The Linux: June 2008

Tuesday, June 17, 2008

Ext3cow file system explained

GNU/Linux supports numerous file systems, some of them that come to my mind being ext2, ext3, xfs, jfs, vfat, ufs and so on. Here is another file system to add to this diverse collection. And the name of the new file system (which is still in heavy development) is ext3cow.

So how is ext3cow different from ext3 file system which we are most well versed with ? Ext3cow file system supports all the features of ext3 file system which include journaling. But other than that, it also has support for version control.

And to put it in layman terms, if you have formatted your hard disk with ext3cow file system, you will never lose a file - even when you overwrite it. What is more, you can go back in time and retrieve an older version of your files because this file system saves a snapshot of your files in any given time - which is what versioning is all about.

Let's look at a simple example. Suppose I have formatted my hard disk running Linux with the ext3cow file system. And I have created a file by name test.txt as follows :

$ cat "This is a test" > test.txt
$ snapshot
Snapshot on :. 10452736

The 'snapshot' command takes a snapshot of the disk. And then I overwrite the same file by entering some other text as follows :

$ cat "This is overwritten text" > test.txt

Now the file 'test.txt' contain the new sentence as is shown by the cat command.

$ cat test.txt
This is overwritten text

But as I have saved the file in an ext3cow file system, the original text is not lost and can be listed and retrieved as follows :

$ cat test.txt@10452736
This is a test

Where the number 10452736 is the unique snapshot number which we received when we executed the 'snapshot' command, which by the way is ideally run by the system at regular intervals.

And if you now cat the 'test.txt' file, you will find that it displays the latest changes. So the primary advantage of ext3cow file system over other file systems is that it is possible to take a snapshot of the disk at any given time and thus safeguard data.

Advantages of ext3cow file system

Version control of all your files.
Journaling support like in ext3.
You can access past directories in the same way you access past files.
ext3cow performance is at par with that of ext3

Drawbacks of ext3cow file system

There will be a slight increase in the meta data required to support versioning - in between 5% and 15%. So ext3cow file system will take up a bit more space on disk than ext3.
Currently there is no mechanism to delete a file in the past but this is an ongoing project and this feature might get included in future versions of the file system.
Taking snapshots are not automatic and will require the user to execute the 'snapshot' command.
The project is still in experimental stage but work is going on at a fast pace.

You may download and install the tools to create this file system at the ext3cow official site as well as take a look at a couple of ext3cow tools maintained by Tim. If you are interested in a unique project to provide a GUI interface to manipulate the files in the past, then check out the Time Traveling File Manager [Link].

Debian GNU/Linux 4.0 released

After waiting for so long (close to 2 years), Debian GNU/Linux 4.0 code named Debian Etch has been taken out of development cycle and is given the stable tag. A couple of months back, I had tried out Debian Etch while it was still in the testing stage and my impression of it was very good - what, with most up to date versions of popular and most used software packages and a pretty graphical installer to boot.

Some of the new features in Debian 4.0 are as follows :

A fully integrated installation process with out of the box support for encrypted partitions.
Graphical installer for those with enough memory for their PC
Use of secure apt to enhance security while installing software (Read more on apt-get usage).
Debian GNU/Linux 4.0 now runs on even AMD64 and Intel EM64T (amd64) apart from 9 other architectures.
Now can be installed from various installation media such as DVDs, CDs, USB sticks and floppies, or from the network.
Support for multi-architecture installation disks.

Those who are using an earlier version of Debian need just do an

# apt-get update

and an

# apt-get dist-upgrade

... to move their Debian distribution to the latest version.

Another important news especially for people administering Debian servers is that the Debian team has also updated the official Debian 3.1 version to include some much needed security fixes. The official Debian website has the full press release regarding Debian 4.0.0

Unix Processes - What constitute a Process ?

A process is a fundamental part of any operating system - irrespective of whether they are proprietary or Free. And all Operating systems usually have a lot of processes running at any given time. This begs the question, what exactly is a process ?

A process can be considered to be a container, bundling a running application, its environment variables, the state of the application's input and output, and the state of the process, including its priority and accumulated resource usage. In short, every single application that you run on your machine will have its own unique process allocated to it for the duration of the time it runs.

In Unix based OSes, each of that unique process has a parent process from which it is forked (cloned, spawned) initially. The very first process that is created by the OS when you turn on the machine is init process. This process will always have a process id of 1. All processes are ultimately descended from the one process called init. Try running the ps command to find the process id of init.

$ ps axj
PPID   PID  PGID   SID TTY   TPGID STAT     UID   TIME COMMAND
0     1     0     0 ?       -1   S        0    0:04 init [4]

Martin Streicher has written an enlightening article throwing more light on the concept of a Unix process. He explains the semantics of a process, some very useful commands which give information about the running processes as well as talks about forks and daemons (a special kind of process which continuously runs in the background waiting for some application to connect to it).

Install multimedia codecs, libdvdcss in Debian Etch GNU/Linux

Debian having released the latest stable version of its GNU/Linux distribution, there is obviously a rush by Debian users to upgrade their distro. Debian is considered by its die hard followers to be one of the few GNU/Linux distributions which can stand up to other Unix OSes with regard to security without sacrificing those aspects which make GNU/Linux the most feature rich posix OS in the world.

But once you finish installing Debian, you need to do some housekeeping so as to enable you to play multimedia files which are encoded using proprietary or closed formats such as Microsoft's WMV files or Apple's quick time files.

This can be achieved in a number of ways:

Method I (Easy way)

Open the file /etc/apt/sources.list and append the following line :

#FILE /etc/apt/sources.list
...
deb http://www.debian-multimedia.org etch main

Update the packages using the command :
```
# apt-get update
```
Learn more on the use of apt-get and dpkg.

Now you can install all the multimedia codecs as well as libdvdcss which is necessary to view DVD movies, using the following command :
```
# apt-get install w32codecs libdvdcss2
```

Method II (Manual way)

Visit the mplayer official website and download the multimedia binary codecs package (this is available in a variety of package formats). Make sure you download the package suited to your architecture and operating system. For example, there are packages for Intel32 and AMD64 architecture apart from those for Windows.

