Technology Tales

Adventures & experiences in contemporary technology

Taking SUDO beyond Ubuntu

27th October 2010

Though some may call it introducing a security risk, being able to execute administrator commands in Ubuntu using SUDO and GKSU by default is handy. It’s not the only Linux distribution with the facility though because the /etc/sudoers file is found in Debian and I plan to have a look into Fedora. The thing that is needs to be done is to add the following line to the aforementioned file (you will need to do this as root):

[your user name] ALL=(ALL) ALL

One that is done, you are all set. Just make sure that you’re using a secure password though and removing the SUDO/GKSU permissions is as simple as reversing the change.

Update on 2011-12-03: The exact same can be done for both Arch Linux and Fedora, The same file locations apply too.

Upgrading to Fedora 13

1st June 2010

After having a spin of Fedora’s latest in a Virtualbox virtual machine on my main home PC, I decided to upgrade my Fedora box. First, I needed to battle imperfect Internet speeds to get an ISO image that I could burn to a DVD. Once that was in place, I rebooted the Fedora machine using the DVD and chose the upgrade option to avoid bringing a major upheaval upon myself. You need the full DVD for this because only a full installation is available from Live ISO images and CD’s.

All was graphical easiness and I got back into Fedora again without a hitch. Along with other bits and pieces, MySQL, PHP and Apache are working as before. If there was any glitch, it was with Netbeans 6.8 because the upgrade from the previous version didn’t seem to be a complete as hoped. However, it was nothing that an update of the open source variant of Java and Netbeans itself couldn’t resolve. There may have been untidy poking around before the solution was found but all has been well since then.

Relocating the Apache web server document root directory in Fedora 12

9th April 2010

So as not to deface anything that is available online on the web, I have a tendency to set up an offline Apache server on a home PC to do any tinkering away from the eyes of the unsuspecting public. Though Ubuntu is my mainstay for home computing, I do have a PC with Fedora installed and I have been trying to get an Apache instance starting automatically on there without success for a few months. While I can start it by running the following command as root, I’d rather not have more manual steps than is necessary.

httpd -k start

The command used by the system when it starts is different and, even when manually run as root, it failed with messages saying that it couldn’t find the directory while the web server files are stored. Here it is:

service httpd start

The default document root location on any Linux distribution that I have seen is /var/www and all is very well with this but it isn’t a safe place to leave things if ever a re-installation is needed. Having needed to wipe /var after having it on a separate disk or partition for the sake of one installation, it doesn’t look so persistent to me. In contrast, you can safeguard /home by having it on another disk or in a dedicated partition and it can be retained even when you change the distro that you’re using. Thus, I have got into the habit of having the root of the web server document root folder in my home area and that is where I have been seeing the problem.

Because of the access message, I tried using chmod and chgrp but to no avail. The remedy has to do with reassigning the security contexts used by SELinux. In Fedora, Apache will not work with the context user_home_t that is usually associated with home directories but needs httpd_sys_content_t instead. To find out what contexts are associated with particular folders, issue the following command:

ls -Z

The final solution was to create a user account whose home directory hosts the root of the web server file system, called www in my case. Then, I executed the following command as root to get things going:

chcon -R -h -t httpd_sys_content_t /home/www

It seems that even the root of the home directory has to have an appropriate security context (/home has home_root_t so that might do the needful too). Without that, nothing will work even if all is well at the next level down. The switches for chcon command translate as follows:

-R : recursive; applies changes to all files and folders within a directory.

-h : changes apply only to symbolic links and not to where they refer in the file system.

-t : alters context type.

It took a while for all of this stuff about SELinux security contexts to percolate through to the point where I was able to solve the problem. A spot of further inspiration was needed too and even guided my search for the information that I needed. It’s well worth trying Linux Home Networking if you need more information. There are references to an earlier release of Fedora but the content still applies to later versions of Fedora right up to the current release if my experience is typical.

