"Linux Gazette...making Linux just a little more fun!"


More 2¢ Tips!


Send Linux Tips and Tricks to gazette@linuxgazette.net


Contents:


NumLock - On at Startup

Date: Mon, 02 Nov 1998 09:37:58 -0500
From: Brian Trapp, bmtrapp@acsu.buffalo.edu

Here's a 2 cent tip for others trying to turn NumLock on at startup (I'm using Red Hat 5.1, Linux 2.0.34)

Dennis van Dok wrote in to let us know there's a program called "setleds" that will handle this kind of activity. The "Linux FAQ" http://theory.uwinnipeg.ca/faqs/section7.html#q_7_10 has this to say about how to set this up automatically.

Question 7.10. How do I get NUM LOCK to default to on ?
Use the setleds program, for example (in /etc/rc.local or one of the /etc/rc.d/* files): for t in 1 2 3 4 5 6 7 8
do
setleds +num < /dev/tty$t > /dev/null
done
setleds is part of the KDB package (see Q7.9 `How do I remap my keyboard to UK, French, etc. ?').
Alternatively, patch your kernel. You need to arrange for KBD_DEFLEDS to be defined to (1 << VC_NUMLOCK) when compiling drivers/char/keyboard.c.
Steve Head also wrote in saying he thought there was a setting in the X11 configuration file to change this, but I haven't had a chance to try that yet.

Again -- the Linux community comes through. Thanks to all who helped.

Brian Trapp


Environment configuration using zsh

Date: Wed, 04 Nov 1998 02:27:39 +0100
From: Gerard Milmeister, gemi@bluewin.ch

It may happen that I want to use a software package which includes lots of binaries, sometimes even hundreds of them as is the case with BRLCAD. These packages live in their own directories, for example /usr/local/brlcad/bin, /usr/local/brlcad/lib etc. I don't want to cp, mv or ln the binaries in a common place like /usr/local/bin as they would clutter up these directories and, more important, name clashes can arise. Furthermore these packages require environment variables to be set, and it would be cumbersome to configure these in a personal .zshrc file.

The following method using zsh may help to quickly set up an environment appropriate for the specific package.

The idea is, that calling a script, e.g. brlcad_setup, living in a common place, will make a new instance of shell properly set up. Using zsh it is possible to modularize the configuration, such that it is possible build up a general configuration tool.

Example:
In the directory /usr/local/brlcad I put the following shell script, linked into /usr/local/bin:

brlcad_setup:

#!/bin/sh
export BRLCADHOME=3D/usr/local/brlcad # (*)
export PATH=3D$BRLCADHOME/bin:$PATH   # (*)
export MANPATH=3D$BRLCADHOME/man      # (*)
export ZDOTDIR=3D/usr/local/lib/zsh   # (**)
export PSNAME=3Dbrlcad                # (**)
exec zsh                            # (1) (**)
In /usr/local/lib/zsh there is a replacement .zshenv file:
. ~HOME/.zshrc
export PSLOCAL=3D$PSNAME:$PSLOCAL
PS1="[$PSLOCAL%n]:%~:$"
This is called at (1) in place of the user's .zshenv and will set up the prompt, so that the user is able to see in what environment he works. The lines (*) are the customization for the particular package. The lines (**) can be used as a template for other configuration scripts, with PSNAME set to the name of the package. I have created scripts for gpm (Modula-2 compiler, name clash with the console mouse driver), brlcad and bmrt.

Example session:

[gemi]:~:$brlcad_setup =

[brlcad:gemi]:~:$bmrt_setup =

[bmrt:brlcad:gemi]:~:$gpm_setup =

[gpm:bmrt:brlcad:gemi]:~:$exit
[bmrt:brlcad:gemi]:~:$exit
[brlcad:gemi]:~:$exit
[gemi]:~:$
At each level, the PATH configuration and other environment variables are available for the packages displayed in the prompt, and will disappear as soon as a shell is exited.

--
Gerard


XWindow servers for MS PCs

Date: Fri, 6 Nov 1998 17:09:58 +1300
From: Mark Inder, mark@tts.co.nz

A while ago I inquired about X Windows servers for PC's so that I could run my Linux GUI on my PC for administration etc.. I got about 32 replies. Great support! I have summarized the replies here in case anybody else is interested. I tried the MI/X and VNC. I found MI/X tricky and not very solid, and VNC to be amazingly flexible. Try viewing your own desktop from another PC while viewing that PC's desktop.

