Archive

Posts Tagged ‘linux’

CVE-2010-3081: 64bit Linux Kernel Root Exploit

September 20th, 2010 1 comment

Well its been a heavy week on the security front, first up is a Linux root exploit for 64bit Machines.

A vulnerability in the 32-bit compatibility layer for 64-bit systems was reported. It is caused by insecure allocation of user space memory when translating system call inputs to 64-bit. A stack pointer underflow can occur when using the “compat_alloc_user_space” method with an arbitrary length input.

What does that mean? Essentially, some sanity checks in the compat_alloc_user_space function to check the length and ensure that the pointer to the block of memory is within the user-space of the process is valid was missing. The fix has already been committed but if you are running any x64 versions of Linux, make sure you update your Kernel – especially now that the exploit code is publicly available!

Read up on the exploit by Jeff Arnold from Ksplice and use this very useful CVE-2010-3081 high-profile exploit detection tool to determine if you’re boxens are already compromised.

Of particular note from his article is the breadth of exploitable distributions – see the references below for vendor specific information:

This vulnerability was introduced into the Linux kernel in April 2008, and so essentially every distribution is affected, including RHEL, CentOS, Debian, Ubuntu, Parallels Virtuozzo Containers, OpenVZ, CloudLinux, and SuSE, among others. A few vendors have released kernels that fix the vulnerability if you reboot, but other vendors, including Red Hat, are still working on releasing an updated kernel.

After downloading and running the tool under a non-sudo account, you should cheerfully get the following output.

thushan@dingo:~/tmp$ ./diagnose-2010-3081
Diagnostic tool for public CVE-2010-3081 exploit -- Ksplice, Inc.
(see http://www.ksplice.com/uptrack/cve-2010-3081)

$$$ Kernel release: 2.6.32-23-server
!!! Not a RHEL kernel, will skip LSM method
$$$ Backdoor in LSM (1/3): not available.
$$$ Backdoor in timer_list_fops (2/3): checking...not present.
$$$ Backdoor in IDT (3/3): checking...not present.

Your system is free from the backdoors that would be left in memory by the published exploit for CVE-2010-3081.
thushan@dingo:~/tmp$

If not, its time to put those security drills into action!

References

{lang: 'en-GB'}
Share

Oracle releases VirtualBox 3.2

May 20th, 2010 1 comment

With the Sun now set, Oracle has released VirtualBox 3.2 finally 🙂 In particular some lovely optimisations for the newer Intel Core i5/i7 processors, Large  Page support (which helps significantly on Windows x64 and Linux) as well as a very welcome optimisation on the networking in VirtualBox as well as multi-monitor support for Windows Guests. Whats more RDP sessions are now accelerated (VRDP).

Amongst the changes from the changelog:

This version is a major update. The following major new features were added:

  • Following the acquisition of Sun Microsystems by Oracle Corporation, the product is now called Oracle VM VirtualBox and all references were changed without impacting compatibility
  • Experimental support for Mac OS X guests (see the manual for more information)
  • Memory ballooning to dynamically in- or decrease the amount of RAM used by a VM (64-bit hosts only) (see the manual for more information)
  • Page Fusion automatically de-duplicates RAM when running similar VMs thereby increasing capacity. Currently supported for Windows guests on 64-bit hosts (see the manual for more information)
  • CPU hot-plugging for Linux (hot-add and hot-remove) and certain Windows guests (hot-add only) (see the manual for more information)
  • New Hypervisor features: with both VT-x/AMD-V on 64-bit hosts, using large pages can improve performance (see the manual for more information); also, on VT-x, unrestricted guest execution is now supported (if nested paging is enabled with VT-x, real mode and protected mode without paging code runs faster, which mainly speeds up guest OS booting)
  • Support for deleting snapshots while the VM is running
  • Support for multi-monitor guest setups in the GUI for Windows guests (see the manual for more information)
  • USB tablet/keyboard emulation for improved user experience if no Guest Additions are available (see the manual for more information).
  • LsiLogic SAS controller emulation (see the manual for more information)
  • RDP video acceleration (see the manual for more information)
  • NAT engine configuration via API and VBoxManage
  • Use of host I/O cache is now configurable (see the manual for more information)
  • Guest Additions: added support for executing guest applications from the host system (replaces the automatic system presimparation feature; see the manual for more information)

Download from VirtualBox or get the Windows build. I’m really hoping the good Oracle keeps VirtualBox open, this is one kickass bit of kit.

