the top of the cf file, the re-writing rules should all be grouped together near the end of the file.

Note: It's better if you're using a macro config file (usually named <something>.mc). So, here's a simple sample .mc file showing a valid confMAX_MESSAGE_SIZE definition:

divert(-1)
# After the `divert(0)' all lines starting with `dnl' are
# comments until the next newline character.
include(`/usr/share/sendmail/m4/cf.m4')
divert(0)dnl
VERSIONID(`Linux Dec 19 16:43:03 PST 2000')
OSTYPE(`linux')dnl
dnl
define(`confMAX_MESSAGE_SIZE', `1234567890')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn')dnl
define(`LUSER_RELAY', `local:postmaster')dnl
FEATURE(`nocanonify')dnl
FEATURE(use_cw_file)dnl
FEATURE(`always_add_domain')dnl
MASQUERADE_AS(`PUT_YOUR_DOMAIN_HERE')dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(`allmasquerade')dnl
MAILER(`local')dnl
MAILER(`procmail')dnl
MAILER(`smtp')dnl
MAILER(`uucp')dnl
MAILER(`bsmtp')dnl
MAILER(`fido')dnl
dnl
LOCAL_CONFIG

Most of represents a typical sendmail .mc file. In order to use this to generate a .cf file (which is what sendmail uses) we issue a command like:

	m4 < $THIS_MC_FILE_NAME > /etc/sendmail.cf

(Note: DON'T DO THIS using the sample I've given. You'll wipe out your existing sendmail.cf file!)

The idea here is not really that complicated. sendmail uses the cf file which is in a format that's convenient for the program. For years people maintained cf files directly (using a text editor). For some of us (myself included) it is still easier to make a small change to an existing .cf file then it is figure out the corresponding .mc file directive.

However, most of the text in the .cf file looks like line noise. So mere mortals among us prefer to create shorter files that summarize what we want sendmail to do. Then we pass these shorter .mc files through a macro expansion tool (the m4 program) and they get expanded into the .cf files that sendmail uses.

But enough about sendmail. On to your question.

"Whew"...all right, here I am today. The box runs, I don't screw with it. Every now and then some bozo over in drafting tries to stuff a CAD drawing in an email message, but after a little staff chastising and a re-boot, everything's back to normal. BTW, I've seen that "max message size" line in the sendmail.cf, but everytime I try and make the line active, the server issues an error when booting the sendmail daemon so I had to rem it out again...sorry, back to my point...

[Jim] (See above)

I want to set up a Linux box to implement Firewall and Proxy services. For you that might be straight forward, but all the information I find is sending me in mental circles...

This is what we currently have setup...Static address from ISP --> Router (with ISDN modem) using NAT --> Private address on the Lan side of the router. DHCP running on the network tells all the clients that the router address is the gateway. All works...thanks for shopping at Kmart. Not very safe...

[Jim] I like to use pictures when I'm designing networks.

It sounds like you have this:

                                         * eth0
                                         v
               +---------+     +--------+     +-----+
               |   ISP   |-----| Router |--+--| LAN |
               +---------+     +--------+  |  +-----+
                              ^            |
                              * eth1       |   +-----------+
                                           +---| Linux Box |
                                               +-----------+

... but it's not clear. Clearly your Linux box cannot be receiving mail from the Internet if it's using a "private" (non-routable RFC1918) IP address. That is to say that you can't advertise a 192.168.*.*, 10.*.*.* or 172.16.*.* through 172.31.*.* address to the Internet as your MX (mail exchanger). If you did so, then no one would be able to route SMTP (or any other IP traffic) to you.

However, it's possible that you could have a feature/rule on your router such that it relayed any incoming traffic on TCP port 25 on eth1 (the outer interface) to the same port on your Linux box.

This is one way to put a "hidden" server behind a router. However, it assumes that you have a router that is capable of doing such relaying (or "transparent proxying"). There are a number of programs capable of doing this for Linux.

(Another, less interesting and less useful solution would be for your ISP to act as a your MX record AND for them to maintain their own routes to your RFC1918 network. Of course then you'd have to co-ordinate this with your ISP and they'd have to assign different RFC1918 address blocks to each of their customers that wanted this service, and you'd have to maintain split DNS, and ... anyway forget I mentioned that).

Another option would be to use the Linux box as both the router and the sendmail host. This is possible (so long as you can connect your ISDN modem or TA to your Linux box).

Yet another option would be to have your ISP give you more than one static IP address. Two would be sufficient; four would be a relatively normal subnet, though only two would be usable in that.

Note: most of these configurations are NOT recommended. They offer little or no protection for the sendmail boxes, and nothing protects your internal network from a potentially compromised sendmail box.

Here's what I want. (It sounds safer....so I'm gonna try and draw you a mental picture here so bear with me...)

Static address from ISP --> Router (with ISDN modem) using NAT --> Firewall (eth1 on linux box) --> Firewall/Proxy/NAT services running inside box --> Gateway (eth0 on linux box)--> Network

[Jim] It sounds like you're saying that you want something like:

               +---------+     +--------+    +-----+
               |   ISP   |-----| Router |----| LAN |
               +---------+     +---+----+    +-----+
                                   |
                                   |   +-----------+
                                   +---| Linux Box |
                                       +-----------+

This is a reasonable configuration. You still need to have some way of routing traffic to the Linux box. That can still be a TCP relay utility or feature running on the router and redirecting all inbound SMTP (TCP port 25) traffic to the Linux mail host. It could be a different DRIP (directly routable IP address) from your ISP.

It could even be a hack where all your incoming mail gets stored by your ISP and is fetched into your domain via POP or IMAP. (I suspect that this is the way you were doing it when you were in dial-up. I suppose it might be what you're still doing; it's not clear from your message). Another trick is for your ISP to be your primary MX, and for them to relay it to you via UUCP (over TCP).

I used to get my mail via UUCP, and that was only a couple years ago.

Basically just insert it between the network and the router. Does that make sense? Here's the reason for the router being on the end...it has my ISDN modem built-in. It's the only device I have that can run the ISDN connection. Things are too $tight$ to get a nice connection like a T1 with expensive firewalls and such, so I'm trying to make this work cheap! I also want the logging and auditing provided by the proxy.

[Jim] The problem here is getting the incoming traffic to your Linux box. I'm guessing that you might have something like a Trancell Webramp ISDN TA/router. You could replace that with an ISDN card or an external ISDN "modem" (which connects to your Linux box via a serial port).

In those cases you'd have the routing and mail services running on a single system (which is not a good security profile since a compromise of your mail host constitutes a loss of control of all of your routing).

The final effect is, a second "private" network between the linux box and the router. So I will have one subnet for the LAN in general and eth0 of the box on that side. A second private address space and "subnet" available only between eth1 and the router, and then of course our static IP on the outside. To me it kind of resembles a "DMZ" which most modern routers have built in. Let's call it a poor man's "DMZ".

[Jim] Oh you mean:

               +---------+     +--------+                  +-----+
               |   ISP   |-----| Router |            +-----| LAN |
               +---------+     +---+----+            |     +-----+
                                   |                 |
                                   |   +-----------+ |
                                   +---| Linux Box |-+
                                       +-----------+

... that's O.K. In this case Linux is acting as an interior router (and as a mail host). Even better would be:

               +---------+     +--------+                     +-----+
               |   ISP   |-----| Router |               +-----| LAN |
               +---------+     +---+----+               |     +-----+
                                   |                    |
                                   |   +--------------+ |
                                   +---| Linux Router |-+
                                   |   +--------------+
                                   |
                                   |   +-------------------+
                                   +---| Linux Mail Server |
                                       +-------------------+

Where you use two different Linux boxes, one as a router and the other as a mail server.

You'd still want your ISP to give you one or two more DRIP addresses (for the exterior interface on your Linux box(es)).

Does this sound off the wall? Every "how-to" I find for using Linux as a firewall talks about it being the "router" at the end of the line between the LAN/WAN. I haven't heard of it being used as I have described and I'm really not sure where to go from here. It all sounds good on paper..."...Client on the net ships a packet off to the gateway (eth0)...The linux box runs it's firewall/proxy voodoo magic stuff and ships it out the other side (eth1) to the router which of course really ships it out...". But how about on the return trip? With the firewall and the router both using NAT...the router won't care, but how about inside the linux box? Will the packets still back and forth to each client OK?

[Jim] Linux can be used as a border router and/or as an interior router.

An even better configuration would be:

               +---------+     +--------+                     +-----+
               |   ISP   |-----| Router |               +-----| LAN |
               +---------+     +---+----+               |     +-----+
                                   |                    |
                         Note ---> |   +--------------+ |
                                   +---| Linux Router |-+
                                       +------+-------+
                                              |
                                              |
                                       +------+-------+
                                       | Linux Server |
                                       +--------------+

... where you have three ethernet interface in your Linux Router (a three legged firewall).

Note: this could be an ether crossover cable between the ISDN router and the Linux box, or it could be a serial connection between the Linux box and an external ISDN modem/TA (terminal adapter) or the whole thing could be replaced with an internal ISDN card that's plugged into the Linux Router. (In that last case, think of this line as being the Linux Router's internal PCI or ISA bus).

The advantage here is that all traffic passes through the Linux Router (where you can do packet filtering, IP redirection, logging). However, if the Mail Server gets compromised then it can't be easily used to attack the LAN machines. (The mail server is not trusted by the LAN machines, it is only allowed to received outbound mail, and POP or other mail fetching connections from ther internal hosts.

You can also sequester other services on the Linux Server. You can put a DNS server on it, etc. Note that each service that you run on the Linux Server the greater the risk that one of those services can be used as a whole through which an attacker can compromise that machine. So, if you run mail, DNS, web and FTP all on that one Linux server, then any exploit in any one of those can affect the whole server, and thus compromise all of your DNS, mail, web, and FTP services.

That's why we don't run those services on the router. On my router at home, there are NO services running (not even ssh). I cannot access it remotely. I must sit at the keyboard and work from the console directly. In fact there are IP packet filtering rules that prevent that system from accepting any packets that are addressed to it. You can't even ping it! (It will only permit traffic that is supposed to go through it, not to it).

You could hang as many seperate Linux servers off of this eth2 interface (DMZ network segment) as you like. However, you'll either need to have separate real IP addresses (DRIPs) for each, or you'll have to configure the Linux router to do TCP and UDP redirection for each service to each server.

I feel like a five year old asking why the sky is blue... I did find out one thing this past weekend...IPchains works in here somewhere...that's about all I know.

[Jim] Actually your question is reasonably sophisticated, and your criticism of the HOWTOs is well taken.

The biggest issue here is that you have two different problems to solve. First you need routing to work. You need more IP addresses or you need to install some form of TCP/UDP redirect utility. Keep in mind that the TCP/UDP redirect utilities might be running as 'root' (if they are listening on "privileged" ports) and, therefore might be a security risk on the router. There's a way to use IPChains to redirect TCP traffic into a Unix domain socket and I think there should be a utility to relay connections from a Unix domain socket back to a TCP connection. However, I haven't looked for one recently and I don't remember if there was one the last time a question like this came up.

(The advantage of this approach would be that it would allow the redirection utilities to run as "nobody", or (better yet) as a set of mutually non-trusting "nobody" UIDs --- which minimizes the risk to the router).

That's why the router in a firewall is called a "bastion." You want it to be relatively simple with as few windows, doors as possible and NO ornamentation.

I currently have a block of IP addresses, so I haven't had to resort to incoming IP redirection. (Otherwise I'd tell you the name of the utility that I was using).

I've said more than enough...time for a beer. Hope to hear from you soon.

[Jim] I agree. I'm off to BALUG (http://www.balug.org) where I'll fill up on Tsing Tao and other chinese food.

Something comparable to Services in NT

From Michael Swanson

Answered By Mike Orr

I've been playing with Linux for years, and just recently decided that I wanted to learn more about it. At this point I feel as though I know nothing. I have compiled and installed a proxy server in my Mandrake 7.1 system. But I have to log in as ROOT to run it. And I must run it everytime I reboot. I would like to have this run at start everytime. As I understand it, anything run at startup is root, and this program (squid) says it changes user after initialization. The documentation mentions how the program will respond after being automatically started, but gives no mention at all on how to achieve this.

[Mike] See if Mandrake uses the System V init scheme like Red Hat and Debian do. You have one directory containing start/stop scripts, and other directories containing symlinks to those scripts. On Debian (which I'm familiar with), the script directory is /etc/init.d, and the normal symlink directory is /etc/rc2.d . In that directory, put a link called S##squid pointing to the script. (Replace "##" with a 2-digit number indicating which order to run it--lower numbers get started first.) Mandrake is probably the same but the directories may be named slightly differently.

Look for a README in the script directory, /usr/doc/sysvinit, "man init", etc. There's also a HOWTO "From Power Up to the Bash Prompt" (http://www.ssc.com/mirrors/LDP/HOWTO/From-PowerUp-To-Bash-Prompt-HOWTO.html) that explains everything that happens when the computer boots up; this is worth looking through even just to know what info is available in it.

Editing fstab file for tape backup

From Michael Dodge

Answered By Mike Orr, Dan Wilder

Dear Answer Guy:

I have installed a tape drive onto a 586 intel. The tape drive is an HP SCSI drive. I had someone that I know compile the Kernel to support SCSI, but I wasn't able to mount the tape drive. I think that it is because I haven't proplerly edited the fstab file.

I reads:

/mnt/N tape

[Mike] I haven't actually used a tape drive, but I've never seen any that are mountable in the way floppy disks are. So you don't need an entry in fstab. (If you did, it would be

/dev/DEVICE    /mnt/N    FILESYSTEM_TYPE   OPTIONS   0  0

) You would especially want the "noauto" option to prevent it from automatically mounting the tape at boot time. (Which would cause an unpleasant delay if there was no tape in the drive.)

But as I said, I doubt you can mount tapes at all anyway.

Normally, you must figure out which device it is, and then use that as the "filename" argument to your backup program (e.g., tar). E.g.,

tar tvf /dev/rmt8 /home/me

You use the "mt" command to skip forward or backward over one or more tarfiles on the tape, rewind the tape, retension it, etc.

There is a ftape HOWTO. Although that's not the kind of tape drive you have, section 7 ("Backing up and restoring data") may be of help.

... thanks, now to make the backup ...

Tag,

Thanks for the advice. I have another question though. I use the tar command to read from the tape, but how do I write to the tape. I would greatly appreciate any advice on this matter. Thanks.

[Dan] To write to tape:

  tar cf /dev/st0 files-to-tar

To read from tape:

  tar xf /dev/st0 files-to-tar

"c" means "create" archive, "x" means "extract". In this case, "/dev/st0" is your archive.

The answers to this and many other questions about "tar" are found if you type

  man tar

... kudos gang! ...

I would like to thank Dan for the final piece of advice on this matter. You have helped me solve a problem that I have been working on for some time. I know that this stuff is probably cake for you guys at tag, but for someone not as experienced with LINUX (myself for example), these tips really save the day.

Sincerely,
Mike Dodge

Mail gets nowhere?

From anonymous

Answered By Mike Orr

Do I ask you what does it mean when I get permanent fatal errs for

 MAILER-DAEMON@aol.com <mailto:MAILER-DAEMON@aol.com>  transcript of session
 follows while talking to yd.mx.aol.com
 RCPT to:MAILER-DAEMON@aol.com <mailto:MAILER-DAEMON@aol.com>
 <<550MAILER-DAEMON@aol.com <mailto:550MAILER-DAEMON@aol.com> >...User
 unknown

[Mike] "User unknown" really does mean user unknown. aol.com has no user "MAILER-DAEMON".

If something comes "from" MAILER-DAEMON, it's an error message, probably reporting a previously-failed message.

If I am asking the wrong person please direct me to the appropriate person. What prompt to e-mail MAILER-DAEMON was an user unknown message from an aol subscriber.

[Mike] Then either the person's account expired or AOL is messed up. You did verify you typed the address correctly, no? If you think AOL is at fault, complain to postmaster@aol.com. (Ditto for any other site.) There's no reason to write to MAILER-DAEMON, because there's nobody there to read it.

Thank you for your prompt reply.

Loading SuSE Linux 6.4 via NFS

Answer By Chris Gianakopoulos

Hi all,

This weekend, I decided to load SuSE Linux 6.4 onto my son's IBM PS/ValuePoint computer.

The network configuration is illustrated below.

      -----------------------                      -------------------------
      |                     |  10Base2 Ethernet    |                       |
      |      IBM            |----------------------| Linux Machine         |
      | PS/ValuePoint       |                      | Host: stargate        |
      | Host: strikeforce   |                      | with CDROM            |
      -----------------------                      -------------------------
       Target machine for                                    NFS server for
       Linux install                                          Linux install

I have NFS running on my Linux machine, so I decided to install Linux onto the IBM machine via NFS. I installed a minimal system so that I could install user accounts in case problems occurred when I added more packages to the system.

Once I had a minimal system up and running, I decided to use YAST (the installation program) to added more packages into the system. Everything worked fine until I was prompted to install CD2 of the distribution. I was told that I was loading the wrong CD!

I investigated the problem by executing "tcpdump" on my Linux machine so that I could observe traffic over the ethernet. To my surprise, I found that the IBM machine was being denied access to CD2 (the second CD of the SuSE distribution).

I then logged in as a user (not root) and then changed myself to root with the 'su' command. This allowed me to mount remote filesystems using NFS (for example:

I decided to continue observing ethernet traffic while I manually (for example: mount -t nfs stargate:/cdrom myMountDirectory, where myMountDirectory is a local directory on host strikeforce). I now had a controlled experiment, and I was able to determine that, out of the 6 CDs supplied with SuSE 6.4, CD number 2 could not be viewed, and this was confirmed by the denied access packets observed via tcpdump on host stargate.

It turned out that, on CD number two the directory "." only had root priviledges. On the other CDs, there existed read and execute priviledge for group and world.

My solution was to copy the image of CD2 onto a top level directory of my Linux machine (host stargate), make sure that group and world had read and execute rights, and modify /etc/exports (the NFS export file which allows other users to view your filesystem) to reference the directory.

The lines in /etc/exports looks like this:

--------------------------------------- start of file ----------------
# used for all other CDs
/cdrom    strikeforce(ro)
# used for CD number 2
/test/cdrom  strikeforce(ro)
--------------------------------------- end of file ------------------

I noticed one odd thing during this exercise (installing Linux via NFS).

Even though host strikeforce had unmounted the remote filesystem on

host stargate (I confirmed this via a telnet session onto host strikeforce), I could not unmount my cdrom. In order to unmount the cdrom, I had to comment out the line, in /etc/exports, which refers to /cdrom, restart the NFS server by typing "nfsserver restart", and then typing "unmount /dev/cdrom". I could then unmount the cdrom, change the cdrom, mount the new cdrom, uncomment the abovementioned line in /etc/exports, and restart the NFS server.

Perhaps, you do not have to unmount cdroms before changing them, but, I would think that you would have to in order to maintain the proper notion of the contents of the mounted cdrom.

The bottom line: My copy of SuSE Linux 6.4 does not have group and world access rights to CD number 2, thus, you have to install from an image copied onto the hard disk of the NFS server.

Perhaps this message is too long winded (I tend to ramble) for a 2 cent tip. I'll let all of you decide if this message is worth posting. All I know is that if I did not have strong networking and protocol experience (my NFS knowledge is questionable), I wouldn't have known how to use tcpdump, and I wouldn't have solved the problem in the speedy 5 hours that it took me.

Keep up the fantastic work, and thanks for all of your hard work for this fine magazine!

Chris G.

