Microsoft gets good reception at Black Hat

LAS VEGAS--Microsoft's presentations on Windows Vista are not the typical Black Hat talks, but attendees are welcoming the look behind the scenes at the software giant.

The annual Black Hat Briefings security confab here traditionally focuses on hunting for bugs and attacking computers. But this year, for the first time in the event's 10-year history, several sessions are focused on the security--rather than the insecurity--of a single vendor's product. Microsoft, a platinum sponsor, is giving presentations on Vista.

There had been some concern that the Black Hat crowd would balk at what could be a giant infomercial presented by a major event sponsor. But the talks on Thursday morning came close to filling a giant ballroom at Caesars Palace, attracting a bigger audience than many of the typical Black Hat sessions.

"I haven't felt it as a marketing pitch. It was a very technical discussion about how code review is done at Microsoft," said Josh Hoover, a veteran Black Hat attendee from Phoenix who works in security at a large financial institution. "Of course, it is all lip service at this time, until we get to test it," he added.

Microsoft is handing out an early version of Vista at Black Hat and is soliciting feedback from attendees. "We hope that they will look at it and if they find any security issues we hope they will tell us," Steven Lipner, senior director for security engineering strategy at Microsoft, said in an interview.

The version of Vista being released at Black Hat wasn't specifically designed for the conference, but a recent stable build of the operating system, Lipner added.

Inside Vista
Microsoft's Black Hat presentations cover various aspects of security in the operating system update, including broad talks on fundamentals and security engineering, and specific sessions on networking technology, Wi-Fi, heap management enhancements, and Internet Explorer 7. Vista is the successor to Windows XP and is slated to be broadly available in January.

In a session on Thursday morning, John Lambert, a group manager at Microsoft, talked about the focus on security in the company's engineering process. Vista is the first client operating system release to have gone through Microsoft's Security Development Lifecycle, a process designed to prevent flaws and vet code before it ships.

Lambert said the company has examined all of the security alerts it had to send out for flaws in previous versions of Windows. "We looked at all the security bulletins that we issued and why we did not catch those bugs in design," he said.

Other parts of Microsoft's effort to make Vista the "most secure version of Windows yet," in the words of Windows chief Jim Allchin, include looking for new bugs and using scanning tools. It also means calling on human hacking power, both inside and outside Microsoft, Lambert said. He mentioned the "Blue Hat" events, where Microsoft has invited hackers to come to its headquarters to talk security.

"This is the largest commercial penetration test in history," Lambert said, speaking about the security tests Microsoft is putting Vista through before its release.

The audience appeared very interested in the presentation, and at times people broke out in laughter, for example when Lambert talked about the public disclosure of a serious flaw right after the release of the Beta 2 of Internet Explorer 7. How did Microsoft react to that? Lambert showed an animation of a man banging his head on a keyboard.

But after the initial embarrassment, Microsoft realized that it had actually found the IE 7 flaw a couple of months earlier, it just had not been addressed in that beta release, Lambert said. Before final release, bugs like that will be fixed, he said.

Several attendees, including Hoover, said they found the talk appealing. "I didn't come here to learn how to hack," he said. "I am here to learn how Microsoft is making the world better for us. If they are doing what they say they are, they are definitely headed in the right direction."

Others agreed with Hoover's assessment. "It is education about Vista security, and that's always better to get directly from Microsoft," said Ross Mackenzie, a security specialist for an Australian bank and a first-time Black Hat attendee.

Richard Bjerregaard, a systems administrator at IBM in Denmark, was happy to hear that Microsoft is using code-auditing tools. "They are doing a lot of things right," he said.

Though some might perceive Microsoft's Black Hat sessions as a sales pitch, the reality is that the company already owns the market, Hoover said. "Obviously, they want you to upgrade," he said. "But as much as people like to pick on Microsoft, most of the known world uses it."

Debian Linux Adopts OpenVZ Virtualization Software

The OpenVZ project (www.openvz.org) today announced its operating system-level server virtualization software technology is incorporated into Debian GNU/Linux giving users full access to OpenVZ software, which helps increase server utilization rates.

At the same time, the OpenVZ project revised licensing terms for its user-level utilities under the GNU GPL license to comply with the Debian Free Software Guidelines. Also, OpenVZ software now conforms with the LSB/FHS (Linux Standard Base/File Hierarchy Standard).

“This is an important milestone in delivering our open source virtualization software to the user community and the large base of Debian users,” said Kir Kolyshkin, manager of the OpenVZ project. “This represents another step in our mission toward gaining adoption as part of the mainstream Linux kernel and other Linux distributions, which now include Debian, Mandriva, Gentoo Linux, and ALT Linux Sisyphus.”

OpenVZ is operating system-level server virtualization software technology, built on Linux, which creates isolated, secure virtual environments on a single physical server – enabling greater server utilization and superior availability with fewer performance penalties. The virtual servers ensure that applications do not conflict and can be re-booted independently.

Debian (www.debian.org) is a free operating system for computer users, which uses the Linux kernel and adds functions from the GNU open source project including thousands of software programs available for easy installation. Initially, the OpenVZ software will be part of the Debian distribution known as "sid" or "unstable," which is where most development work is done.

Users can access helpful installation instructions from the OpenVZ wiki, http://wiki.openvz.org/Installation_on_Debian. The site serves as a forum to gain and share knowledge about OpenVZ and includes documentation and a knowledge base with helpful advice.

With the power of modern CPUs from both Intel and AMD (including the latest dual-core offerings), hardware is often under utilized. With virtualization technology, the server can effectively be split into many small ones, each running its tasks so that the whole server is utilized more efficiently.

Debian users will be able to provision physical servers to run applications on virtual servers, rather than a full physical server. The OpenVZ project makes available Debian templates that allow for almost instant (in many cases about a minute) provisioning of a virtual server.

“Making OpenVZ virtualization available is a huge benefit for the Debian user community,” said Till Brehm, chief technology officer, HowtoForge.com. “We can gain significant benefits by carving physical servers into logical units – most of all improved utilization rates, which results directly in saved money.”

The Debian software including OpenVZ can be downloaded here, http://packages.debian.org/unstable/devel/kernel-patch-openvz.

About Debian

Debian GNU/Linux is a free operating system, developed by more than thousand volunteers from all over the world who collaborate via the Internet. Debian's dedication to Free Software, its non-profit nature, and its open development model make it unique among GNU/Linux distributions.

The Debian project's key strengths are its volunteer base, its dedication to the Debian Social Contract, and its commitment to provide the best operating system possible.

About the OpenVZ Project

The OpenVZ project freely distributes and offers support to its users, promoting operating system virtualization through a collaborative, community effort. Since going into full production late last year, the OpenVZ project has been very active with the user community with more than 3,000 message posts on its support Forum. The OpenVZ website attracted more than one million hits for the month of April as more businesses and individuals explore and contribute to the leading open source operating system virtualization project.

OpenVZ software comes with user tools that help automate management of virtual servers. With its unique architecture that uses a single operating system instance, the virtual servers perform and execute like independent servers with their own memory, configuration files, users and applications. Each can be re-booted independently. Using template-based application deployment provides a simple way to get new virtual servers up and running in minutes and OpenVZ can run several times more virtual servers per CPU than other virtualization technologies.

Supported by SWsoft, the OpenVZ project serves the needs of the community developers, testers, documentation experts, and other technology enthusiasts who wish to participate in and accelerate the technology development process OpenVZ is open source software that is used as the basis for the SWsoft Virtuozzo virtualization software product. Also, the OpenVZ project maintains a blog site discussing virtualization technology, which can be accessed here, http://blog.openvz.org/.

Breaking into a laptop via Wi-Fi

LAS VEGAS--Flaws in the software that runs wireless-networking hardware could let an attacker break into a PC over Wi-Fi, security researchers warned Wednesday.

An attacker could gain complete control over a laptop by sending malformed network traffic to a vulnerable computer, David Maynor, a senior researcher at security service provider SecureWorks, said in a presentation at the Black Hat security event here.

Maynor, along with researcher Jon "Johnny Cache" Ellch, showed a video of a successful attack on an Apple Computer MacBook. However, the attack is possible also on other computers, both laptops and desktops, and not just MacBooks, the researchers said.

"These driver flaws are pretty common," Maynor said. Researchers are starting to find those bugs as they shift their focus from hunting for operating system flaws to exploitable errors in drivers and in applications, he said. The reason for the shift is that operating systems are becoming increasingly more secure, he added.

There is no immediate threat to the millions of laptop-toting wireless users. Maynor and Ellch are not releasing the details of their attack, and they deliberately did not show a live demonstration to prevent anyone from copying their attack.

"People who should be worrying about this are the hardware and software makers, so this doesn't make it into the mainstream," Maynor said.

Consumers should be streetwise when using their laptop by not connecting to networks they aren't sure they can trust and by disabling the wireless radio when it is not needed, Maynor said. "There is no need to run out and rip your wireless card out of your laptop, but you should take precautions," he said.

With their Black Hat talk, Maynor and Cache hope to wake up makers of buggy drivers. "We want to educate developers and hardware makers about this threat before it becomes a wide-scale issue," Maynor said. "We're not talking about something that people don't know about, but a lot of people don't know the severity."

Driver flaws have been getting more attention recently. Microsoft, for example, is readying tools for driver developers to scan their code for common vulnerabilities. According to a recent experiment by Intel flaws in driver software may be worrisome and a potentially serious threat, but there is no need for alarm yet.

To launch an attack using the Wi-Fi driver flaws, the would-be intruder needs to be within about 100 feet, or 30 meters, of its target--the typical reach of a Wi-Fi signal. However, new wireless technologies are extending this range significantly and could increase the threat, so new bugs will likely be found, Maynor said.

To facilitate an attack, the researchers found a way to remotely identify the wireless driver that a particular computer is running, Maynor said. Then malicious data traffic needs to be crafted and sent to the vulnerable PC. A flaw in the way that computer processes the data subsequently causes the compromise, he said.

Coincidentally, Intel late last week issued fixes for flaws in software that controls its popular Centrino wireless hardware. These patches are not related to the Black Hat research, Maynor said. The researchers have worked with hardware and software makers on the issue of Wi-Fi drivers, but not with Intel, he said.

Black Hat runs until Thursday.

SUSE Linux Enterprise Desktop 10 review

I've tested and/or reviewed every version of this operating system (now on its third name) since the first version, and each time I start out impressed but end up walking away disappointed. SUSE Linux Enterprise Desktop 10 is not an exception to this tradition. While it may be a decent desktop operating system, I can't possibly recommend that sysadmins rely on SUSE Linux Enterprise Desktop 10 in a production environment.

SUSE Linux Enterprise Desktop overview

Originally, SuSE Linux produced a corporate desktop distribution called SuSE Desktop. It used the old UnitedLinux kernel, but was otherwise much like the SuSE consumer desktop products of the same era. It was the first commercial corporate desktop GNU/Linux distribution, and had a large but quiet impact on the GNU/Linux distribution market. Sun Microsystems adopted SuSE Desktop for its first and second editions of the much-hyped Java Desktop System. Later, Sun decided that Java Desktop System would no longer refer to a specific operating system; instead it would be the name of the customized GNOME desktop theme that Sun uses for both Solaris and for future GNU/Linux-based operating systems that it releases.

When Novell bought SuSE, it changed SuSE Desktop's name to Novell Linux Desktop. With this release, Novell again changed its name, this time to SUSE Linux Enterprise Desktop 10. Though KDE was the traditional interface for all SUSE products, GNOME is now the standard desktop environment.

You can expect SUSE Linux Enterprise Desktop (SLED) 10 to include a majority of the packages necessary to run a desktop computer in a large business -- and not one single program more. The default installation differs little from the maximum installation, and the extra packages are really only for special-case situations.

What's new in version 10

First, the obvious: all of the standard packages have been updated. The kernel is at version 2.6.16.21, OpenOffice.org is at version 2.0.2, Firefox at 1.5.0.4, and GNOME is at version 2.12.2. Were you expecting KDE instead? With SLED 10, Novell has changed the default desktop environment from KDE to GNOME, thought KDE is still available if you wish to install it.

SLED 10's GNOME implementation has been modified from its highly usable default interface to to one that very much resembles Windows XP and Windows Vista in terms of functionality and menu placement. Taken as a whole, however, SLED 10's interface is unique enough that even seasoned GNU/Linux, OS X, and Windows veterans will have some initial trouble figuring out where things are and what everything does. After I became accustomed to GNOME ala SLED 10, I concluded that the interface design is only useful to people who need a maximum of eight programs (the number of programs that will fit in the "favorite programs" group that dominates your Computer menu). If I were to use this operating system long-term, I think I would have to modify the interface so that I can avoid the click- and scroll-heavy main menu. It is a big production to get to a program that isn't shown in the main Computer menu screen. If, after clicking on the Computer menu button, you need to use something that isn't considered a "favorite" application, you have to click another button, then scroll through a double list of installed programs in a separate window. SLED 10's GNOME implementation won't win any beauty contests, either -- it's plain and uninspired to the point that the bland theme actually further detracts from its usability by unintentionally disguising the Computer menu button. If you weren't familiar with the purpose and placement of the Windows Start menu or KDE K menu, you'd find SLED 10 very difficult to navigate.

Another major change in this release is in the software management framework. Novell ZENworks is now the default program for installing, removing, and updating software in SUSE Linux Enterprise Desktop (and other current SUSE products). If you want, you can still use YaST and YaST Online Update (YOU) for these tasks, but it has officially been deprecated in favor of ZENworks. Unlike the consumer-grade SUSE Linux 10.1, SLED 10's ZENworks implementation actually works as intended, though it still requires a small amount of configuration to allow normal users to access it. You also need to register your email address with Novell in order to activate ZENworks, but this is a quick and painless process that literally takes a few seconds. This registration process also enables proprietary software repositories in ZENworks, so you can download and install the Nvidia and ATI video card drivers, among other things.

Though they only very recently began to see usage in desktop operating systems (well, SUSE Linux 10.1 and DIY distros like Gentoo and Debian are the only ones so far), the XGL special effects engine and the Compiz window manager are included in SLED 10 and activated by default, assuming you register with Novell to get the required proprietary video drivers. Given the wide range of problems with these early XGL and Compiz releases, I'm surprised to see them included as standard packages in an "enterprise" operating system. Even if these packages were optional, I can't imagine any sane company rushing to provide support for them. I predict XGL will be a major source of trouble for Novell's support department over the next few months.

JFS support has been dropped from YaST, so if you had any JFS volumes, you'll be unable to manage them through the GUI. The JFS kernel module is still in place, however, so you can still read existing JFS partitions.

The default install includes an outstanding computer-based audio/visual training program and interactive help system to assist new users in learning how to operate and configure SUSE Linux Enterprise Desktop 10. The program is broken up into tasks, so you can skip directly to the section that applies to your situation. It's by far the best desktop GNU/Linux CBT that I have ever seen.

Lastly, the NetworkManager applet introduced in SUSE Linux 10.1 has been incorporated into SLED 10. It allows you to easily manage and connect to wired and wireless networks. I've got no complaints about NetworkManager at all -- I think it's an outstanding tool that every desktop operating system should have, and I'm glad to see it in SLED 10.

SLED 10: bland and buggy

Putting it to the test

Installing SLED 10 is easy and intuitive -- just like SUSE Linux 10 and 10.1 -- and not too much different than it's been over the past several releases. The default disk partitioning scheme is excellent; it assigns enough space to the root and swap partitions to run the system, then gives the rest to /home, where the bulk of your data will ultimately reside.

SLED 10's install routine intelligently detects laptop systems and installs the laptop package group by default. This group consists of wireless network drivers (Centrino, Atmel, Atheros), PCMCIA slot drivers, infrared drivers, and sleep/suspend software. Although this group is not selected by default on desktop systems, the Madwifi (Atheros) wireless drivers are still installed if you have a wireless PCI card that needs them.

SLED 10 can authenticate users against the local system (/etc/passwd), OpenLDAP, NIS, a Windows domain, and eDirectory LDAP, a selection I found to be rather eclectic.

I was pleased to learn that the default SLED 10 install included Firefox plugins for Java, Flash, Adobe Acrobat (PDF), RealPlayer, and Citrix. That means that there is little or no post-install configuration or hacking to be done to make the Web browser meet the expectations of the average business desktop computer user. The only thing that is missing is the ability to play video files through Firefox. The absence of such a plugin could prevent important work-related activities like attending online meetings, viewing product demos, and participating in computer-based training programs. As is now customary, I have written a guide to show you how to add missing pieces like these.

While there was a Java Runtime Environment installed, it was the older 1.4.2 version. Since there are significant, oft-used features in Java 5.0 (1.5.0) that are not backwards-compatible with older JREs, I'm puzzled as to why Novell did not go with the newer version. To add insult to injury, there are absolutely no integrated development environments included with or officially available for SUSE Linux Enterprise Desktop 10. No NetBeans, Eclipse, Bluefish, Screem, Quanta, or KDevelop - nothing. What are programmers supposed to do if their company installs SLED 10 on its desktop computers -- switch to Vim?

My first impression of SUSE Linux Enterprise Desktop 10 was quite negative. On my first test machine -- a desktop computer with an Asus A8N-E motherboard, 1GB RAM, an ATI Radeon X700 video card, and a 17" LCD monitor -- the default font settings were so tiny that I couldn't read any text. The login screen was fine, as was the virtual terminal, but everything in the GNOME desktop had its font set to what must have been the smallest size. I tried to mess with SaX2 for a while, and other YaST modules, but couldn't fix the problem.

Moving on to my Acer TravelMate 2300 laptop system, the first thing that happened after installation was a hard lockup. It turns out that SLED 10 doesn't get along with the Linksys WPC11 version 4 wireless network card, and the system crashes when it tries to connect to an access point. Further confounding my wireless networking options, I discovered that NDISwrapper is not installed by default; it is available in the standard SLED 10 package repository, though.

Lastly, the Synaptics touchpad on the TravelMate had the infamous scroll problem. This is fixed by installing a Synaptics control program like KSynaptics, which is not officially available for SLED 10. So you're stuck with an unfortunately remapped touchpad that wants to scroll the screen when you get near the bottom or right side of the pad. In Firefox, this makes the browser go back and forward in the page history.

Conclusions and developer recommendations

As a veteran of dozens of operating system reviews and hundreds of articles on computer technology, I have found that if you don't stop and recalibrate your frame of reference from time to time, you can start to accept the fact that most operating systems these days ship with obvious and easy-to-find problems. Not just software bugs, but configuration issues and usability blunders. In a free-of-charge BSD variant or GNU/Linux distribution, some of these sins are forgivable. But when you tell me that you have a product designed to work in a big business -- a real production environment where you lose thousands of dollars for every minute of downtime or lost productivity -- then you're throwing down the gauntlet and saying that this operating system is not just pretty good, it's damned good. Well, SUSE Linux Enterprise Desktop 10 is not good enough. This is definitely not what I would call an "enterprise" operating system; you would have to be crazy to deploy SUSE Linux Enterprise Desktop 10 on corporate desktop and laptop systems, considering your alternatives. Red Hat Desktop, though only available in volume orders with the higher classes of Red Hat server products and being comprised of somewhat older software, is a perfect example of an "enterprise" desktop OS. You can put OpenBSD and CentOS in the "enterprise" category as well. They don't crash, they accept a wide range of hardware, and have a better and more varied selection of business desktop software available for them. They're everything that SUSE Linux Enterprise Desktop 10 is not. Xandros and Mandriva also make outstanding, far more thoroughly tested business desktop operating systems that -- having reviewed two versions of each -- I consider to be superior to SLED 10. It seems to me that SUSE Linux Enterprise Desktop 10 is not so much Novell's attempt to push into the business market as it is an attempt to provide a for-profit version of SUSE Linux for home desktop users.

SUSE Linux Enterprise Desktop 10 is, in effect, what the buggy SUSE Linux 10.1 should have been. Or at least, that's the most positive way I can think of to say that both operating systems were insufficiently tested for their intended markets. I hope Sun Microsystems takes this first draft of an operating system, fixes the problems I listed in this review, and comes out with a killer Java Desktop System 3.

The following issues must be addressed before I will consider SUSE Linux Enterprise Desktop (assuming Novell doesn't change the name again before the next release) truly enterprise-ready:

• Improved release engineering. Did Novell fire its QA department or something? I found showstopping bugs in this product within five minutes of post-install use. That is totally unacceptable for a supposedly production-ready operating system. Don't give customers your beta builds and promise to try to fix them later.
• Synaptics touchpad configuration. Really this is a suggestion for the GNOME people, but nothing is stopping Novell from designing its own Synaptics touchpad configuration utility (or just including KSynaptics). At very least, X.org could be configured to disable touchpad scrolling by default. If you think I'm being petty about this seemingly minor issue, I challenge you to use SLED 10 for your daily computing work for three days with a Synaptics touchpad and we'll see how long it takes before you crack.
• Developers, developers, developers. SLED 10 doesn't have any IDEs. What operating system is the Web development team supposed to use? What about the programmers -- what OS do they use? Unless you want to hack SLED 10 to use SUSE Linux 10.1 packages, or download and install RPMs manually from the Internet, these people are left out in the cold. How many businesses do you know of that don't employ either a Web developer (or designer) or a programmer? The people at Novell who decide what packages go into the Enterprise Desktop product need to create a "Development" package group that includes popular integrated development environments and other development packages.
• Forget XGL. Graphical desktop effects have no place in an "enterprise" operating system. Principles aside, XGL is buggy and causes a variety of stability and usability problems, some of which are even listed in the SLED 10 release notes. If Novell knew that this undeniably superfluous technology caused so many problems, why on earth did the release engineers include it in the base system and enable it by default?
• Fix the upgrade problems. As much as sysadmins adore an operating system that they only have to apply occasional patches to, eventually everyone must upgrade. The bad news for SUSE customers is, upgrading from one version to the next can be difficult at best and impossible at worst. Smooth upgrading from one major version to another is an issue that every operating system developer struggles with, but again, this is supposed to be an "enterprise" operating system. System administrators expect an operating system that they don't have to mess with.
• Improve hardware autoconfiguration. SLED 10 was totally clueless when it came to detecting the size, resolution, and aspect ratio of two of my LCD screens. It also had trouble switching from the standard ATI driver to the proprietary one. Again, this is stuff that sysadmins don't want to bother with; the software should be able to do its own configuration.
• Improve usability. I found SLED 10's interface to be difficult to use. The Computer menu looks more like a minimized application than a menu button. It's also fairly nondescript, and if I wasn't already used to the K menu or Start menu being in the lower left corner, I wouldn't know what that "Computer" icon was. Furthermore, the menu structure is anti-productivity. Perhaps there should be a step during post-install configuration which asks each user what icons they would like in their "Favorite" group, rather than just guess and make them swim through a two-part menu system to get to the software they use most.

Hacking SUSE Linux Enterprise Desktop 10

Novell's SUSE Linux Enterprise Desktop (SLED) 10 is a decent business desktop operating system as-is. However, it does not appropriately meet the needs of a large portion of business professionals. Additionally, a great many regular consumers have been enchanted by SLED 10's ease of use and high degree of stability, but are disappointed with the home desktop software selection. This guide will show you how to install or upgrade the Java Development Kit, install software from the SUSE Linux 10.1 package repositories, and enable DVD movie playback in SLED 10.

A warning

Following most of the directions in this guide will alter your operating system in ways that are not supported by Novell. This article will show you how to modify SLED 10, and force it to depart from the standard configuration. All of these hacks have been tested and are believed to do no harm to your software; there are always possibilities, though.

