Pages

Showing posts with label tool. Show all posts
Showing posts with label tool. Show all posts

Wednesday, June 16, 2021

Fedora 34 : The grubby command line tool.

The grubby command line tool used to configure bootloader menu entries across multiple architectures.
All information can be find with the manual linux commands:
[root@desk mythcat]# man grubby
Let's see some simple examples.
This command can list all the installed kernel:
[root@desk mythcat]# grubby --info=ALL | grep ^kernel
kernel="/boot/vmlinuz-5.12.10-300.fc34.x86_64"
kernel="/boot/vmlinuz-5.12.8-300.fc34.x86_64"
kernel="/boot/vmlinuz-0-rescue-fc76db87af524282b0c7e05a9c5d18f4
To get more details on the installed kernel:
[root@desk mythcat]# grubby --info="/boot/vmlinuz-$(uname -r)"
index=0
kernel="/boot/vmlinuz-5.12.10-300.fc34.x86_64"
args="ro resume=/dev/mapper/fedora-swap rd.lvm.lv=fedora/root rd.lvm.lv=fedora/swap rhgb quiet splash 
acpi_osi=Linux"
root="/dev/mapper/fedora-root"
initrd="/boot/initramfs-5.12.10-300.fc34.x86_64.img"
title="Fedora (5.12.10-300.fc34.x86_64) 34 (MATE-Compiz)"
id="fc76db87af524282b0c7e05a9c5d18f4-5.12.10-300.fc34.x86_64"
Add selinux=0 to the kernel with this tool:
[root@desk mythcat]# grubby --update-kernel ALL --args selinux=0
Let's see if is added:
[root@desk mythcat]# grubby --info="/boot/vmlinuz-$(uname -r)"
index=0
kernel="/boot/vmlinuz-5.12.10-300.fc34.x86_64"
args="ro resume=/dev/mapper/fedora-swap rd.lvm.lv=fedora/root rd.lvm.lv=fedora/swap rhgb quiet splash 
acpi_osi=Linux selinux=0"
root="/dev/mapper/fedora-root"
initrd="/boot/initramfs-5.12.10-300.fc34.x86_64.img"
title="Fedora (5.12.10-300.fc34.x86_64) 34 (MATE-Compiz)"
id="fc76db87af524282b0c7e05a9c5d18f4-5.12.10-300.fc34.x86_64"
Remove the selinux=0 option from the bootloader with this tool:
[root@desk mythcat]# grubby --update-kernel ALL --remove-args selinux
Let's see if is removed:
[root@desk mythcat]# grubby --info="/boot/vmlinuz-$(uname -r)"
index=0
kernel="/boot/vmlinuz-5.12.10-300.fc34.x86_64"
args="ro resume=/dev/mapper/fedora-swap rd.lvm.lv=fedora/root rd.lvm.lv=fedora/swap rhgb quiet splash 
acpi_osi=Linux"
root="/dev/mapper/fedora-root"
initrd="/boot/initramfs-5.12.10-300.fc34.x86_64.img"
title="Fedora (5.12.10-300.fc34.x86_64) 34 (MATE-Compiz)"
id="fc76db87af524282b0c7e05a9c5d18f4-5.12.10-300.fc34.x86_64"
You can see is removed.
Get the index number of all the installed kernels:
[root@desk mythcat]# grubby --info=ALL | grep -E "^kernel|^index"
index=0
kernel="/boot/vmlinuz-5.12.10-300.fc34.x86_64"
index=1
kernel="/boot/vmlinuz-5.12.8-300.fc34.x86_64"
index=2
kernel="/boot/vmlinuz-0-rescue-fc76db87af524282b0c7e05a9c5d18f4"
I can set the default kernel by index with this tool:
[root@desk mythcat]# grubby --set-default-index=1
These are not all features of this command.
Posted by Labels: , , , , , , , , , ,

Saturday, May 8, 2021

Fedora 33 : Simple installation of the TeamViewer utility.

TeamViewer is a comprehensive, remote access, remote control and remote support solution that works with almost every desktop and mobile platform, including Windows, macOS, Android, and iOS.
Clean the files from your system.
[root@desk mythcat]# dnf clean all
76 files removed
Get the wget tool for download:
[root@desk mythcat]# dnf -y install wget
Get the rmp file:
[root@desk mythcat]# wget https://download.teamviewer.com/download/linux/teamviewer.x86_64.rpm
--2021-05-08 16:44:17--  
https://download.teamviewer.com/download/linux/teamviewer.x86_64.rpm
Resolving download.teamviewer.com (download.teamviewer.com)... 104.16.62.16, 104.16.63.16, 
2606:4700::6810:3f10, ...
...
Connecting to dl.teamviewer.com (dl.teamviewer.com)|104.16.62.16|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 15280308 (15M) [application/x-redhat-package-manager]
Saving to: ‘teamviewer.x86_64.rpm’

teamviewer.x86_64.rp 100%[=====================>]  14.57M  16.6MB/s    in 0.9s    

2021-05-08 16:44:19 (16.6 MB/s) - ‘teamviewer.x86_64.rpm’ saved [15280308/15280308]
I already installed the package to talk to my son.
[root@desk mythcat]# dnf -y install teamviewer.x86_64.rpm
Last metadata expiration check: 0:04:58 ago on Sat 08 May 2021 04:40:17 PM EEST.
Package teamviewer-15.17.6-0.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
The next step is to import the key from TeamViewer team development:
[root@desk mythcat]# wget https://download.teamviewer.com/download/linux/signature/TeamViewer2017.asc
...
[root@desk mythcat]# gpg --import TeamViewer2017.asc 
...
gpg:               imported: 1
Team view does not solve the basic security problems I face every day, it only offers a remote connection.
Posted by Labels: , , , , , , , ,

Sunday, January 31, 2021

Fedora 33 : Roblox and Wine.

Because I tried to install this platform, I will show you what works and what doesn't. 
At this moment Roblox Player cannot be run with Wine. 
I tested two ways to run it.
First is the roblox-linux-wrapper and the second is the direct way to install RobloxPlayerLauncher.exe.
The roblox-linux-wrapper works but you will get this error
The install process is simple: 
[mythcat@desk ~]$ git clone https://github.com/roblox-linux-wrapper/roblox-linux-wrapper.git
Cloning into 'roblox-linux-wrapper'...
remote: Enumerating objects: 17, done.
remote: Counting objects: 100% (17/17), done.
remote: Compressing objects: 100% (16/16), done.
remote: Total 1471 (delta 7), reused 4 (delta 1), pack-reused 1454
Receiving objects: 100% (1471/1471), 380.74 KiB | 274.00 KiB/s, done.
Resolving deltas: 100% (901/901), done.

