Help the Mozilla foundation to set a Guiness world record ! Pledge to download Firefox 3 on the release day !!
http://www.spreadfirefox.com/en-US/worldrecord/
Thursday 29 May 2008
Set a world record !
Help the Mozilla foundation to set a Guiness world record ! Pledge to download Firefox 3 on the release day !!
http://www.spreadfirefox.com/en-US/worldrecord/
Wednesday 28 May 2008
Configuring VPNC on Fedora 9
vpnc is an opensource alternative to using the Cisco VPN client on Linux machines. If your corporate or school VPN is Cisco based, vpnc is a great tool to use compared to the ugly tainted kernel modules produced by the Cisco VPN client. The default vpnc client on Fedora 9 is compiled without OpenSSL suuport, therefore it is not possible to directly use vpnc to connect to VPN's that use SSL certificates (AuthType=5). The solution is simple however, just compile vpnc with OpenSSL support !.
Step 1:
Grab the OpenSSL source from http://www.unix-ag.uni-kl.de/~massar/vpnc/
wget http://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-0.5.1.tar.gz
Step 2:
Untar the sources.
tar xvf vpnc-0.5.1.tar.gz
Step 3:
Uncomment the following lines from the Makefile (lines 49-50).
OPENSSL_GPL_VIOLATION = -DOPENSSL_GPL_VIOLATION
OPENSSLLIBS = -lcrypto
Step 4:
Make and install.
make && sudo make install
Step 5:
Edit /etc/vpnc/default.conf and add your VPN settings. These can be found from the .pcf file provided by your system admin. The important settings are:
IPSec gateway 10.1.1.0 #IP address of your gateway
IPSec ID MyVPN #Group name of your VPN
IPSec secret mypassword #Group password in plaintext. If not known, use IPSec obfuscated secret
IPSec obfuscated secret 234AB765C #Encrypted group password.
IKE Authmode hybrid #keep this setting unless it's different for your VPN
CA-File /etc/vpnc/rootcert #Full path to the root server certificate file
Step 6:
Start the client.
sudo /usr/local/sbin/vpnc
The client will prompt you for the username and password. You can store these values in the config file by using the XAuth username and XAuth password fields if you want vpnc to automatically login without prompting you.
If the settings are correct, vpnc will fork to the background and start the encrypted tunnel, Your VPN connection is up and running !
Step 1:
Grab the OpenSSL source from http://www.unix-ag.uni-kl.de/~massar/vpnc/
wget http://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-0.5.1.tar.gz
Step 2:
Untar the sources.
tar xvf vpnc-0.5.1.tar.gz
Step 3:
Uncomment the following lines from the Makefile (lines 49-50).
OPENSSL_GPL_VIOLATION = -DOPENSSL_GPL_VIOLATION
OPENSSLLIBS = -lcrypto
Step 4:
Make and install.
make && sudo make install
Step 5:
Edit /etc/vpnc/default.conf and add your VPN settings. These can be found from the .pcf file provided by your system admin. The important settings are:
IPSec gateway 10.1.1.0 #IP address of your gateway
IPSec ID MyVPN #Group name of your VPN
IPSec secret mypassword #Group password in plaintext. If not known, use IPSec obfuscated secret
IPSec obfuscated secret 234AB765C #Encrypted group password.
IKE Authmode hybrid #keep this setting unless it's different for your VPN
CA-File /etc/vpnc/rootcert #Full path to the root server certificate file
Step 6:
Start the client.
sudo /usr/local/sbin/vpnc
The client will prompt you for the username and password. You can store these values in the config file by using the XAuth username and XAuth password fields if you want vpnc to automatically login without prompting you.
If the settings are correct, vpnc will fork to the background and start the encrypted tunnel, Your VPN connection is up and running !
Tuesday 27 May 2008
Installing TrueCrypt in Fedora 9
[This article has been updated for Fedora 10. Go over to http://penguinenclave.blogspot.com/2008/12/truecrypt-61-install-guide-for-fedora.html to see the new version]
TrueCrypt (http://www.truecrypt.org/) is a popular free on-the-fly disk encryption software that can encrypt files, partitions, whole disks and even a windows installation. It is an extremely useful and important tool if you wish to keep personal and confidential data from being accessed by unauthorized people. TrueCrypt even supports plausible deniability, allowing you to hide an encrypted volume inside another volume. TrueCrypt volumes are indistinguishable from random data, so an adversary cannot prove that you have a TrueCrypt volume hidden inside a dummy encrypted volume.
