Linux.com

Community Blogs



Interactive map of Linux kernel

The Linux Kernel is one of the most complex open source projects. There are a lot of books, however it is still a difficult subject to comprehend. The Interactive map of Linux Kernel gives you a top-down view of the Kernel.
You can see most important layers, functionalities, modules, functions and calls. You can zoom in and drag around to see details. Each item on the map is a hypertext link to source code or documentation.
 

Show progress when using "dd"

dd is a generic command-line tool for copying files from 1 location to another. It is often used to copy entire disk images.

Like many Linux command line tools, it operates silently unless something unexpected happens. Its lack of visual progress feedback is a nice feature for scripting. However, it can leave you wondering about its progress if you are interactively dd-copying a large disk.

To illustrate, you run the following (valid, but perhaps not very useful) dd copy:

$ dd if=/dev/random of=/dev/null bs=1K count=100

It will run for a few minutes as it copies (and immediately discards) 100 blocks of randomly generated data, each of size 1 KB.

To get a progress report while dd is running, you need to open another virtual terminal, and then send a special USR1 signal to the dd process.

First, find out the process id of the dd process by running the following in the new virtual terminal.

$ pgrep -l '^dd$'
8789 dd

To send the USR1 signal to the dd prcoess:

$ kill -USR1 8789

Note that as soon as the USR1 signal is detected, dd will print out the current statistics to its STDERR.

$ dd if=/dev/random of=/dev/null bs=1K count=100

0+14 records in
0+14 records out
204 bytes (204 B) copied, 24.92 seconds, 0.0 kB/s

After reporting the status, dd will resume copying. You can repeat the above kill command any time you want to see the interim statistics. Alternatively, you can use the watch command to execute kill at a set interval.

$ watch -n 10 kill -USR1 8789

----------------------------------
Or you can use "pv" command from "pv" package.
pv - is a terminal-based tool for monitoring the progress of data through a pipeline.

Try for example:

pv -ptre FILE | dd of=FILE bs=1M

Gives a nice output with a progressbar, good for writing cf cards from images.

---------------------------------
Or just use dcfldd - (DoD Computer Forensics Lab) dd replacement with hashing.
 

Why you should give the Vim editor a try

I've always been a Vim user, from the moment I had to make a change to a config file on my first Linux distribution (Corel Linux, be advised: stay clear!)

Vim is one of those programs that can amaze you after 10 years of daily use. It's mysteries and powers are only known to the one or two coders that know all of it's source code inside and out. 

Enough, blabber: time for some great gems of Vim ingenuity! 

Keyword completion

While in insert mode (i) press the CTRL+N or CTRL+P to start keyword completion. CTRL+N moves to the next item in the list, CTRL+P to the previous item. Very handy when you have to keep typing some obnoxiously long word such as nantuckednantucked, which yes, I made up.

Shorties

guu    Change entire line to lowercase

gUU   Change entire line to uppercase

xp      Switch the letter under the cursor with the next letter, easy fro fixign typo's

gf       Open the filename under the cursor

*        Search for the word under the cursor

Recording

Recording multiple commands is possible the best Vim feature there is. 

qa   Start recording a macro called 'a', you can use all letters from a - z

After you started recording, simply enter all Vim commands you want your macro to execute. Stop recording by pressing q again.

@a  Execute the commands you recorded in the macro called 'a'

 

 

 

Using sudo

Now that We have seen how to configure sudo, how do you use it? Sudo is very easy to use, as you will see. To determine what commands you have available to you via sudo, you can execute:

[ankit@black]$ sudo -l
Password:
User ankit may run the following commands on this host:
     (root) /etc/rc.d/init.d/httpd, /etc/rc.d/init.d/mysql
     (root) /bin/rpm, /bin/rm, /sbin/linuxconf
     (root) /usr/bin/swatch, /bin/touch
     (root) NOPASSWD: /bin/su
     (Jason) /home/Jason/bin/eggdrop, /home/Jason/bin/irc/ircd

This will show you exactly what commands you can run, and as what user. To use sudo to restart Apache, for example, you would use:

[ankit@black]$ sudo /etc/rc.d/init.d/httpd restart
Password:

After supplying his password, Apache will restart for Ankit. If he wanted to start eggdrop as Jason, however, he would have to approach it somewhat differently:

[ankit@black]$ sudo -u Jason /home/Jason/bin/eggdrop&
Password:

This will launch eggdrop in the background running as Jason's uid. Because sudo will, by default, try to run something as root, you must supply the user's username if it is a non-root user, as is the case here. Observe what happens if Ankit neglects to specify Jason's username:

[ankit@black]$ sudo /home/Jason/bin/eggdrop
Sorry, user ankit is not allowed to execute '/home/Jason/bin/eggdrop' as root
on black.somehost.com.