Securing MySQL in Fedora

4th December 2009

Ubuntu users must be spoilt because any MySQL installation asks you for a root password, a very good thing in my opinion. With Fedora, it just pops the thing on there with you needing to set up a service and setting the root password yourself; if I remember correctly, I think that openSUSE does the same thing. For the service management, I needed to grab system-config-services from the repositories because my Live CD installation left off a lot of stuff, OpenOffice and GIMP even. The following command line recipe addressed the service manager omission:

su -- # Change to root, entering password when asked
yum -y install system-config-services # Installs the thing without a yes/no prompt
exit # Return to normal user shell

Thereafter, the Services item from the menus at System > Administration was pressed into service and the MySQL service enabled and started. The next step was to lock down root so the following sequence was used:

mysql # Enter MySQL prompt; no need for user or password because it still is unsecured!
UPDATE mysql.user SET Password=PASSWORD(‘MyNewPass’) WHERE User=’root’;
FLUSH PRIVILEGES;
quit # Exit the mysql prompt, leaving the bare mysql command unusable

For those occasions when password problems keep you of the MySQL shell, you’ll find password resetting advice on the MySQL website but I didn’t need to go the whole hog here. MySQL Administrator might be another option for this type of thing. That thought never struck me while I was using it to set up less privileged users and allowing them access to the system. For a while, I was well stymied in my attempts to access the MySQL using any of those extra accounts until I got the idea of associating them with a host, another thing that is not needed in Ubuntu if my experience is any guide. All in all, Fedora may make you work a little extra to get things like thing done but I am not complaining if it makes you understand a little more about what is going on in the background, something that is never a disadvantage.

Command Line Software Management

2nd December 2009

One of the nice things about a Debian-based Linux distribution is that it is easy to pull a piece of software onto your system from a repository using either apt-get or aptitude. Some may prefer to have a GUI but I find that the command line offers certain extra transparency that stops the “what’s it doing?” type of question. that’s never to say that the GUI-based approach hasn’t a place and I only go using it when seeking out a piece of software without knowing its aptitude-ready name. Interestingly, there are signs that Canonical may be playing with the idea of making Ubuntu’s Software Centre a full application management tool with updates and upgrades getting added to the current searching, installation and removal facilities. That well may be but it’s going to take a lot of effort to get me away from the command line altogether.

Fedora and openSUSE have their software management commands too in the shape of yum and zypper, respectively. The recent flurry of new operating system releases has had me experimenting with both of those distros on a real test machine. As might be expected, the usual battery of installation, removal and update activities are well served and I have been playing with software searching using yum too. What has yet to mature is in-situ distribution upgrading à la Ubuntu. In principle, it is possible but I got a black screen when I tried moving from openSUSE 11.1 to 11.2 within VirtualBox using instructions on the openSUSE website. Not wanting to wait, I reached for a Live CD instead and that worked a treat on both virtual and real machines. Being in an experiment turn of mind, I attempted the same to get from Fedora 11 to the beta release of its version 12. A spot of repository trouble got me using a Live CD in its place. You can perform an in-situ upgrade from a full Fedora DVD but the only option is system replacement when you have a Live CD. Once installation is out of the way, YAST can be ignored in favour of zypper and yum is good enough that Fedora’s GUI-using alternative can be ignored. It’s nice to see good transparent ideas taking hold elsewhere and may make migration between distros much easier too.

Rough?

11th November 2009

Was it because Canonical and friends kept Ubuntu in such a decent state from 8.04 through to 9.04 that things went a little quiet in the blogosphere on the subject of the well-known Linux distribution? If so, 9.10 might be proving more of a talking point and you have to wonder if this is such a good thing with the appearance of Windows 7 on the scene. Looking on the bright side, 10.04 will be an LTS release so there is some chance that any rough edges that are on display now could be resolved by next April. Even so, it might have been better not to see anything so obvious at all.

