Friday, May 30, 2008

Configuring Services in Ubuntu

Ubuntu's Services' applet is quite frankly horrible. In Centos/Fedora/RHEL at least I can refer to chkconfig in CLI or the straight-forward Services applet. In Ubuntu there also two tools but not installed by deafult:
  1. sysv-rc-conf provides a curses interfaces to easy management of services.
  2. Bum (Boot Up Manager) is its GUI equivalent.
Both are available from the repos.

Enjoy!

Thursday, May 29, 2008

Distro for Work Desktop

As part of a migration exercise from a Windows environment to a Linux one, the question of which distro to use for the servers and desktop is inescapable.

Should Centos be on the server? Should Debian or Ubuntu? Why not Gentoo? All are fine distros with strong community and tons of docs around and more importantly for a server OS, there are long support (patches) cycles.

After much discussion we decided to go for Centos as coming from the Red Hat code base, many 3rd party stuff will work with it.

I am more partial to Ubuntu servers, but Centos is a fine choice too.

Desktops. Hmm....it comes down to Ubuntu, hands down. Why?
  1. Ubuntu is designed to be user friendly.
  2. Hardware support is excellent.
  3. The current 8.04 is LTS and will have patch support for the next 3 years on the desktop. So Fedora and OpenSUSE are out.
  4. We are already running Ubuntu daily and so we are familiar with it.
  5. Tons of pacakages available from repos.
  6. It's free (as in cost).
When you have about 400 PCs to migrate we cannot afford to go for something that is hard to maintain and support. Centos is simply horrible as a desktop OS - the hardware support is just plain bad.

The previous vendor recommended OpenSUSE for the desktops.

OpenSUSE is a fine distro ( I was running it for 3 years and Novell's OpenOffice is simply wonderful), but I wonder have they really thought it out. I mean it is a community distro and was not meant for the Enterprise; granted tech-wise it is good, but for 18 months of patches I am not gonna base my Enterprise PCs on it.

At the least they could have recommended SLES or SLED.

Guess they were just in to fulfil their contractual obligations get the money. People like those give us IT folks a bad name.

Wednesday, May 28, 2008

OpenLDAP and Samba Migration

Ooo the inner geek in me is tingling with excitement over the idea of having migrating an existing AD domain to an open source OpenLDAP one. Ohh...joy....

AD, honestly makes things for easy us. In fact I would say it is the easiest of available Directory Service to deploy, commercially (i.e. propreitary) or otherwise.

As I have shared many times with my fellow geeks, it is easy to join an AD Domain but not to take things out. Case in point, try taking an Exchange Server or MS SQL server out of an existing AD domain. Being an ex Windows engineer (been playing with AD since it was Beta 1 and was making a living with NT4 since 1998) most of the MS tips and stuff won't work well until you fork out some serious dough and get a 3rd Party utility.

So like a drug, we surrender our pride, freedom, privacy and sanity to a company who likes nothing better to squeeze every single hard earned sen from you. And we willingly put on the yoke of oppression for what? So that we can pay more?

Talk about Stockholm Syndrome man!!

Now I just need to book up on the technology. Now I just have to find the book, I am sure I have it somewhere.

Monday, May 26, 2008

Fedora 9 - so far

Well I have Fedora 9 installed on my notebook. So far so good. Suspend somewhat works, with the exception I needed to re-key in the WPA key after wake up. The look and feel of it is polished. In fact, it is one of two distros I can honestly say I can use outright with no or minimal modifications to the theme. The other is OpenSUSE.

Well, initially I had problems connecting to the CUPS printers in office and after much anguish and searching through forums and Googling, I finally found out that the cups-config-daemon was not running .

Urggh....I started the cups daemon but not that. F8 never had that issue. Nor that much loved (or hated depending on which side of the fence you are sitting on), Ubuntu.

Other than that it has been cool. Multimedia works as it should, but one should follow the guide at http://www.mjmwired.net/resources/mjm-fedora-f9.html , especially the one on setting yum with livna repos.

Since I do use a fair bit of clip art, the openclipart packages that comes with it (installed on /usr/share/clipart/openclipart) only has SVG, no good with openoffice. I had to download the archived ones from openclipart.org for the PNG ones.

The Good:
  • Looks wise (out of the box) it beats Ubuntu (any version) hands down. I mean, when will the Shuttleworth crew grow up and realise that orange and brown is just plain bad to the eyes?
  • PolicyKit is really handy - at least now I can set a normal user to able to patch the system.
  • NetworkManager connects automatically to a frequently used WiFi spot just like Ubuntu.
  • Hardware support is better now - I have not found any PCs or notebooks that would not work with F9.
  • Sort of a "standard" and is ideal to test the latest and greatest the RH world has to offer.
The Bads:
  • Yum and Yum Update. Why oh why yum always look for the slowest server to update from? And man, I cannot install anything right after a reboot, why? Coz yum-update is running. Huh. Get it fixed. There are reasons for it I am sure, but it is so damn annoying. And yes I am aware of yum-fastestmirror. Yum has always been the weakest link in Fedora.
  • Slower compared to Ubuntu 8.04. No concrete figures for me to show but it does feel slower running on my notebook.
  • Packages - still small compared to Debian/Ubuntu. However, many packages out there already have a rpm for it. So not too bad actually.
  • Absence of any tool to easily modify the Login Window. The default login window looks like some rush job.
Why do I compare with Ubuntu? Well Fedora and Ubuntu are the 2 most widely used distros nowadays with OpenSUSE in a distant 3rd. Also I use *Buntu at home and work. F9 is a recent addidtion to my work notebook.