RE: classified disk

From Anonymous

Answered By Ben Okopnik, Dan Wilder

Hey there gang! I was in the Air Force for almost 21 years and worked in the intelligence career field. Depending on the level of classification the overwrite method is not always allowable. Shane Welton needs to contact his security manager for clarification. I took several computer security courses taought by the NSA (yeah, I know the None Such Agency) and they would not allow overwriting because they were able to recover all the data.

[Ben] Heh. When I was in the Military Intelligence (yep, it's a non-sequitur like "giant shrimp"), we dealt with NoneSuch; their "set in stone because we say so" policies provoked a lot of comment among my fellow soldiers.

The ability to recover data through a simple format is the reason for the 7X overwrite method with random garbage. As long as 15 years ago, I remember there being a guy in California who had a SQUID (Super-Conducting Quantum Interference Detector) that could pull up a relatively high percentage of data from a hard drive that had been through six low-level formats (of course, he charged a few pennies for the privilege - $60k was the figure I heard.) Those are typically just overwrites with all zeroes, and he simply had to dig for a faint-but-present remainder of the original ones and zeroes. He would try, but did not promise anything, with a single data overwrite (I believe he was relying on the blank spots in the current data.) After seven overwrites with random bits, there's nothing of the original data left to be read - there's absolutely no way to distinguish a '1' written seven overwrites ago from a '1' two overwrites ago.

[Dan] If that's true, why not just overwrite seven times with all "0" or all "1", on alternating passes? Or run "badblocks -w" which writes all 0xaa, 0x55, 0xff, then 0x00, several times? Seems like it'd be a lot faster than waiting for entropy on the /dev/*random. And, it guarantees that every bit gets flipped multiple times.

[Ben] <Shrug> I always thought it would be sufficient, but the government spec requires randomness. Given that "/dev/urandom" is non-blocking, I can't see it as being much slower than any of the above, and I believe that a pseudo-random source still qualifies - but given that my familiarity with the pertinent regulations is from many years back, Your Mileage May Vary.

If a company's the security policy disallows this kind of a solution, fine; the technology is still a valid one.

... to which our spooky querent replies ...

Yeah, I know what you mean. I dealt with SCI material, we couldn't even think of declassifying anything. We finally got permission for me only since in a prior life i was a machinist (my dad owned a machine shop) to be able to take a hard drive apart, chuck up the drive platter and remove the top .030 (thirty thousandths) on each side AND then we had to smash the platter. The easiest thing was to just box up any drives and have the courier take them up to Fort (Fumble) George G. Meade for them to destroy.

Hey, thanks for the trip down memory lane. Linux lives!!!

multiple subnets, one DNS

From Damir Horvat

Answered By Dan Wilder

Hello!

I have one linux server and 2 subnets on private network.

I would like to have this: If the request (nslookup) come from subnet #1, DNS server would show only the subnet #1 net table. And the other way around. The two subnets should not "see" eachother.

any ideas?

kind regards,
damir horvat

[Dan] A so-called "split DNS" arrangement will do that.

Each subnet runs its own DNS server, which considers itself authoritative for your domain. Each server forwards other requests to one or more third servers, possibly those of your ISP, which handle all other requests.

The server on subnet #1 has entries in its zone table only for hosts on subnet #1, and for any outside hosts belonging to your domain that need to be reachable from subnet #1. Likewise, subnet #2.

Assuming your local subnets are 192.168.1.0 and .2.0 and that your ISPs nameservers are 10.0.0.1 and 10.0.0.2, with BIND-8.2, your boot file (often /etc/named.conf), has stanzas containing:

options {
        directory "/var/named";
        allow-query { 192.168.1.0/24; 127.0.0.1; };
        notify no;
        allow-transfer { none; };
        datasize 20M;
        forward only;
        forwarders {
        10.0.0.1;
        10.0.0.2;
        };
};

zone "your.domain." IN {
        type master;
        file "your.domain.zone";
};

along with any other options and stanzas you need.

"/var/named/your.domain.zone" on each subnet lists all hosts belonging to your domain that are visible from that subnet. This includes any hosts off the subnet, as this setup will not query the third-party DNS for hosts it doesn't know about in your domain.

Substitute the proper IPs. Subnet #1 lists 192.168.1.0 network in its allow-query field; subnet #2, 192.168.2.0. Hosts on each subnet point to their own nameserver. If the subnet is large enough to warrant the effort, set up two nameservers on each subnet, the second a slave to or a mirror of the first, so the subnet won't be left without name service if you have to take the nameserver down.

If you have only one Linux server to implement this with, run two copies of BIND, each listening only on the IP connected to its respective subnet. Use the "listen-on" directive for that; for more information, see "man named.conf.5".

... Damir replies ...

Hello!

Thank you. Yesterday I've done some reading myself, and successfuly setup one box with two NICs.

Kind Regards.

responding to DESQview/386 Die Hards into the Next Millennia

From Jim Barnett

Answered By Heather Stern

Jim,

I'm beginning the serious stage of a large AI project. For several reasons I (naturally) looked to Linux. However, what I really need is a robust but SIMPLE multitasking OS that will juggle my ANSI C code and stay out of the way. So far it looks like it may take the rest of my life to learn Linux, all the while I make no progress on my real project.

Then I remembered DESQview.

In a previous comment,

[Jim] I presume that Quarterdeck's aquisition by Symantec has spelled complete obscurity and orphanage to DV. They probably didn't even have the decency to release the sources to a "free world."

You might be far better off with a combination of Linux and its DOSEMU or VMWare. It's a pity that you'd lose DESQview's UI (I'd really like to see a Linux console manager that would match the features and feel of the DESQview popup menu system --- but add configurability like DV/X). However you gain support for modern hardware (including CD's, CD-R, CD-RW, DVD and DVD-RAM) and procotols (running DV under a TCP/IP stack used to be like waltzing with a bear in a china shop!). You also lose all problems with memory management (forget about conventional vs. EMS and "largest program size").

All that and you get the sources, too. (A feature that would be even more exciting if I were a real programmer, and not just the occasional hack).

you said it would probably not be possible to get Dv drivers for modern devices like CDROMs. Just doing some preliminary surfing today, it looks like you may be right. However, if I can find a copy of the actual program (there are tons of add-ons & utilities online), I'd like to give DESKview a shot.

Assuming I stick with Linux, do you have any suggestions for shortening my learning curve? Is there a small, non-network, non-graphics release of Linux you would recommend?

Trying not to fall down the learning curve,
Jim

[Heather] Sorry to run a mite late, but you can easily consider Tom's Root Boot (it runs off a floppy, needs no graphics whatsoever, and lives in RAMdisks) or Debian base (the install is a bit annoying, tho) - I think LibraNet can give you a somewhat easier Debian setup without attempting to use graphics.

TomsRtbt is a libc5 based Linux system. Tom Oehser says he lives in it day to day, and I assume he is able to use a compiler in it, since he creates the code for new small utilities on his disk. It does have networking.

The advantage of Debian would be the ability to use their apt-get package manager to fetch new applications or languages if you need them, eg. Lisp, scheme, etc. The full-screen textmode utility 'console-apt' is also worth the time to download, since you can use that to read descriptions of packages that you're considering.

DOS partition from Linux

From Rick Rodgers

Answered By Mike Orr

Does anyone know how to create a bootable DOS partition on a hardisk using Linux? It seems that fdisk doesn't do it right and FreeDOS can not boot.

[Mike] First, the DOS partition has to be a primary partition (one of the first four partitions). Exactly one partition should be marked 'active' using fdisk. This is the partition that will boot. If the DOS partition is active, you will boot only into DOS. If your Linux partition is active AND you set up LILO, or if you set up LILO on the master boot record, you can choose Linux or DOS from the LILO menu. See the LILO documentation in /usr/doc/lilo/ or thereabouts, and the LILO HOWTO and the other HOWTOs at www.linuxdoc.org.

Actually, there is a DOS program called loadlin that will allow you to first boot DOS, then go into Linux, but usually people use LILO instead.

I don't know about FreeDOS, but in MS-DOS or you have to copy the system files in order to make a bootable disk. You can do that when you format the disk by using the /s option to the DOS FORMAT command, or by using the DOS SYS command to copy the system files from a disk that already has then (e.g., a bootable floppy: "SYS A: C:" . The required files are IO.SYS, MSDOS.SYS and COMMAND.COM. IO.SYS and MSDOS.SYS are hidden files in the root of your C:directory (or A:\ on bootable floppies). COMMAND.COM is the DOS shell that gives you the C:\> prompt. Without these three files, the DOS partition is not bootable.

In Windows95, these same three files and commands are used, and bring up Win95 in MS-DOS mode (without the GUI). For the GUI, you'll have to install Windows. If you have the Windows installation files on a CD, you can copy them to the DOS partition from Linux, boot DOS somehow, and then run the Windows SETUP.EXE program. You probably won't be able to use the CD-ROM from DOS without Windows; that's why you'd need to copy the setup files to the hard drive first.

All bets are off with Windows 2000.

If this doesn't answer your question, tell us more specifically what the problem is (what error messages you're getting, what partitions you have), and that may help us give a better answer.

e-mails not getting through

From DJ Bellerose

Answered By Mike Orr

Dear James,

Could you please give me some info as to why my e-mails are not being recieved by the intended recipient. After sending them I do not get them back in my own mail saying that they were undeliverable. I have on occasion gotten some back but the ones I am sending to my boyfriend are not getting to him although it says they are being sent. I have sent a few and then have gone to his place so we could see what was happening but nothing shows in his mailbox. All my other e-mails do make it to whomever I send them to. Also the e-mails I have sent to my boyfriend before have made it but for some reason in the past week and a half none of them were sent to his mailbox. I know I have the right addy as he has been here with me when we sent some. I hope you can help with this. If you need his addy or mine I will send them to you upon request. When they do come back to me it is from Mailer Daemon.

[Mike] This is the biggest clue right here. It should be an error message saying (perhaps cryptically) why the mail is being returned. Also look at the headers of the original message (which the error message will hopefully include). Every mail system the message passes through will add a Received: line before the other Received: lines. Did the message go all the way to his ISP? Can you write to his ISP's tech support address or to postmaster@his-isp.com? You need to determine whether it's only his address that's failing or all addresses at his ISP.

If you are on a Linux system (which you are, right, since you wrote to Linux Gazette?), look in your mail log (in /var/log/mail or /var/log/exim, etc) to verify the message was successfully sent off your computer and where it was sent to.

Exiting X and Rebooting with One Keystroke

From stefan

Answered By Ben Okopnik, Jim Dennis

i've following problem: i've set up a couple linux-pc's with X, but w/o a windowmanager, on which i run an icaclient (citrix, u know!).

[Ben] I'm not familiar with Citrix/ICA client, but a quick look at their website tells me that the solution that I had in mind would work, as long as you can create either desktop or toolbar icons.

now for shutting down the computer the user first has to exit X (by ctrl+alt+backspace) an can then press ctrl+alt+del.

[Ben] Try creating an icon that runs "super halt". A number of people out there don't like "super", but as far as I know, its security problems (particularly the "buffer overflow" bug) have been fixed, and it is very handy for something like this. "super" allows a user to run a specific command as if they were root, which "halt" requires. When I did this myself, initially, I was concerned about some possibility of creating a problem by not exiting X directly, but then realized that it was simply an old MS-Windows mental block: after all, "Ctrl-Alt-BkSp" kills X; what can shutting down do that's any worse?

[Jim] If you always want to reboot after exiting X then just start X with a script like:

#!/bin/sh
startx
exec /sbin/shutdown -r now

... so any exit from X will then execute the next line of your shell script. I'm sure there are more elegant ways. You might even want to patch the X sources to use [Ctrl]+[Alt]+[Del] as the "Zap" key instead of [Ctrl]+[Alt]+[Backspace]. I don't know of an option to configure that. However, I haven't even looked at XFree86 version 4.x yet!

but this is a little to complicated (very dumb users ). i'm looking for a possibility to assign a key-combination (eg. ctrl+alt+f12) for shutting down X and the pc in one step.

[Ben] I don't know how this would be any different from simply hitting "Ctrl-Alt-Del", unless "ica-client" intercepts that. If it doesn't, simply make sure that your "/etc/inittab" contains lines that look like this:

# What to do when CTRL-ALT-DEL is pressed.
ca:12345:ctrlaltdel:/usr/bin/super /sbin/halt

Hint: if you make "halt" an alias for "super halt", everyone who is authorized via "/etc/super.tab" will be able to shut down the machine simply by typing "halt" in an xterm.

thanks, stefan

ps: sorry for my bad english.

[Ben] I find that most folks who apologize for their English - and yours is fine, by the way - tend to be far more understandable (since they make an effort to be understood) than native english speakers who write in with things like "dOOdz U got 2 hepl mE My proBlM nVIDIa caRD WhaT I dO noW?????????" It's not even the kOOl or 3l33t slang, but simply the fact that they don't take the trouble to relay any useful information... oops, one of my favorite rants. I'll stop now.

Multiplexing ppp connections

From David Hunt

Answered By Ben Okopnik

Dear Answer Gang

I have a RedHat 6.1 box that we use for dial out internet access using ppp at 19200 baud. We would like to increase our bandwidth, but according to our ISP the only way we can do this, due to their system, is to have two dial out connections and multiplex them together or have one for outgoing and the other for incoming.

Is this possible to do in linux?

Where can I find documentation about how to do this?

[Ben] Oh-oh. Time for me to put on The Curmudgeon Hat. The "baud vs. bps" confusion is one of my Rant Topics (don't worry; it's a general rather than a directed rant.)

If you are indeed connecting at 19200 baud (and that is far from certain), it means absolutely nothing - unless you're doing something like packet radio stuff, in which case you'd be dealing with the raw numbers. "baud" refers to the actual switching frequency of the modem, which, given the communication protocols in use today, bears less and less relation to the bps (bytes per second) transmitted or received - the only thing that we really care about, as it is the "real" data transfer rate (barring some esoteric considerations.)

(By the way, doing a search for "bps baud confused" on Google produces over 7,000 hits. Don't feel like you're alone.

Let's see... by using Deep Magic, I can see that you're coming out of (or at least e-mailing from) the Great State of Texas. Chances are pretty high that the average ISP down thataway will let you connect at speeds up to 56k (nominally, that is; 53k is the actual upper limit due to phone system voltage restrictions, unless they've changed it and forgot to notify me If your ISP is restricting you to something below that, changing your ISP is probably the best bet.

Now, all that out of the way - if you actually do want to multiplex two modems, and your ISP supports the scheme - and according to what you've written, they do, then, yes, Linux does indeed support modem multiplexing. Take a look at the "eql" package in the distribution, as well as

"/usr/src/kernel-source-<version>/Documentation/networking/eql.txt"

in the source tree. (This assumes that you have the kernel source installed.) Note that modem multiplexing of this sort does not decrease your latency, which is an entirely different issue and has quite a lot to do with perceived "speed" of communications.

Also, check out Robert Novak's "EQL HOWTO" -

http://home.indyramp.com/masq/eql/eql.html

Pretty good stuff for load balancing info, which sounds like what you're trying to do - unless switching ISPs is a better answer.

... David responds ...

Thanks very much for your quick reply. This was exactly what I was after. After hearing about EQL from you I have since found a lot of info about it.

[Ben] You are certainly welcome; I'm very glad that the information was of use to you.

Just to let you know why I'm after multiplexing 2 19200bps lines. Firstly we are not in the States but in the middle of Asia.

[Ben] Ah. 'sil.org' is in Texas, and I gather you're posting via their web/mail interface. If your ISP is AsiaOnLine.net, you have my profound sympathy; I have several acquaintances who are vehement about calling it AphasiaOnLine (it "forgets" a high percentage of their mail) and are unanimous in cursing it to high heaven.

Also there is only one ISP in our area and for some reason or another they say the max connection speed is 19200bps. One last complication is we don't have a land line but only a microwave connection to the nearest town.

[Ben] Well - sounds like load-balancing experimentation is not a hobby for you but more of a necessity. I must say that I find it interesting that your ISP supports EQL; I assume you realize that it has to be supported at both ends. Since they are the ones who suggested it, they most likely do. I wish you the best of luck.

[Tony@thermo-king.com: new to Linux]

From Tony Ormsby

Answered By Heather Stern

Hi;

I am currently a Windows 98ME user. I have recently started studying Linux OS at Tech. I am looking at installing Linux onto an old PC at home to start with before looking at possibly replacing my current OS later on down the track. My old PC is a i386 with 8Mb of RAM and about 250Mb of HDD space. I am about to ask some silly questions which I hope you may be able to help me with.

Firstly, for such an old system, is there a Linux OS available for it? (with or without a GUI) Secondly, I have an old Linux OS (similar to the old MS-DOS 3.3 OS) which I am playing with and am looking at writing a script which will help me to do the following:

Actually, I'm also going through some old books but they don't five examples of how these scripts should be approached. I'm hoping that if I can get an example, it will give me more of an idea on how Linux directory system operates. It does appears that the floppy drive once mounted becomes part of the root directory rather than remain a seperate drive as in MS OS .

I would like to know more about Linux. I believe that in the next few years, it will grow more competitive and become a real alternative to Windows. I also have a copy of Red Hat 6.2 which I am looking at putting onto a spare i486 with 16MB RAM which I have in pieces. I have been told however, that Mandrake 7.0 is a much easier alternative when starting out in Linux. I guess I'm looking for some help in determining which direction I'm going.

kind regards; Tony Ormsby

[Heather] Debian can run easily in the limitation you described - its "base" only uses about 60 Mb or so. (might be less, I haven't really counted it). Graphical setups cost a lot more space - you should avoid using weighty applications like Emacs, the big environments like Gnome, K or the Office Suites, because they will be very slow for you, if you even get them to fit.

You probably want to investigate some of the specialty distributions listed at Linux Weekly News (www.lwn.net).

Whichever distro you use for the 386, make sure that you are fairly minimal about what you allow it to install. You might even consider calling the staff for the companies (in the case of corporate distributions like Corel or Redhat) and asking them what is the minimum space they can be installed in, and the minimum RAM that configuration will run with.

The 486 you describe has a better chance of using something fairly ordinary, though you'll probably still want to be picky about how to use your disk space. Again, 16 Mb is okay but a bit low, so the weightier apps won't be all that happy in it.

Mandrake is a nice distro (when it works at all in your system) but since it is optimized for 586 or higher-powered processors only, it won't work on either of the two systems you mentioned. Sorry.

If you have to, you can always use a much earlier distribution (though it will have the security bugs that plagued those releases) or you can use a "mini" distribution - usually optimized for running from floppies, but many of them can be carefully set up to run from hard disks as well.

Tom's root boot is a nice tiny distro (floppy based) to use to learn more about things under Linux without getting too complex. It runs from RAM so you don't have to ruin any harddisks until you decide what you want to do. Of course, its documentation is very minimal, because too much wouldn't fit on a floppy. You can find his work at http://www.toms.net/rb

Best of Luck

Trident Providia 9685

From J C White

Answered By Heather Stern

Hi There,

I was told you might be able to direct me to where I can find the drivers (Win98SE) for the Trident PV 9685...I have this PCI vid card with no drivers...I also have the AGP version...again no drivers

any assistance will be greatly appreciated

J C White

[Heather] The card that you have has actually come up before in The Answer Guy column, in issue 31. (www.linuxgazette.com/issue31/tag_trident.html) It's been supported in Red Hat (at least on a hardware list) since at least version 4.2. So, the card's been around awhile, and we can at least assure you that it works for Linux...

Unfortunately that's not what you've asked. Sadly, we have no particularly great idea where to find just about anything specific for Windows (any revision)... that's not the OS we write about.

