Wednesday, October 29, 2008

What's a kernel?

I tried to describe a kernel in jargon-free english today. It was pretty tough.
Welcome to your new Linux Distro. Linux is the word we use to define a collection of software ( programmes ) that you copy on to your hard disk ( that metal thing inside your computer that uses magnetic magic to store a series of ones and zeros otherwise known as binary ) so that when you turn on your computer something useful will happen. The most important part of linux is the kernel. This is the programme and other resources that tell the different parts of your computer to do something. For example when you open your text editor programme, something has to tell the hard disk to start spinning around and then it needs to tell it how to retrieve the specific ones and zeros that define the text editor programme. Then the text editor programme is loaded into memory ( RAM ) which will then take control. The text editor programme will now tell the kernel to display something on the screen. The kernel will then tell the graphics card installed inside the box on the floor to send some information over that wire with the blue ( or more recently white ) plug on the end and into your screen so that the correct dots on the screen are lit up in the correct positions and colour so that you the user can see a white rectangle with some buttons on it. Then when you the user move your mouse around the screen, the kernel will tell the screen where to draw the cursor. That's that small white or black arrow on the screen that you use to point and click on things. Again when you the user click ( push one of the buttons on the mouse down) the kernel will need to tell the text editor programme which button you just pressed on that you did in fact press it. The text editor programme will decide what to do and then ask the kernel to do it...


Could you imagine trying to write a complete how-to / instructional document without jargon for say, Linux From Scratch?

Monday, October 27, 2008


Hi All,

During Movember (the month formerly known as November) I'm growing a Mo. That's right I'm bringing the Mo back because I'm passionate about tackling men's health issues and being proactive in the fight against men's depression and prostate cancer.

To donate to my Mo you can either:

Click this link https://www.movember.com/nz/donate/donate-details.php?action=sponsorlink&rego=1550521&country=nz and donate online using your credit card
Write a cheque payable to ‘Movember Donations Account', referencing my Registration Number 1550521 and mailing it to:

Movember
PO Box 12 708
Wellington 6144

Remember, all donations over $10 are tax deductible.


The money raised by Movember is used to raise awareness of men's health issues and donated to the Cancer Society of New Zealand and the Mental Health Foundation of New Zealand. These two charities will use the money raised to fund research and increase support networks for those affected with prostate cancer and experiencing depression.

Did you know:

Depression affects 1 in 10 men....Most people who experience depression make a full recovery. The first step is seeking help.
* Last year in New Zealand 2,700 men were diagnosed with prostate cancer and more than 600 died of prostate cancer - (that's nearly two each day).
*
For those that have supported Movember in previous years you can be very proud of the impact it has had and can check out the details at: [Fundraising Outcomes].

Movember culminates at the end of month Gala Partés. If you would like to be part of this great night you'll need to purchase a [Gala Parté Ticket].

Thanks for your support David.



More information is available at http://www.movember.com/.

Movember is proud partners with The Cancer Society of New Zealand and the Mental Health Foundation of New Zealand

Printing from Linux to Vista

We bought a new printer yesterday. HP2280 All in one colour printer, scanner, copier. It was a cheap deal from QMB at just shy of $50 (NZD).

As this is our second printer, bought to replace the one we have that hasn't yet died, we decided to install it on my wife's Windows Vista PC. The install and functions all went perfectly as one would expect with a "Made for Vista" product. The tricky bit turned out how to connect it to Linux for remote printing. I thought I could use the extra printer at times so went to install it...

First step was drivers. I ended up installing a mammoth driver pack and utility tool-set I downloaded from Sourceforge. ( link provided by HP website. )

Next I needed to enable TCP Printing services on the vista host. Did this in control panel / Add remove windows components.

Next I used the standard linux printer dialogue to attach the printer using Cups with the Samba backend. That worked just fine too. I could even send a test print and the print jobs dialogue on Windows showed the print and the printer even woke up and began some initial cartridge moving about. No paper load and nothing beyond that point.

I found a reference buried in a forum post that said I should try disabling bi-directional printing on the vista host. Lo and behold! This fixed it. I can now print from my Fedora 9 over to the printer plugged into the USB port on the Vista box.

