tag:blogger.com,1999:blog-13070999162378738212024-02-21T04:03:33.950+05:30Kavinga BlogspotHere I share my day to day working experiences.B G Kavingahttp://www.blogger.com/profile/17702091957735095838noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-1307099916237873821.post-7167059044682501732012-09-03T08:24:00.002+05:302012-09-03T08:26:29.070+05:30CentOS Community Enterprise Operating System<a href="http://2.bp.blogspot.com/-aIbOJFgIo2M/UBwKIbIi_GI/AAAAAAAAEkQ/GWDWEGfGRyY/s1600/centos.gif"><img border="0" src="http://2.bp.blogspot.com/-aIbOJFgIo2M/UBwKIbIi_GI/AAAAAAAAEkQ/GWDWEGfGRyY/s320/centos.gif" /></a><br />
<br />
What is CentOS?<br />
CentOS is an Enterprise Linux distribution based on the <a href="ftp://ftp.redhat.com/pub/redhat/linux/enterprise/">freely available sources from Red Hat Enterprise Linux</a>. Each CentOS version is supported for 10 years (by means of security updates). A new CentOS version is released approximately every 2 years and each CentOS version is periodically updated (roughly every 6 months) to support newer hardware. This results in a secure, low-maintenance, reliable, predictable and reproducible Linux environment. <a href="http://wiki.centos.org/" target="_blank">Read more . . .</a><br />
<br />
<a name='more'></a><br /><br />
Last few years I used most of Linux distributions that freely available. They all have their unique properties that keep them top of each. At last I came to conclusion that what is best for what. Here is the fact . . .<br />
<ul>
<li> For Linux beginners good to start with Ubuntu, Mint</li>
<ul>
<li>Ubuntu is based on Debian Linux and user friendly.</li>
<li>Have special version for servers.</li>
<li>Have large community of users.</li>
<li>Mint is based on Ubuntu, good for beginners comes with pre installed multimedia support and more.</li>
<li>Less secured</li>
</ul>
<li>Intermediates who wants to go ahead, I suggest to use Fedora, Debain</li>
<ul>
<li>Fedora is based on Red hat and use RPM based package management. </li>
<li>Debian is the first Linux distribution, worth to give a try</li>
</ul>
<li>For experts use CentOS Enterprise Linux</li>
<ul>
<li>Enterprise level Linux distribution.</li>
<li>More secured</li>
<li>Difficult to configure</li>
<li>High security with SELinux</li>
<li>High performances</li>
</ul>
</ul>
<div>
At the end if you want real Linux experience (expert) use CentOS. </div>
kavingahttp://www.blogger.com/profile/02958207098601134846noreply@blogger.com0tag:blogger.com,1999:blog-1307099916237873821.post-21764460912393219712012-08-20T19:30:00.004+05:302012-08-20T19:39:04.004+05:30Getting started with SE Linux<h3>
What is SE Linux</h3>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaQy01gEjgBniRYQVHQdFx8g1JCBsGbLRYR6OP4-Te3c7-xOJ9gB8p8R8LYx7S9SvJJwoW4y0PoS0PMBqHvxu8NCdXwVrCXkezrcjZOjHCCyRvcMNh0XUy_9VBtGD8pJ0o73zYhxv8naXq/s1600/RHEL5-SELinux-Benchmark_2_original.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="264" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaQy01gEjgBniRYQVHQdFx8g1JCBsGbLRYR6OP4-Te3c7-xOJ9gB8p8R8LYx7S9SvJJwoW4y0PoS0PMBqHvxu8NCdXwVrCXkezrcjZOjHCCyRvcMNh0XUy_9VBtGD8pJ0o73zYhxv8naXq/s640/RHEL5-SELinux-Benchmark_2_original.png" width="640" /></a></div>
<div>
<br /></div>
<div>
Simply SE Linux is a security layer that lies in between user and Linux kernel.For an example let's say that, you are going to access web site that runs on a SE Linux enabled server. First you need a web browser then you type the URL on the address bar, then it's search the DNS, .... and finally it will find the server ip. Once your request comes to the server it start some process for you with a unique id now you have some kind of connection to the server. From this step onward the server deal with your request. Without SE Linux the process runs on DAC (Discretionary Access Control ) mode. This means the user have the normal Linux file permission. In other words the user (who sent the request) log in as apache (default user for apache server ). This is not too bad because we can restrict user from editing files in server, but in most case it is not possible. Because we to write logs, upload files and many more to write to server, so in typical web server user apache have full permission to server root. What if some one upload a script to your server :-/ . But with SE Linux we can over come these kind of risks. </div>
