Definetly the weirdest LDAP management tool

Its called ldapvi, and its just about what you’d expect with that name :-). The author would like you to think about it as vipw for your LDAP based authentication, and in addition to a few command line option it really isn’t much more then that (UI-wise):

(more…)

Nvidia Optimus on Ubuntu 12.04

Nvidia Optimus is a neat solution to the problem of power consumption vs. 3D performance in notebook computers – the computer comes with two graphics chips, an “integrated graphics package” – the Intel GMA embedded graphics and a “discrete graphics package” – the Nvidia chip. The setup works by running your normal windowing UI on the integrated graphics, only powering on the discrete graphics when you want to play a 3D game or something like that.

Recently I had the fortune to work on a Lenovo T420 laptop1 that has this setup, and it works very well on MS-Windows with the Nvidia Optimus driver – you get battry life around 10 hours with the 9 cell battery.

Unfortunately I spend most of my day in Linux and because Nvidia does not support Optimus on Linux, you have the poor choice of either running everything on the Nvidia chip – decreasing battery life to around 4 hours if you’re careful, or disabling the Nvidia chip completely.

The solution comes from the Bumblebee project – a software suite to handle the switching between the Nvidia discrete graphics and the embedded Intel chip.

The setup is pretty simple to understand (though I suspect under the hood there are many problems to be solved): A service runs and waits for users to ask for 3D accelerated graphics. When a user starts a program using the special command optirun, the service loads the Nvidia driver, starts an X server using the discrete graphics (with the display disconnected from the actual screen) and runs the specified program on that “background” X server. Then it copies the visuals from the program that is rendered using the discrete graphics to a window on the main X server. When the program terminates, the service closes the secondary X server, removes the driver and powers down the graphics card – putting us back into the ~10 hours battery life.

The Bumblebee software had some problems in the past, but the current version – 3.0 – looks very good. There are a few seconds of delay when you launch the application (setting up the driver and X takes some time), but performance is about what you’d expect when running directly on the hardware. All this without any configuration – that is if you are running on the stable Ubuntu version.

As I can’t leave well enough alone, and whenever someone says “alpha”, I say – “I wants”, I’m running the current Ubuntu 12.04 alpha (which is not so bad – due to be released in a couple of months, it works very well). And of course Bumblebee doesn’t work properly here.

So this is what I had to do to get it running:

(more…)

  1. with an amazing 1600×900 screen, what they call “HD+”. Truly a work of art []

LDAP authentication on Fedora 16 (and why it sucks)

In my company we (still) use an Active Directory domain controller to manage central authentication1, which is not set up very well – no SSL and the Kreberos setup is not done properly. This makes gives much trouble to modern Linuxes (e.g. not Ubuntu. yes – I’m looking at you Shuttleworth.)  such as Fedora, as Fedora have done away with NSS/PAM based LDAP authentication and instead relies on SSS – which I have yet managed to get working or even find a tutorial on how to set it up properly.

So if you still want to authentication your Fedora installation against the company’s Active Directory – and can’t/won’t rely on Winbind’s notably flaky behaviour, you can always install NSS/PAM ldap authentication manually. Unfortunately its not as easy as it sounds, and as I learned the hard way – one must pay careful attention to SELinux. So here’s the recipe:

(more…)

  1. there are a lot of MS-Windows workstation, so it kinds of makes sense – but we are planning to phase it out in favour of OpenLDAP, so don’t worry about it []

Mounting SMB shares using URL under GNOME and KDE

As most Linux users are aware, you can access network shares with your file browser of choice (Dolphin, Nautilus and probably others) by writing URLs into the file browser’s “location bar”1.

If you ever had to work with MS-Windows file server, you should know that you can also access SMB file shares using URLs – with the schema “smb”, like this: smb://file-server/share-name.

(more…)

  1. and this works just as well with the desktop’s “run dialog” – try holding ALT-F2 and typing something like ftp://ftp.mirrorservice.org/ and up comes your file browser showing the FTP site’s directories. This won’t work for GNOME 3, at least at this time. []

Installing Consolas TrueType Font for Linux

This is a short “how to” article on how to get and install the new Microsoft Consolas Monotype font – this is a very nice programmer font and as described in Dan Benjamin’s “Top 10 Programming Fonts” it is highly recommended for use in your programmer’s editor or IDE (As a side note, his top selection, Inconsolata is also very nice and I highly recommend it if you don’t feel like using Microsoft created software and/or aren’t interested in performing the steps below which may or may not be legally problematic).

The main problem with using Consolas on your Linux workstation, is that this font is provided by Microsoft, and while if you are running MS-Windows (or even Mac OS-X) it may already be installed – as it is bundled with many Microsoft products, us in the Linux world have no easy (and legal) way to get to use Consolas in our code editing. Unlike Microsoft Core Fonts for the Web Consolas is not available for download – probably for the same reason the core fonts packages were pulled. But as Consolas is bundled with many Microsoft products, some are available for free download for anyone, we can use that to get us some nifty Consolas prettiness in our day to day Linux computing.

(more…)

For all the people who have waited patiently, CentOS 6 is here

After a long long time in the making, rumors of abandonment and general discomfort in the community, the CentOS people have finally pulled through and bring you the brand new (though by now several months old) CentOS 6.0.

A lot of system administrators have been waiting for this (me included) so I thought I’d give a heads up 🙂

How much space to put in your root partition?