Unpack them and copy them into the /usr/lib/codecs directory as follows :
```
# tar -xvjf essential-20061022.bz2
# cd essential-20061022
# cp * /usr/lib/codecs/.
```
If you do not have a codecs directory, then you have to create it first. Next create a soft link of all the files in the codecs directory to the location /usr/lib/win32/ as follows :
```
# cd /usr/lib/win32
# ln -s /usr/lib/codecs/* .
```
Now you have all the win32 codecs installed on your machine which can be accessed by the media players such as totem to play WMV, Quick time and other proprietary format files.

To install libdvdcss2 which is a necessary ingredient for playing encrypted DVD movies, download the libdvdcss2 library from its official site and install it on your Debian machine. They provide the binary as a Deb package which makes it really convenient. If you have downloaded it in some other package such as bzip2, then just unpack the contents and copy the two files libdvdcss.so.2 and libdvdcss.so.2.0.8 to the /usr/lib/ directory as follows:
```
# tar -xvjf libdvdcss-1.2.9.tar.bz2
# cd libdvdcss-1.2.9/
# cp libdvdcss.so.2 libdvdcss.so.2.0.8 /usr/lib/.
```

That is all there is to it. Now you can view videos and play music in almost all video and audio file formats. While you are at it, it might also be desirable to download and install mplayer - a versatile audio and video player.

Note: If you still run into trouble playing your favourite audio or video files in any player, you can use the strace tool (installed by default on all Linux distributions) to troubleshoot your problem.

FSF hiring - Who said it didn't pay to work for Free Software Foundation ?

The Free Software Foundation, colloquially known as FSF is a non-profit organization based in Boston (USA) whose mission is to preserve, protect and promote the freedom to use, study, copy, modify, and redistribute computer software, and to defend the rights of all free software users. Richard.M.Stallman is the founder and president of the FSF. Its board of directors include many eminent persons (many of them professors) from the academic field.

FSF is hiring and is on the look out to fill the post of "FSF Campaigns Manager". The job is on site and is based in Boston. The duties of the campaigns manager include writing, editing, speaking, and research related to FSF activist and program efforts; coordinating the GNU Chief Webmaster and the other webmaster volunteers to develop FSF and GNU web sites; planning and implementing proposals to increase fundraising; and serving as a main point of contact between the Foundation and the free software community.

The only pre-requisites for the post are that you have a passion for Free software and firmly believe in the principles of GNU apart from having excellent communication skills in English (reading, writing and talking) as well as have a flair for organizing events with some technical skills on managing a website thrown in. So those who do not have a professional degree but have the above qualification are also equally eligible for the post.

The Pay

Did you think working for FSF didn't pay ? Then think again. This post of "FSF Campaigns Manager" is a paid position and provides you $50,057/year not a small amount for the work at hand.

But wait! There is more... The other perks include the following and I quote :

full family health coverage through Blue Cross/Blue Shield's HMO Blue program, and subsidized dental plan.
four weeks of paid vacation annually (wow, a whole month),
seventeen paid holidays annually,
public transit commuting cost reimbursement,
403(b) program through TIAA-CREF,
somewhat flexible work hours.

Tempted by the offer? Then you can send your resume to hiring@fsf.org . Better still, read the whole job offer at the FSF website.

Too bad if you are not based in Boston ...

A collection of tips for people new to BSD

The first time I was introduced to FreeBSD - a BSD variant, I came away really impressed. In my opinion, from an end user's perspective, the only difference between a BSD and Linux is the difference in licencing. If you setup two machines - one running FreeBSD and the other running a Linux distribution with both having a KDE or Gnome desktop and ask a neophyte to point out which is which, there is a good chance that he will consider them both as running one and the same operating system. So whether you choose Linux or BSD depends largely on your tastes.

On the down side, the BSD variants fall far behind when you compare the size of their community with respect to that of Linux which commands a community which is many times that of the BSDs. But if you consider the ratio of knowledgable people to newbies, the BSD's fare better.

If you are a potential BSD aspirant and wish to try out any of the BSDs which include FreeBSD, PC-BSD, OpenBSD, NetBSD and DesktopBSD, then you might find the resource page put up by Daemon News quite helpful. It contains lots of tips to carry out tasks which a neophyte in BSD might initially find insurmountable.

Humor: A hilarious job profile for a System administrator

I came across this very humorous post for a job related to system administrators or web programmers. And the job description goes thus ...

We are seeking some poor, misguided fool to be paid next to nothing for a fulltime position doing highly skilled system administration work and rearend penetration testing in a mixed Windows 2000 and Linux environment. We lost our last IT worker because he found a higher paying job standing in front of Subway while dressed as a sandwich.

Skills required:
* at LEAST ten years experience in the administration of Windows 2000
* administration of Linux
* speak with animals
* SQL Server/MySQL
...

Read the rest of the job description at craiglist - you will love it ;-).

How to pronounce Linux ?

My friend once asked me how you pronounce the word Linux. While I have heard the way it is pronounced from the mouths of numerous Linux users to be certain how you correctly pronounce it, I have felt it would be nice to hear it being pronounced by the father of Linux himself - Linus Torvalds.

It seems Linus Torvalds has tackled this question and has even created an audio of him pronouncing Linux. Paul Sladen has uploaded an audio file on his site, in which Linus is heard pronouncing the word Linux. Take it from me, almost 99.9% of Linux users pronounce it right the first time. But still if you are doubtful ...

Play this game to get 20% off on all Logitech products

Planning to buy a keyboard or a mouse or some other PC peripherals ? Then here is a good chance to get 1/5th of the price of the hardware you buy slashed. All you have to do is play this simple game - well it is not that simple; and complete 10 levels of the game. Once you complete the first 10 levels, you are eligible to get 20 % OFF on all Logitech products.

