Howto: Fix compiz display white screen when locked issue in Ubuntu Hardy
Are you effected by this bug?
Lets find out first:
1. Login to user 1
2. Use the fast user switcher applet to login to user 2
3. Logout from user 2 session
Result : You get a white screen. You have to type your password and the white screen will disappears.
or
Try this:
1. Login.
2. Open a terminal and do "sleep 15 && zenity --question"
3. Hit Ctrl-Alt-F1 to get to a console.
4. Count to fifteen, slowly.
5. Hit Ctrl-Alt-F7 to get back to you gui session.
Expected result: zenity should have put up a question dialog-box.
Actual result: zenity's dialog-box is white.
If you get the following bug a fix has been released by Mario
Go to System --> Administration --> Software Sources and select the Third-Party Software tab. Click on Add and enter the following line:deb http://ppa.launchpad.net/superm1/ubuntu hardy main
Then click on Add again and enter the following line:deb-src http://ppa.launchpad.net/superm1/ubuntu hardy main
Click on Close, then on Reload. Shortly your software updater will indicate that there are updates available for compiz. Install them, restart your machine, and voila!
For more information on this fix and to follow the bug fix process please see bug 160264
Keep An Eye On Web Pages, Folders and E-Mail With One Application, its call Specto!
Specto is a desktop application that will watch configurable events (such as website updates, emails, file and folder changes, system processes, etc) and then trigger notifications. For example, Specto can watch a website for updates (or a syndication feed, or an image, etc), and notify you when there is activity (otherwise, Specto will just stay out of the way). This changes the way you work, because you can be informed of events instead of having to look out for them.
Specto is simply a must have if you are not really interested in dealing with yet more, ad-filled RSS feeds, but at the same time, would like to be able to keep an eye on certain Web sites or manage a number of e-mail accounts.
Click here to install specto within Gutsy/Hardy Heron or simply search synaptic for specto or open a terminal and issue this command:
sudo apt-get install spectoAccess Specto Via Applications->Accessories->Specto
Specto Homepage
Ubuntu Reference/Cheat Sheet
Here is a nice Cheat Sheet for newer Ubuntu Linux Users, which was originally found here
Dell releases custom Ubuntu 7.04 ISOs with drivers and fixes
Dell has released a custom "remastered" Ubuntu 7.04 installation CD ISO that can be used to install Ubuntu on an Inspiron 1420 or 530. The ISO automatically installs all of the drivers and fixes that are required to make Ubuntu fully functional on those systems. Dell Linux Engineering team has a remastered copy of the Ubuntu 7.04 Live CD available for download. It includes native system hardware support and many of the fixes listed below. The media will help you get the system installed and running with the necessary drivers. The media has been created specifically to resolve issues on the following system: DISCLAIMER: These images are both unofficial Dell recovery media. They are not officially Dell-supported. Do not call Dell Technical support with questions about this image, or software installed by this image, as they will not be able to help you. To get help, please send an email to the Dell linux-desktops mailing list.
Dell laptops with Ubuntu preinstalled currently ship with a regular Ubuntu 7.04 installation CD that can be used to reinstall the operating system from scratch after reformatting. Unfortunately, the default Ubuntu installation does not include the best drivers so dell has a new remastered custom ubuntu cd just for you.
The "remastered" installation ISO could also be used by Inspiron 1420 and 530 owners who didn't buy their laptops with Ubuntu preinstalled, but wish to install it themselves... Dell Remastered Ubuntu 7.04 ISO
Download Dell Ubuntu Image
NOTE: After installation, be sure to update to the latest system software.
NOTE: The CD image has been modified to remove components such as OpenOffice to make room for additional Dell specific drivers and fixes.
Ubuntu VS Fedora on Google Trends
 | ubuntu |  | fedora |
Ubuntu has great leadership and a great community, I hope everyone gets to be a part of it someday.
Ubuntu VS PcLinuxOS on Google Trends
| pclinuxos | | ubuntu |
I really dont see why distrowatch.org is reporting that PCLinuxOS is more popular, id think the worlds top search engine stats should be actively on Distrowatch.org instead of their pathetic rating system, check out these stats!
