2010-06-30

Ubuntu 10.04 on mac.vmware

xud (uniX # Ubuntu # Desktop)
-- in my mac.vmware

web.addn/xuw/linux and mac sharing data drive:

6.1: summary:
. for both mac and linux to have
both read and write access to a data drive,
what is a safer format than fat32 ?
. safety means a journaled format
like mac's HFS+ Journaled,
or the linux ext3 .
. mac doesn't have stable write-access to ext3 .

. ext2, despite its lack of journaling
is still recommended for devices with
a short life: bootable USB flash drives,
and other solid-state drives.
. linux can't write to a journaled mac drive .

Mounting ext3 in Snow Leopard? 2009.9
. to mount ext3 as rw in mac OS X Snow Leopard:
make sure you have MacFUSE
. extend Mac OS X's native file handling capabilities
via 3rd-party file systems.
It is used as a software building block by dozens of products.
As a user, installing the MacFUSE software package
will let you use any 3rd-party file system
written atop MacFUSE.
As a developer,
you can use the MacFUSE SDK to write numerous types of
new file systems as regular user-mode programs.
The content of these file systems
can come from anywhere:
from the local disk, from across the network,
from memory, or any other combination of sources.
Writing a file system using MacFUSE
is orders of magnitude easier and quicker
than the traditional approach of writing
in-kernel file systems.
Since MacFUSE file systems are regular applications
(as opposed to kernel extensions),
the dev's have just as much flexibility and choice in
programming tools, debuggers, and libraries
as with standard Mac OS X applications.
In more technical terms,
MacFUSE implements a mechanism that makes it possible to implement
a fully functional file system in a user-space program
on Mac OS X (10.4 and above).
It provides multiple APIs, one of which is a superset
of the FUSE (File-system in USEr space) API
that originated on Linux.
Therefore, many existing FUSE file systems
become readily usable on Mac OS X.
The MacFUSE software consists of a kernel extension
and various user-space libraries and tools.
It comes with C-based and Objective-C based SDKs.

Download fuse-ext2
Fuse-ext2 is a multi OS FUSE module
to mount ext2 and ext3
file system devices and/or images
with read write support

. if getting linux to format,
look out for the partition is not an ext3
but a Linux_LVM partition.

Install both of those and run a few commands in terminal:
$ disktool -l ## find nameOFdisk (used below)
$ sudo mkdir /Volumes/HD ## create a mount point
$ cd /usr/local/bin/ ## the fuse-ext2 folder:
$ sudo ./fuse-ext2 /dev/nameOFdisk /Volumes/HD/ -o force ## the fuse command

a login script example:
$ umount /dev/disk0s6 ## unmount what login automounted
$ mkdir /Volumes/Ubuntu ## login scripts are run as root
$ /usr/local/bin/fuse-ext2 /dev/disk0s6 /Volumes/Ubuntu -o volname=Ubuntu,force

Heres some useful information if you dont understand my syntax:
$ fuse-ext2 [-o option[,...]]
options:
ro : mount read only
force: mount read/write
allow_others: allow other users to access
debug: noisy debug output

Right now when I load os x
ext3 shows up automatically as read only.
automate this by Creating a login hook:
made it work.

sudo defaults write com.apple.loginwindow LoginHook /path/to/script
. This modifies the file:
/var/root/Library/Preferences/com.apple.loginwindow
. Type your password at the prompt, then press Return.
another way:
Finder`menu/go/Go to Folder ( /etc/ )
In the resulting window,
Open as text ( /etc/ttys ):
find this line:
#console "/System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow" vt100 on secure window=/System/Library/CoreServices/WindowServer onoption="/usr/libexec/getty std.9600"
Edit this line like so (and with /path/to/script naming your script)
#console "/System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow -LoginHook /path/to/script" vt100 on secure window=/System/Library/CoreServices/WindowServer onoption="/usr/libexec/getty std.9600"

## caveat: (from bitter experience)
scripting will work fine while you have
only one (boot) disk,
and after you've finished messing about
adding/subtracting disks from your system.
Disk arbitration probes asynchronously,
resulting in 'n' for 'disknsm'
being somewhat arbitrary.
Second:
> mount_fusefs: failed to mount /Volumes/HDA@/dev/fuse1:
> Socket is not connected
and I believe it is caused by a socket timeout.
The journaling system is different for ext3 and hfs+,
thus each time a disk is remounted on the 'other' OS,
the journal is rebuilt. Or
maybe something else is happening?
An awful lot of disk thrashing can be heard
for up to two minutes
before mount fails.
Manual mount after that time is almost instant.
. ext4 works too .

a Linux file system for Mac/PC drive sharing
Feb 23, '04 09:39:00AM ' Contributed by: Anonymous
I am constantly reading about people trying to move large files
between NTFS and HFS+ partitions.
I know that NTFS has Read Only support in 10.3, but there is a better solution...
The Mac OS X Ext2 Filesystem project
has a great driver for OS X that provides full ext3 Read/Write support for OS X.
web.addn/xuw/linux and mac sharing data drive/
vmware fusion ubuntu can access ext3 disk:

6.1: kwanghui on Jan 29, '10 01:13:21PM
(and at
superuser.com)
I find the easiest and most reliable way to access
linux ext3 partitions on my mac
is to run Ubuntu in a vmware virtual machine on the mac.
Once running you can connect Ubuntu to the ext3 drive via usb,
and this way you can get complete reliability
reading and writing to ext3 file systems.
It's fast because the disk is directly connected to the mac,
unlike on a network.
And you can use it to copy files very quickly
to/from the mac host
by using shared directories or any number of other ways.
asking fusion support specifically about fusion's support for ext3

6.7: Nov 16, 2008 9:20 PM
. you cannot use Fusion's VMDKMounter to mount
an ext3/LVM .vmdk virtual disk;
and, any other solution -- if it exists --
has nothing to do with Fusion.
So in the context of using Fusion's VMDKMounter
to mount an ext3/LVM virtual disk
it is not doable, as it is with a Windows NTFS or
FAT32 formated .vmdk virtual hard disk .
. In theory all you have to do is
find a MacFUSE filesystem plugin that handles ext3.
There's an experimental one,
but I don't think it's stable .
if you had vmware workstation for pc ...
. add USB controller to the VM
and plug in the external drive after the VM starts to boot;
or,
add it as a physical disk to the VM
(thats the advanced option in the add disk wizard) .
6.6: mis.addn/mac.vmware/no gateway to foreign fs:

. I was thinking that a linux vmware
might hook me up to a linux disk;
but, of course,
the vmware only sees what the host sees!

Fuse-ext2 requires at least Fuse version 2.6.0
- Mac OS: Mac Fuse
there are no known bugs for read-only mode,
though, do not mount your filesystems with write support
unless you do not have anything to loose.
please send output
the output of below command while reporting bugs.
$ /usr/local/bin/fuse-ext2 -v /dev/path /mnt/point -o debug
Usage: fuse-ext2 [-o option[,...]]
--. what you can do with readonly?
works well with a version control merge !
. there's some instructions in the download
that are not familiar ways to install .
. has a package as if mac install happens,
but the readme has a bsd script to run .
6.8: co.net/macosxhints.com/Mount Ext2/Ext3 Linux volumes in the Finder:

my reply to [kwanghui Jan 29, '10]:

[paraphrased] Nov 16, 2008 9:20 PM
http://communities.vmware.com/message/1100381#1100381
. you cannot use Fusion's VMDKMounter to mount
an ext3/LVM .vmdk virtual disk;
and, any other solution -- if it exists --
has nothing to do with Fusion.
So in the context of using Fusion's VMDKMounter
to mount an ext3/LVM virtual disk
it is not doable, as it is with a Windows NTFS or
FAT32 formated .vmdk virtual hard disk .
. In theory all you have to do is
find a MacFUSE filesystem plugin that handles ext3.
There's an experimental one,
but I don't think it's stable .

if you had vmware workstation for pc ...
. add USB controller to the VM
and plug in the external drive after the VM starts to boot;
or,
add it as a physical disk to the VM
(thats the advanced option in the add disk wizard) .

Mounting ext3 in Snow Leopard? 2009.9
[recent problems]

Fuse-ext2 2010.06/readme.rtf/Bugs
Fuse-ext2 is a EXT2 Filesystem support for FUSE.
. there are no known bugs for read-only mode.
although, write support is available (and it is pretty stable)
please do not mount your filesystems with write support
unless you do not have anything to lose.
6.3: proj.addn/mac.vmware.xuw/make a lubuntu vmware:
. says I should add vmware tools,
only after I turned it off;
but, when off, it has the menu offer dimmed .
. if I ignore its advice,
and ask for the vmware tools while its running,
then it does attach a virtual cd drive
containing the tools, along with
a script for installing them
(this is the routine needed for debian too;
only ubuntu and windows get auto-installers) .
. installing the tools is not a high priority
anyway:
if lubuntu is like the previous ubuntu variant,
it works well without the tools,
except for pasteboard sharing with host .
. lubuntu is a significantly lighter:
at 2.8gb, it's half of what other ubuntu's take up .
-- still nothing close to pup's 0.6gb!
. using synaptic pkg mgt to see what's inside:
(show all, sort by [is selected])
-- the selected-checkmark shows what's already installed .

6.16: proj.addn/xud/cross-platform drive:
. used vmware.ubuntu.gparted to
reformat the 80gb drive to fat .
(6.20: I had not been able to see the entire drive
from mac's drive utility).
. fat32 should be safe for transfers and backups:
if something messes up,
just repeat the copy .
. it would format an ext4 drive
but wouldn't let me write to it
-- consistent with prior readings on the subject:
vmware depends on the host's drivers .

