Tag Archives: Debian

Debian 5 (“Lenny”)

Via Slashdot, I found out that Debian “Lenny” (or 5.0, so you will) has been released. On February 14th. I can feel the Debian love at Slashdot.

Seriously, this looks like a major release (or setback if you’re in the other camp), with features like KDE 3.5, OpenOffice 2 and, yeah, oh, dear, I know where this is going to, why, Debian, why? From the earlier mentioned/linked to interview with the Debian Project Leader:

TR: But have you ever considered a Gnome-like approach to releasing – that is, always release after 6 or 12 months, and stick steadfastly to that?

SM: So far within Debian we’re happy with the ‘release when it’s ready’ approach. We like to do stable releases, it’s very important for us and to our users, but we want to make sure that it’s right. We can aim for a particular date, but unless we get a lot of buy-in and know for a fact that it’s going to be ready, we’ll happily let it slip another couple of months and make sure it’s good.

On the flip-side, Debian’s careful release schedule at least ensures that users won’t get the KDE 4.0 and other bleeding-edge crap: By the time KDE has matured, Debian user will have a working desktop environment. And as they say, when packages land in Debian ‘stable’, they’re most likely stable.

I also see that the website finally contains that note that you (only) need the first CD to install a standard Debian install. To find out what’s new in Lenny, check the Debian Wiki. Previously on xsamplex (“Etch”, “Sarge” or just all related posts or tags).

At your Runlevel

Earlier, A New HopeI was reminded of the typical run-levels on Linux systems, particularly on Debian-flavoured distributions. For future reference1:

  • Run level 0: System Halt
  • Run level 1: Single User/No networking (“Safe Mode” for Windows connoisseurs). In this mode daemons won’t be started.
  • Run level 2: Full Multi-user
  • Run level 3: Full Multi-user, same as two, but commonly used for text console login.
  • Run level 4: Full Multi-user
  • Run level 5: Full Multi-user, same as two, but commonly used for full-blown X-Server login.
  • Run level 6: System Reboot

There are specific commands to tell the environment to go to any of the earlier mentioned run-levels: however, as a normal user, the only way you generally switch level is via the ‘shutdown’ command (which as you guess either changes the run-level to 0 or 6. As the Debian Administration mentions, this is probably a command you want to learn by heart. Well, at least you should be familiar with the following command:

shutdown -h “now”

So, yeah, you have a daemon that got stuck during boot-up and how do you get into Run-level 1? Most Linux distros nowadays use GRUB as a bootloader (without peeking at Wikipedia, I think that stands for ‘Grand Unified Bootloader’), so if you’re a LILO user, sorry. Anyway: GRUB allows you to interrupt the boot-process and issue extra command-line parameters (press the ‘e’ key) before booting the computer. On simple Debian-based systems (Damn Small Linux): To boot right into Run level 1 the only thing you need to do is to replace the last number of the main boot command (‘kernel’) to a 1 (most likely it will say either 3 or 5). You can also append ‘single’ to the commandline, apparently. Debian-based flavours that run X-Server and that (Ubuntu fellows, I look at you): to boot into single mode, just press ESC and select (any) of the recovery modes presented to you by GRUB.

1 Nowadays, Debian Administration is not one of the most stable sites it appears…

Net. Net.

I read that the Mono developers officially released Mono 2.0, which promises compatibility with Microsoft .Net 2.0. The official announcement can be found at the Mono-project (releasenotes, if you’re impatient). The Slashdot discussion is right here.

There was a long thread (discussion, so you will) on the Postgres mailinglist about Debian, Postgres and backports (ugh!). The issue is complex and it’s a long story about why latest versions of Debian were stuck with older Postgres versions, while most platforms moved to the recent 8.x series of that database. Anyway, the good news is that it looks like that Debian Lenny will come with a more up-to-date version of Postgres. Or, something like that.

Going back to Slashdot, there’s an interesting thread about multi-threading, or rather, about recommendations about good books on this. I’ll be the first to admit that at one time I picked my nose up for .Net threading: I thought Delphi’s way was a lot more elegant, where you’re threading model essentially starts with creating descendants from Delphi’s TThread class. Threading, indeed is a different and difficult beast.


