Ubuntu Guide 12.04 Precise - Ubuntu System settings and software

Transcription

Ubuntu:Precise -
http://ubuntuguide.org/index.php?title=Ubuntu:Precise&prin...
Ubuntu:Precise
From
Ubuntu 12.04 LTS (Precise Pangolin)
Introduction
1 of 212
On April 26, 2012, Ubuntu (http://www.ubuntu.com/) 12.04 LTS was released.
It is codenamed Precise Pangolin and is the successor to Oneiric Ocelot 11.10
(http://ubuntuguide.org/wiki/Ubuntu_Oneiric) (Oneiric+1).
Precise Pangolin is an LTS (Long Term Support) release. It will be supported with security
updates for both the desktop and server versions until April 2017.
Contents
1 Ubuntu 12.04 LTS (Precise Pangolin)
1.1 Introduction
1.2 General Notes
1.2.1 General Notes
1.3 Other versions
1.3.1 How to find out which version of Ubuntu you're using
1.3.2 How to find out which kernel you are using
1.3.3 Newer Versions of Ubuntu
1.3.4 Older Versions of Ubuntu
1.4 Other Resources
1.4.1 Ubuntu Resources
1.4.1.1 Unity Desktop
1.4.1.2 Gnome Project
1.4.1.3 Ubuntu Screenshots and Screencasts
1.4.1.4 New Applications Resources
1.4.2 Other *buntu guides and help manuals
2 Installing Ubuntu
2.1 Hardware requirements
2.2 Fresh Installation
2.3 Install a classic Gnome-appearing User Interface
2.4 Dual-Booting Windows and Ubuntu
05/24/2012 07:12 AM
Ubuntu:Precise -
2 of 212
2.5 Installing multiple OS on a single computer
2.6 Use Startup Manager to change Grub settings
2.7 Dual-Booting Mac OS X and Ubuntu
2.7.1 Installing Mac OS X after Ubuntu
2.7.2 Installing Ubuntu after Mac OS X
2.7.3 Upgrading from older versions
2.7.4 Reinstalling applications after a fresh installation
2.8 Add Extra Repositories
2.8.1 Types of Repositories
2.8.1.1 Third party repositories
2.8.1.2 PPA repositories
2.8.2 Add Repositories using Synaptic Package Manager
2.8.3 Manually add repositories
2.8.3.1 Edit the repository sources list
2.8.4 Add repository keys
2.9 Package Installation and Updates
2.9.1 Apt and Package Basics
2.9.1.1 Installing .deb packages
2.9.1.2 Handling (Tar/GZip) and (Tar/Bzip2) archives
2.9.1.3 Installing a package from source
2.9.1.3.1 Create a .deb package from source files
2.9.2 Aptitude
2.9.3 Synaptic Package Manager
2.9.4 Ubuntu Software Center (Add/Remove Programs)
2.9.5 Manual Updates
2.9.6 Automated Updates
2.9.7 Repair broken packages
3 Desktop Add-ons
3.1 Gnome Eye-Candy Resources
3.2 Ubuntu Wallpaper
3.3 Change Plymouth Splash Screen
3.4 Metacity
3.5 Compiz Fusion
3.5.1 Fusion Icon
3.5.2 Rotate the Compiz Cube
3.5.3 Emerald
3.6 Google Desktop
3.7 gDesklets
3.8 Dock applications
3.8.1 Avant Window Navigator
3.8.2 Cairo Dock
3.8.3 Gnome Do
3.8.4 wbar
3.8.4.1 wbarconf
4 Virtualization
4.1 VirtualBox
4.1.1 Proprietary versions of VirtualBox
4.2 VMWare
4.2.1 VMWare Player
4.2.2 Create an Ubuntu Appliance
4.2.3 VMWare Server
05/24/2012 07:12 AM
Ubuntu:Precise -
3 of 212
4.2.3.1 VMWare Package
4.2.4 Keyboard errors in VMware guest
4.3 KVM
4.4 Qemu (without KVM)
4.5 Xen
4.6 Virtual Machine Manager
4.7 Crossover for Linux
4.8 Wine
4.8.1 PlayOnLinux
4.8.1.1 Internet Explorer 7
4.8.2 Internet Explorer 6 & 7
4.9 Transgaming Cedega
4.10 Mono
4.10.1 Moonlight
4.10.2 Java
4.11 DosBox
4.12 ScummVM
4.13 Google Android
4.13.1 Android SDK emulator
4.13.2 Android-x86 in VirtualBox
5 Edutainment Applications
6 Games
6.1 Wing Commander Privateer
6.2 Vdrift
6.3 Action
6.3.1 UrbanTerror
6.3.2 Doom
6.3.2.1 Skulltag
6.3.2.2 PrBoom
6.4 MMORPG
6.4.1 Spring
6.4.2 Regnum Online
6.4.3 PlaneShift
6.5 Dolphin (Wii emulator)
7 Internet Applications
7.1 Web Browsers
7.1.1 Mozilla Firefox
7.1.1.1 Firefox Plug-ins
7.1.1.1.1 Adblock Plus plug-in (block ads in a web page)
7.1.1.1.2 NoScript plug-in (controls scripts)
7.1.1.1.3 Bookmark Favicon Changer plug-in
7.1.1.1.4 RefreshBlocker plug-in (prevents redirects)
7.1.1.1.5 Video DownloadHelper plug-in for Firefox
7.1.1.1.6 User Agent Switcher plug-in for Firefox
7.1.1.1.7 Unplug Download Management
7.1.1.1.8 Lucifox (eBook reader extension)
7.1.1.1.9 Java Runtime Environment (JRE) for Firefox plug-in
7.1.1.1.10 Adobe Acrobat Reader for Firefox Plug-in
7.1.1.1.11 Adobe Flash Player for Firefox Plug-in
7.1.1.1.12 Gnash Plug-in (Open source Flash Player replacement)
7.1.1.1.13 VLC plug-in for Firefox
05/24/2012 07:12 AM
Ubuntu:Precise -
4 of 212
7.1.1.1.14 Gecko MediaPlayer Plug-in for Firefox
7.1.1.1.15 Kaffeine Plug-in for Firefox
7.1.1.1.16 Helix player plug-in for Firefox
7.1.1.1.17 Moonlight plugin for Firefox
7.1.1.1.18 FireFTP for Firefox
7.1.1.1.19 Firefox Widgets
7.1.1.2 Turn off browser bar drop-down list in Firefox
7.1.1.3 Turn off SSL certificate name in address bar
7.1.1.4 View Firefox cache
7.1.2 IceWeasel
7.1.3 GNUzilla IceCat
7.1.4 Opera
7.1.5 Chromium
7.1.6 Google Chrome
7.2 Download Managers
7.2.1 MultiGet
7.2.2 Usenet Clients
7.2.2.1 Pan
7.2.2.2 Kwooty
7.3 Email Clients
7.3.1 Evolution
7.3.1.1 Evolution and PGP
7.3.2 Thunderbird
7.3.2.1 Lightning calendar extension
7.3.2.2 Enigmail
7.3.2.3 New Mail Icon for Thunderbird
7.3.3 KMail
7.4 Newsreaders
7.4.1 Akregator
7.4.2 RSSOwl
7.5 Instant Messengers
7.5.1 Empathy
7.5.2 Pidgin
7.5.3 Kopete
7.5.3.1 Kopete Styles
7.5.3.2 GoogleTalk on Kopete
7.5.4 Konversation (IRC client)
7.5.5 aMSN
7.5.6 Emesene
7.6 FTP Clients
7.6.1 Filezilla
7.7 Filesharing / P2P
7.7.1 Transmission (BitTorrent Client)
7.7.2 KTorrent
7.7.3 Azureus
7.7.4 QTorrent
7.7.5 Apollon (P2P Filesharing)
7.7.6 MLDonkey (P2P eMule/eDonkey2000)
7.7.6.1 MLDonkey GUI frontends
8 Videoconferencing and VOIP
8.1 Ekiga
05/24/2012 07:12 AM
Ubuntu:Precise -
5 of 212
8.2 Skype
8.2.1 How to install Skype on a 64-bit system
8.2.2 Installing Skype repository
8.3 Wengophone
8.4 Gizmo5
8.5 Asterisk VOIP PBX system
8.5.1 Kiax
8.6 OpenSIPS / OpenSER (SIP server)
8.7 Telepathy
8.8 Web meetings
8.8.1 BigBlueButton
8.8.2 WebHuddle
8.8.3 TeamViewer
9 Privacy
9.1 PGP (Message Encryption)
9.1.1 Enigmail with Thunderbird
9.1.2 Seahorse
9.2 Web browsing
9.3 Tor (Network Privacy)
9.3.1 Vidalia (Tor interface)
9.3.2 Torbutton (Firefox plug-in)
9.4 DNS Servers and Search engines
9.5 Certificate verification
10 Proprietary Extras
10.1 Restricted Extras
11 Photos and Graphics
11.1 GIMP (Image Manipulator)
11.2 Dia (Diagram editor)
11.3 Kivio (Diagram editor)
11.4 Inkscape Vector Illustrator
11.5 Digikam (Photo Organiser)
11.6 F-spot (Photo Organiser)
11.7 Google Picasa (Photo Organiser)
11.8 Shotwell (Photo Organiser)
11.9 Tesseract (Optical Character Reader)
11.10 Cuneiform (Optical Character Reader)
11.10.1 YAGF (Cuneiform/Tesseract GUI)
11.11 Xsane (Scanning utility)
11.12 Gnome-Scan (Scanning Utility)
11.13 Gwenview (Image Manipulator)
11.14 OpenClipart (ClipArt Library)
12 Screencasts and Desktop Recording
12.1 FFMPEG with x11grab
12.2 recordMyDesktop (Desktop Session Recording)
12.2.1 Using recordMyDesktop with PulseAudio
12.3 Istanbul (Desktop Session Recording)
12.4 xvidcap (Desktop Session Recording)
12.5 WebCamStudio
12.6 Wink (Presentation Editor)
12.7 Freeseer (Presentation capture)
12.8 Screencast Demos
05/24/2012 07:12 AM
Ubuntu:Precise -
6 of 212
12.9 rtmpdump (Capture streaming video)
13 Video Applications
13.1 OpenShot
13.2 PiTiVi (Non-linear Video Editing Suite)
13.3 Avidemux (Video editor/processor)
13.4 Kino (Non-linear Video Editing Suite)
13.5 KdenLive (Non-linear Video Editing Suite for KDE)
13.6 Cinelerra (Non-linear Video Editing Suite)
13.7 LiVES (Video editor/processor)
13.8 OpenMovieEditor
13.9 Blender
13.10 Stopmotion (Animation)
13.11 Animata (Animation)
13.12 Webcam Applications
14 Audio Applications
14.1 Audacity (Audio Editor and Recorder)
14.2 Ardour (Digital Audio Workstation)
14.3 Rosegarden (Digital Audio Workstation)
14.4 Hydrogen (Drum synthesizer)
14.5 EasyTag (ID3 editor)
14.6 PuddleTag (ID3 editor)
14.7 UbuntuStudio (Ubuntu distribution customized for multimedia editing)
15 Audio / Video conversion
15.1 FFMPEG video / audio conversion
15.1.1 FFMPEG GUI
15.1.2 Join video segments
15.1.2.1 Split a file into segments
15.2 Mencoder
15.3 Save any streaming Flash video
15.3.1 Save rtmp / flv streams
15.4 Convert Flash video audio to mp3
15.5 2ManDVD
15.6 DeVeDe
15.7 ManDVD
15.8 DVD Author
15.8.1 QDVDAuthor
15.9 ToVid
15.10 Other DVD authoring programs
15.11 Ripper X CD Ripper/Encoder
15.12 Asunder CD Ripper/Encoder
15.13 Audex CD Ripper/Encoder
15.14 Gnac (GNome Audio Converter)
15.15 SOX (encodes/decodes audio)
15.15.1 Install MP3 support for SoX
16 CDs and DVDs
16.1 Brasero (CD/DVD burner)
16.2 Gnomebaker (CD/DVD burner)
16.3 K3b (CD/DVD burner)
16.3.1 Normalize audio levels
16.4 DVD Playback Capability
16.4.1 libdvdcss
05/24/2012 07:12 AM
Ubuntu:Precise -
7 of 212
16.4.2 libudf
16.5 K9copy (DVD Ripper)
16.6 Handbrake
16.7 dvd::rip
16.8 Acidrip
16.9 DVD Fab (DVD Ripper)
17 Music Players
17.1 Rhythmbox
17.1.1 Play Internet Radio through Rhythmbox
17.2 Amarok
17.2.1 Amarok themes
17.2.2 Play Shoutcast Internet Radio through Amarok
17.3 Audacious
17.4 Banshee Music Player
17.5 Exaile Music Manager and Player
17.6 Songbird Music Player
17.7 aTunes
18 Multimedia Players
18.1 MPlayer Multimedia Player
18.1.1 SMPlayer
18.1.2 Dump a video stream to disc
18.2 VLC Multimedia Player
18.2.1 VLC plugins
18.3 Xine-UI Multimedia Player
18.4 Kaffeine Video Player
18.5 RealPlayer 11 Multimedia Player
18.6 Internet TV
18.6.1 Myth TV
18.6.2 Miro Player
18.6.3 Sopcast Internet TV
18.6.4 Zattoo
18.6.5 TV Time (TV Viewer)
18.6.6 ABC iView
18.6.7 BBC iPlayer
18.6.7.1 get_iplayer (BBC program recording)
18.6.8 Netflix Android App
18.7 Internet Radio
18.7.1 Last FM
18.7.2 Shoutcast Internet Radio
18.7.3 StreamTuner Stream Directory Browser
18.7.4 Streamripper
18.8 Media Centers and PVR (Personal Video Recorder)
18.8.1 MythTV
18.8.2 Mythbuntu
18.8.3 XBMC
18.8.4 Boxee
18.8.5 Elisa
18.8.6 LinuxMCE
18.9 Multimedia Servers
18.9.1 MPD Multimedia Playing Server
18.9.2 TiMidity++ MIDI Sound Server
05/24/2012 07:12 AM
Ubuntu:Precise -
8 of 212
18.9.3 uShare UPnP A/V Media Server
19 Home Automation / Home Theater / Home Security
19.1 Complete Systems
19.1.1 Linux MCE (Media Center Edition)
19.1.2 Other systems in development
19.2 Home Security
19.2.1 Zoneminder surveillance system
19.2.1.1 Myth Zoneminder
20 Office Suites
20.1 LibreOffice
20.2 Open Office
20.2.1 Open Word 2007 Documents in Open Office
20.3 KOffice
20.4 AbiWord
20.5 GoldenDict (Multi-lingual Dictionary and Translator)
20.6 Xournal
20.7 PDF Files
20.7.1 Print to a PDF file
20.7.2 View a PDF document
20.7.3 Scan to a PDF file
20.7.4 PDF-Shuffler (PDF file management)
20.7.5 MaxView (PDF file management)
20.7.6 PDFMod (PDF file management)
20.7.7 PDFedit (PDF file editor)
20.7.8 Import PDF files into a word processor
20.7.8.1 Import PDF files into OpenOffice Writer
20.7.8.2 Import PDF files into KWord
20.7.9 PDF-XChange (PDF file editor)
20.8 DjVu files
20.9 eBooks
20.9.1 FBReader (e-book reader)
20.9.2 Calibre (eBook conversion)
20.9.3 Sigil (eBook editing and conversion)
20.9.4 eCub (eBook editing and conversion)
20.10 Scripts and Screenplays
20.11 Personal Information Managers
20.11.1 Kontact Personal Information Manager
20.11.2 Mozilla Sunbird (Calendar)
20.11.3 BasKet Note Pads
20.11.4 Planner (Project planning & management)
20.11.5 Time Tracker
21 Financial Software
21.1 KMyMoney (Personal Finance Management)
21.2 GnuCash (Personal Finance Management)
21.3 Skrooge (Personal Finance Management)
21.4 Moneydance (Personal Finance Management)
21.5 SQL-Ledger (Enterprise Finance Management)
21.6 LedgerSMB (Enterprise Finance Management)
21.7 WebERP (Enterprise Finance Management)
21.8 Phreebooks (Enterprise Finance Management)
21.9 Quasar (Enterprise Finance Management)
05/24/2012 07:12 AM
Ubuntu:Precise -
9 of 212
21.10 Stock Market monitoring software
22 Groupware
22.1 Groupware Servers
22.1.1 Kolab
22.1.1.1 Kolab Ubuntu package
22.1.1.2 Manual Kolab installation
22.1.2 Citadel
22.1.3 eGroupware
22.1.4 Open-Xchange
22.1.5 OpenGroupware
22.1.6 Zarafa
22.1.7 Zimbra
22.1.8 SchoolTool
22.1.9 SugarCRM Community Edition
22.2 Groupware Clients
22.2.1 Evolution Exchange
22.2.2 Kontact Personal Information Manager
22.2.3 KDE Groupware Wizard
22.2.4 Zimbra Desktop
22.2.5 Oracle Calendar Desktop Client
22.3 Group Calendars
22.3.1 DAViCal Calendar Server
22.3.2 Darwin Calendar Server
22.3.3 WebCalendar
22.4 Mail servers
22.4.1 Postfix / Dovecot (Mail Server)
22.4.2 iRedMail
23 Wiki software
23.1 MediaWiki
23.2 Moin Moin
23.3 Twiki
23.4 TiddlyWiki
24 Web Publishing
24.1 Drupal (Web content publishing)
24.1.1 Drupal7
24.1.2 Drupal6
24.1.2.1 Installation quirks
24.1.2.1.1 Exim vs. Postfix
24.2 WordPress
24.3 Joomla (Web content publishing)
24.4 Scribus (Desktop publishing)
24.5 Plone (Content Management System)
24.6 Gallery (Photo album website)
24.7 phpBB (Forums)
25 Distance teaching
25.1 Moodle
25.2 Claroline
25.3 Dokeos
26 Software Development
26.1 Kompozer Web Development Editor
26.2 Quanta Plus (Web IDE)
05/24/2012 07:12 AM
Ubuntu:Precise -
10 of 212
27
28
29
30
31
32
26.3 Netbeans IDE
26.4 BlueFish Web Development Editor
26.5 Gobby (Multi-user development)
26.6 Eclipse IDE
Version control software
27.1 Git
27.1.1 SparkleShare (Git frontend)
27.2 Personal repositories
27.2.1 mini-dinstall
27.2.2 Debarchiver
27.3 FTP (online file transfer)
27.4 WebDAV (online folders)
Maps and GPS
28.1 Google Earth
28.1.1 Troubleshooting
28.1.2 Uninstall Google Earth
28.2 GPS
Celestial (Star) Maps
29.1 Celestia
29.2 Stellarium
Science, Technology, and Engineering Applications
30.1 Health applications
30.1.1 OpenEMR (Electronic Health Record)
30.1.2 VistA (Enterprise Electronic Health Record)
30.2 CAD
30.3 Mathematical solutions
30.3.1 Octave
30.3.2 Freemat
30.3.3 Maxima
30.3.4 Mathomatic
30.4 Amateur Radio applications
30.5 Amateur Electronics
30.5.1 Arduino
30.6 LaTeX
30.6.1 LyX
30.6.2 LaTeX Reference Managers
Miscellaneous software (not endorsed by this guide)
31.1 JBidwatcher
Utilities
32.1 Archiving Utilities
32.1.1 ZIP
32.1.1.1 FileRoller (Archiving GUI)
32.1.1.2 X-archiver (Archiving GUI)
32.1.2 BChunk
32.1.3 HJSplit Files Joiner/Splitter
32.1.4 Rar
32.1.5 Unrar
32.1.6 7-Zip
32.2 Hard Drive Utilities
32.2.1 KDiskFree (Hard drive properties monitor)
32.3 Clock Utilties
05/24/2012 07:12 AM
Ubuntu:Precise -
11 of 212
33
34
35
36
32.4 Screensavers
32.5 Partition Managers
32.5.1 GParted Partition Manager
System Backup and Recovery
33.1 Rsync
33.1.1 GRsync
33.2 Bacula
33.3 SBackup
33.4 Keep (Backup and Recovery)
33.5 Partimage (Partition backup)
33.6 cp
33.7 dd
33.8 FSArchiver (Filesystem Archiver)
System Rescue and Cloning Utilities
34.1 System Rescue CD
34.2 Clonezilla
34.3 Disk Imaging software
34.4 Ubuntu Customization Kit
34.5 Remastering software
34.6 Run (K)Ubuntu LiveCD from a USB pendrive
34.6.1 USB Creator
34.6.2 Create a boot CD to allow booting from the USB drive
User Administration
35.1 Users and Groups
35.2 Timekpr (Parental controls)
35.3 Web content filtering
System Administration
36.1 Automating Tasks
36.2 Boot Menu
36.2.1 Login Menu settings
36.2.2 Automating bootup options
36.2.3 GRUB boot manager settings
36.2.3.1 Grub2
36.2.3.1.1 Grub2 background image, colors, fonts
36.2.3.1.2 Change the default menu item
36.2.3.1.3 Protecting Grub2 from cracking
36.2.3.2 GRUB Legacy
36.2.3.2.1 Chainloading Grub2 from Grub Legacy
36.2.3.2.2 Protecting Grub Legacy from cracking
36.3 Default Applications
36.4 Kill a process
36.5 Enabling NUM LOCK On Startup
36.6 Working with Menus
36.7 Create an encrypted folder
36.8 Create a symlink from a file to another location
36.9 Assign a root password
36.10 Get a root prompt without using a root password
36.11 Use the File Manager as root
36.12 Manually Mount and Unmount a device
36.13 Windows Compatibility
36.13.1 Mounting NTFS Partitions (with read/write privileges)
05/24/2012 07:12 AM
Ubuntu:Precise -
12 of 212
36.13.2 Mounting FAT32 Partitions
36.14 Synchronize clock to network time server
37 Hardware
37.1 CPU and motherboard
37.1.1 Disable CPU Frequency scaling
37.1.2 libsensors
37.1.3 Sensors-applet (Motherboard monitoring)
37.2 Graphics Cards
37.2.1 Frequency Out of Range / Choose New Resolution
37.2.2 Install Latest Nvidia/ATI drivers
37.2.3 Intel integrated graphics cards
37.2.3.1 Intel graphics resolution problems
37.2.3.2 Screen Keeps Flickering
37.2.4 Reconfigure xserver-xorg
37.2.4.1 xorg.conf
37.2.4.1.1 xorg.conf for nvidia
37.2.4.1.2 xorg.conf for intel
37.2.5 Installation of ATI and nVidia Graphics drivers
37.2.5.1 nVidia Driver
37.2.5.2 ATI Driver
37.3 Monitors / Displays
37.3.1 Turn off power saving
37.3.2 Configure Dual Monitors with nVidia
37.4 Hard Drives and USB Storage
37.5 Optical Drives
37.6 Printers & Scanners
37.6.1 Add a Printer
37.6.1.1 Change default CUPS printer margins
37.6.2 Brother printers
37.6.3 HP Printers
37.7 Sound
37.7.1 PulseAudio
37.7.1.1 HDMI with PulseAudio
37.7.1.2 Recording with PulseAudio
37.7.2 Airport Express
37.7.2.1 Airport Express with Pulse Audio
37.7.2.1.1 Troubleshooting
37.7.2.2 raop-client (Airport Express streaming)
37.7.2.3 GSTransmit (Airport Express streaming)
37.7.2.4 Airfoil (Airport Express streaming)
37.8 Mice
37.8.1 Activate side-mouse-buttons in FireFox
37.9 Touchpad
37.10 Wacom Pen Tablets
37.11 Fingerprint Readers
37.12 Remote Controls
37.12.1 LIRC (Infrared Remote Controls)
37.12.2 Remuco (Bluetooth and WiFi Remote Controls)
37.13 Bluetooth
37.13.1 WiiMote
37.14 USB
05/24/2012 07:12 AM
Ubuntu:Precise -
13 of 212
37.15 Wireless Cards
37.15.1 Atheros Cards
37.15.1.1 Atheros AR242x
37.16 3G
37.16.1 he220r1
37.16.2 T-Mobile Option 225 (Web'N'Walk) Stick
37.16.3 Virgin Huawei e169
37.16.4 EVDO Cards
37.16.4.1 Sprint
37.16.4.2 Verizon
37.16.4.2.1 Tethering your PC to your Verizon cell phone
37.17 Digital Cameras
37.18 WebCams
37.18.1 EasyCam
37.18.2 iSight
37.18.3 Luvcview (USB webcam viewer)
37.19 Netbooks
37.19.1 Acer Aspire One
37.20 Palm
37.21 Mobile Devices
37.22 MP3 / Video Players
37.22.1 Sansa Fuze
37.22.2 MachSpeed Trio
37.23 Speech Recognition
38 Networking
38.1 Network Manager
38.2 Wicd Network Manager
38.3 Set a static IP address
38.3.1 Manual configuration from the command-line
38.4 Internet connection sharing (DHCP server)
38.4.1 Using a nested wireless LAN router
38.4.2 Network Interfaces Bridging
38.5 Using Dynamic IP addresses for a webserver
38.6 Filesharing
38.6.1 NFS
38.6.2 Samba File Sharing
38.6.2.1 Samba client
38.6.2.2 Samba server
38.6.2.3 Change your Workgroup
38.6.2.4 Recognizing Win98 machines
38.6.3 Integrating into Mac OS X Network
38.6.4 FTP Server
38.6.4.1 vsftpd
38.6.4.2 proftpd
38.6.5 WebDAV
38.7 Local Area Network
38.8 Modems / Dial-up
38.8.1 Gnome PPP and wvdial
38.8.2 GPPP
39 Remote Access
39.1 SSH
05/24/2012 07:12 AM
Ubuntu:Precise -
14 of 212
39.1.1 Connect to a remote SSH server
39.1.1.1 From the command-line terminal
39.1.1.2 Port forwarding through SSH
39.1.2 PuTTY
39.1.2.1 Using keys created by Puttygen in OpenSSH
39.1.3 Connect using SSH Agent
39.1.4 Setup an SSH server
39.1.4.1 Limit authorized SSH users
39.1.4.2 OpenSSH Public Key Authentication
39.1.4.3 Connect with SSH and start an application with a single command
39.1.4.4 Automate SSH connections that require a password
39.2 VNC
39.2.1 Vino Remote Desktop VNC server
39.2.1.1 How to securely use VNC with SSH tunneling
39.2.2 X11VNC Server
39.2.2.1 Using VNC with SSH
39.2.3 Vinagre VNC client
39.2.4 Terminal Server Client
39.2.5 Krdc VNC client
39.2.5.1 Using a VNC client with SSH
39.2.6 XVNC4Viewer VNC Client
39.2.7 Automatic user login (for use with VNC)
39.3 FreeNX
39.3.1 FreeNX Server
39.3.2 FreeNX Client
39.4 XDMCP
39.4.1 Telnet
39.5 VPN clients
39.5.1 VPN through Network Manager
39.5.2 vpnautoconnect (vpn daemon)
39.5.3 Other VPN clients
39.6 VPN servers
39.6.1 OpenVPN
39.6.2 Poptop (PPTP Server)
39.6.3 OpenSwan
40 Security
40.1 Firewall
40.1.1 Firestarter
40.1.1.1 Firestarter fails to open system log
40.1.2 Guarddog
40.1.3 Uncomplicated Firewall
40.1.3.1 Gufw
40.2 Anti-virus
40.2.1 ClamAV
40.2.1.1 ClamTk (ClamAV GUI)
40.2.2 AVG
40.2.3 Avast
40.3 Anti-spam
40.3.1 Spam Assasin
40.4 Rootkit checkers
40.4.1 Chkrootkit
05/24/2012 07:12 AM
Ubuntu:Precise -
15 of 212
41
42
43
44
45
40.4.2 Rootkit Hunter
40.4.3 Malicious commands to avoid
40.5 USB drives
40.6 Prevent unauthorized boots and system access
Network Monitors
41.1 Netstat
41.2 Etherape (Network monitoring)
41.3 List open files
41.4 Nmap
41.4.1 Nmap GUI
41.5 Nessus
41.6 Snort
41.6.1 AcidBase
41.7 AppArmor
41.7.1 Disable AppArmor
41.8 SELinux
41.9 Knockd (Port security)
Network Management
42.1 Nagios
42.2 Munin
42.3 Cacti Monitoring Server
42.4 Cluster SSH
42.5 Enterprise Network Firewall
42.5.1 IPCop
42.5.2 SmoothWall
42.5.3 Endian
LTSP (Thin client support)
43.1 LTSP Server
43.2 LTSP Client
43.3 iTALC (Thin client for Education)
43.4 Internet Cafe software
43.4.1 OutKafe
43.4.2 OpenKiosk
43.4.3 CafePilot
43.4.4 Miscellaneous solutions
43.4.5 Pessulus (Lockdown Editor)
Cluster (cloud) computing
44.1 OpenStack cloud
44.2 Eucalyptus cloud
44.3 Beowulf
44.3.1 A warning about distributed computing
44.3.2 BOINC (Berkeley Open Infrastructure for Network Computing)
Servers
45.1 Ultimate Server Walkthrough
45.2 Add a desktop to an Ubuntu Server
45.3 LAMP server installation
45.3.1 Apache2 + MySQL + PHP
45.4 Other servers
45.4.1 eBox (server and network manager)
45.4.2 OpenSSH server
45.4.3 Mail Server
05/24/2012 07:12 AM
Ubuntu:Precise -
16 of 212
46
47
48
49
50
51
52
45.4.4 Bind9 (DNS server)
45.4.5 Apache Tomcat (Java server)
45.4.6 Xen virtual machine host
45.4.7 Print server
45.4.8 OpenLDAP
45.4.9 Proxy server
45.4.9.1 Squid
45.4.9.2 Privoxy
45.4.10 Reverse proxy Servers and Load Balancers
45.4.10.1 Pound (Reverse proxy and load balancer)
45.4.10.2 Apache Reverse proxy
45.4.11 Control panels
Network Attached Servers
46.1 FreeNAS
Setup RAID in Ubuntu/Kubuntu
Databases
48.1 PostgreSQL
48.2 MySQL
Tips & Tricks
49.1 Run Command
49.2 Turn off Hot Keys
49.3 Associate default applications
49.4 Automatic user login
49.5 Autostart a program at bootup
49.6 Choose Bootup/Startup services
49.7 Run a script from a menu item
49.8 SHC (Encrypt scripts)
49.9 Capture a screenshot
49.10 Customize desktop to look like KDE
49.11 Run a KDE 4 desktop from Ubuntu
49.12 Run a KDE 3 desktop from Ubuntu
49.13 Kill (end) a process
49.14 View hidden files
49.15 Mute notifications (alerts)
49.16 Random password generator
49.17 Password checker and enforcement
49.18 MD5Sum
49.19 Filenames with spaces
49.20 Alien
Software Troubleshooting
50.1 Permissions error on program startup
50.2 CD-ROM Troubleshooting
Licenses
51.1 GPL license
51.2 LGPL license
51.3 Apache license
51.4 BSD license
51.5 Proprietary licenses
Requests
52.1 eBook version of this guide
52.2 Import this guide into another wiki
05/24/2012 07:12 AM
Ubuntu:Precise -
52.3 Other requested topics
52.4 Public Service Announcement
General Notes
General Notes
This is the original Ubuntuguide. You are free to copy this guide but not to sell it or any
derivative of it. Copyright of the names Ubuntuguide and Ubuntu Guide reside solely with
this site. This Ubuntu help guide is neither sold nor distributed in any other medium.
Beware of copies that are for sale or are similarly named; they are neither endorsed nor
sanctioned by this guide. Ubuntuguide is not associated with Canonical Ltd nor with any
commercial enterprise.
Ubuntu allows a user to accomplish tasks from either a menu-driven Graphical User
Interface (GUI) (http://en.wikipedia.org/wiki/Graphical_user_interface) or from a text-based
command-line interface (CLI) (http://en.wikipedia.org/wiki/Command-line_interface) . In
Ubuntu, the command-line-interface terminal is called Terminal, which is started:
Menu -> File -> Open Terminal
Text inside the grey dotted box like this should be put into the command-line Terminal.
Many changes to the operating system can only be done by a User with Administrative
privileges. 'sudo' elevates a User's privileges to the Administrator level temporarily (i.e.
when installing programs or making changes to the system). Example:
sudo bash
'gksudo' can be used instead of 'sudo' when opening a Graphical Application through the
"Run Command" dialog box or as a menu item. Example:
gksudo gedit /etc/apt/sources.list
Many file management tasks can be accomplished with root Administrative privileges
by starting the Nautilus file manager in a similar fashion. (Use 'gksudo' if starting
Nautilus from a menu item.)
gksudo nautilus
or
sudo nautilus
17 of 212
"man" command can be used to find help manual for a command. For example, "man sudo"
will display the manual page for the "sudo" command:
05/24/2012 07:12 AM
Ubuntu:Precise -
man sudo
While "apt-get" and "aptitude" are fast ways of installing programs/packages, you can also
use the Synaptic Package Manager, a GUI method for installing programs/packages. Most
(but not all) programs/packages available with apt-get install will also be available from the
Synaptic Package Manager. In this guide, when you see
sudo apt-get install package
you can search for package in Synaptic and install it that way.
Many instructions use the text editor "nano" (which is universally available in Linux).
However, it is often easier to use the text editor "gedit" in Ubuntu instead.
"Menu" refers to the menu bar at the top (or bottom) of the desktop, akin to the Start menu
in Microsoft Windows or the Menu bar of the Apple Macintosh.
If you are using the 64-bit version, replace any "i386" with "amd64"
Other versions
How to find out which version of Ubuntu you're using
Open the command terminal and type:
lsb_release -a
How to find out which kernel you are using
uname -a
Newer Versions of Ubuntu
Ubuntu has a six month release cycle, with releases in April and October.
Older Versions of Ubuntu
18 of 212
Oneiric Ocelot (11.10) (http://ubuntuguide.org/wiki/Ubuntu_Oneiric) (supported until April
2013)
Natty Narwhal (11.04) (http://ubuntuguide.org/wiki/Ubuntu:Natty) (supported until October
2012)
Maverick Meerkat (10.10) (http://ubuntuguide.org/wiki/Ubuntu:Maverick) (supported until
April 2012)
Lucid Lynx (10.04) (http://ubuntuguide.org/wiki/Ubuntu:Lucid) (Long Term Support version
with desktop support until April 2013 and server support until April 2015)
Karmic Koala (9.10) (http://ubuntuguide.org/wiki/Ubuntu:Karmic) (no longer supported)
Jaunty Jackalope (9.04) (http://ubuntuguide.org/wiki/Ubuntu:Jaunty) (no longer supported)
Hardy Heron (8.04 LTS) (http://ubuntuguide.org/wiki/Ubuntu:Hardy) (Long Term Support
version with desktop support until April 2011 and server support until April 2013)
Dapper Drake (6.06 LTS) (http://ubuntuguide.org/wiki/Ubuntu_dapper) (no longer
05/24/2012 07:12 AM
Ubuntu:Precise -
supported)
See this complete list (http://ubuntuguide.org/wiki/All_Versions) of older and newer
versions.
Other Resources
Ubuntu Forums (http://ubuntuforums.org/) has a large community for online solutions and
specific help.
Ubuntu Resources
Unity Desktop
Unity (http://en.wikipedia.org/wiki/Unity_%28desktop_environment%29) is the default desktop
environment used in Ubuntu. It is compatible with the GTK platform used by Gnome. It was
designed to be used for netbooks, but is developed by Canonical to be useful on all types of
devices.
Gnome Project
Gnome3 (http://www.gnome.org/) is an alternative desktop available for Ubuntu, and a list of
Gnome projects (http://projects.gnome.org/) is available.
Installation method 1 (https://launchpad.net/~gnome3-team/+archive/gnome3) :
sudo
sudo
sudo
sudo
add-apt-repository ppa:gnome3-team/gnome3
apt-get update
apt-get dist-upgrade
apt-get install gnome-shell
Installation method 2 (https://launchpad.net/~ubuntugnometeam) :
sudo
sudo
sudo
sudo
sudo
add-apt-repository ppa:ubuntugnometeam/gnome3
add-apt-repository ppa:ubuntugnometeam/ppa-gen
apt-get update
apt-get install ugr-desktop-g3
apt-get dist-upgrade
Ubuntu Screenshots and Screencasts
What is Ubuntu? (http://www.ubuntu.com/ubuntu)
Ubuntu 11.04 Unity Desktop (http://www.youtube.com/watch?v=HMztaKt_1_E) and other
YouTube videos (http://www.youtube.com/results?search_query=ubuntu+11.04&aq=f) .
New Applications Resources
19 of 212
GetDeb (http://www.getdeb.net) - Features the latest versions of software available from
the official repositories as well as software not available in the official repositories. Available
in easy-to-install .deb files (see Apt and Package Basics).
Top 100 Open source Applications (http://ubuntulinuxhelp.com/top-100-of-the-best-usefulopensource-applications/)
05/24/2012 07:12 AM
Ubuntu:Precise -
Linux Alternatives (http://www.linuxalt.com/)
See our full list of add-on applications.
Other *buntu guides and help manuals
Kubuntuguide (http://ubuntuguide.org/wiki/Kubuntuguide) -- Kubuntu uses the popular KDE
desktop environment
Lubuntu (https://wiki.ubuntu.com/Lubuntu) -- Lubuntu can run with as little as 256 Mb RAM.
It is better for older machines with limited resources.
Edubuntu (http://www.edubuntu.org/Download) -- Edubuntu is a collection of software
bundles optimized for use in educational environments. LTSP (thin client terminal server
support) and many networking tools are bundled. A version for use with KDE (Kubuntu) is
available.
SkoleLinux / DebianEdu (http://www.slx.no/en/take-a-tour) -- a collection of (open-source)
educational tools for Debian/Ubuntu Linux
Ubuntu Doctors Guild (http://ubuntudoctorsguild.dyndns.org/) -- a collection of tips for using
(K)Ubuntu Linux in health care environments
official Ubuntu Server Guide (https://help.ubuntu.com/12.04/serverguide/C/index.html) -- a
good starting reference for server packages
Installing Ubuntu
Warning: During installation from the LiveCD, there is an option to install the boot loader to
/dev/sda, which really installs the Grub2 boot loader to both the MBR (Master Boot Record) as
well as the partition into which (K)Ubuntu will be installed. Pay careful attention during this step
if your system uses a boot partition, uses multiple OS (more than 2), or chainloads bootloaders.
For systems with such a boot partition, it is best NOT to overwrite the MBR. In this case, the boot
loader should only be installed to the partition in which the (K)Ubuntu OS itself will be installed.
(For example, if (K)Ubuntu will be installed to /dev/sda6, then only install the boot loader to
/dev/sda6, not to /dev/sda. The text based installer used in the Server and Alternate versions
asks whether to install the bootloader into the MBR. Answer "no" to this question, and then
proceed to install the bootloader to /dev/sda6 only.)
Hardware requirements
Ubuntu Precise Pangolin runs well with as little as 384 Mb RAM. (The GUI installer requires a
minimum of 256 Mb RAM, while the alternative text-based installer can run using only 192 Mb
RAM.) Netbooks can run Ubuntu Precise Pangolin, which has been optimised for that platform.
The installation takes between 3-4 Gb hard drive space, and 8 - 10 Gb will be needed to run
comfortably. (However, at least 25-30 Gb will likely be needed for routine usage.)
If you have an older computer with less memory than this, consider Lubuntu
(https://wiki.ubuntu.com/Lubuntu) (if 160 Mb RAM or greater), PuppyLinux
(http://www.puppylinux.org/) (if 256 Mb or greater), or DSL (http://damnsmalllinux.org/) (if
minimal RAM, limited hard drive space, running from a USBdrive, or running from within another
OS).
Fresh Installation
20 of 212
Download the latest ISO image from Ubuntu 12.04 LTS (http://www.ubuntu.com/desktop
05/24/2012 07:12 AM
Ubuntu:Precise -
/get-ubuntu/download) .
See this guide (http://help.ubuntu.com/community/BurningIsoHowto) for burning the ISO
image to a CD ("LiveCD").
Use the LiveCD for installation.
The Alternate CD version (http://www.ubuntu.com/download/desktop/alternativedownloads) also allows the use of the same fast text-based installer used in the Server
version (requiring less RAM), and there are more installation options than on the Desktop
CD ("Regular Download").
Another method involves installing the Server version first and then installing the Ubuntu
desktop.
A LiveCD can also be transferred to a USB flashdrive (using usb-creator-gtk) and the USB
flashdrive then used to install Ubuntu on systems without CD drives. (Also see the Ubuntu
Official documentation (http://www.ubuntu.com/download/help/create-a-usb-stickon-ubuntu) or the Ubuntu Community documentation (http://help.ubuntu.com/community
/Installation/FromUSBStick) .) Installing from USB is generally much faster than from a CD.
Install a classic Gnome-appearing User Interface
A Gnome 3.4 interface gnome-shell (http://live.gnome.org/GnomeShell) can be installed,
and a choice (from the Login Manager) of running in Unity or Gnome 3 will then be
available:
sudo apt-get install gnome-shell
A user interface resembling the classic Gnome 2 interface (used in Ubuntu Lucid Lynx and
earlier versions) can be installed. (This installs the gnome-shell modules as well.) A choice
of running Unity or Gnome as the desktop environment will then be available from the
Login Manager.
sudo apt-get install gnome-session-fallback
A complete Ubuntu Gnome Shell Remix (http://ubuntu-gs-remix.sourceforge.net/p/home/)
OS (an unofficial Ubuntu derivative) is also available from which the Unity desktop
environment has been removed entirely, and is more similar to a Debian
(http://wiki.debian.org/) distribution with a Gnome (http://www.gnome.org/gnome-3/)
desktop.
Of course, if you would like to use Ubuntu with the popular and powerful KDE
(http://kde.org/applications/) desktop, use Kubuntu.
Dual-Booting Windows and Ubuntu
A user may experience problems dual-booting Ubuntu and Windows. In general, a Windows OS
should be installed first, because its bootloader is very particular. A default Windows installation
usually occupies the entire hard drive, so the main Windows partition needs to be shrunk,
creating free space for the Ubuntu partitions. (You should clean up unnecessary files and
21 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
defragment the drive before resizing.) See changing the Windows partition size.
After shrinking a Windows partition, you should reboot once into Windows prior to installing
Ubuntu or further manipulating the partitions. This allows the Windows system to automatically
rescan the newly-resized partition (using chkdsk in XP or other utilities in more recent versions
of Windows) and write changes to its own bootup files. (If you forget to do this, you may later
have to repair the Windows partition bootup files manually using the Windows Recovery
Console.)
Newer installations of Windows use two primary partitions (http://en.wikipedia.org
/wiki/Disk_partitioning#PC_partition_types) (a small Windows boot partition and a large Windows
OS partition). An Ubuntu Linux installation also requires two partitions -- a linux-swap partition
and the OS partition. The Linux partitions can either be two primary partitions or can be two
logical partitions within an extended partition. Some computer retailers use all four partitions on
a hard drive. Unless there are two free partitions available (either primary or logical) in which to
install Ubuntu, however, it will appear as if there is no available free space. If only one partition
on a hard drive can be made available, it must be used as an extended partition (in which
multiple logical partitions can then be created). Partition management can be done using the
GParted utility.
If there are only two existing primary partitions on a hard drive (and plenty of free space on it)
then there will be no problem installing Ubuntu as the second operating system and it is done
automatically from the Ubuntu LiveCD. Allow the Ubuntu LiveCD to install to "largest available
free space." Alternatively, if there is an extended partition with plenty of free space within it, the
Ubuntu LiveCD will install to this "largest available free space" as well.
