Skip to main content

Posts

Showing posts from 2008

FreeBSD - Mounting Other Filesystems

Anyone who has ever worked in a networked environment running different operating systems using different filesystems knows the frustration of trying to get every computer to see the data on every other computer. Even on my multi-boot test computer, NT can't see the data on my FAT32 partition, Windows 98 can't see the data on my NTFS partition, DOS can't see data on either partition -- and these operating systems are all installed on the same hard drive. more ...

Perl's Sort Function

Under the hood, Perl's sort() function uses the quicksort algorithm, which we'll describe later in the chapter. This is a standard sorting algorithm, provided by most operating systems as qsort(3).* In Versions 5.004_05 and higher, Perl uses its own quicksort implementation instead of the one provided by the operating system. more ...

Displaying maps with OpenLayers

Google Maps gives you a quick and easy way to add maps to your Web site, but when you're using Google's API, your ability to display other data is limited. If you have your own data you want to display, or data from sources other than Google, OpenLayers, an open source JavaScript library, can give you more options. read more...

CentOS Logical Volume Backup

Metadata backups and archives are automatically created on every volume group and logical volume configuration change unless disabled in the lvm.conf file. By default, the metadata backup is stored in the /etc/lvm/backup file and the metadata archives are stored in the /etc/lvm/archive file.. more

The Kernel and Daemons

If you have arrived at UNIX via DOS or some other personal computer operating system, you will notice some big differences. UNIX is, was, and always will be a multiuser operating system. It is a multiuser operating system even when you're the only person using it. It is a multiuser operating system even when it is running on a PC with a single keyboard. And this fact has important ramifications for everything that you do. more ...

Perl: How to Set Up a UDP Server

You want to write a UDP server, First bind to the port the server is to be contacted on. With IO::Socket, this is easily accomplished: use IO::Socket; $server = IO::Socket::INET->new(LocalPort => $server_port, Proto => "udp") or die "Couldn't be a udp server on port $server_port : $@\n"; read more..

Perl : Gathering Output from a Program

The backticks are a convenient way to run other programs and gather their output. The backticks do not return until the called program exits. Perl goes to some trouble behind the scenes to collect the output, so it is inefficient to use the backticks and ignore their return value: read more...

Booting Debian in 14 seconds

This article assumes that you're already familiar with things like building kernels, applying patches and so on. The target audience is the "advanced end user", and also the Debian developers responsible for the packages concerned who I hope will be motivated to incorporate some of this work.

The AIX administrators guide to learning Linux

Most system administrators planning to install Linux® on IBM® System p® eventually run into an important question: Which Linux distribution should I install? This article compares two distributions from Red Hat and Novell, and weighs the pros and cons of each. We'll discuss Linux on POWER (LoP), the history of both distributions, the relationship IBM has with them, and the factors that should go into your decision-making process. We're also going to compare and contrast what it takes to create logical volumes on SLES and RHEL.

GCC hacks in the Linux kernel

GCC and Linux are a great pair. Although they are independent pieces of software, Linux is totally dependent on GCC to enable it on new architectures. Linux further exploits features in GCC, called extensions, for greater functionality and optimization. This article explores many of these important extensions and shows you how they're used within the Linux kernel.

know GCC 4

In the last few years, the GNU Compiler Collection (GCC) has undergone a major transition from GCC version 3 to version 4. With GCC 4 comes a new optimization framework (and new intermediate code representation), new target and language support, and a variety of new attributes and options. Get to know the major new features and their benefits.

Linux Pipes

A pipe is a communication device that permits unidirectional communication. Data written to the "write end" of the pipe is read back from the "read end." Pipes are serial devices; the data is always read from the pipe in the same order it was written. Typically, a pipe is used to communicate between two threads in a single process or between parent and child processes, more ...

Perl directories

To fully understand directories, you need to be acquainted with the underlying mechanics. The following explanation is slanted toward the Unix filesystem, for whose syscalls and behavior Perl's directory access routines were designed, but it is applicable to some degree to most other platforms.

Mailman and Exim4

I recently installed Mailman on on my server to provide a mailing list for my extended family. While in the end, I was able to scrounge up the articles I needed by searching the web, many of them were woefully outdated. Here is a short article that pulls together my research and describes in one place what is needed to get Mailman running happily under Debian etch with Exim4.

Using cron to automate maintenance

Learn how to create, schedule, and manage cron jobs and how to define timetables to control job frequency, from once per minute to once per year. Additionally, learn how to limit access to cron to prevent abuse and how to use other utilities in tandem with cron to automate common maintenance tasks. more ...

Building tiny systems with embedded NetBSD

NetBSD is an extremely flexible operating system that is designed to be portable across various architectures. This feature makes it attractive for embedded developers. In this article, I will demonstrate a process for creating a very small kernel that can boot, either to a shell prompt or to a login screen, more ...

Linux Signals

Signals are mechanisms for communicating with and manipulating processes in Linux. The topic of signals is a large one; here we discuss some of the most important signals and techniques that are used for controlling processes. A signal is a special message sent to a process. Signals are asynchronous; when a process receives a signal, it processes the signal immediately, without finishing the current function or even the current line of code.

Debian Linux Kernel Handbook

The main goal of this handbook is to serve as a single access point to all kernel-related documentation. It contains the information about the Debian packaging of Linux kernel for the Etch release of Debian (version 4.0). The latest released version is always available from http://kernel-handbook.alioth.debian.org . The work on a handbook version for Lenny (next Debian release) is currently in progress.

Upgrading a Linux Server to OpenSolaris

For years I've been using various Linux distributions for my home-based server (Web, FTP, NTP (time), DNS (name), SMB and NFS (file)). I didn't use Solaris because (1) the license ued to cost $595 for commercial use and (2) it was missing many features found in Linux (mainly modern GNU/open source software). Now that OpenSolaris is available, I've decided to convert. more ...

Monitor file system activity with inotify

Inotify is a Linux® feature that monitors file system operations, such as read, write, and create. Inotify is reactive, surprisingly simple to use, and far more efficient than, say, busy polling from a cron job. Learn how to integrate inotify into your own applications, and discover a set of command-line tools you can use to further automate system administration.

Mastering Shells and Shell Scripting

Many people use nothing but GUI tools for manipulating files, launching programs, and so on. This approach certainly has its merits—GUI tools tend to be easy to learn, and they fit the needs of some tasks, such as graphics programs, very well. There is an older method of interacting with computers, though, which still has advantages: text-based shells. They are programs that accept typed commands and respond to these commands by launching programs or performing actions. more ...

Cloud computing with Linux

Cloud computing and storage convert physical resources (like processors and storage) into scalable and shareable resources over the Internet (computing and storage "as a service"). Although not a new concept, virtualization makes this much more scalable and efficient through the sharing of physical systems through server virtualization. Cloud computing gives users access to massive computing and storage resources without their having to know where those resources are or how they're configured. As you might expect, Linux® plays a huge role. Discover cloud computing , and learn why there's a penguin behind that silver lining.

Gentoo Linux Kernel Guide

As with everything else in Gentoo Linux, the philosophy of the Gentoo Kernel team is to give you, the user, as much freedom of choice as possible. If you take a look at the output of emerge -s sources you see a large variety of kernels to choose from. In this document, I will attempt to give you a brief rundown of the goals of each of the patch sets, which we at Gentoo design, and also explain the other kernel sources we make available to you. more ..

Wireless Voice Calls Gain Encryption

The RoamAnywhere router is customer-premises equipment (CPE) that extends PBX policy and dialing plans across Wi-Fi and cellular networks to smart phones running RoamAnywhere client software. It enables location-based, seamless roaming between both types of wireless networks so that sessions aren’t interrupted when mobile users cross wireless network borders. more ...