<div>
In SE Linux your request doesn't go through the server as in normal Linux. First it checks the DAC then it pass the request to MAC (<span style="background-color: white; font-family: sans-serif; font-size: 12.727272033691406px; line-height: 19.09090805053711px;"> M</span>andatory Access Control ) layer. On the MAC layer it creates a context according to predefined policies. Now we have the full control over request (process). </div>
<div>
<a name='more'></a><br /></div>
<div>
<h3>
SELinux Context</h3>
<table border="0" cellpadding="0" cellspacing="0" style="color: black; width: 640px;"><tbody>
<tr><td>SELinux labels all of its subjects and objects with a <strong>context</strong>. SELinux rules may be written that determine which context an object receives at creation. Additionally, rules may be written that determine whichoperations a user may perform on an object given the context of the subject and the context of the object. The RBAC features of SELinux determine which contexts a given subject may acquire.<br />
<br />
The SELinux context consists of four components:<br />
<ul>
<li><strong>SELinux User</strong>: assigned to a Linux user upon login; bounds the user's set of available roles; never changes during a user's session; useful for auditing.</li>
<li><strong>Role</strong>: bounds a set of possible types; determines which role transitions may occur.</li>
<li><strong>Type</strong>: used to perform access check based upon the subject type, object type, object class, and operation being performed; used to write explicit access control rules.</li>
<li><strong>MLS/MCS Level Range</strong>: level consists of a sensitivity and group of categories; used to perform MLS access control checks.</li>
</ul>
The following diagram shows the structure of a typical SELinux context and gives further information about the characteristics of each component.<br />
<br />
<br />
<h3>
<span class="mw-headline" id="Implementations">Implementations</span></h3>
<div>
<ol>
<li><a href="http://en.wikipedia.org/wiki/Red_Hat_Enterprise_Linux" style="background-color: white; background-image: none; color: #0b0080; font-family: sans-serif; font-size: 12.727272033691406px; line-height: 19.09090805053711px; text-decoration: none;" title="Red Hat Enterprise Linux">Red Hat Enterprise Linux</a><span style="background-color: white; font-family: sans-serif; font-size: 12.727272033691406px; line-height: 19.09090805053711px;"> (RHEL) version 4 and all future releases.</span></li>
<li><span style="background-color: white; font-family: sans-serif; font-size: 12.727272033691406px; line-height: 19.09090805053711px;"><span style="font-size: 12.727272033691406px; line-height: 19.09090805053711px;">Corresponding versions of </span><a href="http://en.wikipedia.org/wiki/CentOS" style="background-image: none; color: #0b0080; font-size: 12.727272033691406px; line-height: 19.09090805053711px; text-decoration: none;" title="CentOS">CentOS</a><span style="font-size: 12.727272033691406px; line-height: 19.09090805053711px;"> and </span><a href="http://en.wikipedia.org/wiki/Scientific_Linux" style="background-image: none; color: #0b0080; font-size: 12.727272033691406px; line-height: 19.09090805053711px; text-decoration: none;" title="Scientific Linux">Scientific Linux</a><span style="font-size: 12.727272033691406px; line-height: 19.09090805053711px;">. </span></span></li>
