One, Two, Jango!: 2010

Saturday, October 09, 2010

extract script

### you need to install rar and 7zip packages first if you don't have them.then you can use 'extract ' next time. easy peasy!

#Extract things. Thanks to urukrama, Ubuntuforums.org. put in .bashrc
extract () {
if [ -f $1 ] ; then
case $1 in
*.tar.bz2) tar xjf $1 ;;
*.tar.gz) tar xzf $1 ;;
*.bz2) bunzip2 $1 ;;
*.rar) rar x $1 ;;
*.gz) gunzip $1 ;;
*.tar) tar xf $1 ;;
*.tbz2) tar xjf $1 ;;
*.tgz) tar xzf $1 ;;
*.zip) unzip $1 ;;
*.Z) uncompress $1 ;;
*.7z) 7z x $1 ;;
*) echo "'$1' cannot be extracted via extract()" ;;
esac
else
echo "'$1' is not a valid file"
fi
}

hold debian package update

#####Hold package update especially those you custom compile/install, because debian lenny insist their packages are the latest -_-

echo "package hold"|dpkg --set-selections
and, to reverse,
echo "package install"|dpkg --set-selections

####hold packages will show up as hi, while normal update package show up as ii(update able)

swordfish@protoss-emperor:~$ dpkg -l|grep fglrx
hi fglrx-amdcccle 8.771-1 Catalyst Control Center for the ATI graphics accelerators
hi fglrx-driver 8.771-1 Video driver for the ATI graphics accelerators
hi fglrx-driver-dev 8.771-1 Video driver for the ATI graphics accelerators (devel files)

###of course i'm holding these fglrx packages, i don't want a borked driver after kernel update again -_-

###now when you do apt-get upgrade

swordfish@protoss-emperor:~$ sudo apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
bind9-host dnsutils fglrx-amdcccle fglrx-driver fglrx-kernel-src

Friday, October 08, 2010

new kernel broke my radeon again

##########fglrx woe

I don't know at first that fglrx packages from debian non-free repo will conflict with the proprietary driver downloaded from amd site. So in install the driver from the repo and then the amd driver. After recompile kernel, everything look fine but opengl somehow is broken. This is the guide how to resolve it. good luck!

#####the error:

when i execute fglrxinfo or glxinfo, the output is something like this(not mine):

X Error of failed request:  BadMatch (invalid parameter attributes)   Major opcode of failed request:  156 (GLX)   Minor opcode of failed request:  5 (X_GLXMakeCurrent)   Serial number of failed request:  37   Current serial number in output stream:  37

and there is one line of error in /var/log/Xorg*

EE GLX error: Can not get required symbols

Somehow, the 3d acceleration is working fine, but still i need opengl to play video smoothly -_-

You can see from the Xorg log that the fglrx module loaded is the old module from non-free debian packages, not the one installed from amd installer.

http://wiki.debian.org/Ati%20Installer%20in%20Lenny

###########

ATI installer for Debian is buggy, and requires some tricks:

./ati-driver-installer-10-1-x86.x86_64.run --buildpkg Debian/lenny

Generating package: Debian/lenny

cp: cannot stat `/home/jarek/install/fglrx-install.ClcbzZ/x710/*': No such file or directory

Package build failed!

To correct this you have to extract sources:

./ati-driver-installer-10-1-x86.x86_64.run --extract fglrx-10.1

and do the following. Enter driver directory:

cd fglrx-10.1

Open file: packages/Debian/ati-packager.sh and in line 67 change:

lenny|testing) X_DIR=x710; X_NAME=lenny;;

lenny|testing) X_DIR=x690; X_NAME=lenny;;

Open file packages/Debian/dists/lenny/fglrx-driver.shlibs and at the end add line:

libatiuki 1 fglrx-driver

Copy file libatiuki.so.1.0 and create symbolic link: (for 32-bit system)

cp arch/x86/usr/lib/libatiuki.so.1.0 x690/usr/X11R6/lib/

ln -s libatiuki.so.1.0 x690/usr/X11R6/lib/libatiuki.so.1

For 64-bit system, change x86 to x86_64, x690 to x690_64a, lib to lib64, for above paths.