Installing non-distribution software

SUSE Linux Enterprise Desktop 10 doesn't come with very many software packages, especially if your job involves software development, Web design, or desktop publishing. Fortunately, you can use packages from SUSE Linux 10.1 to fill the gaps. The procedure is as follows:

1. Click the Computer menu in the lower left, then select More Applications. Click the System link on the left, then YaST in the right pane (you'll probably have to scroll down a little to see it).
2. Enter your root password and press Enter.
3. Click the Installation Source icon in the right pane.
4. Click the Add button, and select HTTP from the drop-down list.
5. A dialogue for entering a new installation server should appear. In the server field, type this in:
   

   mirrors.kernel.org/opensuse/distribution/SL-10.1/inst-source

6. Click OK. It will be several minutes before the server is properly registered with your machine. Depending on your location, your Internet connection speed, and the traffic level of the server, it could take quite a while for this process to complete.
7. Repeat this process for the following server address:
   

   mirrors.kernel.org/opensuse/distribution/SL-10.1/non-oss-inst-source

8. Afterward you'll be presented with a license agreement. Click "Yes, I Agree to the Software License" if you do agree (or if you don't agree and don't care, and just want to get on with adding software).
9. Click the "Refresh On or Off" button, then click Finish.
10. You'll find yourself back in the main YaST screen. To install extra software, click the Software Management icon on the left, then either search or browse for the packages you want to install. Click Accept to install them.

I tested a few different packages to make sure that this process would work. There are, however, thousands of software packages in the SUSE Linux 10.1 repository, so it is possible that some programs may not work properly with SUSE Linux Enterprise Desktop 10.

If you continue with the rest of the instructions in this guide, upon restarting your computer you will more easily be able to install new software packages through ZENworks instead of having to go into YaST.

Installing the Java Development Kit

If you're going to be doing any Java programming on a SLED 10 machine, you need to have a JDK. Most people prefer to use the most recent version of the Sun JDK, as opposed to older editions or JDKs released by other companies or open source projects. For that reason, this guide will only cover the Sun Microsystems Java 5.0 Development Kit.

Installing the JDK 1.4.2 is quite simple. Just go to your Computer menu in the lower left, then click on Install Software on the right side of the menu. It may take a few moments for ZENworks to connect to the software servers. When it's ready, type in "Java" in the search field, then press Enter. Select the java-1_4_2-sun-devel package, plus any other similar packages that you may need for your projects, then click the Install button and follow the on-screen directions from there.

The Java 5.0 development kit is not available through standard SLED 10 channels. If you would like to install it anyway, first remove the old 1.4.2 packages by following this process:

1. Click the Computer menu, then select More Applications.
2. Click the System link in the left pane of the ensuing dialogue, then click on YaST in the right-hand pane (you may have to scroll down a bit to see it).
3. Input your root password when prompted.
4. When YaST comes up, click the Software Management icon in the right pane. Type "sun" into the search field, then press Enter.
5. Mark the 1.4.2 packages in the right pane for removal (click them twice; the garbage can icon should be next to each of them when they are properly marked for removal), and click the checkbox next to the 1.5.0 packages that you need. then click Accept. A window may come up to warn you that the 1.4.2 JRE is required for OpenOffice.org (this is irrelevant because you're replacing the 1.4.2 JRE with a newer version, but YaST doesn't know that). Select the option labeled "Ignore this requirement generally" and then click the "OK - Try Again" button.
6. When installation is complete, you can close YaST, or install your favorite Java IDE from the Software Management area of YaST as described above.

You don't have to restart your computer for the JDK changes to take effect, but if any programs that require the JDK or JRE are currently running, you will have to restart them.

Video playback: DVDs, Windows Media, and QuickTime

SLED 10 already has a number of multimedia codecs installed, but you won't be able to play commercial DVD discs or Windows Media files, and you won't be able to watch video clips through your Web browser. Be warned that following the processes in this section may violate copyright- and patent-related laws in your country. It is your responsibility to verify that this software is not illegal before you attempt the below procedure; proceed at your own risk.

First you need to install the decryption library. Here are the instructions for 32-bit SLED 10:

1. If you're using the 32-bit version of SLED 10, download and install the libdvdcss RPM from this address (just click the link if you're using Firefox in SLED 10 right now): http://download.videolan.org/pub/libdvdcss/1.2.9/rpm/libdvdcss2-1.2.9-1.i386.rpm.
2. Click OK in the Firefox file dialogue. The default option should be to install the package with ZENworks.
3. Click Install in the ensuing ZENworks window.

If you are on the 64-bit version of SLED 10, the process is more difficult. You'll have to install from source:

1. Click this link to download the DeCSS code: http://download.videolan.org/pub/libdvdcss/1.2.9/libdvdcss-1.2.9.tar.gz
2. When Firefox asks what you'd like to do with the file, select the Save To Disk option. The file isn't very big, so it should download almost immediately. You can close the Web browser now.
3. Open a terminal by clicking the Computer menu in the lower left, then selecting More Applications. Click the System link on the left, then Gnome Terminal in the right pane.
4. Type this command to switch to root permissions: su
5. It'll ask for your root password -- go ahead and type it in, then press Enter.
6. Now you need to switch to the directory that Firefox downloaded the file to: cd Desktop
7. Next, decompress the file you just downloaded. Type this in: gzip -d libdvdcss-1.2.9.tar.gz
8. Then unpack it from its archive by using this command: tar xvf libdvdcss-1.2.9.tar
9. The file will un-tar to its own directory, so you can now safely delete the tar archive: rm libdvdcss-1.2.9.tar
10. Now you need to compile the DVD decoding library. Change to the directory first: cd libdvdcss-1.2.9
11. And then run the configure program with this command (don't leave out the dot and slash): ./configure
12. When it's done configuring, run the make command to build the files: make
13. Finally, it's time to install the library: make install

The remaining instructions are valid for both the 32-bit and 64-bit versions of SLED. The next step is to modify ZENworks so that it uses checksums instead of signatures for repository verification:

1. Open up a terminal window by clicking the Computer menu, then More Applications. Click the System link on the left, then the Gnome Terminal icon on the right.
2. Switch to root permissions by typing this command: su
3. Copy and paste in the following command: rug set-prefs security-level checksum
4. Close the terminal -- you don't need to use it again for this article.

Next, fix the disabled Xine libraries so that they support DVD playback:

1. Start YaST by clicking the Computer menu, then More Applications, then the System link in the left pane, and the YaST icon in the right pane (scroll down a bit to see it).
2. Enter your root password when prompted.
3. Click the Installation Source icon in the right pane.
4. Click the Add button, then select HTTP from the drop-down list.
5. In the ensuing dialogue, copy and paste this address into the server field:
   

   packman.unixheads.com/suse/10.1

6. Click OK, then close the Installation Source window.
7. If you wish to install the Windows Media codecs and a Firefox plugin for watching video clips, click on the Software Management icon in the main YaST window. Search for the following terms:
   

   w32codec-all
mplayerplug-in
libffmpeg0

8. Click Accept, then agree to install the dependent packages. You'll probably have to have your SLED 10 installation discs available to complete this step.
9. Continue to follow the on-screen instructions until installation is complete. Close YaST when you're done.
10. Right-click the ZENworks update icon in the lower right corner. It should look like a globe with two arrows going around it, or a yellow circle with a white exclamation mark in the middle. A popup menu will come up; in it, select Refresh. It will take several minutes for ZENworks to check for updates.
11. Once ZENworks is finished looking for updates, the notification icon will turn into an orange circle with an exclamation mark in the middle. Click on it to bring up the ZENworks update tool.
12. When all of the updates are found, they will be presented for your inspection. De-select the Kino package if it appears in the list; this update seems to have trouble in SLED 10 as of this writing. Click Install once you've done that.
13. A dependency list will come up next. All it's doing is showing you what will be removed and/or installed. Click OK to proceed.
14. When all updates have been applied, click Close, then close the ZENworks updater. You now have the ability to play encrypted DVD movies, play Windows Media files, and watch videos on the Web.

Disabling the annoying Synaptics touchpad scroll feature

Of all of the "features" that I have ever been annoyed by, the Synaptics touchpad scroll areas is the most infuriating. If you have a Synaptics touchpad (most laptop computers do) and find that you are getting odd behavior in your Web browser, you probably need to disable the scroll feature of the Synaptics driver. This option reserves the bottom and right sides of your touchpad for scroll wheel functions. So moving up and down the right side of your touchpad will scroll up and down, and moving sideways along the bottom will act like a side scroll wheel. In a Web browser, the side scroll makes you go back and forward in your page history. Most people aren't used to this "feature," so it seems more like a bug -- a very annoying one at that. To disable it, you need the KSynaptics package:

1. Make sure the SUSE Linux 10.1 sources have been added as per the above instructions. If you have not restarted your computer since the beginning of this guide, it might be a good idea to do that now, so that ZENworks has a chance to enable all of the updates you applied (some of them require a restart).
2. When you're back at the SLED 10 desktop, click your Computer menu, then select Install Software. In the search field, type in KSynaptics and press enter.
3. Click the checkbox next to the KSynaptics entry, then click Install.
4. Follow any remaining on-screen instructions to install the package. When it's complete, you can close ZENworks.
5. Open your Computer menu, then click More Applications. You should see a Touch Pad icon near the top of the right pane in the New Applications section. Click on it.
6. Click on the Scrolling tab at the top of the KSynaptics window. Un-check all of the checkboxes in this screen, then click Apply, then OK. The scrolling feature is now disabled.

Microsoft, XenSource To Develop Interoperability for Longhorn

"Microsoft and XenSource today announced they will cooperate on the development [.pdf] of technology to provide interoperability between Xen-enabled Linux and the new Microsoft Windows hypervisor technology-based Windows Server virtualization. With the resulting technology, the next version of Windows Server, code-named 'Longhorn', will provide customers with a flexible and powerful virtualization solution across their hardware infrastructure and operating system environments for cost-saving consolidation of Windows, Linux and Xen-enabled Linux distributions."

Microsoft and XenSource

Two weeks ago Microsoft and XenSource announced an agreement to grant interoperability of virtual machines on upcoming Windows Server Virtualization and XenEnterprise virtualization platforms.
The move raised the attention of the whole IT world, involving licensing, supporting, security and performance issues.

virtualization.info interviewed both companies to further understand details of the agreement and spread some lights on what customers have to expect for the Microsoft hypervisor release.
To answer questions I met Mike Neil, Senior Director of Virtualization Strategy, Windows Server Division, at Microsoft, and Simon Crosby, CTO at XenSource.

To simplify questions and answers since now we'll call a virtual machine natively running on Microsoft hypervisor, Windows Server Virtualization, as WSV-VM and a Xen virtual machine natively running on XenSource hypervisor, XenEnteprise, as XE-VM.


Microsoft Side


virtualization.info: The WSV-VM running within XenEnteprise will have all capabilities it already has on Windows Server Virtualization or there will be some limitations?

Mike Neil: The technology resulting from this agreement will provide interoperability between Xen-enabled Linux guest operating systems running on Windows Server virtualization in Windows Server Longhorn. Windows guest running on XenEnterprise will continue to function in the same way they do today.
For customers with Premier-level support agreements, Microsoft will use commercially reasonable efforts to investigate potential issues with Microsoft software running in XenEnterprise or other non-Microsoft virtualization technology. Our product support policy is described here.


VI: The upcoming Virtual Machine Manager will be able to centrally manage XE-VMs along with WSV-VMs, including tasks like provisioning and live migration between hosts?

MN: The first release of System Center Virtual Machine Manager is focused on the management of Windows environments. That said, it will be able to centrally manage Linux guests.
Some of the things you can do with SCVMM and Linux guests are:

• Deploy Linux VMs in VHD format from the central library


• Configure the virtual machine parameters for Linux VMs, such as RAM and disk space


• Control the state of the virtual machine (start/stop, pause/resume, save/restore)


• Live migrate a running Linux VM from one physical host to another

These are features that are enabled by the System Center Virtual Machine Manager and Virtual Server 2005, or Windows Server Virtualization, and are not specific to the technology being developed as part of the XenSource agreement. Live migration of guests will be a feature for Windows Server Virtualization.


VI: Will Microsoft offer support for XE-VMs running on WSV? If so will it be equal to one offered for Linux guests natively created on WSV?

MN: We currently support Linux running as a guest in Microsoft Virtual Server 2005 R2 from both a technology perspective and a 24-hour technical support perspective. When we added the support of specific Linux distributions on Virtual Server 2005 R2, we made a long-term commitment to make sure that non-Windows operating systems can be run in a supported manner, both on top of Virtual Server and our future virtualization products. Proving support for XE-VMs on Windows Server Virtualization is a part of the commitment.


VI: In a scenario where a WSV-VM is moved on XenEnteprise hypervisor some critical issues raise about licensing and support.
If the Microsoft customer is using an unlicensed version of Windows inside the WSV-VM (which is permitted by the new virtualization licensing model up to 4 virtual machines), what will happen when he'll run it on XenEnterprise? And who between Microsoft and XenSource will support the virtual machine on that case?

MN: The four virtual instances allowed with Windows Server 2003 Enterprise Edition are not unlicensed. They are in fact license rights granted for the Enterprise Edition. We also recently extended virtualization licensing rights to Windows Server 2003 Datacenter Edition, providing for unlimited virtual instances with that version of Windows Server.

A customer running Windows Server needs to acquire a license for the physical machine they are running Windows on, regardless of the virtualization technology they are using. If they are running a VM on XenEnterprise, they need to have acquired a license for that Windows machine as well. More details about Microsoft's virtualization licensing policy can be found here.

As I mentioned above, for customers with Premier-level support agreements, Microsoft will use commercially reasonable efforts to investigate potential issues with Microsoft software running in XenEnterprise or other non-Microsoft virtualization technology.


VI: How much time the agreement will last?

MN: The agreement is to develop and deliver the technology for interoperability between Xen-enabled Linux guests and Windows Server virtualization, to be delivered around the same time Windows Server virtualization is delivered (within 180 days of Windows Server Longhorn, which is slated for release in H2 2007). That said, we do have an ongoing relationship with XenSource (they licensed Microsoft's Virtual Hard Disk format, for example). We share a common goal to help customers more easily realize the benefits of virtualization.


XenSource Side


virtualization.info: Technically speaking what will happen exactly in the interoperable scenario, where a XE-VM will be executed by Microsoft Windows Server Virtualization hypervisor?

Simon Crosby: Our announcement of a strategic partnership with Microsoft will enable Xen-enabled Linux guests to run with full benefits of paravirtualization (Microsoft terms it enlightenment) on the upcoming Windows Hypervisor, code named Viridian. Viridian and Xen share a common architecture, and are both paravirtualizing hypervisors. This is key, because paravirtualization has been recognized as the most important enabler of virtualization by every OS vendor. This architecture will be supported in the next release of every x86 OS of relevance to the enterprise, with RHEL 5 and SLES 10 Linux incorporating Xen (indeed many other Linux distributions will do so too); Sun with a Solaris 10 update expected later this year, and Microsoft with Viridian. Viridian will ship as an embedded component of Windows Server Longhorn.

When the Xen-enabled Linux guest runs on Viridian, it will use the native Xen hypercalls to access virtualization functions. A small adapter will adapt the Xen hypercalls into Viridian hypercalls so that the Linux guest can run with full performance on this paravirtualizing hypervisor.
In addition, we are collaborating with Microsoft on the delivery of paravirtualizing I/O capabilities for Xen-enabled Linux guests to run on Viridian. These capabilities are called Virtualization Service Clients and Virtualization Service Providers in the Microsoft terminology, and they correspond to the Xen front end and back end drivers used for paravirtualized I/O.


VI: The XS-VM running within Microsoft WSV will have all capabilities it already has on XenEnteprise or there will be some limitations?

SC: To be clear: The Xen-enabled Linux will be exactly the same Linux as is shipped by Red Hat or SUSE, or whatever other distribution we support. This has nothing in particular to do with Xen Enterprise, which is XenSource's product and which also supports those Linux guests. That is, all implementations of Xen will support these Linux guests, since all Xen implementations (including in Solaris, RHEL, SLES) support paravirtualized guests.

The answer to the question is thus: The Xen enabled Linux guest will have all of the capabilities that it has when running virtualized on Xen


VI: In this collaboration will XenSource have full access to all Microsoft WSV software code?
If not, how XenSource will be able to assure that performance and security levels of a XE-VM will be identical on both XenEnterprise and Windows Server Virtualization?

SC: The terms of the collaboration between XenSource and Microsoft have not been disclosed, however we certainly can state that we have a license from Microsoft to implement the adapter against the Viridian hypercall API. Microsoft has disclosed that API to several vendors, and discussed it in detail at the recent WinHEC conference.


VI: Is this agreement breaking in some way GPL license of Xen or Linux in general?

SC: Not at all. XenSource is committed to the GPL Xen code base as the key to our powerful community and the ubiquitous delivery of a uniform feature set. We lead the industry through open development, and every feature that is currently in development, that does not require a closed source license by virtue of a license agreement with a 3rd party, is targeted for GPL implementation.
It is XenSource's intention, wherever possible, to deliver features into the open source Xen code base. In the specific case of our Microsoft partnership, some components cannot be released under GPL.


VI: Can we expect some support available to the open source community, from know-how XenSource will gain during this agreement?

SC: The benefits for Xen from our collaboration with Microsoft will be tremendous. We anticipate that we will be in a far better position to deliver high performance Windows support on Xen, and moreover Microsoft has agreed to support Windows on our own product, XenEnterprise.
More importantly, perhaps, is the recognition from Microsoft that Xen's paravirtualization (enlightenment) is the hypervisor architecture of the future, as opposed to emulation and binary patching. It is a vindication of the technology leadership of the Xen community, of our open source collaborative development and ubiquitous deployment. It is an acknowledgement from the most powerful OS vendor in the industry, that the Xen hypervisor is the hypervisor to beat, and that the installed base is about to be consigned to history. A common architecture, supported by every OS vendor in the industry, is emerging.

Xen's paravirtualization architecture has been endorsed by every OS Vendor, and this is a tremendous shot in the arm for every vendor in our ecosystem. Microsoft's support of that will be of great importance to every vendor working on Xen - as it is a recognition that their investment in an open industry standard platform has been proven worthwhile.

Crossing borders: REST on Rails

An elegant approach to Web services

In the past 20 years, one tendency has dominated the development of commercial software tools: We love to fight complexity with complexity. Nowhere is this trend more apparent than within the distributed computing arena. The C and Java™ communities have seen some stunningly complex frameworks built to enable distributed communications. The Distributed Computing Environment (DCE) enabled remote procedure calls across applications written in C. The Common Object Request Broker Architecture (CORBA) standard enabled communications across object-oriented applications. The Enterprise JavaBeans (EJB) specification provides services for security, persistence, transactions, messaging, and remoting. Hype for each framework built to a crescendo, but each one failed to meet expectations and some were unmitigated disasters because of their complexity. Of these, only EJB 3.0, the result of a dramatic simplification overhaul, has the potential to succeed for distributed applications. The marketplace may or may not give the embattled framework another chance, and EJB will still need to deliver.
The latest massive distributed framework is Web services. Web services technology lets applications communicate with one another in a platform- and programming language-independent manner Web services standards too are threatened by the complexity bogeyman, but an alternative strategy known as REST promises a more straightforward approach. This article shows you how to add a REST-style Web service in Ruby on Rails and invoke the service from both Ruby and Java code.

The Web services landscape

As with EJB, CORBA, and DCE, the core abstraction for Web services is a remote procedure call. Web services use a protocol called SOAP (originally, SOAP stood for Simple Object Access Protocol, but the term is now deprecated) for expressing a message's structure with XML. Here's a hint: If a protocol starts with S for simple, it's not. The Web Services Definition Language (WSDL) provides a standard specification of a service. Like SOAP, WSDL is an involved and complicated API, and SOAP and WSDL only scratch the surface of the dozens of APIs that make up the Web services behemoth. Web services need an overhaul, and thanks to an influential Ph.D. dissertation by Roy Fielding, they are getting one.

Fielding's dissertation describes the REST application-networking strategy. REST is fundamentally different from full-stack Web services for three major reasons:

• The core abstraction in REST is a remote resource instead of a remote procedure call.
• Rather than inventing an exhaustive list of standards, REST uses existing Internet standards, including HTTP, XML, and TCP/IP.
• Instead of every possible scenario, REST covers the most common problems.

Think of REST as browsing. REST clients use the same HTTP commands as your browser to access resources. When a REST client accesses a representation of a resource, the client transitions into a state. With various HTTP commands, REST clients can create, read, update, or delete records from a resource.

For example, take a typical blog. You get a list of posts by typing a URL such as blog.rapidred.com. Then, if you want to edit your blog entry, you type HTTP parameters on your URL (such as blog.rapidred.com/edit?article=12345), and the edit form displays. So each blog entry has its own URL, and you can read, modify, or delete content with HTTP commands by clicking a link or typing a URL directly.

In a nutshell, REST:

• Uses TCP/IP naming standards to name resources on the Web
• Queries and manipulates those resources with HTTP
• Uses standard text-based message formats like XML or HTML to structure data

Ruby on Rails provides excellent support for Web services with REST.

Action Web Services overview

Rails implements Web services with a module called Action Web Services. Many development frameworks encourage a separate controller for your views and Web services. That strategy lets you maintain a consistency of style across each controller. The problem is that you need a new controller for each kind of content you serve. For example, Ajax UIs require remote XML calls to JavaScript from your controller.

Rather than dedicating a controller to your Web services, with Rails you generally use the same controller to serve content to your HTML-based views, your XML-based Web services, and your XML-based JavaScript components. The best way to understand Action Web Services is to see it in action in the context of a working application.

Create a database called service_development using your chosen database manager. Next, create a Rails project and a model with these commands:

> rails service > script/generate model Person

After you generate your model, you have a migration called db/migrate/001_create_people.rb. Edit that migration to look like Listing 1:

Listing 1. The migration for the people table

class CreatePeople < ActiveRecord::Migration def self.up create_table :people do |t| t.column :first_name, :string, :limit => 40 t.column :last_name, :string, :limit => 40 t.column :email, :string, :limit => 40 t.column :phone, :string, :limit => 15 end end def self.down drop_table :people end end

Change the database configuration in config/database.yml to match your own database configuration and type rake migrate. Finally, generate a scaffold for a Person model and a People controller by typing script/generate scaffold Person People. You're ready to start the server with script/server. Point your browser to localhost:3000/people to see the classic Rails scaffold for Person. Figure 1 shows an application with standard Rails scaffolding:

Figure 1. A simple Rails application

Before I introduce Web services with Rails, review the controller code. Edit app/controllers/people_controller.rb to match the code in Listing 2:

Listing 2. Controller code for PeopleController

class PeopleController < ApplicationController def index list render :action => 'list' end # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html) verify :method => :post, :only => [ :destroy, :create, :update ], :redirect_to => { :action => :list } def list @person_pages, @people = paginate :people, :per_page => 10 end def show @person = Person.find(params[:id]) end def new @person = Person.new end def create @person = Person.new(params[:person]) if @person.save flash[:notice] = 'Person was successfully created.' redirect_to :action => 'list' else render :action => 'new' end end def edit @person = Person.find(params[:id]) end def update @person = Person.find(params[:id]) if @person.update_attributes(params[:person]) flash[:notice] = 'Person was successfully updated.' redirect_to :action => 'show', :id => @person else render :action => 'edit' end end def destroy Person.find(params[:id]).destroy redirect_to :action => 'list' end end

If you followed the earlier Ruby on Rails projects in this series, you know the general flow of a typical controller method:

1. A user makes a request through HTTP by following a link or specifying a URL.
2. The Web server directs the request to Ruby on Rails based on the domain configuration.
3. The Rails router routes the request to the controller based on the URL pattern. The default pattern is http://host_name/controller/action/parameters.
4. The router invokes a method on the controller with the same name as the action.
5. The action method sets up instance variables for the view and renders the view.
6. The action method copies any instance variables to the view.