<li><span style="background-color: white;"><span style="font-family: sans-serif;"><span style="font-size: 12.727272033691406px; line-height: 19.09090805053711px;">Also </span></span><span style="font-family: sans-serif; font-size: x-small;"><span style="line-height: 19px;">supports</span></span><span style="font-family: sans-serif;"><span style="font-size: 12.727272033691406px; line-height: 19.09090805053711px;"> to </span></span><a href="http://en.wikipedia.org/wiki/Fedora_(operating_system)" style="background-image: none; color: #0b0080; font-family: sans-serif; font-size: 12.727272033691406px; line-height: 19.09090805053711px; text-decoration: none;" title="Fedora (operating system)">Fedora</a><span style="font-family: sans-serif;"><span style="font-size: 12.727272033691406px; line-height: 19.09090805053711px;">,</span></span></span><span style="background-color: white; font-family: sans-serif; font-size: 12.727272033691406px; line-height: 19.09090805053711px;"> </span><a href="http://en.wikipedia.org/wiki/Debian" style="background-color: white; background-image: none; color: #0b0080; font-family: sans-serif; font-size: 12.727272033691406px; line-height: 19.09090805053711px; text-decoration: none;" title="Debian">Debian</a>,<span style="background-color: white; font-family: sans-serif; font-size: 12.727272033691406px; line-height: 19.09090805053711px;"> </span><a href="http://en.wikipedia.org/wiki/Ubuntu_(operating_system)" style="background-color: white; background-image: none; color: #0b0080; font-family: sans-serif; font-size: 12.727272033691406px; line-height: 19.09090805053711px; text-decoration: none;" title="Ubuntu (operating system)">Ubuntu</a><span style="background-color: white; font-family: sans-serif; font-size: 12.727272033691406px; line-height: 19.09090805053711px;"> </span></li>
</ol>
</div>
</td></tr>
</tbody></table>
</div>
B G Kavingahttp://www.blogger.com/profile/17702091957735095838noreply@blogger.com0tag:blogger.com,1999:blog-1307099916237873821.post-43773769716979857602012-01-21T11:14:00.001+05:302012-01-21T11:16:16.895+05:30X server sharing on ubuntuAs you know X window system eat most system resources in the machine.It's ok with my personal computer, but it deffer when it comes to a enterprise server.So by default any Ubuntu server doesn't come with X server. It's ok with experienced Linux users.But I have to work with other user who have no good knowledge of Linux. So I have to find a way to get X window system in Ubuntu server without using it's own resources.At last I decide to use backup server as a desktop environment for the server.Here how I configure it to server as a X server.<br />
<br />
<a name='more'></a>For security reasons Ubuntu doesn't allow X server sharing.To enable it edit<br />
/etc/gdm/custom.conf and add<br />
<blockquote class="tr_bq">
[security]<br />DisallowTCP=false</blockquote>
<span style="background-color: white;">and restart.Now you have X listening on port 6000.Then you need to disable the </span><br />
X server firewall by<br />
<blockquote class="tr_bq">
/>xhost +</blockquote>
in terminal.By doing this we allow any user to access X server !.For more accurate configurations see xhost manual.Now we are done.Try to access<br />
X serve from other machine(server) by setting<br />
<blockquote class="tr_bq">
export DISPLAY=192.168.1.x:0.0</blockquote>
and start any program that use the X server from server.It will pop on other machine.B G Kavingahttp://www.blogger.com/profile/17702091957735095838noreply@blogger.com0tag:blogger.com,1999:blog-1307099916237873821.post-57927630975339343382011-09-12T17:12:00.018+05:302012-04-08T18:30:01.247+05:30Setup Java Development Kit(JDK) on Ubuntu<div class="container500">
<h2>
Introduction to java</h2>
Java is a programming language originally developed by James Gosling at Sun Microsystems (which has since merged into Oracle Corporation) and released in 1995 as a core component of Sun Microsystems' Java platform. The language derives much of its syntax from C and C++ but has a simpler object model and fewer low-level facilities. Java applications are typically compiled to bytecode (class file) that can run on any Java Virtual Machine (JVM) regardless of computer architecture. Java is a general-purpose, concurrent, class-based, object-oriented language that is specifically designed to have as few implementation dependencies as possible. It is intended to let application developers "write once, run anywhere" (WORA), meaning that code that runs on one platform does not need to be recompiled to run on another. Java is currently one of the most popular programming languages in use, particularly for client-server web applications, with a reported 10 million users.