More shell scripting techniques

If you've worked on IBM® AIX®, another flavor of UNIX®, or Linux®, you've more than likely used the vi editor. Since its conception in 1976, vi has become a staple for anyone wanting to edit files. How could someone make a more powerful editing tool than vi, you may ask? The answer is Vim, and this article provides details on the many enhancements that have made Vim a highly used and acceptable editor in the world of UNIX and Linux.

Back Up Your Files With Areca On Fedora 9

Areca is a personal file backup software developed in Java. It allows you to select files or directories to backup, filter, encrypt and compress their content, and store them on your backup location. Areca supports incremental backups and generates backup reports, which can be stored on your disk or sent by email. This guide explains how to install and use it on a Fedora 9 desktop (GNOME).

FreeBSD Porter's Handbook

The FreeBSD ports collection is the way almost everyone installs applications ("ports") on FreeBSD. Like everything else about FreeBSD, it is primarily a volunteer effort. It is important to keep this in mind when reading this document. In FreeBSD, anyone may submit a new port, or volunteer to maintain an existing port if it is unmaintained--you do not need any special commit privileges to do so.

Sun Solaris 10 on AMD

With an OS long prized by government organizations like the US Navy, US Army, Air Force Research Labels, the Department of Defense and many others, Sun has listened and learned from its government customers. Solaris 10 11/06 incorporates Sun's most advanced security features to date, many of which have been optimized for AMD architecture. more ...

Running MS Office and IE on Linux

Wine began its life in 1993 as a way to run Windows 3.1 applications in Linux. Wine may well have had the longest beta period in history at 15 years, however version 1.0 was recently released in June 2008. In this article , I show you how to install Wine, Microsoft Office 2003, and Internet Explorer using my Red Hat derivative system (CentOS 5.1) as the host. You can give your system some Wine by compiling from source code, or by installing pre-compiled binaries from your distro’s repositories.

How To Set Up A Cisco Lab On Linux

After a quick search I found the wonderful Dynamips project that goes beyond what other simulators do by running actual Cisco IOS images, as well as the PEMU project which allows for running of Cisco PIX images. To integrate the various pieces of software... more .

Getting Started With SSH

There are a few useful options you can pass to OpenSSH to increase your verbosity, compress and speed up your ssh connection, and change your SSH cipher to something faster and more secure; '-v' switch. This option will allow you to see debug output for outgoing SSH connections. Specifying '-v' multiple times increases the verbosity level (maximum level 3). more ...

Building and Installing PL/Perl

If the --with-perl option was supplied to the configure script, the PostgreSQL build process will attempt to build the PL/Perl shared library and install it in the PostgreSQL library directory. Because PL/Perl is a shared library, the libperl library must be a shared library also. A Red Hat Database installation meets these conditions; however, if you use another PostgreSQL source and have problems, more ...

The new and improved Vim editor

If you've worked on IBM® AIX®, another flavor of UNIX®, or Linux®, you've more than likely used the vi editor. Since its conception in 1976, vi has become a staple for anyone wanting to edit files. How could someone make a more powerful editing tool than vi, you may ask? The answer is Vim, and this article provides details on the many enhancements that have made Vim a highly used and acceptable editor in the world of UNIX and Linux.

ANSI C with Unix

This book is intended as a sophomore level university text book. The coverage of subject material assues that the reader has a working knowledge of higher level languages in general and is familiar with a reasonable modern program development environment. The purpose of the book is to introduce those already familiar with programming to a more system-oriented language that provides the programmer with a greater degree of freedom (and therefore responsibility).

Class::DBI Intro

When working with databases there are several solutions on CPAN that deal with Object Oriented access to database tables that either avoid completely or minimize the use of SQL. Unfortunately most of these modules have a rather large learning curve, not necessarily the module itself, but all the precursors to it. more ..

Solaris Network Administration Scripts

Here's a little script I was working on back in the college lab last month. I was facing a very trivial solaris administration problem. I've installed SXDE 1/08 on 120 systems in one of our biggest computer labs long back (more on how I did that later). Now I needed a way to do certain tasks on each of those systems like changing the boot order, changing the solaris GRUB splash image, setting the hostname for each system based on its current IP address..., more .

10 essential tricks for admins

Learn these 10 tricks and you'll be the most powerful Linux® systems administrator in the universe...well, maybe not the universe, but you will need these tips to play in the big leagues. Learn about SSH tunnels, VNC, password recovery, console spying, and more. Examples accompany each trick, so you can duplicate them on your own systems.

OpenAFS installation on Debian

The purpose of this article is to give you a straight-forward, Debian-friendly way of installing and configuring OpenAFS 1.4.x, the recommended production version of OpenAFS for UNIX. By the end of this guide, you will have a functional OpenAFS installation that will complete our solution for secure, centralized network logins with shared home directories.

The importance of UNIX in SOA environments

These are exciting times in solution architecture . . . that is, if you embrace the challenges of learning and implementing technologies such as Service-Oriented Architecture (SOA), Web services, mash-ups, portals, and the like. For business executives, project managers, sales execs, and various resource managers, SOA and the myriad of new tools and technologies about which you must make immediate business decisions may seem impossible to keep up with. The goal of this article is to explain how... more .

Ext2 Disk Data Structures

The first block in any Ext2 partition is never managed by the Ext2 filesystem, since it is reserved for the partition boot sector (see Appendix A). The rest of the Ext2 partition is split into block groups, each of which has the layout shown in Figure 17-1. As you will notice from the figure, some data structures must fit in exactly one block, while others may require more than one block. All the block groups in the filesystem have the same size and are stored sequentially, thus the kernel can derive the location of a block group in a disk simply from its integer index. more ...

What's New in FreeBSD 7.0

FreeBSD is back to its incredible performance and now can take advantage of multi-core/CPUs systems very well... so well that some benchmarks on both Intel and AMD systems showed release 7.0 being faster than Linux 2.6 when running PostreSQL or MySQL, more ...

AIX security commands

AIX provides a vast array of commands to handle user and group management. This article discusses some of these core security commands and provides a list that you can use as a ready reference. The behavior of these commands should be identical in all releases of AIX.

Using Software RAID-1 with FreeBSD

Have you ever needed a software RAID solution for a low-end server install? Perhaps you've wanted your workstation to take advantage of the redundancy provided by a disk mirror without investing in a hardware RAID controller. Has a prior painful configuration experience turned you off software RAID altogether on Unix systems? more ...

Making Computers More Human

Ever wonder why your computer doesn’t give you a hug? How about a slap on the back for a job well done? Computers have evolved over time to become effective and efficient tools, even integral parts of our daily lives. Yet there is one vital component missing—the human touch. read more..

Securing Small Networks with OpenBSD

Like almost all things in life, good security costs good money. It has to be that way, because there are simply not enough skilled security specialists to look after all of the networks that need their attention. An unfortunate result of low supply and high demand is the migration of highly skilled personnel to clients who can meet their salary requirements. This leaves a lot of small and underfunded networks in the hands of less experienced administrators, who might not know how to design, configure, and monitor these networks' safety mechanisms, leaving them vulnerable to attacks from unscrupulous people looking for inside information, free warez storage, zombie hosts for DDoS attacks, or systems they can simply destroy for fun of doing it, more ...

Firewalling with OpenBSD's PF packet filter

This lecture will be about firewalls and related functions, starting from a little theory along with a number of examples of filtering and other network traffic directing. As in any number of other endeavors, the things I discuss can be done in more than one way. Under any circumstances I will urge you to interrupt me when you need to.

Migrate device control applications from Windows to Linux

If you develop device control applications on different platforms, you know that Windows and Linux have different ways of doing device control, and migrating applications from one to the other can be a pain. In this article , we analyze how device control works in both operating systems, examining everything from architecture to system calls and focusing on the differences. We also give you a migration sample (in C/C++) to demonstrate the migration in detail.