For example, look at the show method in Listing 2. The controller sets up the @person instance variable for the view to use. Because the method doesn't specify the name of a view, Rails invokes the view with the same name as the controller action -- in this case, the view in app/views/people/show.rhtml.

Take a look at the list method. If you wanted to make this method render XML instead, you'd need to:

• Remove the pagination
• Convert the people instance variable to XML
• Render XML instead of HTML

Rails makes it possible to handle the Web service and render a view from the same Web service. You don't really need pagination yet. To simplify the list method a little for the Web service, remove the pagination by making the list method in the controller look like Listing 3. You also need to remove the "Next Page" and "Previous Page" links near the bottom of the code in app/views/people/list.rhtml.

Listing 3. Simplifying list

def list @people = Person.find_all end

By removing the scaffolding for pagination, you remove a feature that would make your UI more robust, but you also get something in return. You can use the same code to drive your Web service and your view. If you find that you need pagination later, you can always write some custom helpers.

Now that the base application is out of the way, you're ready to add some Web services.

Adding Web services to a Rails controller

If I wanted to be flippant, I could say, "You've already got a Web service." Remember what I said about REST? This style of Web services uses named resources. My Rails application also has named resources: host_name/people/list invokes my list service. REST-style Web services also use TCP/IP and HTTP. So does my Rails application. And well-formed HTML is a subset of XML, satisfying the last REST requirement. Just call an HTTP get on localhost:3000/people/list and parse the result to get a list of people. And that's exactly the point. REST works as the Internet works. But this is not really a REST-based Web service. Ideally, you'd like to provide an XML document that reflects the meaning of Person instead of the structure of the UI.

A real service should produce a pure data representation, one built specifically for the service's intended clients. But the sample application has two clients: end users and REST clients. To reuse the same code for both purposes, you need to give Rails more information. The Rails designers could have decided to use additional URL parameters, but mangling the URL is an ugly hack. Rails should not burden the users with such details. Instead, HTTP provides a vehicle for specifying more information: the HTTP header.

To understand the REST model for Web services, it helps to know a little more about HTTP. The curl (think of it as See URL) command lets you query a URL with a single command and see the response. Unix-based operating systems include curl by default, and you can download free curl utilities for other OSes. By typing curl http://some-url, you can limit the request to print just the default response body (the HTML rendered by your browser). You can get much more information by typing curl -i http://some-url. This command returns the HTTP header, as shown in Listing 4. You see the header configuration, composed of key-value pairs that dictate the configuration of the individual request.

Listing 4. Invoking an HTTP request with curl

> curl -i http://localhost:3000/people/list HTTP/1.1 200 OK Cache-Control: no-cache Connection: Keep-Alive Date: Tue, 27 Jun 2006 14:54:49 GMT Content-Type: text/html; charset=UTF-8 Server: WEBrick/1.3.1 (Ruby/1.8.4/2005-12-24) Content-Length: 854 Set-Cookie: _session_id=216912045de52786f032b22755c903dd; path=/

You'll frequently see the HTTP get, put, post, and delete commands. REST takes advantage of these commands to do classic CRUD, a common acronym for create, read, update, and delete. The HTTP commands map to CRUD like this:

• Create: HTTP put
• Read: HTTP get
• Update: HTTP post
• Delete: HTTP delete

Browsers use the HTTP header to satisfy many different kinds of requests with the same server-side code. Well-behaved applications provide enough information to process a document correctly. One of those pieces of information is called the HTTP Accept header. With just a little extra effort, your controller can employ some helpers that use the Accept header to determine how to respond to an incoming request. Then, the controller can render the appropriate response. Change the list method in the PeopleController to look like Listing 5:

Listing 5. Extending the list method to render XML

def list # wants is determined by the http Accept header in the request @people = Person.find_all respond_to do |wants| wants.html wants.xml { render :xml => @people.to_xml } end end

In Listing 5, you see a full REST-based Web service. The resulting code is a beautiful example of a tiny domain-specific language within Rails that extends Ruby to make a kind of switch statement. Here's how it works:

1. The respond_to method accepts a single code block and passes one instance variable (labeled wants) into the code block.
2. wants has a method for each possible type. The controller can specify a code block for each type the controller expects.
3. A wants method executes the corresponding code block if the method name matches the type in the HTTP Accept header.
4. If no code block is specified (such as wants.html), Rails performs the default action (in this case, rendering app/views/people/list.rhtml).

This strategy lets you share the same setup code across all expected clients. Should you need to add a JavaScript client expecting HTML to enable your application for Ajax, you could just add wants.js, as shown in Listing 6:

Listing 6. Rendering HTML for a JavaScript client

def list # wants is determined by the http Accept header in the request @people = Person.find_all respond_to do |wants| wants.html wants.js wants.xml { render :xml => @people.to_xml } end end

So you've seen how to add REST Web services to your read-only methods. The show method would be similar, as shown in Listing 7:

Listing 7. Implementing show

def show @person = Person.find(params[:id]) respond_to do |wants| wants.html wants.xml { render :xml => @person.to_xml } end end

You may have noticed that you've seen only read-only services through REST. The reason is that preparing the application to handle posts and deletes is trivial. Deletes need no added support because the current code already uses the URL to specify the ID of the person to be deleted. Rails automatically translates incoming XML in post requests, so you do not need to build in any server-side support. In fact, the application works as-is for deletes, updates, and creates. You might tinker with the HTTP response that each method renders, but your client code is really after only the HTTP return code.

It's time to invoke the Web service.

Invoking the Web service

The strategy of using the existing HTTP protocol keeps your invocations simple. Listing 8 shows the Ruby version. Notice the HTTP Accept header. Remember, the controller determines the type of content to render based on that header.

Listing 8. Invoking the service from Ruby

require 'net/http' Net::HTTP.start('localhost', 3000) do |http| response = http.get('/people/list', 'Accept' => 'text/xml') #Do something with the response. puts "Code: #{response.code}" puts "Message: #{response.message}" puts "Body:\n #{response.body}" end

The Web service invocation in Listing 8 invokes an HTTP get on http://localhost:3000/people/list and prints the response. Ruby has excellent libraries to deal with the resulting XML, but they are beyond this article's scope. You don't need to use Ruby to invoke this service. You need only a library for HTTP. Listing 9 shows a Java invocation of this service:

Listing 9. Invoking the service with Java code

package com.rapidred.ws; import java.net.*; import java.io.*; public class SimpleGet { void get() { try { URL url = new URL("http://localhost:3000/people/list"); URLConnection urlConnection = url.openConnection(); urlConnection.setRequestProperty("accept", "text/xml"); BufferedReader in = new BufferedReader(new InputStreamReader(urlConnection.getInputStream())); String str; while ((str = in.readLine()) != null) { System.out.println(str); } in.close(); } catch (Exception e) { System.out.println(e); } }

Like the Ruby counterpart, this code opens a URL connection, sets the Accept header to text/xml, issues the get, and prints the result. Many XML frameworks (see Resources) exist for Java code (as for Ruby), but I'll hardcode the XML in this one to keep the example simple.

Invoking a post is similar. Listing 10 shows a simple post:

Listing 10. Calling HTTP post with Java code

void post() { try { String xmlText = " " + "Maggie" + "Maggie" + "maggie@tate.com" + ""; URL url = new URL("http://localhost:3000/people/create"); HttpURLConnection conn = (HttpURLConnection)url.openConnection(); conn.setDoOutput(true); conn.setRequestMethod("POST"); conn.setRequestProperty("Content-Type", "text/xml"); OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream()); wr.write(xmlText); wr.flush(); BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream())); String line; while ((line = rd.readLine()) != null) { System.out.println(line); } wr.close(); rd.close(); } catch (Exception e) { System.out.println("Error" + e); } }

This HTTP post creates a new Person by simply invoking a post on http://localhost:3000/people/create and passing an XML document in the HTTP document body. (Normally, you'd use a Java XML library to construct the XML document. Again, I hardcoded the document to keep the example simple.) The Rails support automatically translates the incoming XML to a Ruby hash of Person attributes.

Wrapping up

In this article, you've seen that you can enable a controller for REST-based Web services with a trivial amount of code. Dynamically typed Internet languages such as Ruby make extensive use of REST instead of SOAP-based Web services. Some simple innovations, including the nifty responds_to syntax and automatic XML translation for incoming posts, make it easy to use the same controller from a Web service, remote JavaScript request, or HTML.

The Java language, too, has excellent support for REST. After all, a servlet is fundamentally a server-side REST-based Web service. You can use servlets on the Java side and Rails controllers on the Ruby side to knit together applications using the strengths of both platforms. That's the beauty of Web services. All you really need is the courage to break from the herd.

Reincarnating a discarded laptop with Linux

I recently picked up an old discarded laptop... straight out of a corporate garbage bin, as a matter of fact. Could it be useful? What could it do? As an IT professional, I thought I'd find out.


You've probably read similar stories elsewhere. Many people acquire old Pentium I, II, or III era laptops and install Linux and other free software to create a useful machine. A few years ago, laptop Linux was immature and this was a challenge. Laptops have always been proprietary and less standardized than desktop PCs. Today, however, Linux features much better hardware detection and installs easily on most laptops.

"Laptop revival" stories usually describe detailed procedures for installing Linux and device drivers on a specific make of laptop. This article is more general. How do you go about making an old laptop useful? What steps are involved? Which Linux distributions will work? We'll even discuss how Windows and dual-booting fit into the picture.

I assume that you, like me, use Linux but are not a guru. Neither of us have weeks to configure a laptop. We want to spend a couple days getting the software installed, then use the laptop. I'll include major sources of help on the web for further investigation.

Define your objectives

Start by defining your objectives. List what you want to do with the laptop. Since you have an older machine, these goals must be realistic relative to the hardware you have. So, you really need two lists: your objectives; and the laptop's hardware specifications. Then, you need to cross-check the lists to ensure that your objectives are realistic in view of your laptop.

I decided to use the laptop as a no-cost backup for my primary office laptop. My objectives for the old laptop were:

1. Office support -- word processing and spreadsheets in Microsoft Office compatible file formats
   
2. Presentations -- create and display presentations from the laptop, using software that supports Microsoft's Powerpoint file format
   
3. Run common Linux and Windows applications
   
4. Email -- manage mail from an old Compuserve account retained for business continuity
   
5. Occasional light web use via dial-up modem -- quick look-ups for specific information

Your goals dictate the software you install. For example, if you'll use the laptop for music, video, or games, you'd install different applications than I did. Remember, your goals must be realistic for the machine you have. State-of-the-art games and resource-intensive applications won't work well on older laptops.

Identify what you've got

To determine what hardware you have, just boot the machine into whatever operating system it runs. All forms of Windows, from Windows 95 on, give hardware details in the My Computer | Properties panels. For Windows 3.1 or DOS machines, issue DOS commands like mem, ver, msd, chkdsk and scandisk at the DOS prompt. (Your laptop likely doesn't run Linux, because few laptops came with Linux until recently.)

What if Windows is password-protected and you don't know the password? This might be the case if the laptop runs Windows NT or 2000. If this is the case, you have a couple of options. One is to reset the password using free tools such as ntpasswd. These free utilities are often available on Linux "rescue CDs," such as Knoppix. You can boot almost any "live Linux CD" (also known as a "live CD") and read Windows NT/2000/2003/XP files. But, you need a utility like ntpasswd to reset the password so that you actually log in to Windows and use its installed applications. The book, Knoppix Hacks, gives examples of how to use ntpasswd to reset Windows NT, 2000, and XP passwords.

Look over the outside of the machine. Note the ports and connectors. Find the manufacturer, model, and model number somewhere on the side, back, or bottom. Then, visit the vendor's website with the identifying information. Vendor sites typically offer a wealth of information, even for ancient machines -- hardware specs, software compatibility lists, manuals, reference materials, quick-start guides, configuration programs, and device drivers. Download all this, and save it all for later.

Boot into the Configuration or Setup panels to learn more about your computer. After turning on the machine, press DEL or F1 or some other key to enter these panels (depending on the laptop's manufacturer and BIOS). If you cannot enter the Set-up simply by experimenting, the vendor info you downloaded tells how to enter.

As well as finding out about your laptop's capabilities, the boot Setup panels allow you to test your hardware. Run these tests! You want to verify that all your hardware works properly, up front. Otherwise, you could spend many hours later trying to get a device working, only to discover that the hardware was faulty all along.

I found that my hardware was in good working order, and consisted of:

• IBM Thinkpad 770Z
  
• Released to the market by IBM in January 1999
  
• 366 MHz CPU, 128 MB memory, 14 gig disk, CD-ROM, floppy disk drive, built-in 56K modem, and one USB port
  
• 13.7-inch screen with AGP graphics and 8 MB graphics memory
  
• PCMCIA card slots built-in, but empty
  
• No writable CD, DVD, or broadband modem
  

If you intend to retain the software already on the laptop, explore and catalog it, as well. This is the base upon which you'll build. If the base system is Windows and you want to keep it, I recommend adding Linux. Dual-booting gives you the best of both worlds. With tons of free and open source software (FOSS) available for Linux, you can accomplish almost anything without buying additional software.

With lists of your objectives, laptop hardware, and installed software in hand, it's time to start planning. Your goal is to learn as much as possible about your machine, the software you'll install, and the set-up procedures you'll follow, before proceeding with the work. While most of us instinctively "dive right in," you really can save yourself lots of time with a little up-front reading and preparation.

Hardware

Most laptop hardware is a given. You probably can't upgrade your machine's CPU or change whether the laptop came with a built-in CD or floppy drive. But one critical resource is easily upgraded and yields tremendous payback -- memory. Used Pentium I, II, or III era laptops will typically have memory of 32, 64, 128, or 256 MB.

Your laptop may have less than its maximum installable amount of memory, because few people buy a computer with the maximum memory -- it costs too much. But now prices are low, because you're talking about obsolete memory. You might be able to max it out for a pittance. Bear in mind: each 64 MB you can add tremendously increases the speed and utility of the computer.

The vendor specs you downloaded earlier will tell you what memory upgrades are possible for your machine. Or, visit UpgradeMemory.com. Here, you select your laptop manufacturer from a drop-down list, then pick your specific model from another drop-down list. The resulting screen gives you a description of typical and maximum memory for your machine, and tells exactly what upgrades are possible. Pay attention to part numbers and the banking strategy (whether memory sticks must be upgraded in sets with identical characteristics). After writing down this information, you can buy a memory upgrade directly from the site. Or, shop around and price-compare. Memory for old laptops is inexpensive, and used memory can be readily purchased on eBay, Amazon, or at local computer shows.

For my 128 MB Thinkpad, I found that I had one open memory slot. Each memory slot is its own bank, so I could place any eligible memory in the new slot without regard to what was in the two already-filled slots.

I doubled machine memory to 256 MB by adding a single 128 MB memory stick. It cost only $20. With that minimal investment, I dramatically increased the laptop's capabilities.

Linux

Operating system requirements highlight the importance of memory for old computers. I found that I had three basic choices in Linux distributions ("distros"):

1. Install a current Linux designed for older, memory-constrained machines
   
2. Install a current general-purpose Linux distro that emphasizes dynamic configuration during installation, and perform a "minimal install"
   
3. Install a full general-purpose Linux distro, but use an older release requiring less memory

Current Linuxes designed for limited or older machines include Damn Small Linux, Puppy, Feather, Wolvix, Vector, STX, and Pocket Linux. Some of these can run entirely in memory and make applications running on old Pentiums fly.

Slackware and Debian are not specifically designed for smaller or older machines. But, they allow lots of customization during installation and can fit minimal machines. Many other distros fit this model, as well.

Red Hat version 8 offers a good example of how to minimize resource requirements by installing a full, older version of a distro. Red Hat 8 is four releases older than the current version of the product, Red Hat Enterprise Linux 4. I chose Red Hat because I've worked with the product before. Version 8 runs in 64 MB without the GUI, or in 128 MB with the GUI.

Red Hat 8, the GUI, and my applications would all fit comfortably in my 256 MB of memory. I decided to install Red Hat 8 on disk. This would meet my objective to run common Linux applications. Since Red Hat 8 includes OpenOffice, this would also meet my objective to run an office suite that works with Microsoft file formats.

Here are the minimal system requirements for these distributions:

Version	System Requirements
Damn Small Linux	Minimum requirement is a 486DX with 16 MB memory. Runs fully in memory on machines with 128 MB. Also boots from USB thumb drive or from a live CD. 50 MB disk footprint. Details here.
Puppy	"Puppy has been tested on a few very old machines but for best results..." use a Pentium @166+ MHz with 64 MB for releases prior to 1.0.2, and 128 MB for releases since version 1.0.2. Be sure to create a swap partition on systems with less than 64 MB of memory, otherwise no hard disk required.
Feather	"Feather should be able to run on a 486 with 16 MB of RAM, but only in console (non-graphical) mode. To use X, 24 MB of RAM or more are required."
Wolvix	Requires 36 MB to boot slax, 96 MB to run X Windows with Fluxbox, 144 MB to run X Windows with KDE. 486 or better processor. A suggested system has a minimum Pentium @266+ MHz and 128 MB memory. No hard disk required.
Vector	The Standard Edition requires only a 386 or better processor with 16 MB of memory and 350 MB of disk space for a full install. The SOHO (Small Office / Home Office) edition requires Pentium III or better, 128 MB memory with 256 MB recommended, and 3 G for the OS on disk.
STX	"Oldest system tested so far: K5/75, 64 MB RAM, 130 MB Swap ... very slow but works"
Pocket Linux	"...you should at least have a Pentium II computer with 400 MHz and about 128 MB+ RAM in order to work efficiently."
Slackware	486 or greater processor, 16 MB memory with 32 MB suggested. Additional hardware required to run the GUI. 100-500 MB hard disk is minimally required with 3.5 G for a full install.
Debian	Pentium @100+ MHz minimum, plus 24 MB memory and 450 MB on disk for "No Desktop" systems, or 64 MB and 1 G disk for systems "with the Desktop."
Red Hat 8	64 MB for text interface, 128 MB for GUI. 400 MB hard disk for minimal install, 2 G for a "Workstation" install.

Perhaps the single biggest factor in Linux memory requirements is that of the graphical user interface, or "GUI." The popular KDE or Gnome GUIs usually require about 128 MB, while lighter GUIs like Fluxbox, IceWM, FVWM, JWM, and Xfce can often run in 64 MB. If your system's memory is limited, try one of the lighter GUIs. If you have an early Pentium or 486 and are really pressed for memory, lose the GUI. Work from the command line to dramatically reduce your memory requirement and still run Linux.

This recent article summarizes system requirements for six small Linuxes and describes installing them on a 233 MHz Pentium II desktop with 64 MB of memory and a 3 gig hard drive. This article describes testing six distros with an 800 MHz Celeron laptop with 128 MB memory and a 10 gig hard drive.

The website, Distro Watch, presents very comprehensive Linux information. It lists all popular distros, and for each one gives you:

• Project home page
  
• Download links
  
• Lists of releases
  
• Links to reviews
  
• Lists of software components
  

Distro Watch is a great resource for comparing distros and learning more about what's available.

Try, before you "buy"

Live CDs give you the option to boot different Linux distros from CD-ROM without installing them to hard disk. You can try and compare products before you commit to installing a distro. You can verify:

• Whether the distro accurately discovers all your hardware
  
• Whether it comes packaged with the software you need to meet your objectives
  
• Whether you like its user interface
  
• Its performance on your machine

Take advantage of live CDs to test out distros. You may even decide to run a live CD regularly -- although on old laptops, CD read performance often renders them prohibitively slow.

While testing the small live CD distros in the chart, I fell in love with Puppy. Puppy is small, yet it includes the apps I need, such as OpenOffice 1.1.4. Puppy runs entirely in memory, if you have 128 MB, so it's speedy even on older machines. It boots from live CD, hard disk, or USB thumb drive, and even comes in a version called Puppy for Windows 98, which launches inside the DOS box in Windows 98. Since live CDs were too slow for my laptop, I decided to install Puppy for Windows 98. Read reviews of Puppy here and here.

I determined that OpenOffice would fulfill my needs for office work (my first three objectives). I found that OpenOffice version 1.x requires 64 MB of memory, while OpenOffice 2.x requires 128 MB. Ferreting out system requirements like this is important. If my laptop memory had remained at 128 MB, I would need to install OpenOffice version 1. With memory increased up to 256 MB, I could afford to install OpenOffice 2. Both versions met my prime criteria: they work with Microsoft Office file formats. I've exchanged files for years between OpenOffice and Microsoft Office, with excellent compatibility.

Browsers like Mozilla or the even lighter Dillo (with its 350 KB binary) could meet my need for limited Internet access. These products rounded out my objectives for the Linux install.

Windows

I decided to dual-boot the laptop because I wanted to run several old Windows applications. I had kept a spare Windows 98-SE2 boot CD and license from a PC long ago broken and discarded, so I didn't have to buy anything. Now seemed like a good time to put this old software to use.

Here are the minimal system requirements for common Windows versions:

Version	CPU Minimal / Recommended	Memory Minimal / Recommended
Windows 3.1	>= 386	2 MB
Windows 95	386DX / 486	4 MB / 8 MB
Windows 98	486DX @66 + MHz	16 MB / 24 MB
Windows 98-SE2	486DX @66 + MHz	16 MB / 24 MB
Windows ME	Pentium @150+ MHz	32 MB
Windows NT 4.0 Workstation Edition	Pentium	16 MB / 32 MB
Windows 2000 Professional Edition	Pentium @ 133+ MHz	64 MB
Windows 2003 R2 Standard Edition	Pentium @ 133+ MHz / Pentium @ 550+ MHz	128 MB / 256 MB
Windows XP Home Edition	Pentium @ 233+ MHz / Pentium @ 300+ MHz	64 MB / 128 MB
Windows Vista	Pentium @ 800+ MHz	512 MB

Notes: The links show where the information was obtained (usually from Microsoft's website). You can find further system requirements by following the links. "Pentium" refers to any Pentium-compatible processor. Windows Vista is not yet released.

Microsoft's official system requirements are considered too low by most users. Double the required minimum system memory, for example, if you like responsive software. Many say you should also double the processor speed. Here's an example. For Windows 98 Microsoft lists a 486 CPU at 66 MHz with 16 MB memory as the minimal system. Most users find that Windows 98 runs much more responsively with the minimum of a 133 MHz Pentium and 32 MB of memory.

Users of old computers often focus on whether their machines can run Windows 98 Second Edition, usually referred to as Windows 98-SE2 This operating system far outdistances 3.1, 95, 98, and ME in its lingering popularity. It is generally acclaimed as the most stable and useful member of the Windows family of operating systems for older client systems.

Windows NT Workstation Edition and Windows 2000 Professional Edition will also run on many older laptops. The NT/2000 line was primarily a "server operating system" in its day, so it supports fewer consumer applications. Old laptops rarely have the resources to run Windows 2003 or Vista with reasonable performance.

Windows XP might be an option. XP Home Edition can work with a Pentium II and 128 MB. While what constitutes "good" performance is subjective, the consensus among my friends is that you need at least a Pentium III and 256 MB to 512 MB of memory for decent XP performance.