So should you do Fedora 9? If you don't mind getting your hands a little (and I mean very little) dirty, Fedora 9 is good. It has always been a fine distro and since Fedora 7 it has been improving tremendously, usable enough for most desktops.

Wednesday, May 14, 2008

OpenPGP Keys backup

For my work emails, I usually digitally sign them with GPG keys. Now I plan to install Fedora 9 (you gotta check it out...it is that cool!) on my laptop and spanking new Ubuntu 8.04. What can I say? I am a distro whore!

Anyhow before I blow away my Ubuntu installation, I first need to backup my keys.

To backup my public key, I need to do the following:

eyeoh@zahadum:~$ gpg --list-keys
/home/eyeoh/.gnupg/pubring.gpg
------------------------------
pub 1024D/A2F0C9E0 2008-05-12
uid Eric Yeoh (msian_tux_lover)
sub 2048g/A5FA7805 2008-05-12

eyeoh@zahadum:~$ gpg -ao msian_tux_lover-pub.key --export A2F0C9E0


msian_tux_lover-pub.key is just a random file name, you can use others.

To backup my private key:

eyeoh@zahadum:~$ gpg --list-secret-keys
/home/eyeoh/.gnupg/secring.gpg
------------------------------

sec 1024D/A2B0F3E6 2008-05-12


uid Eric Yeoh (msian_tux_lover)

ssb 2048g/A1FA9806 2008-05-12


eyeoh@zahadum:~$ gpg -a --export-secret-keys A2B0F3E6 | gpg -aco msian_tux_lover-private.key.gpg

msian_tux_lover-private.key.gpg is just a random file name, you can use others.

You will be prompted for a passphrase to encrypt the private key. DO NOT forget the password.

Then just copy the two key files to somewhere safe.

To restore the keys on to the newly installed Fedora 9 you just need to:

[eyeoh@anlashok ~]$ gpg --import msian_tux_lover-pub.key

To restore the encrypted key:

[eyeoh@anlashok ~]$ gpg --decrypt msian_tux_lover-private.key.gpg |gpg --import

Monday, May 12, 2008

HP to buy EDS?

Just read this at BBC http://news.bbc.co.uk/2/hi/business/7397370.stm

Hmm...I have worked for EDS as a contractor in the past and I must say that the people I have worked with there are of higher calibre than their HP counterparts whom I have had the opportunity to interact with. Not work with coz I don't think they can even understand how to do their jobs they are paid to do.

I have had the displeasure of meeting and talking with some of their so called DTS (Deep Tech Support) people and man, if you ever wondered of whatever happened to that incompetent co-worker or vendor, chances are they are at HP.

Imagine UNIX guys who are not even aware of Linux and whine why can't they work with a GUI and are forced to use that Put-tee thingy! Or Windows guys who are not even aware that you cannot functionally have a Windows 2k3 running on a 512MB RAM system and wonder why it hangs often.

These are the people who hide behind procedures and best practices to avoid work and can tell you with a straight face that it's their policy. Duh...policy of not doing work perhaps. These people have perfected the oriental Tai Chi martial art.

I would not say that EDS has all the brains but from my observation, EDS seems to be better.

By the way, I was referring to the Malaysian divisions of both companies.

I hope to God some open-minded HP guy will read this and find ways to improve on their services. Level 3 guys seem to be more interested in dressing themselves in the latest designer labels and gossiping rather than doing the jobs they are hired to do.

Location of PDF

The PDF can be downloaded from https://help.ubuntu.com/6.10/pdf/ubuntu/C/packagingguide.pdf

Ubuntu DEB Packaging

Hmm...was just informed that I needed to do some DEB packaging for Ubuntu. Seems like more people are into using Ubuntu as their Server OS. Good choice! In a previous employment I deployed a couple of Ubuntu servers in production and it has given me the least problems among my server, including Centos, Gentoo servers.

Got the Ubuntu Packaging Guide PDF off the web and I am trying hard to understand it. So far in my career I have mostly been a Sys Admin (for both Linux and Windows platforms including managing the infamous Exchange incarnations from 5.5 to 2003) and so this is something new. Exciting stuff actually. If only my flu induced blurness is not so bad.

I have read postings about many incompatibilities between the true blue Debian and Ubuntu. So far I have been able to use a few DEBs from the Debian tree (forgot which ones) on Ubuntu without issues; but not vice versa.

I have 8.04 installed and recommended to standardise on it as it is a LTS release i.e. 5 years of free patches for servers and 3 for desktops.

I foresee exciting times ahead.