Tweak Ubuntu Boot Processes & Runlevels
I personally like gui tools but I also tweak my bootable applications via the command line.
Here is what I use:
Command line tools:
rcconf - This tool configures system services in connection with system
This is my favorite cmd-line app
sysv-rc-conf - sysv-rc-conf provides a terminal GUI for managing "/etc/rc{runlevel}.d/"
symlinks. The interface comes in two different flavors, one that simply
allows turning services on or off and another that allows for more fine tuned
management of the symlinks. Unlike most runlevel config programs, you can
edit startup scripts for any runlevel, not just your current one.
runlevels. It turns on/off services using the scripts in
/etc/init.d/. Rcconf works with System-V style runlevel configuration.
It is a TUI(Text User Interface) frontend to the update-rc.d command.
GUI Tools:
bum - Boot-Up Manager is a graphical tool to allow easy configuration
of init services in user and system runlevels, as far as changing
Start/Stop services priority.
This baby kicks ass
services-admin - The standard services administration tool for ubuntu
A small known fact about this application is that you can rightclick on the service and change the run-level's
You can simply grab these tools via sudo apt-get install application-listed-above
Here is a quick explaination on Ubuntu & Linux runlevels that effect applications that boot:
Linux run levels are numbered 0 through 6. Run levels stop at six for practical and historical reasons, but it is entirely possible to have more if desired.
The following table summarizes the User Linux run levels:
* 0 System Halt
* 1 Single user
* 2 Full multi-user mode (Default)
* 3-5 Same as 2
* 6 System Reboot
Special Run Levels
Run level 0 is the system halt condition. Nearly all modern X86 computers will power off automatically when run level 0 is reached. Older X86 computers, and various different architectures will remain powered on and display a message referring to the halt condition.
Run Level 1 is known as ’single user’ mode. A more apt description would be ‘rescue’, or ‘trouble-shooting’ mode. In run level 1, no daemons (services) are started. Hopefully single user mode will allow you to fix whatever made the transition to rescue mode necessary.
(You can boot into single user mode typically by using your boot loader, lilo or grub, to add the word ’single’ to the end of the kernel command line).
Run levels 2 through 5 are full multi-user mode and are the same in a default User Linux (Debian) system. It is a common practice in other Linux distributions to use run level 3 for a text console login and run level 5 for a graphical login.
Run level 6 is used to signal system reboot. This is just like run level 0 except a reboot is issued at the end of the sequence instead of a power off.
In the interests of completeness, there is also a runlevel ‘S’ that the system uses on it’s way to another runlevel. Read the man page for the init command (”For manpage click here”) for more information, but you can safely skip this for all practical purposes.
Run Levels Location
Like everything else in a Linux system, run levels are defined by files in the file system. All the run level files are found in the /etc directory according to the following table:
/etc/rc0.d Run level 0
/etc/rc1.d Run level 1
/etc/rc2.d Run level 2
/etc/rc3.d Run level 3
/etc/rc4.d Run level 4
/etc/rc5.d Run level 5
/etc/rc6.d Run level 6
Each defined run level should have an rcX.d directory where X is the run level number. The contents of the rcX.d directory determines what happens at that run level.
Change run levels in Debian and Ubuntu Linux
Before we change run levels it might help to find out which run level is current. Use the ‘runlevel’ command to tell you two things: The last run level, and the current run level. Here is the command and the output shown together due to the sparsity of the output:
# runlevel N 2
The ‘N’ stands for none, meaning there has been no run level change since powering up.
The init system controls run levels, but then again, the init system pretty much controls everything. The init system will be looked at in detail in a future article.
The primary command used to change run levels is ‘telinit’.
#telinit 3
telinit takes one argument on the command line. As always, see the man page for full details. Normally the argument will be one of: 0,1,2,3,4,5,6, or the letter ‘S’. As you may have guessed, the numbers correspond to the run level you wish to move to. Using the ‘S’, for single-user, is the same as the number 1, but don’t do it; the ‘S’ runlevel is intended for use by the UserLinux (Debian)system.
