Answers 115

From LXF Wiki

Answers 115

<title>Too many passwords</title>

<question>I’ve just completed an install of Ubuntu 8.10, which is ace apart from the nagging prompt asking me to ‘Enter password for default keyring to unlock’ every time I log in. The prompt says:

The application ‘NetworkManagerApplet’(/
usr/bin/nm-applet) wants to access the default
keyring, but it is locked.

and I’m unable to connect to my wireless router until I enter my root password. It’s not a major hassle for me, but how can I save my family this inconvenience? </question>

<answer>Ubuntu uses NetworkManager to handle all wired and wireless connections. This remembers the networks that the computer has connected to before and tries to automatically reconnect when they are in range. Because these networks are generally encrypted, it needs to store the key or passphrase for each of these ‘known’ networks. It does that by using the Gnome keyring (KDE alternatives use KDE Wallet) and this is password protected. You should not be using the root password to access this. In fact, you shouldn’t even be using your login password, otherwise it provides no extra protection beyond your standard login. If that’s enough security for you, Ubuntu has Gnome Keyring set up to automatically open a keyring called ‘login’ when you log in. This can be used to store the passwords of other keyrings, meaning they can all be opened once you are logged in. There should be a file called login.keyring in .gnome2/keyrings. The next time you are asked for the default keyring password, check ‘Automatically Unlock This On Login’ and you shouldn’t be asked for the password again. You’ll need to repeat this once for each user, until each of them uses the login keyring to open any others. This won’t work if you opted for the autologin feature during installation, because then you’re not giving a login password, which is used to unlock the special keyring. However, if more than one person uses the computer, you should avoid auto-login anyway; each member of your family should have their own account to keep their settings and data safe. You can turn off auto-login in the Security tab of System > Administration > Login Window. </answer>

<title>Sudo on CentOS</title>

<question>Why does CentOS say that my account ‘is not on the sudoers list’? I’ve tried looking in the account settings, but to no avail. </question>

<answer>CentOS doesn’t use sudo by default. Unlike Ubuntu, where the first user set up in the installer has rights to run anything with sudo, CentOS gives no such rights to anybody. By default, the only way to run programs with root privileges is to log in as root, by running su in a terminal. If you want to enable sudo for you or others, you’ll need to edit the sudoers list, using the command visudo. This uses the editor defined in $EDITOR or, if that’s not set, Vi. This method checks the syntax before committing it to the real file, which avoids you locking yourself out with a typing error. Run it with

su -
visudo
or
EDITOR=”emacs” visudo

and add this line to the end of the file

youruser ALL=(ALL) ALL

to enable a user to run any commands. You can also specify a list of commands like this:

otheruser ALL= /sbin/mount, /sbin/umount

Permission can be granted to all members of a group, and you can restrict the arguments given to commands as well, as in this, disabled, example from the default CentOS sudoers file

%users ALL=/sbin/mount /cdrom,/sbin/ umount /cdrom

which lets any user mount or unmount the CD. You can remove password protection like so

%users ALL=NOPASSWD: /sbin/mount /cdrom,/sbin/umount /cdrom

but be careful what you allow with this. Sudo is generally considered a better way of controlling access to system commands, because you have fine control over what each user can do, and because no one else needs to know the root password. </answer>

<title>Login lockout</title>

<question>Can you help me get PCLinuxOS 2007 to boot again? I have it installed on its own hard drive and I was slowly getting to grips with it, but during a recent house move I lost the notebook containing my login details. One forum suggested I just put the DVD back in and reload it – I’ve tried, but I still get asked for login details. I’m at a loss as to what to do next, so any help would be appreciated. </question>