Bi-Directional Printing is:

( http://www.dewassoc.com/support/networking/bidiprint.htm )
During normal print cycles, print signals or print instructions are sent in one direction, from your computer to your printer. Printers that are Bi-directional (also known as bi-tronic) capable also have the ability to talk back to your computer in order to advise your computer of a print job's status, paper status including the occasional jam, etcetera. This two-way or Bi-directional communication technology can be found in most of the more popular printers offered today, such as HP, IBM, Panasonic, and other laser or color printers, especially where bi-directional communication between the computer and the printer is imperative. In color printing, as an example, the printer will advise the computer of its constant availability status in order to mix color inks correctly for optimum output.

And from Microsoft...
( http://support.microsoft.com/kb/132465 )

Network Protocol

Most network protocols support bi-directional printing. Networks protocols such as the AppleTalk protocol and Data Link Control (DLC) protocol can provide bi-directional communication in Windows NT. Although TCP/IP can carry the signal, the Line Printer Remote (LPR) specification has no facility for this signal. Therefore, the Windows NT TCP/IP protocol does not support network bi-directional printing.

So there you have it. The printer was trying to tell my linux machine something and windows was not sending the message. The printer was not giving up so the print stalled at the last minute. Turn off support for bidirectional printing and then the printer doesn't try to chat back and the prints just work.

Wednesday, October 22, 2008

Setup Linux For Wndows Terminal Services


Windows Server 2003+ only supports ( last I checked ) two remote desktop connections at the same time. At least that's the default behaviour. I believe one can increase this through the purchase of a Terminal Server license. Essentially in order to allow more than two users to use Remote Desktop to log in to a machine on your LAN at the same time, you need to start paying extra.

The only reason - and its a good one - for needing to do this is because your vpn assigned ip address is not on the same subnet ( for security reasons ) as the servers you need to access.

Specifically: your dynamically assigned VPN IP address is not listed as an object on your firewalls. So when you try to RDP from your laptop at home, to that server in your data centre you get nowhere because your IP address is blocked by the firewall.

JUMP BOX TO THE RESCUE. I call that box you set up and leave running at work a jump box because you will use it for receiving your remote desktop connection and then establishing a new RDP session from there to your servers in the data centre. Because the Jump Box has its IP address confiured in the firewall you should be ok.

Fedora and all linuxes don't have a restriction to the number of concurrent desktop sessions. ( RAM might get in the way eventually ) but even then that can be mitigated. More that later.

Environment:
Laptop at home  ( WINDOWS )
| +--------ANOTHER LAPTOP ( WINDOWS )
| |
V V
JUMP BOX ( FEDORA )
|
|
V
FIREWALL ( CISCO for example)
|
|
V
Destination Server. ( WINDOWS )
( please excuse the ASCII art )

  • Windows have RDP clients built into them already.
  • Fedora will require one to be installed. ( use tsclient )
  • The Laptops have dynamic IP addresses not in the same subnet as the destination servers.
  • The jump box has a static IP address with access allowed through the firewall on RDP ( 3389 ) to the destination servers.
  • The destination servers support remote desktop connections ( limited to 2 concurrent connections )
We will install xrdp on the jump box and enable port 3386 through the built in IPTABLES firewall:

Before you start make sure you have an up to date version of gcc and all the required dependancies. I usually make sure I have kernel-devel installed too. These installation steps are for Fedora. Checkout this link for Debian based distros:

http://venturehosting.net/howto-get-xrdp-working-on-ubuntu-610-server/
//Make sure you have the right dependancies.  INCLUDING X.  So I did mine on a default gnome fedora.