Now you should be able to build debs:

./ati-installer.sh 10.1 --buildpkg Debian/lenny

##########

http://www.jotschi.de/?p=313

stop xserver/gdm (this will close your desktop environment, make sure you keep this guide somewhere nearby)

modprobe -r fglrx

// get a list of all fglrx packages

sudo dpkg -l | grep fglrx

sudo dpkg -P fglrx-driver

sudo dpkg -P fglrx-kernel-$(uname -r)

sudo dpkg -P fglrx-kernel-src

sudo dpkg -P fglrx-amdcccle

sudo dpkg -P fglrx-driver-dev

// make sure everything is gone

sudo dpkg -l | grep fglrx

3. Restore files that might have been messed up by previous fglrx installations

apt-get --reinstall install libgl1-mesa-glx

apt-get --reinstall install xserver-xorg-core

4. Get rid of old ati configurations

sudo mv /etc/ati /tmp

sudo mv /etc/X11/xorg.conf /tmp

###################################################3

Download the installer and put it in ~/fglrx/

$ cd ./fglrx/

$ chmod +x ati-driver-installer-[version].run

$ ./ati-driver-installer-[version].run --extract fglrx-tmp

$ cd fglrx-tmp

$ su

# ./packages/Debian/ati-packager.sh --buildpkg lenny

# cd ..

dpkg --force-all -i fglrx-driver_[version].deb

dpkg -i fglrx-driver-dev_[version].deb

dpkg -i fglrx-kernel-src_[version].deb

dpkg -i fglrx-amdcccle_[version].deb

#apt-get install module-assistant

#cd /usr/src

# m-a prepare

# m-a update

module-assistant

# SELECT -> fglrx-kernel -> BUILD / INSTALL #

# modprobe -v fglrx

# aticonfig --initial

startx/gdm

#############how to know the fglrx module loaded is correct

debian:check /var/log/Xorg*

(II) LoadModule: "fglrx"

(II) Loading /usr/lib/xorg/modules/drivers//fglrx_drv.so

(II) Module fglrx: vendor="FireGL - ATI Technologies Inc."

compiled for 7.1.0, module version = 8.77.5

Module class: X.Org Video Driver

(II) Loading sub module "fglrxdrm"

(II) LoadModule: "fglrxdrm"

(II) Loading /usr/lib/xorg/modules/linux//libfglrxdrm.so

(II) Module fglrxdrm: vendor="FireGL - ATI Technologies Inc."

compiled for 7.1.0, module version = 8.77.5

#####fglrxinfo will show correct info

swordfish@protoss-emperor:~$ fglrxinfo

display: :0.0 screen: 0

OpenGL vendor string: ATI Technologies Inc.

OpenGL renderer string: ATI Mobility Radeon HD 3400 Series

OpenGL version string: 3.3.10188 Compatibility Profile Context

Thursday, March 11, 2010

Find out if your mail server is an open relay

Open relay from wikipedia:

An open mail relay is an SMTP server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users.[1][2][3] This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular due to their exploitation by spammers and worms. Many relays were closed, or were placed on blacklists by other servers.