<answer>You’re still booting from the hard disk. To boot from the DVD, you need to call up your BIOS’s boot menu to choose the DVD as your boot device. You should see a message flash up when the computer first starts, telling you to press one key for settings and so on. Unfortunately, the key used varies from one motherboard to the next – the four computers here use F8, F11, F12 and Esc. Sometimes the message refers to a BBS menu. It should also be explained in your motherboard manual, if that isn’t lost along with the book containing your passwords. If you can’t get a boot menu, call up the BIOS settings page and change the boot order so that CD/DVD comes before the hard disk. Once you’ve booted from your Live CD, there’s no need to reinstall; you can reset the password with a couple of terminal commands. Open a terminal by clicking the Konsole icon and run these commands

su -
mount /dev/sda1
chroot /mnt/sda1
passwd yourusername

su gives you root access and the password is root. The next command mounts the root filesystem, PCLinuxOS installs to /dev/sda1 by default, then chroot enters that directory and makes it the root directory. Until you log out, you’re now inside your original PCLinuxOS installation. You may see some errors about permissions in /dev/null when you run chroot, but you can safely ignore them. Now that you’re inside your original installation, logged in as root, you can change the password with the passwd command

passwd myuser

Enter the password twice when prompted and try not to forget or lose it this time. If you have forgotten your login name too, you can see all the usernames in the file /etc/passwd.

cat /etc/passwd

Your username will be at, or very near, the end of this file. You can also reset the root password by running passwd with no username. Once you’ve reset the passwords, press Ctrl+D to log out of the root session and then reboot, letting it boot from the hard disk this time. You can now log in with your new password and username. </answer>

<title>On off internet</title>

<question>I’m trying to restrict internet access (Wi-Fi) on one of my laptops, but only at set periods during the day and night. I presume it can be done as a Cron job, but I’m not quite sure of the syntax to set out the time frame and if I need to edit Cron as a user or via the root. Let’s say the laptop can only access the internet from 08.00 until 17.00, then from 20.00 to 22.30 on Sunday-Thursday (school nights) but on Friday or Saturday it can connect from 08.00 until 23.00. Could it be done in a couple of lines, or do I have to run one command for each day of the week and the off times? Also, how do I stop all internet traffic, both Wi-Fi and Ethernet? </question>

<answer>This can be done with Iptables, the program that controls the Linux kernel’s firewall abilities. You can use this to block all outgoing traffic, but a cleaner solution is to block all traffic that’s not destined for your local network. That way your child’s computer can still access any shared directories or local servers, but outside internet access is prevented. The following command will allow connections to the 192.168.0.* network, but block everything else.

iptables -I OUTPUT ! -d 192.168.1.0/24 -j DROP

The -I OUTPUT part (that’s a capital letter i) inserts the rule at the start of the output chain. Firewall rules are processed in order, with the first match used, so you want this to come before anything else you may have. This is important if you’re already running firewall software, since that’s normally set to allow outgoing connections and you want to override it. The d 192.168.1.0/24 part matches any traffic heading for the 192.168.1.* network, but the preceding ! inverts this, so any traffic not for your network matches. The final part, -j, tells Iptables what to do with this data – in this case, discard it. Since this rule doesn’t specify an interface, it will block regardless of whether you’re using a wireless or wired connection. You could put this command into a Cron task, and add the corresponding rule to remove the restriction

iptables -D OUTPUT ! -d 192.168.1.0/24 -j DROP

where the -I (insert) is replaced by -D to delete the rule and that would effectively switch on and off the computer’s internet connection at the specified times. For example, by putting this in /etc/cron.d/firewall

0 8 * * * root /sbin/iptables -D OUTPUT ! -d
192.168.1.0/24 -j DROP &>/dev/null
0 17 * * 0-4 root /sbin/iptables -I OUTPUT ! -d
192.168.1.0/24 -j DROP &>/dev/null
0 20 * * 0-4 root /sbin/iptables -D OUTPUT ! -d
192.168.1.0/24 -j DROP &>/dev/null
30 22 * * 0-4 root /sbin/iptables -I OUTPUT !
-d 192.168.1.0/24 -j DROP &>/dev/null
0 23 * * 5-6 root /sbin/iptables -I OUTPUT ! -d
192.168.1.0/24 -j DROP &>/dev/null

The first rule turns the filtering off at 8am every day, the next three turn on at 5pm, off at 8pm and on again at 10.30pm on Sunday to Thursday (days 0 to 4 in Cron terms). The final line turns on filtering at the later time for weekend use. There is one serious flaw with this approach: the computer has to be turned on for the Cron task to activate, so resetting it will cause the rule to disappear. One solution is a shell script that checks the time and sets the rules accordingly, which you can run from /etc/rc.local.

