Linux Gazette... making Linux just a little more fun! Copyright © 1996-97 Specialized Systems Consultants, Inc. linux@ssc.com _________________________________________________________________ Welcome to Linux Gazette! (tm) Sponsored by: InfoMagic Our sponsors make financial contributions toward the costs of publishing Linux Gazette. If you would like to become a sponsor of LG, e-mail us at sponsor@ssc.com. _________________________________________________________________ "Linux Gazette...making Linux just a little more fun!" _________________________________________________________________ The Mailbag! Write the Gazette at gazette@ssc.com Contents: * Help Wanted -- Article Ideas * General Mail _________________________________________________________________ Help Wanted -- Article Ideas _________________________________________________________________ Date: Wed, 02 Jul 1997 22:30:26 -0700 From: Wood Ellis woodswrk@erols.com Subject: Newbie Needs More Definitive Article on Parallel Port Tape Drives The various leads which can be followed from the parport home page tend to indicate that it's just not worth all the hassle to try to operate a tape on the parallel port, unless you are an expert and maybe want to program it yourself. I just cannot believe that it is that difficult. I would appreciate it if you were to provide an article which, in simple, newbie language, tells how to do it. The article should include definitive solutions for every brand of parallel port tape drive which is commonly available. Mine is an HP-1000 travan-1. My system is Redhat 4.1. One can imagine that some linux devotees enjoy the abstruseness of things new and difficult and exclusive. Contrary to that viewpoint, I believe that we all should strive to make linux easier and more available to the relatively uninformed. Probably you share my feeling. That's as close as I can come to a flaming request right now. I really appreciate all the good stuff in the Gazette. Thank you, _________________________________________________________________ Date: Sun Jul 6 16:35:46 1997 From: Takkala, takkala@highstar.com Subject: Please help me.... Recently, ever since I upgraded to Slackware 3.2/Redhat 4.1, I have noticed that my modem has been behaving rather erratically. My modem is a Motorola ModemSurfr 28.8. Now, when I type 'ppp-on' to initiate a ppp session, many times, the modems TR led lights up, and then nothing happens, until the computer times out 45 seconds later and aborts the ppp session. Normally, when I type 'ppp-on' the modem almost immediately begins dialing up my isp, and connecting, but most of the time, it would just sit there, until I killed the process and tried again, it may take up to twelve or more tries for the modem to dial, but sometimes it will dial on the first try. This erratic behavior only began occurring (from what I can tell, I'm not sure) ever since I upgraded to redhat 4.1, and now slackware 3.2. My modem does work fine in windows 95, and also if I use DIP, or minicom to try and connect. So I was wondering if this may be a timing error somewhere in the ppp-on script. Has anyone else had similar problems? I myself tried tweaking some of the abort timeouts, but that didn't help. Someone please help me! Thanks for any help suggestions... Jari _________________________________________________________________ Date: Mon, 07 Jul 1997 01:00:35 -0700 From: Paul M., pmarcano@saltspring.com Subject: Deluxe Paint IIe Don't mean to come out of the blue but... I was searching the net for some reference to Deluxe Paint IIe for the PC and ended up here... Can you send me any information you can about how I might get a hold of a copy of this program which I assume is discontinued. I come from an Amiga background and still feel there are some redeeming features to this program that I would like to use on my PC... Thanks for any information you can impart! Paul Marcano _________________________________________________________________ Date: Fri, 11 Jul 1997 16:57:33 -0300 From: Annette Sahores annette@invap.com.ar Subject: Problem with adaptec 2940U I'm trying to install linux red hat 2.0.x in a machine with an Adaptec 2940U host adapter an a scsi external 4x cdrom. The problem is that the bootdisk does not recognize the host adapter, so I can't set the linux and swap partitions. may be the problem is that the driver aic7xxx is old and doesn't work whith the 2940 ultra. Thank You Annette Sahores _________________________________________________________________ Date: Tue, 15 Jul 97 15:01:00 PDT From: Mark Mangolas mmango01@gsg.eds.com Subject: Linux on a ThinkPad Hello, I am writing this in hopes that you can help me with my Linux configuration. I have Linux Slackware 3.2 running on an IBM 760E Thinkpad and I can't get X to run properly. It scrunches the screen when I fire up X and then scrambles everything when I exit forcing me to reboot. I've tried almost all of the video cards, chipsets, etc. in XF86Setup and nothing helps. Any help would be greatly appreciated......thank you, Mark Mangolas _________________________________________________________________ Date: Wed, 16 Jul 1997 15:01:49 -0400 From: Scott Fowler scorpi04@earthlink.net Subject: Pnp Modem and mouse Help I have a plug and pray modem and mouse, actually my mouse is a ps/2 mouse, will the program isapnptools fix all the pnp problems? _________________________________________________________________ Date: Sun, 20 Jul 1997 10:43:54 -0600 From: Doug Milligan, Red Hat Linux User doug@nwrks.com Subject: Disk deferag? I'm new to Linux, but like it very much having recently installed RedHat 4.2 via FTP. In looking through utility software I have not run accross any disk defragmentor programs nor have seen references to them in any Linux books that I have consulted. Is disk degragmentation not needed in maintaining a Linux file system? Thanks, Doug Milligan _________________________________________________________________ Date: Sat, 19 Jul 1997 18:58:20 +0200 (SAT) From: Abraham vd Merwe ixion@ilink.nis.za Subject: Chown Problem Hi! You can make anybody the owner of your files right? At least that is w hat I always thought, but take a look at this: % whoami ixion % cat /dev/null > ChownTest ; chmod 0777 ChownTest ; ls -l ChownTest -rwxrwxrwx 1 ixion users 0 Jul 19 18:10 ChownTest % cat /etc/passwd | grep fakeuser fakeuser:x:1005:100:Nobody:/home/fakeuser:/bin/bash % chown fakeuser ChownTest chown: ChownTest: Operation not permitted I've tried it on various systems and it turns out that I can't make an ybody the owner of my files when I'm a user (root obviously can). Why? I'd b e very grateful if you can explain how to do it or if not possibly, at l east why I can't do it... Thanks Abraham _________________________________________________________________ Date: Sat, 19 Jul 1997 04:40:56 +0100 From: Emmet emmet@indigo.ie Subject: Firewire and DV Hi, I've nearly got my brother converted to Linux, except he's interested in using firewire cards and whatever software to edit video from a DV camera. After some web-searching, and a several sites, it seems that there are no firewire drivers or spiffy DV software for Linux. Even worse, Adaptec, who manufacture what appears to be becoming a very popular card, are only supporting MS and Mac platforms. To add insult to injury, their FAQ, in response to a question about the possibility of drivers for Un*x, etc., contains the single word "No", no explanation or euphemisms, just "No". At this point in time, horror of horrors, it looks like I'm going to wind up with my brother using NT. Frankly, I'd rather have a sister in a whorehouse than a brother using NT. Check out Mitch Stone's excellent site at http://www.vcnet.com/bms for why. Does anybody know different? Are there any plans afoot in this direction? Maybe somebody in a position of influence could lean on some firewire card manufacturers to make their driver software available for porting to Linux? Maybe the Linux community could email sales@adaptec.com or support@adaptec.com asking them to reconsider making drivers available? Any information about the possibility of DV editing software or firewire drivers would be most appreciated. I'll help if I can. Thanks, Emmet. _________________________________________________________________ Date: Wed, 23 Jul 1997 22:24:44 -0500 From: Ben and Nick nbwbolen@bstream.com Subject: cpu Speed I was wondering if you could tell me where I could get a listing of bogomites? bogomytes? on different cpu's and computers? Thanks Ben _________________________________________________________________ Date: Wed, 23 Jul 1997 15:56:49 -0400 (EDT) From: Jon Lewis jlewis@inorganix5.fdt.net Subject: Linux Uptimes Do you have any idea what the longest uptime on a linux system is? I have a system with over 14 months of uptime, and am wondering if its heading for some kind of record. I've been told that with the 1.2.x kernels, uptimes longer than about 16.4 months are thought to be impossible due to jiffy counter wrap. _________________________________________________________________ Date: Thu, 3 Jul 1997 19:12:36 -0700 (PDT) From: Greg Roelofs newt@pobox.com Subject: Re: Changing video modes A friend of mine wants to know how to change video modes without restarting X, and I noticed you say you can do that on your Linux page. How can this be done? (I'm using XFree86, he's using MkLinux) Just changing *modes* is easy: use ctrl-alt-gray+ and ctrl-alt-gray- to cycle between the resolutions defined in your XF86Config file. I have the following defined: Modes "1280x1024" "1536x1152" "1600x1200" "640x480" "800x600" "1024x768" To run multiple X servers is a little trickier, and I've been meaning to write up a Linux Gazette or Linux Journal article on that. Assuming you use startx instead of xdm, the basic trick is to do something like this: startx -- :4 -bpp 32 & My default (16-bit mode) command is this: startx -- :1 -bpp 16 & You can switch between them via ctrl-alt-F7 through F10, typically-- F1 through F6 tend to be normal text-mode Linux consoles. It's really best to alias these things and make sure the screen numbers (:0 or :2 or whatever) don't collide; if they do, the second X server will "steal" the number from the first, and you won't be able to start any more windows or even restart the window manager under the first server. The special 320x200 game mode is even more complicated, and I won't even try to explain that here. It can be done with a second XF86Config or with additional lines in the main one under some circumstances. I don't know how AccelX and XiGraphics and MetroX handle these things. -- Greg Roelofs _________________________________________________________________ General Mail _________________________________________________________________ Date: Mon, 07 Jul 1997 10:27:46 -0700 From: James Gilb p27451@am371.geg.mot.com Subject: *2+ Processing Check out the Linux SMP page at http://www.uk.linux.org/SMP/title.html and get a new distribution. I think that SMP became part of the standard kernel at 2.0, so 2.0.?? might be a good choice (check out the SMP page, I think some patch levels are broken with respect to SMP). If you are pretty good a Linux installs (and from the multiplicity of your OS's is sounds like you are), you could pick up a RedHat distribution for less than USD $10. I can't help you with availability in Sweden, but check out Caldera, RedHat, Craftworks, SuSE and Yggdrasil (sp?), I think most of them support SMP. If you need pointers to their web pages, try http://www.linuxmall.com, http://www.linux.org, or http://www.ssc.com (had to put a plug in for the sponsor of the excellent LG). _________________________________________________________________ Date: Tue, 8 Jul 1997 09:10:32 -0700 From: Robert Christ rchrist@mcis.washington.edu Subject: Spam Counter Attack In Linux Gazette #19 you say: SPAM Counter Attack! If you'd like to have your voice heard regarding SPAM mail, why don't you consider writing a letter to your representative? I would just like to add a counter point that I would prefer that my congress person not attempt to regulate any aspect of the net. I have the tools and skills to prevent spamming all by myself. Laws regulating behavior seems to set a dangerous precedent.. thanks for your time, Rob _________________________________________________________________ Date: Sat, 5 Jul 1997 21:25:48 -0600 (MDT) From: Michael J. Hammel mjhammel@csn.net Subject: User-Level Driver For HP ScanJet 5p? To: lersch@thene.informatik.uni-bonn.de You asked about HP Scanjet 5P support in Linux. Check XVScan at http://tummy.com. It supports this scanner and is a commercial product. If you're looking for drivers for other scanners check out my review of scanners in my Graphics Muse column in the March 1997 Linux Gazette (that is in issue 15) at http://www.ssc.com/lg. Hope this helps. Michael J. Hammel _________________________________________________________________ Date: Sat, 5 Jul 1997 21:21:08 -0600 (MDT) To: smalenfant@cablevision.qc.ca Subject: Problems with XFree86 You wrote to the Linux Gazette: I'm a new user to Linux and the problem still XFree86! So then I tried to know want can I do to Linux community. In Issue #16, you said that the problem is not video card and is Monitor balancing. So why Windows 95 can have all these preset on monitor and Linux don't have? Why we can't use the stuff in the Microsoft Lib to transfer it into the database of XF86Setup or something like that. Cause that's real that the dotclock and all this is very scrambled! Why not just resolution and Virtual Refresh, that's all we need to know, the program could do the rest! We don't have to know what horizontal frequency and dotclock it is! Answer: Xi Graphics AcceleratedX 3.1. It does pretty much what you're asking for here. See http://www.xi.com. Michael J. Hammel _________________________________________________________________ Date: Sat, 5 Jul 1997 21:18:18 -0600 (MDT) To: dmandel@transport.com Subject: CD Burners, Scanners, Digital Cameras, etc. You asked the following in the July Linux Gazette: 1.Will a Sony CDU926S burner work with xcdroast? Don't know about this one, but I may have to find out soon. I'd like to create a CD full of graphics tools, but I've never tried to do anything like this before. If I do find info I'll probably write it up in my Graphics Muse column in the Gazette. 2. What is a good, but cheap flatbed scanner to use? (Good means 24 bit color and >= 300dpi optical resolution.) What software (in Linux) supports the scanner? Answer: Check my March 1997 Graphics Muse column. I did a review of the scanners currently supported (at that time). A good place to look (which is listed in that issue of the Muse) is the SANE Project. 3.I can't afford one, but... Are there any 35mm slide scanners on the market with Linux support? Answer:I haven't seen any announced yet. I get info like this alot due to my work with Graphics Tools for Linux, but so far no one has pointed out any web pages or ftp sites for such drivers. 4.And as long as I'm asking dumb questions... Does Linux have support for any digital cameras yet? Answer:Don't waste your money on these just yet, even if a driver exists (I haven't seen one of these either). Even the vendors have been saying this technology is too new and they haven't established the "rules of the game" for standards or formats. Many are using ordinary JPEG formats, but getting the data to your PC is variable and depends on the makers choice of protocols, connectors and so forth. Hope this helps a little. -- Michael J. Hammel _________________________________________________________________ Date: Sat, 5 Jul 1997 21:09:06 -0600 (MDT) To: rpragana@acm.org Subject: Interfacing Genius Color Page-CS Scanner You asked about using your Genius Scanner with Linux. I don't know if a driver is available although in a survey of scanners I did for the Graphics Muse Column (March 1997, Issue 15) of the Linux Gazette there was info on the Genius GS-B105G, Genius GS4500 and probably the GS4000 and GS4500A. Also, there is work being done on generic scanner support for the GIMP and other Linux applications via the SANE project. I suggest you either look for the author of the Genius scanners to see if support for your particular scanner is forthcoming (assuming yours is from the same manufacturer as his). You should also check with the SANE Project to see if they have any ideas. Both should have pointers on how to write drivers and get info the specs for that scanner if they don't already have it. One other place to look is http://tummy.com. This is the site for XVScan, a front end to xv that primarily supports HP scanners. They can also write the driver for a fee. XVScan is a commercial product. -- Michael J. Hammel _________________________________________________________________ Date: Sat, 5 Jul 1997 20:56:53 -0600 (MDT) To: cricci@cpiprogetti.it Subject: Matrox Mystique support You wrote to the Linux Gazette: Is there a chance to correctly configure a Matrox Mystique with 4MB RAM under X or I must throw away it ? Answer: Xi Graphics AcceleratedX 3.1. I use it with my Matrox Mystique with 4MB RAM. There is a slightly annoying effect you'll see when moving windows (sort of like snow on a TV screen) but its minor and I hardly notice it anymore. They know about it and are working on a fix. -- Michael J. Hammel _________________________________________________________________ Date: Mon, 14 Jul 1997 13:51:38 -0400 (EDT) From: Ade Bellini AdeBellini@aol.com Subject: Re: *2+ Processing Thank you for your interest and help, i am most pleased to have had so many helpful replies, this just goes to show how many friendly and informed readers the Linux gazette has (? blatant plug for the LG !). I am sorry this reply is in the form of a "shotgun" approach, but i really couldn't reply individually to so many, but to all of you that mailed me -- MANY THANKS. I have "solved" 1/2 the problem - i rebuilt the kernel ( to install sound blaster support) and some how (G-D knows how !) i can now run on *2 cpu but only drawing the affects of 1 !. tur i ur tur as they say in Sweden ! (luck in bad luck !!!). Again thanks for the help and keep on hacking !: Yours ade. Ade Bellini _________________________________________________________________ Date: Sat, 19 Jul 1997 12:24:41 -0700 (MST) From: Joel Hardy deeng@nwcdh.inficad.com Subject: Descent 3 for Linux? Linux has always been the perfect platform for games, it's just very few developers (id and Crack.com are the only two worth mentioning that I know of) know that. Interplay and Parallax are developing the third game in their Descent series, and they're accepting ideas, so I think the Linux community should inform them of the benefits of supporting a Linux version. There have already been several (last estimate I heard was 90) people who have suggested that they support Linux, and they probably will if they're convinced enough people would buy it, so if you're interested in having the best DOS game ported to Linux, see http://www.interplay.com/descent/ideas and suggest Linux support. -- Joel Hardy _________________________________________________________________ Published in Linux Gazette Issue 20, August 1997 _________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Next This page written and maintained by the Editor of Linux Gazette, gazette@ssc.com Copyright © 1997 Specialized Systems Consultants, Inc. "Linux Gazette...making Linux just a little more fun! " _________________________________________________________________ More 2¢ Tips! Send Linux Tips and Tricks to gazette@ssc.com _________________________________________________________________ Contents: * Boot Information Display * Consider Glimpse Instead of Grep * Copy * A New Tool for Linux * Hex Dump * Hard Disk Duplication * More on Grepping Files in a Directory Tree * More on Hard Disk Duplication * A Script to Update McAfee Virus * Handling Log Files * Exciting New Hint on xterm Titles * C Source with Line Numbers * Another Reply to "What Packages Do I Need?" * Grepping Files in a Tree with -exec * How Do You Un-Virtual a Virtual Screen? * File Size Again... * Syslog Thing * Ascii Problems with FTP * Running Squake from Inside X * Copying a Tree of Files * Using shar + RCS to Backup Sets of Source Files * Learning Experiences * LG #19, Grepping Files Comments _________________________________________________________________ Boot Information Display Date: Wed, 2 Jul 1997 18:18:11 -0400 From: Jon Cox jcox@cx.tufts.edu I saw an article in July's LG that talked about using watch as a better way to monitor ftp downloads -- there 's an even BETTER way: Check out ncftp. It works much like ftp, but shows a progress bar, estimates time to completion, and saves bookmarks of where you've been. I think ncftp is pretty standard on all distributions these days. -Enjoy Jon _________________________________________________________________ Consider Glimpse Instead of Grep Date: Wed, 2 Jul 1997 18:18:11 -0400 From: Jon Cox jcox@cx.tufts.edu While grep works as a tool for searching through a big directory tree for a string, it's pretty slow for this kind of thing & a much better tool exists --Glimpse. It even has an agrep-style stripped down regexp capability for doing "fuzzy search", and is astonishingly fast. Roughly speaking: glimpse is to grep as locate is to find I believe the latest rpm version is glimpse-4.0-4.i386.rpm You can find it in any site that mirrors Red hat's contrib directory. Enjoy! -Jon _________________________________________________________________ Copy Date: Wed, 2 Jul 1997 18:18:11 -0400 From: Wim Jongman dblyuiam@xs4all.nl I have hacked a helpful utility. Please have a look at it. Regards, Wim Jongman _________________________________________________________________ Diald Remote Control _________________________________________________________________ I have been a satisfied diald user for quite some time. one of the things that were on my list of favorites was the possibility to activate the link from another location. I have written a small shell script that waits for activity on my telephone line. If activity has been detected the script submits the ping utility which causes diald to set up a link to my ISP. If activity is detected from the inside (diald does the dialing) then the ping is also performed but there can be no harm in that. My /etc/diald.conf looks like this: mode cslip connect /usr/local/bin/connect device /dev/cua2 speed 115200 modem lock crtscts local local.ip.ad.dres remote ga.te.way.address mtu 576 defaultroute ip-up /usr/local/bin/getmail & ip-down /usr/local/bin/waitmodem & include /usr/lib/diald/standard.filter The first time the link goes down, the program waitmodem is submitted. The script for /usr/local/bin/waitmodem is: #!/bin/bash # This script waits for data entering the modem. If data has arrived, # then a host is pinged to allow diald to # setup a connection (and you to telnet in.) if test -f /var/locks/waitmodem then exit 0 else touch /var/locks/waitmodem sleep 5 read myvar < /dev/cua2 ping -c 10 host.com > /dev/nul & > /dev/nul rm /var/locks/waitmodem exit 0 fi If the diald decides to drop the link, the ip-down keyword activates the waitmodem script. This creates a lock in /var/lock(s) and sleeps for five seconds to allow the modem buffers to flush. Then the modem device is read and if activity occurs, the ping is submitted. Change the italic bits in the scripts. The lock is removed and diald dials out. This allows you to access your machine. I guess you have to have a static ip for it to be useful. Regards, Wim Jongman _________________________________________________________________ A New Tool for Linux Date: Wed, 2 Jul 1997 18:18:11 -0400 From: Jordi Sanfeliu mikaku@arrakis.es hi ! This is my contribution to this beautiful gazette !! :)) tree is a simple tool that allows you to see the whole directory tree on your hard disk. I think that is very cool, no? #!/bin/sh # @(#) tree 1.1 30/11/95 by Jordi Sanfeliu # email: mikaku@arrakis.es # # Initial version: 1.0 30/11/95 # Next version : 1.1 24/02/97 Now, with symbolic links # # Tree is a tool for view the directory tree (obvious :-) ) # search () { for dir in `echo *` do if [ -d $dir ] ; then zz=0 while [ $zz != $deep ] do echo -n "| " zz=`expr $zz + 1` done if [ -L $dir ] ; then echo "+---$dir" `ls -l $dir | sed 's/^.*'$dir' //'` else echo "+---$dir" cd $dir deep=`expr $deep + 1` search # with recursivity ;-) numdirs=`expr $numdirs + 1` fi fi done cd .. if [ $deep ] ; then swfi=1 fi deep=`expr $deep - 1` } # - Main - if [ $# = 0 ] ; then cd `pwd` else cd $1 fi echo "Initial directory = `pwd`" swfi=0 deep=0 numdirs=0 zz=0 while [ $swfi != 1 ] do search done echo "Total directories = $numdirs" Have fun ! Jordi _________________________________________________________________ Hex Dump Date: Wed, 18 Jun 1997 10:15:26 -0700 From: James Gilb p27451@am371.geg.mot.com I liked your gawk solution to displaying hex data. Two things (which people have probably already pointed out to you). 1. If you don't want similar lines to be replaced by * *, use the -v option to hexdump. From the man page: -v: The -v option causes hexdump to display all input data. Without the -v option, any number of groups of output lines, which would be identical to the immediately preceding group of output lines (except for the input offsets), are replaced with a line comprised of a single asterisk. 2. In emacs, you can get a similar display using ESC-x hexl-mode. The output looks something like this: 00000000: 01df 0007 30c3 8680 0000 334e 0000 00ff ....0.....3N.... 00000010: 0048 1002 010b 0001 0000 1a90 0000 07e4 .H.............. 00000020: 0000 2724 0000 0758 0000 0200 0000 0000 ..'$...X........ 00000030: 0000 0760 0004 0002 0004 0004 0007 0005 ...`............ 00000040: 0003 0003 314c 0000 0000 0000 0000 0000 ....1L.......... 00000050: 0000 0000 0000 0000 0000 0000 2e70 6164 .............pad 00000060: 0000 0000 0000 0000 0000 0000 0000 0014 ................ 00000070: 0000 01ec 0000 0000 0000 0000 0000 0000 ................ 00000080: 0000 0008 2e74 6578 7400 0000 0000 0200 .....text....... 00000090: 0000 0200 0000 1a90 0000 0200 0000 2a98 ..............*. (I don't suppose it is surprising that emacs does this, after all, emacs is not just and editor, it is its own operating system.) _________________________________________________________________ Hard Disk Duplication Date: Tue, 24 Jun 1997 11:54:48 +0200 From: Jerko Golubovic jerko.golubovic@public.srce.hr A comment on article "HARD DISK DUPLICATION" written by mcablec@ucsd.edu in Linux Gazette #18 (June 97). What I did at my place is following: I SetUp root-NFS system to boot usable configuration over network. I just need a floppy with appropriate kernel command-line and system brings up. When system brings up I mount as /root NFS volume where I store compressed images. In that way I have them readily available when I log-in. With dmesg I find about geometry of the hard disk of the target system. Then, for taking a new image I do: cat /dev/hda | gzip -9 > .gz And for restore: zcat .gz > /dev/hda Of course, I don't have to use such system. It is enough to prepare one boot floppy containing just FTP client and network config. I made two shell scripts: b: ---------------------- #!/bin/sh cat /dev/hda | gzip -9 r: ---------------------- #!/bin/sh gzip -d > /dev/hda Then, in FTP you do: put |./b .gz - to save image get |./r - to restore image ANY FTP server on ANY platform can be used for storage. Not only that - you don't have to use FTP at all - you can use smbclient instead - and read directly from Win or Lanman shares - doing basically the same thing. _________________________________________________________________ More on Grepping Files in a Directory Tree Date:Tue, 1 Jul 1997 13:12:34 From: Gene Gotimer gotimer@cybercash.com In Linux Gazette Issue 18, Earl Mitchell (earlm@Terayon.COM) suggested grep foo `find . -name \*.c -print` as a way to grep files in a directory tree. He warned about a command line character limit (potentially 1024 characters). Another way to accomplish this, without the character limit, is to use the xargs command: find . -name '*.c' -print | xargs grep foo The xargs command accepts arguments on standard input, and tacks them on the end of the specified command (after any supplied parameters). You can specify where in the command xargs will place the arguments (rather than just on the end) if you use the -i option and a pair of curly braces wherever you want the substitution: ls srcdir | xargs -i cp srcdir/{} destdir/{} xargs has a number of options worth looking at, including -p to confirm each command as it is executed. See the man page. -- Gene Gotimer _________________________________________________________________ More on Hard Disk Duplication Date: Mon, 23 Jun 1997 08:45:48 +0200 From: Jean-Philippe CIVADE jpcivade@cge-ol.fr I've written an utility under Windows 95 able to copy from disk to disk in a biney way. It's called Disk2file. It's findable on my web site under tools. The primary purpose of this utility was to make iso images from a hard disk (proprietary file system) to record them on a cdrom. I've used it yesterday do duplicate a red hat 4.1 installed disk with success. The advantage of this method is this is possible to product a serial of disk very quickly. This utility is written to tranfert up to 10Mb /s. The duplication time for a 540 Mb is about 10 mins. The way to use it is: 1. start the program. Select scsi controller. 2. Select a disk and a file where to put image file 3. Select the source disk 4. select disk2file mode and click "run" 5. after completion, select the new disk where the image have to be written 6. Select file2disk mode 7. Click run It's referenced as a shareware in the docs but I conced the freeware mode to the Linux community for disk duplication only. -- Best Regards Jean-Philippe CIVADE _________________________________________________________________ A Script to Update McAfee Virus Date: Fri, 20 Jun 1997 00:05:33 -0500 (CDT) From: Ralph ralphs@kyrandia.com Here is a script I hacked together (trust me after you see it I'm sure you'll understand why this is my first script hack I'm sure) to ftp McAfee virus definitions unzip then and run a test to make sure they are ok...now ya gotta have vscan for linux located at ftp://ftp.mcafee.com/pub/antivirus/unix/linux the first one does the work of pulling it down unzipping and testing #!/bin/sh # ===================================================================== # Name: update-vscan # Goal: Auto-update McAfee's Virus Scan for Linux # Who: Ralph Sevy ralphs@kyrandia.com # Date: June 19 1997 # ---------------------------------------------------------------------- # Run this file on the 15th of each month to insure that the file gets # downloaded # ====================================================================== datafile=dat-`date +%y%m`.zip mcafeed=/usr/local/lib/mcafee ftp -n ftp.mcafee.com The last thing you want to do is add an entry to crontab to update your files once a month....I prefer the 15th as it makes sure I get the file (dunno really how to check for errors yet, its my next project) # crontab command line # update mcafee data files once a month on the 15th at 4am * 4 15 * * /usr/local/bin/update-vscan Its not pretty I'm sure, but it works Ralph http://www.kyrandia.com/~ralphs __________________________________________________________________________ Handling Log Files Date: Thu, 3 Jul 1997 11:13:56 -0400 From: Neil Schemenauer nas170@mail.usask.ca I have seen a few people wondering what to do with log files that keep growing. The easy solution is to trim them using: cat some_filename The disadvantage to this method is that all your logged data is gone, not just the old stuff. Here is a shell script I use to prevent this problem. #!/bin/sh # # usage: logroll [ -d ] [ -s ] # where to save old log files SAVE_DIR=/var/log/roll # how large should we allow files to grow before rolling them SIZE=256k while : do case $1 in -d) SAVE_DIR=$2 shift; shift;; -s) SIZE=$2 shift;shift;; -h|-?) echo "usage: logroll [ -d ] [ -s ] " exit;; *) break;; esac done if [ $# -ne 1 ] then echo "usage: logroll [ -d ] [ -s ] " exit 1 fi if [ -z `find $1 -size +$SIZE -print` ] then exit 0 fi file=`basename $1` if [ -f $SAVE_DIR/$file.gz ] then /bin/mv $SAVE_DIR/$file.gz $SAVE_DIR/$file.old.gz fi /bin/mv $1 $SAVE_DIR/$file /bin/gzip -f $SAVE_DIR/$file # this last command assumes the PID of syslogd is stored like RedHat # if this is not the case, "killall -HUP syslogd" should work /bin/kill -HUP `cat /var/run/syslog.pid` Save this script as /root/bin/logroll and add the following to your /etc/crontab: # roll log files 30 02 * * * root /root/bin/logroll /var/log/log.smb 31 02 * * * root /root/bin/logroll /var/log/log.nmb 32 02 * * * root /root/bin/logroll /var/log/maillog 33 02 * * * root /root/bin/logroll /var/log/messages 34 02 * * * root /root/bin/logroll /var/log/secure 35 02 * * * root /root/bin/logroll /var/log/spooler 36 02 * * * root /root/bin/logroll /var/log/cron 38 02 * * * root /root/bin/logroll /var/log/kernel Now forget about log files. The old log file is stored in /var/log/roll and gzipped to conserve space. You should have lots of old logging information if you have to track down a problem. Neil __________________________________________________________________________ Exciting New Hint on xterm Titles Date: Fri, 27 Jun 1997 15:43:44 +1000 (EST) From: Damian Haslam damian@srsuna.shlrc.mq.edu.au Hi, after searching (to no avail) for a way to display the currently executing process in the xterm on the xterm's title bar, I resorted to changing the source of bash2.0 to do what I wanted. from line 117 of eval.c in the source, add the lines marked with # (but don't include the #) 117: if (read_command () == 0) 118: { #119: if (strcmp(get_string_value("TERM"),"xterm") == 0) { #120: printf("^[]0;%s^G",make_command_string(global_command)); #121: fflush(stdout); #122: } #123: 124: if (interactive_shell == 0 && read_but_dont_execute) ..... you can then set PROMPT_COMMAND to reset the xterm title to the pwd, or whatever takes your fancy. cheers - damian __________________________________________________________________________ C Source with Line Numbers Date: Sun, 29 Jun 1997 10:09:52 -0400 (EDT) From: Tim Newsome drz@froody.bloke.com Another way of getting a file numbered: grep -n $ -n tells grep to number its output, and $ means end-of-line. Since every line in the file has an end (except possibly the last one) it'll stick a number in front of every line. Tim __________________________________________________________________________ Another Reply to "What Packages Do I Need?" Date: Wed, 02 Jul 1997 20:17:26 +0900 From: Matt Gushee matt@it.osha.sut.ac.jp About getting rid of X components, Michael Hammel wrote that "...you still need to hang onto the X applications (/usr/X11R6/bin/*)." We-e-ll, I think that statement needs to be qualified. Although I'm in no sense an X-pert, I've poked around and found quite a few non-essential components: multiple versions of xclocks (wristwatches are more accurate and give your eyes a quick break). Xedit (just use a text-mode editor in an xterm). Fonts? I could be wrong, but I don't see any reason to have both 75 and 100dpi fonts; and some distributions include Chinese & Japanese fonts, which are BIG, and which not everyone needs. Anyway, poking around for bits and pieces you can delete may not be the best use of your time, but the point is that X seems to be packaged with a very broad brush. By the way, I run Red Hat, but I just installed the new (non-rpm) XFree86 3.3 distribution--and I notice that Red Hat packages many of the non-essential client programs in a separate contrib package, while the Xfree86 group puts them all in the main bin/ package. Here's another, maybe better idea for freeing up disk space: do you have a.out shared libraries? If you run only recent software, you may not need them. I got rid of my a.out libs several months ago, and have installed dozens of programs since then, and only one needed a.out (and that one turned out not to have the features I needed anyway). Of course, I have the RedHat CD handy so I can reinstall them in a moment if I ever really need them. That's my .02 . --Matt Gushee __________________________________________________________________________ Grepping Files in a Tree with -exec Date: Wed, 2 Jul 1997 09:46:33 -0400 (EDT) From: Clayton L. Hynfield hynfiecl@mnemo.mcs.muohio.edu Don't forget about find's -exec option: find . -type f -exec grep foo {} \; Clayton L. Hynfield __________________________________________________________________________ How Do You Un-Virtual a Virtual Screen? Date: Mon, 07 Jul 97 15:08:39 +1000 From: Stuart Lamble lamble@yoyo.cc.monash.edu.au With regards to changing the size of the X screen, I assume you're using XFree86. XFree will make your virtual screen size the larger of: *the specified virtual screen size *the _largest_ resolution you _might_ use with your video card (specified in 'Section "Screen"'). Open your XF86Config file in any text editor (ae, vi, emacs, jed, joe, ...) _as root_. (You need to be able to write it back out again.) Search for "Screen" (this is, IIRC, case insensitive, so for example, under vi, you'd type: /[Ss][Cc][Rr][Ee][Ee][Nn] yeah, yeah, I know there's some switch somewhere that makes the search case insensitive (or if there isn't, there _should_ be :), but I can't remember it offhand; I don't have much use for such a thing.) You'll see something like: Section "Screen" Driver "accel" Device "S3 Trio64V+ (generic)" Monitor "My Monitor" Subsection "Display" Depth 8 Modes "1024x768" "800x600" "640x480" ViewPort 0 0 Virtual 1024 768 EndSubsection Subsection "Display" Depth 16 Modes "800x600" "640x480" ViewPort 0 0 Virtual 800 600 EndSubsection Subsection "Display" Depth 24 Modes "640x480" ViewPort 0 0 Virtual 640 480 EndSubsection EndSection (this is taken from a machine I use on occasion at work.) The first thing to check is the lines starting with Virtual. If you want the virtual resolution to be the same as the screen size, it's easy to do - just get rid of the Virtual line, and it'll be set to the highest resolution listed in the relevant Modes line. (In this case, for 24bpp, it would be 640x480; at 16bpp, 800x600; at 8bpp, 1024x768.) Just be aware that if you've got a 1600x1200 mode at the relevant depth listed, the virtual screen size will stay at 1600x1200. You'd need to get rid of the higher resolution modes in this case. I would strongly recommend you make a backup of your XF86Config file before you mess around with it, though. It's working at the moment; you want to keep it that way :-) All of this is, of course, completely incorrect for MetroX, or any other commercial X server for Linux. Cheers. __________________________________________________________________________ File Size Again... Date: Sun, 6 Jul 1997 13:13:29 -0400 (EDT) From: Tim Newsome drz@froody.bloke.com Since nobody has mentioned it yet: procps (at least version 1.01) comes with a very useful utility named watch. You can give it a command line which it will execute every 2 seconds. So, to keep track of file size, all you really need is: watch ls -l filename Or if you're curious as to who's logged on: watch w You can change the interval with the -n flag, so to pop up a different fortune every 20 seconds, run: watch -n 20 fortune Tim __________________________________________________________________________ syslog Thing Date: Fri, 04 Jul 1997 14:50:08 -0400 From: Ian Quick ian@dot.superaje.com I don't know if this is very popular but my friend once told me a way to put your syslog messages on a virtual console. First make sure that you have the dev for what console you want. (I run RedHat 4.0 and they have them up tty12). Then edit your syslog.conf file and add *.* /dev/tty12. Reboot and TA DA! just hit alt-F12 and there are you messages logged to a console. -Ian Quick __________________________________________________________________________ Ascii Problems with FTP Date: Mon, 7 Jul 1997 15:59:39 -0600 (CST) From: Terrence Martin twm139@missing.link.ca This is a common problem that occurs with many of our Windows users when they upload html and perl cgi stuff to our web server. The real fix for this has been available for years in ftp clients themselves. Every ftp client should have support for both 'Binary or type I' and 'Ascii or type 2' uploads/downloads. By selecting or toggling this option to Ascii mode (say in ws_ftp) the dos format text files are automagically translated to unix style without the ^M. Note you definitely do not want to transfer binary type files like apps or programs as this translation will corrupt them. Regards Terrence Martin __________________________________________________________________________ Running Squake from Inside X Date: Fri, 11 Jul 1997 00:27:49 -0400 From: Joey Hess joey@kite.ml.org I use X 99% of the time, and I was getting tired of the routine of CTRL-ALT-F1; log in; run squake; exit; switch back to X that I had to go through every time I wanted to run squake. So I decided to add an entry for squake to my fvwm menus. To make that work, I had to write a script, I hope someone else finds this useful, I call it runvc: #!