The main Windows partition should be at least 20 Gb (recommended 30 Gb for Vista/Windows
7), and a Ubuntu partition at least 10 Gb (recommended 20 Gb). Obviously, if you have plenty of
disk space, make the partition for whichever will be your favoured operating system larger. For a
recommended partitioning scheme, see this section.
Conversely you can install a retail version of Windows (but not an OEM or recovery version) after
Ubuntu by creating a primary NTFS partition using GParted. (You may have to use GPparted from
a Live CD/USB). Once the primary NTFS partition is created you can boot your Windows CD/DVD
and choose to install Windows to that NTFS partition. When installation is complete, reboot to
insure Windows boots properly. Once that is ascertained, use the Ubuntu Live CD/USB to install
GRUB back to the MBR. (This is necessary because Windows overwrites the MBR and designates
its own bootloader as the master bootloader.) Once GRUB is installed you will be able to boot
either OS.
Alternatives include:
22 of 212
Wubi (http://www.ubuntu.com/getubuntu/download-wubi) (Windows-based Ubuntu
Installer), an officially supported dual-boot installer that allows Ubuntu to be run mounted
in a virtual-disk within the Windows environment (which can cause a slight degradation in
performance). Because the installation requires an intact functioning Windows system, it is
recommended to install Ubuntu in this manner for short-term evaluation purposes only. A
permanent Ubuntu installation should be installed in its own partition, with its own
filesystem, and should not rely on Windows.
EasyBCD (http://neosmart.net/dl.php?id=1) , a free Windows-based program that allows
you to dual-boot Windows 7/Vista and Ubuntu (http://neosmart.net/wiki/display
/EBCD/Ubuntu) (as well as other operating systems) by configuring the Windows 7/Vista
bootloader.
05/24/2012 07:12 AM
Ubuntu:Precise -
Installing multiple OS on a single computer
Warning: During installation from the LiveCD, there is an option to install the boot loader to
/dev/sda, which really installs the Grub2 boot loader to both the MBR (Master Boot Record) as
well as the partition into which (K)Ubuntu will be installed. Pay careful attention during this step
if your system uses a boot partition, uses multiple OS (more than 2), or chainloads bootloaders.
For systems with such a boot partition, it is best NOT to overwrite the MBR. In this case, the boot
loader should only be installed to the partition in which the (K)Ubuntu OS itself will be installed.
(For example, if (K)Ubuntu will be installed to /dev/sda6, then only install the boot loader to
/dev/sda6, not to /dev/sda. The text based installer used in the Server and Alternate versions
asks whether to install the bootloader into the MBR. Answer "no" to this question, and then
proceed to install the bootloader to /dev/sda6 only.)
If you want to install more than 2 operating systems on a single computer, check out these tips.
Also see these tips regarding manipulating partitions.
Use Startup Manager to change Grub settings
Grub is a bootup utility that controls which OS to load by default and other bootup settings. You
can change Grub settings from Startup Manager (http://sourceforge.net/projects/startupmanager/) , a GUI that is able to manage settings for Grub (Grub Legacy), Grub 2, Usplash, and
Splashy. Also see the Ubuntu Community help (https://help.ubuntu.com/community
/StartUpManager) page for Startup Manager usage instructions. Install:
sudo apt-get install startupmanager menu
Run:
Menu -> System -> Administration -> Startup Manager
Note: You can also edit the Grub settings manually from the command-line interface.
Dual-Booting Mac OS X and Ubuntu
Also see these tips for installing multiple OS.
Mac OS X has a similar structure to Linux (it is BSD Unix based). Dual-booting Mac OS X and
Ubuntu detailed instructions can be found here (https://help.ubuntu.com/community/MacBook) .
Installing Mac OS X after Ubuntu
If you decide to dual boot with OS X, choose ext2 as your partition type during the Ubuntu
installation. (For this the Super Grub Disk CD is a useful utility. You can download the Super
Grub .iso image file at forjamari.linex.org (http://supergrub.forjamari.linex.org) and burn the
image to a CD-ROM.)
Once you have installed Ubuntu, edit the Grub start-up list:
sudo nano /boot/grub/menu.lst
23 of 212
and add the following lines:
05/24/2012 07:12 AM
Ubuntu:Precise -
title Mac OS X
root (hd0,0)
makeactive
chainloader +1
Reboot your Mac and go to the terminal in Max OS X (if you have any issues booting, boot from
your Mac OS X DVD). Press F8 and enter -s. Enter:
fdisk -e /dev/rdisk0
flag 2 <--note that flag 2 is my Mac partition number two
quit
y
reboot
If are still unsure whether it is working correctly, use the Super Grub Disk CD and make
grub active.
Installing Ubuntu after Mac OS X
If you get an error message during boot such as HFS+error in the bootloader, you can also
use the Super Grub Disk for recovering Linux GRUB and the Windows MBR (Master Boot
Record).
Once you have installed Ubuntu, edit the Grub start-up list:
title Mac OS X
root (hd0,0)
makeactive
chainloader +1
If you have issues with Mac OSX or Windows in GRUB, try changing the Mac OS X Grub
entry
change root (hd0,0) to root (hd0,1)
This means you will boot into partition number 1. You can try any partition number until you get
it right.
Upgrading from older versions
Also see the Ubuntu desktop upgrade documentation (https://help.ubuntu.com/community
/UpgradeNotes) and Precise upgrade documentation (specific to Ubuntu)
(https://help.ubuntu.com/community/PreciseUpgrades) .
There are several methods for upgrades from the command-line interface (Konsole) (which can
be used for both the desktop and server editions of Kubuntu/Ubuntu).
This is the preferred method:
sudo apt-get install update-manager-core
24 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo do-release-upgrade
You can also use the update-manager (all editions):
sudo apt-get install update-manager
sudo update-manager -d
You can also use:
sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
(Note: the first two lines simply make sure your current distribution is current before
upgrading the entire distribution, and are optional.
Always backup your system. Upgrades do not generally work for me, because I often make
customizations to my older installations (to make my hardware work with them) but these
customizations are often not required in the newest version. When the system then attempts to
migrate my customizations (during an attempted upgrade), it often crashes my new system.
(Fortunately, I always back up my important files, and reinstalling them on a fresh OS
installation is therefore usually accomplished relatively quickly.) Here are some of the steps I
have sometimes needed to take when performing upgrades.
In general, upgrades must be done serially from one version to the next in order.
Reinstalling applications after a fresh installation
If you upgrade your Ubuntu system with a fresh installation, it is possible to mark the packages
and services installed on your old system (prior to the upgrade) and save the settings
("markings") into a file. Then install the new version of Ubuntu and allow the system to reinstall
packages and services using the settings saved in the "markings" file. For instructions, see this
Ubuntu forum thread (http://ubuntuforums.org/showthread.php?t=1057608) . In brief:
On the old system:
Synaptic Package Manager -> File -> Save Markings
Save the markings file to an external medium, such as a USB drive.
Complete the backup of your system's other important files (e.g. the /home directory)
before the installation of the new system.
In the freshly-installed new system:
Synaptic Package Manager -> File -> Read markings and load the file on your USB drive (or
other external storage) previously saved.
Note: Many packages, dependencies, and compatibilities change between version of Ubuntu, so
this method does not always work. Automated updates remains the recommended method.
25 of 212
Alternatively you can use this command-line method.
Prior to the clean installation. run:
05/24/2012 07:12 AM
Ubuntu:Precise -
dpkg --get-selections > ~/my-packages
This creates a my-packages file in the ~ (home) directory which will contain a list of
the packages installed on the old system. Copy this file to a safe place (as you will
need it after the new installation).
Proceed with the clean installation. Enable the same repositories that were enabled in
the old system.
Now copy the my-packages file to the ~ (/home) folder. Run:
sudo dpkg --set-selections < my-packages && sudo apt-get dselect-upgrade
Any packages that you had installed (that are in the new repositories) will now be
installed. Excluded will be any manually-installed packages (that are not in the new
repositories) and any packages that were compiled from source.
Here are some of the steps I have sometimes needed to take when performing upgrades.
Add Extra Repositories
Software packages and programs are freely available for download at multiple online sites with
standardized structures, called repositories. There are repositories officially sanctioned and
monitored by the Kubuntu/Ubuntu developer community, while other repositories are
independently provided, without official sanction or supervision (and should be used with
caution). Additional information is available from the Ubuntu Repository Guide
(https://help.ubuntu.com/community/Repositories/Ubuntu) .
Types of Repositories
There are four major package repository types in Ubuntu:
main - Supported by Canonical. This is the major part of the distribution.
restricted - Software not licensed under the GPL (http://en.wikipedia.org
/wiki/GNU_General_Public_License) (or similar software license), but supported by
Canonical.
universe - Software licensed under the GPL (or similar license) and supported by users.
multiverse - Software not licensed under the GPL (or similar license), but supported by
users.
There are also these additional types of repositories:
Precise-updates - Updates to official packages.
Precise-backports - Current version software from Quantal Quetzal (Precise+1) that
have been backported to Precise Pangolin.
Precise-proposed - Proposed updates & changes (bleeding edge stuff).
Third party repositories
Software developers often maintain their own repositories, from which software packages can be
downloaded and installed directly to your computer (if you add the repository to your list). Many
26 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
of these third party repositories and software packages have never been reviewed by the
(K)Ubuntu/Debian community and can present a security risk to your computer. Trojans,
backdoors, and other malicious software can be present at any unregulated repository. When
using repositories not endorsed by the (K)ubuntu/Debian community, make sure you have utter
confidence in that site before enabling the repository and installing a software package from it.
PPA repositories
A Personal Package Archive (PPA) is a special software repository used for experimental source
packages still under development. Such software has not been approved by the Debian or
Ubuntu developers (but may eventually become an accepted package). Use this software at
your own risk just like any other third party repository software.
Documentation about how to install software from this type of repository can be found at the
PPA Installing Software Guide (https://help.launchpad.net/Packaging/PPA/InstallingSoftware) .
In brief, to add a repository:
sudo add-apt-repository ppa:user/ppa-name
Note: If add-apt-repository is not available on your system, then install it with the package:
sudo apt-get install python-software-properties
Add Repositories using Synaptic Package Manager
This is the preferred method.
Menu -> System -> Administration -> Synaptic Package Manager -> Settings ->
Repositories.
Here you can enable the repositories for Ubuntu Software and Third Party Software.
For Third Party Software select Add -> enter the repository's address. It will have a format
similar to:
deb http://archive.ubuntu.com/ubuntu/ precise main restricted
deb-src http://archive.ubuntu.com/ubuntu/ precise main restricted
Example: To add the Medibuntu repository, Add:
deb http://packages.medibuntu.org/ precise free non-free
27 of 212
Download the repository key to a folder.
Example: The Medibuntu key can be downloaded from
http://packages.medibuntu.org/medibuntu-key.gpg
Then add the key from:
Menu -> System -> Administration -> Synaptic Manager -> Settings -> Repositories ->
Authentication -> Import Key File...
(Alternatively, you can manually add the key from the command line Terminal. See
Add Repository keys.)
05/24/2012 07:12 AM
Ubuntu:Precise -
Refresh the package list from the new repository:
Synaptic -> Reload
Manually add repositories
Adding a repository (such as a Launchpad ppa repository) can be accomplished from the
command-line interface:
sudo apt-add-repository ppa:user/repository
where ppa:user/repository is an example of the repository you wish to add.
To remove a repository:
sudo apt-add-repository -r ppa:user/repository
Download and add the repository keys to your keyring. See Add repository keys.
Refresh the packages list from the new repositories:
sudo apt-get update
Note: If add-apt-repository is not available on your system, then install it with the package:
sudo apt-get install python-software-properties
Edit the repository sources list
This is an optional, labor intensive method. Do this at your own risk. Modify the default
Ubuntu sources.list only if you understand what you're doing. Mixing repositories can
break your system. For more information see the Ubuntu Command-line Repository guide
(https://help.ubuntu.com/community/Repositories/CommandLine) .
Create a backup of your current list of sources.
sudo cp -i /etc/apt/sources.list /etc/apt/sources.list_backup
Note: sudo - runs the command with root privileges. cp = copy. -i = prompt to overwrite if a file
already exists.
Edit the list of sources:
sudo nano /etc/apt/sources.list
or using a graphical editor:
gksudo gedit /etc/apt/sources.list
28 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Note: To use your local mirror you can add "xx." before archive.ubuntu.com,
where xx = your country code.
Example: deb http://gb.archive.ubuntu.com/ubuntu licid main restricted
universe multiverse indicates a repository for Great Britain (gb).
Here is a sample sources.list. At the end have been added repositories for Medibuntu
and Google:
#deb cdrom:[Ubuntu 12.04 _Precise Pangolin_ - Release i386]/ Precise main restricted
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://gb.archive.ubuntu.com/ubuntu/ precise main restricted
deb-src http://gb.archive.ubuntu.com/ubuntu/ precise main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb http://gb.archive.ubuntu.com/ubuntu/ precise-updates main restricted
deb-src http://gb.archive.ubuntu.com/ubuntu/ precise-updates main restricted
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://gb.archive.ubuntu.com/ubuntu/ precise universe
deb-src http://gb.archive.ubuntu.com/ubuntu/ precise universe
deb http://gb.archive.ubuntu.com/ubuntu/ precise-updates universe
deb-src http://gb.archive.ubuntu.com/ubuntu/ precise-updates universe
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://gb.archive.ubuntu.com/ubuntu/ precise multiverse
deb-src http://gb.archive.ubuntu.com/ubuntu/ precise multiverse
deb http://gb.archive.ubuntu.com/ubuntu/ precise-updates multiverse
deb-src http://gb.archive.ubuntu.com/ubuntu/ precise-updates multiverse
## Uncomment the following two lines to add software from the 'backports'
## repository.
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb http://gb.archive.ubuntu.com/ubuntu/ precise-backports main restricted universe multiverse
deb-src http://gb.archive.ubuntu.com/ubuntu/ precise-backports main restricted universe multiverse
## Uncomment the following two lines to add software from Canonical's
## 'partner' repository. This software is not part of Ubuntu, but is
## offered by Canonical and the respective vendors as a service to Ubuntu
## users.
deb http://archive.canonical.com/ubuntu precise partner
deb-src http://archive.canonical.com/ubuntu precise partner
deb http://security.ubuntu.com/ubuntu precise-security main restricted
deb-src http://security.ubuntu.com/ubuntu precise-security main restricted
deb http://security.ubuntu.com/ubuntu precise-security universe
deb-src http://security.ubuntu.com/ubuntu precise-security universe
deb http://security.ubuntu.com/ubuntu precise-security multiverse
deb-src http://security.ubuntu.com/ubuntu precise-security multiverse
## Medibuntu - Ubuntu 12.04 "Precise Pangolin"
## Please report any bug on https://bugs.launchpad.net/medibuntu/
deb http://packages.medibuntu.org/ precise free non-free
deb-src http://packages.medibuntu.org/ precise free non-free
# Google software repository
deb http://dl.google.com/linux/deb/ stable non-free
29 of 212
Download and add the repository keys to your keyring. See Add repository keys.
05/24/2012 07:12 AM
Ubuntu:Precise -
Refresh the packages list from the new repositories:
sudo apt-get update
Add repository keys
Download the gpg keys for the repositories and automatically add them to your
repository keyring:
Example: To obtain and add the Medibuntu repository key:
wget --quiet http://packages.medibuntu.org/medibuntu-key.gpg -O - | sudo apt-key add -
Example: To obtain and add the Google repository key:
wget --quiet http://dl.google.com/linux/linux_signing_key.pub -O - | sudo apt-key add -
Note: wget - retrieves a file from a network location. --quiet = no output. -O = Output
downloaded item to terminal. The | (pipe symbol) is used to capture the output from the
previous command (in our case the screen) and use it as an input for the piped command (i.e.
apt-key, which adds it to the keyring).
Alternatively (and perhaps more easily), you can use apt-key directly:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys KEY
where KEY is the missing key code printed in apt-get output, e.g. EF4186FE247510BE.
Note: Key servers often use port 11371. Make sure your firewall allows port 11371 to
be open.
Package Installation and Updates
Apt and Package Basics
Read Add Extra Repositories
Most new users will use the Synaptic Package Manager to install packages. These instructions
are for installing packages from the command-line Terminal. Terminal can be started:
Menu -> Applications -> Accessories -> Terminal
Install packages:
sudo apt-get install packagename
Example:
sudo apt-get install mpd sbackup
30 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Remove packages:
sudo apt-get remove packagename
To remove all dependencies:
sudo apt-get autoremove
Example:
sudo apt-get remove mpd sbackup
Search for packages:
apt-cache search <keywords>
Examples:
apt-cache search Music MP3
apt-cache search "Text Editor"
Update the apt package database after adding/removing repositories:
sudo apt-get update
Upgrade packages:
Upgrade the entire distribution (e.g. from Maverick to Natty):
sudo apt-get dist-upgrade
Installing .deb packages
Debian (.deb) packages are the packages that are used in Ubuntu. You can install any .deb
package in your system. .deb files can generally be installed from your file manager (Nautilus)
merely by clicking on them, since file associations with the default installer is already set in
Ubuntu. These instructions are for those who wish to install packages from the command-line
terminal (Terminal).
Install a downloaded Debian (Ubuntu) package (.deb):
sudo dpkg -i packagename.deb
31 of 212
Remove a Debian (Ubuntu) package (.deb):
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo dpkg -r packagename
Reconfigure/Repair an installed Debian (Ubuntu) package (.deb):
sudo dpkg-reconfigure packagename
*Example:
sudo dpkg-reconfigure mpd
Handling (Tar/GZip) and (Tar/Bzip2) archives
(Tar/GZip) archives end in ".tar.gz" and (Tar/Bzip2) archives end in ".tar.bz2". Bzip2 is the newer,
more efficient compression method. These files can generally be automatically extracted by
merely clicking on them from your file manager (Nautilus), since file associations with the
appropriate archival utilities are set by default in Ubuntu. These instructions are for those who
wish to use the command line Terminal.
To extract:
tar xvf packagename.tar.gz
Note: tar is an application which can extract files from an archive, decompressing if necessary.
-x means extract.
-v means verbose (list what it is extracting).
-f specifies the file to use.
Decompressing ".gz" files
gunzip file.gz
Decompressing ".bz2" files
bunzip2 file.bz2
Note: You can also decompress a package first by using the command gunzip (for .gz)
or bunzip2 (for .bz2), leaving the .tar file. You would then use tar to extract it.
To create a .gz archive:
tar cvfz packagename.tar.gz folder
To create a .bz2 archive:
tar cvfj packagename.tar.bz2 folder
Installing a package from source
32 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Make sure you have all the necessary development tools (i.e. libraries, compilers, headers):
sudo apt-get install build-essential linux-headers-$(uname -r)
Note: "uname -r" lists the current kernel you are using
Extract the archive that contains the source files:
tar xvf sourcefilesarchive.tar.gz
Build the package using the package's script (in this case the configure script), compile the
package (make), and install the compiled package into your system (make install):
cd /path/to/extracted/sourcefiles
./configure
sudo make
sudo make install
Note: typing ./ before a filename in the current folder allows the Linux shell to try and
execute the file as an application even if it is not in the path (the set of folders which it
searches when you type a command name). If you get a "permission denied" error, the
file is not marked as being executable. To fix this:
sudo chmod +x filename
Example: In the above instructions, configure is the shell script to build the package
from source. To be sure the configure script is executable:
sudo chmod +x configure
Create a .deb package from source files
If your build from source is successful, you can make a Debian (Ubuntu) package (.deb) for
future use:
Install package tools:
sudo apt-get install checkinstall
Rebuild package using "checkinstall":
cd /path/to/extracted/package
./configure
sudo make
sudo checkinstall
Keep the resulting ".deb" file for future use. It can later be installed using:
sudo dpkg -i packagename.deb
33 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Note: These are basic instructions that may not always work. Some packages require additional
dependencies and optional parameters to be specified in order to build them successfully. Also
see these Ubuntu wiki instructions (https://wiki.ubuntu.com/PackagingGuide
/Basic?action=show&redirect=HowToBuildDebianPackagesFromScratch) . More info about .deb
package structure can be found here (http://www.ibm.com/developerworks/linux/library
/l-debpkg.html) .
Aptitude
Aptitude is a terminal-based package manager that can be used instead of apt-get. Aptitude
marks packages that are automatically installed and removes them when no packages depend
on them. This makes it easy to remove applications completely. To use Aptitude, replace apt-get
with aptitude in the command line. Example:
sudo
sudo
sudo
sudo
aptitude
aptitude
aptitude
aptitude
install packagename
remove packagename
update
upgrade
For an ncurses-based graphical user interface, type
sudo aptitude
For more information, see the aptitude documentation (http://people.debian.org/~dburrows
/aptitude-doc/en/) .
Synaptic Package Manager
While "apt-get" and "aptitude" are fast ways of installing programs/packages, you can also use
the Synaptic Package Manager (Menu -> System -> Administration -> Synaptic Manager), a GUI
method for installing programs/packages. Most (but not all) programs/packages available with
apt-get install will also be available from the Synaptic Package Manager. This is the preferred
method for most desktop users. In this guide, when you see
sudo apt-get install package
you can simply search for package in Synaptic and install it that way.
Menu -> System -> Administration -> Synaptic Package Manager
Search for the name of the program/package. You can also search for a word in its
description.
-> Mark for Installation -> Apply
The selected program(s) will be automatically installed, along with its dependencies.
Ubuntu Software Center (Add/Remove Programs)
Not all packages available from apt-get, aptitude, and Synaptic Package Manager are available
in the Ubuntu Software Center. However, it is the easiest interface for new users of Ubuntu and
directs them to preferred packages.
34 of 212
Menu -> Applications -> Ubuntu Software Center
05/24/2012 07:12 AM
Ubuntu:Precise -
Search for the sort of program you want to add. Example: type MP3 to see a list of
mp3 software.
-> Mark for Installation -> Apply
The selected program(s) will be automatically installed.
Manual Updates
Read General Notes
Read Add Extra Repositories
Manually, from Terminal (command line interface):
sudo apt-get update
or
Use Synaptic Package Manager:
Menu -> System -> Administration -> Synaptic Package Manager -> "Reload" then "Mark
all upgrades"
If there are packages available for updating, you will be prompted whether to install them.
Automated Updates
Use Synaptic Package Manager:
Menu -> System -> Administration -> Synaptic Manager -> Settings -> Preferences ->
General -> Reloading Outdated Package Information -> Automatic
Repair broken packages
If a package installation fails (which can cause a Package Manager to freeze or become locked),
or if a package has unsatisfied dependencies causing a similar condition, then run one (or both)
of the following commands from the command-line terminal:
sudo apt-get install -f
sudo dpkg --configure -a
Desktop Add-ons
There are many add-on icons, themes, wallpapers, 3-D effects, and other customizations
available for the GNOME desktop.
Gnome Eye-Candy Resources
35 of 212
Gnome Look (http://www.gnome-look.org) has wallpapers, splash screens, icons, and
themes for windows managers (including Metacity and Compiz) and other applications.
05/24/2012 07:12 AM
Ubuntu:Precise -
Ubuntu Wallpaper
Download free Maverick Meerkat wallpapers (https://wiki.ubuntu.com/Artwork/Incoming
/Maverick) .
Change Plymouth Splash Screen
This is the initial splash screen you see at bootup. Different Plymouth themes can be found by
searching for plymouth-theme in a Package Manager. Install a new one and then:
sudo update-alternatives --config default.plymouth
sudo update-initramfs -u
and manually select the theme you wish to use.
Plymouth does not reliably work with nVidia drivers and during bootup a blank screen may result
for several seconds.
Metacity
Metacity is the default desktop compositing manager in Gnome. It is lightweight, streamlined
and does not have many configurable options, but has multiple themes available at Gnome
Look.
Compiz Fusion
Compiz Fusion is available as a separate Windows Manager, to allow advanced desktop effects
such as the rotating cube desktop. Many Ubuntu users choose to run Compiz, which is quite fast
in Ubuntu. Install:
sudo apt-get install compiz compizconfig-settings-manager compiz-fusion-plugins-main compiz-fusion-plugins-extra emerald librsvg2-
To change to Compiz as the Window Manager:
Select Compiz Configuration:
Menu -> System -> Preferences -> CompizConfig Settings Manager
Note: You must logout and log back in for the change to take effect.
Fusion Icon
Fusion Icon is a tray icon that allows you to easily switch between window managers, window
decorators, and gives you quick access to the Compiz Settings Manager. This allows quick
toggling of 3-D desktop effects (that may not be compatible with some applications).
sudo apt-get install fusion-icon
Menu -> Applications -> System Tools -> Compiz Fusion Icon
You can then easily access CompizConfig Settings Manager from the icon.
36 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Rotate the Compiz Cube
Set the CompizConfig Settings Manager to enable the "Desktop Cube" and "Rotate Cube" and
"Viewport Switcher" options. Click on the icon for each to customize settings. For example, to
change the appearance of the cube, click on the Desktop Cube icon to access its settings. You
can set the hotkey buttons for rotating the cube in the "Viewport Switcher" settings. Otherwise,
hold down the Ctrl+Alt+Left mouse button and drag the mouse (or touchpad) the direction you
want to rotate the cube.
Remember, the cube rotates between desktops. It's not a cube unless you have at least 4
desktops running. You will not get a cube if you are only using 2 desktops (you will get a
"plate"). You can still rotate the sides of the plate, of course, but it will not be a cube. (Recent
users from the Windows OS may have no experience with the concept of simultaneous desktops,
but they are nice once you learn how to use them).
When running Compiz fusion as the Windows Manager, you must change the default number of
desktops from within CompizConfig Settings Manger. To enable 4 desktops:
CompizConfig Settings Manager -> General -> General Options -> Desktop Size ->
Horizontal Virtual Size -> 4
When you start an application, you can assign it to any one of the 4 desktops by right-clicking
the upper left corner of the application window and choosing the "To Desktop..." option. Rotating
the cube shows the different desktops. You can also go to a desktop using the taskbar icon
which shows the 4 desktops.
Emerald
Emerald is the theme engine for Compiz Fusion. Multiple themes are available. (These themes
originated from the Beryl project before it merged with Compiz to form Compiz Fusion.) The
Emerald Theme Manager for Compiz Fusion can be installed:
sudo apt-get install emerald
Google Desktop
Google Desktop for Linux (http://googledesktop.blogspot.com/) was a proprietary suite of Google
widgets and applications. It was discontinued in September 2011.
gDesklets
gDesklets (http://gdesklets.de/) are similar to Windows widgets and Google gadgets and provide
information such as weather, system resources, and news primarily for the Gnome desktop (i.e.
Ubuntu Maverick and older). Install:
sudo apt-get install gdesklets
Dock applications
Avant Window Manager, Cairo Dock, gnome-do and Wbar are dock-like applications for Ubuntu
Linux. A dock represents running programs as icons at the bottom of the screen (as is done on
37 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
the Mac OS X desktop), instead of by toolbar panel segments (as is done in Windows and other
Linux window managers). See this brief comparison of dock applications
(http://linuxowns.wordpress.com/2008/05/08/the-best-and-worst-docks-for-ubuntu/) .
Avant Window Navigator
Avant Window Navigator (http://wiki.awn-project.org/) requires that a desktop composition
manager (such as Metacity, Compiz, Xcompmgr, KDE4 (Kubuntu), or xfwm4 (Xubuntu)) be
installed and running.
Install and upgrade proprietary nVidia or ATI graphics drivers so that the compositing
manager functions properly.
Install AWN:
sudo apt-get install avant-window-navigator awn-manager
(Note: If you are using Gnome (Ubuntu) and do not already have a compositing manager
installed (such as Compiz), Metacity will be installed as part of the installation.)
Enable automatic startup of AWN at bootup:
Menu -> System -> Preferences -> Startup Applications -> Add...
avant-window-navigator
Select which applets should run from the dock menu by default:
Menu -> Applications -> Accessories -> Avant Window Navigator Manager
You can drag application icons onto the list, then activate or deactivate the applets from
the list.
Cairo Dock
Cairo Dock (http://developer.berlios.de/projects/cairo-dock/) can be used either with a desktop
compositing manager (such as Metacity for Gnome, Compiz, or the KDE4 Window Manager) or
without one. See the Ubuntu installation instructions (https://help.ubuntu.com/community
/CairoDock) for details. It is available from the repositories:
sudo apt-get install cairo-dock cairo-dock-plug-ins
Gnome Do
Gnome Do (http://do.davebsd.com/) is a docking utility for Gnome. Install:
sudo apt-get install gnome-do
From the preferences pane of gnome-do select the Docky look and feel to get the dock
(rather than the default Quicksilver-like) look and feel.
wbar
38 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
wbar (http://code.google.com/p/wbar/) is a quick-launch bar (not a dock) that has an appearance
similar to Avant Window Manager and Cairo Dock. It is GTK (Gnome) based but can work in all
desktop environments. It does not require a compositing manager to be installed and is
therefore quicker and more suitable for low-end hardware systems. It is the default in the Google
gOS desktop and is available as a .deb package from Google. Download and install (from the
command-line Terminal):
wget http://wbar.googlecode.com/files/wbar_1.3.3_i386.deb
sudo dpkg -i wbar_1.3.3_i386.deb
Start wbar with custom start options (e.g. by pressing alt+F2). Here is an example:
wbar -isize 48 -j 1 -p bottom -balfa 40 -bpress -nanim 3 -z 2.5 -above-desk
Here is another example:
wbar -above-desk -pos bottom -isize 60 -nanim 1 -bpress -jumpf 0.0 -zoomf 1.5
For a full list of command-line startup options, see:
wbar --help
Tip: If you want the "wave" effect just increase the -nanim value. I like the icons to just pop up
so I don't use it, but with 9 icons 5 there is a nice "wave" effect.
Obviously, you could create a menu item with the command line options (similar to the
examples above), or a batch file that can be automatically started at system startup (as a cron
event or startup session).
You can also change wbar startup options by editing the configuration file:
sudo gedit /usr/share/wbar/dot.wbar
See this example configuration file (http://ubuntuforums.org/showthread.php?t=980565) .
However, not all options are able to be set from the configuration file and must be run from the
command line. For more info see this wbar guide (http://linux-guider.blogspot.com/2008/09
/wbar-another-cute-dock.html) .
wbarconf
A simple wbar configuration utility (http://www.gnomefiles.org/app.php/wbarconf) can be
downloaded as a .deb package and installed:
wget http://koti.kapsi.fi/~ighea/wbarconf/wbarconf_0.7.2-1_i386.deb
sudo dpkg -i wbarconf_0.7.2-1_i386.deb
Virtualization
Virtualization allows a second operating system (OS), such as Windows or OS X, to be run from
39 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
within (K)Ubuntu. This requires extra RAM (because both (K)Ubuntu and the virtualized second
OS require separate amounts of RAM) and a license for the second OS. If you wish to run a
virtualized instance of Windows XP, for instance, you must have a license for Windows XP.
VirtualBox
VirtualBox (http://www.virtualbox.org/) is a fast and complete virtualization solution owned
and maintained by Sun Microsystems. There is a free and fully open-source edition available
under the GNU GPL license.
Install the open-source edition:
sudo apt-get install virtualbox-ose virtualbox-ose-source virtualbox-guest-additions
You can also add the QT-version (if using KDE/Kubuntu, for example):
sudo apt-get install virtualbox-ose-qt
Start VirtualBox:
Menu -> VirtualBox OSE PC virtualization solution
For usage instructions, see the End-user documentation (http://www.virtualbox.org/wiki/Enduser_documentation) . For information on installing Virtualbox in Windows so that Ubuntu can
then be installed within in a virtual machine running in Windows, see this page.
Proprietary versions of VirtualBox
A few additional features (http://www.virtualbox.org/wiki/Editions) that are not yet in the OSE
version, such as a USB device interface, are available in the proprietary version of VirtualBox. To
install a proprietary edition (http://www.virtualbox.org/wiki/Linux_Downloads) of VirtualBox:
Add the security key:
wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | sudo apt-key add -
Add the repository string to your repository list and update:
echo "deb http://download.virtualbox.org/virtualbox/debian maverick non-free" | sudo tee /etc/apt/sources.list.d/virtualbox.list
sudo apt-get update
Install:
sudo apt-get install virtualbox
VMWare
VMWare (http://www.vmware.com/) is a commercial virtualization platform that currently offers
two free products: VMWare Player and VMWare Server (http://www.vmware.com/download
/server/) (the latter with a free renewable yearly license). VMWare Player can play virtual
40 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
appliances that have already been created, whereas VMWare Server (which has a broader range
of features) allows the creation of virtual machines. In general, VMWare Server is recommended
unless you only need to play an appliance. (Appliances will also run in VMWare Server). Users
that wish to run servers (or processes) that need to be available to a network from within the
virtual machine should use VMServer. If you wish to install a new OS within a virtual machine
(other than in an appliance), you will need VMWare Server.
VMWare Player
Installation instructions are on the website, or at the Ubuntu community wiki
(https://help.ubuntu.com/community/VMware/Player) . In brief, to install the free VMWare Player:
Install pre-requisites:
Get the binary package/installation script, give it executable privileges, then run the
installation script:
wget http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle
chmod +x VMware-Player-2.5.3-185404.i386.bundle
sudo ./VMware-Player-2.5.3-185404.i386.bundle
Run:
Menu -> Applications -> System Tools -> VMWare Player
Create an Ubuntu Appliance
While any edition of Ubuntu can be installed in a virtual machine, the minimal installation option
(F4) of the Ubuntu Server creates a highly-efficient edition (previously known as JeOS) optimised
for use within a virtual appliance (which can then be played using VMWare Player or other virtual
machine client). See this walkthrough.
A virtual appliance for VMWare Player (using this JeOS minimal server) can also be built using
vmbuilder (https://help.ubuntu.com/10.04/serverguide/C/jeos-and-vmbuilder.html) .
VMWare Server
Download the server source files for your architecture (32-bit or 64-bit) from the VMWare
Server website (http://www.vmware.com/download/server/) and retrieve your license key by
email.
Extract the files, give execution privileges to the install script, and run the install script:
tar xvf VMware-server-2.0.1-156745.i386.tar.gz
cd vmware-server-distrib
chmod +x vmware-install.pl
sudo ./vmware-install.pl
41 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
VMWare Package
VMWare Appliances (that include an Ubuntu/Debian OS) can be created using VMWare Server
and the VMWare Package utility. These appliances can then be deployed to users who can play
them using VMWare Player. Install:
sudo apt-get install vmware-package
Keyboard errors in VMware guest
After installing VMWare 6.5, and installing a guest OS, the Function, arrow and Del/End/etc keys
do not function. This is a bug with VMWare´s code. Add this line to ~/.vmware/config (create file
if necessary) to fix this issue:
xkeymap.nokeycodeMap = true
KVM
KVM (http://www.linux-kvm.org/page/Main_Page) is the free open source virtualization solution
implemented as a Linux kernel module (in the recent kernels) for computers whose processors
contain virtualization extensions (Intel VT or AMD-V). See the Ubuntu installation instructions
(https://help.ubuntu.com/community/KVM/Installation) . Install:
sudo apt-get install kvm
Qemu (without KVM)
If your computer does not have the virtualization extensions, you can still run the QEMU
virtualization platform. See this Ubuntu community documentation (https://help.ubuntu.com
/community/WindowsXPUnderQemuHowTo) . It can be installed from source code
(http://www.qemu.org/qemu-doc.html#SEC82) .
Xen
Xen (http://www.xen.org/) is an efficient open-source virtualization ("hypervisor") platform (which
includes a merge with QEMU). It is the basis for the Amazon EC2 Cloud and is generally intended
for use on a server (or on "baremetal" systems, i.e. no OS yet installed). It is free open source
under a GPL license. The latest desktop (and installation instructions) is available from the
website. (A commercial version is also offered by Citrix.) Implementation in Ubuntu requires
some modification, currently. For more info, see the Ubuntu community documentation
(https://help.ubuntu.com/community/Xen) . Install:
sudo apt-get install xen-hypervisor xen-docs convirt
A Xen virtual machine host can also be installed automatically with certain 64-bit CPUs, using
the 64-bit Ubuntu Server LiveCD. (A (K)Ubuntu desktop can then later be added -- see Ubuntu
server).
Virtual Machine Manager
42 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Virtual Machine Manager (http://virt-manager.et.redhat.com/) is an application to allow viewing
of all instances of virtual machines on your system. It includes a secure implementation of VNC.
This and other virtual management tools are available as an integrated package in (K)Ubuntu.
Install:
sudo apt-get install ubuntu-virt-mgmt
Crossover for Linux
Codeweavers' Crossover Office for Linux (http://www.codeweavers.com/products/cxlinux/) is a
subscription-based commercial package that allows many Windows programs to be run on
Ubuntu without the need for a Microsoft OS license or a complete virtualization system. See the
website for more info. Codeweavers releases older versions of this product into the free package
Wine.
Wine
Wine (http://www.winehq.org/) is a free open-source package that is similar to (and implements
many elements of) CrossOver for Linux. Like CrossOver for Linux, no Microsoft license or
virtualization platform is required to run Windows programs. See these instructions
(http://www.winehq.org/download/deb) for installing the latest version of Wine.
sudo apt-get install wine
Also consider installing Microsoft's TrueType fonts:
sudo apt-get install msttcorefonts
PlayOnLinux
PlayOnLinux (http://www.playonlinux.com/) is a Wine frontend which simplifies the installation
and launch of many Windows programs, particularly games. Install:
sudo apt-get install playonlinux
Internet Explorer 7
Internet Explorer 7 can be installed with PlayOnLinux. Select "Internet Explorer 7" from the
"Internet" section of PlayonLinux.
Internet Explorer 6 & 7
Internet Explorer 6 & 7 can function under Wine, albeit imperfectly. For most purposes, Firefox
can be used (with the User Agent Switcher plugin) to mimic Internet Explorer.
Make sure you have Wine and cabextract packages:
sudo apt-get install wine cabextract
43 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Download the Winetricks (http://wiki.winehq.org/winetricks) installation script:
wget http://winetricks.org/winetricks
sudo chmod +x winetricks
Install with winetricks:
sh winetricks ie6
sh winetricks ie7
Note: Winetricks is automatically installed with the current version of Wine
(http://www.winehq.org/download/deb) .
Transgaming Cedega
Cedega (http://www.transgaming.com/) is a commercial application (similar to CrossOver Office
and Wine), for installing and running some Windows applications, specifically games, without the
need for virtualization or a Microsoft license. It provides 3D support, software acceleration
support, and a high level of DirectX support. Installation instructions are found on the website.
Mono
Mono (http://www.mono-project.com/Main_Page) is a free open source project sponsored by
Novell to allow .NET programs to function in Linux ((K)Ubuntu) and Mac OS X. . Several GNOME
applications (like Tomboy, F-Spot, and Banshee) require mono to be installed, so mono may
already be installed by default on your system. The most recent version is available here
(http://www.mono-project.com/Other_Downloads) .
sudo apt-get install mono-2.0-devel
Moonlight
See Moonlight plugin for Firefox
Java
Install Java:
sudo apt-get install default-jre
DosBox
DOSBox (http://www.dosbox.com/) is a DOS-emulator that emulates CPU:286/386
realmode/protected mode, Directory FileSystem/XMS/EMS, Tandy/Hercules/CGA/EGA/VGA/VESA
graphics, and a SoundBlaster/Gravis Ultra Sound card (for sound compatibility with older
games). You can "re-live" classic games that otherwise won't run on newer computers.
sudo apt-get install dosbox
44 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
ScummVM
ScummVM (http://scummvm.org/) allows certain classic graphical point-and-click adventure
games to run (provided you already have their data files). ScummVM replaces the executables
shipped with the games, allowing play on Linux operating systems (for which they were not
originally designed).
sudo apt-get install scummvm
Google Android
Also see this page.
Android SDK emulator
Android SDK for Linux (http://developer.android.com/sdk/index.html) is a 32-bit Android
emulator/software development kit. It incorporates a QEMU virtual machine framework as part
of its installation. It provides a fully functional Android environment and apps can be installed
from (and run within) the emulator.
Once the Android emulator SDK is installed, install an app using these ADB instructions
(http://developer.android.com/guide/developing/tools/adb.html) or directly from within an
app marketplace.
More detailed instructions are available here.
Android-x86 in VirtualBox
Android-x86 (http://www.android-x86.org/documents/installhowto) can can be downloaded as an
.iso image and installed to and run in Virtualbox (or QEMU, VMWare, or other virtual
environment). Although providing a good demo environment with a large display, this emulator
is not fully functional for me (as of May 2012), and many functions and apps will not work with it.
See here for more details.
Edutainment Applications
There are many superb applications that can be installed with a single click.
Menu -> Applications -> Ubuntu Software Center-> Education
Below are a few examples that can be installed from this menu:
45 of 212
Mnemosyne (http://www.mnemosyne-proj.org/) -- a flash-card tool
Oregano (http://arrakis.gforge.lug.fi.uba.ar/) -- a program for electrical engineering
schematics
RlPlot (http://rlplot.sourceforge.net/) -- a high quality graph generator
K3DSurf (http://k3dsurf.sourceforge.net/) -- a program for modeling 3,4,5, and 6
dimensional models.
Bibletime (http://www.bibletime.info/) -- a Bible study tool using the QT platform
05/24/2012 07:12 AM
Ubuntu:Precise -
Zekr (http://en.wikipedia.org/wiki/Zekr) -- an Islamic Quran study tool (available in Utilities)
Gramps (http://gramps-project.org/) -- map your family-tree and co-operate with genealogy
projects
Games
There are some phenomenal games for (K)Ubuntu Linux.
Ubuntu Community Wiki -- Games (https://help.ubuntu.com/community/Games) .
Best Linux Games for 2008 (http://whdb.com/2008/top-25-linux-games-for-2008/) .
Best 25 Linux Games of 2007 (http://rangit.com/software/top-8-linux-games-of-2007/) .
Unixmen's 2010 list (http://www.unixmen.com/gaming-on-linux1131-19-awesomeopensource-games-for-linux/) .
There are hundreds of free, open-source games available in (K)Ubuntu. Most (including the KDE
Games (http://www.kde.org/applications/games/) collection and the Gnome Games
(http://live.gnome.org/GnomeGames/) collection) can be accessed through the Games section of
your Package Manager.
Examples are:
46 of 212
PouetChess (http://pouetchess.sourceforge.net/) -- an excellent 3-D chess game (sudo
apt-get install pouetchess)
PokerTH (http://www.pokerth.net/) -- a very nice Texas Hold 'Em Poker (install using PPA
repository (https://launchpad.net/~pkg-games/+archive/ppa) )
Kajongg (http://packages.ubuntu.com/maverick/kajongg) -- a real MahJongg game, for
humans and/or robots (sudo apt-get install kajongg)
Planet Penguin Racer (http://en.wikipedia.org/wiki/Tux_Racer) -- Penguin slides down a 3-D
luge run, catching fish. (Extreme Tux Racer (http://extremetuxracer.com/) is a newer
version, but works in 32-bit only.)
KsirK (http://games.kde.org/game.php?game=ksirk) -- play Risk against the computer or in
a multiplayer environment (sudo apt-get install kdegames)
Racer (http://www.racer.nl/) -- the 3-D "real deal" Car Racing game (install binary found
here (http://www.racer.nl/dl_beta_linux.htm) ). Also with extra tracks and add-ons
(http://www.racer.nl/dl_content.htm) .
