Category Archives: Linux

Chasing Linux mount point indirection

Posted on by

It can be a challenge to track down what mount point on a Fedora/RHEL Linux box belongs to which physical disk partition when there are several layers of indirection including Logical Volume manager, Encrypted Disks and UUIDs. Fortunately, the computer does it for us most of the time. But when I, as a human being, needed to step in and figure it out, google came to the rescue. Here are my old notes.

cat /etc/fstab (my transcription of the info):
 / is /dev/VolGroup00/LogVol00
 /home is /dev/mapper/luks-625f820f-1aba-45b3-aacd-4d17dcc9240a
 swap is /dev/mapper/luks-a9362b00-c1c6-470f-9b5b-4e062d96ff10

cat /etc/crypttab:
 luks-625f820f-1aba-45b3-aacd-4d17dcc9240a UUID=625f820f-1aba-45b3-aacd-4d17dcc9240a none

sudo blkid
 /dev/mapper/VolGroup00-LogVol02: UUID="625f820f-1aba-45b3-aacd-4d17dcc9240a" TYPE="crypt_LUKS"

sudo lvscan
 ACTIVE '/dev/VolGroup00/LogVol02' [363.09 GB] inherit

sudo pvscan
 PV /dev/sda2 VG VolGroup00 lvm2 [465.66 GB / 0 free]
 Total: 1 [465.66 GB] / in use: 1 [465.66 GB] / in no VG: 0 [0 ]

sudo fdisk -l
Device Boot      Start         End      Blocks   Id  System
/dev/sda2 14 60801 488279610 8e Linux LVM

I don’t like chasing down that many levels of indirection, so I normally try to simplify things on a desktop system by not using LVM.

Ubuntu and how to disable advertising

Posted on by

Post-Fedora life with Ubuntu 12.04 has been good. I haven’t upgraded to 12.10 (I’m going to stick with a long-term-support release for now), but I’ve heard from people that refuse to upgrade due to the new advertising that shows up in search results. Apparently, Canonical 1) is trying to find ways of generating revenue, 2) made it very easy to disable the advertising. LWN.net explains what’s going on, and the Electronic Frontier Foundation explains how to disable the advertising.

http://lwn.net/Articles/528781/

https://www.eff.org/deeplinks/2012/10/privacy-ubuntu-1210-amazon-ads-and-data-leaks

The simple command to disable the advertising is:

sudo apt-get remove unity-lens-shopping

If one is concerned about this, it seems to me that one ought to also be concerned about online advertisers and about gmail sorting through one’s email.

 

Postfix on Ubuntu 12.04 with Comcast

Posted on by

After having had Ubuntu 12.04 installed for months, I finally moved my old Fedora services over to it, including Postfix. Here’s how I configured it.

I configured /etc/aliases so that local email destined for ‘root’ (including regularly scheduled system cron jobs) is delivered to my local account, instead of being sent to root@comcast.net (they don’t appreciate getting my SPAM): 