/bin/sh # Run something on a VC, from X, and switch back to X when done. # GPL Joey Hess, Thu, 10 Jul 1997 23:27:08 -0400 exec open -s -- sh -c "$* ; chvt `getvc`" Now, I can just type runvc squake (or pick my fvwm menu entry that does the same) and instantly be playing squake, and as soon as I quit squake, I'm dumped back into X. Of course, it works equally well for any other program you need to run at the console. Runvc is a one-liner, but it took me some time to get it working right, so here's an explanation of what's going on. First, the open -s command is used to switch to another virtual console (VC) and run a program. By default, it's going to switch to the next unused VC, which is probably VC 8 or 9. The -s has to be there to make open actually change to that console. Next, the text after the -- is the command that open runs. I want open to run 2 commands, so I have to make a small shell script, and this is the sh -c "..." part. Inside the quotes, I place $*, which actually handles running squake or whatever program you told runvc to run. Finally, we've run the command and nothing remains but to switch back to X. This is the hard part. If you're not in X, you can use something like open -w -s -- squake and open will run squake on a new VC, wait for it to exit, and then automatically switch back to the VC you ran it from. But if you try this from inside X, it just doesn't work. So I had to come up with another method to switch back to X. I found that the chvt command was able to switch back from the console to X, so I used it. Chvt requires that you pass it the number of the VC to switch to. I could just hard code in the number of the VC that X runs on on my system, and do chvt 7, but this isn't portable, and I'd have to update the script if this ever changed. So I wrote a program named 'getvc' that prints out the current VC. Getvc is actually run first, before any of the rest of the runvc command line, because it's enclosed in backticks. So getvc prints out the number of the VC that X is running on and that value is stored, then the rest of the runvc command line gets run, and eventually that value is passed to chvt, which finally switches you back into X. Well, that's all there is to runvc. Here's where you can get the programs used by it: * open: In the open package, from ftp://sunsite.unc.edu/pub/Linux/utils/console/open-1.4.tgz * chvt: Part of the kbd package, from ftp://ftp.funet.fi/pub/Linux/PEOPLE/Linux/kdb-0.94.tar.gz * getvc: I wrote this one, here's the source code, it's easy to compile. I won't go into how it works, because I don't understand it well - I just stole code from somewhere else and hacked it to do what I wanted. /* getvc.c * Prints the number of the current VC to stdout. Most of this code * was ripped from the open program, and this code is GPL'd * * Joey Hess, Fri Apr 4 14:58:50 EST 1997 */ #include #include main () { int fd = 0; struct vt_stat vt; if ((fd = open("/dev/console",O_WRONLY,0)) < 0) { perror("Failed to open /dev/console\n"); return(2); } if (ioctl(fd, VT_GETSTATE, &vt) < 0) { perror("can't get VTstate\n"); close(fd); return(4); } printf("%d\n",vt.v_active); } /* End of getvc.c */ I hope this tip isn't too long! -- see shy jo _____________________________________________________________ Copying a Tree of Files Date: Fri, 18 Jul 1997 00:33:48 +0200 (SAT) From: ixion@ilink.nis.za Hi! First of all, I want to congratulate you with your fine magazine. Although I've been around for quite some time and known about the existance of LG, I've never had the time (or should I say I have been to ignorant) to read it. Well, I finally sat down and started reading all the issues and I must say I'm impressed. Therefore I decided I would show my gratitude by showing you some of my 2c Tips. Enjoy... # Quick way to copy a tree of files from one place to another ----< cptree <---- #!/bin/sh if [ $# = 2 ] then (cd $1; tar cf - .) | (mkdir $2; cd $2; tar xvfp -) else echo "USAGE: "`basename $0`" " exit 1 fi ----< cptree <---- # Quick way to move a tree of files from one place to another ----< mvtree /dev/null MPFILE="empty" chmod -x * for MPFILE in $FILELIST do if [ -e $MPFILE ]; then mv $MPFILE "`echo "0$MPFILE"`"; fi done fi ----< fixnum /dev/null if [ $BYTES -lt 0 ] then KBYTES=`du -ks | cut -f1` 2> /dev/null else KBYTES=`expr $BYTES / 1024` fi MBYTES=`expr $KBYTES / 1024` GBYTES=`expr $MBYTES / 1024` echo "" if [ $BYTES -gt 0 ]; then echo " $BYTES bytes"; fi if [ $KBYTES -gt 0 ]; then echo " $KBYTES KB"; fi if [ $MBYTES -gt 0 ]; then echo " $MBYTES MB"; fi if [ $GBYTES -gt 0 ]; then echo " $GBYTES GB"; fi echo "" ----< space /dev/null else ZIPLIST="$@" fi ZIPFILE="garbage" for ZIPFILE in $ZIPLIST do unzip -L $ZIPFILE done rm -f $ZIPLIST 2> /dev/null ----< unzipall Okay, now for some Window manager tips. Since '95 microsoft has launched a '95 keyboard campaign and in the process a lot of people (including me) have ended up with keyboards containing those silly, useless buttons. Luckily I've put them to good use. To give them the same functions in your window manager as in doze 95, just follow the instructions: Edit ~/.Xmodmap and add the following lines: keycode 115 = F30 keycode 116 = F31 keycode 117 = F32 Now, edit your window manager configuration file and bind those keys. Here is the proper keybindings for fvwm95 and afterstep respectively # Fvwm95 (edit ~/.fvwm2rc95) Key F30 A A CirculateDown Key F31 A A CirculateUp Key F32 A A PopUp "Utilities" # Afterstep (edit ~/.steprc) Key F30 A A CirculateDown Key F31 A A CirculateUp Key F32 A A PopUp "HotList" Just remember that PopUp "Utilities" and PopUp "HotList" should be replaced by your actual popup menus. If you don't known what I'm talking about, just browse through your configuration file and read the comments - It'll become clear very soon. I guess that's all for now. I've got some other (more useful) scripts and tips, but they are either system specific or just to large to include here and if I don't stop now, you'll need a seperate issue just for my tips. Cheers ixion __________________________________________________________________________ Using shar + RCS to Backup Set of Source Files Date: Wed, 23 Jul 1997 09:28:24 -0300 From: Mario Storti mstorti@minerva.unl.edu.ar Hi, RCS (see rcs(1)) is a very useful tool that allows to store versions of a file by storing only the differences between successive versions. In this way I can make a large amounts of backups of my source files but with a negligible amount of storage. I use it all the time, even for TeX files!! However, when you are working with a set of source files (*.c, shell or Perl scripts, I work mainly with Fortran .f and Octave *.m files) what I want is to make backups of the whole set of files in such a way that you can recover the state of the whole package at a given time. I know that there is a script called rcsfreeze around, but I know that it has problems, for instance if you rename, delete or create new files, it is not guaranteed to recover the same state of the whole set. I found a solution that seems to be simpler and is working for me: I make a `shar' of the files and then a version control of the shar file. (see shar(1)). Shar is a file that packs a set of text files in a single text file. It has been used since a long time to send set of files by e-mail. It would be easy to write a script for this, but I prefer to include the shell code in a Makefile. The commands to be issued each time you want to make a backup are: $ co -l source.shar $ shar *.m Makefile >source.shar $ ci -m"save package" source.shar Here *.m and Makefile is the set of files that I want to backup periodically. (I want to point out that RCS version control is far beyond the simple fact of making backups: It serves to manage files to be worked by different people, etc... Here I'm using a very small subset of the utilities of RCS.) Hope this could be of use for someone else. It would be nice also to hear of other solutions, Mario __________________________________________________________________________ Learning Experience Date: Wed, 23 Jul 1997 15:53:31 -0500 From: Debie Scholz debie@sirinet.net If you have a ps2 style mouse and the /dev/psaux gets deleted you must do a MAKEDEV busmice but it doesnt make a psaux it makes a psmouse so you must make a symbolic link to psaux.; Debie Scholz Sirius Systems Group, Inc. __________________________________________________________________________ LG #19, Grepping Files Comments Date: Wed, 30 Jul 1997 08:35:46 +0200 (MET DST) From: Werner Fleck Werner.Fleck@prompt.de Hi! I have read all the 2c tips on grepping files in a directory tree but I think all missed the ultimate tool for this: a perl script named ``mg''. With this you can: + grep in many types of compresses archieved files e.g. tar'ed, ar'ed, compressed, gzip'ed, zoo'ed, lha'ed... + grep binary files + grep only text files + recursive grep in a directory tree + filename pattern matching + regular expresions + option case insensitive match + and many many more Although it is written in perl it is very fast - I used it now for many years and it works wonderful for me. FTP search results Hardware by Opticom ASA, ITEA and IDI. Network by UNINETT. This server is located in Trondheim, Norway "Exact search" for "mg-2.16" 1 -r--r--r-- 38.8K 1996 Oct 2 ftp.nuie.nagoya-u.ac.jp /languages/perl/sra-scripts/mg-2.16 2 -rw-r--r-- 38.8K 1995 Nov 16 ftp.et-inf.fho-emden.de /pub/.mnt2/perl/sra-scripts/mg-2.16 3 -rw-r--r-- 38.8K 1996 Oct 3 ftp.hipecs.hokudai.ac.jp /pub/LANG/perl/utashiro/mg-2.16 4 -rw-r--r-- 38.8K 1997 Mar 4 ftp.st.ryukoku.ac.jp /pub/lang/perl/mg-2.16 5 -r--r--r-- 38.8K 1996 Oct 2 ftp.elelab.nsc.co.jp /pub/lang/perl/scripts.sra/mg-2.16 6 -r--r--r-- 38.8K 1996 Oct 3 ftp.sra.co.jp /pub/lang/perl/scripts/utashiro-scripts/mg-2.16 7 -r--r--r-- 38.8K 1996 Oct 3 ftp.sra.co.jp /pub/lang/perl/sra-scripts/mg-2.16 8 -rw-r--r-- 38.8K 1995 Nov 16 ftp.fujitsu.co.jp /pub/misc/perl/sra-scripts/mg-2.16 9 -r--r--r-- 38.8K 1996 Oct 2 ftp.eos.hokudai.ac.jp /pub/tools/sra-scripts/mg-2.16 9 reported hits 0.018 seconds prospero 0.018 seconds HTTP 0 partial writes. DONE FTP search, Copyright © 1994-1997 Tor Egge Greetings, Werner __________________________________________________________________________ Published in Linux Gazette Issue 20, August 1997 __________________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next __________________________________________________________________________ This page maintained by the Editor of Linux Gazette, gazette@ssc.com Copyright © 1997 Specialized Systems Consultants, Inc. "Linux Gazette...making Linux just a little more fun!" __________________________________________________________________________ News Bytes Contents: + News in General + Software Announcements __________________________________________________________________________ News in General __________________________________________________________________________ SAL--Scientific Applications on Linux If you are looking for a great collection of software information relating to science and engineering be sure to take a look at SAL -- the Scientific applications on Linux page. The page contains broad converage of different advancements adn points of interest in the Linux community. There are currently 1250 software entries at the SAL page! Luckily if you are looking for something specific, you may choose to search the Linux Applications. There are also sections which will help you find what you need. There are sections from Mathematics to Office Software and Numerical Analysis to Computer Graphics. Not only can you roam around the page looking at all of the applications, but you have a chance to make contributions of your own to the page. Don't miss the new and improved SAL at http://SAL.KachinaTech. COM. You'll be happy you visited. __________________________________________________________________________ Readers' Choice Awards Vote in Linux Journal's 1997 Readers' Choice Awards! Linux Journal, the Premier Linux Magazine, is conducting its annual poll of Linux users. Vote for your favorites in twenty different categories including: Most desired upgrade, favorite shell and most indispensible Linux book. The voting will take place on the Linux Journal web site from July 11th through August 26th. To place your vote simply go to http://www.ssc.com/lj/readchoice.html and follow the directions there. Please do not submit more than one form because all duplicate entries will be deleted. Results will be published in the December issue of Linux Journal (on newsstands early November). Subscriptions to Linux Journal are available by calling our toll free number (in the US/Canada) 888 66 LINUX or over our web page at http://www.ssc.com/lj/. __________________________________________________________________________ Check Out This Site! Take a look at http://www.m-tech.ab.ca/linux-biz. This page contains a list of commercial sites that use Linux for business. Check out all of the Linux users at work! __________________________________________________________________________ Software Announcements __________________________________________________________________________ Evolution Scheduler Check out Evolution Scheduler. The Evolution Scheduler is based on Genetic Algorithms and Evolutionary Programming. This scheduler can live with original Linux priority scheduler. This means you don't have to reboot to change the scheduling policy. You may switch between them at any time just by a simple command, say, esep -cp 3. A manager program esep(Evolution Scheduling and Evolving Processes), with which you can do scheduling administration job is provided. If you are interested, see http://sunsite.unc.edu/pub/Linux/kernel looking for "esep-1.2.tgz" and "esep-1.2.lsm" or visit Jinlong Lin's homepage at http://www.iit.edu/~linjinl/esep.html __________________________________________________________________________ Alien Make sure you get a peek atAlien, a new program that convert between the rpm, dpkg adn slackware tgz file formats. In order to use Alien you need Perl 5 or greater and the Getopt::Long perl module installed in your system. Take a look! __________________________________________________________________________ Apache-SSL Take a look at Apache-SSL. It is a secure web server based on Apache and SSLeay. It is free for use with copyright notices and you can get it at The Oxford University FTP site. __________________________________________________________________________ GNU Midnight Commander The GNU Midnight Commander is a Unix file manager and shell, useful to novice and guru alikes. Version 4.0 has many enhancements. See http://mc.blackdown.org/mc4 for the list of seventy download sites GNU Midnight Commander is also included on most CD-ROMs containing GNU software and we expect the publishers of these CD-ROMs to include MC version 4.0 when they publish a next version of their CD-ROM. See also the GNU Midnight Commander website at http://mc.blackdown.org/mc/ __________________________________________________________________________ Watchdog Watchdog is a daemon that checks if your system is still working. If programs in user space are not longer executed it will reboot the system. A few new features in 3.0 include: + Test the system load average and reboot if it is too high. + Added network mode: soft reboot is initiated if a given network/host does not answer. + Use user provided test binary. + Halt the system if temperature is too high, but send mail to the sysadmin prior doing that. Watchdog is available from: tsx-11.mit.edu /pub/linux/sources/sbin sunsite.unc.edu /pub/linux/system/daemons ftp.debian.org /pub/debian/development/source/misc As of the end of July, O'Reilly and Associates have the domain http://www.oreilly.com. The company figured it would be easier to remember than their previous domain. Check out their site! __________________________________________________________________________ Published in Linux Gazette Issue 20, August 1997 __________________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next __________________________________________________________________________ This page written and maintained by the Editor of Linux Gazette, gazette@ssc.com Copyright © 1997 Specialized Systems Consultants, Inc. "Linux Gazette...making Linux just a little more fun!" __________________________________________________________________________ The Answer Guy By James T. Dennis, jimd@starshine.org Starshine Technical Services, http://www.starshine.org/ __________________________________________________________________________ Contents: + Security Issues + All Those Little % Thingies + Follow-Up to NT and Linux Article + Active X for Linux/Unix + Mounting Disks Under Red Hat 4.0 + PPP Problems + Z Protocol + Video Cards + Linux and Zip Drives + Red Hat CD Problem + Cookies + New Hard Disc + Random Crashes + gcc and Slackware Question + LILO + Printing Problems + Linux Disk Support + Renaming Problems + X Locks Monitor + Using JDK 1.1 for Solaris x86 on Linux + Colormap Question + More on LILO + 95 GUI + A Letter of Thanks + STO/1/O2 SCSI Card + Booting Linux + Kernel Panics on root fs __________________________________________________________________________ Security Issues From: Marcus Hufvudsson talos@algonet.se Greetings Linux guru! I recently read the Linux Journal May edition and some people had some serious security problems. I got some of them to, and in your answer to one you recommended the "Tripwire" program for more security. I hope you don't mind me mailing you (got the address from the article). Anyway you recommend ftp.cs.perdue.edu for downloading. But when I tried to connect it didn't respond. Do you know any mirrors or any other ftp that contains Linux security tools? - talos (root today, gone tomorrow) There was a typo in that article. It WAS supposed to be ftp.cs.purdue.edu -- but is now supposed to be at ftp://coast.cs.purdue.edu/pub/COAST (they've been moved). Here's the full URL to Tripwire: ftp://coast.cs.purdue.edu/pub/COAST/Tripwire You should definitely browse around and read some of the other papers -- and try some of the other tools out there at the COAST (computer operations and security tools?) archive. Sadly it seems to be neglected -- the whole "tools_new" tree is dated "October, 1995" and is empty. All of the good stuff there is under: ftp://coast.cs.purdue.edu/pub/tools/unix (including symlinks that lead back to the Tripwire package). Apparently they don't do anything with the FTP site because the real work as gone into their web pages at: http://www.cs.purdue.edu/coast/archive/Archive_Indexing.html Another more recent effort which will be of more direct interest to Linux admins is: http://skynet.ul.ie/!flynng/security/The Irish Computer Security Archives ... with the following being of particular interest: http://skynet.ul.ie/~flynng/security/bugs/linux/ ... and: http://skynet.ul.ie/~flynng/security/tools Another good site (recently moved) is at: http://www.aoy.com/Linux/SecurityThe Linux Security WWW ... where I particularly like: http://www.aoy.com/Linux/Security/OtherSecurityLinks.html One of these days I'm going to annotate the 600 or so links in my main lynx_bookmarks file and post it to my own web pages. But -- not this morning (3 am). I spend so much time doing TAG (The Answer Guy) and other mailing list and newsgroup stuff that I never get to my own web pages. However the patch that I created to allow Tripwire to compile cleanly under Linux is on my ftp site and a link can be found somewhere under http://www.starshine.org/linux/ (I really have to organize those pages one of these days). -- Jim __________________________________________________________________________ All Those Little % Thingies To: Jonathan Albrecht albrecht@algorithmics.com When setting your prompt or dates or app-defaults you sometimes need those little %N, or %d, or %m substitution thingies. What are they and where can I get a list of what they mean? They are "replaceable parameters" and are used by a variety of shells and applications. They differ for each shell or application. For example I use bash -- and my prompt is: PS1=[\u@\h \W]\$ Which looks like: [jimd@antares jimd]$ When I'm in my home directory and logged in as jimd and would look like: [root@main local]# If I was 'root' on the host "main" and in the /usr/local directory. zsh, and tcsh also have similar "meta sequences" for their shell prompts. Just read the man pages for your shell and search for "prompt." X app-default and other xrdb (X Windows resource database) entries are pretty mysterious to me. But I imagine that the info about these sequences is mostly in their man pages somewhere. I'm sure it's all in the sources. The %d syntax is most often seen in the C programming language's printf() and scanf() functions. There are various "format specifiers" that dictate how a particular argument will be formatted. This includes information about whether a value will be displayed as a decimal number, a string, a hexadecimal value -- and how wide the field will be, whether it will be left or right justified -- etc. The \c syntax is also used in C for inserting "non-printing" characters -- like newlines, tabs, and for specifying ASCII characters by octal or hexadecimal value. Since programmers are used to this syntax in their code they often use a similar syntax when they write scripting languages (shells) and when they design the configuration file syntax for their applications. I'm sorry there's no "single source" or reference of all of these. However there isn't. You'll just have to hunt through the docs and man pages for easy of the apps and utilities that you're interested in. __________________________________________________________________________ Follow-up To NT and Linux Article From: Cyrille Chepelov chepelov@rip.ens-cachan.fr So far I've had the good sense to stay away from striping under NT and Linux. I've heard that the ccd code for FreeBSD is pretty stable, though. Well, my linux partition is used This sounds like a typically ignorant design decision. It seems to say to the world: "Standards are for weaklings -- we don't need to follow them -- even when we created them!" Sure, even if they did it unilaterally, it was up to them to at least loudly publicize what they did. I disagree. "Unilateral" is completely anathema to "Industry Standards." It is totally arrogant to speak for an industry. (We won't cover the issue of government regulatory bodies making determinations in a "unilateral" way -- since those aren't "industry standards" they are "government regulations"). Publicizing that you are violating industry standards doesn't improve interoperability. What other reason is there to create and publish a "standard" (even an ad hoc one). If they think there's a real need to put proprietary information in the very first sector of the disk (the spot reserved for the MBR -- then perhaps they should announce that these disks won't have PC partitions at all. It then becomes a "all NT or nothing" decision for each disk. I don't think there is such a need -- and I think their approach displays either a gross lack of consideration, creativity and foresight -- OR -- a deliberate act of hostility to those unruly customers who would dare use any "other" operating systems on "their" NT boxes (or maybe a little of each -- some from the programmers and some of the QA teams). Microsoft can cop out with a line like: "We don't intend that NT Servers should be installed systems with other operating systems -- it is intended for dedicated systems." It would irritate me. But I'm not one of their "important" customers anyway. Since most platforms outside of the PC market have an OS that's supplied by the vendor -- there isn't an expectation that those system will allow multiple operating systems to co-exist on the system (much less on the same drive). However, in the PC market there is that expectation -- and has been for over fifteen years. IBM and Microsoft created that expectation (to co-exist with CP/M-86 and the UCSD p-system if my memory and reading of the history is correct). Naturally the obvious place to put this sort of information would be in the logical boot record (what Unix/Linux refers to as a "Superblock"). This would only cost NT's code a few extra disk seeks at boot time -- seeks that it has to do anyway. The reason (IMHO) why they put it in the MBR is that even an unpartitioned disk gets its ID. The ID is here for the disk, not the partition -- so it makes less sense to put it in the S-block (even if that sounds safer, cohabitation-wise. Those IDs are what they are -- disk IDs, not partition IDs.) Classically an OS should ignore an unpartitioned disk. Why should the disk have an ID if it has no partition? If the purpose is to provide unique identification of filesystems so that the striping and mounting mechanisms won't fail as new drives are added to the system -- then you need a partition ID -- and you don't care about disk ID's at all. Additionally you want enough information stored in that ID to minimize the chance of inadvertent duplication and collision (for cases when we move a drive from one system to another). Finally your mounting/mapping utilities should be robust enough to allow you to mount any of these stripe segments and get what you can off of them. This sounds robust. NOT! Just what I want -- double the failure points for every volume. Regardless of the OS, whenever you stripe, you double the possibility of not being able to mount. Not mounting at all (or mounting read-only) when something goes wrong can not be a blamable decision ! (and in the case of striped sets, mounting r-o makes little sense, since all structures are dispatched on both disks) I can certainly "blame" a company for any deficiency that I perceive in their software. I select software to meet *my* requirements. Therefore I am the ultimate judge of what is a "deficiency." My requirements for striping say that the loss of one segment or element in a striped set should not entail the loss of the data on the remaining segments. If no currently available striping system meets that requirement I'll avoid the use of the technology. This means that a striping system should distribute "superblocks" and inode and directory entries in such a way as to keep them localized to the same segment as the data to which they apply (or duplicated on all segments). (I realize that duplicating directory information on all segments may be costly -- and I understand that data files may cross multiple segments. Those are implementation details for the author(s) of the file system). Out of curiosity: How many different striping systems have you used? The phrase "Regardless of the OS" seems awfully broad. I will plead complete inexperience with them. My take on the term is that it refers to any technique of making multiple drives appear as a single file system (or volume) that doesn't involve redundancy (RAID) or duplication (mirroring/duplexing). Is there a standard that specifies more implementation details? (i.e. does my set of requirement some how NOT qualify as a "striping" system). Well, now that Microsoft has "spoken" we're probably all stuck with this [expletive omitted] forever. Please consider mailing a copy of your message and your patches to the LILO and fdisk maintainers. The problem is : where are they (I tried to send it once, a few month ago, to an address which was given me as W. Almesberger's, but to no avail). In my fdisk man page I see the following (under Authors): A.V. Le Blanc. v1.0r: SCSI and extfs support added by Rik Faith. v1.1r: Bug fixes and enhancements by Rik Faith, with special thanks to Michael Bischoff. v1.3: Latest enhancements and bug fixes by A. V. Le Blanc, including the addition of the -s option. v2.0: Disks larger than 2GB are now fully supported, thanks to Remy Card's llseek support. So it would seem that Rik Faith, Mr. Le Blanc, Michael Bischoff would be good choices. The address I see for Werner Almesberger is: --Jim __________________________________________________________________________ ActiveX for Linux/Unix From: Anders Karlsson andersk@lysator.liu.se Hi, I read an article in the Linux Gazette where the author hadn't found any evidence for the rumors about ActiveX for Unix. By mistake I found a press release from M$ about this. I believe what I said was that I had heard the same rumor -- but that the search engine at www.microsoft.com couldn't find any reference to Linux at all. I don't know who (if any) is interested in this, but you can find it on: http://www.microsoft.com/corpinfo/press/1997/mar97/unixpr.htm Yes. I see. This basically says that the job was farmed out to Software AG (http://www.sagus.com) which has a release schedule at: DCOM Availability Schedule http://www.sagus.com/Prod-i~1/Net-comp/dcom/dcom-avail.htm Let's hope that this isn't the beginning of a new M$-invasion, against a new platform or market, our Linux. Luckily there's not much MS can do about Linux. They can't "buy it out." -- They can pull various stupid stunts (like tossing new values into partition tables, trashing ext2 filesystems, even exerting pressure on hardware manufacturers to develop and maintain proprietary adapters that require Microsoft written drivers). These will just make them less interoperable. IBM tried stunts like this in the early days of the PC cloning. However I think the cat is out of the bag. All we as a community have to do is clearly continue our own work. When you buy a new computer -- as for Linux pre-installed (even if you plan on re-installing it yourself). If you don't plan to use Windows '95 or NT on it -- demand that it not be included in the price of your system and -- failing that -- VOTE WITH YOUR FEET! Recently I saw an ad on CNN for Gateway. The ad went on about all the options that were available and encouraged me to call for a custom configured system. Since I'm actually looking at getting a small system for my mother (no joke!) I called and asked if they could pre-install Linux. Now I will hand it to the sales dude -- he didn't laugh and he didn't stutter. He either knew what I was talking about or covered up for it. Naturally the answer was: "No. We can't do that." There are places that can. Two that come to mind are: * VA Research * PromoX (Warning for Lynx users -- both of these sites use frames and neither bothers to put real content in the "noframes" section -- Yech!) There are several others -- just pick up any copy of Linux Journal to find them. Granted this is a small niche now. However, it's so much more than any of us back in alt.os.linux (before the comp.os.linux.* hierarchy was established) thought was possible just four years ago. Even two years ago the thought of buying a system and putting Linux on it -- to send to my MOTHER (literally, NO computer experience) would have been totally absurd. Now it's just a little bit of a challenge. What's exciting to me is the prospect that Linux may make it mostly irrelevant what hardware platform you choose. Linux for the Alpha, for SPARC, and mkLinux for PowerMacs gives us back choices -- at prices we can dream of. It's easy to forget about the hardware half of the "Wintel" cartel. However, the hardware platform has had severe design flaws from the beginning. Hopefully we'll see some real innovation in these new hardware platforms. [The introduction of the IBM PC back in '81 caused the "great CP/M shakeout." It also caused me to take a 5 year hiatus from the whole industry -- out of disgust with the poor design of the platform. Even as a high school student I saw these flaws] -- Jim __________________________________________________________________________ Mounting Disks Under RedHat 4.0 From: Bruce W. Bigby bbigby@frontiernet.net Jim Dennis wrote: The really important question here is why you aren't asking the support team at RedHat (or at least posting to their "bugs@" address). This 'control-panel' is certainly specific to Red Hat's package. Well, I've tried communicating with RedHat and had problems. I registered and everything and tried to get support via e-mail. Something went wrong, although I followed their instructions, for reporting problems, exactly. At the time, I was at work when I read your web page and decided to give you a try. Thanks for all of the information! I hope it helped. I too have been unsatisfied with Red Hat's level of support. Not that I expect alot of complex personal attention for a package that only costs $50 -- but I was calling representing the US Postal Service's Data Processing Center -- and I was willing to put up about $50/hr for the support call(s). Alas they just didn't have the infrastructure in place. Yggdrasil has a 900 line for support -- and Adam Richter has been doing Commercial Linux longer than just about anyone else (SLS might have been there earlier -- but I haven't heard anything about Soft Landing Systems in years). Yggdrasil also publishes _The_Linux_Bible_ and has a video cassette tutorial on Linux. Unfortunately I haven't installed a copy of their distribution, Plug and Play Linux, for a couple of years. Slackware and later Red Hat seem to have won the popularity contest in recent years -- and Unfortunately I've never used Yggdrasil's tech support services. So I can't give a personal recommendation. They do have two pricing plans ($2.95/min. US or $100 (US) for one "guaranteed" issue resolved) and they do mention that the support is available to Linux users regardless of what distribution you're using. Usually I've managed to bang my head on problems hard enough and long enough that they crack before I do. So I haven't needed to call yet. One would hope that -- with my "reputation" as "The Answer Guy" -- I'd be able to stump them. However Adam Richter has been at this a lot longer than I have -- and was selling Linux distributions before I'd even heard of Linux -- when I was barely starting to play with a used copy of Coherent. So, maybe the next time I have a headache I'll give them a call. I think I'm still entitled to one freebie for that subscription to Plug & Play from a couple of years ago. Meanwhile, if anyone else has used this service -- or has been using any other dial-in voice support service for Linux -- please let me know. I'll try to collate the opinions and post them in an upcoming issue of LG. For details look at: http://www.yggdrasil.com/Support/tspolicy.html [Note: I don't have any affiliation with Yggdrasil or any other Linux vendor -- though several of them are located within a few miles of my home and I do bump into principals for a couple of them at local users groups and "geek" parties] Another company that offers Linux (and general Unix) support and consulting is Craftworks I've worked with a couple of their consultants before (when I was a full time sys admin and they were providing some on site expertise to handle some overflow). They don't mention their prices up front (which forces me to suspect that they are at least as expensive as I am). I'm also not sure if they are available for short term (1 and 2 hour) "quickshots." I suppose I should also mention that I'm the proprietor of Starshine Technical Services. My niche is providing support and training for Linux and Unix system's administrators. I also offer off site support contracts (voice, and dial-up or via the Internet using ssh or STEL). Normally I don't "push" my services in my contributions to Linux Gazette -- I just do this to keep me on my toes. -- Jim __________________________________________________________________________ PPP Problems From: Chris Bradford reynard@gte.net I have tried and failed to get a fully working ppp link up with GTE Internet Services. When I start pppd manually after dialing in using MiniCom, it'll start the link, and ifconfig shows that it's up and running. However, when I try to ping any site other than the peer, I get a 'Network Unreachable' error on every single packet that ping tries to send out. I'm using Slackware 3.2 w/ pppd v2.2f on a 486SX w/ 8MB of RAM and a 14.4K bps modem on /dev/cua3. What's your advice to me? What does your routing table look like? (Use the command netstat -nr to see that). Your ppp options file (usually /etc/ppp/options) should have a default route directive in it. That will set the ppp0 link as your default route. That's usually what "network unreachable" means. You'll also need to have a proper value in your /etc/resolv.conf. This is the file that your "resolver libraries" use to figure out what DNS server they should ask to translate host/domain names into IP addresses. Basically all applications that do any networking under Unix are linked with the resolver libraries. -- Jim __________________________________________________________________________ Z Protocol From: Gregor Gerstmann gerstman@tfh-berlin.de Hi Mr. Jim Dennis, Thanks for your e-mail remarks in reply to my remarks regarding file transfer with the z protocol in Linux Gazette issue17, April 1997. In the meantime I received an e-mail that may be interesting to you too: Hello! I noticed your article in the Linux Gazette about the sz command, and really don't think you need to split up your downloads into smaller chunks. The sz command uses the ZMODEM protocol, which is built to handle transmission errors. If sz reports a CRC error or a bad packet, it does not mean that the file produced by the download will be tainted. sz automatically retransmits bad packets. If you have an old serial UART chip ( 8250 ), then you might be getting intermittent serial errors. If the link is unreliable, then sz may spend most of its time tied up in retransmission loops. In this case, you should use a ZMODEM window to force the sending end to expect an `OK' acknowledgement every few packets. sz -w1024 Will specify a window of 1024 bytes. I'm familiar with some of the tweaking that can be done -- and the fact that it is a "sliding window" protocol. However I still maintain that Kermit is more reliable and gets better overall throughput over an unreliable connection. Also ZModem is designed for use on 8-bit serial lines. Kermit can be used easily over TCP connections and on 7-bit serial connections. You could definitely use the C-Kermit package from Columbia University however. The Kermit implementations from other sources are usually reliable enough -- but slower than molasses compared to the "real" thing. __________________________________________________________________________ Video Cards From: Pedro Miguel Reis reis@aaubi.ubi.pt Hi Jim. I have a simple question to you :) ! How can i put my video card to work under Linux ? Its an Intel Pro-share. I would like to save a jpg pic every 1 or two secs. Thx for your time. The Intel ProShare is a video conferencing system. These are normally not called "video cards" in the context of PC's because the phrase "video cards" is taken to refer to one of the cards that drives your video display for normal applications and OS operations (i.e. a VGA card). There are several framegrabbers that are supported under Linux. However it doesn't appear that the Intel ProShare is supported under any for of Unix. Of course that's just based on a few searches of their web site -- so it's not from a very reliable source on the subject. (I swear, the bigger the company the worse the support information on their web site. You'd think they'd like to trim some of the costs of tech support that their always griping about). Naturally you should contact their support department to verify this (or be pleasantly surprised by its refutation). Here's a couple of links I found that are related to video capture using CU-SeeMe (a competing technology to Intel's ProShare): * How to do CU-SeeMe under Linux * QSeeMe 0.7a -- CU-SeeMe for Linux Basically CU-SeeMe uses "off the shelf" video cams -- like the Connectix QCam (which goes for about $100 in most places). It also uses any of several sound boards. Unfortunately the simple answer to your question may bd desktop camera. -- Jim __________________________________________________________________________ Linux and Zip Drives From: midian@home.ifx.net Can you tell me if it is possible to set up a Linux system on a Zip disk and where I could find info on doing this? I found a file that It should be possible. I don't know where you'd find the info, though. I'd start by looking at the Linux HOWTO's collection. There is a HOWTO on Zip Drives with Linux (even the parallel port version is supported). I'd look at putting DOSLinux on an MS-DOS formatted (FAT) Zip disk. DOSLinux is a very small distribution (about 20Mb installed) which is designed to be installed on a DOS filesystem. It uses LOADLIN.EXE (which I've described in other "Answer Guy" articles) which basically loads a Linux kernel from a DOS prompt -- and kicks DOS out from under itself. You can find that collection of HOWTO's at: http://sunsite.unc.edu/LDP/HOWTO/ (and various mirrors). You can also find a copy of DOSLinux at 'sunsite' and most mirrors. I use DOSLinux on my laptop (an OmniBook 600CT) and my only complaint has been that it wasn't configured to support the power management features of my laptop. Frankly I'm not even sure if Linux' APM support will work with the Omnibook at all. I've heard that the PCMCIA adapter is basically too weird for them (which is a real bummer to me). You have to watch out if you get a copy of DOSLinux. The maintainer, Kent Robotti, has been making frequent sometimes daily changes to it (or was a couple of months ago). describes this process IF you have a pre-existing Linux system to install from. I am running a Win95 system with absolutely no hard drive space available. Thanks for any info. Are you sure you can't even squeeze twenty or thirty meg? With that you can get DOSLinux installed on your normal hard drive -- which is likely to offer much more satisfactory performance. The ZIP drive is likely to be a bit too slow at loading programs, share libraries and DREADFUL if you do any swapping. Of course if you boot Linux from a Zip disk (or using the "live filesystem" offered by some CD's) you can mount your DOS (Windows '95) partition(s) and create a swap file there. Although most people use swap partitions -- Linux will allow you to create swap *files* (see the 'mkswap' and 'swapon(8)' man pages for details). Note: since you don't have a copy already installed I realize that you don't have the man pages handy -- however you can read those man pages by looking at: http://www.linuxresources.com/man.html The 'swapon(8)' refers to the man page that's in section 8 (system administration tools) of the system. That's necessary because there's also a man page in section 2 (system calls) which the man command will normally display in