As you can see, sudo is very flexible, and very willing to replace su. In fact, I would even go so far as to make su only available through sudo. In order for su to work for non-root users (ie. allow non-root users to become root or any other user), /bin/su must have the setuid bit enabled, so it can run as root. If you remove the setuid bit from /bin/su, then even if a user knows the root password, they cannot su to root or any other user. Stripping setuid from /bin/su and restricting root logins from the console and via SSH is a very effective means of locking down unauthorized root access on your system. To do this, simply give yourself sudo access to run su (as illustrated with Ankit previously), and strip the setuid bit from /bin/su by executing (as root):

[root@black]# chmod u-s /bin/su
[root@black]# ls -l /bin/su
-rwxr-xr-x      1 root     root      18172 June 4 05:29 /bin/su*

Now if you try to run the command su - as a non-root user, even if you type in the right password for root, you will not change to root. In order for someone to use su, they must exist in sudoers with the appropriate permissions, and must run su through sudo like this:

[ankit@black]$ sudo su -
[root@black]#

I find this a much better approach to restricting access to root. By having su as a setuid application, any user on the system can attempt to execute su; if they have the root password or can guess it, they can become root. By having su access restricted through sudo, and with the setuid bit removed, the chances of breaking into root are much more limited. Think of it this way. If someone can compromise your box and obtain shell access as the user "apache" or "nobody", with su setuid, they can attempt to login as root, and if they find the password, there's no stopping them. With su being stripped of the setuid bit, even if someone obtains shell access as the user "apache", they are limited only to being able to do what the user "apache" has rights to. Even if they know your root password, they cannot su to root. They would need to guess Ankit's password in order to become Ankit, who could then become root via sudo. But even then, they could not use su to become Ankit, they would have to log into the system as Ankit.

To take the illustration further, this would mean they would need local console access to login as Ankit (if they had his password), or via SSH (since Ankit knows better than to run telnet). But Ankit's smart. He hasn't gone through the trouble of setting up sudo to let something like this stop him. He's also configured SSH to reject all password logins and only allow key-based authentication. Without Ankit's private key, no one is logging into his account via SSH. So even if your Apache server, or sendmail server, or DNS server, allowed someone to obtain shell access to your system with an unprivileged account, the damage they could do would be minimal. Without su being available to them as an unprivileged user, without having local console access, and without being able to log in to a user's account via SSH without having his private key, an attacker must resort to more difficult means of attacking your server to obtain root access. You can rest assured that you haven't made his job any easier by taking a few simple steps to protect yourself.

 

Compiling Boxee 0.9.11.5777 on openSUSE 11.*

Having used Miro before, I liked the ability to play videos from different sources in a single program without having to visit every site. Miro was recently updated to version 2.0 and I could not find an RPM for openSUSE 11.0. The Packman repository had and RPM for 11.1 and not 11.0  :-(. Attempts at compiling from source failed..

News about Boxee everywhere. I decided to give it a try. Took a while to get it right.  Posting my experience here.

Download

Download boxee source rev 0.9.11.5777 from boxee.tv. Requires registration. Usage requires registration anyway!

Build Requirements

glew and glew-devel
libmad-devel
libtre-devel
SDL_image_devel
SDL_mixer_devel
libbz2-devel
fribidi-devel
lzo-devel
sqlite3-devel
libmysqlclient-devel
libjasper-devel
libcurl-devel
libhal-devel
cmake
nasm

and maybe more.. autoconf..etc., Install missing ones using YaST . An rpm -q package name will tell if it is installed or not.

Compile

Move to the downloaded folder. Uncompress and untar using

#in my case

cd /home/vimal/Software

tar -jxvf boxee-0.9.11.5777-src.tar.bz2

cd boxee-0.9.11.5777-src

#since there was no configure script present, I did an autoconf to generate it

autoconf

#i could only compile and run Boxee from the current folder. I could not get it installed in the final step. Hence, did not specify --prefix to configure

#run configure now
./configure

#followed by make
make

#and make again!
make

#for  reasons unknown, Boxee was not compiled in the first make. There were no errors either.  Issuing make again fixed the problem. This was an accidental find!

