Community Blogs

Creating a Custom Linux OpenSuSE 11 EC2 S3 Backed AMI Using Kiwi

I finally got around to testing running opensuse on AWS!! To begin with I started by using SuSEstudio and plumbing in my EC2 credentials and getting the SuSEstudio platform to push the AMI to S3 for me and run from EBS. This was great and I messed around a bit with creating small installations of JeOS and OpenSuSE. But I wanted to be able to have the all same functionality without being dependant on an external service to push a new version of my AMI and so on.

Read more... Comment (0)

Top 10 articles celebrating Creative Commons' very uncommon last 10 years

To a lot of people all over the world, Creative Commons is more than a license. The organization and their mission is a shining copyleft-light for work rendered by artists, designers, writers, and the list goes on. Here at all of our original content is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License

Read more... Comment (0)

Happy Birthday - Phoronix Turns Eight Years Old

It was on 5 June 2004 that I founded, what has become the leading source for Linux hardware reviews, Linux / open-source graphics drivers, Linux gaming, and much more enthusiast information catered to the open-source world...

Read more... Comment (1)

IPv6 take up in Linux out pacing Windows in Top Sites

During recent analysis of the Alexa top 1 million websites, I pulled some stats regarding IPv6 enabled sites; with these stats as a basis I created an IPv6 infographic showing the current break down of technologies in use by the IPv6 enabled sites in the top 1 million.

Linux is way ahead of any other operating systems with a significant share of the sites being hosted on Linux platforms with Apache or Nginx as the web server. Microsoft IIS has about 4.5% of the share of IPv6 enabled sites.

Lets dig into that last statistic a little more. In the top 1 million sites 11237 sites were found to have a corresponding AAAA record. That is about 1.1% of the top 1 million.

Of those 11237 sites, 4.5% were running Microsoft IIS; while 72.3% were running Apache and 18.1% were running Nginx, putting these open source web servers way out in front. Maybe the system administrators and web teams that operate open source based servers are more inclined to play with new technologies; or perhaps there is another reason for the significant difference.

Netcraft puts the total number of Microsoft IIS web servers in the top 1 million at about 13%. The primary reason for this slow take up I would speculate is due to Microsoft IIS's predominance in business. Since business will usually only make a change when it is either mandated or there is a financial gain to be made; current rollout and deployments of IPv6 are on hold.

The United States also has a smaller take up of IPv6 enabled sites, much less than many other parts of the world such as Europe and parts of Asia.

For futher findings take a look at the infographic -

Any thoughts or comments on the variation in the deployment of IPv6 are most welcome.



Peter is the owner of LLC a provider of open source security testing services available on-line. Try free free port scanners and other tools for testing the security of internet connected systems.


Left 4 Dead for Linux is imminent

Michael Larabel, the founder of, has been invited to visit the Valve headquarters by its boss Gabe Newell. Yesterday, it was the day on which he was able to take a look inside the development progress of Steam for Linux. He has not only talked to Gabe Newell about Valve's plans regarding Linux, but even has tested the native Steam client on Ubuntu.



PostgreSQL C++ tutorial

Installation and configuration

This tutorial is done on LinuxMint 12 and it will work on Ubuntu 11.10. I did the same on CentOS 6.2 and I'm going to write about it later, installing PostgreSQL 9 and corresponding libpqxx is there rather complicated.

Using terminal we find what is available:

apt-cache search postgresql

those are results we are interested in:

libpqxx-3.0 - C++ library to connect to PostgreSQL

libpqxx-3.0-dbg - C++ library to connect to PostgreSQL (debugging symbols)

libpqxx3-dev - C++ library to connect to PostgreSQL (development files)

libpqxx3-doc - C++ library to connect to PostgreSQL (documentation)

postgresql-9.1 - object-relational SQL database, version 9.1 server

postgresql-client - front-end programs for PostgreSQL (supported version)

postgresql-client-9.1 - front-end programs for PostgreSQL 9.1

postgresql-client-common - manager for multiple PostgreSQL client versions

postgresql-common - PostgreSQL database-cluster manager

postgresql-contrib - additional facilities for PostgreSQL (supported version)

postgresql-contrib-9.1 - additional facilities for PostgreSQL

It will return much more but we do not need them all. Now in terminal we do

sudo apt-get install postgresql-9.1 postgresql-client postgresql-client-9.1 postgresql-client-common postgresql-common postgresql-contrib postgresql-contrib-9.1

or if one like gui, Software Manager or Synaptic will also do. Do not forget contrib packages, you will need them for pgAdmin III.