precedence to the one you want. So you use a command of the form 'man 8 swapon' to tell the manual system which one you mean. This is unnecessary with most commands since most of the ones you'd be looking for -- most of the time -- would be the "user commands" in section one. Also most of the administrative commands, like mkswap, don't have functions with a conflicting name. This is just one of those quirks of Unix that old hands never think of while it gets novices climbing the walls. When you use the online man pages at ssc.com (the publisher of the Linux Journal and the Linux Gazette) the form is a little confusing. Just check the "radio button" for "( ) Search for a command" and put "8 swapon" (a digit eight, a space, and the word "swapon") in the text field (blank). Ignore the "Section Index" and the section selector list below that. Lastly, I'd like to make a comment about running Linux with "absolutely no disk space" DON'T! With hard disks as cheap as they are now it doesn't make any sense to try to learn an advanced operating system like Linux without plenty of disk space. Buy a whole hard disk and add it to your system. If you already have two IDE drives -- see if your controller will support four. Most EIDE controllers have two IDE channels -- which allow two IDE drives each on them. If you have a SCSI controller than it seems *very* unlikely that you'd have the whole chain full. (My old 386 has an old Adaptec 1542C controller on it -- with three hard disks, a magneto optical, a DAT autochanger tape drive, a CD drive and a CD writer. That's full! But, while other people have been buying 486's, then DX2's, then Pentiums, and upgrading their copies of Windows and Office -- I've been filling out my SCSI chain -- so that's a five year accumulation of toys!) If you really can't afford $200 on a new hard drive -- ask around. You might find a friend with a couple of "small" (200 Mb) drives around that they can't use. I have a couple myself (spare parts drawer). If you try to run Linux with no disk space you probably won't be satisfied. You can install a base system (no X Windows, no emacs, no kernel sources, no dev. tools, no TeX) in a very limited disk space. That's fine if you know exactly what the system is going to be used for. It's perfect for routers, gateways, and terminal servers -- and I see people putting together a variety of custom "distributions" for these sorts of dedicated tasks. I've even heard that some X Terminals (diskless workstations) use Linux with etherboot patches. In ;login (the magazine for members of USENIX/SAGE -- professional associations of Unix users and Sys Admin's) someone described their use of Linux as a method for distributing software updates to their Win '95 boxes across their networks. Apparently they could squeeze just enough onto a Linux boot floppy to do the trick. However, I'm guessing that your intent is to learn a new OS. For that you want a more complete installation -- so you can play with things. -- Jim __________________________________________________________________________ Red Hat CD Problem From: Vivek Mukherji vivekmu@del2.vsnl.net.in I bought a book on linux titled "Using Linux,Third Edition by Que Inc." It had Redhat CDROM with it, but when i tried to install it, it did not recognize the REDHAT CD though it previously made the boot disk and supp disk from the CD. It gave the following error after asking me for source of media i.e. from which drive or local CDROM or FTP or NFS I am going to install it.The error message was: "That CDROM device does not seem to contain Redhat CD in it " There seems to be no damage on the CD i.e. no physical damage.I think there must be some other way to install it after all i have paid US$ 60 Dollars for that book. please reply me soon. yours truly Vivek Mukherji When you select "CD-ROM" as your installation medium -- what interface are you having the setup program attempt to use? When you use the CD to create your boot and supplemental diskettes you are presumably using DOS -- which has its own drivers to access the CD. There are many sorts of CD-ROM drives: * SCSI: the most widely interchangeable; almost any SCSI CD-ROM drive will work with most SCSI host adapters; I've never heard of a SCSI CD-ROM drive that failed to work with Linux *supported* SCSI host adapter but would work under any other OS) * ATAPI:the IDE hard drives were originally called "AT" drives. They put all the drive "intelligence" on the drive itself (rather than in the controller which was the rule for ST-506 -- MFM and RLL drives). IDE is BIOS (firmware/register level) compatible with the ST-506 interface (although the cabling and electronics are completely different. So no software drivers were necessary to support IDE hard drives. Since the AT (286) BIOS supported the ST-506 interface (WD8003 controller) the IDE controllers didn't even need a ROM extension (such as the ones found on most SCSI controllers). CD-ROM and tape drive support came a few years after the IDE interface became popular for hard drives. ATAPI is an ad hoc standard between those interfaces and these other types of drives. It is an "applications programming interface" to which the drivers must be written. Typically all support for ATAPI CD-ROM and tape drives must be done in software. EIDE is a set of enhancements to the IDE spec. The most notable enhancement is the ability to support drives larger than 528Mb (which was the old BIOS limit of 1024 cylinders by 63 sectors by 16 heads). This is usually done via extended ROM's on the controller, or enhanced BIOS ROM's on the motherboard -- or possibly via software drivers (which are OS specific, naturally). In addition to those to types of CD-ROM drive there are a variety of proprietary interfaces such as the Mitsumi (very popular for a while -- as it was the cheapest for a while), Sony, Wearnes/Aztech, and others. Linux supports a very wide variety of these interfaces. However -- it's vital to know what you have. You also might need to know "where" it is. That is to say you might need to know I/O port addresses, IRQ's, DMA settings or parameters. You might also need to pass these parameters along to the kernel as it boots. Another issue is the version of your distribution. Most books are printed in large batches -- so they have a long "shelf life." Most Linux distributions change a couple of times a year. Red Hat, in particular, seems to be putting out a new version every 2 or 3 months. Most of these include significant improvements. So your money is probably much better spent on the distribution itself rather than trying to get a "bargain" in a book and CD combination. Specifically I recommend buying any book solely on it's merits. I don't approve of CD's full of software included with a book unless the software has been stable for some time. CD's with sample code, HTML and searchable text copies of the books contents, clip art or fonts related to the book, even large bookmark files of related web sites, custom software by the authors -- those are all excellent ideas; otherwise it's shovelware that adds a buck to the production costs (fifty cents for the CD and another fifty cents for the little glue-on vinyl holder and the additional handling) -- and twenty bucks to the price. So, another thing to try is a copy of the latest Red Hat (4.2) or Debian or whatever. In any event you really need to know the precise hardware and settings for your machine. -- Jim __________________________________________________________________________ Cookies From: Michael Sokolow mxs46@po.cwru.edu Dear Ladies and Gentlemen, Given the previous discussion about cookies, could someone explain to me (or point out a topic in help, URL, etc.) just what ARE cookies? Search the Netscape web site. Here's an independent answer courtesy of "The Answer Guy" (Linux Gazette's nickname for me): In programming terminology -- specifically in discussions of networking protocols (such as HTTP and X Windows) a "cookie" is an arbitrary data token issued by a server to a client for purposes of maintaining state or providing identification. Specifically "Netscape HTTP Cookies" are an extension to the HTTP protocol (implemented by Netscape and proposed to the IETF and the W3 Consortium for incorporation into the related standards specifications). HTTP is a "stateless" and protocol. When your browser initiates a connection and requests a document, binary or header the server has no way of distinguishing your request from any other request from your host (it doesn't know if you're coming from a single-user workstation, or a multi-user Unix (or VMS, MVS, MPE, or whatever) host -- or the IP address that it sees as the source for this request is some sort of proxy host or gateway (such as those run by CompuServe and AOL). Netscape cookies are an attempt to add and maintain state between your browser and one or more servers. Basically on your initial connection to a "cookie generating" site your browser is asked for a relevant cookie -- since this is your initial connection there isn't one -- so the server prefers one to your browser (which will accept it unless it's not capable of them, or some option has been enabled to prevent it or prompt you or something like that). From then on all other parts of that site (and possibly other hosts in that domain) can request your cookie and the site's administrators can sort of track your access and progress through the site. The main advantage to the site is for gathering marketing statistics. They can track which versions of a web page lead to increased traffic to linked pages and they can get some idea how many new and repeat visits they're getting. (Like most marketing efforts at statistics there are major flaws with the model -- but the results are valid enough for marketdroids). There are several disadvantages -- including significant privacy concerns. There are several tools available to limit the retention and use of cookies by your browser (even if you're using Netscape Navigator). PGP Inc (the cryptography company) has a link on their site to one called "cookie cutter" (or something like that). About the only advantage to some users is that some sites *might* use cookies to help you skip parts of the site that you've already seen or *might* allow you to avoid filling in forms that you've already filled out. Personally I think cookies are a poorly chosen way to do this -- client-side certificates (a feature of SSL v. 3.x) is a much cleaner method (it allows the user to get an maintain cryptographically strong "certificates" which can be presented to specific servers on demand -- this exchange of certificates involves cryptographic authentication in both directions -- so your browser knows it isn't authenticating to some bogus imposter of a server -- and the server knows that your certificate isn't forged. SSL client certificates allow you to establish accounts at a web site and securely interact with that site. Cookies can't do that. In addition many people have a vague notion that "cookies" where "snuck in" under them -- so they have a well-deserved "bad press." -- Jim __________________________________________________________________________ New Hard Disc From: A Stephen Morse morse@sysc.eng.yale.edu Dear Mr Dennis: I currently own an IBM 560 with a one gig hard disc which has both a win95 partition and a 200m Linux partition running version 2.0. We plan to upgrade today to a 2gig Is this one of their "ThinkPad" laptops? hard disk which accepts its data from the old disc through the PCMICA ports using a special piece of hardware. I believe the drive is called Extreme Drive. We also have available versions 4.1 and 4.2 of Linux on floppies (by the way 2.0 = 4.0 above). So far we've not been able to get any advice on how to proceed. "...using a special piece of hardware." I love that term "special." Sometimes you have to say it with the right inflection SPEC-I-AL! to really appreciate it. Any suggestions. We are not super strong with Linux etc. I think the question is: How do I backup my current drive and restore it to the new drive? (with the implication that you'd like to use this "special" device and just "copy" everything across). There are several ways of backing up and restoring a Linux system. If you have an Ethernet connection to a system with lots of disk space -- or to a system with a tape drive you can do interesting things of the form: dump -0f - | rsh $othersystem "dd of=$path_or_device ..." If you can borrow or purchase a PCMCIA SCSI controller that Linux supports on this system you can hook up an external hard drive or tape unit and use that. Those are the most straightforward methods for getting *everything* across. Another approach is to identify just your data (maybe you keep it all under your /home/ and /usr/local/ directory trees -- or maybe you *should*). Now you get your new disk, install it, get some upgrade of your favorite Linux distribution (I hear the new Debian 1.3 is pretty good), install and configure that and -- finally -- just restore the selected portions of your data that you want. If you're concerned about the potential loss of data or down time from any of these methods you might also consider renting a system (desktop or laptop) for a week to use while you're straightening things out on your main system. This is advice to consider any time you're doing a major hardware upgrade to an "important" system. Interesting question! Do any of the computer rental services offer Linux systems? (PCR, Bit-by-Bit -- who else is in that business?) -- Jim __________________________________________________________________________ Random Crashes From: sloth lsoth7@hotmail.com hi. whenever i try to install linux (so far i have tried redhat, Slackware and Debian) the install program crashes at random times. I have tried removing all unnecessary hardware, ie sound cards etc, but it doesn't seem to make a difference. I have a Intel p150mhz, triton VX main board, s3virge graphics card, 16mb ram and a 2.0gb quantum harddisk. Any help would be MUCH appreciated! cheers, sloth... Have you had your memory thoroughly tested? I would take out your memory (presumably they're SIMM's) and bring them into to a good repair shop for testing. I DON'T recommend software diagnostics for this (like AMIDIAGS, Norton's NDIAGS, "System Sleuth" etc). Do you run any other 32-bit software on this system? (Win '95 and Windows 3.x don't count) Can you install and run NT, Netware, or FreeBSD? I've seen motherboards that just wouldn't handle any true 32-bit OS for sustained use (presumably buggy chipsets) -- that's why Novell and Microsoft have these "compatibility" lists of motherboards. Have you tried taking out the fancy video card and putting in a simple VGA (no frills -- Paradise chipset)? Most of the Linux install scripts and programs (different for each distribution) just use text mode. Therefore it's very unlikely that the video card *type* is a problem. However if your particular card has a defect it could be something that only affects your system under Linux or some other OS'. It's a long shot, and some EE (electronics engineer) might tell me it's impossible -- but I'd try it anyway. (I keep a couple of spare old VGA cards and even an old Hercules -- monochrome graphics -- card around for just these sorts of testing). What sort of hard disk controller are you using? (IDE? SCSI?) Some IDE controllers have buggy chipsets (some of them are even supported by compile time options in the Linux kernel). However, IDE controllers are cheap -- so keeping an extra around for testing is a very small investment. SCSI host adapters are somewhat touchier and more expensive. Some of them are nominally supported by Linux (and other OS') but aren't worth keeping in your system. For example the Adaptec 1542B was a piece of junk. At the same time I use Adaptec 1542C and 1542CF and the various 2940's without hesitation. RAM is the most likely culprit. The motherboard chipset is another possibility. A defective video card or a buggy HD controller are next in line. It's possible that you're system has some sort of bizarre "top memory" which requires an address range exclusion or that you need to "reserve" some I/O ports so Linux won't use them or probe into them for hardware. You could spend a career trying different "stripped down" kernels on boot floppies and learning all the idiosyncrasies of your hardware. However -- it's probably more profitable in the long run to replace any hardware that's causing trouble. The advantage of PC hardware is that it's cheap and widely available. It's curse is that it's often *cheap* and the specs are *widely* interpreted. Now that Linux is becoming available on some other hardware platforms -- and especially now that we're seeing "clones" of SPARC, Alpha, and PowerPC systems for rates that some of us can afford -- we might see some advantages from stepping away from the hardware half of the WIntel cartel. -- Jim __________________________________________________________________________ gcc and Slackware Question From: Steven Smith ischis@evergreen.com GNU's gcc is part of the slackware package that I have loaded on my system. I can and have compiled and linked C code. I can compile the standard C++ code below (if I haven't miss entered the code but for some reason the C++ libraries will not link correctly (ie. i get and error): #includ I think you mean #include ... main() { cout << "hello world\n"; } Poor form. Unix programs should be int main ( int argc, char * argv[] ) ... or at least: void main () ... ---------------- gcc -c program_name.C <- no errors gcc program_name.C <- errors Do you know what might be missing? Your error messages. Here's a way to capture sessions when you're trying to write messages to the Linux User's Support Team , to me or to the Linux Programmer's Mailing List ,or any of the appropriate news groups: Get to a shell prompt. Issue the command: script ~/problem.log Run your test (demonstration of the problem). Back at the shell prompt, type Ctrl-D or issue the exit command. Edit the ~/problem.log file (take all the weird escape sequences out). An easier way is to use emacs' "shell-mode" -- just start emacs and use the M-x shell-mode command. This creates a shell buffer (a sub task in emacs) which allows you to run tty style programs (no full screen "curses" stuff). The output from these shell commands will appear in this buffer and you can use normal emacs cursor, scrolling, cut, and paste operations to work with that output. For example I pasted your program into a new buffer, saved it, "fixed" a couple of minor things, switched to my shell mode buffer (I usually keep one handy) and ran the following sequence: [jimd@antares lgaz]$ ls hello.C [jimd@antares lgaz]$ cat hello.C #include int main( int argc, char * argv[] ) { cout << "hello world\n"; return(0); } [jimd@antares lgaz]$ make hello g++ hello.C -o hello [jimd@antares lgaz]$ ./hello hello world [jimd@antares lgaz]$ ... which I then simply pasted into this buffer. Note that I use the make command here. A nice feature of 'make' (at least the GNU make) is that it can make some guess about what you mean even if you don't supply it with a Makefile. So my command make hello forces make to look for a .c, .C or .cpp file to compile and link. If it sees a .o file it will try to link it with cc -- but for a C++ file you need to link it with g++. A nice side effect of using make this way is that I don't have to specify the -o (output name) and I don't end up with a file named a.out. It "makes" a program named hello. So the source of your problem is probably that you are compiling your program with gcc in a way that confuses it -- and tries to link it as a C program rather than a C++ program. If you call gcc under the link 'g++' (just another name for it) you'll see the whole think work. The compiler pays attention to how you called it (the value of its argv[0]) and makes assumptions based on that. Of course I can't verify that the errors I got were the same as the ones that you see -- since you didn't capture them into your message. In any event using make hello works -- using g++ hello.C works -- using gcc hello.C doesn't link properly and complains about unreferenced stuff and using gcc or g++ with the -c gives me an object file (hello.o) which is, for our purposes, useless. A better venue to ask questions about compiling under Linux might be the Linux programmers list (as I mentioned earlier) or in any of several comp.lang.c and comp.lang.c++ newsgroups (since there is nothing Linux specific about this). If you consider it a bug that gcc recognizes the capital C for C++ when generating .o files and doesn't automagically link with the appropriate libraries in the next pass -- take it up with the participants of the gnu.gcc.* or the gnu.g++.* newsgroups. (There's probably a very good reason for this behaviour -- though I confess that I don't see it). -- Jim __________________________________________________________________________ LILO To: Toby Riley toby@handc.btinternet James, I have been reading your page with great interest but I can't find anything about removing LILO and restoring My MBR. Unfortunately I have to de-install Linux for a while. I have tried running lilo -u and lilo -U and when the PC reboots I just get LI and the system hangs. Personally I've never heard of a -u switch to lilo. Normally you have to replace your lilo MBR with some other valid MBR. Most people who are disabling Linux on a system are restoring access to an existing set of DOS partitions -- so using the DOS MBR is in order. To do that -- boot from a DOS floppy -- and run FDISK /MBR This should exit silently (no error and no report of success). The /MBR switch was added, undocumented, to version 5.0 of MS-DOS. It won't work with previous versions. I can boot Linux off a floppy and the re-run LILO which adds my boot options and restore my system to a usable state. But I can't get rid of it and restore the Win95 boot up. Under the hood Win '95 is MS-DOS 7.0 -- just run FDISK /MBR. We eagerly await your return to the land of Linux. -- Jim __________________________________________________________________________ Printing Problems From: RHS Linux User 6ng1@qlink.queensu.ca hello answer guy! Problem: Printing text / postscript documents. Printing graphics (using xv) works fine, after having my printcap file set up for me, using apsfilter. I own a kyocera f-3010 and this printer can emulate an HP LaserJet Ser II. However, printing documents is a completely different story. Trying to print from, say, Netscape or LyX gets a printout of two or three "step ladder" lines, the output usually being something like "/invalid font in findfont . cannot find font Roman ... etc". Looks like it is not finding the appropriate ghostscript fonts. Is there any way to ensure that ghostscript can recognize my fonts (using xfontsel shows all my installed fonts)? Would you know how to rectify this problem? Like X Windows, printing is a great mystery to me. I managed to get mine working -- including TeX with dvips (on my DeskJet 500C) -- but I still don't know quite how. xv works and Netscape and LyX don't. Can you print a .dvi file using dvips? Can you print a Postscript file using lpr? How about mpage? Does that work? The stairstep effect is common when raw Unix text is going to a printer that's expecting MS-DOS CRLF's (carriage return, linefeed pairs). That makes it sound as though the other applications are bypassing the filter in your /etc/printcap file (or that xv is somehow invoking the write filter before passing the directly to the printer). Thanks a million for your help, this is something that has been bothering me for a while now. Yeah. I let printing bother me for about a year before I finally forced it to print something other than raw (MS-DOS style) text. You have gone through the Printing-HOWTO's haven't you? -- Jim __________________________________________________________________________ Linux Disk Support From: Andrew Ng lulu@asiaonline.net Dear Sir, I have a question to ask: Does Linux support disks with density 2048bytes/sector? Linux currently doesn't support normal disk with large block sizes. (CD-ROM's have large block sizes -- but this is a special case in the code). It is likely that support for larger block sizes will eventually be added to the kernel -- but I don't think it will be in before 2.2 (not that I actually have an inside track on if or when anything is going to happen in kernel development land -- that's just my guess). I have bought a Fujitsu MO drive which support up to 640MB MO disks with density 2048bytes/sector. The Slackware Linux system does not support access to disks with this density. Windows 95 and NT support this density and work very well. Is there any version of Linux which support 2048bytes/sector? If not, is there any project working on that? Someone from Fujitsu's support team called me back on this (as I'd copied an earlier message to their webmaster). The report was that the smaller 540Mb MO media are supported with no problem -- but that the high density media with the large block sizes weren't supported. If I recall correctly he said that this doesn't work for any of the other versions of Unix that Fujitsu knows of (with their drive). -- Jim __________________________________________________________________________ Renaming Problems From: Sean McCleary sean@cdsnet.net Anyhow, here's my problem: I recently renamed my system in my /etc/HOSTNAME file. Ever since I made that change, my system's telnet daemon has stopped allowing incoming connects from ANYWHERE. I was told this has to do with my recent system-renaming, but the man who I was talking to about it never told me WHY or how to fix it. I've checked my /etc/hosts.allow and /etc/hosts.deny. These two files control the behavior of tcpd (the TCP Wrappers program by Wietse Venema). You might also want to look at your /etc/hosts file. This file is used by most system resolver libraries in preference to DNS. The resolver libraries are the code that allows client programs on your system to translate domain/host names into IP addresses. There are several schemes for doing this -- which can be set in different priorities for each host. The oldest method for performing this resolution was a simple lookup in the local /etc/hosts file (there was also an /etc/networks file back then -- you don't see them very often now). This is still common for small networks (less than about 25 systems). The most widely used method is DNS (also know as BIND -- Berkeley Internet Naming Daemon -- a.k.a. 'named'). Actually DNS is the protocol and BIND is the commonly available server software. Another fairly widespread naming service is NIS and its causing NIS+. These were both created by Sun Microsystems and published as open specifications. This system was originally known as "Yellow Pages" -- and many of the commands for managing the service still have the prefix "yp" (i.e. 'ypcat'). However a company (British Telecom if I recall correctly) objected to the trademark infringement and Sun was forced to change the designation. NIS and NIS+ are designed to distribute more than host and network name resolutions -- they are primarily used to manage accounts across whole domains (networks) of hosts. This is especially important among systems that are using NFS since that usually requires that you maintain synchronized UID across the enterprise. (The normal NFS behavior is to grant file access based on the effective UID of the user on the client system -- this can be overwritten in a cumbersome fashion -- but most sites simply synchronize the UID's -- usually via NIS or by using rdist and distributing whole /etc/passwd files). Under Linux there is a file named /etc/host.conf (note: SINGULAR "host"). This sets the priorities of the resolver libraries -- which is typically something like: order files bind nisplus nis multi on (look in the /etc/hosts and /etc/networks first -- then try DNS -- then NIS+ and finally NIS -- try multiple resolutions). Why is this happening, Answer Man? I don't know. Did you look at a tail /var/log/messages for clues? Are you sure that this is a problem with your host's name? Did you change to shadow passwords around the same time? One way to get more clues about any failure you get from any service in the inetd.conf file is to replace the service's entry temporarily with a command like: ## telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd telnet stream tcp nowait root /usr/sbin/tcpd /usr/sbin/strace \ -o /root/tmp/telnet.strace /usr/sbin/in.telnetd Here I've commented out the old telnetd line and put in one that keeps a system call trace file. Looking at this file can give some clues about what the program was trying to do up until it disconnected you. I'll grant that you need to know something about programming to make any use of this file. However you probably don't need to know as much as you'd think. That start to make a little sense after you run a few dozen of them -- particularly if you have a "working" and a "broken" configuration to run your tests with. -- Jim __________________________________________________________________________ X Locks Monitor From: Jon Jacob xaviermoon@earthlink.net I am trying to configure X. I have a Config file set to the SVGA generic using the XF86Config.eg file that comes with the Slackware96 distribution. I have a Sony Multiscan15sf with a ATI mach64 PCI video care with 1 meg of VRAM. When I run startx, the monitor locks so that it turns to black but it still is getting a signal from the PC because the PowerSaving light stays green. I tried fiddling with the Config file with no change. I ran the startx to redirect to an out file to see the error message, but I just get the same file I got when I ran x -probeonly. I could not find a drive for an ATI Mach64 PCI card that matches mine. Do I need one? If so, where would I get it? Can I use some generic driver? Also, Ramdoc was shown by the probe to be "unknown" so I left it commented out in the Config file. Could this be the problem? I am very frustrate after hours and hours of attempts. Please help! I keep trying to tell people: I barely use X. X Windows configuration is still a mysterious "black art" to me that requires that I have the system in front of me to do my hand waving in person. I think you should search the X Windows HOWTO file for the strings "ATI" an "Mach." I'm pretty sure you need a special server for the Mach 64's and I wouldn't be at all surprised if it was one of those deviants that doesn't work with a generic SVGA driver. The first time I ever got X running I resorted to IRC (Internet Relay Chat) -- where I joined the #Linux channel and hung out for awhile. After watching the usual banter for about 20 minutes and adding a few (hopefully intelligent) comments to the discussions at hand I timidly asked for some help. Some kind soul (I don't remember the nickname) asked for some info -- show me how to do a /dcc (direction communications connection?) to send the file to him -- edited my XConfig file and sent it back. One of the beauties of Linux is that I was able to test a couple of revisions of this file while maintaining my connection. Naturally, I glanced over the file before using it. If you decide to take this approach I recommend that you avoid any binaries or source code that you don't understand that someone offers to xfer to you. You will be running this as 'root' on your system. A config file with which you are moderately familiar is a bit safer -- though you could always end up with some weird trojan in that, too. This is not to suggest that IRC has a higher percentage of crackers and "black hats" than anywhere else on the net -- just trying to emphasize that you have no way of identifying who you were working with -- and all it takes is one. Another approach you might try is to call ATI and let them know what you want. As more of us use Linux and demand support for it the various hardware companies will have their choices -- meet market demands or lose marketshare. If you decide to take this to the news groups be sure to go for comp.os.linux.x -- rather than one of the more general newsgroups. It is a little frustrating that so many X questions end up in the various other Linux news groups -- X Windows for Linux is no different than X Windows for any other x86 Unix. However I've never seen an XFree86 newsgroup so... -- Jim __________________________________________________________________________ Using JDK 1.1 for Solarix x86 on Linux From: Romeo Chua rchau@st.nepean.uws.edu.au Hi! I would like to know if I can use the JDK 1.1.2 for Solaris x86 on Linux. Does the iBCS2 module support Solaris x86 applications? Last I heard a native JDK was already available for Linux (although that might be 1.1.1). I have no idea whether SunSoft has maintained any compliance to iBCS in the Java stuff for Solaris. -- Jim __________________________________________________________________________ Colormap Question From: Kevin T. Nemec knemec@mines.edu Dear Answer Guy, I was wondering if it is possible to force a program to use its own colormap externally. That is, can you force a program without a built in option to use its own colormap to do so in some other way. I don't mind the "flashing" in some applications as long as I can see all the colors. Kevin Nemec I've heard that xnest can be used to run one X session inside of another. I don't know if this would help. I've used XFree86's support for multiple virtual consoles to run two X Windows sessions concurrently (using {Ctrl}+{Alt}+{Fx} to switch between them, of course). These can be run with different settings (such as 8bpp on one session and 16pbb on the other. Other than that I have no idea. I keep trying to tell people I'm a *Linux* guy -- NOT an XFree86 guy. I run X Windows to do the occasional XPaint or XFig drawing, to run Netscape on sites that are just too ugly to tolerate in Lynx, and (recently) to play with xdvi and ghostview (to preview my TeX and PostScript pages). So, anyone out there that would like an XFree86 Answers Column in Linux Gazette (or anywhere else preferably under LDP GPL) has my utmost support. (Although our esteemed editor, Marjorie Richardson will certainly make the decisions). -- Jim __________________________________________________________________________ More on LILO From: Paul L Daniels jdaniels@stocks.co.za With respect to a question that was in "The Answers Guy" re LILO only presenting "LI" on the screen then _hanging_. I found that problem too... the problem (at least for me) was that I was including a DOS partition in the LILO.conf file. After removing the partition manually, running liloconfig and reinstalling from current lilo image, everything worked. If you were including a DOS partition in your lilo.conf file with some syntactic errors (making it look like a Linux partition perhaps) or if your previous edit of the file had not be followed by run /sbin/lilo (the "compiler" for the /etc/lilo.conf file) -- I would expect you to have problems. However it is quite common to include one or several DOS partitions in a lilo.conf file. That is the major purpose of the LILO package -- to provide multiple boot capabilities. If this is all babble and drivel, then ignore it, I wasn't sure who to post to. I suspect that there was something else involved in the "stanza" (clause, group of lines) that you removed from your conf file. Since you've solved the problem it sounds like little would be gained from attempts to recreate it -- or to guess at what that had been. -- Jim __________________________________________________________________________ 95 GUI From: Sean sdonovan@hq.si.net Sorry if I am one of hundreds w/ this kinda question./....but try to answer if you have time.. So I had linux loaded up and working fine was even able to make my dos/95 partition work ok too. So then I actually loaded the 95 gui {it had just been a sys c: to get a bootable dos/95 since I didn't have the 95 files for the gui at the time} So now all I can get is 95...I tried the primitive fdisk thing thats part of the do you want to install linux again deal w/ the two disks also tried making different partitions active w/ fdisk as well...but no workie workie. I can boot w/ the two disks that are part of the linux install use the rescue option and then mount the hd linux partition to a directory of my choice and if I try to run lilo from their {since its not in /sbin/lilo on the floppies} it moans about lilo.conf not around and /boot/boot.b not present and such sooo I try to recreate that structure on the root {ramdisk:?} or floppy or whatever I am running everything from...run out of diskspace trying to copy hda files from now mounted hd to /dev of ram/floppy. So I'm stuck...Any ideas? I have read all relevant faq's/scanned every apparently related how-to's etc... to no avail...maybe its like you said on your page; maybe I'm not really running a "boot" floppy... help if ya can, My lilo.conf was reliably letting me into command line dos/95 and linux/xwindows etc.. system is an IBM thinkpad 760el if that's relevant. The short story is that you don't know how to run /sbin/lilo.conf from a boot floppy (rescue situation). There are two methods. One is to use the chroot command: Basically after you boot you mount your root file system (and your usr if you have that separate) -- something like so: mount /dev/sda5 /mnt/ mount /dev/sdb1 /mnt/usr (Here I'm using the example of an extended partition on the first SCSI drive for my normal root partition and the first partition on my second SCSI drive as my usual usr partition -- change those as necessary). You can (naturally) create a different directory other than /mnt/ or under /mnt and mount your filesystem under that. Now you cd to that: cd /mnt/ And run the chroot command -- which takes two parameters: where to make the new root of your session's filesystem and what program to run in that "jail" chroot /mnt/ /mnt/bin/bash Here we're running the copy of bash that's under our chroot environment. Thus this session, and all processes started by it now see /mnt as /. This was the original use of the chroot call -- to allow one to work with a subset of your filesystem *as though* it were the whole thing (handy for developers and doing certain types of testing and debugging -- without risking changes to the whole system). Now should be able to vi /etc/lilo.conf and run /sbin/lilo to "compile" that into a proper boot block and set of mappings. (note the "/etc/" and "/sbin/" will be really /mnt/etc and /mnt/sbin -- to the system and to any other processes -- but they will *look like* /etc/ and /sbin/ to you). The other approach is to create a proper (though temporary) lilo.conf (any path to it is fine) and edit in the paths that apply to your boot context. Then you run /sbin/lilo with the -C file to point it at a non-default lilo.conf (which can be named anything you like at that point. The trick here is to edit the paths in properly. Here's the lilo.conf for my system (antares.starshine.org): boot=/dev/hda map=/boot/map install=/boot/boot.b prompt timeout=50 other=/dev/hda1 label=dos table=/dev/hda image=/vmlinuz label=linux root=/dev/sda5 read-only Here's how I have to edit it to run lilo -C when I'm booted from floppy and have mounted my root and usr as I described above (on /mnt and /mnt/usr respectively): boot=/dev/hda map=/mnt/boot/map # current (emerg) path to map install=/mnt/boot/boot.b # current (emerg) path to /boot prompt timeout=50 other=/dev/hda1 label=dos table=/dev/hda image=/mnt/vmlinuz # path to my kernel label=linux root=/dev/sda5 read-only Note that I've added comments to the end of each line that I changed. (I think I got them all write -- I don't feel like rebooting to test this for you). The specifics aren't as important as the idea: The lilo program (/sbin/lilo) "compiles" a boot block from information in a configuration file -- which defaults to /etc/lilo.conf. References to directories and file in the .conf file must be relative to the situation *when the /sbin/lilo is run*. References to devices and partitions typically don't change in this situation. I hope that helps. It is admittedly one of the most confusing aspect of Linux to Unix newbies and professionals alike. In some ways I prefer FreeBSD's boot loader (the interactive and visual debug modes are neat -- you can disable various drivers and view/tweak various kernel settings during the boot). In other ways I prefer LOADLIN (which can load Linux or FreeBSD kernels from a DOS command prompt or from a DOS CONFIG.SYS file). In yet other ways I like the OpenBoot (forth interpreter and system debugger) used by SPARC's. I would like to see PC's move to the OpenBoot standard -- it's SUPPOSED to be part of the PCI spec. Basically this works by replace the processor specific machine code instructions in device ROM's (for video cards and other adapters) with FCode (byte compiled forth). The system (mother) board then only has to implement a forth interpreter (between 8 and 32K of footprint -- much smaller than existing BIOS chips). The advantage is that it allows your adapters to be used on systems regardless of the processor. Forth is a very efficient language -- as close to machine language as an interpreter can get -- and closer than many assemblers (some of which generate stray code). Too bad there are no PC manufacturers who understand this YET! __________________________________________________________________________ Letter of Thanks From: Sean sdonovan@hq.si.net Thank you from the bottom of my heart for your informative and very useful email. It took about 50 seconds using the chroot command {see I learned something new today :-) } I am back up...worked like a charm... I'll try not to bother you in the future but if I ever need to blow the horn at time of utmost need... It's pretty cool when stuff works, what is frustrating as heck is when you can't find the answers, I really did try reading the faq's/how to's and so on... You are right about the email coherency, need to work on that, guess I figured to a hack like yourself it would make sense {all the stuff that I had tried} and I wasn't sure you would actually write back.