However, I do find an occasional gem for Windows (when I have to go looking) at either winfiles.com, or TUCOWS. That's short for: The Ultimate Collection Of Windows Software. They've of course spread out into more OS flavors and hardware such as Palm pilots andd our fave, Linux.

Under Linux, the card you mention works under Xfree86 version 3.3.6 as well as the new, restructured to be nice and fast, 4.0. I even saw a mention of a 64-bit version of it being okay (AGP wasm't mentioned over in the list at www.xfree86.org, but I'm guessing that's what you really have). Metro-X has a commercial server for it too.

Though it's mentioned in scattered references as "unsupported" I have to add that in Linux terms, that means Trident has been worthless in helping us use their stuff, so it doesn't mean exactly that it doesn't work, it means that we probably are not making the card behave at its very best. We might be - we might even do a better job than your missing Windows drivers - but we really can't tell. Not a lot of developers will throw extra money at more pieces of unusable hardware if they should fry one while trying to code things to make it work.

To be utterly fair to Trident, there aren't that many companies that are "supported" in the sense of really giving us data that we can use for coding up new X server support. It's kind of strange that vendors won't help, even with some raw information about expected input and output signals, since they claim they want to sell hardware. Even if it would somehow reveal some great secret about their hardware (I find this difficult to believe), you don't see very many companies helping us out even with their older cards, saving juicy protectionism for the Hottest New Toy. There are a few... SuSE and Precision Insight have given a lot of extra help to the X Free86 project by helping convince and aid vendors in going our route... as for the others, too bad for them. We tend to buy what we can use, and we're really good at friendly word of mouth for helpful vendors. So if things don't work out for you (though I hope they do), allow me to recommend 3D Labs, ATI (we handle so many ATI cards I stopped counting them. Get a Rage 128 and save yourself from wondering which server entry to pick), Matrox (Milleniums are excellent), 3Dfx, or any of the other vendors who've done XFCom servers. They can use the encouragement

[Note] 3dfx appears to be effectively out of business since Nvidia bought them, which might not matter to you, but it seemed wise to mention, as you might not want to buy cards that have been orphaned that way.

... John went on to find the REAL answer he needed ...

found ALL drivers and will forward to list...even found jumper settings to use as SVGA, S-Vid, or NtSC output in Win95 or 95; again , will send....gimme addy where to upload these gems to as well as a Trident total support page with drivers for everything they ma(de)ke!!

Thanks Again

John

[Heather] You can reply to linux-questions-only@ssc.com and I'll publish ... mainly because the jumper details might be useful to Linux'ers too. If you create your own web page where you're keeping track of these, you can tell us the link. And, that'd make it pretty easy for you to submit the tip to Windows related sites, as well.

I don't know if Trident maintains such a "total support page" - do they? But as time marches on, lots of companies stop maintaining details for older cards.

[Note] John didn't forward the drivers, but if anybody needs to get ahold of him for these, send a note to The Answer Gang (linux-questions-only@ssc.com) and I'll forward it along to him.

The New network On The BLock

From Robert Smith

Answered By Dan Wilder

Next year i'm hoping to set up a home network that will have internet connection through a firwall, then a DSL connection. With such a set up, is there any need to set up DNS services if we are to have a static IP address, or can we use the ISP's?

[Dan] You can use the ISP's DNS services. Put internal hostnames in the /etc/hosts files, or equivalent for other OSs, and point all hosts to the ISPs nameservers for resolution of external hosts. On Linux, /etc/host.conf should read

order hosts,bind
multi on

and /etc/resolv.conf should have:

search your.internal.domain
nameserver IP.for.your.ISPs.nameserver
nameserver IP.for.another.of.your.ISPs.nameserver

"your.internal.domain" is whatever you call your network. No need for it to be a registered domain. "IP.for.your.ISPs.nameserver" is the IP number for your ISP's nameserver.

It becomes worthwhile to set up an internal nameserver when the internal network grows large enough to make propogating the /etc/hosts files (and equivalent) a nuisance. There are a couple of other reasons to set up internal nameservers ... consigning external banner ad servers to oblivion, for example ... but AFAIK, these are all amenities you can easily live without.

Mail Daily sylog message to remote e-mail

From Ling Ling

Answered By Ben Okopnik

Hi,

I am sorry about the interruption. But I have no way to find a help except to try my luck everywhere I can (at least that's what I perceived). I have a RH 6.2 server running as FTP server. Upon customer response, I will have to send certain syslog message to their LAN account, like say admin@system.com. I have read all the manual and even posted up a question on the linux mailing list, but I have still no receiving the answer I want ... I now how to redirect to a file or a local user, but this users is not a local system users (but stay in the same domain), do you mind to guide me on this ??

[Ben] I'm not exactly sure of what you're asking, but here is my best guess:

1) You have a user connecting via FTP. 2) On a response (What kind of response? What kind is possible via FTP?), you want to send e-mail to that user.

Assuming that the response - however it's done - contains the user's name and host, the answer is an easy one:

tail /var/log/messages | mail -s "Your syslog info" Username@Host

The above, for example, would send the last 10 lines of "/var/log/messages" to the specified user. You can, of course, specify whatever information you want to send, and use whatever subject you want (the '-s' switch on the above command line) - this is purely an example, since you didn't say what it is that you wanted from the syslog. Note that you may have a decision to make with regard to file permissions, as most log files are only readable by 'root'.

Thank you very much.

Regards, Ling Ling

[Ben] You're welcome. If I'm off in my understanding of what you're trying to do, please feel free to write back.

Scripted Serial Sessions

From nir

Answered By Jim Dennis

Hellow

I am qa engineer

I want to write send and recieve file script for minicom, so i will be able to check a lot off AT commands. do you know about any tools that could help me, or examples for those scripts.

[Jim] Read the man pages:

RUNSCRIPT(1)                                         RUNSCRIPT(1)

NAME
       runscript - script interpreter for minicom

SYNOPSIS
       runscript scriptname [homedir]

DESCRIPTION
       runscript  is  a  simple  script  interpreter  that can be
       called from within the minicom communications  program  to
       automate  tasks  like  logging in to a unix system or your
       favorite bbs.

runscript is a utility that comes with minicom.

Of course, I can't just leave it at that. That would be far too simple an answer. I really have to put in a plug for Kermit if you're going to be doing any serious communications scripting. Kermit is a rich programming/scripting language for automating serial and network communications. I really suggest that you try it instead of minicom's runscript.

I must admit that I usually use minicom for most of my simple interactive serial terminal needs. However that's purely born of laziness. Minicom is included with most LInux distributions while I'd have to fetch kermit and build it from sources. If it was "apt-get'able" from the Debian archive system; I'd go back in a heartbeat.

All of that aside, runscript can probably do what you need, and if that doesn't give you enough power to do the job then look at the 'expect' programming language from Don Libes. That can automate any terminal/curses appllication under Linux/UNIX and it supports the full TCL programming language. There is also an "expect.pm" module for PERL if you prefer its syntax and features.

Thank you.

Kermit is very good but their is one problem, i cant put AT commands in my script. i have the same problem in minicom (it dowsnt recognize AT commands) i try even to combine the both (minicom and kermit). i think kermit is powerful and thanks to you i learn it.

thanks again!!!
Nir

Setting up print filters.

From Neo

Answered By Ben Okopnik

Hi,

I'm a totally newbie about Linux, but I found it a real great OS (I normally used Win98 !!!), but I have a small problem. I have just changed my printer, a brand new Epson Stilus Color 670, but my Linux box won't use it

[Ben] The main reason, Neo, is - of course - that the Matrix has you.

Generally, I would not respond - few people would - to a request for help that gives so little useful information. The reason that I'm answering this question at all is because printing setups can be troublesome, and what I want to do here is write a sort of a mini-troubleshooting guide. "My Linux box won't use it" is rather useless; what does that mean? Are you physically unable to connect the printer to the box? Does it not fit on the same desk as the computer? Does it print perfectly except for skipping every other comma? There is no way to tell, and most of us aren't into guessing. Please try to make yourself clearer when asking for help; there's no such thing as "too much information" when doing so.

If there's one bit of advice that I'd want to emphasize to the newcomers in the Linux community, this would be it - make yourself as clear as possible when asking for help, and include as much information as you think necessary... and then add some more.

A quick check of Epson's website didn't give me any specs on this printer, just advertising crud. I suspect, though, that it is not a WinPrinter - that's what I wanted to check up on. If it was, you'd have a bit of trouble (software is available, but it's problematic.) In any case, WinPrinters are beyond the scope of what I want to cover. We'll assume that you have a real, honest-to-goodness printer with its own brain, and go from there.

Once you have connected the parallel cable (once again, USB printers are outside the scope - look up the USB-HOWTO on the Web), powered up the machine and the printer (DO NOT connect or disconnect parallel peripherals under power: you stand a high chance of frying the peripheral and the machine), and made sure that the printer's power light is on, it's time for the basic test. Pick a text file that is about 1k in size - the default "/etc/inittab" is a pretty fair example - and shove it straight out through the parallel port:

cat /etc/inittab > /dev/lp0

This assumes two things: 1) that you are logged in as root, and 2) that the first parallel port, "lp0" (known as "LPT1:" under DOS/Windows) is where your printer is connected.

If this doesn't work, look at any error messages that may be generated: "Permission denied" probably means that you *didn't* log in as root. "Device not configured" would mean that you either don't have the "lp" module loaded (check by typing "lsmod") or do not have the kernel parallel-port driver enabled, which would be a strange thing to do (but I've seen it happen.)

If no error messages are generated and there's still no output, try assuming that it's the other parallel port - there are rarely more than two on machines today; for that matter, more than one is becoming rare. Anyway, try

cat /etc/inittab > /dev/lp1

- it can't hurt.

One rare, odd thing that can make this test fail - check the parallel port settings in your BIOS. I've seen an "ECP/EPP" setting disable a Brother printer under both Linux and Windows; all other settings allowed it to work. Yes, Brother printers are weird - but this was about as strange as snake suspenders...

If none of the above works, check the hardware by booting into DOS or Windows and printing from there. If you still can't get it to print, there's a problem with your hardware - port, cable, or printer. Curse life, weep loudly, and replace whatever is necessary.

Install "lpr" or "lprng". For a home user, it makes no difference which one you choose. Either one handles the tricky bit with the permissions - you don't have to be root to print anymore. "cupsys", available with the new version of Debian (and probably other distros) takes care of this and the next (filtering) stage. Make sure your "/etc/printcap" is correct (see "man printcap") and test the system by typing

lpr /etc/inittab

If all you were going to do is print text, you'd be done at this point. However, most folks like their graphics and want to pretty-print stuff like Web pages, etc. For this, you need a series of "translators" that accept an arbitrary file type and turn it into language that is appropriate for your printer. "magicfilter" and "apsfilter", in my experience, can both be rather fussy about installation - I've had problems with both. Test the system by printing a small graphics file, preferably something like a black 4x4 pixel GIF or JPG - if you only get a dot (the correct output), try a larger image; if the filters are messed up, you won't get more than a page of random garbage.

At this point, you're done. The next move, as the original Neo said, is up to you.

Xwindows

From Wes Ragle

Answered By Mike Orr, Heather Stern

Is Xwindows a generic part of Linux? All I ever see while researching the question is xfree86?

[Mike] "Linux" refers only to the kernel. All Linux software comes from third parties, including stuff that's necessary to boot and produce a shell prompt. X-windows is just a protocol; Xfree86 is a concrete implementation of that protocol.

[Heather] Actually strictly speaking, X is the protocol, windows are what it is about painting, and people rarely see them apart unless they are programming an X based application. Especially if they're programming a window manager; window managers (whose names often end in wm: fvwm, qvwm, twm, flwm, icewm; but not necessarily: blackbox, enlightenment, sawfish) are responsible for listening to X protocol messages like "you got clicked" or "keystroke M" or "please repaint coordinates so-and-so" and telling the right applications what to do. It's the window manager that owns the scrollbars, the title bar, and the background.

[Mike] XFree86 describes itself as "a non-profit organisation which produces XFree86, a freely redistributable open-source implementation of the X Window System that runs on UNIX(R) and UNIX-like (like Linux, the BSDs, Mac OS X (aka Darwin) and Solaris x86 series) operating systems and OS/2." (http://www.xfree86.org)

Linuxers adopted Xfree86 over other versions of X-windows because (1) it runs on the x86 CPUs (a sine que non), (2) it's affordable (back when X was unusable under Linux I almost bought BSDi [another UNIX-like OS] instead, but didn't because of its price tag), and (3) meets our standards for open source (not counting a few minor squabbles along the way).

Linuxers chose X-windows over other graphical systems (e.g., MGR) because almost all the graphical applications available for UNIX are designed for X.

[Heather] There are other implementations of X, also... tinyX is one. You can read far more than any of us can say here by following some of the links at Kenton Lee's site: http://www.rahul.net/kenton/xsites.html

[Mike] Four other graphical "systems" to look at are the framebuffer, SVGAlib, Berlin and GGI.

The framebuffer is an optional part of the Linux kernel that runs the video card in graphics mode. This is required for non-Intel systems (which don't have a text mode, so it must be emulated). It's also useful on Intel because X-windows normally takes control of the video card itself, and because X is such a huge beast, buggy X programs and drivers can crash the X server, freezing the screen+keyboard+mouse and necessitating a reboot. But with the framebuffer, the kernel retains control of the video card and can tell the X server where to go.

SVGAlib is a library that allows non-X programs to use graphics mode.

[Heather] However, there's only one fellow in charge of it and video cards keep moving onward. Last I saw, he's not adding support for new cards - although many with VESA 2.0 compatability will work.

[Mike] Berlin is/was a project to make a windowing system better than X. I can't find a URL for it, so I'm not sure if it still exists. (I thought it was www.berlin.org, but that goes to www.berlin.de, which contains tourist information about the city. Google and MetaCrawler don't seem to have any links to it.)

[Heather] Funny, I went to Google, typed in the keywords "berlin" and "gui" and it popped right up: http://www.berlin-consortium.org

The trick is to make sure you don't get references to the city, by putting in a more limiting keyword to go with it They have news as of late November, so I guess the project is still alive.

[Mike] GGI ("General Graphics Interface", http://www.ggi-project.org) is a portable graphics interface of the "write once, run anywhere" variety. It can run with X and/or the framebuffer and in other combinations.

Would you please straighten me out as to exactly what is involved in generating nice graphics in Linux? Does Mesa only work with drivers for a select few video chips?

[Mike] I'll let others answer these since I don't know.

[Heather] I don't think that is the case... although certain video chips may get a significant boost from having OpenGL support directly, Mesa is software that allows non-supporting cards to display applications designed around OpenGL. Mostly. The author is very careful to state that it is not a licensed SGI implementation of OpenGL so if something isn't a perfect match, sorry. You can read all about that at the Mesa project homesite, again not quite obvious: http://www.mesa3d.org

Anyways I hope that helps a bit. Since I don't know what kind of nice graphics you're trying to do, I don't know if any of the APIs optimized for helping gamers might help you out too. But this should be a good start.

Xfree 4.0.2

Definitely worth mentioning -- Xfree86 4.0.2 just came out. Release notes:

http://www.xfree.org/4.0.2/RELNOTES.html

diald on a smoothwall box

From jim watkins

Answered By Mike Orr

This may be the wrong place to ask a question! in which case please take no notice.However if not......

I just made a box running smoothwall, a sucess until....I realized it did not dial on demand...then I found diald ....to me this looks like it should achieve what I want...

[Mike]
1) What are you trying to do?

2) What's smoothwall?

Diald's main use is to automatically initiate a ppp connection when there's outgoing traffic at your site but the link is down, and then to tell ppp to hang up when the outgoing traffic has been idle for a certain period of time.

For an ordinary firewall situation with ppp and an analog modem, where you want the connection to go up and down automatically as needed, yes, you would use diald.

Note that diald cannot measure incoming traffic when the link is down. This would require something like diald at the ISP's end.

...a bulk friendly ISP?

From needbulkisp

Answered By Jim Dennis

[the editor notes that the querent sent his mail as all HTML. Yuck.]

Hello!

I'm trying to find a bulk friendly ISP, to host a very small website. Can you help?

OR

Can you refer me to anyone?

Thanks very much,

HAPPY NEW YEAR!

From: needbulkisp@yahoo.com

[Jim] I don't know what you mean by "bulk friendly." However, you should be aware that the phrase carries very negative connotations to experience internet professionals.

To must of us that suggests that you are planning to spam (e-mail) people and you want to hook up with an ISP that will tolerate your abuse of the Internet and shield you from the wrath of the people that you offend.

Since you say it's a "very small website" I presume that you don't mean that you have a "bulk" of content that you wish to make available. Perhaps you mean that you have a small volume of content that you believe will get an immense amount of traffic. Obviously there are lots of ISP and co-location facilities out there. For commercial traffic they are very "bulk friendly" (since they charge for all the traffic --- the more traffic you generate, the more money they charge and the friendlier they get).

Anyway, I'll refrain from suggested actual companies here. Among other things I don't know enough about your needs and resources (money) to make any reasonable suggestions, and I'm not in the business of shopping for ISPs (bulk-friendly or otherwise).

However, I've left your name in this message since your e-mail address is clearly and solicitation for relevant advertising. I'm sure that "bulk friendly" ISPs will just be banging down your inbox within a few days. (Normally we filter e-mail addresses out of LG Answer Gang articles to protect or correspondents from spammers; however this appears to be a "trowaway" e-mail account which will be abandonned as soon as you've made your selection --- so I'll suggest to my editors that we make an exception in your case).

• Let cron put backup files into your Gnome trashcan
• Baffled --or--
  Seeing what's changed since your tar backup
• 2cent tip: lynx mpg123 and mp3.com
• Dohhh! Check if your screen is really locked --or--
  The Unattended Risk Lock your system!
• Modem Question - Easy One
• Monitor goes blank in X
• Tips: sendmail offline
• Measure your modem connection - Bogospeed
• 2-cent tip - module resource detection
• Backup via shell script
• devices list
• Linux core files
• linux login problem
• networked machine goes to sleep?
• NT Log on a Linux Box
• Graphics Programming for Printing / Faxing (Issue 60)
• About RS422
• x-base languages for Linux
• NT Event Reporting in Unix/Linux
• Need Outlook to speak to Linux
• Fat 32 Linux instillation
• Available spcae avail on Hd!

Let cron put backup files into your Gnome trashcan

Cron to put bacup files in trash (if you have a gnome desktop):

I typed this up to keep my home dir clean, it assumes backup files over 1 day old should be moved to the trashcan. I run it every 5 minutes under cron

#!/bin/sh
# script to move trash files to trash can
# use cron to run this every 5 minutes

if [ x"$HOME" = x ]; then
  echo "\$HOME not defined"
  exit 1
fi

TRASHCAN=${HOME}'/.gnome-desktop/Trash/'
if [ ! -d $TRASHCAN ]; then
  echo "Need a trash can to work"
  exit 1
fi

FARGS=' -maxdepth 1 -type f -mtime +1 '
find ~ $FARGS -name '.saves-*' -exec mv {} $TRASHCAN \;
find ~ $FARGS -name  '\#*\#'   -exec mv {} $TRASHCAN \;

Seeing what's changed since your tar backup

(If you have a full tar backup of your root and /usr filesystems you can use the 'tar df' or 'tar dzf' directives to report on differences between your current files and those in your backup.

2cent tip: lynx mpg123 and mp3.com

mp3.com uses MIME to describe audio content to web browsers. A year or two ago, mp3.com had instructions to set up audio/mpeg and audio/mpegurl in Netscape. These MIME types no longer work because mp3.com now uses audio/x-mpeg and audio/x-mpegurl instead.