6.16: proj.addn/xud/vmware tools install:
. vmware v3 can install vmware tools in ubuntu 10.04
or you can skip v3 and use this script ...
all defaults work .
. the only part I left out is:
sudo apt-get update && apt-get upgrade
but I did that yesterday .
--. even without vware-tools,
things are nicely sharing by
trading access to usb drives .

mis.addn/xud/vmtools buggy without update:
. xud keeps rebooting with err mounting /mnt/hgfs;
this time I try manual recover
and it gives me a root shell .
. all these problems are echoed by dmoonc:
"( Ubuntu continued to complain at startup
that it had failed to mount hgfs.
It continued to request user permission
to skip mounting hgfs.
But once the boot completed
/mnt/hgfs was mounted with correct permissions.
To prevent Ubuntu complaining of failure
to mount hgfs,
I added a nobootwait option to its entry
to tell mountall(8)
not to hold up the boot for this filesystem.).
. the cut&paste across windows does work,
so not sure why shared folders wouldn't .
. shared folders are at /mnt/hgfs
yes!
. but! trying to access anything in hgfs
results in a system freeze .

mac news

[6.30:
. log dump of noteworthy mac news,
and some issues (bright screen,
searching mysterious, vmware projects); ]

6.1:

news.addn/mac/mainstream -- or fatter than microsoft:
It's Official: Apple Is Now Worth More Than Microsoft (AAPL, MSFT)
MacUser Group Members
date Fri, May 28, 2010 at 10:24 AM
subject From Tiago Rosado and other MacUser group members on LinkedIn

6.3:

mis.addn/mac.finder/not searching:
. finder isn't finding anything?
forum suggests using the magnifying glass on the menu bar,
(spotlight); but even that wasn't much help
until I had some distinctive codes to give it:
magnesium was just confusion,
but aq.cook bac
-- that found every file was looking for!

proj.addn/mac.vmware.xuw/make a lubuntu vmware,
[@] addn/xud


proj.addn/mac.transmission/cln torrent:
. find pup'linux dpc: 0? delete from torrent client
(it appears to be doing nothing but clutter),


6.6: mis.addn/mac.vmware/no gateway to foreign fs,
[@] addn/xud


6.6:

proj.addn/mac/zip encrypted:
. I installed the unarchiver,
the default unzipper will not respond correctly to
encrypted zip's;
but with the unarchiver I have added
opening with that will
ask for a needed password
and use it to open the file .
. not sure how to set passwords from mac,
but I did it through mac.vmware.vista.7zip .

6.8:

news.addn/mac/Port Colinux to OSX (Leopard 10.5):
for Intel only CPUs
http://colinux.wikia.com/wiki/OSXPort

bk.addn/mac/security:
http://cupofsecurity.blogspot.com/


6.9:

sci.addn/mac.chrome.sidewiki/activation illusive:
. how does sidewiki get activated?
go to sidwiki help,
press a [add your entry].button;
and they ask you to sign in,
now its a separate window .
http://www.google.com/support/toolbar/bin/answer.py?answer=9230&src=top5&lev=answer
. finally got it to work:
once you have a page where you want to see it,
there's a [>>].button on the upper-right.corner
that has a menu that includes a sidewiki activator
for the current page;
if you had some text selected,
it will have your comment attempt started for you .


6.15:

proj.addn/mac.vmware.xu/special drive access:
. what can vmware.xu10 do in the way of
formatting drives?

proj.addn/mac.vmware.xu10gnome/creation:
. now xu10gnome has display name fv
for the what the pass is!
it has access to exo and obj, 1.5gb ram 20gb hd .

proj.addn/mac.vmware.xu10gnome.gnome partition editor/install

pos.addn/mac.vmware.xud (desktop xu):
. the latest version of mainstream xu
that is used on the mac desktop via vmware
will be called xud (unix#ubuntu#desktop) .



mis.addn/mac.xud/fix resolution and screensaver:
. don't lock screen on screensaver .
. why is there a pink box covering the menu's
and is labeled "(unknown) ?
needed to close the monitor sizing dialog .


proj.addn/mac.xud/no firewire:
. look at drive after restart:
restart complained about mount failed
-- vmwares don't handle firewire .

6.16:

mis.addn/mac.vmware/rollbacks vs revert confusion:
. the rollbacks are confusing,
the only thing that looks like an actual
[revert to snapshot] that I recognize as my snapshot,
is to go into menu/virtual machine/snapshots
to see a list of named snap shots, and choose from them .
. the diff was explained here .
http://arstechnica.com/civis/viewtopic.php?f=19&t=96380



mis.addn/dev.ada/mac os x and ADA:
2010 ADA devs discuss state of Mac OS X
http://arstechnica.com/apple/news/2010/06/premier-chat-ars-design-award-winners.ars
ADA = Ars Design Awards .



6.19:

news.addn/mac/laptops need the warranty:
. the psychocats.net blog?
http://www.psychocats.net/ubuntucat/
. the apple laptops need the warranty (well, maybe not)
http://www.psychocats.net/ubuntucat/the-macbook-pro-dead-video-card-saga/

6.21:

mis.addn/mac/sd card locked and finder frozen:
. action strange during mac up:
hitting inputs doesn't wake it .
. now some thing is grabbing the sd card:
can't eject nor access it with finder:
had to force -quit finder .
. checked the card in admin acct;
finder is hacked again? hard reset .

mis.addn/mac.firefox/updates:
. firefox chimed in during update
that I didn't have permission to install (firefox)
but I could go to website for firefox .


6.22:

todo.addn/mac/medical device:
. make a joke about how mac can be used as a
medical device for curing winter depression
by acting like a giant sunlamp:
go into ... and change ... to ...
for a much brighter screen .


mis.addn/mac/sudden loss of screen:
. I was just typing my editor
when the screen when frosty grey black .
. removing all usb devices
and adding a new kybd did nothing;
. it was almost too hot to keep my hand on it;
but my laptop has been like that since 2005!;
and, I could hear the drive still whirring;
so, I did a hard reset, and everything was fine .
.

Ubuntu 10.04 on Fujitsu p1510d

[6.30:
. this is just a dump of a huge log
to show the shear size
of issues I dealt with
while tossing xp to save my laptop .
. xuw = uniX#Ubuntu on Walkable .
-- atleast for the drivers they had for
this Fujitsu p1510d,
the stability was a daily catastrophe .
. when it's not eating your work,
Ubuntu 10.04 is a lot of fun .]


6.1:

mis.addn/xuw/linux links from sd (fat-formatted) card:
. I thought they would work as needed,
but of course the default link-maker
is not making links across volumes?
[.. no, the problem not linking from a fat-formatted volume .]
127:
/media/CF977MB/BAK
/media/SD2GB/pim/2010

To make a soft symbolic link :
ln -s /original/file /new/link
ln -s /media/CF977MB/BAK /media/SD2GB/pim/2010/Bak2CF

addn@xuw:~$ ln -s /media/CF977MB/BAK /media/SD2GB/pim/2010/Bak2CF
ln: creating symbolic link
`/media/SD2GB/pim/2010/Bak2CF':
Operation not permitted

no?
cli rules:
http://manpages.ubuntu.com/manpages/lucid/man7/symlink.7.html
api rules:
http://manpages.ubuntu.com/manpages/lucid/en/man2/symlink.2.html
ln rules:
http://manpages.ubuntu.com/manpages/lucid/en/man1/ln.1.html

236: web search by error results,

You can't do symbolic links in FAT or NTFS.
http://forum.soft32.com/linux2/RH8-Creating-symbolic-link-Operation-permitted-ftopict46279.html


http://forums.rokulabs.com/viewtopic.php?f=2&t=5431&sid=b999b980470c833ee17c95e89defa3ea
ln -s ./bpf/net/bpf_filter.c bpf_filter.c
ln: bpf_filter.c: Operation not permitted
OK now I've learned something. I cannot set up
symbolic links if I'm in a directory on my smb share.
I can do it from within the local filesystem
on the ROKU to anywhere EXCEPT
a file on the SMB mounted filesystem.


http://www.virtualbox.org/ticket/818
Soft links are important on Linux system.
Using (/etc/fstab)
altera /opt/altera vboxsf defaults 0 0
I get the following error:
cd /opt/altera/install/
ln -s ../tars/90_quartus_linux.tar
. ln: creating symbolic link `./90_quartus_linux.tar':
Operation not permitted
vBox: 3.0.2 r49928 (linux 64 bits)
host: Linux rdt02 2.6.28-13-generic #45-Ubuntu SMP
Guest: Linux vdtf21 2.6.29.6-213.fc11.i686.PAE #1 SMP

Running VirtualBox 3.0.6 with guest Ubuntu 9.04 64-bit
on a Mac OS X 10.6.1 Snow Leopard host:

strace ln -s foo bar
Gives the following (edited to remove irrelavent stuff):

stat("bar", 0x7fffa0fdb250) = -1 ENOENT (No such file or directory)
symlink("foo", "bar") = -1 EPERM (Operation not permitted)
...
write(2, "ln: "..., 4) = 4
write(2, "creating symbolic link `bar'"..., 28) = 28
write(2, ": Operation not permitted"..., 25) = 25
write(2, "\n"..., 1) = 1
In the meantime, running dtrace -p
on the appropriate VirtualBoxVM process on the Mac side
shows no trace of the symlink call
being attempted against the host filesystem.
Presumably, it's just not implemented.

Next step is to look at the sources ...

2009-09-22 23:00:15 changed by jwhitley
Frank's note implied this,
but let's just be perfectly clear:
symbolic link support is not yet implemented in the vboxsf filesystem.
For folks who want to check out the current state
of the guest additions linux module,
have a look at the files
at following path in the VirtualBox source tree:
src/VBox/Additions/linux/sharedfolders/

Specifically, dirops.c should define
the symlink, readlink, and follow_link members
of struct inode_operations (see bottom of that file,
and linux/fs.h in the kernel headers).
I started looking at this the other day,
and have cloned the public SVN repo to github at:
git://github.com/jwhitley/VirtualBox.git .

2009-09-23 22:28:15 changed by frank
There is no other documentation than the source code
for the shared folders service
All shared folders operations will be forwarded
to the host where they will be handled in
src/VBox/HostServices/SharedFolders/service.cpp,
see the function svcCall().
The corresponding handlers are implemented
in vbsf.cpp in the same directory.


http://www.handhelds.org/hypermail/familiar/277/27720.html
root_at_h3900:/usr/X11R6/lib# ln -s
/usr/X11R6/lib/libXm.so.2.1
/media/cf/usr/j2re1.3.1/lib/armv4l/libXm.so
ln: /media/cf/usr/j2re1.3.1/lib/armv4l/libXm.so:
Operation not permitted

330:
I forgot my primary db is on a fat32 sd card
not the main hard disk .







6.1:


mis.addn/xuw.xfce4/lost folder after wake from hibernation:
1205:
last night I hibernated xfce and on a wa
awake the file manager's side bar
was missing links to my sd card's folders
. then I find a possible reason:
the targets of those links
no long exist!
1240:
but the chrome browser does see it:
earlier, the editor too was saying
the file didn't exist .
it's been very busy while I was away ,
maybe recovering from known mistakes?



sci.addn/xuw/openstep`desktop"(window maker):
. wow, what a mess .
. it should come with a welcome:
"(we're not really so diff'nt ...);
instead,
it has a help app that maxed my fan
-- and still didn't show anything! --
for "(tutorial window maker)
. it also max'd my lcd brightness;
and with no solution in sight,
I had to leave .

mis.addn/xuw.komodo/gui acting funny:
. tapping on editor's [recent files].list
didn't respond to what I thought was a double;
but a triple did work?
last time it did say file didn't exist .