#!/bin/sh
DAY=$(( $(date +%u) % 7 ))
HOUR=$(date +%H)
if  $DAY -lt 2 ; then
if  $HOUR -ge 8  &&  $HOUR -lt 23 
then
/sbin/iptables -D OUTPUT ! -d
192.168.1.0/24 -j DROP
else
/sbin/iptables -I OUTPUT ! -d 192.168.1.0/24
-j DROP
fi
else
if  $HOUR -ge 8  &&  $HOUR -lt 17 
then
/sbin/iptables -D OUTPUT ! -d
192.168.1.0/24 -j DROP
elif  $HOUR -ge 20  &&  $HOUR -lt 22 
then
/sbin/iptables -D OUTPUT ! -d
192.168.1.0/24 -j DROP
else
/sbin/iptables -I OUTPUT ! -d 192.168.1.0/24
-j DROP
fi
fi

This may look complicated, but all it does is retrieve the day and hour from the date command and make decisions about whether to turn filtering on or off based on this. You may want to tweak it to suit your needs, but it’s a good starting point. </answer>

<title>Sharing data</title>

<question>I was running Linux Mint on an old laptop for about six months when I had to replace the hard drive. (Luckily, I was able to recover the partitions with Clonezilla.) Your article in LXF112 on changing the operating system but keeping the home partition set me thinking about using all the extra space on my new hard drive by dual booting with other OSes. Except there seemed to be various pitfalls to sharing the home partition directory with hidden files. My question is, can you have a common partition to keep music, photos and text files that can be read and modified by the different OSes? If so, how do you go about setting this up, and would you still need to keep a separate /home for each OS or could the directory be left within the root folder? Also, would it be better to stick with the Gnome desktop in other OSes? You may say that I could use Samba or NFS to get at the files, but I’ve only been using Linux for about a year and just about productively since I installed Mint, so I’m not too au fait with how these work as yet. I’m still climbing the learning curve. </question>

<answer>Samba and NFS are for sharing files across a network, not within a single computer. I stick by the recommendation made in the feature in LXF112 and say you should have a single /home partition, but use a separate directory within that partition for each distro. The idea is that you then have one partition for each OS that you install, plus a single partition for all your own data (and a single swap partition as well). By keeping separate home directories within the single /home partition, you avoid any problems with clashing configuration files. The only thing you need to do is make sure that your users have the same numeric user ID in each distro. As far as sharing data is concerned, you can do this with symbolic links. Let’s say you have a username of steve on Mint, with a home directory of /home/steve and you install OpenSUSE. On that distro you would still use a username of steve, but set the home directory to be /home/steve-suse. Linux doesn’t care what your home directory is called – /home/username is only used because it is easy to see which directory belongs to which user. Assuming you’re incredibly well organised and keep your photos in /home/steve/photos, your music in /home/steve/music, your mail in /home/steve/mail and so on, create these symbolic links:

ln -s /home/steve/photos /home/steve-suse/photos
ln -s /home/steve/music /home/steve-suse/music
ln -s /home/steve/mail /home/steve-suse/mail

This makes the sharing totally transparent, and everything appears to be in your home directory, in the same layout, whichever distro you are running. If you’re using KDE, you can create a symlink by dragging the folder you want to share over a directory and dropping it with the Control and Shift keys held down, or with no keys and choosing Link from the menu that pops up. The only reason to stick with the same desktop in all distros is if it’s the only one you like. If you want to experiment, go for it. Each distro is separate, so what you run on one won’t affect any of the others. </answer>

<title>Overly clever modems</title>

<question>I recently converted a friend of mine to Linux – Ubuntu to be exact – and he really likes it, but he needs to connect to the web via a Bandrich C-100 modem. I’ve tried every suggestion on the forums and nothing works – it will not connect. What am I doing wrong? Because of this little glitch there are two other potential users who were going to switch to Linux but who are hesitant now because of this problem. </question>