TORCS (http://torcs.sourceforge.net/) -- the 3-D Car Racing game (sudo apt-get install torcs)
Supertuxkart (http://supertuxkart.sourceforge.net/) -- the go-kart racing game (sudo apt-get
install supertuxkart)
Pingus (http://pingus.seul.org/) -- a Lemmings clone (similar to Super Mario Bros.) that uses
penguins instead of lemmings (sudo apt-get install pingus)
Frozen Bubble (http://www.frozen-bubble.org/) -- the bubble-popping game (sudo apt-get
install frozen-bubble)
Gweled (http://gweled.org/) -- a Bejeweled clone, simple in implementation yet almost as
addicting (sudo apt-get install gweled)
Frets on Fire (http://fretsonfire.sourceforge.net/) -- similar to Guitar Hero. You can import
songs from Guitar Hero (http://www.geetarfreaks.webs.com/Viva%20La%20Music.html) and
from community sites (http://fretsonfire.wikidot.com/custom-songs) (sudo apt-get install
fretsonfire)
Scorched3d (http://www.scorched3d.co.uk/) -- turn-based artillery game in a 3D rendered
landscape (sudo apt-get install scorched3d)
Pyscrabble (http://pyscrabble.sourceforge.net/) (and pyscrabble-server) -- online Scrabble
05/24/2012 07:12 AM
Ubuntu:Precise -
game and server (sudo apt-get install pyscrabble pyscrabble-server) (Also see Lexulous
Internet Scrabble Club (http://www.isc.ro/) for
(http://www.lexulous.com) and the
browser-based online games similar to Scrabble. Internet Scrabble Club requires Java: sudo
apt-get install default-jre . It also requires firewall port 1325 to be open inbound/outbound.)
Wing Commander Privateer
The Linux version of this free version of Wing Commander (http://priv.solsector.net/) can be
downloaded as a binary here (http://sourceforge.net/projects/privateer/) .
Vdrift
Vdrift (http://vdrift.net/) is a free open source 3-D racing game, similar to Need for Speed, with
realistic physics, multiple drift tracks, and multiplayer games. Support for joysticks, mice and
keyboard is included. A binary package for Linux is available from the website.
Action
Incredible action games (including those from the Top 25) are available in Ubuntu. Many can be
installed using:
Menu -> Applications -> Ubuntu Software Center -> Games
Examples are:
Alien Arena (http://icculus.org/alienarena/rpa/about.html) -- a multi-player first person
shooter action game with free servers. (Package: alien-arena) (Server: alien-arena-server)
OpenArena (http://www.openarena.ws/) -- an open-source multi-player first person shooter
action game, with free servers. (Package: openarena) (Server: openarena-server)
Tremulous (http://www.tremulous.net) -- a Halo-like multiplayer first person shooter action
game. The repositories have the current version. (Package: tremulous) (Server: tremulousserver)
Sauerbraten (http://sauerbraten.org/) - a multiplayer graphics-rich first person shooter
game evolved from Cube. (Package: sauerbraten) (Server: sauerbraten-server)
Nexuiz (http://www.alientrap.org/nexuiz/) -- an open-source multi-player first person shooter
game with free servers and tournaments. (Package: nexuiz) (Server: nexuiz-server) A 35
map add-on community pack is also available here (http://www.alientrap.org/nexuiz
/downloads.php) . To install it, extract the map pack to /home/username/.nexuiz/data (or
~/.nexuiz/data ).
Note: Many of these games require advanced graphics. Make sure you have the necessary
hardware drivers activated.
UrbanTerror
UrbanTerror (http://www.urbanterror.net) is a multiplayer first person shooter action game (with
an integrated server). It uses the open-source quake 3 engine and features many real weapons
and free-to-use servers for multi-player functionality. "Not recommended for adolescents in
Germany." Download and install the binary using these instructions (http://www.urbanterror.info
/docs/texts/110/) .
Doom
47 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Skulltag, ZDoom (http://zdoom.org/wiki/Compile_ZDoom_on_Linux) , and PrBoom (Freedoom) are
versions of Doom2. For Doom3, see Doom3 on Ubuntu (https://help.ubuntu.com/community
/Doom3) .
Skulltag
Skulltag (http://skulltag.net/wiki/Installation_for_Ubuntu) is an updated version of ZDoom
(http://zdoom.org/wiki/Compile_ZDoom_on_Linux) that includes network play. See the website
(http://skulltag.net/wiki/Installation_for_Ubuntu) for simple (K)Ubuntu installation instructions.
(You can use the Freedoom Iwad (see below) if you don't have an original Doom2.wad.) Note:
Most of the modules require dependencies from the Universe repositories. Make sure you have
the Universe repositories enabled (Synaptic Package Manager -> Settings -> Repositories ->
Edit Software Sources -> Community-maintained Open Source software (universe) -> (ticked)).
Install prerequisites:
sudo apt-get install timidity timidity-interfaces-extra
Then add the skulltag repositories, update, and install Skulltag and DoomSeeker (the
Skulltag online server utility):
echo "deb http://skulltag.net/download/files/release/deb/ stable multiverse" | sudo tee /etc/apt/sources.list.d/skulltag.list
sudo apt-get update
sudo apt-get install skulltag doomseeker-skulltag
If you don't have a doom2.wad, tnt.wad, or plutonia.wad already, you can copy the
freedoom.wad to your ~/.skulltag folder:
cd ~/.skulltag
wget http://mirror.cinquix.com/pub/savannah/freedoom/freedoom-iwad/freedoom-iwad-0.6.4.zip
unzip freedoom-iwad-0.6.4.zip
cp freedoom*/doom2.wad .
rm freedoom-iwad-0.6.4.zip
If you need more help (regarding the Skulltag-server, firewalls, and port forwarding with
Skulltag, for example), see these additional tips.
Skulltag runs on any platform, with any graphics, and on almost any computer. There are
thousands of add-ons, maps, and gameplay modes, giving a nearly endless variety of
gameplay. The interface makes obtaining and playing the modifications very easy. This is
my favorite game of all time (and I have been playing it for years).
PrBoom
PrBoom (http://prboom.sourceforge.net/) is a free open source port of the original first person
shooter action game, Doom2 (http://en.wikipedia.org/wiki/Doom_II) . It does not have the
advanced options of ZDoom. Freedoom is a free Iwad (set of maps) to replace the original
Doom2.wad.
sudo apt-get install prboom freedoom timidity timidity-interfaces-extra
There are thousands of extra maps (Wads) (http://www.doomworld.com/10years/bestwads/)
48 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
available for this game. It is easiest to keep a directory for your wads in your home directory:
mkdir /home/user/wads
or alternatively, use the /usr/share/games/doom folder, giving universal privileges to the
folder:
chmod -R 777 /usr/share/games/doom
Place your doom2.wad, tnt.wad, or plutonia.wad (from your original game) into this folder. If you
don't have one, you can copy the Freedom version of doom2.wad from /usr/share/games
/freedoom into this folder. Place any new .wad's you have downloaded from the Internet into this
folder as well. Then run the game using both the original iwad map as well as your new .wad
map (you will only see the new map).
prboom -iwad /home/user/wads/doom2.wad -file /home/user/wads/new_wad.wad
Note: Only doom2.wad, tnt.wad, or plutonia.wad can be used as an iwad. You must have one of
these in addition to any new wad you wish to use. When in doubt, use doom2.wad.
Note: this game can also be installed using Menu -> Applications -> Ubuntu Software
Center -> Games as Freedoom, but you must also install timidity and timidity-interfacesextra.
MMORPG
Spring
The Spring Project (http://spring.clan-sy.com/) is a scripting engine platform to develop and play
free multiplayer games such as Star Wars Imperial Winter (http://www.imperialwinter.com/) and
Complete Annihilation (http://spring.clan-sy.com/wiki/Complete_Annihilation#Introduction) .
Install:
sudo apt-get install spring
Regnum Online
Regnum Online MMPORG (http://www.regnumonline.com.ar/index.php?sec=6&l=1) -- see basic
installation instructions (http://ubuntuforums.org/showthread.php?t=615246) and the help
forum (http://www.regnumonline.com.ar/forum/forumdisplay.php?f=15) as needed.
PlaneShift
PlaneShift (http://www.planeshift.it/) is a free full-immersion online fantasy game (MMPORG).
Client downloads and patches are available here (http://www.planeshift.it/download.html) .
Make the downloaded binary installation file executable:
cd /directory_where_downloaded
49 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
chmod +x PlaneShift-v0.5.4-x64.bin
Run the executable binary as root (this must be done from the command line Terminal):
sudo ./PlaneShift-v0.5.4-x64.bin
Follow the instructions for installation. When prompted whether to manually set
permissions, answer "no."
During installation, most users have recommended installing this game to your /home
directory as a single user installation, instead of to /opt for all users. This avoids
permissions problems. I was able to install to /opt, but it takes some effort.
Make sure your user belongs to the games group:
Menu -> System -> Administration -> Users and Groups -> user -> Manage Groups ->
games -> Properties -> Group Members -> user (ticked) -> OK
Register for a free account at PlaneShift Registration (http://www.planeshift.it/register.html)
.
If you installed the game to the menu, it will be in
Menu -> Applications -> Lost & Found -> Client and Setup
To run it from the menu, I had to edit the menu entries by checking the box: "Run in terminal."
Alternatively, run it from the command-line Terminal:
sudo /opt/PlaneShift/pssetup
sudo /opt/PlaneShift/psclient
Notes: This game ran very slowly for me on a 32-bit installation with a DSL connection and I
gave up. The 64-bit installation worked better.
Dolphin (Wii emulator)
The Dolphin emulator (http://code.google.com/p/dolphin-emu/) is an open-source cross-platform
Wii emulator that allows many Wii game disks to be run on many operating systems. (Whether
the Wii Netflix disk will run under the Dolphin emulator has not yet been established.) (The
Dolphin-emulator has no relationship to the KDE Dolphin file manager). Installation instructions
are here (http://code.google.com/p/dolphin-emu/wiki/Linux_Build) .
Internet Applications
Internet applications enable you to make full use of your Internet connection. Web browsers,
Email clients, Instant Messengers, and more are included in this category.
Web Browsers
Mozilla Firefox
Mozilla Firefox (http://www.mozilla.com/en-US/) is the ubiquitous web browser. Based on open
source components, it is trademarked and cannot be altered or re-distributed with any change
50 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
that involves the name or trademarks. Install the current version:
sudo apt-get install firefox
Firefox Plug-ins
Adblock Plus plug-in (block ads in a web page)
Adblock Plus (http://adblockplus.org/en/) blocks ads that appear in web pages. It is an
important tool to limit tracking and undesirable website elements, as well. You can subscribe to
a free filter service, and can add to the block list individual ads and website elements with a
single click.
sudo apt-get install xul-ext-adblock-plus
You can also add this extension from Firefox -> Tools -> Add-ons -> Get Add-ons -> Search
All Add-ons -> AdBlock Plus. (This method will also ensure that automatic updates are
installed by Firefox.)
Recent versions of Adblock Plus allow the display of a large number of "partner" ads unless
you disable this undesirable behavior:
Firefox -> Tools -> Add-ons -> Adblock Plus -> Preferences -> Filter preferences... -> Allow
some non-intrusive advertising (unticked)
Because Adblock Plus appears to now be creating holes in its own blocking service, it is probably
worthwhile to stop automatic updates and only update Adblock Plus selectively (in case the
developers in the future decide to create even more holes in the plug-in's blocking capability
without the corresponding option to disable the behavior).
NoScript plug-in (controls scripts)
The NoScript (http://noscript.net/) plugin is considered one of the most important security
measures for browsing the Internet. Most viruses and trojans gain access to computers from the
Internet through scripts. This plugin allows you to choose which scripts to allow and blocks the
rest.
51 of 212
Add this extension from Firefox -> Tools -> Add-ons -> Get Add-ons -> Search All Add-ons
-> NoScript. (This method will also ensure that automatic updates are installed by Firefox.)
NoScript has a long of websites on its "whitelist." It is important to review this list and
remove the websites for which you don't wish to automatically allow scripts (I remove them
all).
Firefox -> Tools -> Add-ons -> NoScript -> Preferences -> Whitelist
A large number of websites use multiple locations/URLs to assemble their webpage
content, a process which is blocked by NoScript's ABE (Application Boundaries Enforcer)
function. I have found it necessary to disable ABE in order for most of my websites to
function correctly.
Firefox -> Tools -> Add-ons -> NoScript -> Preferences -> Advanced -> ABE -> Enable ABE
05/24/2012 07:12 AM
Ubuntu:Precise -
(unticked)
Many websites now use aggressive pop-ups to place advertising in front of the actrual
content. While NoScript can block these ads, there will be a "placeholder" still blocking the
content unless you turn off the placeholders:
Firefox -> Tools -> Add-ons -> NoScript -> Preferences -> Embeddings -> Show placeholder
icon (unticked)
Most websites use scripting extensively these days, so that you may need to "Allow" a
website in NoScript. To block the individual undesirable elements of the website, use
AdBlock Plus.
Bookmark Favicon Changer plug-in
In the newest versions of Firefox, there are some bugs regarding the Favicons (the small icons
that appear in the address bar) and the Bookmark icons. This plug-in will restore the icons that
get erased (leaving a blank dotted box) or allow you to choose your own Favicons / Bookmark
icons.
-> Bookmark Favicon. (This method will also ensure that automatic updates are installed by
Firefox.)
RefreshBlocker plug-in (prevents redirects)
RefreshBlocker (https://addons.mozilla.org/en-US/firefox/addon/refreshblocker/) allows the user
to decide which websites (and pages) will be allowed to redirect (based on META tags within the
webpage). Although Firefox (as of version 3.5) blocks all directs by default, the behavior is not
customizable; it is therefore preferable to turn off the Firefox redirect control and use
RefreshBlocker instead.
-> RefreshBlocker. (This method will also ensure that automatic updates are installed by
Firefox.)
Turn off the Firefox automatic redirect blocker:
Firefox -> Enter about:config in the browser location bar -> right-click on
"accessibility:blockautorefresh" -> Toggle to change the value from true to false
Video DownloadHelper plug-in for Firefox
The Video DownloadHelper (https://addons.mozilla.org/en-US/firefox/addon/3006) plugin allows
the download of videos (including Flash videos) from sites like YouTube.
You can add this extension from Firefox -> Tools -> Add-ons -> Get Add-ons -> Search All
Add-ons -> Video DownloadHelper. (This method will also ensure that automatic updates
are installed by Firefox.)
User Agent Switcher plug-in for Firefox
Now that Firefox is the world's leading web browser, this plug-in should no longer be necessary.
Still, there still exist a few old web apps that will only run on IE (and for them this plug-in may be
52 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
useful). The User Agent Switcher (http://chrispederick.com/work/user-agent-switcher/) plugin
allows a browser to masquerade as another browser, allowing (most of the time) browserspecific content to be displayed.
You can add this extension from Firefox -> Tools -> Add-ons -> Get Add-ons -> Search All
Add-ons -> User Agent Switcher. (This method will also ensure that automatic updates are
installed by Firefox.)
Unplug Download Management
The UnPlug (https://addons.mozilla.org/en-US/firefox/addon/2254) add-on lets you save video
and audio which is embedded on a webpage.
You can add this extension from Firefox -> Tools -> Add-ons -> Get Add-ons -> Browse All
Add-ons. (This method will also ensure that automatic updates are installed by Firefox.)
Lucifox (eBook reader extension)
Lucifox (https://addons.mozilla.org/en-US/firefox/addon/lucifox/) (Lucidor for Firefox) enables
e-books to be read and e-book catalogs to be browsed in a Firefox window.
To install, go to the website and click "Download Now."
Java Runtime Environment (JRE) for Firefox plug-in
This package also installs the Java Runtime Environment. (JRE is also installed when OpenOffice
or ubuntu-restricted-extras is installed.)
sudo apt-get install sun-java6-jre sun-java6-plugin
Note: You must accept the license to use this product.
Adobe Acrobat Reader for Firefox Plug-in
This plugin is allows you to view Adobe Acrobat (PDF) files within the Firefox browser.
Read Add Extra Repositories and enable the Oneiric partner repository:
deb http://archive.canonical.com/ubuntu Oneiric partner
then install Adobe Reader:
sudo apt-get install acroread
Alternatively, this plugin is also available from the Medibuntu repository. Add the Medibuntu
repository to your repository list:
deb http://packages.medibuntu.org/ Oneiric free non-free
53 of 212
then install:
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install acroread mozilla-acroread acroread-plugins acroread-fonts
Adobe Flash Player for Firefox Plug-in
To install the official Adobe Flash plugin (Flash 10) for Firefox:
sudo apt-get install adobe-flashplugin
Gnash Plug-in (Open source Flash Player replacement)
Gnash (http://www.gnashdev.org/) is available in a 64-bit version as well as a 32-bit version. It is
the open source replacement for Adobe Flashplayer.
sudo apt-get install gnash
After installing, change your web browser's Preferences -> Applications so that SWF and SPL
files use Gnash.
VLC plug-in for Firefox
This package allows the popular VLC player to play media within the Firefox browser.
sudo apt-get install mozilla-plugin-vlc
Gecko MediaPlayer Plug-in for Firefox
Gecko MediaPlayer (http://kdekorte.googlepages.com/gecko-mediaplayer) is a browser plugin for
all Gecko-based browsers (Firefox, SeaMonkey, IceApe, Opera) that allows Mplayer to play
multimedia within the browser. Install:
sudo apt-get install gecko-mediaplayer
An alternative is to use the mplayer plugin for Firefox. Install:
sudo apt-get install mozilla-mplayer
Kaffeine Plug-in for Firefox
This package allows the Kaffeine media player (often used in KDE-based desktops) to play
multimedia within the Firefox browser.
sudo apt-get install kaffeine-mozilla
Helix player plug-in for Firefox
This package installs the Helix player (https://helixcommunity.org/) (the open source player that
plays Real Player content in Linux) as well as the plugin that plays RealMedia within the Firefox
54 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
browser.
sudo apt-get install mozilla-helix-player
Moonlight plugin for Firefox
Moonlight (http://www.go-mono.com/moonlight/) is part of the Novell Mono project that is an
open source implementation of Silverlight (the Microsoft multimedia presentation platform). It is
based on FFMpeg. It is made to work best with the Firefox 3 web browser, as a plugin (but also
works with other mozilla browsers). Version 2.3 is available as a plugin for mozilla-based
browsers:
sudo apt-get install moonlight-plugin-mozilla
The stable version 2.4 is available here (http://www.go-mono.com/moonlight/stable.aspx) .
The Moonlight 3.99 plugin (compatible with most Silverlight 3/4 content) is here
(http://www.go-mono.com/moonlight/prerelease.aspx) .
Netflix under Moonlight
Netflix streaming requires both the capabilities of Silverlight 2.0 and Digital Rights
Management modules. Although the current version of Moonlight 2.0 will run most
Silverlight content (including Netflix content), Netflix has not yet released Digital Rights
Management modules for Linux. Please contact Netflix (http://www.netflix.com/ContactUs)
directly for further information or sign a petition (http://www.petitiononline.com/Linflix/) .
An HTML5 Netflix plugin (currently being developed by Google for the Chrome
browser) may soon be available. Another alternative is the Netflix Android app which
can be used in a virtual Android environment.
FireFTP for Firefox
FireFTP (http://fireftp.mozdev.org/) is a Firefox extension for FTP transfers.
Firefox Widgets
Turn off browser bar drop-down list in Firefox
This is the most frequently asked problem regarding Firefox. To turn off the location browser bar
drop-down list (http://kb.mozillazine.org/Browser.urlbar.maxRichResults) (and therefore not show
your browsing history):
Firefox -> about:config (in the location browser bar) -> browser.urlbar.maxRichResults ->
right-click -> Modify -> set value to 0
Turn off SSL certificate name in address bar
In newer versions of firefox, the validity of the SSL certificate associated with a website is
displayed as a color-coded background to the Favicon (the small icon displayed in the address
bar). However, Firefox currently also displays the name of the site issuing the SSL certificate,
which can be annoying, since for most sites this is a duplicate of the domain name (which then
gets displayed twice in the address bar). To turn off this behavior:
55 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Firefox -> about:config (in the location browser bar) -> browser.identity.ssl_domain_display
-> right-click -> Modify -> set value to 0
View Firefox cache
In a new window/tab, enter about:cache in the Firefox address bar. You can view and save
individual elements (from all open windows/tabs) in the cache from there.
IceWeasel
Due to trademark restrictions of Mozilla products, the Debian project has created versions
of the (otherwise free) software that has been stripped of the non-free trademarks. See
here (https://en.wikipedia.org
/wiki/Mozilla_Corporation_software_rebranded_by_the_Debian_project) and the Debian wiki
(http://wiki.debian.org/Iceweasel) for more information. To install them, use a package
manager to add the Debian repository for your country (http://www.debian.org/mirror/list) (
e.g. deb http://ftp.us.debian.org/debian unstable main ) temporarily while installing the
software. Then install the software package using the package manager or from the
command line:
IceWeasel replaces the Firefox web browser (sudo apt-get install -t iceweasel).
IceDove replaces the Thunderbird email, newsreader, and calendaring client (sudo
apt-get install -t icedove).
IceOwl replaces the Sunbird standalone calendaring client (sudo apt-get install -t
iceowl).
After installation of the individual package, it is best to disable the Debian repository so it
does not interfere with the (K)Ubuntu repositories.
A user that is interested in the philosophy of free software that Iceweasel symbolises may
wish to consider a full Debian OS (http://wiki.debian.org/) installation (of which (K)Ubuntu is
a fork) instead of (K)Ubuntu.
GNUzilla IceCat
The GNU project also maintains a version of Mozilla Firefox that is free of trademarks and
branding, called GNUZilla IceCat (http://www.gnu.org/software/gnuzilla/) . .deb packages for
(K)Ubuntu can be downloaded and installed through the GNUzilla PPA repositories
(https://launchpad.net/~gnuzilla-team/+archive/ppa) .
Opera
Opera (http://www.opera.com/) is a proprietary browser and internet suite (currently free on PCs)
also used in some mobile devices and gaming consoles. It includes email, an address book, IRC
chat, integrated BitTorrent, and webfeeds. A limited number of plugins are also available.
Download (http://www.opera.com/browser/download/) from the website and follow the
instructions or install from the Opera repository:
echo "deb http://deb.opera.com/opera/ stable non-free" | sudo tee /etc/apt/sources.list.d/opera.list
wget -O - http://deb.opera.com/archive.key | sudo apt-key add sudo apt-get install opera
56 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Chromium
Chromium (http://dev.chromium.org/) is the open-source browser on which the Google Chrome
browser is based. Install:
sudo apt-get install chromium-browser
Start Chromium:
Menu -> Applications -> Internet -> Chromium Web Browser
Google Chrome
Google Chrome (http://www.google.com/chrome) is Google's web browser. Based on the
Chromium browser, Google adds the Google name and logo, an auto-updater system called
GoogleUpdate, RLZ, and other Google add-ons. Download and install it here
(http://www.google.com/chrome/eula.html) .
Download Managers
MultiGet
MultiGet (http://multiget.sourceforge.net/) is a GTK-based free-standing download manager
utility.
sudo apt-get install multiget
Usenet Clients
Pan
Pan (http://pan.rebelbase.com/) is a Gnome-based Usenet (http://en.wikipedia.org/wiki/Usenet)
reader and nzb (http://en.wikipedia.org/wiki/Nzb) binary downloader. Install:
sudo apt-get install pan
Kwooty
Kwooty (http://kwooty.sourceforge.net/) is a Usenet (http://en.wikipedia.org/wiki/Usenet) reader
and nzb (http://en.wikipedia.org/wiki/Nzb) binary downloader for KDE4. Installation instructions
from source or PPA repositories are at the website.
Email Clients
Evolution
Evolution (http://projects.gnome.org/evolution/) is the default Gnome-based email client in
Ubuntu. If not installed:
57 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install evolution
Evolution and PGP
Email messages can be encrypted in PGP and sent by email using Evolution. See this tutorial
(http://support.real-time.com/linux/email/client/evolutionpgp.html) for an example how to
configure it.
Thunderbird
Mozilla Thunderbird (http://www.mozilla.com/en-US/thunderbird/) is a licensed and trademarked
free open-source email client that is compatible with Firefox. Install:
sudo apt-get install thunderbird
Lightning calendar extension
Lightning (http://www.mozilla.org/projects/calendar/lightning/) is the calendar extension for
Thunderbird (with functionality similar to the stand-alone application Sunbird). Install:
sudo apt-get install xul-ext-lightning
Enigmail
Enigmail (https://addons.mozilla.org/en-US/thunderbird/addon/71) is an add-on to Thunderbird
that allows you to easily encrypt your email using OpenPGP (http://en.wikipedia.org
/wiki/Pretty_Good_Privacy) , which is included in the kernel by default. It also allows you to
create and manage the encryption keys. Go the website and click "Download Now". (64-bit
versions are found here (http://enigmail.mozdev.org/download/download-static.php.html) .)
Install:
Thunderbird -> Tools -> Add-ons -> Install -> select downloaded file
or
sudo apt-get install enigmail
Also see these tips for instructions on setting up e-mail with PGP encryption.
New Mail Icon for Thunderbird
"New Mail Icon" (https://addons.mozilla.org/en-US/thunderbird/search?q=new+mail+icon&
cat=all) is an experimental tray add-on which notifes you of new mail. Download from the
website. Install:
Thunderbird -> Tools -> Add-ons -> Install -> select downloaded file
KMail
58 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
KMail (http://kontact.kde.org/kmail/) (Kontact Mail) is the default email client included with
Kontact in KDE (Kubuntu). Kontact includes email, an address book, a calendar, reminders,
pop-up notes, a link to the Akregator News/RSS reader, time-tracking, and more. Install:
sudo apt-get install kontact
Newsreaders
Akregator
Akregator (http://akregator.kde.org/) is the default news/RSS (http://en.wikipedia.org/wiki/RSS)
reader included with Kubuntu (KDE). Usage instructions are found in the Handbook
(http://akregator.kde.org/wiki/index.php/Handbook) . Install:
sudo apt-get install akregator
RSSOwl
RSSOwl (http://www.rssowl.org/) is a Java-based RSS (http://en.wikipedia.org/wiki/RSS) | RDF |
Atom Newsfeed Reader.
Install java and in order to use the internal browser, install the packages xulrunner and firefox:
sudo apt-get install sun-java6-jre firefox xulrunner
Change to your "opt" directory:
cd /opt
Download the zip-archive into your opt directory:
sudo wget http://downloads.sourceforge.net/rssowl/rssowl-2.0.6.linux.zip
Extract the archive and remove the extracted file:
sudo unzip ./rssowl-2.0.6.linux.zip && sudo rm ./rssowl-2.0.6.linux.zip
Make a startscript:
sudo gedit /usr/bin/runRSSOwl.sh
add the following lines to your startscript file /usr/bin/runRSSOwl.sh and save it afterwards.
#!/bin/bash
cd /opt/rssowl
./RSSOwl
Make the startscript executable:
59 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo chmod u+x /usr/bin/runRSSOwl.sh
To start RSSOwl:
runRSSOwl.sh
Instant Messengers
Empathy
Empathy (http://live.gnome.org/Empathy) is an open source IM application. It is the default in
the Ubuntu (Gnome) desktop. You can access multiple services with it. If not already installed,
you can install it:
sudo apt-get install empathy
Pidgin
Pidgin (http://www.pidgin.im/) is an open source IM application. It is the previous default in the
Ubuntu (Gnome) desktop. You can access multiple services with it.
sudo apt-get install pidgin
Kopete
Kopete (http://kopete.kde.org/) is the default Instant Messenger application for Kubuntu. You can
access multiple services with it. Install:
sudo apt-get install kopete
Kopete Styles
Additional styles for Kopete (http://www.kde-look.org/index.php?xcontentmode=24x26) are
available from KDE-look. Install from:
Kopete -> Settings -> Configure -> Chat Window -> Style -> Get New...
GoogleTalk on Kopete
Kopete can be configured to work with GoogleTalk (http://www.google.com/talk/about.html)
Instant Messaging (but not VOIP) using the Jabber protocol. See these GoogleTalk instructions
(http://www.google.com/support/talk/bin/answer.py?answer=57557) .
Konversation (IRC client)
Konversation (http://konversation.kde.org/) is the default Kubuntu Internet Relay Chat (IRC)
client. It functions similar to the venerable mIRC. "A little less action and a little more
Konversation." -- Elvis. Install:
60 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install konversation
aMSN
aMSN is an MSN Messenger utility that functions like the original client. It is alternative to Pidgin
for MSN users. Install it:
sudo apt-get install amsn
To enable Drag-and-Drop capabilities to aMSN for easy file transfer see Ubuntu Geek
(http://www.ubuntugeek.com/how-to-enable-drag-and-drop-capabilities-to-amsn.html) .
Emesene
Emesene (http://www.emesene.org/) is an MSN messenger client that uses a simplified interface
similar to the original client. It is alternative to Pidgin for MSN users. Install it:
sudo apt-get install emesene
FTP Clients
You might wish to use a dedicated FTP (http://en.wikipedia.org/wiki/File_Transfer_Protocol) client
instead of the one in your browser. Also see these FTP tips.
Filezilla
Filezilla (http://filezilla-project.org/) is the ubiquitous free open-source FTP client and server for
all platforms.
sudo apt-get install filezilla
Filesharing / P2P
Do not share copyrighted material or content that is otherwise illegal to share.
Transmission (BitTorrent Client)
Transmission is the GTK-based default BitTorrent (http://en.wikipedia.org
/wiki/BitTorrent_(protocol)) client in Ubuntu (Gnome).
sudo apt-get install transmission
KTorrent
KTorrent (http://ktorrent.org/) is the default BitTorrent client in Kubuntu. Install:
sudo apt-get install ktorrent
61 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Be sure to have your firewall ports open (by default 6881 and 4444).
Azureus
Azureus (http://azureus.sourceforge.net/howto_linux.php) is a Java-based BitTorrent client.
sudo apt-get install azureus
QTorrent
QTorrent is a PyQT-based BitTorrent Client that is supposed to be very fast.
QTorrent (http://thegraveyard.org/qtorrent.php)
Apollon (P2P Filesharing)
Apollon (http://apollon.sourceforge.net/index.html) is an older BitTorrent client oriented towards
KDE. It uses plugins for compatibility with multiple networks.
sudo apt-get install apollon gift
MLDonkey (P2P eMule/eDonkey2000)
MLDonkey is a P2P file sharing program (and network) that is able to use different network
protocols. To install the MLDonkey core server, follow these instructions (https://help.ubuntu.com
/community/MLDonkey) .
MLDonkey GUI frontends
Install the Gnome GUI frontend for MLDonkey:
sudo apt-get install mldonkey-gui
Another GUI is called Sancho (http://sancho.awardspace.com/) .
KMLDonkey (http://extragear.kde.org/apps/kmldonkey/) is the KDE (Kubuntu) frontend for
MLDonkey (http://mldonkey.sourceforge.net/Main_Page) .
sudo apt-get install kmldonkey
Videoconferencing and VOIP
Videoconferencing and voice over Internet (VOIP (https://en.wikipedia.org
/wiki/Comparison_of_VoIP_software) ) applications are merging into integrated applications. Most
of these applications now allow placing calls to non-Internet based telephones for a small fee.
Ekiga
62 of 212
Formerly known as Gnomemeeting, Ekiga (http://www.gnomemeeting.org/) is a SIP compliant
05/24/2012 07:12 AM
Ubuntu:Precise -
fully functional open source integrated VOIP and videoconferencing program.
sudo apt-get install ekiga
Skype
Skype (http://www.skype.com/) is a proprietary integrated VOIP and video conferencing
program similar to Ekiga. Also see instructions on how to record Skype conversations
(https://help.ubuntu.com/community/SkypeRecordingHowto) .
sudo apt-get install libqt4-dbus libqt4-network libqt4-xml
To get the most recent version, download and install the 32-bit version:
wget -O skype-ubuntu-current_i386.deb http://www.skype.com/go/getskype-linux-beta-ubuntu-32
sudo dpkg -i skype-ubuntu-current_i386.deb
sudo rm skype-ubuntu-current_i386.deb
In the past. some users have noted that they cannot get their microphone inputs to work
with any version later than 2.1.0.47. They installed:
wget -O skype-ubuntu-current_i386.deb http://download.skype.com/linux/skype-debian_2.1.0.47-1_i386.deb
sudo dpkg -i skype-ubuntu-current_i386.deb
or
wget -O skype-ubuntu-current_amd64.deb http://download.skype.com/linux/skype-ubuntu-intrepid_2.1.0.47-1_amd64.deb
sudo dpkg -i skype-ubuntu-current_amd64.deb
sudo rm skype-ubuntu-current_amd64.deb
How to install Skype on a 64-bit system
The current version of Skype for 64-bit systems is a masqueraded 32-bit module. To use on a
64-bit system you might still need to install the needed packages:
sudo apt-get install ia32-libs lib32asound2 libqt4-core libqt4-gui
Then download and install the current Skype .deb package from the Skype website:
wget -O skype_ubuntu-current_amd64.deb http://www.skype.com/go/getskype-linux-beta-ubuntu-64
sudo dpkg -i skype-ubuntu-current_amd64.deb
sudo rm skype-ubuntu-current_amd64.deb
If the 64-bit version doesn't work for you, use the 32-bit version:
wget -O skype-ubuntu-current_i386.deb http://www.skype.com/go/getskype-linux-beta-ubuntu-32
sudo dpkg -i --force-architecture skype-ubuntu-current_i386.deb
63 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Installing Skype repository
It is possible to install Skype by adding the repository and installing from there. This has an
advantage of maintaining updates automatically.
Install the respository security key. (This requires an open port 11371 in your firewall for the
keyserver.)
sudo apt-key adv --keyserver pgp.mit.edu --recv-keys 0xd66b746e
Add the Skype repository, update, and install Skype:
echo "deb http://download.skype.com/linux/repos/debian/ stable non-free" | sudo tee -a /etc/apt/sources.list > /dev/null
sudo apt-get update
sudo apt-get install skype
Wengophone
Wengophone (http://www.wengophone.com/index.php/mp_download_wp_lin) is an integrated
VOIP and videoconferencing client available on many platforms. Wengophone was initially an
open-source GPL-licensed package ('Wengophone Classic'). Both the Classic version (available
as a .deb file) and the current proprietary binary version are available from the website.
Wengophone Classic has now been rebranded as QuteCom (http://www.qutecom.org/) , however.
To install the current version as an Ubuntu/Kubuntu package, see these instructions
(https://edge.launchpad.net/~cavedon/+archive/ppa) .
Download and install the older Wengophone Classic version (.deb package):
wget http://download.wengo.com/wengophone/rc/wengophone-0.958m-1.i386.deb
dpkg -i --force-architecture wengophone-0.958m-1.i386.deb
Gizmo5
Gizmo5 (http://www.gizmo5.com) is an Internet soft-phone application, similar to Skype, that
uses the SIP protocol. Install (.deb package):
wget http://download.gizmo5.com/GizmoDownload/gizmo-project_3.1.0.79_libstdc++6_i386.deb
dpkg -i --force-architecture gizmo-project_3.1.0.79_libstdc++6_i386.deb
Asterisk VOIP PBX system
Asterisk (http://www.asterisk.org/) is an enterprise-grade, free open source PBX and telephony
system for VOIP.
sudo apt-get install asterisk
Kiax
Kiax (http://www.kiax.org/) is an LGPL-licensed open source IAX (Inter-Asterisk eXchange)
application. It is used for making VoIP calls from an Asterisk PBX. The current version must be
64 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
installed from source files. See the website for download and installation instructions, or see this
Ubuntu Launchpad site (https://launchpad.net/ubuntu/jaunty/+package/kiax) .
OpenSIPS / OpenSER (SIP server)
OpenSIPS (http://www.opensips.org/) is an open-source SIP (http://en.wikipedia.org
/wiki/Session_Initiation_Protocol) server that allows connections to be made through the Internet
for VoIP (http://en.wikipedia.org/wiki/Voice_over_Internet_Protocol) , IM (http://en.wikipedia.org
/wiki/Instant_messaging) , and other communications protocols. While there are many public SIP
servers, these are subject to spoofing (http://en.wikipedia.org/wiki/Spoofing_attack) and other
"impersonation" problems. A company may wish to host its own SIP server to avoid the problems
inherent in public services whose trustworthiness can not be determined. OpenSIPS is the
successor to OpenSER (http://packages.ubuntu.com/karmic/openser) (which is the version in the
repositories). Install OpenSER 1.3.2 from the repositories:
sudo apt-get install openser
Alternately, the newest version of OpenSIPS can be downloaded as a .deb package from the
website and installed. Installation and usage instructions are on the website.
Telepathy
Telepathy (http://telepathy.freedesktop.org/wiki/) is a flexible, modular communications
framework that enables real-time VOIP/chat communication via pluggable protocol backends (for
protocols such as Jabber/XMPP/Google Talk/Jingle, link-local XMPP, SIP, MSN, Yahoo/AIM and IRC).
Telepathy is a communications service that can be simultaneously accessed by many client
applications (primarily Empathy), using QT4, Glib, and GtK libraries. Currently a version for the
Gnome desktop (telepathy-gnome) is available. Install:
sudo apt-get install telepathy-gnome
Web meetings
Web meeting software allows video conferencing among many clients, with one server as host.
BigBlueButton
BigBlueButton (http://www.bigbluebutton.org/) is a free open source chat/video/audio and
desktop sharing platform similar to GoToMeeting, WebEx, DimDim and similar products.
Developed by GoogleCode, it utilises all open-source modules. A Moodle plugin
(http://www.dualcode.com/bigbluebutton/index.htm) is also available. See these installation
instructions (http://code.google.com/p/bigbluebutton/wiki/InstallationUbuntu) and these
additional detailed instructions.
WebHuddle
WebHuddle (https://www.webhuddle.com/) is a free, open source Java-based browser client (and
server) for web meetings. To install the server, first install pre-requisites, including Java, JBOSS
Application Server, and xvfb.
65 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get sun-java6-jre jbossas4 xvfb
For more details on setting this up in (K)Ubuntu, see this.
TeamViewer
TeamViewer (http://www.teamviewer.com/) is a proprietary cross-platform package that enables
up to 25 participants to share a desktop for online meetings and provides a mechanism for users
to control a PC's desktop remotely. Presentations can be viewed through most Internet web
browsers, as well. A free .deb package can be downloaded here (http://www.teamviewer.com
/en/download/index.aspx#downloadAreaLinux) .
Privacy
An interesting perspective on Internet privacy techniques can be found here
(http://farid.hajji.name/blog/2009/06/20/circumventing-internet-censorship/) .
PGP (Message Encryption)
PGP (http://en.wikipedia.org/wiki/Pretty_Good_Privacy) (OpenPGP and GnuPG
(http://en.wikipedia.org/wiki/GNU_Privacy_Guard) ) is a tool to encrypt your messages (such as
email) to be unlocked only by someone who has a key to unlock it.
Enigmail with Thunderbird
By far the easiest method for encrypting email is using the Enigmail add-on for the Thunderbird
email client. It creates PGP key pairs, stores and retrieves keys from keyrings, and encrypts and
decrypts messages automatically.
Seahorse
Seahorse (http://projects.gnome.org/seahorse/) is the GUI for Gnome to manage the key pairs
and other options of GnuPG (http://www.gnupg.org/) . It can also manage your SSH keys. For
more info see this tutorial (http://ubuntu-tutorials.com/2007/08/14/privacy-and-encryptionwith-pgp-signing-and-encrypting-email-files/) . Run:
Menu -> Applications -> Accessories --> Passwords and Encryption Keys
Web browsing
Web tracking, scripts, and advertisements are extremely intrusive on the Internet. A dossier of
your online habits is created by a multitude of services, including every major portal such as
Google and Yahoo, as well as a variety of tracking services on the Internet. This is accomplished
through the use of the "cookies" in your browser and by a variety of web elements (sometimes
called "web beacons") embedded on the web pages you visit. Your behavior is monitored and
correlated by recording the IP address of your computer, even when you turn off the cookies in
your browser. Still, it is highly recommended to configure your web browser to erase your
cookies (http://support.mozilla.org/en-US/kb/Cookies) and history every time the web browser is
closed; otherwise, every website you subsequently visit can instantly see the long list of recent
websites you have visited. In Firefox, for example, cookies can be accepted for the current
session but erased upon closing:
66 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Firefox -> Edit -> Preferences -> Privacy -> History -> Firefox will: Use custom settings for
history
-> Always use private browsing mode (or customise the settings to your desired level of
privacy)
In addition, both Adblock Plus and NoScript are highly recommended as plug-ins for Firefox
(and other Gecko-based browsers) to limit exposure to undesirable web elements, scripts,
and tracking mechanisms.
Tor (Network Privacy)
Tor (http://www.torproject.org/) is a project to allow privacy while using the Internet and to limit
usage tracking. It routes your traffic through several anonymous nodes, so that your usage
appears to come from an IP other than your own. (There are always risks when using the
Internet that even Tor can not help with, though. Read this (http://www.torproject.org
/download.html.en#Warning) .) Using Tor can slow down your Internet usage significantly,
depending on how much traffic is being passed through the Tor network (routine file-sharing or
large downloads will also significantly reduce performance of the Tor network.)
Install the Privoxy http proxy (optional for many users):
sudo apt-get install privoxy
Install Tor by following the instructions here (https://www.torproject.org/docs/debian) . Note
that the instructions require port 11371 on your firewall to be open to use the gpg
keyserver (and download the key for the debian package). Then see the Tor installation
guide (http://www.torproject.org/docs/tor-doc-unix.html) for details.
For more installation tips, see this page.
Vidalia (Tor interface)
Vidalia (https://www.torproject.org/projects/vidalia.html) is the recommended Qt4-based GUI
frontend for Tor. If not installed with Tor, install:
sudo apt-get install vidalia
Torbutton (Firefox plug-in)
Once Tor is installed and running properly, Torbutton (https://www.torproject.org/torbutton/)
allows you to choose whether to use Firefox through the Tor anonymizing network or not.
Install the .xpi extension directly from the website (https://www.torproject.org/torbutton/) .
Torbutton intereres with several functions of Firefox, most notably the "Drag and Drop"
bookmark and menu sorting functions. Disable the plugin while attempting any Drag and
Drop functions, then re-enable it afterwards.
DNS Servers and Search engines
67 of 212
Most users rely on the DNS (http://en.wikipedia.org/wiki/Domain_Name_System) server of
their ISP (Internet Service Provider). DNS queries can be recorded, however, and
05/24/2012 07:12 AM
Ubuntu:Precise -
theoretically correlated by an ISP to the data traffic to/from a user's IP address serviced by
that ISP. A somewhat less trackable solution is to use a DNS service that does not belong to
your ISP. This can belong to any another commercial ISP or to a third party service such as
OpenDNS (http://www.opendns.com/) , Comodo (http://www.comodo.com/secure-dns/) ,
ScrubIT (http://www.scrubit.com/) , Google (http://code.google.com/speed/public-dns/)
(though slightly less secure due to Google's own tracking mechanisms), another free DNS
service (http://theos.in/windows-xp/free-fast-public-dns-server-list/) , or (for maximum
security) a publicly-available international DNS server (http://portforward.com/networking
/dns.htm) . For example, a Verizon customer could use the AT&T DNS servers
(http://www.whatsmydns.net/dns/usa/att.html) or the OpenDNS servers. An AT&T customer
could use one of the Verizon servers (http://www.dslreports.com/faq/1591) or the Google
servers. It is important to use a reliable DNS provider, however, as man-in-the-middle DNS
redirection (http://en.wikipedia.org/wiki/Man-in-the-middle_attack) and DNS cache
poisoning (http://en.wikipedia.org/wiki/DNS_cache_poisoning) attacks are increasingly
common. Stick to one of the major DNS services (just not your own ISP's DNS service).