A note of caution is warranted here. You can easily use the telinit command to reboot (run level 6), or shutdown (run level 0) the system, but it is not recommended. Certain programs need special processing for an orderly shutdown. Bypassing the expected shutdown sequence can have dire effects on your data. Older _Unix_ systems are especially sensitive to shutdown/bootup operations.
The preferred method for a serious runlevel change is ’shutdown’. There are easier mnemonics, but in a running system they all point to the ’shutdown’ command. You can use the ‘halt’, or ‘poweroff’ command to stop a system and the ‘reboot’ command to restart your system. In each case they call the ’shutdown’ command with different parameters.
If you wanted runlevel 3 to be the default, then you need to edit /etc/inittab.
# The default runlevel.
id:2:initdefault:
You’d change the ‘2′ to a ‘3′. Next time you reboot, your system will start in runlevel 3. There will be no display manager running in runlevel 3, because you turned it off. Therefore, runlevel 3 will become text only, and it will be the default. If that’s what you want to do.
Adding a new service
You can only add a new service to the boot sequence if a script in /etc/init.d exists. In that case the following command will install it with default settings (foo being the name of a script in /etc/init.d).
#update-rc.d foo default
Removing a service
A service may only be removed after the script in /etc/init.d as deleted already. If so, the following command will remove its references (foo being the name of a script in /etc/init.d).
#update-rc.d foo remove
If you want to remove a service without removing the start/stop script as well, you may consider using the file-rc package and editing the runlevel configuration file /etc/runlevel.conf. When using the SysV method you should rename the start/stop script, then call update-rc.d and then rename the start/stop script back to its old name.
Some of the content for this article source from here
Heron (Ubuntu 8.04) and The Future
Heron (Ubuntu 8.04), the next version of Ubuntu that will succeed Gutsy Gibbon (Ubuntu 7.10, due for release in October 2007). Not only will the Ubuntu community continue to do what it does best, produce an easy-to-use, reliable, and fun free software platform, but this release will proudly wear the badge of Long Term Support (LTS) and be supported with security updates for five years on the server and three years on the desktop. I am hoping to see Ubuntu in every school in the United States.
We Can all make this possible by sharing our knowledge & compassion to our friends, families, co-workers and the community. The LoCo project is here to help groups of Ubuntu fans and enthusiasts work together in regional teams to help advocate, promote, translate, develop and otherwise improve Ubuntu. Our worldwide network of LoCo teams is providing a strong backbone to our already vast and extensive Ubuntu community. Why not go and see the full list of teams!
Ever since the birth of computers, enthusiasts and fans around the world have collected together in garages, universities and pubs to talk about their interest, learn from each other and help promote their interest. Combine this with the huge popularity of Ubuntu, and you have the Ubuntu LoCo project. So lets continue this history and share what we love, and the benifits we have to offer Ubuntu as well as what Ubuntu has to offer us as a community & world we live in.
I want to JOIN a LoCo team! - To join a LoCo team, take a look at the Joining page and get in touch with the contact of the team you want to join.
I want to START a LoCo team! - To start a team, or contribute to one, read the LoCo Team HOWTO!
Most people only ever see the end-user view of Ubuntu, running it on their desktops, servers and mobile devices around the world. For these users, Ubuntu provides a simple, convenient means to do what they want to do easily, effectively and without unnecessary complexity. For many of us though, we want to open up the hood and understand how the system works and how to extend and grow it. Thousands of us get out of bed every day, united behind Ubuntu, ready to make a difference, working together to make our vision happen.
Read more here
One of the great things about the Ubuntu Community is that you are able to Invent applications and features for the next Ubuntu Release via Ubuntu BluePrints, with the communities knowledge and compassion we are able to make each Ubuntu Release better than ever with more features that are needed most. I strongly recommend Ubuntu BluePrints for the simple fact that just with one Idea may be able to see it in the Main Releases of Ubuntu. Why not share your knowledge compassion and troubles you are having with ideas to improve Ubuntu?