[mythcat@desk ~]$ whereis wine
wine: /usr/bin/wine /usr/lib/wine /usr/lib64/wine /usr/share/wine /usr/share/man/man1/wine.1.gz

[mythcat@desk ~]$ roblox-linux-wrapper/rlw
> main: Sourcing /home/mythcat/roblox-linux-wrapper/data/rlw-core.sh
> wineinitialize: sourcing /home/mythcat/.rlw/wine_choice
Another way is to download the EXE file and run it with Wine. 
[mythcat@desk ~]$ wget http://setup.rbxcdn.com/RobloxPlayerLauncher.exe
wine RobloxPlayerLauncher.exe 
...
You can try to start a game on browser , select the Roblox Player and will get the same error. A good news is about Roblox Studio, this works very well: 
[mythcat@desk ~]$ wget https://setup.rbxcdn.com/RobloxStudioLauncherBeta.exe
[mythcat@desk ~]$ wine RobloxStudioLauncherBeta.exe
My video card NVIDIA Corporation GT218 [GeForce 210] (rev a2) is not very good with this application , but works.
Posted by Labels: , , , , , , , , , , , , ,

Saturday, January 30, 2021

Fedora 33 : The new Wine 6.0.

The new released of Wine 6.0 comes with this intro:
The Wine team is proud to announce that the stable release of Wine 6.0 is now available. This release represents a year of development effort and over 8,300 individual changes. It contains a large number of improvements that are listed in the release notes below. The areas of major changes are:
- Core modules in PE format.
- Vulkan backend for WineD3D.
- DirectShow and Media Foundation support.
- Text console redesign. ...

About Wine:
Wine (originally an acronym for "Wine Is Not an Emulator") is a compatibility layer capable of running Windows applications on several POSIX-compliant operating systems, such as Linux, macOS, BSD. Instead of simulating internal Windows logic like a virtual machine or emulator, Wine translates Windows API calls into POSIX calls on-the-fly, eliminating the performance and memory penalties of other methods and allowing you to cleanly integrate Windows applications into your desktop.

I used the Wine repo to install easily this software: 
[root@desk mythcat]# dnf config-manager --add-repo https://dl.winehq.org/wine-builds/fedora/33/winehq.repo
Adding repo from: https://dl.winehq.org/wine-builds/fedora/33/winehq.repo
[root@desk mythcat]# dnf install wine
WineHQ packages                                 1.8 MB/s | 1.2 MB     00:00    
Dependencies resolved.
================================================================================
 Package                       Arch   Version                     Repo     Size
================================================================================
Installing:
 wine                          x86_64 6.0-1.fc33                  updates  13 k
Installing dependencies:
 SDL2                          i686   2.0.14-1.fc33               updates 589 k
 cdparanoia-libs               i686   10.2-34.fc33                fedora   56 k
 gd                            i686   2.3.0-3.fc33                fedora  142 k
 graphene                      i686   1.10.2-4.fc33               fedora   71 k
 gstreamer1-plugins-base       i686   1.18.2-1.fc33               updates 2.1 M
 ...
  wine-opencl-6.0-1.fc33.x86_64                                                 
  wine-pulseaudio-6.0-1.fc33.i686                                               
  wine-pulseaudio-6.0-1.fc33.x86_64                                             
  wine-small-fonts-6.0-1.fc33.noarch                                            
  wine-symbol-fonts-6.0-1.fc33.noarch                                           
  wine-system-fonts-6.0-1.fc33.noarch                                           
  wine-systemd-6.0-1.fc33.noarch                                                
  wine-tahoma-fonts-6.0-1.fc33.noarch                                           
  wine-times-new-roman-fonts-6.0-1.fc33.noarch                                  
  wine-twain-6.0-1.fc33.i686                                                    
  wine-twain-6.0-1.fc33.x86_64                                                  
  wine-webdings-fonts-6.0-1.fc33.noarch                                         
  wine-wingdings-fonts-6.0-1.fc33.noarch                                        

Complete!
You can build it from source code: 
[mythcat@desk ~]$ cd wine-6.0/
[mythcat@desk wine-6.0]$ ls
aclocal.m4  configure.ac   fonts    LICENSE.OLD  nls	   server
ANNOUNCE    COPYING.LIB    include  loader	 po	   tools
AUTHORS     dlls	   libs     MAINTAINERS  programs  VERSION
configure   documentation  LICENSE  Makefile.in  README
Wine uses a virtual C: drive and you need to configure it with this command: 
[mythcat@desk ~]$ winecfg
wine: created the configuration directory '/home/mythcat/.wine'
002c:fixme:winediag:LdrInitializeThunk wine-staging 6.0 is a testing version containing experimental patches.
...
This starts a new window where you can set the wine software.
Also, you can locate the virtual C: drive at: 
[mythcat@desk ~]$ ls -la .wine/drive_c/
total 8
drwxr-xr-x  7 mythcat mythcat  124 Jan 30 11:56  .
drwxr-xr-x  4 mythcat mythcat  117 Jan 30 12:03  ..
drwxr-xr-x  3 mythcat mythcat   23 Jan 30 11:56  ProgramData
drwxr-xr-x  6 mythcat mythcat   97 Jan 30 11:56 'Program Files'
drwxr-xr-x  6 mythcat mythcat   97 Jan 30 11:56 'Program Files (x86)'
drwxr-xr-x  4 mythcat mythcat   35 Jan 30 11:56  users
drwxr-xr-x 18 mythcat mythcat 4096 Jan 30 11:57  windows
-rw-r--r--  1 mythcat mythcat    9 Jan 30 11:56  .windows-serial
I tested with my favorite old game Dune 2000 from this webpage
Just unzip it and run wine with right-click on DUNE2000.EXE and select Open With and Wine Windows Program Loader.
The game runs it well:
Dune 2000 gane

You can read about Fedora Linux distro and Wine software on this official MediaWiki page.
Posted by Labels: , , , , , , , , , , , , ,

Thursday, December 17, 2020

Fedora 33 : Sigil software.

Sigil is a ePub editor for Linux and omes with powerful features like UTF-16, EPUB 2 spec, and limited EPUB 3 support.
The complete control over directly editing EPUB syntax in Code View and Table of Contents generator with multi-level heading support and metadata editor.
The user interface translated into many languages and spell checking and many plugins available.
These command will show you how can search and install this software:
[root@desk mythcat]# dnf search Sigil
Last metadata expiration check: 0:54:58 ago on Wed 16 Dec 2020 11:01:54 PM EET.
======================== Name & Summary Matched: Sigil =========================
FlightCrew-sigil-plugin.x86_64 : Sigil FlightCrew epub validator plugin
sigil-doc.noarch : Documentation for Sigil ebook editor
============================= Name Matched: Sigil ==============================
sigil.x86_64 : WYSIWYG ebook editor
[root@desk mythcat]# dnf install sigil.x86_64 
Last metadata expiration check: 0:55:32 ago on Wed 16 Dec 2020 11:01:54 PM EET.
Dependencies resolved.
================================================================================
 Package                     Arch       Version               Repository   Size
================================================================================
Installing:
 sigil                       x86_64     0.9.14-7.fc33         fedora      3.5 M
Installing dependencies:
 minizip                     x86_64     2.10.2-1.fc33         updates     112 k
 python3-cssselect           noarch     0.9.2-16.fc33         fedora       38 k
 python3-cssutils            noarch     1.0.2-9.fc33          fedora      270 k
 python3-regex               x86_64     2020.11.13-1.fc33     updates     345 k
 zipios++                    x86_64     0.1.5.9-25.fc33       fedora       78 k
Installing weak dependencies:
 FlightCrew-sigil-plugin     x86_64     0.9.1-21.fc33         fedora      336 k

