It looks like some crazy animators decided to pimp our favorite mascot to the world, I don't know if this was intentional or a mistake, either way it is cool.

The picture below shows the cleanest frame from the Fruit Loops yetti commercial where they are using tux.

Someone else was good enough to film the entire commercial and place it on youtube (below) in which they had also slowed down the video to show tux a little more clearly.

[video:http://www.youtube.com/watch?v=xSEwThogkzY 300x300]

I am looking forward to the potential of seeing Tux in more unexpected places in the future.

Official Release Announcement:

Hello,

Pardus 2011 is now available 

Installation images can be downloaded from:

http://ftp.pardus.org.tr/pub/ISO/Installation/2011/
ftp://ftp.pardus.org.tr/pub/ISO/Installation/2011/

and Live images can be downloaded from:

http://ftp.pardus.org.tr/pub/ISO/Live/2011/
ftp://ftp.pardus.org.tr/pub/ISO/Live/2011/

We strongly recommend you to verify the integrity of the installation
image with md5sum or sha1sum, to use good quality blank media, to burn
the images in 4X burning speed for a painless installation experience.

You may want to install the 64-bit version of Pardus 2011 if your system is 
equipped with one of the processors listed in the sections below.

* Intel processors which support 64-bit architecture

    - Newer versions of Pentium 4, Celeron D, Xeon and Pentium Dual-Core
    - Atom D5xx, N4xx and N5xx
    - All versions of Pentium D, Pentium Extreme Edition, Core 2, Core i7, 
Core i5 and Core i3 processors

* AMD processors which support 64-bit architecture

    - AMD Athlon 64, 64 X2, 64 FX
    - AMD Athlon II
    - AMD Opteron
    - AMD Turion 64
    - AMD Turion 64 X2
    - AMD Sempron
    - AMD Phenom
    - AMD Phenom II

Major features in this release are:

Kernel - The latest Linux kernel 2.6.37 provides an up-to-date hardware 
support together with a thousand of bug fixes.

Plymouth - The bootsplash technology used in Pardus 2009.2 is completely 
dropped and replaced by the new Plymouth engine.

YALI - YALI, the installer of Pardus, gained LVM/RAID and UUID support.

KDE SC - Pardus 2011 comes with the latest KDE Software Compilation, KDE SC 
4.5.5. The base packages also contains numerous backports and fixes which will 
improve the stability of your desktop experience significantly.

Kaptan - Kaptan, the desktop customization tool of Pardus, now optionally 
captures your picture and sets it as your avatar in KDE.

NetworkManager - GNOME NetworkManager 0.8.2 is now the default networking 
backend in Pardus 2011. Users are now able to set up their HSPA/CDMA/VPN 
networks together with the already supported Ethernet and 802.11 WLAN 
networks.

GTK Oxygen style - All GTK applications are now rendered with Oxygen style 
thanks to the oxygen-gtk project. This brings a huge improvement to the user 
interface consistency.

LibreOffice - LibreOffice, an Open Source personal productivity suite 
sponsored by the Document Foundation, is now the default Office Suite in 
Pardus 2011. 

Firefox - Pardus 2011 comes with Mozilla Firefox 4.0 Beta9 as the default web 
browser application. New features of this Firefox release include Firefox 
Panorama, application tabs, a redesigned extension manager, Jetpack extensions 
support, integration with Firefox Sync, and support for multitouch displays. 

Errata:

* YALI issues "Could not allocate enough space for partitioning" warning in 
"Use all free space" option if extended partition has no free space YALI 
although there is free space outside of the extended partition 
(http://bugs.pardus.org.tr/show_bug.cgi?id=16236)

* In some machines, it takes long time to initialize disks in YALI, if system 
has RAID arrays (http://bugs.pardus.org.tr/show_bug.cgi?id=16165)


Users who want to upgrade from Pardus 2009 version, have to wait until 
development of the upgrade manager is completed.