6.1:


bk.addn/xuw/Linux newbe tips:

http://www.zdnet.com/blog/btl/10-mistakes-linux-newbies-make/34444?tag=footer
http://blogs.techrepublic.com.com/10things/?p=455

confirms a worry I had:
. mixing Ubuntu package management system
with script-installed indep' packages
(like komodo) .
. package management can't keep track of
things it wasn't told about
So what happens when package A (that you installed from source)
depends upon package B (that was installed from a .deb binary)
and package B is upgraded from the update manager?
Package A might still work or it might not.
But if both package A and B are installed from .debs,
the chances of them both working are far higher.
Also, updating packages is much easier when
all packages are from the same binary type. [??]
todo:
. so high priority is find another editor soon,
or study how to .deb-wrap your package .
. if that fails, know when you get updates,
and reinstall all indep's at that time .

I always back up /etc/X11/xorg.conf
in case the upgrade goes bad.
Sure, an X update tries to back up xorg.conf,
but it does so within the /etc/X11 directory.
I always back up xorg.conf to the /root directory
so I know only the root user can even access it.
This applies to other critical backups,
such as Samba, Apache, and MySQL, too.

your kernel update process
doesn't delete previous kernels.
every kernel upgrade fills up more memory .

stay with principle of least priv's:
. What often happens is that a new user
sees an error saying
they do not have permission to use a file,
so they hit the file with something akin to
chmod 777 filename
to avoid all possible permission problems .
. all same-digit combo's give a certain permission set
to all users (root, group, and other):
777 gives rwx
666 gives rw
555 gives rx
444 gives r
333 gives wx
222 gives w
111 gives x
000 gives no privileges to any users .

/var/log
is a single location for all log files.
This makes it simple to remember where you first need to look
when there is a problem.
Possible security issue? Check /var/log/secure.
/var/log/messages
where all generic errors,
networking, media changes, etc.
. admin can always use a third-party application
such as logwatch
that can create various reports for you
based on your /var/log files.

http://www.linux-mag.com/id/7789
Log rotation is highly configurable but most of us lazy administrators
just leave everything as is, where is.
As for the where part,
the /etc/logrotate.conf,
like other configuration files,
resides in the /etc directory.
I found the ubuntu
menu/system/log file viewer,


tools
http://blogs.techrepublic.com.com/10things/?p=452
Top is a real-time reporting system,
so as a process changes,
it will immediately be reflected in the terminal window.
Top does have some helpful arguments (such as the -p argument,
which will have top monitor only user-specified PIDs),
but running default,
top will give you all the information you need
on running tasks.



6.2: mis.addn/xuw/freeze needs hard reset:
while I was editing the above file,
[@] web.addn/dev.net/gae for linux?
the freeze happened;
it didn't respond to unplugging usb's and wifi .
nor various salutes (what where those
cntr-alt-backspace things for in ubuntu?)
. getting back in, komodo.editor asked
if it could restore from backup
but for the first time (but new version of editor too)
this editor told me the backup access
resulted in a media error .
. the only other (known) program running was chrome .


6.2:

proj.addn/xuw/downloads:
. download komposer,
view komp* finds in sw center .

mis.addn/xuw/bak:
. bugged (overworked by sw center's downloading?) .

proj.addn/xuw/modular desktops:
lubuntu:
. it will read pim
but won't click into it?
there's a [gnome/openbox] ? try that
(lubuntu is apparently a sort of [xfce/openbox] ).



news.addn/xuw.leafpad: (betaware) gnome editor, simpler than gedit,

sci.addn/xuw.abiword:
. being like ms`word, it does have a web editor mode;
I find it annoying that its default is not web mode .
. it's unable to open yester's log?
my usual editor komodo can still open it .
no unicode:
. after pulled out all the non-ascii char's
it did fine .


proj.addn/xuw.komodo/pref's:
. internationalization:
don't use the enviro's utf-8,
use ascii .






6.2:


sci.addn/xuw.menubar editor:
. the corner of my menu bar
is where I usually find a log-out menu
and a menu with my user name on it .
. now -- in gnome/openbox --
I find there's no log-out menu
and 2 menu's with my user name on it .
-- before this, there was recently a problem with
the menu bar's icon of battery and sound:
it was like one picture of that icon pair
was inserted in the middle of a copy of the same .
. the 2 menu's are differing however:
one is my online status,
while the other one is how I edit my menubar:
now it's busy with icon's for my text editor,
switch users, reboot or hibernate,
screen brightness,
cpu speed, rolling system monitor,
dictionary,
weather -- not available for this location
parcellite -- whoa, have I been missing this!
. it's a list of all cut&pastes,
so if you suspect data was lost from the
accidental cut&cut -- forgetting to paste
there's your log! it shows a list of your cuts' first line,
select a line to move that cut into the clipboard
(the contents of which determine what gets returned by a paste);
it also lets you edit the clipboard
. looking through app's (wondering
where I get the menubar editor
after having removed it from the menubar)
I found a taskmgt that was showing my percentage of cpu usage
but it wasn't in sync with the menubar's indicator?
that menu bar applet is called the
cpu frequency scaling monitor:
it changes the speed limit
or limit mode of your cpu:
it was set at on-demand,
so when cpu was use a lot,
the speed limit would be elevated
which would then show the %usage as
not changing much .
. I'm trying it capped at 600mhz;
it can go as high as 1.2 ghz .
. some of the original things in the menu bar
can be removed but they can't be moved?
that's because they are set at [lock to panel]?
no, they are must stay to the right of
optional things,
as if the menubar was divided into
user and system spaces .
I could try replacing them with similar options,
but I noticed the time&date addition
wasn't in 24-mode .


6.2: mis.addn/xuw.hg/new msg about a lock contention
. waiting for lock on repository /media/SD2GB_/pim held by 'xuw:1420'


news.addn/xuw.computer janitor:
. [computer janitor] helps you find and remove
software packages you might not need anymore.
It also suggests configuration changes
that might benefit you .

sci.addn/xuw.menubar.cpu`status:
I'm moving the cpu limit to performance
(apparently an alias for top speed)
because I'm getting too many waits .


sci.addn/xuw.menubar/openbox`config:
. provides the desktop themes and window param's
familiar to xp users .


mis.addn/xuw/hiberate seems endless:
. this thing is taking so long to hibernate,
I'm wondering if a virus is uploading my entire drive?
turn off wifi to see if that changes things .
. no? try suspending instead of hibernating: ok .
todo: [done]
maybe it needs a defrag? no;
does linux do that auto? yes .



6.7:


web.addn/xuw/defrag -- no need but ...:

http://ubuntuforums.org/showthread.php?t=169551

If you are curious about fragmentation
run fsck, or this:
/usr/sbin/defrag [-h] [-n passes] [--passes n] [-t threshold]
[--threshold n] [-a] [--analyze] [--help] path
When invoked, defrag will analyze the given path
recursively for file fragmentation
and print out a summary of its findings.
Next, it will ask you if you'd like to
run any defragmentation passes.
Fragtool also takes an optional passes argument,
which makes it perform fully non-interactively.
Positive number of passes will perform that many passes and exit,
while zero passes will just print out the summary and exit.
. its progress bar needs bzrlib

. unless you do something special that fragments up the disk
(torrenting, mythtv, large downloads),
you probably won't realize much,
but it's always good to know you're ready for something like this,
or if you're curious about fragmentation the analyze mode is great.

. I personally have to say that when a 300MB torrent
is split into 5000 fragments,
read speed is drastically affected.

. most torrent programs let you preallocate to avoid fragmentation,
that usually keeps fragmentation fairly low
especially if you d/l music and not just movies.

If you would like to get fragmentation statistics,
defrag is the perfect tool to get that.

why hasn't anyone else written a defragmenter for Linux?
A user at forums.gentoo.org wrote a perl fragmentation checker,
and Con Kolivas wrote a bash script defragger.
Fragtool was inspired by both of these efforts,
and aims to intelligently combine the two
to perform the task more intelligently
(i.e. do not try defragmenting defragmented files,
do not make fragmentation worse than before, etc).
. not a full defragmenter
(i.e. free space consolidation,
directory reorganization),
but just a file defragger.

http://www.debian-administration.org/articles/388
for the tested tasks, filesystems can be regrouped as
(a) quick and more CPU-intensive (ReiserFS and XFS) or
(b) slower but less CPU-intensive (ext3 and JFS).
XFS appears as a good compromise, with relatively quick results,
moderate usage of CPU and acceptable rate of page faults.
XFS appears to be the most appropriate
on a file server for home or small-business needs .
-- on mac, "(xfs) is doomed to mean X font server .

username@ubuntu:~$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/hda7 8.8G 3.2G 5.2G 39% /
varrun 221M 92K 221M 1% /var/run
varlock 221M 4.0K 221M 1% /var/lock
udev 221M 140K 221M 1% /dev
devshm 221M 0 221M 0% /dev/shm
lrm 221M 19M 202M 9% /lib/modules/2.6.15-25-386/volatile
/dev/hda5 123G 48G 70G 41% /documents

username@ubuntu:~$ sudo umount /documents

username@ubuntu:~$ sudo fsck /dev/hda5
fsck 1.38 (30-Jun-2005)
e2fsck 1.38 (30-Jun-2005)
/home: clean, 52156/16334848 files, 13090377/32658129 blocks

. fragmentation becomes a problem only if your disk is almost full.
On a nearly full disk,
Linux may have trouble locating a large enough block of free space
to fit a file without fragmenting it.
If you almost fill a disk and then delete files,
the remaining files may or may not be fragmented,
depending on which ones you deleted.
For this reason, keeping your partitions from filling up is best.
As a general rule, anything less than 80 to 90 percent full
is fine from a fragmentation perspective


6.10:

sci.addn/xuw/hc sd is usable:
. does xu read my 8gb sd card? yes,
the disk utility says it's partitioned as mac hfs+,
and the hex editor read a mac system file .
. replacing that with my usual fat32-formatted sd card
the file browser is having trouble:
it browns out, uses a lot of cpu, and becomes unresponsive,
but the rest of the system is ok .
. other app's can read the file system without the smoke:
chrome is using its homepage from there,
and the editor's file opener has a functioning
file system browser .
[6.11: maybe switching cards without also
switching the card drive confused it?]


mis.addn/xuw/update mgt:
. the updates fail because:
"(
E: Could not get lock /var/cache/apt/archives/lock
- open (11: Resource temporarily unavailable)
E: Unable to lock the download directory
)
. maybe I should close other app's and try again?
no, here is the problem:
"(
Lentz wrote on 2009-09-09: #2
It appears you have a stale lock file.
This can happen if the program that created the lock file
didn't terminate correctly.
If you're sure you don't have any
package management programs running
(Synaptic, apt-get, dpkg, etc.),
then remove the lock file.
)
--. I should have let the file browser finish;
[@] sci.addn/xuw/hc sd is usable
I'm doing that now, and it appears to be
picking up where it left off:
after coming back from busy,
the updates are able to be downloaded now .