Again in terminal do:

sudo su postgres

afer entering password you are postgres. As postgres:

psql template1

psql (9.1.3)

Type "help" for help.

template1=# create role testuser login password 'testpass' superuser valid until 'infinity';



That escaped q quits psql and after one exit you are back to your login. If you like install now pgAdmin III or using psql create DB and table where you are going to practice.

To allow remote connections do:

sudo gedit /etc/postgresql/9.1/main/postgresql.conf

and modify listen_addresses, something like this:

listen_addresses = 'localhost,,'

Also in pg_hba.conf we need to enable remote users:

sudo gedit /etc/postgresql/9.1/main/pg_hba.conf

it should look something like this, all the way towards bottom of the file:

# IPv4 local connections:

host all all md5

host template1 testuser md5

host testpgdb testuser md5

After saving changes restart PostgreSQL server:

sudo /etc/init.d/postgresql restart

Please create DB testpgdb with sufficient rights for testuser or rename DB in C++ example.

Now it is time to install libpqxx. From terminal execute:

sudo apt-get install libpqxx-3.0 libpqxx-3.0-dbg libpqxx3-dev libpqxx3-doc

and installation is done.

C++ example

Code is slightly adjusted test 005 which comes with libpqxx3-doc, to see where is what use:

dpkg -L libpqxx3-doc

It connects to local instance of PostgreSQL, if you want remote ‚Äď please edit connection string. If connection succeeds creates table, inserts data and at the end does one non-transactional select.

#include <iostream>

#include <pqxx/pqxx>


using namespace std;

using namespace pqxx;


int main(int argc, char** argv) {

connection C("dbname=testpgdb user=testuser password=testpass hostaddr= port=5432");

string tableName("tabletwo");

if (C.is_open()) {

cout << "We are connected to" << C.dbname() << endl;

} else {

cout << "We are not connected!" << endl;

return 0;


work Q(C);

try {

Q.exec("DROP TABLE " + tableName);


} catch (const sql_error &) {


work T(C);

T.exec("CREATE TABLE "+tableName+" (id integer NOT NULL, name character varying(32) NOT NULL, salary integer DEFAULT 0);");

tablewriter W(T, tableName);

string load[][3] = {






for (int i=0;i< 4; ++i)

W.insert(&load[i][0], &load[i][3]);




nontransaction N(C);

result R(N.exec("select * from "+tableName));

if (!R.empty()) {

for (result::const_iterator c = R.begin(); c != R.end(); ++c) {

cout << '\t' << c[0].as(string()) << '\t' << c[1].as(string()) <<'\t' << c[2].as(string()) <<endl;



return 0;


In order to compile code you will need to tell to g++ where are libpqxx headers (they are not on the path) and also to linker what libs must be used for linking. Something like this:

g++ hello.cxx -o hello -I/usr/local/include/ -lpqxx -lpq

If your libpqxx or libpq are on unusual place you will use -L[path to where they are], there is lot of that on CentOS or Fedora ;-)

After executing hello (./hello) you should be rewarded with the following output:

We are connected totestpgdb

NOTICE: ALTER TABLE / ADD PRIMARY KEY will create implicit index "PK_IDT" for table "tabletwo"

1 John 0

2 Jane 1

3 Rosa 2

4 Danica 3

I will write more on subject and explain Red Hat, CentOS, Fedora installation. After that we will look at coding using Eclipse and NetBeans, also PostgreSQL and libpqxx. - sync data between systems using pen-drive

Its is easy to sync two connected systems, but what if you need to sync two or more systems, not connected with each other? Need to use external storage device, but everytime copying data to external device is not always easy, and there may be chances that you may forget to copy some files. So here is a small bash-shell script, just need to set path once in script and it will take care of rest things.

save following as ~/bin/ and mark executable by executing 'chmod +x ~/bin/'.
to sync data from local system to external device run:
$ upload  (enter 'satellite' on asking passphrase)
to sync data from external device to local system run it with 'base' as argument and passphrase.