-- 
Gökçen Eraslan

I think that more can be done to enable people to enjoy the freedom of the Linux world. Its a good thing there are plenty of choices but without pre-existing knowledge not many will make that step. With video people can recognize and learn the basic skills without leaping into the unknown. The problem with the present video documentation on the net is that its very fragmented. Its not as easy as it should be to find a coherent set of videos that will guide the first time user. To get this and preserve the freedom you need equal documentation for various distributions. Considering only the major Linux distributions. Making the user fluent in Ubuntu, Fedora and OpenSUSE would be more than enough.

An idea is that we crowd fund a project to work with a professional studio to make these videos. That way we get a coherent set for Ubuntu, Fedora and OpenSUSE.

The best commercials are the ones that people find useful. There are many educational TV channels out there that are longing for interesting content so why not aim high and produce a mini video course for them to broadcast.

Introduction

Here's another episode of my VPN saga, this time we'll connect IPCop to PFSense with IPSec.

Just few words about PFSense (http://www.pfsense.org/) if you don't know it; I've always used BSD and I'm a big fan of it, OK we're in a Linux site but many of you may possibly argue about BSD proof of scalability, stability, security, simplicity (IMHO) and networking capabilities (even after recent events, fake or not).

BSD PF (http://www.openbsd.org/faq/pf/) (Packet Filter) if a great technology and I totally love it, I don't want to start a flame war between Packet Filter and IPTables, this article is just focused on building an IPSec connection between Linux and a particular BSD distro (PFSense). I've done some research after dealing with M0n0wall, Smoothwall and so on and I've decided to give PFSense a try. It's one of my favorite firewall distributions, SOHO installations but even heavy duty connections and features (NAT traversal or load balancing for example), it's not a project for hobbyists, it may scale to business class installations easily.

Following this “VPN by examples” guide I'll connect PFSense to IPCop with an IPSec connection, both machines have static IP addresses, in later examples I'll use even dynamic IPs; I didn't find anything related to IPCop to PFSense available on the web so I've decided to publish my documentation with a lot of screenshots as usual.

This article will follow my previous “VPN-O-Rama: IPCop to IPCop with IPSec” (http://www.linux.com/community/blogs/vpn-o-rama-ipcop-to-ipcop-with-ipsec.html) and I'll add a new machine to the same network, so it will be:

Network topology:

Firewalls:

I've skipped PFSense installation process to focus on a ready new installed PFSense machine named Tatooine, let me know if you need an article on it.

My Goal

I'd like to achieve an IPSec connection between two static machines (Tatooine and Coruscant), no firewalls or other port blocking rules on public WAN between these two firewalls, variations on this task may follow on following articles

PFSense Configuration

Here's PFSense main GUI in the private network example:

WARNING:

Before every configuration please consider we're creating an example and we're using private networks (10.0.0.0 Class A IPs on WAN), on PFSense there's an option made for blocking private network traffic on WAN, before starting with our example you need to disable this rule ! Under Menu Interfaces / WAN there's an option named “Block private networks”. Just forget it if you're using a real network on public classes (on WAN), see screenshot and disable this rule if you're in my case

Now go under VPN menu, option IPSec

Enable “Enable IPSec” check box and hit “Save” button, see:

then click the “Add tunnel” icon on the right side of the page, now you've a new page where you can specify VPN tunnel options. Here's what I've done:

General parameters (PFSense related)

• Tunnel enabled, so disable this tunnel check box is unchecked

• Interface WAN, in my case I need to use WAN to reach remote subnet

• DPD interval (dead peer detection), in my case 60 seconds (it should be enough for everyone)

• Remote Subnet, in this example is 10.0.2.0 (Coruscant network) with a 24 bit mask (255.255.255.0)

• Remote Gateway, in this example is 10.0.0.94 (Coruscant firewall on public network)

VPN Phase 1 Authentication (VPN Parameters for phase 1)

• Negotiation Mode, set to “main”

• My Identifier, left as it is (my IP address). In my case I've a quite easy network connection with two static IP addresses, no NAT traversal or other stuff around. We'll see advanced configurations with NAT and dynamic IP addresses the next time