6.11:


mis.addn/xuw.dictionary/doesn't fuzzy spell:
. xuw.dictionary is not very helpful,
I need google to help spell .

proj.addn/xuw.menubar/drag&drop:
. replacing firefox menubar icon with chrome,
at first when I tried to drop a drag&drop
a menu item onto the menubar,
it dropped into firefox
which opened this file:
usr/share/applications/chromium-browser.desktop
. then I first removed the firefox icon
so that the drag&drop would have some blank space
on the menubar to land on: ok .


6.12:


web.addn/xuw.komodo edit/ubuntu install:

bug"[needs-packaging] Open Komodo Edit
https://bugs.launchpad.net/ubuntu/+bug/183492
. the ok is in, but interested is frustrated (past 2 years now!)
http://community.activestate.com/forum/could-i-publish-komodo-edit-packages-ppa-repositoris-ubuntu
this says everything is ready:
http://community.activestate.com/forum/deb-package-komodo-edit
using a script here .
http://community.activestate.com/files/mkpkg-komodo-final.txt

. If you need to update using an installer,
completely uninstall the older version
before installing the new one,
or manually specify a different install directory
during the installation process.
Your Komodo preferences will be preserved
as they are installed in a different directory.
uninstall:
Delete the directory that Komodo created during installation.
(that would be )
If you wish to delete your Komodo preferences,
delete the ~/.komodo directory.
If you do not delete this directory,
subsequent installations of Komodo will use the same preferences.
Note: You cannot relocate an existing Komodo installation
to a new directory by simply moving it.
You must uninstall Komodo from the existing location
and reinstall it in the new location.
2300:
. trying that .
install: Installing ActiveState Komodo to '/home/addn/Komodo-Edit-5'...
relocate this Python to '/home/addn/Komodo-Edit-5/lib/python'
relocate '/home/addn/Komodo-Edit-5/lib/python/lib/libpython2.6.so.1.0'
relocate '/home/addn/Komodo-Edit-5/lib/python/lib/libpython2.6.so'
relocate '/home/addn/Komodo-Edit-5/lib/python/lib/python2.6/config/Makefile'
relocate '/home/addn/Komodo-Edit-5/lib/python/lib/python2.6/site-packages/activestate.py'
relocate '/home/addn/Komodo-Edit-5/lib/python/lib/python2.6/lib-dynload/_ssl.so'
relocate '/home/addn/Komodo-Edit-5/lib/python/lib/python2.6/lib-dynload/_hashlib.so'
relocate '/home/addn/Komodo-Edit-5/lib/python/bin/python2.6'
relocate '/home/addn/Komodo-Edit-5/lib/python/bin/python2.6-config'
relocate '/home/addn/Komodo-Edit-5/lib/python/bin/python-config'
relocate '/home/addn/Komodo-Edit-5/lib/python/bin/2to3'
install: 'Komodo Edit 5' desktop shortcut created at '/home/addn/Desktop/komodo-edit-5.desktop'
I checked the link it asked me to make,
ln -s "/home/addn/Komodo-Edit-5/bin/komodo" /usr/local/bin/komodo
that is still there from last install .
ls /usr/local/bin/komodo
-- returned /usr/local/bin/komodo (does exist)
. ever since my last system update,
the komodo edit has acted strangely,
temp'ly not displaying lines,
or display them as static swirl of bits
until the display needed updating .
. if that problem goes away,
it strengthen theory that
every time there is a system update,
then for each manually installed app,
you have to uninstall and reinstall that app .


proj.addn/xuw.synaptic package manager:
. isn't there some way to make this
reinstall things?
look around: sources/other:
The APT line includes the type, location
and components of a repository,
for example
'deb http://archive.ubuntu.com/ubuntu lucid main'.



proj.addn/xuw/ubuntu partners:
. why is the ubuntu partners ok not as a source?
mark it ok .
. install flash, skype, ultraedit, .


6.13:

mis.addn/xuw/long hd access:
. trouble with long hd reads,
what is the info on xu partners?
none given? not for any .
...
. long-reading hd too busy again?
how do you know whether this is rootkit
or just too busy?


proj.addn/xuw/restricted software:
. this page tells you that many proprietary formats
https://help.ubuntu.com/community/RestrictedFormats
can be played on ubuntu, but you need to ask for it
by activating this link:
apt:ubuntu-restricted-extras?section=universe?section=multiverse
. the browser understood this as running apt.app .

. you can either develope a launchpad.net package
https://help.launchpad.net/Packaging/PPA/InstallingSoftware
and then tell synaptic to include that package;
or you add the package to debian
(see the Debian maintainer's guide)
http://www.debian.org/doc/maint-guide/
and then when ubuntu synch's with debian
http://packages.ubuntu.com/lucid/
you can have access via [ubuntu software center].app .
. debian is ubuntu's primary "Upstream"
https://wiki.ubuntu.com/UbuntuDevelopment
(See freedesktop for some tips on working with upstream)
http://distributions.freedesktop.org/wiki/Packaging/WhyUpstream
. there are [fast-track groups]
https://wiki.ubuntu.com/UbuntuDevelopment/NewPackages
eg, for gnome apps, and Multimedia .
http://wiki.debian.org/Teams/DebianGnome
http://wiki.debian.org/DebianMultimedia
. gnome is the std ubuntu gui kit .
http://library.gnome.org/devel/
. package it for ubuntu yourself;
https://wiki.ubuntu.com/PackagingGuide/Basic
it then waits for approval .
. see ubuntudevelopers at youtube .
http://www.youtube.com/user/ubuntudevelopers



6.13:


web.addn/xuw.chromium.flash/enable:
http://www.ubuntugeek.com/howto-enable-flash-support-for-google-chromium-browser.html
you need to copy libflashplayer.so file
into /usr/lib/chromium-browser/plugins directory
sudo cp /usr/lib/flashplugin-installer/libflashplayer.so
/usr/lib/chromium-browser/plugins
. check it's there by that name:
ls /usr/lib/flashplugin-installer/libflashplayer.so
-- it's not there ?
ah, a rebuttal:
. you don't need to copy anything over:
I just installed the flashplugin,
and ran the command
chromium-browser --enable-plugins,
and it automatically detected the plugin
in /usr/lib/mozilla/plugins.
my response:
. that worked .


proj.addn/xuw/startup folder:
. in xu#lucid there's menu/system/pref's/startup
I added skype but the menu item is launching skype-wrapper,
so what happens?
everything works great:
it even remembers my
[sign-me in when this starts].pref .

mis.addn/xuw/log-out scrambled menubar:
. when I logged out and back in again,
the menubar was a mess, with multiple images of the terminal icon,
and missing images of the log-out icon;
coincidentally, I had recently removed
a redundant log-out icon:
logging out was all it did,
the one I kept had a powerbutton sign,
and would offer a list:
log-out, restart, suspend, shut-down .
. why that was missing,
may have to do with confused identity ?
. fortunately I found some empty space in the menubar
and right-clicked for [add to panel..].app
when I was able to restore what was missing .



sci.addn/xuw/too-long drive reads:
. the long drive reads may have to do with gc;
if apps aren't playing nice and smart
with dynamically alloc'd mem .
news:
Michael MacDonald
Date: Sat, 12 Jun 2010 20:43:48 -0400
Subject: Re: [android-developers] Slow Eclipse on OS X
The default settings for Eclipse on OS/X
do not allocate enough memory for it.
Eclipse runs within a fixed amount of RAM,
and if it isn't allocated enough
it will spend all its time garbage collecting.
Unfortunately, I don't know how to change the settings on OS/X;
on Linux there is a configuration file
read by the startup script.


6.13:


sci.addn/xuw/long-time busy drive is skype:
. taking a long time may be
that hg plugin into gnome file man
[6.19: logger noticed I was
complaining about long drive accesses
only shortly after installing skype
and possibly other ubuntu partner coders .]

mis.addn/xuw/links can point at fat drive:
. it would bak to cf card;
but, that is not automounted!


mis.addn/xuw/high disk activity:
. how is it affected by using skype?
quiets down, skype is usable?
wonder if it's due to skype server .


6.14:

mis.addn/xuw.file browser/inattentive:
. I'm using a pre tag in html
with a text editor,
how does that look from a browser ?
. how can things look so diff'nt?!
oh!:
I'm not looking at the same file :),
somehow I got into 10.03 (mar)
instead of 10.06 (jun) .


mis.addn/xuw/screensaver crashed skyped:
. I would soon learn how turn that off ! .


web.addn/xuw/kill screensaver and idle-lockout:
. I went into menu/System/Preferences/ScreenSaver:
and unchecked Activate ScreenSaver When Computer is Idle,
and Lock screen when ScreenSaver active .

news.addn/xuw/auto-logout instead of lockout:
https://blueprints.launchpad.net/ubuntu/+spec/autologout
Often new users forget to logout,
Often people may think they are using there own account,
when in fact they're using someone else's.
There are some programs that address this issue for terminal sessions,
but I've found nothing Gnome.

mis.addn/xuw.skype/crash on close active call:
. it has 2 windows, the contact list,
and the active call window .
. after the the contact list window was in front
I did a ctrl-w for close window,
and then everything froze .


6.14:



web.addn/xuw/freezing with preemptive multitasking?:
http://ubuntuforums.org/archive/index.php/t-1199502.html
One issue I've had today though
was more reminiscent of the bad old days of Windows 98
I thought Ubuntu, being Linux based,
shouldn't let a malfunctioning programme
freeze or crash the whole system.
I would expect that on Win 9x or Mac OS 9
but Linux has modern things like protected memory
and preemptive multitasking,
so unless the actual driver cacks out....
June 29th, 2009, :
. at some point my Ubuntu was freezing very often..
after I disabled visual effects
it almost doesn't freeze at all
System -> Preferences -> appearance -> Visual Effects
and select "None"
. freezes happen only when I use the wifi
and the macbook pro's track pad
as opposed to having it connected to ethernet
and using an external mouse .
https://bugs.launchpad.net/ubuntu/+bug/27441
after I switched to using hard disk encryption
i think update-locatedb is the trigger in my case.