Whichever Windows version you select, the operating system is notoriously insecure. These free and open source software products can help address this shortcoming:

Product:	Purpose:
AVG Free Anti-Virus, A-Squared or ClamWin	Free anti-virus scanners. All three support batch scanning. AVG also scans email and file activity in real-time.
Ad-Aware SE Personal, Spybot Search & Destroy	Spyware / malware scanners.
Free Internet Windows Washer	Eliminates Windows's history of your activities, including the index.dat file that keeps track of all the websites you visit.
MRU Blaster	Eliminates lists of your Most Recently Used (MRU) files.
Tiny Personal Firewall, ZoneAlarm	Tiny Firewall is small and light. ZoneAlarm works great but may be a bit weighty for some older computers.
MemWatcher	Shareware that displays memory use.
StartUp Cop	Controls what software loads at start-up time (an alternative to the msconfig command present in some versions of Windows)

Most of these programs can be downloaded from a single freeware site. My favorites for free Windows software are The Free Country, Download.com, and Major Geeks.

Given the extra software one must install for security and privacy, the question arises: Is Windows worth it? Other downsides include:

1. You have to pay for a Windows license -- even for an obsolete version
   
2. Anything you can do with Windows you can do with Linux and FOSS
   
3. Microsoft no longer supports its older operating systems, nor do they issue "Windows Updates" for them. In contrast, Linux offers excellent web support

In my case, I dual-booted Windows because of some legacy applications including an old version of Compuserve. To run the apps under Linux, I could install Wine, a Windows emulator that runs over 3,000 Windows programs. Wine has a compatibility list you can review -- or, you can just install it, and test your applications.

Even if Wine works with my applications, I'll retain the dual-boot. Most IT sites still use Windows. It's handy to have it on this backup machine in case I need it, since my clients use it.

Running multiple OSes

Hard disk size is especially important when you want to install more than one operating system on your laptop. System requirements documentation tells you exactly how much disk you'll need for minimal, typical, and full OS configurations. As a rough rule of thumb, consider that you'll need a gig or two per operating system. A laptop with a hard disk of one or two gig might best be used for a single operating system. In my case, the 14 gig hard drive gave me the room to install up to four disk-bootable operating systems (the maximum allowed by the disk partitioning scheme).

You'll also need to consider how to manage the hard disk partitioning and booting of multiple operating systems. Linux provides many free tools for this, including PartGUI, QtParted, DiskDrake, and various distro installers for partitioning; and GRUB and LILO for multi-OS booting.

I had previously bought a program for partition management and multi-OS booting called System Commander. I'll use it due to its exceptional ease of use. System Commander hides partitions holding current operating systems when you install a new one. This safety feature protects previously-installed operating systems from getting accidentally clobbered when installing new OSes to the same drive.

OS installs are easiest if your laptop has a bootable CD-ROM. Bootable floppies work fine but require more of your time. Floppies run slowly and you'll usually have to boot from multiple diskettes. If you have neither bootable CD nor floppy diskette, consider a "network install" through the serial port. Unfortunately, old laptops pre-date booting from USB-attached thumb drives. Find out what devices your machine will boot from through its boot Setup panels.

Gather information and drivers

I mentioned earlier that you should visit the hardware vendor's site and grab all the material you can. Now is the time to read that information. You'll be way ahead of the game if you understand the machine you're trying to set up, beforehand. Time-consuming mistakes can easily be avoided if you learn about your machine by reading everything you can up-front.

Visit the Linux laptop "install experiences" websites here, here, and here. These sites share useful advice and hints for installing Linux on hundreds of different laptops with many different distros. Read the stories that correspond to your hardware and distro. The more you read about others' difficulties before you start, the better off you'll be. You can post questions or issues you encounter at online forums like Linux Forums and Linux Questions, and the Desktop Linux Forum.

Download all device drivers you can find before proceeding. I googled on "Thinkpad drivers" and "Thinkpad Linux drivers" and found tons of good information. Among them were IBM's Thinkpad drivers for Windows, the Linux Thinkpad Wiki, a Sourceforge project offering free Thinkpad configuration tools for Linux, a free GUI tool for Thinkpad Linux configuration, the source code for Thinkpad Linux drivers, and a program called TPB that enables the Thinkpad's special keys within Linux. These sources were invaluable. Reviewing this material in advance avoids big problems later.

Time to install

My old laptop's hard drive had been wiped clean by whoever threw it out, so I was starting from scratch. During planning, I decided to follow these steps in setting up the laptop:

1. Install System Commander, to define and manage partitions and multi-OS booting; the product also shields existing operating systems from new operating system installs
   
2. Make a System Commander "rescue diskette," in case an operating system install tries to take over the master boot record System Commander controls on the hard disk
   
3. Install Windows 98-SE2
   
4. Install the Windows Thinkpad device drivers
   
5. Install Compuserve 4.0 under Windows, and get legacy email working
   
6. Run the System Commander rescue diskette, to take back the master boot record on hard disk from Windows and give it back to System Commander
   
7. Install Red Hat 8 in a separate disk partition
   
8. Install Linux Thinkpad device drivers
   
9. Install OpenOffice under Windows 98 (it's already available under Red Hat as part of the standard install)
   
10. Install Puppy for Windows 98 within the Windows 98-SE2 partition, so I can run Puppy fast from disk
    
11. Install FOSS, for Windows security
    

The installs went like clockwork. I had all the software in hand, and had read everything I could beforehand. I did have trouble getting the modem to work under Windows. IBM's proprietary Thinkpad software did not operate as per the instructions. The advice I had collected from online forums helped me through this problem, though.

I had no trouble at all during my Red Hat install. I still have a few minor tasks to finish, such as setting up all the special keys, but I've met my objectives.

With Puppy for Windows 98, my main obstacle was downloading the product. The sole download website appeared to be slow or unreliable. Installation was simple, though, and took all of five minutes. Like Red Hat, I still have a few very minor issues to address. All the important functions worked immediately.

Whether you have such good luck on your Linux installs depends on three main factors: whether your laptop is a popular, mainstream brand; the distro you choose; and whether you did your homework. Live CD distros are a great way to verify success before installing to hard disk (I verified Puppy with a live CD). I felt confident with Red Hat on the Thinkpad, because many web accounts related successful installs with this combination.

I did experience one major problem -- of my own making. I successfully completed all the install steps before my extra 128 MB of memory arrived. When the memory came in, I inserted it. I turned the machine on, and the number "268435456" appeared on the screen during the power on self-test (POST). 256 MB was now available, so I was ready to play! Instead of going into the boot Setup panels and running a memory test, I went straight into Red Hat. Over the next day I experienced random problems. Every now and then, an application would mysteriously shut down without warning. For example, Mozilla would display its product panel and then exit. What on earth could be wrong?

I went into Red Hat's System Monitor and found that the operating system was not accessing memory above 128 MB. Rebooting into Windows, the MemWatcher shareware memory usage tool for Windows showed the same problem. Clearly there was some problem with my new memory.

I exited and rebooted, this time going into the machine's boot Setup panels. I tested the new memory. It failed! After I returned it and got a new memory stick, I made sure I tested the memory before booting into an operating system.

This one error cost me two days of mystery and consternation (as much time as the entire planning and install process). I had proved the hard way that jumping ahead too quickly -- instead of patiently working through procedures one step at a time -- is often the most costly error you can make.

Conclusion

If you acquire an old Pentium I, II, or III era laptop, you'll find a good many uses for the machine. We've entered a new day -- you no longer need to have the latest hardware to have a useful computer.

Open source software has matured. Linux is much better at recognizing laptop hardware than it was just a few years ago. Installation is easy. Hundreds of enthusiasts have posted their experiences in installing laptop Linux on the web. My own success shows you no longer need to be a Linux guru or PC support specialist to get laptop Linux working.

The unstoppable movement towards free and open source software has transformed Linux into an amazing platform. At no cost, you can take an old laptop and make highly productive. What an exciting new era!

Feh for image viewing

Too many Linux image viewers are tinged with little annoyances -- they take too long to load, are slow to redraw the display, have limited format support, sport inconvenient controls -- so when you want to settle on one, inevitably there's something to make you utter feh! in general discontent. Good call -- feh is the name of a speedy little viewer that packs in a surprising number of features for its size.

Feh takes as arguments the names of image files you want to view. You can also give directory names, and feh attempts to load all the files in that directory; the -r option recurses through all subdirectories. Viewing all image files in the /usr/local/photos directory tree, for instance, is done like this:

$ feh -r /usr/local/photos

If you specify more than one image, only the first will immediately display; type n (or the spacebar) to move to the next and p to move to the previous. The Home and End keys bring you to the first and last images in the argument list. To quit viewing and exit, type q.

You can put a list of images to load in a file, with full or relative pathnames, and specify the file with the -f option; the -z option will randomize the display order. The images can be advanced automatically by giving a delay, in seconds, as an argument to the -D option. This slideshow mode is the default mode; feh is a modal viewer, so its options and controls differ depending on the mode. Its other modes are discussed below.

You can also view images over any http or ftp URL by giving the URL as an argument, like so:

$ feh http://www.glerl.noaa.gov/pubs/photogallery/Scenic/images/0534.jpg

If you have a file that contains a list of image URLs, you can have feh display them in a random-order slideshow, with a delay of 30 seconds each, with this command:

$ cat image-urls | xargs feh -z -D30

Mouse controls

What's really special about feh is the way it pans and zooms images -- it's impressively fast and fluid.

If an image is too large to fit the display, click the left mouse button and move the pointer to pan around the image.

To resize the view, click the middle button and move the pointer toward the left or right to shrink or grow the image.

You can click and release the left mouse button once to move to the next image. A few viewing effects are also available: hold down the Ctrl key and press the left mouse button: when you do so, moving the pointer to the left blurs the image, while moving to the right sharpens it. With Ctrl and the middle mouse button pressed, you can move the pointer to spin the image around its center.

When viewing an image, click the right mouse button to display feh's menus.

Menus, edits, and modes

Feh is strictly an image viewer -- it doesn't attempt to be an editor at all, but a couple of the most common editing commands are available on the menu: rotation and deletion. Happily, there are no confirmation dialogs or windows that pop up when you do anything with these menus -- the delete command is cleverly given an extra sub-menu with one item, "confirm," so you get that extra protection against accidents but don't waste time with a verification click.

These commands also have keyboard equivalents. Type > to rotate an image 90 degrees clockwise, and < to rotate it 90 degrees counterclockwise. Your changes are immediately saved to the file. To delete the current image file, type Ctrl-Del.

While these commands work in slideshow mode, there are other operation modes as well, all of which are specified by command-line options. Here's a quick rundown of them:

Multiwindow mode

The -w option starts multiwindow mode, which works like slideshow mode, but instead of displaying images in tandem in a single window, all images are loaded at once, each in a window of its own. Quitting out of a single window closes all of the windows -- to just close a single window, type x inside that window.

Fullscreen mode

The -F option specifies fullscreen mode, where images are shown in the entire display. It works the same as slideshow mode and has all the same options.

Montage mode

The -m option specifies montage mode, where feh displays an image montage of thumbnails for all specified files. This mode has a lot of its own options; one of the more useful ones is -O, which doesn't display the thumbnail montage but instead saves it to the file you specify as an argument.

Collage mode

The -c option specifies collage mode, which like montage mode creates a new image of thumbnails, but images in the montage are displayed in a random, overlapping collage.

Index mode

The -i option specifies index mode, which makes an index print -- a new image of thumbnails with information about the images beneath them. The default is to just print the file's name, but if you call index mode with the -I option instead, it also prints each file's image (pixel) size and disk size in kilobytes. You can specify the font with the -e option.

Thumbnail mode

The -t option specifies thumbnail mode, which is one of the more useful modes -- it looks just like index mode, but you can view the full-size images by clicking on their thumbnails.

List mode

The -l option specifies list mode, which outputs a listing of images with various information about them including format and size.

For instance, here's how to get a default-style listing of all .jpg image files in the current directory:

$ feh -l *.jpg
NUM     FORMAT  WIDTH   HEIGHT  PIXELS  SIZE(bytes)     ALPHA   FILENAME
1       jpeg    800     534     427200  57600           -       0383.jpg
2       jpeg    570     800     456000  69362           -       0868.jpg
3       jpeg    800     526     420800  58995           -       0894.jpg
4       jpeg    800     599     479200  82414           -       1197.jpg
5       jpeg    800     601     480800  86439           -       1294.jpg
$

You can also customize the output (which is good for scripting) by using the -L option instead -- feh's man page describes how to specify the format.

Xandros 4 Home Edition Premium

t's been a while since I looked at Xandros. True to form, it has remained one of the easiest to use and flat out slickest Linux distributions available. This version of Xandros focuses on the "digital lifestyle" and includes wireless network profiles, a music manager with iPod & MP3 support, photo manager, video players and internet telephone via Skype, among other things. This version also provides good security tools such as a built-in firewall and anti-virus.

Installation of Xandros

Xandros comes with an installation disc and a separate disc with additional applications. I installed Xandros on our test box:

Athlon XP 3000+
Nvidia GeForce 5900 XT
1GB of RAM
160GB Hard Disk

My test system also had Vista Beta 2 installed on it. Xandros had no problem resizing the Windows partition to make room for an install. The Xandros installer is extremely easy to use. When my install began I opted to install the Complete Desktop. This included Codeweaver's Crossover Office as well as the usual basic set of applications. My Nvidia video card was found during installation and the appropriate drivers were installed for it, with no work required on my part.

Even if you've never installed Linux before, the Xandros installer is about as easy as it gets. I'd easily put it on par with doing a Windows or a Mac OS install. Xandros has done a good job in eliminating installation anxiety for folks new to Linux.

The Desktop

The Xandros desktop uses KDE and is reminiscent of Windows and other Linux distros in some respects. If you can navigate around in Windows then you won't have a problem in Xandros. Clicking the Launch bar opens up a list of menu selections that covers all the basics: Applications, Find, Control Center, File Manager and Xandros Networks (your tool for updating your Xandros system), among others.

The applications menu is logically divided up into categories such as Accessories, Internet, Crossover Office, Games, Graphics, Multimedia, System, etc. You shouldn't have a problem finding the application you need, everything is clear and self-explanatory.

When you first get to your desktop, you'll note that it's mostly clutter-free, with just a few icons on it: Trash, Home, web Browser, Xandros Networks and a helpful Quick Start Guide.

Be sure to familiarize yourself with Xandros Networks and the Xandros File Manager. XN is used to update your system as well as to purchase or download for free additional applications. XN is well organized and easy to use. Be sure to browse through its application selections as you might find some extra applications that could prove quite useful. For example, Evolution (another PIM) is available via XN and it might fit the bill for you better than KDE Kontact.

The Xandros File Manager is equally useful but for different reasons. From inside of it you can access networks, your desktop and documents, your hard disk (including your Windows partition if you have one), as well as your DVD/CD drive. The file manager makes it simple to burn files to CD or DVD. You can also create a music disc, blank disc or you can copy a disc. You can also browse the web from within the Xandros File Manager as well if you want, just type in the URL in the address bar and that site will appear.

Applications

Xandros comes bundled with pretty much all of the applications you need to begin using your computer including:

• Firefox (Ib browser)
• Kopete (instant messaging that lets you connect to multiple accounts)
• KDE Kontact (personal information manager)
• Thunderbird (email)
• Crossover Office (allows you to run various Windows programs)
• Games (the usual stuff including Solitaire, etc.)
• The Gimp (image editor)
• Realplayer 10 (video, audio)
• Skype (internet voice chat)
• KDE Mail (email)
• Photo Manager

Overall I found that Xandros has included pretty much everything most folks would need to use their computer for the usual tasks. There's not an endless amount of software included but what's here makes sense and is directly useful on a day to day basis. Xandros was smart not to overload its customers with too much software as that can be overwhelming and confusing to folks new to Linux.

I liked the Photo Manager in Xandros, when I plugged in my camera I got a popup menu that allowed me to open my files in the Photo Manager, Xandros File Manager or Music Manager. From there it was easy to choose the photos I wanted to have imported into the Photo Manager. Very slick and a nice value-add for anybody with photos to manage.

I also plugged in my iPod into my Xandros system and was able to play my tunes on my desktop computer. The Xandros Music Manager isn't quite as slick as iTunes but it'll get the job done for you. All I had to was plug my iPod into a USB port and then opt to have Music Manager opened when the menu popped up. HoIver, I couldn't play any protected content that I'd bought from the iTunes store, even if I kept them on the iPod.

Security in Xandros

Linux, unlike the security monstrosity known as Windows, is not known for having much in the way of security problems as a desktop OS. Windows viruses simply don't work in Linux and most Linux systems have built-in security features that are far better than anything Bill Gates' crappy operating system have. Xandros has made sure that its desktop OS contains proper security tools right out of the box.

I was pleased to note that Xandros comes with a built-in firewall, an anti-virus program and a system file protector. All of this is bundled together in the Xandros Security Suite. You can access this by clicking on the shield on the far-right of the Xandros desktop toolbar. It's very easy to set up a time to have your computer scanned regularly for viruses.

Once you've installed Xandros, be sure to spend a few minutes in the Xandros Security Suite to set it up the way you want. The firewall is off by default so you'll need to turn it and the anti-virus protection on when you first start up your Xandros system.

Problems with Xandros

I've got a few minor gripes about Xandros, nothing major mind you. But no operating system is perfect and Xandros is no exception.

Some of the applications on the Applications disc weren't part of the "complete office" setup I picked during installation. I found it somewhat annoying that the Gimp and OpenOffice weren't part of the default installation though I guess it's not that big of a deal. Still, it would probably be better if a user could select all of these apps from the install process and then just be prompted to put the disc in when the time came to install them. Newbies to Linux might not have realized that those apps were on the other disc.

The Music Manager in Xandros could be a little more slick than it currently is. I found it somewhat less than intuitive to have to click a couple of times to get a song to play off of my iPod. I'm not sure if this just has more to do with Apple's copyright legalities or not. I would have liked to be able to copy my music off the iPod and onto my Xandros system. But that may be illegal and very unwise for Xandros to do, given Apple's penchant for lawsuits at the drop of a hat.

Another minor thing that annoyed me was that there was no menu selection icon for Konqueror, the KDE browser. While Firefox remains my primary browser, I also enjoy using Konqueror at times as well. Konqueror is there as it's part of the KDE desktop but an icon for it in the Internet apps would have been nice. This is a very minor quibble though.

One last thing that I found I didn't like, GAIM (my preferred instant messaging client) isn't on the Applications disc or in the Xandros Networks library. Evolution, another gnome-based PIM, is available via Xandros Networks so I'm not sure why GAIM isn't available. Kopete is an okay IM client but GAIM will remain my favorite and I'd like to see it available.

The Verdict

Xandros is a great desktop operating system, no doubt about it. For folks that are looking for an alternative to the nastiness that it is Windows but who don't want to fork over big bucks for a Mac, Xandros hits the spot.

First look: Freespire

Freespire is the free offshoot of the proprietary Linspire Linux distribution, formerly an outside effort, but now produced by the company itself. The first beta release is available through the Freespire Web site, both as an CD-sized burnable ISO image and as a VMware Virtual Appliance. Despite its youth and inexperience, it already exhibits considerable polish.

Freespire is Debian-derived and uses KDE as its desktop environment. Both the beta and eventual 1.0 release are based on KDE 3.3 and the 2.6.13 kernel. According to the roadmap, these older components were selected in order to speed up delivery; shortly after Freespire is officially declared 1.0, newer versions of all the major components will go into the testing branch for Freespire 1.1.

Clicking and Running

Like the commercial version of Linspire, the default Freespire installation ships only a small set of applications; others are available through Linspire's Click-and-Run (CNR) service. The installed applications include the standbys: Firefox, Thunderbird, Gaim, OpenOffice.org, and a sizable bundle of media-centric apps for MP3 playing, CD ripping and burning, and BitTorrent downloads. It is light on games, supplying only what I would call office accessory grade amusements such as solitaire.

Of note among the installed programs are several proprietary apps -- the Gizmo VoIP client, RealPlayer, Adobe Flash, and the Mplayer plugin for Firefox, with QuickTime and Windows Media DLLs pre-installed. Two apps developed inside Linspire make an appearance -- Lsongs is an iTunes-like media player and Lphoto an iPhoto- or Picasa-like snapshot organizer. Linspire refers to both of these applications as open source, but the sources available on the Web site are noticeably out of date.

Despite its heritage as a "new user" distribution, Freespire is not unfriendly towards hackers and software developers. An xterm launcher occupies space number one on the task bar, and developer tools qualify for a top-level Programs menu. Only Emacs, Qt Designer, and some app called "vim" are installed by default, though far more accessible through CNR.

The pre-selected CNR-installable applications in every category are available via a CNR sub-menu in each category (e.g., Programs -> Games -> CNR). I found this to be a far more convenient method for finding these apps than launching the CNR client and browsing the repositories. Overall, I was pleased with the app selection, though there are several apps I hope will be promoted to the default install from their current CNR location. The GIMP, for instance, is the de facto image editing application in the Linux universe. Lphoto's Crop and Red-eye tools simply are not sufficient.

CNR is subscription-based service, starting at $20 per year, and is the same price for Freespire users as it is for Linspire customers. Anyone can sign up for a 30-day free trial. The service offers both proprietary and free applications, including most of the offerings familiar to experienced Linux users. In addition to the basic catalog, CNR furnishes customized application lists it calls "aisles." Aisles can be informative in nature (like the "recently updated" aisle) or created by individuals (like Amazon.com's Listmania feature).

If it seems pointless to create a "free" distribution of Linspire only to require that it depend on a for-pay service like CNR, there is good news. Freespire can use the entire chain of APT tools for software installation and package management, connecting to Linspire's repositories, completely free of charge.

Of course, CNR's claim to fame is its ease of use, and it is certainly far friendlier than apt-get or even Synaptic. CNR presents only human-vetted selections, and accompanies them with detailed explanations and screenshots. For the techno-timid market Linspire seeks to serve, it is undoubtedly better.

But then again, Freespire is intended to serve a less timid market. Certainly installing Synaptic from the command line is no great burden, but I think it makes more sense to install it by default. If the Freespire project is truly community-driven a Linspire advertises it, expect to see that in future releases.

Less really is more!

Not only does Linspire not ship with APT and Synaptic, it is in fact limited to using CNR alone for adding software. Add to that the fact that both distros ship with the same closed-source components, such as video drivers, MP3 support, and proprietary applications like Flash and Gizmo, and the bottom line is that the "free" Freespire actually includes considerably more than the commercial Linspire.

Perhaps Linspire sees more money to be made in giving away the distro itself and selling access to the CNR service. Such a business plan would make sense; with almost all competing distros available at no cost, the initial price tag could scare off a lot of potential customers. Better to get them in the door, then start selling.

The Freespire Web site, in fact, describes plans to begin work on two distinct Freespire distros: the existing Linspire-like Freespire, and Freespire OSS Edition, with no proprietary code whatsoever. It seems more likely that for-pay Linspire will disappear at some point than that the company will choose to maintain three distinct distros when two are almost identical.

But regardless of whether that is Linspire's scheme, today the Freespire distro offers a better value than its commercial counterpart. No cost up front, CNR for those interested in paying monthly for the convenience, and traditional package management for those who don't. The company sponsoring its development has taken flak over the years from free software advocates, but in Freespire it has put together a solid distribution.

Google announces hosting for open source projects

PORTLAND, Ore. -- Google is scheduled to announce hosting for open source projects on Google Code today during Greg Stein's talk at the O'Reilly Open Source Convention (OSCON).

Stein, an open source engineer with Google and chairman of the Apache Software Foundation, will be disclosing the new service officially at his talk "A Google Service for the Open Source Community," scheduled for 1:45 p.m. PDT today.

I sat down yesterday with Stein and Google's open source program manager Chris DiBona, who describe the service as similar to SourceForge.net and other community hosting projects, but not designed to compete with those projects.

Stein says, "We really like SourceForge, and we don't want to hurt SourceForge" or take away projects. Instead, Stein says that the goal is to see what Google can do with the Google infrastructure, to provide an alternative for open source projects.