<answer>You may have already found the answer to this, because it was covered in our Mobile Broadband feature in LXF113. The Bandrich C-100 is an Express Card or USB 3G modem that uses the same trickery as the ones mentioned in that feature, presenting itself as a mass storage device (a fake CD-ROM containing the Windows drivers) as well as a modem. This modem is similar to the Novatel modem in the feature, meaning that when the storage device is activated, the modem is hidden. There are three possible ways to fix this. The manual method is to use the eject command to get rid of the fake CD

eject /dev/sr0

at which point the modem should appear as /dev/ttyUSB0. The second option is to let udev handle this for you by adding one of these lines (not both) to etc/udev/rules.d/10-local.rules; create the file if it does not exist.

SUBSYSTEM==”block”, ACTION==”add”,
SYSFS{idVendor}==”1a8d”,
SYSFS{idProduct}==”1002”,
OPTIONS=”ignore_device”
SUBSYSTEM==”block”, ACTION==”add”,
SYSFS{idVendor}==”1a8d”,
SYSFS{idProduct}==”1002”, RUN+=”/usr/bin/
eject %k”

The first option ignores the fake CD completely, the second ejects it as soon as it appears. Try each of these in turn and one should cause /dev/ttyUSB0 to appear when the modem is plugged in. Once that device appears, you can use any PPP dialler to connect to your ISP. A third option is to try it with the latest Ubuntu release, 8.10. We reviewed this last month and found its detection and autoconfiguration of GSM modems to be excellent. There was no need to fiddle with udev rules or dialler scripts – it just worked. </answer>

<title>Skype sound loss</title>

<question>I like to use Skype to talk while playing online games. I’ve just switched over to Ubuntu 8.10 from Windows, but I’ve found I’m unable to use sound in more than one application at once. Furthermore, after one Skype call ends, I need to play a random sound, to ‘reset’ the sound device, otherwise I’m told there’s an audio playback error. The worst thing is that if I’m playing games and someone calls me, I can’t answer their call because of this, so I have to exit the game or start a call before playing. My webcam also won’t work with Skype, yet it will with Ekiga. </question>

<answer>Did you install Skype from a file downloaded from skype.com or via the Synaptic package manager? If it’s the former, you should uninstall this and use Synaptic. Skype is not included in the standard Ubuntu repositories, so you’ll need to add the Medibuntu repository before you can install software from it. This means you’ll get versions tested for Ubuntu, be notified of updates and gain access to other useful software in the repository. Add Medibuntu by typing

sudo wget http://www.
medibuntu.org/sources.list.d/
intrepid.list --output-document=/
etc/apt/sources.list.d/medibuntu.
list

into a terminal while Synaptic isn’t running. You can also find this command at https://help.ubuntu.com/community/Medibuntu, so you can paste it into the terminal to avoid typing errors. Then run Synaptic, click on Reload to get the latest list ofpackages and search for Skype. You also need to make sure you have the correct devices selected for Skype. As your webcam works with Ekiga, check that you have the same device selected in Skype. This is usually /dev/video0, unless you have a TV card fitted, in which case that will be video0 and your webcam is video1. I’ve also noticed that Skype only picks up devices that are connected when it starts, so ensure you plug in the camera before running Skype. Your sound problem sounds like (sorry) Skype is trying to use OSS, the older sound system for Linux, and not ALSA (Advanced Linux Sound Architecture). ALSA provides software mixing, so that more than one program can use the sound device at the same time, whereas OSS locks up the device for its own use, preventing any other program from using it. Skype gives an array of choices for audio devices, and the default option is often not the best one. If you try the other devices in turn, this problem will almost certainly go away. You may find a similar solution applies with the other programs as well, depending on whether they allow you to choose the sound device. If not, installing the alsa-oss package should enable any OSS programs to be run through ALSA. </answer>

