New Year 2007 - The year of GNU/Linux

Today is the dawn of a new year, the year 2007. Every year, we wish, hope and dream that it will be the year when GNU/Linux will gain critical mass appeal - not that it has failed to significantly widen its base. One of the most endearing aspect of GNU/Linux for me over and above the ideological considerations is its simplicity.

A couple of years back, when I was yet to be introduced to Linux, I remember having faced many situations when my OS (Windows 98) had died on me for no apparent reason and I was left staring at the blue screen of death. The outcome being doing a clean re-install of Windows. From those experiences, I realized that the Windows was a complex beast especially when it came to troubleshooting problems. Compared to that, troubleshooting in GNU/Linux is akin to a piece of cake or a walk in the park.

The inherent strength of GNU/Linux lies in the fact that all the configuration pertaining to the OS is saved in liberally commented text files which reside in a specific location. And almost all actions executed by the OS is logged in the appropriate files which are also plain text files. For example, reading the file /var/log/messages will reveal a wealth of knowledge about the actions carried out by the OS and the errors if any during boot-up. So once the initial learning curve is overcome, it becomes a joy to work in GNU/Linux.

Some time in 2007, we can hope to see KDE 4.0 released. Already, when I compare KDE 3.5 with older versions, I have found significant increase in speed with which applications start up. KDE 4.0 is expected to be much more snappy as it is developed using Qt 4.0 library and will contain a lot of additional features. Of course, this year Microsoft is also officially releasing its new OS Vista. But many reviews indicate that there are lots of shortcomings in Microsoft's latest offering and the general opinion is that it is not worth its price tag.

I am not trying to disparage Microsoft but when you have a fabulous choice in GNU/Linux which comes with an unbeatable price tag (Free) and if you are able to do almost all your tasks in GNU/Linux baring say playing some of your favorite games, why would you consider buying another OS paying hundreds of dollars ? More over if you are an avid gaming enthusiast, you should rather be buying a Sony PlayStation or a Nintendo Wii or even an XBox and not an OS.

There was a time when I used to boot into Windows to carry out certain tasks. But for the past many months, I have realized that I am able to do all my tasks from within GNU/Linux itself and it has been some time now since I have booted into Windows.

But when we look back, Linux or rather GNU/Linux the OS has done quite well in 2006. With many popular distributions opting for a 6 Month release schedule, we get to try out at least two versions each of many distributions each year. More over, we get the latest software too. Other than that, in 2006 we also saw the open source release of Java code by Sun Microsystems - a great victory for Free software enthusiasts. The Linux BIOS project also got its share of publicity with many hardware manufacturers evincing interest in the project. So in many ways I look forward to an exciting year 2007 for GNU/Linux, Open Source and Free Software. And as always (lets hope) 2007 is going to be the Year of GNU/Linux.

On this positive note, I wish you all a very happy and prosperous New Year.

A great collection of repositories for Open SuSE Linux

When ever I try out a GNU/Linux distribution, the one thing which hound me atleast in the initial stages is the lack of awareness about additional repositories particularly the ones which contain software packages which are necessary to make working in Linux a complete experience. So the first time I tried Red Hat, I had to scrounge the Net to get the addresses of additional repositories because the servers which hosted the Red Hat official repositories were stretched to their limits and were dead slow and more over, they did not contain non-Free software.

When I tried Ubuntu, this travail was elevated to some extent partly due to the fact that the switches for enabling additional repositories which contained non-Free software was made available in the Linux distribution itself and also partly due to help from the strong active community revolving around it.

Now Vichar Bhatt, a staunch supporter of SuSE Linux - more so for its robustness and superior features, has compiled a collection of repositories which host packages meant for the SuSE Linux distribution though he is quick to point out that installing software from unverified repositories carry a slight security risk. Nevertheless his efforts are commendable. He has also provided a list of official SuSE repositories too which can be found here. Hopefully, the list will be updated as and when new repositories are made available.