DiBona says that it's a "direct result of Greg concentrating on what open source projects need. Most bugtrackers are informed by what corporations" and large projects need, whereas Google's offering is just about what open source developers need.

Stein says that Google's hosting has a "brand new look" at issue tracking that may be of interest to open source projects, and says "nobody else out there is doing anything close to it." At the same time DiBona and Stein say that Google's hosting offering will not have some features present in SourceForge.net and other code repositories that open source projects and enterprise customers might want.

With the new service, Stein says Google was able to "cut out a lot of heavy structure" and apply Google's full text search to just the features that open source projects may need. "Rather than doing queries through that [heavy] structure, we can just full text search across it all. It provides a really powerful mechanism for issue tracking, but keeps it really simple."

The other main feature for Google Code hosting, according to Stein, is a "massively scalable Subversion repository." Stein says Google rebuilt Subversion to store data in Big Table, a massively scalable, highly available storage technology used in Google.

Stein says that the company will have all the Google projects on there, but they're not going out there to get projects to move. As a precaution, Stein also says that Google has a list of SourceForge.net projects, to ensure that new projects will not encroach on existing projects' namespaces.

For example, it won't be possible to set up a Gaim project on Google Code hosting, unless there's an approval from the project owner on SourceForge.net. This will prevent any confusion or deliberate attempts at impersonating SourceForge.net projects.

Not yet feature-complete

The initial public release will not be feature-complete, but users will be able to sign up right away without an invitation, unlike some of Google's other new service launches.

In particular, Stein says that Google Code is missing file download at the moment, but that it's a high priority to add that feature. Unlike SourceForge.net, Stein says that the service will not have, and Google has no plans to add, Web site hosting for projects.

To sign up for the service, a project needs to be licensed under one of seven approved licenses: Apache license, Artistic License, GNU General Public License (GPL), Lesser General Public License (LGPL), Mozilla License, BSD license, or MIT license. DiBona says that Google is trying to make a statement about license proliferation by offering only a narrow set of license for projects to choose from.

DiBona and Stein describe the project as ideal for smaller open source projects, rather than larger projects with more complex needs, such as Apache or GNOME. However, they also say that larger projects are welcome.

One of the most discussed topics at OSCON this year has been open data -- the ability for users to get their data out of a program or service and use it elsewhere. Stein says that Google understands the importance of being able to move data. "We don't have those [migration features] in there now, but that's something we intend to [have] ... we intend to do it soon after launch."

Review: VMware's worthy new option for virtual servers

VMware announced in February that it would be releasing VMware Server, an "entry-level virtualization product," for free. After several months of beta testing, VMware Server 1.0 has finally gone gold. After spending several days testing the 1.0 release, I'm pleased with its performance and ease of use, particularly given the price.

VMware is trying to hold on to its market-leading position by giving away some entry-level products to hook users and organizations early, before they standardize on competing products such as Virtuozzo or Xen. Given the quality of VMware Server, the strategy just might succeed.

Installing VMware Server

VMware offers the VMware Server software as an RPM or a tarball with the installer and necessary components -- no Debian package at this time, unfortunately. I decided to go with the RPM install on a dual Pentium III 1.0GHz server with 2GB of RAM, running CentOS 4.3. VMware Server should install on most x86 or AMD64 Linux distros. The main prerequisites are GCC and the kernel headers for your system.

The install consists of running the RPM, and then going through a short configuration script to set up VMware's networking. For most users, the defaults offered by VMware should be fine; so it's mostly a matter of hitting Enter several times, saying "Yes" to the VMware license, and entering a license key.

The console is installed on the host machine, but VMware also offers standalone packages -- available from the VMware Web site and as a download through the VMware Management Interface -- so you can run the console from your desktop and manage servers remotely. The console is available as an RPM or tarball for Linux, and a Windows version is available as well.

Again, installing the console isn't terribly difficult. Either install the RPM or run the installer script, then agree to the VMware license, run through a few questions, and you can fire it up.

Using VMware Server

After setting up VMware Server, I decided to start testing with the Ubuntu 6.06 LTS server install. Setting up a new VM is simplicity itself; just log into the VMware Server Console, click on "Create a new virtual machine" and walk through a GUI wizard that will ask a few questions about the OS that you want to run, and what resources you want to grant to the virtual machine.

Since the VMware virtual hosts are supposed to be portable between different VMware products, I also decided to try running a few virtual machines created under VMware Workstation under Server. The Workstation guests ran fine under VMware Server -- though Server is, apparently, fairly sensitive to permissions. The first time I tried to run a virtual machine under VMware Server, I got an obscure error. I did a bit of Googling, and discovered the problem might have been the ownership of the files. After changing the ownership of the files, the virtual machine started up with no problem.

The second VM had an error that was a little more descriptive; it complained about needing execute access for the .vmx file. That seemed weird, because I'd grabbed the guest OS off of the VMware directory of freely available virtual machines. Setting the .vmx file as executable did the trick, though, and it ran fine after that.

The virtual machine performance seems to be pretty close to performance on equivalent hardware. I ran several virtual machines simultaneously -- mostly Linux VMs, but I also threw a Windows XP virtual host in for good measure. I used the stress, dbench, and tbench utilities to generate heavier loads on the virtual machines to see if that had any impact on other VMs hosted on the same system or the host system itself. Other than an increased load on the host system, which is to be expected since VMware Server is a process running on the host system, I didn't see any impact on other VMs or the host.

I did see a little performance degradation on the host when I had several VMs running and I was at the stage of creating a new VM's disk files. By default, VMware Server allocates all of the virtual disk space when the virtual disk is created, rather than filling it as time goes on. This is designed to improve performance over time, but it seems to be somewhat resource-intensive when the disk is being created.

I was impressed that I could run a virtual Linux or Windows desktop on the server and use it on my workstation via VMware Server Console and still see performance almost equal to running the OS on my local machine natively.

The only downside to running a desktop OS remotely is that VMware Server doesn't support sound over remote connections. This isn't a problem at all if you're running server OSes, but if you're hoping to run a desktop OS via VMware Server, it'll be a silent one.

Unlike its predecessor, VMware GSX, VMware Server offers support for virtual symmetric multiprocessing (SMP). SMP support is considered experimental at the moment, but I didn't encounter any problems with SMP enabled on one of my Linux virtual hosts that has an SMP kernel. I ran benchmarks and normal system loads to see if it had any issues -- it ran just fine, no problems at all.

One of my favorite features in VMware Server is the snapshot feature. If you have a system running as a virtual host, all you need to do is to take a "snapshot" before any major system change. If all goes well, no problem. If something goes south, you can revert to the system state prior to the snapshot with one button click. This is great for testing and production use.

What have you got to lose?

The only thing that concerns me, and should concern any company investing in virtualization, is that VMware Server -- while "free" as in beer -- is still a proprietary product. VMware giveth, and VMware can take away. There's nothing to stop VMware from dropping VMware Server at a later date in favor of a product that requires an up-front license fee, or from removing features if the company deems it necessary to boost adoption of more expensive offerings. This isn't necessarily likely, and I'm not suggesting that I expect it to happen -- but it's something to be aware of.

VMware does have a plan to make money off of VMWware Server. The company sells support starting at $350 for VMware Server on a system with up to two CPUs for one year, and it also offers add-on products to make management of VMware Server easier. If you have only a handful of systems that will run VMware Server, you can easily get by using the freely available tools, but VMware is no doubt banking on bringing in support and add-on dollars after organizations get their first taste of virtualization goodness.

Licensing caveats aside, I really like VMware Server. It's a solid product, easy to use and administer, and the performance is top-notch. If you need a way to run multiple hosts on a single server, I'd put VMware Server at the top of the list.

LAMP On Ubuntu 6.06 For Noobs

I, like many others, made the decision to attempt an install of Ubuntu 6.06 server with the preconfigured LAMP option without having ever attempted using Linux before. My goal was to build a setup that I could host my personal web site from. Embarking on this journey I had no idea how much knowledge I lacked and in turn would learn in my quest to host. I floundered around on forums and clung helplessly to Google for aid in all the places I fell short. I found that a really good resource for building a LAMP configuration for complete Linux noobs was either not available, or stuffed neatly in some Google Bermutan triangle which my browser was afraid to go. Hence, I am writing this as a partial documentation of my trials and tribulations with hopes of aiding all Linux noobs on the steps necessary to create a basic Linux, Apache2, MySQL5 and PHP5 system with FTP. Again, this document is tailored to complete Linux beginners and is in no way a complete guide to attacking such a setup. It will get you up and running but will need security hardening like no other.

If you have a decent amount of RAM I would suggest downloading a copy of Vmware and use that to mess around with installing Linux within it. That would be the best way to tamper with everything here while easily restoring it if you have problems. Vmware server edition is available as a free download (for now) from here.

Installing Ubuntu 6.06 Server

First off, when you download the Ubuntu 6.06 server edition CD from Ubuntu you will obviously have to install it. This document will not go into detail on the installation of the OS itself, as I will assume you already know how to burn an image and boot to the disk. If not, you can write me with questions related to that aspect of the installation. Once you have the disk burned and booted you are presented with the menu options for the installation. Choose the LAMP installation option and follow the prompts to configure the OS.

If you where like me than you had no idea that after installing the LAMP option you would be left with a command prompt and absolutely no idea what to do. It is now that you should make the decision to either learn to use a command prompt to navigate, or install a desktop environment from the prompt in order to navigate in a friendly GUI environment. I will continue with the assumption that you would rather work in a GUI environment, though not resource friendly for your server system, it will make navigation and software installation within Linux much easier for a beginner.

In order to obtain a desktop GUI from the terminal prompt after installing the Ubuntu LAMP server OS you have to type a command. There are I believe a couple different desktop environments to choose from ie. KDE or Gnome but I prefer (for none other than aesthetics) the Gnome option. It is nice and clean and I found a little easier to use. Both use the apt-get for software installation and updates, which is ridiculously easy to use in my opinion.

So, here you are staring at a command prompt. To obtain a desktop GUI you have to type:

sudo apt-get update

sudo apt-get install ubuntu-desktop

(it may ask for the Ubuntu install disk; I can’t remember if it uses that or the Universe repositories.) either way, stay connected to the internet just in case.

It should prompt you for the password you entered during the install of Ubuntu since the “sudo” command invokes root privileges. This was something I had a hard time understanding at first since Windows users come from the mentality that users default to administrator access to files. Ubuntu does not; you have to invoke root privileges by using the sudo or su command in order to modify most aspects of the system. This gets most frustrating later on but as you get used to it, it is an extremely preventative measure, which could have saved Windows from so many mono-user based security exploits.

Now that you have entered the commands to begin the installation of the desktop and you see the files loading and installing, you can sit back and relax for a bit. If you’re installing on an old system it may take a while for it all to complete.

Once the desktop installation finishes it will prompt you to reboot. Once rebooted you should find yourself with a familiar GUI logon interface requesting your username and password you entered again from the OS installation. Log in and it will bring you to the brown Gnome desktop.

Configuration

At this point you now have Ubuntu 6.06 up with Apache2, MySQl 5, PhP5 and Pearl5 all running on your system you just don’t know it. The next step is to configure each to your own needs. Again, this is a drastic difference from Windows type software configuration as most things Windows based include a nice, easy to use setup.exe file that prompts for any configuration needs. This is not the case with Linux for the most part. In order to modify the necessary files within each of these servers you have two options. You can either find the config file for each and manually edit that in a text editor, or you can download a web-based server management utility which simplifies the task for you using a GUI type interface. I found that WebMin made configuring my servers extremely easy as I was not familiar, nor comfortable, manually editing most of the config files.

WebMin is a freely available resource and can be downloaded here. I would suggest downloading it directly from the website as the repository may be outdated (It may not even have it). WebMin will require a bit of configuration itself as it defaults to using Apache 1’s config files instead of Apache2, which causes some issues when using the interface to adjust Apache2 settings.

After downloading the file you will be left with a file called “webmin-1.290.tar.gz”. This is a compressed file that will need to be uncompressed. Just double click it and uncompress it to the desktop.

Now, the next step is to install the WebMin software. Installing software in linux is much different than Windows and to do so you must first have the latest compiling software installed. You can either use Synaptic and search for the package called Build Essential or enter the command in a terminal prompt:

sudo apt-get install build-essential

This will install everything needed for installing the software.

Now that you have the tools to install WebMin, the next step is to open a terminal and navigate to the decompressed folder you created on the desktop. To do this in the terminal you need to type a few commands.

cd Desktop

Type

ls (modified from "dir" as recomended by anonymous)

to make sure the uncompressed folder webmin-1.290 is there.

cd webmin-1.290

You will now be in the folder containing the files for WebMin. The next step is to run the command that will actually install it.

./setup.sh /usr/local/webmin

This will start the installation, which will then prompt you for some configuration settings. Use the default settings except for the username and password of course.

With WebMin installed, you can now configure most of your other servers from WebMin’s control panel which is much easier for new linux users than finding and modifying each server’s config files. In order to make any modifications to Apache2 within WebMin you will have to change a couple settings within.

First navigate to WebMin’s control panel by typing http://chris:10000/ in your internet browser. (replacing “chris” with the default username you installed linux with.) This should bring up the interface for WebMin.

Click on the “servers” option and navigate to the “Apache Webserver” icon.

In the upper left hand corner you will see a tab called “module configuration” which you will need to click on and change a few things therein.

1. change the “File or directory to add virtual servers to” to “/etc/apache2/sites-available/default”. This will change to the correct directory if you want to host multiple sites.

2. change the "Directory to create links in for new virtual servers" to "/etc/apache2/sites-enabled/000-default". This will enable the chosen virtual sites.
(should look like this pic)

(yeah, I know the pic looks diff....I'm at work :)

2. scroll down into “system configuration” and change the “server root directory” to “/etc/apache2”.

3. change the “path to httpd executable” to “/usr/sbin/apache2ctl”.

4. change the “path to apache2ctl” to “/usr/sbin/apache2ctl”.

5. change the “command to start apache” to “/etc/init.d/apache2 start”

6. change the “command to stop apache” to “/etc/init.d/apache2 stop”

7. change anything else below that has the word “apache” to “apache2” or it will not access the correct directory or file. I believe this is due to the default settings being designed for apache1 not apache2. (should look like the image below)

After completing these steps you will need to save, and then navigate back to the “apache webserver” icon where you can restart apache2. You will need to do this in order for the changes to take effect. After restarting you will have WebMin configured correctly for use with apache2. If you can’t restart apache after the changes, it is because the “restart” button is still using the old configuration from prior to your editing it. You will need to restart the computer as I don’t remember the apache restart command for apache1.

In order to reach your web server from the outside world you will have to make sure that port 80 is open. Some ISP’s block inbound traffic to this port with the intent to block web servers from running on their network. This can be bypassed by routing through another port (8080 or whatever else) though you will have to update your DNS with the correct port.

Now is the time to test your settings. You will need to know the WAN IP address of your computer; the one that others would use to access you on the web. This can be found by going to www.myip.dk or another site which will give it to you. Do not use your LAN address (something like 192.168.x.x) as this is your internal address unreachable from outside your internal network. Enter your WAN IP into your web browser and it should bring you to the default Apache2 web page. It should say something about Apache2 having been installed successfully and that you are at the default page.

If you found the default page, then you DO have port 80 available and your server is up and running. From here, all you would have to do is put your site in the directory “/var/www” and lable your home page “index.html” and it would be accessible from your external WAN IP. A little bit later we will discuss how to configure a DNS so others can type in your domain name instead of your IP to reach your site. If for some reason you did not access the default Apache2 page, your ISP may be blocking the port. To circumvent this you will have to port forward using something similar to this:

1. If you are behind a router you will need to give your pc a static IP. Do this by going into your “network setting” option in the System drop down menu in Ubuntu. Choose “Ethernet connection” and then properties.
2. In the IP address option type “192.168.1.3”. (you can change the “3” to anything else; if you have DHCP setup make sure you use a number that isn’t being used or it will cause conflicts. Generally its ok to use a number below 50)
3. In the “subnet mask” it should default to “255.255.255.0”. Leave that.
4. In the “default gateway” use your routers ip. It should be 192.168.1.1
   (should look similar to the pic below ; if you want to use 192.168.1.10 as I have then it would look exactly the same.)

Next, you will need to login to your router and forward HTTP requests to port 8080. I use a Linksys wrt54g router to do this but if you use a different model I'm sure the steps are similar. First you need to type in the ip of the router itself which is generally 192.168.1.1. This should bring up a login box for a username and password. It should be something like :

usrname:
passwrd: admin

Once logged into your router, you will see a simple GUI interface for adusting properties within your router. On the Linksys, you will see a section called "Gaming and Accessories" which is the tab you need to click on. It will bring up the option to portforward I think 10 individual ports. Enter:

Description: "HTTP"
Port from: "8080"
Port to : "8080"
IP: "192.168.1.3" (or whatever statip IP you gave your computer)
Make sure and click the checkbox for "Enable" or it wont activate the portforwarding
(should look like this pic only using 8080 instead of 80)

This will allow you to port forward to the internal IP 192.168.1.3 for port 8080. If you were stuck before and couldn’t reach the default Apache2 page, and you have now given your pc a static ip, you will need to change the Apache2 listen port in WebMin from 80 to 8080. To do this:

-open WebMin and click on the “apache webserver” icon.
-click on “network and addresses” and change the port there.
-restart apache using the “restart apache” option in WebMin

To reach your webserver externally you will now have to type your WAN IP and 8080 in your browser. Ex. “66.665.66.1:8080”. This is only necessary if your IP is blocking port 80.

At this point you should have the ability to access your webserver. Try replacing the default Apache2 index.html page with your own. You should easily be able to have your own site up after that. From here you have the option to setup FTP to access your web folder from anywhere, a DNS server for configuring your own domain name, mail and ftp routing and many other fun options. I will continue on focusing on FTP, DNS and Mail server configuration.

If you’ve made it this far, you have probably realized how different it is to navigate in Linux vs Windows. With a little more practice and configuration it may start feeling a bit more comfortable. After getting my web server online I was so eager to be able to add content to it from my other pc or my work computer that my next step was to install a functioning FTP server. The next section will deal with that specifically.

FTP Configuration

The FTP software I have been using is Proftpd. This software may not be any better than others available but it seemed the easiest to configure which is all I really care about as a new linux user. WebMin has the icon for Proftpd already listed but it will not work until you actually install it from Synaptic. To do so:

- Open synaptic in Ubuntu and search for Proftpd.
- Let synaptic download and configure it for you. WebMin will work with it after you have it installed.
- You now have an FTP server on your system. Next you will need to configure a few things.

First, you need to add a new user to your Ubuntu users list. Go to your “system” tab on the desktop again, Go to “administration” then “users and groups”. Here you will be able to add a new user and name it whatever you want. Next, add a new group and call it “ftp”. Make sure and add the user you made to the group “ftp”. You will also need to give your user access to the directory “/var/www” or whatever your site address is so you can access the correct directory.

Next you will need to use WebMin to add the user to Proftpd. Click on the Proftpd server icon in WebMin and navigate to the “edit confi files” icon within. There you will have to manually add your user and group into the file. In the config file find where it says:
“set the user and group that the server usually runs at” and add them into the file manually.
(should look like this before you change them)

While you’re in the config file you may want to change the “umask” setting to something a little less strict or your files will have a high user permission setting and may be inaccessible by users to your site. You may want to Google how file permissions work in order to gain a better understanding. To test your server you can change your umask setting to a lower setting like “002” or something to test it.

After adding the user and group, you may need to port forward port 21 to your static IP. (this is only if you are behind a router or firewall). Do this in the same fashion as the configuration change earlier for port 8080.

Now you should be able to access your users directory on your Linux PC using FTP. You can try it by opening a new network connection in Windows using “ftp://username@IP”. Substitue the username and IP for your ftp username and the external IP of your computer (plus port if you use a port other than 21) and you should be able to access the directory you specified.

MySQL and PHP are both configured for you upon installation of the Ubuntu LAMP Server so configuring them is unnecessary unless you need to. If you do, use the WebMin interface to make those changes as it is probably the easiest. You can also download phpMyAdmin if you want more control over your MySQL databases.

Again, in no way is this a professional outline of how your system should be setup. I intended this document to aid in making the installation and configuration a bit easier for the beginner and have left out probably a few things here and there. If you have anything to add or criticize you can email me.

Good-bye, Pentium--hello, Core 2 Duo

SANTA CLARA, Calif.--Intel officially closed the books on the Pentium era on Thursday with the Core 2 Duo, its most important product launch in 13 years.

"This is not just an incremental change; this is a revolutionary leap," Intel CEO Paul Otellini said at a launch event here, held in a heavily air-conditioned tent. The last time the company held such an event at its headquarters was when it introduced the Pentium processor in 1993, a similarly important milestone in its history.

Back then, the PC market was a fraction of its current size, Otellini said. Pentium quickly became one of the computer industry's most recognized brands, albeit in a much different competitive environment.

The Core 2 Duo launch comes as Advanced Micro Devices narrows the gap between the two companies with better-performing products for desktops and servers. At the same time, the PC industry is searching for a boost after a bad financial quarter and yet another delay in the launch of Microsoft's Windows Vista update.

However, Intel thinks it's back. Early reviews of the Core 2 Duo have been stellar, and the chipmaker has accumulated more design wins for the new processors than for any other new processor in its history, Otellini said.

The Core 2 Duo is based on Intel's Core microarchitecture, an offshoot of its work over the last decade to shift away from chasing clock speed as the holy grail of performance. Simply put, chips based on the Core microarchitecture do more work per clock cycle. Intel designers changed the way instructions move through the processor and developed a more sophisticated cache memory design to improve its performance and alleviate the inefficiencies of its front-side bus, or the link between the processor and the main memory.

The results put Intel's older Pentium-class processors to shame, when measuring both performance and power consumption. They also outperform AMD's currently available processors, according to a wide variety of reviews.

Two classes of Core 2 Duo processors were released Thursday. PCs based on the Core Extreme processor are available immediately. However, "Extreme" is an appropriate description for both the performance and price of those systems, and they are only appropriate for the deep-pocketed performance-starved user. Mainstream systems at more affordable prices will start to appear in early August, Otellini said.

Pentium D processors aren't going away just yet. Hewlett-Packard, for one, plans to have only 20 percent to 25 percent of its desktops fitted with the Core 2 Duo by the end of the year. Intel slashed prices on older Pentium D and single-core Pentium 4 chips on Thursday, in some cases up to 60 percent.

But the chipmaker is moving aggressively to get the new chips out to its partners, Otellini said. When it launched the first Pentium processor, it took the company a year to ship 1 million processors. It should reach that mark with the Core 2 Duo in seven weeks, he said.

Fresh concerns over Vista release

Microsoft shares fell on Thursday after it declined to dampen rumours that its new Windows Vista operating system might face fresh delays.

Its shares closed down 2% after a Microsoft executive appeared to avoid confirming the current January 2007 Vista release data for consumers.

Instead, Microsoft's Kevin Johnson said Vista would be shipped "when it is available".

He was speaking at the firm's annual financial analyst meeting.

Hesitation?

Microsoft originally intended to release Vista - the first major update since Windows XP was introduced five years ago - in the second half of 2006.

Yet in March of this year it postponed the release until 2007, and last month Microsoft chairman Bill Gates predicted there was only an "80% chance" it would be shipped on time.

Mr Johnson, Microsoft's co-president of Microsoft's platforms and services unit, said: "We are going to ship the product when it is ready, and we are just going to take it milestone by milestone."

Goldman Sachs analyst Rick Sherlund said Mr Johnson appeared to be hesitating over the release date.

Vista will be available for corporate customers in November.