Replies:

--
Mark Inder


Simultaneous color depths for X

Date: Tue, 10 Nov 1998 16:47:34 -0500
From: Adam Williams, awillia1@chuma.cas.usf.edu

With this technique you can run several X servers simultaneously with different color depths. This comes in handy for interoperating programs that only support a few color depths or previewing images in different color depths, all without quitting the current session or so much as opening a Control Panel.

Create a startx file for every bit depth called startx8, startx16, or startx24. Give yourself execute permission on those.

In each startx file put the following, which is a slightly modified version of the default startx:

#!/bin/sh

bindir=/usr/X11R6/bin

userclientrc=$HOME/.xinitrc
userserverrc=$HOME/.xserverrc
sysclientrc=/usr/X11R6/lib/X11/xinit/xinitrc
sysserverrc=/usr/X11R6/lib/X11/xinit/xserverrc
clientargs=""
serverargs=""
display=:0
depth=8

if [ -f $userclientrc ]; then
    clientargs=$userclientrc
else if [ -f $sysclientrc ]; then
    clientargs=$sysclientrc
fi
fi

if [ -f $userserverrc ]; then
    serverargs=$userserverrc
else if [ -f $sysserverrc ]; then
    serverargs=$sysserverrc
fi
fi

whoseargs="client"
while [ "x$1" != "x" ]; do
    case "$1" in
	/''*|\.*)	if [ "$whoseargs" = "client" ]; then
		    clientargs="$1"
		else
		    serverargs="$1"
		fi ;;
	--)	whoseargs="server" ;;
	*)	if [ "$whoseargs" = "client" ]; then
		    clientargs="$clientargs $1"
		else
		    serverargs="$serverargs $1"
                    case "$1" in
                        :[0-9])  display="$1" ;;
                   esac
		fi ;;
    esac
    shift
done

serverargs="$serverargs $display -auth $HOME/.Xauthority -bpp $depth"
mcookie=`mcookie`
xauth add $display . $mcookie
xauth add `hostname -f`$display . $mcookie

echo "xinit $clientargs -- $serverargs"

exec xinit $clientargs -- $serverargs
Change the display and depth variables to different numbers for every startx file.

For example:b4 For an 8 bit server set depth=8 and display=:0
For a 16 bit server set depth=16 and display=:1
For a 24 bit server set depth=24 and display=:2

You can even have several startx files for the same bit depth as long as the display variables are different.

Now you can start up an 8 bit server with startx8. Open an xterm and type startx16 to get a 16 bit server without quitting the 8 bit server. You can switch between servers using the Ctrl-Alt-F keys.


Netscape

Date: Tue, 10 Nov 1998 08:25:13 -0600
From: Jim Kaufman, hsijmk@harmonic.com

You recently published the following tip:

Nevertheless, Netscape seems to create a directory nsmail in the user's home directory every time it starts and doesn't find it, even if mail is not used. This is annoying. Here's a trick which doesn't make this directory go away, but at least makes it invisible.
I didn't find a GUI equivalent to change this setting so you have to do the following:
Edit the file ~/.netscape/preferences.js and change all occurrences of 'nsmail' to '.netscape'. The important thing here is, of course, the leading dot before 'netscape'.

My recommendation is to edit ~/.netscape/preferences.js and change the occurrences of 'nsmail' to '~/Mail' That way, netscape can display mail if I choose, or I can use another mail reader (elm, mutt, pine, etc.) configured to use the same directory.

--
James M. Kaufman


Hard Disk Duplication - Update

Date: Mon, 9 Nov 1998 23:41:06 -0800
From: Michael Jablecki, mcjablec@ucsd.edu

The Ingot program did not work well for me. Power Quest has, IMHO, a superior product for less money -- drive image. Good stuff! http://www.powerquest.com

--
Michael


Back Ups

Date: Sun, 25 Oct 1998 03:46:10 +0000
From: Anthony Baldwin, ab@spkypc.demon.co.uk

Here's my two cent tip:
Disk space is relatively cheap, so why not buy a small drive say 500Meg which is used for holding just the root /lib /bin /sbin directories. Then setup a job to automatically back this up to another drive using "cp -ax" (and possibly pipe it through gzip and tar). This way when the unthinkable happens and you loose something vital, all you have to do is boot from floppy mount the 2 drives and do a copy. This has just saved my bacon while installing gnu-libc2

--
Anthony Baldwin


Tips in the following section are answers to questions printed in the Mail Bag column of previous issues.