Transaction Summary
================================================================================
Install  7 Packages

Total download size: 4.7 M
Installed size: 20 M
Is this ok [y/N]: y
...
  Running scriptlet: sigil-0.9.14-7.fc33.x86_64                             7/7 
  Verifying        : minizip-2.10.2-1.fc33.x86_64                           1/7 
  Verifying        : python3-regex-2020.11.13-1.fc33.x86_64                 2/7 
  Verifying        : FlightCrew-sigil-plugin-0.9.1-21.fc33.x86_64           3/7 
  Verifying        : python3-cssselect-0.9.2-16.fc33.noarch                 4/7 
  Verifying        : python3-cssutils-1.0.2-9.fc33.noarch                   5/7 
  Verifying        : sigil-0.9.14-7.fc33.x86_64                             6/7 
  Verifying        : zipios++-0.1.5.9-25.fc33.x86_64                        7/7 

Installed:
  FlightCrew-sigil-plugin-0.9.1-21.fc33.x86_64                                  
  minizip-2.10.2-1.fc33.x86_64                                                  
  python3-cssselect-0.9.2-16.fc33.noarch                                        
  python3-cssutils-1.0.2-9.fc33.noarch                                          
  python3-regex-2020.11.13-1.fc33.x86_64                                        
  sigil-0.9.14-7.fc33.x86_64                                                    
  zipios++-0.1.5.9-25.fc33.x86_64                                               

Complete!
Posted by Labels: , , , , , , , , , ,

Thursday, October 22, 2020

Fedora 32 : Can be better? part 016.

Today I tested the Unity 3D version 2020 on Linux Fedora 32.
Maybe it would be better to integrate Unity 3D or Unity Hub in Fedora repo just like other useful software like Blender 3D, GIMP.
It will improve the user experience and attract new users and developers for this distro.
I download the AppImage from Unity website and I run with these commands:
[mythcat@desk Downloads]$ chmod a+x UnityHub.AppImage 
[mythcat@desk Downloads]$ ./UnityHub.AppImage 
r: 0
License accepted
...
Posted by Labels: , , , , , , , , , ,

Saturday, October 17, 2020

Fedora 32 : Visual Code and C# on Fedora distro.

Today I will show you how to use Visual Code with C#. 
sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc
sudo sh -c 'echo -e "[code]\nname=Visual Studio Code\nbaseurl=https://packages.microsoft.com/yumrepos/
vscode\nenabled=1\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc" > 
/etc/yum.repos.d/vscode.repo'
Then use dnf to check and install this editor.
#dnf check-update
#dnf install code
Use Extensions button or Ctrl+Shift+X keys to open in the left side area and intall the C# extension from Microsoft by pressing the Install button, see:

Created a folder named CSharpProjects and using the linux terminal execute the following command: 
[mythcat@desk CSharpProjects]$ dotnet new mvc -au None -o aspnetapp
The template "ASP.NET Core Web App (Model-View-Controller)" was created successfully.
This template contains technologies from parties other than Microsoft, 
see https://aka.ms/aspnetcore/3.1-third-party-notices for details.

Processing post-creation actions...
Running 'dotnet restore' on aspnetapp/aspnetapp.csproj...
  Restore completed in 112.76 ms for /home/mythcat/CSharpProjects/aspnetapp/aspnetapp.csproj.

Restore succeeded.

[mythcat@desk CSharpProjects]$ cd aspnetapp/
[mythcat@desk aspnetapp]$ code .
This command will open the Visual Code. At this point, in the aspnetapp folder is an ASP.NET project open in Visual Code. You can run this project with command: 
[mythcat@desk aspnetapp]$ dotnet run
warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[35]
      No XML encryptor configured. Key {4c284989-9a5d-4ea7-89e2-a383828fd7ab} may be persisted 
      to storage in unencrypted form.
info: Microsoft.Hosting.Lifetime[0]
      Now listening on: https://localhost:5001
info: Microsoft.Hosting.Lifetime[0]
      Now listening on: http://localhost:5000
info: Microsoft.Hosting.Lifetime[0]
      Application started. Press Ctrl+C to shut down.
info: Microsoft.Hosting.Lifetime[0]
      Hosting environment: Development
info: Microsoft.Hosting.Lifetime[0]
      Content root path: /home/mythcat/CSharpProjects/aspnetapp
You can open the https://localhost:5001/ and see the default Welcome page from ASP.NET.
Posted by Labels: , , , , , , , , , , , , , ,

Sunday, September 20, 2020

Fedora 32 : Can be better? part 010.

In this tutorial I will show you how can easy learn with a simple example to have a better Fedora distro with SELinux. 

SELinux uses a policy store to keep track of its loaded policy modules and related settings. 

You can see my active policy store name is MLS.

[root@desk mythcat]# sestatus | grep Loaded
Loaded policy name:             mls

I want to create policy in the most easy way to denny memory. 

I can use many way to do that or find it on SELinux. 

If you want to deny user domains applications to map a memory region as both executable and writable you can use deny_execmem

This is dangerous and the executable should be reported in bugzilla and is is enabled by default. 

You must turn on the deny_execmem boolean. 

setsebool -P deny_execmem 1
Let's use it: 
[root@desk mythcat]# setsebool -P deny_execmem 1
[root@desk mythcat]# ausearch -c 'Web Content' --raw | audit2allow -M my-WebContent
******************** IMPORTANT ***********************
To make this policy package active, execute:

semodule -i my-WebContent.pp

[root@desk mythcat]# semodule -X 300 -i my-WebContent.pp
Let's see if this SELinux is currently loaded: 
[root@desk mythcat]# semodule -l | grep Web
my-WebContent
Posted by Labels: , , , , , , , , , ,

Tuesday, September 15, 2020

Fedora 32 : Can be better? part 008.

