Screenlets provides a huge variety of desktop widgets, including support for Superkaramba themes and Google Gedgets (through a converter). The project supplies a convenient package for Ubuntu users, but it appears that there is no RPM for Fedora users. But, with a few simple commands, it is possible to get screenlets up and running in Fedora 15.

Complete Story

A Linux file system is a collection of various files and folders, which is stored in a separate disk partition. The entire disk partition is divided into various file system blocks, which are used for storing either the user data or the metadata. The metadata can be referred as the repository that contains the information of the file system. One such metadata structure is the superblock, which is very essential for the health of the Linux system. A file system cannot be mounted if you are not able to access the superblock.

Over the years I have had to harden a great number of LAMP boxes, I have found some methods work for better than others. I will now share with you all my favorite 10 along with methods to implement them on Debian/Ubuntu.

10. Lock SSH access right down. I do this by disabling root logins, disabling password authentication and using denyhosts.

To disable root logins do this: vi /etc/ssh/sshd_config and look for the following line: PermitRootLogin yes and change it thus: PermitRootLogin no

To disable password authentication (you will have to use public/private keys) do this: vi /etc/ssh/sshd_config and look for the following line: #PasswordAuthentication yes (note its commented out) and change it thus: PasswordAuthentication no

To install denyhosts do this: apt-get install denyhosts once installed it shouldn't need any configuration, but you can tweak the settings if you wish in /etc/denyhosts.conf

9. Always use Sudo for root access, This is one of the things Ubuntu does really well and its about time other distros did the same.

A while back I wrote about using Apache as a dynamic reverse proxy. Anyone who has done even minimal research into web servers knows that Apache is the swiss army knife. It trys to be everything for everyone, and like a swiss army knife may not be as good as a more refined too at least as far as efficiency is concerned.

Debian's FreeRadius package is built without support for EAP/TLS/TTLS/PEAP because of the licensing problems of the OpenSSL library. But, if you want to implement 802.1x network authentication with strong security, you'll need it. This is a short tutorial that explains how to build Debian (sid aka unstable) package linked to libssl and with EAP/TLS/TTLS/PEAP support compiled in.

First, download the newest source package (orig.tar.gz), Debian diffs (diff.gz) and description file (dsc) from the freeradius package page. The version I tested the procedure with is 1.1.7-1.

The other day I stumbled upon this neat tool that helps cleanup your GConf registry, called GConf Cleaner. While GNOME registry size isn't nowhere near the size of Windows registry, and thus shouldn't slow your computer too much, it's still nice to have a tool that cleans unused and obsolete entries.

Meet GConf Cleaner

The tool is still in early stages of development (version 0.0.2), but I've successfully run it on my desktop and was amazed how many old entries it found. Typically, if you install some GNOME application, play with it a little bit and later decide to delete it, it's configuration settings will remain in the GConf database. So your registry will only grow in time.

OK, this is so cool and sexy, I really don't understand how I didn't find about this earlier. Possibly because it's the recent add-on to the well known script utility?

So, I suppose you all know about script. You type script, do your work, type exit, and you have your complete session logged in the file named typescript. Quite handy if you want to log everything you did in the shell for whatever reasons.

What you might not know is that script has an interesting switch which allows you to also save the exact timing data of the screen output you're capturing. And an additional utility called scriptreplay which can later replay your session in real-time. Like a movie. With perfect timing.

You've finally made the move to a Windows-free computer, you're enjoying your brand new Linux OS, no trojans/viruses, no slowdown, everything's perfect. Suddenly, you need to update the BIOS on your motherboard to support some new piece of hardware, but typically the motherboard vendor is offering only DOS based BIOS flash utilities. You panic! Fortunately, this problem is easy to solve...

Step 1: Download FreeDOS boot disk floppy image

FreeDOS, a free DOS-compatible operating system, is up to the challenge, no need for proprietary DOS versions. So, all you need is a bootable floppy disk image with FreeDOS kernel on it. We are fortunate that guys at FDOS site have prepared one suitable for us. Use the OEM Bootdisk version, the one with just kernel and command.com, because it leaves more free space on disk for the flash utility and new BIOS image. You can also find a local copy of this image attached at the end of this article. After you download the image, you need to decompress it. In other words:

If you're a heavy user of the Linux VGA console, you'll like this feature. Recent 2.6 kernels have added support for soft scrollback. This feature enables you to have much bigger scrollback buffer than the standard console has, at the price of slightly slower console output.

The scrollback buffer of the standard VGA console is located in VGA RAM. This RAM is fixed in size and is very small. To make the scrollback buffer larger, it must be placed instead in System RAM. We call this soft scrollback.

The feature and the size of the buffer are enabled/configured through kernel config options, during kernel compilation. Beside consuming kernel memory, enabling this feature will slow down the console by approximately 20%.

If you are lucky to have fresh X11R7 on your desktop with all its new features and nice filesystem layout you might have noticed that some things have compatibility problems with it. Namely, if you have flash plugin installed you might not see text in flash content displayed properly, depending on how your Linux distribution handled the upgrade.

Having already had trouble with that (for other reasons I'll explain later) this time fix for the problem was a no brainer. The reason for problems is that the official flash plugin does some font handling of it's own, not using system font file server or X server itself. But it still depends on some filesystem paths and configuration to be in place so it can find font files it needs. By doing strings libflashplayer.so and carefully skipping over lots of uninteresting text, you can find that flash plugin looks for /usr/X11R6/lib/X11/fs/config file which is the configuration file of the font server. Next it parses "catalogue = " line in it to find all available fonts on the system. The trouble is that new release of X.Org server got rid of /usr/X11R6 system path in favour of putting binaries and other files in the more appropriate places in the filesystem, just like the other linux applications do.