ANSWER: Re: suggestion for Linux security feature

Date: Sun, 01 Nov 1998 01:10:10 -0700
From: Warren Young, tangent@cyberport.com

In regards to a letter you wrote to the Linux Gazette:

A. only that user could access their own cache, cookies, pointer files, etc.

I will first assume that you already have the computer basically secured: you are not logging in as "root" except to maintain the system, and the "regular user" account you are using does not have permission to write files to any other area of the hard disc than your own home directory. (I will ignore the "temporary" and other "public" directories.)

The first step is to set the security permissions on your home directory and its subdirectories. I won't go into the details here (that's best left to a good introductory Linux text), but you can have the system disallow other users from reading and/or listing the contents of your directories, as well as disallowing write access. (Under Red Hat Linux 5.0, the default is to disallow others _all_ access to your home directory, but subdirectories you later create aren't protected in this way.) Do the same for your existing files.

Next, learn to use the "umask" command. (This command is part of your shell -- find out what your "login shell" is, and then read its manual to find info about this command.) The umask command sets the "default file permissions" for new files. For example, you can make the system create new files and directories such that only you can read them or write to them.

One other thing you should look into is an encrypting file system driver. I seem to recall hearing of such a thing for Linux, but I can't recall any details.

I do not know how deleted files could be safeguarded in this way
It's possible to patch the OS so that the "unlink()" system call always overwrites the file with zeros or something before it removes the file from the file system. That would make the system run slower at times, but that might be a worthwhile tradeoff for you. That should be a fairly easy change to make to the kernel, given that the source code is available. If you don't know how to do this and are unwilling to learn, try asking on the Net for someone to do this for you. You can probably find someone who's willing just because it's an interesting thing to do.
B. these files - the whole lot of them - could be scrubbed, wiped, obliterated (that's why it's important for them to be in a known and findable place) by their owner, without impairing the function of the applications or the system, and without disturbing similar such files for other users.
You list as criteria (to paraphrase) "without disturbing the system for others", so the kernel idea above wouldn't work. Instead, you would probably want a utility to do the same thing as the kernel idea: overwrite the file (perhaps multiple times) with junk, and then remove it. This, again, shouldn't be too hard to write, and I wouldn't be surprised if it doesn't already exist. Such things already exist for most other operating systems.... You could even make it a fancy drag-and-drop X Windows application so you just drag files to it like a Mac/Win95 "trash can" and it securely deletes the file.
C. it would be nice too if there were a way to prevent the copying of certain files, and that would include copying by backup programs (for example, I'm a Mac user and we use Retrospect to back up some of our Macintoshes; there's a feature to suppress the backing up of a particular directory by having a special character (a "bullet", or optn-8) at the beginning or end of the directory name.) But if this could be an OS-level feature, it would be stronger.
This sort of feature does not belong in the operating system because "backup" is not part of the operating system, it's an add-on. The reason that it's an add-on is because you want to allow each individual to choose their own backup solution based on their own needs, desires and preferences. I may want to use the BRU backup program, while another might prefer "afio", and a third person may be a raving "tar" fan.

The point is, it's not part of the OS, so several different backup programs have emerged, each with a different style and feature list. The price of this freedom and flexibility is that a feature like "don't back this file up" is something that each program will implement differently. It can't be part of the OS under this model, and I don't think we want to change this.

If I'm user X, and I want to get rid of my computer, or get rid of everything that's mine on the computer, I should just be able to delete all of my data files (and burn them or wipe them or otherwise overwrite that area of the disk), which I can surely do today. But in addition, I should know where to go to do the same thing with whatever system level files might be out there, currently unbeknownst to me, and be able to expunge them also, without affecting anything for anyone else.
The safest method is to erase the hard disk with a "government level wipe" program. Many of these exist for DOS -- you can create a DOS disk for the sole purpose of booting up and wiping your system. Then, install a fresh copy of the OS. This is the only way you can be sure that everything sensitive is off of the machine.

The only other option is for you to learn where all of the "individual configuration" files are kept -- that is, those files that make your setup unique. Following the security suggestions above can help, because then applications can't store something where you can't find it -- the OS won't let it, and thus everything is either under your home directory, or somewhere you put it as "root". But, you may miss a file, so the "wipe the HD" is the only foolproof method.