Perl's Warn and Die Signals

This is a tutorial on using Perl's warn and die signals. It is based on a post I made some time ago, here, but covers more of the details and raises more of the pitfalls. In this tutorial I attempt to separate the warn and die signals from the OS signals, explain how they are used and what they can be used for, and explore the problems that can come up. At the end you will find a list of additional documents you should read. Note that I write this under the risky assumption that you are using Perl 5.6. This does not exclude you if you have an older version of Perl, as I believe everything holds for Perl 5.0 with the exception of -W and the warnings pragma

Wireless Security - Protect your wireless LAN

The new standard in wireless networks--802.11g--offers speed, security, and performance. It is also the most widely employed standard in corporate internal wireless LAN networks. You can transfer data at up to 54Mbps using 802.11g (which is five times the speed of older 802.11b wireless networks). And wireless LANs provide some obvious benefits: they always provide on-network connectivity, they do not require a network cable, and they actually prove less expensive than traditional networks. Wireless networks have evolved into more affordable and logistically acceptable alternatives to wired LANs. But to take advantage of these benefits, your wireless LAN needs to be properly secured. more ...

Building a Desktop Firewall

Everyone knows that you should be behind a firewall whenever you go online. However, not everyone knows that it's easy to create a personal firewall for a FreeBSD (or PC-BSD or DesktopBSD) system. This article shows how even a casual home user can get a firewall up and running in about ten minutes.

HOWTO SD and MMC card readers

Since kernel 2.6.17 there is support for a new type of SD/MMC card reader. I had trouble initially to get it working. It seems to be quite often in notebooks and is built by at least Texas Instruments, Ricoh and Toshiba. read more...

The Kernel and the utilities.

The Unix system is itself logically divided into two pieces, the kernel and the utilities. The Kernel is the heart of the Unix system and resides in the computer's memory from the time the computer is turned on and booted until the time it is shut down. read more..

Unix tutorials

These tutorials will cover some of the basic commands which are common to most of the Unix shells available and some applications. Thus, when you are finished with these tutorials, you will be able to interact with any Unix system as seamlessly as if you had a windowing system available to you.

The fork() function.

The fork() function is available on all UNIX versions of Perl, as well as the VMS and OS/2 ports. Version 5.6 of Perl support fork() on Microsoft windows platforms, but not unfortunately on Macintosh. read more...

Debugging Perl

The standard Perl distribution comes with a debugger, although it's really just another Perl program, perl5db.pl. Since it is just a program, I can use it as the basis for writing my own debuggers to suit my needs, or I can use the interface perl5db.pl provides to configure its actions. That's just the beginning, though. read more...

Bash Arrays

If you're used to a "standard" *NIX shell you may not be familiar with bash's array feature. Although not as powerful as similar constructs in the P languages (Perl, Python, and PHP) and others, they are often quite useful. read more...

Linux - Printing with CUPS

The Common Unix Printing System (CUPS) is a modern printing subsystem for Linux and Unix that replaces the hoary old Unix line-printer protocols. It runs on Unix, Linux, Mac OS, and Mac OS X, and it serves clients on nearly any platform, including Windows. more ...

Network profiles for a laptop

This article explains how to configure networking in a very pleasant way, so that it works automatically wherever you go. It is adaptable to lots of uses, and may be usefull even if you don't use Wifi but connect to multiple networks. This solution has been inspired by a tutorial that can be found in the references section at the bottom of this page. It uses three tools that integrate well with the debian network configuration:

Perl - Pair Programming

The last planning activity in XP is pair programming. Two programmers discuss what they are about to program. They write a unit test which is a formal specification. Only after their intention has been communicated to each other, do they begin the implementation. more ..

Perl PIPES

Network programming is all about interprocess communications (IPC), One process exchanges data with another. Depending on the application, the two processes may be running on the same machine, may be running on two machines on the same segment of a local area network, more ...

Perl Sorting Techniques

Sorting is a commonly needed operation in all kinds of programs. Luckily, for us perl programmers, perl provides a very simple yet extremely powerful mechanism to accomplish any sort you might think of. This article is about teaching the novice programmer how to sort lists of things, while showing to the more experienced folks certain techniques and ideas that could be new to them if they are migrating from a different language.

Object Databases

While the methods we've seen in the previous section work very well for storing and retrieving individual objects, there are times when we want to deal with a massive collection of data with the same degree of efficiency. more ...

Caches, thrashes and smashes

Even as George Gilder promises the world that bandwidth will be infinite, demand for network capacity seems to increase faster than corporate networks can deliver it. Wire speed may be cheap, but running a fat and wide pipe to every user's desk is typically beyond the financial reach of most IT organizations. Network congestion and server pile-ups haven't slaked our thirst for networked data access (possibly why we've devoted the last quarter's worth of columns to NFS-related topics).. more ..

Kernel Basics

The kernel is a program that is loaded from disk into RAM when the computer is first turned on. It always stays in RAM, and runs until the system is turned off (or crashes). Although it's mostly written in C, some parts of the kernel were written in assembly language for efficiency reasons. User programs make use of the kernel via the system call interface, more ...

Make An Iterator

The purpose of this tutorial is to give a general overview of what an iterator is, why they are useful, how to build one, and things to consider to avoid common pitfalls. It is intended to give the reader enough information to begin using iterators though a certain level of understanding is assumed. The See Also section should be researched if supplemental information is needed.

smb.conf Setup

Because Samba is supplied on the Red Hat Linux CD-ROM, we'll walk through a simple Samba setup using Red Hat Linux. When installing Red Hat Linux, you can select the software packages you want to load, as you can on most all UNIX variants. If you did not load Samba at the time you originally loaded the operating system, you can use a graphical RPM tool or rpm from the command line to load Samba or any other software. These tools were briefly discussed in the Chapter 10 covering System Administration.

Configuring Infiniband for AIX

Infiniband is an interconnect technology that breaks through the bandwidth and fanout limitations of PCI bus by switching from traditional shared bus architecture to a switched fabric architecture. It is a switched fabric I/O technology that ties together servers, storage devices, and network devices. Instead of sending data in parallel, which is what PCI does, Infiniband sends data in serial and can carry multiple channels of data at the same time in a multiplexing signal. more ..

Learn 10 more good UNIX usage habits

Bad habits are hard to break. But habits that you've just become comfortable with can be even more difficult to overcome. Sometimes, a fresh look at things may provide you with an "A-ha, I didn't know you could do that!" moment. Building on Michael Stutz's excellent article, " Learn 10 good UNIX usage habits ," this article suggests 10 more UNIX command-line commands, tools, and techniques that may make you more productive as a UNIX command-line wizard.

FreeBSD with AMD

An automounter allows the binding of a directory name to a filesystm to be delayed until the name is referenced. This can be advantageous merely to reduce the number of simultaneous mounts, but it can improve system reliability, simplify administration and provide transparent redundancy as well. Examples of automouters are autofs (supplied with Linux) and automountd (supplied with SUNOS) Amd is an advanced automounter, with great flexibility. It is the default automounter pre-installed in FreeBSD and is currently maintained for over 100 operating systems by Erez Zadok. As of the fall of 2000, it is at version 6.04. more ...

Building a Postfix Mail Server

The Linux world has many excellent programs for handling email: Sendmail, Exim, qmail, and Postfix are the top four mail transfer agents (MTAs). This chapter covers Postfix. Like most of the post-Sendmail generation of MTAs, Postfix is designed from the ground up to be secureable and robust. It scales nicely from the single user who wants more control over her personal mail all the way up to the largest service provider.

Guarddog Firewall Configuration

While Linux is more secure against an invasion over the Internet, more is not necessarily enough. A firewall, software that allows you fine-grained control over your connection in and out of your computer, is the next step in increasing security. While Linux has had built-in firewalling software for many years, configuration of that software was a combination of a lot of research and some cryptic commands.

compare SU and SUDO

One of the things that makes Linux more secure than some operating systems is a permission system and separate logins. This adds the complication that some administrative tasks must be done using the administrator login (called root) but that is a small price to pay for the added level of security, read more...