Two places to configure viewers for MIME types:

/etc/mailcap $HOME/.mailcap

I suggest editting $HOME/.mailcap as it overrides /etc/mailcap.

You might already have entries placed by Netscape. If so, they assume you only use X and they look like:

#mailcap entry added by Netscape Helper
audio/x-scpls;xmms %s
#mailcap entry added by Netscape Helper
audio/x-mpegurl;xmms %s
#mailcap entry added by Netscape Helper
audio/x-mpeg;xmms %s

If you don't want to use xmms, delete these lines. If you want to use xmms when in X, replace 'xmms %s' with 'xmms %s; test=test -n "$DISPLAY"'

Then add:

audio/x-scpls; mpg123 -@ %s
audio/x-mpegurl; mpg123 -@ %s
audio/x-mpeg; mpg123 $s

The Unattended Risk

I realized the other day that locking your screen is next to useless if you start your linux box in text mode, performing a "startx &" to begin an X session, unless you Ctrl-Alt-F1 to your text virtual console and Ctrl-D logout, then you can Ctrl-Alt-F7 back to the X console, and lock the screen. Otherwise all a passerby need do is switch virtual terminals and use you account.

It's sorta obvious when you think about it. Of course an unattended Linux machine is not really secure, but still, just switching virtual consoles is a little too easy.

Allan

I've been doing "exec startx" from non-xdm machines to save myself having to log out when I quit my X session. I think it would help with this situation too. -- Don Marti

... or
startx & vlock
... to ensure that your login session will not be inadvertantly be left unlocked and unattended.

Naturally you'll also want to look at xautolock --- adding it to your .Xclients, .xsession or other windowing system start-up/configuration files as necessary.
-- Jim Dennis

Modem Question - Easy One

Answer Guy,

I've read an response that you posted about a win modem running in linux, it wont'. But I it was posted on Feb 22, 1999. So I was hoping that came out and gave us the source and stuff. I have a US Robotics 56k Voice Win. If they haven't, i'm out to comp usa to buy a external 3 comm (or is a internal ok?).

Be good man - thanx in advance.

Franklyn

See if http://linmodems.org or the Linmodem Mini HOWTO www.linuxdoc.org/HOWTO/Linmodem-HOWTO.html+linmodem&hl=en help.

An external modem is usually better anyway because modems generate a lot of heat, plus external modems don't have any OS-specific idiosynchracies.

-- Mike Orr

Monitor goes blank

I'd like to turn off blanking of the monitor in X. After 10 min or so it goes blank, so I have to move the mouse from time to time when watching movies

I've tried setterm -blank 0 before starting the movie (put that in rc.local too) but no effect. setterm -blank 60 won't work either.

setterm affects only the console. My ~/.xsession has the following command:

"` xset dpms 1800 2400 3600 "'

which blanks the screen at 30 minutes, goes into power-save mode at 40 minutes, and "off" at 60 minutes. I use such a long time so it doesn't blank out when I'm moving back and forth between the computer and the kitchen.

There are also some options in XF86Config you can try. See "man 5 XF86Config-v3" or "man 5 XF86Config". You have to put in a "power_saver" option; then set the BlankTime, StandbyTime, SuspendTime, and OffTime in the Screen section. These are overridden by xset.

-- Mike Orr

You're on the right track but in the wrong lane. The setterm command only affects the (virtual) terminal settings. You want the xset command.

Try the command:

     xset s off

... from any xterm. Then start your moving, kick back, and watch the show.
-- Jim Dennis

Tips: sendmail offline

Hi,

since I just solved a little nuisance with the newer Sendmail 8.9.3 on my system I thought it could help somebody else.

My setup: dialup connection, local sendmail is handling all outgoing e-mail and is

queuing them until online. In my ppp-start scripts sendmail will then be triggered by 'sendmail -q' to run the queue.

Now since the last upgrade this didn't always work for mails sent offline but would work for mails sent while I was online. I now found out that sendmail is keeping a persistent host status directory.

sendmail.cf says:
-------
# persistent host status directory
O HostStatusDirectory=.hoststat

[...]

O Timeout.hoststatus=60m ---------

So if a mail was undeliverable (offline) sendmail would remember that for 60m. Only then it would ever try it again even if online and 'sendmail -q' is run. This status seems to be associated with each mail, so new ones go out, old ones stay.

Possible solutions:

1. reduce the timeout to 1m or similar.
   or
2. run 'sendmail -bH' as well in the ppp-start script. This will purge the host status cache.

I Hope this helps others to get a similar setup working faster then me

-- Karl-Heinz Herrmann

Measure your modem connection - Bogospeed

This one does a 'bogo-measurement' of the modem connection speed. Given that I'm in the process of playing with a rather shitful internal modem (bleagh!), it comes in very handy.

Several times, I've seen people write in to LG and ask "How can I tell how fast my modem connection is?" This little script will... well, it'll do _something_ that will at least give you an idea.

In the tradition of "BogoMIPS", "bogospeed" gives you a relative value of your connection speed. This means that the numbers you see do not represent the actual speed of your connection - in my experience, they are about 25% high - but give you a general idea of what you should expect. If, for example, you normally see "55000 bps" as your 'bogospeed', and you see "33000 bps" on a given connection, you'll know that the connection you've just made is about 40% slower than usual (and that you should probably try reconnecting.)

"bogospeed" normally takes about 10-15 seconds to do its stuff on a decent connection with a 56k modem, and MUCH longer on a very slow connection. To stop you from wasting your time, it prints the time that is required for the first 'ping' to reach your ISP, as well as the time that it takes to execute that ping. In my experience, if that execution time is much longer than 3 seconds, you've got a poor connection and should try redialing.

Ben Okopnik

#! /bin/bash
# Estimates connection speed to your ISP

# Be nice to MindSpring; put in your own ISP's name here
ISP="www.mindspring.com"

# Check if 'traceroute' is installed on the system
[ -z `which traceroute` ] && {
  echo "\"${0:2}\" requires 'traceroute' to be installed."
  exit
}

# Check if 'bing' is installed on the system
[ -z `which bing` ] && {
  echo "\"${0:2}\" requires 'bing' to be installed"
  exit
}

remote=`time traceroute -m 1 $ISP 2>/dev/null|awk '{gsub("\(|\)","");print $3 " " $4}'`
echo
echo -e "Ping time to ISP:" ${remote:15} "ms\nMeasuring speed...\n"
bing -c 1 -e 20 -S 1024 localhost ${remote:0:14} 2>&1|grep throughput

2-cent tip - module resource detection

Here's a rather nifty script I've crufted. Given the number of times I've seen people have problems with loading modules, I think it would be pretty useful.

Actually, this two-cent tip is more like a dime (hey, I worked hard on this thing! Recently, I installed Debian 2.2 (potato). For various reasons - namely, the fact that I've got a weird soundcard and decided to play around with an internal (yechhh) PnP modem - I needed to load several modules that required various combinations of IRQs, DMAs, and I/O addresses. Having suffered with this in the past, I decided, once and for all, to resolve the mess.

If you are trying to load a module, and failing with a "Device or resource busy" error, then 'shotgun' is just what you need. It will try to load your module with permutations of the three supplied lists for the above values. It's smart enough to figure out which modules don't require any parameters, as well as warning you about modules that require other things. It will, as a last resort, try to load the module with "auto" values, and will give you good advice on what to do if everything else fails. All in all, it's a very useful tool if you're going to load modules for strange hardware. It will also let you know what the correct values are when it does succeed; this allows you to write them into "/etc/modules" and forget them: they'll be auto-loaded the next time you boot.

Happy resource hunting to all!

Ben Okopnik

#!/bin/bash
#
# Requires bash, basename, cat, find, grep, insmod/lsmod, strings


[ -z "$1" ] && {
  cat << @END@
* 'shotgun' - a parameter guessing routine for module loading *
*** Copyright Ben Okopnik 2000 - released under the GNU GPL ***
Syntax: `basename $0` module_name
@END@
  exit
}

# Parameter value lists - make sure the 'iolist' makes sense for your
# hardware!
#
# Note that '0' is not an actual value - it tells the module to try
# a default value. This usually works, but is not the best thing.

irqlist="3 4 5 6 7 8 9 10 11 12 13 14 15 0"
dmalist="1 2 3 4 5 6 7 0"
iolist="200 210 220 230 240 250 260 270 280 290 2a0 2b0 2c0 2d0 2e0 2f0 300 310 320 330 340 350 360 370 380 390 3a0 3b0 3c0 3d0 3e0 3f0"

# Clipping the ".o" for uniform syntax
module=${1#\.o}

fname=$(find /lib/modules -name ${module}.o)
[ -z "$fname" ] && {
  echo "No module called \"$module\" exists under /lib/modules."
  exit
}


clear
warn

parms="$(strings -a $fname|grep ^parm)"
for p in $parms
do
  par=${p#parm_}
  echo ${par%=*}
done

[ -z $par ] && {
  echo "This module does not require any parameters. Loading..."
  insmod $module && echo -e "\n$module loaded.\n"
  exit 1
} || {
  echo -e "\nPress a key to start the test process or 'Ctrl-C' to quit."
}

read

echo -e "This might take a while...\n"
echo -n "Running"

for irq in $irqlist
do
  for dma in $dmalist
  do
    for io in $iolist
    do
    echo -n "."
    result="$(insmod $module irq=$irq dma=$dma io=0x$io 2>/dev/null)"
    invalid=$(echo "$result"|grep -c invalid)
    unresolved=$(echo "$result"|grep -c unresolved)
    if [ $(($invalid+$unresolved)) -eq 0 ]
    then
      out=$(lsmod|grep ^$module)
      echo
      echo
      if [ -z "$out" ]
      then
        badnews
      else
        echo "If the module loaded successfully, you should see"
        echo "its name on the following line:"
        echo ${out% *}
        echo
        echo "The parameter values were: irq=$irq dma=$dma io=0x$io"
        echo
        exit
      fi
    fi
    done
  done
done

function badnews()
{
clear
cat << @END@
Oops. It didn't load. OK, try typing "insmod $module" and see what it
says - if you get a whole bunch of 'unresolved symbol' messages, that
means there's another module that needs to be loaded before this one;
take a look in "/lib/modules/<version>/modules.dep" to find out what
that might be. Other than that, here are a few things to try:


1) Modify the values in the parameter lists at the beginning of this
script: the IRQ and the DMA ranges are probably OK, but the IOs can vary
widely - make sure they make some kind of sense for your module. This
might mean looking at the paperwork that came with your hardware or
starting up Windows to see what I/O address it's been assigned there.

2) Load the values manually. The module you're trying to load may
require more than just IRQ, DMA, and IO - the parameter list at the
start of this program will show you all the possibilities.

3) Do some more research on what the appropriate value ranges for your
module might be. Search the Web for your hardware name plus "linux" - I've
usually had good success with Google and AltaVista's "advanced" search.

4) Often, reading the appropriate part of the kernel source - even if
you are not a programmer - can be very helpful. As a good example,
reading the source for the SoundBlaster/ESS module - 'sb_ess.c' in the
'/usr/src/kernel-source-<version>/drivers/sound/' directory - enabled me
to get my WAV files to play at normal speed, by using the "esstype=1688"
parameter; it was explained in the comments near the top of the file.
The source files tend to be about half code and half comments: the good
folks that write them *want* you to understand.

Good luck!
@END@
  exit
}


function warn()
{
cat << @END@
NOTE: The following is a list of parameters your module can accept; usually,
most of these are not required. Most often, 'irq', 'io', and 'dma' are all
that are necessary; this script will try to load your module with various
values of those parameters.

If after pressing a key you do not see all three of these - 'irq', 'dma',
_and_ 'io' - on the list, you should probably quit the script by pressing
'Control-C', as the module will almost certainly fail to load despite the
lack of error messages. If the module takes no parameters, the script
will notify you of that and load it properly.

* Press 'Enter' to see the parameter list *
@END@
  read
}

Backup via shell script

How do you back up your home file system to a remote system using shell script

If the computers are connected via TCP/IP and you have rsync and ssh installed on both machines, do:

#!/bin/sh
# backup.sh

rsync -av --delete -e ssh /local/dir/ user@remote_computer:/remote/dir

Put a slash at the end of the first argument but not on the second argument. Try it first running rsync on the command line with option -n added, to see what it would do. Otherwise you may discover you're specifying the wrong directory and deleting stuff you don't want to delete.

You will have to configure ssh to let your script login without a password. If you don't have an ssh public key yet, run "ssh-keygen". Then copy your local ~/.ssh/identity.pub to the remote ~/.ssh/authorized_keys . (Or append to authorized_keys if you already have some entries in it).

devices list

Hello those in the gazette:

My question is :

there is any /dev/devices list where it is pointed out which device belongs to??? that is
hdx--> hard disks
fdx--> floppy disks
etc...

Download the kernel source (any version) and look at Documentation/devices.txt .

-- Mike Orr

Linux core files

I read your article in http://www.ibiblio.org/mdw/LDP/LG/issue41/tag/4.html which talks about Linux core files.

Do you know of any reasons why a core file would go to a directory other than the current working directory (cwd)?

I thought core files always went to the current directory. Meaning, the current directory of the process that was killed.

Do you know if there is a way to tell the Linux kernel where to put core files?

Not that I know of.

I have "ulimit -c 0" in my .zshrc to prevent core files from being written at all. That affects the shell process and all its descendants. Since I'm not (much of) a C programmer, core files are useless to me.

Initscript(5) says that if you have a shell script called /etc/initscript, init will use it for every process it spawns. "This script can be used to set things like ulimit and umask default values for every process." Since init is the anscestor of everything, this would be a way to stamp out all core files at once.

-- Mike Orr

linux login problem

I have found posts of yours which seem to relate to a problem I am currently having. Any help which you might provide would be greatly appreciated.

We are having trouble logging into our linux server via the console or telnet, but are able to login using the same l/p for ftp.

what are the permissions on /etc/securetty?

networked machine goes to sleep?

This problem exists, or used to exist, for several people, including myself. The concensus is that the problem has to do with a cisco router: The router expects chatty windows machines that crash - if your Linux box just sits around not saying anything, cisco assumes it's dead and stops routing traffic towards it. There's a config option in the router that can turn this 'feature' off, but, as for myself, I cron a ping since I can't access the router.

Christopher

NT Log on a Linux Box

Boy, talk about "think outside the box...". [Cesar] complained that he couldn't cron the dumpel.com program to dump the NT Event Log to a flat file for viewing on Linux. While it isn't called cron, NT does have a scheduler. The command line interface is "at", and a GUI interface comes with the Resource Kit. Yes, he needs admin privileges on NT to schedule it, but he'd need root if he were trying the same thing on a Linux box.

There are also various programs to give you a remote virtual console from an NT box. We use PCAnywhere within Windows environments, but the VNC project might be very useful... http://www.uk.research.att.com/vnc

Graphics Programming for Printing / Faxing (Issue 60)

The quick and easy way for a Perl programmer to do convert data to faxable invoices/reports is to output the data as HTML, convert it to Postscript using html2ps <http://www.tdb.uu.se/~jan/html2ps.html>;, then fax the result using efax or mgetty+sendfax.

-- Tony

About RS422

Hi James,

Stumble across you page while looking for some info on RS422 product. Sorry to say that you may be answering the wrong question. As far as I know, RS422 is a hardware spec. i.e., it's about how hardware talk amongst themselves. The original question seems to be about how Linux (software) talk to the adaptor card. The representative for the card would probably be a UART. Identify that, and you are almost home.

Just my 2cents.

Cheers, and keep the helping out spirit going.

=== Elijah Pau

x-base languages for Linux

Dear Mr. Answer Guy,

I do not know if this is the correct venue for writing to you in relation to the Linux Gazette column, so please do not throw any brickbats my way. I just wanted to add one piece of knowledge to the puzzle raised by a Michael "Mookie" Kepler's inquiry from back in 1998. I've been programming in Recital, a 4GL xbase product that runs over our Sun Solaris network. They have a product for Linux; I can not recall the price but a developer kit was only a 3 digit number as I recall. I work in the tech pubs section of a major world-class helicopter factory and we use their Unix product as the backbone of the publication production and illustration tracking system.

Recital is in Danvers, MA, just north of Boston.

Hi Rosenberg

NT Event Reporting in Unix/Linux

I was looking for something like this also and found an article in the September 2000 issue of SysAdmin Magazine (www.sysadminmag.com). In that article, they talk about a Perl Script that can be run on the NT box that will format NT Event Log messages in a syslog format and send them to a Unix/Linux syslog server. The article is by Joe Aguiar, I haven't tried this technique yet, but I will be looking into trying this out, just not yet. Anyways, I thought you might be interested in this article.

Sheldon M Dubrowin

Need info

Hi

I don't know if this is the appropriate email address if not I'm truly sorry.

Question: Is there a MS Exchange Server Emulator for Linux?

We were given a Tip about Tradewinds in the last month or two. Not being Windows users ourselves, we don't know how good it is. But you can try it, and if it works for you, you could write an article for us.

I need to get MS Outlook Clients with MS Exchange server Services (Only) to connect to the linus server , do you know how / where?

Normal Linux mail servers are POP3 ... IMAP is a bit less common but certainly available. So if you are more concerned about the mail than about other Exchange features, MS Outlook should already work.

Thanks and sorry again Dori

Best of luck -- Heather

Fat 32 Linux instillation

Can I install Linux on a FAT 32 partition with a dual boot configuration including windows ME on the primary partition? Thanks, TVB

Yeah, there's a handful of distros aimed at living on a FAT filesystem. You can find a bunch of them listed on Linux Weekly News (www.lwn.net) - Zipslack and PhatLinux have been around a while, with new ones like Lin4Win popping up occasionally.
-- Heather

Available spcae avail on Hd!

Hi:Iam Newbie with Linux How do I find out how much space avail on Hd! My system I have mandrake 7.1 installed on my 3Gig Hd!

The "df" command shows the amount of free space on each filesystem.

% df
Filesystem           1k-blocks      Used Available Use% Mounted on
/dev/hda5              1981000   1620129    258459  87% /
/dev/hda1                 7746      5141      2205  70% /boot

My total amount of free space is 258459 + 2205 = 260664 KB (260 MB).

Extra hint: to see how much space a particular directory and all its subdirectories use, run "du DIRECTORY". This lists each subdirectory separately and then a total at the bottom. To get just the total, run "du -s DIRECTORY".

"Linux Gazette...making Linux just a little more fun!"

First of all, a Happy New Year! If you don't use Linux at home yet, you'll learn now more about it and you will have a happier year!

Why would one use Linux on the desktop ? Isn't Linux an operating system for servers ? It was designed for multi-user, networked environments, but it's stability pushed it on the desktop too (if you are on the desktop, doesn't mean you can afford you can boot from time to time).

Okay than, it's stable, but you still like MS Windows because you don't want to type commands, and MS Windows is so easy to use! Easier and more user-friendly than Linux ? Don't think so! Sometimes I use MS Windows machines and it's quite frustrating. Illegal operations, Explorer not responding and popups from shareware applications. No thanks! Let's give Linux a try!

Get a recent Linux distribution (I recommend Red Hat Linux 7.0 or Debian 2.2) and install it (see the instalation manual included for details). You don't need to delete Windows (yet :-), just make sure you have a 1G+ partition available.

I assume at this point you have it installed Linux, created an user (during instalation) to login with (don't use the special user root, which has complete powers over all system, unless you need it) and installed the GNOME desktop environment (being by far my favourite), which I'll focus on. Remember this article expresses my personal preferences, which may not suit you.