At this point the Boxee binary should exist in the directory and it can be launched by

./Boxee

Notes/Tips

  1. It takes a really long time to compile. If you have a dual core cpu, make -j2 really speeds up the compilation. This tip was from the README. 
  2. I disabled vertical sync. Otherwise, the response was very slow. This can be set from within the program under
    Settings ->Appearance->Screen
    or by editing ~/.boxee/UserData/guisettings.xml
    change  value under to 0
    0
  3. Fullscreen and windowed mode can be toggled using \ 
  4. If you have a Wii, and bluetooth on your PC, you can use the wii remote with Boxee. Check out http://antrix.net/journal/techtalk/boxee_wiimote.html

 Boxee in Action

 

No Gaming on Linux.com?

I've noticed a distinct lack of gaming sections on this site.  Sure, the Linux gaming scene isn't exactly thriving, but then those who do use Linux for gaming haven't got an appropriate section.

The areas I'm referring to are the Software Directory and the Answers section, particularly the latter as there are so many other categories.  In fact it's almost notable by its absence.  The only place which does have a place for games is the Forum, where it appears to be one of the busier topics.

The Software Directory really could do with it so we can build a list of what games are actually out there that are natively compatible with Linux.  And while we're on the subject of the Software Directory, it could really do with subcategories.  I've added PostgreSQL to the Applications section, but someone may be looking for a disk partitioner.  They aren't really related, yet they are in the same section.  Plus, Applications is very generic, and probably needs replacing with several other sections.

Unfortunately I have no experience of Joomla (which is what this site appears to be based on), so I'm not sure how configurable it is.

 

Checking out Linux.com for the first time.

All I can say is, great job with the new site.  Linux.com is finally the portal to Linux that it should have been over a decade ago. 

Thanks!

 

Windows 7

A few boring hours today so I decided to give the Windows 7 RC a shot. I've never really used Vista and while I use Win XP at work, this was all a rather new experience to me. Since it is currently free-as-in-beer until March or so (which is a looong time in the beer world) I didn't feel that bad about embracing the monopolists for a short while.

 So after roughly an hour of installation including partitioning and updating I  booted into Windows 7. Frankly, my first impression was that it seems pretty good. I know there's been a lot of flaming over this, but the interface reminds me a great deal of KDE4 and that's entirely a good thing in my book. Still haven't figured out how to disable that annoying double-click-to-do-anything feauture though. 

First problem: No sound. Woo, 

I've heard a lot about it looking and feeling similar to KDE4, and since I've been following that project for quite some time 

 

Wont be good

With new Linux.Com we got many opportunity for share our experiences. Blogs, groups, submitting articles. all of these good. But one thing about the site will be problem. "Guru Wars" because some of pll want the rewards so badly, they can simply take every unneccesary steps for being number one. This kind ranking systems can be huge problem for our community.

Make c/p and post unlimited blog entries

Join all groups

Be everyones friend

Send some sort answers to all topics at the forums(yeah, gg^^, yow yow)

and be number one! Linux.Com can continue this race, but they must make some changes for the  safety of our minds :D First of all they should close the ranking system to members with this ppl wont know whats their status. Second they should remove guru status from the main page. I really dont care whose ranking better. If they are good i can read their work by myself.

Your Fan

Ceyhun Alyesil

 

Keyboard shortcut for Gwibber

I've recently joined Twitter and its great! I installed Gwibber and its a nifty client. Being the rodent averse person I am, I had to find a way to have a keyboard shortcut for this trivial task. So, what did I do? I wrote this:

#!/bin/bash

ppath=/usr/bin/gwibber
prg=Gwibber
prgstr=gwibber
if [ -z "$(ps -eaf |grep -i $ppath|grep -v grep)" ] ; then
    nohup $prgstr &
    sleep 1
fi
[ -z "$(wmctrl -l |grep -i $prg|grep -v grep)" ] && $prgstr
wmctrl -a "${prg}"

This launches Gwibber if its already not running. Otherwise, it just brings the window to the foreground. Best part of Gwibber is, it ensures you only have one instance running so this works even when Gwibber is iconified on gnome-panel.Bless you wmctrl

My HP Laptop had an "Information" key which was lying idle. So, I fired up "xev", got the keycode, assigned it to a virtual key (F21 in this case) and attached the above script to it in Compiz! So now, I just need to press one key to check my Twitter feeds :)

 Next step, modify it to work as a toggle key...

 

Congratulations Linux.com!

Well i think this website its quite impressive and renewing. More interactive and openminded. Well done!
 
Page 111 of 125

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board