Share your ideas, and let Ubuntu Grow within us and the community here
50 Things You Need to Know About Ubuntu (10-1)
Sorry for this belated post. Here is the final part of TechIQ’s five-part countdown, highlighting 50 trends and takeaways from the Ubuntu Live conference in Portland, Oregon. Some of the items are closely related to earlier portions of the list. Here we go…
50-41: Part One of the List
40-31: Part Two of the List
30-21: Part Three of the List
20-11: Part Four of the List
10. Winning On Alfresco: Roughly 22 percent of Alfresco developer downloads occur to the Ubuntu platform, a dramatic increase from last year, according to Alfresco GM Matt Asay.
9. Don’t Betray Your Audience: One speaker conceded that he was nearly booed off stage during another open source conference. The reason: He used PowerPoint rather than OpenOffice for his presentation.
8. Two Unsung Heroes: Two small PC suppliers, ZaReason and System76, won praise for their early commitment to the Ubuntu movement.
7. Play to Your Strengths: Instead of competing head-on against Microsoft, several speakers suggested that the Ubuntu community needs to continue exploiting niche applications and collaboration to attack market voids left by Microsoft.
6. Printer Drivers: It sounds so basic. But printer drivers are the number one problem university professors seem to complain about when they’re using Ubuntu, according to several speakers.
5. Repeat Performance: Canonical feels pretty confident about its prospects and is already planning next year’s event.
4. Global Focus: Rather than playing regional favorites, Canonical is striving to enhance its localization, training and certification initiatives across the globe. Traditional closed-source software companies simply can’t complete with the global network of developers who are committed to tweaking code for use in hundreds of countries.
3. Novell Is Worse Off Than Expected: Sure, Novell has gained some momentum with corporate customers who embraced the Microsoft-Novell relationship. But imagine if the American Red Cross lost all of its volunteers. That could be the situation facing Novell if it doesn’t take steps to win back open source developers who despise the Microsoft deal. Throughout the event, Novell’s “betrayal” of the open source movement was raised by multiple speakers.
2. Small Business Push: Watch for Canonical to work with at least one major hardware developer to promote an integrated small business server package. The suite will likely be based on the LAMP software stack, The VAR Guy hears. One suggestion: Partner with Zimbra or another open source email provider on this project.
1. The Numbers Don’t Lie: Some nuggets of info worth repeating: Ubuntu now has 6 million to 12 million users and Canonical’s staff has doubled to 100 employees since January. Impressive growth, to be sure... oh if you search google for "linux" Ubuntu is on top! check it out here
Howto: Protect Your Ubuntu Machine by Setting up tripwire
After you have disabled all the unneeded services on your system, what remains is a core set of connections and programs that you want to keep. However, you are not finished yet: You need to clamp down your wireless network, lock your server physically, and put scanning procedures in place (such as Tripwire and promiscuous mode network monitors).
Securing a Wireless Network
Because wireless networking has some unique security issues, those issues deserve a separate discussion here.
Wireless networking, although convenient, can be very insecure by its very nature because transmitted data (even encrypted data) can be received by remote devices. Those devices could be in the same room; in the house, apartment, or building next door; or even several blocks away. Extra care must be used to protect the actual frequency used by your network. Great progress has been made in the past couple of years, but the possibility of a security breech is increased when the attacker is in the area and knows the frequency on which to listen. It should also be noted that the encryption method used by more wireless NICs is weaker than other forms of encryption (such as SSH) and should not be considered as part of your security plan.
TipAlways use OpenSSH-related tools, such as ssh or sftp, to conduct business on your wireless LAN. Passwords are not transmitted as plain text, and your sessions are encrypted.
The better the physical security is around your network, the more secure it will be (this applies to wired networks as well). Keep wireless transmitters (routers, switches, and so on) as close to the center of your building as possible. Note or monitor the range of transmitted signals to determine whether your network is open to mobile network sniffingnow a geek sport known as war driving. (Linux software is available at http://sourceforge.net/project/showfiles.php?group_id=57253.) An occasional walk around your building not only gives you a break from work, but can also give you a chance to notice any people or equipment that should not be in the area.
Keep in mind that it takes only a single rogue wireless access point hooked up to a legitimate network hub to open access to your entire system. These access points can be smaller than a pack of cigarettes, so the only way to spot them is to scan for them with another wireless device.