The DNS server setting can be changed in the router's settings (recommended) or individually
for each computer. If changing on an individual computer, use the Network Manager or Wicd
settings, or edit /etc/resolv.conf manually and change the nameservers to the addresses you
desire to use:
sudo gedit /etc/resolv.conf
Many search engines track your search requests (notably Google, Bing, and Yahoo) and
keep logs of the searches they receive from your IP address. DuckDuckGo.com is a filtered
search engine that has made its reputation not only by promising not to track searches, but
also by providing a secure (encrypted), Tor-capable and anonymized search portal. Point
your browser to https://duckduckgo.com. It can be used with your Torbutton turned on.
Many censorship/filtering/tracking techniques (that use deep packet inspection
(https://secure.wikimedia.org/wikipedia/en/wiki/Deep_packet_inspection) ) cannot be used
with secure (SSL/TLS (https://secure.wikimedia.org/wikipedia/en/wiki
/Transport_Layer_Security) encrypted) websites (denoted by https://
(https://secure.wikimedia.org/wikipedia/en/wiki/HTTP_Secure) ). Use them whenever
possible. For example, use the secure Wikimedia portal (https://secure.wikimedia.org/) for
Wikipedia (and other Wikimedia services) instead of the insecure portal(s).
Many websites keep logs of referring http headers (which can be correlated with cookies to
track your browsing activities). To turn off the passage of referral headers in Firefox, see
this info (http://cafe.elharo.com/privacy/privacy-tip-3-block-referer-headers-in-firefox/) .
Certificate verification
68 of 212
Certificate authorities (http://en.wikipedia.org/wiki/Certificate_authority) charge a fee to
store and verify certificates (http://en.wikipedia.org/wiki/Public_key_certificate) . However,
many websites use self-signed certificates (http://en.wikipedia.org/wiki/Selfsigned_certificate) that are not registered with any certifying authority. A free system of
certificate "network notaries" has emerged called Perspectives (http://perspectivesproject.org/) . A certificate's validity (even if self-signed) can be checked using a Firefox
plugin (https://addons.mozilla.org/en-US/firefox/addon/perspectives/) . For more info see
this article (http://www.dedoimedo.com/computers/firefox-perspectives.html) .
05/24/2012 07:12 AM
Ubuntu:Precise -
CAcert.org (https://secure.wikimedia.org/wikipedia/en/wiki/CAcert.org) is a free certifying
authority that maintains weak certificates that are recognized by many open source
operating systems, but not by Firefox or most browsers. (For browsers that do not include
CAcert.org recognition, certificates appear to be self-signed certificates.) While Debian
incorporates CACert.org's root certificate by default, Ubuntu derivatives do not (Canonical
(https://secure.wikimedia.org/wikipedia/en/wiki/Canonical_Ltd.) was originally founded with
funds earned from Thawte (https://secure.wikimedia.org/wikipedia/en/wiki/Thawte) , a
certifying authority founded by Mark Shuttleworth (https://secure.wikimedia.org/wikipedia
/en/wiki/Mark_Shuttleworth) .)
Proprietary Extras
Proprietary software helps you maximize your Internet experience, but is not open source. The
software available includes Multimedia Codecs, Java Runtime Environment, and plug-ins for
Firefox.
Restricted Extras
The Ubuntu Restricted Extras will install Adobe Flash Player, Java Runtime Environment (JRE)
(sun-java-jre) with Firefox plug-ins (icedtea), a set of Microsoft Fonts (msttcorefonts), multimedia
codecs (w32codecs or w64codecs), mp3-compatible encoding (lame), FFMpeg, extra Gstreamer
codecs, the package for DVD decoding (libdvdread4, but see here for info on libdvdcss2), the
unrar archiver, odbc, and cabextract. It also installs multiple "stripped" codecs and avutils
(libavcodec-unstripped-52 and libavutil-unstripped-49). This is a single command approach.
sudo apt-get install ubuntu-restricted-extras
Note: Installation only works completely and properly when done from the command-line
Terminal. The entire package will not usually install completely from within a Package Manager.
Photos and Graphics
Manage and edit your photos, create stunning 3D drawings and graphics, or convert between
formats.
GIMP (Image Manipulator)
Gimp (http://www.gimp.org/) is a powerful, full-featured, free open-source graphics and image
editor, similar to Adobe Photoshop.
sudo apt-get install gimp
There is an extra set of brushes, palettes, and gradients for The GIMP.
sudo apt-get install gimp-data-extras
69 of 212
See these instructions to create an alpha transparency layer (transparent background) for
any image using Gimp.
05/24/2012 07:12 AM
Ubuntu:Precise -
Dia (Diagram editor)
Dia (http://live.gnome.org/Dia) is a free open source GTK-based diagram creation program for
Gnome. It is similar to Visio.
sudo apt-get install dia
Kivio (Diagram editor)
Kivio (http://www.koffice.org/kivio/) is an open source flow-chart and diagram creation program
that is part of the KOffice Suite for KDE. It supports Dia stencils.
sudo apt-get install kivio
Inkscape Vector Illustrator
Inkscape Vector Illustrator (http://www.inkscape.org/) is an open source drawing program similar
to Illustrator and CorelDraw.
sudo apt-get install inkscape
Digikam (Photo Organiser)
Digikam (http://www.digikam.org) is a comprehensive open source digital photo organiser and
editor. Install it:
sudo apt-get install digikam kipi-plugins digikam-doc
F-spot (Photo Organiser)
F-spot (http://http://f-spot.org/) is a comprehensive open source digital photo organiser and
editor for the Gnome desktop. Install it:
sudo apt-get install f-spot
Google Picasa (Photo Organiser)
Google Picasa (http://picasa.google.com/linux/) is a photo editor and organiser similar to
Digikam. It allows uploads to a Google web server for online exchange. For more info, see the
Picasa for Linux FAQ (http://picasa.google.com/linux/faq.html) . A self-installing .deb file is
available at Picasa 2.7 downloads (http://picasa.google.com/linux/download.html#picasa27) .
Shotwell (Photo Organiser)
Shotwell (http://www.yorba.org/shotwell/) is a new photo organiser for the Gnome desktop. See
these installation instructions (http://www.yorba.org/shotwell/install/) .
Tesseract (Optical Character Reader)
70 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Tesseract (http://code.google.com/p/tesseract-ocr/) is a command-line optical character reader.
Install:
sudo apt-get install tesseract-ocr
Ocropus (http://code.google.com/p/ocropus/) is a document-analysis engine that uses Tesseract.
Install:
sudo apt-get install ocropus
Cuneiform (Optical Character Reader)
Cuneiform (http://en.wikipedia.org/wiki/CuneiForm_(software)) is an optical character reader.
Install (multiverse repositories must be enabled):
sudo apt-get install cuneiform
Pdfocr (https://launchpad.net/~gezakovacs/+archive/pdfocr) is a tool to use Cuneiform
for OCR and then to add the resulting text file layer back to the PDF file to make it
searchable.
YAGF (Cuneiform/Tesseract GUI)
YAGF (http://www.symmetrica.net/cuneiform-linux/yagf-en.html) is a Qt-based GUI for Cuneiform,
Tesseract, and/or XSane. Installation can be from a Debian (.deb) package from GetDeb
(http://www.getdeb.net/software/YAGF) (see these instructions (http://www.getdeb.net/updates
/ubuntu/11.04/) as well) or by compiling from source downloaded from the original site
(http://symmetrica.net/cuneiform-linux/yagf-en.html) . (Qt 4.7 or later, already the version with
Precise, is required on your system).
Xsane (Scanning utility)
Xsane (http://www.xsane.org/) is a full-featured scanning utility. Install:
sudo apt-get install xsane
Gnome-Scan (Scanning Utility)
Gnome-Scan (http://projects.gnome.org/gnome-scan/) is a simple utility for scanning (still in
alpha stage). Install:
sudo apt-get install gnomescan
Gwenview (Image Manipulator)
Gwenview (http://gwenview.sourceforge.net/) is the quick image manipulator installed by default
in Kubuntu (K menu -> Graphics -> Gwenview Image Viewer). Simple cut-and-paste, resizing,
and format conversion are some of the graphics files manipulations that can be accomplished.
Install:
71 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install gwenview
OpenClipart (ClipArt Library)
OpenClipart (http://www.openclipart.org/) is a utility to provide access to a large library of free
PNG, SVG, and OpenOffice clipart. It includes a utility for OpenOffice Gallery. Files are installed to
/usr/share/clipart. Install:
sudo apt-get install openclipart
It is also possible to only install a single collection (openclipart-png, openclipart-svg, or
openclipart-openoffice.org) in case you don't want the entire collection (or the utilities). For
example:
sudo apt-get install openclipart-png
Screencasts and Desktop Recording
Several utilities allow you to capture your desktop (and then create a screencast from it).
FFMPEG with x11grab
FFMPEG includes x11grab, a module for screen capture. This method gives the best results
for screencaptures and is one of the most flexible methods, allowing a variety of audio inputs
and audiovisual output formats. FFMPEG must be installed first (sudo apt-get install ffmpeg). See
here for more details. In brief, an example command to capture to an .avi file using the X264
video codec and lossless 16-bit sound would be:
ffmpeg -f alsa -ac 2 -ab 192k -i pulse -f x11grab -s 1024x768 -r 30 -i :0.0 -acodec pcm_s16le -vcodec libx264 -vpre lossless_ultra
recordMyDesktop (Desktop Session Recording)
recordMyDesktop (http://recordmydesktop.sourceforge.net/about.php) is a desktop recording
utility, which has both pyGTK and a pyQT4 GUI frontends available. Recordings are saved in
Theora video/Vorbis audio files. Only the Gtk version is available from the repositories (but it
works well with KDE/Kubuntu nevertheless). To install with the gtk GUI:
sudo apt-get install gtk-recordmydesktop
Using recordMyDesktop with PulseAudio
If you have not installed Pulse Audio Controls and Volume utility, they are useful for
monitoring your pulse audio devices:
sudo apt-get install pavucontrol paprefs padevchooser
72 of 212
Change the recordMyDesktop settings so that the capture device is the one you select
05/24/2012 07:12 AM
Ubuntu:Precise -
through pulse audio:
gtk-recordMyDesktop -> Sound Quality (ticked) -> Advanced -> Sound -> Device: pulse
This sets recordMyDesktop to use whichever input device(s) are selected through pulse audio. If
you have several input devices, all of them will be recorded. This is an easy way to mix inputs.
Istanbul (Desktop Session Recording)
Istanbul (http://live.gnome.org/Istanbul) is a desktop recorder for the Gnome desktop. It records
your session into an OGG Theora video file.
sudo apt-get install istanbul
xvidcap (Desktop Session Recording)
xvidcap (http://xvidcap.sourceforge.net/) is a utility to capture your desktop as a video. Install:
sudo apt-get install xvidcap
WebCamStudio
WebCamStudio (http://www.ws4gl.org/download/installing-on-ubuntu) creates a virtual webcam
that can mix several video sources together and can be used for live broadcasting. See the
website for installation instructions.
Wink (Presentation Editor)
Wink (http://www.debugmode.com/wink/) is a open source tutorial and presentation editor. It
allows you to capture screenshots and use them for presentations. Download the .tar.gz source
package, install using these instructions (http://www.bitsbythepound.com/installing-wink-on64-bit-ubuntu-210.html) , and follow one of the user guides (https://sites.google.com
/a/debugmode.com/groups/wink/guides-and-tips-on-using-wink) .
wget -O winkcurrent.tar.gz http://www.digital2b.com/mirror_wink/wink15.tar.gz
Note: Wink is a 32-bit application. If you are running a 64-bit system, make sure ia32-libs is
installed first:
sudo apt-get install ia32-libs
Freeseer (Presentation capture)
Freeseer (http://wiki.github.com/fosslc/freeseer/) is a utility to capture output from a projector or
other display device (including another computer). See these installation instructions
(http://github.com/fosslc/freeseer) .
Screencast Demos
73 of 212
See this Screencast section.
05/24/2012 07:12 AM
Ubuntu:Precise -
rtmpdump (Capture streaming video)
Rtmpdump (http://rtmpdump.mplayerhq.hu/) allows the capture of many types of streaming
video. Current installation instructions are at the website.
Here are old installation instructions:
sudo apt-get install build-essential checkinstall libssl-dev
wget http://rtmpdump.mplayerhq.hu/download/rtmpdump-2.3.tgz
tar xvf rtmpdump-2.3.tgz
cd rtmpdump-2.3
make SYS=posix
sudo checkinstall
sudo ldconfig
When prompted during installation, name the package rtmpdump.
Video Applications
Capture, record, edit, and convert video using these applications. Also see this list
(http://openvideoalliance.org/wiki/index.php?title=List_of_Open_Source_Video_Software) of open
source video applications. Trivia: The movie Avatar (http://en.wikipedia.org
/wiki/Avatar_%282009_film%29) was created at Weta Digital on a super-computer comprised of
4,000 servers running Kubuntu Linux, co-ordinated by the open-source Sun Grid Engine
(http://en.wikipedia.org/wiki/Sun_Grid_Engine) .
OpenShot
OpenShot (http://www.openshotvideo.com/) is a GTK-based non-linear video editing suite for
Linux. Install:
sudo apt-get install openshot
PiTiVi (Non-linear Video Editing Suite)
PiTiVi (http://www.pitivi.org/) is a simple, limited-capability open source video editor that will be
the default in newer versions of Ubuntu. It uses the GStreamer/Fluendo framework. Install:
sudo apt-get install pitivi
Avidemux (Video editor/processor)
Avidemux (http://fixounet.free.fr/avidemux/) is a free, GPL-licensed open source cross-platform
video editor and processor. Using mencoder as a backend, it allows cropping, trimming, special
effects, and conversions between many filetypes (MPG/DVD, AVI, MP4, ASF). Install the
GTK-based version:
sudo apt-get install avidemux
Kino (Non-linear Video Editing Suite)
74 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Kino (http://www.kinodv.org/) is a widely used GUI-based non-linear video editing suite for Linux.
It imports video files into (and then uses) the DV (http://en.wikipedia.org/wiki/DV) (Digital Video)
format for editing.
sudo apt-get install kino mjpegtools
KdenLive (Non-linear Video Editing Suite for KDE)
Kdenlive (http://www.kdenlive.org/) is a GUI-based non-linear video editing suite for KDE based
on FFmpeg and the MLT video framework. It has tools for DV, video4linux, and screen capture.
Install:
sudo apt-get install kdenlive mjpegtools
Cinelerra (Non-linear Video Editing Suite)
Cinelerra Community Version (http://cinelerra.org/) is a complete high-end open source video
editing suite that is a derivative of a similar commercial system. Follow the installation
instructions for Ubuntu (http://cinelerra.org/getting_cinelerra.php#ubuntu) .
LiVES (Video editor/processor)
LiVES (http://lives.sourceforge.net/) is a free, GPL-license open source video editor and processor
that is promoted as being useful for VJ editors. Install:
sudo apt-get install lives
OpenMovieEditor
OpenMovieEditor (http://www.openmovieeditor.org/) is a free, open source movie editing
program for basic movie making. Install:
sudo apt-get install openmovieeditor
Blender
Blender (http://www.blender.org/) is a free GPL-licensed 3D graphics and modeling tool that has
been used in several animation projects. Install:
sudo apt-get install blender
Stopmotion (Animation)
Stopmotion (http://stopmotion.bjoernen.com/) is an open-source program for creating
stopmotion animation. Install:
sudo apt-get install stopmotion
75 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Animata (Animation)
Animata (http://animata.kibu.hu/) is an interactive-animation (similar to Flash video) design
platform that uses the fltk (http://www.fltk.org/) libraries. It is built from source using the SCons
package (which is a make replacement).
Make sure you have the usual components for compiling from source code installed:
sudo apt-get install ia32-libs build-essential linux-headers-$(uname -r) gcc cmake gettext
Install the fltk and scons libraries:
sudo apt-get install libfltk1.1 libfltk1.1-dev scons
See these details (http://animata.kibu.hu/doxygen/) . Download
(http://animata.googlecode.com/files/animata_004-091218.tar.gz) the Animata source code,
extract, and then from the directory into which Animata was extracted run scons:
scons
Webcam Applications
To display your webcam on your screen, take photos from it, or to create other effects,
install one of these webcam applications:
Cheese (http://projects.gnome.org/cheese/) (sudo apt-get install cheese) is a
Gnome-based webcam application with many options and a re-sizable window.
Kamoso (http://kde-apps.org/content/show.php/Kamoso?content=111750) (sudo
apt-get install kamoso) is a KDE-based webcam application.
Camorama (http://camorama.fixedgear.org/index.php) (sudo apt-get install camorama)
is a Gtk-based webcam application that has been around for years.
Xawtv (http://git.linuxtv.org/xawtv4.git) (sudo apt-get install xawtv) is a Gtk-based
application. Because the Xawtv window can be arranged so that only the webcam
image is shown, it is my favorite webcam display for screencasts. (Click on "X" in the
window bar -> Advanced -> No Border (ticked) .)
Any of these applications can be used in either Ubuntu or Kubuntu.
Audio Applications
Audacity (Audio Editor and Recorder)
Audacity (http://audacity.sourceforge.net/) is the leading cross-platform free open source
(GPL-licensed) audio recorder and editor. It can be used to record, splice, edit, and manipulate
sound files similar to tools found in recording studios. Install:
sudo apt-get install audacity
76 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Ardour (Digital Audio Workstation)
Ardour (http://ardour.org/) is a free, GTK-based professional-grade digital audio workstation for
high end audio manipulation and mixing. Install:
sudo apt-get install ardour
Rosegarden (Digital Audio Workstation)
Rosegarden (http://www.rosegardenmusic.com/) is a midi/audio interface for synthesizers, as
well as a digital audio studio for recording, editing, and notating music. It is often used in
combination with Audacity. Install:
sudo apt-get install rosegarden
Hydrogen (Drum synthesizer)
Hydrogen (http://www.hydrogen-music.org/) is an advanced drum machine for Linux. Install:
sudo apt-get install hydrogen
EasyTag (ID3 editor)
EasyTag (http://easytag.sourceforge.net/) is a utility for editing the ID3 tags of mp3 and other
music files. Install:
sudo apt-get install easytag
Run:
Applications -> Sound & Video -> EasyTAG
PuddleTag (ID3 editor)
PuddleTag (http://puddletag.sourceforge.net/) is a comprehensive utility for editing the ID3 tags
of mp3 and other music files. Install:
sudo apt-get install python-qt4 python-pyparsing python-mutagen python-configobj python-musicbrainz2
wget -O puddletag_current.deb http://sourceforge.net/projects/puddletag/files/puddletag_0.9.12-1_all.deb
sudo dpkg -i puddletag_current.deb
UbuntuStudio (Ubuntu distribution customized for multimedia editing)
UbuntuStudio (http://ubuntustudio.org/) is an official derivative of Ubuntu that pre-packages
many multimedia editing packages. (Each of the packages can also be installed independently.)
See the website for a full list of the premier audiovisual software packages available for Ubuntu
Linux.
77 of 212
Install all the audio applications (https://wiki.ubuntu.com/UbuntuStudio/PackageList) found
05/24/2012 07:12 AM
Ubuntu:Precise -
in UbuntuStudio:
sudo apt-get install ubuntustudio-audio
Install all the video applications (https://wiki.ubuntu.com/UbuntuStudio/PackageList) found
in UbuntuStudio:
sudo apt-get install ubuntustudio-video
Install all the graphics applications (https://wiki.ubuntu.com/UbuntuStudio/PackageList)
found in UbuntuStudio:
sudo apt-get install ubuntustudio-graphics
Audio / Video conversion
Here (http://maketecheasier.com/the-ultimate-guide-to-manage-your-audiovideo-files-in-linux
/2009/03/03) is a nice review of some of the applications that enables conversion and handling
of these types of files. Some specific examples and suggestions are here.
FFMPEG video / audio conversion
FFMPEG (http://ffmpeg.org/) is the swiss-army knife of video and audio format conversion. It
succeeds when no other program can. It is free and open source. If it not yet installed on your
system as part of another package (it is used by many video/audio editors), then install it:
sudo apt-get install ffmpeg
To convert many different formats, read the FFMPEG documentation
(http://ffmpeg.mplayerhq.hu/ffmpeg-doc.html) . Also see this tutorial (http://howtopages.org/ffmpeg/) .
For examples and further information, see this section.
FFMpeg requires that multiple restricted extra codecs be installed. This can be done in a
single easy step from the command-line Terminal:
FFMPEG GUI
WinFF (http://winff.org) is a free, GPL-licensed open source GUI frontend for FFMPEG. Install:
sudo apt-get install winff xterm
Run:
78 of 212
Menu -> Applications -> Sound & Video -> WinFF
05/24/2012 07:12 AM
Ubuntu:Precise -
Join video segments
Individual video segments (MPEG-2, for example) can easily be joined:
cat samplevideo1.mpg samplevideo2.mpg samplevideo3.mpg > samplevideo123.mpg
You can then write the resulting MPEG-2 file to a DVD and play it in most DVD players.
Split a file into segments
Any file can be split (http://en.wikipedia.org/wiki/Split_%28Unix%29) into segments using the
Linux command:
split -b 1440k my_big_file
which will split my_big_file into equal segments of size 1440 kb.
Mencoder
Mencoder (http://www.mplayerhq.hu/DOCS/HTML/en/mencoder.html) is part of the MPlayer
(http://www.mplayerhq.hu/DOCS/HTML/en/index.html) set of libraries (that also uses several of
the FFMPEG libraries) for audio/visual conversion. Some examples of usage are here.
Save any streaming Flash video
An easy way is to install the Video Download Helper plug-in for Firefox.
Otherwise, most Flash videos download to the /tmp directory while you watch the video,
creating a randomly-named video file there (such as Flashuh4G6s). When you close the
webpage, this file in the /tmp directory will be erased. After the entire video has downloaded,
but before you close the webpage, copy that file (such as Flashuh4G6s) to your home directory
(where it will not be erased). Of course, for this to work, you must change your Flash (or Gnash)
settings to allow an unlimited buffer. While watching your Flash video, right click to bring up the
Flash -> Settings window. Set the Buffer to "Unlimited."
Once you have copied the file, rename it appropriately with the .flv added to the filename. You
can then watch it using VLC or Mplayer.
Here (http://ihatehate.wordpress.com/2009/03/30/how-to-download-save-streaming-videofrom-the-internet-using-linux/) is another method that involves making a symbolic link.
Save rtmp / flv streams
flvstreamer (http://savannah.nongnu.org/projects/flvstreamer) is a command-line application to
dump rtmp streams. Install:
sudo apt-get install flvstreamer
Example (http://www.uluga.ubuntuforums.org/showthread.php?t=1390764) of usage:
79 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
flvstreamer -r "rtmp://host/dir/file.flv" -o filename.flv
If you see the following the "WARNING: Download may be incomplete, try --resume!" message,
try to use the --resume option:
flvstreamer -r "rtmp://host/dir/file.flv" -o filename.flv --resume
Convert Flash video audio to mp3
Once you have downloaded flash video content (.flv) from the Internet (using the Video
Download Helper plug-in for Firefox, for example), the audio component can be converted to an
.mp3 file. (This will work for any type of video file, not just Flash.) For details, see this section.
2ManDVD
2ManDVD (http://2mandvd.tuxfamily.org/) is a GUI utility for creating DVD videos. It is the
successor of ManDVD. Choose the version for your architecture and install it from the 2ManDVD
website (http://www.getdeb.net/app/2ManDVD) . Click on the download link and select to open it
with the GDebi Package Installer (default). (If you have previously installed ManDVD you must
uninstall it first.) For a usage tutorial, read this 2ManDVD guide (http://www.my-guides.net
/en/content/view/170/26/) .
Run:
Menu -> Applications -> Sound & Video -> 2ManDVD
DeVeDe
DeVeDe (http://www.rastersoft.com/programas/devede.html) is a program to create video DVDs
and CDs suitable for home players (i.e. VCD, sVCD or CVD) from any source video file that is
supported by MPlayer. Choose the version for your architecture and install it from the DeVeDe
website (http://www.getdeb.net/app/DeVeDe) . Click on the download link and select to open it
with the GDebi Package Installer (default). For a usage tutorial, read this DeVeDe guide
(http://www.my-guides.net/en/content/view/75/26/) .
Run:
Menu -> Applications -> Sound & Video -> DeVeDe
ManDVD
ManDVD (http://www.kde-apps.org/content/show.php/ManDVD?content=83906) is a QT-based
DVD authoring tool which accepts several different file types as input. Install:
sudo apt-get install mandvd xine-ui
DVD Author
DVD author (http://dvdauthor.sourceforge.net/) allows you to create menus and format your
MPEG-2 videos onto a DVD disc so that you can play it in a commercial DVD player. DVD Author
is a command line tool, but several GUI's exist. Install:
80 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install dvdauthor
QDVDAuthor
QDVDAuthor (http://qdvdauthor.sourceforge.net/) is a Qt-based GUI for DVD Author. A
package for Precise does not exist, but the Maverick package can be used.
Enable the Maverick multiverse repository temporarily by adding it to the Synaptic Package
Manager Origin of Packages ("Other" software):
Menu -> System -> Synaptic -> Settings -> Edit Origins -> Software Sources: Other
Software -> Add...
deb http://us.archive.ubuntu.com/ubuntu maverick multiverse
From the Get and Remove Software menu (of Synaptic), install the qdvdauthor package
(and the qdvdauthor-common package if it is not automatically installed as a dependency).
Once the download/installation is complete, disable the Maverick multiverse repository (to
prevent conflict with other Precise packages).
Download and install the addons:
cd /tmp
wget http://qdvdauthor.sourceforge.net/data/masks.tar.bz2 -O masks.tar.bz2
wget http://qdvdauthor.sourceforge.net/data/buttons.tar.bz2 -O buttons.tar.bz2
wget http://qdvdauthor.sourceforge.net/data/alpha_trans.tar.bz2 -O alpha_trans.tar.bz2
cd /usr/share/qdvdauthor/
sudo tar -xjf /tmp/masks.tar.bz2
sudo tar -xjf /tmp/buttons.tar.bz2
sudo tar -xjf /tmp/alpha_trans.tar.bz2
Run:
Menu -> Multimedia -> QDVDAuthor
Follow instructions in the Quick-Start Guide:
QDVDAuthor -> Help -> Quick-Start Guide
For a tutorial on authoring DVDs, see this guide (http://womble.decadent.org.uk/talks
/dvd-ukuug06/dvd-talk-ukuug06-paper.html) .
ToVid
ToVid (http://tovid.wikia.com/wiki/Tovid_Wiki) is a collection of tools to create a DVD from a
number of different video formats. A GUI is available. Install:
sudo apt-get install tovidgui tovid
Other DVD authoring programs
There are several other DVD authoring programs. For additional information see the Ubuntu
81 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Community (https://help.ubuntu.com/community/DVDAuthoring) pages. Packages include:
Bombono (http://www.bombono.org) , a GTK-based, GUI DVD authoring program. Install
(requires multiverse repositories to be enabled):
sudo apt-get install bombono-dvd
KMediaFactory (http://code.google.com/p/kmediafactory/) is a KDE-based DVD authoring
frontend for dvdauthor. (The DVD folders can then be burned to disc using K3b.) Install
(requires multiverse repositories to be enabled):
sudo apt-get install kmediafactory
Ripper X CD Ripper/Encoder
Ripper X (http://sourceforge.net/projects/ripperx/) is a GTK-based (i.e. Gnome) open source utility
to rip CD audio tracks to OGG, MP3, or FLAC formats. It supports CDDB lookups.
sudo apt-get install ripperx
Asunder CD Ripper/Encoder
Asunder (http://littlesvr.ca/asunder/) is a GTK-based open source CD ripper/encoder which saves
to Wav, MP3, OGG, FLAC, or WavPack. Self-installing .deb packages are available here
(http://www.getdeb.net/app.php?name=Asunder) .
Audex CD Ripper/Encoder
Audex (http://www.kde-apps.org/content/show.php/Audex?content=77125) is a port to KDE4 of
the KAudioCreator package used in KDE 3. It can create output for LAME (MP3-compliant), OGG
Vorbis (oggenc), FLAC and RIFF WAVE. Install:
sudo apt-get install audex
Gnac (GNome Audio Converter)
Gnac (GNome Audio Converter) (http://gnac.sourceforge.net/) converts between all GStreamer
supported audio formats. It is not yet part of the standard repositories. See these installation
instructions (http://launchpad.net/~gnac-team/+archive/ppa) .
SOX (encodes/decodes audio)
SoX (http://sox.sourceforge.net/) is a command-line utility to convert audio formats. See this
usage guide (http://sox.sourceforge.net/sox.html) . Install:
sudo apt-get install sox
Run:
82 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sox
Install MP3 support for SoX
See this blog post (http://eggblog.invertedegg.com/?p=19) or this Ubuntu Forums thread
(http://ubuntuforums.org/showthread.php?t=17272) .
Install the MP3 libraries (if not already installed):
sudo apt-get install libmp3lame0
For simple conversions, I have found FFMPEG to be easier, and FFMPEG already has mp3
support. Example:
ffmpeg -i audiofile.m4a -ab 128k -ac 2 -ar 44100 audiofile.mp3
where -ab specifies the bit rate, -ac specifies the number of channels (in this example
2-channel stereo), and -ar specifies the sampling frequency.
CDs and DVDs
Brasero (CD/DVD burner)
Brasero (http://projects.gnome.org/brasero/) is a CD/DVD burning application that is now part of
the Gnome desktop (but can be used with any Ubuntu derivative). If not already installed:
sudo apt-get install brasero
Gnomebaker (CD/DVD burner)
Gnomebaker (http://sourceforge.net/projects/gnomebaker) has been the default CD/DVD burning
application for the Gnome desktop. If not installed:
sudo apt-get install gnomebaker
K3b (CD/DVD burner)
k3b (http://K3b.org) (KDE Burn Baby Burn) is the default KDE CD and DVD burning utility
included in Kubuntu, but can run well in Gnome. (Due to licensing requirements, mp3
capabilities must be installed separately as the libk3b6-extracodecs package). Install:
sudo apt-get install k3b libk3b6-extracodecs
Normalize audio levels
83 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Volume normalization for an audio CD requires a separate external plugin. Install:
sudo apt-get install normalize-audio
Then select normalization:
K3b -> Project -> Properties -> Advanced -> Settings:Normalize volume levels (ticked)
Recent versions of k3b have a bug that doesn't properly recognise normalize-audio. See
these tips (http://machine-cycle.blogspot.com/2011/04/fixing-normalize-audio-featurein-k3b.html) for a workaround.
DVD Playback Capability
libdvdcss
To play encrypted DVDs, the libdvdcss2 package is essential. libdvdcss2 is a simple library
designed for accessing DVDs like a block device without having to bother about the decryption.
More information about this package can be found at VideoLAN (http://www.videolan.org
/developers/libdvdcss.html) .
You can install libdvdcss2 as a 64-bit .deb package without installing the Medibuntu
repositories:
wget -c http://packages.medibuntu.org/pool/free/libd/libdvdcss/libdvdcss2_1.2.12-0.0medibuntu1_amd64.deb
sudo dpkg -i libdvdcss2_1.2.12-0.0medibuntu1_amd64.deb
or a 32-bit .deb package:
wget -c http://packages.medibuntu.org/pool/free/libd/libdvdcss/libdvdcss2_1.2.12-0.0medibuntu1_i386.deb
sudo dpkg -i libdvdcss2_1.2.12-0.0medibuntu1_i386.deb
You can also use guidelines provided at Medibuntu (https://help.ubuntu.com/community
/Medibuntu) . This will install the Medibuntu repositories on your system and then install the
libdvdcss2 package:
sudo
sudo
sudo
sudo
sudo
wget --output-document=/etc/apt/sources.list.d/medibuntu.list http://www.medibuntu.org/sources.list.d/$(lsb_release -cs).list
apt-get update
apt-get --yes --allow-unauthenticated install medibuntu-keyring
apt-get update
apt-get install libdvdcss2
You can also install 32 bit or 64 bit Windows multimedia codecs (if you haven't already done
so using ubuntu-restricted-extras):
sudo apt-get install w32codecs
or
sudo apt-get install w64codecs
84 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Instead of downloading directly from Medibuntu, you could also use the script included with
the libdvdread4 package to download and install libdvdcss2:
sudo apt-get install libdvdread4
sudo /usr/share/doc/libdvdread4/install-css.sh
libudf
Many newer DVDs use the UDF filesystem. To play them properly, also install libudf:
sudo apt-get install libudf0
Other tools are useful:
sudo apt-get install udftools libudf-dev
K9copy (DVD Ripper)
K9copy (http://en.wikipedia.org/wiki/K9copy) is the free open source DVD backup
(http://en.wikipedia.org/wiki/DVD_ripper) , copying, compression, and authoring utility that
requires libdvdcss. For other info, see this (http://www.dvd-guides.com/content/view/213/59/) or
this (http://www.my-guides.net/en/content/view/77/26/) guide. You can easily create MPEG-2.
MPEG-4, or DVD videos with this utility.
sudo apt-get install k9copy
Tips: At times you may not be able to copy your DVD directly from DVD to DVD. This may
because you have a small imperfection in the DVD, or because the DVD was initially
created with a non-standard burning method. There are two methods that can help solve
this problem:
Copy the VIDEO_TS and AUDIO_TS folders from your original DVD directly to your hard
drive. Then use k9copy to burn a DVD directly from these hard drive folders.
Use k3b (or Gnomebaker) to copy an .iso image from the original DVD to your hard
drive. Then use k9copy to extract from the hard drive .iso image and then burn a DVD
directly from it.
Handbrake
Handbrake (http://handbrake.fr/) is a GPL-licensed open source tool for converting DVD to
MPEG-4 (iPod format) that is an alternative to k9copy. (It can handle many DVDs that k9copy
cannot.) Installation is from the developmental PPA archive (https://edge.launchpad.net
/~stebbins/+archive/handbrake-releases) .
sudo add-apt-repository ppa:stebbins/handbrake-releases
sudo apt-get update
sudo apt-get install handbrake-gtk handbrake-cli
If you do not intend to use the command-line interface, you can skip handbrake-cli.
85 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
dvd::rip
dvd::rip (http://www.exit1.org/dvdrip/) is a DVD backup (http://en.wikipedia.org/wiki/DVD_ripper)
/copy program, written in GTK-based perl, that uses the transcode (http://www.transcoding.org
/cgi-bin/transcode) and ffmpeg (http://www.ffmpeg.org/ffmpeg-doc.html) video/audio processing
and conversion tools. See the website for installation and official documentation. For other info,
see this dvd::rip tutorial (http://www.my-guides.net/en/content/view/136/26/) . Install:
sudo apt-get install dvdrip rar
Acidrip
Acidrip (http://sourceforge.net/projects/acidrip/) is a DVD backup (http://en.wikipedia.org
/wiki/DVD_ripper) /copy program, written in GTK-based perl, that uses the Mplayer
(http://www.mplayerhq.hu/design7/news.html) and Mencoder (http://www.mplayerhq.hu
/DOCS/HTML/en/mencoder.html) video/audio processing and conversion tools (and therefore
yields the best quality DVD rips to an .AVI file with XVID video, for example). See the website for
installation and official documentation. Install:
sudo apt-get install acidrip
DVD Fab (DVD Ripper)
DVD Fab (http://www.dvdfab.com) is the favoured DVD backup tool for today's DVD encryption
methods. It must be run in Wine (since it is a Windows application). It comes as a fully featured
30-day trial, but see these instructions (http://geek-out-blog.blogspot.com/2009/01/how-torestart-dvdfab-trial-period.html) for fine-tuning the trial period.
Music Players
Rhythmbox
Rhythmbox (http://en.wikipedia.org/wiki/Rhythmbox) is the default music player in Ubuntu
(Gnome), relying on the Gstreamer framework.
Play Internet Radio through Rhythmbox
Internet radio can be played through Rhythmbox by installing the rhythmbox-radio-browser
plugin:
sudo apt-get install rhythmbox-radio-browser
Restart Rhythmbox and select the plugin:
Rhythmbox -> Edit -> Plugins -> Internet radio station browser (ticked) -> Library -> Radio
browser
Note: Internet radio streams use many different ports. You must adjust your firewall to allow the
ports over which the streams will be sent.
86 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Amarok
Amarok (http://amarok.kde.org/) is the default music player in Kubuntu. Install:
sudo apt-get install amarok
Amarok themes
Amarok themes (http://www.kde-look.org/index.php?xcontentmode=55) can be downloaded
from KDE Look and installed.
Download the theme (ending in .tar.bz2) to your home directory (or chosen directory).
Amarok -> Settings -> Appearance -> Install New Style
Select the downloaded file.
Play Shoutcast Internet Radio through Amarok
Shoutcast (http://classic.shoutcast.com) internet radio can be played through Amarok 2.2 or
later by installing the Shoutcast script:
Amarok -> Tools -> Script Manager -> Get more scripts -> Order by:Rating (ticked) ->
Shoutcast service -> Install -> Restart Amarok -> Tools -> Script Manager -> Shoutcast
service tralala (ticked) -> Ok -> Internet -> Shoutcast service tralala
Note: Internet radio streams use many different ports. You must adjust your firewall to allow the
ports over which the streams will be sent.
Audacious
Audacious (http://en.wikipedia.org/wiki/Audacious_Media_Player) is a compact, fast music player
that is a fork of XMMS. It resembles WinAmp and can use WinAmp and XMMS skins. It supports
many plugins and is ideal for streaming content. Volume normalization (using ReplayGain) is a
built-in option. Install:
sudo apt-get install audacious
You can switch between the "PulseAudio Output Plugin" and the "ALSA Output Plugin" under
Audacious -> Preferences -> Audio -> Current output plugin.
Banshee Music Player
Banshee (http://banshee-project.org/) is a Gstreamer, Mono and Gtk-based music player for
Linux and Mac OS X. It supports multiple mp3 players (including the iPod).There are plugins for
podcasts, internet radio, and more.
sudo apt-get install banshee
Exaile Music Manager and Player
Exaile (http://www.exaile.org/) is a GTK-based music player that supports many formats,
87 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
incorporates a Shoutcast directory, a plugin for iPod, Last.FM support, tabbed playlists, and
other features. Install:
sudo apt-get install exaile
Songbird Music Player
Songbird (http://getsongbird.com/) is an open source music player from Mozilla with an
appearance meant to resemble iTunes. It is in current development and does not yet have full
support for mp3 players (such as the iPod). It incorporates a Shoutcast internet radio interface.
The current beta version can be downloaded from the website.
aTunes
aTunes (http://www.atunes.org/) is a Java-based player designed to be similar to iTunes.
Installation instructions are here (http://www.atunes.org
/wiki/index.php?title=Installing_aTunes_on_Linux_%28under_GNOME%29) .
Multimedia Players
Most current video multimedia players play many video formats, including the Flash video .flv
format.
MPlayer Multimedia Player
Mplayer (http://www.mplayerhq.hu/design7/info.html) is a video player with a wide range of
formats supported (including RealMedia and Windows-codecs) and a wide variety of outputs.
sudo apt-get install mplayer
SMPlayer
SMPlayer (http://smplayer.sourceforge.net/) is an enhanced frontend for MPlayer.
sudo apt-get install smplayer
Dump a video stream to disc
You can dump a video stream to disc using Mplayer:
mplayer -dumpstream streamurl
If you don't know the exact URL of the stream you wish to save, you can discover it from the
webpage it is embedded in by using the Firefox add-on UnPlug. Do not save streams that are
illegal to download.
VLC Multimedia Player
88 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
VLC (http://www.videolan.org/) is a cross-platform multimedia player that supports many
formats without need for additional codecs. It can not only receive video streams
(http://wiki.videolan.org/Documentation:Streaming_HowTo/Receive_and_Save_a_Stream) (also
see here (http://tom.zickel.org/vlcmp4/) to convert it to mp4), but can act as a server for video
streams, as well. It is one of the only players that can view and backup almost any DVD format,
no matter which copy protection is used. See these tips (http://www.freedvdripper.net/guides
/rip-dvd-convert-video-with-free-vlc-player.html) for using VLC to backup/rip encrypted DVDs.
sudo apt-get install vlc vlc-plugin-pulse
VLC plugins
There are many VLC plugins. You will likely only need to install a few of them, however,
depending on your hardware and input/output configuration:
sudo apt-get install vlc-plugin-ggi vlc-plugin-jack vlc-plugin-pulse vlc-plugin-sdl vlc-plugin-svgalib mozilla-plugin-vlc vlc-plug
Xine-UI Multimedia Player
Xine UI (http://xinehq.de/) is a multimedia player based, of course, on the xine platform. It can
also play streamed video from the Internet and supports most formats, including some
uncommon ones.
sudo apt-get install xine-ui
Kaffeine Video Player
Kaffeine (http://kaffeine.kde.org/) is the default video player in Kubuntu. Install:
sudo apt-get install kaffeine
RealPlayer 11 Multimedia Player
The Linux Realplayer is actually based on the open-source Helix player
(https://player.helixcommunity.org/) . Helix itself can be installed as a package easily (read Helix
plug-in) and used instead of Realplayer. These instructions are to install the proprietary version
of RealPlayer only.
Download Real Player official linux player (http://www.real.com/linux)
Open a terminal and cd to the directory you have downloaded realplayer's .bin file. Then issue
the following commands
chmod +x RealPlayer11GOLD.bin
sudo ./RealPlayer11GOLD.bin
When it asks for installation path enter /usr/local/RealPlayer
89 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
For all other questions just choose default by pressing enter.
If you have installed mozilla-mplayer package you will need to delete the mplayer firefox plugin
for real player videos. Other wise all real player files will open with mplayer. For that please do
this
cd /usr/lib/firefox/plugins
sudo rm mplayerplug-in-rm.*
Please remember to restart firefox and when ever you click on a real player video choose the
option open with and use /usr/bin/realplay
Internet TV
Myth TV
See MythTV. Ubuntu TV is essentially Myth TV.
Miro Player
Miro Player (http://www.getmiro.com/) (formerly Democracy TV Player) is an open-source
Internet TV and video player that allows you to watch Internet TV and videos. Unlike other video
players, it contains a structured guide that includes more than 2500 channels, has built-in
BitTorrent, and has features that can automatically save videos, such as from YouTube.
sudo apt-get install miro
Sopcast Internet TV
Sopcast (http://www.sopcast.org) is an interface to play live P2P video streams through the VLC
media player. Install VLC first. This is a Chinese program and most content is hosted in China
and may not be legal in your area. Please consult local regulations.
You can install the SopCast Player PPA using the following commands:
echo "deb http://ppa.launchpad.net/jason-scheunemann/ppa/ubuntu `lsb_release -cs` main" | sudo tee -a /etc/apt/sources.list
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CD30EE56
If you are using Karmic or later:
sudo add-apt-repository ppa:jason-scheunemann/ppa
sudo apt-get update
sudo apt-get install sopcast-player
Run:
Applications->Sound & Video->SopCast Player
Zattoo
Zattoo (http://www.zattoo.com/) is a free Internet TV player that allows you to watch terrestrial
90 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
television from various countries in Europe. See the Zattoo Download (http://zattoo.com
/en/download/linux) page for further instructions on installation. For screenshots and an
alternate installation guide, see this UbuntuGeek guide (http://www.ubuntugeek.com/watchinglive-tv-on-your-ubuntu-desktop-with-zattoo.html) .
Install dependencies first:
sudo apt-get install libgtkglext1 adobe-flashplugin
Download the latest .deb package from Zattoo Download (http://zattoo.com/en/download
/linux) page.
wget http://zattoo.com/release/download.php
Install the downloaded .deb package:
sudo dpkg -i *.deb
Run Zattoo:
K -> Application -> Multimedia -> Zattoo Player
Note: you have to register for a free account when the player starts.