How to easily check if your mail server is open relay:

telnet relay-test.mail-abuse.org

[terung@myvps ~]$ telnet relay-test.mail-abuse.org
Trying 168.61.4.13...
Connected to relay-test.mail-abuse.org.
Escape character is '^]'.
Connecting to x.x.x.x ...
<<< 220 myvps.mydomain.com ESMTP
>>> HELO cygnus.mail-abuse.org
<<< 250 myvps.mydomain.com
:Relay test: #Quote test
>>> mail from:
<<< 250 ok
>>> rcpt to: <"nobody@mail-abuse.org">
<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 1
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 2
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #test 3
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 4
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 5
>>> mail from: <>
<<< 250 ok
>>> rcpt to:
<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 6
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 7
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 8
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 we don't relay (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 9
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 we don't relay (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 10
>>> mail from:
<<< 250 ok
>>> rcpt to: <"nobody@mail-abuse.org">
<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 11
>>> mail from:
<<< 250 ok
>>> rcpt to: <"nobody%mail-abuse.org">
<<< 553 we don't relay (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 12
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 we don't relay (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 13
>>> mail from:
<<< 250 ok
>>> rcpt to: <"nobody@mail-abuse.org"@[x.x.x.x]>
<<< 553 we don't relay (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 14
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 we don't relay (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 15
>>> mail from:
<<< 250 ok
>>> rcpt to: <@:nobody@mail-abuse.org>
<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 16
>>> mail from:
<<< 250 ok
>>> rcpt to: <@[x.x.x.x]:nobody@mail-abuse.org>
<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #Test 17
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 we don't relay (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #test 18
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 we don't relay (#5.7.1)
>>> rset
<<< 250 flushed
:Relay test: #test 19
>>> mail from:
<<< 250 ok
>>> rcpt to:
<<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
>>> rset
<<< 250 flushed
>>> QUIT
<<< 221 myvps.mydomain.com
Tested host banner: 220 myvps.mydomain.com ESMTP
System appeared to reject relay attempts
Connection closed by foreign host.
[terung@myvps ~]$

fail2ban: drop the banhammer on those bruteforcer bots from China

Get fail2ban source from http://www.fail2ban.org/wiki/index.php/Downloads.

# tar -xjvf fail2ban-0.8.4.tar.bz2
# cd fail2ban-0.8.4
# python setup.py install

Autostart in RedHat,CentOS,Fedora
# cp files/redhat-initd /etc/init.d/fail2ban
# chkconfig –-add fail2ban
# chkconfig fail2ban on
# service fail2ban start

Copy default conf to jail.local which will override jail.conf, the default conf
# cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

##########sampleconf##########
[DEFAULT]

# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
# ban a host which matches an address in this list. Several addresses can be
# defined using space separator.
ignoreip = 127.0.0.1
ignoreip = 203.82.1.1/24 x.x.x.x

# "bantime" is the number of seconds that a host is banned.
bantime = 86400

# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime = 600

# "maxretry" is the number of failures before a host get banned.
maxretry = 3

[ssh-iptables]

enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH, dest=yourmail@mail.com, sender=fail2ban@web.com]
logpath = /var/log/secure
maxretry = 3

[proftpd-iptables]

enabled = true
filter = proftpd
action = iptables[name=ProFTPD, port=ftp, protocol=tcp]
sendmail-whois[name=ProFTPD, dest=yourmail@mail.com sender=fail2ban@web.com]
logpath = /var/log/secure
maxretry = 6

# This jail forces the backend to "polling".
#####endsample####
#replace the logpath with the proper path for other distro

# /etc/init.d/fail2ban restart
or,
# service fail2ban restart

And check your iptables:
# iptables -L

If you want to unblock someone just do:
# iptables -D fail2ban-ssh 1

Show failed SSH logins by date:
# cat /var/log/secure | grep ‘Failed password’ | sort | uniq -c

#testing ssh filter
/usr/bin/fail2ban-regex /var/log/secure /etc/fail2ban/filter.d/sshd.conf

If your fail2ban seem to not updating the iptables, please check the fail2ban log. If you received below error, you might have old version of iptables and you need to tweak the fail2ban iptables action config.