KVM Virtualization solution to be tightly integrated with Linux kernel 2.6.20

There is good news on the horizon... which is that Linus Torvalds has merged the KVM code - which is the Kernel Virtual Machine Module in the kernel source tree leading to Linux Kernel 2.6.20. This opens up a lot of avenues as far as Linux is concerned. Using KVM, it is possible to run multiple virtual machines running unmodified Linux or Windows images.

KVM is not the only technology that is around as far as Linux is concerned. But its advantage over other similar technologies is that it is a part of Linux and uses the regular Linux scheduler and memory management which in turn makes it much smaller and simpler to use. It uses slightly modified userland tools that comes bundled with QEMU to manage virtual machines. But the similarity ends there as QEMU inherently uses emulation where as KVM makes use of processor extensions for virtualization.

A normal Linux process has two modes of execution - which is the Kernel mode and the User mode. When you use KVM, Linux will have an additional mode which is the guest mode which in turn will have its own kernel and user modes (see figure below).

On the down side, for KVM to function properly, your computer should have Intel or AMD processors which supports integrated virtualization technology in the hardware level.

25 Shortcomings of Microsoft Vista OS - A good reason to choose GNU/Linux ...

As a continuation of the previous post, here are 25 shortcomings found by Frank J. Ohlhorst when he reviewed the yet to be formally released Microsoft Vista OS. I have added my views which are enclosed in parentesis, alongside the Vista shortcomings.

• Vista introduces a new variant of the SMB protocol - (I wonder what is the future of Samba now...)
• Need significant hardware upgrades
• No anti-virus bundled with Vista
• Many third party applications still not supported
• Your machine better have a truck load of Memory - somewhere around 2 GB. (Linux works flawlessly with just 128 MB... even less).
• Too many Vista editions.
• Need product activation. (Now that is something you will never see in Linux).
• Vista OS will take over 10 GB of hard disk space. (With Linux you have a lot of flexibility with respect to the size of the distribution.).
• Backing up the desktop will take up a lot of space. (Not so in Linux)
• No must have reasons to buy Vista. (The fact that Linux is Free is reason enough to opt for it)
• Is significantly different from Windows XP and so there is a learning curve. (Switching to Linux also involves some learning curve but then it is worth it as it doesn't cost you much and in the long run, you have a lot to gain).
• You'd better come to terms with the cost of Vista - it is really exorbitant running to over $300. (In price, Vista can't beat Linux which is free as in beer and Freedom).
• Hardware vendors are taking their own time to provide support for Vista.(Now a days, more and more hardware vendors are providing support for Linux).
• Vista's backup application is more limited than Windows XP's. (Linux has a rich set of backup options and every one of them is free).
• No VoIP or other communication applications built in. (Skype, Ekiga... the list goes on in Linux).
• Lacks intelligence and forces users to approve the use of many native applications, such as a task scheduler or disk defragmenter. (Linux is flexible to a fault).
• Buried controls - requiring a half a dozen mouse clicks. (Some window managers in Linux also have this problem but then here too, you have a variety of choice to suit your tastes).
• Installation can take hours, upgrades even more. (Barring upgrades, installation of Linux will take atmost 45 minutes. Upgrades will take a little longer).
• Little information support for Hybrid hard drives.
• 50 Million lines of code - equates to countless undiscovered bugs. (True, true... It is high time you switch to Linux).
• New volume-licensing technology limits installations or requires dedicated key-management servers to keep systems activated. (Linux users do not have this headache I believe).
• Promises have remained just that - mere promises. A case to the point being WinFS, Virtual folders and so on. - (Clever marketing my friend, to keep you interested in their product).
• Does not have support for IPX, Gopher, WebDAV, NetDDE and AppleTalk. (Linux has better support for many protocols which Windows do not support).
• Wordpad's ability to open .doc files have been removed. (Now that is what I call extinguishing with style. OpenOffice.org which is bundled with most Linux distributions can open, read and write DOC files).
  