In this case external storage is USB pen drive labeled as SATELLITE.


if [ $# -ne 1 ];then
echo "Usage: $0 upload|download"
exit 0


# ---- BLOCK-START ----
# add path to both arrays
# and basename of the path must be a folder
# ---- BLOCK-END ----

# check that both arrays contains same number of elements
if [ ${#path_satellite[@]} -ne ${#path_base[@]} ];then
echo -e "mismatch detected in ${0}\nkindly verify both arrays, exiting"
exit 1

total=${#path_base[@]}      # since both arrays are having same number of elements
echo "total: $total"

# check that order of elements in both arrays are same
while [ $counter -le $total ]
temp_sate=$(basename ${path_satellite[$counter]})
temp_base=$(basename ${path_base[$counter]})

if [ "${temp_sate}" != "${temp_base}" ];then
echo "satellite: ${temp_sate}"
echo "base     : ${temp_base}"
echo "above paths does not match in ${0}, kindly check and rerun"
exit 1
counter=$(expr $counter + 1)

# chech if local copy of is latest

script_remote=$(stat ${f_remote} | grep "Modify")
script_remote=$(echo ${script_remote:8:19} | sed 's/[- :]//g')

script_local=$(stat ${f_local} | grep "Modify")
script_local=$(echo ${script_local:8:19} | sed 's/[- :]//g')

echo "remote: ${script_remote}"
echo "local : ${script_local}"

if [ "${script_remote}" -gt "${script_local}" ];then
cp -f ${f_remote} ${f_local}
echo "local copy was outdated, hence updated"
echo "re-run: ${0}"
exit 1

if [ "$arg" = "upload" ];then
echo -ne "phrase to overwrite SATELLITE \033[35G: "
read text

if [ "$text" != "satellite" ];then
echo "wrong phrase"
exit 2

for (( x=1; x<=$total; x++))
[ ! -d ${path_satellite[x]} ] && mkdir -p ${path_satellite[x]}
rsync -av --delete ${path_base[x]}/ ${path_satellite[x]}

elif [ "$arg" = "download" ];then
echo -ne "phrase to overwrite BASE \033[35G: "
read text

if [ "$text" != "base" ];then
echo "wrong phrase"
exit 2

for (( x=1; x<=$total; x++))
[ ! -d ${path_base[x]} ] && mkdir -p ${path_base[x]}
rsync -av --delete ${path_satellite[x]}/ ${path_base[x]}

# enable executable bit of bash-shell & python scripts
find ${path_base[x]} -name "*.sh" -exec chmod +x {} \;
find ${path_base[x]} -name "*.py" -exec chmod +x {} \;

# enable executable bit of binaries
# if executable path/file name contains single quote ('), skip it -- need to fix it!
var=$(find ${path_base[x]} -name "*" -type f -print| grep -v "'"| xargs file | grep ELF | cut -d':' -f1)
if [ -n "${var}" ];then
echo ${var} | xargs chmod +x

echo -e "synching \033[35G DONE"
#------------ END ------------


auto indent in vim

$ vim ~/.exrc

set shiftwidth=4
set softtabstop=4
set nu

if has ("autocmd")
     filetype plugin indent on


vim parse ~/.exrc on start,

shiftwidth & softtabstop makes sure that when 'tab' key pressed, it insert 4 spaces and when 'backspace' key pressed, delete 4 spaces.


'nu' print line number


'filetype plugin indent on' loads auto indent plugin for the file type (.extension) if avalable


Configuring ESXi VDR FLR on SuSE Linux SLES 11 x86_64

I've written the following post as it took me a while to figure out how to get SLES Linux File based restore from within a VMDK on ESXi.


By default there is support for Debian Guest and RedHat, There is also a helpful article on the VMware forums that details implementation on OpenSuSE 32bit.


This is where my first problem arose, as the VDR FLR programs require 32bit libraries in order to run. The way I approached this was to use a 32bit Guest VM as a donor for the 32bit linker programs, that dont seem to get included in the same way when installing the 32bit runtime environment on SLES 11 x86_64. All of the documentation on the OpenSuSE sites seem to point to declaring runtime variable settings for the linker and compiler by using "-m32" as an argument. Whilst this 'Works" it fails to actually build the source objects that you require.


So I created a 32-bit guest and after a bit of debugging zipped down the /usr/i586-suse-linux directory and copied it over to and unzipped it on the 64-bit guest that I wanted to have VDR FLR running on. - This will give me a 32bit version of the linker program 'ld'.


