Monday, October 6, 2014

Fedora 20 as a (viable!) Windows Desktop Replacement

So I've been bound to windows desktops for so long, that it's been my second nature for workstations. My de facto preference for most server environments are Linux, so I've been between both worlds for quite some time.

My Windows7 machine suffered an OS failure a couple months ago, after almost 4 years of constant everyday use. I installed Windows 8 and was relatively happy with it until it just decided to screw over my WIFI. Nobody messes with my WIFI.

I finally decided to chuck the 15 year Redmond tether and go for broke. I'm gonna run Fedora 20 as a desktop environment, and I'm never looking back. Or so I hope.

Anyhow, FC20 is nice, but to make the environment a bit more aesthetic and a bit more intuitive for use by longtime Windows users I've compiled a "Sanity list". These make everyday use a bit less complicated and quite easy to forget that you're running Linux, traditionally seen as a big, bad, complex beast.

I'll explain why in line, followed by the instructions to accomplish on Fedora 20. This assumes a base Fedora 20 installation has been completed, with a default Gnome desktop.

If you ever decide to take the plunge, this can probably help you break the windows habit ;)

Why Fedora?

Tweak List as of 06-OCTOBER-2014

- install cinnamon, a pretty good looking desktop environment.
This can be selected from the settings icon on the default login screen and it will be the future default afterwards.
sudo yum groupinstall cinnamon

- install infinality, some font eyecandy.
There are a number of styles, I prefer the OSX style on my 4 year old Dell Latitude display
sudo rpm -Uvh http://www.infinality.net/fedora/linux/infinality-repo-1.0-1.noarch.rpm
sudo yum -y install freetype-infinality fontconfig-infinality
cd /etc/fonts/infinality/
./infctl.sh setstyle osx 
(personal pref - more options are in README documentation)

- install MSTTCoreFonts
You have to admit that MS ships with some solid fonts. If you want to avoid formatting issues with opening MS Office docs with LibreOffice, this is a pretty good idea.

sudo yum install cabextract
sudo yum install http://sourceforge.net/projects/mscorefonts2/files/rpms/msttcore-fonts-installer-2.6-1.noarch.rpm
- install vlc
This is another personal preference; VLC is a solid media player and works great on Windows as well as Linux
su -c 'yum localinstall --nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm'
sudo yum install vlc

- install flash player
As much as I didn't want to, there are still several sites that I use that are flash based. A necessary evil.
rpm -ivh http://linuxdownload.adobe.com/adobe-release/adobe-release-i386-1.0-1.noarch.rpmrpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linuxyum check-updateyum install flash-plugin nspluginwrapper alsa-plugins-pulseaudio libcurl

- install google chrome
Chrome is a great addition to Fedora, compliments the use of Firefox, which I personally find to be a bit bloated now.
cat << EOF > /etc/yum.repos.d/google-chrome.repo
[google-chrome]
name=google-chrome - \$basearch
baseurl=http://dl.google.com/linux/chrome/rpm/stable/\$basearch
enabled=1
gpgcheck=1
gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub
EOF
yum install google-chrome-stable

- install skype
Skype, almost a universal tool for free webcalling. I installed it because I use it a lot for international calling to the US for free.
wget http://download.skype.com/linux/skype-4.2.0.11-fedora.i586.rpmsudo yum install skype-4.2.0.11-fedora.i586.rpm

- install dropbox
I've been using dropbox on all my boxes, it's a great way to keep some personal docs on the cloud and have multiple versions for backup.
cat << EOF > /etc/yum.repos.d/dropbox.repo
[Dropbox]
name=Dropbox Respository
baseurl=http://linux.dropbox.com/fedora/19/
gpgkey=http://linux.dropbox.com/fedora/rpm-public-key.asc
EOF
sudo yum install nautilus-dropbox

- install google talk
I consider this an optional item. You may or may not actually need this.
wget http://dl.google.com/linux/direct/google-talkplugin_current_i386.rpm
yum install google-talkplugin_current_i386.rpm --nogpgcheck
- install teamviewer
TeamViewer is an excellent desktop sharing/control tool that comes in handy to access my laptop remotely if needed.
wget http://download.teamviewer.com/download/teamviewer_linux.rpm
Additional tweaks:

- tweak boot timeout behaviour
Shorten the time to countdown the OS selection
vi /etc/default/grub
GRUB_TIMEOUT=0
GRUB_HIDDEN_TIMEOUT_QUIET=true
grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg

- logind tweaks
These control some suspend/hibernate options when the lid is closed. You can decide if you need these.
vi /etc/systemd/logind.conf
HandleSuspendKey=ignore
HandleHibernateKey=ignore
HandleLidSwitch=ignore
HandlePowerKey=poweroff

- eyecandy that can be installed through the extensions menu
(Settings -> Extensions)
Opacify


That's it for now. I'll add to this post and drop a datestamp with any new additions!
Image courtesy http://www.fedoraproject.org

Monday, August 25, 2014

Fedora 20 - Missing WIFI driver/support on clean install

I've started a little experiment on porting a crashed windows 7 Laptop (Dell Inspiron 1525) over to Linux. Why Linux at this point? The crash was largely due to the infamous Windows Update Issue. For me that was the straw that broke the camel's back.

The experiment part of this update comes from the fact that the user has never really used Linux before, so this is really a true test of the user-friendliness of the OS, once initially set up. My weapon of choice was Fedora 20, largely because I'm entrenched in the RHEL distribution tree for almost everything that I do, so it's naturally easier for me to troubleshoot quickly.

The installation and initial configuration went pretty smoothly, except for the fact that out of the box, WIFI appeared nonexistent. This was not a big problem, as it worked on a Kali Linux Live USB, so I knew that the hardware was fine. From the old install I knew that the device was Broadcom based, so I had a launch point.

Credit to http://wireless.kernel.org/en/users/Drivers/b43 for thoroughly documenting the resolution of this issue.

First check the device for support:
0. As root:
lspci -vnn -d 14e4:

It spat out some device information, including the model, in my case the Broadcom Corporation BCM4312, which was supported by the b43 driver. I compared the output to the corresponding CHIP ID segment on the table
Taken from: http://wireless.kernel.org/en/users/Drivers/b43

PCI-ID
Supported?
Chip ID
Modes
PHY version
Alternative







14e4:4315
yes
BCM4312
b/g
LP (r1)
wl

The Fedora specific instructions are as follows:
1. Install the firmware extractor tool
su -
yum install b43-fwcutter wget

2. Install the driver
Define the Firmware path (Fedora specific)
export FIRMWARE_INSTALL_DIR="/lib/firmware"
Download and extract the Broadcom driver
wget http://mirror2.openwrt.org/sources/broadcom-wl-5.10.56.27.3_mipsel.tar.bz2
tar xjf broadcom-wl-5.10.56.27.3_mipsel.tar.bz2
Install the driver
sudo b43-fwcutter -w "$FIRMWARE_INSTALL_DIR" broadcom-wl-5.10.56.27.3/driver/wl_apsta/wl_prebuilt.o

3. Reboot

These steps were sufficient for me, as soon as I rebooted the WIFI was available to connect. If these steps do not solve your issue, you may need to blacklist older drivers. Take a read here: http://wireless.kernel.org/en/users/Drivers/b43

Maybe I'll break the chains of Microsoft bondage on my own laptop - which oddly enough, works swimmingly on a fresh Windows 8.1 installation. We'll see.
-noveck



Wednesday, July 23, 2014

Introduction to Linux Systems Administration (a Workshop)

I recently delivered a free 5 (half) day workshop on an Introduction to Linux Systems Administration. The information was culled from a range of web sources, classes and personal notes, so all credit to the respective sources. All practicals were tested on a vanilla CentOS 6.5 Virtual Machine on VMWare Player, which is free for personal use.

At the end of the workshop, I asked the participants to describe what they thought of Linux using one or two words, and this was the result:

I'd like to share the PDF version of the presentation and if you have any feedback, drop me a line. It's very much a work in progress and I welcome your contributions!

-Noveck

Monday, June 2, 2014

Migrating a Virtual Machine from VMWare Player to ESXi

This post covers the migration of a virtual machine from a VMWare Player environment, which is located on my workstation (Windows 7 64-bit), to a VMWare ESXi server in my datacenter.

Both are the free versions, so they don't have all the fancy bells and whistles as the awesome licensed versions.

It took a bit of doing, but it's relatively straightforward.


1. Upgrade VMWare player (if necessary)
I realized that I was using version 3.0, and was a 'few' versions behind. Newer versions contain the OVFTool, which we will use to create the ESXi ready OVF.
Visit here: http://www.vmware.com/products/player


2. Upgrade and Reboot your pitiful workstation.

3. Read the VMWare OVFTool guide. Or not.

4. Login to the Virtual Machine in VMWare Player and uninstall the VMWare Tools. Reboot VM.

5. When VM boots, ignore any driver errors. Do a clean shutdown.

6. Export the OVF from the VM
Open Command Prompt as Administrator
cd C:\Program Files\VMWare\VMWare OVF Tool


Make sure the tool works, run the help
ovftool -h

You should be presented with a range of flag options.