Various ways of detecting rootkits in GNU/Linux

Consider this scenario... Your machine running GNU/Linux has been penetrated by a hacker without your knowledge and he has swapped the passwd program which you use to change the user password with one of his own. His passwd program has the same name as the real passwd program and works flawlessly in all respects except for the fact that it will also gather data residing on your machine such as the user details each time it is run and transmit it to a remote location or it will open a back door for outsiders by providing easy root access and all the time, you will not be aware of its true intention. This is an example of your machine getting rooted - another way of saying your machine is compromised. And the passwd program which the hacker introduced into your machine is a trojaned rootkit.

A rootkit is a collection of tools a hacker installs on a victim computer after gaining initial access. It generally consists of network sniffers, log-cleaning scripts, and trojaned replacements of core system utilities such as ps, netstat, ifconfig, and killall.

Hackers are not the only ones who are found to introduce rootkits in your machine. Recently Sony - a multi billion dollar company, was found guilty of surreptitiously installing a rootkit when a user played one of their music CDs on Windows platform.This was designed *supposedly* to stop copyright infringement. And leading to a furore world wide, they withdrew the CD from the market.

Detecting rootkits on your machine running GNU/Linux
I know of two programs which aid in detecting whether a rootkit has been installed on your machine. They are Rootkit Hunter and Chkrootkit.

Rootkit Hunter

This script will check for and detect around 58 known rootkits and a couple of sniffers and backdoors and make sure that your machine is not infected with these. It does this by running a series of tests which check for default files used by rootkits, wrong file permissions for binaries, checking the kernel modules and so on. Rootkit Hunter is developed by Michael Boelen and has been released under a GPL licence.

Installing Rootkit Hunter is easy and involves downloading and unpacking the archive from its website and then running the installer.sh script logged in as root user.

Fig: Rootkit Hunter checking for rootkits on a Linux machine.

Once installed, you can run rootkit hunter to check for any rootkits infecting your computer using the following command:

# rkhunter -c

The binary rkhunter is installed in the /usr/local/bin directory and one needs to be logged in as root to run this program. Once the program is executed, it conducts a series of tests as follows :

• MD5 tests to check for any changes
• Checks the binaries and system tools for any rootkits
• Checks for trojan specific characteristics
• Checks for any suspicious file properties of most commonly used programs
• Carries out a couple of OS dependent tests - this is because rootkit hunter supports multiple OSes.
• Scans for any promiscuous interfaces and checks frequently used backdoor ports.
• Checks all the configuration files such as those in the /etc/rc.d directory, the history files, any suspicious hidden files and so on. For example, in my system, it gave a warning to check the files /dev/.udev and /etc/.pwd.lock .
• Does a version scan of applications which listen on any ports such as the apache web server, procmail and so on.
  

After all this, it outputs the results of the scan and lists the possible infected files, incorrect MD5 checksums and vulnerable applications if any.

Fig: Another screenshot of rootkit hunter conducting a series of tests.

On my machine, the scanning took 175 seconds. By default, rkhunter conducts a known good check of the system. But you can also insist on a known bad check by passing the '--scan-knownbad-files' option as follows :

# rkhunter -c --scan-knownbad-files 

As rkhunter relies on a database of rootkit names to detect the vulnerability of the system, it is important to check for updates of the database. This is also achieved from the command line as follows:

# rkhunter --update

Ideally, it would be better to run the above command as a cron job so that once you set it up, you can forget all about checking for the updates as the cron will do the task for you. For example, I entered the following line in my crontab file as root user.

59 23 1 * * echo "Rkhunter update check in progress";/usr/local/bin/rkhunter --update

The above line will check for updates first of every month at exactly 11:59 PM. And I will get a mail of the result in my root account.

Chkrootkit

This is another very useful program created by Nelson Murilo and Klaus Steding Jessen which aids in finding out any rootkits on your machine. Unlike Rootkit hunter program, chrootkit does not come with an installer, rather you just unpack the archive and execute the program by name chrootkit. And it conducts a series of tests on a number of binary files. Just like the previous program, this also checks all the important binary files, searches for telltale signs of log files left behind by an intruder and many other tests. In fact, if you pass the option -l to this command, it will list out all the tests it will conduct on your system.

# chkrootkit -l

And if you really want to see some interesting stuff scroll across your terminal, execute the chkrootkit tool with the following option:

# chkrootkit -x 

... which will run this tool in expert mode.