I read this article at SecurityFocus “Analyzing Malicious SSH Login Attempts”, which apparently was written over 2 years ago. The article goes over some statistics collected over a period of 22 days and points out interesting things I’ve seen before too (in a previous life).

Combined with an army of IRC bots, an attacker only needs 525 Zombies to scan the entire IP4 of today’s public Internet in just one day. If you have a publicly accessible SSH server, you are very likely to be targeted by one of these attacks

I used a combination of python scripts to hold off specific attacks: particularly the attacks that try hundreds of username and password combinations in only a couple of minutes (the brute force ones). The main script focused on keeping a count of attacks from a single IP (a maximum of 3 or 5 retries) and offenders were put on a 24 (or 48) hours waiting list, via the deny/accept host files. If I remember correctly it was based on BlockHosts. This worked extremely well and formed a good deterrent and first line defense, telling these script guys that (at least) someone cared about the server. Besides this, it is probably a good idea to only allow people who know SSH access to the server and consider enforcing a strict password policy.

En. Ix.

I haven’t touched my (personal) Windows laptop for a while: mainly because, I’ve been (primarily) using Ubuntu for things I normally did on Windows. This is both a good and bad sign: First of all, I’ve settled on using specific Linux tools to process my RAW photos (using UFRaw and The Gimp). Yes, I noticed RawStudio (don’t get me started on F-Spot), but while close to what I’m looking for, it misses features like cropping and that. On the bad side: I’ve not been doing a lot of side-programming, so things I’ve been working on have been lingering around, so to say.

This brings me to a couple of notes of note:

If you’re into making your own (Debian) based Live distribution, you may want to check into the Debian Live Project: I only mention it here because I keep losing the link and whenever I keep thinking of it, I end up looking for it on Google.

Way earlier, I was reminded that people actually buy (Windows) software to help them recover data from (accidentally) erased or formatted hard disks. You can also use the tools on the Knoppix CD for this. Or even better, the Knoppix Security Tools Disk.

And, if you really want to nuke your harddrive, because you’re being chased by a bunch of aliens, you may just as well do it the right way. DBAN, is a self-contained boot disk that can format your drive securely and thoroughly.

Huh. huh?

I wasMrs. Clinton trying to play a QuickTime movie on Ubuntu (“Hardy Heron”, 8.04) and was surprised to find out that Totem (the default Mozilla plug-in for streaming movies) had a (ahem) hard time to play the movie. VLC to the rescue: well, almost. It’s the codecs, dude.

First verify if the ‘ubuntu-restricted’ downloads are installed: You can either issue an ‘sudo apt-get install ubuntu-restricted-extras’ or you can look in the ‘Add/Remove’ option in the Application Menu. Select ‘All Available Applications’ and do a search for ‘ubuntu-restricted’. If not, on to the hard way.

First I recommend to get rid of the default Mozilla/Firefox video plugin (which is Totem and it totally sucks): sudo apt-get remove totem-mozilla mozilla-plugin-vlc xine-plugin kaffeine-mozilla helix-player mozilla-helix-player.

Then, install Mplayer by invoking sudo apt-get install mplayer mozilla-mplayer

After this, you should be able to view Quicktime movies in all of your installed videoplayers (Totem, VLC and MPlayer). When MPlayer is installed, don’t forget to enable the software-mixer in the preferences: and if you’re SOL, you may want to restart the computer right after that (I had some bad luck with my machine which may have been unrelated to the MPlayer installation).

I think my troubles started with the fact that I originally installed ‘Gutsy Gibbon’ on my machine: the dist-upgrade to Hardy Heron, issued just yesterday, most likely didn’t automatically finish the setup of the ‘ubuntu-restricted’ package, so, if you started out from scratch with ‘Hardy Heron’, you should not have any troubles viewing WMV/Quicktime, since it is supposed to have been installed. If you plan to stick to Gutsy (and upgrade to Hardy afterwards) , you most likely want to follow the steps mentioned above.

And now, back to watching Apple trailers or, uh, watching Evil Hillary movies.

Update 1: Notice that even if you issue ‘manual apt commands’, the installed packages will add the correct program icon to the appropriate ‘Application menu’ in Gnome. I assume, the same is true if you’re working with Kubuntu or Xubuntu.