How a Unix machine boots

Ever wonder what makes a computer tick or how a UNIX® server does what it does? For those who wonder what happens when you push the power button on your computer, here's your inside look. This article discusses the different boot types, managing the IBM® AIX® bootlist, and the AIX boot sequence. After reading this article, you should have a better understanding of what exactly is happening when your server starts.

yacc and lex

yacc and lex are tools for generating language parsers. We observed in Chapter 8 that your first minilanguage is all too likely to be an accident rather than a design. That accident is likely to have a hand-coded parser that costs you far too much maintenance and debugging time—especially if you have not realized it is a parser, and have thus failed to properly separate it from the remainder of your application code. more ...

Sun Solaris for AMD64

Sun's Solaris will soon appear in a native 64-bit version for the AMD64 architecture. While you can already run the 32-bit version of Solaris x86 today, Alan Zeichick explains the significance of this new operating system release, and highlights Sun's plans to support the AMD Opteron and Athlon 64 processors.

Analyzing Malicious SSH Login Attempts

Malicious SSH login attempts have been appearing in some administrators' logs for several years. This article revisits the use of honeypots to analyze malicious SSH login attempts and see what can be learned about this activity. The article then offers recommendations on how to secure one's system against these attacks.

Linux Recovery and Boot Disk Creation

This tutorial covers the creation and useage of boot floppies for system recovery. Three recovery methods are discussed: 1- Creation / useage of a floppy with GRUB boot loader. Grub configured on floppy to point to Linux kernel on hard drive. 2- Creation / useage of a floppy with LILO on the Master Boot Record (MBR) to point to the Linux kernel on an existing hard drive for boot. This is typically done when the MBR is corrupted, overwritten by the installation of another operating system or as an alternative to configuring the hard drive MBR for dual boot, more...

Security-Enhanced Linux - SELinux

Linux® has been described as one of the most secure operating systems available, but the National Security Agency (NSA) has taken Linux to the next level with the introduction of Security-Enhanced Linux (SELinux). SELinux takes the existing GNU/Linux operating system and extends it with kernel and user-space modifications to make it bullet-proof. If you're running a 2.6 kernel today, you might be surprised to know that you're using SELinux right now! This article explores the ideas behind SELinux and how it's implemented.

LInux : Detecting Insecure Network Protocols

You want to determine if insecure protocols are being used on the network. Use dsniff. To monitor the network for insecure protocols: # dsniff -m [-i interface] [-s snap-length] [filter-expression] To save results in a database, instead of printing them: # dsniff -w gotcha.db [other options...] To read and print the results from the database: read more...

openssh with AIX chroot

Sometimes you might want to restrict users to specific directories so that they are not able to look into the whole system. This can be achieved by creating the chroot users. This article describes how to set up an IBM® AIX® chroot environment and use it with ssh, sftp, and scp. You will also learn about the prerequisites for AIX and openssh, and how to configure and use a chroot environment. A downloadable sample shell script that automatically sets up this environment is also provided.

Linux-InfraRed-HOWTO

The Linux-Infrared-HOWTO (former known as IR-HOWTO) deals with Linux and infrared devices. These are usually IrDA(TM) capable devices, but also LIRC (Linux Infrared Remote Control) is covered. Attention: the new 2.6 Kernel series contains substantial changes to the IrDA subsystem, which are not covered in detail in the HOWTO.

Automating Testing with Test::More

Test::More normally expects to be told how many tests are in the 'dot-T' file in question. But as we are actively developing our test cases, we'll use the 'no_plan' directive let it know there is no count available. So on to writing an actual test case. Test::More provides a number of functions to test your modules public interface., the general form of which is method( , , "comment"), more ...

perlpragma - how to write a user pragma

A pragma is a module which influences some aspect of the compile time or run time behaviour of Perl, such as strict or warnings . With Perl 5.10 you are no longer limited to the built in pragmata; you can now create user pragmata that modify the behaviour of user functions within a lexical scope. more ...

Linux vi and vim editor

This "vi" tutorial is intended for those who wish to master and advance their skills beyond the basic features of the basic editor. It covers buffers, "vi" command line instructions, interfacing with UNIX commands, and ctags. The vim editor is an enhanced version of vi. The improvements are clearly noticed in the handling of tags.

wireless sniffer

One of the best ways to make sure information is kept secure is to broadcast it using a published standard, and to try to make sure the signal goes as far as possible. Right? Well, maybe that isn't the best strategy after all. Unfortunately for us, the convenience of wireless access to a network means that a lot of people use a wireless network, and that means that a lot of data is being broadcast in the clear. read more..

Perl wlan-ui

wlan-ui.pl is a program to connect to wireless networks. It can be run as a GUI which will offer a list of available networks to connect to.nstallation is simple and inelegant. Copy the program file (wlan-ui.pl) to a directory on your path. Next, create a new system configuration file to reflect your system. The system configuration file is different from the options configuration file (@configfile, above). The system configuration file tells the program how to configure the wireless interface, and the options configuration file sets defaults for access points and other things.

Security of open UNIX platforms

The open UNIX operating systems FreeBSD and Linux Mandrake both have integrated shell security systems. The FreeBSD program is located in /etc/security. The Mandrake Security Package for Linux can be found in /usr/share/msec. These standard tools are similar in functionality, but they limit the file system integrity control to files with SUID and SGID flags. But Mandrake calculates MD5 file checksums differently from FreeBSD. more ...

Solaris 9 System Administrator's Evaluation Guide

This guide is designed to help System Administrators evaluate the Solaris 9 Operating Environment (OE). It includes information about what is new in the Solaris 9 platform, walks through the installation, and a test drive of the environment. The appendix also includes information about the business advantages of using the Solaris 9 OE as well as an analysis of the Solaris 9 platform compared to the competition.

UML configuration

Before describing the various configuration interfaces, I should point out that it is highly recommended to run defconfig before doing anything else. I describe exactly why later in this section, but, for now, suffice it to say that doing so will give you a UML configuration that is much more likely to boot and run. There are a variety of kernel configuration interfaces, ranging from the almost completely hands-off oldconfig to the graphical and fairly user-friendly xconfig. Here are the major choices.

Inversion lists with Perl

Inversion lists are an essential part of any Perl programmer's toolkit, especially for those who deal with ranges and Unicode. In this article , Ted explains inversion lists, illustrated by a Perl implementation that he wrote and put on the CPAN network, and shows how inversion lists can be used to compress normal data in addition to bit strings.

A brief history of /proc

Those of you who have used a UNIX system before are probably familiar with the /proc filesystem. This directory provides a view of processes running on the system. Before getting into the gory details of the Solaris implementation (see proc(4) if you're curious), I thought I would go over some of the different variants over the years. You'll have to excuse any inaccuracies presented here; this is a rather quick blog entry that probably doesn't do the subject justice. Hopefully you'll be inspired to go investigate some of this on your own. more. ..

Cron

The crontab command is used to manage cron jobs. The -l option displays the current list of jobs for the user. The following example runs the report mentioned in this chapter's introduction: [dave@sawnee dave]$ crontab -l # DO NOT EDIT THIS FILE - edit the master and reinstall. # (/tmp/crontab.9889 installed on Fri Oct 15 09:42:06 2004) # (Cron version -- $Id: crontab.c,v 2.13 1994/01/17 03:20:37 vixie Exp $) 0 20 * * fri /home/dave/acct_prod_rpt.sh read more...

Linux Apps on x64: One Codebase, Two Platforms, Great Performance

As applications become increasingly data hungry and RAM prices continue to drop, the cross-over point from 32- to 64-bit architectures is approaching quickly. Already Microsoft has announced that several of its server-based applications will be released only on x64 bit platforms in the future. Linux, with its prominent role in on servers, will be at the leading edge of this transition, and so Linux developers should be thinking now about writing new code for the 64-bit platform. Under this scenario, the 32-bit version of the software would be derived from the x64 codebase. This article discusses the salient aspects of writing apps for x64 Linux...