Login at the graphical promt and let's start! If English isn't your native language, you can select yours at login time. After logging in, you see a panel and the default desktop launchers (shortcuts).

The panel hosts the main menu, applets and launchers. You can have more panels, but we'll stick to one for now. Applets are small applications embedded in the panel, such as task list (all open windows have buttons with their title and icon) and clock. You can remove/add applets easily by right-clicking them or right-clicking the panel, and selecting Panel -> Add to panel -> Applet and the applet you want. Right-click on the clock now, Remove from panel, then add Applet -> Clocks -> After Step Clock. Right click on it again, select Move and put it where you like. Feel free to experiment with the applets. It's nice to have the Multimedia -> Mixer applet for sound card volume.

There's also the Desk Guide applet, which shows a list of desktops. What's that ? Well, you can have more desktops, unlike MS WIndows, where there is only one. If you open lots of applications, it's getting hard to navigate through them. I like to use a desktop for terminals, one for editing, one for internet browsing, and so on. You can flip through them clicking in the Desk Guide applet or pressing ALT+F1, ALT+F2, etc. (note: this is the default on the Sawfish window manager. ALT is also called Meta).

Before going to the window manager, let's work a little more on the panel. I like it clean, so I remove the After Step clock, add back the simple clock. RIght click the panel, select Panel -> Properties -> All properties, and choose the Tiny size. Notice how the mixer applet changed, moving to the horizontal position to fit the panel size. You can add launchers to panel, I'll let you figure out how (no need to read the manual for that :).

The window manager manages windows (surprise!). Moving a window, the title bar and all window-related operations is its job. Sawfish is very nice. Go to Control Center, and after experimenting with different settings, try Sawfish window manager -> Shortcuts. (M stands for Meta, which is the ALT key). I like start Netscape by pressing Ctrl+Meta+N, instead of selecting it from the menu or panel launcher. To do that, choose Insert, Run Shell Command, type the command (netscape) and Grab the key shortcut.
I have lots of keyboard shortcuts, and don't use desktop launchers at all (to double click one, you need to minimize all open windows, or move to a unused desktop). Other shortcuts I use is Ctrl+Meta+M for maximizing window, Ctrl+Meta+D to delete it (close). Windows have gravity, meaning when you open a new window, it will be posistioned in the place where it has the most unoccupied space available.

Some quick tips:

• You can move windows by pressing Meta, press and hold click anywhere in the window and move the mouse
• To copy & paste text, select it with the mouse, then click where you want to paste it with the middle mouse button (if you don't have one and choose to emulate a 3 button mouse, press both buttons)
• To log out quickly, press Ctrl+Meta+Del (it's the default shortcut on Sawfish). Your open applications wil open again next time you log in
• To open a link in Netscape in a new window, press it with middle mouse button

Here is a screenshot of my desktop :

Don't like how it looks ? Change it! Use themes, both for GTK (Gimp Toolkit, such as buttons, labels...) and Sawfish. Visit themes.org to see more themes than included ones. Now how about this (older screenshot):

Next, you'll see how to manage your system. If this would have been about MS Windows, I would have talked about using several shareware anti-virus programs, using Defrag, purchasing and using Norton Utilities, provide links to several sites with shareware software, learn to install & remove them, cleaning up after them, making backups of your registry, and tips about how to reboot faster.
Fortunalley, this is Linux, so managing your system means installing and removing applications! :-) An application comes usually in a package (.rpm for Red Hat, .deb for Debian). Using Red Hat Linux, I'll focus on RPM.

Open GnoRPM (Main menu -> Programs -> System). If you want to install/remove packages, you'll need to enter root password. Look around to see what you have installed now. To find out more about a package, Query it.
You can search for software at freshmeat. For example, get the Bluefish HTML editor, which I've used to write this article. Download it, then in GnoRPM use Install.

I update my packages quite often, software evolving pretty fast, being free open-source software. If you use Red Hat Linux 7.0, visit http://www.redhat.com/support/errata/rh7-errata-bugfixes.html and update glibc libraries to version 2.2.

A quick note about accesing your CD-ROM : in GNOME, when you enter a CD, a file-manager window opens. What happens it that it's also automatically mounted. To access a storage device in Linux (CD-ROM, floppy, hard-disk), you have to mount it in a directory. There are no letters for it (like A:, C:, D: etc). The CD-ROM is mounted by default in /mnt/cdrom.
The easiest way to use Windows-formatted floppies is with a text terminal, with commands such as mdir a:, mcopy file.txt a:, mformat a:.
Please read the distribution manual for more details.

That's it for this month. Please have a look at the Getting Started manual and GNOME manual (skim through them to see what they talk about, and return later when you need something).

Experiment & learn more about Linux; once you get used to it, you'll love it. Don't use root if you don't know what you do.

Keep your files organized. I've had more partitions, but always I was running out of space on one of them, so now I have one big partition (10G). I've created two directories in / : /opt and /my. As the Linux Filesystem Hierarchy Standard says, /opt is reserved for the installation of add-on application software packages; large applications, such as Open Office, can keep all their files together. But I also store there files already saved on CDs, like mp3s and documentation.

/my isn't a standard, but I've found it to be a convenient location for files I need to save when I make backup, such as my work or documentation. /home is a symlink to /my/home. If you have a web site or MySQL databases, you may want to symlink /var/www and /var/lib/mysql into /my as well. You'll also need to back up /etc and /boot too. (You could symlink these into /my as well but you probably shouldn't, since the machine won't boot if these directories get erased or anything funny happens to the symlink.)

To learn more, visit linuxdoc.org. There you'll find, among others, HOWTOs, short documents which talk about a specific thing. If you want to learn more about your computer & Linux, you can! Unlike MS Windows, Linux is an open operating system, with lots of features and documentation.

Some interesting sites to visit regularily are Linux Weekly News, Linux Today, Slashdot and Freshmeat.

Next month we'll talk about how to play mp3s cross-fading them, divx movies and more! Until then, happy Linuxing!

Copyright © 2000, Marius Andreiana.
Copying license http://www.linuxgazette.com/copying.html
Published in Issue 61 of Linux Gazette, January 2001

"Linux Gazette...making Linux just a little more fun!"

Courtesy Linux Today, where you can read all the latest Help Dex cartoons.

[Shane invites your suggestions for future HelpDex cartoons. What do you think is funny about the Linux world? Send him your ideas and let him expand on them. His address is shane_collinge@yahoo.com Suggesters will be acknowledged in the cartoon unless you request not to be. -Mike.]

Copyright © 2000, Shane Collinge.
Copying license http://www.linuxgazette.com/copying.html
Published in Issue 60 of Linux Gazette, December 2000

"Linux Gazette...making Linux just a little more fun!"

Every time we telnet into a remote machine the connection data will cross the local network, giving an eventual intruder the possibility to spy the connection and eventually insert some malicious commands into the data flux. The use of some strong cryptography systems will allow an enormous improvement in the security of the net.

From the manual page of ssh we can learn that: "Ssh (Secure Shell) is a program for logging into a remote machine and executing commands in a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel". It is a powerful, very easy-to-use program that uses strong cryptography for protecting all transmitted confidential data, including passwords.

At present time there are two SSH protocol, referred as SSH2 and SSH1, the first one being an improvement of the SSH1 protocol. SSH2 now supports other key-exchange methods besides double-encrypting RSA key exchange. The current distribution comes with Diffie-Hellman key exchange and has support for DSA and other public key algorithms besides RSA.

SSH2 can be compatible with SSH1, but it is not compatible by default; the SSH2 server alone can't manage a SSH1 connection and a SSH1 server must be in place in order to do that.

Obtaining and installing SSH

You can obtain SSH2 & SSH1 clients and servers from the master FTP server, or from its mirrors. The last version of SSH1 protocol is ssh-1.2.30.tar.gz, while for SSH2 you can download ssh-2.3.0.tar.gz.

The installation process is really easy. The first step is unpack your SSH1 sources:

tar -zxf ssh-1.2.30.tar.gz

This will create a directory ssh-1.2.30. Now go into that directory and start the configuration process:

cd ssh-1.2.30
./configure

The configure script carries out all the configuration needed in the compiling stage, searching the system for the required library and programs. When the scripts end its job you can start the compilation:

make

After the compilation stage, become super-user and install binaries, configuration files, and hostkey by typing:

make install

This will normally install clients (scp1, ssh-add1, ssh-agent1, ssh-askpass1, ssh-keygen1, ssh1) to /usr/local/bin, and a server (sshd1) to /usr/local/sbin. Notice that, in /usr/local/bin there are also symbolic link (without the trailing "1") to the real executables.

The next step is to install SSH2. The operations needed are the same required by SSH1:

tar -zxf ssh-2.3.0.tar.gz cd ssh-2.3.0 ./configure make

make install

Compatibility SSH1 - SSH2

In the following part we suppose you have either SSH1 and SSH2 installed.
In order to make the SSH2 server able to manage a SSH1 connection you should edit SSH2's configuration files, which are normally placed in the directory /etc/ssh2/.
In that directory edit the file sshd2_config, the configuration file for sshd2 (Secure Shell Daemon) which is the daemon program for ssh2. Add the lines:

Ssh1Compatibility yes Sshd1Path /usr/local/sbin/sshd1

Obviously modify the information /usr/local/sbin/sshd1 to agree with your sshd1 installation directory. With this configuration, sshd2 server will forward requests from SSH1 client to sshd1.

Then add two lines to the file ssh2_config, placed in the same directory:

Ssh1Compatibility yes Ssh1Path /usr/local/bin/ssh1

now ssh2 client will invoke ssh1 client when contacting a SSH1 server.

Starting SSH

There are mainly two different techniques to start sshd at boot time.

• Go into /etc/rc.d directory, and edit the file rc.local. At its end add the lines:

  echo "Starting sshd ...."  /usr/local/sbin/sshd
  

  In such a way, at the end of your next computer reboot, sshd is invoked and the message Starting sshd .... is printed on the screen. To start sshd without rebooting the machine type from the command line:

  /usr/local/sbin/sshd
  

• Alternatively, in systems using System V initialization, you can put the sshd2.startup script, which came with this distribution, to /etc/rc.d/init.d, naming it sshd2. Then go to rc$number.d directory, where $number is your default runlevel. If you don't know your runlevel search in the file /etc/inittab the line specifying it:

   id:5:initdefault
  

  or

   id:3:initdefault
  

  In the first case your runlevel is 5, in the second one it is 3.

  In the directory rc$number.d issue the command:

  ln -s ../init.d/sshd2 S90sshd2
  

  Then change directory to /etc/rc.d/rc0.d and run the command:

  ln -s ../init.d/sshd2 K90sshd2
  

  Repeat the operation in the directory /etc/rc.d/rc6.d.

  After doing that you can start sshd2 with out rebooting the machine, simply running the script:

  /etc/rc.d/init.d/sshd2 start
  

Establish a SSH connection

Once sshd is running on your machine you can test your configuration trying to login into it using the ssh client. Let's suppose that you machine is named host1 and your login name is myname. To start a ssh connection use the command:

ssh -l myname host1

In such a way ssh2 client (default client) tries to connect to host1 port 22 (default port). sshd2 daemon, running on host1, catches the request and asks for the myname password. If the password is correct it allows the login and open a shell.

Generating and managing ssh keys

Ssh allows another authentication mechanism, based upon authentication keys, a public key cryptography method. Each user wishing to use ssh with public key authentication must runs ssh-keygen command (without any option) to create authentication keys. The command starts the generation of the keys pair (public and private) and ask for a passphrase in order to protect them.
Two file are created in the $HOME/.ssh2/ directory: id_dsa_1024_a and id_dsa_1024_a.pub, the user private and public key.

Let's suppose that we have two accounts, myname1 on host1 and myname2 on host2. We want to login from host1 to host2 using ssh public key authentication. In order to do that four steps are required:

1. On host1 generate the key pair using ssh-keygen command, and choose a passphrase to protect it.

2. Login into host2, using ssh password authentication, and repeat the previous operation. Then change directory to $HOME/.ssh2 and create a file, named identification, containing the following lines:

   # identification
   IdKey  id_dsa_1024_a
   

   This file is used by sshd to identify the key pair to be used during connections.

3. From host2, get the ssh host1 public key and rename it in a suitable way (e.g. host1.pub):

   ftp host1
   [...]
   cd .ssh2
   get id_dsa_1024_a.pub host1.pub
   

   At the end of ftp process a copy of host1 public key, named host1.pub, resides in host2 $HOME/.ssh2 directory.

4. Create the file authorization containing the following lines:

   # authorization
   Key     host1.pub
   

   This file lists all trusted ssh public keys placed in $HOME/.ssh2 directory. When a ssh connection is started from a user whom public key matches one of the entry of authorization file the public key authentication scheme starts.

In order to test the previous configuration, you could try to connect from host1 to host2 using ssh. Sshd must reply asking for a passphrase, otherwise, if password is requested, some mistakes occurred in the configuration process and you must check carefully steps 1 to 4.
The passphrase required is your LOCAL passphrase (i.e. passphrase protecting host1 public key).

Coming next...

The next article will present other programs and facilities from ssh suite: ssh-agent and ssh-add (two useful passphrase management programs), and sftp and scp (a secure way to transfer files across the net).

Copyright © 2000, Matteo Dell'Omodarme.
Copying license http://www.linuxgazette.com/copying.html
Published in Issue 61 of Linux Gazette, January 2001

"Linux Gazette...making Linux just a little more fun!"

After migrating from the Amiga to the original Slackware distribution of Linux, I spent several years searching out a replacement for Directory Opus. Now, a 'file manager' means different things to different people. Some simply want to copy, move, rename files etc. Others want to be able to operate on those files in esoteric ways. At whim. Configurably. As you may have guessed, I'm one of the latter.

I tried everything that came along, whether they claimed to be clones of Dopus or just great file managers. All fell short in some way. Some were too slow, others were fast, but not configurable enough. Still others had both, but configuring them was difficult.

In the mean time, I used the venerable Midnight Commander (good ol' mc). You can do anything with mc - you just have to configure it, but it's still console based and a lot of basic operations are more easily done from a gui. New problem: after six years of using mc, I had added the desire for a Linux Dopus that behaved like mc. Great. Now I wanted superb keyboard navigation and key-mapping and mousing and configurable button banks. Prospects were looking pretty grim

And then Michael Clark came along and wrote emelfm.

emelfm has all these - and more.

Overview

As a graphical file manager, emelfm has no peer. Any file operation imaginable may be carried out using emelfm. It has all the functionality of a modern gui based file manager, yet at the same time mirrors the functionality of mc, including the ctrl+o shell. In addition, emelfm allows you to easily construct shell scripts of a few lines and put them on a button - or in a context menu. Yes, you could put these in a shell script or an alias (and, of course, you still can), but there's something just so very nice about drag-selecting a few files and then clicking one button which performs magic on them.

I'm always a little at a loss when the "GUI vs. Console" wars break out. I like and use both when I find it appropriate. Thus far, there is no simple, intuitive way to provide point and click access to all the power the command line has to offer and I'm the first to dive in there when the need arises (or even just for sport). Now then, just suppose I'd delved into the manual for mpage and written 'mpage -P -m50lb20t20r -j 1%2'. Yes, I needed the command line. Yes, it's very useful to me. No, I won't remember it past my next cup of tea. Solution: add it to the context menu for .txt files in emelfm - or put it on a button. The above example is quite trivial compared to what's really possible with emelfm. It simply serves to underline the point that emelfm actually bridges between your work on the command line and your use of the gui.

Nearly all gui file managers allow for some default action when you double-click on a file. emelfm goes beyond that. If you right click over the same file you'll be able to select from a list of alternative actions. Two things to note: 1) you've got more options and 2) it's context sensitive, i.e. you only see choices related to that particular file-type. For example, in my own case, if I were to double-click an htm,html,shtm or shtml file I would be reading it in kless via w3m. However, if I right click the same file a whole range of options open up to me. As if that's not enough, there's always the "open with" item, so I can type in a command on the fly.

Also included in the emelfm repertoire are a 'vfs' for diving into tarballs and zip files, a pack plugin for making archives (with an elegant, intuitive interface), an easy to use 'for each', a rename by extension (pattern really - much better) and many more.

Here's some other stuff in no particular order:

• very simple configuration for unknown file-types
• configurable coloured highlighting of file types
• drag and drop internally and between other gtk apps
• configurable fonts
• plugins and a reference manual for writing your own
• one-click access to your home directory
• cloning of a file to the same dir under a different name
• verbose file listings
• various sorting methods via a single click
• bookmarks
• default startup dirs
• capture of command output
• more. I forget till I need it.....

Installation

• Download the tarball and unpack it somewhere.
  
• Pop a shell and cd into the same directory and type 'make'.
  
• Then 'su' to root and type 'make install'.
  
  

Navigation

As detailed above, part of our shopping list was keyboard navigation and emelfm works out of the box. Up and down cursor keys respond predictably. Left cursor moves you up a directory and right cursor on a directory moves you down into that directory. Tab or space will toggle the active pane. Return or right arrow on a file will run the default command on that file.

If you press the shift key while moving up or down, you will highlight a range of files. Like mc, you can also use the 'insert' key to tag files.

Here's a list of default keybindings. These are just a beginning. You can easily map all the default mc keys into emelfm. Then add all your own personal keybindings. As you can see by the screen shot, the configuration is pretty paul-proof.

Of course, navigating with the mouse is the same as the keyboard and it's intuitive enough that I don't feel I need to go into it. Double-clicking performs the default action and Ctrl+click allows spot selection etcetera. One thing I need to mention is that 'drag and drop' is performed using the middle mouse button.

Usage

Where do I begin? You can configure everything from the key bindings to what's shown in the columns. There are so many ways to configure emelfm, I'll just give you a few thoughts:

• Some misc. tips available from the readme are here.
• configure a button like 'kdesu -c emelfm'. We all su to root sometimes. We have to... Now, tell emelfm to show dirs in red, that way you'll know you're running as root. Also, resist changing the default config for root's emelfm - the less at home you are the better and - the sooner you'll leave.
• Make a button for xterm as root and another for xterm as user. The nice part is they alway open in the target directory
• Almost completely unrelated timesavers: create aliases for cf='./configure', mk='make' and only in root, mi='make install'
• both df and du work nicer with the '-h' (human) option
• Read the whole Readme it's worth it!

Summary

This program is not only the equal of 'Dopus' it's actually better. Before you flame me, I used Amigas since 1986 and had thousands of lines of rexx hanging off of dopus. Now I have (so far) a few hundred lines of perl and bash hanging off of emelfm. That, and a lot of ELF binaries.

No single program pleases everyone, but I know both ex-Amigoids and new Penguinistas who have and use emelfm. If you're looking for something that most resembles Dopus visually, you should try Worker by Ralf Hoffmann. There's also an article about "Worker" here. For a reliance on file magic give gentoo by Emil Brink a download. For built-in ftp, Henrik Harmsen wrote filerunner. I think emelfm probably owes the most to "filerunner" in terms of look and feel.

Wish list

• Right-click alternatives and "dog-ears" for command buttons
• du of selected files
• Colouring of buttons etc.
• CD-RW plugin
• ftp

I know the author is seriously considering at least the first four.

In sum, it's guys like Michael Clark that keep guys like me from having to learn 'C'. :-)

You will find Mr. Clark both helpfull and responsive to bug reports and requests for features.

Copyright © 2000, Paul Evans.
Copying license http://www.linuxgazette.com/copying.html
Published in Issue 61 of Linux Gazette, January 2001

"Linux Gazette...making Linux just a little more fun!"