Export the OVF
ovftool "C:\Path to VMname.vmx" "C:\Path to place OVF"
If the output does not look like this, it might be a good idea to check the documentation.






7. Import the OVF Into VMWare ESXi
Login to your ESXi Host
Click File -> Deploy OVF Template
Browse to "C:\Path to place OVF" as specified in step 6.
Use defaults, or configure accordingly.
When completed boot VM in ESXi, enable the network adapter and update the IP/Hostname or any other relevant configuration.

That's it!

Wednesday, April 2, 2014

Issues with Percona Xtrabackup on CentOS 5/MySQL 5.0

I've got a couple servers that really can't move from CentOS5 / MySQL 5.0 just yet, and while attempting to restore a MySQL InnoDB database backup using percona's innobackupex/xtrabackup, I got the following error (hashtags added, 'cause I can't remember the exact preamble.):


Can't exec "xtrabackup_51": No such file or directory at /usr/local/bin/innobackupex-############

#### fatal error: no 'mysqld' group in MySQL options
 
Absolutely freaking beautiful.

 Turns out that it's caused due to the automatic yum update to  version 2.1.x of the xtrabackup application, which uses the MySQL 5.1+ plugins and fortunately, it's a very quick fix, even though I nearly pulled out what little hair I have to figure it out. Thankfully percona includes the last version with their repo, so it's just to specify the version and it's gonna work again.


0. Got root/sudo


1. Remove existing xtrabackup package.  
yum remove xtrabackup

2. Check that the older version of the package is available from the repo 
yum list | grep percona


3. Specify/Install version 2.0 explicitly (choose based on your OS version!)
yum install percona-xtrabackup-20.x86_64


It's as simple as that! No need to pull out your hair just yet or try to build from source, which is it's own piece of work thanks to cryptic documentation.

To avoid this from happening again, I'd suggest disabling the percona repo when doing a yum update for the entire server, or manually patching the version by calling yum update percona-xtrabackup-20.

Cheerio
-noveck

Thursday, March 6, 2014

SSL Secured Apache Webserver

Here's a quick way to run an SSL Secured Webserver. Ideally, a trusted Certificate Authority should be used, but as a proof of concept, we'll be generating our own self-signed certificate.

This assumes a fully functional Apache Webserver running on CentOS Linux.

0. Login as root/sudo into the terminal

1. Install prerequisites
yum install mod_ssl openssl

2. Generate Certificate / Private Key
(or use instructions from trusted CA with a purchased certificate) 
openssl genrsa -out ca.key 1024

3. Generate Certificate Signing Request (CSR)
openssl req -new -key ca.key -out ca.csr

4. Generate Self Signed Key
openssl -x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

5. Copy files to appropriate locations
cp ca.crt /etc/pki/tls/certs
cp ca.key /etc/pki/tls/private/ca.key
cp ca.csr /etc/pki/tls/private/ca.csr

6. For SELinux
restorecon -Rvf /etc/pki

7. Update the Apache SSL config file
vi +/SSLCertificateFile /etc/httpd/conf.d/ssl.conf

Edit the two entries in the file

SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key


8. Restart Apache
service httpd restart



9. Configure the firewall to accept incoming SSL requests
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
service iptables save
iptables -L –v


10. Test
From a web browser hit https://servername.com and the page should be displayed.


Finito!
Now get some coffee.:)

-noveck



Thursday, January 2, 2014

Troubleshooting VNC Connection error

So I'm back out to work after a nice vacation, so I should have seen this coming, right?

When attempting to connect to my VNC Server from my client, a nice error message popped up.
Unable to connect to server.
I managed to ssh into the server, but the VNC Server refused to restart:

[myuser@xxxxxx tmp]# service vncserver restart
Shutting down VNC server: 3:myuser                         [FAILED]
Starting VNC server: 3:myuser
Warning: xxx.xxx.xxx:3 is taken because of /tmp/.X3-lock
Remove this file if there is no X server xxx.xxx.xxx.xxx:3
A VNC server is already running as :3                         [FAILED]







Long story short, I had to delete the lockfile and socket in order to be able restart the VNC Server.

0. Login as root/sudo
1. Remove lock file and socket
rm -rf /tmp/.X3-lock
rm -rf /tmp/.X11-unix/X3

2. Restart vnc service
service vncserver restart