The Fedora development is not very active in the last programming language.
The main reason is the build new packages and put on the repository.
I think this can be improved with a good tool to solve all dependencies and link all into a good package.
Today I tested the new Python version 3.5.10 released on September 5th, 2020.
I download an unzip the archive and I use these commands to build this python version
[mythcat@desk ~]$ cd Python-3.5.10/
[mythcat@desk Python-3.5.10]$ ./configure
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking for python3.5... no
checking for python3... python3
checking for --enable-universalsdk... no
...
The next command is make: 
[mythcat@desk Python-3.5.10]$ make
gcc -pthread -c -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes
   -Werror=declaration-after-statement   -I. -I./Include    -DPy_BUILD_CORE -o Programs/python.o 
./Programs/python.c
...
# On Darwin, always use the python version of the script, the shell
# version doesn't use the compiler customizations that are provided
# in python (_osx_support.py).
if test `uname -s` = Darwin; then \
 cp python-config.py python-config; \
fi
Then I used make test. 
[mythcat@desk Python-3.5.10]$ make test
running build
running build_ext
INFO: Can't locate Tcl/Tk libs and/or headers

Python build finished successfully!
...
For the last part I used this command: 
[mythcat@desk Python-3.5.10]$ sudo make install
...
The result of this is ... 
[mythcat@desk Python-3.5.10]$ ls
aclocal.m4     config.sub    Include          Mac              Modules  platform        python            README
build          configure     install-sh       Makefile         Objects  Programs        Python            setup.py
config.guess   configure.ac  Lib              Makefile.pre     Parser   pybuilddir.txt  python-config     Tools
config.log     Doc           libpython3.5m.a  Makefile.pre.in  PC       pyconfig.h      python-config.py
config.status  Grammar       LICENSE          Misc             PCbuild  pyconfig.h.in   python-gdb.py
[mythcat@desk Python-3.5.10]$ ./python 
Python 3.5.10 (default, Sep  6 2020, 22:32:07) 
[GCC 10.2.1 20200723 (Red Hat 10.2.1-1)] on linux
Type "help", "copyright", "credits" or "license" for more information.
...
Posted by Labels: , , , , , , , , , ,

Fedora 32 : Can be better? part 009.

The Fedora distro will be better if the development team will come with useful, accurate, and up-to-date information. A very simple example is C and C ++ programming and more precisely how to build programs and packages. Let's take a simple example of creating interfaces with GTK. Let's take a simple example of creating interfaces with GTK that require knowledge of the GCC compiler. First I install gtk3-devel package: 
dnf install gtk3-devel
The Fedora team come with a group install with many feature. 
#dnf -y groupinstall "Development Tools"
I test with these examples: 
#include 

int main(int   argc,
     char *argv[])
{
  GtkWidget *window;
    
  gtk_init (&argc, &argv);
    
  window = gtk_window_new (GTK_WINDOW_TOPLEVEL);
  gtk_window_set_title (GTK_WINDOW (window), "Hello World");
  gtk_widget_show  (window);
    
  gtk_main ();
    
  return 0;
}
This create a simple window with Hello World title. 
#include 

static void on_window_closed(GtkWidget * widget, gpointer data)
{
    gtk_main_quit();
}

int main(int argc, char * argv[])
{
    GtkWidget * window, * label;

    gtk_init(&argc, &argv);

    window = gtk_window_new(GTK_WINDOW_TOPLEVEL);

    g_signal_connect( window, "destroy", G_CALLBACK(on_window_closed), NULL);

    label = gtk_label_new("Hello, World!");

    gtk_container_add(GTK_CONTAINER(window), label);

    gtk_widget_show(label);
    gtk_widget_show(window);

    gtk_main();

    return 0;
}
This is the same example but you will see a label with te text Hello, World!.
The last example is more complex and involves the use of signals attached to the close button and the OK button.
The main window contains three labels with my name and an editbox in which you have to enter my nickname mythcat or something else. 
#include 

const char *password = "mythcat";

// close the window application 
void closeApp(GtkWidget *widget, gpointer data)
{
    gtk_main_quit();
}

// show text when you click on button 
void button_clicked(GtkWidget *button, gpointer data)
{
    const char *password_text = gtk_entry_get_text(GTK_ENTRY((GtkWidget *)data));

    if(strcmp(password_text, password) == 0)
        printf("Access granted for user: \"%s\"\n",password);
    else
        printf("Access denied!\n");
 
}

int main( int argc, char *argv[])
{
    GtkWidget *window;
    GtkWidget *label1, *label2, *label3;
    GtkWidget *hbox;
    GtkWidget *vbox;
    GtkWidget *ok_button;
    GtkWidget *password_entry;

    gtk_init(&argc, &argv);

    window = gtk_window_new(GTK_WINDOW_TOPLEVEL);

    gtk_window_set_title(GTK_WINDOW(window), "Labels, password with one button and layout");
    gtk_window_set_position(GTK_WINDOW(window), GTK_WIN_POS_CENTER);
    gtk_window_set_default_size(GTK_WINDOW(window), 300, 200);

    g_signal_connect(G_OBJECT(window), "destroy", G_CALLBACK(closeApp), NULL);

    label1 = gtk_label_new("Catalin");
    label2 = gtk_label_new("George");
    label3 = gtk_label_new("Festila");

    password_entry = gtk_entry_new();
    gtk_entry_set_visibility(GTK_ENTRY(password_entry), FALSE);
    ok_button = gtk_button_new_with_label("OK");
    g_signal_connect(G_OBJECT(ok_button), "clicked", G_CALLBACK(button_clicked),password_entry);

    hbox = gtk_box_new(FALSE, 1);
    vbox = gtk_box_new(TRUE, 2);

    gtk_box_pack_start(GTK_BOX(vbox), label1, TRUE, FALSE, 5);
    gtk_box_pack_start(GTK_BOX(vbox), label2, TRUE, FALSE, 5);
    gtk_box_pack_start(GTK_BOX(hbox), vbox, FALSE, TRUE, 5);
    gtk_box_pack_start(GTK_BOX(hbox), label3, FALSE, FALSE, 5);
    gtk_box_pack_start(GTK_BOX(vbox), ok_button, FALSE, FALSE, 5);
    gtk_box_pack_start(GTK_BOX(hbox), password_entry, TRUE, FALSE, 5);
    gtk_container_add(GTK_CONTAINER(window), hbox);

    gtk_widget_show_all(window);

    gtk_main();

    return 0;
}
The result can be seen in the following image:

I put the source code for the last example in a test.c file and compiled it like this: 
[mythcat@desk ~]$ gcc test.c $(pkg-config --cflags --libs gtk+-3.0) -o test
[mythcat@desk ~]$ ./test
Posted by Labels: , , , , , , , , , , , ,

Saturday, September 5, 2020

Fedora 32 : Can be better? part 007.