The game called Jelly Jumper is a simple game. You have to jump the lump of green jelly from point A to point B. The point B is highlighted in green color. But as I said, the feat is not as simple as it looks because in between, there are a lot of pitfalls which you have to avoid while crossing from point A to B. More over, you have to use less than the maximum number of jumps (highlighted in red) for each level to be taken to the next level. At the least even if you do not cross the 10 levels to be eligible for the 20% discount, the game is a good time killer. So you might as well give it a try if you have enough time to kill. Who knows, you might just qualify for a 20 % discount.

Fig: "All About Linux" blog author is eligible for 20% discount of all logitech products.

Note: The offer is available only in the European Union. So the rest of us residing outside have to contend with just playing the game and having a nice time.

A word of caution though... If you are indeed buying any peripherals, make sure they support GNU/Linux ;-).

Desktop Tower of Defense - Play this game and you are guaranteed to shirk work

Tower of Defence games are by far the most enjoyable games I have played till now; barring perhaps the classic Pacman which is my all time favourite. Among the numerous Tower of Defence games, the Desktop Tower of Defence game outshines the rest of them.

This free flash based game can be played online and involves making sure the incoming horde of enemies do not pass through the space you control. And for defending your turf, you have access to numerous towers named pellet, dart, squirt, swarm, frost and bash tower. Each of these towers have different powers measured by its speed, damage caused, its cost as well as its range.

Fig: The game in progress...

When you succeed in killing each enemy (known as creep), you gain a set amount of gold. Accumulate enough gold to buy more towers or upgrade existing towers to enhance their damage skills and range. Even while the level is in progress, you can continuously keep on adding towers such that all the creeps are channelled through the path you create using the towers. These paths are popularly known as tower of defence maps.

The challenge you face in this game is to decide in which way the towers need to be arranged such that none of the creeps succeed in crossing your turf. For each creep which successfully cross your turf, you lose a life and in all you have only 20 lives. Once you lose all your lives or cover all the levels, the game ends.

Fig: My own unique tower of defense map.

The goal of the game is to achieve the highest score at the same time not lose any lives. It is a very enjoyable game - a game which will provide you hours of fun. What I found unique about this game is that even in its simplicity, it compels you to think out your strategy. There are decisions to be made, like for instance which tower to upgrade such that it provides you with the most value for your money spent or in which direction you want to grow your maze such that the creeps are confined within your turf for the longest time and so on.

I made a modest score of 5238 at the expense of losing two lives in the Normal mode which has two lines of creeps. I was able to cover all the 45 levels too. The experts among you might be interested in trying out the hard mode or one of the challenging modes which are way too challenging (pun intended).

At the end of the game, you have the chance of saving your score. You can either save it in an already created group or create a new group of your own. I have created a group called 'linuxhelp.blogspot.com' and have saved my score in it. Once you have saved your score, you are provided with an image of your maze which you used to play the game.

This game is highly addictive and playing it, you could end up shirking your responsibilities and could lead to loss of productivity. You have been warned!!

derStandard.at interviews Mark Shuttleworth

DerStandard.at runs a very open interview with Mark Shuttleworth - the founder of the Ubuntu project, where he is asked his opinion on a variety of topics, the chief among them not surprisingly that about Ubuntu Linux and the path it is going to take in the future. Ubuntu is by far the most popular GNU/Linux distribution and has held the top post for well over two years now on Distrowatch's most popular Linux distribution list.

The interview touches upon a number of things such as the advantages of using Ubuntu in the enterprise over RedHat or SuSE Linux which have better tools for centralized management which Ubuntu lacks at this juncture, His thoughts on OLPC and the potential role that Ubuntu can play in it, on why Launchpad - a software developed by Ubuntu has not yet been released as open source, why he feels that compiz and beryl are not yet ready for being integrated with Ubuntu by default, his thoughts on Debian, its relevance for Ubuntu and so on.

At the least, his answers are quite interesting which makes reading the whole interview a worthwhile exercise.

Free Security Apps for Linux - a comprehensive list

When you hear the words "security apps", as an end user, one always tend to think of virus scanners, rootkit detectors, firewalls, network tools and so on. And Linux does not have a dearth of these tools which make it one of the most secure if not the most secure OS. Of course, how secure you can make your Linux machine will ultimately depend on your choice of Linux distribution and in what way you configure your machine. You can make your Linux box as open or as closed as you want.

ITSecurity - a website related to security has assembled a list of 103 free security apps. A large number of them are for Windows and Mac users but still, a significant percentage of them for Linux have also made it to the list. The applications have been categorized into 13 categories them being, Spyware, antivirus, rootkit, firewall, email, web utility, network, Intrusion detection system, Virtual private network, temporary files, wireless, encryption and a miscellaneous section.

You won't find Linux applications in all the categories. For example, the spyware category contain only Windows apps ;-). But this is a comprehensive list which lists many applications for Linux that I am aware of for the first time. I thought that ClamAV antivirus was the only antivirus solution for Linux but I was wrong, there are many more. Do check out the full list which will throw light on many applications and then some more which may be of use to all Linux enthusiasts.

Kernel comparison between Linux (2.6.20) versus Windows (Vista)

For those of us who are used to dual boot between Windows and Linux, at one point of time or the other, we might have wondered in what way these two diverse OS kernels differ from each other. Other than the well known fact that one is open source and the other is proprietary, I knew very little about the technical differences of Linux and Windows kernels.

Johnathon Weare aided by Paolo De Nictolis has put together an extensive list of the inherent technical differences in Linux and Windows Vista. The Linux kernel used for the comparison is the latest one - 2.6.20.

A few things which caught my eye in the list were the following:

Almost all the drivers for USB, Printing, FUSE and Graphics for Linux are in the user space where as in Windows they operate in the kernel space. And as Andy Tanenbaum put it, it is better if more and more drivers run in the user space than the kernel space as this makes the OS more reliable and secure. [Advantage Linux]
Both Linux and Windows kernels are developed using C and assembly language but apart from that Windows also has a significant percentage of C++ code. Not surprisingly, the kernel size of Linux is just over half of that of Windows.
Linux kernel boots on diverse hardware architecture (around 22) including some game stations such as Sony Playstation. Where as Windows support only a measly 3 architectures. [Advantage Linux]
Linux kernel has inbuilt support for the most variety of file systems.