In truth, Ubuntu always has had its gaps and I have seen a few of their ilk over the last two years. Of these, a few have triggered postings on here. In fact, issues with accessing the BBC iPlayer still bring a goodly number of folk to this website. That may just be a matter of grabbing RealPlayer, now helpfully available as a DEB package, from the requisite place on the web and ensuring that Ubuntu-Restricted-Extras is in place too but you have to know that in the first place. Even so, unexpected behaviours like Palimpsest seeing every partition on a disk as a different drive and SIL Raid mappings being seen for hard drives that used to live on the main home PC that bit the dust earlier this year; it only happens on one of the machines that I have running Ubuntu so it may be hardware thing and newly added hard drive uses none of the SIL mapping either. Perhaps more seriously (is it something that a new user should be encountering?), a misfiring variant of Brasero had me moving to K3b. Then UFRaw was sluggish in batch but that’s nothing that having a Debian VM won’t overcome. Rough edges like these do get you asking if 9.10 was ready for the big time while making you reluctant to recommend it to mainstream users like my brother.

The counterpoint to the above is that 9.10 includes a host of under the bonnet changes like the introduction of Ext4 hard drive formatting, Xsplash to allow the faster system loading to occur unseen and GNOME 2.28. To someone looking in from outside like me, that looks like a lot of work and might explain the ingress of the annoyances that I have seen. Add to that the fact that we are between Debian releases so things like the optimised packaging of ImageMagick or UFRaw may not be so high up the list of the things to do, especially with the more general speed optimisations that were put in place for 9.10. With 10.04 set to be an LTS release so I’d be hoping that consolidation is the order of the day over the next five or six months but it seems to be the inclusion of new features and other such progress that get magazine reviewers giving higher ratings (Linux Format has given it a mark of 9 out of 10). With the mooted inclusion of GNOME 3 and its dramatically different interface in 10.10, they should get their fill of that. However, I’d like to see some restraint for the take of a smooth transition from the familiar GNOME 2.x to the new. If GNOME 3 stays very like its alpha builds, then the question as how users will take to it arises. Of course, there’s some time yet before we see GNOME 3 and, having seen how the Ubuntu developers transformed GNOME 2.28, I wouldn’t be surprised if the impact of any change could be dulled.

In summary, my few weeks with Ubuntu 9.10 as my main OS have thrown up no major roadblocks that would cause me to look at moving elsewhere; Fedora would be tempting if that situation were to arise. The irritations that I have seen are more like signs of a lack of polish and remain peripheral to day-to-day working if you discount CD/DVD burning. To be honest, there always have been roughnesses in Ubuntu but has the lack of sizeable change spoilt us? Whatever about how things feel afterwards, big changes can mean new problems to resolve and inspire blog posts describing any solutions so it’s not all bad. If that’s what Canonical wants to see, they might get it and the year ahead looks as if it is going to be an interesting one after a recent quieter period.

A multitude of operating systems

27th October 2009

Like buses, it seems that a whole hoard of operating systems is descending upon us at once. OS X 10.6 came first and it was the turn of Windows 7 last week with all of the excitement that it generated in the computing and technology media. Next up will be Ubuntu, already a source of some embarrassment for the BBC’s Rory Cellan-Jones when he got his facts muddled; to his credit he later corrected himself though I do wonder how up to speed is his appreciated that Ubuntu has its distinct flavours with a netbook variant being different to the main offering that I use. Along with Ubuntu 9.10, Fedora 12 and openSUSE 11.2 are also in the wings. As if all these weren’t enough, the latest issue of PC Plus gives an airing to less well-known operating systems like Haiku (the project that carries on BeOS). The inescapable conclusion is that, far from the impressions of mainstream computer users who know only Windows, we are swimming in a sea of operating system options in which you may drown if you decide to try sampling them all. That may explain why I stick with Ubuntu for home use due to reasons of familiarity and reliability and leave much of the distro hopping to others. Of course, it shouldn’t surprise anyone that Windows is the choice of where I work with 2000 being usurped by Vista in the next few weeks (IT managers always like to be behind the curve for sake of safety).