{lang: 'en-GB'}
Share

Ubuntu 10.04 and getting Sun JRE instead of OpenJDK

May 2nd, 2010 1 comment

If you’ve downloaded the latest Ubuntu 10.04 Lucid Lynx you’d realise that they ship with the OpenJDK instead of the Sun (Oracle) JRE. The Ubuntu team has decided to move the Sun Java bits to the partner repository which means we need to do a couple of things prior to getting it through apt-get.
First add the repository to your /etc/apt/sources.list via the add-apt-repository command, then do a full update.

$ add-apt-repository "deb http://archive.canonical.com/ lucid partner"
$ apt-get update

Then lets install the Sun JRE & JDK as required.

$ apt-get install sun-java6-jre sun-java6-plugin sun-java6-fonts
$ apt-get install sun-java6-jdk

Once installed you can verify the correct JRE is installed with:

$ java -version

I have to say, this release of Ubuntu is incredibly refreshing 🙂 Its matured so well in a short period of time, its definitely got the Lynx Effect(NSFW).

{lang: 'en-GB'}
Share

VirtualBox 3.1 released!

December 1st, 2009 No comments

Just when you thought you can start a new month without some new software, Sun has blessed the world with a ray of VirtualBox 3.1 goodness on us all! All hail the Sun. I’ve been using the Betas and trying out the spanking awesome Teleportation feature in VirtualBox 3.1. So lets take a bit of a look at the new grub.

Beam me up Scotty!

You know, people say the catch phrase thinking its from Star Trek, but did you know that it was never actually mentioned in any episode?

Teleportation or ‘Live Migration‘ in Xen/KVM  or vMotion in VMWare allows you to move a running virtual machine to another host without any downtime. Sun brings us this ‘Enterprise’ feature to VirtualBox. Whats even cooler, is that you can teleport your running VM on different host platforms (Windows -> OpenSolaris or Linux, vice versa) but not from one hardware set (Intel) to another (AMD) unless they both have the same instruction-sets. The transport layer for the teleportation is TCP/IP, so as long as the agreed port is open and accessible you can even teleport it through the tubes! (assuming you have a fast link like those pesky Dutch)

There are a few conditions and caveats as I’ve found. Firstly you must ensure (as you’d expect) the target VM has to have the exact same configuration as the source VM (same RAM, graphics memory, storage, CD/DVD images etc) the other thing is to be weary of the CPUs the host computer has. As long as its between the same generations (different clock speeds are OK) it should work (I tried between a QX6850 -> E6600 but QX6850->AMD X2 4600+ wasn’t so pretty!).

Once you’ve configured the target host to match the source host, time to ask VirtualBox to keep its eyes open for an incoming beam.

VBoxManage modifyvm [VirtualMachineName] --teleporter on --teleporterport [Port]

Then on the source host, send out the beams to initiate the teleportation:

VBoxManage controlvm [VirtualMachineName] teleport --host [TargetIP] --port [Port]

Give it some time to think and if you tried a localhost migration, it should migrate seamlessly 🙂

Scotty doesn’t know

Scotty doesn’t know about the other little changes, but you will. The new VirtualBox has lots of refinements in the UI. For one, new icons for all the Guest operating systems. The settings window has had a make over and includes ‘optimal settings’ detection.

Windows 2003 VM in VirtualBox 3.1

Windows 2003 VM in VirtualBox 3.1

Here its telling me my Windows 2003 VM should have atleast 20Mb Video Memory assigned to it to work well in full-screen mode. Heading over to the Display options in VirtualBox 3.1 we find that the Video Memory selectors have got little indicators now, as well as the inclusion of 2D Video Acceleration.

Windows 2003 VM - VirtualBox 3.1 Display Settings

Windows 2003 VM - VirtualBox 3.1 Display Settings

Depending how ever many cores you have, it will highlight what you should set as the maximum number of cores available for your VirtualMachine as well as the recommended RAM allocation. This is what I see in my Intel QX6850 development workstation.

VirtualBox 3.1 System Processor Settings

VirtualBox 3.1 System Processor Settings

VirtualBox 3.1 - Motherboard Settings

VirtualBox 3.1 - Motherboard Settings

VirtualBox now also has experimental support for Extensible Firmware Interface (EFI) which will eventually replace the aging BIOS bootstrap (which is the default). Well known operating systems that boot via EFI include Windows Vista and Windows 7, Apple OS X and Fedora 11+.

The Storage controls in VirtualBox GUI has also had a bit of a make over. The options to select a disk and a controller have changed, CD/DVD drives can be attached to an arbitrary IDE controller too now!

VirtualBox 3.1 - Storage

VirtualBox 3.1 - Storage

The networking settings GUI in the new VirtualBox has change too, not only that but you can now configure the network interfaces whilst the guest is running – YAY!