Another article in the Can be better? series that deals with a very popular feature called SELinux. Here that in this seventh part I will introduce you to the world of SELinux in my own style of simply explaining some SElinux configurations.
Let's recap some basic elements specific to SELinux.
Multi Category Security or MCS is a discretionary implementation of the mandatory Multi Level Security
MCS basically tries to use the MLS attributes: Security Levels and Security Compartments.
MCS implemented have one or more extra fields in their Security Context tuple: user_u:role_r:type_t:s0:c0.
You can see this with id -Z.
The MLS Range contains two components, the low (classification and compartments) and high (clearance).
sensitivity label build from the low component: s2 with c1, c2 ...
MCS does have 1024 categories that can be assigned to processes and files.
On an MLS system are two special labels, SystemLow(s0) and SystemHigh (s15:c0.c255).
The upper end of the MCS range is in an MCS environment s0:c0.c1023 is SystemHigh.
By default, everything in an MCS environment has access to SystemLow or s0.
You will able to access files with s0:c122 and s0:c123 categories.
The MLS translation mechanism to give a more literal meaning to the machine-like policy used in the MLS sensitivity and category declaration.
The MLS rule says: "no read up and no write down".
The MLS model is used to enforce confidentiality.
All processes that are forced to operate with Security Level.
The s0 Security Level or SystemLow level is the lower end of the Security Level Range in an MLS environment.
If you do not have the correct configurations then the SELinux setting operation for Enforcing could generate errors in the linux operation after reboot or during Linux operation.
You will need to have the root password and return for new SELinux settings.
Let's solve this issue: put SELinux into Enforce mode but give my user possibility to use command sudo su.
First, you need to see this table:
SELinux user Description Used for
unconfined_u SELinux user meant for unrestricted users. Unconfined users have hardly any restrictions in a SELinux context and are meant for systems where only Internet-facing services should run confined (i.e. the targeted SELinux policy store). All users on a targeted system
root The SELinux user meant for the root account The Linux root account
sysadm_u SELinux user with direct system administrative role assigned Linux accounts that only perform administrative tasks
staff_u SELinux user for operators that need to run both non-administrative commands (through the staff_r role) and administrative commands (through the sysadm_r role). Linux accounts used for both end user usage as well as administrative tasks
user_u SELinux user for non-privileged accounts Unprivileged Linux accounts
system_u Special SELinux user meant for system services Not used directly
Is need to change my user mythcat to staff_u with a good MLS Range. 
[root@desk mythcat]# semanage login --modify --seuser staff_u --range s2:c100 mythcat
[root@desk mythcat]# semanage login --modify --seuser staff_u --range s0-s15:c0.c1023 mythcat
[root@desk mythcat]# semanage login -l 
[root@desk mythcat]# setenforce enforcing
[root@desk mythcat]# getenforce
Enforcing
[root@desk mythcat]# semanage login -l 
ValueError: Cannot read policy store.
After reboot need some time to load the new changes, first is the last configuration. 
[mythcat@desk ~]$ semanage login -l
ValueError: SELinux policy is not managed or store cannot be accessed.
[mythcat@desk ~]$ id -Z
staff_u:staff_r:staff_t:s0-s15:c0.c1023
[mythcat@desk ~]$ sestatus 
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: mls
Current mode: permissive
Mode from config file: permissive
Policy MLS status: enabled
Policy deny_unknown status: denied
Memory protection checking: actual (secure)
Max kernel policy version: 33
Few seconds later all is good: 
[mythcat@desk ~]$ sudo su 
[sudo] password for mythcat: 
bash: /root/.bashrc: Permission denied
bash-5.0# ls
bash-5.0# sestatus 
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: mls
Current mode: enforcing
Mode from config file: permissive
Policy MLS status: enabled
Policy deny_unknown status: denied
Memory protection checking: actual (secure)
Max kernel policy version: 33
bash-5.0# id -Z
staff_u:staff_r:staff_t:s0-s15:c0.c1023
bash-5.0# exit 
exit
[mythcat@desk ~]$ sestatus 
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: mls
Current mode: enforcing
Mode from config file: permissive
Policy MLS status: enabled
Policy deny_unknown status: denied
Memory protection checking: actual (secure)
Max kernel policy version: 33
Everything is fine for now, this delay is the reason for using the selinux kernel settings. More information about Multi-Level Security and Multi-Category Security can be found on this webpage.
Posted by Labels: , , , , , , , , , ,

Sunday, August 23, 2020

Fedora 32 : Install LibreOffice_7.0.0 .

The latest releases of LibreOffice is version 7.0.0 and is available for Fedora 32 distro from here. To install it you need to use these commands: 
[root@desk mythcat]# dnf -y update
...
[mythcat@desk ~]$ cp Downloads/LibreOffice_7.0.0_Linux_x86-64_rpm.tar.gz ~
[mythcat@desk ~]$ ls LibreOffice*
LibreOffice_7.0.0_Linux_x86-64_rpm.tar.gz
[mythcat@desk ~]$ tar xvf LibreOffice_7.0.0_Linux_x86-64_rpm.tar.gz 
LibreOffice_7.0.0.3_Linux_x86-64_rpm/
LibreOffice_7.0.0.3_Linux_x86-64_rpm/RPMS/
...
[mythcat@desk ~]$ cd LibreOffice_7.0.0.3_Linux_x86-64_rpm/
[mythcat@desk LibreOffice_7.0.0.3_Linux_x86-64_rpm]$ cd RPMS/
[mythcat@desk RPMS]$ sudo dnf install *.rpm
[sudo] password for mythcat: 
Last metadata expiration check: 2:09:12 ago on Sat 22 Aug 2020 10:33:11 PM EEST.
Dependencies resolved.
================================================================================
 Package                                    Arch   Version   Repository    Size
================================================================================
Installing:
 libobasis7.0-base                          x86_64 7.0.0.3-3 @commandline 1.8 M
 libobasis7.0-calc                          x86_64 7.0.0.3-3 @commandline 9.5 M
 libobasis7.0-core                          x86_64 7.0.0.3-3 @commandline 101 M
 libobasis7.0-draw                          x86_64 7.0.0.3-3 @commandline 6.1 k
 libobasis7.0-en-US                         x86_64 7.0.0.3-3 @commandline  88 k
...
Complete!
The last step is to run this software from Fedora 32 distro desktop environment.
Posted by Labels: , , , , , , , ,

Saturday, August 15, 2020

Fedora 32 : Accurate timekeeping with chronyd daemon.