fail2ban.action [32091]: ERROR iptables -w -N f2b- iptables -w -I INPUT -p tcp -m multiport --dports 0:65535 -j f2b- -- stderr: "iptables v1.4.7: option -w' requires an argument\nTryiptables -h' or 'iptables --help' for more information.\niptables v1.4.7: option -w' requires an argument\nTryiptables -h' or 'iptables --help' for more information.\niptables v1.4.7: option -w' requires an argument\nTryiptables -h' or 'iptables --help' for more information.\n"

reference: https://serverfault.com/questions/730675/fail2ban-action-error-iptables-w-n-f2b-jail-name

Open this config file /etc/fail2ban/action.d/iptables-common.conf , and comment this line:

lockingopt = -w

also changed this line:

#iptables = iptables to iptables = iptables

extra reading: http://www.fail2ban.org/wiki/index.php/Main_Page

Wednesday, March 10, 2010

my xorg.conf for fglrx proprietary driver

I've link how to install ati proprietary driver in the old post. This is my config file after successfully install the driver.

file: /etc/X11/xorg.conf

####Begin

Section "ServerLayout"
Identifier "aticonfig Layout"
Screen 0 "aticonfig-Screen[0]-0" 0 0
EndSection

Section "Files"
EndSection

Section "Module"
EndSection

Section "Monitor"
Identifier "aticonfig-Monitor[0]-0"
Option "VendorName" "ATI Proprietary Driver"
Option "ModelName" "Generic Autodetecting Monitor"
Option "DPMS" "true"
EndSection

Section "Device"
Identifier "Mobility Radeon HD 3400 Series"
Driver "fglrx"
Option "DynamicClocks" "on"
Option "mtrr" "on"
Option "DesktopSetup" "Single"
Option "ScreenOverlap" "0"
Option "VideoOverlay" "on"
Option "OpenGLOverlay" "off"
Option "Stereo" "off"
Option "StereoSyncEnable" "1"
Option "FSAAEnable" "no"
Option "FSAAScale" "1"
Option "FSAADisableGamma" "no"
Option "FSAACustomizeMSPos" "no"
Option "UseFastTLS" "0"
Option "BlockSignalsOnLock" "on"
Option "XAANoOffscreenPixmaps"
Option "AccelMethod" "XAA"
BusID "PCI:1:0:0"
EndSection

Section "Screen"
Identifier "aticonfig-Screen[0]-0"
Device "aticonfig-Device[0]-0"
Monitor "aticonfig-Monitor[0]-0"
DefaultDepth 24
SubSection "Display"
Viewport 0 0
Depth 24
EndSubSection
EndSection

########End

iptables sample ideal for vps

file path: /etc/sysconfig/iptables

This is a sample that you can use for your web hosting/vps. It's pretty basic, really. Kindly uncomment entries that you think you'll need. Make sure you backup your old config in-case a fuck up happens. Else, proceed with caution and have fun!