VirtualBox 3.1 Network Settings

VirtualBox 3.1 Network Settings

Snapshots are a lot more flexible in this release (much like VMWare’s snapshot feature). Previously you can only restore from the last created snapshot, now any arbitrary snapshot can be restored too or branched off.

For those who use OpenSolaris (like yours truely!) the rewritten USB support (still experimental btw!) should mean we can interact with our USB devices in Solaris Nevada 124 or higher now – I’m running 127 and have USB devices appearing in my VMs.

If those don’t give you any indication on to the pure awesomeness of this release, there was a significant performance improvement for APE & AMD64 guests (VT-x/AMD-V) which will be quite noticeable from what I’ve been told by a college.

As Barack Obama said, tis time for a change..log.

He didn’t say that, I just reused 36 Mafia’s Lolli Lolli. The entire change log appears below from the website.

VirtualBox 3.1.0 (released 2009-11-30)

This version is a major update. The following major new features were added:

  • Teleportation (aka live migration); migrate a live VM session from one host to another (see the manual for more information)
  • VM states can now be restored from arbitrary snapshots instead of only the last one, and new snapshots can be taken from other snapshots as well (“branched snapshots”; see the manual for more information)
  • 2D video acceleration for Windows guests; use the host video hardware for overlay stretching and color conversion (see the manual for more information)
  • More flexible storage attachments: CD/DVD drives can be attached to an arbitrary IDE controller, and there can be more than one such drive (the manual for more information)
  • The network attachment type can be changed while a VM is running
  • Complete rewrite of experimental USB support for OpenSolaris hosts making use of the latest USB enhancements in Solaris Nevada 124 and higher
  • Significant performance improvements for PAE and AMD64 guests (VT-x and AMD-V only; normal (non-nested) paging)
  • Experimental support for EFI (Extensible Firmware Interface; see the manual for more information)
  • Support for paravirtualized network adapters (virtio-net; see the manual for more information)

In addition, the following items were fixed and/or added:

  • VMM: guest SMP fixes for certain rare cases
  • GUI: snapshots include a screenshot
  • GUI: locked storage media can be unmounted by force
  • GUI: the a log window grabbed all key events from other GUI windows (bug #5291)
  • GUI: allow to disable USB filters (bug #5426)
  • GUI: improved memory slider in the VM settings
  • GUI: the VirtualBox website couldn’t be opened from the help menu (bug #4559)
  • 3D support: major performance improvement in VBO processing
  • 3D support: added GL_EXT_framebuffer_object, GL_EXT_compiled_vertex_array support
  • 3D support: fixed crashes in FarCry, SecondLife, Call of Duty, Unreal Tournament, Eve Online (bugs #2801, #2791)
  • 3D support: fixed graphics corruption in World of Warcraft (#2816)
  • 3D support: fixed Final frame of Compiz animation not updated to the screen (#4653)
  • 3D support: fixed incorrect rendering of non ARGB textures under compiz
  • iSCSI: support iSCSI targets with more than 2TiB capacity
  • VRDP: fixed occasional VRDP server crash (bug #5424)
  • Network: fixed the E1000 emulation for QNX (and probably other) guests (bug #3206)
  • NAT: added host resolver DNS proxy (see the manual for more information)
  • VMDK: fixed incorrectly rejected big images split into 2G pieces (bug #5523, #2787)
  • VMDK: fixed compatibility issue with fixed or raw disk VMDK files (bug #2723)
  • VHD: fixed incompatibility with Hyper-V
  • Support for Parallels version 2 disk image (HDD) files; see the manual for more information
  • OVF: create manifest files on export and verify the content of an optional manifest file on import
  • OVF: fixed memory setting during import (bug #4188)
  • Mouse device: now five buttons are passed to the guest (bug #3773)
  • VBoxHeadless: fixed loss of saved state when VM fails to start
  • VBoxSDL: fixed crash during shutdown (Windows hosts only)
  • X11 based hosts: allow the user to specify their own scan code layout (bug #2302)
  • Mac OS X hosts: don’t auto show the menu and dock in fullscreen (bug #4866)
  • Mac OS X hosts (64 bit): don’t interpret mouse wheel events as left click (bug #5049)
  • Mac OS X hosts: fixed a VM abort during shutdown under certain conditions
  • Solaris hosts: combined the kernel interface package into the VirtualBox main package
  • Solaris hosts: support for OpenSolaris Boomer architecture (with OSS audio backend).
  • Shared folders: VBOXSVR is visible in Network folder (Windows guests, bug #4842)
  • Shared folders: performance improvements (Windows guests, bug #1728)
  • Windows, Linux and Solaris Additions: added balloon tip notifier if VirtualBox host version was updated and Additions are out of date
  • Solaris guests: fixed keyboard emulation (bug #1589)
  • Solaris Additions: fixed as_pagelock() failed errors affecting guest properties (bug #5337)
  • Windows Additions: added automatic logon support for Windows Vista and Windows 7
  • Windows Additions: improved file version lookup for guest OS information
  • Windows Additions: fixed runtime OS detection on Windows 7 for session information
  • Windows Additions: fixed crash in seamless mode (contributed by Huihong Luo)
  • Linux Additions: added support for uninstalling the Linux Guest Additions (bug #4039)
  • Linux guest shared folders: allow mounting a shared folder if a file of the same name as the folder exists in the current directory (bug #928)
  • SDK: added object-oriented web service bindings for PHP5