[Eric also draws the Sun Puppy comic strip at http://www.sunpuppy.com. -Ed.]

Copyright © 2000, Eric Kasten.
Copying license http://www.linuxgazette.com/copying.html
Published in Issue 60 of Linux Gazette, December 2000

"Linux Gazette...making Linux just a little more fun!"

1. References
2. Introduction
3. Getting Ricochet
4. Installing the Ricochet modem
5. Setting up a firewall for your network
6. Why use the Ricochet modem?
7. Conclusion

References

1. Metricom modems support in Linux. This is the only place I found that explained how to install the faster modems.
3. If this article changes, it will available at GNUJobs.com.
4. LG index which has many articles on networking and firewalls. You may also want to look at Linux.org to find documentation on how to setup a firewall.

Introduction

None of the ISPs support Linux. They officially only support crappy horrible operating systems are not good for a technical person or a real programmer. Naturally, Linux, FreeBSD, and other good quality operating systems are ignored. It makes sense from profit point of view. Call the ISPs and let me know you want them to support real operating systems.

The modems will connect at 80 Kbps with a serial port and 128 Kbps for a USB connection. I only use the serial port connection, for now, and it seems faster and more stable compared to a normal dial-up over the phone. Sometimes it crawls, but overall, I am very happy with the modem.

Getting Ricochet

Installing the Ricochet modem

It was this simple on a RedHat 6.2 system (when am I going to switch to Debian for good?),

1. Start the control panel with the command "control-panel" in Xwindows.
2. Click on the Network Configurator.
3. Click on the "Interfaces" button.
4. Click "Add".
5. Choose the PPP option and continue.
6. Type in "3333" for the phone number, and the username and password. Select the PAP option.
7. After you have added the ppp interface, click on the interface, click on the Edit button and type in "noipdefault" where it says "PPP Options". Then click on "Done".
8. Save and quit the control-panel.

Overall, it was simple once I knew what to do.

If you have tried to figure out how to setup the modem, and you cannot, and you have read this article and the other article mentioned above, then send email to GNUJobs.com at articles@gnujobs.com and perhaps I can point you in the right direction. If you attend the SVLUG meetings in the Bay Area, bring your laptop and send me email when you are attending the next meeting, and I can help out.

Setting up a firewall for your network

The desktop becomes my firewall. I don't have any services running on it except for ssh. All the other ports are closed. Please use the program nmap to scan your computers to find out which ports are open. I would also disable the root account from logging in with ssh.

If you wish to know how to setup a firewall, I 9have written many old articles for the Linux Gazette about networking and firewalls. There are lots of resources out there. Try linux.org also with their HOWTOS.

Why do this stuff?

It isn't super fast, but for my needs it is just fine. I am still going to get a DSL hookup. This will provide me with two alternate ways of connecting to the internet should one route die for a day. That can be very bad for an independent consultant, so two routes are a must.

I leave the modem on all day and the firewall on all day. It is nice that it doesn't tie up a phone line and it is also nice that I don't have wires all over the place. When I had to move to a different room because the guy who was assembling my furniture kicked me out of my office, it was nice that I could take the laptop with the Ricochet modem to another room.

Conclusion

Mark works as an independent consultant donating time to causes like GNUJobs.com, writing articles, and writing free software.

Copyright © 2000, Mark Nielsen.
Copying license http://www.linuxgazette.com/copying.html
Published in Issue 61 of Linux Gazette, January 2001

"Linux Gazette...making Linux just a little more fun!"

1. References
2. Introduction
3. The Problem with Redirect
4. Using a Perl script
5. Using the mod_rewrite module for Apache
6. Using Redirect with Virtual Host
7. Conclusion

References

• Apache webserver
• Module mod_rewrite URL Rewriting Engine
• Perl programming language
• Mark's other articles
• The Apache/Perl Integration Project

  Introduction

  Apache has been a growing project for many years. It is personally amazing to me how Apache is so powerful, flexible, and easy to configure for a programmer. There is so much documentation about how to configure and do things in Apache, other commercial webservers just can't compare. Apache makes webserving fun for programmers. There are a lot of things you can test and tinker with.

  Along with the growing, comes new ways of doing things without getting rid of the old ways of doing things. I have a problem with my computer at gnujobs.com. Basically, I need to forward every request for 'http://www.tcu-inc.com/mark/articles' to 'http://www.gnujobs.com/Articles'. I tried the Apache Redirect directive, but it didn't work. So, I had to figure out why it didn't work and to see if there was any way around it.

  The Problem with Redirect

  The problem is, 'Redirect' didn't work for me when I tried to forward 'http://www.tcu-inc.com/mark/articles' to 'http://www.gnujobs.com/Articles' since both websites where running on the same webserver. However, I found out later, and it was obvious when I thought about it twice, I was using Redirect incorrectly. Nevertheless, it set me on a trip to get reacquainted with mod_rewrite. The solutions I had were
  1. Use a Perl script.
  2. Use mod_rewrite with Virtual Host
  3. Correctly use Redirect with Virtual Host

  Using a Perl script with Virtual Host

  This was my first solution after I couldn't get Redirect to work right. The only reason why I used it was because it was quick and dirty. It is actually fairly complex because you have to understand Perl programming, what "Location" does, and how to get a Perl script to execute with your Apache webserver. Besides that, it was simple for me to do because I have done similar things a million times over.

  The nice thing about using a Perl script, is that you don't have to recompile the Apache server. You do have to change the configuration slightly. You don't have to install mod_perl, but if you do, the configuration can be slightly different if you want to cache the perl script. Also, this can be done is any programming language, not just Perl.

  I had to change the httpd.conf file slightly:

  <VirtualHost 206.21.120.103>
  ServerAdmin info@gnujobs.com
  ServerName www.tcu-inc.com
  DocumentRoot /www/htdocs/
  
  ScriptAlias /mark/articles "/www2/TCU.pl"
  </VirtualHost>
  

  The ScriptAlias is the key part here. It redirects all requests from /mark/articles to the TCU.pl perl script.

  And the perl script looked like this,

  #!/usr/bin/perl
  
  
  print "Location: http://www.gnujobs.com$ENV{'REQUEST_URI'}";
  

  $ENV{'REQUEST_URI'} is the key part here. It is an environment variable that is equal to the file asked for on the www.tcu-inc.com webserver. The perl script takes the file asked for, and then redirects the browser to the new website. Also, I did a "chmod 755 TCU.pl" on the perl script to make sure it was executable.

  Using the mod_rewrite module for Apache

  Aaron Bush from COLUG is responsible for getting me to do it in mod_rewrite. I didn't like my Perl solution, and knew I could use mod_rewrite to do it, but I was being lazy. I knew I should do it in mod_rewrite, and Aaron asked me "Why don't you use mod_rewrite?". Feeling lazy, I was unhappy, for I knew that what separates the men from the boys can be issues like this, so I said to myself "screw it, I haven't used mod_rewrite in a long time, let me do it the right way".

  You have to have mod_rewrite compiled into Apache in order to use this option. Mod_rewrite is a nice module that "provides a rule-based rewriting engine to rewrite requested URLs on the fly". It is a very powerful module, and is essential to learn if you want to become a true webmaster or web programmer. It is not essential that you use it, but that you know what it can do so that you can present the options to your boss when you want to do weird things with your webserver.

  I compiled mod_rewrite into Apache and applied this configuration option to httpd.conf.

  <VirtualHost 206.21.120.103>
  ServerAdmin info@gnujobs.com
  ServerName www.tcu-inc.com
  DocumentRoot /www/htdocs/
  
  RewriteEngine on
  RewriteCond %{HTTP_HOST}  ^www\.tcu\-inc\.com$
  RewriteRule ^(/articles)(.*)  http://www.gnujobs.com/Articles$2 [R]
  </VirtualHost>
  

  RewriteCond sets the condition for which we are going to use mod_rewrite, which basically says pay attention to the webserver if www.tcu-inc.com is the base website name being used. RewriteRule takes the conditions (everything at www.tcu-inc.com) and says that if the requested file starts with "/articles" redirect it to www.gnujobs.com. The "$2" corresponds to "(.*)". The rest of the requested file after "/articles" is equal to "(.*)". [R] means "Take this match and redirect it".

  Using Redirect with Virtual Host

  After I figured out how to redirect www.tcu-inc.com to gnujobs.com with the other two methods, I realized I was doing a mistake with the standard "Redirect". I wasn't putting the Redirect command into the VirtualHost section. Once I did that, it worked fine.

  <VirtualHost 206.21.120.103>
  ServerAdmin info@gnujobs.com
  ServerName www.tcu-inc.com
  DocumentRoot /www/htdocs/
  
  Redirect /mark/articles http://www.gnujobs.com/Articles
  </VirtualHost>
  

  Conclusion

  I did a lot of work for nothing, but I made this nice article explaining different options for other people to learn from. Here are my suggestions about which of these 3 methods you should use:
  1. If you don't forsee ever having programmers work on your website, use the standard Redirect command.
  2. If you are a programmer or a true webmaster, then please use mod_rewrite. If you standardize on using mod_rewrite, you might find other uses for it as well which you might not realize unless you have had previous practice with mod_rewrite.
  3. I don't know why you would want to use a Perl script to do this, unless you want to record certain stats (which are possible in other ways) or do something else that is weird. Using a Perl script would just add more overhead. If you used it with mod_perl, you might end up using more memory because of caching. I wouldn't use a Perl script to do this, although that was my first working solution. Bad solutions are good only in the fact that you at least have something working.
  Mark works as an independent consultant donating time to causes like GNUJobs.com, writing articles, and writing free software.

  ---

  Copyright © 2000, Mark Nielsen.
  Copying license http://www.linuxgazette.com/copying.html
  Published in Issue 61 of Linux Gazette, January 2001

  "Linux Gazette...making Linux just a little more fun!"

  ---

  Learning Perl, part 1

  By Ben Okopnik

  ---

  If you've been using Linux for any length of time, you've surely heard of Perl; probably even run a number of scripts, perhaps without even knowing it. Programs like "inews", "mirror", "debconf", "majordomo", "sirc", and a host of others are written purely in Perl. Taking a quick "zgrep" through the "Packages.gz" file in the Debian distro tells me that 382 of the packages depend on Perl (meaning that a critical part of that package is written in it), and 28 other packages either suggest or recommend it.
   

  So, What's It Good For?

  "Perl is great at text-processing, and it's great at tying and integrating things together. To a scripting language, all those different elements look the same."
   -- John Ousterhout, author of the Tcl scripting language

  "Perl" is supposed to stand for the "Practical Extraction and Report Language". Right: bo-oring, but I guess that's what you've got to have if you're going to convince $HUMONGOUS_CORP to use it. Actually, Larry Wall <larry@wall.org> (the author of Perl) says in the Perl man page: "Perl actually stands for Pathologically Eclectic Rubbish Lister, but don't tell anyone I said that." Umm... OK, Larry. Not a word out of me.

  Perl has been variously referred to as "A scripting language with delusions of full language-hood", "The Swiss Army Chainsaw of Unix", "The duct tape of the Web", and other equally, umm, complimentary names. It has been used to write single-line scripts, fast-executing programs, large projects (Amazon.com's entire editorial production and control system, Netscape's content management and delivery system, the Human Genome Project's DNA sequencing and project management, etc.), and millions of quick programs that do an amazing variety of things.  Perl can also emulate a number of common Unix system utilities (hint: if you're looking at having to learn 'awk', 'sed', 'grep', and 'tr', I'd suggest starting in on Perl, instead. All the functionality, much faster, and you'll never outgrow the capabilities. Sure wish I'd known that, way back when...)

  As you would expect of any modern language, Perl allows you to do object-oriented programming. It also handles networking (sockets, etc.), is highly portable (a well-written script will run on Linux, BSD, Solaris, DOS, Win9x, NT, MacOS, OS/2, AmigaOS, VMS, etc. without modification), and has a very short write/debug cycle - since there's no compilation required, you just write the changes and run the script. There's a tremendous wealth of modules (pre-built Perl routines) available to perform just about any task; the Comprehensive Perl Archive Network (CPAN) is one of the best resources a Perl programmer can have.
   

  Yeah, But What Is It Really?

  Good question. I hope that, after using it for a year or so, you can tell me. A description of anything is a container... and I'm still trying to find one big enough to fit Perl (preferably one with a strong lockable lid.)
   

  What Kind Of Things Isn't Perl Good For?

  Hmmm. I wouldn't set out to write a GUI word processor, a video game, or a graphic browser in it. Perl can indeed do glitzy front ends via its interfaces to many other languages, so you could do all of those things - but in my opinion, there are more efficient ways to do them in other languages. "To a man with a hammer, every problem looks like a nail" - let the programmer beware!

  Note, also, that Perl itself isn't written in Perl; neither is the Linux kernel. Low-level stuff of that sort is best left to C/C++ with some assembler thrown in; 'the right tools for the right job' should be every programmer's motto.
   

  One Final Warning Before Pulling The Ripcord

  If you know a bit of Perl, and see something in this series that 'Aint The Way I Larned It', just remember Perl's motto: There's More Than One Way To Do It. Usually abbreviated TMTOWDI, and pronounced "tim-today", it is a core philosophy of Perl. Of course, corrections of any obvious errors are welcome.

  Those of you who read my earlier series on shell scripting may remember that a script starts out with the so-called "hash-bang" or "shebang" line:

  #! /bin/bash

  This tells the shell to spawn a subshell in which the following code will be executed by the specified program. This is also what's needed for Perl scripts - the first line must be

  #! /usr/bin/perl

  or whatever is the correct path to your "perl" executable.

  Note the requirements for a hash-bang:

  1) It must be the first line in the script.
  2) The hash (#) must be the first character on the line, and there
     cannot be anything between it and the bang (!).
  3) You must use the absolute path, not just the executable name.

  So, let's try writing our first Perl script:

  
  #!/usr/bin/perl
  # "goodbye" - a modern, high-angst replacement for "Hello World"

  print "Goodbye, cruel world!\n";
  unlink $0;
  

  Well... at least it says "goodbye" before going away; Ms. Manners would be proud. What did we do here? Several things that are rather obvious: first, the "hash-bang"; next, a line that tells us what the script does - another thing that carries over from shell scripting, and is an excellent idea (there's no such thing as too many comments in the code!) Next, we print the message using the `print' function. Note the "\n" at the end of the string: Perl does not automatically provide you with a line-feed, so you get to decide whether you want one or not. Also, note the semi-colon at the end of the statement: just like C, Perl demands those, and Woe Betide The Hapless Programmer Who Forgets! Actually, Perl's error checking is pretty good stuff, with relatively readable messages; it's just that semicolons, being statement separators, often cause the error to be reported as being on the next line down. If you're aware of that quirk, it's not a big deal. Better yet, just remember to use the semicolons.

  The last line is what does the evil deed of erasing the file - "goodbye cruel world" indeed. The "$0" is simply a reference to the name of the script being executed, and "unlink" does the same thing as "rm". Note that "$0" is a lot more useful than "goodbye" or even "./goodbye" - no matter what the file has been named, "$0" returns that name.
   

  Oh, By The Way: Some Code Guidelines

  Far be it from me to claim perfection in writing code: on past occasion, I've done "write-only" code that would make anyone trying to read it turn various colors. The thing is, I'm constantly trying to improve - and I'd surely like to see that idea take hold.

  Perl treats "white space" - tabs and spaces - with the contempt it deserves, i.e., it's ignored. Because of this, you can structure your Perl code to convey the idea of what it is you're doing. Just to give one quick example:

  @boats = ("Aloa", "Cheoy Lee", "Pearson", "Mason", "Swan", "Westsail", "S2", "Petersen", "Hereshoff");  # List of sailboats

  Here, we've filled an array called `@boats' with sailboats. OK, that works - but it could be more understandable:

  @array = ("Aloa",       # French OSTAR/IOR boat
           "Cheoy Lee",   # Comfortable but expensive
           "Pearson",     # Strong but rather heavy
           "Mason",       # Well designed, but a bit of a pig
           "Swan",        # Classy boat - if you've got the money
           "Westsail",    # Wetsnails are OK, for double-enders
           "S2",          # Nice bay boats - not for offshore use
           "Petersen",    # Steel world cruiser, roomy but slow
           "Hereshoff");  # Fast and gorgeous; cramped and expensive

  These habits apply to more than just Perl. Most modern languages allow additional whitespace in order to make the code human-readable. As I go through this series, I'll do my best to demonstrate at least my own version of good coding style; I'd like to encourage everyone to make it a consideration in writing their own code.
   

  Variables

  In Perl, the focus is "ease of use". It is a so-called "loosely-typed" language, where the variable definitions are not rigidly forced into straightjackets; in fact, there's no way to define a variable that will only hold a positive 32-bit floating point number.

  The three types of variables in Perl are scalars, arrays, and hashes. Despite the scary names, they're all rather simple: just variables that contain different arrangements of data.

  scalars - numbers, strings, or references
  A scalar variable is denoted by a `$' sign, i.e. $num, $joe, $pointer
  Examples:
  "0.0421", "Joe's glove", memory location "0xA000"

  arrays - sequentially-numbered lists of scalars
  An array variable is denoted by an `@' sign, i.e. @v, @list, @variable
         Example:
     0 - "Sunday"
     1 - "Monday"
     2 - "Tuesday"
     3 - "Wednesday"
     ...

  hashes - key-referenced lists of scalars
  Hashes are denoted by '%', i.e. %people, %x, %this_is_a_hash
         Example:
     resident - "Sherlock Holmes"
     addr     - "221B Baker Street"
     code     - "NW1"
     city     - "London"
     country  - "GB"
     job      - "sleuth"
     ...

  Note that, while arrays are stored in numerical order, hashes are not - retrieving the first element of a hash will often have nothing to do with the first element you loaded into it. Hash elements are referred to by their keys, not their position in the structure.

  Within these three data types, you can contain (or point to) anything you want - and access it easily.

  Another important note: $a, @a, and %a are completely unrelated to each other. They are in different name spaces. I am careful not to use visually conflicting names like these in my programs, especially since things like $a[0] (a reference to the 1st element of the @a array) exist - but this is something you should be aware of.
   

  Given that variables can contain different types of data - numeric and string - we're going to need operators that work for both types. Perl provides these, and you should remember which type goes with what:

     Operator                   Num     Str
     --------------------------------------
     Equal                      ==      eq
     Not equal                  !=      ne
     Less than                   <      lt
     Greater than                >      gt
     Less than or equal to      <=      le
     Greater than or equal to   >=      ge

  Easy mnemonic - when comparing letters (strings), use letters.

  Since I like to give concrete examples, here's a way to give yourself gray hair and a nervous breakdown:
  
  #!/usr/bin/perl
  # A political evaluation script

  $a = "Al";
  $b = "George";

  if ( $a > $b)   { print "$a would make a better President.\n"; }
  if ( $a < $b)   { print "$b would make a better President.\n"; }
  if ( $a == $b)  { print "$a or $b, there's no difference...\n"; }
  

  Hm. The output says that there's no difference. This may reflect political reality, but what about our comparisons?... oh yeah. We should have used string operators, huh?

  
  #!/usr/bin/perl
  # A political evaluation script

  $a = "Al";
  $b = "George";

  if ( $a gt $b)   { print "$a would make a better President.\n"; }
  if ( $a lt $b)   { print "$b would make a better President.\n"; }
  if ( $a eq $b)   { print "$a or $b, there's no difference...\n"; }
  

  Now the comparison operators work properly (and the real-world logic is backwards... but I digress.)

  By the way - why is it that Perl decided that "Al" was the same as "George" in the first example? Since when do programs have political opinions?