Update 2: If you noticed that Ubuntu has problems playing sound in concurrent sessions (i.e. sound in a Flash player goes OK in FireFox, but no sound in MPlayer/Banshee or vice versa), you should definitely follow these instructions to correct the problem. Requires some editing of resource files: nothing spectacular.

CVS meet Enscript

Last night, This sucks. TerriblyI was installing CVS on my Debian box. Actually, it was already installed: the CVSROOT was ready to go and the service itself had been listening since the early days. However, I never finished assigning rights to myself, so, with that done and by adding myself to the cvs group, I was finally able to check in my latest Helios sources using WinCVS (I despise TortoiseCVS1).

For work, I had once added viewcvs to the CVS repository engine: Viewcvs allows developers to view the repository via a webserver. Easy as is: During its install (apt-get install viewcvs), I ran into the normal installation checks and changes for this specific script: Most of them can be resolved by Debian’s viewcvs installer but (as usual) you should prepare yourself for some old-handy typework. The first action on your list is to add a couple of Aliases to Apache’s httpd.conf file (in my case I was only interested in one, the viewcvs ‘docroot’ parameter: I don’t like graphics2).

 Alias /viewcvs/ /usr/share/viewcvs/

The next step is to set the ‘docroot’ and ‘icons’ folder parameters in the viewcvs.conf file (/etc/viewcvs/): these folders refer to the folderstructure on the webserver and not to the physical folder structure on your Linux system (hint: check Alias). After this, you can set the use_cvsgraph and use_enscript variables in that same file to 1.

Enscript is a ‘source code highlighter’, but (obviously) it doesn’t come with a state file for C#: I found a good one at Adam Milazzo’s (Thanks Adam). This file should be copied to the enscript states directory (on Debian that is at /usr/share/enscript/hl). Also, you will have to make a couple of changes to the enscript.st file (which is in the same directory): add the csharp highlighter to the namerules section. The final step that needs to be undertaken is a change to the viewcvs.py file (you generally should be able to find this at or around /usr/lib/python2.3/site-packages/viewcvs/). Look for the enscript_extensions section. Notice the comment that one of the programmer left behind, just right above that extensions section:

### this sucks… we have to duplicate the extensions defined by enscript

You wouldn’t say.

1 Yeah, I was going to write something here, but I forget. Oh right, something about TortoiseCVS and how I hate it.
2 Uh. Right. What was that again?

Moo (and other stuff)

Earlier today, the WordPress developers released a fix for a security issue in the xml-rpc code. There’s no need to completely upgrade your installation: upgrading overhere is sort of painless and that’s not because of the fact that my host provides automatic upgrades. Bored as I ever am, I finished up a couple of update shell scripts, which, if I have time, I could poke online one of these days. This is actually so basic, that, well, maybe you just should stick to your command-line typing skills. If your host allows you to use wget via SSH, consider yourself extremely lucky.

Other stuff: over here, milk is getting a couple of cents more expensive a liter (70 cents 5 cents1 I believe, which is more than a couple). I’m not sure why I mention it here but maybe this is related to my hunt for moo-cows (I mean, my Internet hunt for the origins of the word moo-cow). I think I’ve mentioned ‘super cow powers’ before, haven’t I?

There were a couple of things that attracted my attention the last (couple of) days: First, I found this neat 3D animation of the replication mechanism of HIV (YouTube). And related to that, LiveScience reports that soundwaves can be used to attack (any) virus:

Normal cells should not be affected by the virus-killing lasers or sound waves because they have resonant frequencies much lower than those of viruses. Moreover, it is unlikely that viruses will develop resistance to mechanical shaking, as they do to drugs.

And last but not least is this Horizon episode (BBC/Video at Google): What on Earth is wrong with gravity? The documentary goes into details about the missing links between Newton’s (mechanical) laws and Einstein’s General Theory of Relativity.

1 I’m a bit confused here too: but I think the correct amount was actually 5 cents.

Oh. Noes!

Yesterday, my two sets of Ubuntu 7.10 (“Gutsy Gibbon”) arrived by snail-mail, which means that I’ll be upgrading my ‘v1r7u41 b0xen’ this weekend. Once again, the package came with free stickers. Hey, Sun, what’s that? Still no free stickers with your Solaris disks?