Having gone through the list, I couldn't think of even one area where Windows kernel was ahead of Linux except perhaps the types of hard disks supported where Windows kernel had support for flash and hybrid hard drive which Linux kernel doesn't.

If you are interested, do read the full list of comparison between Linux and Windows Vista kernels.

Revolution OS - an award winning documentary which traverses the path of Free Software, Open Source and Linux

This is one of the finest documentaries created which traces the path taken by GNU, Free Software, Open Source and Linux. The whole documentary all of 1 hour and 10 minutes long consists of bits and pieces of conversation with various leaders of the community which of course includes Linus Torvalds, Eric Raymond, Richard M Stallman, Bruce Perens and many others.

In the documentary, Linus Torvalds calls RMS the great philosopher of the movement and himself the engineer.

It clearly brings to fore the idea of GNU and Free Software, GPL and copy left, the history of Linux, the concept of Open Source, and in what way Open Source is different from Free software. The documentary produced by J.T.S Moore also shows snippets of publicity the movement received in the main stream media such as in CNBC and The New York Times. The documentary even feature a couple of appearances of some prominent people from Slashdot.

And at the end of it all, you get to hear an excellent rendition of the Free Software song.

It is worth noting that Revolution OS won Best Documentary at both the Savannah Film & Video Festival and the Kudzu Film Festival.

All in all a beautiful piece of work worth watching which tells the inside story of the hackers who rebelled against the proprietary software model and Microsoft to create GNU/Linux and the Open Source movement. One way to support the cause would be by buying a copy of Revolution OS DVD from their website. For now you can watch the documentary below (Courtesy: Google Video).

Update (2nd May 2007): The google video link has been removed because of concerns raised that it could have been pirated and was made available without the permission of the producer. And I believe the right thing to do under the circumstance is to buy the video and watch.
You may listen to an interview with J.T.S Moore here. [Ogg File].

Review of Sun Solaris 10

For 10; the robust Unix from the past, I have posted news of the free Solaris media kit and its pictures as well as published news of Open Solaris starter kit give away.

With Sun releasing Solaris source code under the CDDL license and naming it Open Solaris, a number of clones of Solaris have cropped up in the past two years or so, such as Nexenta, Belenix and SchilliX. But Sun also provides Solaris in the form of Solaris Express incorporating the latest advances. And Solaris Express acts as a sand box with many new features eventually make their way into Solaris OS after a period of incubation.

Even though Solaris was originally designed for SPARC (Scalable Processor Architecture) hardware, it also supports Intel platforms. This has thrown open the doors for the hordes of Solaris enthusiasts who couldn't afford a SPARC based computer, to install Solaris on their PC and take it for a run.

Once you get hold of the CD/DVD containing Solaris 10, the next step is to install it. Installing Solaris from CD/DVD is a very simple and straight forward process. As long as you have a minimum of 256 MB , you can go ahead with installing it. But any less memory means you will have to upgrade your PC memory before you can start installing Solaris.

I did not encounter any problems at the time of installation. And in no time, I was able to install Solaris and boot into it. Solaris 10 bundles with it mainly two desktops - them being Common Desktop Environment (CDE) and the Java Desktop System which is actually the Gnome desktop built on top of the Java framework.

Fig: CDE Panel - can be iconized

Fig: Java Desktop System Menu

Those who are coming from a KDE/Gnome/Windows background might initially be put off by the CDE. But after working in it for some time, I found the CDE to be a very functional desktop. To put it succinctly, it has some elements of the AfterStep window manager in GNU/Linux with lots of additional useful features.

In CDE, each component including the Panel can be minimized to the Desktop and all minimized applications are neatly arranged as icons on the Desktop. CDE also saves the state of a running application when you log out. And when you log back in, the application is automatically opened and displayed in its previous position.

Sun provides each Solaris user a choice of subscribing to the Sun Connection. It is a paid subscription and once you join it, you can use the Sun update manager to provide you suggestions, automatically manage updates, prioritize and keep a history of updates. OR you can also choose to apply the updates manually without any assistance. You can also download the latest patches and driver updates at sunsolve.sun.com.

Solaris Management Console 2.11

Considering that Java language is being developed by Sun, it is no surprise that it plays a very important role in Solaris. For instance, to do system administration tasks, Solaris has an all-in-one GUI toolkit in Solaris Management Console which has been developed using Java.

While it is also possible to use commands to achieve system and network administration tasks, to be the preferred way. Here you can know about the status of your system such as your system information, processes running, logs, performance and so on. More over, it contains options to do almost all system administration tasks such as managing users, system configuration, managing services, storage, devices and hardware.

Solaris Management Console uses the concept of a toolbox to provide a view of various system administration tools or applications within a common user interface. It has three components namely :

SMC client called the console
SMC server
SMC console toolbox editor

To start the SMC toolbox editor or the SMC client, you run the following command :

$ /usr/sadm/bin/smc

As you can see, you need not be logged in as root to open the SMC. But to view all tools, it asks for authorization.

Similarly to check the status of the SMC server, you run the following command as root :

# /etc/init.d/init.wbem status

Suppose I want to mount a disk partition in Solaris. It is a piece of cake and is as simple as opening up SMC, then navigating to Storage -> Mounts and shares -> Mounts. Here select from the menu, Actions -> Add NFS mount. And follow the instructions. Similarly there are tools to create and manage RAID volumes.

Fig:

While the number of software bundled with Solaris 10 is no where near that offered by GNU/Linux such as Debian, it does come with a useful set of programs such as the text editor, music player, web browser and so on which makes it a practical solution as a Desktop OS.

To spell out some of the unique software Sun bundles with Solaris 10, you get the advanced StarOffice productivity suite which is build upon Open Office.org, a card game called JSpider developed using Java, a Java based media player, a disk analyser 'JDiskReport' which is a free graphical disk report utility; also developed using Java. JDiskReport enables you to visually understand how much space the directories and files consume on your disk drives.

Fig: A diagramming software

Fig: Get a graphical view of the disk space occupied by your files.

Solaris also has support for popular browser plugins for Java, Adobe Acrobat Reader, Realplayer and Flash player (ver 7.0). You can download the plugins here.