Perl::Tk app to manipulate pasted text on the fly

Here's a utility I built that is probably the most under-appreciated and widely used custom tool I have. I call it stringilizer. I initially built it to "stringilize" stanza-like SQL statements into nice double-quoted, vbcrlf, line-broken ASP strings, and it has since been used for about everything else you can possibly imagine. read more..

real-time Linux architectures

It's not that Linux® isn't fast or efficient, but in some cases fast just isn't good enough. What's needed instead is the ability to deterministically meet scheduling deadlines with specific tolerances. Discover the various real-time Linux alternatives and how they achieve real time—from the early architectures that mimic virtualization solutions to the options available today in the standard 2.6 kernel.

Monitoring Hard Disks with SMART

It's a given that all disks eventually die, and it's easy to see why. The platters in a modern disk drive rotate more than a hundred times per second, maintaining submicron tolerances between the disk heads and the magnetic media that store data. Often they run 24/7 in dusty, overheated environments, thrashing on heavily loaded or poorly managed machines. more ...

Multi-Boot Disk for Machines With AMD Opteron Processors

This article presents step-by-step procedures for loading the Solaris 10 OS on x86 platforms, and one or two 64-bit Linux operating systems, on machines based on 64-bit AMD Opteron processors. Installations were done on generic Opteron-based workstations and confirmed on a Sun Fire V20z server and Sun Java Workstation W1100z and W2100z workstations.

Perl : Sorting a Hash

This technique offers many variations on the same basic mechanism: you extract the keys, reorder them using the sort function, and then process the entries in the new order. Let's look at some applications. The following code simply uses sort to order the keys alphabetically...

Real time signals on Linux

The GNU libc manual documents the original POSIX specification for signal handling functions. However subsequent POSIX standards expanded this functionality and the enhancements are often referred to as "realtime signals". This implies that these so-called realtime signals have bounded/prioritised delivery times but it is unclear whether this is the case, and in fact a broader range of new functionality is introduced which is independent of real-time qualities. more ...

UNIX TCP/IP Socket Programming

A "socket" is a loose term used to describe "an end point for communication." The traditional Berkley Socket API is a set of C function calls used to support network communication. The Sockets API is not specific to TCP/IP. Therefore, developing TCP/IP network applications requires slightly more overhead of programming and understanding to account for the generic parameters of the library's function calls. Once understood, Socket programming is as easy as reading and writing to disk files. read more...

Replacing sendmail with postfix

What makes Postfix really nice as a replacement for sendmail is the fact that you can seamlessly and transparently replace sendmail using the same files you're already used to, making migration easy. Postfix supports the /var/mail/ filesystem, /etc/aliases, /etc/access, NIS, NetInfo and ~/.forward files, read more..

Perl : Messing with the Class Model

Perl's style of object orientation is often maligned, but its sheer simplicity allows the advanced Perl programmer to extend Perl's behavior in interestingand sometimes startlingways. Because all the details of Perl's OO model happen at runtime and in the openusing an ordinary package variable (@INC) to handle inheritance, for instance, or using the symbol tables for method dispatchwe can fiddle with almost every aspect of it. more ...

Hyper-Threading speeds Linux

This article gives the results of our investigation into the effects of Hyper-Threading (HT) on the Linux SMP kernel. It compares the performance of a Linux SMP kernel that was aware of Hyper-Threading to one that was not. The system under test was a multithreading-enabled, single-CPU Xeon. The benchmarks used in the study covered areas within the kernel that could be affected by Hyper-Threading, such as the scheduler, low-level kernel primitives, the file server, the network, and threaded support.

Database Programming with Perl

To connect to a database with the DBI, we need to first construct a string that identifies the database we want to connect to; this is called a data source name, or DSN. Let's assume we're going to be working with a MySQL database called "phonebill." (Simply because that's what I was working with yesterday.) The DSN for this is made up of three parts... more. ..

Server Limits for Apache Security

In this fourth part of a six-part series on Apache installation and configuration, you will learn how to set server configuration limits, prevent information leaks, and more. This article is excerpted from chapter two of Apache Security, written by Ivan Ristic (O'Reilly; ISBN: 0596007248). Copyright © 2006 O'Reilly Media, Inc. All rights reserved.

Build a Linux Home Router

Building your own router out of old spare parts has many advantages over buying a pre-made canned router by say Linksys. The biggest one by far is control over the connection. The other advantages are left up to your imagination; just about anything can be done in this scenario, it's just a matter of needing it. This guide will show you how to setup Network Address Translation (NAT) on the router (kernel and iptables), add and configure common services (Domain Name System (DNS) via dnsmasq, dhcp via dhcpcd, ADSL via ppp), and conclude with more elaborate and fun things that can be done (port forwarding, traffic shaping, proxies/caching, etc...).

Add some spice to your UNIX shell scripts

One of the strongest assets UNIX® has is the ability to make shell scripts to ease users' lives. These scripts can range from simple one-liners to several thousand lines. Many times, shell scripts evolve into menu-based scripts, and the scripter wants to display more to users than simply scrolling text. Other times, a simple line or two of output are displayed to users, and the shell scripter wants to put emphasis on a warning message. Regardless of the complexity, scripters have always needed a way to change their output to bold, underline it, reverse the highlights, and so on. That's where tput comes into play, more.. .

Calling Open

It turns out that calling open() can be tricky. This code was provided by Peter Guttmann to handle cases where the filesystem is changing underneath you. Under Unix we try to defend against writing through links, but this is somewhat difficult since the there's no atomic way to do this, and without resorting to low-level I/O it can't be done at all. What we do is lstat() the file...

Finding text with grep

You can search through multiple files for specific strings of characters and then view the resulting list of matching files on screen.You do this using grep command which stands for "global regular expression print". read more...

Types of Network Backup Solutions with linux

Broadly speaking, network backups can be performed in one of two ways: The computer that's to be backed up can initiate the backup using another system's tape drive, or the system with the tape drive can initiate the backup of another computer. I refer to the former as a client-initiated backup and the latter as a server-initiated backup. Each option has its advantages and disadvantages. This chapter discusses examples of both types of backup.

Upgrading Linux

Most Linux distributions have upgrade paths with their installation. They are, however, usually only useful for a sub-release upgrade, such as from 7.1 to 7.2 or 7.3. However, I have yet to run into one that will successfully and cleanly upgrade from one release to the next full release -- they all suggest a clean install, including Red Hat and SUSE. When migrating from one distribution to another, regardless of whether you choose install or upgrade, the process simply fails because it is unable to successfully install numerous packages. more ...

Using a Sniffer to Diagnose Firewall Problems

Many problems can be isolated by running a packet sniffer on your firewall. Our favorite is tetheral, a part of the ethereal package, because it will put the packets into a more readable form than tcpdump, which is another good option. tetheral is also handy for command line diagnosis work because it works without all the fuss of a GUI and all the "voodoo" of a more lower-level sniffer such as tcpdump. more ...

OpenBSD as a domain name server

OpenBSD is certainly a well-suited platform for running a domain name server: first and foremost, the default install always includes the latest (patched) release of Bind, saving us the bother of compiling and installing it; secondly, OpenBSD is renowned for its security, and domain name server security is at the base of the whole network security; lastly, OpenBSD is very stable, reliable, fast and easy-to-administer ...just how a domain name server should be!read more ..

Linux toolbox : System Information

This is a listing of the best problem determination tools available for Linux. The list is broken down by the categories of Process Information and Debugging, Network, System Information, Files and Object Files, Kernel, and Miscellaneous. Each tool listing includes a short description of the tool, where the tool can be obtained...