Achilles heel of Linux 9.6.29:
https://bugs.launchpad.net/ubuntu/+bug/27441
. buggy program can allocate enough memory
to push Linux into thrashing,
constant paging out to the disk.
This behaviour can continue a long time
Meanwhile the machine is unusable,
doesn't respond to input of any kind.
So the objective is to put in default safety guards
to prevent this from ever happening
by denying the faulty process more memory
or terminating it,
e.g. after having detected
that the past say x seconds were spent thrashing.
lucid 2010-05-27:
If a program misbehaves and thrashing starts,
I'd like to be able to kill that program
without rebooting and without waiting for hours
for the problem to resolve itself.
Could a developer please tell us more about
the technicalities involved?
For instance, what exactly happens during the thrashing?
I understand the hard drive is running like crazy
to move pages in and out of swap space,
but surely preemptive multitasking
should mean that the access to swap space
could be paused while other processes
get their share of CPU time, right?
Why, then, can the mouse hang completely for minutes?
Doesn't this mean that the process controlling
the display of the mouse
doesn't get to run for minutes at a time?
Why is that allowed at all?
If it is that that process (or memory associated with it)
has been paged out,
can't there be a list of priorities for paging,
that essentially prohibits the OS
from paging out essential UI elements?


http://en.wikipedia.org/wiki/Operating_system
Under versions of Windows before Vista
and versions of Linux before 2.6,
all driver execution was co-operative,
meaning that if a driver entered an infinite loop
it would freeze the system.
More recent revisions of these opearting systems
incorporate kernel preemption,
where the kernel interrupts the driver to give it tasks,
and then separates itself from the process
until it receives a response from the device driver,
or gives it more tasks to do.

http://www.linuxquestions.org/questions/linux-kernel-70/swap-thrashing-can-nothing-be-done-612945/
with the commonly-used default settings,
a Linux system can definitely be brought to its knees.
But that's basically because
the default settings are easy and generous,
assuming that serious overload is unlikely.
They do not have to be generous, however.
. in a paging system
all running programs feel the memory shortage equally.
When you get into a real tight memory situation
then the solution is to solve the underlying memory shortage.
Fiddling with the paging algorithm
generally makes the problem worse.
So the solution is to either buy more ram
or to reduce your peak memory demands.


6.14:


sci.addn/xuw.nautilus file browser/creating links:
. what does a drag with cut instead of copy
across volumes?
. the only modifier in {cntrl, alt, cmd}
to change the + sign to something else
was the alt, and that added a link to the
sidebar with the list of links .
. it was the shift+drag that did a cut .

. I tried alt-drag into sidebar link
from the voice recorder,
and it instead added the link to the sidebar .
. lets try that with the cf card:
instead of alt-drag leaving a link
it brings up a context menu
that as offering to leave a link
inside the folder that is targeted by
the link I'm on .

. it did make a link from a linux volume
to the cf volume;
can it do the reverse? no:
"(the target doesn't support symbolic links) .



mis.addn/xuw.nautilus file browser/slow:
. it takes a very long time for nautilus file browser
to open a folder that contains an hg repo .
. it also is taking forever to bring up
the context menu in that same folder
(I need to create a new folder for a paste) .


news.addn/xuw/wma reader included:
. wma's are being opened by default
with the totem movie player .
. wma (windows media audio) is the
native format of my voice record .

6.14:

mis.addn/xuw.hex editor/html export:
. I was excited to see what the
html export would do with a clarisworks file;
thinking that since it offered,
it might just know that code;
but, no, it's offered for every file type:
it uses an array of html to create a directory
to an array of the same images
that you'd see in the hex editor .


mis.addn/xuw.nautilus.hg/froze:
. bak: 0 -- the hg plugin's context.menu`item is unresponsive;
bak to cf .


6.17:


proj.addn/xuw/backup with old partition:
. erase other partition for use as
data store: can't finish .
. I was trying to use disk utility
then canceled because it works only on
whole disk's not partitions .
. then tried gparted;
but having problems
[@] mis.addn/xuw/out of memory



mis.addn/xuw/out of memory:
. gparted said it can't bring up dialog
that asks for password,
and editor complains it can't auto save .
. install prob':
"( the config defaults for gnome power mgr
have not been installed correctly;
call your admin) .
reboot in recovery mode
startx causes
"(
. cannot close temp file properly
(not eno' memory?)
)
. great: use the command line
to find and remove something heavy
like the au.recording bak's .
man rm . go into parent folder of
the folder to kill,
then do rm -fr au .
. when using cd.command,
if arg has spaces then use "" .
. now try startx again:
ok? use gui's synaptic pkg mgt
to remove unwanted software:
what are the dep's of mono run-time?
I don't need any of them .
. marking things for complete removal
made a bunch of !-marks on other packages?
sort list to get all !-marked's together:
for the ones that seem like general lib's
(not including name of a software)
mark those !'s for update .
. finally, use update mgr to check things:
it suggested a few more things be added,
including evolution ? ok .



6.18:

mis.addn/xuw/out of mem's symptoms and tools:
. I've lost ctrl-{home, end} keys,
and again it's complaining
it can't auto save,
it offers to bring up disk usage analyzer
which is helping me find stuff to kill;
it was helpful:
I had forgotten the editor's installer
was left in ~/music.folder .


proj.addn/xuw/out of mem/delete all bak's from main hd:
. trash doesn't work?
need to use rm at the cli ...
actually,
the disk usage analyzer has a
limited trash function;
if you instead use the file browser,
nautilus, it gives the option to
delete perm'ly .
. delete log's bak
-- that should go on a data partition;
after the space is here,
gparted will likely work,
and then I'll have 13gb for data .






proj.addn/xuw/getting permission to partition:
6.18:
. this thread helped me find the storage device mgr .
http://ubuntuforums.org/showthread.php?t=1403508
. using sto'device mgr,
looking around,


6.18:
mis.addn/xuw.chrome/high-cpu freeze:
. lost it right after I was clicking on
the .uk site for xen v3.0 users' man'l .


6.19:




proj.addn/xuw/reuse partition some other way?:
. after the mountManager fails,
[@] proj.addn/xuw/getting permission to partition/mountManager fails
I'm wondering if there's some other use for partition;
so, I try usb drive creator
which could put another os in
for dual-booting to .
. it needs a pre-downloaded iso of an os?
good night .


news.addn/xuw/list disks by uuid:
ls -l /dev/disk/by-uuid
lrwxrwxrwx 1 root root 10 2010-06-19 08:48 46b0de37-e40e-4bd0-8450-752d0fe26c3d -> ../../sda6
lrwxrwxrwx 1 root root 10 2010-06-19 08:48 4d467830-c2a9-4935-b555-e18ea0246d2a -> ../../sda7
lrwxrwxrwx 1 root root 10 2010-06-19 08:48 9cd08dad-1e53-4d4a-8ef7-3b15b32af4b3 -> ../../sda1
lrwxrwxrwx 1 root root 10 2010-06-19 08:48 AC56-47C8 -> ../../sdb1
lrwxrwxrwx 1 root root 10 2010-06-19 08:48 c8bf0f70-9043-4d5e-a9cb-e8823571029c -> ../../sda5
lrwxrwxrwx 1 root root 10 2010-06-19 08:48 D898-89F2 -> ../../sdc1





proj.addn/xuw/getting permission to partition:

mountManager fails:
. permissions denied despite use of mountManager?

success:

. following the psychocats tutorial
http://www.psychocats.net/ubuntu/mountlinux
but I didn't need to make changes to
the /etc/fstab file,
because the mountmanager had already built it correctly .

sudo gedit (open /etc/fstab):
UUID=9cd08dad-1e53-4d4a-8ef7-3b15b32af4b3 /media/sda1 ext4 users,noexec 0 0
UUID=c8bf0f70-9043-4d5e-a9cb-e8823571029c swap swap sw 0 0
UUID=46b0de37-e40e-4bd0-8450-752d0fe26c3d / ext4 defaults 0 1
UUID=4d467830-c2a9-4935-b555-e18ea0246d2a swap swap sw 0 0

. we need to have Ubuntu
acknowledge those changes:
sudo mount -a

Now I need to give it the proper permissions.
my username is [addn],
and the mount point is [/media/sda1]:

sudo chown -R addn:addn /media/sda1
sudo chmod -R 755 /media/sda1

Now the partition is mounted in
the /media/sda1 folder
and is ready for use!
[and it does work -- without restarting!!]







6.19: web.addn/xuw/partition mounted to home folder:

. [another tutorial] has the idea of
http://www.psychocats.net/ubuntu/separatehome
using the separate partition as your
home folder, so that reinstalling the os
will preserve all the settings from your old install;
however, some have complained of bugs
that psychocats couldn't help with .
. this includes notes from both psychocats.net
and from the forum containing
http://embraceubuntu.com/2006/01/29/move-home-to-its-own-partition/
the original instructions .

mount the new partition:
$mkdir /mnt/newhome
$sudo mount -t ext3 /dev/hda5 /mnt/newhome
(?hda5? is the new (ext3) partition.)
Now, Copy files over:
Since the ?/home? directory will have hardlinks, softlinks,
files and nested directories,
a regular copy (cp) may not do the job completely.
Therefore, we use something we learn from the
Debian archiving guide:
$cd /home/
$find . -depth -print0 | cpio --null --sparse -pvd /mnt/newhome/

--. "( Make sure everything copied over correctly.
You might have to do some tweaking and honing
to make sure you get it all right, just in case. )
. in other words,
the sure way to do this is to
reinstall with home mounted on a separate partition .

unmount the new partition:
$sudo umount /mnt/newhome

. rename /home to /old_home
$sudo mv /home /old_home
. and make new home:
$ sudo mkdir /home

Mount the new home:
$sudo mount /dev/hda5 /home

. in my example,
my original partition that I shrunk
was /dev/sda1,
and it created a new partition
called /dev/sda3,
and my /home folder at this point
still lives on /dev/sda1.
back in the terminal,
[.. still running from livecd, not sda1;
otherwise how could
sda1 be subject to a mount command?
]
I'm going to mount /dev/sda1 and /dev/sda3
by pasting in these commands:
sudo mkdir /old
sudo mount -t ext3 /dev/sda1 /old
sudo mkdir /new
sudo mount -t ext3 /dev/sda3 /new
Now we're going to back up the /home directory
on the old partition
and move it to the new partition:
cd /old/home
find . -depth -print0 | cpio --null --sparse -pvd /new/
sudo mv /old/home /old/home_backup
sudo mkdir /old/home

Note:
I have tested the second command myself,
and it works,
but some have pointed out
it might make sense to
preface the commands with sudo
in case one of the other users
has subdirectories manually marked as unreadable
to the user making the move.
Since I have not tested this out
and all directories
are readable to all by default,
I'm offering this as only an alternative in case
the command as given does not work:
sudo find . -depth -print0 | sudo cpio --null --sparse -pvd /new/
[6.25:
. another problem may have been that
as ubuntu was revised, the needed commands changed
(see near end) .]