TV Time (TV Viewer)
TVTime (http://tvtime.sourceforge.net/) allows the display of television and other digital inputs
(made available to the computer by a video capture card (http://tvtime.sourceforge.net
/cards.html) ). A plugin for the Remuco remote control (http://code.google.com/p/remuco/)
(remuco-tvtime) is also available. Install:
sudo apt-get install tvtime
ABC iView
Python-iView (https://launchpad.net/~jeremy-visser/+archive/python-iview) is a program that
works with rtmpdump to record streams offered by ABC iView (http://www.abc.net.au/tv/iview/)
(Australia). Installation instructions are at the PPA repository (https://launchpad.net/~jeremyvisser/+archive/python-iview) .
BBC iPlayer
BBC iPlayer (http://www.bbc.co.uk/iplayer/) provides replays and downloads of BBC programs to
UK residents. The BBC, however, has crippled its streams to prevent downloading and legal
actions against iPlayer appear to be in progress. (Flvstreamer may be required for rtmp stream
recording). To install a Flash 64-bit edition of iPlayer:
sudo
sudo
sudo
sudo
91 of 212
aptitude remove flashplugin-installer
add-apt-repository ppa:sevenmachines/flash
aptitude update
aptitude install flashplugin64-installer
05/24/2012 07:12 AM
Ubuntu:Precise -
get_iplayer (BBC program recording)
get_iplayer (http://linuxcentre.net/getiplayer/) allows BBC streams (through their iplayer
service) for UK users, as well as Hulu streams for US users, to be recorded to mp4, wav and
mp3 files (depending on content). Install v2.66 (may not work for all users):
sudo apt-get install get-iplayer
To install a newer version:
sudo apt-get install flvstreamer id3v2 libmp3-info-perl atomicparsley libwww-perl perl
wget ftp://ftp.infradead.org/pub/get_iplayer/get_iplayer-2.79.tar.gz
tar xvf get_iplayer-2.79.tar.gz
sudo ln -s iplayer-2.79/get_iplayer /usr/bin/get_iplayer
Note: When running this version, use get_iplayer instead of get-iplayer.
Add preferences:
get_iplayer --prefs-add --modes=flashhd,flashvhigh,flashhigh,flashnormal,iphone
get_iplayer --prefs-add --flvstreamer "/usr/bin/flvstreamer"
Delete ~/.swfinfo:
cd ~/.swfinfo
sudo rm *
cd ..
sudo rmdir swfinfo
See the website for usage or:
man get-iplayer
Get a current listing of what's available and save it in the home directory
get-iplayer >~/iplayer-listing.txt
Having found some interesting programmes (and noted the numbers found in the left-hand
column), download them:
get-iplayer --get 123 537
For Live Streaming (with mplayer) use one of these commands (http://linuxcentre.net
/getiplayer/documentation#Live%20Streaming) .
iPlayer can be run in Wine using these instructions (http://bbciplayerlinux.sourceforge.net
/index.php/Main_Page) .
Some users will need to install rtmpdump for successful streaming.
Netflix Android App
92 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
A Netflix app for the Android market is available here (https://market.android.com
/details?id=com.netflix.mediaclient) . It must be installed in an Android environment.
Internet Radio
Internet radio streams through different ports, so check your firewall if you are not able to play
the streams.
Last FM
LastFM (http://www.last.fm/) is a service for sharing music recommendations and individual radio
streams. It is included as an option in Amarok, or can be installed separately:
sudo apt-get install lastfm
Shoutcast Internet Radio
Shoutcast (http://classic.shoutcast.org) is the first and last free mp3 streaming service.
Hundreds of radio streams can be played through Amarok, Audacious, or other multimedia
player. Simply associate the .pls streams with your favourite player (Audacious or XMMS2
recommended).
StreamTuner Stream Directory Browser
StreamTuner (http://www.nongnu.org/streamtuner/) lists streams available on the Internet
through a GTK-based interface. It lists Shoutcast and Live365 streams, among others. Install:
sudo apt-get install streamtuner
Streamripper
Streamripper (http://streamripper.sourceforge.net/) is a standalone command-line utility to
record online audio streams (primarily from Shoutcast). A GUI front-end for KDE is available.
Install:
sudo apt-get install kstreamripper
Media Centers and PVR (Personal Video Recorder)
There are a number of open-source Media Centers for Linux, some of which include personal
video recorder functions. For a full list of open-source media centers, see this guide
(http://www.telematicsfreedom.org/en/project/14/floss-media-center-state-art) .
MythTV
MythTV (http://www.mythtv.org/) is a media center with PVR (personal video recorder) for
retrieving, recording, and playing broadcast and Internet TV and other multimedia content. It
has many options and plugins for expansion. To be useful, you will need a compatible TV tuner
card (http://www.mythtv.org/wiki/index.php/Tuner_Card) . For setup tips, see this guide
93 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
(http://parker1.co.uk/mythtv_ubuntu.php) . (Ubuntu TV is essentially Myth TV that has been
integrated into the Unity desktop). Install:
sudo apt-get install mythtv
Mythbuntu
Mythbuntu (http://www.mythbuntu.org) is an integrated Ubuntu (Xubuntu) desktop optimised for
MythTV usage. In can be used instead of adding MythTV to a (K)Ubuntu desktop.
XBMC
XBMC (http://xbmc.org/) is a free, mature, open-source cross-platform media center. It does not
have a PVR capability nor as many functions as MythTV, but has a very nice interface.
Add these third party repositories:
deb http://ppa.launchpad.net/team-xbmc-intrepid/ubuntu intrepid main
deb-src http://ppa.launchpad.net/team-xbmc-intrepid/ubuntu intrepid main
Install:
sudo apt-get update
sudo apt-get install xbmc
Boxee
Boxee (http://www.boxee.tv/) is an XBMC-like open source package to allow streaming video over
the Internet, including from YouTube and other sites. It is a fork of XBMC, and is still in alpha
development and testing stage. It is currently available for 32-bit systems only, and
recommended for Hardy. A current version is anticipated soon. (Note: Boxee does not run Netflix
on Linux, despite their ads). See these download instructions (http://app.boxee.tv/download) .
Elisa
Elisa (http://elisa.fluendo.com/) is a cross-platform media center that uses the Gstreamer
multimedia framework. Commercial plugins are available from Fluendo. It supports PVR and
Music Jukebox . Install:
sudo apt-get install elisa
LinuxMCE
See LinuxMCE.
Multimedia Servers
MPD Multimedia Playing Server
MPD (http://mpd.wikia.com/wiki/What_MPD_Is_and_Is_Not) is a music server meant for LAN
94 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
usage. It can be controlled from remote clients. It can also stream internet streams.
TiMidity++ MIDI Sound Server
TiMidity (http://timidity.sourceforge.net/) is a MIDI software synthesizer required by several
games and other MIDI-dependent applications.
sudo apt-get install timidity
uShare UPnP A/V Media Server
uShare (http://ushare.geexbox.org/) is a UPnP media server compatible with the Xbox360 and
PS3.
sudo apt-get install ushare
Also see: How-to: Run uShare at Startup (http://ubuntuguide.org/index.php?title=Howto:_Getting_uShare_to_run_at_Startup) .
Home Automation / Home Theater / Home
Security
Complete Systems
Linux MCE (Media Center Edition)
LinuxMCE (http://en.wikipedia.org/wiki/LinuxMCE) is an integrated home theater/home
security/home automation/telephone PBX/intercom system for your home. It incorporates
MythTV (http://en.wikipedia.org/wiki/MythTV) , Pluto (http://plutohome.com/) home automation,
Motion (http://www.lavrsen.dk/twiki/bin/view/Motion/WebHome) security surveillance, Asterisk
(http://www.asterisk.org/) PBX, VDR (http://www.cadsoft.de/vdr/) video disk recorder, and other
home automation/security/theater packages in an integrated platform. It is available in 32 and
64 bit versions. LinuxMCE can run either as a standalone Home Theater PC or can co-ordinate a
fully networked home, using the networking capabilities that are intrinsically part of the
(K)Ubuntu Linux OS. For more info see the LinuxMCE website (http://www.linuxmce.org) or wiki
(http://wiki.linuxmce.org/index.php/Main_Page) .
The most recent stable version runs on Kubuntu 8.04 (Hardy). A beta version for Kubuntu 10.04
(Lucid) has been released, and the full version is anticipated soon. LinuxMCE can be installed at
the same time as the Kubuntu OS (on a new PC with an nVidia graphics card), with a single DVD
installation. Alternatively, Kubuntu can be installed first and LinuxMCE then installed from a 2 CD
installation.
Other systems in development
95 of 212
Minerva (http://www.minervahome.net/) -- home automation and multimedia control with a
GUI interface. It can even hook into Google Calendar.
DomotiGa (http://www.domotiga.nl/) -- home automation software from the Netherlands,
using a MySQL database.
05/24/2012 07:12 AM
Ubuntu:Precise -
NetHomeServer (http://wiki.nethome.nu/doku.php/start) is a Java-based cross-platform
automation system authored by a single coder. It is in alpha development but can be
downloaded from the website and evaluated.
The Wosh (http://wosh.sourceforge.net/) framework is message-based middleware to effect
home automation processes. the project is in early development.
Linux Home Automation (http://www.linuxha.com/) contains information regarding many
nascent home automation projects.
Home Security
Zoneminder surveillance system
Zoneminder (http://www.zoneminder.com/) manages surveillance cameras and stores images on
the hard disk. Images can be viewed using a (LAMP) server remotely. X10 devices can be
triggered using built-in perl scripts. Install:
sudo apt-get install zoneminder ffmpeg
Myth Zoneminder
MythZoneminder (http://mythtv.org/wiki/index.php/MythZoneMinder) allows you to view your
security cameras through Myth TV, essentially. It is a plugin that interfaces the two packages
Zoneminder (which must be working on your system) and Myth TV (which must also be
working.) See the installation instructions (http://mythtv.org/wiki/index.php
/MythZoneMinder#Install_MythZoneMinder) . Install:
sudo apt-get install mythzoneminder
Office Suites
LibreOffice
LibreOffice (http://www.libreoffice.org/) is a free and open source (GPL-licensed) office suite
similar to OpenOffice that is now installed by default in Ubuntu. If not, it can be installed:
sudo apt-get install libreoffice-gnome
Open Office
Open Office (http://www.openoffice.org) was installed by default in older versions of (K)Ubuntu,
with Writer (Word equivalent), Presentation (PowerPoint equivalent), Calc spreadsheet (Excel
equivalent), and Base relational database (Access equivalent). It has been replaced by
LibreOffice and is no longer available in (K)Ubuntu.
Open Word 2007 Documents in Open Office
The latest edition of OpenOffice opens .docx (i.e. Word 2007) documents by default.
96 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
KOffice
The KOffice (http://www.koffice.org/) suite is part of the KDE project and is meant to provide the
capabilities of the OpenOffice suite without the licensing restrictions of OpenOffice. It can be
used in any version of Ubuntu. Install:
sudo apt-get install koffice
AbiWord
AbiWord (http://www.abisource.com/) is a fast, collaboration-enabled word processor. For the
most current version see the AbiWord web site (http://abisource.com/wiki/Install_on_Ubuntu) . To
install from the repositories:
sudo apt-get install abiword
GoldenDict (Multi-lingual Dictionary and Translator)
GoldenDict (http://goldendict.org/) is multi-lingual dictionary and translator that supports
Babylon (https://en.wikipedia.org/wiki/Babylon_%28program%29) and StarDict
(https://en.wikipedia.org/wiki/Stardict) translation dictionary files and has multiple modular
plugins. Install:
sudo apt-get install goldendict
Xournal
Xournal (http://xournal.sourceforge.net/) is a free (GPL-licensed) GTK/Gnome-based application
for notetaking, sketching, or keeping a journal using a stylus. Install (universe repositories must
be enabled):
sudo apt-get install xournal
PDF Files
PDF (http://en.wikipedia.org/wiki/Portable_Document_Format) is the file format used by Adobe
Acrobat (which can be read by many e-book readers as well). There are many PDF-oriented
utilities available in (K)Ubuntu. In a package manager, search for "pdf".
Print to a PDF file
(K)Ubuntu allows printing of any document to the PDF format by default. From any application:
File -> Print -> Print to File -> Output: PDF
View a PDF document
Evince (http://projects.gnome.org/evince/) is the default PDF document viewer in Ubuntu. PDF
files are associated by default with Evince, so clicking on a PDF file (from a file manager such as
97 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Nautilus) will open it with Evince. Evince can also be started:
Menu -> Office -> Evince
Scan to a PDF file
Gscan2pdf (http://gscan2pdf.sourceforge.net/) is a utility to do exactly that: scan to a PDF file.
Multiple options for scanning can be set. Install:
sudo apt-get install gscan2pdf
PDF-Shuffler (PDF file management)
PDF-Shuffler (http://sourceforge.net/projects/pdfshuffler/files/) is a free GTK-based utility to
manipulate multiple PDF files, allowing individual pages or entire PDF documents to be
re-arranged, rotated, merged, or deleted. This is an essential tool for working with PDF files.
Install:
sudo apt-get install pdf-shuffler
Run:
Menu -> Office -> PDF-Shuffler
MaxView (PDF file management)
MaxView (http://sourceforge.net/projects/maxview/) is a utility to capture, manipulate and
rearrange, and print .pdf and .max files. Written in Qt, it is similar in some respects to Paperport.
Download (http://sourceforge.net/projects/maxview/files/maxview0.7-2/) and install the
.deb package (use i386 instead of amd64 if using a 32-bit OS):
wget -O maxview_current.deb http://sourceforge.net/projects/maxview/files/maxview0.7-2/maxview_0.7-2_amd64_maverick.deb/download
sudo dpkg -i maxview_current.deb
Start MaxView in a GUI by creating a menu item with the Command: maxview /home/user,
where /home/user is the directory in which you wish MaxView to start.
PDFMod (PDF file management)
PdfMod (http://live.gnome.org/PdfMod) is a Gnome-based application to reorder, rotate, and
remove pages, export images from a document, edit the title, subject, author, and keywords,
and combine documents via drag and drop. Install:
sudo add-apt-repository ppa:pdfmod-team/ppa
sudo apt-get update
sudo apt-get install pdfmod
PDFedit (PDF file editor)
PDFedit (http://pdfedit.petricek.net/en/index.html) is a free (GPL-licensed), Qt-based PDF file
editing and manipulation program that uses a GUI for editing. Install:
98 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install pdfedit
Import PDF files into a word processor
Import PDF files into OpenOffice Writer
PDF files can be imported (http://extensions.services.openoffice.org/project/pdfimport) into the
OpenOffice Writer word processor as a hybrid document (not a scanned character document) by
installing:
sudo apt-get install openoffice.org-pdfimport
Import PDF files into KWord
Kword is the Word Processor package in KOffice. It allows the importing of PDF files by default.
PDF-XChange (PDF file editor)
PDF-XChange (http://www.tracker-software.com/product/pdf-xchange-viewer) is a free
Windows-based application to view, modify, or perform simple editing of PDF files. It works
under Wine.
DjVu files
DjVu (http://en.wikipedia.org/wiki/DjVu) is an open source file format that is an alternative to
PDF. Files in this format are more compact while retaining image-layer separation of images and
text. DjVu files can be read by both Evince (in Ubuntu) and Okular (in Kubuntu).
A PDF to DjVU convertor (pdf2djvu (http://code.google.com/p/pdf2djvu/wiki/ManualPage) )
can be installed:
sudo apt-get install pdf2djvu
A utility to scan documents to DjVU format (gscan2pdf (http://gscan2pdf.sourceforge.net/) )
can be installed:
A standalone DjVU document viewer can be installed:
sudo apt-get install djview4
A utility to convert DjVU documents to PDF format (djvu2pdf (http://0x2a.at/s/projects
/djvu2pdf) ) can be installed:
sudo apt-get install djvulibre-bin ghostscript
wget http://0x2a.at/site/projects/djvu2pdf/djvu2pdf_0.9.2-1_all.deb
sudo apt-get install djvu2pdf_0.9.2-1_all.deb
99 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
eBooks
FBReader (e-book reader)
FBReader (http://www.fbreader.org/) is a free cross-platform e-book reader, based on the GTK
platform. Install:
sudo apt-get install fbreader
Calibre (eBook conversion)
Calibre (http://calibre-ebook.com/help) is an eBook reader, library manager, and tool for
conversion between many eBook formats (including the .epub format). Install:
sudo apt-get install calibre
eBook conversion examples and tips are here.
Sigil (eBook editing and conversion)
Sigil (http://code.google.com/p/sigil/) allows creation and editing of an eBook in .epub format
and conversion from other formats. Download and install the binary from the website.
eCub (eBook editing and conversion)
eCub (http://www.juliansmart.com/ecub#linux) allows creation and editing of an eBook in .epub
format and conversion from other formats. Download and install the .deb package from the
website.
Scripts and Screenplays
Trelby (http://www.trelby.org/) is an open source alternative to Final Draft. A .deb package
can be downloaded from the website and installed directly.
Using a MediaWiki extension, a screenplay can be written in MediaWiki, allowing conversion
to other formats.
Personal Information Managers
Kontact Personal Information Manager
Kontact (http://kontact.kde.org/) is the default PIM included with Kubuntu. Kontact includes
email, an address book, a calendar, reminders, pop-up notes, a link to the Akregator News/RSS
(http://en.wikipedia.org/wiki/RSS) reader, time-tracking, and more. Its many functions resemble
MS-Outlook. Through connectors it interfaces with many groupware servers
(http://kontact.kde.org/groupwareservers.php) (such as Kolab and eGroupware). Install:
sudo apt-get install kontact
100 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Mozilla Sunbird (Calendar)
Sunbird (http://www.mozilla.org/projects/calendar/sunbird/) is a standalone group calendar
client that has largely been replaced by the Lightning extension for Thunderbird and Firefox
(https://addons.mozilla.org/en-US/thunderbird/addon/2313/) . Download from the website
(http://www.mozilla.org/projects/calendar/sunbird/download.html) and install by clicking on the
downloaded file to extract, or:
sudo mkdir /etc/sunbird
cd /etc/sunbird
sudo wget -O sunbird-current.tar.bz2 http://download.mozilla.org/?product=sunbird-1.0b1&os=linux64&lang=en-US
tar -xvjf sunbird-current.tar.bz2
Replace os=linux64 with os=linux if using a 32-bit OS.
Then create a menu item named Sunbird to point to the Command: /etc/sunbird/sunbird
BasKet Note Pads
BasKet Note Pads (http://basket.kde.org/) is a personal note-taking application that resides on
your computer and can be used for creating "to-do" lists. It is great for centralising your
thoughts in one place. Install it:
sudo apt-get install basket
Planner (Project planning & management)
Planner (http://www.simpleprojectmanagement.com/planner/) is an MS-Project
(http://en.wikipedia.org/wiki/Microsoft_Project) -like planning and management tool.
sudo apt-get install planner
Time Tracker
You can keep track how long you use an application with TimeTracker. Keep records for billing or
simply limit your Internet usage.
Financial Software
For a brief introduction, see this list of 10 Linux financial tools (http://ubuntudoctor.com/content
/news/10-linux-financial-tools) .
KMyMoney (Personal Finance Management)
KMyMoney (http://kmymoney2.sourceforge.net/index-home.html) is a personal finance manager
that uses double entry accounting, the method professional accountants use. It is similar to
MS-MyMoney and Intuit Quicken, with automatic setup of categories for businesses. It is
designed for the KDE/Kubuntu desktop (but will work in Gnome/Ubuntu). Install:
101 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install kmymoney2
GnuCash (Personal Finance Management)
GnuCash (http://www.gnucash.org/) is a free, open source GPL-licensed personal finance
manager that uses double entry accounting like professional accountants. It is GTK-based
(Gnome 2). The current version can be installed from source files (see the website for
installation instructions), or the package version can be installed:
sudo apt-get install gnucash
Skrooge (Personal Finance Management)
Skrooge (http://skrooge.org/) is a free, GPL-licensed personal finances manager written for the
KDE desktop that is able to import/export data to/from many other finance managers.
sudo apt-get install skrooge
Moneydance (Personal Finance Management)
Moneydance (http://moneydance.com/) is a commercial cross-platform Java-based personal
finance manager similar to KMyMoney that sells for $50 per license.
SQL-Ledger (Enterprise Finance Management)
SQL-Ledger ERP (http://www.sql-ledger.org/) is a free, open-source, platform independent
double-accounting-method system and enterprise resource planner (inventory, work and
purchase orders, taxes, etc.) that uses the SQL database server (PostgreSQL/Oracle/Mysql
databases). It uses a web browser for an interface and be accessed remotely. It is extremely
comprehensive and is available in many languages. Install:
sudo apt-get install sql-ledger
LedgerSMB (Enterprise Finance Management)
LedgerSMB (http://www.ledgersmb.org/) is a fork of the SQL-Ledger project that offers fairly solid
AR, AP, and GL tracking as well as inventory control. It is in rapid development and encourages
community support. A Debian (.deb) package is available here (https://alioth.debian.org
/frs/?group_id=30839) .
WebERP (Enterprise Finance Management)
WebERP (http://www.weberp.org/) is a free, open-source enterprise resource planner and
accounting suite similar to SQL-Ledger that uses a web browser as an interface. It runs on the
LAMP server. It is somewhat difficult to implement and use, but conforms to strict accounting
guidelines. Set up your LAMP server first, then install using the web site instructions.
Phreebooks (Enterprise Finance Management)
102 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Phreebooks (http://www.phreebooks.com/) is a free open-source enterprise resource planner and
accounting suite similar to WebERP. It also runs on a LAMP server. It is in active development in
2008. A demo is available at the website.
Quasar (Enterprise Finance Management)
Quasar (http://www.linuxcanada.com/) is a proprietary Linux-based accounting suite similar to
Quickbooks. For a single user without point-of-sale or networking needs, it is free. For other
users it costs CA$500 per seat. An installer for KDE-based systems is here
(http://outkastsolutions.co.za/outkast/index.php?option=com_docman&task=doc_details&
gid=14&Itemid=31) .
Stock Market monitoring software
BeanCounter (http://dirk.eddelbuettel.com/code/beancounter.html) - A stock portfolio
performance monitoring tool. Install:
sudo apt-get install beancounter
Smtm (http://dirk.eddelbuettel.com/code/smtm.html) - Show Me The Money is a
configurable Perl/Tk stock ticker program. Written by the creator of BeanCounter.
sudo apt-get install smtm
Qtstalker (http://qtstalker.sourceforge.net/) - commodity and stock market charting and
technical analysis
sudo apt-get install qtstalker
JStock (http://jstock.sourceforge.net/) -- a Java based portfolio manager and stock market
monitoring tool. See these installation instructions (http://jstock.sourceforge.net
/help_install_upgrade.html#install-linux) .
Groupware
Groupware solutions include shared calendars, group email servers, groups address lists, group
projects, and internal messaging. They require (one or more) servers with LAMP or similar server
stacks.
Groupware Servers
Groupware servers are meant to operate on a server platform. You should install the server
version of Ubuntu (in the interest of speed) for a dedicated groupware server. Read Servers.
Kolab
Kolab (http://www.kolab.org/) is the most comprehensive open-source groupware solution
available and is distributed as a multi-platform solution. (It integrates easily with both Ubuntu
(including Evolution) and KDE/Kubuntu (including Kontact).) It is free and open source with a GPL
103 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
license (unlike other groupware solutions), yet enterprise support is also available. It is scalable
to large organizations and is Outlook (MS-Exchange) and Mozilla compatible. This is a German
package, however, and documentation in English can occasionally be limited. The Kolab website
provides its own instructions for installation from source (http://wiki.kolab.org/index.php
/Kolab2_Installation_-_Source) (currently v. 2.2 (http://www.kolab.org/pipermail/kolab-announce
/2009/000083.html) ). Version 2.2 includes the Horde web interface. The current beta Debian
package instructions are here (http://wiki.kolab.org/index.php/Debian_-_Administrators__Kolab_Installation) or the OpenPkg installation instructions are here (http://files.kolab.org/server
/release/kolab-server-2.2.4/ix86-debian5.0/1st.README) .
Note: Kolab uses its own server components, and it is best to run Kolab on a dedicated
server. However, it is possible to run other servers on the same machine, as long as you
choose alternate ports if the server modules conflict.
Install the compiler and other necessary stuff:
sudo apt-get install build-essential
Kolab Ubuntu package
There is an Ubuntu/Kubuntu package for the new version of Kolab (v. 2.2), but no
documentation support for it yet exists. Install:
sudo apt-get install kolabd
Manual Kolab installation
Make a directory for the Kolab installation and make it universally accessible:
sudo cd /
sudo mkdir /kolab
sudo chmod 777 /kolab
Optional: If you wish to mount kolab in its own partition, then create a new partition (using
Gparted, for example). Figure out the device name of your extra partition:
sudo fdisk -l
It should be something like /dev/sda3.
Mount /dev/sda3 (or whatever your partition is) as /kolab by editing /etc/fstab:
sudo nano /etc/fstab
and adding the line:
/dev/sda3
104 of 212
/kolab
ext3
defaults,rw 0 0
then reboot and make sure there are no errors.
Make a directory into which to download kolab:
05/24/2012 07:12 AM
Ubuntu:Precise -
cd /tmp
mkdir /kolabtmp
Download all the current Kolab files:
cd /tmp/kolabtmp
wget -r -l1 -nd --no-parent http://files.kolab.org/server/release/kolab-server-2.2.2/sources/
Install Kolab (as root using sudo -s):
sudo -s
sh install-kolab.sh 2>&1 | tee kolab-install.log
Reboot your system.
Stop Kolab services and run the configuration utility:
sudo /kolab/bin/openpkg rc all stop
sudo /kolab/sbin/kolab_bootstrap -b
Obviously, you should know all your details, such as your fully qualified host name (which
you can determine from hostname -f), domain details, etc., before doing this step. If you
are not familiar with OpenLDAP (http://www.openldap.org/) and LDAP
(http://en.wikipedia.org/wiki/LDAP) basics, you should learn about it, as Kolab uses the
slapd OpenLDAP server daemon.
Restart all Kolab services:
sudo /kolab/bin/openpkg rc all start
Login to the web administrator interface using "manager" and the password you set at
bootstrap configuration:
https://yourhost.yourdomain.name/admin
Citadel
Citadel (http://www.citadel.org/) is a turn-key fully open source groupware solution (that is both
KDE and Kolab-1 compliant). Based on a bulletin-board framework spanning over 20 years, it is
user friendly and interfaces with both KDE and Gnome apps and also has a web-based client. It
is also WebDAV compliant and can be used with Thunderbird.
Install the Citadel server:
sudo apt-get install citadel-server
Install the Citadel client:
sudo apt-get install citadel-client
105 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Install both:
sudo apt-get install citadel-suite
eGroupware
eGroupware (http://www.egroupware.org/) is a robust and stable free open source groupware
solution (with GPL license) based on the LAMP stack (the default server stack included with
Ubuntu Server) and the Postfix mail server (both of which should be installed first). There is a
new version recently available, with a new corporate sponsor in Germany and a commercial
enterprise version. Compatibility with many clients has been improved. Egroupware provides the
easiest installation and quickest setup time of all groupware solutions. Much of the
documentation for the current version, unfortunately, is not in English.
sudo apt-get install egroupware
Open-Xchange
Open-Xchange (http://www.open-xchange.com
/wiki/index.php?title=Quick_install_guide_for_the_Server_Edition_Ubuntu8.04) is a proprietary
groupware solution (meant as an MS-Exchange replacement) that has released a "community
edition" based on commercial versions. The latest .deb package is for Hardy Heron 8.04. It is
compliant with many different types of clients, including Kontact, Outlook, and Palm PDAs.
Installation instructions are at the website and are not trivial.
OpenGroupware
OpenGroupware (http://www.opengroupware.org/) is a groupware solution based on the
postgreSQL database. There is an enterprise version and a limited open source version, and
development appears to have been stagnant in 2008. Installation must be from source, as
packages are very outdated. See the website for details.
Zarafa
Zarafa (http://zarafa.com/?q=en/content/community-0) is the leading European MS-Exchange
replacement/groupware solution. It is proprietary, but a GPL-licensed (except for trademarks)
free open-source community edition was released in 2008. Download instructions are available
from the website.
Zimbra
Zimbra (http://www.zimbra.com/downloads/os-downloads.html) is a proprietary groupware
solution (now owned by VMWare) that offers an open source "community edition". Although
currently free, the community edition is limited in features and does not have a GPL license. All
submitted modifications and contributions become the property of VMWare. See the Zimbra wiki
(http://wiki.zimbra.com/wiki/Main_Page) .
A Beta version for Lucid Lynx 10.04 LTS is available for 64-bit users, or the older Hardy 8.04
version can be used.
SchoolTool
106 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
SchoolTool (http://www.schooltool.org/) is a free open source groupware solution for use in
primary and secondary schools which includes calendaring, gradebooks, attendance records,
and student information databases. It was created with the help of the Shuttleworth Foundation
(which also sponsors Ubuntu). See these installation instructions (http://book.schooltool.org
/htmlhelp/install.html) .
SugarCRM Community Edition
SugarCRM (http://www.sugarcrm.com/crm/download) is a customer-relationship management
system that is used to co-ordinate a sales force (sales, marketing, support, project management,
calendaring). SugarCRM has a community edition that is one of the most widely used. A LAMP
server stack should be installed first ( sudo tasksel install lamp-server ). Extract SugarCRM to
/var/www and then logon to http://localhost/SUGAR-FOLDER. Alternatively, for a new server
SugarCRM provides a (binary) integrated installation (http://www.sugarcrm.com
/crm/download#installers) of the LAMP stack with the SugarCRM Community Edition.
Groupware Clients
Many groupware solutions have connectors to interface with clients such as Kontact/KMail and
Mozilla Thunderbird (or SeaMonkey).
Evolution Exchange
The Evolution Exchange connector adds connectivity (using Outlook Web Access) to the
Evolution suite for MS Exchange 2000 and 2003. Install:
sudo apt-get install evolution-exchange
Kontact Personal Information Manager
The Kontact Personal Information Manager, included in Kubuntu by default, interfaces with many
groupware servers (http://kontact.kde.org/groupwareservers.php) .
KDE Groupware Wizard
Kubuntu provides a wizard (script) to help clients (such as Kontact/Kmail) connect to a
groupware server. Currently supported groupware servers are Kolab, eGroupware, SUSE Linux
Openexchange, and Novell Groupwise.
Zimbra Desktop
Zimbra Desktop (http://www.zimbra.com/products/desktop.html) is a desktop that collaborates
with Zimbra servers. See the Zimbra Desktop FAQ (http://wiki.zimbra.com
/wiki/Zimbra_Desktop_Download_and_Install_FAQ) . For more info also see this Ubuntu Forums
Zimbra Desktop Installation thread (http://ubuntuforums.org/showthread.php?p=10634207) .
Oracle Calendar Desktop Client
The Oracle Calendar Desktop Client (http://www.oracle.com/technology/products/cs/user_info
/ocalendar/desktop_index.html) is proprietary calendaring software for use with Oracle
groupware/database systems.
107 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Download Oracle Calendar Desktop Client:
wget http://www.k-state.edu/infotech/calendar/oracle-10-clients/DesktopClients/Linux/cal_linux_1011.tar.gz
Extract:
tar -xvf cal_linux_1011.tar.gz
Change into the extracted files directory:
cd OracleCalendar_inst/
Prepare the files:
mv cal_linux cal_linux.bak; cat cal_linux.bak | sed "s/export LD_ASSUME_KERNEL/#xport LD_ASSUME_KERNEL/" > cal_linux; rm cal_linux
Change permissions:
chmod +x gui_install.sh cal_linux
Start the GUI installer:
sudo sh gui_install.sh
Group Calendars
DAViCal Calendar Server
DAViCal (http://wiki.davical.org/w/Main_Page) is a CalDAV (http://en.wikipedia.org
/wiki/CalDAV) , postgreSQL, Apache and php-based shared Calendar server that works with
Mozilla Thunderbird/Lightning/Sunbird, Evolution, and other calendar clients. Install:
sudo apt-get install davical
Then see these detailed installation instructions (http://wiki.davical.org/w/Ubuntu_Maverick) .
Darwin Calendar Server
Darwin Calendar Server (http://trac.calendarserver.org/) is an open-source port of Apple's
CalDAV (http://en.wikipedia.org/wiki/CalDAV) -based calendar server that works with Mozilla
Thunderbird/Lightning/Sunbird, Evolution, and other calendar clients. Install version 1.2 from the
repositories (then see the website for usage instructions):
sudo apt-get install calendarserver
WebCalendar
108 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
WebCalendar (http://www.k5n.us/webcalendar.php?topic=About) is an ICS
(http://en.wikipedia.org/wiki/ICalendar) -based server for group calendars that can use many
different databases as the backend, is written in PHP, and is compatible with clients such as
Sunbird/Thunderbird (Lightning), Apple iCal, and Evolution. The newest version can also be
viewed using RSS (http://en.wikipedia.org/wiki/RSS) clients. See the website and the wiki
(http://www.k5n.us/wiki/index.php?title=Main_Page) for installing the newest (1.2) version.
Install the older (1.05) version from the repositories:
sudo apt-get install webcalendar
Mail servers
Postfix / Dovecot (Mail Server)
Postfix (http://www.postfix.org/) is a free open source mail server. It interfaces directly to
Dovecot (http://www.dovecot.org/) , the free open source IMAP (http://en.wikipedia.org
/wiki/Internet_Message_Access_Protocol) and POP3 (http://en.wikipedia.org
/wiki/Post_Office_Protocol) server. For more information see the official Ubuntu documentation
(https://help.ubuntu.com/12.04/serverguide/email-services.html) . The dovecot-postfix
metapackage installs the components and customizes the configuration files to use the Maildir
(mail spooling) folder system by default. Imap and Pop3 modules, SMTP, and SASL/TLS (with
self-signed certificates) are installed by default.
sudo apt-get install dovecot-postfix
For tips on setting up a personal mail server, see here.
iRedMail
iRedMail (http://www.iredmail.org/install_iredmail_on_ubuntu.html) is an integrated package that
includes Dovecot, Postfix, a choice of OpenLDAP (with phpLDAPAdmin) or MySQL for the
database, Roundcubemail or Squirrelmail for web-based mail access, phpAdmin, PostfixAdmin,
and AWStats. It is optimized for Precise 12.04 LTS and is best installed on a fresh server (since it
resets many email configuration files). There is a community edition with many of the features
of the commercial edition.
Wiki software
Wiki software allows an organization to have a manual that can be edited by a number of
collaborators. Wikipedia is the best known example.
MediaWiki
MediaWiki (http://www.mediawiki.org) is the free, open source server software that Wikipedia
uses. It is scalable to very large uses. It runs on the LAMP server stack (which uses the MySQL
database and is available as an installation option with the (K)ubuntu server), or it can be used
with a postgreSQL database. See these detailed instructions. (Other instructions are also
available here (http://www.mediawiki.org/wiki/Manual:Running_MediaWiki_on_Ubuntu) .) Install
from the repositories:
109 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install mediawiki
Edit the config file so it recognizes MediaWiki:
sudo nano /etc/mediawiki/apache.conf
Uncomment (remove the #) the line:
Alias /mediawiki /var/lib/mediawiki
Restart apache2:
sudo /etc/init.d/apache2 restart
Run/install MediaWiki by logging into:
http://localhost/mediawiki
You will be prompted for configuration variables to be set. The trickiest is the MySQL
user/password. Hopefully you remember your MySQL superuser that you set at the time of
LAMP (or MySQL) installation.
Copy your local settings configuration file to /etc/mediawiki (and make a backup of the
original):
sudo cp /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki
sudo mv /var/lib/mediawiki/config/LocalSettings.php /var/lib/mediawiki/config/LocalSettings_at_install.php
Edit your configuration variables there:
sudo kate /etc/mediawiki/LocalSettings.php
If you are using a virtual host server, make a symbolic link (named in this example mywiki)
from your /usr/share/mediawiki installation folder to your /var/www folder:
sudo ln -s /usr/share/mediawiki /var/www/mywiki
then make sure you have an apache2 virtual hosts configuration file (in /etc/apache2/sitesavailable) that points to /var/www/mywiki as the DocumentRoot. Make a symbolic link from your
virtual host configuration file in /etc/apache2/sites-available to /etc/apache2/sites-enabled to
enable it. Restart apache2 after enabling the sites. (Warning: MediaWiki is not secure at
installation and can be easily hacked by new users. Do not publish your wiki to the Internet
before reading all the instructions and changing the configuration file (LocalSettings.php) so that
it is more secure.) You would then access the database at:
http://my.virtualwikihost.org
Moin Moin
110 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Moin Moin (http://moinmo.in/) is free, open source (GPL-licensed) wiki software written using
Python, with a large community of users, including the Apache, Debian, and Ubuntu wikis. See
these Ubuntu installation instructions (https://help.ubuntu.com/12.04/serverguide
/moinmoin.html) . Install:
sudo apt-get install python-moinmoin
Twiki
Twiki (http://twiki.org) is an open source wiki engine used by many small to medium size
companies internally. It has an active development team with multiple plugins. See the website
for installation instructions. Install:
sudo apt-get install twiki
TiddlyWiki
TiddlyWiki (http://www.tiddlywiki.com/) is an open source personal wiki. It is ideal for creating a
list of things to do, note taking, or as a collaboration tool for a small team. It is a single HTML file
that can reside on your computer or can even be uploaded to a web server and be used as a
simple website. It is developed using a Firefox browser as an interface. Installation instructions
are on the website.
Web Publishing
Drupal (Web content publishing)
Drupal (http://drupal.org/) is the most powerful open-source website creation and content
collaboration tools. A modular approach to website building, from simple out-of-the-box websites
to complex sites is possible with a short learning curve. Get more info on how to get started
(http://drupal.org/getting-started) . Drupal requires an installation of a LAMP server stack; if you
have not already installed LAMP, it will be installed along with Drupal. I have found it easier to
use the MySQL (http://en.wikipedia.org/wiki/MySQL) database (the "M" in LAMP), but Drupal can
also integrate with PostgreSQL (http://en.wikipedia.org/wiki/Postgresql) if you have it installed.
Drupal7
Drupal 7 (unstable) is available as a package from a package manager or from the
command-line terminal:
sudo apt-get install drupal7
See these instructions (http://drupal.org/node/570162) for upgrading from Drupal6 to
Drupal7.
Drupal6
Drupal 6 is available as a package from a package manager or from the command-line terminal:
111 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
After everything is installed (and the problems below sorted out), restart the apache2
server:
Finish installation through your browser:
http://localhost/drupal6/install.php
You can then also see these installation tips for installing through the browser, then see these
Drupal site building tips. A Drupal/Ubuntu users group is found at Drubuntu
(http://groups.drupal.org/drubuntu) .
Installation quirks
Exim vs. Postfix
Exim (http://www.exim.org/) and Postfix (http://www.postfix.org/) are mail handlers. I had
installed Postfix at the time I installed my Ubuntu server (but was not using it). But Drupal6 uses
Exim and therefore removes Postfix at installation and installs Exim instead. Therefore, it is
better not to use Drupal6 on a mail server that uses Postfix.
WordPress
WordPress (http://wordpress.org/) is the most popular free open source web content manager
that started as a blog tool and now incorporates many publishing elements. For bloggers and
small to medium-sized websites, WordPress provides the fastest installation and customization
process with many modules. WordPress requires an installation of a LAMP server stack first. Then
install:
sudo apt-get install wordpress
Make a symbolic link from your Apache2 www folder to your installation folder and install a
new MySQL database named localhost to use with WordPress:
sudo ln -s /usr/share/wordpress /var/www/wordpress
sudo bash /usr/share/doc/wordpress/examples/setup-mysql -n wordpress localhost
Note: If you already know the name of your (virtual) host URL for WordPress, then use it as the
name of your database instead of localhost. For example, my URL is mysite_x.homeserve.org so
my command is:
sudo bash /usr/share/doc/wordpress/examples/setup-mysql -n wordpress mysite_x.homeserve.org
112 of 212
If you will access your WordPress server through a virtual host, then create your virtual host
configuration file in the /etc/apache2/sites-available folder. Once you have edited the file,
make a symbolic link from it to the /etc/apache2/sites-enabled folder. Restart apache2:
05/24/2012 07:12 AM
Ubuntu:Precise -
Install WordPress through a browser:
http://localhost/wordpress
or, if you are using a virtual host:
http:/mysite_x.homeserve.org/wordpress
Note: The Jaunty repositories contain version 2.7.1, which is subject to a security worm
(http://wordpress.org/development/) . If you install this version, please update
(http://codex.wordpress.org/Upgrading_WordPress) immediately to the current version from the
Tools -> Upgrade menu. (Alternatively, install the current source version from the website.)
For the automatic updater to work, all the WordPress files, folders, and subfolders must be
owned by www-data (which is also the owner of the apache2 process) prior to updating.
sudo chown -R www-data /usr/share/wordpress
Joomla (Web content publishing)
Joomla (http://www.joomla.org/) is a powerful open source website creation and content
management tool that allows website creation for use in every arena from the simple to complex
corporate environments. Info for beginners (http://docs.joomla.org/Beginners) is a good place to
start.
Scribus (Desktop publishing)
Scribus (http://www.scribus.net/) is an open-source package that provides professionalappearing desktop publishing.
sudo apt-get install scribus
Plone (Content Management System)
Plone (http://plone.org/) is a free, open source (GPL-licensed) multi-platform content
management system used by many large organizations around the world. It is available with an
integrated installer here (http://plone.org/products/plone) . Some users have had some
difficulties in Jaunty, due to changes in Python.
Gallery (Photo album website)
Gallery (http://gallery.menalto.com/) is a PHP-based method of presenting a photo album on a
website. A Drupal interface (http://drupal.org/project/gallery) is also available for Gallery2.
Install:
sudo apt-get install gallery2
phpBB (Forums)
113 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
phpBB (http://www.phpbb.com/) is the leading open source platform for Forums. A LAMP server
stack (or PostgreSQL database instead of MySQL) will be required and should be installed first.
Then make sure the universe repositories are enabled and install:
sudo apt-get install phpbb3
Distance teaching
Moodle
Moodle (http://moodle.org/) is a free open source platform for hosting online learning courses.
It can be integrated with webinar software. A LAMP server installation is required (sudo tasksel
install lamp-server). Also find free Moodle themes here (http://moodle.org/mod/data
/view.php?id=6552) . Install:
sudo apt-get install moodle
Database server software for Moodle: mysql-server -> follow remainder of instructions.
Assuming the database is hosted on the same computer as the one Moodle is being
installed upon, accept localhost for the options when prompted.
Edit Moodle configuration options (if needed). (Use the gedit text editor instead of kate if
using Ubuntu instead of Kubuntu.):
sudo kate /etc/moodle/config.php
Edit Moodle apache2 configuration file (if needed). (Use the gedit text editor instead of kate
if using Ubuntu instead of Kubuntu.):
sudo kate /etc/moodle/apache.conf
Finish installation through the browser. (I recommend the "unattended" installation.)
http://localhost/moodle/admin
For more information, see these detailed tips. Moodle can also be integrated with other CMS
systems (http://docs.moodle.org/21/en/Integrations) , as well.
Claroline
Claroline (http://www.claroline.net/) is a free open source platform for hosting e-learning courses
and online student collaboration. A LAMP server installation is required. Installation is from
source files available at the website, with instructions found here (http://www.claroline.net
/documentation/tutorials.html) .
Dokeos
Dokeos (http://www.dokeos.com/) has a free learning platform, but also a medically-oriented
proprietary platform that includes modules for case presentations and imaging. It is widely used
114 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
in Europe.