Perl's Warn and Die Signals

This is a tutorial on using Perl's warn and die signals. It is based on a post I made some time ago, here, but covers more of the details and raises more of the pitfalls. In this tutorial I attempt to separate the warn and die signals from the OS signals, explain how they are used and what they can be used for, and explore the problems that can come up.

Linux DHCP Server Configuration

Dynamic Host Configuration Protocol (DHCP) automatically assigns IP addresses and other network configuration information (subnetmask, broadcast address, etc) to computers on a network. A client configured for DHCP will send out a broadcast request to the DHCP server requesting an address. The DHCP server will then issue a "lease" and assign it to that client, more ..

Protecting SSH Servers with Single Packet Authorization

To begin, we require some information about configuration and network architecture. This article assumes you have installed the latest version of fwknop (1.0.1 at the time of this writing) on the same system where SSHD and iptables are running. You can download fwknop from www.cipherdyne.org/fwknop and install either from the source tar archive by running the install.pl script or via the RPM for RPM-based Linux distributions. read more...

Perl : Writing Extensions in C with Inline::C

Inline::C was created as an alternative to the XS system for building C extension modules. Rather than jumping through all the hoopla of h2xs and the format of an .xs file, Inline::C lets you embed C code into your Perl program. There are also Inline modules for Python, Ruby, and Java, among other languages. By default, your C source is in the _ _END_ _ or _ _DATA_ _ section of your program after a _ _C_ _ token. This permits multiple Inlined language blocks in a single file. If you want, use a here document when you load Inline. more ...

Manage Debian Linux SysRq over network Using sysrqd

Sysrqd is a tiny daemon aiming to control sysrq over network.SysRq stands for System Request, and this are functions mapped to keyboard shortcuts by the kernel. You can use them by pressing Alt+SysRq+[key] (SysRq might be named “Print Screen” on your keyboard),Permits to execute usual SysRq commands by network, like: sync, umount, reboot, poweroff, sak, term, etc. where key can be s (sync), k (sak), 0 to 9 (logging level), b (reboot), etc. read more...

Linux Terminal Server Project

The LTSP provides a simple way to utilize low cost workstations as either graphical or character based terminals on a GNU/Linux server. In a traditional office setting, there are relatively high powered Intel based PC's spread around at every desk. Each with several gigabytes of hard disk space. Users store their own data on the local hard drives and backups are rarely (if ever) performed.

Shell Curses function library

"Shell Curses" is a library of script functions that provide the shell programmer the ability to perform text-based cursor movements to specified locations on the screen. This ability permits the creation of menuing and data-entry systems using shell scripts without the need for compiled binaries. These functions are similar to the "C" language "Curses" library. more ..

Perl sockets : Communicating over TCP

You want to read or write data over a TCP connection. Sockets handle two completely different types of I/O, each with attendant pitfalls and benefits. The normal Perl I/O functions used on files (except for seek and sysseek) work for stream sockets, but datagram sockets require the system calls send and recv, which work on complete records. more ...

Monitoring With Groundwork Open Source On CentOS 5.1

Nagios is (in my opinion) one of the finest availability and monitoring solutions available. The stability, extendability and cost effectiveness (it is free under the GPL), are second to none (again, my opinion). That being said, it is far from being the easiest monitoring solution to implement. The build process itself, while not being overly complicated, can be vexing to new Linux users. That doesn't even include the configuration, which sometimes still makes me cringe. more ...

OpenLDAP installation on Debian

The purpose of this article is to give you a straight-forward, Debian-friendly way of installing and configuring OpenLDAP. By the end of this guide, you will have a functional LDAP server that will serve as a central authentication system for user logins onto all machines in the network, without the need to manually create users' accounts on individual machines.

Hacking openSUSE 10.3

Novell's openSUSE 10.3 is an exciting desktop operating environment that includes or supports nearly every program you need for work and play. But there are those last few programs and issues that make openSUSE just short of perfect. Web browser plugins for some kinds of online content; Windows Media and DVD movie playback support; and drivers for Atheros wireless devices and Nvidia and ATI video cards are the chief things holding openSUSE back for some users. This guide will help you remove as many of those barriers as possible.

Installing Fonts on Linux

One of the things I always enjoy when creating presentations, letters, videos, graphics and other documents is playing with different fonts. Fonts can change a boring text-only presentation or paper into an exciting, stylish, wild or classic experience. Yes, it is very easy to get carried away, but that is part of the fun -- trying to achieve the perfect balance between form and function. more ..

Tiny $80 SBC runs Debian Linux

KwikByte is shipping its smallest, lowest-cost single-board computer (SBC) yet. Designed for general purpose computing, embedded controls, machine vision, remote monitoring, and database/web servers, the Debian-based KB9260 measures a wee 3.1 x 3.1 inches and costs only $80 in volume. read more..

Using Python to create UNIX command line tools

If you work in IT, as a UNIX® Sysadmin, a software developer, or even a manager, there a few skills that will set you apart from the crowd. Do you fully understand the OSI model? Are you comfortable with subnetting? Do you understand UNIX permissions? Let me add to this list the humble command line tool. By the end of this article , anyone involved in IT at any capacity should be able to create at least a simple command line tool.

Fork, Exec and Process control

The fork() system call will spawn a new child process which is an identical process to the parent except that has a new system process ID. The process is copied in memory from the parent and a new process structure is assigned by the kernel. The return value of the function is which discriminates the two threads of execution. A zero is returned by the fork function in the child's process. This tutorial will cover the creation of child processes and process control using fork, exec and other C library function calls using the GNU "C" compiler on the Linux operating system.

FreeBSD 7.0 review

Here we are at the moment of truth for the FreeBSD operating system -- the 7.0 release. This is what FreeBSD users and developers have been waiting for ever since the dark days of the 5.X series when the promises of superior performance, threading, and stability fell flat. Though each release in the FreeBSD 6.X series improved markedly in quality and performance, 7.0 has been widely anticipated as the release that FreeBSD fans can have confidence in. I wish I could say that FreeBSD 7.0 lived up to the hype. more..

The Memory Management Reference

Memory allocation is the process of assigning blocks of memory on request. Typically the allocator receives memory from the operating system in a small number of large blocks that it must divide up to satisfy the requests for smaller blocks. It must also make any returned blocks available for reuse. There are many common ways to perform this, with different strengths and weaknesses. A few are described briefly here .

Linux Init Process / PC Boot Procedure

This tutorial covers the PC boot process and the Linux Operating System inititiation of background applications (daemons/services). The sequence, configuration and administration of the Linux boot process is covered. This tutorial is Red Hat and Fedora specific. Other distributions and commercial versions of UNIX often use different run level assignments and/or different script names.

Debian amd64: iceweasel with i386 plugins, outside a chroot

If you weren't already convinced that closed source sucked before, then surely the experience of trying to browse the net with an amd64 machine will have won you over; I could ponder on how much Microsoft is paying Adobe not to release a 64-bit version of their flash plugin— but why Sun is categorically refusing to address our cry for a 64-bit java plugin for mozilla based browsers for this many years is beyond me. more ...

Perl: Building Dynamic Web Pages

The simple examples in the previous sections showed how to load and use the CGI.pm module to display a very simple web page and how to examine the error logs of the web server to help debug a CGI program that doesn't display properly. The real power of CGI comes from its ability to provide dynamic content—web pages that may display different information depending on such factors as when they're called, such as the date and time in the previous example. Dynamic content also handles the requests of users that are entered by typing in text fields, clicking on so-called "radio" buttons, selecting from lists, or other ways of inputting. more ..

Setting up UUCP over SSH

UUCP is a very good way to distribute email to a domain (not just a specific individual but an entire domain, with several persons, mailing lists, aliases, etc) when the machine which serves the domain is not always connected or does not have a permanent address (dial-up with POTS or ISDN but also cable modems with dynamic IPs or frequent cut-offs). It was intended that way (unlike many hacks over SMTP) and it works, more ...