#######iptables begin
# Generated by iptables-save v1.3.5 on Mon Mar 8 15:30:21 2010
*mangle
:PREROUTING ACCEPT [53641:56160765]
:INPUT ACCEPT [53641:56160765]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [44557:9348034]
:POSTROUTING ACCEPT [44557:9348034]
COMMIT
# Completed on Mon Mar 8 15:30:21 2010
# Generated by iptables-save v1.3.5 on Mon Mar 8 15:30:21 2010
*filter
:INPUT DROP [57:3312]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:VZ_FORWARD - [0:0]
:VZ_INPUT - [0:0]
:VZ_OUTPUT - [0:0]
-A INPUT -j VZ_INPUT
-A FORWARD -j VZ_FORWARD
-A OUTPUT -j VZ_OUTPUT
### allow incoming icmp
-A VZ_INPUT -p icmp -m state --state ESTABLISHED,RELATED -j ACCEPT
-A VZ_INPUT -p icmp -s 0/0 -d -j DROP
#
# Drop stealth scans
-A VZ_INPUT -i -s -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE
-A VZ_INPUT -i -s -p tcp -m tcp --tcp-flags SYN,FIN SYN,FIN
-A VZ_INPUT -i -s -p tcp -m tcp --tcp-flags SYN,RST SYN,RST
-A VZ_INPUT -i -s -p tcp -m tcp --tcp-flags FIN,RST FIN,RST
-A VZ_INPUT -i -s -p tcp -m tcp --tcp-flags ACK,FIN FIN
-A VZ_INPUT -i -s -p tcp -m tcp --tcp-flags ACK,URG URG
#
-A VZ_INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A VZ_INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A VZ_INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A VZ_INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A VZ_INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A VZ_INPUT -p udp -m udp --dport 53 -j ACCEPT
-A VZ_INPUT -p tcp -m tcp --dport 32768:65535 -j ACCEPT
-A VZ_INPUT -p udp -m udp --dport 32768:65535 -j ACCEPT
-A VZ_INPUT -p tcp -m tcp --dport 8880 -j ACCEPT
-A VZ_INPUT -p tcp -m tcp --dport 8443 -j ACCEPT
-A VZ_INPUT -s 127.0.0.1 -d 127.0.0.1 -p tcp -j ACCEPT
-A VZ_INPUT -s 127.0.0.1 -d 127.0.0.1 -p udp -j ACCEPT
-A VZ_INPUT -p tcp -m tcp --dport 20:21 -j ACCEPT
-A VZ_INPUT -p tcp -m tcp --dport 32768:65535 -j ACCEPT
#########################################################
# Drop all incoming malformed XMAS packets
-A VZ_INPUT -p tcp --tcp-flags ALL ALL -j DROP
# Drop all incoming malformed NULL packets
-A VZ_INPUT -p tcp --tcp-flags ALL NONE -j DROP
# Bad incoming source ip address 0.0.0.0/8
-A VZ_INPUT -s 0.0.0.0/8 -j DROP
#if you're using local communication, comment this.
#i'm not sure if it will disturb it, but just in case..
# Bad incoming source ip address 127.0.0.0/8
#-A VZ_INPUT -s 127.0.0.0/8 -j DROP
# Bad incoming source ip address 10.0.0.0/8
-A VZ_INPUT -s 10.0.0.0/8 -j DROP
# Bad incoming source ip address 172.16.0.0/12
-A VZ_INPUT -s 172.16.0.0/12 -j DROP
# Bad incoming source ip address 192.168.0.0/16
-A VZ_INPUT -s 192.168.0.0/16 -j DROP
# Bad incoming source ip address 224.0.0.0/3
-A VZ_INPUT -s 224.0.0.0/3 -j DROP
#######################################################
#allow outgoing icmp
-A VZ_OUTPUT -p icmp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
#
-A VZ_OUTPUT -p tcp -m tcp --sport 80 -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 22 -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 25 -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 110 -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 53 -j ACCEPT
-A VZ_OUTPUT -p udp -m udp --sport 53 -j ACCEPT
-A VZ_OUTPUT -p tcp -j ACCEPT
-A VZ_OUTPUT -p udp -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 8880 -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 8443 -j ACCEPT
-A VZ_OUTPUT -s 127.0.0.1 -d 127.0.0.1 -p tcp -j ACCEPT
-A VZ_OUTPUT -s 127.0.0.1 -d 127.0.0.1 -p udp -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 20:21 -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 32768:65535 -j ACCEPT
COMMIT
# Completed on Mon Mar 8 15:30:21 2010
# Generated by iptables-save v1.3.5 on Mon Mar 8 15:30:21 2010
*nat
:PREROUTING ACCEPT [6142:368537]
:POSTROUTING ACCEPT [315:20384]
:OUTPUT ACCEPT [315:20384]
COMMIT
# Completed on Mon Mar 8 15:30:21 2010
####iptables-end#

That's all. Restart iptables after editing.