Accurate timekeeping is important in networking because accurate time stamps in packets and logs are required.
In Linux operating systems, the NTP protocol is implemented by a daemon running in userspace.
For Fedora distro, you can choose between the daemons ntpd and chronyd. Today I will show you how to use the chronyd.
The Fedora documentation can be found on the official website.
Let's install and use this: 
[root@desk mythcat]# dnf install chrony 
...
[root@desk mythcat]# vim /etc/chrony.conf
With the vim tool now you can add the In most cases, it's best to use pool.ntp.org to find an NTP server or use servers from your country. Now, I can start and enable the daemons named chronyd and add it to the firewall. 
[root@desk mythcat]# systemctl start chronyd 
[root@desk mythcat]# systemctl status chronyd 
● chronyd.service - NTP client/server
     Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor p>
     Active: active (running) since Sat 2020-08-15 12:23:08 EEST; 9h ago
       Docs: man:chronyd(8)
             man:chrony.conf(5)
   Main PID: 10071 (chronyd)
      Tasks: 1 (limit: 11800)
     Memory: 1.0M
        CPU: 93ms
     CGroup: /system.slice/chronyd.service
             └─10071 /usr/sbin/chronyd

Aug 15 12:23:08 desk systemd[1]: Starting NTP client/server...
Aug 15 12:23:08 desk chronyd[10071]: chronyd version 3.5 starting (+CMDMON +NTP>
Aug 15 12:23:08 desk chronyd[10071]: Frequency -13.819 +/- 0.344 ppm read from >
Aug 15 12:23:08 desk chronyd[10071]: Using right/UTC timezone to obtain leap se>
Aug 15 12:23:08 desk systemd[1]: Started NTP client/server.
Aug 15 12:23:13 desk chronyd[10071]: Selected source 78.96.7.25
Aug 15 12:23:13 desk chronyd[10071]: System clock TAI offset set to 37 seconds

[root@desk mythcat]# systemctl enable chronyd 
[root@desk mythcat]# firewall-cmd --add-service=ntp --permanent 
success
[root@desk mythcat]# firewall-cmd --reload 
success
You can use it with chronyc command tool: 
[root@desk mythcat]# chronyc sources 
210 Number of sources = 4
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^+ blackmamba-g0.eff.ro          3  10   377   692  -1192us[-1273us] +/-   92ms
^+ corporate1.bluepink.ro        2  10   377   200  -1441us[-1441us] +/-   52ms
^+ static-5-2-155-141.rdsne>     2  10   377   468  +1622us[+1540us] +/-   51ms
^* dummy.upcnet.ro               2  10   377   435  -1221us[-1303us] +/-   57ms
[root@desk mythcat]# chronyc tracking
Reference ID    : 4E600719 (dummy.upcnet.ro)
Stratum         : 3
Ref time (UTC)  : Sat Aug 15 19:06:18 2020
System time     : 0.000439648 seconds fast of NTP time
Last offset     : -0.000081712 seconds
RMS offset      : 0.000591977 seconds
Frequency       : 13.753 ppm slow
Residual freq   : -0.000 ppm
Skew            : 0.235 ppm
Root delay      : 0.069966756 seconds
Root dispersion : 0.017129980 seconds
Update interval : 1036.2 seconds
Leap status     : Normal
[root@desk mythcat]# chronyc activity
200 OK
4 sources online
0 sources offline
0 sources doing burst (return to online)
0 sources doing burst (return to offline)
0 sources with unknown address
Posted by Labels: , , , , , , , , ,

Friday, August 7, 2020

Fedora 32 : First example with C# on Fedora distro.

Let's enable the COPR repository for dotnet: 
[mythcat@desk ~]$ sudo dnf copr enable @dotnet-sig/dotnet
[sudo] password for mythcat: 
Enabling a Copr repository. Please note that this repository is not part
of the main distribution, and quality may vary.

The Fedora Project does not exercise any power over the contents of
this repository beyond the rules outlined in the Copr FAQ at
,
and packages are not held to any quality or security level.

Please do not file bug reports about these packages in Fedora
Bugzilla. In case of problems, contact the owner of this repository.

Do you really want to enable copr.fedorainfracloud.org/@dotnet-sig/dotnet? [y/N]: y
Repository successfully enabled.
Install the .NET Core package: 
[mythcat@desk ~]$ sudo dnf install dotnet
Copr repo for dotnet owned by @dotnet-sig         42 kB/s |  59 kB     00:01    
Dependencies resolved.
=================================================================================
 Package                           Arch      Version            Repository  Size
=================================================================================
Installing:
 dotnet                            x86_64    3.1.106-1.fc32     updates     11 k
Installing dependencies:
 aspnetcore-runtime-3.1            x86_64    3.1.6-1.fc32       updates    6.2 M
 aspnetcore-targeting-pack-3.1     x86_64    3.1.6-1.fc32       updates    945 k
 dotnet-apphost-pack-3.1           x86_64    3.1.6-1.fc32       updates     70 k
 dotnet-host                       x86_64    3.1.6-1.fc32       updates    104 k
 dotnet-hostfxr-3.1                x86_64    3.1.6-1.fc32       updates    164 k
 dotnet-runtime-3.1                x86_64    3.1.6-1.fc32       updates     27 M
 dotnet-sdk-3.1                    x86_64    3.1.106-1.fc32     updates     41 M
 dotnet-targeting-pack-3.1         x86_64    3.1.6-1.fc32       updates    1.8 M
 dotnet-templates-3.1              x86_64    3.1.106-1.fc32     updates    1.8 M
 netstandard-targeting-pack-2.1    x86_64    3.1.106-1.fc32     updates    1.3 M

Transaction Summary
=================================================================================
Install  11 Packages

Total download size: 79 M
Installed size: 298 M
Is this ok [y/N]: 
...
Use this tutorial to install Visual Studio Code. Press Ctr-P keys to install the C# extension by OmniSharp. 
ext install ms-dotnettools.csharp
The last step is to create a application HelloWorld: 
[mythcat@desk ~]$ dotnet new console -o HelloWorld

Welcome to .NET Core 3.1!
---------------------
SDK Version: 3.1.106

----------------
Explore documentation: https://aka.ms/dotnet-docs
Report issues and find source on GitHub: https://github.com/dotnet/core
Find out what's new: https://aka.ms/dotnet-whats-new
Learn about the installed HTTPS developer cert: https://aka.ms/aspnet-core-https
Use 'dotnet --help' to see available commands or visit: https://aka.ms/dotnet-cli-docs
Write your first app: https://aka.ms/first-net-core-app
--------------------------------------------------------------------------------------
Getting ready...
The template "Console Application" was created successfully.

Processing post-creation actions...
Running 'dotnet restore' on HelloWorld/HelloWorld.csproj...
  Restore completed in 119.48 ms for /home/mythcat/HelloWorld/HelloWorld.csproj.

Restore succeeded.
You can run it with dotnet run command: 
[mythcat@desk ~]$ cd HelloWorld/
[mythcat@desk HelloWorld]$ ls
HelloWorld.csproj  obj  Program.cs
[mythcat@desk HelloWorld]$ dotnet run Program.cs 
Hello World!
Posted by Labels: , , , , , , , , , , , ,

Sunday, August 2, 2020

Fedora 32 : Play games with Steam service.