Overall this is a solid new release from Sun – unsure about its stability as I’ve only been running a few VMs (Windows 2003, CentOS and Fedora 12) for about 10-12hrs. Nothing bad as yet.

Download from the VirtualBox site:

  • VirtualBox 3.1.0 for Windows hosts x86/amd64
  • VirtualBox 3.1.0 for Solaris and OpenSolaris hosts x86/amd64

Enjoy!

{lang: 'en-GB'}
Share

Google releases ChromeOS

November 20th, 2009 No comments

Google just released information and a presentation (below) about ChromeOS.

Wow, you can take a peek at the source as well. I’m not sure if its just a very tweaked minimalistic Linux Kernel with a Chrome Window Manager or what, but like they did with Chrome, this is definitely a Think Different product. Take a look at a visual tour of the ChromeOS.

I don’t think this will replace your traditional desktop completely (I still like to have my stuff with me rather than hosted somewhere!) but what happens to devices, peripherals etc, development environments (Imagine running Visual Studio over the intertubes on ADSL!) etc.

But one things for sure, it takes the idea of Operating Systems and how you view your operating system to a different level. All those tabs you see in Chrome now, are virtual desktop like instances in ChromeOS. More info can be got from the PCWorld article on ChromeOS.

{lang: 'en-GB'}
Share

Fedora 12 released

November 18th, 2009 No comments

It only feels last last month Fedora 11 was released, alas Fedora 12 is out now. Read about the changes and updates found in Fedora 12 or maybe just view the summary or a full list if your ubber keen.

Amongst the many changes, important ones to forward to (from the release notes):

* Optimized performance - All software packages on 32-bit (x86_32)
  architecture have been compiled for i686 systems, with special
  optimization for the Intel Atom processors used in many netbooks,
  but without losing compatibility with the overwhelming majority of
  CPUs.

* Smaller and faster updates - In Fedora 11, the optional yum-presto
  plugin, developed by Fedora contributor Jonathan Dieter, reduced
  update size by transmitting only the changes in the updated
  packages. Now, the plugin is installed by default. Also, RPMs now
  use XZ rather than gzip for compression, providing smaller package
  sizes without the memory and CPU penalties associated with
  bzip2. This lets us fit more software into each Fedora image, and
  uses less space on mirrors, making their administrators' lives a
  little easier. Thanks to the Fedora infrastructure team for their
  excellent work in setting up the infrastructure to generate delta
  RPMs on the fly for all the updates.

* NetworkManager broadband and other enhancements - NetworkManager,
  originally developed by Red Hat's Dan Williams, was introduced in
  Fedora 7 and has become the de facto network configuration solution
  for distributions everywhere. Enhancements to NetworkManager make
  both system-wide connections and mobile broadband connections easier
  than ever. Bluetooth PAN support offers a simple click through
  process to access the Internet from your mobile
  phone. NetworkManager can now configure always-on and static address
  connections directly from the desktop. PolicyKit integration has
  been added so configuration management can be done via central
  policy where needed. IPv6 support has also been improved.

* Next-generation (Ogg) Theora video - For several years, Theora, the
  open and free format not encumbered by known patents has provided a
  way for freedom-loving users to share video. Fedora 12 includes the
  new Theora 1.1, which achieves very high quality comparable to
  H.264, meeting the expectations of demanding users with crisp,
  vibrant media in both streaming and downloadable form. Thanks to the
  work of the Xiph.Org Foundation's Christopher "Monty" Montgomery,
  sponsored by Red Hat, other Xiph developers and the contribution of
  Mozilla.org, Theora videos now deliver much better quality primarily
  via enhancements in the encoder without any change in the format,
  making it available to all Theora users. Using Theora video and
  Vorbis audio formats, Firefox 3.5 and applications using the
  Gstreamer multimedia framework can deliver free media on the web out
  of the box even better than the previous release of Fedora. Theora
  is being rapidly adopted by several popular websites including
  Wikipedia, VideoPress and DailyMotion. Fedora Project is proud to
  support communities of free culture and open content as part of our
  mission. More details at
  http://hacks.mozilla.org/2009/09/theora-1-1-released/