/etc/init.d/iptables restart

Sources:

http://www.homepage.montana.edu/~unixuser/031705/iptables.fedora.html
http://bash.cyberciti.biz/security/linux-virtuozzo-vps-firewall-script-2/
http://forums.vpslink.com/linux/865-iptables-error-weird-character-interface-venet0-0-a.html

Wednesday, February 24, 2010

Install debian lenny on my Toshiba Satellite M300 P4317

Laptop specification:

CPU INTEL
LCD Size 14.1
RESOLUTION 1,280 x 800
Weight 2.35kg
RAM 1024MB DDR2 SDRAM (upgraded to 3GB)
HDD/SSD 200
Webcam YES
CPU Model Intel® CoreTM2 Duo Processor T8600 (2.26GHz, 3MB L2 Cache, 1066MHz FSB)
Video ATI Mobility Radeon HD 3470 up to 893MB total available graphics -128MB dedicated
ODD DVD SuperMulti Double Layer Drive (DVD ± RW/RAM) with LabelFlashTM Technology
Wireless LAN Intel® WiFi Link 5100AGN (802.11agn)
LAN 10/100/1000Mbps Gigabit LAN
Card Reader 5-in-1 Card Reader
Bluetooth Bluetooth V2.1 w/ Enhanced Data Rate

Steps summary:

1. Download a 1 cd image debian-504-amd64-xfce+lxde-CD-1.iso from http://www.debian.org/CD/http-ftp/ (netinstall failed on me earlier, because i choose a dead mirror. But maybe my net is down too, not really sure ) LXDE is openbox-based windows manager.

2. Installation is straight forward, during partitioning, choose manual and delete my previous ubuntu partition, / (root). no need to delete /swap 1.5G (half of your total ram, i think) . After delete it, create /home 28G and / 6.5G. Commit changes.

3. Around 400+ packages get installed. Disable the network update because i'm a paranoid. After finished, rebooted.

swordfish@protoss-emperor:~$ uname -a;date;uptime
Linux protoss-emperor 2.6.26-2-amd64 #1 SMP Tue Jan 12 22:12:20 UTC 2010 x86_64 GNU/Linux
Wed Feb 24 14:02:41 MYT 2010
14:02:41 up 13:52, 5 users, load average: 0.12, 0.28, 0.19

4. Panic attack, because i get a black screen, but i can hear the login menu sound. Ctrl+Alt+F1 and tried to restart gdm from tty1, still no display. Damn. Check on my dad's laptop, looks like it's a problem with the default setting in /etc/X11/xorg.conf. My config file is a blank template! lol.

5. Edit /etc/apt/sources.list. Commented the cdrom sources. Add some proper sources.

#
# deb cdrom:[Debian GNU/Linux 5.0.4 _Lenny_ - Official amd64 xfce+lxde-CD Binary-1 20100131-22:54]/ lenny main

#deb cdrom:[Debian GNU/Linux 5.0.4 _Lenny_ - Official amd64 xfce+lxde-CD Binary-1 20100131-22:54]/ lenny main

#backport
deb http://www.backports.org/debian lenny-backports main contrib non-free

# Testing
deb http://http.us.debian.org/debian/ lenny main contrib non-free
# Testing Sources
deb-src http://http.us.debian.org/debian/ lenny main contrib non-free
#Security
#deb http://security.debian.org/ testing/updates main

#DEBIAN MULTIMEDIA
deb http://www.debian-multimedia.org/ lenny main

#deb http://security.debian.org/ lenny/updates main
#deb-src http://security.debian.org/ lenny/updates main

# Line commented out by installer because it failed to verify:
#deb http://volatile.debian.org/debian-volatile lenny/volatile main
# Line commented out by installer because it failed to verify:
#deb-src http://volatile.debian.org/debian-volatile lenny/volatile main

Refer this: multimedia/backport http://dreamlinuxforums.org/index.php?topic=4012.0

6. Install ssh-server. ssh in from my dad's laptop, so i can refer to the guide from his laptop. Compile and install proprietary ATI driver http://wiki.debian.org/ATIProprietary . Restart gdm. Saw the login screen :D Pheww.