} I'm doing this from minicom so everything workie workie :-) When you have time; why did another friend {not in your league apparently} suggest: linux root=/dev/hda2 ro from the boot command? Supposedly it would boot from partition hda2 {linux native} at that point no such luck still went from floppy. thanks again, Sean __________________________________________________________________________ ST01/02 SCSI Card From: John Messina John.Messina@astramerck.com My dad just gave me his old 386 machine. It's not much, but I wanted to start experimenting with it and to try to use it as a firewall. I upgraded it to 8MB of RAM and dropped in an ISA Ethernet card - just the bare minimum. I'm attempting to install RedHat 4.1 onto this machine. My main machine is already up and running with COL Standard and since the 386 has no CD-ROM, I attempted to do an NFS install. he NFS part of the install works perfectly (nameserver, exports, etc. on my main machine is configured correctly and autoprobe can find the 386's ethernet card). The problem occurs when the install starts to look for the 386's SCSI card. The 386 has a Seagate ST01/02 SCSI card with one hard drive attached. The ST01/02 is supported by the install, but autoprobe cannot find the card and I've tried all of the combinations for the parameters that are listed - checked the RedHat, CND, and COL manuals. No IRQ/Base address combination that I've tried works. I've looked at the board itself, but can't tell how it's set up. I guess my question comes down to the following: Is there a way during the install to find out what the IRQ/Base address for this board is? Or, since the machine will successfully boot to DOS/Win3.1, is there a way to determine these settings from the DOS/Windows environment? There are a variety of "diagnostics" utilities for DOS -- MSD (Microsoft) comes with some recent versions of DOS and Windows, NDIAGS comes with recent versions of the Norton Utilities, American Megratrends used to sell the AMIDIAGS, and there used to be some others called Checkit! and System Sleuth. There are also a large number of DOS shareware and freeware programs which perform different subsets of the job. Another program that might list the information you're looking for is Quarterdeck's "Manifest" which used to be included with QEMM since about version 7 or 6 and with DESQview/386 (one of my all-time favorite DOS programs -- with features I still miss in Linux!). The system I'm typing this on is an old home built 386. It is the main server for the house (the clients are Pentia and 486's -- mostly laptops). So you don't have to "apologize" about the age of your equipment. One of the real virtues of Linux is that it breathes new life into old 386's that have been abandoned by the major software vendors. One approach to consider it to find a good SCSI card. I realize that you'll spend more on that than you did on the computer -- but it may be worth it nonetheless. Over the years I've upgraded this system (antares) from 4Mb of RAM to 32Mb and added: Adaptec 1452C controller, one internal 2Gb SCSI, and a 538Mb internal, a 300Mb magneto optical drive, a 4mm DAT autochanger, an 8x CDROM, a Ricoh CD burner/recorder, and an external 2Gb drive (that fills out the SCSI chain -- with additional drives including a Zip on the shelf) upgraded the old 200Mb IDE hard drive to a pair of 400 Mb IDE's, upgraded the I/O and IDE controller to one with four serial ports (one modem, one mouse, two terminals -- one in the living room the other in the office), and a 2Mb STB Nitro video card. My point is that you can take some of the money you save and invest in additional hardware. You just want to ensure that the peripherals and expansions will be useful in your future systems. (At this point memory is changing enough that you don't want to invest much in RAM for your 386 -- you probably won't be able to use it in any future systems) -- bumping it up to 16Mb is probably a good idea -- more only if it's offered to you for REAL cheap. Other than than I'd do an Alta-Vista search (at Yahoo!) for Seagate ST01/02 (ST01, ST02, ST0). My one experience with the ST01 is that it was a very low quality SCSI card and not suitable for serious use. I'd also search the "forsale" newsgroups and ads for a used BusLogic (you might find one for $10 to $25 bucks -- don't pay more than $50 for a used one -- low end new cards can be had for $60). -- Jim __________________________________________________________________________ Booting Linux From: Vaughn (Manta Ray) Jardine vaughn@fm1.wow.net I Use a multiconfig to boot either to Dos, Win95, or Linux (Redhat 4.1). I use loadlin from the autoexec.bat to load the linux kernel, however I recently accidently deleted the dir with loadlin and the vmlinuz. Ooops! I hate it when that happens! I made a boot disk on installation so I use that to get to Linux. I copied the vmlinuz from the /boot dir and put it on my Dos partition. Now I don't have the original loadlin so I took one from a redhat 4.2 site on the net. It still won't boot. It starts and halfway through bootup it stops. Do I have to get the loadlin that came with redhat 4.1? What am I doing wrong. It boots fine off the boot disk. Vaughn I'd want to find out why the LOADLIN is failing. The old version of LOADLIN that I'm used to did require that you create a map of the "real BIOS vectors" -- which is done by allowing REALBIOS.EXE to create a boot disk, booting off of that, and then re-running REALBIOS.EXE. This file would be a "hidden + system" file in C:\REALBIOS.INT The idea of this file is to allow LOADLIN to "unhook" all of the software that's redirected BIOS interrupts (trap vectors -- sort of like a table of pointers hardware event signal handlers) to their own code. To do this you must have a map of where each interrupt was pointed before any software hooked into it (thus the boot disk). This boot disk doesn't boot any OS -- it just runs a very short block of code to capture the table and save it to floppy -- and displays some instructions. You may have to re-run REALBIOS.EXE (generate a new BIOS map) any time you change your hardware. This is particularly true when changing video cards or adding removing or changing a SCSI adapter. Obviously the version of LOADLIN that's used by Red Hat's "turbo Linux" and by the CD based installed program of other Linux distributions doesn't require this -- though I don't know quite how they get around it. So, try installing the rest of the LOADLIN package and running REALBIOS.EXE. Then make sure you are booting into "safe" DOS mode under Win '95. I'd also consider putting a block (like a lilo.conf stanza) in your CONFIG.SYS which invokes LOADLIN.EXE via your SHELL= directive. That block should have any DEVICE= or INSTALL= directives except those that are needed to see the device where your LOADLIN.EXE and kernel image file are located. This should ensure that you aren't loading conflicting drivers. There are details about this in the LOADLIN documentation. -- Jim __________________________________________________________________________ Kernel Panics on root fs From: Ken Ken@KenAndTed.com Hi... I'm having some trouble, and maybe you could help?? I recently went from kernel 2.0.27 to 2.0.3. Of course, =) I used Red Hat's RPM system (I have PowerTools 4.1) and upgraded. After the config, compile (zImage), and modules stuff, I changed LiLo's config, to have old be my backed up kernel of 2.0.27, and linux be the new one. Then, I did a zlilo, and everything ran smoothly. I presume you mean that you installed the 2.0.30 sources and that you did a make zlilo (after your make config; make dep; and make clean) But now, one the new kernel, after it finds my CD-ROM drive, it won't mount my root fs. It gives me a kernel panic, and says unable to mount root fs, then gives me the address 3:41. What's going on?? I've tried recompiling and remaking lilo many times. (oh yeah... I didn't forget dep or clean either) Nothing works. I'm using the extended 2 fs, and it's built right in the kernel... Did you do a 'make modules' and 'make modules_install'? If you do a 'diff' between /usr/src/linux/.config and /usr/src/linux-2.0.27/.config what you you see? Are you sure you need features from the 2.0.30 release? You may want to stick with 2.0.29 until a 2.0.31 or 32 goes out. I know of at least one problem that's forced my to revert for one of my customers*. It has always been the case with Linux and with other systems that you should avoid upgrading unless you know exactly what problem you're trying to solve and have some understanding of the risks your are taking. That's why it's so important to make backups prior to upgrades and new software installations. I will note that my experience with Linux and FreeBSD has been vastly less traumatic in these regards than the years of DOS and Windows experience I gained before I taught myself Unix. * (using the -r "redirect" switch of the ipfwadm command to redirect activity on one socket to another works through 2.0.29 and dies in 2.0.30 -- and gets fixed again in a "pre31" that one of my associates provided to me). Here's my lilo config file... ...[ellided]... That looks fine. I suspect there's some difference between your kernel configurations that's at fault here. Run diff on them (the files are named .config in the toplevel source directory). or pull up the 'make menuconfig' for each and place them "side-by-side" (using X or on different VC's). Hint: You can edit /usr/src/linux/scripts/Menuconfig and set the single_menu_mode=TRUE (read the comments in the file) before you do your make menuconfig -- and you'll save a lot of keystrokes. Maybe you need one of those IDE chipset boxes checked. My hard drive that boots is hda, and my Linux drive is hdb. I took out read-only a while ago, to try to solve the problem. It made no difference. It'd be great if you could help me out a little. Thanks, Ken... __________________________________________________________________________ Copyright © 1997, James T. Dennis Published in Issue 20 of the Linux Gazette August 1997 __________________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next "Linux Gazette...making Linux just a little more fun!" __________________________________________________________________________ Cleaning up you /tmp -- Revisited By Guy Geens, ggeens@iname.com __________________________________________________________________________ In issue 18, I described how to avoid certain security risks when removing files from your /tmp directory. I have received some letters as feedback, and I'll summarize the issues here. Some people said they didn't need the extra security. Well, they're free not to use my script. mtime vs. atime Michael Veksler told me he was worried about the use of the access time to determine the file's age. His main concern was that files could be ``accidently'' touched by find ... | xargs grep ... constructions. Personally, I don't have this problem, as I tend to restrict the domain of my find sweeps. As I said in my first article, it's a personal taste. I frequently unpack archives in my /tmp hierarchy. And I want to be certain the files will stay there until I don't need them anymore. To me, 3 days after last looking at the file seems a reasonable delay for that. But recently, I started using afio for transporting files that won't fit on one floppy. And afio Remembers the access time during archiving, and also sets this date while unpacking. This could limit the lifespan of my files if I don't look at them immediately. (As a sidenote, zip also sets the access time.) Obviously, there is one other possibility I neglected: using ctime (inode change time). It is not possible to set this to an arbitrary value, and it doesn't change as easily as the access time. Avoiding perl Perl has a rather large memory footprint, and is not available on every site. Therefore, Francois Wautier < suggested: cp -p /bin/rm-static /usr/bin/find-static /tmp chroot /tmp /find-static ... -exec /rm-static {} \; rm /tmp/rm-static /tmp/find-static rm-static and find-static are statically compiled versions of rm and find, respectively. The -p flag ensures the resulting binary is owned by root, closing one security risk. (A user might have created her own /tmp/rm-static with the intend of changing the binary.) This gives rise to a new set of race conditions, although they aren't as easy to exploit as the find ... | xargs rm security hole described in my first article. In general, I would advise against executing arbitrary files with root permissions, especially if they are residing in a publicly writeable directory (like /tmp). (It is also related to the reason why `.' should never be in root's path. This leads me to a real security risk: Perl's internals (This one I found myself.) I recently upgraded to perl 5.004. After the upgrade, I noticed my cleantmp script started emitting warnings about not finding the pwd program. I looked into the perl module code, and it uses pwd to determine the current directory. The script itself doesn't have problems with the missing binary, as I'm using absolute paths everywhere. But it opens a huge security hole: An executable called pwd in the right place in the /tmp tree can give a user a process executing with root permissions. In this case, the chroot decreases security, instead of increasing it. For this reason, I have decided to remove the chroot from the script entirely. That way, I can be sure only trusted binaries are executed. Omitting certain files and directories In the first version of my script, I demonstrated how to exclude some files from being deleted. I obviously forgot one thing: a user could create files or directories with the same names, and they would never be deleted. The solution is easy: test the owner of the file, and if it isn't root, just delete the file. cleantmp, version 2 Here is a link to the new script. Comments are welcome. __________________________________________________________________________ Guy Geens __________________________________________________________________________ Copyright © 1997, Guy Geens Published in Issue 20 of the Linux Gazette, August 1997 __________________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next __________________________________________________________________________ "Linux Gazette...making Linux just a little more fun!" __________________________________________________________________________ Dealing with System Crackers--Basic Combat Techniques By Andy Vaught, andy@maxwell.la.asu.edu __________________________________________________________________________ It started out pretty simple. I was on a my client's webserver, simply paging through routine entries, when I came on the following entries (IP addresses have been changed to protect the guilty): May 2 23:25:09 bankweb ps[12613]: connect from 128.128.128.128 May 2 23:25:09 bankweb netstat[12614]: connect from 128.128.128.128 May 2 23:25:10 bankweb wu.ftpd[12616]: connect from 128.128.128.128 May 2 23:25:10 bankweb in.telnetd[12617]: connect from 128.128.128.128 May 2 23:25:15 bankweb in.fingerd[12619]: connect from 128.128.128.128 May 2 23:25:16 bankweb in.pop3d[12620]: connect from 128.128.128.128 May 2 23:25:17 bankweb in.nntpd[12622]: connect from 128.128.128.128 May 2 23:25:17 bankweb nntpd[12622]: 128.128.128.128 connect May 2 23:25:17 bankweb nntpd[12622]: 128.128.128.128 refused connection May 2 23:26:55 bankweb wu.ftpd[12624]: connect from 128.128.128.128 May 2 23:28:03 bankweb ftpd[12624]: FTP session closed May 2 23:28:19 bankweb in.telnetd[12632]: connect from 128.128.128.128 May 2 23:28:44 bankweb login: 2 LOGIN FAILURES FROM 128.128.128.128, guest May 2 23:29:12 bankweb ps[12634]: connect from 128.128.128.128 May 2 23:31:20 bankweb ps[12637]: connect from 128.128.128.128 May 2 23:32:25 bankweb netstat[12638]: connect from 128.128.128.128 May 2 23:34:21 bankweb in.fingerd[12641]: connect from 128.128.128.128 May 2 23:35:54 bankweb in.rlogind[12644]: connect from 128.128.128.128 May 2 23:35:54 bankweb in.rshd[12645]: connect from 128.128.128.128 May 2 23:35:54 bankweb rshd[12645]: Connection from 128.128.128.128 on illegal port May 2 23:36:56 bankweb in.telnetd[12647]: connect from 128.128.128.128 May 2 23:37:11 bankweb login: 2 LOGIN FAILURES FROM 128.128.128.128, root Uh-oh. For a couple of minutes, someone was definitely rattling my client's locks, looking for a way in. As a system administrator, what do you do now?? How do you find out if the intruder managed to actually get in? Did he *do* anything to your system? How do you make sure he doesn't get back in? In this article, I'll make a few suggestions about a few basic steps that can be taken and some of the specialized tools that can help keep your system secure. The first thing you want to check for is the possibility that the intruder is still logged on. A quick way to check this is 'w' or 'who' commands--look for someone logged from a remote machine. The thing to remember about these commands is that they work by reading a file ('utmp', typically found in /var/adm) that keeps track of who is logged in. If the intruder has broken into the root account, then he can change that file to make it look like he's not there. Two good ways of finding such phantom users are to use the ps and netstat programs. Since these query kernel data structures rather than files, they are harder to spoof. Using ps, look for shells and programs that aren't associated with a legitimate user. Netstat is a lesser-used utility used to display the network status. If it is not in the normal system directories, look in /sbin or /usr/sbin. By default netstat displays active Internet connections. Again, look for connections to suspicious sites. If he's on your system In the worst case, the intruder is lurking around in your system. If the intruder has managed to break into the root account, he will be able to remove all your files with a quick rm -rf /. Fortunately, such toe-to-toe combat with intruders is rare. The best solution to an intruder on your system is to immediately disconnect the Ethernet cable. Without giving him any warning, this puts a stop to whatever he is doing and isolates your computer, preventing further damage. Furthermore, it will appear to him that the network has failed-- which is in fact what has happened. Unfortunately, you (or no one you can contact) may not have physical access to the machine when this happens. The second best thing to do about an intruder involves a judgment call. You can A) let him alone and hope he doesn't destroy the system and assess the damage later, B) talk to him using 'talk' or C) kick him off and hope he can't get back in. If you decide to kick him off, you of course need to be root. Simply rebooting the system isn't a good idea, since the system will come back up and the intruder will probably be able to re-enter and will know that someone is onto him. The usual way of kicking someone off is to run a kill -9 command on their telnetd or rshd processes. These processes act as glue connecting the network to the intruder's shell. An equally valid method is to kill their shells. Either way, the intruder will see the message "Connection closed by foreign host" and will know that something is up. The right way to do this is to remember that kill -9 will accept multiple process ids, and you want to blindside him. After you've used 'ps' to find *all* of his process ids, include the process id of the 'inetd' process. Inetd is sometimes referred to as the "Internet super-server"-- all it does is watch for incoming network connections and makes sure they are connected to the right handler. By killing inetd, you prevent new connections from being accepted, be they telnet, ftp, finger or whatever. Of course, if he's root, he can do this to you. Assessing the damage The real danger posed by an intruder is that once in, he can make it easy for himself to get back in, though you may close the hole he originally came through. The way this has to be done is by modifying the filesystem in some manner (with Linux, he could easily compile you a new kernel, but the kernel is ultimately stored in the filesystem). The freeware program tripwire is used to detect modified system files. The idea is that tripwire records the size, date and a quantity called a "one way hash function". The idea is to take the data of the file and compute a fairly large random number. If the file changes, a different hash value results. The "one way" part means that it is "difficult" to make a small change to file and still come up with the same hash value. Of course, if the database of hash values is stored on the hard disk and the cracker finds it, he can just update the database... which is why you want to keep the database on a floppy. The find program is extremely useful for finding suspicious looking files that the intruder has left laying around. Use find to look for recently-modified files in the /lib, /usr and /etc hierarchies, keeping in mind that it is possible to change the timestamps. An easy situation occurs when you have installed a system via CDROM. Since the CDROM cannot be modified, you can compare what is on the CD with what is on the hard disk. Something like: find /bin -exec cmp {} /CDROM/dist/{} will compare files on the disk to what is on the CDROM. Another thing to check for is: find / -perm +6000 -print which will find all the setuid and setgid files on the disk. A setuid file is one which runs with the permissions of the file's owner or group, not the person running the file. This is how the passwd program lets a user change the password file... but only their own entry. The intruder may have left something behind which lets him become root at will. Note that the -perm option is specific to GNU find-- other systems may have different syntax. What you're looking for are suspicious files. A great way to learn Unix is to simply go through the system files and figure out what each one does. Perhaps the best way to sleep easier at night is to simply reinstall the operating system and all of the utilities after a breakin. This operation is much easier under Linux than most other Unixes and goes a long way toward giving you peace of mind about any time-bombs left behind. Besides, you were meaning to upgrade anyway, weren't you? War Story #1 By default, most Linux systems come with tcp wrappers automatically installed. This program intercepts the initial service requests from remote machines and logs them in the system logs. The wrappers can be configured to reject or allow access from listed sites. In the attempted bankweb breakin, the wrappers let me know that there had been an attempt in the first place. From the listings, you can see that by default several services were enable during the installation that really shouldn't be running. The ps service let the intruder see processes running on our machine-- and gain account names. netstat let him see the machine's active network connections. The first step was to disable those two "services" by commenting out their lines in /etc/inetd.conf and resetting inetd. Step number two was to track the cracker back to his network provider. Fingering and telnetting to the IP number produced a refused connection, implying that the machine in question was probably not a Unix machine. Telnetting to port 137, the windows name service port was accepted, implying that the machine was a windows box. It was quite possible that the machine I was looking at was not the intruder's machine-- if the intruder was dialed in via ppp, then the IP number could have simply been reassigned to the machine that I was probing. A lookup using whois with the first three parts of the IP number produced the provider's name but not an email address to send a complaint to. Using the traceroute program gave some intermediate addresses that I used to find the intruder's provider. The next-to-last address in the route to the intruder refused connections, but trying to telnet into the second-to-last produced a shocking result-- the address turned out to be a completely unprotected router. Not only were current network statistics displayed and updated, but "Configure" was a prominent menu item... War Story #2 I logged in to a workstation cluster at school late one Saturday night to check the progress of one of my jobs. I was quite surprised to find 'root' logged in running a couple of shells and a chess demo from the local X-windows console. I chose to leave the intruder alone since I was unable to do much-- the recent installation of NIS had been botched and left me unable to change the cluster's root password. I called the police after he shut down the system, since we've had a few computer thefts. I did have to do some fancy explaining to the dispatcher on why I thought a theft was taking place from several miles away. It turned out that the intruder was an idiot who didn't know the difference between shutting the system down and logging out. He had acquired the password by watching one of the faculty miss the "enter" key while logging in as root-- the password was echoed right after "root". Coincidentally, I had acquired the cluster's root password in the same way, only I found it by seeing the log entry login failed for rootrs314m. The moral is change the password if someone sees it, or if it has accidentally gone into the system logs. War Story #3 One day, on a machine I used as well as administered, I received a very strange letter that had been originally addressed to root-- I had forwarded root's mail to myself. The letter appeared to be (and in fact was) a command that was supposed to mail our password file to an address at an ivy-league university on the east coast. Old versions of the 'sendmail' program had a mode that allowed commands to be sent in letters to facilitate debugging. When the program was distributed, this "feature" was not disabled. Fortunately, the vendor for the workstation (not a Linux box) had closed that hole. The next step was to contact the source of the attacks. I have found that the proper attitude is to be polite, and inform the administrators that you are having a problem with one of their users, then show them everything you have... and hope that the person you've contacted isn't the one who is launching the attacks. The address turned out to be on a completely insecure mail server, ending the hunt, but we at least made the right people aware of the problem. That machine suffered several additional attacks over the next couple of months. The reason was that one of my users, who happened to be Russian, had a bunch of less-than-reputable "friends" back home who wanted impress him by breaking into his machine. At a group meeting, I mentioned these attacks, and half-suggested we all kick in twenty dollars, send the total to Moscow, and have a few legs broken. The other Russian, in our group, a very mild-mannered man, said "Break their legs?? Break their heads!". Watch out for those Russians... War Story #4 I received an email notifying me that the machine in War Story #3 was being used as a base for attacking other machines. I forwarded root's mail to myself by putting my email in a file named .forward in root's home directory. If you administer a workstation, you want to do something like this, because the root account is typically rarely used and you want to know about this sort of thing the moment it happens. As it turned out, the people complaining had waited too long for us to figure out who had been on the machine when the attacks took place. The logs on that machine were rotated every two weeks. Since the prime suspect had graduated, we chose to close his account along with all the other accounts that had never been deleted. Examining the suspect's files, we did find tools for breaking in to a variety of systems as well as a utmp editor for hiding his tracks. The root password was changed at the same time. So, in conclusion, if you find out that *your* machine is under attack, stay calm, do it quick, do it first and keep your backups handy. Further reading: Check out Bill Cheswick's classic "Evening with Berferd" paper. ftp://cert.org/pub/papers/Bill_Cheswick_berferd.ps Andy Vaught andy@maxwell.la.asu.edu __________________________________________________________________________ Copyright © 1997, Andy Vaught Published in Issue 20 of the Linux Gazette, August 1997 __________________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next __________________________________________________________________________ "Linux Gazette...making Linux just a little more fun!" __________________________________________________________________________ Welcome to the Graphics Muse Set your browser as wide as you'd like now. I've fixed the Muse to expand to fill the available space! © 1997 by mjh _______________________________________________________________________________ Button Bar muse: 1. v; to become absorbed in thought 2. n; [ fr. Any of the nine sister goddesses of learning and the arts in Greek Mythology ]: a source of inspiration W elcome to the Graphics Muse! Why a "muse"? Well, except for the sisters aspect, the above definitions are pretty much the way I'd describe my own interest in computer graphics: it keeps me deep in thought and it is a daily source of inspiration. [Graphics Mews] [Musings] [Resources] T his column is dedicated to the use, creation, distribution, and discussion of computer graphics tools for Linux systems. The format of this months column has changed just a tad. I rebuilt my template for the column using Netscape's Page Composer, part of the Communicator 4.01 Preview Release 6. There are lots of little things I don't like about Communicator but the Page Composer is quite nice. Its the first WYSIWYG HTML editor I've used on Linux that I've really liked. I intend to do many of my pages using it from now on. To be fair to Communicator, it is a preview release (once known as Beta, but I guess that has bad connotations now). I've always been pleased with Netscape's products. If I could just get them to publicly support Linux I'd be happier. Anyway, once the little annoying aspects are cleared up the 4.x release should be quite a boost to Netscape's product line. [INLINE ] During the month of July I was finishing up a major X application for my employer (EMASS, Inc, a division of Raytheon/E-Systems/TI/an d who knows what else). One of the last things I had to do was port the application to a slew of Unix platforms. Well, the ports were pretty easy - it was just a matter of getting the build environment set up right - but I had lots of free time to burn while some compiles were running. Fortunately I was able to log in from home to do these, so I started to look at a few graphics applications that I've been meaning to get to for some time. The first is Image Alchemy, a commercial product from Handmade Software that provides extensive image conversion capabilities. I'd long ago promised Hap Nesbitt of Handmade Software that I would do the review. My apologies to him and Handmade for taking so long to get around to it. The next package is ImageMagick. I've seen the posts for this package on comp.os.linux.announce many times and have heard lots of good things about the package. I decided it was time to take a closer look. Finally, I decided to take a look at a tool thats been around for awhile but that hasn't really been discussed much in the forums that I frequent: Geomview. A quick glance at the pre-built binary really caught my eye. This is a tool with a lot of potential. In this months column I'll also be covering: * Is VRML ready for Prime Time? * In Q and A: how do you turn TGA files from POV-Ray into an animation? Oh, and the image on the right, Graphics for the Masses, was created as a demonstration of what can be done with the GIMP. It was enough to convinve the Linux Journal that I could do the cover for their November Graphics issue using this handy Photoshop clone. The final cover art doesn't look anything like this one, however. It was just a way of showing off what is possible. If anyone else needs a cover done, feel free to drop me a line! Graphics Mews Disclaimer: Before I get too far into this I should note that any of the news items I post in this section are just that - news. Either I happened to run across them via some mailing list I was on, via some Usenet news group, or via email from someone. I'm not necessarily endorsing these products (some of which may be commercial), I'm just letting you know I'd heard about them in the past month. [INLINE] I ran across this in the GIMP Developers mailing list. Unfortunately, I forgot to save the attribution. My apologies to the original poster of the message. I've been reading some of the W3 specs recently, and I've come across some good stuff. I'm impressed - until recently it seemed like the W3 either wouldn't or couldn't get their act together, but now they seem to be putting out genuinely useful specifications. Anyway, the one with perhaps the greatest relevance to GIMP users is the sRGB standard, which specifies how images should look when displayed on the Internet. If you're interested at all in gamma correction and monitor color spaces, take a look at: http://www.w3.org/pub/ WWW/Graphics/Color/sRGB.html If you're not familiar with the color management literature, some of it will be hard going, but it might be worthwhile anyway. For people who are not intimately familiar with CIE color spaces and all that stuff, the bottom line of sRGB is that the default gamma value for Gimp should be 1.0 (as indeed it is in 0.99.10). For people that have calibrated monitors (most likely a tiny fraction of Gimp users), it would be appropriate to use some form of color management technology (I think some of the new X's have color management defined, but I'm not sure how good it is) and do a transformation from the image color space to the screen color space. However, in the absence of that, gamma correction is generally not appropriate. In the long term, it might be a good idea to add color management to the Gimp, but for now I think it's fine without. Color management tends not to work well unless it's very carefully applied - generally, something that only happens in high end environments. indent xfont3d This program is a graphical interface to Font3D (http://www-personal.ksu.edu/ ~squid/font3d.html), and requires the XForms library (http://bragg.phys.uwm.edu /xforms). The interface was developed with Font3D v1.6. Font3D generates geometry (model) files for 3D text in a variety of output formats (POV, RIB, etc.) from True Type font files. I designed xfont3d to be used as a tool mainly for POV-Ray. The built-in POV-Ray pre viewer allows you to render a sample of the font generated by Font3D. However, xfont3d supports all the output options of Font3D - you just won't be able to preview it directly from xfont3d. You can view an image of the interface and get the source code from http://cspar.uah.edu/~mallozzir I wrote the thing in about three days, so by that time I was sick of it, and hence it has not really undergone much testing Please send any bug reports or comments to mallozzir@cspar.uah.edu. Dr. Robert S. Mallozzi University of Alabama in Huntsville indent GCL GCL (Graphics Command Language) is an interpreting language that is based on the data plotting library DISLIN. Version 2.2 of GCL is now released. About 400 plotting and parameter setting routines of DISLIN can be called from GCL for displaying data as curves, bar graphs, pie charts, 3D-colour plots, surfaces, contours and maps. Several output formats are supported such as X11, PostScript, CGM, HPGL, TIFF and Prescribe. Some quickplots are also added to GCL that can display data with one command. Similar to programming languages such as Fortran and C, high-level language elements can be used within GCL. These are variables , operators, array operations, loops, if and switch statements, user-defined subroutines and functions, and file I/O routines. GCL is free available for the operating systems MS-DOS, Windows 95, VMS, Linux, AIX, Digital UNIX, HP-UX and SunOS. FTP sites: ftp://ftp.gwdg.de/pub/grafik/dislin ftp://linhmi.mpae.gwdg.de/pub/dislin Home Page: http://www.mpae.gwdg.de/dislin/dislin.htm [INLINE] [INLINE] ImageMagick 3.8.8 The newest version of the binary distribution of ImageMagick, version 3.8.8, has been uploaded to Sunsite.. You can also get it from its primary site at ftp.wizards.dupont.com /pub/ImageMagick/linux. ImageMagick (TM), version 3.8.8, is a package for display and interactive manipulation of images for the X Window System. ImageMagick performs, also as command line programs, among others these functions: * Describe the format and characteristics of an image * Convert an image from one format to another * Transform an image or sequence of images * Read an image from an X server and output it as an image file * Animate a sequence of images * Combine one or more images to create new images * Create a composite image by combining several separate images * Segment an image based on the color histogram Retrieve, list, or print files from a remote network site The major changes in ImageMagick 3.8.8 are: * PerlMagick now can interactively display an image or animate an image sequence. * Subimages can now be specified in any order. For example, image.miff[3,2], image.miff[11-1], or image.miff[1,2,2,3]. * Added -remote to display and animate. It allows you to send a load image command to an already running executable. * Duplicate entries in an image colormap are now automatically eliminated. * Display and animate now support embedded characters for the -title option (e.g. -title "%f[%s]", for filename and scene). ImageMagick supports also the Drag-and-Drop protocol form the OffiX package and many of the more popular image formats including JPEG, MPEG, PNG, TIFF, Photo CD, etc. Freedom VR - Java Virtual Reality Applet Freedom VR is a photographic VR applet that was developed with Linux but also works on other flavors of Unix, the Macintosh and even Windows. It beats Quicktime VR in compression performance -- because Freedom VR uses Internet standards such as .gif and .jpeg, Freedom VR content can be produced on any platform. The developers are interested in working with other programmers to develop software for converting other VR formats such as VRML and Quicktime VR to Freedom VR. We've also written up a tutorial for taking VR photographs. Freedom VR applet: http://www.msc.cornell.edu/ ~houle/vr/freedom/ Paul and Olivia's VR Garden (produced with Freedom VR): http://www.msc.cornell.edu/ ~houle/vr/garden/ An introduction to VR photography: http://www.msc.cornell.edu/ ~houle/vr/howto/ [INLINE] Jaw3DLib Jaw3DLib, a 3d programming library has been released for several platforms: linux, ms-dos, and sunos. I'd like a few alpha testers to take a look at this. An example app is included that can be easily modified. Go to: http://umn.edu/~jawed/jaw3d/ Jawed Karim jawed@tc.umn.edu http://umn.edu/~jawed [INLINE] Looking for NetPBM archives? Try http://www.arc.umn.edu/ GVL/Software/pbmplus-ftp.html for a list of archive sites. [INLINE] For those of you owning or otherwise interested in Connectix QuickCams: There is now a campaign attempting to convince Connectix to make the specifications for their VIDEC compression algorithm available publicly. Without the spec, it is not possible for any third-party projects (such as SANE) to support 16 bit color mode. If you want to join or learn more about the campaign, please visit: http://www.kabel.de/ ~hmueller/qc/freevidec.shtml [INLINE] IKM Interactive announces the release of axis 1.0alpha, a 3D rendering engine for Linux/SGI/Sun/Win95/WinNT. A 3Dfx accelerated version is also available for Win95 (and possibly Linux soon). A Power Mac version is currently in development. You can download the current version from http://www.ikm.com This is an alpha release, mostly of interest to 3D hackers. Axis uses OpenGL on SGI and Win 95/NT, and Mesa on the remaining platforms. The 3dfx accelerated version utilizes the Mesa Voodoo libraries. The Linux version currently has the best coloring/shading; the different OpenGL implementations have quirks that we haven't sorted out yet. The rendering engine uses a simple stack machine interpreter, and processes a language that has similarities to Lisp, Forth, and Adobe's PostScript. The interpreter is multi-threaded, so objects in the 3D environment can have private namespaces. We are working on a programming manual for the language. It is also network-ready; you can talk directly to the rendering engine with a TCP/IP connection. The distribution includes source code for an example TclTk program which utilizes the network connection (this is the tool we used to position models within the 3D environment). We will be releasing more complex modelers shortly. The rendering engine and language interpreter will be the base for our multi-user shared environment application, which we plan to release near the end of July. Environments, and information about positions of other users, will be downloaded via TCP/IP; if you choose to customize your avatar, code for that can be uploaded. Enjoy, and let me know if you have questions. Patrick H. Madden phm@webvision.com pickle@cs.ucla.edu or phm@ikm.com when we get our mail server sorted out..... indent WSCG '98 International Conference and Exhibition Call for Papers and Participation Deadline for papers September 30,1998 The Sixth International Conference in Central Europe on Computer Graphics and Visualization 98 in cooperation with IFIP working group 5.10 on Computer Graphics and Virtual Worlds will be held in February 9 - 13, 1998 in Plzen at the University of West Bohemia close to PRAGUE, the