Software Development
Kompozer Web Development Editor
Kompozer (http://kompozer.net/) is a Gecko (http://en.wikipedia.org/wiki/Gecko_(layout_engine))
-based web authoring system that combines web page editing with web file management in a
WYSIWYG manner. It supports XML, CSS, and JavaScript in an XUL architecture.
sudo apt-get install kompozer
Quanta Plus (Web IDE)
Quanta Plus (http://quanta.kdewebdev.org/) is an integrated development environment
integrated with the KDE desktop. It allows webpage development, database design, and XML
design and scripting, for example, using multiple development tools. The latest stable version is
3.5, however, and integrates with the KDE 3.5 environment (Ubuntu Hardy Heron). You should
therefore use Ubuntu Hardy Heron with this product. (There is also a commercial version
(Quanta Gold), also oriented towards KDE 3).
sudo apt-get install quanta kompare kxsldbg cervisia
Netbeans IDE
Netbeans (http://www.netbeans.org/features/) is a free open-source integrated development
environment used to create applications using Ajax, Ruby, pHp, Groovy, Java, Javascript, C++,
and other scripting tools.
sudo apt-get install netbeans
BlueFish Web Development Editor
BlueFish (http://bluefish.openoffice.nl/) is a GTK-based (Gnome-oriented) editor to write websites,
scripts and programming code. It supports perl, Python, pHp, CSS, XML, Java, Javascript, C, SQL,
and other formats.
sudo apt-get install bluefish
Gobby (Multi-user development)
Gobby (http://gobby.0x539.de/trac/) is a free, multi-platform open source collaborative editor
supporting multiple documents in one session and a multi-user chat. Install:
sudo apt-get install gobby
Eclipse IDE
115 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Eclipse (http://www.eclipse.org/home/newcomers.php) is a free open-source cross-platform
integrated development environment with plugin support for a large set of programming
languages, e.g. Java, C/C++, Python, PHP.
sudo apt-get install eclipse
Version control software
Copies of software being developed at many different locations require a method to ensure that
the multiple distributed copies remain synchronized. This can be done using a central repository
or using a distributed synchronization technique. For further information, see the official Ubuntu
documentation (https://help.ubuntu.com/11.10/serverguide/C/version-control-system.html) .
Several version control platforms exist:
Bazaar (http://bazaar.canonical.com/en/) is sponsored by Canonical and also allows
distributed synchronization. Also see the official Ubuntu documentation
(https://help.ubuntu.com/11.10/serverguide/C/bazaar.html) .
Subversion (http://subversion.apache.org/) . Now part of Apache, this is one of the most
widely used systems and uses a central repository for synchronization. Also see the official
Ubuntu documentation (https://help.ubuntu.com/11.10/serverguide/C/subversion.html) .
CVS (http://en.wikipedia.org/wiki/Concurrent_Versions_System) was previously the most
widely used system. Also see the official Ubuntu documentation (https://help.ubuntu.com
/11.10/serverguide/C/cvs-server.html) .
Git
Git (http://git-scm.com/) allows distributed synchronization and is currently one of the most
widely used systems. Also see the Ubuntu community documentation
(https://help.ubuntu.com/community/Git) . The git client can be installed:
sudo apt-get install git
and the gitosis (http://eagain.net/gitweb/?p=gitosis.git;a=blob;f=README.rst;hb=master)
server software:
sudo apt-get install gitosis
SparkleShare (Git frontend)
SparkleShare (http://sparkleshare.org/help/) is a Git repository server/client frontend. Installation
is by adding a PPA repository (https://launchpad.net/~warp10/+archive/sparkleshare) and then
installing:
sudo add-apt-repository ppa:warp10/sparkleshare
sudo apt-get update
sudo apt-get install sparkleshare
Personal repositories
116 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
(K)Ubuntu uses Debian (.deb) packages. Individuals or organizations can create repositories for
personal or specialized use. See the Debian wiki introduction (http://wiki.debian.org
/HowToSetupADebianRepository) . Also see this Ubuntu community advice
(https://help.ubuntu.com/community/Repositories/Personal) and this (https://help.ubuntu.com
/community/AptGet/Offline/Repository) .
mini-dinstall
Using mini-dinstall with dput, a simple repository can be created. This can then be copied to an
online server for public or private access. See this tutorial (https://help.ubuntu.com/community
/LocalAptGetRepository) and this (http://www.drelmo.net/2007/09/17/setting-up-yourown-ubuntu-repository-on-dreamhost/) .
Debarchiver
DebArchiver (http://inguza.com/software/debarchiver) is a command-line utility that allows the
creation of a folder-based repository. Instructions are from man debarchiver (in a command-line
terminal). Install:
sudo apt-get install debarchiver
FTP (online file transfer)
See this section on FTP servers for more information about vsftp and proftp.
See this section on FTP clients for more information about FileZilla.
Also see these FTP tips.
WebDAV (online folders)
See this section on WebDAV for more information about WebDAV servers and clients.
Maps and GPS
Google Earth
Google Earth (http://earth.google.com/) gives you an annotated eagle's eye view of our planet.
This is a free proprietary package (you must accept the license to use this package).
sudo apt-get install googleearth-package
make-googleearth-package --force
Doubleclick on the resulting .deb file.
-- or -To install the latest Linux binary, download and save the GoogleEarthLinux.bin (currently version
5 ) package from Google Earth downloads (http://earth.google.com/intl/en/download-earth.html)
. (You may alternatively download the previous version (4.3), named googleearth-linuxplus-4.3.7284.3916.bin or something similar.)
117 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
wget http://dl.google.com/earth/client/current/GoogleEarthLinux.bin
Then install:
chmod +x GoogleEarthLinux.bin
./GoogleEarthLinux.bin
Run:
K menu -> Internet -> Google Earth 3D planet viewer
You should turn off the Google Earth -> View -> Atmosphere setting, or you might see clouds
everywhere and the ground won't show up.
Troubleshooting
If Google Earth opens, shows the splash screen, and then crashes, you’re probably
experiencing a common issue. Running ~/google-earth/googleearth in a terminal will show
this error:
./googleearth-bin: relocation error: /usr/lib/i686/cmov/libssl.so.0.9.8: symbol BIO_test_flags,
version OPENSSL_0.9.8 not defined in file libcrypto.so.0.9.8 with link time reference
To fix this, browse to the folder you installed Google Earth into. (If you installed manually, this
will be google-earth in your home folder.) Find the file libcrypto.so.0.9.8 and rename it to
something else, like libcrypto.so.0.9.8.bak. Google Earth should now start correctly.
cd ~/google-earth
sudo mv libcrypto.so.0.9.8 libcrypto.so.0.9.8.bak
sudo ln -s /usr/lib/libcrypto.so.0.9.8 ~/google-earth/libcrypto.so.0.9.8
(Note: You can also specify /home/user/google-earth instead of ~/google-earth ).
On my display, I had to disable desktop effects (K menu -> System -> System Settings ->
Desktop -> Desktop Effects) to get the display to work.
For other issues, see the Ubuntu help pages on Google Earth (https://help.ubuntu.com
/community/GoogleEarth) . Be careful of some of the suggestions there.
For example, if you turned on OpenGL desktop effects (using K Menu -> System Settings ->
Desktop -> Desktop Effects -> General -> Advanced Options) and your display goes blank and
you can't restore it, you will have to edit the settings file manually from the command-line to
reset your mistake.
nano ~/.kde/share/config/kwinrc
In the section title [Compositing], under the line Backend=OpenGL (or whichever backend you
had selected) change the line below it to read:
Enabled=false
The will reset your display and you can then reboot successfully into your default display (to try
118 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
different settings from the menu again, if you wish).
Uninstall Google Earth
To uninstall run the uninstall shell script located in the /home/user/google-earth folder (or
whichever folder you installed google-earth into).
GPS
Tux Mobil (http://tuxmobil.org/linux_gps_navigation_applications.html) has a list of Linux
applications for use with GPS devices, and compatible hardware. Two GPS packages are
available from the Ubuntu/Kubuntu respositories:
Viking (http://viking.sourceforge.net/mediawiki/index.php/Main_Page) is a free open source
package to view GPS data in maps, and to plot co-ordinates. This has been reviewed
(http://www.fsckin.com/2008/04/06/review-four-linux-gps-packages/) as the best Linux GPS
mapping program.
sudo apt-get install viking
GPS Drive (http://www.gpsdrive.de/) is a free navigation software package that displays
your position on a zoomable map using your GPS device. It is GTK-based but can be used in
Kubuntu. It uses the gpsd (http://gpsd.berlios.de/) daemon that interfaces with a variety of
GPS hardware (http://gpsd.berlios.de/hardware.html) . A .deb package
(http://www.gpsdrive.de/download.shtml) of the current version is also available from the
website. Install:
sudo apt-get install gpsdrive
tangoGPS (http://www.tangogps.org) is a beautiful, lightweight GPS mapping program that
uses map data from the Openstreetmap (http://www.openstreetmap.org/) project. Is is a
GPL-licensed open source project. A .deb package can be found here
(http://www.tangogps.org/gps/cat/Download) .
Celestial (Star) Maps
Celestia
Celestia (http://www.shatters.net/celestia/) is a free planetarium and space simulator for the
desktop. Install:
sudo apt-get install celestia
Stellarium
119 of 212
Stellarium (http://www.stellarium.org/) is an astounding planetarium for the desktop. Install:
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install stellarium
Science, Technology, and Engineering
Applications
What .. you thought (K)Ubuntu was just for play? Also see Ubuntu Science
(https://help.ubuntu.com/community/OtherSoftware) .
Health applications
OpenEMR (Electronic Health Record)
OpenEMR (http://www.open-emr.org/) is a mature, robust, outpatient-setting electronic medical
record system that is certified in the US.
Make sure the LAMP (Linux, Apache, MySQL, PHP5) stack is installed first:
sudo apt-get install tasksel
sudo tasksel install lamp-server
Install the Debian/(K)Ubuntu package from this location (http://open-emr.org/wiki/index.php
/OpenEMR_Downloads#Ubuntu.2Fdebian) using these instructions (http://open-emr.org
/wiki/index.php/OpenEMR_4.1_Ubuntu-Debian_Package_Installation) .
VistA (Enterprise Electronic Health Record)
OpenVistA (http://www.medsphere.com/) and WorldVistA (http://worldvista.org) are two varieties
of the largest and most robust CCHIT-approved electronic health record platform in the public
domain. They are GPL licensed, are based on the US Veterans Administration health record
system, and can be installed as an integrated database, server, and client system. See the
detailed download and installation instructions for OpenVistA and WorldVistA, or visit Vistapedia
(http://www.vistapedia.net) for other instructions. Also see the Ultimate Server with OpenVistA
EHR.
CAD
QCAD (http://www.ribbonsoft.com/qcad.html) is a commercial CAD alternative to AutoCAD
with a community open source edition. Install:
sudo apt-get install qcad
VariCAD (http://www.varicad.com/) is a commercial 3D CAD package for multiple platforms
(including Linux). There is no open source or community version.
Mathematical solutions
Scilab (http://www.scilab.org/) , Octave, and Freemat are three open source solutions for solving
complex numerical mathematical problems. Symbolic mathematical problems can be solved
120 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
with Maxima and Mathomatic. All of these programs are included in the Ubuntu Universe
repositories.
Octave
Gnu Octave (http://www.gnu.org/software/octave/about.html) is a free, open source (GPL
licensed) platform for solving linear and non-linear equations, similar to (and mostly compatible
with) Matlab. It interfaces well with Gnuplot (http://www.gnuplot.info/) . For troubleshooting tips,
see this thread (http://ubuntuforums.org/showthread.php?t=1034174) . Install:
sudo apt-get install octave3.0
Also recommended:
sudo apt-get install libatlas3gf-base gnuplot qtoctave
Note: QTOctave (https://forja.rediris.es/frs/?group_id=60&release_id=299) is a GUI for Gnuplot
or Easyplot 1.1, and and the ATLAS library is an algebra-software-optimization set of utilities.
EasyPlot 1.1 (http://www.amion.com/ep/eplot.html) is an alternative to GnuPlot, with a version
(https://forja.rediris.es/frs/?group_id=60&release_id=299) that can be used with QTOctave. It
must be installed from source.
An older GUI for Octave/Gnuplot is qgfe (http://www.xm1math.net/qgfe/) (available as the
package qgfe).
Freemat
Freemat (http://freemat.sourceforge.net/) is a free, open source (GPL licensed) platform for
solving linear and non-linear equations, similar to (and mostly compatible with) Matlab. Install
from Add/Remove Programs (Edutainment) or
sudo apt-get install freemat
Maxima
Maxima (http://wxmaxima.sourceforge.net/) is a free, open source (GPL licensed) computer
algebra system (CAS) for doing symbolic mathematics. It can solve equations with many
variables, simplify expressions, do calculus, and many other advanced operations. To install:
sudo apt-get install wxmaxima
To run, enter:
maxima
or select wxMaxima from the Applications/Science menu. wxMaxima is the standard Maxima
GUI.
Mathomatic
121 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Mathomatic (http://www.mathomatic.org) is a free, open source (LGPL licensed) command-line
computer algebra system for doing calculations and symbolic mathematics. It can automatically
solve and simplify algebraic equations, do some calculus, and other simple but useful
operations. To install:
sudo apt-get install mathomatic mathomatic-primes
To run, enter:
mathomatic
or select it from the Applications/Science menu.
Amateur Radio applications
Fldigi (http://www.w1hkj.com/Fldigi.html) is a free, open-source (GPL) application for
digital-mode amateur radio communications using a sound card. Enable "Community Maintained
Software (universe)" in Software Sources; then install either from Add/Remove Programs under
(Amateur Radio) or by typing
sudo apt-get install fldigi
Amateur Electronics
Arduino
Arduino (http://www.arduino.cc/) is an open-source electronics prototyping platform based on
flexible, easy-to-use hardware and software. It's intended for artists, designers, and hobbyists
interested in creating interactive objects or environments. See this tutorial
(http://www.codetorment.com/2009/11/02/tutorial-getting-started-with-arduino-ide-on-linuxubuntu-9-10/) .
LaTeX
LaTeX (http://www.latex-project.org/) is a LaTeX is a free high-quality typesetting system for the
production of technical and scientific documentation.
LyX
LyX (http://www.lyx.org/) is a WYSIWYG frontend and GUI interface useful in creating documents
formatted for LaTeX. Install:
sudo apt-get install lyx
LaTeX Reference Managers
122 of 212
The standard LaTeX bibliography (BibTeX) tool can be manipulated with one of several
tools:
nbibtex. Install:
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install nbibtex
jabref. Install:
sudo apt-get install jabref
biblatex. Install:
sudo apt-get install biblatex
kbibtex (for KDE). Install:
sudo apt-get install kbibtex
Zotero (http://www.zotero.org) is a Firefox plugin that allows culling references (and
reference content) from online references.
Miscellaneous software (not endorsed by
this guide)
JBidwatcher
JBidwatcher (http://www.jbidwatcher.com) is a Java-based application allowing you to monitor
auctions, submit bids, snipe (bid at the last moment), and otherwise track your auction-site
experience. See the website for more details.
Utilities
Utilities facilitate everyday tasks, such as keeping the clock up to date, archiving utilities, and
more.
Archiving Utilities
ZIP
The command-line terminal utility ZIP (http://linux.die.net/man/1/zip) creates files that are
compatible with the time-honored PKZIP and WinZip. It is included in (K)Ubuntu by default.
Extracting zip files can be done with the unzip utility. Using the -P option allows the creation of a
password for the zip file:
zip -r -P mypassword destination.zip *
Note: The -r option indicates to include all subdirectories recursively. The wildcard * adds all files
in the directory, but you can specify individual filenames as well. If special characters are to be
used in the password, designate them with a preceding \. For example, if the password is to be
notsosecure123# then the command should be
123 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
zip -r -P notsosecure123\# destination.zip *
For more info, enter in the command-line terminal:
man zip
FileRoller (Archiving GUI)
FileRoller (http://fileroller.sourceforge.net/features.html) is a GUI for many types of archival
utilities.
X-archiver (Archiving GUI)
Xarchiver (http://xarchiver.sourceforge.net/) is a GTK-based GUI front-end for many archiving
utilities. Install:
sudo apt-get install xarchiver
BChunk
BChunk is a command-line utility that allows you to convert .cue and .bin files into an .iso file (so
that they can be opened and manipulated in Ubuntu). Warning: If the bin/cue image has
audio tracks, they will be lost.
Get BChunk
sudo apt-get install bchunk
To convert .cue and .bin files, navigate to the folder and run this command (replacing filenames
with your own):
bchunk inputfilename.bin inputfilename.cue outputfilename.iso
After the file is converted into ISO you can mount it using:
sudo mount -o loop outputfilename.iso /media/output
Navigate to /media/output and you should see all the content there. You can then copy it
anywhere.
To unmount:
sudo umount /media/output
HJSplit Files Joiner/Splitter
HJSplit for Linux (Java version).
124 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Make sure you have Java Runtime Environment installed:
sudo apt-get install sun-java6-jre
Download the HJSplit JAR file:
wget http://www.freebyte.com/download/hjsplit/hjsplit_g.jar
Create the directory for HJSplit:
sudo mkdir /opt/hjsplit
Move the file to an appropriate directory:
sudo mv hjsplit_g.jar /opt/hjsplit/
Run:
cd /opt/hjsplit/ && java -jar hjsplit_g.jar
Note: You could also make a terminal shortcut (menu item) in K Menu Editor.
Rar
Rar archives files into the proprietary .rar format.
sudo apt-get install rar
This application is a 40-day trial.
Unrar
Unrar extracts files archived with the proprietary .rar format. A free version can be installed:
sudo apt-get install unrar-free
or the proprietary version (also free for noncommercial use) can be installed with the ubunturestricted-extras package or with:
sudo apt-get install unrar
7-Zip
The open-source 7-Zip archive format was originally designed for Windows (and DOS) but is also
available for Ubuntu. The GNU/Linux version of 7-Zip does not come with a GUI, but Ark can
hook into 7-Zip to handle 7z archives. Install:
125 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install p7zip-full
To allow the 7-Zip extension for Ark to extract .rar files, also install:
sudo apt-get install p7zip-rar
Hard Drive Utilities
KDiskFree (Hard drive properties monitor)
KDiskFree (http://docs.kde.org/stable/en/kdeutils/kdf/using-kdf.html) is a KDE utility for
monitoring free disk space, etc.
sudo apt-get install kdf
Clock Utilties
Screensavers
A screensaver is useful as a security precaution as well as a power and screen element saver.
Using even a simple "Blank Screen" screensaver with a password can slow a potentially
malicious passerby from gaining access to your keyboard and computer while you are away
from your desk.
Menu -> System -> Preferences -> Screen Saver
Set a security password:
Screen Saver -> Lock screen when screensaver is active (ticked)
Partition Managers
Also see these tips for partitioning scheme suggestions, other partitioning tools and methods,
and usage of multiple partitions for multiple OSs.
GParted Partition Manager
Gparted (http://gparted.sourceforge.net/) is a GTK (Gnome)-based partition manager that can
also be used with KDE.
126 of 212
This utility works best when run from a LiveCD. Recent versions of the Ubuntu LiveCD have
a copy of GParted on them. Start the Ubuntu LiveCD in demo mode (not in install mode)
and then start GParted:
Menu -> System -> Administration -> GParted
An alternative is to download the Gparted .iso image here (http://sourceforge.net/project
/showfiles.php?group_id=115843&package_id=271779) . Follow these instructions
(https://help.ubuntu.com/community/BurningIsoHowto) to burn this .iso image to CD. Use
this GParted LiveCD as your partition manager.
05/24/2012 07:12 AM
Ubuntu:Precise -
You can also install the package into your OS (once it is installed on your hard drive):
sudo apt-get install gparted
System Backup and Recovery
Rsync
Rsync (http://rsync.samba.org/) is the directory backup and transfer tool for Linux. It is installed
by default in Ubuntu. It can provide any type of backup, and options are extensive. Several GUI
frontends for Rsync are listed here (http://www.debianhelp.co.uk/rsyncweb.htm) .
GRsync
GRsync (http://www.opbyte.it/grsync/) is a GTK-based GUI front-end for Rsync. Install:
sudo apt-get install grsync
Bacula
Bacula (http://www.bacula.org/) is the most widely-used GTK-based open source (GPL-licensed)
network backup utility that is used in both server and desktop installations. A catalogue of
backups can be maintained using MySQL, PostgreSQL, or SQLite. For more info see the Ubuntu
documentation (http://doc.ubuntu.com/ubuntu/serverguide/C/bacula.html) . Both text-based and
GUI frontends are available. Install the MySQL version:
sudo apt-get install bacula
SBackup
SBackup (http://sourceforge.net/projects/sbackup/develop) is a simple backup and restore utility
for the GTK-desktop. Install:
sudo apt-get install sbackup
Keep (Backup and Recovery)
Keep (http://jr.falleri.free.fr/keep/wiki/Home) is a QT/KDE based backup utility used in previous
versions of Ubuntu. It is no longer maintained and is not included in Ubuntu by default. Install:
sudo apt-get install keep
Run:
127 of 212
Menu -> Applications -> System Tools -> Keep (Backup System)
Backup:
Click "Add a Directory to Backup"
05/24/2012 07:12 AM
Ubuntu:Precise -
Select directories you wish to backup
Select a location to place the backup
Set how often you wish the backups to take place, and how long to keep them
Click "Backup Now"
Select the directory groups you wish to backup.
Recover:
Click "Restore a Backup"
Select the directory groups you wish to restore.
Partimage (Partition backup)
Partimage (http://sourceforge.net/projects/partimage/) is a free open-source utility to back up an
entire partition into an .iso image. It can be used across a network, as well. Install and run:
sudo apt-get install partimage
sudo partimage
Partimage cannot be used from within the partition you wish to backup. You will either have to
run it from a different partition or from a LiveCD that contains it. (A serious limitation of
Partimage is its inability to backup/restore split image files to/from multiple media (e.g. spanned
DVDs/CDs), limiting its usefulness as an inexpensive cloning and distribution solution. Partition
image backup/restoration must be to/from a single hard drive, large capacity USB stick, or
networked storage space.)
cp
An entire partition's filesystem can easily be copied to another partition using the cp -a
command. (However, this cannot be done for the partition of a filesystem that is running. Use
the (K)Ubuntu LiveCD to copy partitions when necessary.) Obviously the destination partition
should be as large or larger than the source partition, and while not necessary, probably is best
if both partitions are of the same filesystem type (e.g. ext4). Use GParted to create or
manipulate the destination partition, if necessary. To copy the entire filesystem, for example,
from the ext4 partition /dev/sda6 into the ext4 partition at /dev/sda7, mount both partitions:
sudo
sudo
sudo
sudo
mkdir
mkdir
mount
mount
/media/partsda6
/media/partsda7
/dev/sda6 -t ext4 /media/partsda6
/dev/sda7 -t ext4 /media/partsda7
Then merely copy the contents from one partition to the other:
sudo cp -a /media/partsda6/* /media/partsda7
Of course, once the partition's filesystem is copied, a bootmanager (Grub2 or Grub Legacy)
will have to be updated/reconfigured to recognize the new partition's OS in order to enable
it to boot. Also, the /etc/fstab file of the new partition's filesystem may need to be edited (in
regards to the UUIDs of the various partitions), to prevent conflicts. To determine the UUIDs
of all current partitions on a hard drive:
sudo blkid
128 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Edit fstab so that the UUIDs are correctly reflected there.
To confirm that the file copy has completed, the Linux command du (http://www.gnu.org
/software/coreutils/manual/html_node/du-invocation.html) (also see these tips
(http://www.codecoffee.com/tipsforlinux/articles/22.html) ) can be used to calculate the disk
usage for both the source and destination folders in order to compare the values (to ensure
that they are the same). For example, the values should be the same for both partitions
after copying has completed:
sudo du /media/partsda6
sudo du /media/partsda7
dd
dd (http://en.wikipedia.org/wiki/Dd_%28Unix%29) is a *nix command that enables the copying of
files or an entire disk using a single command. Parameters must be precisely specified to avoid
risk of accidentally erasing data. See these brief instructions (http://www.gnu.org/software
/coreutils/manual/html_node/dd-invocation.html) or these instructions
(http://www.opengroup.org/onlinepubs/9699919799/utilities/dd.html) for detailed options. You
cannot copy a hard drive that contains the operating system you are currently running. Instead,
boot into a LiveCD and run the dd command that way. An example command to copy Hard drive
X to Hard drive Y is:
dd if=/dev/hdx of=/dev/hdy
ddrescue (http://www.garloff.de/kurt/linux/ddrescue/) is a variation of the dd command that
allows working with potentially corrupted datasets, partitions, or hard drives.
FSArchiver (Filesystem Archiver)
FSArchiver (http://www.fsarchiver.org/) is a utility to backup the filesystem by files (instead of by
partition blocks). A filesystem backed up in this way can be moved to a different sized partition
or another disk filesystem altogether (e.g. from ext3 to ext4). Backups can be split and stored on
(and restored from) spanned media (e.g. multiple DVDs/CDs). It is included in the System Rescue
CD. Install:
sudo apt-get install fsarchiver
System Rescue and Cloning Utilities
System Rescue CD
SystemRescueCD (http://www.sysresccd.org/Main_Page) is a LiveCD that includes important
utilities such as GParted, Partimage, ddrescue, Rsync, and FSArchiver. Several of these utilities
cannot be used from within a running partition, so using them from a LiveCD is often necessary.
Download (http://www.sysresccd.org/Download) and burn (https://help.ubuntu.com/community
/BurningIsoHowto) the LiveCD from the website.
Clonezilla
129 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Clonezilla (http://clonezilla.org/) allows the backup or duplication of a partition for a single
machine or for multiple machines over a network. (It is similar to Norton Ghost.) It includes
Partimage, partclone (http://sourceforge.net/projects/partclone/) , and other utilities. It is
available (http://sourceforge.net/projects/clonezilla/files/) as a LiveCD which can then be burned
(https://help.ubuntu.com/community/BurningIsoHowto) . (A serious limitation of Clonezilla is its
inability to backup/restore split image files to/from multiple media (e.g. spanned DVDs/CDs),
limiting its usefulness as an inexpensive cloning and distribution solution. Partition image
backup/restoration must be to/from a single hard drive, large capacity USB stick, or networked
storage space.)
Disk Imaging software
G4U (http://sourceforge.net/projects/g4u/) is a utility to image a disk bit by bit.
G4L (http://sourceforge.net/projects/g4l/) is a utility to image a disk bit by bit. It includes a
GUI interface.
Ubuntu Customization Kit
Ubuntu Customization Kit (http://sourceforge.net/projects/uck) is a utility to customize a
(K)Ubuntu LiveCD. Install:
sudo apt-get install uck
Remastering software
Debian and (K)Ubuntu Linux operating systems can be "remastered" and customized (using one
of a number of utilities) for re-distribution. (See this Wikipedia list (http://en.wikipedia.org
/wiki/List_of_remastering_software) .) This enables an organization to pre-load desired
applications and customizations for distribution among its members, while preserving the
intrinsic architecture and function of (K)Ubuntu. The customized (K)Ubuntu OS can then be
distributed on a CD or on a USB flashdrive. Users are then free to further customize the OS, or
even to revert back to the original default (K)Ubuntu settings. Also see the Ubuntu wiki
(https://help.ubuntu.com/community/InstallCDCustomization) .
oem-config-gtk
sudo apt-get install oem-config-gtk
Remastersys for Ubuntu (http://sourceforge.net/projects/remastersys/) . For tips, see this
page.
Reconstructor (https://www.reconstructor.org/projects/reconstructor/wiki/UserGuide) . The
open source engine can be downloaded (https://www.reconstructor.org/projects
/reconstructor/files) and installed as a .deb package.
Run (K)Ubuntu LiveCD from a USB pendrive
The (K)Ubuntu LiveCD can be installed on and run from a USB pendrive. Settings can be
"persistently" saved (but the LiveCD kernel modules can not be upgraded). Programs can be
installed and run, however, and files saved to the USB drive. (The installed programs will remain
installed). A (K)Ubuntu Live CD is needed to do the installation. For additional info, see the
Ubuntu Official documentation (http://www.ubuntu.com/download/help/create-a-usb-stick130 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
on-ubuntu) , the Ubuntu Community documentation (https://help.ubuntu.com/community
/Installation/FromUSBStick) or the Pendrivelinux instructions (http://www.pendrivelinux.com
/creating-an-ubuntu-live-usb-from-cd/) .
The USB "LiveCD" can be used to install (K)Ubuntu on computers (including netbooks) that do
not have CD-ROM/DVD drives.
USB pendrives to be used to run (K)Ubuntu should have a minimum of 2 Gb (preferably 4 Gb). If
you wish to install a fast, fully functional Linux system on a pendrive that has less memory than
that, use PuppyLinux (http://www.puppylinux.org/) or Lubuntu (https://wiki.ubuntu.com/Lubuntu)
.
USB Creator
You can make a "LiveCD" on a USB pendrive using USB Creator and either a LiveCD or an .iso
version of the LiveCD stored on your hard drive. USB Creator is installed by default in (K)Ubuntu.
If not, install:
sudo apt-get install usb-creator-gtk
Run:
Menu -> System -> Startup Disk Creator
Create a boot CD to allow booting from the USB drive
Many computers do not allow booting from a USB drive (but they do allow booting from the
CD-ROM). You can create a CD-ROM using these Pendrivelinux instructions
(http://www.pendrivelinux.com/make-a-usb-boot-cd-for-ubuntu-11-10/) and set your BIOS to boot
from this CD-ROM. When you boot from this CD-ROM, it will use the bootup files on the
(K)Ubuntu USB drive you previously created (in the step above).
User Administration
Users and Groups
131 of 212
Menu -> System -> Administration -> Users and Groups
Add New Users
Menu -> System -> Administration -> Users and Groups -> Add
Remove Users
Menu -> System -> Administration -> Users and Groups -> user -> Delete
Modify Users
Menu -> System -> Administration -> Users and Groups -> user -> Advanced Settings
or
Menu -> System -> Administration -> Users and Groups -> user -> Manage Groups
05/24/2012 07:12 AM
Ubuntu:Precise -
It is quite often necessary to have extra privileges to do certain tasks. These privileges are
assigned to your user by belonging to certain groups. The tasks are allowed to be performed by
any user belonging to the group associated with that task.
Example: a "sudoer" is a user who can perform certain administrative tasks, such as
updating the system. To become a "sudoer" a user must belong to the "sudo" group.
Menu -> System -> Administration -> Users and Groups -> user -> Manage Groups -->
sudo -> Properties -> Group Members -> user (ticked)
To become an administrator, you must belong to the adm, admin, and sudo groups. To be a
virtualbox user, you must belong to the virtualbox group. To change printer settings you must
belong to lpadmin. To use the cdrom, you must belong to cdrom. To use hot-pluggable devices,
you must belong to plugdev. To share Samba folders (on a Windows-based network), you must
belong to sambashare. To access NTFS files using the virtual filesystem fuse, you must belong to
the fuse group. To use many games, you must belong to the games group. The list is long, and
not always obvious.
Unfortunately, while this is the feature that gives Linux such a high-level of security, it can also
take diligence to remember to add your user to certain groups. It is not uncommon for programs
and functions on your system not to work merely because you don't have privileges to do so
because you forgot to add your user to the appropriate group(s).
Of most importance, you must already be an administrator in order to change membership in
groups. Therefore, if you create a new user and intend to give that user administrative privileges
(by assigning the user to the administrative groups), you must do so from your original
administrator account (the one you set up at installation) or from another administrative user
account.
Timekpr (Parental controls)
Timekpr (http://timekpr.blogspot.com/) is a program to track and control the computer usage of
user accounts.
If updating, remove any prior versions:
sudo dpkg --purge timekpr
Add the timekpr third-party repositories:
sudo add-apt-repository ppa:nedberg
Install:
sudo apt-get install timekpr
132 of 212
When prompted which default display manager to use, select "gdm"
Start:
Menu -> System -> Administration -> Timekpr Control Panel
05/24/2012 07:12 AM
Ubuntu:Precise -
Web content filtering
DansGuardian (http://dansguardian.org/) provides web filtering capability, similar to NetNanny. It
is useful for limiting objectionable content in publicly accessible workstations, or for filtering
objectionable content for younger users. It integrates with ClamAV, and uses several criteria for
filtering websites (which is difficult to modify). It is used with Tinyproxy (https://www.banu.com
/tinyproxy/) (best for individual users) or the Squid (http://www.squid-cache.org/) proxy (best for
a network server). Install:
sudo apt-get install dansguardian tinyproxy
or
sudo apt-get install dansguardian squid
See these installation instructions (https://help.ubuntu.com/community/Servers/DansGuardian)
for setup details. In brief,
Edit the dansguardian configuration file:
sudo nano /etc/dansguardian/dansguardian.conf
comment out the UNCONFIGURED line:
#UNCONFIGURED
If using tinyproxy instead of Squid, change the proxyport to 8888:
proxyport 8888
Reinstall dansguardian:
sudo apt-get install --reinstall dansguardian
Set your browser to use the localhost:8080 proxy. For example, in Firefox:
Firefox -> Edit -> Preferences -> Advanced -> Network -> Settings
Manual proxy configuration -> HTTP proxy: localhost -> Port: 8080
A Webmin module (http://sourceforge.net/projects/dgwebminmodule) is available to
administer settings. Also, a GUI (http://ubuntuforums.org/showthread.php?t=207008&
page=8) to change Dansguardian settings called Webstrict (http://www.ubuntume.com
/webstrict) is in development.
A GUI for use with IPCop (http://www.dageek.co.uk/ipcop/addonz/dansgui.htm) (based on
the webmin module) is also available.
System Administration
133 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Automating Tasks
Cron is a system daemon that runs tasks in the background according to instructions found
in a crontab file. To edit the crontab file for the current user:
crontab -e
Tasks that normally require administrative (sudo) privileges should be added to the root user's
crontab:
sudo crontab -e
Add commands using the format specified here (http://pubs.opengroup.org/onlinepubs
/9699919799/utilities/crontab.html) (or see the Ubuntu Community Help
(https://help.ubuntu.com/community/CronHowto) ). The crontab command format can also be
found using:
man crontab
Scheduled/automated tasks (cron events) can also be edited using the GNOME schedule
(http://gnome-schedule.sourceforge.net/) GUI interface.
Menu -> System -> Administration -> Task Scheduler
If the GNOME Schedule task scheduler is not installed, install it:
sudo apt-get install gnome-schedule
Boot Menu
Login Menu settings
You can change the Login menu settings from the GUI interface:
Menu -> System -> Administration -> Login Manager
You can choose an integrated theme or select individual components of the login
screen/process.
Automating bootup options
StartupManager is a GUI to manage settings for Grub (Grub Legacy), Grub 2, Usplash, and
Splashy.
GRUB boot manager settings
Grub2
Precise comes with Grub2 (http://www.gnu.org/software/grub/manual/grub.html) , a difficult boot
manager to customize. (Grub2 is also known as grub-pc.) See the evolving instructions at the
134 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Ubuntu wiki (https://wiki.ubuntu.com/Grub2) or Ubuntu forums (http://ubuntuforums.org
/showthread.php?t=1195275) . In brief, some settings can be edited:
sudo nano /etc/default/grub
sudo grub-mkconfig --output=/boot/grub/grub.cfg
Alternatively, use the command:
sudo update-grub
Grub2 background image, colors, fonts
See this Ubuntu Forums thread (http://ubuntuforums.org
/showthread.php?p=10720685#post10720685) .
Any background image can be used for Grub2 by placing the image in the /boot/grub folder
and then reconfiguring Grub2:
sudo update-grub
The image ought to be the same size as the Grub2 startup resolution specified in
/etc/default/grub (e.g. 1024x768).
A selection of splashimages can be installed into the /usr/share/images/grub folder:
sudo apt-get install grub2-splashimages
One of the images can be linked to the /boot/grub folder and used as the splash
image. For example:
sudo ln -s /usr/share/images/grub/Plasma-lamp.tga /boot/grub
sudo update-grub
Change the default menu item
There are several ways to change the default Grub2 (https://help.ubuntu.com/community
/Grub2#A.2BAC8-etc.2BAC8-grub.d.2BAC8_.28directory.29) menu item, but only one is
reliable. The menu items in Grub2 change name and position in the list with every kernel
upgrade. However, if you choose the default menu item by name, you can reliably set it as
the default. For example, if you wish to boot a Windows OS as the default and the Grub 2
menu lists it as Microsoft Windows 98SE Ancient Edition (on /dev/sda1) then edit
/etc/default/grub:
sudo kate /etc/default/grub
and change the entry to resemble:
GRUB_DEFAULT="Microsoft Windows 98SE Ancient Edition (on /dev/sda1)"
then regenerate the Grub2 config file:
135 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo update-grub
To find out the names of the menu items, use:
sudo grep menuentry /boot/grub/grub.cfg
Note: There is a bug in Grub2 v.1.99 such that if the GRUB_DEFAULT option is used, the
Grub2 menu can not be entered (for manually selecting a menu item). If the default option
is a non-Linux OS, there will then be no way start a Linux OS (and therefore no way to
subsequently change the /etc/default/grub configuration file). Use this option with great
care.
Protecting Grub2 from cracking
See this section of the Grub Manual (http://www.gnu.org/software/grub/manual
/grub.html#Security) for important information on securing Grub2.
To add password protection, in the /etc/grub.d/40_custom configuration file, add the lines:
set superusers="user1"
#password_pbkdf2 user1 grub.pbkdf2.sha512.10000.biglongstring
password user1 insecurecleartextpassword
and change your password to something other than insecurecleartextpassword, or use the
pbkdf2-encrypted method described here (http://www.gnu.org/software/grub/manual
/grub.html#Security) . You can then password-lock menu items as well. For detailed info see this
blog (http://www.panoet.com/set-grub-2-password-protection-149) .
GRUB Legacy
The older version of GRUB ("Grub Legacy (http://www.gnu.org/software/grub/manual/legacy
/grub.html) ") is available, for use with a boot partition, for example. Install:
sudo apt-get install grub
If you have multiple operating systems (OS) on your computer, you may be using the GRUB
Legacy boot manager (in a boot partition, for example). You can edit the options for GRUB
Legacy in the menu.lst configuration file. (See this detailed info.)
(gedit can also be used instead of nano as the text editor.)
Chainloading Grub2 from Grub Legacy
To chainload Grub2 (installed in this example with the OS in the /dev/sda7 partition) from
Grub Legacy (stored in a boot partition, for example), use an entry of this format in the
Grub Legacy /boot/grub/menu.lst configuration file:
title
136 of 212
(K)Ubuntu Precise OS (chainloader)
05/24/2012 07:12 AM
Ubuntu:Precise rootnoverify
chainloader
(hd0,6)
+1
Grub2 is erratic, however. In many situations I don't bother to chainload it at all. Instead, it
is possible to bypass Grub2 entirely and load the OS directly using Grub Legacy (stored in a
boot partition, for example) using an entry in /boot/grub/menu.lst of the format:
title
rootnoverify
kernel
initrd
(K)Ubuntu Oneiric OS (chainloader)
(hd0,6)
/vmlinuz root=/dev/sda7 ro
/initrd.img
My old method for chainloading Grub2 (installed in this example in the /dev/sda7 partition)
from Grub Legacy used an entry in the Grub Legacy configuration file (/boot/grub/menu.lst)
with this format:
title
rootnoverify
kernel
(K)Ubuntu Maverick OS (chainloader)
(hd0,6)
/boot/grub/core.img
This method, however, requires a current core.img to have been created with grub-mkimg
(part of the grub-install process). When there are substantial changes to the partition or the
kernel, the core.img must be re-created by re-installing Grub2 into the OS partition (in this
example /dev/sda7 corresponds to (hd0,6) ):
sudo grub-install /dev/sda7
Protecting Grub Legacy from cracking
See this section of the Grub Manual (http://www.gnu.org/software/grub/manual/legacy
/grub.html#Security) for important information on securing Grub Legacy.
To add password protection, in the /boot/grub/menu.lst configuration file, uncomment
(remove the hashmark) from the line:
#password topsecret
and change your password to something other than topsecret, or use the md5-encrypted
method described here (http://www.gnu.org/software/grub/manual/legacy/grub.html#Security) .
You can then password-lock menu items by adding the descriptor lock below the title of any item
menu.
Default Applications
In previous version of ubuntu, you could choose which program to use as your default program
for a specific task.
Menu -> System -> Administration -> Default Applications
or by right-clicking on any file and choosing the "Open with Other Application..." option.
The Default Applications menu has now been removed from Ubuntu, however. For a GUI that will
137 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
allow this and multiple similar Ubuntu system tweaks, install Ubuntu Tweak (http://ubuntutweak.com/) :
wget http://launchpad.net/ubuntu-tweak/0.5.x/0.5.8/+download/ubuntu-tweak_0.5.8-1_all.deb
sudo dpkg -i ubuntu-tweak_0.5.8-1_all.deb
Kill a process
Sometimes a program (or "process") just freezes. To "kill" (or end) the program/process:
Menu -> System -> Administration -> System Monitor -> highlight the errant process -> Kill
process
From the command line:
sudo killall process
where process is the name of the frozen program, such as firefox.
Enabling NUM LOCK On Startup
Menu -> System -> Administration -> Keyboard & Mouse -> Keyboard ->"turn on Numlock
on Startup"
Working with Menus
Create an encrypted folder
You can create a folder whose contents are encrypted. See these instructions
(https://help.ubuntu.com/community/EncryptedPrivateDirectory) .
Create a symlink from a file to another location
A symbolic link (http://en.wikipedia.org/wiki/Symbolic_link) (also known as a symlink) is a
method in Linux of referring to a file (or directory) in one location from another location. Usage:
ln -s /path/to/source /path/to/destination
If /path/to/destination requires superuser rights, then use:
sudo ln -s /path/to/source /path/to/destination
This is similar to, but more powerful than, creating Shortcuts, with which former Windows users
may be familiar.
Assign a root password
To be able to log in as root directly, you must assign a root password. This can be done with:
138 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo passwd root
Afterwards, you can use
su
to get a root prompt. You would then use the root password.
Get a root prompt without using a root password
If you have not set a root password (or don't know it), you can obtain root user privileges
anyway. From the command-line Terminal:
sudo -s
or
sudo su
or
sudo bash
You will use your own user password instead of a root password.
You could also get a prompt to become any other user on the computer by typing:
sudo su <username>
Use the File Manager as root
sudo nautilus
or
gksudo nautilus
Manually Mount and Unmount a device
To manually mount a device:
mount /dev/hda
replace /dev/hda with the location of the device.
To manually unmount a device:
139 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
umount /dev/hda
replace /dev/hda with the location of the device.
Windows Compatibility
Mounting NTFS Partitions (with read/write privileges)
Find out the name of your ntfs partition:
sudo fdisk -l
Method 1: In this example, the NTFS drive is listed by fdisk as /dev/sda2, but yours may differ.
Make a mount point for the drive:
sudo mkdir /media/WindowsNTFS
Edit fstab:
Comment out the automatically added lines by Ubuntu installation:
#/dev/sda2 auto nouser,atime,noauto,rw,nodev,noexec,nosuid 0 0
#/dev/sda2 /mnt auto user,atime,noauto,rw,nodev,noexec,nosuid 0 0
and instead add the line:
/dev/sda2 /media/WindowsNTFS ntfs-3g quiet,defaults,rw 0 0
Note: There are many ways to mount the drive, depending on your needs. The fstab
(http://en.wikipedia.org/wiki/Fstab) file controls this process. See How to edit and understand
fstab (http://www.tuxfiles.org/linuxhelp/fstab.html) and Intro to using fstab
In this example, I indicated that the file system was an ntfs-3g filesystem, so did not use the
auto option (which detects the filesystem automatically). I used rw to specify read/write
privileges for all users, but umask=0 and umask=000 are accepted by some kernels.