Apart from the software bundled with the official Solaris CDs/DVD, Sun also makes available a collection of GPLed software compiled to be run in Solaris, which you can download from the Sun Freeware webpage.

One thing which I found really strange was the fact that Solaris comes with Mozilla ver 1.7 web browser and not Firefox. So if you are too attached to using Firefox, you are out of luck, unless you succeed in compiling Firefox from source.

Another aspect of Solaris that is really endearing is the excellent set of online documentation which has been made available by Sun. In fact I do not know of any Linux distribution which has even half the quantity of documentation as that made available by Sun Microsystems for Solaris. The Solaris documentation is available at docs.sun.com where each and every technical aspect of Solaris is covered. You can also download whole sets of documentation and guides in PDF format for offline use too. This could be a reason why there are not that many Solaris textbooks in print as you find on GNU/Linux.

Even though Solaris has not attracted the same level of evangelism as Linux has succeeded to attract, it does not have any dearth of followers. There are a large number of websites which cater to providing Solaris specific packages of a variety of software not officially made available by Sun Microsystems. The notable among them being the following :

Blastwave.org - This is a website which provides a slew of GPLed packages for Solaris. The USP of this website is that it provides an easy way of installing its packages on Solaris - some what similar to the apt-get method used in Debian Linux. The script pkg-get that they provide automatically does dependency checking and installs the latest packages that you require. I was really surprised to find GNUCash ver 2.0 among the packages that they offer - some thing which I haven't yet been able to get for Slackware.

SunFreeware.com - This is another humongous (Should I say the largest?) unofficial repository available for Solaris specific packages. And this site is very popular among the Solaris users and administrators alike.

While reviewing Belenix, I had noted the advantages Solaris has over GNU/Linux. Apart from what I had listed, Solaris also has a new advantage which is the "Secure by default" tag that Sun has provided it. The latest version of Solaris comes with all the ports closed by default.

I believe this is an operating system which holds a lot of promise as a Desktop OS. And if the people steering Sun Microsystems take the right decisions (hint: GPL ???), it just might take the fancy of a large section of IT savvy public, enough to motivate many of them to start developing Free software for Solaris.

Is brand name Ubuntu over hyped ?

Ubuntu is a Linux distribution which is famed for its ease of use and has built up an image of being a newbie friendly Linux distribution. Ubuntu has arguably the largest community following compared to all other Linux distributions. And it has enhanced its cause many times by following the policy of shipping free CDs of Ubuntu to anyone willing to try this Linux distribution.

Nowadays if you visit any tech blog or site, you seldom fail to notice at least one article espousing the cause of Ubuntu Linux. In fact, even the media pundits have jumped on to the bandwagon and have started tomtoming the virtues of this very popular Linux distribution (see here, here and many other places).

But recently when I reverentially downloaded the latest version of Ubuntu 7.04 (Feisty Fawn), burned it to a CD and booted into it, guess what? it failed to load.

Fig: Error encountered while booting Feisty Fawn LiveCD

The picture of my monitor above gives an idea of what I was faced with while booting Ubuntu 7.04 from the CD. It was showing an error on the lines that the ata2 port on my machine failed to respond. And I was put into an initramfs built-in shell.

The machine I tried to boot Ubuntu is a moderately recent Pentium 4 machine with 631 MB memory - more than twice the recommended minimum memory needed to load Ubuntu. The machine doesn't have any extra features like bluetooth, WiFi or out of the ordinary peripheral devices. And Debian Etch has been running quite flawlessly on this machine.

I am not an Ubuntu critic. Not even by a long short. In fact, if you search this blog, you will find numerous articles related to Ubuntu where I have talked favorably about it. I was really impressed with Ubuntu 6.06 (Dapper Drake) and its 6 step install method.

But a regular reader of this blog will find that I have been unusually quiet about the next release version which is Ubuntu Edgy Eft (6.10). It is not because I hadn't downloaded and installed it. But I did not find anything worth talking about that particular version. In all fairness to Edgy Eft, it at least booted to a complete desktop on my machine. But the latest version of Ubuntu 7.04 - Feasty Fawn, refuses to even boot and gives me the message as seen in the picture above. In all certainty it is a problem related to the Linux kernel bundled with Fiesty Fawn. Then the question arises as to why the Ubuntu team decided to use that particular version of the kernel. Perhaps that is a price you pay when you adopt experimental features without proper testing. I would really like the Ubuntu team to bring out succeeding versions at par with ver 6.06 in terms of quality.

Considering my experience with Ubuntu Fiesty Fawn against the eulogies in the media, I am forced to ask if the brand name Ubuntu is over hyped - most probably the residual effect of an over-zealous community behind it. No Linux distribution is perfect. Each has its pros and cons. I for one would like to see a balanced discussion about the pros and cons of a distribution without delving into unnecessary fanboy-ism.

Update (22 May 2007): It seems this problem is the result of a bug in Ubuntu Fiesty Fawn. Two days back, I received the CD I ordered through shipit. And even this CD refused to boot properly on my machine. A bug report has been filed at launchpad.net which you can read here. And Bheesh has provided a work around to this problem on his site, which I concede I haven't tried out yet as I do not have the patience to go through the whole ruckus just to boot into a Desktop. So as long as Ubuntu team sleeps over this undecided bug, it is sayonara from me to Ubuntu.

EnGarde Secure Linux 3.0.14

EnGarde Secure Linux is a Linux distribution developed by Guardian Digital - an open source Internet security company, and is designed with security in mind. Built from grounds-up, this product has been in development since 1999. EnGarde Secure Linux highlights its "Secure by default" tag as the one reason that it should be favored to be used as a Linux server. The developers have considerably reduced its size to include server-only applications and the whole administration of the server from the rebooting to its shutting down as well as configuring and maintaining web servers, database servers and so on can be done remotely from the confines of a web interface.

Guardian Digital has split EnGarde Secure Linux into three branches. Them being

The Unstable branch which contain bleeding edge packages and is open only to developers.
The community branch which is provided for free and is supported by the open source community. And lastly...
The professional branch which is officially supported by Guardian Digital. And which needs to be bought.