Rootkit Hunter and Chkrootkit together form a nice combination of tools in ones forte to detect rootkits in a machine running Linux.

Update: One reader has kindly pointed out that Michael Boelen has handed over the Rootkit Hunter project to a group of 8 like minded developers. And the new site is located at rkhunter.sourceforge.net

FSF starts campaign to enlighten computer users against Microsoft's Vista OS

When a multi-billion dollar company famed for their extreme stand for all proprietary software is on the verge of releasing their much touted next generation OS named Vista, what does Free Software Foundation which shuns all things proprietary do ? That is right, they start a campaign trying to enlighten the computer users about the pitfalls of buying Vista and also introduce them to the Free alternatives that one can have in place of Microsoft's offer.

FSF has launched a new site named badvista.org which will focus on the danger posed by Treacherous Computing in Vista.

John Sullivan, the FSF program administrator has aptly put it as thus :

Vista is an upsell masquerading as an upgrade. It is an overall regression when you look at the most important aspect of owning and using a computer: your control over what it does. Obviously MS Windows is already proprietary and very restrictive, and well worth rejecting. But the new 'features' in Vista are a Trojan Horse to smuggle in even more restrictions. We'll be focusing attention on detailing how they work, how to resist them, and why people should care.

FSF invites all Freedom loving computer users to participate in the campaign at Badvista.org.

RPM to be revitalized - courtesy of Fedora Project

The hot news right out of the oven is that RPM - the famous package manager that is the base of all Red Hat based Linux distribution packages is going to get a shot in the arm. The Fedora project has decided to create an active community around the RPM. Already a wiki for RPM has been setup which details the project goals.

My first foray with Linux was with Red Hat and during the course of time, I learnt to use RPM to install, upgrade and uninstall packages. But once I started using it, I realized that it was not as simple as it looked. For example, if Package A depended on a library in Package B and Package B was not installed on the machine, then RPM refused to install Package A. And if Package B in turn is dependent on a library residing in Package C, then this problem gets repeated down the line. This came to be known popularly as dependency hell. I have always wondered why Red Hat was not bringing changes to RPM and making the lives of the users easier, given that most packages for Red Hat are RPM based packages.

Perhaps the need of the hour is that all Linux distributions support a universal package format with all packages residing in a central repository, which can be shared by all Linux distributions alike. But this scenario looks bleak with Debian having its own dpkg format and Red Hat based distributions having their own RPM based package formats. Atleast there is going to be better inter operability with different Red Hat based Linux distributions in the future as one of the goals of this new project is to work towards a shared code base between SuSE, Mandrake, Fedora and so on. At present, a lot of work in creating packages and maintaining repositories is being repeated over and over. But Fedora's decision breathes new life in the future of RPM and one can hope to see RPM morph into a more efficient, robust package manager with lesser bugs.

Some of the initial goals of the new project are going to be as follows :

• Give RPM a full technical review and work towards a shared base.
• Make RPM a lot simpler.
• Remove a lot of existing bugs in the RPM code base.
• Make it more stable.
• Enhance the RPM-Python bindings thus bringing greater interoperability between Python programs and RPM.
  

Sun Microsystems - doing all it can to propagate its immense software wealth

A couple of weeks back, Sun Microsystems created a buzz in the tech world when it announced its decision to release their flag ship language Java under a GPL license albeit GPL v2. But even though it could have surprised and gladdened the Free Software fans the world over, it is clear that it was a well calculated, deeply thought out decision which was aimed at the survival and further propagation of the Java language.

It is true that at its core, Sun is a hardware company with the bulk of its revenue being generated from selling high end servers, workstations and storage solutions. But it has also invested heavily in developing robust software. And what is amusing is that it does not charge anything for most of the software it has developed and has been providing it free of cost. OpenOffice.org, Netbeans, Java and Solaris being a case to the point.