Method 2: Edit fstab:
When Ubuntu installation finishes, it mounts all ntfs partitions automatically with ntfsprogs,
adding a line similar to the following to fstab:
UUID=8466268666267956 /media/sda1
140 of 212
ntfs
defaults,gid=46 0
1
05/24/2012 07:12 AM
Ubuntu:Precise -
Change this line to:
UUID=8466268666267956 /media/sda1
ntfs-3g
defaults,nls=utf8,locale=zh_CN.UTF-8,rw,gid=46 0
1
In this example, I have a Chinese-language Windows installation on my first partition, so I set the
locale parameter (locale=zh_CN.UTF-8) so that my Chinese documents can display correctly.
Setting rw (same as umask=0 or umask=000) lets me read/write the partition without sudo.
gid=46 specifies that the drive will belong to the group of hot-pluggable devices (plugdev) and
is not necessary unless your ntfs drive is a hot-pluggable one (such as an external USB drive).
nls=utf8 is the default and is optional for most ntfs users, but there are other options for
Chinese (and other specialized character-set users).
Mounting FAT32 Partitions
Follow the above instructions, but use vfat instead of ntfs-3g.
In other words, if you have made a mount point directory /mnt/WindowsFAT32 and your FAT32
drive is /dev/sda3, then edit the /etc/fstab file to include the line:
/dev/sda3 /mnt/WindowsFAT32 vfat quiet,defaults,rw 0 0
Synchronize clock to network time server
The Network Time Protocol (NTP) allows time synchronization of your computer to time servers
on the Internet.To enable it:
Applications menu -> System Settings -> Date & Time
Check the "Set date and time automatically" option
Choose an ntp time server near you.
Hardware
CPU and motherboard
The Linux kernel in versions of (K)Ubuntu starting with Karmic Koala implemented mandatory
CPU temperature and fan speed sensor monitoring (which was optional in previous kernels). The
output from the sensors is used to effect CPU scaling (throttling) in the event of "out of range"
temperature values. However, not all motherboards/CPUs have sensor drivers available, and due
to a bug in the feedback routine, missing sensors drivers incorrectly report as an "out of range"
error in the kernel. Originally this threw multiple errors which were logged (using rsyslogd) to
both the /var/log/kern.log and the /var/log/syslog files, filling them to multiple Gb size within a
few hours. This had the effect of slowing, then freezing, the machine. (Eventually the machine
will simply not boot.)
The workaround involves disabling the ONDEMAND module.
Disable CPU Frequency scaling
This error shows on my system (at boot and in the kernel and system logs) as:
141 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
powernow-k8: failing targ, change pending bit set
My motherboard does not have drivers for my CPU fan sensor. Therefore, the Linux kernel
cannot monitor the temperature and fan speeds properly and throttles the CPU (aka frequency
scaling) inappropriately. This has the effect of slowing or freezing my computer. To turn off this
behavior, I used the Debian RCConf utility:
sudo apt-get install rcconf dialog
sudo rcconf
and unchecked the ONDEMAND item. (I also unchecked the fan control item). I then rebooted.
For more info, see this (http://www.tuxwire.com/?p=5757) .
An alternative command is:
sudo update-rc.d ondemand disable
(Note: These instructions may not work with newer Linux kernels.)
libsensors
libsensors (libsensors3 and/or libsensors4) is a module that allows an interface (such as
lm-sensors) to monitor your motherboard/CPU temp and fan speeds. You can adjust settings:
sudo kate /etc/sensors.conf
sensors -s
libsensors and lm-sensors are not used by the Linux kernel (which uses other routines).
Some hardware CPU sensors are not recognized by the Linux kernel, causing system slowdown
or freezing. Here (http://www.lm-sensors.org/wiki/FAQ
/Chapter3#Mysensorshavestoppedworkinginkernel2.6.31) is some info about hardware/sensors
problems.
Sensors-applet (Motherboard monitoring)
Sensors-applet (or xsensors) is the Gnome (Ubuntu) frontend for lm-sensors. These sensors
monitor the temperature and fan-speed sensors of your motherboard.
sudo apt-get install sensors-applet lm-sensors
sudo sensors-detect
sensors-applet
Make sure your sensors are installed.
sensors
For more info, see this thread (http://ubuntuforums.org/showthread.php?t=2780) .
Graphics Cards
142 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Frequency Out of Range / Choose New Resolution
If this error appears when booting Natty Narwhal or later, see the solution found here at
Ubuntu Forums (http://ubuntuforums.org/showthread.php?p=10747748#post10747748) :
Edit the grub configuration file:
sudo gedit /etc/default/grub
Edit the lines:
# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command `vbeinfo'
#GRUB_GFXMODE=640x480
by removing the comment hashmark and choosing an appropriate resolution so that the
lines resemble:
# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command `vbeinfo'
GRUB_GFXMODE=1024x768
Re-build the grub configuration file:
sudo update-grub
Install Latest Nvidia/ATI drivers
Ubuntu uses a GUI frontend to Jockey (https://launchpad.net/jockey) for the installation of the
proprietary nVidia drivers (and other proprietary drivers).
Menu -> System -> Hardware Drivers
Sometimes after a kernel upgrade a proprietary driver may stop working. In such a case,
try installing the new linux-headers that match the newly upgraded kernel:
sudo apt-get install linux-headers-$(uname -r)
If dkms and build-essential have never been installed on your system, these can also be
worthwhile:
sudo apt-get install dkms build-essential
Intel integrated graphics cards
143 of 212
None of my computers with Intel integrated graphics had problems installing Precise. If the
screen blanks or freezes at bootup, however, or flashes a "Frequency Out of Range" error
several times, these steps may work around this problem. (I found, however, that these
changes were NOT necessary and actually provided me with a worse boot up appearance).
05/24/2012 07:12 AM
Ubuntu:Precise -
When booting up, choose recovery mode as root (or "root with networking"). This will give
the command line (as root user).
Edit the Grub2 configuration file:
Make sure a graphics mode is specified (i.e. the relevant line is uncommented),
according to these steps, such as:
GRUB_GFXMODE=1024x768
Change the line:
GRUB_CMDLINE_LINUX_DEFAULT="quiet"
to
GRUB_CMDLINE_LINUX_DEFAULT="quiet nomodeset"
or, alternatively,
GRUB_CMDLINE_LINUX_DEFAULT="quiet nouveau.blacklist=1"
In previous versions of (K)Ubuntu I used
GRUB_CMDLINE_LINUX_DEFAULT="quiet i915.modeset=0"
but I don't think this option is required or used any longer.
Then regenerate the Grub2 configuration file:
sudo update-grub
or
After rebooting, graphics will usually work.
Intel graphics resolution problems
144 of 212
On a fresh installation of Karmic Koala I had no problems with my onboard Intel graphics
card. However, on an update from Jaunty to Karmic, I could not get higher screen
resolutions -- the same problem I had in Jaunty. A solution to achieve higher resolutions is to
revert to the old Intel drivers (used in Intrepid), as detailed here (https://wiki.ubuntu.com
/ReinhardTartler/X/RevertingIntelDriverTo2.4) .
05/24/2012 07:12 AM
Ubuntu:Precise -
Screen Keeps Flickering
If you have an Intel Corporation Mobile 915GM/GMS/910GML card, your screen may flicker every
5-10 seconds. To prevent this:
Menu -> System -> Administration -> Advanced -> Service Manager -> Uncheck "Detect
RANDR (monitor) changes"
Reconfigure xserver-xorg
sudo dpkg-reconfigure xserver-xorg
xorg.conf
Before installing any driver for ATI or nvidia, please make backup xorg.conf before following this
method.
sudo cp /etc/X11/xorg.conf /etc/X11/xorg.conf.bak
If you have edited this file but would like it to be automatically updated again, run the following
command:
sudo dpkg-reconfigure -phigh xserver-xorg
If you want to try this xorg.conf after installing the driver, you must back up your xorg.conf as
following. And then, edit /etc/X11/xorg.conf in text editor. Add or modify this xorg.conf sample.
xorg.conf for nvidia
Section "Screen"
Identifier "Default Screen"
Device "Configured Video Device"
Monitor "Configured Monitor"
SubSection "Display"
Depth 16
Modes "1280x1024" "1024x768"
Option "AddARGBGLXVisuals" "True"
EndSubSection
Option "AddARGBGLXVisuals" "True"
Defaultdepth 24
EndSection
Section "Module"
Load "glx"
Load "GLcore"
Load "v4l"
EndSection
Section "Device"
Identifier "Configured Video Device"
Boardname "vesa"
Busid "PCI:1:0:0"
Driver "nvidia"
Screen 0
EndSection
Section "Device"
Identifier "Device0"
BoardName "Generic Geforce 5500"
Driver "nvidia"
145 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Vendorname "NVIDIA Corporation"
Option "DualHead" "1"
Option "ShadowFB" "1"
Option "FPScale" "1"
Option "TwinView" "True"
Option "TwinViewOrientation" "RightOf"
Option "UseEdidFreqs" "True"
Option "Metamodes" "1024x768,1024x768"
Option "UseDisplayDevice" "DFP"
EndSection
Section "Device"
Identifier "Videocard0"
Driver "nv"
VendorName "NVIDIA Corporation"
BoardName "GeForce 7600 GT"
EndSection
Section "InputDevice"
Identifier "Generic Keyboard"
Driver "kbd"
Option "XkbRules" "xorg"
Option "XkbModel" "pc105"
Option "XkbLayout" "us"
EndSection
Identifier "Configured Mouse"
Driver "mouse"
EndSection
Section "ServerLayout"
Identifier "Default Layout"
screen 0 "Default Screen" 0 0
EndSection
Section "Extensions"
Option "Composite" "Enable"
EndSection
xorg.conf for intel
Make sure you try the solution here (including sudo update-grub and rebooting) before
creating a new xorg.conf. It may solve your problem and you may not need this step.
Section "Device"
Identifier
Driver
EndSection
#
Section "Monitor"
Identifier
EndSection
#
Section "Screen"
Identifier
Monitor
Device
EndSection
"Configured Video Device"
"intel"
"Configured Monitor"
"Default Screen"
"Configured Monitor"
"Configured Video Device"
Installation of ATI and nVidia Graphics drivers
nVidia Driver
The current proprietary nVidia drivers are automatically installed using:
146 of 212
Menu -> System -> Administration -> Hardware Drivers
05/24/2012 07:12 AM
Ubuntu:Precise -
Look for the current drivers to activate there.
Here are alternate manual instructions.
Please make a backup of xorg.conf before following this method.
Install the nvidia-settings package:
sudo apt-get install nvidia-settings
Download the nVidia driver:
wget -O NVIDIA-Linux-x86-pkg1.run http://www.nvidia.com/Download/index.aspx?lang=en-us
sudo sh NVIDIA-Linux-x86-pkg1.run
and choose yes to any verbose response. After you install the driver, reboot your computer.
ATI Driver
If you have problems with ATI drivers after upgrading, check this link (http://wiki.cchtml.com
/index.php/Ubuntu_Jaunty_Installation_Guide) for solutions to common problems with ATI.
Monitors / Displays
Turn off power saving
Even when on AC power, the power saver feature of Ubuntu sometimes changes the screen
brightness to the battery setting on laptops. This was a problem with the ACPI power
management module in the past, but should now be fixed. If not, change the settings:
To access the Guidance Power Manager module, click on the power icon on the desktop
taskbar.
Change the brightness setting for "Battery powered" to maximum.
You can also turn off power management settings (invoked when the computer is idle):
Menu -> System -> Preferences -> Power Management -> Display -> Put display to sleep
when inactive for: Never -> Close
Configure Dual Monitors with nVidia
Make sure that the nVidia driver has been installed and is functioning properly on your first
screen. Also, make sure both monitors are connected.
Menu -> Administration -> NVIDIA X Server Settings
or from the command-line terminal (Terminal or Konsole) type:
sudo nvidia-settings
147 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Select "X Server Display Configuration".
You should see 3 boxes (2 if your card doesn't have an S-Video out). From here
you can configure all of your card's outputs.
Check the "(Disabled)" box.
Select "Configure...".
The most common choice is TwinView. Select it.
Setup the desired screen resolutions and positions of your two active displays.
The new display will likely have resolution set to "Auto" to match your first.
Change this if you wish.
Leave the first screen's position as "Absolute" and set your second display's
position relative to that.
"Clone" means the same output on both.
Once you are satisfied with your settings, hit Apply to test them.
Note: if your displays are side-by-side, the kicker may extend across both screens
as well as any maximized applications. This will be corrected when the X server is
restarted.
If everything else is ok, hit "Save to X Configuration File". Now hit
Ctrl+Alt+Backspace to restart X. You now have 2 screens!
Troubleshooting: if the X server fails to reload you can recover your old X configuration. In a
terminal:
sudo cp /etc/X11/xorg.conf.backup /etc/X11/xorg.conf
Hard Drives and USB Storage
Optical Drives
Printers & Scanners
The CUPS (http://www.cups.org/) printer interface recognizes many printers. Specific printers not
recognized can often be installed using instructions found at the Linux Foundation OpenPrinting
database (http://www.openprinting.org/printer_list.cgi) .
Add a Printer
Menu -> System -> Administration -> Printing -> Server -> New -> Printer
Most of the time, your printer (if connected and turned on) will be detected automatically.
My network printer with its own IP address at 192.168.0.124 was correctly installed at
socket://192.168.0.124:9100.
You can also choose printers on a Windows system via Samba and other types of networked
printers (http://www.cups.org/documentation.php/network.html) , in addition to directly
connected printers.
148 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
An alternative method to access the CUPS interface is through a web browser. Go to the
URL:
http://localhost:631
Change default CUPS printer margins
CUPS uses the maximum printable area of the chosen printer by default; there are no
margins. The default settings for any printer can be changed in the PPD file for the specific
printer found in the /etc/cups/ppd folder. Dimensions used in the PPD file are generally in
points (in Postscript, 1 inch = 72 points). For my printer, Letter size is 612 x 792 points. I
changed this to 576 x 756 points to make Letter size print 8 x 10.5 inches on the page.
Another easy method (to adjust margins) is to create a Custom paper size with the desired
margins and use this as the default. (This only works for printers whose PPD files allow
custom paper sizes). For example, create a Custom paper size that is 8 inches x 10.5 inches
(which would leave a 0.5 inch margin on all sides) and set it as the default. This is easiest
to accomplish through the browser-based configuration utility. Start the CUPS interface
through the web browser URL:
http://localhost:631
Then from this interface set the Default Options for your printer:
CUPS -> Printers -> My Default Printer -> Set Default Options -> Media Size: Custom
-> Width: 8 -> Height: 10.5 -> Units: Inches -> Set Default Options
Now the "Custom.8x10.5" Media Size should appear in the Printer Options section for your
printer. (You can then choose between this media size and the essentially marginless "Letter"
media size at any time.)
Note: 8 x 10.5 inches = 203.2 x 266.7 mm = 576 x 756 points in Postscript (72 points per inch in
Postscript).
Brother printers
Most Brother printers are auto-detected or can be installed directly from the CUPS interface. For
additional drivers and instructions see the Brother help site
(http://welcome.solutions.brother.com/bsc/public_s/id/linux/en/index.html) . For information on a
specific model, see the Linux OpenPrinting site (http://www.openprinting.org
/printer_list.cgi?make=Brother) .
MFC-7820N
HP Printers
For Hewlett Packard printers / scanners, install hplip and hplip-gui.
sudo apt-get install hplip hplip-gui
149 of 212
Add the printer:
Menu -> Applications > System Tools > HP Toolbox
05/24/2012 07:12 AM
Ubuntu:Precise -
This should set up printer / scanners for scanning as well.
For scanning, install Xsane:
sudo apt-get install sane xsane
Run:
Menu -> Applications -> Graphics > Xsane image scanning
A full library of Linux drivers for HP printers is here (http://hplipopensource.com/hplipweb/index.html) .
Sound
If you get no sound with a fresh install, check that the sound levels are not set to zero. Click on
the sound (speaker) icon on the panel, and then mixer. You may need to expand the dialog
window to show labels. Ensure levels aren't set to zero, especially PCM.
PulseAudio
Sound in (K)Ubuntu is routed by Phonon either directly to your sound card or through the
PulseAudio sound system. To use PulseAudio, you must install it. This can be done by installing
the PulseAudio control modules (which will install pulseaudio as a dependency):
Install PulseAudio with the control modules:
sudo apt-get install pavucontrol paprefs
Although I no longer use it, in older versions of (K)Ubuntu I also (optionally) installed a
system tray widget:
sudo apt-get install padevchooser
padevchooser
Some experimentation with the settings in
Menu -> System -> System Settings -> Multimedia
may be necessary to make sound on your system work properly.
Try setting PulseAudio as the first sound system if you are having troubles getting sound (even if
you are using ALSA). If that doesn't work, try making it the last choice.
Some programs require ALSA sound and try to send sound directly through ALSA drivers. Check
your program's preferences section to see if ALSA is selected. You may have to switch to
PulseAudio (or even OSSound) if you can't get sound.
HDMI with PulseAudio
I could only get my HDMI audio on my computer to work this way, and I can't quite figure out
why it works.
150 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
I checked to make sure my Mobile Intel 4 Series HDMI audio driver was installed (it is part
of the most recent kernels):
aplay -l
aplay -L
This told me the HDMI card was recognized and configured properly. The problem was that no
matter what I did, I couldn't get the sound piped through the HDMI card using ALSA, Kmix or any
other settings (I tried every permutation).
In PAVUControl I selected the HDMI card as the output device:
Menu -> Multimedia -> PulseAudio Volume Control -> Configuration -> Internal Audio ->
Digital Stereo (HDMI) Output
Then everything played through the HDMI audio card (through the cable to my HDTV).
This worked whether I had PulseAudio selected as the default audio or not (in System settings ->
Multimedia). Don't ask me why.
My HDMI port/output is only recognized if the HDMI cable is plugged in at bootup (it does
not matter whether the HDTV power is on or not). If I plug in the HDMI cable after bootup, it
isn't recognized.
After doing this, every program I use works: VLC, Audacious, or whatever. It does not seem
to matter whether the application is using Default, ALSA, or PulseAudio for the audio output
plugin. None of this makes sense to me, but it works. I'm happy to be able to play HDMI
movies (through VLC) to my HDTV.
To change sound output back to my computer's internal speakers (ALSA), I returned the
output setting:
Menu -> Multimedia -> PulseAudio Volume Control -> Configuration -> Internal Audio ->
Analog Stereo Output
Recording with PulseAudio
To set the PulseAudio inputs that will be recorded by an application (such as Audacity or
FFMPEG), the recording must be already started! Only then can the inputs (to be recorded) be
selectable in PulseAudio.
For example, to record from a plug in microphone using Audacity, make sure the
microphone is plugged in. Make sure in the Sound Mixer (icon) that the microphone is not
muted and that the levels are set appropriately.
In PulseAudio Volume Control, select the device that will be the input.
Menu -> Multimedia -> PulseAudio Volume Control -> Input Devices -> Show: All Input
Devices
-> Internal Analog Audio Stereo: Port: Analog microphone
Of course, you should use the device you wish to use here. You can also select the Monitor of
Internal Analog Audio Stereo device, which will use as an input to the recording/capture
application whatever happens to be playing through the sound card (except for hardware
151 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
inputs).
Start Audacity (or other recording application). Make sure (in Audacity) that the Devices
toolbar is visible:
Menu -> Multimedia -> Audacity -> View -> Toolbars -> Device Toolbar (ticked)
Assuming you are using ALSA, make sure ALSA is selected, and that pulse is selected for both
the output and microphone input on the Device Toolbar. Start recording.
Start PulseAudio Volume Control. Under the Recording tab, you should see Audacity listed
as "ALSA plugin: [audacity]: ALSA Capture from: Internal Audio Analog Stereo. If it isn't,
then select it. (This is the tricky part that took me a long time to discover.)
Airport Express
Airport Express with Pulse Audio
Audio output can be streamed over your local network to an Airport Express. These capabilities
require pulseaudio-module-zeroconf (for the Zeroconf/Bonjour networking protocol) and
pulseaudio-module-raop (for Airport Express).
Install PulseAudio:
sudo apt-get install pulseaudio
Reboot to finish the installation.
Select PulseAudio as the output device in
Menu -> System -> System Settings -> Multimedia -> Device Preference
and move "Playback/recording through the PulseAudio sound server" to the top of every
category (or at least the ones for which you wish to use PulseAudio).
Test some audio (e.g. playback through Amarok) to make sure the PulseAudio system is
working. Some applications specifically require that the PulseAudio output is specified in
their configuration settings, and some applications require a separate PulseAudio plugin to
function properly.
Install additional modules in order to use Bonjour/Zeroconf and raop (Airport Express
output):
sudo apt-get install pulseaudio-module-zeroconf pulseaudio-module-raop
Install utilities to control the preferences and volume of various PulseAudio devices:
sudo apt-get install paprefs pavucontrol
152 of 212
Enable discovery of the Airport Express by PulseAudio:
Menu -> Settings -> PulseAudio Preferences (Sound Audio preferences) -> Network Access
05/24/2012 07:12 AM
Ubuntu:Precise -
and check both:
Make discoverable network sound devices available locally
Make discoverable Apple Airtunes devices available locally
It is not clear to me which ports need to remain unblocked in order for Bonjour/Zeroconf
and mDNS to discover the AEx. mDNS and Bonjour/Zeroconf use ports 5353, 5000, and
6000. (The PulseAudio server uses port 4713.) However, even when I unblock these the AEx
doesn't seem to be able to be discovered until I turn off the firewall completely. (Once the
AEx is discovered I turn the firewall back on and then have no other problems). I usually
just add the IP address of the Airport Express on the LAN to the list of firewall-allowed
connections. (Doing this still doesn't allow it to be discovered, though, for unclear reasons.
Still, as long as a connection to the IP address of the AEx is allowed, I can turn the firewall
back immediately after the AEx is located by the Zeroconf discovery and everything
continues to stream fine.)
If your LAN's router allows traffic-shaping (QoS prioritization), giving priority to the traffic
to/from the Airport Express can improve performance. Finally, be aware that screensavers
can interrupt uninterrupted smooth audio output from a PC. If traffic to the AEx becomes
choppy, disable your screensaver.
Open PulseAudio Volume Control:
Menu -> Multimedia -> PulseAudio Volume Control
If the AEx has been successfully discovered (the firewall may have to be turned off
temporarily in order for the AEx to be discovered) the name of the AEx should show up
as an Output Device:
PulseAudio Volume Control -> Output Device -> My AEx Name
If desired, the AEx can be set as the default "fallback" output device to always be
used:
PulseAudio Volume Control -> Output Device -> My AEx Name -> click "Set as fallback"
icon
If it is not set as the default fallback output device, it must be manually selected as an
output device each time.
Start the application (such as Amarok or Audacious). To manually select which output
device should be used, open PulseAudio Volume Control and choose the Playback output
device for the application:
PulseAudio Volume Control -> Playback -> ALSA plugin [Amarok]: ALSA Playback on: -> My
AEx Name
The output volume (for any of the output devices) can be set:
PulseAudio Volume Control -> Output Device -> My AEx Name
Troubleshooting
This was my old method. It works, but is probably unnecessary (and loads a lot of additional
153 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
modules).
Install padvechooser (which also install paman, pavumeter, and paprefs):
sudo apt-get install padevchooser
Padevchooser is an applet for the taskbar panel. The PulseAudio Manager is accessible
through the applet. Start Manager:
Menu -> Multimedia -> PulseAudio Device Chooser -> Manager -> Devices -> Sinks
Select the Airport Express as the output device ("sink"):
My AEx is discovered, but I got no sound through it until I selected it as the default sink (output)
by one of two methods:
From the PulseAudio Device Chooser:
Menu -> Multimedia -> PulseAudio Device Chooser -> Manager -> Devices -> Sinks
I then noted the name of my Airport Express device to be raop.Base-Statione60157.local, so I entered that as the sink:
PulseAudio Device Chooser -> Default sink -> Other -> raop.Base-Station-e60157.local
raop-client (Airport Express streaming)
Another method to stream audio to the Airport Express uses raop-client, a tool written in Ruby.
See information here (http://mriou.wordpress.com/) .
GSTransmit (Airport Express streaming)
GSTransmit (http://www.el-tunes.com/) is a tool to allow GStreamer-based utilities to stream
output to an Apple AirTunes Device (such as the Airport Express). It is available as a
self-installing .deb file from the website.
Airfoil (Airport Express streaming)
You can stream media from a PC running Windows or Mac OS X connected to an Airport Express
network to your (K)Ubuntu Linux desktop, using Airfoil (http://www.rogueamoeba.com/airfoil/) .
(Unfortunately you cannot send media output from (K)Ubuntu to the Airport Express network
with Airfoil, only receive.) This can be useful in a distributed multimedia system, for example, in
which your (K)Ubuntu PC is connected to a media center. You must be running Mono. You can
download the .deb package at Rogue Amoeba (http://www.rogueamoeba.com/airfoil/linux
/speakers.php) . Installation instructions are at Rogue Amoeba Linux support
(http://getsatisfaction.com/rogueamoeba/topics/airfoil_cant_connect_to_linux_airfoil_speakers) .
Mice
Activate side-mouse-buttons in FireFox
Adding two lines to xorg.conf will activate side-mouse-buttons in FireFox.
154 of 212
This should work with most brands of the 5-button mouse. Here is a list of mice that worked
with this instruction.
05/24/2012 07:12 AM
Ubuntu:Precise -
Logitech MX310
Logitech MX510
Logitech MX518
Logitech MX700
Logitech MX Revolution
Intellimouse Explorer (first edition)
Razer Copperhead
Backup X.org configuration file
Modify the X.org configuration file
kdesu kate /etc/X11/xorg.conf
Find the Input Device section for your mouse and add two lines as shown below.
You may also increase the number of buttons if your mouse has more than 7 -just fix the rest of the section based upon the number of buttons.
Note: "back/forward", "wheel click" & "tilt left/right" all count as buttons
Change:
Driver "mouse"
Option "CorePointer"
Option "Device" "/dev/input/mice"
Option "Protocol" "ExplorerPS/2"
Option "ZAxisMapping" "4 5"
Option "Emulate3Buttons"
"true"
EndSection
to:
Driver "mouse"
Option "CorePointer"
Option "Device" "/dev/input/mice"
Option "Protocol" "ExplorerPS/2"
Option "ZAxisMapping" "4 5"
Option "Emulate3Buttons" "true"
Option "Buttons" "7"
Option "ButtonMapping" "1 2 3 6 7"
EndSection
Touchpad
For Synaptics Touchpads:
sudo apt-get install gsynaptics
For more info, see the Ubuntu help wiki (https://help.ubuntu.com/community
155 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
/SynapticsTouchpad) .
Wacom Pen Tablets
Support for the Wacom pen tablet is integrated into Jaunty by default, including for hotplugging.
For more info, see the Ubuntu documentation (https://help.ubuntu.com/community/Wacom) .
Fingerprint Readers
Remote Controls
LIRC (Infrared Remote Controls)
LIRC (http://www.lirc.org/) (Linux Infrared Control) allows you to use most infra-red remote
controls (http://lirc.sourceforge.net/remotes/) . This can be installed from Menu -> Applications
-> Ubuntu Software Center -> System -> lirc
or
sudo apt-get install lirc
Remuco (Bluetooth and WiFi Remote Controls)
Remuco (http://code.google.com/p/remuco/) is a utility for controlling many multimedia players
(http://code.google.com/p/remuco/wiki/Features) (such as VLC, Amarok, Rhythmbox, Audacious,
and many others) using a Bluetooth or WiFi remote control (http://code.google.com/p/remuco
/wiki/ClientDevices) . Each player has its own package. For example, the VLC package is named
remuco-vlc and can be installed:
sudo apt-get install remuco-vlc
Bluetooth
BlueZ (http://www.bluez.org/) is the package that allows Bluetooth connectivity in Ubuntu Linux.
This package is included within the current kernel of Ubuntu. To add utilities to check whether
your Bluetooth adapter's firmware is current, install:
sudo apt-get install bluez-utils bluez-firmware
then run
sudo dfutool
WiiMote
The Wiimote (Wii Remote Control) uses both Bluetooth and Infra-red technology. It
communicates with Ubuntu Linux using the incorporated BlueZ Bluetooth drivers and/or LIRC
drivers. (It can function with Bluetooth alone, however.) You will need a Bluetooth receiver on
156 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
your PC (such as a Bluetooth USB stick or built-in Bluetooth receiver, for example). (Note: not all
Bluetooth receivers will work with the Bluez drivers. Check this list (http://www.wiili.org
/index.php/Compatible_Bluetooth_Devices) or test yours first.)
Install the cwiid (https://help.ubuntu.com/community/CWiiD) Wiimote controller package
and the lswm Wiimote discovery package:
sudo apt-get install wminput lswm
Install the drivers (or just reboot):
modprobe uinput
Note: You can also add uinput to the modules files so it loads automatically at bootup:
sudo echo "uinput" >>/etc/modules
Run (while pressing button 1/2 on the Wiimote):
sudo wminput
For more info, and to learn how to enable the infra-red functions, see this guide
USB
Wireless Cards
Atheros Cards
Atheros Wireless cards should work automatically with the new kernel by installing the
proprietary driver. At installation, after the first reboot, you will be prompted whether to use the
proprietary drivers.
It should no longer be necessary to install the following package:
sudo apt-get install madwifi-tools
These instructions for the Atheros 802.11 b/g integrated card are here for reference only (or if
you wish to install them manually instead):
Download the latest 'snapshot' driver from Madwifi (http://snapshots.madwifi-project.org/) .
When I was doing it, the version was:
madwifi-hal-0.10.5.6-current.tar.gz
157 of 212
Extract the files
Make sure your linux headers and build-essential packages are installed:
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install build-essential
Unload any drivers already running.
sudo ifconfig ath0 down
sudo ifconfig wifi0 down
Change to the directory where you extracted the driver.
cd <directory_where_driver_unzipped>
From that directory, run the installation scripts:
cd scripts
sudo ./madwifi-unload
sudo ./find-madwifi-modules.sh $(uname -r)
cd ..
Complete the installation by compiling the source and installing it.
sudo make
sudo make install
Add the installed drivers to your system.
sudo modprobe ath_pci
Following this, Network Manager was able to see the wireless card and I was able to configure
everything else (WEP / WPA key, etc.) from there.
Complete instructions are available at MadWifi UserDocs (http://madwifi-project.org
/wiki/UserDocs/FirstTimeHowTo) .
Atheros AR242x
Alternate instructions for installing the Atheros AR242x card are here (http://madberry.org
/2008/11/how-to-get-atheros-ar242x-to-work-on-810-intrepid-ibex/) .
3G
3G protocols (http://en.wikipedia.org/wiki/3G) allow wide area cellular communications that
include not only cellphone voice transmission but also integrated broadband internet
connections. This can be integrated into a single device, or communications can be received
through an EVDO adapter. Examples of 3G radio interfaces include Mobile WiMax, CDMA-2000,
TD-CDMA, EDGE, and DECT. For info using 3G with the Ubuntu Network Manager, see this page
(https://wiki.ubuntu.com/NetworkManager/Hardware/3G) . For additional info on using 3G with
Ubuntu, see this guide (https://wiki.ubuntu.org/NetworkManager/Hardware/3G/Probing) .
he220r1
158 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
he220r1 (http://huaweie220.blogspot.com/) is a (K)ubuntu driver package for the Huawei e220
USB modem. It has also been found to work with other 3G devices, such as Nokia, Sony Ericsson,
and Motorola. See the website for download and installation instructions.
T-Mobile Option 225 (Web'N'Walk) Stick
This website (http://www.relst.nl/site/index.php/handleidingen/200-make-your-t-mobile-web-nwalk-stick-option-225-work-with-ubuntu.html) offers a driver optimised for the T-Mobile
Web'n'Walk Stick/Option 225.
Virgin Huawei e169
See this Ubuntu forum solution (http://ubuntuforums.org/showthread.php?t=1014221) :
sudo gedit /etc/ppp/options
find the line that says:
#-chap
and uncomment it (delete #)
-chap
this (I think) disables CHAP authentication
I also had to change the APN to VirginBroadband instead of VirginInternet which was the default,
and now it's happy.
Other settings
Number *99#
Uname <your virgin username>
PW <your virgin password>
EVDO Cards
EVDO cards include USB modems and adapters to receive wide-area cellular broadband Internet
connections.
Sprint
Sprint EVDO cards can be used most easily through KPPP. For instructions, read the Sprint Mobile
Broadband Setup Guide (http://www4.sprint.com/pcsbusiness/downloads
/Sprint_Mobile_Broadband_Setup_Guide.pdf) . Also see the EVDO Forums
(http://www.evdoforums.com/thread5925.html) .
Verizon
See this Crystal Networking guide (http://www.crystalnetworking.net/?p=17) .
Tethering your PC to your Verizon cell phone
159 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
This is a per-minute plan in which you can use Verizon broadband services through your cell
phone (such as the Motorola RAZR) connected to your PC via a USB cable. See this guide
(http://www.aselabs.com/articles.php?id=224) .
Digital Cameras
WebCams
See the Ubuntu webcam guide (https://help.ubuntu.com/community/Webcam) for more info.
Many webcams that worked in Hardy Heron may not work in Intrepid Ibex. This may be due to a
migration from v4l (video for Linux) to v4l2. See this discussion (http://ubuntuforums.org
/showthread.php?t=983574) .
EasyCam
EasyCam2 (https://help.ubuntu.com/community/EasyCam) is a utility for finding and installing
drivers for your webcam. See these installation instructions (https://help.ubuntu.com/community
/EasyCam) .
iSight
Linux drivers for the digital iSight camera (connected by FireWire), using ALSA for sound, are
here (http://sourceforge.net/projects/lisight/) . The video component is already supported by
current kernels (see here (http://lisight.sourceforge.net/) for more information).
Luvcview (USB webcam viewer)
Luvcview can be used to view your USB webcam to test it. Install:
sudo apt-get install luvcview
View your webcam:
luvcview -f yuv
Netbooks
Ubuntu can be installed on netbooks. (See this this page for laptop and netbook compatibility
reviews (https://wiki.ubuntu.com/LaptopTestingTeam) .) At this time the Ubuntu Netbook Remix
(or equivalent) is preferred to the standard Gnome-based desktop, especially for new users.
Ubuntu Netbook Remix (https://wiki.ubuntu.com/UNR) is provided to several individual netbook
manufacturers (such as Asus and Acer) to be optimised for that device. (You can contact your
specific netbook manufacturer for specific details on this product.) If you already have Ubuntu
Netbook Remix (or eeebuntu Netbook Remix) installed, you can choose to add the full Ubuntu
(Gnome) desktop, if you wish:
sudo apt-get install ubuntu-desktop
160 of 212
Asus eeePC 1000H
05/24/2012 07:12 AM
Ubuntu:Precise -
Reduce font size one or two sizes, and set the screen DPI to 120.
eeebuntu Netbook Remix (http://www.eeebuntu.org/index.php?page=nbr) is
available for this device.
Dell Mini 9
Ubuntu Netbook Remix runs on this device well. See this guide
(http://www.ubuntumini.com/2008/10/ubuntu-810-intrepid-ibex-on-dell-mini9.html) .
HP Mini 1000 Mi
A custom edition of Ubuntu is installed on this version of this device
(http://www.hp.com/united-states/campaigns/mini1000/hpmini1000_mie.html) .
No additional configuration is necessary.
Samsung NC10
Some package should be installed for keyboard functions (FN Key+functions). The
procedure to install these package is available in this forum (http://www.voria.org
/forum/viewtopic.php?t=41) .
Another method is to install Ubuntu onto your netbook from scratch using a USB flashdrive
LiveCD.
Acer Aspire One
There are several Ubuntu-based and other Linux-based OS's specially customised for the Acer
Aspire One. Some of them are:
DebianAcerOne (http://wiki.debian.org/DebianAcerOne)
Kuki Linux (http://www.kuki.me/)
Linux4One (http://www.linux4one.it/)
Lord-Linux (http://ubuntuaceraspireone.nireblog.com/post/2009/04/21/lord-linux-stablerev2-acer-aspire-one)
eeebuntu Netbook Remix (http://www.eeebuntu.org/index.php?page=nbr) is available for
this device as well. See this article (http://osnews.com/story/20743
/Eeebuntu_2_0_SD_Card_Installation_on_the_Aspire_One) for the necessary tweaks.
Also see the Ubuntu website (https://help.ubuntu.com/community/AspireOne) for detailed
tweaks and fixes. More useful information can be found in the Ubuntu Linux sub-forum
(http://www.aspireoneuser.com/forum/viewforum.php?f=28) at aspireoneuser.com
Palm
Mobile Devices
Ubuntu Linux offers an operating system for Mobile Devices (such as the Samsung Q1 Ultra or
Elektrobit MIMD) with a unique and simplified interface. For more information see the Ubuntu
MID Edition (http://www.ubuntu.com/products/mobile) site.
MP3 / Video Players
161 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Sansa Fuze
The Sansa Fuze is a very high quality MP3 audio as well as video player. It is recognized by
default as a USB device in Ubuntu/Kubuntu. To convert videos into a format that can be copied
to the player, use Video4Fuze (http://code.google.com/p/video4fuze/downloads/list) .
Download and install:
wget
wget
sudo
sudo
http://video4fuze.googlecode.com/files/fuzemux-0.1_amd64.deb
http://video4fuze.googlecode.com/files/video4fuze-0.6_all.deb
dpkg -i fuzemux-0.1_amd64.deb
dpkg -i video4fuze-0.6_all.deb
Use fuzemux-0,1_i386 instead of fuzemux-0.1_amd64.deb if using a 32-bit OS.
Start video4fuze from the command line:
video4fuze
or create a menu item with the Command: video4fuze.
Convert files (mpg or mp4) using Video4Fuze. Do not use the Sansa Fuze player as the
output folder, but use an output folder on your computer. Once the files have been
converted, then copy them directly to a Video folder on the Sansa Fuze (using Nautilus in
Ubuntu or Dolphin in Kubuntu).
I like k9copy to extract something (that I have saved) on a DVD to an mp4 (.avi) first. The
Sansa Fuze likes video at 224 x 176 and DivX 4/5, so I extract to those specifications:
Menu -> Multimedia -> k9copy -> Input: DVD -> Output: MPEG-4 encoding -> folder icon:
/home/user/Videos
k9configure -> MPEG-4 -> Video -> Codec: MPEG-4 (DivX 4/5) -> Width: 224 -> Height: 176
-> Audio: mp3 (lame) -> Bitrate: 128
I then use video4fuze to convert the extracted mp4 (.avi) into the format that the Sansa Fuze
likes.
Limitations: At this time Flash videos (.flv) cannot be converted directly by Video4Fuze. You
must convert flash videos to another format (such as .mpg or mp4/.avi) prior to Video4Fuze
conversion, using a converter such as mencoder or ffmpeg (e.g. with WinFF as the GUI).
MachSpeed Trio
The MachSpeed Trio works natively with (K)Ubuntu Linux. Files can be copied directly to the
device from a File Manager (Dolphin or Nautilus).
162 of 212
Video formats include .mpg, .flv and .avi. However, the screen is 7.5 cm x 4 cm, which is a
1.875 ratio (widescreen). If your video has a 1.33 ratio (fullscreen), you must add left and
right padding to make it look normal. If your video is 320 x 240, for example, you must add
left and right padding of 64 each (making it 448 x 240, which is approximately a 1.875
ratio).
In addition, I found I had to convert some videos twice (using ffmpeg) to get it into a
05/24/2012 07:12 AM
Ubuntu:Precise -
format the Trio would accept. For example, I have a 160x120 .avi video I recorded on
my camera. (This requires 32 padding on each side instead of 64.) There was a 2 step
conversion required to get it into a format the Trio liked:
ffmpeg -i cameravideo.avi -target ntsc-dvd -s 160x120 tempvideo.avi
ffmpeg -i tempvideo.avi -padleft 32 -padright 32 triovideo.avi
The first step does whatever it takes to get the video into a NTSC-compatible format.
However, it encodes into the ac3 audio codec, which the Trio doesn't like. The second
step converts the audio from the ac3 format to the default mp2 audio format (which
the Trio likes better) as well as adds the padding (which in reality can be done in either
step). I have tried to simplify this into a single command but haven't figured out how
to do it yet.
I then copy the converted file directly onto the Trio, where it plays.
Speech Recognition
For more info see the Ubuntu Wiki -- Speech recognition (https://wiki.ubuntu.com
/SpeechRecognition) . Integrated voice recognition is an ongoing project; accumulated
information is available at VoxForge (http://voxforge.org/) .
Julius (http://julius.sourceforge.jp/en_index.php) -- open source continuous speech
recognition / grammar engine (Japanese only -- does not have an English acoustic module
currently). Install:
sudo apt-get install julius julius-voxforge
CMU Sphinx (http://cmusphinx.sourceforge.net/) -- open source voice recognition software.
Install:
sudo apt-get install sphinx2-bin sphinxbase-utils pocketsphinx-utils
Apps using voice recognition (also see this list (http://www.tldp.org/HOWTO/Speech-RecognitionHOWTO/software.html) ):
Gnome Voice Control (http://live.gnome.org/GnomeVoiceControl) (sudo apt-get install
gnome-voice-control)
CVoice Control (http://www.kiecza.de/daniel/linux/index.html) (formerly KDE Voice
Control)
Networking
Only one network manager and GUI interface can be enabled. Network-Manager is installed by
default, but many users prefer Wicd Network Manager (http://wicd.sourceforge.net/) .
Network Manager
Network Manager (http://en.wikipedia.org/wiki/NetworkManager) is the network manager
163 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
installed by default in (K)Ubuntu. It has a tray applet that allows you to switch between Internet
connections (such as wireless APs or wired connection).
Wicd Network Manager
Wicd Network Manager (http://wicd.sourceforge.net/) is a GTK-dependent networking
manager written in Python that can be used in all variants of (K)Ubuntu. Many users (including
me) report it to be faster and more stable than Network Manager. To avoid networking conflicts,
Wicd requires the removal of Network Manager prior to installation (replace networkmanager-kde with network-manager if using Ubuntu instead of Kubuntu).
sudo apt-get remove network-manager-kde
sudo reboot
sudo apt-get install wicd
Set a static IP address
I have never been able to get Network Manager to accept my static IP address settings. If you
only use only a wired interface, you do not need a network manager and it can be removed.
Remove Network Manager (replace network-manager-kde with network-manager if using
Ubuntu instead of Kubuntu):
sudo reboot
Edit the /etc/network/interfaces file (use the gedit text editor instead of kate if using
sudo kate /etc/network/interfaces
and replace the line (ok if line is missing)
iface eth0 inet dhcp
with the following lines (using your own LAN settings, of course):
auto eth0
iface eth0 inet static
address 192.168.0.35
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
Then restart networking:
sudo /etc/init.d/networking restart
164 of 212
Check to see if your settings are now correct:
05/24/2012 07:12 AM
Ubuntu:Precise -
ifconfig
If you need a static IP address and have a wireless connection, Wicd Network Manager
works:
Uninstall Network Manager and install Wicd instead (replace network-manager-kde
with network-manager if using Ubuntu instead of Kubuntu):
sudo reboot
sudo apt-get install wicd
Manual configuration from the command-line
3 steps for WEP:
sudo iwconfig eth[N] essid [SSID]
sudo iwconfig eth[N] key restricted s:[PASSWORD]
sudo dhclient
WPA is more complicated:
sudo mkdir /etc/wpa_supplicant
cd /etc/wpa_supplicant
sudo echo network = { > wpa_supplicant.conf
sudo echo ssid="SSID" >> wpa_supplicant.conf
sudo echo key_mgmt=WPA-PSK >> wpa_supplicant.conf
sudo echo psk="PRESHAREDKEY" >> wpa_supplicant.conf
sudo echo } >> wpa_supplicant.conf
cd /etc/network
sudo gedit interfaces
Now add after "auto eth[N] ..." & "iface eth[N] .." :
wpa-driver wext # or whatever driver your network card needs
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
Save the file and restart your system.