  The reason is actually an important one - it has to do with the way that Perl separates "true" from "false". Given that all of our tests - "if", "while", "until", etc. depend on that distinction, we need to understand it.

  "0" is false, whether it is a number or a string.
  All undefined variables (those that have not had a value assigned to them) are false.
  An empty string - "" or '' - is false.
  Everything else is true.

  All right, here's some tricky stuff - look at these values and decide whether they're true or false:

  "00"    "-1"    " "    "5 - 5"

  See note [1] at the end of this article for the answers.
   

  Another issue that is important is variable interpolation, which is a way of determining whether something in quotes gets interpreted or not. Here's an example:

  $name =  'Bessie';
  print    'Our cow is named $name.';

  Oops. The output reads

  Our cow is named $name.

  I don't think any self-respecting cow would come if called something like that (I won't even mention the difficulty of pronouncing it.) So, how do we get Bessie to come to us?

  # Note the double quotes where the singles used to be!
  $name =  'Bessie';
  print    "Our cow is named $name.";

  Successful animal husbandry (and those of you thinking dirty thoughts, stop it) via Perl. I told you you could do anything.

  What if we wanted to print the variable name? Perl makes that easy, too.

  $joe =   "Joe";
  print    "The variable \$joe contains the value $joe.";

  We can print any metacharacter, that is, characters that have a special meaning in Perl, by escaping them - that is, preceding them with a backslash. Take a look at this:

  $joe =   "Joe";
  print    "The variable \"\$joe\" contains the value \"$joe.\"";

  Uh... TMTOWDI:

  print    'The variable "$joe" contains the value "', $joe, '".';

  Take your pick; just be sure you understand the difference. Note that separate values in the "print" statement take a comma as a separator - without one, it has a completely different meaning, which we'll discuss in a future article.

  Before we wrap this up, one important consideration: when creating your script file, always use the "-w" parameter as part of your hash-bang -

  #! /usr/bin/perl -w

  This will generate warnings and tell you where the problems are in your script. Be sure to use it if you're a Perl beginner... and be doubly sure to use it if you're a Perl expert. The errors don't go away as you progress; they just grow smarter. :)
   

  Wrap-up

  This time around, we took a bit of a journey, skipping lightly over the rocks and shoals of a simple intro. Next month, we'll get a little deeper into it; perhaps explore arrays and hashes, and maybe dive head-first into the incredibly powerful "regular expressions", or regexes of Perl. My suggestion, meanwhile, is to try a few of the things we've talked about, maybe do a little experimentation on your own - I've found that the best way to learn a language is to hack until I hit the limits of my knowledge, then bring my frustrations to someone who knows more than I do. You can't get any good answers if you don't even know the questions.

  Happy Perl hacking!
   

  Ben Okopnik
  perl -we '$@="\145\143\150\157\040\042\112\165\163\164\040\141\156".
  "\157\164\150\145\162\040\120\145\162\154\040\110\141\143\153\145\162".
  "\042\040\076\040\057\144\145\166\057\164\164\171";`$@`'
  
  Note [1]: All true. None of them fit the "false" categories: "00" is not the same as "0"; neither is "-1". A space, " ", is not the same as an empty string (""), and "5 - 5", unless evaluated, is not "0".

  References: "Perl: The Complete Reference", Martin C. Brown

  Relevant Perl man pages (available on any pro-Perl-y configured system):

  perl      - overview               perlfaq   - frequently asked questions
  perltoc   - doc TOC                perldata  - data structures
  perlsyn   - syntax                 perlop    - operators and precedence
  perlrun   - execution              perlfunc  - builtin functions
  perltrap  - traps for the unwary   perlstyle - style guide

  "perldoc" and "perldoc -f"

  ---

  Copyright © 2000, Ben Okopnik.
  Copying license http://www.linuxgazette.com/copying.html
  Published in Issue 61 of Linux Gazette, January 2001

  "Linux Gazette...making Linux just a little more fun!"

  ---

  Booting Linux from the NT Boot Menu

  By Pradeep Padala

  ---

  Why an article on Linux in an NT boot menu? We have HOWTOs, don't we? The HOWTOs give step by step instructions, but unfortunately they don't provide everything we want. They are geared towards people who are new to Linux and are very good at explaining things to newbies. But when it comes to doing something out of the ordinary, we're stuck. This article is a meant to fill that void.

  To start with one, day I got the crazy idea that it would be nice to have a single boot loader to boot everything from one manager instead of having both a LILO and an NT boot manager. So which manager should I choose? I chose NT boot manager because when we install LILO and boot NT from it, NT still presents its own boot menu and it's annoying enough to need to be asked two times to boot the right operating system . So I thought of removing LILO and using NT loader to present a nice menu for booting all the operating systems I have. Okay then, How do we do it? I searched through the HOWTOs. The mini HOWTO HOWTO NT OS Loader + Linux mini-HOWTO gives a good overview of the process. But unfortunately my brain couldn't grasp the concept. As a result, when I first followed the steps I got an unusable system. After 3 days of hard work and rebooting and fiddling with an unusable system 3 times, concepts began to become clear.

  Here we Go.

  NT Boot Loader

  The NT boot loader loads the operating system image by reading the initialization file boot.ini. Have a look at it now. It contains something like:

  		[boot loader]
  		timeout=30
  		default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
  		[operating systems]
  		multi(0)disk(0)rdisk(0)partition(1)\WINNT="Windows NT Workstation Version 4.00"
  		multi(0)disk(0)rdisk(0)partition(1)\WINNT="Windows NT Workstation Version 4.00 
  		[VGA mode]" /basevideo /sos
  

  this says to boot the operating system from the partition as mentioned. That is it takes the first 512 bytes of information which is required for booting the corresponding OS. So how do we boot Linux using this concept. Simple! we can have the first 512 bytes of Linux boot partition (the boot sector for Linux) in a file and give it to NT boot manager. We can modify the boot.ini file as follows:

  		[boot loader]
  		timeout=30
  		default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
  		[operating systems]
  		multi(0)disk(0)rdisk(0)partition(1)\WINNT="Windows NT Workstation Version 4.00"
  		multi(0)disk(0)rdisk(0)partition(1)\WINNT="Windows NT Workstation Version
  		4.00 [VGA mode]" /basevideo /sos
  		C:\boot.lnx="Redhat Linux 6.2"
  

  Where boot.lnx is the file which contains the required 512 bytes. But we have to get the 512 bytes. How do we do that? The HOWTO gives a good example of how to do it. Here we need the first 512 bytes of Linux boot partition which says to NT just to boot Linux. So we make a dummy lilo.conf file and pass it to LILO and tell it to install the boot sector for linux at the top of Linux partition. Then we peel the first 512 bytes from this and put it into a file and give it to NT. Then we install LILO in MBR and take care of loading WINNT as the default OS. We create the lilo.conf to write NT as default and install it.

  Let's do it.

  First let me explain my example environment. I loaded Red Hat out of the box with the default options during installation. It installs LILO in MBR and updates it according to the options given during installation regarding what other OSes (such as NT) you have. Here I have NT only. When I reboot after installation, LILO comes up with two options to boot--Linux and DOS. When I enter DOS, it goes into NT boot manager. What are we trying to make? We want to make LILO start the NT boot manger as default and in NT boot manager, we want to have an option to boot Linux.

  What are we trying to make? We want to make LILO to start NT boot manger as default and in NT boot manager we want to have an option to boot Linux.

  We start here. First boot into Linux. Make a dummy lilo.conf file like this: Copy lilo.conf to lilo.dummy and open lilo.dummy with vi. edit it to look some thing like this:

  		# lilo.dummy file
  		boot = /dev/hda3 	# Linux resides in /dev/hda3 in my machine.
  		                        # replace it with the partition in which you installed linux
  		timeout=0 		# Time out zero to avoid lilo waiting for us
  		vga = normal
  		read-only
  		default=linux
  		image = /boot/vmlinuz
  		label = linux
  		root = /dev/hda3
  

  Then execute LILO with this dummy file as the argument with the command. This installs linux boot sector on /dev/hda3.

  /sbin/lilo -C lilo.dummy
  Peel off the first 512 bytes with this command.
  dd if=/dev/hda3 of=boot.lnx bs=512 count=1
  
  We copy the file boot.lnx to c drive. If c drive is mounted as /win/c we copy with the command
  
  cp boot.lnx /win/c
  or mount c drive and copy the file as
  mount /dev/hda1 /win/c
  cp boot.lnx /win/c
  
  Then change the boot.ini file as indicated here.
  

  		[boot loader]
  		timeout=30
  		default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
  		[operating systems]
  		multi(0)disk(0)rdisk(0)partition(1)\WINNT="Windows NT Workstation Version 4.00"
  		multi(0)disk(0)rdisk(0)partition(1)\WINNT="Windows NT Workstation Version
  		4.00 [VGA mode]" /basevideo /sos
  		C:\boot.lnx="Redhat Linux 6.2"
  

  Installing LILO in MBR.

  Just change the lilo.conf file to reflect winNT as the default OS with no delay in booting into it and tell LILO to install it in MBR.

  		boot = /dev/hda                 # Install it in MBR
  		timeout=0
  		vga = normal
  		read-only
  		default=win                     # We need NT as default
  		image = /boot/vmlinuz		# We can remove this entry with out any
  						#problems as we will not be booting Linux from LILO
  	 	label = linux
  		root = /dev/hda3
  		other = /dev/hda1
  		label = win
  

  install LILO again. Before rebooting, make sure that you have a rescue disk at hand. You can use the Red Hat installation disk as the rescue disk. See the Pitfalls section to find out how to use to for rescue. or You can make a boot disk with the command

  mkbootdisk,
  
  which you can use for rescue. See the Bootdisk-HOWTO for more details on how to make boot disk.
  
  Then reboot and watch the magic.
  

  Are you still unsatisfied? I know what is bothering you. You want LILO to be eliminated completely. Do this. Get a DOS floppy that has fdisk and boot the machine with the floppy. Then run "fdisk /mbr" to overwrite the master boot record. I don't know what happens with this option. I am still unsure about this and if any one knows what this option does, please write to me.

  Pitfalls:

  1. Remember every time you change your kernel or make any changes to lilo.conf, you have to follow the process again and make a new copy of boot.lnx and give it to NT.

  2. If you have done some thing wrong and you can't boot Linux, then boot with the rescue disk and install LILO again as follows:

     (You can use red hat installaion CD as the rescue disk. At the installation menu type rescue and enter)
     
     
     • boot with rescue disk
       
     • mount linux partition
       mount /dev/hda3 /mnt
       
     • change root
       chroot /mnt
       
     • change lilo.conf to some thing sane like

               boot = /dev/hda
               timeout=500
               prompt
               vga = normal
               read-only
               default=linux
               image = /boot/vmlinuz
                   label = linux
                   root = /dev/hda3
               other = /dev/hda1
                   label = win
            

     • install lilo
       /sbin/lilo
       
     • do a sync and unmount /dev/hda3
       sync
       umount /mnt
       
     • Reboot
       /sbin/reboot
       

  ---

  Copyright © 2000, Pradeep Padala.
  Copying license http://www.linuxgazette.com/copying.html
  Published in Issue 61 of Linux Gazette, January 2001

  "Linux Gazette...making Linux just a little more fun!"

  ---

  

  

  Bags o' Fun

  By Jason Steffler

  Abstract

      For those who haven't read the previous articles, be sure to read the statement of purpose first.  This month, we're going to discuss inheritence, polymorphism, and abstract classes as well as introducing some collection objects.  For those looking to read the whole series locally or information about upcoming articles, you can check the MST page.  For those looking for further information on learning Squeak, here are some good resources.

  Quote of the day

  "Why Smalltalk? Smalltalk uses a simplified version of English. Nouns and verbs. Object are the nouns. Verbs are messages sent from one object to the next. Easy as 1, 2, 3. It is no longer necessary to write cryptic programs.  This means that almost anyone can learn to write Smalltalk programs."
          - Peter William Lount

  Inheritence

      Last month, we were using aPerson object for illustrative purposes.  This month we'll only build on this example briefly, as it quickly gets too contrived for my liking.  Also, this is a good opportunity to introduce the collection objects of Smalltalk.  We'll return to aPerson next month though, as the emphasis will be on the building aspect, and not on the object itself.
      The notion of inheritence in OO is very similar to the normal use of this term.  Just like a person can inherit certain characteristics from their parents, so too can objects inherit certain characteristics from their parents.  Objects inherit the methods and instance variables of their parents, among other things.
      To get this discussion going, lets introduce the object anOrderedCollection, whose class is OrderedCollection.  This is a very common object to use in Smalltalk.  An OrderedCollection is just what it sounds like:  it's a collection of objects where order is important.  To better position the topics at hand, it'd useful to have an idea of how you can use this type of collection:

  [ex1]
      "Inspect this code.  Here we're creating a new OrderedCollection, and asking it to add 1, then add 2, then add 3, then finally return yourself"
      (OrderedCollection new)  add: 1; add: 2; add: 3; yourself.

  [ex2]
      "This is normally not written on one line, but is written like this:"
      (OrderedCollection new)
          add: 1;
          add: 2;
          add: 3;
          yourself.

      Here, we're asking the class (remember, this is a blueprint for creating objects) OrderedCollection to create a new collection.  Then we're asking the new collection to add 1 to itself.  Then we're asking the same new collection to add 2 to itself, then 3, and then finally we're asking the collection to return itself.  You normally don't have to send that last message to an object, as the default return is the object itself (we call this the receiver of the the messages), but the message add: returns the parameter you're passing, so in this case, if we want to see the OrderedCollection that we're creating, we need to ask it to return itself as the last message send.  This may be a little confusing; I showed the above snippet as it explicitly creates a new object.  You could get the same results by inspecting the below two snippets, that don't explictly create a new object - this is done implicitly from the message sent:

  [ex3]
      "Here, we're asking the OrderedCollection class to give us a new OrderedCollection object with the values 1, 2, and 3 in it."
     OrderedCollection with: 1 with: 2 with: 3

  [ex4]
      "Here, we're asking the OrderedCollection class to give us a new OrderedCollection object with all of the values 1, 2 and 3¹"
      OrderedCollection withAll: #(1 2 3)

  [ex5]
      Now, if you print it to the above code, you'll see an ASCII representation of the object:  OrderedCollection (1 2 3 ).  When you inspect the above code, and click on self you will see:
  

  [ex6]
      There are several ways that we could make an ordered collection with a fourth Integer in it, here's a neat way.  Say that you have this OrderedCollection with only the first 3 integers in it, and realize 'wups, I actually wanted 4 integers in it.'  You don't have to go back to the code you typed in above and redo it, you can just ask the object you're inspecting to add a fourth integer to itself:
  

  [ex7]
      Highlight the code entered in the bottom pane, and do it.  Here, you're asking the object itself (self) to add 4 to itself.  If you have self highlighted, you'll notice that it is updated (if you don't have self highlighted, then click on it to see the updates.  You'll see:
  

      This is an illustration of being able to view and manipulate objects in real time, which is Immensely Powerful.  If you're coding along and something isn't quite working right, you can stop execution, grab the troublesome object and see exactly what is going on.  If you want to simulate certain conditions, you can just change the object directly.  For example, say you realized that you shouldn't have the integer 4, but rather the string 'four', you can click on the fourth element, delete 4, and tye in 'four', then middle click>accept. The fourth element in this collection is now the string 'four'. Try clicking on the 3rd element, then back to the fourth element to confirm this, you'll see:
  

      ...and remember, we did all this without the hassle of compiling, linking, and running the compiled program!  Ok, now that we have an idea about how to create a collection, we're going to do something with this collection, lets add up the integers in the collection.  To do this, you can do it the following snippet:

  [ex8]
      | anOrderedCollection aSum |
      aSum := 0.
      anOrderedCollection := OrderedCollection withAll: #(1 2 3).
      anOrderedCollection do: [:anElement | aSum := aSum + anElement].
      aSum inspect.

      Here, the lines of code mean:
      1) declare temporary variables
      2) initialize the sum
      3) create a new ordered collection, assign it to one of the temporary variables
      4) ask the ordered collection to do something for each element.  For each element, we're asking the sum to add the element to itself.
      5) here, we're asking the sum to open an inspector on itself (yeah, you can do this programatically - cool eh?)

      For the folks with programming experience, you'll note that we didn't have to worry about bounds checking, or the size of the collection, or declaring temporary variables to index the collection - this is all handled by the collection.  Very nice and it helps to reduce errors.  We very naturally just asked the ordered collection to do something with each element.
      Back to inheritence now, as the name suggests, OrderedCollection is a type of Collection, and inherits methods and instance variables from Collection.  To be more precise, it inherits from a class called SequenceableCollection, which in turn inherits from Collection.  Now, I could use UML, or any number of other industry software modeling diagrams here, but I want to save time so I'm going to use a textual shorthand for outlining class relationships - I'll denote inheritence by tabbing, so indicating the above inheritence looks like this:
      Collection
          SequenceableCollection
              OrderedCollection

      You can think of this as OrderedCollection is a type of SequenceableCollection, which is a type of Collection.  For example, a creation method we used - withAll: is inherited from Collection, I'll show this class method by:
      Collection
          >>withAll:
          SequenceableCollection
              OrderedCollection

      Both Collection, and SequenceableCollection, are what we call abstract classes - classes that would never instantiate an object themselves, but serve as good logical building points.  Here, it doesn't matter if we have an OrderedCollection, or a SortedCollection, or a Bag (an unordered collection), or whatever - we'd want all of them to know how to respond to withAll:. Here's the sweet thing:  we implement the method that all these classes should respond to in one spot, and reuse it. So, if you need to change withAll: for these classes, then there's only one spot to go to.
      If you need to have an exception to the rule, say you have have a Heap² class that needs to implement the withAll: method differently, then you can do what is called overriding the method in Heap.  Adding Heap to our outline, and indicating abstract classes in italics gives us:
      Collection
          >>withAll:
          SequenceableCollection
              OrderedCollection
              Heap
                  >>withAll:

      Note:  when we send the withAll: message to Heap or to OrderedCollection, these two classes have different implementation of the same message - this is known as polymorphism. This is another one of those esoteric terms that really means something pretty simple.
      The corollary of polymorphism is a very powerful one though, it allows you to get out of a decision making frame of mind, and get into a commanding frame of mind. This allows us to get away from a common procedural programming trait - having lot of code that is checking stuff and conditionally doing stuff (if it's an OrderedCollection, do this, if it's a Heap, do this, if it's a Bag, do this, etc), and lets us just do stuff.  It doesn't matter what type of collection it is, when we ask it to do withAll:, it will do the right thing!
      Finally, if we also add the above mentioned SortedCollection and Bag (<groan> here's where this month's title pun comes from ;-), we get:
      Collection
          >>withAll:
          Bag
          SequenceableCollection
              OrderedCollection
                  SortedCollection
              Heap
                  >>withAll:

      It's easy to see how there are lots of opportunities for reuse here, it's generally a good thing when you can code something in one spot, and have many objects reuse that one implementation.  That way, when you have to make an udpate, you only update that one spot and don't have to worry with tracking down many different spots and keeping the update in synch.
      Now we're going to start getting to the question of how we know what objects are where and how to use them.  As with other topics in this series, I'm introducing this one a bit at a time as well.  A common problem for Smalltalk beginners is that they're overwhelmed with the rich class library as there are thousands of objects you can use.  To help reduce this problem, I've extended one of the Smalltalk browsers and made a ScopedBrowser.  This is a good example of the reflectiveness we mentioned earlier - I was able to extend or alter the behavior of the IDE to suit my needs.  This ScopedBrowser will only show you the classes we need to concentrate on for this article.  My intent is to add to the scope that is being browsed over time as more objects are introduced.  For this time, I've included all the above mentioned collections objects as well as a couple more collections objects for those interested (a total of 9 classes).  To open this browser, you first need to file in the MakingSmalltalk-Article3.st code to your image (see article 2 on how to do this).  Then open the browser by doing the snippet:

  [ex9]    [Squeak-only-suspected]
      ScopedBrowser openBrowserForArticle3

      For the read-along folks, this is what you'll see after navigating to the withAll: method:
  
      (Note: I set my browser colour to purple - the default colour is green, I'll come back to customization in a future article)
      To find the withAll: method, click on the class button, then Collections-Abstract>Collection>instanceCreation>withAll:
      This browser has 5 panes and 3 buttons, from left to right and top to bottom:
          pane 1: shows categories - these are collections of classes (pun intended)
          pane 2: shows classes
          pane 3: shows categories - these are collections of methods
          pane 4: shows methods
          pane 5: shows Smalltalk code
          button 1: toggles the browser to show the instance methods of the object
          button 2: toggles the browser to show the class comments
          button 3: toggles the browser to show the class methods of the object
      Now, if we step back a little bit, and click on Collections-Sequenceable>OrderedCollection, you'll see:
  
      Note that the code pane shows who OrderedCollection inherits from, as well as their instance variables, if you then go back to the abstract classes and click on SequenceableCollection, you'll notice that it inherits from Collection just as we discussed.  Take some time poking around these classes and get comfortable with navigating in this browser.  Look for the classes and methods we discussed above.
      Finally, I'm going to introduce one more browser - the hierarchy browser.  This one is good when you're concentrating on hierarchies and inheritence when you're coding.  To open it, first click on OrderedCollection again, then middle-click>spawn hierarchy.  You'll see:
  [ex10]
  
      Note, that this browser hasn't been scoped, and shows the full hierarchy.  Notice that Collection inherits from an object called Object - no surprise here, most things about Smalltalk are just what you would expect.  Finally, the topmost object is ProtoObject, which implements some really fundamental methods.  The question naturally arises:  "What does ProtoObject inherit from?".  The answer is nothing, or nil to be more precise.