Unix: Changing UIDs and GIDs

Changing user identification numbers (UIDs) and group identification numbers (GIDs) in the IBM® AIX® operating system (AIX) isn't one of the more exciting tasks a UNIX® administrator can face. But although it's often seen as a dreadful task, it can be an essential job that an administrator must perform to keep systems in sync within the environment. Because changing UIDs and GIDs can cause serious harm to your environment, you must be careful. The most important thing is understanding what your changes do. Then, you can learn how to make the changes correctly and even automate the process with UNIX scripts.

File Sharing via NFS

The usual reason for running an NFS server is that you want to share files with other UNIX or Linux systems. You might do this to share static files, such as program binary files—for instance, you might store large programs on a server and allow computers with smaller hard disks to run those large programs via NFS. Another common use of NFS is to provide a centralized server for user changeable files—rather than place users' home directories on their own workstations, you can place them on a centralized server. read more..

Find All Global Variables with Perl

Perl 5's roots in Perl 1 show through sometimes. This is especially evident in the fact that variables are global by default and lexical only by declaration. The strict pragma helps, but adding that to a large program that's only grown over time (in the sense that kudzu grows) can make programs difficult to manage. One problem of refactoring such a program is that it's difficult to tell by reading whether a particular variable is global or lexical, especially when any declaration may have come hundreds or thousands of lines earlier. Your friends and co-workers may claim that you can't run a program to analyze your program and find these global variables, but you can! more. ..

Log file basics

A typical UNIX® or Linux® machine creates many log files during the course of its operation. Some of these contain useful information; others can be used to help you with capacity and resource planning. This article looks at the fundamental information recorded within the different log files, their location, and how that information can be used to your benefit to work out what is going on within your system.

Building an rsync Backup Server

You want users to back up their own data. But you really don't want to give users shell accounts all over the place, just so that they can do backups. You'd also like to make it easier for them to share files, again without giving all your users shell accounts. Use a dedicated PC for a central server, and run rsync in daemon mode. Users will not need login accounts on the server, and you can use rsync's own access controls and user authorization for security. more...

Make Your Application Accessible with Accerciser

You might think you need to be familiar with assistive technologies like the Orca screen reader to determine whether your application is accessible. The truth is that with just a couple simple rules and an open-source tool called Accerciser, the task at hand is fairly simple. Before you start diagnosing your application with specialized tools like Accerciser, you should ask yourself a few straightforward questions about your application.. more ...

HowTo Create an IPv6 over IPv4 Tunnel to Reach the IPv6 Internet

The Hurricane Electric IPv6 Tunnel Broker allows you to reach the IPv6 Internet by tunnelling over your existing IPv4 connection through one of their IPv6 routers. To use their service, your Ubuntu system has to be IPv6 capable. Unless you haven’t manually disabled IPv6, it should be ready to use. Make sure with: $ sudo lsmod | grep ipv6 Now, you’ll need to setup the IPv6overIPv4 tunnel. read more .

Signing and Encrypting Files

You want to sign and encrypt a file, with the results not human-readable. To sign myfile: $ gpg -s myfile To sign and encrypt myfile: gpg -e -s myfile In either case you must provide your passphrase. Add the -r option to encrypt the file with an intended recipient's public key, so only he or she can decrypt it. read more

Perl - Debug with Test Cases

Many programmers have subdirectories full of little test snippets; it's common to write a few programs to explore a feature of the language or a new library. It's also common to do this with false laziness, eyeballing output and tweaking an idea here or there. Usually that's okay, but occasionally you know you wrote code to explore something you need to know right nowif only you could find it and decipher what you were thinking. If you know how to write test cases with Perl's standard testing tools, you can end this madness and make even your experiments reusable and maintainable. read more.

Transition to AIX from Solaris

You've been working with Solaris for ten years now and, like many other companies, you have just started a large server consolidation and migration project to AIX® 6.1 from Solaris 10. Many of the commands are similar, but you need to know how to work with partitioning and virtualization. What are the partitioning differences between an IBM® and Sun server? Furthermore, what do you need to know about workload partitions (WPARs) to make a successful transition from containers? What are some of the similarities and differences between WPARs and zones, and how does the process differ from creating zones and WPARs? Finally, what can you do on the IBM System p™ that you can't do with Sun servers? These are some of the questions addressed in this article , with the objective of making your transition easier.

Attack Class: Buffer Overflows

A buffer overflow: it's an easy enough mistake to make. And as the Jargon File puts it, buffer overflows are the source of "some of the most insidious data-dependent bugs known to mankind"1 Yet buffer overflows are more than just a source of frustration for programmers. Indeed, they can create serious security holes, introducing vulnerabilities which can be exploited to achieve a denial of service or in some cases, to gain access and/or increased privileges on a system.

Perl - Messing with the Class Model

Perl's style of object orientation is often maligned, but its sheer simplicity allows the advanced Perl programmer to extend Perl's behavior in interestingand sometimes startlingways. Because all the details of Perl's OO model happen at runtime and in the openusing an ordinary package variable (@INC) to handle inheritance, for instance, or using the symbol tables for method dispatchwe can fiddle with almost every aspect of it. In this section we'll see some techniques specific to playing with the class model, but we will also examine how to apply the techniques we already know to distort Perl's sense of OO.

Building and Integrating a Small Office Intranet

Intranets have been around for a long time. They were one of the first alternate uses for World Wide Web technology back in the early 1990s. The idea of bringing a little bit of the Web experience in-house was very attractive, but integration with existing systems was difficult. Thus, a lot of intranets were nothing more than glorified bulletin boards with some user-publishing features thrown in. The landscape is different now, with open-source software ready to take most of the cost and some of the complexity away from a good intranet setup. The so-called LAMP stack provides the perfect neutral platform for integrating many different pieces of software into a single point of interaction for users. That's what we have tried to do at our company. read more..

Bourne Shell Programming

Many standard utilities (rdist, make, cron, etc.) allow you to specify a command to run at a certain time. Usually, this command is simply passed to the Bourne shell, which means that you can execute whole scripts, should you choose to do so. Lastly, Unix runs Bourne shell scripts when it boots. If you want to modify the boot-time behavior of a system, you need to learn to write and modify Bourne shell scripts.

Build your own distro.

Making your own customised Linux distro is simpler than you might think - and rewarding too. Don your overalls and hard hat, and we'll show you how to start building your ideal distro. Creating something, from a simple meal to a complex painting, is rewarding and satisfying - especially if you love the end result. The feeling of being in control, trying out new ideas and then seeing your goals realised can't be beat. This is one of the joys of computing, especially programming, with the open source world a constant generator of code, concepts and communities to build upon. And creating your own customised Linux distro, however difficult it may seem initially, is one of the best ways to combine creativity with technical learning.

IPv6 Operating Systems

This section contains a detailed description of the capabilities of integrated operating system IPv6 stacks. Information contained on the individual operating systems is marked as either Tested or Documentation according to the source of the information. Emphasis is put on obtaining information from the first category as the second contains more-or-less unverified content based on vendor documentation.

Perl Sorting Techniques

Sorting is a commonly needed operation in all kinds of programs. Luckily, for us perl programmers, perl provides a very simple yet extremely powerful mechanism to accomplish any sort you might think of. This article is about teaching the novice programmer how to sort lists of things, while showing to the more experienced folks certain techniques and ideas that could be new to them if they are migrating from a different language. read more.

Linux kernel patch format

Most Linux kernel submissions are merged into the kernel source code repository by script. These instructions describe the proper format for emailed kernel patch submissions, to ensure that submittors and maintainers waste a minimum amount of time on these details. more ...

Installing MINIX 3

This document explains how to install MINIX 3.1.2. A complete MINIX 3 installation requires a Pentium (or compatible) with at least 16-MB of RAM, 1 GB of free disk space, an IDE or USB CD-ROM, and an IDE hard disk. A minimal installation (without the commands sources) requires 8 MB RAM and 50 MB of disk. SCSI disks are not supported at present.

