Justin.MadIrish.net

TrueCrypt is a great encryption utility that is available for several operating systems and uses. TrueCrypt will let you create encrypted volumes, encrypted devices, or even do whole disk encryption. I use TrueCrypt on Windows and Linux, and it's handy to be able to move encrypted volume files from one operating system to another and be able to mount them. Unfortunately, due to some disputes over licensing, Mandriva has re-branded TrueCrypt as RealCrypt and distributes it with Mandriva. I've had some problems getting the RealCrypt RPM's to work, and for this reason I decided to go ahead and install TrueCrypt 6.0 on my Mandriva 2008.1 system.

I've been using Linux as my primary OS for a while now, but there are still a lot of tasks for which I still need Windows. For instance, I have a CanoScan 4200f which doesn't have any Linux support at this time. Often, when you need Windows applications on a Linux box, Wine is sufficient. If, however, you need device support that is only available in Windows then a virtualization solution is much more appropriate. I've tried out both VMWare (player and workstation) and VirtualBox in order to meet this need with varying success from each. I find that VMWare tends to have much better networking support and options. For instance, it's easier to run multiple VMWare images, each with it's own bridged IP (meaning machines other than the host can see them).

So this story has been floating around for a while, but if you haven't heard already several Red Hat servers, including some used for Fedora, were compromised in the last couple of weeks. Details were slow in emerging, but Red Hat has finally confirmed that some OpenSSH packages for Red Hat Enterprise (RHEL) 4 and 5 could have been compromised. Full details, including how to detect bad packages and updates, can be found at http://www.redhat.com/security/data/openssh-blacklist.html. The full Red Hat advisory can be found at https://rhn.redhat.com/errata/RHSA-2008-0855.html.

The CERT for Germany`s National Research and Education Network (DFN-CERT – Deutsches Forschungsnetz) is warning of a new spate of attacks using a variant of the Phalanx Linux rootkit. Once installed this rootkit harvests SSH keys and other credentials which an attacker can use to access other victims. Fortunately the rootkit seems fairly easy to detect if you know what to look for. The rootkit creates a hidden directory, /etc/khubd.p2/, that is used to collect information. This directory is hidden, and the rootkit uses methods to hide its running processes and other telltale signs of its existence. Sometimes the name of the hidden directory is changed, but if you try to 'cd' into the directory and it doesn't exist, you can try creating the directory and doing an 'ls' .

Recently while trying to install Zend Studio 5 on my Linux system I got the following error message:

error while loading shared libraries: libc.so.6

After searching around on the net for a while I figured out a solution. You have to alter the install script (ZendStudio-5_0_0.bin) as follows:

[root@localhost Zend]# tar -xvzf ZendStudio-5_0_0.tar.gz 
ZendStudio-5_0_0.bin
[root@localhost Zend]# cp ZendStudio-5_0_0.bin ZendStudio.bin
[root@localhost Zend]# cat ZendStudio.bin | sed "s/export LD_ASSUME_KERNEL/#xport LD_ASSUME_KERNEL/" > ZendStudio-5_0_0.bin
[root@localhost Zend]# ./ZendStudio-5_0_0.bin

This fires up the installer without error. Note that to run the program I have to do it from the correct install directory like so:

[justin@localhost ~]$ cd /usr/local/Zend/ZendStudioClient-5.0.0/bin/
[justin@localhost bin]$ ./runStudio_unix.sh 

The file /etc/resolv.conf is used by Linux systems to identify DNS servers used to resolve host names into IP addresses. On Mandriva (and other) systems, resolv.conf is actually a file generated by the program resolvconf. This leads to an interesting situation when you view the /etc/resolv.conf file because you are greeted with a strange warning:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN

This is curious because if you don't edit the listings in this file where should you edit them? Of course many distributions have a GUI for managing your network connections but if you're stuck at the command line you might have to go digging.

Recently I decided to install Wine so that I could run some old Windows games that I had purchased for next to nothing. After a couple of years it seems that game values plummet. I took a look at the Mandriva RPM's but they were a little older than the current Wine distribution and I know a lot of active development goes into Wine so I decided to download and compile the source myself to get the latest version. There are quite a few snafus in the install, so be sure to watch errors carefully. You'll need a few libraries installed beforehand to make sure things go smoothly. In any case remember 'urpmq -f' is your friend for finding packages. The first thing to do is download the distribution .tar.gz from Wine. Next unpack the archive using:

$ tar -xvzf wine-0.9.42.tar.gz

Mandriva 2007 (http://www.mandriva.com) has an interesting implementation of Apache 2. There are a lot of non-standard implementations that will drive you crazy if you don't know where they are or what they do. One instance of this configuration is the handling of SSL if you have apache-mod_ssl installed. Normally your virtual hosts are controlled from within the file /etc/httpd/conf/vhosts.d/Vhosts.conf. This has changed in the latest distribution and Mandriva seems to have moved to a more inetd style of configuration files. Now the virtual hosts file is in /etc/httpd/conf/vhosts.d/00_default_vhosts.conf. The 00 prefix would tend to indicate that this is the first virtual host file to be loaded, but that others could be appended or loaded outside of this one. I actually tested this out and it works. For instance, say you have two virtual hosts and you want to list them separately.