I also found that running on a kernel anything earlier than failed to create the FUSE directories and files correctly under /tmp. So I ran a kernel update by grabbing these files from Novell's SLES site:


For the following to run successfully you will need to update module-init-tools first:




rpm -Fvh mod-init*.rpm

//This will use these files to update the module-init-tools.









//Next do the kernel update online


mkdir /usr/local/src/kernelmods

move the following files into /usr/local/src/kernelmods









cd /usr/local/src/kernelmods

//Next run the update

rpm -Fvh *.rpm



Use YaST to make sure that you have installed the 32bit runtime environment. - Note that some of the steps we are doing after this is to get around a problem that I found with the 64bit linker not seeming to accept "-m32".


Once this has finished, its best for you to do a reboot, just to make sure you are running everything that you should be.


Download VMware-vix-disklib from the VMware site. I used this version:VMware-vix-disklib-1.2.0-230216.i386.tar. Copy this to /usr/local/src and unpack and install by executing ./


Next follow the VDR instructions to get hold of the FLR program:VMwareRestoreClient.tgz. Copy this file to /usr/local/src on the 64bit guest, and unpack.


Next grab a source copy of FUSE from the FUSE site - I used 2.7.3. Here are the build instructions that worked for me:


./configure '--prefix=/usr/local/mattsfuse'  '--build=i386' 'CC=gcc -m32' 'LD=/usr/i586-suse-linux/bin/ld' 'AS=gcc -c -m32' 'LDFLAGS=-L/usr/local/mattsfuse/lib' '--enable-threads=posix' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--libdir=/usr/local/mattsfuse/lib' '--libexecdir=/usr/local/mattsfuse/lib' '--enable-languages=c,c++,objc,fortran,obj-c++,java,ada' '--enable-checking=release' '--with-gxx-include-dir=/usr/include/c++/4.1.2' '--enable-ssp' '--disable-libssp' '--disable-libgcj' '--with-slibdir=/usr/local/mattsfuse/lib' '--with-system-zlib' '--enable-__cxa_atexit' '--enable-libstdcxx-allocator=new' '--program-suffix=' '--enable-version-specific-runtime-libs' '--without-system-libunwind' '--with-cpu=generic' '--host=i586-suse-linux' 'build_alias=i386' 'host_alias=i586-suse-linux' --cache-file=/dev/null --srcdir=.


As you can see in the configure script I specified an absolute path to the 32-bit linker (ld) 'LD=/usr/i586-suse-linux/bin/ld', and used --build=i386 and manually set some other 32bit flags to instruct the compiler on what to do.


Once the configure has run, issue a 'make' and 'make install' if there are no problems shown in the 'make'.


You now have a 32-bit source version of FUSE running in on 64-bit SLES!


Almost there, all we need to do now is use 'ldd' to look at the VDR programs we need to run and see what libs it thinks are missing.


cd /usr/local/src/VMwareRestoreClient




you should see something like this: =>  (0xffffe000) => /lib/ (0xb7d72000) => /lib/ (0xb7d5c000) => /lib/ (0xb7d29000) => /lib/ (0xb7d17000) => not found => not found => /lib/ (0xb7bea000)

/lib/ (0x80000000)


The items showing 'not found' are the ones we need to move around.


cp -a /usr/local/mattsfuse/lib/libfuse.* /usr/lib

find / -name -print

cp -a* /usr/lib

run 'ldconfig'



--> This should now show you the locations of the missing files that have now been found: =>  (0xffffe000) => /lib/ (0xb7e4a000) => /lib/ (0xb7e34000) => /lib/ (0xb7e01000) => /usr/lib/ (0xb7def000) => /usr/lib/ (0xb7c98000) => /usr/local/lib/ (0xb7c7f000) => /lib/ (0xb7b53000)

/lib/ (0x80000000) => /lib/ (0xb7b4a000


Next you should be able to run"VdrFileRestore -a " As per VMware's instructions on the 64-bit guest.


Follow the onscreen instructions to select which backup day that you want to mount the filesystem for. You will then need to SSH onto the 64-bit guest. If you run 'df' you will see that there is a /tmp/xxxxxx file mounted in the list. - Do not try to use this as a file path to grab files from. Instead use the suggested /root/HOSTNAME-DAY mount point.