Mr Johnson also told the analyst meeting that Microsoft was on target to achieve revenues of between $14.3bn (£7.7bn) and $14.5bn (£7.8bn) in its current fiscal year.

Vista to have inbuilt undelete

Vista has an inbuilt undelete system based on Windows Server 2003’s versioning file system, Microsoft has revealed.

The technology, which is automatically switched on in Vista, will be a boon for anyone who has accidentally overwritten their PhD thesis with a BPAY receipt.

However, it will also no doubt play a part in plenty of future court cases revolving around files that people thought they had deleted.

The technology used to preserve the files is called “volume shadow copy”. In Vista, the user sees it as “previous versions“.

It keeps backups of older versions of files when you save a new version — sort of like how old versions of Word used to save “bak” files (though this technology is actually useful because it provides an interface for restoring versions reliably).

With shadow copy, if you accidentally erase some key paragraphs of a Word document and then manage to save over the top of the complete file, Vista will preserve the old version and you can restore it later.

But Microsoft says the feature can also be used in the case of accidental deletions.

“In the event of an inadvertent change or deletion of a file or folder, Previous Versions allows you to revert the file or folder to any previous version, restore a previous version from a backup (made with Windows Backup), or make a copy of a previous version.”

Previous Versions is automatically switched on in Vista, but can be disabled via the System Protection tab on the System Properties control panel.

Introduction to User Mode Linux

What Is UML?

User Mode Linux (UML) is a virtual Linux machine that runs on Linux. Technically, UML is a port of Linux to Linux. Linux has been ported to many different processors, including the ubiquitous x86, Sun's SPARC, IBM and Motorola's PowerPC, DEC's (then Compaq's and HP's) Alpha, and a variety of others. UML is a port of Linux in exactly the same sense as these. The difference is that it is a port to the software interface defined by Linux rather than the hardware interface defined by the processor and the rest of the physical computer.

UML has manifold uses for system administrators, users, and developers. UML virtual machines are useful for test environments that can be set up quickly and thrown away when no longer needed, production environments that efficiently use the available hardware, development setups that can make it much more convenient to test software, plus a surprising number of other things.

Comparison with Other Virtualization Technologies

UML differs from other virtualization technologies in being more of a virtual operating system (OS) rather than a virtual machine. In spite of this, I will stick to the common terminology and call UML a virtual machine technology rather than a virtual OS, which would be somewhat more accurate.

Technologies such as VMWare really are virtual machines. They emulate a physical platform, from the CPU to the peripherals, well enough that any OS that runs on the physical platform also runs on the emulated platform provided by VMWare. This has the advantage that it is fairly OS-agnostic—in principle, any OS that runs on the platform can boot under VMWare. In contrast, UML can be only a Linux guest. On the other hand, being a virtual OS rather than a virtual machine allows UML to interact more fully with the host OS, which has advantages we will see later.

Other virtualization technologies such as Xen, BSD jail, Solaris zones, and chroot are integrated into the host OS, as opposed to UML, which runs in a process. This gives UML the advantage of being independent from the host OS version, at the cost of some performance. However, a lot (maybe all) of this performance can be regained without losing the flexibility and manageability that UML gains from being in userspace.

As we will see later, the benefits of virtualization accrue largely from the degree of isolation between users and processes inside the virtual machine or jail and those outside it. Most of these technologies (excluding Xen and VMWare) provide only partial virtualization and, thus, partial isolation.

The least complete virtualization is provided by chroot, which only jails processes into a directory. In all other respects, the processes are unconfined. Even then, on Linux, chroot can't confine a process with root privileges, since its design allows superuser processes to escape.

BSD jail and vserver (a Linux-based project with roughly the same properties) provide stronger confinement. They confine processes to a subset of the filesystem and don't allow them to see processes outside the jail. A jail is also restricted to using a single IP address, and it can't manipulate its firewall rules. Jailed processes are not restricted in their use of CPU time or I/O. The jails on a system are implemented within the system's kernel and therefore share the kernel, along with the bugs and security holes it contains. The inability to change firewall rules is a consequence of incomplete virtualization, as is the requirement to share the kernel with the host.

Solaris zones are much closer to full-blown virtual machines and complete isolation. Processes within a zone can't see outside files or processes, as is the case with a jail. Zones have their own logical devices, with some restrictions on their access to the network. For example, raw access to packets isn't allowed. A zone can be assigned a certain number of shares within the global fair share scheduler, limiting the share of CPU that the processes within a zone can consume. We will see this concept later in the form of virtual processors in a multiprocessor virtual machine. Zones, like the other technologies described so far, are implemented within the kernel and share the kernel version and configuration with each other and the host.

Finally, technologies such as VMWare, Xen, and UML implement full virtualization and isolation. They all have fully virtualized devices with no restrictions on how they may be used. They also confine their processes with respect to CPU consumption by virtue of having a certain number of virtual processors they may use. They also all run separate instances of the OS, which may be different versions (and even a completely different OS in the case of VMWare) than the host.

Why Virtual Machines?

A UML instance is a full-fledged Linux machine running on the host Linux. It runs all the software and services that any other Linux machine does. The difference is that UML instances can be conjured up on demand and then thrown away when not needed. This advantage lies behind the large range of applications that I and other people have found for UML.

In addition to the flexibility of being able to create and destroy virtual machines within seconds, the instances themselves can be dynamically reconfigured. Virtual peripherals, processors, and memory can be added and removed arbitrarily to and from a running UML instance.

There are also much looser limits on hardware configurations for UML instances than for physical machines. In particular, they are not limited to the hardware they are running on. A UML instance may have more memory, more processors, and more network interfaces, disks, and other devices than its host, or even any possible host. This makes it possible to test software for hardware you don't own, but have to support, or to configure software for a network before the network is available.

In this book, I will describe the many uses of UML and provide step-by-step instructions for using it. In doing so, I will provide you, the reader, with the information and techniques needed to make full use of UML. As the original author and current maintainer of UML, I have seen UML mature from its decidedly cheesy beginnings to its current state where it can do basically everything that any other Linux machine can do (see Table 1.1).

Table 1.1. UML Development Timeline

Date	Even
Late 1998 to early 1999	I think about whether UML is possible.
Feb. 1999	I start working on UML.
June 3, 1999	UML is announced to the Linux kernel mailing list.
Sept. 12, 2002	UML is merged into 2.5.34.
June 21, 2004	I join Intel.

A Bit of History

I started working on UML in earnest in February 1999 after having the idea that porting Linux to itself might be practical. I tossed the idea around in the back of my head for a few months in late 1998 and early 1999. I was thinking about what facilities it would need from the host and whether the system call interface provided by Linux was rich enough to provide those facilities. Ultimately, I decided it probably was, and in the cases where I wasn't sure, I could think of workarounds.

So, around February, I pulled a copy of the 2.0.32 kernel tree off of a Linux CD (probably a Red Hat source CD) because it was too painful to try to download it through my dialup. Within the resulting kernel tree, I created the directories my new port was going to need without putting any files in them. This is the absolute minimum amount of infrastructure you need for a new port. With the directories present, the kernel build process can descend into them and try to build what's there.

Needless to say, with nothing in those directories, the build didn't even start to work. I needed to add the necessary build infrastructure, such as Makefiles. So, I added the minimal set of things needed to get the kernel build to continue and looked at what failed next. Missing were a number of header files used by the generic (hardware-independent) portions of the kernel that the port needs to provide. I created them as empty files, so that the #include preprocessor directives would at least succeed, and proceeded onward.

At this point, the kernel build started complaining about missing macros, variables, and functions—the things that should have been present in my empty header files and nonexistent C source files. This told me what I needed to think about implementing. I did so in the same way as before: For the most part, I implemented the functions as stubs that didn't do anything except print an error message. I also started adding real headers, mostly by copying the x86 headers into my include directory and removing the things that had no chance of compiling.

After defining many of these useless procedures, I got the UML build to "succeed." It succeeded in the sense that it produced a program I could run. However, running it caused immediate failures due to the large number of procedures I defined that didn't do what they were supposed to—they did nothing at all except print errors. The utility of these errors is that they told me in what order I had to implement these things for real.

So, for the most part, I plodded along, implementing whatever function printed its name first, making small increments of progress through the boot process with each addition. In some cases, I needed to implement a subsystem, resulting in a related set of functions.

Implementation continued in this vein for a few months, interrupted by about a month of real, paying work. In early June, I got UML to boot a small filesystem up to a login prompt, at which point I could log in and run commands. This may sound impressive, but UML was still bug-ridden and full of design mistakes. These would be rooted out later, but at the time, UML was not much more than a proof of concept.

Because of design decisions made earlier, such fundamental things as shared libraries and the ability to log in on the main console didn't work. I worked around the first problem by compiling a minimal set of tools statically, so they didn't need shared libraries. This minimal set of tools was what I populated my first UML filesystem with. At the time of my announcement, I made this filesystem available for download since it was the only way anyone else was going to get UML to boot.

Because of another design decision, UML, in effect, put itself in the background, making it impossible for it to accept input from the terminal. This became a problem when you tried to log in. I worked around this by writing what amounted to a serial line driver, allowing me to attach to a virtual serial line on which I could log in.

These are two of the most glaring examples of what didn't work at that point. The full list was much longer and included other things such as signal delivery and process preemption. They didn't prevent UML from working convincingly, even though they were fairly fundamental problems, and they would get fixed later.

At the time, Linus was just starting the 2.3 development kernel series. My first "UML-ized" kernel was 2.0.32, which, even at the time, was fairly old. So, I bit the bullet and downloaded a "modern" kernel, which was 2.3.5 or so. This started the process, which continues to this day, of keeping in close touch with the current development kernels (and as of 2.4.0, the stable ones as well).

Development continued, with bugs being fixed, design mistakes rectified (and large pieces of code rewritten from scratch), and drivers and filesystems added. UML spent a longer than usual amount of time being developed out of pool, that is, not integrated into the mainline Linus' kernel tree. In part, this was due to laziness. I was comfortable with the development methodology I had fallen into and didn't see much point in changing it.

However, pressure mounted from various sources to get UML into the main kernel tree. Many people wanted to be able to build UML from the kernel tree they downloaded from http://www.kernel.org. or got with their distribution. Others, wanting the best for the UML project, saw inclusion in Linus' kernel as being a way of getting some public recognition or as a stamp of approval from Linus, thus attracting more users to UML. More pragmatically, some people, who were largely developers, noted that inclusion in the official kernel would cause updates and bug fixes to happen in UML "automatically." This would happen as someone made a pass over the kernel sources, for example, to change an interface or fix a family of bugs, and would cover UML as part of that pass. This would save me the effort of looking through the patch representing a new kernel release, finding those changes, figuring out the equivalent changes needed in UML, and making them. This had become my habit over the roughly four years of UML development before it was merged by Linus. It had become a routine part of UML development, so I didn't begrudge the time it took, but there is no denying that it did take time that would have been better spent on other things.

So, roughly in the spring of 2002, I started sending updated UML patches to Linus, requesting that they be merged. These were ignored for some months, and I was starting to feel a bit discouraged, when out of the blue, he merged my 2.5.34 patch on September 12, 2002. I had sent the patch earlier to Linus as well as the kernel mailing list and one of my own UML lists, as usual, and had not thought about it further. That day, I was idling on an Internet Relay Chat (IRC) channel where a good number of the kernel developers hang around and talk. Suddenly, Arnaldo Carvalho de Melo (a kernel contributor from Brazil and the CTO of Conectiva, the largest Linux distribution in South America) noticed that Linus had merged my patch into his tree.

The response to this from the other kernel hackers, and a little later, from the UML community and wider Linux community, was gratifying positive. A surprisingly (to me) large number of people were genuinely happy that UML had been merged, and, in doing so, got the recognition they thought it deserved.

At this writing, it is three years later, and UML is still under very active development. There have been ups and downs. Some months after UML was merged, I started finding it hard to get Linus to accept updated patches. After a number of ignored patches, I started maintaining UML out of tree again, with the effect that the in-tree version of UML started to bit-rot. It stopped compiling because no one was keeping it up to date with changes to internal kernel interfaces, and of course bugs stopped being fixed because my fixes weren't being merged by Linus.

Late in 2004, an energetic young Italian hacker named Paolo Giarrusso got Andrew Morton, Linus' second-in-command, to include UML in his tree. The so-called "-mm" tree is a sort of purgatory for kernel patches. Andrew merges patches that may or may not be suitable for Linus' kernel in order to give them some wider exposure and see if they are suitable. Andrew took patches representing the current UML at the time from Paolo, and I followed that up with some more patches. Presently, Andrew forwarded those patches, along with many others, to Linus, who included them in his tree. All of a sudden, UML was up to date in the official kernel tree, and I had a reliable conduit for UML updates.

I fed a steady stream of patches through this conduit, and by the time of the 2.6.9 release, you could build a working UML from the official tree, and it was reasonably up to date.

Throughout this period, I had been working on UML on a volunteer basis. I took enough contracting work to keep the bills paid and the cats fed. Primarily, this was spending a day a week at the Institute for Security Technology Studies at Dartmouth College, in northern New Hampshire, about an hour from my house. This changed around May and June of 2004, when, nearly simultaneously, I got job offers from Red Hat and Intel. Both were very generous, offering to have me spend my time on UML, with no requirements to move. I ultimately accepted Intel's offer and have been an Intel employee in the Linux OS group since.

Coincidentally, the job offers came on the fifth anniversary of UML's first public announcement. So, in five years, UML went from nothing to a fully supported part of the official Linux kernel.

What Is UML Used For?

During the five years since UML began, I have seen steady growth in the UML user base and in the number and variety of applications and uses for UML. My users have been nothing if not inventive, and I have seen uses for UML that I would never have thought of.

Server Consolidation

Naturally, the most common applications of UML are the obvious ones. Virtualization has become a hot area of the computer industry, and UML is being used for the same things as other virtualization technologies. Server consolidation is a major one, both internally within organizations and externally between them. Internal consolidation usually takes the form of moving several physical servers into the same number of virtual machines running on a single physical host. External consolidation is usually an ISP or hosting company offering to rent UML instances to the public just as they rent physical servers. Here, multiple organizations end up sharing physical hardware with each other.

The main attraction is cost savings. Computer hardware has become so powerful and so cheap that the old model of one service, or maybe two, per machine now results in hardware that is almost totally idle. There is no technical reason that many services, and their data and configurations, couldn't be copied onto a single server. However, it is easier in many cases to copy each entire server into a virtual machine and run them all unchanged on a single host. It is less risky since the configuration of each is the same as on the physical server, so moving it poses no chance of upsetting an already-debugged environment.

In other cases, virtual servers may offer organizational or political benefits. Different services may be run by different organizations, and putting them on a single physical server would require giving the root password to each organization. The owner of the hardware would naturally tend to feel queasy about this, as would any given organization with respect to the others. A virtual server neatly solves this by giving each service its own virtual machine with its own root password. Having root privileges in a virtual machine in no way requires root privileges on the host. Thus, the services are isolated from the physical host, as well as from each other. If one of them gets messed up, it won't affect the host or the other services.

Moving from production to development, UML virtual machines are commonly used to set up and test environments before they go live in production. Any type of environment from a single service running on a single machine to a network running many services can be tested on a single physical host. In the latter case, you would set up a virtual network of UMLs on the host, run the appropriate services on the virtual hosts, and test the network to see that it behaves properly.

In a complex situation like this, UML shines because of the ease of setting up and shutting down a virtual network. This is simply a matter of running a set of commands, which can be scripted. Doing this without using virtual machines would require setting up a network of physical machines, which is vastly more expensive in terms of time, effort, space, and hardware. You would have to find the hardware, from systems to network cables, find some space to put it in, hook it all together, install and configure software, and test it all. In addition to the extra time and other resources this takes, compared to a virtual test environment, none of this can be automated.

In contrast, with a UML testbed, this can be completely automated. It is possible, and fairly easy, to full automate the configuration and booting of a virtual network and the testing of services running on that network. With some work, this can be reduced to a single script that can be run with one command. In addition, you can make changes to the network configuration by changing the scripts that set it up, rather than rewiring and rearranging hardware. Different people can also work independently on different areas of the environment by booting virtual networks on their own workstations. Doing this in a physical environment would require separate physical testbeds for each person working on the project.

Implementing this sort of testbed using UML systems instead of physical ones results in the near-elimination of hardware requirements, much greater parallelism of development and testing, and greatly reduced turnaround time on configuration changes. This can reduce the time needed for testing and improve the quality of the subsequent deployment by increasing the amount and variety of testing that's possible in a virtual environment.

A number of open source projects, and certainly a much larger number of private projects, use UML in this way. Here are a couple that I am aware of.

• Openswan (http://www.openswan.org), the open source IPSec project, uses a UML network for nightly regression testing and its kernel development.
• BusyBox (http://www.busybox.net), a small-footprint set of Linux utilities, uses UML for its testing.

Education

Consider moving the sort of UML setup I just described from a corporate environment to an educational one. Instead of having a temporary virtual staging environment, you would have a permanent virtual environment in which students will wreak havoc and, in doing so, hopefully learn something.

Now, the point of setting up a complicated network with interrelated services running on it is simply to get it working in the virtual environment, rather than to replicate it onto a physical network once it's debugged. Students will be assigned to make things work, and once they do (or don't), the whole thing will be torn down and replaced with the next assignment.

The educational uses of UML are legion, including courses that involve any sort of system administration and many that involve programming. System administration requires the students to have root privileges on the machines they are learning on. Doing this with physical machines on a physical network is problematic, to say the least.

As root, a student can completely destroy the system software (and possibly damage the hardware). With the system on a physical network, a student with privileges can make the network unusable by, wittingly or unwittingly, spoofing IP addresses, setting up rogue DNS or DHCP servers, or poisoning ARP (Address Resolution Protocol) ^[1] caches on other machines on the network.

These problems all have solutions in a physical environment. Machines can be completely reimaged between boots to undo whatever damage was done to the system software. The physical network can be isolated from any other networks on which people are trying to do real work. However, all this takes planning, setup, time, and resources that just aren't needed when using a UML environment.

The boot disk of a UML instance is simply a file in the host's filesystem. Instead of reimaging the disk of a physical machine between boots, the old UML root filesystem file can be deleted and replaced with a copy of the original. As will be described in later chapters, UML has a technology called COW (Copy-On-Write) files, which allow changes to a filesystem to be stored in a host file separate from the filesystem itself. Using this, undoing changes to a filesystem is simply a matter of deleting the file that contains the changes. Thus, reimaging a UML system takes a fraction of a second, rather than the minutes that reimaging a disk can take.

Looking at the network, a virtual network of UMLs is by default isolated from everything else. It takes effort, and privileges on the host, to allow a virtual network to communicate with a physical one. In addition, an isolated physical network is likely to have a group of students on it, so that one sufficiently malign or incompetent student could prevent any of the others from getting anything done. With a UML instance, it is feasible (and the simplest option) to give each student a private network. Then, an incompetent student can't mess up anyone else's network.

UML is also commonly used for learning kernel-level programming. For novice to intermediate kernel programming students, UML is a perfect environment in which to learn. It provides an authentic kernel to modify, with the development and debugging tools that should already be familiar. In addition, the hardware underneath this kernel is virtualized and thus better behaved than physical hardware. Failures will be caused by buggy software, not by misbehaving devices. So, students can concentrate on debugging the code rather than diagnosing broken or flaky hardware.

Obviously, dealing with broken, flaky, slightly out-of-spec, not-quite-standards-compliant devices are an essential part of an expert kernel developer's repertoire. To reach that exalted status, it is necessary to do development on physical machines. But learning within a UML environment can take you most of the way there.

Over the years, I have heard of education institutions teaching many sort of Linux administration courses using UML. Some commercial companies even offer system administration courses over the Internet using UML. Each student is assigned a personal UML, which is accessible over the Internet, and uses it to complete the coursework.

Development

Moving from system administration to development, I've seen a number of programming courses that use UML instances. Kernel-level programming is the most obvious place for UMLs. A system-level programming course is similar to a system administration course in that each student should have a dedicated machine. Anyone learning kernel programming is probably going to crash the machine, so you can't really teach such a course on a shared machine.

UML instances have all the advantages already described, plus a couple of bonuses. The biggest extra is that, as a normal process running on the host, a UML instance can be debugged with all the tools that someone learning system development is presumably already familiar with. It can be run under the control of gdb, where the student can set breakpoints, step through code, examine data, and do everything else you can do with gdb. The rest of the Linux development environment works as well with UML as with anything else. This includes gprof and gcov for profiling and test coverage and strace and ltrace for system call and library tracing.

Another bonus is that, for tracking down tricky timing bugs, the debugging tool of last resort, the print statement, can be used to dump data out to the host without affecting the timing of events within the UML kernel. With a physical machine, this ranges from extremely hard to impossible. Anything you do to store information for later retrieval can, and probably will, change the timing enough to obscure the bug you are chasing. With a UML instance, time is virtual, and it stops whenever the virtual machine isn't in the host's userspace, as it is when it enters the host kernel to log data to a file.

A popular use for UML is development for hardware that does not yet exist. Usually, this is for a piece of embedded hardware—an appliance of some sort that runs Linux but doesn't expose it. Developing the software inside UML allows the software and hardware development to run in parallel. Until the actual devices are available, the software can be developed in a UML instance that is emulating the hardware.

Examples of this are hard to come by because embedded developers are notoriously close-lipped, but I know of a major networking equipment manufacturer that is doing development with UML. The device will consist of several systems hooked together with an internal network. This is being simulated by a script that runs a set of UML instances (one per system in the device) with a virtual network running between them and a virtual network to the outside. The software is controlling the instances in exactly the same that it will control the systems within the final device.

Going outside the embedded device market, UML is used to simulate large systems. A UML instance can have a very large amount of memory, lots of processors, and lots of devices. It can have more of all these things than the host can, making it an ideal way to simulate a larger system than you can buy. In addition to simulating large systems, UML can also simulate clusters. A couple of open source clustering systems and a larger number of cluster components, such as filesystems and heartbeats, have been developed using UML and are distributed in a form that will run within a set of UMLs.

Disaster Recovery Practice

A fourth area of UML use, which is sort of a combination of the previous two, is disaster recovery practice. It's a combination in the sense that this would normally be done in a corporate environment, but the UML virtual machines are used for training.

The idea is that you make a virtual copy of a service or set of services, mess it up somehow, and figure out how to fix it. There will likely be requirements beyond simply fixing what is broken. You may require that the still-working parts of the service not be shut down or that the recovery be done in the least amount of time or with the smallest number of operations.

The benefits of this are similar to those mentioned earlier. Virtual environments are far more convenient to set up, so these sorts of exercises become far easier when virtual machines are available. In many cases, they simply become possible since hardware can't be dedicated to disaster recovery practice. The system administration staff can practice separately at their desks, and, given a well-chosen set of exercises, they can be well prepared when disaster strikes.

The Future

This chapter provided a summary of the present state of UML and its user community. This book will also describe what I have planned for the future of UML and what those plans mean for its users.

Among the plans is a project to port UML into the host kernel so that it runs inside the kernel rather than in a process. With some restructuring of UML, breaking it up into independent subsystems that directly use the resources provided by the host kernel, this in-kernel UML can be used for a variety of resource limitation applications such as resource control and jailing.

This will provide highly customizable jailing, where a jail is constructed by combining the appropriate subsystems into a single package. Processes in such a jail will be confined with respect to the resources controlled by the jail, and otherwise unconfined. This structure of layering subsystems on top of each other has some other advantages as well. It allows them to be nested, so that a user confined within a jail could construct a subjail and put processes inside it. It also allows the nested subsystems to use different algorithms than the host subsystems. So, a workload with unusual scheduling or memory needs could be run inside a jail with algorithms suitable for it.