<title>DVD into CD won’t go</title>

<question>I have an obsolete PC with a Pentium 2 running at 400MHz and 128MB of RAM. It has a floppy drive, a CD-ROM drive and a hard disk with only 4GB of storage space. On the DVD of LXF111 there’s Antix, which seems – from your description – to be a perfect fit to give me a starting place for learning Linux, but I don’t have a DVD drive. My friend who does have one is a Windows man who doesn’t understand ‘an ISO image for burning to a CD’. Do you know some kind soul who would make the CD for me and post it? The addition of Gambas, also on that DVD, would be wonderful as a replacement for QBasic. So would those newbie guides you say are there. Of course, I’ll be happy to pay for the CD and any other costs involved in creating it. </question>

<answer>An ISO image is just the contents of a CD or DVD as a single file. It’s an exact copy of the data on the CD or DVD, ready to write straight to the disc. All CD/DVD burning programs can burn an ISO to a CD for you, although the exact options you’ll need to select can vary. The first step is to copy the antiX-M7.5.iso file from the DVD to My Documents or any other convenient location. Then replace the DVD with a blank CD-R and start up your CD burning software. If you use Nero – a limited version is often supplied with PCs – you simply select Burn Image from the File menu. An Open dialog pops up to let you select your ISO image, although you may need to set the file type to All Files to see it. Select the Antix ISO image, press Open, in the options window that opens next, leave everything as it is and press OK, then press Burn – that’s it. Burning ISO images is easier than creating a CD/DVD from scratch, because all the settings are taken care of in the image file. If you don’t have Nero or a similar program that you can use, there’s a free CD burning program for Windows called Express Burn, available from www.nch.com.au/burn. Install this in the usual way, run it and select ‘Write ISO image to a disk’ from the Burner menu. Select the Antix file and press OK when the Burn Target window opens. We’re unable to supply individually created CDs, but you can copy any of the files from the DVD to a CD using any of the standard CD writing programs and then read them on your PC. Alternatively, for the price of a box of blank CDs, you could buy a basic DVD-ROM drive for your old computer. Linux treats CDs and DVDs in the same way – as far as the OS is concerned, a DVD just holds more. Even video DVDs are the same format as data discs, so there would be no compatibility issues to face in replacing your CD-ROM with a DVD-ROM drive for use with Linux. </answer>

<title>Software installation</title>

<question>I’m a recent convert to Linux and I can’t see how to install new software. When I read about software installation, I keep seeing instructions on compiling from source. Why can’t it be as easy as installing in Windows? </question>

<answer>Linux is an open source system, so it’s normal for software to be distributed as source code. However, that doesn’t mean you need to compile the software yourself, at least not in the vast majority of cases. The Windows method is quite haphazard – you have to go trawling various websites to find program installers, and then go back to them regularly for updates. There’s also a risk that you’ll download an infected program, as you’re using a host of websites you know little about. Linux distros use a completely different method, which is based on package managers, such as Ubuntu’s Synaptic. These use repositories – large collections of software ready to install on your computer. The package manager also handles dependencies, where one program requires another to run. For example, program A may need program B, which in turn needs library C. This is more common with Linux than Windows, since programs usually call on other programs and libraries to share the work instead of reinventing the wheel. The package managers take care of these dependencies, telling you they want A and will download and install B and C for you. How does this work with Ubuntu in particular? Run Synaptic from the System > Administration menu and you’ll see a list of all the software installed and available. It’s initially sorted into sections, so you can browse for software of a particular type. If you know the name of the program you need, type it in the search box. Once you have what you need, select it and press Apply. Synaptic will then download, install and configure the software for you. It will also let you know when there are updates to your program through the Ubuntu Update Manager. What if your program is not in Synaptic? The first step is to check the other repositories. Most distros split packages between various locations, and commercial or otherwise non-free software is often in a separate repo, so you can exclude it. There are also legal issues with distributing certain kinds of software in some countries, and Linux distros are global. So these programs, such as the CSS libraries to read encrypted DVDs, are kept in separate repositories, not in the mainstream distro. Ubuntu has Medibuntu (http://www.medibuntu.org), Mandriva has the Penguin Liberation Front (http://plf.zarb.org), SUSE has Packman (http://packman.links2linux.org) and so on. Check the websites for details of what they include and how to add them to the repository. This is a one-off task, adding a line or two to a file or GUI, after which the extra packages are always available to you. </answer>