For a test I moved /etc/hosts /etc/hosts.myold and then copied /root/HOSTNAME-DAY/etc/hosts /etc/hosts, and checked that I could read it ok.


Hope that someone might find this useful. VDR is an amazing backup tool that is free with the Enterprise licence. You can either do a complete host restore, or use FLR as described above to restore single files from inside the machine image.



(c)   Matt Palmer 29 Jan 2012 -


Open Source Think Assistant

The key to intelligence must be memory. It would then be a good idea if one could use a computer program to aid the human rather low memory capacity in a simple yet powerful way. The program I had in mind is a simple add to existing open source FreeMind type programs. To expand and structure your thought process you could choose from a drop down list of certain keywords or sentences that progresses the solution further to a new innovative product or answer in a textbook exercise. The keywords and sentences come from different areas like physics, chemistry, biology, engineering, mathematics and more. They can describe useful reasons for solving the problem. You should also be able view examples where the key reasons are used so to compare them with your problem. I would like the program to be modular so that the community can add and collaborate new reasons to existing areas or create new areas. Apart from importing the modules in an open format maybe it would be good to have an HTML export function. Like Bookmarks in Firefox. In education you could use these kind of programs to solve exercises in a more structured way. In innovation or problem solving you can easily expand your imagination by trying key sentences like already written perspectives from different areas otherwise missed. Further you could expand the program to include crowd sourcing whereby sharing the problem sheet with others gives you answers to reasons you know are valid but have not yet come up with an answer to yet. The idea is meant for GPL licensed or for Free and Open Source Software to aid small innovation and education. Idea by Per Lindholm

Password guessing as an attack vector

Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password. Password guessing in my view is the oldest hack in the book, and unfortunatley some of us are making it too easy for the bad guys. From simple things like password equal to username (I still see this often) to blank passwords or super easy combinations like 'qwerty'. As a system Administrator it is our job to serve and protect. However, despite our best efforts users often give things away too easily. Therefore how do we know our users are doing the right thing and how can we audit poor or weak passwords. We could purchase a commercial password auditing tool, but in my view that is a waste of money. The open source community has many excellent tools for this job. Two that I personally know on a first name basis are THC-Hydra and Medusa. Both are excellent password guessing tools, which if used correctly can help eliminate weak passwords from your environment. While Hydra has been ported to Windows, Medusa at this time is Linux only. In fact the author has put out a call to the community. He said, "If anyone can compile Medusa under Cygwin I'll buy you a beer at the next Defcon." ~ so far no takers. If you want to learn more about each tool check them out here: Medusa - THC-Hydra - The coolest part about these tools is the fact they support a huge shopping list of protocols. From Windows LM to RDP, SSH, TELNET, HTTP, VNC, IMAP, POP and many others. While both are similar in function, Medusa is currently my top choice because it supports more protocols, including MS-SQL and has recently been updated to version 2.0. Medusa is fast, and because its available with my favourite distro its my tool of choice. As a penetration tester, once I let Medusa loose on your network I look for two to three things. 1. Accounts where password is equal to username 2. Accounts where password is blank 3. Accounts where passwords are simple dictionary words With Medusa, these are all easy, however with option 1, I typically see this with shared accounts, or accounts which are not used very often, typically some obscure low key service. Most often these accounts have regular user status in the domain, and that is exactly what I need. From a nobody to somebody in one step. Blank passwords are stupid easy, again shared accounts or really old accounts which were created under Windows NT 4 and were migrated from 2000, 2003 to 2008 over the years. I see this often in Manufacturing, where Windows 98 and DOS rules to this day. Lastly, the real power of Medusa or Hydra for that matter is Dictionary attacks. It can pump through a fairly large dictionary in minutes. And those of you believing a second language is more secure, think again. As long as its a dictionary word (in any language) you're done like dinner (as one of my students used to say).
Page 10 of 125

Upcoming Linux Foundation Courses

  1. LFS426 Linux Performance Tuning
    21 Apr » 24 Apr - Virtual
  2. LFS520 OpenStack Cloud Architecture and Deployment
    05 May » 09 May - Virtual
  3. LFD320 Linux Kernel Internals and Debugging
    12 May » 16 May - Virtual

View All Upcoming Courses

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board