<br />
<br />
<a name='more'></a><br />
<ol class="process-container"><h2>
Download JDK</h2>
<li>First you need to download JDK Tool kit from <a href="http://www.oracle.com/technetwork/java/javase/downloads/java-se-jdk-7-download-432154.html">Oracle</a>.</li>
<li>Select correct architecture according to your computer.In most cases it automatically detect the architecture. </li>
<li>If you are not sure, you can find the cpu architecture by typing <span class="terminal-code">lscpu</span> in terminal.</li>
<img border="0" height="238" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRjJ6Kwrbmt8SPX762y2ZpR_Fn5QUXgGkIQYNJY69VldY0z8Hpm2HwngOD_45DI86jb-cfPhP1OmswTBH4ZQek0A-SDoyt5871Tec-L7dQe0CyFqTInwNyi5WLp3DMhCH9GNzC_MW19mI7/s320/lscpu.png" width="320" />
<br />
<h2>
Extract JDK</h2>
<li>Once you get the JDK binary file it looks something like this <b>jdk-[version]-linux-[architecture].bin</b></li>
<li>Now open terminal and go to download directory.</li>
<li>Type <span class="terminal-code">chmod +x jdk-[version]-linux-[architecture].bin</span> to enable executions on file.</li>
<li>Now execute the bin file by typing <span class="terminal-code">./jdk-[version]-linux-[architecture].bin</span> in the terminal.You get something like this as output.</li>
<img border="0" height="186" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikaax1LM_vMLt2cAUozdW1AuY8vaWrBc3YJkdX54ZTve3N3STMFWPqvkri8hjqyQygAeGwTP4asb1yuCWpCsa21WSQTl0jtDCQJXoQMBpJijKFL8m7OM6-3VZ5HetpnOLMZCLTQ6zx_du3/s320/install.png" width="320" />
<li>Press enter and you get web page that asking to register the product.Register there by continuing the steps.(optional)</li>
<li>You see it creates folder called <b>jdk[version]</b> in execution path.Now you have the JDK.</li>
<h2>
Configure JDK</h2>
<li>First you have to copy JDK to standard location by typing <span class="terminal-code">sudo mv jdk[version] /usr/local</span> in the terminal.(by default system looks these places for installed softwares)</li>
<li>Now change the path of the terminal to <b>/usr/local</b> by typing <span class="terminal-code">cd /usr/local</span> in the terminal.</li>
<li>Then make jdk folder executable for all by typing <span class="terminal-code">chmod +x jdk[version]</span> in the terminal.</li>
<li>Now you have to setup <b>JAVA_HOME</b> environment variable and add java to system path. </li>
<li>Open the system wide bash configuration file by typing <span class="terminal-code">sudo gedit /etc/bash.bashrc</span> in the terminal.</li>
<li>Go to the bottom of the configuration file and add :<b><br />
JAVA_HOME=/usr/local/jdk[version]<br />
PATH=$PATH:$JAVA_HOME/bin </b></li>
<img border="0" height="125" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhltpQe0-BICCQuCZV_6CGrS7wowj5ovc-7l05juHXf4aT8o4VLKd2qkGp2E676L7H95_lHjjgm-b38cdqNgotQ_mNfqJakRxc4aamaKR5Q0XNsDXE-_VfxAT46K2hWViAzcwF0f6Euh2kr/s320/bash.png" width="320" />
<li>Now save the document and close the editor and terminal.Now you are ready for work.</li>
<li>Open your favorite text editor and try this.</li>
<pre><code>
public class HelloWorld{
public static void main(String args[]){
System.out.println("Hello World");
}
}
</code>
</pre>
<li>Save this in a file named HelloWorld.java and compile by typing <span class="terminal-code">javac HelloWorld.java</span> in the termainl.</li>
<li>Run this by typing <span class="terminal-code">java HelloWorld</span> in the terminal.If everything goes right you can see <b>Hello World</b> in the terminal window.</li>
</ol>
<br /></div>B G Kavingahttp://www.blogger.com/profile/17702091957735095838noreply@blogger.com0