Good luck,
Warren -- http://www.cyberport.com/~tangent/


ANSWER: Re: How to add disk space to Red Hat 5.1?

Date: Wed, 4 Nov 1998 20:43:35 -0800 (PST)
From: R Garth Wood, rgwood@peace.netnation.com
0 init 1
1 mount your drive on /mnt **(see below)
2 cp -dpR /usr /mnt
3 umount /mnt
4 mount your drive on /usr
5 init 2
6 rejoice
** recompile your kernel. make sure you have the options needed in the HOWTO: http://sunsite.unc.edu/pub/Linux/docs/HOWTO/mini/ZIP-Drive

--
R Garth Wood


ANSWER: Re: Win95 peer-to-peer vs. Linux server running Samba

Date: Wed, 4 Nov 1998 20:36:15 -0800 (PST)
From: R Garth Wood, rgwood@peace.netnation.com

The advantages are:

--
R Garth Wood


ANSWER: Re: Single IP Address & Many Servers. Possible?

Date: Wed, 4 Nov 1998 20:27:50 -0800 (PST)
From: R Garth Wood, rgwood@peace.netnation.com

Look into the programs "redir" and "rinetd".

--
R Garth Wood


ANSWER: Re: Help Modem+HP

Date: Fri, 20 Nov 1998 03:24:36 -0800
From: "David P. Pritzkau", pritzkau@leland.Stanford.EDU

In issue 33 of the Linux Gazette you wrote:
I have already spent hours trying to fix my Supra336 PnP internal modem and my HP DeskJet 720C under Linux! The result is always the same, no communication with the modem and no page printed on the HP printer! Could someone help me, I am close to abandon!

I've had the same problem with the HP820 printer. It turns out that the '20 series printers use a protocol called PPA unlike the PCL protocols that HP uses for its other printers. Basically Windows uses software to print to these printers. Fortunately there's somebody out there who was able to figure out some of that protocol (since HP isn't releasing any info). This person created a PPA to PBM converter to allow printing under Linux. Right now you can only print in black and white, but that's better than nothing. If you are shopping for a printer and plan to use Linux, you should avoid the '20 series HP printers like the plague. Here's the URL where you can find more info about the converter and download it. It comes with sample scripts to setup the printing. Keep in mind that you must change the 'enscript' command in the scripts to 'nenscript' because enscript is a commercial program. Also take out the '-r' switch since 'nenscript' doesn't support it. Hope this helps.

http://www.rpi.edu/~normat/technical/ppa/index.html

--
David P. Pritzkau


ANSWER: Re: Suggestion for Linux security features

Date: Fri, 13 Nov 1998 11:17:18 +0100
From: Roger Irwin, irwin@mail.com

Linux already does most of what you said (example, netscape cache cookie files are kept in a .netscape file in your home that cannot be accessed by other users).

As for delete, this can easily be done by a user file that opens the file for random access and writes x's everywhere before deleting. Have seen such utilities around for virtually all platforms (as it only requires ANSI C calls, you could easily write a command that compiles onto any platform. It is slow, and could be slightly improved by being done in kernel space. If you want to try, I suggest that you start by reading Alessandro Rubini's book "Writing Linux Kernel Device Drivers". This will give you an easy and gentle introduction to programming in Kernel space. Once you have got the hang of that, you should read through the documentation for the e2fs. Then implement a simple draft version. Once you have it working, post it to the Linux Kernel development mailing list, and the kernel hackers will guide you from there.

DO NOT approach the kernel list with ideas you are thinking about doing. It is not that they are unresponsive, but there are a lot of Linux users and with a lot of ideas, they could easily be submerged. In order to avoid time wasters, they are forced to adopt a 'first show me the code' attitude. This is not a bad thing as when one starts to actually implement something (rather than dream about it) you begin to realize WHY it has not yet been done.

Once you actually have something, even a first draft that only vaguely works, you will find kernel developers very responsive and helpful.

--
Roger


Published in Linux Gazette Issue 35, December 1998


[ TABLE OF 
CONTENTS ] [ FRONT PAGE ]  Back  Next


This page maintained by the Editor of Linux Gazette, gazette@linuxgazette.net
Copyright © 1998 Specialized Systems Consultants, Inc.