capital of Czech Republic Conference Chairs Nadia Magnenat Thalmann, MIRALab-CUI, Univ. of Geneva, Switzerland Vaclav Skala, Univ. of West Bohemia, Czech Republic The latest information is available at: http://wscg.zcu.cz or http://herakles.zcu.cz Full announcement in plain text is available. [INLINE] POV Texture Library This texture library has been updated and the URL has changed. This site is done by a non-Unix user, but the textures are platform inspecific.If you're looking for some interesting textures for your POV-Ray scenes take a look at http://www.informatik.tu-cottbus.de/ ~rs/povray/texlib/ [INLINE] IRTC CD-ROM Due out soon! Chris Cason, who manages the server which supports the IRTC and POV-Ray Web sites. is getting ready to publish the IRTC CD-ROM. This CD contains the collection of images submitted to the IRTC over that last year, the IRTC's first year of existance (in its reincarnation that is). If you're interested in getting a copy of this CD, please check out the IRTC Web site for more information. All proceeds from the CD go to the maintenence and expansion of the Web server. indent EPSON Scanner Driver EPSCAN is a scanner driver for EPSON ES-1200C/GT-9000 scanners. It includes a driver and a nice X frontend. It allows previewing, and selecting a region of an image to be scanned, as well as changing scanner settings. It only supports scanners attached to a SCSI port, not to the parallel port. The driver should support any of the ES-{300-800}C / GT-{1000-6500}. EPSCAN is available from: ftp://sunsite.unc.edu/pub/ Linux/Incoming/epscan-0.1.tar.gz and an rpm version to ftp://ftp.redhat.com/pub/ Incoming/epscan-0.1-1.src.rpm ftp://ftp.redhat.com/pub/ Incoming/epscan-0.1-1.i386.rpm The rpm version will probably be moved, if it hasn't already, to ftp://ftp.redhat.com/pub/ contrib/epscan-0.1-1.src.rpm ftp://ftp.redhat.com/pub/ contrib/epscan-0.1-1.i386.rpm The sunsite version will probably be moved to ftp://sunsite.unc.edu/pub/ Linux/apps/graphics/scanners/epscan-0.1.tar.gz Adam P. Jenkins ajenkins@cs.umass.edu Requirements: 1. Linux 2.x 2. XFree3.x 3. Qt library version >= 1.1 4. libtiff version >= 3.4 5. g++ version >= 2.7.2 You can get the Qt library from http://www.troll.no. EPSCAN may work with older versions of Linux, XFree, and g++; this is just what it was developed with. [INLINE] Has anyone tried out ELECTRO-GIG's product, 3DGO? The Graphics Muse wants to know! Its 37M and downloading across a 36.6 modem is painful at best. I'd love to try it, but I don't have the cash on hand for ordering it and having it shipped (I don't mind paying for it, but next months trip to SIGGRAPH plus some vacation time sort of sucked me dry for the time being). If you've used it let me know your thoughts. I'll be happy to pass any review on to my readers, with full credit to you of course! [INLINE] Iv2Pov/IV2Ray Cow House Productions is pleased to announce the release of Iv2POV. Iv2POV is a translator / converter for Inventor 2.0 / VRML 1.0 files to POVRAY, the popular raytracing program. Both source code and an Irix 5.3 executable are available (free!) at http://www.cowhouse.com/ Home/Converters/converters.html. Cow House is also pleased to present a new release of Iv2Ray, the Inventor (VRML 1.0) to Rayshade (a different popular raytracing program) converter / translator. Iv2Ray is also available as an Irix 5.3 binary and as C++ source code. While you are at www.cowhouse.com - feel free to take a look around, download some samples, and otherwise exerciseyour browser. [INLINE] Did You Know? ...the growth of 3D modellers continues at a frightening pace. Another modeller was recently announced: GL-SPACE. You can find information on this new modeller at http://tularosa.eece.unm.edu/s taff/greywolf/glspace/. It requires Tcl7.5/Tk4.1 and Mesa 1.2.8 or OpenGL. The interface is quite cool - one of the best I've seen yet. The cameras location is represented by - a camera! Really. Take a look at it. ...there is a very nifty morphing tool, called xmrm, available at http://www.cg.tuwien.ac.at/research/ca/mrm/index.html. I played with this a little and it has one of the most professional looking interfaces I've seen in awhile. Its relatively easy to use, at least if you follow the one example morph it provides. ...there is a Web site devoted to explaining how to make MPEG movies? Take a look at http://www.arc.umn.edu/ GVL/Software/mpeg.html to find out more. Q and A Q: I am quite new to POVRAY and would like to know where I can get an application which plays a series of *.tga files as an animation. I have created all the TGA files using POV. What can I use to play these files in sequence? Merv Young. AUSTRALIA. A: Well, I don't know of any tools that can take a set of TGA files and directly turn them into an animation on Linux systems. I'm not that familiar with animations yet, but here is what I do know. First, you have two types of animations you can create (with freely available tools) from a set of raster images: MPEG or an animated GIF. The latter requires the images to be in GIF format (GIF89a, actually). There are two tools for taking the GIF files and turning them into an animation: WhilrGIF and MultiGIF. Both are command line tools and both are fairly easy to use. I like MultiGIF a little more simply because it can create smaller animation using sprites (small images that can overlay the previous image). Understanding how to do this is a little tricky, but not that tough. WhirlGIF simply concatenates the set of GIFs together into an animated sequence. Playing an animated GIF can only be done by Web browsers, although I only know for certain that both Netscape and MSIE support this format. To my knowledge (someone correct me if I'm wrong) there are no "animated GIF players" for Linux. MPEG is an animation format that I've just started to experiment with. There is only one command line tool that I'm aware of for creating the animations - mpeg_encode - but there are quite a few tools for viewing them (xanim, MpegTV, mpeg_play, etc). Creating the animation is done by setting up a text file with the configuration information needed by mpeg_encode. It then reads the configuration file, determines what sort of processing is to be done and takes the input files and creates the MPEG output file. The configuration can be fairly sophisticated, but I found the default template worked fairly well with only a few minor modifications. One of those modifications was to tell mpeg_encode what other tool to use to convert the input files, which were in TIFF format (rendered from BMRT), into a format that mpeg_encode could handle. Fortunately, mpeg_encode handles two fairly common formats: JPEG and PPM/PNM (it actually supports a couple of others, but these two will be readily recognizable to most users). I used the NetPBM tool tifftopnm. The TIFF files are converted on the fly by mpeg_encode as long as you tell it what converter to use. There is another format called FLI which has an encoder. My understanding is that this format is slowly dying as MPEG gains popularity. So now that you know what formats you need to put the animation in you might wonder how to get the TGA files into the formats you need. Thats a common question when dealing with both 2D and 3D images, in both animated and static formats. The answer: get either the NetPBM tools. ImageMagick, or ImageAlchemy (the latter being a more sophisticated commercial product). Any of these are valuable tools for your arsenal of image processing since they all perform the often needed task of converting from one format to another. NetPBM is what I currently use, although I don't believe it has a tool for converting JPEG images to other formats (there is an add-on package for NetPBM that handles this, but I don't think the NetPBM package itself has JPEG conversion tools - I could be wrong, its been awhile since I downloaded the package). So, to summarize how to get your TGA files into an animation: * Deterine which animation format you want to create. * Determine what format the input files need to be in (GIF, JPEG or PNM). * Be sure you have a tool for converting the TGA files to the input format - this may be a two step process and it may be possible to get the animation creation software to handle the conversion for you (such as with mpeg_encode). * Get the encoding tools - mpeg_encode, WhirlGIF or MultiGIF. _______________________________________________________________________________ Musings Is VRML ready for PrimeTime? Some time back I had a reader send me email asking my thoughts on VRML. Below is the response I sent. After rereading it I have to say I still agree with it, although I reserve the right to change my mind after my trip to SIGGRAPH next month. Reagen Ward wrote: I come from the world of PHIGS for visualization, and thus can't stand VRML as a supposed data format. I'd love to hear your opinions on why it's not ready for personal use. Originally I had objected to it due to bandwidth issues. I've learned since then that this may not be as big a limitation as I once thought since VRML provides a language which can be passed between client and server and doesn't (to my knowledge - which admittedly is still somewhat limited) require the actual images to be passed. PHIGS could probably be done this way too, but PHIGS needs a "PHIGS for Dummies" layer slapped on top to make it a little more user friendly. However, the real limitation right now is processing power. Even if you pass only descriptions of the objects to render, the end system still has to be fast enough to render them from the point of view of the user. This is very CPU intensive. The average user doesn't have this kind of processing power (have you seen the new WebTV boxes? They are even slower and dumber than the average 2 year old PC). This processing could be moved off CPU into some adapter card (maybe a VRML-ready display card), but such technology isn't available yet so its cost would still be (for some time) out of the reach of the average home. Now its not unlikely to see VRML in some environs: kiosks in stores or malls (real ones, not Internet Malls) come to mind or any kind of public facility that provides information to users to be browsed at their own pace. These places will have limited point-of-view (like point-of-sale) locations on a local network so bandwidth is not a problem, nor is server capacity (its known pretty much ahead of time how much activity they're likely to have). The point-of-view boxes can be as powerful as the mall can afford. VRML provides a reasonable return-on-investment for these situations. But the big money, and money (income, that is) is what drives acceptance, only comes when you can move the technology into the home. Thats what WebTV's are all about - computers for the common man at toaster prices. VRML requires too much processing for the average home, so its not likely to be a big technology for at least 2-5 years. It depends on if Intel/Sun/HP/e tc can find a way to make money producing VRML-toasters. Hows that? indent Image Alchemy One of the most common tasks graphic artists will face is converting stock images from CDs and other resources from their original format to one that can be used by their particular software or medium (such as for use on the Web). There are actually a plethora of tools for doing this conversion. xv will convert between a limited set of formats, but does handle most of the most common formats. The NetPBM tools handle a huge number of formats using a very large set of command-line programs. And ImageMagick has both command line and X-based interfaces for converting images. Each of these has advantages and users will want to play with each to find one that suits their needs. Another solution for image conversion and manipulation comes from Handmade Software in their Image Alchemy package. This is a commercial package that features support for over 60 different image file formats using a command line interface. A graphical interface is available for Sun systems using OpenLook and there may now be a Motif version as well, however these do not appear to be available for Linux yet. Getting the software requires that you simply download the Linux binary package from the download page of Handmade's Web site. There is a demo package available for free, but the retail version requires a username and password that can be obtained from their sales department. The package I have, which I got from Hap Nesbitt at Handmade Software, contains two binaries: alchemy and alchfont. The former is the graphics conversion package. The latter is a font manager, although I'm not really clear on how to use it. The documentation, 330+ pages in a PDF file, didn't contain any references to it. Since I wasn't expecting this tool I didn't spend any time looking for info on it at the Handmade Software Web site. The manual is available for download from their Web site. Its quite large (something you'd expect from commercial software and something that is seriously lacking in many freeware packages) but it covers all the versions of the software, including 2 chapters (out of 8) and 1 appendix (out of 11) on the DOS/Windows Graphical interface. Along with the manual you can get runtime help by using the -help command line option. The runtime help is broken into several categories, each with its own command line option. The basic usage takes the following form: alchemy inputfile [outputfile] [outputpath] [options] The input file can be in any of the supported formats listed in the manual. The output file can be any name. By default the converted file will be written to a file with the same filename as the input file but with the appropriate suffix. For example, newfile.tga would become newfile.gif. Outputpath is useful when you want to convert a series of images. Options can be any of a large number of conversion options, many of which are file format specific. The only required option is the one which specifies which file format the output file should be in. Text files, what Image Alchemy refers to as response files, with options can be used by specifying the file name preceeded with an '@' sign, such as alchemy @scale myimagein.tif myimagein.gif Basically, you can convert one or more images, to files in the local directory or some other directory, using the command line directly or through the use of the text files. Unlike NetPBM the images don't have to be converted to an interim format before the final image is produced. NetPBM used the interim format to do its image manipulation, such as scaling or quantizing the colors in the image. Image Alchemy can do this in one step using various options. Speaking of options, the Image Alchemy manual breaks the available options into 4 categories: 1. General 2. Conversion 3. Color and Palette 4. Scaling and Filtering -Top of next column- [INLINE] More Musings... -- ImageMagic [INLINE] General options include items such as usage, statistics and memory features. Conversion options specify the output file types and any related options. For example, -g is the option for converting to the GIF format. This option has an additional numeric argument, 0 or 1, to specify which version of the GIF format to use - GIF87A or GIF89A respectively. Color and Palette options cover such things as alpha channels, true color options, dithering and gamma correction. Scaling options allow the resizing of the input image and along with the Filters provide for convolution, flipping, positioning and aspect modifications. All of the options are covered in detail by the manual and summaries are available through the builtin help option (-help). When evaluating image conversion utilties the artist will want to compare the quality and sizes of the images. On my 24-bit display the quality of the sample JPEG image provided with Image Alchemy (a photo of the Golden Gate Bridge) didn't change perceptibly when converted to GIF, Targa (TGA) or TIFF formats. The same image was converted using xv and NetPBM to these same formats and also showed almost not visible differences. The following table shows the file sizes for each: GIF TGA TIFF alchemy 192360 924059 769700 xv 142784 921618 772046 NetPBM 146100 921618 - ImageMagick Note that my version of NetPBM does not include the JPEG conversion utilities so the TIFF image converted by alchemy was used as the input image for NetPBM's tools. As you can see, the file sizes were very similar for TGA. Image Alchemy produced a significantly larger version for the GIF format and a slightly smaller version of the TIFF. Based on this a user might assume xv or NetPBM might be better suited for their needs. In many cases this is true, especially if you are only doing a personal web page or perhaps creating simple greeting cards. For professional work alchemy provides a wider range of tools and supported formats than xv and NetPBM, and does so with a single command line program. Both xv and alchemy provide significant documentation (you can get xv's by registering your copy and paying a little extra for the manual). NetPBM provides man pages but these can be difficult to print and its not always easy to determine which tool fits which format. Only Image Alchemy offers commercial support and with continued development at published intervals. For commercial operations this can be of key importance. The moral here is to spend a little time examining your image conversion needs before investing time in any one particular tool. Image processing is provided by all of these, but aside from scaling and perhaps color palette operations you may find the GIMP a better tool for interactive editing of images. If you need the convenience of command line oriented operation for batch processing, along with commercial support, then Image Alchemy may be the tool for you. [INLINE] Resources The following links are just starting points for finding more information about computer graphics and multimedia in general for Linux systems. If you have some application specific information for me, I'll add them to my other pages or you can contact the maintainer of some other web site. I'll consider adding other general references here, but application or site specific information needs to go into one of the following general references and not listed here. Linux Graphics mini-Howto Unix Graphics Utilities Linux Multimedia Page Some of the Mailing Lists and Newsgroups I keep an eye on and where I get alot of the information in this column: The Gimp User and Gimp Developer Mailing Lists. The IRTC-L discussion list comp.graphics.rendering.raytracing comp.graphics.rendering.renderman comp.graphics.api.opengl comp.os.linux.announce [INLINE] Future Directions Next month: No Muse next month (September). I'll be at SIGGRAPH and otherwise busy throughout August and just won't have time for it. But I'll be back in October, probably with lots of goodies from SIGGRAPH (or at least I hope I am!). Let me know what you'd like to hear about! __________________________________________________________________________ Copyright © 1997, Michael J. Hammel Published in Issue 20 of the Linux Gazette, August 1997 __________________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next __________________________________________________________________________ More... Musings ImageMagick Overview After months of procrastination, I finally got around to taking a closer look at the ImageMagick set of tools from John Cristy and E.I. DuPont De Nemours and Company Incorporated. I've had a number of readers write and ask me about the program, what I thought of it and how does it work, etc. Its time to address some of those issues. ImageMagick is a graphics manipulation tool along the lines of XV or the GIMP that runs on a variety of Unix systems, including Linux, along with MS and Macintosh platforms. The package is available in source or binary distributions from http://www.wizards.dupont.com/cristy/Ima geMagick.html. I downloaded the binary package which was a gzipped tar file of the installation package using relative paths. Since the package attempts to place the binaries and some other files under the /usr/X11R6 directory tree, and I only install system files there (everything else goes under /usr/local), I had to unpack the file in a local directory tree, change the name of the X11R6 directory to local, recreate the tar file and then unpack it as root from the root (/) directory. Other than this, the installation of the binary package was painless. The distribution comes with a set of 9 tools that allow both interactive and command line editing of images: [INLINE] 1. display 2. import 3. animate 4. montage 5. convert 6. mogrify 7. identify 8. combine 9. xtp All of the tools come with well written man pages and honor the -? command line option to get usage summaries. The first of these, display, is an interactive program that uses X Windows. The interface is consists of a single, columnar set of buttons, each of which opens a menu, and a viewing window. Figure 1 shows the default image window and the menu box. The image window will dither images to fit on the display based on the hardware support you are using. The menu buttons are simple to use - just click on one to see the options available for that menu. The top level menu options are: * File - file functions * Edit - undo, redo, etc. * View - affects image size * Transform - rotations, shear, flip, crop, etc. * Enhance - brightness, hue, saturation, etc. * Effects - despeckle, sharpen, blur, solarize, etc. * F/X - swirl, implode, oil painting, etc. * Image Edit - add borders and frames, edit colors, etc. * Miscellany - image info, slide show, histogram, etc. * Help - extensive help system, including some HTML based documentation Under File the options include such things as a Print function (using Postscrip t, so you'll want to make sure you have Ghostscript installed first), New, Open, Next, Former, and Visual Directory, among others. The Visual Directory appears much like the Open option in that both provide a File Selection box from which to choose an image. I'm not certain if I was using it correctly, however, since I got the feeling the visual directory is supposed to be similar to XV's visual schnauzer. The Effects and F/X menus are similar in that both provide access to features that manipulate the image, much like XV's algorithms or the GIMP's plug-ins. I found the Shade function interesting in that it turned the 2D planet into a slightly 3D image by adding shadows in the appropriate places. Most of the functions are similar to the features found in the stock GIMP distribution but there are a few more than what XV provides in its algorithms menu. The number of features of the display program is attractive, but as an image editing tool for artists it is a step or two behind the ease of use of the GIMP. Some of the effects features are a little nicer than what is currently available for the GIMP, however. And the annotate feature, which allows you to insert text into an image, does provide a reasonable font previewer. Still, the GIMP is a more sophisticated end-user interface. During my brief testing of display I had multiple lock ups on my Linux 1.2.13 box, but that may be due to older libc. I also noticed that display appeared to run a bit slow in refreshing the image window. Redraws of the windowing toolkit (looks a bit like Tk or Motif, but I'm not certain what it is really) were really slow. Again, this may be due to my slightly older Linux system. Beyond the graphical interface, the other 8 programs in the distribution are command line oriented. From what I can gather this is what makes ImageMagick a valuable addition to the Linux graphics artists toolchest. Each of the commands serves a general purpose but handles that purpose with an extensive array of options. As a group these tools can be used to automate the handling of images for display on web pages quite nicely. I think that many of the features builtin into the display program are covered by these command line interfaces, but I also found a few features that I think display may not handle. Import is used to do screen captures of windows or rectangular regions of your monitors display. You can specify an window ID or name or you can use import interactively by using the mouse to specify the window or region to capture. Options include allowing capture of the window manager frame, dithering and cropping the image before saving. The output file format depends on the filename extension used for the saved file or by prefixing the filename with the file type followed by a colon, such as ps:output_image. By default import will save the file as an Encapsulated Postscript file. Animate will take a series of images in just about any format and display them as an animation. As with most animation software the quality of the animation will depend on the number and type of images, the speed of the computer and the memory available to process the images. Since I didn't have a series of images to experiment with I wasn't able to really look into this particular tool. Montage allows you to create a single image built from a series of other images. Input images are scaled to fit a specified tile size, a square of 120x120 by default, and then places the images side by side in a series of rows. By default 5 tiles are used in a row and 4 rows are produced. If more than 20 images are supplied then additional output montages are produced. You can specify a larger number of tiles to use for a single montage, and thus the number of input images to use, with the -tile option. Montage offers a large set of options. The page size can be set so that the postscript output will fit on various paper sizes. You can set the gamma level for the output files, crop and dither the input images, provide an ornamental frame around the output image, and where to place an image inside a tile if it doesn't fill the entire tile region (this is known as where the image will gravitate within the tile). Input files can be identified with labels using various fonts. 3D shadows can be added to input images as well as a textured backdrop in the tile areas and borders not covered by input images. Convert and Identify are complimentary programs. Identify can be used to determine, based on the files magic number, the image format of a particular file. Along with the file type information such as the size of the file, whether or not it is colormapped, and the number of colors in the image are also printed. Convert takes an image in one format and converts it to another file using a different, specified format. The format type can be specified just as with import, with a prefix or suffix denoting the format of the input and output types. Convert can also read Unix compressed (.Z suffixed) image files, but does not write the converted image as a compressed file. Multipage or multipart images are converted with output files using the filename with a scene number for a suffix. This is a modifiable option, however. You can embed a printf() style formatting string in the output file name to sequentially number the images and still include the format type as a suffix. Mogrify manipulates images the way the Effects and F/X menu options in display do. This tool takes an input file and processes it based on the options specified and in the order they are specified. Since options are processed in the order they are presented on the command line, it is possible to set a series of options to be globally applied to a series of images, then change one or more of these options for individual images - all from a single command line. Mogrify permits scripting and batch processing of images. XV can do this to some extent, but I've never used it that way and the number of processing functions is greater in mogrify. The GIMP has a scripting interface, but batch processing has to go through Net-FU (a network based interface). NetPBM provides only command line interfaces, but you have to script a series of programs together to get the same effect you get from mogrify. Image Alchemy, a commercial product for image processing from Handmade Software, appears to be the only real match for the way mogrify functions for batch processing. Finally, the ImageMagick tool set includes an extra feature - xtp - which allows for network transfer of files simiilar to the way ftp works. According to the ImageMagick web site, xtp doesn't require any interactive commands so file transfers can more easily be batch processed. Beyond the base tools, John Christy and E.I. Dupont De Nemours and Company also provide a plug-in package called the ImageMagick Plug-In. This appears to be (although I'm not quite clear about it) the shared image libraries for a number of popular image file formats. It is basically equivalent to what libgr provides except that the ImageMagick libraries include support for MPEG files. There are also a number of programs in the Plug-In packages, including a TIFF thumbnail generator and the cjpeg and djpeg tools for compressing and decompressing images to and from the JPEG format. Most of the tools in the Plug-in package are related to TIFF handling. As you can see the ImageMagick tools cover a lot of ground. I didn't get to comparing the quality of the images from ImageMagick versus XV or NetPBM so this review is really just an introduction to the toolset. But the tools are obviously high quality, feature rich, and well documented. The developers announce frequent updates and additions which is better than what you generally hear of XV or NetPBM. If you've used XV, the GIMP or NetPBM and find these might not quite fill all your needs you owe it to yourself to take a look at ImageMagick. No graphics fanatics arsenal of tools is ever complete and no tool can handle every need. Its important to keep aware of the tools that are available. ImageMagick is a tool that deserves serious consideration for your collection of graphics tools for Linux. indent © 1997 by Michael J. Hammel "Linux Gazette...making Linux just a little more fun!" __________________________________________________________________________ Including RCS Keywords in LaTeX Documents By Robert Kiesling, kiesling@terracom.net __________________________________________________________________________ The GNU Revision Control System is generally considered a tool for software development, but it is also useful for tracking revisions of text documents. This article explains how to include and format RCS keywords in LaTeX documents, and how to track document revisions using these keywords. Most discussions of the GNU Revision Control System occur in the context of tracking source code revisions. But RCS can track revisions of any type of file, text or binary, provided that the diff utilities which generate RCS change files can handle binary data. RCS seems ready-made for working with LaTeX input files. The pre-defined keyword identifiers built in to RCS are easy to format and print. They provide ready information that can include the document's author, its revision, filename, and, revision log entry. RCS also provides facilities for user-defined identifiers. RCS is commonly included with the development software of Linux distributions. The latest source code version of RCS is available from ftp://prep.ai.mit.edu/pub/gnu and its mirror sites. The ident(1) manual page has a list of the standard RCS keywords that are generated when documents are checked out by RCS. They include: * $Author: schwarz $: The login name of the person who checked in the revision. * $Date: 1997/09/14 15:01:52 $: The date and time the document was checked in. * $RCSfile: issue20.txt,v $ The basename and extension of the RCS file. * $Id: issue20.txt,v 1.1.1.1 1997/09/14 15:01:52 schwarz Exp $: String containing the name of the RCS file, the revision number, date and time, author, state, and locker if any. * $Revision: 1.1.1.1 $: The document's revision number. * $Log: issue20.txt,v $ * Revision 1.1.1.1 1997/09/14 15:01:52 schwarz * Imported files *The log message entered when the document was checked in. These keywords are included verbatim in documents. They are expanded when the document is checked out with co(1). One consideration that needs to be taken into account is that the keywords' dollar signs are interpreted by LaTeX (and TeX) as starting and ending math-mode typesetting. LaTeX and TeX will not generate an error when it encounters the dollar signs. However, because LaTeX and TeX typeset equations differently than normal text, the results can be unpredictable. For example, including the $Id: issue20.txt,v 1.1.1.1 1997/09/14 15:01:52 schwarz Exp $ string at the top of the odd pages the commands \pagestyle{myheadings} \markright{$Id: issue20.txt,v 1.1.1.1 1997/09/14 15:01:52 schwarz Exp $} results in the expanded RCS $Id: issue20.txt,v 1.1.1.1 1997/09/14 15:01:52 schwarz Exp $ string to be printed at the top of the pages, but some of the keywords run together because of the way TeX formats the string. An alternative is to use the keywords of the individual identifiers, and separating them with the appropriate command. Here, the TeX command \hfil inserts the necessary space when the keyword strings are typeset in the running head. \pagestyle{myheadings} \markright{$Date: 1997/09/14 15:01:52 $\hfil$RCSfile: issue20.txt,v $\hfil$Revision: 1.1.1.1 $} The string given to the \markright command will be typeset with the date in the upper left of the page, the filename centered, and the revision number at the top right. The \markright command is all that's needed for printing on one side of a sheet. For printing on both sides of the page, use the \markboth command. \pagestyle{myheadings} \markboth{$Date: 1997/09/14 15:01:52 $\hfil$RCSfile: issue20.txt,v $\hfil$Revision: 1.1.1.1 $}{\thepage} The first argument to \markboth prints the RCS information at the tops of the left-hand pages and the page number at the top of the right-hand pages. The identifier \thepage is a standard LaTeX variable which prints the page number. The RCS log message can be placed anywhere in a document that the $Log: issue20.txt,v $ Revision 1.1.1.1 1997/09/14 15:01:52 schwarz Imported files keyword can be inserted. For example, to place a (short!) log message in the margin at the beginning of a document, put the command \marginpar{$Log: issue20.txt,v $ \marginpar{Revision 1.1.1.1 1997/09/14 15:01:52 schwarz \marginpar{Imported files \marginpar{} immediately after the \begin{document} command, or after the \maketile command if the document has a title page and you'd rather have the RCS log text annotating the body text of the document. The RCS information can be included in the documents footer by using the fancyhdr package, which is available from any TeX archive site. If you want to include the $Date: 1997/09/14 15:01:52 $ and $Revision: 1.1.1.1 $ keywords at the bottom of a page, you could include \usepackage{fancyhdr} \fancypagestyle{rcsfooters}{% \fancyhf{} \fancyhead[C]{thepage} \fancyfoot[L]{$Date: 1997/09/14 15:01:52 $} \fancyfoot[R]{$Revision: 1.1.1.1 $} in the document preamble; that is, before the \begin{document} command. At the point you want the RCS data to be typeset, insert the commands \thispagestyle{rcsfooters} \pagestyle{rcsfooters} ident(1) also searches files for RCS keywords. Typing the command ident term-paper.tex for example, will print a list of the keywords and their values to standard output. It's a simple matter of typing ident *tex | grep "fred" - to search for the documents which were last checked out by user fred. For further information, consult the manual pages of the various programs in the RCS package, and the rcsintro(1) manual page for an introduction to the RCS system. __________________________________________________________________________ Copyright © 1997, Robert Keisling Published in Issue 20 of the Linux Gazette, August 1997 __________________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next __________________________________________________________________________ "Linux Gazette...making Linux just a little more fun!" __________________________________________________________________________ Interview with Sameer Parekh By James T. Dennis, info@starshine.com __________________________________________________________________________ Jim Dennis, "The Answer Guy" columnist for Linux Gazette interviewed Sameer Parekh for us. Sameer Parekh is the founder of C2Net Software Inc., http://www.c2.net, the company that imports the Stronghold web server. Stronghold has added fully licensed commercial SSL support and other features to the popular Apache web server. Jim: So how many platforms have you ported Stronghold to? Sameer: We support almost 20 different forms of Unix. Jim: Obviously Linux is one of them. Do you require a 2.x kernel? Sameer: No. We support both the ELF and the a.out libraries. It works with 1.2 and 2.0, although we generally recommend using the latest stable kernel. Jim: Which version, or implementation, do you think is your biggest volume seller? They're all priced the same right? Sameer: Yeah, they're all priced the same. I think actually Linux is our number one seller. Then, second to that, we have Solaris and Irix. I haven't ... I really should do the numbers. I haven't done those because we don't sell on a "per platform basis." We just sell a Stronghold license, and they can use it on whatever platform they like. Jim: Now you've got separate numbers for when people have gotten a evaluation copy and when they've licensed it. About how many evaluation copies are being downloaded every month? Sameer: I couldn't tell you precise numbers ... Jim: Just a ball park... are we talking about 100 per week, a 1000 per week ... Sameer: On the order of 20 to 30 a day so that would come about to a couple hundred per week or about 1000 per month. Netcraft shows that we have an installed base of about 20,000 on the public Internet. But that includes the virtual hosts as well so it's not 20,000 actual hosts, it's the number of domains served by a Stronghold server. It's a sort of deceiving number because they're only checking the non-SSL sites and a lot of people run Apache on their unencrypted server and Stronghold on the encrypted server. Many run Stronghold on both as well. Obviously since we have 20,000 unencrypted sites but there's probably a higher number of people running Stronghold just on the encrypting port of their site. Netcraft did a different survey of SSL servers where we came in second. That is, for servers in general we came out second among commercial Unix servers and fourth in commercial overall. Jim: The Netcraft surveys that you've been referring to, is there a link to those somewhere on your web pages? Sameer: Well, it's at www.netcraft.com. I think the surveys are on our site as well. I'm pretty proud of our Netcraft ratings so we mention that pretty prominently. Jim: What can you tell me about C2Net as an organization? I know you used to be Community Connexions ... Sameer: Yes, we started as an Internet provider, and a privacy provider -- protecting people's privacy on the Net. People could get anonymous accounts, they could set up anonymous web pages. We were strong supporters of the re-mailer network, we set up the anonymizer which lets people browse the net anonymously through our proxy. That was going reasonably O.K. I was running it more as a hobby in my spare time while I was a student at Berkeley. Then I left school to start contracting at SGI down in the South Bay1. At the end of last year we came out with Stronghold, though it wasn't called that at first. It was called "Apache-SSL U.S." and that started going really well. It became clear that we'd do a lot better selling cryptography products then w'd do at selling privacy services. The privacy services was going O.K. but it wasn't enough to become a day job... it wasn't enough to get an office... it wasn't enough to hire people... it was pretty much a one man operation out of my house when it was just a privacy business. So, as it was obvious that we could do a lot better by selling and deploying cryptography, we moved our focus away from the privacy services and changed our name to c2.net to reflect that change in focus and to concentrate primarily on deploying strong cryptography worldwide. So, as of a few months back, we officially had the name changed to C2Net Software Inc. Jim: And you moved your customers over to Dave Sharnoff's idiom.com? Sameer: ... we moved our dial-up customers over to idiom back, some time ago like, last April or so--but we were still supporting the privacy services until late last year when we move all of our web hosting and anonymous account holders to Cyberpass which is down in San Diego and is run by a cypherpunk2 who is very active in privacy and in the re-mailer network. Jim: You mentioned that you do cryptography as your business and you just mentioned the "cypherpunks" which is where you and I first met--probably at one of the meetings on the Stanford Campus in Palo Alto. It that where you find most of your employees? Sameer: I get most of my employees from there and from people I know at school and through other personal contacts and existing employee referrals. So I think that, of the eleven employees I have, about half of those I know through cypherpunks. We a pretty cypherpunks oriented company. We're really the only company that's willing to deal with the fact that what the US government is trying to do with their export restrictions goes beyond just impeding or restricting export--but to create a chilling effect so that companies inside the US cripple their cryptography even for their domestic products. So we're one of the few, maybe the only company in the U.S., that's standing up to this ... that isn't willing to back down in the face of this chilling effect. I think a lot of my motivation is related to my involvement with the cypherpunks and being involved during all the controversy surrounding the