. another user wrote this short explanation of
that command line:
find . -depth -print0 | cpio --null --sparse -pvd /mnt/newhome/
A word of explanation about the above line.
(find) is one of the most useful commands in linux;
One of its most useful features is, as above,
that it can execute programs based on the files it finds.
So here (find):
* walks through the current directory
* uses the -depth option to check file permissions.
(
From the 'find' manpage:
-depth can be useful when find is used with cpio(1)
to process directories with unusual permissions.
It ensures that you have
write permission while you are
placing files in a directory,
then sets the directory's permissions
as the last thing.
)
* -print0 prints the pathname of the found file
to standard output,
with an ASCII null character at the end
(which is used to terminate segments of text,
and is important for the next stage)
* cpio is used to create archives,
but here is used in pass-through mode
(specified by the use of the -p option)
to copy files to a new location,
bypassing the creation of an intermediate archive.
* null enables cpio to read a list of filenames
separated by an ASCII null character option
(which is here generated by
find's -print0 option)
* sparse is used to write files with
large blocks of zeros as sparse files.
A sparse file is a file that may contain
considerably less actual data
than its size might suggest:
i.e.
a file with a single byte of data
written at its millionth byte
will be a 1MB sparse file,
full of zeroes except for the last byte.
Archive commands such as cpio will
usually, for efficiency, ignore the zeroes.

Since we are aiming to copy exactly,
sparse here forces their recognition.
* -pvd specifies three individual options for cpio:
p (to make cpio run in pass-through mode);
v (verbose: list the files processed); and
d (to create leading directories where needed)
. Remember when you copy the cpio command
to replace the long dashes with
double dashes in the terminal.

Note that the cpio command given above
updates the file modification timestamp.
So all your /home files
now appear to have been
modified at roughly the same time.
This can foul things that depend on those timestamps
(like developer tools).
With GNU cpio, you can use the
preserve-modification-time flag
(cpio --null --sparse --preserve-modification-time -pvd)
Also, this procedure works for most PCs OK,
but on a multi-user or server system
you should go into single-user mode .

Next, we're going to specify to
use the new home partition as /home:
sudo cp /old/etc/fstab /old/etc/fstab_backup
gksudo gedit /old/etc/fstab
You'll then see the /etc/fstab file
opened in the Gedit text editor.
Add in this line at the end of the file:
/dev/sda3 /home ext3 nodev,nosuid 0 2
Save the file and exit Gedit.
After you reboot, you should be now using
your new /home partition.
If your old partition is running out of room
and you're pretty confident
everything is working as it should be,
then go ahead and delete
the backup of home:
sudo rm -rf /home_backup
--[ use cut & paste to avoid accidently typing:
sudo rm -rf / -- that removes you entire file system .]

I eventually figured out that /opt
is another great directory to have
as a separate partition.
Most of the stuff that gets installed in /opt
(Adobe Acrobat, Crossover Office, Cedega, etc)
is statically compiled
and should work with any version of any distro,
so when you upgrade or decide to try another distro,
these packages (that oh-by-the-way
probably aren't shipped with your distro)
will still be intact.
Since I have /opt handy for that purpose,
I also move the fake-windows directories
created by cxoffice and Cedega there,
and make symlinks in my home directory.
That way I don't have to reinstall my Windows software
when I upgrade either.

. Rob Yurkowski - November 14, 2007
This is a bit easier if you first do:
$ sudo -i
-- then execute the commands.
You won't have the issues with copying or mounting
that others have had.

At the end, verify that your users's home directories
are, in fact, owned by them:
$ ls -l /home
You should get output like this:
drwxr-xr-x 57 rob root 4096 2007-11-14 00:01 rob
Make sure that [^] matches the one on the end [^]
If it doesn?t, you can do the following
(if you're still in (sudo -i), you don't need the sudo here)
$ sudo chown -R /home/
eg,
. after rebooting the system,
Could not kstartupconfig.
it needed modify user acct -- set home dir;
sudo usermod -d /home/username username
.. and set permissions for user .
sudo chown -R username:users /home/username

Peter Whittaker - January 5, 2007
I did something similar recently,
see my [super simple md recipe]
https://wiki.ubuntu.com/Raid
. The most important thing you'll see there
is that (cp cpio find)
were unnecessary for me:
ext2 and ext3 (apparently)
support the mv operation across partitions.
So, after setting up /dev/hdXX appropriately,
my recipe for moving home would be:
$ cd /
$ su
# mv /home /home2
# mkdir /home
# cat >> /etc/fstab
/dev/hdXX /home ext3 defaults 0 0
^D
# mount -a
# mv /home2/* /home
# rmdir /home2
# exit
$ cd
Worked for me, everything appears solid.


Daniel Robbins at IBM has a very easy
step-by-step called
Partitioning in Action: Moving /home
http://www-128.ibm.com/developerworks/linux/library/l-partplan.html.
He uses the simpler cp -ax command
to copy the file structure of /home to /newhome
(or newpart as he names it).
. The link to that IBM-page he gave
for an alternative method doesn't seem to work anymore
. tried the other suggestion on the Debian Archive Guide.
This works for me:
cp -ax -sparse=auto . /mnt/newhome

. usually I use rsync
which also gets the copy done *and*
fully verifies the result .
. to copy /home using rsync instead
rsync -Sav /home /mnt/newhome
sudo rsync -havPHAWX /media/old_disk/ /media/new_disk/
. rsync is great for many reasons,
for one it continues from where it stopped,
even if the process breaks for any reason.
. to estimate directory usage (size):
sudo du -shc *

gustavo - May 12, 2009:

Ok this is what I HAD to do
to make it work for Jaunty Jackalope:

Create new partition to host new home directory.
Restart Ubuntu,
open a Terminal window and run blkid
to obtain device id and uuid.
Take note of those values.

Create temporary home directory:
sudo mkdir /mnt/newhome

Add the following entry at the end of fstab:
gksu gedit /etc/fstab
# /dev/sda6 home was added manually by
# username to make home its own partition
UUID=a6045679-28e9-4ce5-9843-01c65913f691 /mnt/newhome ext3 nodev,nosuid 0 2

commit fstab changes:
sudo mount -a

copy all files to /mnt/newhome:
cd /home
sudo find . -depth -print0 | sudo cpio --null --sparse -pvd /mnt/newhome/

. save home's original:
sudo mv /home /old_home
sudo mkdir /home

. Once in failsafe terminal session run,
Change mount point from /mnt/newhome to /home
gksu gedit /etc/fstab
sudo mount ?a

. fix /home permissions for every user.
. Do this by going into Recovery Mode.
chown -R username:username /home/username
chmod 644 /home/username/.dmrc
chmod 644 /home/username/.ICEauthority

realgt - July 25, 2009
@gustavo
thx, saved me from a blank desktop.
CTRL+ALT+F1 [and do the above]
[. to understand that see this:
Moving the /home
http://ubuntuforums.org/showthread.php?t=46866
. First we need to log out of gnome.
At the GDM (Gnome Login Screen) press:
Ctrl+Alt+F1
Then Login as your user and type (Without the #):
# sudo -s
To permanently become root. ]

ok!
https://help.ubuntu.com/community/Partitioning/Home/Moving
Copy /home to the New Partition
sudo rsync -axS --exclude='/*/.gvfs' /home/. /media/home/.
In Hardy, when a user has a
gnome session running,
the directory ~/.gvfs is a mountpoint for
some sort of filesystem involving fuse.
Since it is a mountpoint,
nothing is actually stored on disk
under ~/.gvfs
in the filesystem you are backing up,
so you can exclude it
with some filter rule like
"exclude /*/.gvfs".
It will be recreated if needed,
in my experience.
This is a common problem with fuse-mounted files systems
-- not even root can access them,
unless a configuration setting is changed somewhere
for the mount. rsync throws up that error
even if given the --one-file-system option
(so it doesn't descend past the mountpoint).




web.addn/xuw/backup:

backup with rsync
. I installed this rsync wrapper
http://www.rsnapshot.org/
or use rsync directly:
http://www.psychocats.net/ubuntu/backup


backup using tar cvpzf
http://ubuntuforums.org/showthread.php?t=35087&page=108

#!/bin/bash

set -e

# this script requires dialog
if ! which dialog 1>/dev/null 2>&1; then
read -p "Do you want to install dialog now? (y/n): " REPLY
case $REPLY in
y)
sudo apt-get update
sudo apt-get install dialog
;;
*)
echo "Cannot continue; this script uses dialog to generate menus" >&2
exit 1
;;
esac
fi

# detect mount point of a partition
detect_mountpt() {
mount | grep "^$1" | cut -d' ' -f3
}

# list devices mounted on folders inside a partition
list_mounted_under() {
mount | grep -v "^$1" | grep "$2" | cut -d' ' -f3
}

# list all mounted partitions
list_mounted_parts() {
CNT=0
mount | grep '^/dev' | cut -d' ' -f1 | while read line; do
CNT=$(( $CNT + 1 ))
echo "$CNT $line"
done
}

MNT_PARTS="$(list_mounted_parts)"
ANSWER=$(dialog --stdout --menu "Select the partition to back up" 0 0 0 $MNT_PARTS)
PART=$(echo "$MNT_PARTS" | grep "^$ANSWER" | cut -d' ' -f2)
MNTPT=$(detect_mountpt $PART)

# exclude folders with another device mounted on them
# this includes /proc, /sys, /media/disk, etc
for e in $(list_mounted_under $PART $MNTPT); do
EXCLUDES="$EXCLUDES --exclude=$e/*"
done

BACK_NAME="$(basename $PART)-$(date +%F).tar.gz"
BACK_FULL_PATH="$(dialog --stdout --inputbox "Where do you want to create the back up?" 0 0 "$(pwd)/$BACK_NAME")"

# also add backup to exclude list
EXCLUDES="$EXCLUDES --exclude=$BACK_FULL_PATH"

( cd $MNTPT
FILES="$(ls -A | tr '\n' ' ')"
sudo tar cvpzf $BACK_FULL_PATH $EXCLUDES $FILES
)

echo
echo "Backup $BACK_FULL_PATH created"

exit 0













6.19:

mis.addn/xuw.chrome/froze:
. froze on touching a google link in chrome again,
http://www.linux.com/news/enterprise/storage/8200-back-up-like-an-expert-with-rsync
[6.19:
-- the link is likely irrelevant however .]




proj.addn/xuw/backup:

back in time:
. using [back in time] to bak {home, usb drive}
every 10min with partial bak's in 14gb data partition .
. doing a snapshot now .

simple backup`config:
. this may be the better backup
because it does incrementals
unlike the [back in time]
which does only complete snapshots .