Unfortunately, the TrueCrypt website only provides binaries for Ubuntu and OpenSuSE, so for those of us running other distros, the only option is to compile from source. The steps below outline the installation procedure on a Fedora 9 machine.
For an advanced encryption utility, TrueCrypt is surprisingly light on size and dependencies. Download the TrueCrypt sources from http://www.truecrypt.org/downloads2.php (Select Mac OS X / Linux (.tar.gz) from the combo box and tick the check box to agree to the license agreement before clicking the Download button) and wxWidget sources from http://sourceforge.net/project/showfiles.php?group_id=9863 (You only need the wxGTK bundle).
Step 1:
Install the fuse libraries.
sudo yum install fuse-devel
Step 2:
Untar the sources.
tar xvf TrueCrypt\ 5.1a\ Source.tar.gz
tar xvf wxGTK-2.8.7.tar.gz
Step 3:
Build the wxWidgets sources for TrueCrypt.
cd truecrypt-5.1a-source/
make WX_ROOT=../wxGTK-2.8.7 wxbuild
Edit:An anonymous commenter pointed out that passing a relative path to WX_ROOT resulted in compilation errors. If you have the same problem, provide the full path to wxGTK.
make WX_ROOT=/home/januz/Downloads/wxGTK-2.8.7 wxbuild
Step 4:
Build TrueCrypt.
gcc 4.3 is very strict during compilation, therefore you will encounter compilation errors with a message similar to "‘memcpy’ was not declared in this scope". The fix is to simply add
#include <cstring> to each of the following files:
I have created a patch file with the above changes which can be found here. To apply the patch, run the following command:
patch -p1 < truecrypt5.1.patch
Once the sources are patched, compile TrueCrypt by typing
make
Step 5:
Once make has finished running, the TrueCrypt executable can be found inside the Main directory. Simply copy it to your bin folder to add it to the executable path.
cp Main/truecrypt ~/bin
That's it ! TrueCrypt is quite intuitive and easy to use. But if you're in doubt, have a look through http://www.truecrypt.org/docs/ which has very detailed instructions on getting started.
TrueCrypt (http://www.truecrypt.org/) is a popular free on-the-fly disk encryption software that can encrypt files, partitions, whole disks and even a windows installation. It is an extremely useful and important tool if you wish to keep personal and confidential data from being accessed by unauthorized people. TrueCrypt even supports plausible deniability, allowing you to hide an encrypted volume inside another volume. TrueCrypt volumes are indistinguishable from random data, so an adversary cannot prove that you have a TrueCrypt volume hidden inside a dummy encrypted volume.
Unfortunately, the TrueCrypt website only provides binaries for Ubuntu and OpenSuSE, so for those of us running other distros, the only option is to compile from source. The steps below outline the installation procedure on a Fedora 9 machine.
For an advanced encryption utility, TrueCrypt is surprisingly light on size and dependencies. Download the TrueCrypt sources from http://www.truecrypt.org/downloads2.php (Select Mac OS X / Linux (.tar.gz) from the combo box and tick the check box to agree to the license agreement before clicking the Download button) and wxWidget sources from http://sourceforge.net/project/showfiles.php?group_id=9863 (You only need the wxGTK bundle).
Step 1:
Install the fuse libraries.
sudo yum install fuse-devel
Step 2:
Untar the sources.
tar xvf TrueCrypt\ 5.1a\ Source.tar.gz
tar xvf wxGTK-2.8.7.tar.gz
Step 3:
Build the wxWidgets sources for TrueCrypt.
cd truecrypt-5.1a-source/
make WX_ROOT=../wxGTK-2.8.7 wxbuild
Edit:An anonymous commenter pointed out that passing a relative path to WX_ROOT resulted in compilation errors. If you have the same problem, provide the full path to wxGTK.
make WX_ROOT=/home/januz/Downloads/wxGTK-2.8.7 wxbuild
Step 4:
Build TrueCrypt.