clipper chip when that was first proposed. All of our development happens overseas so that we can do cryptography worldwide and the international versions of our products don't have to be crippled to 40-bit keys that can be broken in three and a half hours. Jim: So your approach is similar to what Jon Gilmore and Hugh Daniels are doing with the Free S/WAN project--keeping the developers on the other end and you're providing the quality assurance on this side... Sameer: Well, we're providing mostly the marketing, actually, and the sales. We do a little bit of QA but that's too close to the export issue. We also do the documentation--that's all written in the U.S. The main benefit of having a U.S. office is the marketing and sales even though all of the development has to happen overseas, all the protocols and the standardization efforts, all that new stuff is all in the U.S. Stronghold conforms to protocols developed and published by Netscape, the W3 consortium and the IETF--among others. Jim: Now, there's something I'm curious about. You've combined Apache and SSLeay which is Eric A. Young's SSL3 implementation--and those are what you've integrated in Stronghold. Then you got a license from RSA so you could include their public key libraries. So how did you approach the Apache organization with the idea for a commercial version of their free package? What kinds of licensing... Sameer: Well, Apache is free under the Berkeley style license as opposed to the GPL which means that, if I wanted to, I didn't have to have any relationship with the Apache group. It's possible to just take Apache and, according to their license, leave in the appropriate copyright notices and just start selling a product. But that would be kind of rude I think. I'd been involved in the group already before having any intention of changing the focus of my business. I saw a need for an SSL version of Apache that would be available within the U.S. So I started working on it and found SSLeay and I found Ben Laurie's Apache-SSL patches, which he'd done in the UK, and I integrated all of that for limited distribution within the U.S. So I had joined the Apache group for that. I already new many of the Bay Area members socially. I became a contributor--though not as big as the people who do large chunks of the code but I do testing and help with the documentation. I have a tech writer who's a full-time employee of C2Net who does documentation that she contributes back to the Apache group. I originally joined in an effort to support the group because I think that free software is a great thing. As the product has started doing well I think that our connection to the Apache group has been mutually beneficial. Any bug reports we get from our customers go back to them, any bugs we find, we fix and donate back. A large number of the features we've added we've also donated back. Naturally we haven't donated *all* the features since we need to maintain some proprietary value because we need to make some money as well. Jim: Did you talk to Eric Young? Sameer: Yes. We're in close contact with Eric. We work really well with him. Jim: I'm not familiar with his licensing... Sameer: Yes, both his and Ben Laurie's are very Berkeley style licenses. They are free software for commercial and non-commercial use--you just have to give credit. So in our marketing materials, documentation, and on our web pages it says "this product contains software written by Eric Young, and by the Apache Group" ... that sort of thing. Jim: So what do you think about the GPL vs. Berkeley issue. I know this is an ongoing bone of contention between the FreeBSD and Linux camps. Sameer: I'm generally in favor of Berkeley over GPL because I think that free software is best done in a variety of different contexts. In particular with the crypto environment, it's impossible to do completely free software inside the U.S., if it involve any public key techniques, because of the patents4. So for doing crypto inside the U.S., because of the intellectual property issues and the patent environment, it's impossible to release products under GPL. I think that the fewer restrictions we place on our software the more people will use it. The reason I would write free software is so that people will use it. If you put complex restrictions on your software saying that you can't sell any derivatives of it unless.... you create a lot of worry. Perhaps the motivations of the people writing GPL software are not just to make it widely used. That's valid. But it doesn't match my personal motivations for releasing free software. It's clear that it should be properly credited and have some controls. I don't think things should be released to the public domain. Well, I do see a lot of debate about that question--particularly on the FreeBSD mailing list. I suspect the debate and flame wars on that will go on forever. Jim: So, how many people have you got working here? Sameer: We have nine people here in the U.S. and two people abroad and then we have a couple of contractors. That comes out to about 14 or so. Jim: And where are your international programmers? Sameer: We don't say. We don't want the U.S. government and others to know which country they're in. They might then put pressure on that country to add export restrictions to their laws. This administration has appointed a person, David Aaron, whose sole job is to convince other countries to adopt similar restrictions to ours--so that our strategy won't continue to work. Obviously if all other countries had similar export restrictions than doing development in any given one would only allow sales in that locale. That would be pointless in a global economy. So they have this guy, David Aaron, who effectively harasses and bullies other countries into adopting restrictions for US interests. We want to ensure that he can't target the country where we are doing our development. Jim: And no one from our government's asked? Have you had any official contact yet? Sameer: No. Not yet. Jim: Do you know of other companies that have? Sameer: I've heard a lot of rumors from companies who've had visits from the NSA saying "what you're doing is wrong, you should stop it or it will do bad things to the rest of your business." They can't do that to me because I have no other business. We do cryptography and we're at odds with export restrictions on intellectual property. Jim: So, would you see that as your edge against Microsoft, Netscape and Sun -- that they would have other aspects of their business that might get severely hampered by the fight against cryptography export restrictions. Sameer: Well. It's not worth it to them. It doesn't make good business sense for them. At the same time it is a business necessity for us. So any company that doesn't want to fight this battle can offload that onto us. They can license our software--and their offshore distribution agents can also license our software and they don't have to do any development. They don't have to put their business at risk over questions of cryptography technologies. Jim: I see. Speaking of other cryptographers, I hear that Phil Zimmerman just moved to the Bay Area to found PGP Inc. Do you have any contact with him? Sameer: No. We don't currently have any professional contact with them. Jim: I'm confused about what happened there. Phil licensed the commercial rights to PGP to a company called ViaCrypt ... Sameer: ... then he bought ViaCrypt--actually their parent company. Jim: That's what I thought I'd read. So what other products are you working on? Sameer: Well we have our "Safe Passage" web proxy. This does full strength SSL for web browsers world wide. It's currently in beta and is available at our U.K. site. That provides a locally hosted proxy to provide full strength cryptographic capabilities to the international versions of Netscape and Microsoft browsers. As you know those are limited to 40-bit crypto when sold outside of the U.S.--denying them access to sites that require the domestically available stronger keys. Basically Safe Passage allows a user's browser to talk 40 bit to the proxy on their system which, in turn talks to hosts out on the web. It runs under Windows. Jim: So what do you think of the Free S/WAN project5 Sameer: I think it's a good thing. We need to provide IP level encryption in addition to the applications specific security provided by programs like Stronghold or PGP. With regards to our product line, we haven't evaluated how that might fit into our strategy. So I don't have any comment from a business perspective. However I think, from a more personal point of view, that producing a freely available implementation of IP level encryption is a great thing. We want this deployed so that all of the Internet traffic is encrypted and especially so it's authenticated. Jim: Getting back to Stronghold as a "commercially supported Apache Server" and leaving aside it's support for SSL and commerce... are there any companies offering just that--just a commercially packaged Apache? Sameer: There are companies that offer Apache support services--but there aren' t any that sell a supported package--where you'd get a shrink-wrapped box, with binaries, and pre-printed documentation, or anything like that. So these companies just offer the service. We offer a product--which includes e-mail support, of course. Cygnus was doing some Apache support as well but I believe they may have dropped that. Then there was a company in South Africa, Thawte, which had a product called Sioux. We ended up buying that out and integrating its features with Stronghold's. Sioux was released a few months after we had produced "Apache SSL U.S." We started talking to Thawte--and decided to buy that product from them to eliminate any conflict of interest for some other business that we wanted to do with them. You see Thawte's primary business is as a CA (certification authority). So it was an amicable arrangement since it wasn't the software business that they wanted to get into. So we are now bundling Thawte certificates with a Stronghold package. That's only fifty dollars more--which is about half the regular price of a Thawte. Jim: So do you find that many of your customers have to go with Verisign6 for other reasons? Sameer: Well, Thawte is gaining in popularity though their certificates are only accepted in the latest browsers from Netscape and Microsoft. So support for older versions of Netscape is probably the main reason people had been choosing Verisign over Thawte. As the PKI certification7 authority marketplace matures I hope that people will be able to choose their CA's based on reputation rather than being stuck with whatever the browser makers supported. Right now all of the CA's are too new to have any reputations. So far Verisign is known to be well funded and Thawte is thought of as a very small company. As far as I can tell they don't have any reputation with respect to which is more reliable. The market will have to mature, and they will each have to have time to build up a track record before people will be able to make informed decisions. Jim: Now, back when we were talking about support you mentioned that the e-mail support is included with Stronghold and that telephone support unbundled from it. What kind of support call volumes are you getting? Are you getting a lot of calls? Sameer: Not at all. We have an installed base of something like 20,000 accordin g to Netcraft--and we only about three people doing support and... ... there's no person who just does support. We're a small company so everyone does a lot of different things. But we have three people who mostly do support and two people with the word "support" in their title. So the support load isn't very high. I think that's because the product is actually very easy to use, it's intuitive and it's easy to install. Although we sold some phone support we really prefer e-mail. People get answers that are more fully formulated and they don't have to wait on hold. Also when we use e-mail then everything is tracked and recorded so it's easy to look back on what's been tried and it's easy to forward the issue around as needed. We've been pretty successful steering people toward e-mail support so they don't have to buy the phone support. Jim: So I've been reading in the apache's modules lists about these php's, what are those? Sameer: php originally stood for "Personal Home Page"--but it doesn't really mean that any more, so it's just php and doesn't really stand for anything. php is a specific module with does dynamic content--which is the phrase I like to use for things like server side includes, and extended ssi, php, e-perl and all of these things. They are all providing dynamic content--where the page is parsed by the server and the data that's sent to the client is based on the scripting that's inside the original document. php is what we like to use because it's easy to use, it's very robust and it offers connectivity to almost every database out there. well I should say that--there are a lot of databases "out there". It can connect to postgres '95, msql, solid, sybase, odbc, c, etc. It's a way to embed scripting inside of your html. So, for example, you can have conditional sections what will include blocks of html based on the results of certain pieces of code. You can have an HTML page which does a database query and formats and sends information out of the database. If offers significant speed advantages over CGI since it's loaded directly into the web server. You save the load of forking off a Perl process like you'd usually get with CGI. So Stronghold 2.0 bundles with the php module. That's in beta now. We've been using php quite a bit in house for out database connectivity and our external web site. It's very useful. We also support the server side includes--which were in the early CERN server. Stronghold is based on Apache which also includes the "extended SSI". XSSI adds things like conditionals. Jim: So you think these sorts of tools are better than CGI? Sameer: Yeah. It's a lot easier to build applications--particularly where it's not a complicated application--where you just want to include a little scripting directly in your HTML. If you use a CGI script--the script has to output all of the HTML. It's just as transparent to the browser--but it's a lot faster, and it's a lot easier for the web administrator to maintain. Jim: On a different tack, you've got a proxying client that brings internationa l versions of the standard browsers up to domestic standards of cryptographic strength. that puts you pretty close to the browsers. Where do you see the browser market going? In the browser wars what would you like to see come out of it? Sameer: Hmm. That's tough to say. I think there's no alternatives to the Netscape and Microsoft browsers at this point. It's hard to say if one will destroy the other. It's such an open subject, maybe you could be a bit more specific? Jim: Well--do you see Java doing anything significant Sameer: I think Java has some potential for distributed computing. it has a lon g way to go. it's rather unfortunate Microsoft has decided to create it's own proprietary version of Java. Then there's javascript--which isn't Java at all. So Netscape's decision to rename live script to "java"-script and that's added confusion to an already confused marketplace. I think javascript is interesting because there are a lot of potential security problems in it's design. Some versions of Java have implementation problems. Those can be fixed. The design of Java pays due care to security considerations. However when a language like javascript is designed with out any security in mind--you can't fix it. Jim: In other words "implementations can't fix fundamental design flaws." Sameer: So the danger is that it [javascript] has a similar name [to Java]-- and it is useful for building Intranet applications where hostile applications are not a security concern. So javascript can be used to connect to internal HR data applications or to an order entry system and make the interaction a lot easier. Javascript's features allow you to make your client more active--so the user doesn't have to send everything to the server to get feedback from your web forms. The problem is that there is currently no provision to restrict the browser--to say "I'll accept javascript from within my network but not anything from anywhere else" or "I'm willing to accept javascript from these people but not them." Once it gets to that point I think javascript will have more of a future and offer real benefits. Jim: Could you add those features to your client side proxy--the filtering that is? Sameer: It could be done. It would be a lot of work and I'm not sure there'd be enough of a market for it. I think it's best done in the browser. Hopefully Netscape will add that to their features set soon. I usually have Javascript disable--but I see some cases where I'd like to use it. If I could just turn it on for those applications it would be very nice. Java is much closer to secure deployment and authentication. Jim: Speaking of authentication--I have a question about SSL. Currently the whole SSL view of the world, brought to us by the Netscape Commerce Server, is all about the server authenticating itself to the client--about web sites saying "You've reached me--and not some imposter and there's no man-in-the-middle and we can exchange information privately." This doesn't seem to offer anything for the client to authenticate itself to the server other than manually typed passwords. So maybe that's a feature that we'd like to see in the browsers--is some sort of client authentication certificates for SSL. Sameer: Actually that's already in there. Stronghold already supports client authentication. the SSL protocol added that in version 2. Netscape supports client certificate authentication starting with Navigator version 3 which is built about SSL version 3. Stronghold was the first widely used, commercial server to support SSL client authentication. So now that we have the support in the browser and our server it's only a question of user acceptance and getting sites to start using it. I think that the SSL client auth. is an excellent technology. We're using it extensively here at C2Net. Because we have people from all over the world we can't really have this big private WAN and we can't set up a VPN8 using something like Free S/WAN--because it isn't even ready yet. So we issue client certificates to all of our employees. We have a Stronghold web server where our sensitive information is stored and an employee can connect to that server from wherever they are on the Internet and access business information. They are protected by full-strength cryptography and RSA encryption on the client side. It's an incredibly empowering technology because we don't have to worry about making people come into the office to get this information. they can do it from home and the can do it securely. Jim: So you don't have to worry about static IP addresses, and boring holes in your firewall and packet sniffers on your ISP's routers, and .... Sameer: Right. As long as they have their client certificate on their laptop. You know I have a ricochet [ed. note: Metricom Ricochet are wirel ess modems that are popular in the Bay Area because they offer flat rate unlimited wireless PPP to modem users]--and I can do anything from my laptop through that. I can review support questions, work in the bug tracking database, I use SSL to do logins. That isn't a product of ours. Jim: I met Tatu Ylongen, author of ssh, at the IETF a couple of months ago. He's started his own company, too. I guess he does all the development and has Data Fellows doing all of the licensing. Sameer: That's right. Data Fellows is doing all of the sales and marketing while he's doing the development. Jim: So do you see C2Net coming out with, maybe, an ssltelnet and sslftp to compete with ssh? Sameer: Well, we can talk about all the details of all our product ideas. there already is an ssltelnet and sslftp. nobody's supporting them and nobody's using them yet. So I think, that as far as encrypting, secure shell logins and file transfers ssh is the best product out there. Although it's a different authentication protocol, not like the SSL between my browser and my web server--but it is RSA based and I can use my copy of ssh through my ricochet and login to my servers here. Jim: So, if you were to configure all your systems here--presumably all Unix boxes, and you took out all of the unencrypted and weakly authenticated services you could almost run without any packet filters or firewalls--except to prevent address spoofing. Sameer: We have packet filters on all the non-encrypted services--because there are still a number of useful services for use just within the private network. We don't allow any non-encrypted packets to pass through. We allow ssh for logins and SSL for employee access to our internal web servers. Those both offer strong authentication--and the SSL is only accessible to people who have a C2Net employee certificate installed on their system. Jim: Does the Netscape navigator support a "pass phrase" to unlock the locally installed certificates, like PGP does with your signature keys? Sameer: Yes, it has some system where you use a pass phrase to encrypt your private keys. Jim: So if you lose a laptop you don't have to run right into the office to revoke those certificates. Hopefully their crypto on that is strong enough to give you a few hours. Sameer: I'm not sure what they use. Safe Passage uses DES [ed. note DES= Data Encryption Standard] You see browsers that support client certificates have to do RSA key generation. So the international versions are limited to 512 bits for the key. That means that Safe Passage has to proxy the support for the SSL client authentication as well. That puts the international client on an even footing with any of the domestic browsers since Safe Passage is actually connecting to the web servers for the browsers. Another benefit of using Safe Passage is that it provides an integrated location for all your certificate keys if your using different browsers. One of the problems with client certificates right now is that Netscape and Microsoft don't have a published interface for managing the keys that are installed in each. In other words if you've have a certificate in Navigator you can't transfer it to your copy of Internet Explorer and if you have a Navigator SMIME9 you can't transfer it into Eudora. So Safe Passage helps by allowing you to use just one certificate database. We plan to offer an easy way to extract those certificates -- though we haven't figured out quite what that will be, yet. There are standards emerging on how to do this--and we will be supporting those standards, of course. Jim: Now this proxy is only available for Win 95, and NT Sameer: ... and Win 3.1 Jim: Are you planning on release a Unix/Linux version of that Sameer: Making it available for Unix wouldn't be difficult. It was actually prototyped under Unix and then ported to Windows and there a graphical interface was added to it. However, there isn't much of a market demand, and we are a small company, so we can't afford to support Unix and Mac on it for now. We'll need to get some more resources before we could broaden that support--as much as I'd like to do it. Jim: So, what else can you think of that just HAS to be said? Sameer: The key thing that we, at C2Net, are focusing on is the worldwide deployment of cryptography. I think it's vital that we deploy strong crypto worldwide in the very near future. The U.S. government has made it clear that their intent is to make the personal use of strong cryptography completely illegal. So, the deployment has to happen before they do that. If these crypto products aren't ubiquitous before that we'll have a have a much harder time in protecting our privacy. I see cryptography being used for much more interesting things than just protecting credit cards. While I think that it's prudent to encrypt your credit card number before sending it over the 'net--it's not an interesting application of strong cryptography. So we want to build an infrastructure so that restrictions on personal use of privacy technology will have major business implications ... so that privacy itself cannot be made illegal. Footnote 1. An area in the San Francisco Bay area--near Silicon Valley. Footnote 2. "cypherpunks" is a mailing list for the discussion of the politics, technologies and soceal ramifications fo cryptography and privacy issues--members of the list in various cities meet in person on a regular basis. Footnote 3. SSL, "secure sockets layer", is the specification for encrypted and authenticated communications--proposed to the IETF (Internet Engineering Task Force) by Netscape Footnote 4. RSA holds a suite of patents which cover almost all known forms of public key encryption--patents are much different than copyrights in that a re-implementation of the same algorithm--is still covered Footnote 5. S/WAN is a "secure wide-area networking" protocol from RSA--Free S/WAN is a work in progress and being imported by another group of cypherpunks and John Gilmore of the EFF Footnote 6. Verisign is another CA--particularly for SSL certificates. Footnote 7. PKI = Public Key Infrastructure--CA's are the certificate authorities which verify identity and message integrity using public key cryptographic algorithms. They act as neutral third-parties in web and other Internet transactions and "vouch" for the authenticity of a web site when a secure session is initiated Footnote 8. VPN is the virtual private network-- using IP tunneling and encryption to create "virtual" WAN links across the Internet Footnote 9. SMIME is the Secure Multi-part Internet Mail Extensions--that's MIME with digital signatures and message authentication coding __________________________________________________________________________ Copyright © 1997, Jim Dennis Published in Issue 20 of the Linux Gazette, August 1997 __________________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next __________________________________________________________________________ "Linux Gazette...making Linux just a little more fun!" __________________________________________________________________________ Introduction to RCS By Hådin Løvdal halovda@krs.hia.no __________________________________________________________________________ Do you find yourself having lots of different unsorted and more or less old backup files lying around when working on something, but do not dare to delete any of them because you might need to go back and find out what changes you have made compared to your current version ? Would you like to get all those backups out of the way (without reducing the number of backups), have them sorted and systemated, and perhaps even with some sort of documentation like exactly when changes where made, by who (when several persons are involved), and a few lines that describes the changes which can be the input of an automatically made change-log ? In that case read on because RCS will do that for you. __________________________________________________________________________ Lets have a look at an example (a traditional hello world program) of what RCS can do: (hlovdal) localhost:/tmp/rcstest>ls -l total 0 (hlovdal) localhost:/tmp/rcstest>cat > hello.c /* * $Id: issue20.txt,v 1.1.1.1 1997/09/14 15:01:52 schwarz Exp $ * * $Log: issue20.txt,v $ * Revision 1.1.1.1 1997/09/14 15:01:52 schwarz * Imported files * */ main(){ printf("hello world"); } (hlovdal) localhost:/tmp/rcstest>gcc -o hello hello.c (hlovdal) localhost:/tmp/rcstest>./hello hello world(hlovdal) localhost:/tmp/rcstest>ls -l total 5 -rwxrwx--- 1 hlovdal hlovdal 3928 Jun 28 01:01 hello -rw-rw---- 1 hlovdal hlovdal 60 Jun 28 01:00 hello.c (hlovdal) localhost:/tmp/rcstest> (The two $-tags in the comment are for automatically documentation, more about those later) Our hello world program works now, so we would like to save it in it's current state before making any changes to it. This is done by running ci, Check In, on the source file. That is, the source file is put into the RCS database. When the file is checked in, it is by default also removed from the current directory. (hlovdal) localhost:/tmp/rcstest>mkdir RCS (hlovdal) localhost:/tmp/rcstest>ci hello.c RCS/hello.c,v <-- hello.c enter description, terminated with single '.' or end of file: NOTE: This is NOT the log message! >> A plain simple hello world program >> . initial revision: 1.1 done (hlovdal) localhost:/tmp/rcstest>ls -l total 5 drwxrwx--- 2 hlovdal hlovdal 1024 Jun 28 01:02 RCS -rwxrwx--- 1 hlovdal hlovdal 3928 Jun 28 01:01 hello (hlovdal) localhost:/tmp/rcstest> By looking into the RCS directory we can now see that there is a file with the same name as our program with an extra extension ",v". (By omitting the RCS directory the file would be in the current directory) This file now holds the source plus some additional information, and will later on contain the source for all versions. The rcs file is not particularly interesting to look at directly: (hlovdal) localhost:/tmp/rcstest>cat RCS/hello.c,v head 1.1; access; symbols; locks; strict; comment @ * @; 1.1 date 97.06.28.01.03.43; author hlovdal; state Exp; branches; next ; desc @A plain simple hello world program @ 1.1 log @Initial revision @ text @/* * $Id: issue20.txt,v 1.1.1.1 1997/09/14 15:01:52 schwarz Exp $ * * $Log: issue20.txt,v $ * Revision 1.1.1.1 1997/09/14 15:01:52 schwarz * Imported files * */ main(){ printf("hello world"); } @ (hlovdal) localhost:/tmp/rcstest> This our first version of the hello world program sort of worked, but it lacks an ending newline and the source isn't pretty. Lets fix that. The source was moved when it was checked in, so we must use co, Check Out, to copy the source out of the RCS database. (hlovdal) localhost:/tmp/rcstest>co hello.c RCS/hello.c,v --> hello.c revision 1.1 done (hlovdal) localhost:/tmp/rcstest>ls -l total 6 drwxrwx--- 2 hlovdal hlovdal 1024 Jun 28 01:02 RCS -rwxrwx--- 1 hlovdal hlovdal 3928 Jun 28 01:01 hello -r--r----- 1 hlovdal hlovdal 189 Jun 28 01:04 hello.c (hlovdal) localhost:/tmp/rcstest> Note that co by default fetches the source read-only. This is usually not what we want, so in order to get the source writable we use the "-l" option to mark the file locked for others. (hlovdal) localhost:/tmp/rcstest>co -l hello.c RCS/hello.c,v --> hello.c revision 1.1 (locked) done (hlovdal) localhost:/tmp/rcstest>ls -l total 6 drwxrwx--- 2 hlovdal hlovdal 1024 Jun 28 01:02 RCS -rwxrwx--- 1 hlovdal hlovdal 3928 Jun 28 01:01 hello -rw-r----- 1 hlovdal hlovdal 197 Jun 28 01:05 hello.c (hlovdal) localhost:/tmp/rcstest> By looking at the hello.c file we see that now some values have been inserted into $Id: issue20.txt,v 1.1.1.1 1997/09/14 15:01:52 schwarz Exp $ and $Log: issue20.txt,v $ inserted into $Id$ and Revision 1.1.1.1 1997/09/14 15:01:52 schwarz inserted into $Id$ and Imported files inserted into $Id$ and. (hlovdal) localhost:/tmp/rcstest>cat hello.c /* * $Id: issue20.txt,v 1.1.1.1 1997/09/14 15:01:52 schwarz Exp $ * * $Log: issue20.txt,v $ * Revision 1.1.1.1 1997/09/14 15:01:52 schwarz * Imported files * * Revision 1.1 1997/06/28 01:03:43 hlovdal * Initial revision * */ main(){ printf("hello world"); } (hlovdal) localhost:/tmp/rcstest>vi hello.c ... We makes a few changes. Exactly what was changed can be examined with the program rcsdiff. (hlovdal) localhost:/tmp/rcstest>rcsdiff hello.c =================================================================== RCS file: RCS/hello.c,v retrieving revision 1.1 diff -r1.1 hello.c 9,10c9,14 < main(){ < printf("hello world"); --- > > #include > > int main(int argc, char *argv[]){ > printf("hello world\n"); > return 0; (hlovdal) localhost:/tmp/rcstest> The rcsdiff program is just a front end for ordinary diff, so it accepts all the options to diff, for example "-u". (hlovdal) localhost:/tmp/rcstest>rcsdiff -u hello.c =================================================================== RCS file: RCS/hello.c,v retrieving revision 1.1 diff -u -r1.1 hello.c --- hello.c 1997/06/28 01:03:43 1.1 +++ hello.c 1997/06/28 01:05:21 @@ -6,6 +6,10 @@ * Initial revision * */ -main(){ -printf("hello world"); + +#include + +int main(int argc, char *argv[]){ + printf("hello world\n"); + return 0; } (hlovdal) localhost:/tmp/rcstest> This version looks good, so we want to save it with Check In. By giving option "-l", ci runs a implicit "co -l" so that the source file remains checked out. When ci is run we are asked to enter a log description of our changes. This log description is inserted into $Log: issue20.txt,v $ our changes. This log description is inserted into Revision 1.1.1.1 1997/09/14 15:01:52 schwarz our changes. This log description is inserted into Imported files our changes. This log description is inserted into. (hlovdal) localhost:/tmp/rcstest>ci -l hello.c RCS/hello.c,v <-- hello.c new revision: 1.2; previous revision: 1.1 enter log message, terminated with single '.' or end of file: >> Fixed main prototype, inserted a missing newline and a missing #incl ude >> . done (hlovdal) localhost:/tmp/rcstest>cat hello.c /* * $Id: issue20.txt,v 1.1.1.1 1997/09/14 15:01:52 schwarz Exp $ * * $Log: issue20.txt,v $ * Revision 1.1.1.1 1997/09/14 15:01:52 schwarz * Imported files * * Revision 1.2 1997/06/28 01:07:23 hlovdal * Fixed main prototype, inserted a missing newline and a missing #incl ude * * Revision 1.1 1997/06/28 01:03:43 hlovdal * Initial revision * */ #include int main(int argc, char *argv[]){ printf("hello world\n"); return 0; } (hlovdal) localhost:/tmp/rcstest>gcc -o hello hello.c (hlovdal) localhost:/tmp/rcstest>./hello hello world (hlovdal) localhost:/tmp/rcstest> __________________________________________________________________________ In short RCS is this simple to use: 1. "mkdir RCS" 2. Insert $Id: issue20.txt,v 1.1.1.1 1997/09/14 15:01:52 schwarz Exp $ and $Log: issue20.txt,v $ 2. Insert $Id$ and Revision 1.1.1.1 1997/09/14 15:01:52 schwarz 2. Insert $Id$ and Imported files 2. Insert $Id$ and into one comment. Optional, but nice to have. (NB! Note that $Log: issue20.txt,v $ have. (NB! Note that Revision 1.1.1.1 1997/09/14 15:01:52 schwarz have. (NB! Note that Imported files have. (NB! Note that does *not* include previous versions. If $Log: issue20.txt,v $ If Revision 1.1.1.1 1997/09/14 15:01:52 schwarz If Imported files If is inserted after some time only that and later versions will end up in the log. It is therefore smart to have $Log: issue20.txt,v $ will end up in the log. It is therefore smart to have Revision 1.1.1.1 1997/09/14 15:01:52 schwarz will end up in the log. It is therefore smart to have Imported files will end up in the log. It is therefore smart to have in the file from the start) 3. Edit the file 4. Optionally run rcsdiff when you want to see what changes you have made since last check in. 5. Run "ci -l" each time you want to save what you have done so far. 6. Repeat 3 to 5. For more info on RCS look at the rcsintro(1) man page. Here in this example RCS is used on C source, but RCS can be used on many other things. Config files in /etc are for example excellent candidates of being put under RCS control. RCS is one method of version control. Two others are SCCS and CVS. CVS (Concurrent Versions System) is a further development of RCS intended to be used on larger software projects. For example most (?) BSD clones are distributed and developed using CVS. SCCS (Source Code Control System) is an old proprietary system which few (if any) uses. I think SCCS and RCS have a somewhat a similar relation as traditional compress vs gzip. __________________________________________________________________________ Copyright © 1997, Hå Løvdal Published in Issue 20 of the Linux Gazette, August 1997 __________________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next __________________________________________________________________________ "Linux Gazette...making Linux just a little more fun!" __________________________________________________________________________ TeX without Tears! By Martin Vermeer, mv@fgi.fi __________________________________________________________________________ LyX, an international volunteer project that started off in Tübingen, Germany, is already revolutionizing Linux word processing. It is an interactive, visual shell for LaTeX running under X, giving finger-tip access to the raw power of this world class typesetting software -- while presenting a face to the user deceptively like, e.g., Microsoft's Word for Windows. And, most amazingly, just as easy to use! __________________________________________________________________________ 1. Historical introduction When you tell people that you are using Linux, their first comment often is "yes, a fine and interesting operating system for programmers and scientists, but not for ordinary people. There is no good applications software for it". Unfortunately, until just a couple of years ago, this remark was all too appropriate, especially where word processing was concerned. It is only in recent years that the situation has begun to improve, with some good packages -- commercial, to be sure -- becoming available to UNIX in general, and to Linux in particular. E.g. Applixware, a complete office suite which received very good reviews in a recent article in Linux Journal, and the freeware-like Star Office package. Both of these contain very conventional word processing modules. And yet -- TeX/Metafont, developed by Donald Knuth, and LaTeX, an extension written in TeX's macro language, from the hands of Leslie Lamport -- both systems further extended by a host of volunteers -- have existed for over a decade: free, publicly available, and good, very good. This is not WP any more, this is typesetting. You only have to look at a LaTeX-produced document, especially mathematics, to see the difference... Until recently, the only way to use this software was by manually editing the source code of your document using the defined mark-up language -- the manual opened by the side of the keyboard. And writing formulas was a real pain in the butt. But mathematicians loved it! The beauty of LaTeX is, that it allows you to specify on a fairly abstract level the structure of a document, without bogging you down in details of the actual formatting. Many science journals also distributed macro packages for TeX or LaTeX to help people write their articles in the prescribed standard format; thus, TeX became also an exchange standard for scientific manuscripts. (If only my Word for Windows would agree to produce the same page layout for my papers at home as it does at the job!) Mark-up language. We have all heard of the mark-up language of the Web, HTML. Have you ever wondered how many web pages would be published in the world, if they all had to be edited by hand in raw HyperText Mark-up Language? Not many, I daresay. Everybody uses interactive, graphic tools, that show you here and now what your becoming web page looks like while you write it. _________________________________________________________________ 2. Enter LyX Several years ago, Matthias Ettrich from Tübingen University's computer science department, decided to do something about it. Also LaTeX needed an editor that was easy to use and showed you interactively, on the screen, how the document was to be structured; and then, on your order, generated the LaTeX code containing all the embedded commands needed for the typesetting job. Ettrich's first attempt was called Lyrix, but the name had to be changed to LyX for legal reasons. Other volunteers in several countries joined the effort and, a year ago, a first beta release, 0.10.7, was published on the Web. It was in no way perfect or complete; not even all of the most common LaTeX features were supported. Yet I was interested enough to try it, and here are my first impressions. [Click for screen shot!] For testing, and for writing this article, I use an Intel i486sx system running at 33 MHz (yes, LyX runs somewhat sluggishly, but at my job, on a 75 MHz Pentium, it flies), with 8 MB of memory and some 1.5 GB of Linux-dedicated disc storage. Last January I had installed RedHat 4.0 ("Colgate") and LaTeX2e the version required by LyX. At the time when I started with Linux, in February this year, the LyX documentation was still pretty poor, but last June, a much improved documentation package has been published. About myself: I have some UNIX experience from half a decade ago (those Unices are hairy dogs next to Linux today), but my only previous experience with LaTeX has been occasionally printing out files that colleagues sent me. LyX has many sites dedicated to it around the world. We list them here shortly. At them, you can find further links. * The French ftp site * The leading US site * Norway Development versions * France * Tübingen Ettrich's page! * Denmark * Australia * Italy Versions for UNIX machines * Paderborn * Kaiserslautern Frequently Asked Questions * UK FAQ * Mexico Site of the MathEd developer The "home site" for posting LyX material is the French machine, where new versions of LyX-related stuff are usually found first. Also the German LyX site in Tübingen is of interest. There also can be found links to a large number of other web sites dedicated to LyX on both sides of the Atlantic. In one of them, I even found a screen shot of LyX containing Chinese text... There exists another LaTeX editor apparently designed along similar lines as LyX, for the MS Windows environment. It is a commerical product named "Scientific Word", said to be very good by its makers (of course!). I do not know any users however. Can anyone enlighten me? I also do not know if any Linux/UNIX version exists, as I for one do not fancy much the idea of having to use TeX in a DOS/Windows environment! But perhaps I am