• Encryption algorithm, I'm using Blowfish, much better than 3DES. Please remember all your parameters, they must match settings chosen on the remote side

• Hash algorithm, MD5 for hashing, I've chosen MD5 here and on IPCop side

Let me show you first page with parameters from above

Let's go on with:

• DH key group, select option “5” (on IPCop I've chosen 1536 bits)

• Lifetime, set it to 3600 seconds (1 hour)

• Authentication Method, I'm now using “pre-shared key”, CA (Certification Authorities) are not available as native services on PFSense. Developers are focusing their software on firewall features and I respect their ideas related on keeping CAs outside even if it would be great to have something inside (like IPCop and other Linux distros). Creating a CA from scratch on an another PC requires a lot of time and it's out of this article tasks, I'll write down some notes on it if you need it. To keep things as simple as I can I've chosen to use Pre Shared Key, this is not a roadwarrior connection but a connection between two offices so it's something a common user never see

• Pre-Shared Key, I'm using “12345” (“I've got the same combination on my luggage” cit.: http://en.wikiquote.org/wiki/Spaceballs )

And here's another shot:

VPN Phase 2 proposal (SA/Key Exchange)

Here's the second round of a VPN connection: key proposal and exchange, here are my parameters:

• Protocol: ESP, encryption

• Encryption algorithms, I'm using Blowfish, I've disabled everything else to avoid confusion so VPN server avoids even their proposal

• Hash algorithms, SHA1 and MD5, keep them as they are

• PFS key group, we're using 1536 bit so option “5” is the way to go

• Lifetime, is 28800 (8 hours)

No keep alive host, use something if you detect drops on your line

Here's my shot:

I'll repeat it again, please keep in mind all these parameters are mandatory , you need to fill them even if PFSense tells you they're optionals and even more important: write them to a notepad and report them as they are on the IPCop side.

Finally hit SAVE button to create your VPN connection, now on the VPN:IPSec page hit Apply Changes button to confirm your new VPN connection.

IPCop Configuration

Now it's time to create the VPN connection on the IPCop side, back again on Coruscant, you'll probably see past article information (http://www.linux.com/community/blogs/vpn-o-rama-ipcop-to-ipcop-with-ipsec.html) but we don't care.

On VPNs menu, VPNs option here's the situation:

now press “Add” button in the middle of the screen to create a new PSK VPN connection with IPSec and select Net-to-Net Virtual Private Network to continue, we want to connect these two nets, then press Add to go on (see screenshot)

Here are the parameters for this VPN connection:

• Name, Tatooine. The name of your VPN connection, choose the name you want, it really doesn't matter

• Host IP Address: 10.0.0.94. Where VPN starts: red interface, WAN (see previous information about it)

• Remote Host/IP: 10.0.0.96. Where your remote firewall (Tatooine) is, static IP address in my case

• Local Subnet: 10.0.2.0/255.255.255.0 It should be already set to your own subnet LAN on Coruscant network

• Remote Subnet: 10.0.4.0/255.255.255.0 Tatooine network information for our example

• Check “Edit advanced settings when done” check box because you need to deal with Phase 1 & 2 advanced parameters for VPN settings, important

• In authentication window below select “Use a Pre-Shared key” and enter “12345” as the PSK password (please choose a different one on real cases, we already have Spaceballs http://en.wikiquote.org/wiki/Spaceballs)

Here's another shot

Then hit Save on the bottom of the page to edit advanced settings.

Now You're in the advanced settings page where you can specify connection parameters for phase 1 & 2 (VPN)

Here you need to set:

Phase 1

• IKE Encryption to Blowfish (both 256bit and 128bit)

• IKE Integrity to SHA1 and MD5

• IKE Grouptype to MODP-1536 (remember 1536 bit above ???)