* Graphics support improvements - Fedora 12 introduces experimental 3D
  support for AMD Radeon HD 2400 and later graphics cards. To try it
  out, install the mesa-dri-drivers-experimental package. On many
  cards, this support should allow desktop effects to be used. Kernel
  mode setting (KMS) support, which was introduced on AMD hardware in
  Fedora 10 and extended to Intel hardware in Fedora 11, is now
  extended to NVIDIA hardware as well, meaning the great majority of
  systems now benefit from the smooth, fully-graphical startup
  sequence made possible by KMS. The Fedora graphical startup sequence
  now works better on systems with multiple monitors. Also on multiple
  monitor systems, the desktop will now automatically be spread across
  all monitors by default, rather than having all monitors display the
  same output, including on NVIDIA chips (where multiple monitor
  spanning was not possible without manual configuration changes in
  Fedora 11). Systems with NVIDIA graphics chips also gain initial
  support for suspend and resume functionality via the default Nouveau
  driver. Initial support for the new DisplayPort display connector
  has been added for Intel graphics chips. Support for Nvidia and ATI
  systems is already under rapid development and will be included in
  the next release of Fedora. Thanks to the Red Hat Xorg team
  including Adam Jackson (X server), Kristian Høgsberg (Intel driver),
  Dave Airlie and Jerome Glisse (Radeon driver for AMD), and Ben
  Skeggs (Nouveau driver for NVIDIA).

* Virtualization improvements - Not content with all the improvements
  in Fedora 11, we've kicked virtualization based on KVM up another
  notch in Fedora 12. There are extensive improvements in performance,
  management, and resource sharing, and still more security
  enhancements. A new library (libguestfs) and an interactive tool
  (guestfish) are now available for directly accessing and modifying
  virtual machine disk images. Richard W.M. Jones from Red Hat's
  virtualization team has a list of extensive virtualization tools
  available and coming up for Fedora at
  http://rwmj.wordpress.com/2009/10/20/fedora-virt-commands/ 

* Automatic reporting of crashes and SELinux issues - Abrt, a tool to
  help non-power users report crashes to Bugzilla with a few mouse
  clicks, is now enabled by default. Abrt collects detailed
  information automatically and helps developers identify and resolve
  issues faster, improving the quality of individual upstream
  components and Fedora. The SELinux alert monitoring tool has also
  added the ability to report SELinux issues to Bugzilla quickly and
  easily with just a couple of clicks.

* New Dracut initrd generation tool - Up until Fedora 11, the boot
  system (initial ram disk or initrd) used to boot Fedora was
  monolithic, very distribution specific, and didn't provide much
  flexibility. This has been replaced with Dracut, an initial ram disk
  generation tool with an event-based framework designed to be
  distribution-independent. Dracut has been also adopted by OLPC which
  uses Fedora; OLPC modules for Dracut are available in the Fedora
  repository. Thanks to the Dracut team, including Harald Hoyer,
  Jeremy Katz, Dave Jones, and many others.

* PackageKit plugins - PackageKit now has a plugin which can install
  an appropriate package when a user tries to run a command from a
  missing package. Another new plugin allows installation of software
  packages from a web browser. Thanks to Red Hat's Richard Hughes and
  the PackageKit team.

* Bluetooth on-demand - Bluetooth services are automatically started
  when needed and stopped 30 seconds after last device use, reducing
  initial startup time and resource use when Bluetooth is not in
  active use. Thanks to Red Hat's Bastien Nocera.

* Moblin graphical interface for netbooks - In additional to special
  compiler optimization for netbooks in this release and the continued
  integration of Sugar interface, the Moblin graphical interface and
  applications are fully integrated thanks to Peter Robinson, a Fedora
  Project volunteer, and others. Collaboration between the Moblin
  project and Fedora was accelerated since Moblin itself is largely
  based on Fedora. To use it, just install the Moblin Desktop
  Environment package group using yum or the graphical software
  management tools, and choose Moblin from the login manager. A Moblin
  Fedora Remix (installable Live CD) for Fedora 12 will also be
  available.

* PulseAudio enhancements - Red Hat's Lennart Poettering and several
  others have made significant improvements to the PulseAudio
  system. Improved mixer logic makes volume control more fine-grained
  and reliable. Integration with the Rygel UPnP media server means you
  can stream audio directly from your system to any UPnP / DLNA
  client, such as a Playstation 3. Hotplug support has been made more
  intelligent, so if you configure a device as the default output for
  a stream, unplug that device -- causing the stream(s) to be moved to
  another output device -- and later reattach it, the stream is moved
  back to the preferred device. Finally, Bluetooth audio support means
  pairing with any Bluetooth audio device makes it available for use
  through PulseAudio.