6.19:


mis.addn/xuw/freeze while in komodo:
. playing with komodo paren matching repeatedly
caused freeze? restart .

mis.addn/xuw.komodo edit/force convert non-ascii failed:
. saving komodo non-ascii wouldn't be forced,
lost save instead . had to reapply,
then pickout non ascii's .
. the problem I think came from the way I
fumbled the force-it dialog .
. I use the tab to switch the selected choice,
and then space bar to hit the selection;
but this time I hit the wrong sequence of keys .


6.20:



mis.addn/xuw/becomes frozen without user actions:
. it was working when I left,
but next morning it was frozen
-- with the fan blaring .
. I should think twice about beta.wares
like that linux.skype .


proj.addn/xuw.back in time/disable,

6.23:

mis.addn/xuw/unable to mount sd2gb:
. when I plugged in sd card "sd2gb,
it gave this warning:
"(
unable to mount sd2gb
dbus error:
org.gtk.Private.RemoteVolumeMonitor.NotFound:
the given volume was not found .
); but, then did mount and display
right afterward .



proj.addn/xuw.startup app's/clean:
. the drive is busy all the time ?
I have one tab each in chrome and komodo!
maybe skype is hogging the memory?
go into system/pref's/startup app's,
and uncheck unneeded daemons:
skype
gnome remote desktop server
print queue applet
visual assistance
bluetooth man applet .
. there were a lot of buttons for
add, remove, edit,
so I was wondering if it would work:
just unchecking these items
and then closing the dialog ?
a restart proved that's ok .



6.23:


mis.addn/xuw.nautilus/slow:
. file browser still taking a long time?:
may need to dump all version control systems
(including the one cananical supports)
since there is still some support from the browser
in the context menu .


6.25:



web.addn/xuw.nautilus/why is nautilus so slow? bazaar?:
. here's a hint that helped a lot ... sometimes:
http://ubuntu-tutorials.com/2007/03/05/how-to-speed-up-the-nautilus-file-browser/
nautilus file browser`menu/edit/pref's/preview:
folders:count number of items:
change it to never (from counting local files only)
. a guest of that blog also suggests
using thunar instead of nautilus?
I do have that installed,
but can't find it the menu's?
find all files by that name;
run thunarHelp: it opens a page .
file:///usr/share/doc/thunar/html//C/index.html
. it shows up when switching to
the Xfce Desktop Environment
... it was in menu's;
I just overlooked it in
menubar/app's/accessories .
. one reason I prefer nautilus over thunar
is that it has a subtree view
where you can click on an arrow next to folder
and its contents will be listed
within an indentation
rather than moving from current folder
to folder opened .
. the following hint doesn't apply to me
since I have pict's separate from text,
but if wanting speed in the Media folders,
also change thumbnails to never.
"(I knew it was a nautilus issue when
dolphin and thunar came up fast.)
. dolphin is one I don't have installed;
it comes with kde desktop environ .


mis.addn/xuw.nautilus/pref's dialog unusable on 600pixel height screen:
. the pref's dialog -- and presumable other
large gnome dialog windows --
are not resizable and extending beyond the
bottom edge of a 1024x 600 pixel screen .
. one work-around is to change the
screen orientation:
menubar/system/pref's/monitors/rotation
={left,right} .


mis.addn/xuw.gnome/screen orientation:
. a screen orientation is:
menubar/system/pref's/monitors/rotation
={left,right} .
. when you do a screen rotation while
having a lot of icons in the menubar,
the menubar's system menu
will no longer be reachable!?
simply remove uneeded icons .
[...: or copy the monitor icon
to the menubar! ]


6.26:

web.addn/xuw/bsd vs linux:
. bsd vs linux -- and freebsd nixes x11
http://www.over-yonder.net/~fullermd/rants/bsd4linux/bsd4linux8.php
. bsd is more stable due to
things are not included in next version
until unit -- and integration -- testing
is done .



proj.addn/xuw/file browser replacement:
. since the nautilus file browser is not reliable
(it takes so long to become ready for use
that I can't wait for it to do a bedtime backup)
the simpler, faster file browser, thunar,
needs to be made more easily available:
copy it from deep in menu
to the top of the menubar .
. the menubar is full (for rotation views)
so to make room for thunar,
remove something available by menu:
the logout can be found in
menubar/system/shutdown .

proj.addn/xuw/easy rotations:
. the ability to rotate screen is needed
because on a laptop with a short screen:
600 pixels instead of 800,
some of the gnome dialogs are
extending beyond the bottom edge of screen
and since dialog windows are not resizable
(because what programmer would make a dialog
larger than the screen without adding scrollbars?)
some of dialog items
are not reachable unless the screen is rotated .
. after the screen is rotated
there is much less room for menubar items;
and, when they overlap,
the menu's are no longer available;
so, if the rotation icon is to be added,
something else has to be removed:
the help can be found in
menubar/system/help and support .


6.26:


mis.addn/xuw/out of mem:
out of mem ? the trash (on the primary drive)
still contained all the bak's from [back in time] .



mis.addn/xuw/out of mem ... on bak-drive:
. the out of mem was coming from the bak drive, sda1,
my primary is like sda2, (the 2nd install of xuw
got put on a higher numbered partition)

proj.addn/xuw.simple backup/purge often:
. the simple backup is using most of the 14gb;
so, now I'm wondering how to tell it do something else .
now using purge at simple cut off (2days);
-- it was at logarithmic (1 bak at {day, week, month, year, start})

proj.addn/xuw.fs/xuw bak:
. finished organizing that drive by
making separate folders for { bak pim, downloads} .


6.27:


mis.addn/xuw/backup/ensuring buffers flush:
. need to make sure the card is flushing buffers:
when it's time for important saves,
also use the file manager to eject the card .
. it doesn't work from thunar;
on the desktop you can
right-click the card for eject .
. when you plug it back in,
it wants to run that hog, nautilus .

sci.addn/xuw/backup/flushing buffers:
. an easier way to ensure the
card buffers are flushed,
is to copy the card to another drive .
. I just tested this .


web.addn/xuw/chat with ichat:
xu to ichat 2007:
http://ubuntuforums.org/showthread.php?t=508635
you could interface ichat with jabber,
but then there will be voice and video,
one could use
yahoo messenger with voice beta for mac
while ubuntu can use two apps
to attain voice and video
first use a yahoo messaging client
that support webcam. kopete or gyachi
now for voice use gizmo project,
first submit your gf yahoo account name
http://www.gtalk2voip.com
and tell mac user to accept the buddy invitation
then simply type
username@yahoo.com
in gizmo to call .
... heck, just use skype(beta)*crash* !


6.29:

mis.addn/xuw.komodo/freeze:
. after unsuspending xuw I noticed
skype(beta) was still active;
will it help stability to kill?
no: I couldn't get 5minutes into an
editor session before freezing .
. I think it might be the base
since chrome randomly freezes too;
check for updates .


mis,web.addn/xuw.chrome/page keys fail:
. g'docs still has some issues: pagedn key fails
http://www.google.com/support/forum/p/Google+Docs/thread?tid=1b9ae69a63a3dfa8&hl=en
It seems to be a bug which has been introduced,
but only for Chrome
On Firefox it behaves as expected
i.e Page-Up and Page-Down scroll one page at a time.
-Abhi
AlexinOslo 6/8/10
I'm using Google Chrome on Ubuntu 10.04, and have the same problem.
Pressing "page down" skips to the end of the document,
and "page up" to the beginning.
sci:
. I confirmed the paging does work on xuw.firefox;
but firefox`layout doesn't make good use of a small screen .



mis.addn/xuw.chrome/can't copy snopes:
. while chrome can't copy snopes.com
firefox has no problem at all
(I had thought the problem was a no-copy trick
so I was going right-click for the code;
but, apparently, no-script is what works here.)


mis.addn/xuw/over-use of cpu mystery:
. the cpu is maxed for just editor?
no drive activity so not a backup problem ?
restart to see what's up .


proj.addn/xuw.sw center/uninstall unused:
. use ubuntu sw center to uninstall
things I likely won't use;
shutdown, startup .


6.30:


proj.addn/xuw.menubar/clarify time view:
. the time is confused with the temperature;
so, if they can't be separated,
then remove the temperature:
menubar`calender`menu/temperature:no .

proj.addn/xuw.menubar/hide battery icon:
menubar`battery.icon/power mgt pref's/general/notification area:
only display an icon when battery is low
-- not when [charging or discharging] .

proj.addn/xuw.brightness/in battery icon:
. the setting on menubar's brightness control
is not persistent; to find that,
look in the menubar`battery.icon,
or wherever the power mgt pref's
can be found .


proj.addn/xuw.menubar/its location can be changed:
. found in right-click menubar/panel properties
a menu bar orientation,
to put it on the side instead of the top .
. it writes the date sideways! (we won!!).
you can't see the app menu,
but if you start from the ones you can see,
you can flip through to the one you can't .



mis.addn/xuw/cpu always max'd:
. cpu seems hyperactive?
add the cpu monitor icon to menubar,
and set cpu speed to near-min speed {600..800}


6.30:


mis.addn/xuw/crash to terminal screen without data loss:
. I couldn't find a file I'd just written to
so I looked in komodo's recent list;
I make a change by copy, then save and close .
. this closing ^w closed the whole gui!
I see a black screen with boot-time log warnings,
then it cycles that screen every second
with another black screen
having only an underscore at the upper left
-- like at os install time,
when it's time for booting into new os .
. leave it alone for a while,
... after 10min, my was-gnome shows up with
a strange xfce-style msg:
"(
Ubuntu is running in low-graphics mode:
. your screen, graphics, card,
and input device settings
could not be detected correctly . you will need to
configure these yourself . ok?
)
next screen:
"(
What whoudl you like to do?
run ubun in low-graphics mode for just one session:ok
(other choices were:
reconfigure graphics, troubleshoot the error,
exit to console login, restart x
));
however,
the next session was then
not in low-graphics mode,
or was in the same mode as before,
1024x600, not a magnification .
. it was as if
when I selected (restart x)
and then moved it back,
the reverting move did not register .