7. ntfs-3g for my NTFS ext drives and vista partitions http://beginlinux.wordpress.com/2009/03/18/mounting-an-ntfs-drive-in-debian/

7.5. Rsync /home ( i don't have a separate /home before, so i backup it into my ext hdd)

8. Install wicd, lightweight connection manager if you want http://www.debianadmin.com/wicd-easy-network-connection-manager-in-debian.html

9. Remove faulty kernel ( i tried to get my wireless working by compiling a new kernel, but it hosed up my display, crash on loading gdm) dpkg --purge linux-image-NNN

10. Install flash apt-get install flashplugin-nonfree ( for facebook fishville :D )

11. Pidgin. apt ( for useless chit chat)

12. Japanese/korean fonts (for my addiction) - apt-get install ttf-sazanami-mincho - apt-get install ttf-unfonts

13. Mplayer from apt ( i'm really suprised, what a solid build :O)

14. Turn off terminal beep (because it's annoying :P) http://www.debuntu.org/how-to-turn-off-virtual-console-beep

15. Change default browser (if you want google-chrome or opera) http://wiki.lxde.org/en/LXDE:Questions#How_do_I_change_my_default_browser.3F

16. Clickable irssi links (for irc addiction). Get rxvt-unicode http://geekosphere.org/726/urxvt-tips-transparency-deamonized-clickable-links/

17. Music! Get herrie cli-based mp3 player with last.fm support apt

18. Etc etc - more lxde compatible apps http://forum.lxde.org/viewtopic.php?t=9&f=7

19. Compiling packages (i need notecase http://notecase.sourceforge.net/download.html for my notes, read the readme.txt for additional packages needed) http://users.telenet.be/mydotcom/howto/linux/package02.htm

20. Still needs some more apps for my likings. All the above would be sufficient for normal daily use. Enjoy your debian!

extra:
http://wiki.lxde.org/en/How_to_make_screenshots
dmesg http://pastebin.com/KZwi6Nvc
lspci http://pastebin.com/rm15iSJr

Sunday, February 21, 2010

matahari 10

Hari ni try install solaris 10 dalam virtualbox kat ubuntu aku ( otai2 panggil obontot). Option no 3 desktop console, aku pakai no 4, console jugak tapi dah lupa nama apa. Pakai default option lambat sikit, sebab gui. Mula2 aku install full package. Lama gak tunggu nak habis.

Tips nak bagi cepat install:

1. Pilih no networking - aku rasa dia akan scan network utk check update, masa 1st install aku pakai gui, macam hang kejap dekat sini.

Lepas aku install 1st time, aku delete balik harddisk. Tapi sebelum tu aku tanya burung:

19:33 <@ b> svcs |grep cde
19:33 <@ w> aku dah delete dah harddisk die
19:33 <@ w> ahahahaa
19:33 <@ b> nanti kau nampak cde-login , pastu kau disable kan svcadm disable
19:33 <@ b> chait

Ah, cepat sangat tangan mendelete. Takpe, install balik. Kali ni pilih full jugak, lepas tu edit packages, buang semua gui (gnome,cde,xwindows) staroffice, evolution, firefox, dll. Pilih zfs, sebab nak testing. Setting lain semua straight forward, macam region, local, timezone etc. Dah habis install, dia akan unmount cd pastu reboot. Kalau korang dah pilih auto untuk dua-dua tu, biar je dia reboot.

Bila boot balik, macam lama skit loading. Ram aku letak 512MB, sebab tu slow skit. Ok, dah siap. Login. Default shell tak sure plak ape, cam tak best. Pakai bash, senang. Tapi ada problem sket. takde pipe | . Memang pening la. Nak kena remap balik layout. Key lain semua betul, kalau tekan pipe keluar ~. Haha. Ok, cukup dulu. Nanti aku sambung.