* Lower process privileges - In order to mitigate the impact of
  security vulnerabilities, permissions have been hardened for many
  files and system directories. Also, process privileges have been
  lowered for a number of core components that require super user
  privileges. Red Hat's Steve Grubb has developed a new library,
  libcap-ng, and integrated it into many core system components to
  improve the security of Fedora.

* SELinux sandbox - It is now possible to confine applications' access
  to the system and run them in a secure sandbox that takes advantage
  of the sophisticated capabilities of SELinux. Dan Walsh, SELinux
  developer at Red Hat, explains the details at
  http://danwalsh.livejournal.com/31146.html 

* Open Broadcom firmware - The openfwwf open source Broadcom firmware
  is included by default. This means wireless networking will be
  available out of the box on some Broadcom chipsets. 

* Hybrid live images - The Live images provided in this release can be
  directly imaged onto a USB stick using dd (or any equivalent tool)
  to create bootable Live USB keys. The Fedora Live USB Creator for
  Windows and Fedora and the livecd-tools for Fedora are still
  recommended for data persistence, encryption and non-destructive
  writes. Thanks to Jeremy Katz. 

* Better webcam support - While Fedora 11 improved webcam support, in
  Fedora 12 you can expect even better video quality, especially for
  less expensive webcams. Red Hat's Hans de Goede, developer of the
  libv4l library, has more details on his continuous upstream webcam
  support enhancements at
  http://hansdegoede.livejournal.com/6989.html. 

* Polished Desktop - The latest version of the GNOME desktop includes
  the lighter Gnote replacement for Tomboy as the default note
  application, and Empathy replaces Pidgin as the default instant
  messenger. The new volume control application, first seen in Fedora
  11, has been improved to cover more advanced users. There are many
  nice tweaks from the desktop team for a polished user
  experience. More details at
  http://fedoraproject.org/wiki/Desktop_Enhancements_in_Fed... 

* GNOME Shell preview - Fedora 12 includes an early version of GNOME
  Shell, which will become the default interface for GNOME 3.0 and
  beyond. To try it, install the gnome-shell package, and use the
  Desktop Effects configuration tool to enable it. It will only work
  correctly from the GNOME desktop environment, not others such as KDE
  or Xfce. This is a preview technology, and some video cards may not
  be supported. Thanks to Owen Taylor from Red Hat and the GNOME Shell
  team. 

* KDE 4.3 - The new KDE features an updated "Air" theme and fully
  configurable keyboard shortcuts in Plasma, improved performance and
  new desktop effects in the window manager, a new bug reporting tool,
  and a configuration tool for the LIRC infra-red remote control
  system. 

* Cool new stuff for developers beginning with Eclipse Galileo, which
  includes more plugins than ever before. Perl 6 is now included,
  along with PHP 5.3. For Haskell developers, the Haskell Platform now
  provides a standardized set of libraries and tools. But one of the
  biggest changes for developers is that most of the nice new features
  of Fedora 12, from Bluetooth to webcams, are implemented through
  underlying libraries, and many of the improvements will be included
  simply by relinking your application. Also available in this release
  are SystemTap 1.0 for improved instrumenting and debugging of
  binaries, complete with Eclipse integration, and the newest NetBeans
  IDE for Java development. 

* Cool new stuff for sysadmins include added functionality for
  clustered Samba services (including active/active configurations)
  over GFS2; and the ability to boot a cluster of Fedora systems from
  a single, shared root file system. 

* Multi-Pointer X - The update to X.Org server 1.7 introduces the X
  Input Extension version 2.0 (XI2), with much work contributed by Red
  Hat's Peter Hutterer. This extension provides a new client API for
  handling input devices and also Multi-Pointer X (MPX)
  functionality. MPX functionality allows X to cope with many inputs
  of arbitrary types simultaneously, a prerequisite for (among others)
  multitouch-based desktops and multi-user interaction on a single
  screen. This is low-level work of which applications and desktop
  environments will incrementally take advantage in future
  releases. More details are available in the Release Notes and in the
  XI2 tag of Peter Hutterer's blog at
  http://who-t.blogspot.com/search/label/xi2 

Download them from Fedora or if your a local:

I’m torn between using the latest Ubuntu or Fedora on the client.