At one time, Solaris was the most popular Unix operating system enjoying a huge market share, greater than even IBM AIX and HP-UX combined. Then Linux arrived at the horizon and slowly started chipping away at the market share of all the Unixes including Solaris. With Linux gaining demi god status, it was inevitable that Sun take a deep look at itself. It realized that if it did not re-structure its thinking, it will be reduced to a mere hardware company like Dell selling boxes, from its present status as an IP creator. And it has shown enough foresight to change with changing times. Instead of fighting Linux, it started bundling Linux - more specifically Red Hat Linux with its servers along side its own operating system Solaris. And over an year back, it released the Solaris code under an open license and named it OpenSolaris.

Now Sun is going even further by hinting that it is seriously considering releasing Solaris under a GPL license. A few years back, the PCs that were sold did not meet the minimum requirements for running Solaris which made it a difficult proposition to run it as a desktop. But with rapid advances made in the hardware field, a drastic drop in hardware prices and partly thanks to Microsoft for upping the ante with regard to minimum memory requirements for running Vista, it has suddenly become possible to look at Solaris as a viable desktop OS alternative as it works smoothly with just 512 MB RAM.

Fig: Get a Free DVD consisting of Solaris 10 and Sun Studio software

Taking all these events into consideration, Sun is doing everything in its power to ensure that the fruits of its hard work lives on and gains in popularity. A few days back when I visited Sun's website, I was surprised to see a link offering to send a free DVD media kit consisting of the latest build of Solaris 10 and Sun Studio 11 software to the address of ones choice. I have always believed that one of the reasons for Ubuntu to gain so much popularity was because of its decision to ship free CDs of its OS. Perhaps taking a leaf from Ubuntu, Sun has also started shipping free DVDs of Solaris 10 OS to anybody who want a copy of the same - a sure way of expanding its community.

In the long run, the logical thing for Sun to do will be to release Solaris under GPL. By doing so, Sun would gain the immense good will of the Free Software fans the world over and ensure a permanent place in the history of computing. Unlike GNU/Linux which is a loose amalgamation of scores of individual software pieces around the Linux kernel, Solaris is a whole product whose tools are tightly integrated with its kernel. So even if Solaris is released under GPL, it may not see as many distributions as we see in Linux. And who is better qualified to provide services and support for Solaris other than Sun itself?

Travails of adding a second hard disk in a PC running Linux

Over the years, I have accumulated a couple of hard disks which I salvaged from my old computers. I have a Seagate 12 GB hard disk, a Samsung 2.1 GB hard disk apart from another Seagate 20 GB hard disk. In fact, these were just lying around with out being put to any use and recently I decided to add one of them to my present computer.

I opened up the case and inserted one of the hard disk in the hard disk bay, set up the connectors and turned on the machine hoping to see it boot up as normal. And it did go beyond the Bios POST and I got the grub boot loader screen. But when I chose to boot the Linux distribution, it gave the error that it couldn't find the root partition. That was rather surprising as I had not made any changes to the structure of the hard disk either by re-installing Linux or modifying the grub menu. After some head scratching, I figured out that perhaps the hard disks are detected in a different order by the computer. To verify this, I booted using a Linux Live CD and I was right. The original hard disk was detected by Linux as /dev/hdb instead of /dev/hda and this screwed up everything as the /etc/fstab file and the grub menu had the entry /dev/hda.

The thing to remember is that the hard disks - and I am talking about the IDE variety - have around 8 pins at the back which can be connected together via jumpers. And depending on what position you have set the jumpers, the hard disks will be detected in different ways by the computer.

Usually, when you buy a new hard drive, it will have the jumper pins in the cable select position. This allows the drive to assume the proper role of master or slave based on the connector used on the cable. For the cable select setting to work properly, the cables you are using must support the cable select feature.

In my case, I had two hard disks connected using the same cable and both had the jumper pins in the cable select position. This meant that when I booted the PC, it automatically selected one hard disk as the primary master and the other as the primary slave. And unfortunately, it selected the hard disk which had the Linux OSes as the primary slave which was why it was detected by Linux as /dev/hdb instead of /dev/hda.

Fig: Hard disk jumper settings

Once I figured this out, the solution was simple. I re-opened my computer case and changed the jumper settings of the hard disk containing the Linux OS to the primary master and the jumper settings of the second hard disk to the slave position (See figure above). And I was able to boot into Linux without a problem.