Steam is a video game digital distribution service by Valve. It was launched as a standalone software client in September 2003 as a way for Valve to provide automatic updates for their games, and expanded to include games from third-party publishers., see Wikipedia.
Is very easy to install and play a game with Fedora 32 Linux distro, just follow these commands:
[mythcat@desk ~]$ sudo dnf update --refresh
[sudo] password for mythcat: 
Fedora 32 openh264 (From Cisco) - x86_64        1.1 kB/s | 986  B     00:00    
Fedora Modular 32 - x86_64                       39 kB/s |  22 kB     00:00    
Fedora Modular 32 - x86_64 - Updates             26 kB/s |  22 kB     00:00    
Fedora 32 - x86_64 - Updates                     10 kB/s | 9.8 kB     00:00    
Fedora 32 - x86_64                               20 kB/s |  23 kB     00:01    
google-chrome                                   7.6 kB/s | 1.3 kB     00:00    
MEGAsync                                        4.7 kB/s | 1.5 kB     00:00    
MongoDB Repository                              4.4 kB/s | 2.5 kB     00:00    
RPM Fusion for Fedora 32 - Free - Updates        21 kB/s | 9.1 kB     00:00    
RPM Fusion for Fedora 32 - Free                  25 kB/s |  10 kB     00:00    
RPM Fusion for Fedora 32 - Nonfree - Updates     20 kB/s | 9.3 kB     00:00    
RPM Fusion for Fedora 32 - Nonfree               18 kB/s |  10 kB     00:00    
Visual Studio Code                              6.6 kB/s | 3.0 kB     00:00    
Dependencies resolved.
Nothing to do.
Complete!
[mythcat@desk ~]$ sudo dnf install steam -y
Last metadata expiration check: 0:00:09 ago on Sun 02 Aug 2020 04:59:49 PM EEST.
Package steam-1.0.0.64-1.fc32.i686 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[mythcat@desk ~]$ steam 
Running Steam on fedora 32 64-bit
STEAM_RUNTIME is enabled automatically
Pins potentially out-of-date, rebuilding...
...
Now you can pick a game from store steam and play it.
Posted by Labels: , , , , , , , , ,

Sunday, February 16, 2020

Fedora 31 : Can be better? part 006.

I try to use the Selinux MLS with Fedora 31 and I wrote on my last article about Fedora 31 : Can be better? part 005.
After relabeling the files and start the environment I get multiple errors and I ask an answer at fedoraproject lists:
This is an example of the problem of implementing MLS in Fedora and can be remedied because MLS Selinux is old in implementing Selinux.

SELinux is preventing su from open access on the file /var/log/lastlog.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that su should be allowed open access on the lastlog file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'su' --raw | audit2allow -M my-su
# semodule -X 300 -i my-su.pp
I try to fix it but I got this error: 
[root@desk mythcat]# ausearch -c 'su' --raw | audit2allow -M my-su
compilation failed:
my-su.te:36:ERROR 'syntax error' at token 'mlsconstrain' on line 36:
mlsconstrain file { write create setattr relabelfrom append unlink link rename mounton } ((l1 eq l2 -Fail-)  
or (t1 == mlsfilewritetoclr -Fail-)  and (h1 dom l2 -Fail-)  and (l1 domby l2)  or (t2 == 
mlsfilewriteinrange -Fail-)  
and (l1 dom l2 -Fail-)  an
# mlsconstrain file { read getattr execute } ((l1 dom l2 -Fail-)  or (t1 == 
mlsfilereadtoclr -Fail-)  
and (h1 dom l2 -Fail-)  or (t1 == mlsfileread -Fail-)  or (t2 == mlstrustedobject -Fail-) ); Constraint DENIED
/usr/bin/checkmodule:  error(s) encountered while parsing configuration
[root@desk mythcat]# ausearch -c 'su' --raw | audit2allow -M my-su
compilation failed:
my-su.te:36:ERROR 'syntax error' at token 'mlsconstrain' on line 36:
mlsconstrain file { write create setattr relabelfrom append unlink link rename mounton } ((l1 eq l2 -Fail-)  
or (t1 == mlsfilewritetoclr -Fail-)  and (h1 dom l2 -Fail-)  and (l1 domby l2)  or (t2 == 
mlsfilewriteinrange -Fail-)  
and (l1 dom l2 -Fail-)  an
# mlsconstrain file { read getattr execute } ((l1 dom l2 -Fail-)  or (t1 == 
mlsfilereadtoclr -Fail-)  
and (h1 dom l2 -Fail-)  or (t1 == mlsfileread -Fail-)  or (t2 == mlstrustedobject -Fail-) ); Constraint DENIED
/usr/bin/checkmodule:  error(s) encountered while parsing configuration...
Posted by Labels: , , , , , , , , , ,

Sunday, February 2, 2020

Fedora 31 : Can be better? part 005.

Today we have once again dealt with this topic on the possibilities of improving the Fedora distro.
This time the adventure turned to the Selinux system switching to SELinux MLS.
Let's test the SELinux Fedora 31 from default targeted to mls.
First let's see the users: 
[root@desk mythcat]# semanage user -l

                Labeling   MLS/       MLS/                          
SELinux User    Prefix     MCS Level  MCS Range                      SELinux Roles

guest_u         user       s0         s0                             guest_r
root            user       s0         s0-s0:c0.c1023                 staff_r sysadm_r system_r unconfined_r
staff_u         user       s0         s0-s0:c0.c1023                 staff_r sysadm_r system_r unconfined_r
sysadm_u        user       s0         s0-s0:c0.c1023                 sysadm_r
system_u        user       s0         s0-s0:c0.c1023                 system_r unconfined_r
unconfined_u    user       s0         s0-s0:c0.c1023                 system_r unconfined_r
user_u          user       s0         s0                             user_r
xguest_u        user       s0         s0                             xguest_r
To use the MLS you need to change this file: 
[root@desk mythcat]# vim /etc/selinux/config


# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted
The changes are: 

#SELINUX=enforcing
SELINUX=permissive
...
#SELINUXTYPE=targeted
SELINUXTYPE=mls
Is need to install these packages: 
[root@desk mythcat]# dnf search mls | grep selinux
Last metadata expiration check: 2:45:09 ago on Sun 02 Feb 2020 01:28:54 PM EET.
selinux-policy-mls.noarch : SELinux mls base policy
[root@desk mythcat]# dnf install selinux-policy-mls.noarch
...
Installed:
  mcstrans-2.9-2.fc31.x86_64                                                    
  policycoreutils-newrole-2.9-5.fc31.x86_64                                     
  selinux-policy-mls-3.14.4-45.fc31.noarch                                      

Complete!
These commands will relabel and start the MLS. 
[mythcat@desk ~]$ setenforce 0
[mythcat@desk ~]$ getenforce
Permissive
...
[root@desk mythcat]# touch /.autorelabel
[root@desk mythcat]# reboot
If you have problems on boot the add selinux=0 on boot kernel.
After I boot and relabel all files I got errors about Gtk-Messages.
I remove my old Cinnamon with this command: 
[root@desk mythcat]# dnf groupremove -y "Cinnnamon"
I list all my group with dnf tool: 
[root@desk mythcat]# dnf grouplist -v
I install the MATE environment: 
dnf groupinstall -y "MATE Desktop" --allowerasing
After that the only way to start the environement is this command: 
[mythcat@desk ~]$ sudo systemctl restart lightdm.service
Another issue comes from SELinux Alert Browser, where I get multiple alerts and these need to fix manually.
First, these alerts are more than 250.
After I fix some of these now I see only 50.
I think this problem with changing the SELinux type can be improved.
Posted by Labels: , , , , , , , , , ,

Fedora 31 : Using the dmesg command on Linux operating system.