gcc 4.3 is very strict during compilation, therefore you will encounter compilation errors with a message similar to "‘memcpy’ was not declared in this scope". The fix is to simply add
#include <cstring> to each of the following files:
- Platform/Memory.cpp
- Volume/EncryptionTest.cpp
- Core/FatFormatter.cpp
I have created a patch file with the above changes which can be found here. To apply the patch, run the following command:
patch -p1 < truecrypt5.1.patch
Once the sources are patched, compile TrueCrypt by typing
make
Step 5:
Once make has finished running, the TrueCrypt executable can be found inside the Main directory. Simply copy it to your bin folder to add it to the executable path.
cp Main/truecrypt ~/bin
That's it ! TrueCrypt is quite intuitive and easy to use. But if you're in doubt, have a look through http://www.truecrypt.org/docs/ which has very detailed instructions on getting started.
Thursday 22 May 2008
Fedora 9 and ATI Catalyst 8.5
ATI released the Catalyst 8.5 driver for linux on May 21st. I was hoping that the new driver had resolved all the previous problems with Fedora 9, but unfortunately it is still broken. They have managed to fix the issue with Kernel 2.6.25, but it still doesn't support the Xorg 1.5 ABI. The worst part is that it looks as if the developers didn't even take a few minutes to actually test the driver in a Fedora 9 machine. Running the installer results in the following output:
./ati-driver-installer-8-5-x86.x86_64.run --buildpkg Fedora/F9
[snip]
Generating package: Fedora/F9
Package build failed!
Package build utility output:
error: %changelog entries must start with *
This sounds like a problem in the SPEC file, so I extracted the sources and checked packages/Fedora/ATI-fglrx.spec-tmpl.
./ati-driver-installer-8-5-x86.x86_64.run --extract ati_src
grep "changelog" ati_src/packages/Fedora/*
The first line in the changelog section of the spec file doesn't start with a * character and this causes the package generator to halt with the above error. Since the line seems to be a todo line to remind the developers ("- Add compat-libstdc++ as a required dependency"), I deleted it and ran the installer again.
cd ati_src
./ati-installer.sh 8.493 --buildpkg Fedora/F9
This time the installer stops with the error:
error: Installed (but unpackaged) file(s) found:
/usr/X11R6/lib/libatiadlxx.so
This stems from a new rpmbuild setting. To disable it, add the lines
%define _unpackaged_files_terminate_build 0
%define _missing_doc_files_terminate_build 0 to packages/Fedora/ATI-fglrx.spec-tmpl and run the installer again. This time the drivers will compile without a problem.
If anyone is interested in getting the ATI drivers to compile on a Fedora 9 machine, grab my patch at http://januz.awardspace.co.uk/ati-8-5.patch . It makes the necessary changes to the spec file to enable it to compile.
./ati-driver-installer-8-5-x86.x86_64.run --extract ati_src
wget http://januz.awardspace.co.uk/ati-8-5.patch
patch -p1 < ati-8-5.patch
sudo sh ati_src/ati-installer.sh 8.493 --install
However, ATI still doesn't seem to support the new Xorg 1.5 ABI and the driver crashes on X server restart. So the only way to get the driver to work is to downgrade the X server. I don't have a dire need to get the ATI driver working because the current radeon driver is working quite well for me, so I leave things at that. However, I am a bit miffed at the way ATI is handling the Xorg 1.5 support. After all, Fedora 9 has been available for over 2 months now, so they do have a testbed to test it.
./ati-driver-installer-8-5-x86.x86_64.run --buildpkg Fedora/F9
[snip]
Generating package: Fedora/F9
Package build failed!
Package build utility output:
error: %changelog entries must start with *
This sounds like a problem in the SPEC file, so I extracted the sources and checked packages/Fedora/ATI-fglrx.spec-tmpl.
./ati-driver-installer-8-5-x86.x86_64.run --extract ati_src
grep "changelog" ati_src/packages/Fedora/*
The first line in the changelog section of the spec file doesn't start with a * character and this causes the package generator to halt with the above error. Since the line seems to be a todo line to remind the developers ("- Add compat-libstdc++ as a required dependency"), I deleted it and ran the installer again.
cd ati_src
./ati-installer.sh 8.493 --buildpkg Fedora/F9
This time the installer stops with the error:
error: Installed (but unpackaged) file(s) found:
/usr/X11R6/lib/libatiadlxx.so
This stems from a new rpmbuild setting. To disable it, add the lines
%define _unpackaged_files_terminate_build 0
%define _missing_doc_files_terminate_build 0 to packages/Fedora/ATI-fglrx.spec-tmpl and run the installer again. This time the drivers will compile without a problem.