Passwords and Physical Security
The next step toward better security is to use secure passwords on your network and ensure that users use them as well. For somewhat more physical security, you can force the use of a password with the LILO or GRUB bootloaders, remove bootable devices such as floppy and CD-ROM drives, or configure a network-booting server for Ubuntu. This approach is not well supported or documented at the time of this writing, but you can read about one way to do this in Brieuc Jeunhomme's Network Boot and Exotic Root HOWTO, available at http://www.tldp.org/HOWTO/Network-boot-HOWTO/
Also, keep in mind that some studies show that as much as 90% of network break-ins are by current or former employees. If a person no longer requires access to your network, lock out access or, even better, remove the account immediately. A good security policy also dictates that any data associated with the account first be backed up and retained for a set period of time to ensure against loss of important data. If you are able, remove the terminated employee from the system before he leaves the building.
Finally, be aware of physical security. If a potential attacker can get physical access to your system, getting full access becomes trivial. Keep all servers in a locked room, and ensure that only authorized personnel are given access to clients.
Configuring and Using Tripwire
Tripwire is a security tool that checks the integrity of normal system binaries and reports any changes to syslog or by email. Tripwire is a good tool for ensuring that your binaries have not been replaced by Trojan horse programs. Trojan horses are malicious programs inadvertently installed because of identical filenames to distributed (expected) programs, and they can wreak havoc on a breached system.
Ubuntu does not include the free version of Tripwire, but it can be used to monitor your system. To set up Tripwire for the first time, go to http://www.tripwire.org, and then download and install an open-source version of the software. After installation, run the twinstall.sh script (found under /etc/tripwire) as root like so:
$ sudo /etc/tripwire/twinstall.sh
----------------------------------------------
The Tripwire site and local passphrases are used to
sign a variety of files, such as the configuration,
policy, and database files.
Passphrases should be at least 8 characters in length
and contain both letters and numbers.
See the Tripwire manual for more information.
----------------------------------------------
Creating key files...
(When selecting a passphrase, keep in mind that good passphrases typically
have upper and lower case letters, digits and punctuation marks, and are
at least 8 characters in length.)
Enter the site keyfile passphrase:
You then need to enter a password of at least eight characters (perhaps best is a string of random madness, such as 5fXkc4ln) at least twice. The script generates keys for your site (host) and then asks you to enter a password (twice) for local use. You are then asked to enter the new site password. After following the prompts, the (rather extensive) default configuration and policy files (tw.cfg and tw.pol) are encrypted. You should then back up and delete the original plain-text files installed by Ubuntu.
To then initialize Tripwire, use its --init option like so:$ sudo tripwire --init
Please enter your local passphrase:
Parsing policy file: /etc/tripwire/tw.pol
Generating the database...
*** Processing Unix File System ***
....
Wrote database file: /var/lib/tripwire/shuttle2.twd
The database was successfully generated.
Note that not all the output is shown here. After Tripwire has created its database (which is a snapshot of your file system), it uses this baseline along with the encrypted configuration and policy settings under the /etc/tripwire directory to monitor the status of your system. You should then start Tripwire in its integrity checking mode, using a desired option. (See the TRipwire manual page for details.) For example, you can have Tripwire check your system and then generate a report at the command line, like so:
# tripwire -m c
No output is shown here, but a report is displayed in this example. The output could be redirected to a file, but a report is saved as /var/lib/tripwire/report/hostname-YYYYMMDD-HHMMSS.twr (in other words, using your host's name, the year, the month, the day, the hour, the minute, and the seconds). This report can be read using the twprint utility, like so:
# twprint --print-report -r \
/var/lib/tripwire/report/shuttle2-20020919-181049.twr | less
Other options, such as emailing the report, are supported by Tripwire, which should be run as a scheduled task by your system's scheduling table, /etc/crontab, on off-hours. (It can be resource intensive on less powerful computers.) The Tripwire software package also includes a twadmin utility you can use to fine-tune or change settings or policies or to perform other administrative duties.