The main difference between the community branch and the professional branch apart from the fact that one is free and the other is paid version is that Professional branch is much better tested and documented and can avail of the official support of Guardian Digital. Compared to that, the community branch will have to rely on the mailing list for support.

Features of EnGarde Secure Linux are many and are as follows (as quoted from their website) :

Linux 2.6 kernel for the latest hardware compatibility
SELinux Mandatory Access Control provides high security by strictly enforcing service separation at the kernel level
Guardian Digital Secure Network features free access to all system and security updates and allows for quick and easy updating of the entire server
Broad support for server hardware, including 64-bit AMD architecture and hardware RAID
Web-based management of all functions, including the ability to build a complete web presence with FTP, DNS, HTTP, SMTP and more
Secure up-to-date LAMP stack serves virtual websites with Apache v2.0, MySQL 5.0, and PHP 4.4 (PHP 5.0 available as an optional package)
Latest BIND 9.3 provides secure DNS services
Completely new WebTool, featuring easier navigation and greater ability to manage the complete system via a secure web browser connection
RSS feed provides ability to display current news and immediate access to system and security updates
Integrated firewall with ability to manage individual firewall rules, control port forwarding, and creation of IP blacklists
Commercial grade Network Intrusion Detection System displays and graphs incoming attacks in real time
Built-in Host IDS monitors system files for unauthorized changes to ensure system integrity
Built-in UPS configuration provides ability to manage an entire network of battery-backup devices
Real-time access to system and service log information

Ryan Berens who is an open source advocate at Guardian Digital tells me that EnGarde Secure Linux is a fully functional platform distribution that focuses on integrated security and ease of management. EnGarde Secure Linux has also been released by Guardian Digital as a Live CD so that it can be taken for a test drive without installing on ones machine.

A new way to look at networking

Van Jacobson is a research fellow at PARC. Prior to that, he was the Chief Scientist and co-founder of Packet Design, Chief Scientist at Cisco and has also headed the Network Research group at Lawrence Berkeley National Laboratory.

Van talks at Google Tech Talks about the concept of a network and how it enables the efficient transfer of data from one remote location to another. In the talk Van laments how the network research in the US has stuck in a dead end for the past decade or so and it should be a wonderful time for networking as every thing is connected to everything else, there are cell phones, computers, laptops, PDAs and so on and each can be connected with each other. But unfortunately as Van puts it every thing we do with networking is getting harder. Wireless barely works and information or data is not at sync with all the diverse devices we use. In his talk he puts forward his idea of how networking can be made simpler.

A very informative talk worth watching by anyone who is interested in knowing how computer networks work. Duration: 1 Hr 21 Min

Metric equivalent of Microsoft fonts for Linux

Visit any random website and chances are the website expects your machine to have a set of which have become the de-facto standard on the Internet. The fonts being Arial, Times New Roman, Courier New and so on. While it may not be illegal to install these fonts on a Linux machine, they are propritery and are owned by . And Microsoft does not licence third parties to redistribute these fonts - a reason why you don't find these commonly used popular fonts installed in Linux by default.

This is going to change once and for all. Red in association with Ascender Corp has developed a set of fonts which are the metric equivalent of the most popular Microsoft fonts, and they have released it under the GPL+exception license. Three sets of fonts have been released, them being:

Sans - a substitute for Arial, Albany, Helvetica, Nimbus Sans L, and Bitstream Vera Sans
Serif - a substitute for Times New Roman, Thorndale, Nimbus Roman, and Bitstream Vera Serif and
Mono - a substitute for Courier New, Cumberland, Courier, Nimbus Mono L, and Bitstream Vera Sans Mono.

The advantage for Linux users is that now you don't have to explicitly install Microsoft fonts anymore as the web sites or documents which use Microsoft fonts will display flawlessly using the metric equivalent fonts which can be included in all Linux distributions by default.

The work on the fonts is yet to be completed and so will be released in two stages. In the first stage, all the fonts are released as fully usable but will lack the full hinting capability provided by True Type/Free Type . In the second phase of the release which will happen some time in later half of 2007, the fonts will have full hinting capability and will be at par with or excel the Microsoft fonts in quality. For now Red Hat has made available all the fonts for download so that you can test it on your machine.

Creating good quality fonts - ie. fonts which retain its quality even in smaller sizes is a very tedious and time consuming process. And buying good quality fonts is a very costly affair with each set of fonts costing anything upwards of $100 . By taking the initiative to develop good quality fonts which are the metric equivalent of Microsoft fonts, and releasing them under a Free licence, Red Hat has done a very good deed and Open Source cause.

Using netselect-apt - Tip to select the fastest Debian mirror

Each time I install Debian - and I have done it scores of times on multiple machines, I get frustrated in choosing the right Debian mirror for updating the package database on my machine using 'apt-get update', or installing a new package for that matter.

Some of the questions that I had to find a solution for were ... Do I choose the Debian mirror in my country (India) or do I use one of the US servers ? Is there any way to find which of the two are the fastest for my geographic location ?

It might sound ironical, but experience tells me that the truism of choosing a Debian apt mirror closest to ones location does not hold true for me. Because at all times, when I have used a mirror from India, it is dead slow. And believe it or not, the responsiveness of the mirror will do a great deal of difference to how fast you are able to update your Debian machine.

Enter netselect-apt, a package which helps one to find and use the fastest Debian mirror for his region. What this script does in conjunction with 'netselect' command is, it first downloads a list of all the Debian apt mirrors from the official Debian website using wget. The list is saved in a file named 'mirrors_full' in your current directory. It then checks the responsiveness of each of the servers in the list and then selects the fastest among them. Finally it writes the necessary code in the sources.list file and saves it in your current directory. Considering that on last count there are a total of 248 Debian mirrors to choose from, that is a pretty tedious job.

In order to use netselect-apt, the first thing you have to do in your newly installed Debian machine is download and install the netselect-apt package. This can be done as follows :

# apt-get install netselect-apt

The netselect-apt package depends on the netselect package and so it will also be automatically installed.