However, the project I'm most excited about is using UML as a library, allowing other applications to link against it and thereby gain a captive virtual machine. This would have a great number of uses:

• Managing an application or service from the inside, by logging in to the embedded UML
• Running scripts inside the embedded UML to control, monitor, and extend the application
• Using clustering technology to link multiple embedded UMLs into a cluster and use scripts running on this cluster to integrate the applications in ways that are currently not

IBM releases Notes for Linux desktops

IBM has released a version of Lotus Notes that can be accessed natively through Linux desktops. The release marks the first time the hugely popular groupware program has had Linux client support, but open-source challengers are advancing with their own offerings.

Notes on Linux is available now on Red Hat Enterprise Linux 4, Update 3 and support for Novell Suse Linux Desktop For Enterprise 10 is due within 90 days of its release this month.

Although Microsoft has fought an aggressive sales and marketing campaign against it with Exchange, Notes remains a widely used program with strong loyalty among large organisations. The release of a version with Linux desktop support could make a Linux/Notes combination a powerful alternative to Windows/Exchange, especially for companies with large IBM investments. IBM already supports Notes on Linux servers, including mainframes.

“This release follows on from what we’ve been saying for the last couple of years about investing in Linux on the desktop,” said Adam Jollans, IBM Linux strategy manager. “It’s making a real business-grade program available on the Linux desktop.”

Jollans said that IBM’s use of the open-source Eclipse development tools framework could also point to more such projects from IBM and others. “Using Eclipse to do cross-platform GUI apps lets you develop Linux apps that look like Linux apps and Windows apps that look like Windows apps. That has to be attractive to software vendors,” he said.

Jollans added that some firms will find the prospect of managing an all-Linux environment attractive.

As elsewhere in enterprise software, however, open-source firms have been building up interest in collaborative software, with offerings including Zimbra and Open-Xchange.

Another interesting contender in Linux groupware is Novell’s GroupWise, which retains a loyal user base and has had Linux client support since 2005. However, although Novell has insisted it plans to continue developing the technology, the firm’s new chief executive, Ron Hovsepian, may have to make some hard choices over the direction of its disparate collaborative software investments.

Lighttpd Webserver Installation in Debian

What is Lighttpd ?

Security, speed, compliance, and flexibility--all of these describe LightTPD which is rapidly redefining efficiency of a webserver; as it is designed and optimized for high performance environments. With a small memory footprint compared to other web-servers, effective management of the cpu-load, and advanced feature set (FastCGI, CGI, Auth, Output-Compression,URL-Rewriting and many more) LightTPD is the perfect solution for every server that is suffering load problems. And best of all it's Open Source licensed under the revised BSD license.

What's with the name?

Light footprint + httpd = LightTPD

Lighttpd Features

Advanced Features:

virtual hosts
virtual directory listings
URL-Rewriting, HTTP-Redirects
automatic expiration of files
Large File Support (64bit fileoffsets)
Ranges (start-end, start-, -end, multiple ranges)
on-the-fly output-compression with transparent caching
deflate, gzip, bzip2
authentication
basic, digest
backends: plain files, htpasswd, htdigest, ldap
fast and secure application controlled downloads
Server Side Includes
User Tracking
FastCGI, CGI, SSI

PHP-Support:

same speed as or faster than apache + mod_php4
includes a utility to spawn FastCGI processes (neccesary for PHP 4.3.x)
via FastCGI and CGI interface
support Code Caches like Turckmm, APC or eaccelarator
load-balanced FastCGI
(one webserver distibutes request to multiple PHP-servers via FastCGI)

Security features:

chroot(), set UID, set GID
protecting docroot
strict HTTP-header parsing

Lighttpd Supported platforms

Releases of lighttpd are built regulary for at least the following platforms

Linux (binary packages for FC3, SuSE, Debian, Gentoo, PLD-Linux, OpenWRT)
*BSD (FreeBSD, NetBSD, OpenBSD, MacOS X)
SGI IRIX
Windows (Cygwin)

while it is known to compile cleanly on

Solaris
AIX
and various other POSIX compatible OSes

Download Lighttpd

http://www.lighttpd.net/download/

Lighttpd Documentation

http://trac.lighttpd.net/trac/wiki/TutorialInstallation

Lighttpd FAQ

http://trac.lighttpd.net/trac/wiki/FrequentlyAskedQuestions

Install Lighttpd in Debian

First, check of the requirements are ok

# apt-get install libpcre3

# apt-get install zlib1g

# apt-get install mysql-common libmysqlclient12

Go to http://www.lighttpd.net/download/ and download the debian package for your distribution/platform.

# wget http://www.lighttpd.net/download/debian/sarge/lighttpd_1.4.3-1_i386.deb

# dpkg -i lighttpd_1.4.3-1_i386.deb

If there is no debian package for your platform you have to compile it yourself.

If you run unstable (Check you sources.list is configured for unstable),then you can install it via apt:

# apt-get update

# apt-get install lighttpd lighttpd-doc

This will install lighttpd in debian

Configuring lighttpd

Following are important files for lighttpd server:

The default lighttpd configuration file: /etc/lighttpd/lighttpd.conf (download sample lighttpd.conf file)

Service startup script: /etc/init.d/lighttpd (download sample lighttpd file)

These files are installed by default for all binary installations methods. Now lighttpd installed and it is time to configure lighttpd.

Understanding core lighttpd Directives

Following are core lighttpd Directives:

server.document-root = “/var/www/html”: Specifies default document-root for your server.

server.port = 80: Specifies default http port for your server.

server.username = “lighttpd”

server.groupname = “lighttpd”: Specifies default username and groups to start/stop lighttpd server. This is a security feature (as it drops root privileges).

server.bind = “server-ip-address”: Specify server ip-address. You can also specify hostname such as theos.in.

server.tag =”lighttpd”: Use to setup lighttpd name and version number (default). This is security feature. You can setup it as follows:

server.tag =”myWebServer v1.0

server.errorlog = “/var/log/lighttpd/error.log”: Specify the error-log file.

accesslog.filename = “/var/log/lighttpd”: Specify the accesslog file name (use to generate stats using stats software).

index-file.names = ( “index.php”, “index.html” ): A list of files to search for if a directory is requested.

server.modules = (
“mod_access”,
“mod_accesslog”,
“mod_fastcgi”,
“mod_rewrite”,
“mod_auth”
): Above modules are loaded by lighty:

mod_access: The access module is used to deny access to files with given trailing path names.
mod_accesslog: Use to write CLF log, flexible like apache
mod_fastcgi : FastCGI for perl/PHP etc
mod_rewrite : Good for writing SEO urls
mod_auth: Authntication (password protected directory)
mimetype.assign = (
“.pdf” => “application/pdf”,
“.sig” => “application/pgp-signature”
): Use to setup mimetype mapping.

If you want more available server modules and options check here

Open file /etc/lighttpd/lighttpd.conf and setup all of the above directives:

# vi /etc/lighttpd/lighttpd.conf

Save the file and start the lighttpd:

# /etc/init.d/lighttpd start

Verify that lighttpd is running:

# netstat -ntulp

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 29855/sshd
tcp 0 0 23.11.13.81:80 0.0.0.0:* LISTEN 5866/lighttpd

Open you webbrowser and test by typing URL: http://your-domain.com/ or http://server-ip/

Novell rolls out two programs to teach teachers Linux

Novell has announced two new programs for Linux training designed to promote education around open source. Novell unveiled its "Train the Teacher" series, which it is billing as the industry's first free week-long boot camp for Linux educators. In addition, Novell becomes the first Linux vendor to partner with Thomson Course Technology, the world's leading technology education publishers, with the release of a series of new joint SUSE Linux Enterprise courseware offerings. As a result, students and teachers interested in Linux have compelling new options for building their expertise on the increasingly popular open source platform.

"With the growth of open source software, the demand for Linux education has been expanding rapidly," said Stephen Helba, executive editor for Thomson Course Technology. "We are pleased to work with Novell to provide high-quality training materials to meet the needs of students worldwide. The strength of Novell's training programs and expertise in courseware and testing development, combined with Thomson Course Technology's market-leading educational materials, give students in academic settings an incredible opportunity to learn Linux."

Novell and Thomson Course Technology have worked together to create three new SUSE Linux Enterprise textbooks, the first fruits of a unique co-authorship approach. Thomson has already reported tremendous demand for review copies from instructors across the country, surpassing expectations. Thomson has adapted Novell's existing SUSE Linux Enterprise courseware to the academic market by creating additional student labs and exercises, building instructor resources (slide decks, quiz/test banks), and developing online learning deliverables. The three SUSE Linux Enterprise textbooks range from a basic introduction to Linux to advanced Linux network administration.

To further expand Linux training options, Novell has launched a new "Train the Teacher" course. Available in 10 cities throughout North America, this training prepares academic instructors to teach Novell's introductory SUSE Linux Enterprise course. Novell will provide this training free of charge to instructors wishing to teach Linux who are enrolled in the Novell Academic Training Partner Program.

For information on all of Novell's academic training programs, how to purchase textbooks, and to register for "Train the Teacher," please visit http://www.novell.com/natp .

Linux CDs for free from TheLinuxStore.ca

Ryan Cloke's vision is to do business in a "better way." He's the owner of TheLinuxStore.ca, a Web site that sells low-cost Linux CDs, laptops, and custom workstations. This morning, to fulfill his vision, he began distributing free CDs of popular distributions like Fedora, Mandriva, Debian, and Knoppix. The response has been overwhelming.

Cloke, 26, is a graduate of Seneca College in Toronto, where he received a diploma in programming and systems analysis. It was there that he discovered Red Hat Linux, and he says he's been "hooked ever since." Cloke started Flipside Technology Services from his home. The company offers Web hosting and design and troubleshooting help for new computer users. "The Flipside part of the business has really fallen to the wayside," Cloke says.

That's because since late 2004, Cloke's passion has been distributing Linux disks, especially to users for whom an ISO is too large to download. At The Linux Store, customers can pick up their favorite distributions for about $5 per disk, plus a small shipping charge. Sales have been good, but Cloke hasn't been satisfied. "[I] felt the way I was doing business was not the best way," he says. "I have often felt that I wanted to do more for the community then just sell disks."

For Cloke, "more" meant giving the disks away for free. "I thought Ubuntu did a great job with its ShipIt program," he says. "I wanted to bring the same successes to many other great Linux distributions."

So at midnight on July 13, free.linuxstore.ca opened for business. Demand for the free disks has been brisk, to say the least. Less than 24 hours into the venture, Cloke had more than 2,500 requests for free disks, with SUSE the most frequently asked-for CD set.

"This is a huge amount," Cloke says. "A lot more than I anticipated." He says he's going to need financial help to meet the demand. "I currently only have enough funding to fill 400 requests." The project is funded partly by profits from The Linux Store, but Cloke is also relying on donations and sponsorships from the general public and community businesses.

Even with the challenges he faces in meeting all the requests for free CDs, Cloke is optimistic. "The new mission is more in-line with how I would like to help the community," he says, "and the free CD project is one of the first projects I believe will have a positive impact on the distribution of Linux. Needless to say, I need lot more funding to fill all the requests. But I believe the Linux community will help this project as much as they can."

Firefox 2.0 preview

The first beta of Firefox 2.0 was officially released yesterday, and I couldn't wait to take it for a spin to see what new and exciting features would be available. After spending the day with beta 1, it looks like Firefox 2.0 has plenty to entice users to upgrade.

I tested the new release on Ubuntu Linux 6.06 "Dapper Drake" on two machines. On the first machine, I moved my .mozilla directory so I could start with a fresh new profile; on the second, I left my profile in place. If you're going to test Firefox 2 Beta 1, it might be a good idea to back up your ~/.mozilla directory, just in case, so that your profile isn't corrupted if you decide to switch back to the Firefox 1.5 series.

Firefox handled importing the 1.5 profile just fine, and on the clean slate machine it offered to import bookmarks and settings from my Opera profile when it fired up for the first time. On the machine with the existing profile, Firefox checked all of the extensions I had installed, looked for updates for the extensions (none were found), and disabled the extensions deemed to be incompatible with Firefox 2.0.

New features

The way Firefox handles extensions and themes has been streamlined in 2.0, so that you now have "Add-ons" instead of a separate manager for themes and extensions. It's not a major change from the 1.5.x series, and you still need to restart the browser to do something as simple as changing the browser theme. However, when you install a new extension or theme and restart Firefox, it "remembers" the session you had going and reopens all the pages and tabs that you had open when Firefox was restarted. This is also supposed to happen if Firefox crashes, but Firefox didn't crash while I was testing it.

If you've ever closed a tab without meaning to, you'll appreciate the new "Recently Closed Tabs" feature. Firefox tracks closed tabs and allows you to re-open them. This feature is in the new History menu (which used to be the Go menu).

Tab buttons now sport a "close tab" button by default, so you can just click on the red X on an individual tab to close it. If these features seem familiar, it's because they were available through Firefox extensions, but not part of the browser by default.

Firefox has a few new feed-reading features as well. When you click on an orange RSS button, Firefox will take you to a preview page of the site's feed, and you can subscribe to the feed using Firefox Live Bookmarks, Bloglines, Google Reader, or My Yahoo! I really like that Firefox is integrated with external services, and I hope that the Mozilla folks add a few additional options as time goes on.

The search box in Firefox has undergone a bit of renovation. When you start typing a search term in, it will provide a list of possible suggestions. For instance, if you use the Yahoo! search box and type "sha" you'll see a drop-down list that includes "radio shack," "shakira," "maria sharapova," and several other possible completions. The completions differ by search engine, and only the Answers.com, Google, and Yahoo! search boxes provide suggestions; if you're using the Wikipedia, Amazon.com, or Creative Commons search options, you won't see any.

The anti-phishing features aren't quite perfect yet. I went through my spam folder and tried some of the eBay, PayPal, and bank scams that I've received. Firefox warned me about phishing if a link was provided as an IP address rather than a typical URL, but I didn't get any warning when trying to connect to "http://rrcs-24-136-127-57.nyc.biz.rr.com:81/us/" when it was marked as "Click here to update your PayPal account information." I'd say Firefox was detecting phishing URLs with about 20% accuracy, and it missed several outlandish URLs. However, according to the project's notes, this is to be expected, and future versions of Firefox 2 should be more accurate in their diagnosis of phishing sites.

The beta also allows you to report phishing Web sites -- just click on Help -> Report Phishing Website. I'm not sure the Help menu is the most logical location for the feature, but at least it's there. When you report a phishing site, it's relayed to the Google Safe Browsing team, so it looks like the "detect phishing" functionality from the Google toolbar is being integrated into Firefox directly, or the Firefox team is using Google's API.

And Firefox might not be of any help at all with the new crop of phishing attempts, anyway. When I was looking through the phishing messages, I noticed a couple that had no links whatsoever -- just phone numbers to call, where operators are presumably standing by to fleece innocent users. As wonderful as Firefox is, users must still supply some common sense.

Just plain browsing

I spent a fair amount of time just running through sites I visit frequently, to see if any of the sites looked better or worse in the beta, or if they rendered more quickly or more slowly. I didn't detect any major changes. It seemed like the beta rendered sites a bit faster than Firefox 1.5.x, but I don't have any hard data on that.

I did notice that one site I visit from time to time, the Tapped Weblog, looked better in the beta than in Firefox 1.5. The sidebar ad on the left side of this page renders oddly in 1.5, obscuring the page's text, but it rendered just fine in the 2.0 beta.

Sadly, the new Firefox series doesn't seem to be any better at blocking pop-ups than the 1.5 series. I've noticed an increasing number of pop-ups that slip under Firefox's radar, and I was really hoping that this new series would take care of those. One example is the Quotes of the Day page, which inflicts a pop-up on you the first time you click anywhere in the page. I'm not sure if the Firefox developers have given up on the pop-ups arms race, or if they're just being skunked by malicious site owners; it seems like Firefox enjoyed a brief period of near-immunity to pop-ups, but I run into pop-ups several times a day now when using Firefox.

Just for fun, I checked the beta against the Acid2 Browser Test to see if it passed. Opera 9, Konqueror, and Safari pass the test with flying colors, but Firefox still doesn't. That's probably not a big deal, considering that Firefox correctly renders the vast majority of sites, but it would be nice.

Gone missing

Upgrades aren't all about new features, of course. The beta also removes one or two features as well, among them the ability to block images if they're not from the original Web site. I'm not sure if this is something that's going to be permanently removed, or if it's part of the development process, but I'd like to see that feature remain.

A few of the tab options have been removed as well. In Firefox 1.5.x, you can direct Firefox to open links passed by other apps in a new window, new tab, or open the links in the most recent window/tab available. The beta removes this setting from the tab preference dialog altogether.

If Web browsing is "mission-critical" for you, or if your favorite extensions don't have support for the Firefox 2 series, wait until the 2.0 final release before upgrading to Firefox 2. From the testing I've done so far, though, the beta is stable enough for day-to-day use, and the tab and feed-reading features might be compelling enough for you to start running the 2.x series full-time right now.

How To Install VMware Server On Ubuntu 6.06 LTS (Dapper Drake)

This tutorial provides step-by-step instructions on how to install the free VMware Server (version 1.0) on Ubuntu 6.06 LTS (Dapper Drake).

VMware has just released version 1.0 of its free VMware Server. With VMware Server you can create and run guest operating systems ("virtual machines") such as Linux, Windows, FreeBSD, etc. under a host operating system. This has the benefit that you can run multiple operating systems on the same hardware which saves a lot of money, and you can move virtual machines from one VMware Server to the next one (or to a system that has the VMware Player which is also free). In this article we use Ubuntu 6.06 LTS (Dapper Drake) as the host operating system.

I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

1 Preliminary Note

I assume you have already set up a basic Ubuntu 6.06 system. It doesn't matter if you use Ubuntu's server or desktop version. If you use the server version, you can set up your system as described on the first three pages of this tutorial: The Perfect Setup - Ubuntu 6.06 LTS Server (Dapper Drake).

You should have a working root account (as the following steps have to be run as root) or run

sudo su

to get root priveliges and also a static IP address. In this tutorial I use the IP address 192.168.0.100.

2 Installing Required packages

Now we install the packages required by VMware on our Ubuntu system:

apt-get install linux-kernel-headers libx11-6 libx11-dev libxtst6 xlibs-dev xinetd wget

apt-get install gcc binutils-doc cpp-doc gcc-4.0-locales make manpages-dev autoconf automake1.9 libtool flex bison gdb gcc-doc gcc-4.0-doc libc6-dev-amd64 lib64gcc1

and create the directory /var/vm where we want to install our virtual machines later. The virtual machines require much disk space, make sure you have enough free space on your /var partition for the virtual machines.:

mkdir /var/vm

3 Getting VMware Server

The VMware server can be downloaded for free from the VMware website: http://www.vmware.com/download/server/
To run the VMware Server software you need a (free) serial number, that can be requested by clicking on the "Register now" button on the download page.

4 Downloading The Software

To setup VMWare Server on Ubuntu, we need the following packages from the VMware downloads page:

VMware Server for linux (Binary tar.gz)
Management Interface (Binary tar.gz)

To create new virtual machines, we need VMware server client package either for Windows if you want to create them from your Windows workstation or for Linux if you have a Linux workstation.

For downloading the software to your server, I recommend to use the linux commandline program wget. The wget syntax is as follows:

wget [URL of the file that shall be downloaded]

Unpacking the server tar.gz:

tar xvfz VMware-server-*.tar.gz

Running the installer script:

cd vmware-server-distrib
./vmware-install.pl

The installer asks you a few questions. Most of the time you can accept the default value:

Creating a new installer database using the tar3 format.

Installing the content of the package.

In which directory do you want to install the binary files?
[/usr/bin] <-- /usr/bin

What is the directory that contains the init directories (rc0.d/ to rc6.d/)?
[/etc] <-- /etc

What is the directory that contains the init scripts?
[/etc/init.d] <-- /etc/init.d

In which directory do you want to install the daemon files?
[/usr/sbin] <-- /usr/sbin

In which directory do you want to install the library files?
[/usr/lib/vmware] <-- /usr/lib/vmware

The path "/usr/lib/vmware" does not exist currently. This program is going to
create it, including needed parent directories. Is this what you want? [yes] <-- yes

In which directory do you want to install the manual files?
[/usr/share/man] <-- /usr/share/man

In which directory do you want to install the documentation files?
[/usr/share/doc/vmware] <-- /usr/share/doc/vmware

The path "/usr/share/doc/vmware" does not exist currently. This program is going
to create it, including needed parent directories. Is this what you want?
[yes] <-- yes

The installation of VMware Server 1.0.0 build-28343 for Linux completed
successfully. You can decide to remove this software from your system at any
time by invoking the following command: "/usr/bin/vmware-uninstall.pl".

Before running VMware Server for the first time, you need to configure it by
invoking the following command: "/usr/bin/vmware-config.pl". Do you want this
program to invoke the command for you now? [yes] <-- yes

Making sure services for VMware Server are stopped.

Stopping VMware services:
Virtual machine monitor done

You must read and accept the End User License Agreement to continue.
Press enter to display it.

..... snip [LICENCE TEXT] ......


Do you accept? (yes/no) <-- yes
Thank you.

Configuring fallback GTK+ 2.4 libraries.

In which directory do you want to install the mime type icons?
[/usr/share/icons] <-- /usr/share/icons

The path "/usr/share/icons" does not exist currently. This program is going to
create it, including needed parent directories. Is this what you want? [yes] <-- yes

What directory contains your desktop menu entry files? These files have a
.desktop file extension. [/usr/share/applications] <-- /usr/share/applications

The path "/usr/share/applications" does not exist currently. This program is
going to create it, including needed parent directories. Is this what you want?
[yes] <-- yes

In which directory do you want to install the application's icon?
[/usr/share/pixmaps] <-- /usr/share/pixmaps

Trying to find a suitable vmmon module for your running kernel.

The module bld-2.6.15-23-i386server-Ubuntu6.06 loads perfectly in the running
kernel.

Do you want networking for your virtual machines? (yes/no/help) [yes] <-- yes

Configuring a bridged network for vmnet0.

The following bridged networks have been defined:

. vmnet0 is bridged to eth0

All your ethernet interfaces are already bridged.

Do you want to be able to use NAT networking in your virtual machines? (yes/no)
[yes] <-- yes

Configuring a NAT network for vmnet8.

Do you want this program to probe for an unused private subnet? (yes/no/help) <-- yes
Probing for an unused private subnet (this can take some time)...

The subnet 192.168.246.0/255.255.255.0 appears to be unused.

The following NAT networks have been defined:

. vmnet8 is a NAT network on private subnet 192.168.246.0.

Do you wish to configure another NAT network? (yes/no) [no] <-- no

Do you want to be able to use host-only networking in your virtual machines?
[yes] <-- yes

Configuring a host-only network for vmnet1.

Do you want this program to probe for an unused private subnet? (yes/no/help)
[yes] <-- yes

Probing for an unused private subnet (this can take some time)...

The subnet 172.16.37.0/255.255.255.0 appears to be unused.

The following host-only networks have been defined:

. vmnet1 is a host-only network on private subnet 172.16.37.0.

Do you wish to configure another host-only network? (yes/no) [no] <-- no

Trying to find a suitable vmnet module for your running kernel.

The module bld-2.6.15-23-i386server-Ubuntu6.06 loads perfectly in the running
kernel.

Please specify a port for remote console connections to use [902] <-- 902

Stopping internet superserver: xinetd.
Starting internet superserver: xinetd.
Configuring the VMware VmPerl Scripting API.

Building the VMware VmPerl Scripting API.

Using compiler "/usr/bin/gcc". Use environment variable CC to override.