prejudiced... _________________________________________________________________ _________________________________________________________________ 3. Installation experiences My Linux version on CD-ROM contained a pre-version of LyX in the "Contributed" department, which did not work properly. On the Web I found the beta version 0.10.7 and downloaded it, a *.tar.gz file ("tarball"). Tip: The utility mc (Midnight Commander), a workalike of that other famous commander for DOS, allows you to look inside *.tar.gz and *.rpm (Red Hat Package Manager) files. Useful! Inspecting the file with mc, or more traditionally, with the command tar -tzvf, is followed by unpacking it with the command tar -xzvf into a pre-created directory lyx. Remark: To the beginning user, the tar command may seem forbidding with its scores of command line options. However, when using disk files rather than tape reels, you only need to know half a dozen of them; for creating an archive, scanning it, unpacking it, optionally gzipping/degzipping (GNU tar only!) and for giving the archive filename. For help on all these options, use the on line help by typing man tar or man info or even better, their modern GUI equivalents tkman tar or tkinfo tar. Similarly you find help for any other command that you are interested in. The last two programs are good demonstations of the power of the tcl/tk scripting language, a sort of Visual Basic like (no insult intended) freeware thing running in a variety of windowing environments. Download recommended! I created a directory lyx under /home, and expanded the downloaded package there. First complication: LyX expects to be in /usr/local, being a standard place. If it is somewhere else, one must add the proper definition LYX_DIR to bashrc and LyX knows where everything is. Next problem: To tell Linux where LyX is. As the binary executable was now in /home/lyx/bin/lyx, I solved this by putting a symbolic link into the executable directory /usr/bin, located in the shell's search path: ln -s /home/lyx/bin/lyx /usr/bin/lyx, and that's it. Symlinks are handy! After that, LyX worked obediently from anywhere on the system. One can create an alias: lyx="lyx -width 600 -height 350", with whatever values may be suitable to make the LyX window fit your screen. To make also the man system find LyX's man pages, you should edit /etc/man.config, or alternatively (mandatory for tkman) define the shell variable MANPATH. Consult the relevant documentation. There is a file .lyxrc in your home directory (or you should copy it there from the template in the distribution), which should be edited suitably. I found e.g. that the screen font utopia was lacking, and replaced it by times. Also the T1 font encoding did not work for the Scandinavian special characters, so I chose "default" instead; and input encoding "latin1". All the other editable options in the file are provided with helpful comments. Some more tinkering with config files is needed to make everything work together. LyX, xdvi (print pre-viewer), ghostscript/ghostview (ditto; I found version 4.03-1 satisfactory, an older version proved buggy), dvips (printing module) and /etc/printcap, the file describing, or "retrofitting" by software, the capabilities of your printer. Fortunately the new, extensive LyX manual contains lots of info on these standard chores that any Linux user has to go through in order to make the printer work under Linux, and especially with TeX -- LyX or no LyX. There are many other things you can or perhaps ought to do to make LyX live happily on your system; e.g., add it to the menu system of TheNextLevel. Let us hope that the packagers (Red Hat and others) will "discover" LyX and proceed to do all this tinkering on our behalf, so inexperienced users will not give up too easily before the slings and arrows of complexity... _________________________________________________________________ 4. Does it work? The general answer to this is, based on my preliminary experiences: Yes! It must be said that the software is not bug-free; but a segmentation fault is a rare event running LyX. One annoying bug is that, when running LaTeX in the background after having just opened a file in the LyX window, control may not return to the foreground and one has to kill the job by control-C. (Obviously one does not lose any data due to this bug, only time.) Also, many features in LaTeX -- some trivial -- are not directly supported by LyX or do not quite work as they should. I had trouble, e.g., with the Bibliography environment. But the more I got to know LyX, the more I learned to like it -- especially since it supports a transparency mode in which LaTeX commands are handed through unmodified to output. All you have to do is "paint" the LaTeX command red, using the mouse and the LaTeX toolbar button, and LyX skips all the processing there. This means that all commands not available directly in LyX, can be had by brute force, through the back door, in spite of LyX -- a technique at which I rapidly became proficient. [Do-it-yourself 'bibliography' screen shot] In fact, it is possible to use LyX simply as a "dumb editor" for LaTeX source code -- the way scientists have been using vi, emacs and all that. In this fashion, one gains nothing and loses nothing. As an editor, LyX is quite good, allowing you to set layout details, such as indent and alignment, for individual paragraphs, and character layout, such as font shaps and sizes, empasized, small caps, etc. for selected areas of text; as well as all that for the document as a whole (of course already this basic editing is translated internally to LaTeX mark-up). But already using one of LaTeX's many "difficult" features supported by LyX -- the formula editor, say -- results in massive gains to the user, making the editing job quite essentially easier. Anecdotical evidence: one of my German colleagues admitted that he has kept his LaTeX skills hidden from his university employer, because he hates writing -- nay, programming -- formulas and does not want to be ordered to do that. We computer people should never underestimate the difficulty that programming (and mark-up language is a programming paradigm) poses to computer-naive users! _________________________________________________________________ 5. Formulas (formul\ae ?) As a scientist I have to be able to write formulas easily and correctly. Therefore of course I wanted to put the math editor through its paces. The competition, MS Word for Windows, has a very good math editor (apparently sublicenced from a smaller company) and the litmus test for LyX is measuring up to this standard. Here follow some formulas that I often use in my work, first of all the expansion into spherical harmonics of the Earth's gravitational potential (W.A. Heiskanen and H. Moritz: Physical Geodesy, W.H. Freeman & Cy., 1967, p. 107): [The formula on-screen] ...and in the print previewer (xdvi). Another formula frequently encountered in physical geodesy is the Stokes integral, named after G.G. Stokes, the famous mathematician who in 1849 discovered this relationship between the global field of gravity anomalies (delta-g) and the undulations of mathematical mean sea level or the geoid N: [Stokes on-screen] where the Stokes function S is defined by the same picture So, what should the conclusion be? I did not write these two formulas as fast as I would have done in the WfW Equation Editor; but faster than when I did that for the first time, many years ago (Übung macht den Meister). And it most certainly beats manual LaTeX coding in both speed and convenience! The Math Editor is good, intuitive, interactive and a fine piece of programming. Some small additions would be needed still. A few of the weirder mathematical symbols are still lacking -- they could be added to the math panel in their raw LaTeX form --, and one does not get the integration domain placed straight underneath the integral sign, like with the summation limits to the big Sigma sign. In display mode, these limits, which are entered as "index" and "exponent" -- nice touch! -- end up straight underneath and above the Sigma, see above. To number equations, just push "insert label" inside the equation box and follow the crowd. You may use symbolic names for the formulas which will appear when you try to insert a cross-reference. Just take your pick. LaTeX will replace the references by numbers in the right sequence. The standard functions sin and cos should be entered in "macro mode" prefixing them by a backslash. They are correctly displayed in roman. But you have to remember the function and symbol LaTeX names... not hard for sines and cosines, though. Placing them somewhere in the math panel would be a good idea also. Also plain roman text can be entered, by a keystroke sequence documented in the User's Guide. Sub- and superscripts are entered in the traditional LaTeX way by prefixing with an underscore or a "hat" symbol. One way in which LaTeX math mode is superior to Word for Windows is in changing the font size. If you change the default font size in a LaTeX document, all fonts, including those inside formulas, change proportionally along, without any special effort from your side. In WfW you have to separately change the standard font size inside the formula editor, and then click on every formula... I like it more the LaTeX way. _________________________________________________________________ 6. Section headers and friends Perhaps formulas and equations are a too specialized property to convince the ordinary user to switch to LyX. But what about something more down-to-earth, such as section, subsection, subsubsection etc. headers? In short: excellently supported. LyX shows the header numbers on-screen, changing them if material is added or removed. What's more, you can open a table-of-contents panel where you can quickly navigate within large documents. (In Word for Windows, this would correspond to "outline mode". But you do not have to switch modes in LyX, just click on the right header in the TOC panel.) Like we discussed above for formulas, also section headers etc. may be referred to by embedding labels in them. These labels appear in a label panel that pops up whenever you want to insert a reference; nifty. One can refer either to the (sub-) section itself, or to the page it is on, like in "see Section 3 on Page 7". If you move material around, the numbers in the printed output may change, but not the labels. [Using section and page references] If you want a section header without a number, you use the alternative form section* (and equivalent sub- and subsub- forms) from the styles menu. These headers will then also not appear in the table of contents. If you want the header to appear there after all, you'd better open your LaTeX Companion, page 36, and add the command \addcontentsline{toc}{section}{Section headers and friends} painted in LaTeX red, of course. _________________________________________________________________ 7. Figures and tables (and footnotes) Also nicely supported. These can be put into a "float", to be positioned suitably on the page (as LaTeX) does. The figure can contain a caption; captions are numbered and collected into a List of Figures/Tables. They can also be referred to -- you guessed it -- by embedding a label into the caption text. LyX 0.10.7 shows *.eps (encapsulated postscript) figures on the screen, and so does the print previewer xdvi. I have noticed, however, that LyX does not display large pictures, which do come out nicely in print. [The EPS popup for embedding graphics] EPS pictures can be drawn using the facility xfig, which has a complex and somewhat cumbersome user interface that takes some time to learn. (Anyway, it beats the drawing tool packaged with WfW 6, which was a great disappointment after the nice one packaged with WfW 2.) Also bitmapped pictures can be generated in EPS format, e.g. by using the screen grabber facility import, part of the ImageMagick package (recommended!). In this way, the screen shots for this article were produced, in a bitmapped graphics mode, though. One weakness I noticed in LyX was the lacking support for the LaTeX figure* and table* commands, which place a figure or table float across the full width of a two column page. (But, then, one easily inserts these commands manually, painting them red...) [A do-it-yourself full-width figure float, with labeled caption] And footnotes, of course. (But no thanks command support!) _________________________________________________________________ 8. Nested environments One of the well known niceties of LaTeX is also the three "nested environments" (enumerate, itemize, description) for making numbered/bulleted/labeled lists. LyX supports these on-screen roughly as they will be on paper, with the numbers or letters showing for the enumerate environment. And they can be freely nested, four levels deep. Great! [Nested environments example] _________________________________________________________________ 9. Tables ("tabular") Tables are nicely supported, with a fully functional (IMHO) table editor hanging from the right mouse button. The LyX team claims that this editor is buggy/incomplete/both, but it has satisfied at least my modest needs. The tables intelligently expand and contract depending on what they contain, just like in the LaTeX paper output. You can add and remove columns, put horizontal and vertical lines in the table or suppress them, and even join neighbouring cells. Text alignment can be set column-wise, like in LaTeX: left, right or centred. [A table example, from the Users Guide] _________________________________________________________________ 10. Keyboard shortcuts, and other things All the main menus given on the menu bar can be activated by pressing M-, the letter being the underlined one. Pretty logical, "Windows-like" and also documented somewhere in the set of documents in the 0.10.7 distribution. What can be discovered by trial and error -- and is now also in the documentation --, is that M- followed by pulls down the menu in question. A clever compromise saving CPU time on slow machines. And the submenu letters are given in the status line below the text screen anyway, if you hesitate... excellent design! I was happy to find that my left hand finger reflex "Alt-F S" also here saved the file to disc. Use it frequently! There are two different key binding maps available, the PC-like one (preferred by me, at least) and an emacs-like one for the aficionados. LyX has also a good Find (and Find/Replace) facility Cut and paste works within a document, and between two simultaneously open documents (only one of them is always visible). Also import from other applications works; export not yet. _________________________________________________________________ 11. Extending LyX LyX 0.10.7 as distributed supports almost all the standard LaTeX2e textclass types: article, report, book, letter and amsart ("American Mathematical Society article"). Furthermore, a special mode for Linuxdoc SGML format is provided, used here to produce this text. Making overhead transparencies and slides is semi-supported. This is of course only the tip of a substantial iceberg: according to The LaTeX Companion (M. Goossens, F. Mittelbach, A. Samarin, Addison-Wesley 1994) there exist over 150 packages catering for the most varied publishing needs -- from sheet music to Feynman diagrams, and everything in between. It will be some time before LyX catches up! Adding new textclasses is not difficult. First, the textclass file for LaTeX should be found (on the web, usually) and installed, if not already on your distribution; these files have the extension .cls. Then, a so-called layout file must be created -- usually based on an existing one such as article.layout -- in which the known properties of all the major commands and environments for that textclass are described. If this is done properly, LyX will make these styles behave on-screen in ways similar to LaTeX on the printed page. In other words, the near-WYSIWYG property. I wrote myself a few such layout files for journals I contribute to; One thing I discovered the hard way, is that to make LaTeX recognise a new class file, you have to run texhash and to make LyX find a new class and layout file pair, you have to first edit the file chkconfig.ltx, and then run latex chkconfig.ltx One learns by doing. _________________________________________________________________ 12. The future of LyX After bringing out the 0.10.7 version, the LyX team proceeded to develop successive versions of 0.11. Unfortunately they have had no end of trouble with bugs; only now, 0.11.X is starting to be relatively clean and fully functional again. They replaced XForms, a library of graphic elements to be used under the X windowing system to produce user interfaces, by a similar but supposedly better library Qt; also many messy though functioning parts of the code have been sanitized. One change in the making is the introduction of inheritance between .layout files; then you can say that a new texclass in LyX has all the properties of e.g. article, but with some added and some modified. In this way the work of writing new layout files, and of maintaining them, can be greatly reduced. LaTeX connoisseurs will recognize this technique as a carbon copy of the corresponding LaTeX practice, and will facilitate the "catching up" job for LyX. Currently the Layout/Document menu offers a choice between various paper sizes, and for DIN A4 also a choice between a few standard margin width alternatives. Free setting of the margins by the user is not yet supported. Also this is scheduled to change. While waiting, you can use the geometry style package, which you should activate by including the lines \usepackage{geometry} \geometry{various page size and margin width options} into the preamble of the LaTeX document. This is done from within LyX through the Layout menu. You see that one can still not do without a basic understanding of LaTeX... One thing I intend to try out still is to use the mailmerge facility which is available for LaTeX inside LyX. It can surely be done, but a day has only 24 hours... _________________________________________________________________ 13. Some philosophical conclusions Concludingly I will say that the LyX system, though being still a little rough around the edges, actually works well, is, inspite of the beta label, already production quality and really makes exploiting the unique properties of LaTeX a great deal easier. In fact, I would venture to claim that, once installed, LyX 0.10.7 is no more difficult to use than the leading commercial WP packages for MS Windows -- a remarkable claim perhaps for software that does so much more. What I like about the LyX philosophy -- and there has been some debate on this in the newsgroups also -- is that it does not try to cover up the true complexity of typesetting text, a complexity properly addressed by LaTeX; it just harnesses the built-in intelligence of this existing typesetting software to make the handling of it more easy and intuitive. And that is how it should be. Traditional word processors -- no names mentioned -- do give you more freedom to format the text as you want; remarkably, this is not always a good thing. It is easily possible to generate documents that look precisely as tasteless on screen as they come out on the printed page! Of course there are things which by their nature are best done in a WYSIWYG fashion, e.g. the editing of mathematical formulas which are among the most visual typographic objects known to man. Also the logical structure of a document, its division in chapters, sections etc., is an essential property that must be visually represented. But other aspects of typesetting are not intrinsically visual -- e.g. the division of a paper into pages is more a property of paper as a hardware medium than an intrinsic property of a text. Also page headers, page numbers etc. are only "programming devices" targeted at us, flesh-and-blood browsers of printed text. This surface structure of the written message is inessential, and LyX rightly tries to handle this elegantly outside the user's field of view. _________________________________________________________________ 14. Acknowledgements, and more... Everything in this text above that resembles a trademark, probably is one. Contrary perhaps to the impression created above, I hold Microsoft(tm) Word(tm) for Windows(tm) to be an excellent piece of software, arguably the best in its category. I have been a happy user myself for four years. It is the market leader, a de-facto standard against which others are measured. And that LyX, and LaTeX, measure up so well, does not reflect poorly on the Microsoft programmers' skills; the message is a positive one, about the benefits of standing on tall shoulders -- each other's shoulders. LyX, TeX, Linux, all have simply grown in a better environment, one of openness, civic spirit and genuine enthusiasm, rather than of dollars and lawsuits. That freedom makes excellent economic sense has been known since Adam Smith. Resisting its pull is futile! _________________________________________________________________ 15. How this document was written When I was asked to write this article for Linux Gazette, the suggestion was made to write it with LyX and convert the LaTeX code to HTML using the conversion utility latex2html. I installed and tried out this utility at my job computer (the Pentium!) and decided against using it. It was very demanding on the CPU, especially when converting formulas into GIF pictures. Therefore I chose the alternative of writing the text in the Linuxdoc SGML textclass, which is supported by LyX. (I should say that this support is a little sketchy still at this point. It is easy to produce SGML files by LyX that the converter chokes on, e.g. containing tscreen, supposed to indent text.) Then, conversion by sgml2html, included in the linuxdoc-sgml package -- runs very quickly -- and possible embedded pictures can be added only after that, using the Netscape HTML editor, if you have it installed. Obtaining these pictures, screen shots, was easy enough with ImageMagick. Finally, UNIX wouldn't be UNIX, if there was not a quicker way to change the colours of background and text of all the .html files obtained from the conversion run: #!/bin/bash # # Add background and text colour to an HTML document # for i in *.html do sed -e s'///g' $i >temp mv temp $i echo $i done exit 0 _________________________________________________________________ Copyright © 1997, Martin Vermeer Published in Issue 20 of the Linux Gazette, August 1997 _________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next _________________________________________________________________ "Linux Gazette...making Linux just a little more fun!" _________________________________________________________________ Using a Laptop in Different Environments By Gerd Bavendiek, bav@rw.sni.de _________________________________________________________________ Do you use a laptop at home ? In the office ? At a customers site ? If yes, you should read on. I would like to show you how I integrate my laptop in different network environments. The basic idea is really simple. Using lilo as bootmanager, I boot with an additional variable assignment. The kernel passes this to the init-processes shell environment. So all processes started by init can use it. Example: linux netoff= This sets up the variable netoff. It is assigned nothing. I use it as a flag meaning "now I am in the office". Booting with linux netetc= means "now I am at customer site". Using lowercase variable names is just for convenient typing. If you prefer, you can use something like NETENVIRON=123. The real work of processing this variables is done in my /etc/init.d/netenv. Take a look at this code fragment: NETENV=/tmp/netenv # When located in /tmp, script must be called # AFTER wiping out /tmp has been done ... ... elif env | grep '^netoff=' > /dev/null; then ( echo ""# Networkenvironment: Laptop at office (Network-Interface: Ethernet)" echo "export PROFILE=31" echo "IPADDR=\"123.456.78.123\"" echo "NETMASK=\"255.255.255.0\"" echo "NETWORK=\"123.456.78.0\"" echo "BROADCAST=\"123.456.78.255\"" echo "GATEWAY=\"123.456.78.1\"" echo "DOMAIN=\"rw.sni.de\"" echo "DNS_1=\"123.456.89.9\"" echo "export RLPR_PRINTHOST=printer-off" echo "export PRINTER=pr1" ) > $NETENV elif env | grep '^netetc=' > /dev/null; then ( echo "# Networkenvironment: Laptop at customer site (Network-Interface: Ethe rnet)" echo "export PROFILE=32" ... echo "export RLPR_PRINTHOST=printer-etc" echo "export PRINTER=pr1" ) > $NETENV Output ist written to a world readable file. Scripts which shall use the assignments simply have to do something like . /tmp/netenv For further details you may refer to the included netenv. As you can see from the code, I do assign not only network stuff, but also a Variable PROFILE as well as printing stuff. This makes it possible, to have e.g. ONE .fvwm95rc. I would like to show you how to do that when I come back from my vacation. So far ! Kind regards Gerd _________________________________________________________________ Gerd Bavendiek _________________________________________________________________ Copyright © 1997, Gerd Bavendiek Published in Issue 20 of the Linux Gazette, August 1997 _________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next _________________________________________________________________ "Linux Gazette...making Linux just a little more fun!" _________________________________________________________________ Linux Weekend Mechanic Welcome to The Linux Weekend Mechanic! Published in the August, 1997 Edition of the Linux Gazette Copyright © 1997 John M. Fisk The Linux Gazette (tm) is Copyright © 1997 Specialized Systems Consultants Inc. _________________________________________________________________ Table of Contents ITEM Welcome to the August WM! ITEM 2 PC LAN: Adventures in Home Networking! ITEM XEmacs Xtras! ITEM Closing Up Shop... _________________________________________________________________ Welcome to the WM Howdy! How y'all doing? Thanks for droppin' in! The big news this month is that I finally got that old PC that bought a couple months ago up and running AND was able to get Ethernet set up between them. I've written about my experiences with TCP/IP, Ethernet setup, and Samba here in the hopes that they might either encourage or guide others in a similar endeavor. This is a whole lot of fun! I've also been learning a bit about the venerable emacs editor. Actually, I've been learning on its worthy progeny, XEmacs 19.15. Along the way I've discovered that there's a wealth of elisp code out there to customize emacs in all sorts of ways. I've included some code snippets that I've recently culled from the comp.emacs and comp.emacs.xemacs groups. Finally, in the "Closing Up Shop" section I've included some of the more useful UNIX-type resources that have been ported to the Windows NT/95 environment. I've come to the conclusion that there is no such thing as the "perfect OS", because there is always some feature, utility, or application that it lacks (sorry, even 'ol Linux can't do everything that I'd like it to do!). I've been having to use Windows NT 4.0 at work and have been sorely missing the tools that I've grown accustomed to under Linux. After a bit of 'Net searching I've put together a small collection of UNIX utilities and programs that have been ported to the Windows environment. Anyway, my sincerest thanks and kudos to Marjorie and Amy at SSC who continue to do a great job of getting the Linux Gazette out each month. This is a lot of work and they are doing a fantastic job! Hope y'all enjoy! John _________________________________________________________________ Article2 PC LAN: Adventures in Home Networking! ABSTRACT This is a brief recounting of my experiences setting up a small, 2 PC home LAN. The purpose was to to connect a computer running Linux kernel version 2.0.30 with another running Windows 95. Networking was accomplished via TCP/IP over Ethernet. Basic TCP/IP services (ping, telnet, SMTP) were setup. In addition, file, printer, and CD-ROM sharing was achieved using Samba v. 1.9.16p11. This is the story of an adventure... "A Horse And His Boy", by C.S. Lewis CAVEAT: What follows is an account of my own experiences with setting up a small home LAN. I started out knowing a bit of networking theory, but had little practical experience with networking stuff. Along the way, I learned a bit and discovered a few things by trial and error. What I hope to do is encourage y'all to give this a try. It's definitely not as hard as it looks and it is SERIOUSLY COOL! BUT... This is NOT a HOWTO. There are numerous well written and informative sources of definitive information on setting up TCP/IP and Ethernet under Linux and Windows 95. The point of this is to share my own experiences. If you find something here that's helpful, that's great. Keep in mind, though, that you're on your own. Like all things with Linux, it's your responsibility to make sure you know what you're doing BEFORE you go messing with things. I've tried to ensure that the information here is as correct as possible, but I can't vouch for everything. Before you do anything to your system, make sure you know what you're doing! Like the old saying goes... If it breaks, you get to keep both pieces... Also, this is NOT intended for anyone who is setting up networking in a public or semi-public setting. What is described below is a small home setup: both boxes set on my desk in the office. I'm the only one that has physical access to them with the exception of my wife who does not use Linux at all and who uses Win95 only for email and a bit of word processing. Networking opens up potentially hazardous portals of entry into your system. I'll point out the few places where I've tried to include minor security measures. If you're setting up networking in a public or semi-public setting then this is definitely not what you need to be reading. There are plenty of good books on networking and security and you'd do well to peruse them if you're not completely sure of what you're doing. The wise will heed this warning... Anyway, now that I've got that off my chest... :-) How things got started... One of the things that I've been wanting to do for some time now is learn a bit about networking. I'd taken a class in networking last Fall and had gotten quite a bit of theory, but precious little "hands on" experience. When I finally bought an old "as-is" PC a while ago I started entertaining hopes that I could somehow set up a small 2 PC LAN. The dream was born... The reality of the situation, however, soon became quite evident. After a frustrating couple days of swapping out one board after another to isolate and replace the defective ones, I finally managed to get the 'ol PC to boot and installed a copy of WFW 3.11 on it. The old ISA I/O board was a serious dog and the ancient WD video card with 512K didn't help the situation any. But I was glad to see that it worked at least. I finally got tired of watching window redraws and, after finishing up school and starting work, did a major overhaul. My wife very kindly OK'd the investment after numerous assurances that the upgrade would be "her box" and that I'd make sure that it booted to Windows and that there'd be handy icons for the word processor and email stuff... my wife is a sweetheart! :-) Anyway, the old box got transformed (thanks to a new MB, HD, EDO RAM, and a few other goodies) into a decent performer. When I bought it there was an Artisoft AE-2 NIC in it which I hoped was still working. When my brother-in-law gave me a WD 8003 NIC that he had lying around, I knew that I was on the verge of an adventure. After picking up the thin coax cable, T's, and terminators at Javanco's here in town, I was all set. The adventure was on...! Deja' News to the Rescue! One of the first things I had to do was install the NIC cards, which turned out to be more of a chore than I had first anticipated. The cards, as it turned out, both worked fine. What was missing was documentation on all those funny little plastic jumpers that I'd need to set the IRQ and base I/O and such. In a stroke of good fortune I happened across one of those sites that belongs in EVERYONE's bookmark file: Deja News Deja News, for those who've not come across this place, provides a search engine for a database of Usenet postings. It's a fantastic source of information; granted, the signal to noise ration dips a bit now and then, but with some judicious searching you can find answers to all kinds of interesting problems. After searching for "Artisoft AE-2" and "WD 8003" I found myself in possession of several postings with complete descriptions of jumper settings that previous net pioneers had culled off of manufacturer's FTP sites and Web pages. I was happy. I initially set the cards up under Win95 since it was easy to find an unused IRQ and base IO offset. Once IRQ and IO conflicts had been settled for both boxes I decided to try Win95 -> Win95 peer-to-peer networking. This actually turned out to be the easiest part of the setup, owing in no small part to the fact that my "programmer/networking guru" brother-in-law came for the weekend. We managed to have one box talking to the other in no time. I won't go into great detail as to how we did this: there are numerous excellent (and plenty of not-so-excellent...) references on setting up Win95 boxes. In brief, however, this is what we did: 1. Added TCP/IP support. If you right click on "Network Neighborhood" -> "Properties", a dialog box appears that should look something like this. Click on the Add -> Protocol -> Microsoft buttons to select TCP/IP. You'll likely need the setup disks or CDROM to install the drivers. 2. Configured TCP/IP settings Since there were just two boxes on the network all I set up was the IP address and netmask; all other default settings appeared to be correct. Since this wasn't a dial up connection I didn't define a DNS. 3. Defined Workgroup, Hostname, and Shares I found out the hard way that if you want to set up a workgroup to shared resources that everyone in the workgroup has to use the same workgroup name... Duh... :-) Anyway, I defined workgroup and hostnames after making sure that I had OK'd the "File and Print Sharing..." checkboxes from the main Network configuration dialog box. After doing this, I set up each share by right-clicking on the item (drive C, drive D, the CD-ROM, the printer, and so forth...), selecting the "Sharing..." menu item, and then configured share properties and passwords. Also, I selected the "Share Level Access Control" from the "Access Control" tab item. 4. Created a C:\Win95\hosts file This one would have completely stumped me had it not been for Bill, my brother-in-law. After we got all through with basic setup he had me set up a hosts file in C:\Win95 (being the non-conformist that I am this is where I put all the Windows stuff). Basically, this is just a file called "hosts" and is similar to the stock /etc/hosts file under Linux. At the moment, mine looks like: 127.0.0.1 localhost 192.168.1.1 Johnsbox 192.168.1.2 Faithsbox 192.168.1.3 Caduceus At this point, I rebooted both boxes and was able to login and browse shares from either box. I doubt that this is the optimal setup; however, since everything seemed to work and I was able to browse through directories and share the printer, floppy drive, and CD-ROM, I figured I'd leave well enough alone. All in all, I was pretty pleased with this... Seriously cool... :-) So, at this point I knew that the NIC's and all the hardware were working and that I should be able to do something similar between Linux -> Win95. The real adventure was just beginning so it was... On to Linuxland...! Setting up networking support under Linux was just a bit more work than under Win95 and while it wasn't excessively difficult I'll admit that I got bit more than once by a couple of gotcha's!. I'll try to mention these as I go. I also found a fair amount of helpful documentation along the way which I'll also try to give pointers to. In brief, I took the following steps to get networking up and going: 1. Compile new kernel and modules with networking support 2. Edited networking configuration files 3. Edited rc files to start appropriate networking services at bootup One thing that I did that I'd encourage y'all to do: take lots of notes. There are all kinds of details that you need to attend to along the way and its easy to forget what you've done and what you haven't done. Also, things occasionally break along the way, it's nice to be able to "back out" of recent changes. Anyway, the first thing to do was... Building The New Kernel Building a new kernel with the needed networking support was fairly straightforward, although there was one gotcha that I'll mention. The kernel options that I compiled in included Networking support, TCP/IP networking, Network device support, Ethernet support, and support for the Artisoft NIC. I also decided to compile as many of these options as modules as I could and use the kerneld to automatically load and unload them as needed. I also anticipated setting up Samba to fully realize Linux <-> Win95 networking, so I compiled these options in as well. In summary, the kernel options I included were: Enable loadable module support (CONFIG_MODULES) [Y/n/?] Y Kernel daemon support (e.g. autoload of modules) (CONFIG_KERNELD) [Y/n/?] Y Networking support (CONFIG_NET) [Y/n/?] Y TCP/IP networking (CONFIG_INET) [Y/n/?] Y Network device support (CONFIG_NETDEVICES) [Y/n/?] Y Ethernet (10 or 100Mbit) (CONFIG_NET_ETHERNET) [Y/n/?] Y Other ISA cards (CONFIG_NET_ISA) [Y/n/?] Y NE2000/NE1000 support (CONFIG_NE2000) [M/n/y/?] M SMB filesystem support (to mount WfW shares etc..) (CONFIG_SMB_FS) [M/n/y/?] Y SMB Win95 bug work-around (CONFIG_SMB_WIN95) [Y/n/?] Y After I did this, I updated /etc/lilo.conf, using an "append" line to pass it the base IO address and IRQ number for the network card. The global section of /etc/lilo.conf now looked like: # START LILO GLOBAL SECTION boot = /dev/fd0 delay = 300 vga = normal append = "ether=10,0x300,eth0" ... An important README file that you'll want to have a look at is in the Documentation directory of the linux source (which is normally under /usr/src/linux/Documentation) in the networking subdirectory. It's the net-modules.txt file which describes how to use networking device driver modules. Specifically, it strongly recommends passing the network card base address and IRQ instead of auto-probing. Here's a short snippet from the file: In many cases it is highly preferred that insmod:ing is done ONLY with defining an explicit address for the card, AND BY NOT USING AUTO-PROBING! Now most cards have some explicitly defined base address, they are compiled with (to avoid auto-probing, among other things). If that compiled value does not match your actual configuration, do use "io=0xXXX" -parameter for the insmod, and give there a value matching your environment. If you are adventurous, you can ask the driver to autoprobe by using "io=0" parameter, however it is potentially dangerous thing to do in a live system. (If you don't know where the card is located, you can try autoprobing, and after possible crash recovery, insmod with proper IO-address..) The file had these additional comments about "NE2000" clone cards, like the one that I was using: 8390 based Network Modules (Paul Gortmaker, Nov 12, 1995) -------------------------- (Includes: smc-ultra, ne, wd, 3c503, hp, hp-plus, e2100 and ac3200) The 8390 series of network drivers now support multiple card systems without reloading the same module multiple times (memory efficient!) This is done by specifying multiple comma separated values, such as: insmod 3c503.o io=0x280,0x300,0x330,0x350 xcvr=0,1,0,1 The above would have the one module controlling four 3c503 cards, with card 2 and 4 using external transceivers. The "insmod" manual describes the usage of comma separated value lists. It is *STRONGLY RECOMMENDED* that you supply "io=" instead of autoprobing. If an "io=" argument is not supplied, then the ISA drivers will complain about autoprobing being not recommended, and begrudgingly autoprobe for a *SINGLE CARD ONLY* -- if you want to use multiple cards you *have* to supply an "io=0xNNN,0xQQQ,..." argument. The ne module is an exception to the above. A NE2000 is essentially an 8390 chip, some bus glue and some RAM. Because of this, the ne probe is more invasive than the rest, and so at boot we make sure the ne probe is done last of all the 8390 cards (so that it won't trip over other 8390 based cards) With modules we can't ensure that all other non-ne 8390 cards have already been found. Because of this, the ne module REQUIRES an "io=0xNNN" argument passed in via insmod. It will refuse to autoprobe. It is also worth noting that auto-IRQ probably isn't as reliable during the flurry of interrupt activity on a running machine. Cards such as the ne2000 that can't get the IRQ setting from an EEPROM or configuration register are probably best supplied with an "irq=M" argument as well. [snip!...] If you're planning on using modular device drivers I'd recommend having a look at this file as it contains additional helpful information. The gotcha that I encountered occurred after successfully compiling and installing the new kernel. After I rebooted, there was no message indicating that it had found the network card. As I'm sure most of you know, you can review kernel boot messages using something like: # dmesg | less I went back and recompiled and installed yet another kernel, this time with everything compiled into the kernel and NOT as modules; this time, I got the following message: loading device 'eth0'... ne.c:v1.10 9/23/94 Donald Becker (becker@cesdis.gsfc.nasa.gov) NE*000 ethercard probe at 0x300: 00 00 6e 30 91 cf eth0: NE2000 found at 0x300, using IRQ 10. I suspect that many of you have already guessed what I did wrong: I compiled the network device driver as a module but NEVER LOADED THE MODULE! Duh! The Slackware distribution includes an rc.modules file with the set of rc files. Among other things, this allows you to specify modules to load at boot up using modprobe. After uncommenting the line for the ne.o driver and specifying the base IO and IRQ values, it loaded without a hitch. Those of you using a Red Hat, or Red Hat derived system, will probably find a similar file under the /etc subdirectory. The invocation that I'm using is: # jmf -- this is for the Artisoft NE-2 which is jumpered to io=0x300, irq=10 /sbin/modprobe ne io=0x300,irq=10 Anyway, that was a pretty minor gotcha, but I did manage to lose a bit of time messing around with repetitive kernel recompiles and such. Let me mention here that there are a couple helpful HOWTO's that you might be interested in looking over: * Ethernet-HOWTO * Kernel-HOWTO The Ethernet-HOWTO contains a LOT of details with respect to setting up Ethernet support under Linux. Personally, I wished that the author had taken more of a step-by-step approach to doing this; still there's a good deal of very useful information here. The Kernel-HOWTO is a good reference to use if you're new to Linux or still don't feel comfortable yet with the notion of compiling and installing a new kernel. This is actually a pretty painless proposition now and with the advent of both an ncurses- (actually "dialog-based") and a tk-based configuration utility, kernel customization and compilation is definitely getting easier. Setting Up Networking Configuration Files Once the kernel correctly recognized and initialize the network device, the next step was updating the necessary networking configuration files. There's an absolutely fantastic HOWTO file that goes through this process in an orderly and well-documented manner: The NET-3 HOWTO This is a must read document as it describes each of the files needed for networking configuration, gives working examples, and touches on various issues such as security. It is, however, as the author points out, not a networking security oriented document. If security is an issue then you'll probably want to read one of the several excellent reference works available through publishers such as O'Reilly & Assoc.. Since all of you can read, I'll not insult your intelligence by rehashing what is amply covered in this HOWTO. I would like to make a couple comments about certain files. To begin with, I'm using a Slackware 3.2 distribution, so the files on other distributions may be in different locations (or use a different filename) than the ones mentioned here. These are the files that I edited: /etc/rc.d/rc.inet1 /etc/rc.d/rc.inet2 /etc/hosts /etc/hosts.allow /etc/hosts.deny /etc/resolv.conf Slackware uses rc.inet1 to configure the network interfaces and update the kernel routing tables. I chose to assign the boxes IP addresses from the 192.168.xxx.xxx block. The NET-3 HOWTO covers the assignment of IP addresses in a private network (such as a home LAN like I was setting up). Basically, there are three blocks of addresses that are reserved for private networks (a Class A, Class B, and Class C block). If you're interested, RFC-1597 describes this in detail. And speaking of which, I should mention another very useful WWW resource that you should add to your bookmark file if you haven't already. Nexor Corporation has a web page that allows easy look up and retrieval of RFC documents. Their URL for this service is: http://www.nexor.com/public/rfc/index/rfc.html For the curious, my rc.inet1 now looks like: #! /bin/sh # # rc.inet1 This shell script boots up the base INET system. # # Version: @(#)/etc/rc.d/rc.inet1 1.01 05/27/93 HOSTNAME=$(cat /etc/HOSTNAME) # Attach the loopback device. /sbin/ifconfig lo 127.0.0.1 /sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo # IF YOU HAVE AN ETHERNET CONNECTION, use these lines below to configure the # eth0 interface. If you're only using loopback or SLIP, don't include the # rest of the lines in this file. # IP addresses for TCP/IP Ethernet connection IPADDR="192.168.1.3" NETMASK="255.255.255.0" NETWORK="192.168.1.0" BROADCAST="192.168.1.255" GATEWAY=" # Uncomment the line below to configure your Ethernet card. /sbin/ifconfig eth0 ${IPADDR} broadcast ${BROADCAST} netmask ${NETMASK} [...] # Set up IP routing table. /sbin/route add -net ${NETWORK} netmask ${NETMASK} eth0 if [ -n $GATEWAY ]; then /sbin/route add default gw ${GATEWAY} netmask 0.0.0.0 metric 1 fi # End of rc.inet1 In addition, my /etc/hosts, /etc/hosts.allow, and /etc/hosts.deny files look like: # # hosts This file describes a number of hostname-to-address # mappings for the TCP/IP subsystem. It is mostly # used at boot time, when no name servers are running. # On small systems, this file can be used instead of a # "named" name server. Just add the names, addresses # and any aliases to this file... # # By the way, Arnt Gulbrandsen says that 127.0.0.1 # should NEVER be named with the name of the machine. It causes problems # for some (stupid) programs, irc and reputedly talk. :^) # # For loopbacking. 