# yum install pam-devel openssl-devel vnc-server

//Download the xrdp source tar ball
# wget http://waix.dl.sourceforge.net/sourceforge/xrdp/xrdp-0.4.1.tar.gz

//Extract the tar ball
# tar xvfz xrdp-0.4.1.tar.gz

//Enter the source tree
# cd xrdp-0.4.1

//Compile
# make

//Install
# make install
xrdp is now installed in /usr/local/xrdp/

If you are like me and want a nice lightweight, no-nonsense desktop environment presented when you rdp in over your 3g connection from your laptop then you will need to install fluxbox.
# yum install fluxbox fluxconf
Now you need to create a new startwm.sh script so that fluxbox and not Gnome will be used for the window manager ( desktop environment ) once you have successfully opened an RDP session on your linux box.
# mv /usr/local/xrdp/startwm.sh /usr/local/xrdp/startwm.sh.old
# vim /usr/local/xrdp/startwm.sh

make it look like this:
#!/bin/bash
/usr/bin/startfluxbox
exit 0

Ensure you have an account and password set up so that when you establish the RDP session you will be able to log in.
# system-config-users
//Add user and set password.
Make sure you have tsclient installed
# yum install tsclient
Now test xrdp with:
# /usr/local/xrdp/xrdp_control.sh start
Allow port 3389 through the firewall. I am not sure if UDP is required by TCP is definately required. I could give you the IPTABLES script but its easier to use the tools provided by Fedora.
# system-config-firewall
//Custom -> Add -> Select 3389 TCP. ( add UDP if it doesn't work. )
//Save Configuration
//Close

# service iptables restart


Now use RDP from a windows machine to log into your linux box. You will be asked for credentials by a utility that came with xrdp called sessman which will check your username / password with pam and if approved xrdp will start fluxbox up and you will see adefault fluxbox session.

Now when you want to connect to those remote servers, start up tsclient either by typing it into a session or using the run tool on the fluxbox menu.

That's about it. You can do all sorts of cool things with fluxbox to make it nicer to look at but remember, this is a JUMP BOX. Not a desktop. It's sole purpose is to provide a means for your access those remote servers.

Wednesday, October 15, 2008

Howto Install Microsoft Core Fonts on Linux

Linux does not ship with Microsoft's core fonts. This means that fonts like Arial are simply not available with a default distro. Here is how one gets them installed using Fedora 9 x86_64. I have posted them in an RPM on http://forum.thelinuxcdstore.com under the General section.

ALL THANKS to http://corefonts.sourceforge.net/ for a great guide and for their hard work.

1. Set up a build environment in your home directory:
Create a file in your home directory called .rpmmacros
Add the following line to the file.

%topdir %(echo $HOME)/rpmbuild
2. Create the following directories:

~/rpmbuild/BUILD
~/rpmbuild/RPMS/noarch
3. Log in as root and install some prerequisites.

# yum install rpmbuild ttmkfdir cabextract

4. You will need chkfontpath. I found my copy here: http://dl.atrpms.net/all/chkfontpath-1.10.1-2.fc9.x86_64.rpm. I downloaded it and installed it with:
yum --nogpgcheck localinstall chkfontpath-1.10.1-2.fc9.x86_64.rpm
5. Make a temporary directory for your spec file.
mkdir ~/mscorefonts && cd ~/mscorefonts
5. Download the mscorefonts spec file from: http://corefonts.sourceforge.net/msttcorefonts-2.0-1.spec
wget http://corefonts.sourceforge.net/msttcorefonts-2.0-1.spec
6. Build the mscorefonts rpm with:
rpmbuild -bb ~/mscorefonts/msttcorefonts-2.0-1.spec

7. Finally install the mscorefonts package with:
yum --nogpgcheck localinstall ~/rpmbuild/RPMS/noarch/msttcorefonts-2.0-1.noarch.rpm
8. Your fonts will be saved in:
/usr/share/fonts/msttcorefonts

Saturday, October 4, 2008

Using SMBCLIENT to transfer files.

This information is gathered from a few different sources. I have it here for reference:

Step 1:
Create a file that contains authentication details. In my test case I had no domain to bother with so just added the username and password fields.

I also made a point of ensuring that the file permissions for this file were set to the owner having access only. Ie: rw- --- --- or ( 600 )

Thanks to: http://www.javascriptkit.com/script/script2/chmodcal.shtml for the very useful chmod calculator.

smbclient_authentication.txt
username = backupuser
password = Pa$$w0rd

Step 2:
In your script or whatever the way to put a file onto the windows share is like this:

~> smbclient -A smbclient_authentication.txt ////192.168.0.96//data -c "put myBackupFile.tar.gz"
That's about it. Piece of cake. When I test this on an SELINUX environment, I am sure this tutorial will be extended somewhat!