2010-06-01

SOA-style security for linux

news.addn/security/soa for linux:

5.6:
OpenVZ is container-based virtualization for Linux
. this is what could make linux
more secure than mac ? 5.13:
another layer of security wouldn't hurt,
but openVZ is just the open engine for
for a closed product from Parallels .
. Qubes has a complete open betaware isolation solution .

5.13: web:
Qubes is an open source operating system
designed to provide strong security for desktop computing.
Qubes is based on Xen, X Window System, and Linux,
and can run most Linux applications
and utilize most of the Linux drivers.
qubes-os.org/trac/wiki/SourceCode
qubes-os.org/gitweb/
qubes-os.org/trac/wiki/InstallationGuide
In the future it might also run Windows apps.
. critique at threatpost.com .

5.13:
Secure Virtualization Using SELinux (sVirt):
"(Crackers have already broken though the xen hypervisor,
as I documented in one of my previous blogs.

Adventures with a certain Xen vulnerability (pdf)
was just published which contains a Xen vulnerability
which allows a process in a virtual machine
to attack the host machine,
and SELinux is pretty much a speed bump in his way.
3.4
What actions are available for an uid 0 process
running in thesystem u:system r:xend t:s0 context?
It turns out that default SELinux policy allows very few.
For instance, we cannot write to system configuration files,
nor load kernel modules.
However, qemu-dm processes also implement
virtual block devices for HVM guests,
and these devices can be backed by raw disk partitions.
In order to make it possible,
the default SELinux policy grants xend t domain
the read-write access to all disk partitions.
The relevant lines in the SELinux reference policy
(from the default selinux-policy-3.0.8-44.fc8.src.rpm)
are: storage_raw_read_fixed_disk(xend_t)
storage_raw_write_fixed_disk(xend_t)
Particularly, qemu-dm (so, the shell executed from it as well)
can write to the blocks on the root filesystem.
Through the use of fixed disk the attacker
is able to trick the host operating system
into loading kernel modules that can take over the machine.
If we had forced the users to label the physical disk partitions,
this vulnerability would not have been exploitable.
Lesson learned.
When it comes to virtualization going forward,
I plan on forcing the user to apply the correct labeling.
KVM/QEMU have nice process separation
and make confinement easier.
virt_manager and libvirt are being built with SELinux
understanding in them.
virt_manager will setup the labeling correctly
when virtual images are installed
and libvirt will make sure they run in the correct domain
when they are launched.
In the future we want to protect not only the host machine
from the virtual machines,
but the virtual machines from each other.
Watch for information on in the future

In conclusion,
as we move towards more widespread use of virtualization,
we should avoid making compromises in security
for the sake of usability,
but work toward making security usable.) .
Want to know how to make Linux really secure?
http://www.linuxsecurity.com/content/blogcategory/171/167/
Security Enhanced Linux (SE Linux),
a system of security policies developed by the NSA,
lets you secure Linux at every level from the kernel up.
Find out how EnGarde Secure Linux and others
build and maintain a truly secure server environment.

secure virtualization with MAC
selinuxproject.org/page/SVirt

2010-05-31

ubuntu lucid saves a fujitsu laptop

rev.addn/xuw/why linux on xpw didn't work:
5.10:
. I had linux on this laptop once before;
so, what were the problems that had me switching back?
. I couldn't get screen brightness down;
then I crippled the wifi trying to network with mac .
5.11:
. there are ubuntu pages for my new wifi card,
but that wasn't a problem if I didn't mess with networking .
http://ubuntuforums.org/showthread.php?t=1387483
http://www.backports.ubuntuforums.org/showthread.php?t=1353044

5.31: summary:

. ubuntu 10.04 (lucid) did find my laptop's wifi
and even the brightness -- a feat mac can't do
even with it's own monitors! (imac 24") .

. I first tried the netbook version
and couldn't figure out why the menu's icon's were so huge .
huge icons are great on an ipod touch,
but they were making me [/]scroll
through a tiny menu!
. I got obsessive about rearranging the submenu's
so that none of them would need scrolling .
. along the way I delete any icons I didn't need;
duh, it was as if I'd actually deleted app's .
. after that I lost control of the gui
and couldn't even find a way to reach a terminal!

. I finally got back in there
after installing a 2nd ubuntu
(try the desktop version this time);
when I went back in rescue mode
it would add a lightweight gui
where I could backup my bookmarks etc .

. the desktop edition with gnome windows
is really working well .
. there are several niceties that expect gnome:
mercurial distributed version control,
and a default login that was auto-starting my wifi
-- I lost the auto-start after switching
from gnome to xfce4 .
. the reason I switched is that when you do ctrl-tab
to switch between windows,
gnome does the huge flashy act
that gives me epileptic fits !
. I like the {mac, pc} style of just showing
an array of icons, not flipping through every window .
. but I'm definitely going back
for mercurial integration .

ubuntu's WYSIWYG web editors

web.addn/free html editors:
5.31: web:

>> Ubuntu >> Packages >> lucid >> web:

KompoZer WYSIWYG web page editing.
a complete Web Authoring System
that combines web file management
KompoZer is designed to be extremely easy to use,
making it ideal for non-technical computer users
who want to create an attractive, professional-looking web site
without needing to know HTML or web coding .

web based HTML WYSIWYG editor
TinyMCE is a platform independent web based
Javascript and HTML WYSIWYG editor control
released as Open Source under LGPL
by Moxiecode Systems AB.
It has the ability to convert HTML TEXTAREA fields
or other HTML elements to editor instances.
TinyMCE is very easy to integrate into
other Content Management Systems.
* Easy to integrate, takes only two lines of code.
* Customizable through themes and plugins.
* Customizable XHTML 1.0 output.
* Block invalid elements and force attributes.
* International language support (Language packs)
* Multiple browser support, Mozilla, MSIE, FireFox, Opera and Safari
. version 2 of tinymce is older version
the google web app way -- openware:
www.openwebware.com/
. a free cross-browser WYSIWYG editor
that's packed with every rich-text editing feature
you need to make your content management system
that much better.

Setting up openWYSIWYG is so easy,
you can quickly turn any html`textarea
into a powerful WYSIWYG editor
with just a few simple lines of code.

Packed with every rich text editing feature you need,
openWYSIWYG gives you total control over formatting your text.
The ultimate html`textarea replacement
for your content management system.
Coded Entirely in JavaScript
Regardless of what language you use to code your web applications,
openWYSIWYG will work.
openWYSIWYG is coded entirely in client side JavaScript,
so it will work with any web programming language .
other tools

Text-to-HTML conversion tool
Markdown is a text-to-HTML conversion tool for web writers. It allows you to write using an easy-to-read, easy-to-write plain text format, then convert it to structurally valid XHTML (or HTML).

Macro processor for HTML documents
Mp4h is a core component of the Website Meta Language (WML).
Mp4h is a macro processor for HTML documents,
with powerful programming features.
It allows definition and expansion of new tags
with a syntax familiar to HTML authors.

off-line HTML generation toolkit
WML (Website META Language) is a
free and extensible Webdesigner's off-line
HTML generation toolkit for Unix.
WML consists of a control frontend
driving up to nine backends
in a sequential pass-oriented filtering scheme.
Each backend provides one particular core language.
For maximum power WML additionally ships with
a well-suited set of include files
which provide higher-level features
build on top of the backends core languages.
While not trivial and idiot proof
WML provides most of the core features
real hackers always wanted for HTML generation.
Homepage: www.thewml.org/

Content management platform to maintain complex web sites
WebGUI is a content management platform based on
Apache, mod_perl and MySQL,
built to allow average business users
to build and maintain complex web sites.
It is modular, pluggable, and platform independent.
. get some detail$ . no mention of wysiwyg .

pretty print html
hindent

error-tolerant HTML parser for Python
The BeautifulSoup class turns arbitrarily bad HTML
into a tree-like nested tag-soup list of Tag objects
and text snippets.
A Tag object corresponds to an HTML tag.
It knows about the HTML tag's attributes,
and contains a representation of everything contained
between the original tag and its closing tag (if any).
It's easy to extract Tags that meet certain criteria.

HTML syntax checker and reformatter
Corrects markup in a way compliant with the latest standards,
and optimal for the popular browsers.
It has a comprehensive knowledge of the attributes
defined in the HTML 4.0 recommendation from W3C,
and understands the US ASCII, ISO Latin-1, UTF-8
and the ISO 2022 family of 7-bit encodings.
In the output:
* HTML entity names for characters are used when appropriate.
* Missing attribute quotes are added, and mismatched quotes found.
* Tags lacking a terminating '>' are spotted.
* Proprietary elements are recognized and reported as such.
* The page is reformatted, from a choice of indentation styles.
Tidy is a product of the World Wide Web Consortium.

check websites and HTML documents for broken links
linkchecker-gui

Makes an HTML site map from meta tags from other HTML pages
This Python script reads the META DESCRIPTION tags
from all HTML files under a directory
and generates a site map from them.
It can be easily configured with a simple dotfile.

5.21: about.com's take:

Aptana Studio Community edition:
"( Instead of focusing on the HTML,
Aptana focuses on the JavaScript
and other elements that allow you to create Rich Internet Applications.
One of the things I really like
is the outline view that makes it really easy to visualize the DOM.
This makes for easier CSS and JavaScript development.
If you are a developer creating Web 2.0 applications,
Aptana Studio is a good choice.)
5.31: not easy to find:
. for linux as app or eclipse plugin;
but not installable by ubuntu .

Screem:
"( Screem is a versatile text Web page editor and XML editor.
It recognizes the Doctype you're using
and validates and completes tags based on that.)
5.31: Screem ubuntu lucid download is missing:
--. for hardy but not lucid (the current release)
"(Unlike most other web site / HTML editors
SCREEM does not provide a WYSIWYG display of pages.)