Engadget listed PhotoVu’s Digital Frame which comes with an RSS reader. Wait, there’s more: it has a built-in webserver (so that you can set up things and stuff). Wait there’s more: It uses Samba. 1, 2, 3, 4: Why, it runs Debian, of course. Nifty.

And on a completely different note: the .Net Framework (confirmed in 2.0, for sure) doesn’t support serialization of TimeSpans. This is not really a big issue, because you can generally workaround this. It just struck me by surprise.

More power. Unix power.

Last week, Walmart (evil Walmart) started to sell the Everex TC2502 gPC for only 199.00 US (Thanks to the high Canadian dollar, that is in or about 50 dollars CDN1, or for Europeans, that is 5 EUROs: yes, approximately the price of an ordinary pack of cigarettes). It’s out of stock because of three reasons: it runs Linux (an Ubuntu/Debian variant), it carries an extremely low power VIA C7 processor plus, well, it’s cheap. About that Linux flavour: it’s running gOs, a somewhat heavily-web-orientated Linux focused on delivering Google Web applications to the desktop.

I’m not sure, how I ended up at this link (Probably via Linux Devices), but if you consider the above option not ‘green enough’, how about a 12 Watt computer (using an AMD Geode CPU).

And to top it off: Phoenix Technologies introduced a firmware product called HyperSpace, which allows PCs to run a number of applications separate from the host operating system. It’s obviously Linux based (“secure Linux environment”) and the idea is (obviously) to allow people to repair locked up (Windows) systems (sort of like, Knoppix in the BIOS).

1 Hey, for a change it feels funny to say that

Debian 4.0 & the other updates

So, after 21 months of development, it seems that Debian “Etch” 4.0 has been released. Which means that I have to get my jigdo-tools out of the safe and start downloading the CDs again (earlier on xsamplex). (There are also other ways to get your favourite Linux distro, but I personally have had good experiences with Jigdo).

If you’re not sure how Jigdo works (under Windows), download the tools from here (Atternet’s) and extract them to a directory of your liking. The next step is to get the right jigdo-file, which depends on which hardware you plan to run Debian on. Most likely that will be i386 (also pick which type download: CD-Rom/DVD). For the rest it’s just following the steps and have it run in the background, while you (so to speak) update your MySpace spot.

Right behind last week’s patch (re: anicursor security thing), Microsoft released a hotch-potch of other security patches. You can find them (and the details) at the regular location (and the other website I keep forgetting to mention).

That reminds me: I read Paul “Bayesian Spam” Graham’s post called ‘Microsoft’s death’, which caused a firestorm of follow-ups. I think I’ll keep the link fury limited by only pointing to Slashdot’s thread. I’ve never been a fan of Graham but reading his notes reminds me of my earlier claims that Microsoft is doomed to fail not because Linux this or MacOSX that: it has consistently failed to deliver. There were days that the company came out with something that was worth checking out from both user and developer’s view: nowadays, there’s only a handful of technologies that are actually interesting from a developer’s point of view. It will be interesting to see if they can turn the tide this year (particularly after [what appears] a botched Vista release).

The Tech-huh?

Left over stuff from the weekend:

The Neuros OSD, which claims to be the first Open Source Linux Embedded Media Center for US$ 229.00 or something. It’s the buzz around now since it’s Linux-based and (evidently) a growing community of hackers developing software for it: from FTP servers to XMMS2 streaming servers.

The other thing I noticed was the Debian Windows boot loader/Installer: it’s brilliant, although I have my doubts about it. When I have time, I’ll do a test run.

Windows Vista officially goes on sale today, but as you guessed it, don’t expect line-ups. What is really new to it? Even the beta-testers (the Windows fans as other would call them) don’t have me convinced. Better user-experience and productivity? They promised that since Windows 95, if you remember. And if Vista does break-even, what else can we expect in the future?1, 2, 3, 4 I bet that there are hundreds of discussions going on about that within Microsoft. Listen: if I’m not allowed to make a legitimate copy of a file and listen it elsewhere on my own property and on my own hardware, count me out of your ‘Digital Revolution’.

1 Michael Geist about Vista’s DRM and fine print.
2 Security researcher breaks Microsoft’s DRM.
3 Microsoft patents idea taken from professor
4 Microsoft withdrawing patent-application.