{lang: 'en-GB'}
Share

Next generation Linux file-systems

November 5th, 2009 No comments

If you’ve been reading this blog a couple of things are clear, I don’t like Apple much and I have a soft spot for file-systems. An article was posted on the IBM DeveloperWorks site that covers two file systems; NiLFS(2) and exofs that has some great information about these two beasts.

Linux® continues to innovate in the area of file systems. It supports the largest variety of file systems of any operating system. It also provides cutting-edge file system technology. Two new file systems that are making their way into Linux include the NiLFS(2) log-structured file system and the exofs object-based storage system. Discover the purpose behind these two new file systems and the advantages that they bring.

Read the full article on the Next-generation linux filesystems, there was an article on LWN.net a few years back discussing the (then emerging) Btrfs and NiLFS and how things may pan out. I’m quite happy and content with ZFS but in either case it’ll be interesting to see how all three go.

{lang: 'en-GB'}
Share

Apple’s and Linus’s take on Windows 7

October 23rd, 2009 No comments

Apple Propaganda, I mean PR

I posted about Microsoft’s four new Windows 7 commercials the other day and yes, they *are* commercials – they tell you a bit about the product they’re advertising. Now let’s take a look at Apple’s attempts – great PR btw! I think they were going for: ‘lets create the most douchebaggy thing to publicise our product and have people post blogs about it’. Well here’s some free PR work courtesy of Apple.

Bill Gates may go down in history for the BSoD for Windows 98 but lest we forget that little kid in school who was always jumping up and down for attention, teasing the smarter kids because he just wasn’t getting any attention.

“Now what is this? I dunno, but it works.” – Steve Jobs

“It’s pretty awesome when it works.” – Steve Jobs

It sure is Steve, it suuuuure is. Think Different. It just works. I wonder how they’ll cover having an ad-supported Mac OS X operating system in the future?

Linus Torvalds

Anyway I much prefer the suttle attitude that Linus Torvalds took at the Japan Linux Symposium.

He’s got a sense of humour (and coolness) and as a Linux user (#412328) I’m ever grateful for his operating system. Damn I miss Japan 🙁

{lang: 'en-GB'}
Share

CentOS 5.4 Released!

October 23rd, 2009 No comments

CentOS 5.4 has been released! Woo yeah, its been a while since RHEL 5.4 has been out but checkout the release notes for a list of changes.

Download mirrors are being updated but if your local, here are a couple of Australian Mirrors.

CentOS 5.4 x86

CentOS 5.4 x64

I just did a inplace 5.3->5.4 upgrade with a yum update. With a localised mirror, blindingly fast too!

{lang: 'en-GB'}
Share

Part I: Rebuilding ZEUS, the journey of training the next home server

October 6th, 2009 No comments

I’ve been looking at upgrading our existing home server from the archaic (and unsupported!) Ubuntu Gutsy (because I was feeling gutsy at the time) to something newer, fresher and that will last me atleast another 2 years. This is purely for my documentation.

Current Setup

Currently running an AMD setup with Ubuntu Gutsy (7.10) – I didn’t think it would last this long, honest! Ubuntu 6.06 had too many issues with the hardware/driver incompatibilities.

DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=7.10
DISTRIB_CODENAME=gutsy
DISTRIB_DESCRIPTION="Ubuntu 7.10"

On an ASUS A8N-SLI Deluxe motherboard (because you know, servers need SLI!) sporting a AMD Athlon64 3200+ (the only AMD CPU at home!) with 2Gb of RAM (hey, DDR1 wasn’t cheap enough!)