You can pass a couple of options while invoking the netselect-apt command. For instance, I have Debian Etch installed on my machine. And if I want to find the fastest Debian Etch repository mirror for my geographic region, I run the netselect-apt command as follows :

# netselect-apt etch

If I want it to include non-free software section as well while creating the sources.list file, then I use the -n option :

# netselect-apt -n etch

You can also ask netselect-apt to select only ftp servers instead of http ones by passing the -f option.

# netselect-apt -n -f etch

Apart from etch, you can pass the following options - stable, testing, unstable, experimental, woody, sarge and sid. If you choose not to pass any options, then by default netselect-apt uses 'stable' as the option.

Once it finishes its work, you will find a newly created sources.list file in your current directory which will have the necessary code pointing to the fastest Debian server for your location. Now all you have to do is to copy the sources.list file to /etc/apt/ directory and do an apt-get update.

# cp ./sources.list /etc/apt/sources.list
# apt-get update

Please note that the speed of the servers change over a period of time and is dependent on a variety of external factors. So the server that netselect-apt chooses today need not be the fastest one for you say, a couple of weeks hence. So if you are in the habit of installing and updating software all the time, it will be prudent to run netselect-apt once every week or so and update your sources.list file to point to the fastest mirror.

Difference between Computer Science, Computer Engineering and Software Engineering degrees

There was once a time when a major percentage of people who had anything to do with computers were in more ways than one Electrical Engineers by training. In fact I have seen many popular books on Computer science and electronics which are authored by people who have a background in Electrical engineering.

Then with change in times and fast technological progress, the electronics and computer field evolved and they branched into seperate engineering fields. And now computers have come a long way that this branch of learning has in turn split into sub streams namely Computer Science, Computer Engineering, Software Engineering and so on. Ask a techie what is the difference between these similar streams of study and in most cases you are sure to get a blank stare.

I myself didn't know about the difference between these computing streams until I chanced upon this very informative article authored by Tony. In the article, he explains in what way these are different from each other. For example he notes that Computer Science is inherently mathematical in nature and is about writing code where as Software Engineering is thinking about writing the said code (what ever that means). And Computer Engineering discipline deals with design of specialized type of software, and incorporates more hardware material into studies.

(IN)Secure Magazine - a free security magazine in PDF format

One thing which any operating system worth its name should take seriously is the concept of security. In this internet age when more and more people are getting access to always-on broadband, security is all the more important.

I read in one article in a mainstream media that credit card fraud is becoming rampant and is on the rise. The fraudsters hack into vulnerable machines and access confidential data. While some operating systems struggle to contain the security threats, many others fare better in this department. Linux is inherently considered to be more secure. But the most secure operating system is by far OpenBSD which has seen only two vulnerabilities in its code in 10 years.

(IN)Secure is a magazine which is dedicated to discussing security related aspects of Operating systems. It is a monthly magazine which is freely made available for download in a PDF format. Mirko Zorz is its Chief Editor. The magazine carries security articles related to all operating systems. In the latest (11th edition) of the magazine, you may read an article on iptables titled - "IPtables : An introduction to a robust firewall". I may add that the article was contributed by me and so if you do read the article and find any faults, you may let me know about it rather than troubling Mirko ;-). You can download the 11th issue of the (IN)Secure magazine here (PDF file).

PC-BSD 1.3.4 Review

FreeBSD along with OpenBSD and NetBSD form the triumvirate of BSD operating systems. Traditionally these BSDs are server centric operating systems - ie. those which are tuned to be run on a server rather than to be used by the end user as a desktop. Still, with a bit of tweaking and configuration, all the three of them can be used as viable desktop operating systems.

PC-BSD is a direct descendant of FreeBSD. As the name indicates, PC-BSD is a BSD operating system which lays stress on its use as a Desktop catering to the end users. From the point of its inception, the USP (Unique Selling Point) of PC-BSD has been to make it as easy as possible to install, update and use software, at the same time bringing all the powerful security features and stability of the traditional BSDs. Over one year back, I had reviewed PC-BSD 1.00 and if you have read the review, you would have found that my initial impression of this operating system was very positive. In the succeeding months many changes have taken place for PC-BSD. For one, in October 2006 PC-BSD got acquired by iXsystems which is now in control of the project - though Kris Moore, the founder of PC-BSD is still its project leader and has the final say. Apart from the acquisition, the project has moved quite smoothly.

One of the main changes I can see for PC-BSD 1.3 when compared to ver 1.0 is the drastic enhancement of the graphical installer with a couple of additional options thrown in. For example, at the time of installation, there is an option to encrypt the swap partition, there are options to open or close most popular ports such as the port used by SSH and so on, a choice of enabling or disabling the firewall and with a few clicks you finish installing the OS.

Fig: PC-BSD desktop

The current version of PC-BSD is ver 1.3.4. Some time back, I had downloaded ver 1.3.0 of PC-BSD and had installed it on my machine. The PC-BSD team have made it possible to upgrade the OS to the most recent version - 1.3.4 by downloading and installing a couple of patch files. Thus I had to download and install just over 40 MB of patch files which are made available in PBI format, to upgrade PC-BSD from ver 1.3.0 to 1.3.4. As a matter of fact, you do not even have to download individual files yourself to upgrade the OS. There is a GUI tool called "PC-BSD Online Update" which can be accessed by navigating through KDE Menu -> Settings -> System Administration -> "PC-BSD Online Update", that can be configured to automatically detect if there are updates available and then download and install them for you.

Post Installation scenario

It is really remarkable that the installation of PC-BSD went without any glitch and all the peripherals were detected properly. Sound worked out of the box and in no time, I was face to face with the graphical login screen. PC-BSD is a KDE centric operating system and comes with the latest version of KDE ver 3.5.5 and many useful software installed by default.

Once I logged into PC-BSD, I navigated to the PBI resource web page which contain the latest versions of most popular software such as FireFox 2.0.0.3, OpenOffice.org and so on and started installing those software which I use on a regular basis. As far as PC-BSD is concerned, you do not have to worry about dependencies as each PBI is a stand alone package which contain all the necessary libraries needed to run the program. So FireFox PBI will contain not just the FireFox binary but also dependent libraries as well.