When installing a Linux computer, this is a question I’ve been asked/asked myself many times, and it shall keep on being asked because things are not static and newer operating systems need more and more room as the basic software collection that you expect to get out of the box gets larger.

And the answer? Well – it depends 🙂 Specifically here I’m going to tackle the issue of desktop installs (i.e. the workstation for a single user), and specifically for Fedora – though it shouldn’t be much different for other operating systems in the same class – such as Ubuntu or SuSE.

(more…)

Using Evolution under KDE – GNOME Keyring issues

Lets face it – Kontact is a nice application but its not really a contender if you want integration with your corporate address book and calendar in your PIM application1 and Evolution is the only solution for the feature set one would expect from a corporate friendly PIM solution.

Evolution works great when running under GNOME, but if you hate GNOME 3 as much as I do2, then you are likely to try to run Evolution under a recent KDE 4. And then problems start mounting – there’s the file dialogs which look completely different and don’t inter-operate with KDE’s virtual file system layer (KIO), but the most annoying problem is saving the passwords for your email, address book and calendar services.

Evolution relies on GNOME’s keyring service to store passwords for remote services, and that service is not running when you start KDE. Without the keyring, Evolution will keep asking you for passwords to all your email services when you start up, and for all your address book services when you try to compose an email. Which wouldn’t have been that bad if not for the fact that before popping up the password dialog, Evolution spends minutes (!!) trying to contact the GNOME keyring service. Only after being frozen for a couple of minutes you get asked for the first password, and if you have more then one service then please wait two more minutes while Evolution tries fruitlessly to contact GNOME keyring again!

The solution is simple – have GNOME keyring launch automatically when you log in to KDE, just like it does for GNOME. There are several ways to do this – for example using KDE’s “startup applications” system or writing custom profile scripts (I’ve tried both), but the more elegant solution I found in fedorahosted.org where someone committed a simple script that generates GNOME keyring startup and shutdown scripts for KDE. I’m guessing this is used in the KDE live CD spins for Fedora.

Anyway, this script can easily adapted to generate GNOME keyring integration scripts for your local KDE installation. Just start Konsole, and paste this into the command line:


cat > $HOME/.kde/env/start-custom.sh <<EOF
#!/bin/sh
eval \`gnome-keyring-daemon\`
export GNOME_KEYRING_PID
export GNOME_KEYRING_SOCKET
EOF
chmod 755 $HOME/.kde/env/start-custom.sh
cat > $HOME/.kde/shutdown/stop-custom.sh <<EOF
#/bin/sh
if [-n "\$GNOME_KEYRING_PID"]; then
kill \$GNOME_KEYRING_PID
fi
EOF
chmod 755 $HOME/.kde/shutdown/stop-custom.sh

Enhanced by Zemanta
  1. also – contrary to popular belief in hacker circles, rich text editing is useful – and Kontact really sucks at that []
  2. if you are a GNOME user and weren’t exposed to GNOME 3 yet, then don’t worry – soon coming to a distro near your, and you’re likely not going to like it []

Running VirtualBox on Ubuntu 11.04 Natty alpha

I’m using the current Ubuntu alpha – 11.04 as my desktop OS on my laptop, and on the same laptop I sometimes need to run VirtualBox to access an MS-Windows environment.

In the current Natty alpha this doesn’t work well. I have VirtualBox 4.0 installed from Oracle’s repository, but it doesn’t manage to compile the kernel module it needs – probably because of the “RC” nature of the current Natty’s kernel (2.6.38-rc4) as of this writing.

I’ve seen many posts on the internet about running Ubuntu 11.04 as a guest in VirtualBox, but couldn’t find anyone talking about my problem, which is the opposite – running VirtualBox on Ubuntu 11.04. So here’s how to get this thing working:

  1. Install VirtualBox 4.0 (from Oracle’s repository)
  2. Install the kernel headers package for Ubuntu: sudo apt-get install linux-headers
  3. Edit the headers’ Makefile to declare the same version as the uname command: run uname -r and note the suffix after the version number, for example mine says “2.6.38-3-generic“, so I am interested in “-3-generic“. Edit the Makefile using sudo gedit /usr/src/linux-headers-<version>-3-generic/Makefile , and the fourth line should say something like “EXTRAVERSION = -rc4“. Change the value (in this case “-rc4“) to what you found out from uname.
  4. add autoconf.h to the linux include directory, because it is missing for some reason:
    cd /usr/src/linux-headers-<version>-3-generic/include/linux
    sudo ln -s ../generated/autoconf.h

Now you can run sudo /etc/init.d/vboxdrv setup and it should complete successfuly and allow you to start VirtualBox.

Enhanced by Zemanta

Easiest Android Rooting In 3 Simple Steps

One of the neatest features of carrying a small Linux computer in your pocket, is that you have a machine to hack everywhere you go 😉

After getting a terminal application installed, you find that most stuff that you want to do require “root access” on your android phone – it appears that on Android they don’t really use “user permissions” but instead each app is its own user id with its own set of permissions (an ingenious way to handle different permissions per application).

To do most interesting things you need to make sure you can get root access. As a normal phone user you aren’t expected to need this so this feature is disabled on phones and to enable access to the root account you need to crack the phone’s security model. (more…)


Spam prevention powered by Akismet