How System Calls Are Implemented on i386 Architecture?

Native Linux programs use int 0x80 whilst binaries from foreign flavours of UNIX (Solaris, UnixWare 7 etc.) use the lcall7 mechanism. The name 'lcall7' is historically misleading because it also covers lcall27 (e.g. Solaris/x86), but the handler function is called lcall7_func. When the system boots, the function arch/i386/kernel/traps.c:trap_init() is called which sets up the IDT so that vector 0x80 (of type 15, dpl 3) points to the address of system_call entry from arch/i386/kernel/entry.S. read more .

The unix library: Unix system calls

The unix library (distributed in contrib/libunix) makes many Unix system calls and system-related library functions available to Caml Light programs. This chapter describes briefly the functions provided. Refer to sections 2 and 3 of the Unix manual for more details on the behavior of these functions. Not all functions are provided by all Unix variants. If some functions are not available, they will raise Invalid_arg when called.

RESTORE-EE (Enterprise Edition) User Manual

This manual is part reference and part tutorial, meaning that you can look to it for everything from the simple questions of , “What does this icon do?” to the more involved questions, like “How do I schedule e-mail notifications?” Your experience with Restore will depend on your privileges on the Restore system. The administrator for the system will have a few extra capabilities that a standard user will not.

IO Memory Access

Unlike on most typical embedded systems, accessing I/O memory on Linux cannot be done directly. This is due to the wide range of different memory types and maps present on the wide range of processors on which Linux runs. To access I/O memory in a portable manner, you must call ioremap() to gain access to a memory region and iounmap() to release access. read more.

Networking scalability on high-performance servers

The proliferation of high-performance scalable servers has added a new level of complexity to networking and system performance. In this article , learn how to optimize your multi-node, high-performance Linux® system as it uses system board gigabit Ethernet adapters from 1 to 4 nodes. Take a look at problematic networking scalability situations and get tips on how to avoid the pitfalls.

System Call Handler and Service Routines

When a User Mode process invokes a system call, the CPU switches to Kernel Mode and starts the execution of a kernel function. As we will see in the next section, in the 80 x 86 architecture a Linux system call can be invoked in two different ways. The net result of both methods, however, is a jump to an assembly language function called the system call handler. Because the kernel implements many different system calls, the User Mode process must pass a parameter called the system call number to identify the required system call; the eax register is used by Linux for this purpose. As we'll see in the section "Parameter Passing" later in this chapter, additional parameters are usually passed when invoking a system call.

Perl : Administering Your Database

Database administration encompasses such tasks as installing and configuring the DBMS, backing up the data, adding users and setting their various permissions, applying updates or new capabilities to the system, and similar tasks. If you just have yourself and a fairly small lab to deal with, it's not too bad. But organizations often hire one or more database administrators to do this work full time; even a smallish project, if it's critical and the budget exists, can benefit from the attention of a professional database administrator. read more.

Kernel Extensions and Device Support Programming Concepts

The virtual file system is an abstraction of a physical file system implementation. It provides a consistent interface to multiple file systems, both local and remote. This consistent interface allows the user to view the directory tree on the running system as a single entity even when the tree is made up of a number of diverse file system types. The interface also allows the logical file system code in the kernel to operate without regard to the type of file system being accessed. For more information on the logical file system. read more.

Unix system calls.

System calls are functions that a programmer can call to perform the services of the operating system. There are several online books that describe them at some length, for example Programming in C. Unix manual pages are probably the first stop. They are often referred to as "man pages," because they are accessed with the man command. The manual pages are divided into eight sections. They are organized as follows: read more

the second extended filesystem

When Linus was first creating Linux, he used the Minix filesystem. This served initial development well but soon there was a need for something bigger and better. In April 1992, the Extended File System was created. Although solving the problems of Minix, it had problems of it's own so a successor was created. This new filesystem was known as the Second Extended File System or Ext2 FS (or EXT2). read more.

How to reverse a (Unicode) string.

You have written some Perl scripts already, and when somebody asks you how to reverse a string, you'll answer: "That's easy, just call reverse in scalar context". And of course, you're right - if you're only considering ASCII chars. But suppose you have an UTF-8 environment: read more.

Set Up PC-BSD v1.4 beta

This document describes how to set up PC-BSD v1.4 beta. PC-BSD is released under the BSD license. This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

How To Compile A Kernel - Debian Etch

Each distribution has some specific tools to build a custom kernel from the sources. This article is about compiling a kernel on a Debian Etch system. It describes how to build a custom kernel using the latest unmodified kernel sources from www.kernel.org (vanilla kernel) so that you are independent from the kernels supplied by your distribution. It also shows how to patch the kernel sources if you need features that are not in there.

How To Install And Use The djbdns Name Server On Debian

djbdns is a very secure suite of DNS tools that consists out of multiple parts: dnscache, a DNS cache that can be used in /etc/resolv.conf instead of your ISP's name servers and that tries to sort out wrong (malicious) DNS answers; axfrdns, a service that runs on the master DNS server and to which the slaves connect for zone transfers; and tinydns, the actual DNS server, a very secure replacement for BIND. more ...

SSH: Best Practices

Are you using SSH in the best way possible? Have you configured it to be as limited and secure as possible? The goal of this document is to kick in the new year with some best practices for SSH: why you should use them, how to set them up, and how to verify that they are in place. All of the examples below assume that you are using EnGarde Secure Linux but any modern Linux distribution will do just fine since, as far as I know, everybody ships OpenSSH.

Basic Linux Tips and Tricks

This article is intended for people who have some computer expertise, even if it's Windows-only. At a minimum, you should be comfortable with the MS-DOS command line in Windows and have done a bit of Windows Registry editing to give you some experience with configuration files.

Installation and development

Welcome to the next step in studying for the Linux certification exam 301. This tutorial series serves as a comprehensive self-study guide so you can take the exams with confidence. And even if you're not preparing for Linux certification at this time, this series helps you build fundamental skills on Linux systems administration. In this tutorial (the second in a series of six tutorials on exam 301 topics), Sean Walberg walks you through installing and configuring a Lightweight Directory Access Protocol (LDAP) server, and writing some Perl scripts to access the data. By the end of this tutorial, you'll know about LDAP server installation, configuration, and programming.

Hunting Linux at CES

So what's new with Linux at CES this year? That's our question. If you have the answers, let's have 'em. Because we'll be there on a Linux Hunt, just like we are every year. The difference this time is that we'd like to make this a Team Thing. read more.

Building a Home File Server

Setting up a file server doesn't need to be complicated. With three desktop machines (Kubuntu, Win XP and a testbed, which is currently running ReactOS) and a laptop (Xubuntu) in use at home, our IT is reaching small office proportions, and like many small offices, we run into file sharing problems. Peer-to-peer networking is fine when all the machines are on, but inevitably it happens that the file I want is on a PC that isn't running. Even worse, it be on my testbed machine that is currently in pieces or undergoing yet another upgrade. So, we need an always-on server that any of us can access any time, but if it is always on, it needs to be quiet, reliable and cheap to run. These requirements rule out Pentium 4 (too hot and power-hungry) and Windows (needs rebooting too often). Fortunately, I just happen to have a Pentium III of no great distinction that sports a massive passive cooler, and I'm a bit of a Linux enthusiast. Apart from stability, Linux has several other adv...

Explore Ubuntu Mobile and Embedded

Ubuntu is a great server and desktop distribution for the GNU/Linux® operating system, but did you know that it's also ideal for handheld and mobile embedded devices? Ubuntu's latest release, Gutsy Gibbon, now includes support for the embedded and mobile spaces with the Ubuntu Mobile and Embedded (UME) project. Get to know the UME project, and find out how to get started. read more .