Devices
Do not ever advertise that you have set a NIC to promiscuous mode. Promiscuous mode (which can be set on an interface by using ifconfig's promisc option) is good for monitoring traffic across the network and can often allow you to monitor the actions of someone who might have broken into your network. The tcpdump command also sets a designated interface to promiscuous mode while the program runs; unfortunately, the ifconfig command does not report this fact while tcpdump is running!
Do not forget to use the right tool for the right job. Although a network bridge can be used to connect your network to the Internet, it would not be a good option. Bridges have almost become obsolete because they forward any packet that comes their way, which is not good when a bridge is connected to the Internet. A router enables you to filter which packets are relayed.
Assessing Your Vulnerability
It is a common mistake for people to assume that switching on a firewall makes them safe. This is not the case and, in fact, has never been the case. Each system has distinct security needs, and taking the time to customize its security layout will give you maximum security and the best performance.
The following list summarizes the most common mistakes:
- Installing every package Do you plan to use the machine as a DNS server? If not, why have BIND installed? Go through Synaptic and ensure that you have only the software you need.
- Enabling unused services Do you want to administer the machine remotely? Do you want people to
- upload files? If not, turn off SSH and FTP because they just add needless attack vectors. This goes for many other services.
- Disabling the local firewall on the grounds that you already have a firewall at the perimeter In security, depth is crucial: The more layers someone has to hack through, the higher the likelihood she will give up or get caught.
- Letting your machine give out more information than it needs to Many machines are configured to give out software names and version numbers by default, which is just giving hackers a helping hand.
- Placing your server in an unlocked room If so, you might as well just turn it off now and save the worry. The exception to this is if all the employees at your company are happy and trustworthy. But why take the risk?
- Plugging your machine into a wireless network Unless you need wireless, avoid it, particularly if your machine is a server. Never plug a server into a wireless network because it is just too fraught with security problems.
Understanding Computer Attacks on Ubuntu
Understanding Computer Attacks
There are many ways in which computer attacks can be divided, but perhaps the easiest is internal, which are computer attacks done by someone with access to a computer on the local network, and external, which are attacks by someone with access to a computer through the Internet. This might sound like a trivial separation to make, but it is actually important: Unless you routinely hire talented computer hackers or allow visitors to plug computers into your network, the worst internal attack you are likely encounter is from a disgruntled employee.
Hacker Versus Cracker
In earlier days, there was a distinction made between the words hacker and cracker. A hacker was someone who used technology to innovate in new or unusual ways, whereas a cracker was someone who used technology to attack another's computers and cause harm.
This distinction was lost on the general public, so the term hacker has now come to mean the same as cracker.
Although you should never ignore the internal threat, you should arguably be more concerned with the outside world. The big bad Internet is a security vortex. Machines connected directly to the outside world can be attacked by people across the world, and invariably are, even only a few minutes after having been connected.
This situation is not a result of malicious users lying in wait for your IP address to do something interesting. Instead, canny virus writers have created worms that exploit a vulnerability, take control of a machine, and then spread it to other machines around them. As a result, most attacks today are the result of these autohacking tools; there are only a handful of true hackers around, and, to be frank, if one of these ever actually targets you seriously, it will take a mammoth effort to repel him regardless of which operating system you run.
Autohacking scripts also come in another flavor: prewritten code that exploits a vulnerability and gives its users special privileges on the hacked machine. These scripts are rarely used by their creators; instead, they are posted online and downloaded by wannabe hackers, who then use them to attack vulnerable machines.
So, the external category is itself made up of worms, serious day job hackers, and wannabe hackers (usually called script kiddies). Combined they will assault your Internetfacing servers, and it is your job to make sure your boxes stay up, happily ignoring the firefight around them.
On the internal front, things are somewhat more difficult. Users who sit inside your firewall are already past your primary source of defense and, worse, they might even have physical access to your machines.
Regardless of the source of the attack, there is a five-step checklist you can follow to secure your box:
1. Assess your vulnerability. Decide which machines can be attacked, which services they are running, and who has access to them.
2. Configure the server for maximum security. Only install what you need, only run what you must, and configure a local firewall.
3. Secure physical access to the server.
4. Create worst-case-scenario policies.
5. Keep up-to-date with security news.