• IKE Lifetime to 1 hour

Phase 2

• ESP Encryption to Blowfish (both 256bit and 128bit)

• ESP Integrity to SHA1 and MD5

• ESP Grouptype to MODP-1536

• ESP Keylife to 8 hours

Keep additional parameters (checkboxes below) as they are, so everything unchecked except "Perfect Forward Secrecy (PFS)"

See screenshot for details

Now under main VPN menu on IPCop wait for a while (how much ? a while...) and you'll probably see something like that (open status is green)

On PFSense side you need to go to Status menu, IPSec option and in the Overview tab you'll see this (status with green arrow is for the on line link):

As you may see from this example all efforts are related to match proper VPN parameters, phase 1 and phase 2 settings needs to have same values on both sides, it's also important to mention IKE lifetime and keylife, if they don't match you don't even have the connection.

I hope this guide could be pretty clear for anyone, I've tried to search something like that when I was dealing with my first connection but unlikely I didn't found anything on the web.

Please let me know if you need further details on this connection, in the next episodes I'll show you some variations of this Config and I'll connect new distros as well, share your comments if any

Previous:
VPN-O-Rama: VPNs intro, practical HOWTOs
VPN-O-Rama: IPCop to IPCop with IPSec

Next:
IPSec connection between a static and dynamic IP Address

Regards

Andrea (Ben) Benini

Today I have special thanks to do - as of last week, my iPod is now running Rockbox and I'm free to transfer all my OGG and Flac files without resorting to live conversion of the whole library. This wouldn't have been possible without the freemyipod project.

A couple of years ago, a project named "linux4nano" appeared on the Internet. Their goal, as they appear on their old Web site :

[...] discover, collect, synthesize and publish as much information as possible about the iPods protection scheme in order to boot other operating systems on it.

The initial project was aimed at the second generation iPod Nano. However, the device list grew and other iPod lines were added to it. The project was therefore renamed "freemyipod".

I've had an iPod Classic for a couple years now, and I've been syncing the device with the gtkpod manager (which works pretty well, by the way). However, since most of my library is comprised of OGG and Flac files, they had to be transcoded into the device, which is a very lengthy procedure. Since then, I was hoping to be able to install Rockbox on my iPod in order to freely drag and drop my music library into it without transcoding.

Two weeks ago, the freemyipod team released a set of instructions to install an experimental version of the Rockbox port... for the iPod classic! I was thrilled and very excited about these news - after watching the progress on their Wiki, the moment finally came for me to free my iPod! A bit later in the week, the port got more usable and I installed Rockbox on the little black device.

My iPod is now free, and it wouldn't have been possible without the freemyipod project. Thank you for removing the shackles from my little portable media player - may you succeed in liberating all of them!

Ever been caught off guard by a user running a daft query against the database thats causing everything to stack up??

This script is a quick and dirty way to get rid of everything that active ‘now’, and has been used on occasions where users have run a query that locks a table thats required elsewhere, but they havent checked the impact of their changes. Its not a good way to run things, but can help temporarily sort service issues, particularly when no one will admit that they are the person thats run a dodgy query

#/bin/sh

AWK=/usr/awk

ADMIN_PATH=/usr/local/bin

$ADMIN_PATH/mysqladmin processlist -h127.0.0.1 -p<password>|$AWK ‘{ print $2}’ > processes.txt
for i in `cat processes.txt`; do $ADMIN_PATH/mysqladmin -h127.0.0.1 -p<password> kill $i; echo “killed $i”; done

Have you just installed Fedora and want it to be able to decode media content on the web? Check out this link.

http://www.if-not-true-then-false.com/2010/install-adobe-flash-player-10-on-fedora-centos-red-hat-rhel/

Being a computer user that wants to try out a Linux distribution can leave you feeling overwhelmed because there are so many options. Users from the windows and apple world are used to only having one option of their chosen core system, but there are more than 300 Linux based distributions under active development that are available and most are free.

Before you begin your exploration into the Linux world there are few things that you must understand about the commonalities and differences between the many Linux based distributions.

This is a report on Open Data, Open Standards and Open Government deliberately written to be immediately understandable by, and relevant for, all citizens, not just Free Software supporters and other activists. The whole text is downloadable or readable online at the Stop.