  Looking forward

      The next article will cover the making of aPerson; we'll go over not only the basics of creating objects, but we'll also discuss what the Smalltalk code that we're writing means.

  A Sweet Squeak

  This section won't explore/explain code or example, but merely present a neat thing to try out.  This time, we're going to look at downloading projects.  Remember in article 1 when we created a new project?  Well, you can not only save the project to transfer across images, but you can drop it on the internet and download it directly to your image too.  Here's an example, do this:

  [ex11]    [Squeak-only-suspected]
      Project thumbnailFromUrl:     'http://www.squeak.org/Squeak2.0/2.7segments/SqueakEasy.extSeg'

      For the read-along folks, you'll see a simple turtle game project, and when you enter the project you can direct the turtle by entering Smalltalk code:
  

  Questions and Answers

  These are the answers for questions on previous articles that I could work through in my limited time available.  I picked out the ones I thought most appropriate for the series.  If you want a faster response, or I didn't get to your question, try posting your question to the comp.lang.smalltalk newsgroup, or the Swiki.

  Q: How compatible with [VisualWorks, VisualAge, Smalltalk/X, Dolphin, etc] Smalltalk will the code examples be?
  A:  Though I'm not writing these articles with code portability in mind, and I'm not doing any portability testing, much of the basic code should be compatible.  By basic code, I mean things like how collections are used, how classes are declared, instance variable use, etc.  Traditionally where the different flavours of Smalltalk differ most is in GUI code.  With Squeak specifically, some of the cool stuff we're going to look at isn't portable to other flavours, for example:  the halo stuff, morphic stuff, and downloading projects.
      What I'll start doing though, is any code that I a priori suspect is Squeak specific, I'll tag with [Squeak-only-suspected].  NOTE:  this will only indicate my suspicion - I don't plan on spending time on testing it in different flavours, or searching for ways to accomplish the same task in a different manner.
      This would be a great use of the Linux Gazette's talkback sections - if other Smalltalkers note what does and doesn't work in other flavours, they can post this info.  Also starting with this article, I'll start indexing the examples so they're easier to refer to for this purpose (ie: ex1, ex2).  I haven't done this yet, as I wanted to keep the series informal, but I expect enumerating examples will make it easier/clearer to post talkbacks.  If you don't like the enumerating - post a talkback.

  Article Glossary

  This is a glossary of terms that I've used for the first time in this series, or a term that I want to refine. 
  abstract class
          A class that would never instantiate an object itself, but serves as good logical building point for other classes that do instantiate themselves (concrete classes).  Abstract classes are indicated in italics in class outlines.
  class method
          (def1 - simple) A method that a class implements (as opposed to an instance), usually to create a new object.  I denote a class method by: >>aClassMethod
  concrete class
          A class that would instantiate an object itself.
  instance method
          (def1 - simple) A method that an instance of an object implements (as opposed to it's class).  I denote an instance method by: >anInstancemethod
  polymorphism
          When two different objects interpret the same message differently by implementing two different methods.
  receiver
          The receiver of a message send.  The object that receives a message send.  For example, if we say aPerson sing, the receiver of the sing message is aPerson
  [Squeak-only-suspected]
         This tag is for any code that I a priori suspect is Squeak specific.  NOTE:  this will only indicate my suspicion - I don't plan on spending time on testing it in different flavours, or searching for ways to accomplish the same task in a different manner.

  Footnotes

  [1] For those folks who have programming experience, the parameter that we're passing here is an Array, you can just highlight the array and inspect it too if you like.  The reason I'm not using an Array for illustrative purposes here, as because they are not as flexible or user friendly as an OrderedCollection.  Where arrays have a fixed size, an ordered collection grows or shrinks as you need it to.
  [2] For those folks never lucky enough to be in a comp sci class that studies heaps and stacks and other data structures  adnauseam, a heap is a type of binary tree in which the value of each node is greater than the values of its leaves.

  Statement of purpose

      When I wrote the first Making Smalltalk with the Penguin article back in March of 2000, my target audience was experienced programmers who didn't have much exposure to OO programming or to Smalltalk.  The article's intent was to give an overview of my favourite programming language on my favourite operating system.  Since then, I've had a fair amount of email asking introductory type questions about Smalltalk and OO programming.  So I thought I'd try my hand at a small series.
      The target audience for this series are people new to OO or new to programming altogether.  The intent is to not only introduce OO programming, but to also spread the fun of Smalltalking.  Why do this format/effort when there's lots of good reference material out there?  Two reasons really:  1) Tutorials are great, but can be static and dated pretty quickly.  2) An ongoing series tends to be more engaging and digestible.
      To help address the second reason above, my intent is to keep the articles concise so they can be digested in under an hour.  Hopefully, as newbies follow along, they can refer back to the original article and make more sense of it.  I plan on having a touch of advanced stuff once in a while to add flavour and as before, the articles are going to be written for read-along or code-along people.

  Why Smalltalk?

      I believe Smalltalk is the best environment to learn OO programming in because:
  • Smalltalk has a very active and very helpful community; when you post a question to the Smalltalk newsgroups you very often get an answer, unlike many other newsgroups
  • is very easy to learn... one of it's original design intentions was to be a learning environment for children
  • is a pure OO environment and encourages OO programming (as opposed to encouraging procedural/Object mixed programming)
  • cutting your teeth in Smalltalk makes you a better OO programmer in any other language, because of the previous bullet
  • is a portable environment:  write once, run anywhere, so people can learn on whatever OS they're running  (as opposed to just the M$ variety)
  • can look at and manipulate objects in real time; I haven't seen this ability in any other environment
  • Smalltalk is written in Smalltalk.  You can view how the language is put together to learn the language, and you can change anything that you don't like about it.
  • has garbage collection, no manual memory management, no explicit pointers
  • is a literate language; by this I mean the syntax is very simple and is geared towards programmer readability.
  • there's lots of Cool Things that you can do in it that I haven't seen anywhere else (will have some examples along the way)
  • ...and best of all: it's fun.
  In particular, I'm going to use Squeak as the playing vehicle.  You'll notice this is a different flavour of Smalltalk than I used in my first article.  I've never used Squeak before, so this'll be a learning experience for me too.  The reasons for this are:
  • It's a completely opensource project
  • It has some Really Cool features that I haven't seen in other flavours of Smalltalk
  • It has a comparitively small footprint and it's very easy to install
  • It has a strong Swiki site  (a Wiki site hosted in Squeak, hence Squeak Wiki)

  Smalltalk Code

  No listings this month

  ---

  Copyright © 2000, Jason Steffler.
  Copying license http://www.linuxgazette.com/copying.html
  Published in Issue 61 of Linux Gazette, January 2001

  "Linux Gazette...making Linux just a little more fun!"

  ---

  Setting Up a Linux Laptop With No CD-ROM Drive

  By Alan Ward

  ---

  This article comes mainly from my fiddling around with a laptop I bought at a great price - US $800 some years ago - but lacking a CD-ROM drive. Just what I needed to see how to get a Linux box going using the network bootdisks that come with most distributions these days. I also have some experience with the elderly 486 I recycle as terminals (no CD drive either - and little else).

  There are different ways of exporting the distribution CD from a Linux desktop: NFS, FTP and HTTP. I would like to discuss briefly each of these, before going into some of the interesting problems I encountered. I will try to keep this at a level accessible to all - and the techniques are quite easy to use - though NFS can be something of a bitch.

  I will use the RedHat distribution scheme here. Most of it also applies directly to derived distributions, such as Mandrake or HispaLinux. The ideas behind also apply to most other Linux distributions, though the details of implementation may be different.

  The disks

  Modern distributions can usually be booted straight from the CD. But they also come with several boot images that can be written to a floppy (usually in the /images directory). There is a difference between a desktop with a standard ISA or PCI ethernet card, and a laptop with a PCMCIA card. In the latter, you will need to load the pcmcia support module before the ethernet drivers.

  For example:

  - the RedHat 5.2 distribution comes with boot.img (both CD and network), though you may also need supp.img for PCMCIA card support. (And yes, I still use it to convert 486 and early Pentium boxes into X terminals and routers - though not for servers!).

  - the RedHat 6.0 distribution comes with boot.img (CD only), bootnet.img (network) and pcmcia.img.

  - Mandrake 7.0 comes with cdrom.img, network.img and pcmcia.img, as does Mandrake Corporate Server.

  In each case, to boot from the network you will need:

  distribution	without PCMCIA	with PCMCIA
  RedHat 5.2	boot.img	boot.img + supp.img
  RedHat 6.0	bootnet.img	bootnet.img + pcmcia.img
  Mandrake 7.0 and CS	network.img	pcmcia.img

  Naturally, you can write these images to floppies using the dd instruction. For example:

  dd if=/mnt/cdrom/images/network.img of=/dev/fd0

  Getting your network up

  All network boot disks have a mecanism to get your network up, though the order in which the steps are taken may be slightly different. For example, a Mandrake 6.1 boot goes:

  1. select network image protocol (nfs, ftp or http);

  2. select a network card - this particular boot disk cannot detect your card automagically - more on this later;

  3. enter your IP and host configurations, which will in most cases be the definitive configurations;

  4. tell it about your server (IP address or name, directory holding the distribution).

  Installing through NFS

  NFS can be seen as the means Linux boxes have to share directories across a local or wide area network. Once exported, you can mount these directories just as you would a local disk unit.

  Server-side, I usually just mount the CD, and then export /mnt/cdrom. This involves the following steps:

  1. Get the NFS server working (nfsd), for example using setup.

  2. Mount the CD as usual:

  mount /dev/cdrom /mnt/cdrom

  3. Include this directory in the server's list of exportable directories. In /etc/exports, I insert the line:

  /mnt/cdrom *(ro,no_root_squash)

  This means I want to export /mnt/cdrom to all users (*), with read-only rights (ro). no_root_squash gives remote root users root privileges over your NFS files; normally, remote root users have the nobody user's permission on them--this is a security measure in case the remote users are not trustworthy.

  5. I then make the export effective with:

  exportfs

  This should reply with a message such as:

  /mnt/cdrom localhost

  /mnt/cdrom *

  You can then test it out on any box on the network with (for example, with 192.168.0.1 as the server's IP address):

  mount 192.168.0.1:/mnt/cdrom /mnt

  Client-side, you will need to tell the installation program:

  - the NFS server name (or IP addess in most small networks with no DNS)

  - the RedHat directory, /mnt/cdrom in my example.

  This works, but may not be the easiest way to install Linux. I use it in networks where the server exports /home anyway, and NFS is already set up.

  Installing through FTP

  Server-side, exporting a RedHat CD through ftp is a rather simple process. In my setup, I already had the wuftp server going. The package on installation creates the /home/ftp directory, from which anonymous ftp queries are served. The most expeditive way the serve the CD seemed to be:

  1) create a subdirectory, such as /home/ftp/cdrom

  mkdir /home/ftp/cdrom

  2) mount the CD directly on this directory, instead of the more usual /mnt/cdrom:

  mount /dev/cdrom /home/ftp/cdrom

  Just to be sure, I then checked you can access this directory from an anonymous ftp session.

  Client-side, I selected FTP image, then went through the normal steps to set up networking. When asked, I gave it

  - the FTP site name (or IP addess in most small networks with no DNS)

  - the RedHat directory, just cdrom in my example.

  It seems you can also use non-anonymous ftp connections, but I haven't tried it as it doesn't seem too interesting in our case.

  Installing through HTTP

  The process is very similar to the FTP.

  Server-side, I used the standard apache installation, with DocumentRoot set to /home/httpd/html. I then

  1) created a subdirectory, /home/httpd/html/cdrom

  mkdir /home/httpd/html/cdrom

  2) mounted the CD directly on this directory:

  mount /dev/cdrom /home/httpd/html/cdrom

  I also checked the CD was accessible before going on. You can do this on the server itself by requesting http://localhost/cdrom/. You should obtain a list of the files on the CD.

  Client-side, you need to give the installation program:

  - the Web site name (or IP address in most small networks)

  - the RedHat directory, just cdrom in my example.

  Wee problems

  With my laptop, my major problem was a Trust PCMCIA ethernet card that is advertised on the box as being "full NE2000 compatible" - which is just not true. (Why do they supply their own drivers for Windows 95?).

  I was stuck on that one with several distributions such as Mandrake 6.1: these ask you to give your card type. Naturally, the ne module didn't work.

  Then I tried the RedHat 6.0 distribution. This autodetects the card type - and works fine using module pcnet_cs. This rather weird card type is not in the usual lists, but is incorporated into most kernels. The trick is to get a boot disk that either autodetects or lets you type in your module name instead of selecting from a list. Note that the RedHat 6.0 network.img disk also works for Mandrake 6.1.

  I had a couple of problems with screen resolution under X. A 800x600 pixel laptop screen will work well with its own resolution - but not with 640x480 as the pixels get distorted. I also had to fiddle with the HorizSync value in /etc/X11/XF86Config: the standard VGA 30-40 kHz range worked better for me than the discrete values I got telling the installation program I had a 800x600 LCD screen. Be careful though - as ever with X.

  Another problem is when you forget some packages during initial installation. You then need to get the packages accesible locally once more: either mounting the CD from the server with NFS, or downloading the packages via FTP or HTTP. You can then use rpm, kpackage or whatever.

  Further steps

  One point I would like to look at is to compare the three system's relative speeds. From what I saw while preparing this article, there don't seem to be any major differences. So I guess it depends mostly on which services are already installed on the server.

  In most cases these will be FTP and HTTP, as their configuration is automatic with most modern distributions. NFS seems a less probable choice as most Linux boxes don't need it for everyday tasks.

  Finally, the last question I would like to discuss is "why a laptop under Linux"?

  Besides the usual reasons for using Linux, I find it useful as a teacher:

  • to use StarOffice (my favourite for projections);

  • to demonstrate operating system techniques live (also with the projector);

  • as a server for the lab: students see both what happens on the server's projected screen as well as on their own clients' screen and can experiment;

  • as a portable X terminal;

  • to convince decision-makers and money-spenders Linux gets more bang from hardware than other systems. You carry it around, plug it into their local network, and let them play. My final line is: "imagine setting up Windows NT serving HTTP, FTP and mail on my P-133 CPU, 48 Mb RAM laptop ..." Not to speak of Windows 2000 - but that would be unkind :-)

  ---

  Copyright © 2000, Alan Ward.
  Copying license http://www.linuxgazette.com/copying.html
  Published in Issue 61 of Linux Gazette, January 2001

  "Linux Gazette...making Linux just a little more fun!"

  ---

  The Back Page

  • About This Month's Authors
  • Not Linux

  ---

  About This Month's Authors

  ---

  Marius Andreiana

  Marius is 20 years old, student in the second year at Politehnica Bucharest, Romania and working as a web developer. Besides Linux, he also loves music (from rock to dance), dancing, having fun, spending time with friends. He is interested also in science in general (and that quantum spooky connection :)

  Shane Collinge

  Part computer programmer, part cartoonist, part Mars Bar. At night, he runs around in a pair of colorful tights fighting criminals. During the day... well, he just runs around. He eats when he's hungry and sleeps when he's sleepy.

  Matteo Dell'Omodarme

  I'm a student at the University of Pisa and a Linux user since 1994. Now I'm working on the administrations of Linux boxes at the Astronomy section of the Department of Physics, with special experience about security. My primary email address is matt@martine2.difi.unipi.it.

  Eric Kasten

  I'm a software developer by day and an artist, web developer, big dog, gardener and wine maker by night. This all leaves very little time for sleep, but always enough time for a nice glass of Michigan Pinot Gris. I have a BS double major in Computer Science and Mathematics and an MS in Computer Science. I've been using and modifying Linux since the 0.9x days. I can be reached via email at kasten@sunpuppy.com or through my website at http://www.sunpuppy.com.

  Mark Nielsen

  Mark works at ZING (www.genericbooks.com) and GNUJobs.com. Previously, Mark founded The Computer Underground. Mark works on non-profit and volunteer projects which promote free literature and software. To make a living, he recruits people for GNU related jobs and also provides solutions for web/database problems using Linux, FreeBSD, Apache, Zope, Perl, Python, and PostgreSQL.

  Ben Okopnik

  A cyberjack-of-all-trades, Ben wanders the world in his 38' sailboat, building networks and hacking on hardware and software whenever he runs out of cruising money. He's been playing and working with computers since the Elder Days (anybody remember the Elf II?), and isn't about to stop any time soon.

  Pradeep Padala

  I am a software engineer at Hughes Software Systems. I love hacking and adore Linux. I graduated this year with a B.E (equivalent to B.S) in Computer Science and Engineering. My intersets include solving puzzles and playing board games. I can be reached through p_padala@yahoo.com or http://pradeeppadala.homestead.com.

  Jason Steffler

  Jason is a Software Architect for McHugh Software International.  His computer related interests include: OO programming & design, Smalltalking, the peopleware aspects of software, and noodl'n around with Linux.

  Alan Ward

  Alan teaches CS in Andorra at high-school and university levels. He's back to Unix this year after an 8-year forced interlude since he graduated -- it makes networking so much easier. His hobbies include science photography (both digital and traditional), trekking, rock and processor collecting.

  ---

  Not Linux

  ---

  Happy New Year, everybody!

  Michael Orr
  Editor, Linux Gazette, gazette@ssc.com
  

  ---

  Copyright © 2000, the Editors of Linux Gazette.
  Copying license http://www.linuxgazette.com/copying.html
  Published in Issue 61 of Linux Gazette, January 2001