root: myusername@localhost
I added the following to /etc/postfix/main.cf. Notice that I appended a “.NOT” to the relayhost. I did this initially so that I could send test email messages, and make sure message delivery was correct, before allowing email to go to my ISP. More on this later. 
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, localhost.$mydomain, localhost, robinson-lin
relayhost = [smtp.comcast.net.NOT]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
sender_canonical_maps = hash:/etc/postfix/sender_canonical
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = /usr/bin/procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = loopback-only
I added the following to /etc/postfix/sasl_passwd: 
smtp.comcast.net MyUsername:MyPassword
I added the following to /etc/postfix/sender_canonical: 
jaredrob MyUsername@comcast.net
I ran the following commands: 
  chmod o-r /etc/postfix/sasl_passwd
  postfix check
  postmap /etc/postfix/sasl_passwd
  postmap /etc/postfix/sender_canonical
  postalias /etc/aliases
Next, I tested my email configuration by sending test email messages (using ‘mutt’ or ‘mail’)…
  1. From my local linux account to my local linux account, to make sure local delivery worked and didn’t get sent to my ISP.
  2. From the local ‘root’ account to my local linux account.
  3. From the local ‘root’ account to my local ‘root’ account, to make sure it was forwarded to my local user account (remember /etc/aliases?)
  4. From my local account to an external account (gmail, etc.)
    1. I didn’t expect it to be delivered at this point. Remember the “.NOT” I added to my relay host? This way, I was able to see where outbound email was destined using “mailq”. This saved me grief because I found misconfigurations that would have lost the email.  I used ‘postsuper -d ALL’ to delete all test messages from the queue.
    2. When I knew delivery was destined for the correct machines, I removed the “.NOT” from main.cf, and ran “service postfix reload” (as root).
    3. Next, I sent email to an external email address, and made sure it was delivered
Then I configured and ran ‘fetchmail’ briefly (hitting CTRL-C after a few were downloaded), and made sure messages were delivered to my local account properly. I’ve been pleased using Ubuntu with postfix, fetchmail and procmail and archivemail. I often log in remotely using SSH and use mutt to read my email. I also use Google Mail. I’ve set up rules to forward some email to my ISP account, which get downloaded using fetchmal via cron job.

Why do I bother saving my email to my local machine? I like redundancy and backups, I like the speed of using a command line email reader, and I have ten years of email archived on my local machine. It’s been very useful to be able to search through that email for old software license keys, website passwords, email addresses and such.

Why Linux?

Posted on by
Reply

I’ve acquired a used desktop computer with 6GB RAM, and I’ve been trying to figure out whether to put Linux or Windows 7 on it in the long term. I’d like it to be useful to the whole family.

Windows 7 is great for playing DVDs, Youtube movies, doing Netflix streaming, games, printing to our aging Kodak EasyShare 5100 printer, syncing with my iPod Touch, and it has a fantastic photo screensaver. Some of our favorite applications are available for Windows, but not Linux.

Windows has great parental control software available — via it’s built-in controls, or via third party software. We limit the amount of time our children can be on the computer each day, and we limit the kinds of websites they can visit.

Linux, on the other hand, costs less and supports the sound card and the graphics card better than Windows. And much to my surprise, Linux now supports our Kodak printer (but not its scanner).

There are several Linux distributions available, and I’ve tried Fedora 17 and Ubuntu 12.04 on this machine in their 64 bit variants. Both are well supported by a vibrant community and by commercial companies.

Fedora doesn’t play DVDs, has trouble with some Youtube videos, can’t stream Netflix, doesn’t have parental controls, doesn’t sync with my iPod Touch, and doesn’t even include a screensaver — just a screen blanker (thanks to the unfinished state of its shiny new-and-highly-immature desktop, Gnome 3). It’s possible to rectify many of these limitations, but it takes time to find and configure the software. Netflix streaming isn’t an option. Getting a photo screensaver requires the use of an alternate desktop environment, like KDE or XFCE. In short, Fedora isn’t family desktop ready.

Ubuntu has most of the same limitations as Fedora, but its desktop experience is more polished and the online help is phenomenal. The Ubuntu Software Center not only has application ratings, but can also recommend other apps. Ubuntu automatically told me there were proprietary ATI drivers available, and it was painless to switch to them, with enough improvement in accelerated performance to make it worthwhile. Ubuntu has parental controls in the form of Gnome Nanny, but it doesn’t work with 64 bit Linux, although a web browser extension is an option.

So why do I bother with Linux? It’s an exceedingly useful swiss army knife, runs blazingly fast, and doesn’t slow down over time when software is added. I’m heavily invested in it, and it gives me a technical edge in the workplace. There are thousands of interesting tools that are easy to install — Inkscape, Gimp, meld, Chromium and others. Linux has full featured, freely available development tools for C, C++ and Java — not crippled ones. And it’s multi-user enabled via ssh, remote-X, vncserver, or NX server. Mail servers, web servers and other servers work extremely well. With Linux, it’s easy to see what application or service is slowing down my computer with ‘top’ or ‘iotop’, whereas in Windows, it’s obscured because services run as threads in svchost. I love Linux Live CDs for troubleshooting computer problems, testing hardware and internet connections, and for recovering data from broken Windows installs.