The dmesg command is used to display the kernel-related messages on Unix like systems. Today I will show you how to use this command on the Linux operating system. Simply use the command: 
[mythcat@desk ~]$ dmesg 
[    0.000000] microcode: microcode updated early to revision 0x21, date = 2019-02-13
...
Show the latest message that fits on screen: 
[mythcat@desk ~]$ dmesg | less
...
Use it to see infoermation about motherboard: 
[mythcat@desk ~]$ dmesg | grep -i memory
...
[mythcat@desk ~]$ dmesg | grep -i dma
...
[mythcat@desk ~]$ dmesg | grep -i usb
...
[mythcat@desk ~]$ dmesg | grep -i tty
...
Same reult with a single command using multiple grep option: 
[mythcat@desk ~]$ dmesg | grep -E "memory|dma|usb|tty"
This display logs related to error and warning: 
[root@desk mythcat]# dmesg --level=err,warn
The dmesg comes with supported log facilities:
  • kern - kernel messages;
  • user - random user-level messages;
  • mail - mail system;
  • daemon - system daemons;
  • auth - security/authorization messages;
  • syslog - messages generated internally by syslogd;
  • lpr - line printer subsystem;
  • news - network news subsystem;
See output facility only for one: 
[mythcat@desk ~]$ dmesg --facility=daemon
Use root user to clear dmesg logs after the reading them: 
[root@desk mythcat]# dmesg -C
If you want then you can show the outpout into the colored messages: 
# dmesg -L
Posted by Labels: , , , , , , , , , ,

Tuesday, January 28, 2020

Fedora 31 : Can be better? part 004.

Another issue on Fedora can be linked to the management of transactions to avoid transaction lock. Let's see how can be fixed: 
[root@desk mythcat]# rpm --rebuilddb
warning: waiting for transaction lock on /var/lib/rpm/.rpm.lock
^C
[root@desk mythcat]# rm /var/lib/rpm/.rpm.lock
rm: remove regular empty file '/var/lib/rpm/.rpm.lock'? y
[root@desk mythcat]# rpm --rebuilddb
...
[root@desk mythcat]# dnf clean all
...
Waiting for process with pid 2128 to finish.
^CKeyboardInterrupt: Terminated.
[root@desk mythcat]# kill  -9 2128
[root@desk mythcat]# dnf clean all
95 files removed
Posted by Labels: , , , , , , , ,

Friday, January 24, 2020

Fedora 31 : The twa web auditor tool.

This tool comes with a good intro: A tiny web auditor with strong opinions.
The tool named twa takes one domain at a time and use these dependencies: bash 4, curl, dig, jq, and nc, along with the POSIX system.
The project can be found at GitHub repository but I can be install easy on Fedora 31 distro: 
[root@desk mythcat]# dnf install twa.noarch 
Last metadata expiration check: 0:06:08 ago on Fri 24 Jan 2020 01:57:53 PM EET.
Dependencies resolved.
================================================================================
 Package       Architecture     Version                  Repository        Size
================================================================================
Installing:
 twa           noarch           1.8.0-3.fc31             fedora            18 k

Transaction Summary
================================================================================
Install  1 Package

Total download size: 18 k
Installed size: 30 k
Is this ok [y/N]: y
Downloading Packages:
twa-1.8.0-3.fc31.noarch.rpm                      10 kB/s |  18 kB     00:01    
--------------------------------------------------------------------------------
Total                                           6.7 kB/s |  18 kB     00:02     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                        1/1 
  Installing       : twa-1.8.0-3.fc31.noarch                                1/1 
  Running scriptlet: twa-1.8.0-3.fc31.noarch                                1/1 
  Verifying        : twa-1.8.0-3.fc31.noarch                                1/1 

Installed:
  twa-1.8.0-3.fc31.noarch                                                       

Complete!
Let's see some examples with google website responses and this tool: 
[mythcat@desk ~]$ twa google.com
FAIL(google.com): TWA-0102: HTTP redirects to HTTP (not secure)
FAIL(google.com): TWA-0205: Strict-Transport-Security missing
MEH(google.com): TWA-0206: X-Frame-Options is 'sameorigin', consider 'deny'
FAIL(google.com): TWA-0209: X-Content-Type-Options missing
FAIL(google.com): TWA-0210: X-XSS-Protection is '0'; XSS filtering disabled
FAIL(google.com): TWA-0214: Referrer-Policy missing
FAIL(google.com): TWA-0219: Content-Security-Policy missing
FAIL(google.com): TWA-0220: Feature-Policy missing
PASS(google.com): Site sends 'Server', but probably only a vendor ID: gws
PASS(google.com): Site doesn't send 'X-Powered-By'
PASS(google.com): Site doesn't send 'Via'
PASS(google.com): Site doesn't send 'X-AspNet-Version'
PASS(google.com): Site doesn't send 'X-AspNetMvc-Version'
PASS(google.com): No SCM repository at: http://google.com/.git/HEAD
PASS(google.com): No SCM repository at: http://google.com/.hg/store/00manifest.i
PASS(google.com): No SCM repository at: http://google.com/.svn/entries
PASS(google.com): No environment file at: http://google.com/.env
PASS(google.com): No environment file at: http://google.com/.dockerenv
PASS(google.com): No config file at: http://google.com/config.xml
PASS(google.com): No config file at: http://google.com/config.json
PASS(google.com): No config file at: http://google.com/config.yaml
PASS(google.com): No config file at: http://google.com/config.yml
PASS(google.com): No config file at: http://google.com/config.ini
^C
The output result line looks like this:
TYPE(domain): explanation where TYPE is one of PASS, MEH, FAIL, UNK, SKIP, and FATAL., see the output example:
PASS: The test passed with flying color.
MEH: The test passed, but with one or more things that could be improved.
FAIL: The test failed and should be fixed.
UNK: The server gave us something we didn't understand.
SKIP: The server gave us something we understood, but that we don't handle yet.
FATAL: A really important test failed, and should be fixed immediately.
Another feature is scoring.
The score format is this: npasses nmehs nfailures nunknowns nskips totally_screwed.
Let's see one example: 
[mythcat@desk ~]$ twa google.com | tscore
20 37 2 7 0 0 0
The tool can be used with Alpine Docker container.
Posted by Labels: , , , , , , , , , , ,
Subscribe to: Posts (Atom)