Fig: It is possible to schedule the update of the OS to install security patches.

The PBI (short for PC-BSD Installer) is a GUI installer that is similar to its Windows counterpart, and is coded using Qt. To install a software, just double click on the respective PBI and follow the instructions. You also have the option of cleanly uninstalling the software from within the PC-BSD software manager.

Fig: View and remove the installed PBIs

Essential housekeeping in PC-BSD

One of the first things you should do the first time you boot into PC-BSD is to update the ports and install them. PC-BSD uses the FreeBSD 6.1 ports. And when you install software using the ports, you are essentially installing FreeBSD software. But unlike FreeBSD where you have to dabble with command line to update and install the ports, in PC-BSD, you can do the same using the GUI front-end with the click of a button (See the image below).

Fig: Install ports with the click of a button

Next I had to install the multimedia codecs to enable PC-BSD to play audio and video files in proprietary media formats. As with all Open Source projects, PC-BSD also follows the principle of not shipping the proprietary codecs by default and requires that the end user install them by themselves if they want to. Here is the interesting part. To install the multimedia codecs, all I had to do was to download and install the requisite PBI file from the PBI online repository. And viola!!, I was able to not only play wmv and quick time files but also watch encrypted DVD movies as well.

Fig: Kaffene media player detects all the codecs.

I have an Nvidia graphics card and I wanted PC-BSD to harness the full potential of the graphics card. Usually you can get along very well with the Nvidia open source driver but if you want to use OpenGL programs for instance, you need to install the proprietary driver. In the PBI repository, you will find a number of builds of Nvidia proprietary drivers for PC-BSD and you can choose the best package which works for you.

I found enabling Flash to be a little tricky affair. Mainly because Adobe has not yet released Flash Player ver 9.0 for BSDs. And the native build of Flash player for BSDs is still at ver 7.0. While you can very well install this version of flash player, many flash enabled websites now a days require you to have version 8.0 or above to view them - a big handicap for BSD users. One work around you have for PC-BSD is to install the Linux version of FireFox web browser. You heard me right. It is possible to install most Linux software and run them without any modification in PC-BSD. This is made possible because PC-BSD has a Linux compatible module installed.

I installed the Linux version of the latest build of FireFox from the PBI online repository as well as the Flash player ver 9.0 from here. And I was able to view flash websites without any problem. Of course I encountered a minor glitch in that each time I open two flash based websites simultaneously, Linux version of FireFox crashes. But by and large I was able to manage as long as I had only one flash website open at any given time.

I also downloaded and installed Sun's JDK 1.5 from the PBI online repository.

Is PC-BSD a FreeBSD clone ?

At first glance, one might be tempted to pass off PC-BSD as a clone of FreeBSD with some frills thrown in, as PC-BSD uses the FreeBSD ports. And it is easy to think that if you are installing software using ports, you are essentially getting FreeBSD software. But on close scrutiny, I was able to find notable differences. Some of them are as follows :

A GUI installer which eases the installation process.
Use of PBIs to install many software.
Incorporating OpenBSD's robust and powerful PF firewall instead of the firewall bundled with FreeBSD.
Many GUI front-ends which aid package management.
Easily start/stop and enable/disable services via its equivalent GUI.
Use of blacklist script to automatically ban IP addresses of machines of potential crackers who try to hack into your machine.

Suggestions for further improvement of PC-BSD

The three BSDs namely FreeBSD, OpenBSD and NetBSD have their own independent ports. PC-BSD team could also start maintaining its own independent ports system instead of depending on the FreeBSD ports. One disadvantage of depending on FreeBSD ports is that you have to sometimes wait a long time before the software gets updated in the ports.

Take for instance GnuCash finance software. It is not easy to create a standalone PBI of GnuCash as it has to satisfy a lot of dependencies. And as of now the FreeBSD ports have the older version (1.8) of GnuCash which is markedly different from the latest version of ver 2.0 especially in the file format which the respective versions use to save the data. And the PC-BSD team has to wait until the GnuCash port has been updated to the latest version by the FreeBSD port maintainers. Truth be told, there is a GnuCash 2.0 place holder in the ports I downloaded in PC-BSD but when I give the command :
```
# make install clean

===>   gnucash-2.0.5_3 depends on package: guile>=1.6.8_2 - not found
===>   Found guile-1.6.8_1, but you need to upgrade to guile>=1.6.8_2.
*** Error code 1

Stop in /usr/ports/finance/gnucash.
*** Error code 1
```
... it complains that guile package is an older version and GnuCash requires a newer version of the same. These snags could be done away with if PC-BSD maintains its own ports with periodic selective syncing with FreeBSD ports.

When a user enters a root password to do system administration tasks using GUI, PC-BSD should offer to remember the root password so that the user does not have to enter it the next time he want to run a program in super user mode. Many Linux distributions such as Debian and Fedora have this feature. At present, if I want to install say 10 PBI's I have to enter the root password 10 times - ie. each time I execute the PBI, it asks for root password which gets really tedious. KDE dialog has a check box which offers to "keep the password" but it doesn't seem to have any effect.
The PBI should have an option to install software system wide or on a per user basis. This suggestion might seem strange but in a multi-user environment, it is not possible to hand over the root password to every one. And if a user wants to try out a software by downloading the PBI, he should be allowed to install it in his home directory if he cannot enter the root password.
The PBI should also support execution from the command line. This is not a must have feature but it can be convenient to execute and install a PBI package in certain situations where you have booted into console mode.
It would be nice to have a GUI front-end which allows a lay person to write custom firewall rules for PF.

Epilogue

PC-BSD is turning out to be an excellent alternative to other popular Desktop OSes. After testing and using PC-BSD for some time now, I can't but admire the sheer amount of work that is put into creating, developing and molding an OS for the lay person albeit with a strong slant towards FreeBSD. The fact that PC-BSD is able to accomplish all the tasks expected by an end user - be it using the Internet for communication, listening to music, watching movies or using it for recreation purposes holds it in good stead as a viable Desktop OS.

The Linux