If anyone is interested in getting the ATI drivers to compile on a Fedora 9 machine, grab my patch at http://januz.awardspace.co.uk/ati-8-5.patch . It makes the necessary changes to the spec file to enable it to compile.
./ati-driver-installer-8-5-x86.x86_64.run --extract ati_src
wget http://januz.awardspace.co.uk/ati-8-5.patch
patch -p1 < ati-8-5.patch
sudo sh ati_src/ati-installer.sh 8.493 --install
However, ATI still doesn't seem to support the new Xorg 1.5 ABI and the driver crashes on X server restart. So the only way to get the driver to work is to downgrade the X server. I don't have a dire need to get the ATI driver working because the current radeon driver is working quite well for me, so I leave things at that. However, I am a bit miffed at the way ATI is handling the Xorg 1.5 support. After all, Fedora 9 has been available for over 2 months now, so they do have a testbed to test it.
Tuesday 13 May 2008
Fedora 9 Sulphur finally released !
Fedora 9 Sulphur was officially released today. The net is abuzz with the news, so I am not going to repeat them here. I actually had the chance to experience the full Fedora 9 release a few days earlier, thanks to a misconfigured update server in Europe. For about a month, I have been using Fedora 9 RC as my main OS and I am loving it. It's one of the best releases ever in Fedora history. So give it a try, you won't regret it.Release notes: http://docs.fedoraproject.org/release-notes/f9/en_US/
Download: http://fedoraproject.org/en/get-fedora
Thursday 8 May 2008
Laptop Sound Issues in Linux
Quite by accident I realized that my laptop running Fedora 9 Preview release only outputs sound through the headphones. When the headphones are unplugged, although the music keeps playing, no sound comes out of the speakers. This set me off on a hunt for a solution which I only stumbled on to a few minutes ago.
First of all, a liitle bit of details regarding my setup. The laptop is a Sony Vaio VGN-CR11Z. lspci identifies my audio controller as Intel Corporation 82801H (ICH8 Family) HD Audio Controller (rev 03) . Running
cat /proc/asound/card0/codec#0 | grep Codec produces Codec: Realtek ALC262 as the output.
Step 1
Download and compile alsa-drivers, alsa-lib and alsa-utils from http://www.alsa-project.org/. alsa-drivers refused to compile on my machine, and I had to edit the source files to get them to compile. I created a patch file to help others with similar problems, which can be found here. Apply the patch as follows:
./configure
make
cd ..
patch -p0 < alsa.patch
Step 2
Find the valid arguments to the model parameter. First check the output of cat /proc/asound/card0/codec#0 | grep Codec and then look at the valid models listed in the ALSA documentation for that codec. (Online copy at http://www.mjmwired.net/kernel/Documentation/sound/alsa/ALSA-Configuration.txt). Add this parameter to /etc/modprobe.conf as follows.
sudo echo "options intel-hda-sound model=fujitsu" >> /etc/modprobe.conf
Step 3
Reboot the machine and check whether the sound works as expected. You might need to fiddle with the value of model parameter to get it right. For my ALC262 card, neither fujitsu nor sony-assmd parameters worked. However, adding model=auto worked perfectly.
First of all, a liitle bit of details regarding my setup. The laptop is a Sony Vaio VGN-CR11Z. lspci identifies my audio controller as Intel Corporation 82801H (ICH8 Family) HD Audio Controller (rev 03) . Running
cat /proc/asound/card0/codec#0 | grep Codec produces Codec: Realtek ALC262 as the output.