Installing the VMware VmPerl Scripting API.

The installation of the VMware VmPerl Scripting API succeeded.

Generating SSL Server Certificate

In which directory do you want to keep your virtual machine files?
[/var/lib/vmware/Virtual Machines] <-- /var/vm

Please enter your 20-character serial number.

Type XXXXX-XXXXX-XXXXX-XXXXX or 'Enter' to cancel: <-- your VMware Server serial number

Starting VMware services:
Virtual machine monitor done
Virtual ethernet done
Bridged networking on /dev/vmnet0 done
Host-only networking on /dev/vmnet1 (background) done
Host-only networking on /dev/vmnet8 (background) done
NAT service on /dev/vmnet8 done

The configuration of VMware Server 1.0.0 build-28343 for Linux for this running
kernel completed successfully.

5 Installing The VMware Management Interface

The VMware Management Interface is a Web-based management tool that allows you to

• monitor the state of virtual machines and the VMware Server host on which they are running.
• control (power on, suspend, resume, reset and power off) the virtual machines on that host.
• view details about each virtual machine, including system summary, hardware information, any connected users and a log of recent events.

(Please note: it cannot be used to create virtual machines. To do this, you must install the VMWare console (available for Windows and Linux) on a client PC.)

cd /tmp
tar xvfz VMware-mui-*.tar.gz
cd vmware-mui-distrib
./vmware-install.pl

Accept the end user licence:

Do you accept? (yes/no) <-- yes

Thank you.

Installing the content of the package.

In which directory do you want to install the binary files?
[/usr/bin] <-- /usr/bin

In which directory do you want to install the binary files?
[/usr/bin] <-- /usr/bin

What is the directory that contains the init directories (rc0.d/ to rc6.d/)?
[/etc] <-- /etc

What is the directory that contains the init scripts?
[/etc/init.d] <-- /etc/init.d

In which directory do you want to install the VMware Management Interface files?
[/usr/lib/vmware-mui] <-- /usr/lib/vmware-mui

The path "/usr/lib/vmware-mui" does not exist currently. This program is going
to create it, including needed parent directories. Is this what you want?
[yes] <-- yes

In which directory would you like to install the documentation files?
[/usr/lib/vmware-mui/doc] <-- /usr/lib/vmware-mui/doc

The path "/usr/lib/vmware-mui/doc" does not exist currently. This program is
going to create it, including needed parent directories. Is this what you want?
[yes] <-- yes

Before running VMware Management Interface for the first time, you need to
configure it by invoking the following command:
"/usr/bin/vmware-config-mui.pl". Do you want this program to invoke the command
for you now? [yes] <-- yes

The installation of VMware Management Interface 1.0.0 build-28343 for Linux
completed successfully. You can decide to remove this software from your system
at any time by invoking the following command:
"/usr/bin/vmware-uninstall-mui.pl".

Before running VMware Management Interface for the first time, you need to
configure it by invoking the following command:
"/usr/bin/vmware-config-mui.pl". Do you want this program to invoke the command
for you now? [yes] <-- yes

Configuring httpd.conf to run Apache as:
User: www-data and Group: nogroup

Set the number of minutes before a http session times out. (This is the length
of time before someone connecting to VMware Management Interface will be logged
out) [60] <-- 60

Generating SSL Server Certificate

Starting httpd.vmware: done
The configuration of VMware Management Interface completed successfully.

Create a directory for the VMware httpd:

mkdir /var/run/vmware/httpd
chown www-data:www-data /var/run/vmware/httpd

You will now be able to login the the VMware management interface with the URL:

https://192.168.0.100:8333/

To login use the username root and the password of your root system user.

This interface shows status information of the installed VM instances and you are able to start and stop VM instances:

To create new VM instances, use the VMware console which is availabe as Linux and Windows GUI application.

There are many ready-to-run appliances for the VMware server available, for example the ISPConfig webhosting appliance based on the HowtoForge perfect setup for Debian 3.1:

http://www.vmware.com/vmtn/appliances/directory/342

Many other appliances can be found in the VMWare Appliances directory:

http://www.vmware.com/vmtn/appliances/

6 Creating A Virtual Machine

We use the VMWare Linux or Windows GUI application to create a new virtual machine on our VMware server.

Login to your server with the IP address or hostname, the user root and the root password.

Click on New Virtual Machine and follow the whizard. The wizard asks you to select:

• Operating system (Linux, Windows, Novell Netware, Solaris or other operating system)
• Operating system version
• Location and virtual machine name. The folder /var/vm that we created in the setup is preselected.
• Networking: If you want the virtual machine to be part of the same network than the server itself, select bridged networking.
  If you want to use a virtual NAT, select Network address translation.
• Enter the size of your virtual harddisk. I recommend to disable the option that creates the virtual harddisk in full size instantly, the harddisk will then grow with the data that you store inside up to the max. size you selected.
• After you finished the VM creation wizard, put the boot disk of the operating system you want to install in the CD / DVD drive of your server and start the VM.

All trademarks belong to their respective owners. We thank VMware Inc. for the permission to write this Howto.

7 Links

• VMware Server: http://www.vmware.com/products/server
• Ubuntu: http://www.ubuntu.com
• VMware Appliance directory http://www.vmware.com/vmtn/appliances/

Linux Starter Kit: a review

Sams Publishing's Linux Starter Kit bundles a SUSE Linux 10.1 DVD, a searchable SUSE reference manual in PDF, and a paperback Quick Start Guide together in one $40 package. Here is a look inside.

Since SUSE 10.1 has already been reviewed extensively, and is not the product of Sams' efforts, I will dispense with reviewing directly. It is worth examining Sams' choice of distributions, however. SUSE is a good choice because -- despite being historically a KDE distro -- since its acquisition by Novell, it has elevated GNOME desktops to more-or-less equal status. On initial installation, you must choose one or the other, but both are available on the installation media. The same could not be said of Ubuntu, for example, which focuses its GNOME and KDE attention on essentially two separate-but-equal distros, standard Ubuntu and Kubuntu. For a Linux vet, it's not a major issue, but imposing such a choice on users new enough to want a "starter kit" would be asking for trouble.

Likewise, including a DVD-based installer is a win not just for Sams' production costs, but for new-user-friendliness. I still suffer from intermittent nightmares about having to swap in and swap out installation diskettes on the primitive Macs of my childhood -- and more recently of doing the same with Red Hat CDs.

And of course, despite the controversy such a decision inevitably brings, a "starter kit" absolutely must supply a distro that can pre-install commercial components like closed-source video drivers and proprietary media codecs. It may be an evil to the eyes of some, but a brand-new free software user needs such a hand up to escape the non-free software world.

Words

What, then, of the Quick Start Guide book? Its cover touts three topics: Installation, Linux Basics, and Troubleshooting. Installation is covered in chapter one, Linux Basics comprise the next four chapters, and Troubleshooting is addressed both in the final chapter and interspersed within the rest of the text.

Stylistically, I give the book high marks. It is readable and clear, and on important issues takes a detailed but straightforward approach. For example, the entire third chapter is devoted to explaining the Linux boot and shutdown processes. Beginning with POST, the text clearly explains each step in booting a Linux system, and does so without dumbing it down. It includes what I consider to be one of the best explanations I have seen of boot loaders and runlevels -- two things experienced Windows users will have had no prior exposure to.

I also found the book's point of view to be refreshing -- openly admitting, for example, that GNOME and KDE do the exact same things and are more or less interchangeable, or that you will occasionally have problems with the X server. Such confessions clearly place the author on the side of the reader; too often when I read a distro's official documentation, it sounds vetted by marketing copy writers -- singing the praises of the software, perhaps stepping through an error-free configuration, but little in the way of pointing out likely problems.

Consider, for example, SUSE's own installer, which buyers of the Linux Starter Kit will see and use. It asks you to choose between KDE and GNOME during initial setup, but describes each of them as "a powerful and intuitive desktop environment" -- zero help in distinguishing between them, and couched in the wording of a sales pitch. In the middle of installation, the "sale" has already been made; it's time to level with the user and be frank about the choice.

The Quick Start Guide cuts through the featureless wall of company pride, and helps the user make sense of the system at a practical level.

That is not to say that the guide is perfect. Like a lot of contemporary technical books, it makes liberal use of boxed "side notes," a practice that I find disorienting and distracting. If the information is important, then it deserves to be worked into the text. If not, relegate it to a footnote. Side notes just add visual clutter.

Furthermore, even though I give high praise to the chapter on the boot and shutdown processes, I found the chapter on Linux filesystems weaker. To make matters worse, the filesystem is discussed in chapter five, but referred to repeatedly in the first four chapters, and cited with forward-references. The filesystem hierarchy is not difficult once you understand it, but for beginners even the syntax of file paths is foreign, and it deserves to be explained early on, in the same level of detail given to runlevels.

Final thoughts

On the whole, though, the Quick Start Guide is an excellent piece of work, and that makes the Linux Starter Kit a stronger offering than a solo DVD of SUSE 10.1 would be on its own. Anyone can download an ISO image for free; the value of this package is how well it guides a new user through his first steps into the Linux world.

I am still a staunch believer that the best way to convert a Windows user into a Linux user is through personal, one-to-one tech support -- but if I had to abandon a willing proselyte with an installer and a book to guide him instead, I am confident that the Linus Starter Kit would serve him well.

PHP is dead. Long live PHP!

A friend recently told me that PHP is on its way out, Ruby on Rails is where it's at. I scoffed. I chuckled. Then I gave it some thought. Could PHP have had its day?

So time to do a bit of research. My first port of call was of course www.php.net - source for all things good and PHP-ish. According to the usage graph, things are not looking good. PHP usage peeked around August last year after an unstoppable climb since 2000, but has taken a disturbingly downward tack since then.

On to another report for a bit more clarity. The folk at Security Space have a pretty useful breakdown of all Apache modules' popularity. PHP is sitting pretty at number one on over 40% of Apache servers, but there is a minor decrease since last month. FrontPage (yuch!) is sitting at four, and Perl at number five. Python is quite far down the list, and Ruby is way, way down.

I have to conclude that my friend might be right in one respect – PHP has had its day. If the trend continues, it means that PHP will one day not be the hottest thing on the web like it is right now. While I might lament about my soon-to-be-obsolete skills, if I remove my emotions from the situation it's clear that this was inevitable. The fact is that all top computing languages come in and out of favour. Coming in to favour in the first place is a major achievement – only a couple of the hundreds out there ever make the grade. Remember Cobol? Pascal? Logo? Delphi? They've all become historical anecdotes with the occasional application still clinging on to a glorious past, and desperate for developers with has-been skills.

But I'm not going to cry or gnash my teeth just yet. PHP still has plenty of legs, and it will take quite a bit to wind it. I'm not sure what will take its place, but somehow I don't think Ruby on Rails will be the successor. For all its publicity, its market share seems pretty dismal and doesn't seem to be getting enough weight behind it to be a real challenger any time soon. Netcraft's stats show a surprise come-back from Microsoft recently, so maybe .Net or Mono might make a play, but I also feel that the .Net framework is a little too clunky for web applications. PHP's advantage over the rest is that it's a web application, through and through. It doesn't try to also be a desktop application language, a server application language, a widget application language... it just spits out web pages fast and efficiently.

Somewhere out there, there's probably a geek in a basement or cubicle crafting a completely new web language. His work now might see the emergence of something new and great in five years time. And when that comes, I guess I'll have to change, re-learn, re-skill. Until then, I'm going to cling tenaciously to my PHP, because today – no matter what anyone tells me – PHP is still very much alive.

Dual-booting Windows and Linux the easy way

The Gnome Partition Editor Live CD is a simple tool that will shrink a (usually "the") Windows partition on your hard drive, then make Linux partitions almost automatically. These four videos step you through the process of downloading GPartEd (the program's nickname) from SourceForge.net, defragmenting Windows, shrinking your Windows partition, and installing the three most commonly-used Linux partitions. As a free bonus, a fifth video will show you how to uninstall Linux and stretch your shrunk-down Windows partitition until it once again takes up your whole hard drive.

All popular Linux distributions now have some sort of simple (usually GUI) disk partitioning utility included. If you're going to devote an entire hard drive to Linux, you might as well go with your chosen distribution's default partition setup. But if you want to boot Windows and Linux on the same computer, you may be better off making your partitions with a specialized partitioning tool. Norton Commander is a pretty good one, although it is neither free of cost nor free in the free software sense. There are plenty of other proprietary partitioners out there, too, but free GPartEd is all we need to handle simple partition resizing.

A couple of notes before we begin:

I talk about Windows hard drive defragmentation. This is something you should do periodically even if you never move to Linux -- although if you do switch to Linux, you'll find that the equivalent Linux utility is much faster than the Windows defragmentation routine.

You can use GPartEd to make multiple Windows (NTFS or FAT) partitions on a hard drive. Or to make partitions for almost any popular operating system that runs on standard X86 PCs, not just Linux. It's a great tool to have around, Linux or no Linux.

I advocate using the ext3 file format. It's a proven journaling file system, compatible with all popular Linux distributions. Indeed, it's the default file system for most of them. Other file systems may be slightly faster or offer other advantages, but Ext3 does its job well enough on desktop PCs that you don't need to think about it at all or even learn how it works. Just use it and be happy.

Downloading from SourceForge.net is another good habit. SourceForge.net (owned by the same company that owns Linux.com) is chock-full of free, open source software for Linux, Windows, and other operating systems. Today's first video will show you how the SourceForge.net download process works, which is great to know even if you decide not to make Linux your primary operating system at this point in your life.

Video #1: Download and burn a GPartEd bootable CD

Click to play Video 1

For more instructions on how to make (burn) a bootable .iso CD and how to set your PC to boot from its CD drive, please see Your first Linux experiment.

Video #2: Defragmenting Windows -- a necessary step before you resize your Windows partition

Click to play Video 2

Video #3: Resizing your NTFS (or FAT) Windows partition

Click to play Video 3

Video #4: Making your Linux partitions

Click to play Video 4

Bonus Video: Uninstalling Linux -- just in case. A good thing to know. You can use the same process to remove Windows from a hard drive and make it 100% Linux, too.

Click to play Video 5

Review: Linspire Five-O Linux OS Gives System Builders Low-End PC Option

Linspire aims to take over the low-end desktop with its Linspire Five-0 Linux operating system.

The San Diego-based company is taking a different approach to Linux by focusing on mimicking Microsoft Windows. Linspire looks to make links as easy as possible and boasts that its flavor of the open-source OS is the easiest to use. That could prove attractive to many system builders, which are always looking to differentiate their offerings from those of tier-one vendors.

Linspire, with its Linspire Five-O operating system, is taking a different approach to Linux by focusing on mimicking Windows.

System builders have differentiated their product mix by focusing on customization and bundled services, which has worked well for high-end desktop PCs. But many are finding that it's another story on the low end, where it all comes down to price. As hardware prices drop, the OS is increasingly becoming the largest piece of the cost pie, and tier-one vendors have the advantage because of the volume discounts and sweetheart deals they can get from top software makers.

That situation has pushed system builders to examine alternatives, namely open-source products and Linux platforms like Linspire. The CRN Test Center installed Linspire Five-0 on several systems, but engineers met with mixed success in terms of proving Linspire's claims.

Installation on a Pentium 4-based white-box PC went quite well, with all of the hardware properly detected and drivers loaded. Less-generic systems were a different story. For example, installation on an HP Compaq NC6320 proved impossible. On the first attempt, the Linspire installer failed with a cryptic CD-ROM read error. Linspire tech support recommended downloading a newer version of the installation CD, which solved the first problem but created another. The installer application couldn't find a compatible hard drive. It seems that the company still has some work to do with hardware detection and driver support.

A test installation of Linspire Five-O on an IBM ThinkPad T42 worked flawlessly, with all the primary hardware identified and the proper drivers loaded. For system builders, installation to existing or tier-one machines shouldn't be an issue, since they will be focusing on building new white-box PCs.

To make that a successful endeavor, all it takes is a visit to the Linspire Web site to verify hardware compatibility. If the hardware used to build a custom system is found on the list, system builders should have no trouble.

When it comes to using Linspire Five-O, users will find the interface appealing and easy to navigate. All of the major PC software offerings are well-represented. Users will find support for instant messaging, e-mail, Web browsing, networking, Wi-Fi wireless networking and an office productivity suite readily accessible. The office suite is based on OpenOffice and claims compatibility with Microsoft Office.

What's more, Linspire Five-O's desktop interface is designed to bring simplicity to multimedia management. A digital photo organizer, a media player and data backup are included with the OS. With usability in the forefront, Linspire bundles in a subscription to its CNR (Click and Run) service, which is a Web-based application installer. From CNR, users can select from a multitude of open-source applications that meet most any need. As a subscription service, a history of installed applications is kept, which enables users to replicate their preferences on another system or restore their configuration in case of a hard-disk failure.

Test Center engineers found CNR to be quite robust, but many of the applications available were older versions. Perhaps there's a concession to stability over the latest and greatest when it comes to applications.

Nevertheless, system builders will find Linspire Five-0 an excellent avenue for getting involved with Linux and the low-end PC market. With a retail price of just under $50 and a channel program that offers system builders additional discounts, white-box makers will find the OS an excellent value that provides typical users with everything they need.

Ubuntu 6.06 Desktop Linux

Canonical's Ubuntu 6.06 LTS is an excellent Linux-based operating system—so excellent, in fact, that it not only earned eWEEK Labs' Analyst's Choice designation but has also become our clear favorite among Linux desktop distributions.

This latest Ubuntu release, which became available in June, has won our ardor with a tight focus on desktop usability; an extremely active, helpful and organized user community; and a software installation and management framework that's unsurpassed on any OS platform.

In addition to outperforming Linux rivals as a desktop OS, we found that Ubuntu is a solid choice for server deployments—provided, at least, that the sort of graphical management hand-holding that one would expect from Microsoft's Windows Server or from Novell's SUSE Linux Enterprise Server isn't a priority.

The server variant of Ubuntu is focused on slim, headless operation.

Administrators can install a graphical environment on top of Ubuntu, but server administration is a largely a command-line-driven affair.

Most importantly, for enterprise desktop and server deployments alike, Ubuntu 6.06 LTS is the first iteration of this popular Linux distribution for which the Ubuntu project has pledged so-called Long Term Support (what the "LTS" in the distro's name stands for): three years for the desktop package set and five years for the server variant.

Each of the first three Ubuntu releases shipped with 18 months of security and bugfix updates.

This term of support has been too short for many production settings, despite the alacrity with which Ubuntu handles in-place upgrades.

Free—Really

Ubuntu is free software, period—it doesn't come in separate no-cost hobbyist and per-machine-fee enterprise versions like the Linux distributions from Red Hat and Novell.

Canonical does offer paid support for Ubuntu systems—$250 annually for desktop machines, and $750 a year for servers. (See here for more details.)

Ubuntu Linux is available for download, either from an FTP mirror or via Bittorrent, here. The Ubuntu project will mail the distribution on physical media for free, and Amazon.com sells Ubuntu on DVD for $10.

Ubuntu Linux is available in x86, x86-64 and PowerPC versions.

The server variant of Ubuntu is available on all of these platforms, as well as on Sun Microsystems' UltraSparc architecture.

We tested the x86 desktop version on an IBM Thinkpad T41 and an Althon64 system that we built ourselves. We put the server version of Ubuntu through its paces in a VMware virtual machine.

On our laptop test machine, hibernation worked without requiring any tweaking, although we ran into trouble when the amount of RAM in play on our test machine exceeded the size of our swap partition. (Our Thinkpad was stacked with 1.5GB of RAM, and the swap partition that Ubuntu created for us during installation was 500MB.)

Also, when putting our laptop to sleep, our machine's hard drive woke up in read-only mode and required a power cycle to bring it back.

Until notebook PC makers begin explicitly supporting Linux on their machines, administrators will have to spend extra time tweaking the particular hardware they support to ensure that everything works properly.

Overall, though, we found hardware configuration tasks in Ubuntu rather straightforward, requiring less fiddling than other Linux distributions we've tested.

However, we were disappointed to see that Ubuntu still lacks a graphical utility for configuring display settings beyond simply choosing among available display resolutions.

Ubuntu did a fine job of auto-configuring our test machines' displays, but further customizations required hand-editing. For instance, to configure our Thinkpad to use multiple monitors, we had to manually edit the xorg.conf file. We'd like to see Ubuntu begin shipping Red Hat's display configuration tool—not only would Red Hat's tool fit in well with the rest of Ubuntu's configuration utilities, but it is open source and available for the taking.

Management maven

Since Linux distributions boil down to collections of software that are freely available to everyone, distributions most clearly differentiate themselves from each other in the ways that they bring together and manage this software.

Ubuntu owes its excellent software management framework to Debian GNU/Linux, the venerable distribution from which Ubuntu is derived.

In addition to the command-line dpkg and apt utilities that form the foundation of Debian's and Ubuntu's software management schemes, Ubuntu ships with four other front ends for installing and updating software: one for installing single packages, such as those downloaded from a Web page; a very simple Add/Remove Programs interface for browsing through and installing applications available in the system's configured software repositories; a more complex tool, Synaptic, for managing packages; and an updater daemon that runs in the background and prompts users when updates are available.

All of these interfaces front the same software mechanism, and all handle software dependencies automatically.

Ubuntu's software management system supports package signing—we could opt to accept installation only of packages for which we'd previously imported a signing key.

We also could configure our system to install security fixes automatically, which is an important feature for managed desktop scenarios, where users are not allowed to install software or updates on their own.

Just as important as Ubuntu's proficiency in easing package installation and updates is its effective structure for providing access to third-party applications, both open source and proprietary.

During tests, we were able to install VMware's VMware Player, Sun's JRE, Abobe's Flash player and Acrobat Reader, the Opera Web Browser and a handful of other proprietary applications just as easily as any other Ubuntu component.

In addition to these applications, which we installed from official Ubuntu repositories, the project benefits from an array of volunteer-run repository projects.

While other popular distributions, such as Fedora and OpenSUSE, also benefit from volunteer, third-party packaging, the Ubuntu community appears to doing a better job keeping itself organized.

Part of the reason for this is that the Debian project through which Ubuntu can trace its heritage is much more focused on organizing and enabling volunteer packaging efforts than are other Linux distributions—most notably, those of Red Hat.

We were impressed to find included among the very good documentation that ships with Ubuntu a software packaging guide.

When a precompiled package is available for your Linux distribution, software installation and update is easier than on any other OS platform.

The Ubuntu project appears to understand this, and the fruits of the project's outreach include community-contributed gems such as EasyUbuntu, a simple application that automates a handful of common operations that often vex desktop Linux users.

More evidence of Ubuntu's smart community outreach can be found in the Kubuntu and Xubuntu distribution variants—two community-spurred but Ubuntu-embraced distribution variants that replace the system's default GNOME desktop environment and application set with KDE and XFCE flavors, thereby neatly broadening the distribution's appeal.

We found Ubuntu's default GNOME 2.14.2 desktop environment complete and easy to use.

Peripherals such as USB memory sticks, digital cameras, scanners and printers worked as we expected.

Palm and Pocket PC synchronization remain an area of trickiness and require tweaking on the Linux desktop—we were able to link up with a Palm Treo device, but we ran into trouble synchronizing.

Neither the Beagle search tool, which brings Google Desktop-style search to Linux, nor the NetworkManager framework, which makes switching among wired and wireless connections very easy, were installed by default on our Ubuntu test systems.

However, we could install both of these applications from the Ubuntu repositories, and both functioned for us without a hitch.

Along similar lines, we had the option of installing the Xgl 3D desktop effects applications we last tested in OpenSUSE 10.1, although, in our opinion, Xgl is currently a bit too flaky for daily use.