127.0.0.1 localhost 192.168.1.1 Johnsbox.vanderbilt.edu Johnsbox 192.168.1.2 Faithsbox.vanderbilt.edu Faithsbox 192.168.1.3 Caduceus.vanderbilt.edu Caduceus # END /etc/hosts # # hosts.allow This file describes the names of the hosts which are # allowed to use the local INET services, as decided by # the '/usr/sbin/tcpd' server. # # Version: @(#)/etc/hosts.allow 1.00 05/28/93 # # Author: Fred N. van Kempen, # # # allow all services ONLY to the local boxes ALL: 127.0.0.1 ALL: 192.168.1.1 ALL: 192.168.1.2 ALL: 192.168.1.3 # End of hosts.allow. # # hosts.deny This file describes the names of the hosts which are # *not* allowed to use the local INET services, as decided # by the '/usr/sbin/tcpd' server. # # Version: @(#)/etc/hosts.deny 1.00 05/28/93 # # Author: Fred N. van Kempen, # # # deny all services to everyone unless specified in /etc/hosts.allow ALL: ALL # End of hosts.deny. Finally, I updated /etc/resolv.conf to point to the DNS servers at Vanderbilt University and, secondarily, at MTSU: domain vanderbilt.edu nameserver 129.59.1.10 nameserver 161.45.1.2 At this point, I rebooted both boxes and kept a watch out for boot up error messages... So far, so good... The seriously cool moment occurred when I was able to both ping and then telnet from my wife's Win95 box to Linux. Here's the screen shots of this glorious occasion ;-) Pinging from Win95->Linux Telnetting from Win95->Linux You've probably noticed that I wasn't using the telnet client that comes with Win95. I've found several freeware sites recently and one of them had the venerable ewan 1.05 telnet client that I'd been using for the past couple years. This provides at least ANSI colors as you can see from screen dump of the XEmacs session I had running. These alone were worth a bit of celebrating! Running console-based programs via telnet was surprisingly fast: there was little or no performance difference between the telnet session and running the programs natively under Linux. This was seriously cool! I also found that I could ping from Linux->Win95 and that I could ping and telnet from Win95->Linux using both IP address and hostname! I was a happy man :-) Still, there was one final challenge left... The Big Kahuna: Setting Up Samba! This is still, as the academe's would say, "a work in progress..." (which is to say: "all the bugs ain't worked out yet...") Still, I've got file and CD-ROM sharing working and am closing in on getting printer support working as well! At the moment, I can browse my Linux file system from under Win95, view and edit files, use the CD-ROM (and the floppy drive) as though they were local. This has been a serious pump! I've also discovered that I can do some other nifty things using TCP/IP, such as email, which I'll mention later. All in all, this has been huge! So, here are how things got started... Going to the Source... The first thing I did, and if you're interested in setting up Samba what I'd suggest that you do first too, to head right on out to: Official Samba Home Page Samba was created by Andrew Tridgell, who has not only written a fantastic program, but has provided a wealth of information on Samba at the home page. This includes: * update announcements * manual pages * FAQ's * program documentation * newsgroup digests * source and binary distributions for a variety of platforms * SMB client software * security patches and information * and so forth... This is definitely Stop Number One. Stop Number Two was the SMB-HOWTO which provided a good deal of useful information in compiling, installing, and configuring Samba. After messing around with this for the past couple weeks and starting to read the comp.protocols.smb newsgroup, I'm convinced that the biggest challenge to getting Samba up and doing what you want is getting the smb.conf configuration file correct. Hence, you'll probably want to spend a bit of time with the documentation. The good news is, however, that getting basic file sharing up and working is pretty straightforward. Anyway, the first thing I did was to get the current source, which as of July, 1997 was 1.9.16p11. Compiling and installing Samba was fairly easy. The first thing to do was edit the Makefile under samba-1.9.16p11/source and change the defaults to match my preferences. Specifically, the values I used were: BASEDIR = /usr/local/samba BINDIR = $(BASEDIR)/bin SBINDIR = $(BASEDIR)/bin LIBDIR = $(BASEDIR)/lib VARDIR = $(BASEDIR)/var FLAGS1 = -O -DSYSLOG SMBLOGFILE = $(VARDIR)/log.smb NMBLOGFILE = $(VARDIR)/log.nmb CONFIGFILE = $(LIBDIR)/smb.conf LMHOSTSFILE = $(LIBDIR)/lmhosts LOCKDIR = $(VARDIR)/locks WORKGROUP = FISK GUESTACCOUNT = guest FLAGSM = -DLINUX -DSHADOW_PWD LIBSM = -lshadow Basically, I used the Samba default filesystem structure, which puts all the program and configuration files under /usr/local/samba. I added the -DSYSLOG flag since I'm basically nosy about what's going on and like to see log files to help diagnose problems. The log file and lock file locations, once again, are defaults. I made the default workgroup FISK which is what I used under Win95; I also made sure that I had a guest account and group to which login was barred. The reason for this is giving in the Makefile: # set this to the name of the default account, which is the one # to use when no username or password is specified. This can be overridden # in the runtime configuration file (see smb.conf(5)) # NOTE: The account "nobody" may not be a good one as # on many unixes it may not be able to print. Thus you # might have to create a separate guest account that can print. GUESTACCOUNT = guest And finally, I compiled Samba with shadow password support. You'll find several configuration options for Linux with and without shadow passwords, quotas, and so forth so just pick whichever one is suitable and uncomment the appropriate lines. Hereafter, the compile and install were as simple as: # make # make install At this point I should have mentioned that I was actually doing all this from two VT's (after logging in as root). From the first VT I was editing the Makefile and managing the compilation; from the other VT I had changed to the samba-1.9.16pll/docs/ subdirectory and was following the INSTALL.txt file directions. At the top of the file is the encouraging pronouncement HOW TO INSTALL AND TEST SAMBA and, in fact, the directions do a pretty good job of doing just that. At this point, I'd done the first couple steps: * STEP 0. Read the man pages * STEP 1. Building the binaries * STEP 2. The all important step... If you're wondering what this "all important step" might be, here's Andrew in his own words: At this stage you must fetch yourself a coffee or other drink you find stimulating. Getting the rest of the install right can sometimes be tricky, so you will probably need it. So, after grabbing a coke and a bag 'o nachos, I was ready to plunge ahead. I'd suggest you do the same... The next step is to create the smb.conf file. Now, the good news is that it appears that it isn't too hard to get something working -- you should definitely see fruits of your labors! The bad news is that getting everything exactly right is quite a bit more challenging. In the samba-1.9.16p11/examples/simple directory there's a well-commented sample smb.conf file that I used as a template when setting this up. As the documentation suggests, you'll probably want to be armed with this or an equivalent template and the smb.conf manual page, which goes into great detail with regard to each of the configuration options. Fortunately, the manual page is pretty well written although there is admittedly quite a bit of it... :-) After making a few guesses about what I'd like to try I went back to the INSTALL.txt file and continued with the installation instructions. The next thing it suggests doing is testing the configuration file with the included testparm program. This is really handy as it will let you spot errors in the syntax of the configuration file. Here's a copy of my current smb.conf file: ; Configuration file for smbd. [global] workgroup = FISK printing = bsd printcap name = /etc/printcap load printers = yes guest account = guest domain master = yes log file = /usr/local/samba/log.%m [homes] comment = Home Directories browseable = yes read only = no writable = yes create mode = 0744 [printers] comment = All Printers browseable = no printable = yes public = no writable = no create mode = 0755 path = /var/spool/public print command = echo Printing %s >> /tmp/smb_print.log; lpr -P %p %s [guest] comment = Toplevel Directory browseable = yes printable = no public = yes writable = no readonly = yes only guest = yes path = / [cdrom] comment = Mitsumi CD-ROM Drive browseable = yes writeable = no readonly = yes printable = no public = yes only guest = no path = /cdrom ; END smb.conf When I run the testparm program on this file I get: Load smb config files from /usr/local/samba/lib/smb.conf Processing section "homes]" Processing section "printers]" Processing section "guest]" Processing section "cdrom]" Loaded services file OK. Press enter to see a dump of your service definitions By hitting ENTER you get a LOT of detailed information about the current values of the configuration. Since this seemed to be OK I went ahead and started the smbd and nmbd daemons from the command line using: # /usr/local/samba/bin/smbd -D -d1 -s/usr/local/samba/lib/smb.conf # /usr/local/samba/bin/nmbd -D -d1 -s/usr/local/samba/lib/smb.conf \ -l/usr/local/samba/log The -D option specifies that smbd and nmbd run as daemons; -d1 sets the debug level; and -s and -l set the locations of the smb.conf and logging files respectively. After having a peek at ps -x to make sure that they had started OK, I ran the next test, which involves using the smbclient program to list the shares on the local server. Doing this I get: # smbclient -L Caduceus Added interface ip=192.168.1.3 bcast=192.168.1.255 nmask=255.255.255.0 Server time is Mon Jul 28 20:36:15 1997 Timezone is UTC-5.0 Domain=[FISK] OS=[Unix] Server=[Samba 1.9.16p11] Server=[caduceus] User=[fiskjm] Workgroup=[FISK] Domain=[FISK] Sharename Type Comment --------- ---- ------- ascii Printer ljet2p-letter-ascii-mono cdrom Disk Mitsumi CD-ROM Drive fiskjm Disk Home Directories guest Disk Toplevel Directory homes Disk Home Directories IPC$ IPC IPC Service (Samba 1.9.16p11) lp2 Printer ljet2p-letter-auto-mono raw Printer ljet2p-letter-raw This machine has a browse list: Server Comment --------- ------- CADUCEUS Samba 1.9.16p11 This machine has a workgroup list: Workgroup Master --------- ------- FISK CADUCEUS Again, there's a good deal of information (just keep telling yourself that this is the "Information Age" and there's supposed to be a lot of this around... :-). Anyway, I didn't spot any errors here and so tried to connect to the local server, again using smbclient: fiskjm@Caduceus [ttyp1] [docs] $ smbclient '\\Caduceus\fiskjm' Added interface ip=192.168.1.3 bcast=192.168.1.255 nmask=255.255.255.0 Server time is Mon Jul 28 20:39:49 1997 Timezone is UTC-5.0 Password: Domain=[FISK] OS=[Unix] Server=[Samba 1.9.16p11] smb: \> Excellent! So far, so good... The last thing to do was head back to the Win95 box, and this is where the fun began... Let me stress once again that all of the above steps are outlined in the INSTALL.txt file which really does a nice job of leading the uninitiated, like myself, through this potentially bewildering process. At this point, then, I was ready to try connecting from Win95. The first thing I noticed was that when I clicked on the "Network Neighborhood" the Linux box did not immediately show up! So I did the next logical thing (logical, at least in my own mind, I guess...) I pinged Caduceus (my Linux box) from Win95 and, sure enough, it answered back. I then telnetted to it from Win95 and again, had no trouble! Now, when I clicked on "Network Neighborhood" Caduceus showed up! I honestly haven't a good explanation of why this happens but I've found it to be the case from time to time: to get the SMB shares to "show up" I need to ping or telnet to the Linux box before trying to browse. Those of you who have more experience or insight might be able to offer an explanation... Anyway, I was thrilled to see 'ol Caduceus show up. And just so that you don't think I was making this up, here's a screen dump of Network Neighborhood showing Caduceus. The next gotcha came when I clicked on the Caduceus icon: I got an error to the effect of "network not found..." which had me completely stymied. Diagnosing Those Network Blues... Fortunately, in the samba-1.9.16p11/docs directory there's another helpful file called DIAGNOSE.txtwhich, as the name implies, is a useful checklist of things to run down when trying to pin-point the cause of a problem. As it turned out, the solution to the "network not found" error was adding the IP address of Caduceus to the WINS server configuration box in the Network options dialog box. Doing this and rebooting the Win95 box fixed the problem completely! At this point, I was golden! I could now: * See the Entire Network in Explorer * See the Caduceus shares in Explorer * Browse my /home/fiskjm directory * Browse a CD that I had mounted under /cdrom This was a serious pump! ;-) I found that I could mount a CD under Linux and then browse the contents of that CD via Samba! I found that I could even install Win95 software via a CD mounted under Linux. I was dancin'!! This rocks! In addition to the above I also found that I could browse my entire Linux hierarchy as "guest". What was even MORE freaky was that I could mount my local Win95 partitions under Linux (to /dosC, for example) and then browse those files via Samba from the other networked Win95 box. This was getting better and better all the time... ;-) I'm sure, having skimmed through most of the docs and reading a bit of the newsgroup digests, that there are all sorts of way too cool things that can be done with Samba... This'll let you push the envelope, my friend... ...riding the Ragged Edge of Destruction and Howling in the Wind! This is what makes Linux just rock! Anyway, as I said before, this is still a work in progress. The one thing that I'm still working on is printing, both from Linux->Win95 and vice versa. I'm getting incrementally closer, but haven't quite gotten all the pieces together yet. Still, after a Dejanews search I'm armed with a host of old postings on the subject and have a plan of attack in figuring this out. One thing about Linux... It hones your problem solving skills :-) So, Where to, Captain? The next step in the Odyssey, after whipping printing into shape, is to set up modem sharing between the Linux box and Win95. Currently, I'm doing all my dialup networking (or realistically, the vast majority of it) under Linux. What I'm planning to have a go at next is IP masquerading that would allow the Win95 box to access the 'Net via the dialup line under Linux. I've already discovered that, using Eudora Lite for Windows 95/NT, an excellent, mature, and freely available SMTP/POP email client from the folks at Qualcomm Corporation, I can use the in.pop3d daemon to allow Eudora to pick up mail from the Linux box via POP3 and then send mail out using sendmail running under Linux! This is another Huge Blow For Freedom since it allows me to pick up mail under Linux, skim through the mail for stuff that's specifically mine, and then POP the rest to the Win95 box where my wife can read/reply to it. Outgoing mail is forwarded to sendmail under Linux where it's queued up and sent out the next time a connection is made. It just gives me Willies! So, I'm one Seriously Happy Linux Hombre Kinda Guy! I know that it's quite expensive setting up a single box, let alone two, but if you can find an old beater box somewhere: someone's upgrade "hand-me-down" or something like that, and a couple old NIC cards I'd really recommend this to you. You'll never be the same... Trust me... :-) Resources Galore! For those of you who've caught the bug, here are a few more resources that I came across in the nascent stages of The Quest. In addition to the HOWTO's and other documents already listed, have a look at: J. Pollman's Mini-Home-Server document J. Pollman has written an excellent, concise guide to doing pretty much what I've just described above. In this case, he actually describes setting up three boxes: a Linux box, a Win95 box, and an old i386 box that he uses as a "server" for printer and modem sharing. He covers TCP/IP, Samba, and IP firewall setup to make all of this happen. I'd definitely have a look a this. The Linux ipfwadm Home Page This excellent resource is brought to you by the kind folks at X/OS. The page has links to the most recent distribution of the ipfwadm package, update announcements, and a VERY comprehensive paper that details the installation, setup, and configuration of the ipfwadm package. If you're going to "do ipfwadm" then this is definitely a place to start. The Linux IP Masquerade Resource Page This is yet another "must-bookmark" page that provides a tremendous amount of helpful information and documentation on configuring IP masquerading under Linux. The Firewall and Proxy Server HOWTO Yet another good source of information on obtaining, compiling, installing, and configuring the ipfwadm package. This includes detailed descriptions of how to go about setting up both IP filtering firewalls and Proxy servers. Olaf Kirch's classic "Linux Networking & Administrator's Guide" This is a foundational work that covers all aspects of networking under Linux. In its own words it is a "350-page book covering all major tasks of running Linux in a networked environment ranging from basic TCP/IP configuration to NFS, NIS, SLIP, PPP, inetd, etc." The above list is far from comprehensive, although I trust that it at least provides a jumping off site for further exploration. I really can't stress how much fun this networking stuff has been. Being able to share resources between a Linux box and a Windows box has opened up all sorts of possibilities. My wife is actually talking about "her box" which is a major step forward in computer acceptance around the Fisk household after years of..., er... detente. I'd also like to point out once again that this is a NETWORK NEWBIE's article: I'm way down low on that 'ol learning curve and have quite a ways to go before I can claim basic proficiency. Be warned once again that at least part of what I've mentioned here may well be wrong (the problem, of course, is that I don't know which part). Please don't hesitate to drop me a note and provide corrections or modifications. Anyway, here's wishing y'all a VERY HAPPY LINUX'ing! Best Wishes, John M. Fisk Nashville, TN 28 July, 1997 _________________________________________________________________ XEmacs Xtras!XEmacs Xtras! Since the end of the Spring semester, which can be loosely interpreted to mean, "since I had a bit more time...", I've been slowly learning my way around XEmacs. I've still not formed a solid opinion on it yet, but it's definitely growing on me. I love the speed of vi[m] and I still use this for all the day to day editing and such that needs to be done. But I've slowly grow quite attached to XEmacs and all the nifty things that this great editor is capable of doing. And for those of you who are unfamiliar with it, XEmacs is... Well, in their own words (from the XEmacs FAQ): What is XEmacs? =============== An alternative to GNU Emacs, originally based on an early alpha version of FSF's version 19, and has diverged quite a bit since then. XEmacs was known as Lucid Emacs through version 19.10. Almost all features of GNU Emacs are supported in XEmacs The maintainers of XEmacs actively track changes to GNU Emacs while also working to add new features. I guess, to my own conceits, XEmacs provides all of the power and sophistication of its worthy progenitor, GNU Emacs, with a goodly assortment of the amenities of a GUI. It seems to strike a nice balance between the "pretty, mouse-driven UI" and the speed of the keyboard. All in all, I'm having a great time messing around with this. Which reminds me, Dan Nicolaescu sent a very nice note pointing out something that I'd clearly missed: From done@ece.arizona.edu Tue Jul 22 22:09:23 1997 Date: Sun, 29 Jun 1997 10:16:13 -0700 From: Dan Nicolaescu To: fiskjm@ctrvax.Vanderbilt.Edu Subject: article in Linux Gazette Hi! I have one comment about the screen captures of Emacs and XEmacs in your article in Linux Gazette at http://www.ssc.com/lg/issue18/wkndmech.html To truly illustrate both emacsen syntax coloring capabilities you would better take a snapshot after you put in your .emacs (setq font-lock-maximum-decoration t) and restart [X]Emacs. Regards, Dan Thanks Dan! As the old academic saw goes, "this is left as an exercise for the reader". I appreciated his pointing this out. This segues right into another point that I wanted to bring up: there is a HUGE amount of interesting and fun elisp code floating around out there that does all sorts of cool and groovy things. Like what, you ask...? Well, in issue 11 of the Linux Gazette, the prolific Larry Ayers had an article on adding a "kill ring menu" to the menu bar which allows you to select from a number of previously killed sections of text being held in the kill ring. I've added this to my ~/.emacs file and it works like a charm! Kudos to Larry! Well guess what? If you hang around the comp.emacs, comp.emacs.xemacs, or gnu.emacs.sources newsgroups you'll find that code snippets like this are passed around all the time. To help entice you, here are two postings that I ran across a little while ago. The first, from David Hughes tells how to set up func-menu which provides a menu of the functions defined in the current buffer. This is similar to using etags or ctags for those of you who are familiar with these programs, but adds a clever bit of GUI: From: djh@videonetworks.com (David Hughes) Subject: Re: Is func-menu what I'm looking for? Newsgroups: comp.emacs.xemacs Sender: xemacs-request@xemacs.org Lines: 50 Xref: news.vanderbilt.edu comp.emacs.xemacs:16055 > Hi gurus, > > I remember, a while ago, I used to be have a menu that would > give me the name of the functions defined in the current buffer. > The menu would also allow me to point to one particular function. > > I'd like to be able to use that again, but I do not know > which package does it. > Is it func-menu? > If so, where can I find it? I have tried, but I could > not find it. Add the following (or something like it) to your .emacs ;;; func-menu is a package that scans your source file for function ;;; definitions and makes a menubar entry that lets you jump to any ;;; particular function definition by selecting it from the menu. The ;;; following code turns this on for all of the recognized languages. ;;; Scanning the buffer takes some time, but not much. ;;; ;;; Send bug reports, enhancements etc to: ;;; David Hughes ;;; (cond (running-xemacs (require 'func-menu) (define-key global-map 'f8 'function-menu) (add-hook 'find-file-hooks 'fume-add-menubar-entry) (define-key global-map "C-cl" 'fume-list-functions) (define-key global-map "C-cg" 'fume-prompt-function-goto) ;; The Hyperbole information manager package uses (shift button2) and ;; (shift button3) to provide context-sensitive mouse keys. If you ;; use this next binding, it will conflict with Hyperbole's setup. ;; Choose another mouse key if you use Hyperbole. (define-key global-map '(shift button3) 'mouse-function-menu) ;; For descriptions of the following user-customizable variables, ;; type C-h v (setq fume-max-items 25 fume-fn-window-position 3 fume-auto-position-popup t fume-display-in-modeline-p t fume-menubar-menu-location "File" fume-buffer-name "Function List*" fume-no-prompt-on-valid-default nil) )) -- David Hughes The second, by Tom Steger (who actually tips the hat to another fella...), tells how to do something that I really have gotten used to under vi[m], and that is hitting the percent "%" key when the cursor is positioned on top of a brace, bracket, parenthesis, etc. and have it move to the matching element. For those long-winded functions with lots of nesting this is a godsend when trying to untangle a mass of braces and brackets. Date: Mon, 23 Jun 1997 08:20:35 -0400 From: steger@WILLEY.tautron.com (Tom Steger) Subject: Re: matching parenthesis Newsgroups: comp.emacs.xemacs > Hi, > > Is there a command in xemacs19.15 by which I can go to a matching > parenthesis (like % in vi) ?? > > I do have the parenthesis library working which highlights the > matching parenthesis but if the matching parenthesis is out > of the page how do I get to it without moving the cursor ?? > > Thanks in advance, > Chetan I got the following from hall@grumpy.nl.nuwc.navy.mil in response to a similar question. I bound it to ALT %. (defun goto-matching-paren () "Move cursor to matching paren." (interactive) (let* ((oldpos (point)) (blinkpos)) (condition-case () (setq blinkpos (scan-sexps oldpos 1)) (error nil)) (if blinkpos (setq blinkpos (1- blinkpos)) (condition-case () (setq blinkpos (scan-sexps (1+ oldpos) -1)) (error nil))) (setq mismatch (/= (char-after oldpos) (logand (lsh (aref (syntax-table) (char-after blinkpos)) -8) 255))) (if mismatch (progn (setq blinkpos nil) (message "Mismatched parentheses" (if blinkpos (goto-char blinkpos))))) (global-set-key "M-%" 'goto-matching-paren) I know that trying to cut and paste from HTML isn't always the easiest so if you're interested in trying these things out I've taken the liberty of cat'ing these into a plain ASCII file. You can either save the following link to a file or else display it and then save it as a plain text file: XEmacs Customization Code Anyway, I've had a huge amount of fun playing with this, hope you do too. Enjoy! John M. Fisk Nashville, TN 29 July, 1997 _________________________________________________________________ Closing Up Shop Say, thanks again for stopping in! Thought I'd finish up with a quick list of UNIX resources for Win95/NT users. When I started work this summer they upgraded the workstation that I'd been using to a Pentium-based system running Windows NT version 4.0. This was the first time that I'd used NT and, although it's quite similar to Windows 95, found that it took a bit of getting used to. One of the things that I really missed were the editors and file processing tools that I'd been using under Linux at home and at school. I soon discovered that there's quite a wealth of UNIX type tools that have been ported to the Win95/NT environment. I was quite impressed at what is currently available: vi, emacs, perl, tcl/tk, gcc, gs, ksh, bash, and so forth. Not all programs work as well in the Windows environment and often there are missing features. Still, overall I've been pretty pleased at what's out there. So here's a short listing of some of the resources "out there..." VI Improved (VIM) version 4.6 This tops the list as one of favorite applications of all times: Bram Moolenaar's VIM editor. This is version 4.6 of this great program. You'll find information on documentation, version announcements, ports, binary distributions, and so forth here. You'll also find information on the (currently alpha) 5.0 version that adds color syntax highlighting in addition to all the other goodies! Run, don't walk, to get this one! GNU Emacs version 19.34 for Windows NT/95 As I gain experience with emacs this is quickly becoming my second most used app. This is a terrific port of GNU Emacs version 19.34 for the Windows NT/95 environment. Be forewarned, as with most things emacsen, it's HUGE! If you want, you can head right on out to the GNU Emacs for Windows NT/95 FTP site GNU-Win32 Project at Cygnus Solutions Kudos to the folks at Cygnus!! These guys have provided a high quality, 32 bit, GNU-based development environment with an impressive number of utilities as well as the bash shell. I've been using these tools for the past couple months now and they are truly a godsend. If memory serves me correctly you'll find both development archives as well as an archive with basic file and disk utilities (grep, awk, sed, cat, rm, ls, and so forth). This is a definite bookmark site. UWin (Unix to Windows) Tools from AT&T In addition to the tools and utilities from Cygnus, you can also find a full featured development environment complete with 160+ utilities at the UWin Project. Development tools include cc, yacc, lex, make, ksh, and much more. This is under the leadership of David Korn (of the Korn Shell fame...) who describes UWin as "a package [which] provides a mechanism for building and running UNIX applications on Windows NT and Windows 95..." Comparison shoppers will want to have a look at what's available here as well and make their own decisions. DJGPP Development Suite Here's yet another excellent C/C++ development environment that is quite mature and full featured. DJGPP is now up to version 2.x and brings the native 32 bit GCC development tools to 16 or 32 bit DOS or Windows platforms. I've been using this for writing quick C++ programs that I need at work and have been VERY pleased with it. You'll find a host of tools and utilities including brand new DJGPP binaries from the Pentium Compiler Group! This is another must visit site. HIP Communications' Win32 Perl For all you perl fans out there, here's a high quality port of Perl 5 which was commissioned for Windows NT by the folks from Redmond. I'm no perl jockey yet (it's on my short list of things to learn... :-) but I picked up the binaries for that rainy afternoon when I've got time to pick up another language... If you "do perl" then this is your site! Unix to NT Resources from the New England NT User's Group This is an excellent compendium of annotated links to Unix to Windows NT resources (many of which are also applicable to the Windows 95 platform). If you bookmark only one page from your list, this should be it! Windows NT Tools (again, from the N.E. NT User's Group) To help you get here quickly I've added this link: it's a nice list of tools and utilities for the Windows NT platform, many of which are UNIX based. GNU tools for WinNT at the U. of Texas FTP site Here's another place to poke around for that GNU app you've been looking for. Unfortunately, this link will just dump you into an FTP directory, you'll need to have a look at the index.txt file to see what goodies are there. Alladin Ghostscript v. 5.02 The venerable ghostscript program from the kind folks at Alladin is available here at the U. of Wisconsin site. You'll find links to all sorts of information, binaries, sources, and other stuff. Well, I'm running out of time here, but hopefully this will get you going. With a bit of poking around you'll easily find ports of several other excellent programs including: * Samba * Kermit * Tcl/Tk * Jed * and so forth... A Yahoo search will often get you going on the right track. Also, a couple of the pages above have a very nice set of links to help you on your search for Good Tools. Anyway, thanks again for stopping by! Take care. Best Wishes, John M. Fisk Nashville, TN 29 July, 1997 _________________________________________________________________ Mail Me a Note Got any comments, suggestions, criticisms or ideas? Feel free to drop me a note at: John M. Fisk _________________________________________________________________ Copyright © 1997, John M. Fisk Published in Issue 20 of the Linux Gazette, August 1997 _________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back Next _________________________________________________________________ Linux Gazette Back Page Copyright © 1997 Specialized Systems Consultants, Inc. For information regarding copying and distribution of this material see the Copying License. _________________________________________________________________ Contents: * About This Month's Authors * Not Linux _________________________________________________________________ About This Month's Authors _________________________________________________________________ Larry Ayers Larry Ayers lives on a small farm in northern Missouri, where he is currently engaged in building a timber-frame house for his family. He operates a portable band-saw mill, does general woodworking, plays the fiddle and searches for rare prairie plants, as well as growing shiitake mushrooms. He is also struggling with configuring a Usenet news server for his local ISP. Gerd Bavendiek Gerd has worked as a software engineer with various flavors of Unix since 1988. In 1994 he realized that using Linux could make his every-day work more convenient. Since that time he has used Linux and various GNU-software. He lives in Essen, Germany. In my spare time I build model-steam engines using real hardware: lathe, milling-machine and a lot of hand tools. Jim Dennis Jim Dennis is the proprietor of Starshine Technical Services. His professional experience includes work in the technical support, quality assurance, and information services (MIS) departments of software companies like Quarterdeck, Symantec/ Peter Norton Group, and McAfee Associates -- as well as positions (field service rep) with smaller VAR's. He's been using Linux since version 0.99p10 and is an active participant on an ever-changing list of mailing lists and newsgroups. He's just started collaborating on the 2nd Edition for a book on Unix systems administration. Jim is an avid science fiction fan -- and was married at the World Science Fiction Convention in Anaheim. John Fisk John Fisk is most noteworthy as the former editor of the Linux Gazette. After three years as a General Surgery resident and Research Fellow at the Vanderbilt University Medical Center, John decided to ":hang up the stethoscope":, and pursue a career in Medical Information Management. He's currently a full time student at the Middle Tennessee State University and hopes to complete a graduate degree in Computer Science before entering a Medical Informatics Fellowship. In his dwindling free time he and his wife Faith enjoy hiking and camping in Tennessee's beautiful Great Smoky Mountains. He has been an avid Linux fan, since his first Slackware 2.0.0 installation a year and a half ago. Guy Geens One of Guy Geens's many interests is using Linux. One of his dreams is to be paid for being a Linux geek. Besides his normal work, he is the (rather inactive) maintainer of his research group's web pages at http://www.elis.rug.ac.be/~ggeens. Michael J. Hammel Michael J. Hammel, is a transient software engineer with a background in everything from data communications to GUI development to Interactive Cable systems--all based in Unix. His interests outside of computers include 5K/10K races, skiing, Thai food and gardening. He suggests if you have any serious interest in finding out more about him, you visit his home pages at http://www.csn.net/~mjhammel. You'll find out more there than you really wanted to know. Håkon Loøvdal Håkon is 24 years old and lives in Norway. He is educated as an Electronics Engeneer and has one year of computer science in addition. He is about to begin his first job as a Software Development Engineer at Ericsson. Linux has been installed on his computer since version 1.0.8 and has has grown from just a tool to explore Unix into his favorite operating system. Andy Vaught Andy is currently studying physics at Arizona State University. When not on-line (most of his waking hours), he enjoys reading, bicycling and flying. _________________________________________________________________ Not Linux _________________________________________________________________ Thanks to all our authors, not just the ones above, but also those who wrote giving us their tips and tricks and making suggestions. Thanks also to our new mirror sites. My assistant, Amy Kukuk, did all the work again this month. She's so good to me. Thank you, Amy. Vacations are fun and wonderful, but mine sure put me behind schedule with my Linux Journal work. My grandchildren are even smarter and more beautiful than I remembered. It was a much needed break, and I expect to get caught up this week. :-) Linux Journal is expanding to 116 pages and going to perfect binding with the October issue. No wonder I'm working so hard! Riley is going off again this Saturday for our annual week-long motorcyle trek with friends. This time I'm staying home. :-( Oh, well, perhaps next year. (Needless to say, our motorcycle is a BMW.) Have fun! _________________________________________________________________ Marjorie L. Richardson Editor, Linux Gazette gazette@ssc.com _________________________________________________________________ [ TABLE OF CONTENTS ] [ FRONT PAGE ] Back _________________________________________________________________ Linux Gazette Issue 20, August 1997, http://www.ssc.com/lg/ This page written and maintained by the Editor of Linux Gazette, gazette@ssc.com