lspci

00:00.0 Memory controller: nVidia Corporation CK804 Memory Controller (rev a3)
00:01.0 ISA bridge: nVidia Corporation CK804 ISA Bridge (rev f3)
00:01.1 SMBus: nVidia Corporation CK804 SMBus (rev a2)
00:02.0 USB Controller: nVidia Corporation CK804 USB Controller (rev a2)
00:02.1 USB Controller: nVidia Corporation CK804 USB Controller (rev a3)
00:04.0 Multimedia audio controller: nVidia Corporation CK804 AC'97 Audio Controller (rev a2)
00:06.0 IDE interface: nVidia Corporation CK804 IDE (rev f2)
00:07.0 IDE interface: nVidia Corporation CK804 Serial ATA Controller (rev f3)
00:08.0 IDE interface: nVidia Corporation CK804 Serial ATA Controller (rev f3)
00:09.0 PCI bridge: nVidia Corporation CK804 PCI Bridge (rev f2)
00:0a.0 Bridge: nVidia Corporation CK804 Ethernet Controller (rev f3)
00:0b.0 PCI bridge: nVidia Corporation CK804 PCIE Bridge (rev f3)
00:0c.0 PCI bridge: nVidia Corporation CK804 PCIE Bridge (rev f3)
00:0d.0 PCI bridge: nVidia Corporation CK804 PCIE Bridge (rev f3)
00:0e.0 PCI bridge: nVidia Corporation CK804 PCIE Bridge (rev a3)
00:18.0 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] HyperTransport Technology Configuration
00:18.1 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Address Map
00:18.2 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] DRAM Controller
00:18.3 Host bridge: Advanced Micro Devices [AMD] K8 [Athlon64/Opteron] Miscellaneous Control
01:00.0 VGA compatible controller: nVidia Corporation G70 [GeForce 7300 GT] (rev a1)
05:06.0 RAID bus controller: Silicon Image, Inc. SiI 3114 [SATALink/SATARaid] Serial ATA Controller (rev 02)
05:07.0 RAID bus controller: Silicon Image, Inc. Adaptec AAR-1210SA SATA HostRAID Controller (rev 02)
05:0a.0 RAID bus controller: Silicon Image, Inc. SiI 3114 [SATALink/SATARaid] Serial ATA Controller (rev 02)
05:0b.0 FireWire (IEEE 1394): Texas Instruments TSB43AB22/A IEEE-1394a-2000 Controller (PHY/Link)
05:0c.0 Ethernet controller: Marvell Technology Group Ltd. 88E8001 Gigabit Ethernet Controller (rev 13)

/proc/cpuinfo

processor       : 0
vendor_id       : AuthenticAMD
cpu family      : 15
model           : 47
model name      : AMD Athlon(tm) 64 Processor 3200+
stepping        : 2
cpu MHz         : 1000.000
cache size      : 512 KB
fdiv_bug        : no
hlt_bug         : no
f00f_bug        : no
coma_bug        : no
fpu             : yes
fpu_exception   : yes
cpuid level     : 1
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx mmxext fxsr_opt lm 3dnowext 3dnow up pni lahf_lm ts fid vid ttp tm stc
bogomips        : 2011.59
clflush size    : 64

This faithful boxen has been the primary source of our fileserver (XFS+LVM 3Tb) – used internal to our house and also by others who upload their stuff to be backed up. Subversion repositories, Apache/LightHttpd test servers for PHP work, Virtualisation for Windows 2003, 2000 and SqlServers running for testing and several other things (think: TeamCity, Continous Integration tools, Confluence etc). Its also been damn convenient when your at work or on holidays to be able to login, muse about via SSH and even fix things remotely.

Needs & Wants

The new server will need to fufil the following roles:

  • Function as a NAS to continue to offer backup (via users home directories) and storage options
    • No file-system constraints asside from no Ext3 or ReiserFS.
  • Offer the ability to still run Virtual Machines, need to virtualise CentOS, Ubuntu and Windows for testing, they’ll be running in  Bridged mode
  • No real need for a Gui (I can consider myself a little l33t than a few years ago)
  • Run a Subversion repository (not that hard!)

The idea is to have a bare bones operating system install and have the virtual machines handle the hard and ugly work – webservers to test things, servers to try development deployments (java) and other bits and pieces. The core OS just has to manage the NAS and allow the ability to SSH in to offer subversion access.

Hardware

The hardware I’ve picked from things I had around the place, the only thing I’ve bought is just new sticks of RAM.

  • Motherboard: ASUS P5QL-PRO
    This board offered some excellent specifications via the P43 chipset, the things I looked for was the number of SATA ports ‘out of the box’ – 6 native SATA2, the number of 1x PCIe slots (2!) for future addions of PCIe SATA adapters and the maximum amount of memory possible (8Gb). Oh ofcourse, something cheapy and that can run the CPU I had around. A Gigabit NIC was also important (dual would be better!) but if it wasn’t supported I had a trusty Intel PRO 1000MT Server PCI cards to fill the void – almost everything supports them (e1000)!
  • CPU: Intel Core-2 E6750 – 2.66Ghz (65W TDP, VT)
    Importance was Intel-VT support, low TDP and a dualcore thats not too high.
  • RAM: Corsair TWIN2X4096-6400C5 (4Gb kit x 2 = 8Gb)
    Cheapy cheapy, twice the fun of a regular kit, slightly higher CAS, but who CAreS this isnt being overclocked.
  • Graphics: ASUS 9400GT PCI-Express
    The cheapest graphics card to be found at the legendary& award winning computer store MSY Technologies. Depending on how the drivers go (I’m usually biased towards ATI for all Linuxes) I might endup paying for a ATi card later.

Next up the investigation, be warned though I started this initially back in June/July (possibly a bit earlier).

{lang: 'en-GB'}
Share