Step 1
Download and compile alsa-drivers, alsa-lib and alsa-utils from http://www.alsa-project.org/. alsa-drivers refused to compile on my machine, and I had to edit the source files to get them to compile. I created a patch file to help others with similar problems, which can be found here. Apply the patch as follows:
./configure
make
cd ..
patch -p0 < alsa.patch
Step 2
Find the valid arguments to the model parameter. First check the output of cat /proc/asound/card0/codec#0 | grep Codec and then look at the valid models listed in the ALSA documentation for that codec. (Online copy at http://www.mjmwired.net/kernel/Documentation/sound/alsa/ALSA-Configuration.txt). Add this parameter to /etc/modprobe.conf as follows.
sudo echo "options intel-hda-sound model=fujitsu" >> /etc/modprobe.conf
Step 3
Reboot the machine and check whether the sound works as expected. You might need to fiddle with the value of model parameter to get it right. For my ALC262 card, neither fujitsu nor sony-assmd parameters worked. However, adding model=auto worked perfectly.
Wednesday 7 May 2008
Laptop hard drive issues in Linux
Since I switched to using Fedora 9 Preview release as my primary operating system, I noticed some excessive amount of disk activity even while the computer was idle. After digging around the net for a while, I discovered that this problem has been known for quite some time - specially within the Ubuntu community.
As it turns out, the Linux kernel does not explicitly apply ACPI power saving settings on hard drives. Instead, the settings for the hard drive are taken from the BIOS, which is quite logical since who knows the system better than the system manufacturer itself ? The problem is that most laptop BIOS's are set to manage the hard drive for optimal battery usage and mobility. Since sudden bumps can cause head crashes, the disk heads are parked frequently while not in use. Therefore when a new disk request comes in, the heads need to be unparked again to service it. Although in the short term this reduces the number of unpleasant disk crashes, the constant parking and unparking of the heads cause wear and tear on the drive mechanism - reducing the lifespan of the drive.
In SMART enabled hard drives, the parameter Load_Cycle_Count keeps track of the number of head parkings. Typically during the life time of a hard drive it can handle about 600,000 load cycles, after which it becomes less reliable. To check how many Load_Cycle_Counts are clocked on your machine, run the following command. (Assuming your hard drive is /dev/sda)
sudo /usr/sbin/smartctl -a /dev/sda | grep Load_Cycle_Count
I monitored my Load_Cycle_Count for a period of two hours and discovered that during that time the counter increased by 7, which is certainly not good. I followed the instructions found at http://ubuntuforums.org/showpost.php?p=3675960&postcount=26 to set the hard drive power saving mode manually as follows:
sudo hdparm -B 254 /dev/sda
That was it ! My Load_Cycle_Count froze in place and the frequent hard drive chatter vanished.
A word of warning : Don't set the power saving mode manually unless the laptop is stationary and is running on AC power. The default settings are meant to protect the hard drive from any accidental damage and prolong battery life.
As it turns out, the Linux kernel does not explicitly apply ACPI power saving settings on hard drives. Instead, the settings for the hard drive are taken from the BIOS, which is quite logical since who knows the system better than the system manufacturer itself ? The problem is that most laptop BIOS's are set to manage the hard drive for optimal battery usage and mobility. Since sudden bumps can cause head crashes, the disk heads are parked frequently while not in use. Therefore when a new disk request comes in, the heads need to be unparked again to service it. Although in the short term this reduces the number of unpleasant disk crashes, the constant parking and unparking of the heads cause wear and tear on the drive mechanism - reducing the lifespan of the drive.
In SMART enabled hard drives, the parameter Load_Cycle_Count keeps track of the number of head parkings. Typically during the life time of a hard drive it can handle about 600,000 load cycles, after which it becomes less reliable. To check how many Load_Cycle_Counts are clocked on your machine, run the following command. (Assuming your hard drive is /dev/sda)
sudo /usr/sbin/smartctl -a /dev/sda | grep Load_Cycle_Count
I monitored my Load_Cycle_Count for a period of two hours and discovered that during that time the counter increased by 7, which is certainly not good. I followed the instructions found at http://ubuntuforums.org/showpost.php?p=3675960&postcount=26 to set the hard drive power saving mode manually as follows:
sudo hdparm -B 254 /dev/sda
That was it ! My Load_Cycle_Count froze in place and the frequent hard drive chatter vanished.
A word of warning : Don't set the power saving mode manually unless the laptop is stationary and is running on AC power. The default settings are meant to protect the hard drive from any accidental damage and prolong battery life.
Subscribe to:
Posts (Atom)