So Linux is great for me as a software developer, but I’m not convinced that Ubuntu, Fedora or any other Linux distribution deserves to be a family desktop environment.

 

When CTRL-C in gdb shuts down a program insted of interrupting it

Posted on by

According to The Linux Programming Interface, a well-behaved multi-threaded UNIX program should use sigwait() or sigwaitinfo() instead of signal() or sigaction(). A linux-only program could even use signalfd().

Unfortunately, Linux/UNIX programs using sigwait() are hard to interrupt in the debugger. Instead of interrupting the program, it terminates the program. How does one work around this problem? See my answer on stackoverflow.

 

Autojump: Faster than ‘cd’

Posted on by

Here’s a cool tool: autojump, written by Joel Schaerer (thanks, Joel). I spend much of my day as a programmer navigating around in the linux filesystem. Built-in tools like ‘pushd’ and ‘popd’ are nice, as are subprocesses — e.g. 

 (cd ~/Download && wget http://somewhere.com/path/to/file)
… and when it finishes downloading, I’m still in the directory I was in before the download was started.

Now there’s autojump to add in to the mix. After I ‘cd’ to various directories, later, I can type ‘j Down’ to cd to my Downloads directory. Very convenient. I just wish it were built into every distribution of linux.

Linux tty auditing

Posted on by

Since RHEL 5.4, and in recent Fedora releases, it’s possible to audit what users type at their tty (command prompt), thanks to the work of Steve Grubb, a RedHat employee.

Edit /etc/pam.d/system-auth and append the following, but not both: 

session required pam_tty_audit.so disable=* enable=root
session required pam_tty_audit.so enable=*
Wait for users to log in and type into a terminal. Later, to see audited tty input, run: 
aureport --tty
When a user logs in, the pam module tells the kernel to enable tty auditing for a process and its children. All tty input is logged, but it may not be incredibly easy to read (it includes backspaces, control characters, etc.). I’m unclear as to when and how often the kernel flushes out accumulated tty input to the audit log. The records are identified with a type of TTY in /var/log/audit/audit.log.

In addition to tty auditing, RedHat patched their bash shell so that it neatly audits each and every command line it executes, with a record type of USER_TTY. It’s prettier to read than raw tty auditing — and it’s easy for a user to bypass by using a shell that doesn’t send its commands to the Linux audit system, like zsh, or a custom-built unpatched bash. Maybe that’s why “aureport –tty” doesn’t show USER_TTY records.

The Linux auditing system is powerful. It’s possible to write rules that watch for modification to certain files, or that log the use of certain system calls. See the “audit.rules” manpage for more information.

Easy updates with iOS and Linux vs bomardment from Windows

Posted on by

When I want to check email on my iPod Touch, I simply unlock it, load the email application, and read messages. What a joy. The tool works and works for me. It is my servant, instead of me being its servant.

Compare that to my corporate Windows Laptop. I open the lid and unlock it, wait for corporate anti-virus (I think) to chew through the I/O on my machine for several minutes. Then I can read my email using the unimpressive and slow Lotus Notes (I’d rather be using Thunderbird, Outlook, or speedy mutt).

Or compare to my home Windows Laptop. I open the lid, log in, and am bombarded with requests from several programs to install updates. I just want to check my email, not be attacked with annoying “update me!” windows. I see one from Thunderbird, another from Adobe Flash, another from Mozy and another from Firefox. By the time I’ve upgraded, sometimes I’ve forgotten what I wanted to accomplish in the first place.

Apple has it right with updates for the iPod Touch: They stay out of my way until I want to bother with them, and then they’re all manged together.

Linux has it right: A single package manager updates everything, in one shot, including from third parties.

I’ll continue to use Windows. There are other benefits, even though third-party updates are annoying.