One thing worth noting is that different IDE hard disks have different jumper positions for setting them as primary and slave and the positions are usually printed on top of the hard disk. So you should check the table printed on your hard disk before changing the jumper pins.

Now if you are wondering what I did with the remaining two hard disks, I could have very well added them too but then you can connect only a total of four devices this way namely primary master, primary slave, secondary master and secondary slave. And if I did that, there wouldn't have been a vacant slot to connect the internal CD Writer and the DVD drive. So I use these two hard disks for backing up data.

Humor - Get your ABC's of Linux right

Recently, one of my friends shared with me this rather funny ode to Linux which was passed on to him by a friend of his, which I am in turn sharing with you. So without much ado, here is the rhyming ode to Linux ...

A is for awk, which runs like a snail, and
B is for biff, which reads all your mail.
C is for cc, as hackers recall, while
D is for dd, the command that does all.
E is for emacs, which rebinds your keys, and
F is for fsck, which rebuilds your trees.
G is for grep, a clever detective, while
H is for halt, which may seem defective.
I is for indent, which rarely amuses, and
J is for join, which nobody uses.
K is for kill, which makes you the boss, while
L is for lex, which is missing from DOS.
M is for more, from which less was begot, and
N is for nice, which it really is not.
O is for od, which prints out things nice, while
P is for passwd, which reads in strings twice.
Q is for quota, a Berkeley-type fable, and
R is for ranlib, for sorting ar table.
S is for spell, which attempts to belittle, while
T is for true, which does very little.
U is for uniq, which is used after sort, and
V is for vi, which is hard to abort.
W is for whoami, which tells you your name, while
X is, well, X, of dubious fame.
Y is for yes, which makes an impression, and
Z is for zcat, which handles compression.

I noticed one error in the third line of the poem though, which is that Linux does not use the cc compiler, rather it uses gcc. But apart from that, this is a nice compilation.

Trolltech's Qtopia Greenphone

We are moving towards an era where the line demarcating a computer and the rest of the electronic devices is at best getting hazy. Take the mobile phones for instance... Now a days, the sheer power and the number of features available in some models of mobile phones rivals those found in a low end PC. Electronic devices are fast morphing into gadgets which are many things for different people.

Trolltech, the creators of the Qt library which is used to develop KDE has released a Linux mobile development device - the rest of us can call it a mobile phone. What is unique about this phone is that it is powered by Linux and more importantly, it is aimed at the developers who are interested in creating applications using the Greenphone SDK and the phone allows the developers to test their applications on it. The current model of greenphone was developed with close cooperation with a Chinese device manufacturer called Yuhua Teltech. Offered as a part of the Greenphone SDK, Trolltech claims that this powerful GSM/GPRS device provides the perfect platform for creation, testing and demonstration of new mobile technology services.

Fig: Trolltech's greenphone powered by Linux.

Nathan Willis who spent a couple of weeks with a review unit reveals his thoughts about this unique product from Trolltech. And even though he finds a couple of faults with the design of the phone, he concludes that nevertheless, it is a small step in the right direction. He has also made available a slide show of the pictures of the phone here.

Specifications of the Qtopia Greenphone

The software that powers this phone consists of Qtopia Phone Edition 4.1.4 and Linux kernel 2.4.19

The hardware consists of the following:

• Touch-screen and keypad UI
• QVGA® LCD color screen
• Marvell® PXA270 312 MHz application processor
• 64MB RAM & 128MB Flash
• Mini-SD card slot
• Broadcom® BCM2121 GSM/GPRS baseband processor
• Bluetooth® equipped
• Mini-USB port
  

Minimum system requirements for the development environment are as follows:

• 512 MB RAM
• 2.2 GB HDD space and
• 1 GHz processor
  

It may be worth noting that there are a number of embedded devices which are powered by Linux, Nokia's internet tablet being a prominent one. But what makes Trolltech's greenphone unique is the open developement environment provided with a capability to reflash application memory thus making it truly Open Source.