An early peek at Ubuntu 9.10

5th August 2009

Even if the twice a year release means that changes to Ubuntu are evolutionary rather than revolutionary, that isn’t to say that curiosity doesn’t get the better of me from time to time. The result is that an early alpha version (3 at the time of writing) of the Linux distro has found a home in a VirtualBox VM on my main system. The most noticeable change so far is the inclusion of GNOME 2.27.5 with its Fedora-esque log-in screen and the movement of the shutdown and log-off paraphernalia to the System menu, which is where you find it in Debian or Fedora. On the account settings menu, there lives a link to an equivalent of the Windows Control Panel called Control Centre; the menu item is named System Preferences. For the record, I have seen it in Fedora 11 too and it does look as if Ubuntu’s GNOME implementation is looking more like a brown equivalent of Fedora. Whether this stays is anyone’s guess but a new messaging arrangement is coming into being too.

GNOME Control Centre in Ubuntu 9.10

Otherwise, there appears to be no real drama on the surface with Firefox staying at 3.0.x for now and OpenOffice moving to 3.1. Personally speaking, I’d be very surprised to seeing Firefox 3.5.x being left out though I did run into a spot of bother with the Preferences dialogue crashing it on Windows XP. Under the bonnet, the kernel is at release 2.6.31 and things seem reasonably stable at this stage. Saying that, there is a crash report icon appear every session but that has no effect apart from the visual side of things. VirtualBox Guest Additions work as they should, better than they in Windows guests if my experience provides any sort of benchmark (the display does odd things unless you keep jogging the graphics memory up and down). All in all, things appear usable if undramatic at this stage and there are a few months to go before the final release anyway.

Adding msttcorefonts to Fedora

28th July 2009

Once you have enabled the appropriate software repository, you can install the msttcorefonts (Microsoft TrueType core fonts like Arial, Times Roman, Verdana, Georgia, etc.) package on Debian and Ubuntu. With Fedora, it surprisingly isn’t so straightforward. There is a recipe using the command line that worked for me and I’m not going to repeat it here so I’ll leave you to go where I found it. In fact, it forms part of a wider unofficial Fedora FAQ that may be of more interest to you than solving this.

Update for Fedora 12 (2009-11-24):

You also need chkfontpath so the following needs doing before the final part of the command sequence, changing the filename as appropriate for your situation:

yum install xfs
rpm -ivh http://dl.atrpms.net/all/chkfontpath-1.10.1-2.fc12.i686.rpm

Making Nautilus work like it does in Ubuntu for another GNOME using distro

26th July 2009

It’s a personal preference but I like the way that Nautilus (GNOME’s default file manager if you need to know) is set to work in Ubuntu by default. For some tastes, it might look too similar to Windows Explorer but having all the action happening in the same window is a convenience that users of other GNOME using distributions may not realise is there at all. By default, Debian and Fedora use what is called spatial mode with each double-clicking action on a folder icon firing up a new window. Personally, I think that clutters the desktop without good cause but it’s easy to change. All that’s needed is to go to Edit>Preferences in a Nautilus window, proceed to the Behaviour tab and toggle the Always open in browser windows tick box as shown below. Quite why this is not the default in all GNOME using distributions is beyond me but others may prefer what I dislike and Linux is all about choice, after all. Well, you can decide to use Gnome Commander instead and there are times when I do the same along with being a command line user too.

File Management Preferences

« Older Entries « » Newer Entries »

  • All the views that you find expressed on here in postings and articles are mine alone and not those of any organisation with which I have any association, through work or otherwise. As regards editorial policy, whatever appears here is entirely of my own choice and not that of any other person or organisation.

  • Please note that everything you find here is copyrighted material. The content may be available to read without charge and without advertising but it is not to be reproduced without attribution. As it happens, a number of the images are sourced from stock libraries like iStockPhoto so they certainly are not for abstraction.

  • With regards to any comments left on the site, I expect them to be civil in tone of voice and reserve the right to reject any that are either inappropriate or irrelevant. Comment review is subject to automated processing as well as manual inspection but whatever is said is the sole responsibility of the individual contributor.

Copyright © 2007-2024, TechnologyTales.com