The dog ate my grub.conf; unwanted LVM indirection

Posted on by

In September, I updated packages on my Fedora 14 machine using ‘yum’ (Yellowdog Updater Modified), and rebooted. I was greeted with an unfriendly grub prompt. Boot was broken, and I didn’t know why.

Normally when I want to rescue a Linux system, I use the Fedora install DVD’s rescue mode. Unfortunately, my DVD drive stopped working just after the warranty expired. So I booted using a Linux-on-a-USB image that I carry around with me.

I planned on replicating the rescue mode experience by manually mounting the partitions in /mnt/sysimage, then chroot, and then run ‘grub-install’ to fix things. And that’s what I did, except for a few snags.

The first snag is that I had installed Fedora with default partitioning options (something I rarely do), and it had helpfully used LVM to configure my disk drive. LVM adds a layer of indirection, so I had to figure out how to mount an LVM volume instead of a disk partition. As a general rule, I never use LVM on desktop or laptop machines because I don’t like the additional complexity, especially when I’m trying to mount a drive to recover data.

The next snag is that Linux uses UUIDs for hard disks these days, instead of helpful, human-readable labels. In the good old days, Linux distributions would label the root partition, the home partition, and others. But not when I let the installer work its default magic. So, I had to figure out which volume contained my root partition, my boot partition, and so forth.

Once I mounted my partitions properly, I was ready to “chroot /mnt/sysimage”, and after I did, I ran “grub-install”. No luck. This was the third snag.

I realized that /boot/grub/grub.conf was empty. And grub-install doesn’t fix the problem — it can’t populate information that is completely missing, like knowing what disk UUID to use for the root partition.

“No problem,” I thought, “I’ll just restore from backup…”. Except, I didn’t have a backup. As a general rule, I back up /var, /home and /etc, but not /boot. Now I know better.

Surely, I thought, there should be a copy of grub.conf that the package updates had left around. But there wasn’t.

Such a critical file, and there was no automated backup. No “restore point”. No way to recreate it from data in /etc. What an oversight!

This is the first time I can remember having had an update eat my grub.conf file, and I’ve been running Linux since before distributions switched to grub as a boot loader. On the other hand, maybe I jumped to to an incorrect conclusion — it’s possible that the updates didn’t eat my grub.conf. Regardless, grub.conf was empty and my system wouldn’t boot.

It seems to me that something this important should have been designed with more resilence.

There were two ways to fix it, as far as I could see. One is upgrade from Fedora 14 to Fedora 14 (thus preserving my data). The second is to recreate grub.conf by hand, and for that, I needed an example — a template. I used the one at http://forums.fedoraforum.org/showthread.php?t=227358. My boot up screen isn’t as pretty as it once was, but it is functional.

Lastly, I made copy of /boot/grub/grub.conf. Now where did I put it?…

Gnome 3: Not quite ready for prime time

Posted on by

Just over a week ago, I installed Fedora 15. After using Gnome 3 for two days, I decided that I’m better off using Gnome 2, KDE or XFCE.

With Gnome 3, I like the ability to type the name of the application I want to run instead of hunting for it in a menu. This is a feature I’ve enjoyed for the past five years with Windows Vista, so it’s refreshing to finally have it appear in Gnome.

With Gnome 3, however, I miss the following:

  1. A system monitor applet. When my system starts to feel slow, I pay attention to CPU and I/O wait overhead.
  2. Multi-monitor support when changing workspaces. When I move to a new workspace, Gnome 3 only moves one of my two screens to a new workspace. The other stays the same.
  3. Quick launch icons. I use them for Firefox, gVim, Eclipse, and other frequently used apps.
I expect that Gnome 3 will be improved rapidly, and Fedora 16′s Gnome 3 will more productive.

Update: There’s a list of ways to tweak Gnome shell to make it almost bearable: http://forums.fedoraforum.org/showthread.php?t=263006. In particular, by installing and using “gnome-tweak-tool”.