Internet connection sharing (DHCP server)
In most LANs, an inexpensive router is used to provide DHCP (http://en.wikipedia.org
/wiki/Dynamic_Host_Configuration_Protocol) functions (internet connection sharing).
However, DHCP services can also be provided by a single host computer on your LAN
(http://en.wikipedia.org/wiki/Local_area_network) if it is directly connected to the Internet. (This
is useful, for instance, if you have a 3G or other wireless EVDO connection to your computer
which you want to share with the other computers on your LAN). Other client computers on your
LAN would then connect to the Internet through your host computer's Internet connection. The
host computer now essentially performs the DHCP functions of a router.
All "client" computers on the LAN ought to be connected to a central LAN switch or router. (If
using a router, it should have its own DHCP functions disabled -- you shouldn't have 2 DHCP
servers on a LAN unless you know how to nest LANs). They should all be set up to obtain
165 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
DHCP-assigned dynamic IP addresses and use the same LAN subnet settings (which in the
example below is LAN IP range 10.0.0.1 - 10.0.0.250 with netmask 255.255.255.0 and gateway
10.0.0.1). The host computer to be used as the gateway/DHCP server is then connected
(through its own ethernet port) either to one to the ports of the switch (if used), or to a LAN port
of a router (don't use the WAN port). The host computer then connects directly to the Internet
(WAN (http://en.wikipedia.org/wiki/Wide_area_network) ) through a second port (which in the
example below will be a wireless (wifi) port (wlan0)).
(Note: This setup is easiest if you connect all computers on the LAN with Ethernet cables to the
central switch or router. But also see using a nested wireless LAN router below.)
(Note: If you want your LAN to use the same subnet as your WAN, see network interface
bridging.)
Install the DHCP server and firewall programs:
sudo apt-get install dhcp3-server firestarter
Rename the startup command (through a symbolic link) for the DHCP server. This is
required or Firestarter will not know where to find it:
sudo ln -sf /etc/init.d/dhcp3-server /etc/init.d/dhcpd
Edit the DHCP server configuration file:
sudo nano -w /etc/default/dhcp3-server
Change the line
INTERFACES=""
to
INTERFACES="eth0"
Restart the DHCP server:
sudo dhcpd restart
166 of 212
Right click on Network-Manager -> Edit Connections... -> Wired -> Add
->
->
->
->
Connection name: Shared internet connection
IPv4 Settings -> Method: Manual -> Add
Address: 10.0.0.1 -> Netmask: 255.255.255.0 -> Gateway: 0.0.0.0
Available to all users: [x]
Attach the ethernet cable to (eth0).
Network-Manager -> Wired Networks -> Shared internet connection
Adjust your firewall to allow the internet connection sharing. Start Firestarter:
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo firestarter
Tell the firewall which port is your direct Internet Connection:
Firestarter -> Preferences -> Firewall -> Network Settings -> Internet connected network device:
(wlan0)
-> IP address is assigned by DHCP: [x]
Tell the firewall which port is for the LAN, and specify the details for the LAN:
Firestarter -> Preferences -> Firewall -> Network Settings -> Local network connected device:
(eth0)
-> Enable internet connection sharing: [x]
-> Enable DHCP for the local network: [x]
-> DHCP server details -> Create new DHCP configuration -> Lowest IP address to
assign: 10.0.0.2
-> Highest IP address to assign: 10.0.0.250 -> Name server: <dynamic>
Note: Use your own desired LAN settings (internal DHCP-assigned dynamic IP
(http://en.wikipedia.org/wiki/Static_IP#Static_and_dynamic_IP_addresses) address range), of
course. In this example I don't use the full IP range 10.0.0.2 - 10.0.0.255 for dynamic IP
addresses because I want to reserve some LAN addresses (10.0.0.251 - 10.0.0.255) to be
used as static IP addresses).
Notes:
If you wish to use this setup all the time, make the "Shared internet connection"
profile your default connection profile in Network Manager.
Using a nested wireless LAN router
Many users will already have an established LAN that uses an existing wireless router and has
client computers that are setup to connect wirelessly to the router. Here's how to maintain this
setup and still use the internet connection sharing method of a single host computer as
described above. This method is known as nested LANs. The wireless router will serve as a
nested LAN for its wireless clients (only), but in turn will appear as a single device to the main
LAN. The two LANs must have different IP ranges. For example, the main LAN may have an IP
range 10.0.0.1 - 10.0.0.255 (with netmask 255.255.255.0), as in the above example. The
router's nested wireless LAN must then use a different IP range (for example 192.168.0.1 192.168.0.255 with netmask 255.255.255.0).
167 of 212
Do not use your wireless router's WAN (Internet) port.
Connect the host computer (to be used as your main LAN gateway/router) to a LAN port
(not the WAN/Internet port) of the wireless LAN router.
Configure your wireless router's LAN so that it appears to be a single device to the main
LAN:
Setup your wireless router so that the Internet Connection type is "Static IP" (often in
the "Internet Setup" section). Configure the settings so that its "Internet IP address" is
within the static IP address range of your main LAN (e.g. 10.0.0.254), and make sure
the subnet mask matches the one you chose for your main LAN (e.g. 255.255.255.0).
05/24/2012 07:12 AM
Ubuntu:Precise -
The gateway setting should be set to match the IP address of your host computer of
the main LAN (e.g. 10.0.0.1 in the example of the preceding section). Now the wireless
router will appear to the host computer as just another device on the main LAN.
If your wireless LAN is already functioning, you probably don't have to change any
settings, but double-check to make sure the schema are compatible. Configure the
wireless router's settings for the nested wireless LAN. This is done by enabling the
router's DHCP server functions (in "Network Setup" or some similar configuration
section of the router). The router ought to have as its own wireless LAN gateway
address a "local IP address" (or "LAN IP address") of 192.168.0.1 (for the IP address
range used in this example), and a "starting IP address" (for the DHCP-assigned
dynamic IP address range to be used for the wireless clients) to be 192.168.0.2 or
greater. (Some routers ask you to specify the entire range (such as 192.168.0.2 192.168.0.255.)
Make sure all your wireless client computers are set to obtain their DHCP-assigned dynamic
IP addresses from the wireless router (gateway IP 192.168.0.1) instead of from the main
LAN gateway.
Now all communications from the wireless client computers will be routed to the wireless
LAN router first, which will then in turn route them to the host computer (which is acting as
the main LAN gateway/router), which will then in turn route them to the Internet (WAN).
Note: The host computer for the main LAN must have a static IP address (e.g. 10.0.0.1 as in
the example of the preceding section) and it must match the gateway IP address
configured in the wireless LAN router settings.
Network Interfaces Bridging
Install bridge-utils to be able to create network bridges:
sudo apt-get install bridge-utils
Edit /etc/network/interfaces:
sudo nano /etc/network/interfaces
The interfaces file should look like this after editing it:
auto eth0
iface eth0 inet manual
#
auto br0
iface br0 inet dhcp
#
bridge_ports eth0 wlan0
#
# The loopback network interface
auto lo
iface lo inet loopback
Restart networking with:
168 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Using Dynamic IP addresses for a webserver
Normally, domain name servers (DNS) that are used publicly on the Internet match a web
server's URL name with the IP address of the server's host computer. If your computer has a
static IP address, then you can publish your own web server's URL as belonging to the static,
unchanging IP address of your computer.
However, if your IP address is dynamic (always changing) because you use an ISP (Internet
Service Provider) that constantly changes your IP address (using DHCP), then you will need a
Dynamic DNS service to constantly keep track of your dynamically changing IP address and
match it to of your web server's URL. Fortunately, there are a few Dynamic DNS services that
will do this for you, either for a small fee or even for free. For more info, see this Ubuntu
Community help (https://help.ubuntu.com/community/DynamicDNS) article.
For specific tips on setting up Dynamic DNS, see this article.
Filesharing
NFS
NFS is the default networking protocol for network file sharing in *nix systems (including Ubuntu
Linux).
Samba File Sharing
Samba client
Samba is a networking protocol that allows compatibility with Windows-based networks. The
Samba client is installed by default in Ubuntu and should work seamlessly (unless you have
have a firewall blocking the ports).
Samba server
Samba (http://www.samba.org/) provides file/print services for the SMB/CIFS protocol used in
Windows-based networks. See the official Ubuntu documentation (https://help.ubuntu.com/10.10
/serverguide/C/windows-networking.html) for more information about providing services in a
Windows network. A Samba server can be installed using the tasksel option during installation of
the Ubuntu server from the LiveCD, or at any time using:
sudo tasksel install samba-server
An alternative method of installation is:
sudo apt-get install samba samba-tools system-config-samba smbfs
169 of 212
Note: samba-tools, system-config-samba, and smbfs are optional.
Modify Samba settings.
Method 1:
05/24/2012 07:12 AM
Ubuntu:Precise -
Menu -> System -> Administration -> Samba
(Note: this is available only if you installed system-config-samba.)
It is recommended that your user be a member of the sambashare group, as well.
Method 2:
Enable File Sharing Server With User Login (Very Reliable Method)
Do the following on the machine that has the files to be shared:
Add current user to Samba:
sudo smbpasswd -a username
(replacing username with your login username)
Open the samba config file:
sudo nano /etc/samba/smb.conf
Add the directories to be added (right at the end) in the following format:
[Pictures]
path = /home/username/<folder_to_be_shared>
(Replace username with your username and <folder_to_be_shared> with the folder
you want to share)
Press CTRL+X and then Y to save.
Restart Samba:
sudo service smbd restart
sudo service nmbd restart
Note: Prior versions used:
sudo /etc/init.d/samba restart
On Windows access the folder in the following format in Windows Explorer:
\\192.168.x.x
(replace 192.168.x.x with the actual IP address of your server which is serving the
folder)
On Linux type the following in Konqueror or Nautilus:
smb://192.168.x.x
170 of 212
(replace 192.168.x.x with the actual IP address of your server serving the folder)
05/24/2012 07:12 AM
Ubuntu:Precise -
Note: If you use Sharing in KDE's System Settings panel, be aware that there is a small bug,
reported here (https://bugs.launchpad.net/ubuntu/+source/kdenetwork/+bug/95452) . In brief,
you need to comment out/delete any instances of these two lines in /etc/smb.conf :
case sensitive
msdfs proxy
Change your Workgroup
To change your Samba (Windows network) workgroup:
Look for the line:
workgroup = WORKGROUUP
and change the setting to whatever your LAN workgroup is.
Recognizing Win98 machines
Microsoft networking is extremely quirky. To enable recognition of PCs with Windows 98, edit
your Samba configuration file:
Then add the following lines to the file:
[global]
# THE LANMAN FIX
client lanman auth = yes
client ntlmv2 auth = no
Integrating into Mac OS X Network
See this guide (http://www.zaphu.com/2008/04/30/five-guides-on-how-to-integrate-ubuntuinto-a-mac-os-x-network/) for information on integrating Ubuntu into an existing Mac OS X
Appletalk network.
FTP Server
An FTP server allows the easy transfer of files between systems over the network. Clients such
as Filezilla can be used to interact with an FTP server. Also see these FTP tips.
vsftpd
vsftpd (http://vsftpd.beasts.org/) is an FTP server available in (K)Ubuntu. For configuration
information, see the official Ubuntu documentation (https://help.ubuntu.com/11.10/serverguide
/C/ftp-server.html) . Install:
171 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install vsftpd
proftpd
Proftpd (http://www.proftpd.org/) is an FTP server available in (K)Ubuntu that can be used with
either the MySQL or PostgreSQL database. Also see the Ubuntu Community documentation
(https://help.ubuntu.com/community/ProFTPD) . Install:
sudo apt-get install proftpd-basic
WebDAV
WebDAV (http://en.wikipedia.org/wiki/WebDAV) is a method for allowing remote access to
local folders via an HTTP-based web browser or file manager. This can be combined with user
authentication (using LDAP or other password mechanism).
See this page for instructions.
Local Area Network
Modems / Dial-up
Network Manager does not accept modem connections. See Ubuntu help
(https://help.ubuntu.com/10.10/internet/C/modem.html) for information on identifying and
connecting with a modem. These instructions require gnome-network-admin (install while
connected to a wired ethernet connection):
sudo apt-get install gnome-network-admin
Gnome PPP and wvdial
Gnome PPP (http://en.wikipedia.org/wiki/Gnome-ppp) is a discontinued GUI frontend for the
wvdial (http://alumnit.ca/wiki/index.php?page=WvDial) PPP modem dialer. It is still available as a
package. Install:
sudo apt-get install gnome-ppp wvdial
See this forum thread (http://ubuntuforums.org/showthread.php?t=931872) for tweaks required
to make Gnome PPP and wvdial operational in Lucid.
GPPP
GPPP was the default modem dialing application in previous versions of Ubuntu.
Menu -> Applications -> Internet -> GPPP Internet Dial-up
Remote Access
172 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
There are several methods of remote access. VNC sharing allows you to view and control a
remote computer's desktop. (Windows users use a similar proprietary protocol called remote
desktop protocol (RDP)). XDMCP allows a complete remote X-windows based login. Remote
connections are hazardous unless proper security precautions are taken to prevent unauthorized
logins and to ensure encryption of transmitted data.
SSH
Secure Shell or SSH is a network protocol that allows data to be exchanged over a secure
channel (or "tunnel") between two computers. Encryption provides confidentiality and integrity
of data. The OpenSSH client is installed by default in Ubuntu so you can connect to another
computer that is running an SSH server.
Connect to a remote SSH server
From the command-line terminal
Install the OpenSSH (http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1) client (if
not already installed):
sudo apt-get install openssh-client
From the command-line Terminal type:
ssh -C <username>@<computer name or IP address>
Note: The -C option indicates compression, which speeds up transmission through the
tunnel.
For example:
ssh -C [email protected]
or:
ssh -C [email protected]
or
ssh -C 192.168.1.1 -l mike
Note: -l specifies the login id.
If the SSH server is listening on a port other than port 22 (the default), you can specify that in
your connection (with the -p option). For example, if the SSH server is listening on port 11022,
connect:
ssh -C [email protected]:11022
173 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
or
ssh -C remote.computer.xyz -p 11022 -l joe.friday
If you have made a public/private key using ssh-keygen, the private key must be stored in
/home/user/.ssh. The key should be accessible only to user
sudo chmod 600 /home/user/.ssh/identity
or
sudo chmod 600 /home/user/.ssh/id_rsa
To login with the key:
ssh -C remote.computer.xyz -p 11022 -l joe.friday
Note: You can run the command as a menu item, but the command must be "run in terminal."
Port forwarding through SSH
See Using SSH to Port Forward for full details.
In brief, use
ssh -C <remote ip> -p <SSH tunnel port> -L <local port>:<remote computer>:<remote port> -l <user>
This specifies that any communications from your computer (localhost) going out through <local
port> will be transmitted securely through the the SSH tunnel port. To use VNC through the
tunnel, you would use an application like Krdc or Vinagre:
krdc vnc://localhost:<local port>
Note: localhost is equivalent to (and interchangeable with) 127.0.0.1. Either can be used.
Note that for VNC, the default <local port> is 5900. In general, a remote VNC server (such as
X11VNC) is also listening on the default <remote port> 5900 as well. The default <SSH tunnel
port> is 22, as discussed above. All these can be changed, however, if you desire greater
security.
For me, I noticed that I had to set <remote computer> to be the internal LAN IP address of the
remote computer (such as 192.168.1.155) instead of the remote router's IP address, which is
specified in <remote IP>. (If the remote computer has a static IP address (i.e. is directly
connected to the Internet without an intervening router), then <remote computer> and
<remote ip> would be the same.)
Example: For extra security, my SSH Server uses <SSH tunnel port>=11022. I want to VNC to a
remote computer on a remote LAN with a router whose IP address is <remote ip> =
244.205.123.123. The remote computer to which I want to connect has a static IP address within
the remote LAN of <remote computer> = 192.168.1.155. I have set up an X11VNC server on
174 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
this computer that is listening on <remote port> = 6912 (instead of the default 5900). I setup
port forwarding on the router of this remote LAN to forward port 6912 to this server computer. I
want to VNC to this remote computer from my laptop, through the Internet. My laptop VNC client
(Krdc) will use the default <local port> = 5900. My name is <user> = joe.friday. This is my
story.
ssh -C 244.205.123.123 -p 11022 -L 5900:192.168.1.155:6912 -l joe.friday
krdc vnc://localhost:5900
If you have set up a private/ public key pair with a passphrase, or if your SSH server requires a
passphrase, of course, you will be prompted for the passphrase after issuing the SSH command.
Note: Port forwarding assumes that the ports are also forwarded through the router(s) and
through any firewalls. See the documentation for your router(s) and firewall to learn how to do
this. The advantage of SSH tunneling is that only the <SSH tunnel port> needs to be open and
forwarded by a router. All encrypted communications will go through your router using this
single port. This is what makes the communications secure.
PuTTY
PuTTY (http://www.chiark.greenend.org.uk/~sgtatham/putty/) is a GTK-based GUI client-interface
for SSH connections and eases the setup for port forwarding, SSH public key authentication, and
automated login. A user would run Putty to create the SSH tunnel (instead of the ssh command)
and then run a program such as Krdc or Vinagre. PuTTY is available for both Linux and Windows
(but for routine Linux usage OpenSSH is generally recommended instead).
sudo apt-get install putty putty-tools
To create a 2048-bit RSA key pair compatible with OpenSSH, it is possible to use Puttygen
(http://linux.die.net/man/1/puttygen) (part of Putty-tools). (For me the Linux version of
Puttygen is occasionally buggy, however, so I recommend OpenSSH keygen for routine
usage instead):
puttygen -t rsa -b 2048 -O private -o putty_rsa.ppk
puttygen putty_rsa.ppk -O public-openssh -o id_rsa.pub
puttygen putty_rsa.ppk -O private-openssh -o id_rsa
Move the OpenSSH-compatible keys to the ~/.ssh (i.e. the /home/user/.ssh) folder
mv id_rsa* ~/.ssh
Copy the public key ( /home/user/.ssh/id_rsa.pub ) to the server that is hosting the
OpenSSH server, into the /home/serveruser/.ssh (for whichever user is the administrative
user for the server -- generally the user that installed the server initially). If the SSH tunnel
is (still) set at default port 22, you can copy the key using the utility:
ssh-copy-id [email protected]
Connect a VNC client (such as Krdc) through SSH using the command-line:
putty -ssh -i ~/.ssh/id_rsa -l serveruser -L 5900:127.0.0.1:5900 remoteserver.computer.xyz -P 22
175 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
krdc vnc://127.0.0.1:5900
or as a single command:
putty -ssh -i ~/.ssh/id_rsa -l serveruser -L 5900:127.0.0.1:5900 remoteserver.computer.xyz -P 22 sleep 5; krdc vnc://127.0.0.1::59
Alternatively, the PuTTY SSH Client GUI can be run (from Menu -> Internet -> PuTTY SSH
Client) and options configured from there.
Using keys created by Puttygen in OpenSSH
The public security key generated by Puttygen in Windows is generally not compatible with
OpenSSH security keys unless it is edited. For example, the default OpenSSH key is 2048-bit RSA
(SSH-2). When a 2048-bit RSA (SSH-2) PuTTY public/private key pair is generated (by Puttygen)
in Windows (see this tutorial (http://unixwiz.net/techtips/putty-openssh.html) ), the public key
looks like:
---- BEGIN SSH2 PUBLIC KEY ---Comment: "rsa-key-20100302"
AAAAB3NzaC1yc2EAAAABJQAAAQEAjdp567qxsGkhELlMQup2mXHdsveCWq/maU6k
unPpbkwEuhkasuOrhkAWgv5v3d8S857zdHcfnXWi2FkEaJuFxqpJ2IkFuvqRdqYD
ZCcASj2S0LoXdWpC4uon6VH8oBT31r+wkDfmI2a+K74jgXjtm1BWWxwOpKaWQHi9
YItbY/06renRex34n3ejO20JRqD/BxnFU7ND41Szo3ZMKoa0yzhevU2ntt74BCvC
bYFHdSoRbi3AH8qGInzFfhXPdrG8qA382ZKEh5Bmy8Qxb9Uen/+jjP51YxN/ykee
RwSrdSCZekB6jN6uuTLNDEXJSJizqlPU8tROqf3pYv1kxzD9bw==
---- END SSH2 PUBLIC KEY ----
To be used by OpenSSH, the saved public key must be edited.
Delete the first two lines (with the BEGIN and Comment: in them) and the last line.
Join the remaining lines into a single line.
Place ssh-rsa at the beginning.
It should end up looking like:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjdp567qxsGkhELlMQup2mXHdsveCWq/maU6kunPpbkwEuhkasuOrhkAWgv5v3d8S857zdHcfnXWi2FkEaJuFxqpJ2IkFuv
Once the PuTTY public key is in this format, it can be appended to the ~/.ssh
/authorized_keys file on the OpenSSH server. (The private key stays on the client computer,
of course). PuTTY can then connect (from Windows or Linux) to an OpenSSH server using
the public/private key method.
Connect using SSH Agent
With SSH Agent you can automate the use of public key authentication and open an XDM or VNC
session using a script. See this tutorial (http://kimmo.suominen.com/docs/ssh/#ssh-agent) .
Also see this alternative simple approach: Connect with SSH and start an application with a
single command.
Setup an SSH server
Install the OpenSSH (https://help.ubuntu.com/10.10/serverguide/C/openssh-server.html)
server:
176 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install openssh-server
or
sudo tasksel install openssh-server
Note: The OpenSSH server can also be installed when doing a server installation as an option
from the LiveCD.
Note: An OpenSSH server can also be set up on a Windows server using Cygwin. See these
instructions (http://pigtail.net/LRP/printsrv/cygwin-sshd.html) .
Don't forget to forward the port on which your OpenSSH server is listening. The default SSH
port is 22; if the default is used, the router should therefore forward port 22 to the
computer on the LAN that is hosting the OpenSSH server. The OpenSSH listening port can
be changed; in fact, each computer on the LAN can listen on its own unique SSH port, if
desired. The router must forward each specified listening port to the correct computer.
Therefore, if computer 1 has its OpenSSH server set to listen on port 22221, then the router
should forward port 22221 to computer 1's LAN IP address. If computer 2 has its OpenSSH
listening port set to 22222, then obviously the router must forward port 22222 to computer
2's LAN IP address. To change the listening port of the OpenSSH server, edit the /etc/ssh
/sshd_config file (use the gedit text editor instead of kate if using Ubuntu instead of
Kubuntu):
sudo kate /etc/ssh/sshd_config
and change the listening port from 22 to your desired listening port:
Port 22221
then restart the OpenSSH server:
sudo /etc/init.d/ssh restart
For greater port security (and to minimize brute-force attacks (http://en.wikipedia.org
/wiki/Brute-force_attack) ), consider using Knockd.
Limit authorized SSH users
See Limit the user accounts that can connect through OpenSSH remotely
OpenSSH Public Key Authentication
See this OpenSSH Public Key Authentication Tutorial (http://sial.org/howto/openssh/publickeyauth/) .
In brief, it is necessary to generate a public / private key pair. On your client machine, generate
the pair:
177 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
ssh-keygen
A prompt asks for a passphrase. If you wish to use OpenSSH without a password from a secure
client (to which no one but you has access), leave the passphrase blank. If you enter a
passphrase, you will be asked for this passphrase each time you use the SSH client. By default, a
2048-bit RSA SSH-2 key pair is generated and stored in the /home/user/.ssh folder. The private
key is named id_rsa and is meant to stay in that folder. (The public key is id_rsa.pub and is
meant to be copied to the OpenSSH server.)
The private key must only be accessible (and should be read-only) to user, the owner
of the file:
chmod 600 /home/user/.ssh/id_rsa
You could also make the entire .ssh folder accessible only to user:
chmod 700 /home/user/.ssh
Copy the public key ( /home/user/.ssh/id_rsa.pub ) to the server that is hosting the
OpenSSH server, into the /home/serveruser/.ssh (for whichever user is the administrative
user for the server -- generally the user that installed the server initially). If the SSH tunnel
is (still) set at default port 22, you can copy the key using the utility:
ssh-copy-id [email protected]
The ssh-copy-id utility only works over port 22. An alternative if you have changed
your SSH port is to copy the /home/user/.ssh/id_rsa.pub key to the server manually. On
the server make sure the directory /home/serveruser/.ssh exists and that there is a file
authorized_keys (with write privileges) in that folder. If not, create such a file while
logged into the server as serveruser (the touch command creates an empty file):
mkdir ~/.ssh
cd ~/.ssh
touch authorized_keys
Then concatenate the id_rsa.pub key you have copied to the ~/.ssh folder. (Make sure the owner
of id_rsa.pub, after copying, is serveruser.):
cd ~/.ssh
chown serveruser id_rsa.pub
cat authorized_keys id_rsa.pub >> authorized_keys
Make sure the OpenSSH server knows to look for the key file. On the remote server, edit
the OpenSSH configuration file:
sudo nano /etc/ssh/sshd_config
178 of 212
Uncomment the line (i.e. remove the # at the beginning of the line):
05/24/2012 07:12 AM
Ubuntu:Precise -
#AuthorizedKeysFile %h/.ssh/authorized_keys
Remove the ability to login to the OpenSSH server using password authentication:
sudo nano /etc/ssh/sshd_config
Change the line
#PasswordAuthentication yes
to
PasswordAuthentication no
Restart the OpenSSH server:
Now you can connect securely with an SSH tunnel without requiring a password, logging in
as serveruser.
ssh -l serveruser -L 5900:127.0.0.1:5900 remoteserver.computer.xyz -p 22
Connect with SSH and start an application with a single command
If you have created an OpenSSH key pair (without a password), you can start both the SSH
tunnel and a VNC program (such as Krdc or Vinagre) to run through the SSH tunnel with a
single command:
ssh -f -l serveruser -L 5900:127.0.0.1:5900 remoteserver.computer.xyz -p 22 sleep 5; krdc vnc://127.0.0.1::5900
Alternatively (and probably preferably) you can create a Menu Item / Shortcut with the
above command.
Note: This command is a command-line mini-script. The SSH option -f option tells the SSH client
to fork into the background after starting. (This option is not available in the PuTTY client.) This
allows the command line to continue to proceed to the next command(s) listed on the command
line mini-script. The 5 second wait ("sleep") timeout allows time for the SSH tunnel to be created
before proceeding to the next command. (This can be lengthened if necessary.) After the wait
period, the program (Krdc VNC in this example) is started.
Of course, any program could be started (to be run through the SSH tunnel) in this fashion,
not just a VNC program.
Automate SSH connections that require a password
This method is strongly advised against. Transmitting an unencrypted password through the
Internet (in order to establish an SSH connection) invites password sniffing. Use the OpenSSH
179 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
key pair methods described above, instead. This method is listed here for reference.
Terminal interactions (such as the SSH password challenge) can be automated using the
expect (http://linux.die.net/man/1/expect) utility. Install:
sudo apt-get install expect
If, for example, your SSH client ID is clientuserID, yourpassword is not#1sostrong, and the
remote SSH server is remoteserver.computer.xyz (using the default SSH port of 22), then
use this command to start the SSH tunnel:
expect -c 'spawn ssh -l clientuserID -L 5900:127.0.0.1:5901 remoteserver.computer.xyz -p 22; expect assword ; send "not#1sostrong\
There are other parameters in this example. 5900 and 5901 are the ports to be used on either
side of the tunnel (port 5900 is used for VNC, for example). See Port forwarding through SSH for
more details.
You can use the entire command as a menu item (must be "Run in terminal" in the Advanced
menu options).
VNC
Virtual Network Computing (VNC) mirrors the desktop of a remote ("server") computer on your
local ("client") computer (it is not a separate remote login, as is XDMCP). A user on the remote
desktop must be logged in and running a VNC server (such as X11VNC, Vino, or Krfb). Keyboard
and mouse events are transmitted between the two computers. VNC is platform-independent —a VNC viewer on one operating system can usually connect to a VNC server on any other
operating system. (Windows users can use one of several clients such as UltraVNC Viewer
(http://www.uvnc.com/docs/uvnc-viewer.html) .)
Vino Remote Desktop VNC server
Vino-server (the Gnome VNC server) is included by default in Ubuntu. Start:
Menu -> System -> Preferences -> Remote Desktop
You can accept uninvited connections in the Security section. You can require a password
for these connections.
This implementation of Vino does not allow changing the default listening ports (which start
at 5900). If you wish to customize your VNC connection, use X11VNC instead.
A user can connect using Vinagre, the Terminal Server Client, or any other VNC client.
How to securely use VNC with SSH tunneling
It is less secure to leave the VNC listening port open to the Internet, even with a password. (This
can expose you to password cracking attempts.)
It is more secure to use SSH to tunnel your VNC connection. Under SSH port forwarding, the VNC
listening port is the <remote port>. To increase security, this listening port can be changed from
the default 5900. Only the VNC server and the SSH client need to specify the <remote port> in
a secure connection.
180 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
X11VNC Server
While Vino is easy to use, X11VNC allows far more customization and therefore can be used
more in situations where greater security is needed.
Install an X11VNC server to share your desktop with other computer:
sudo apt-get install x11vnc
Run X11VNC without a password:
x11vnc -forever -rfbport 5900
Note: -rfbport 5900 specifies the port to listen on. The port number can be changed. This
option is not required if the default port 5900 will be used. Don't forget to open/forward this
port in your firewall/router. By default X11VNC server exits after the first client disconnects.
To keep it running (and allow future connections), use the -forever option. See here
(http://www.karlrunge.com/x11vnc/x11vnc_opts.html) for more command line options.
Create a password to use with X11VNC:
mkdir ~/.vnc
x11vnc -storepasswd YOUR_PASSWORD ~/.vnc/x11vnc.pass
X11VNC can then be started with a password:
x11vnc -forever -rfbport 5900 -rfbauth ~/.vnc/x11vnc.pass -o ~/.vnc/x11vnc.log -loopbg -display :0
You can create a startup script so that X11VNC is automatically loaded at startup (with
password settings):
echo "/usr/bin/x11vnc -forever -rfbport 5900 -rfbauth ~/.vnc/x11vnc.pass -o ~/.vnc/x11vnc.log -loopbg -display :0" > ~/.config/aut
chmod +x ~/.config/autostart/x11vnc.sh
You can test the startup script:
~/.config/autostart/x11vnc.sh
Using VNC with SSH
See Port forwarding through SSH for additional information.
Vinagre VNC client
Vinagre (http://library.gnome.org/users/vinagre/stable/index.html.en) is the default
Gnome-based VNC client used in Ubuntu.
181 of 212
Menu -> Applications -> Internet -> Remote Desktop Viewer
05/24/2012 07:12 AM
Ubuntu:Precise -
Terminal Server Client
The Terminal Server Client is an Ubuntu/Gnome frontend for rdesktop (http://www.rdesktop.org/)
(for RDP connections to Windows computers) and one of several vncviewer clients (for VNC
connections). In can be used instead of Vinagre.
Menu -> Applications -> Internet -> Terminal Server Client
To use it with VNC, one of the VNC clients must be installed first. For example, install the
TightVNC (http://www.tightvnc.com/) client:
sudo apt-get install xtightvncviewer
Note that the TightVNC client can be used from the command line (or as a menu item)
directly:
vncviewer 192.168.0.12::5900
where 192.168.0.12 is an example host location that is running a VNC server on port 5900.
For more command-line options, use
man vncviewer
Krdc VNC client
Krdc is the default VNC client in Kubuntu/KDE but can be used in GNOME. It can be used for
both VNC and RDP connections. Installing it will also install the Qt platform and many KDE
utilities (a large download).
sudo apt-get install krdc
Run:
Menu -> Applications -> Internet -> Krdc
The command-line connection (for use as a menu-item, for example) is:
krdc vnc://<remote IP>
If the remote (Krfp) VNC server is using a <remote port> other than the default 5900 port,
use
krdc vnc://<remote IP>:<remote port>
Krdc can also connect to a Windows server using RDP (Remote Desktop Protocol).
krdc rdp://<remote IP>:<remote port>
182 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Using a VNC client with SSH
See this howto (http://jeltsch.org/node/209) for an automated setup using a script (it did not
work for me, but it might for you).
In brief, you would initiate an SSH tunnel with port forwarding using Putty or the command line:
ssh -C <remote ip> -p <SSH tunnel port> -L <local port>:<remote computer>:<remote port> -l <user>
then you would start a VNC client such as Krdc:
krdc vnc://localhost:<local port>
<local port> will usually be the default 5900, in which case you could simply use
krdc vnc://localhost
XVNC4Viewer VNC Client
XVNC4Viewer is an alternative to Vinagre or the Terminal Server Client (vncviewer). Install:
sudo apt-get install xvnc4viewer
Automatic user login (for use with VNC)
VNC only works if a user is logged in. When a computer (hosting one or more servers) is
intended to start up unattended and VNC (with or without SSH tunneling) is to be used, the
computer ought to start with the primary user logged in. To accomplish this:
Menu -> System -> System Settings -> Login Manager -> Convenience -> Enable
Auto-Login (ticked) -> Lock session (ticked)
-> Pre-select user: Specified: Choose primary user (i.e. the user hosting the SSH
tunnel, if any, and the VNC server)
-> Automatically log in again after X server crash (ticked)
Also make sure the VNC server is set to Autostart at bootup.
FreeNX
FreeNX (https://help.ubuntu.com/community/FreeNX) is a remote desktop display server/client
solution that natively incorporates SSH tunneling (unlike VNC). It is therefore more secure than
VNC (unless VNC is coupled with SSH tunneling).
FreeNX Server
The Free server .deb package can be downloaded from No Machine free server downloads
(http://www.nomachine.com/select-package.php?os=linux&id=1) .
183 of 212
Alternatively, add the following repositories:
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo add-apt-repository ppa:freenx-team
Install the package:
sudo apt-get update
sudo apt-get install freenx
FreeNX Client
Download the self-installing .deb file from No Machine Client downloads
(http://www.nomachine.com/select-package-client.php) .
XDMCP
XDMCP (http://www.tldp.org/HOWTO/XDMCP-HOWTO/index.html) allows a separate remote login
by an authorized user. This login is separate from the local user.
XDMCP is not secure over the Internet and should only be used within a LAN. It cannot be
tunnelled through SSH. It is turned off by default in Ubuntu. To enable it, edit the
configuration file:
gedit /etc/gdm/custom.conf
Find and change (or add) the line from false to true so that it reads:
[Xdmcp]
Enable=true
Telnet
SSH is, basically, secure Telnet.
VPN clients
A VPN (http://en.wikipedia.org/wiki/Virtual_private_network) (Virtual Private Network) allows a
secure encrypted connection ("tunnelling") over the Internet between a client (either standalone
or on a separate LAN) and a home or corporate LAN server.
VPN through Network Manager
The default Network Manager in Ubuntu/Kubuntu has a VPN client available. This includes
support for IPSec and Cisco-compliant VPN connections. Install:
sudo apt-get install network-manager-vpnc
To connect to a VPN network using OpenVPN (SSL), install the plugin:
sudo apt-get install network-manager-openvpn
184 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
To connect to a VPN network using PPTP (MS Windows servers), install the plugin:
sudo apt-get install network-manager-pptp
Configure:
Network Manager icon (in system tray) -> VPN Connections -> Configure VPN
vpnautoconnect (vpn daemon)
vpnautoconnect (http://sourceforge.net/projects/vpnautoconnect/) is a daemon to allow
automatic vpn connections through Network Manager. Download (http://sourceforge.net/projects
/vpnautoconnect/files/) and install the .deb package for your OS version.
Other VPN clients
Standalone VPN clients based on protocol are available (but not necessary if using Network
Manager):
vpnc (http://www.debuntu.org/how-to-connect-to-a-cisco-vpn-using-vpnc) , grml-vpn
(http://grml.org/online-docs/grml-vpn.8.html) -- for Cisco-compliant (IPSec) VPN
networks
openswan (http://www.openswan.org/) -- for IPSec (OpenSwan) VPN networks
pptp-linux (http://pptpclient.sourceforge.net/) -- for PPTP (MS Windows-compliant) VPN
networks
openvpn (http://openvpn.net/) , gadmin-openvpn-client -- for OpenSSL (OpenVPN) VPN
networks
VPN servers
OpenVPN
OpenVPN (http://openvpn.net/) is a free, GPL-licensed open-source cross-platform VPN solution
based on OpenSSL (not IPSec). Install the server (then see the website for further installation
instructions):
sudo apt-get install openvpn bridge-utils
A GUI configuration utility (GTK-based) is available:
sudo apt-get install gadmin-openvpn-server
Also see these installation tips.
Poptop (PPTP Server)
Poptop (http://poptop.sourceforge.net/) is a free open-source PPTP-based VPN server compatible
with MS-windows PPTP clients. Install:
sudo apt-get install pptpd
185 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
OpenSwan
OpenSwan (http://www.openswan.org/) is the open source implementation of IPSec-based VPN
connections for Linux (and is a successor to FreeSwan). Install:
sudo apt-get install openswan linux-patch-openswan
Security
Ubuntu by default is a fairly safe system. However, if you intend to use Ubuntu as a server, or
for critical applications in which loss of data (by accident or by malicious intrusion) would be
disastrous, you should learn how to make Ubuntu more secure. A good introduction to Ubuntu
Security Best Practices (http://www.psychocats.net/ubuntu/security#bestpractices) is available.
Recommended reading includes the book Cyber War (http://www.harpercollins.com/books
/9780061962233/Cyber_War/index.aspx) by Richard Clark (http://en.wikipedia.org
/wiki/Richard_A._Clarke) and this interview (http://news.cnet.com
/8301-27080_3-20004505-245.html) with Joe Weiss (IT advisor for the energy-sector smart grid).
Firewall
Network communications go through "channels" called ports. You can restrict which ports are
available ("open") for network communications, creating a barricade to unwanted network
intrusion. Firewalls do this job for you. But I guarantee that if you install one before you know
how to use it that one or more networking programs on your system will stop working. Read
every bit of documentation about a firewall before installing it -- you won't regret the time
invested. All of these packages modify iptables (http://en.wikipedia.org/wiki/Iptables) , which is
the set of rules that controls network access in and out of your computer. (You can modify
iptables manually from the command line, as well, but if you are that much of an expert, you
probably don't need this guide.) Also see the official Ubuntu documentation
(https://help.ubuntu.com/12.04/serverguide/firewall.html) .
Firestarter
Firestarter (http://www.fs-security.com/) is an intuitive firewall manager used to set the
iptables values which provide firewall capabilities in Linux (including Ubuntu). It has a very
easy-to-use GUI.
sudo apt-get install firestarter
Firestarter fails to open system log
This is a problem in Precise. See the solution here.
Guarddog
Guarddog (http://www.simonzone.com/software/guarddog/) is a GUI firewall configuration utility
that has been used for KDE. It has a complex array of configuration, and is difficult to use for
some beginners.
186 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install guarddog
Uncomplicated Firewall
Uncomplicated Firewall (http://wiki.ubuntu.com/UncomplicatedFirewall) is installed in (K)Ubuntu
by default, but all ports are open initially. It is configurable through the command-line interface.
See this forum thread (http://ubuntuforums.org/showthread.php?t=823741) , or this usage
tutorial (http://www.ubuntu-unleashed.com/2008/05/howto-take-use-setup-and-advantageof.html) , or Ubuntu community help (https://help.ubuntu.com/community/UFW) for tips on how
to set up and use it. If not installed, it can be installed:
apt-get install ufw
Gufw
Gufw (http://gufw.tuxfamily.org/index.html) is a graphical user interface for Uncomplicated
Firewall. Install:
sudo apt-get install gufw
Anti-virus
If you are running a file server, interface frequently with Windows drives or share files with
Windows users, or use virtualization, you will want a virus checker for your Windows files.
Despite extensive minsinformation, Linux is not immune from malware (witness the
explosion of malware being created for the Linux-based Google Android systems). The
malware is not usually spread within the OS itself (as long as the OS is a well-respected
distribution obtained through official channels), but in trojan programs downloaded and
installed by users outside of the normal software distribution channels (i.e. repositories) of
the OS. There is always a danger to using programs downloaded from the Internet from
sources other than respected repositories -- it is the primary reason that Debian and
(K)Ubuntu retain tight control over their software repositories.
Any file can have malware embedded in it (which is trivial to achieve by concatenation, for
example: cat originalfile.avi malware.exe > originalfileplusmalware.avi). The question is
whether a user will try to open a file with a program (such as a media player) that has been
compromised in a way that allows it to execute the code found in the infected media (e.g.
.avi) file. This can occur not only for Windows users but for any OS (including Mac OSX and
Linux) with a compromised program (e.g. media player). An example is the extensive
problems the Mac OS community is currently having with the Flash player.
Routine scanning of any file downloaded from the Internet, any file imported from another
user's computer (even a trusted source, since their attention to virus prevention may not
be as compulsive as yours), or any attachment received in an email (even from a trusted
sender) should be done with an anti-virus program.
ClamAV
187 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
ClamAV (http://www.clamav.net/) is the open source virus tool for Linux. To install ClamAV:
sudo apt-get install clamav
If an error is returned: "The database directory must be writable for UID 1000 or GID 1000"
in order for the virus database to be updated, then change the ownership of the installation
directory (/var/lib/clamav):
sudo chown 1000 /var/lib/clamav
ClamTk (ClamAV GUI)
ClamTk (http://clamtk.sourceforge.net/) is a GTK-based GUI frontend for ClamAV. Install:
sudo apt-get install clamtk
AVG
AVG (http://free.avg.com/us-en/download.prd-afl) offers a free virus scanner for Linux in a .deb
package. Download and install from the website.
Avast
Avast (http://www.avast.com/linux-home-edition) offers a Linux edition (for home users only) in a
.deb package. Download and install from the website.
Anti-spam
Spam Assasin
SpamAssasin (http://spamassassin.apache.org/) is written in perl, and is mostly for use with a
server (such as a groupware server or Apache). Install:
sudo apt-get spamassassin
Rootkit checkers
Rootkits (http://en.wikipedia.org/wiki/Rootkit) are malicious trojan (http://en.wikipedia.org
/wiki/Trojan_horse_(computing)) -like programs to allow an intruder to become a root user and
therefore have complete administrative control over the system. There aren't many rootkits in
the wild for Linux. Still, this is a growing security problem (especially in other operating systems)
and it is a matter of time before more rootkits appear in Linux. Checking for rootkits isn't always
successful from a system that is already infected. Your rootkit checker should therefore be run
from another system, or a USB pendrive with an Ubuntu LiveCD installation. See the rootkit
checker manuals for instructions how to do this. If you are infected with a rootkit, you must
backup all your files and re-install your system. (Thank goodness this is easy with Ubuntu, unlike
with other operating systems).
188 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Chkrootkit
Chkrootkit (http://www.chkrootkit.org/) checks locally for signs of a rootkit. See the chkrootkit
manual (http://www.chkrootkit.org/README) for usage instructions.
Install:
sudo apt-get install chkrootkit
Run:
sudo chkrootkit
Rootkit Hunter
Rootkit Hunter (http://www.rootkit.nl/projects/rootkit_hunter.html) is compatible with (K)Ubuntu
systems. See the usage instructions (http://sourceforge.net/docman
/display_doc.php?docid=35179&group_id=155034) .
Install:
sudo apt-get install rkhunter
Run:
sudo rkhunter
Malicious commands to avoid
There are many malicious commands to be avoided in Linux (as in all operating systems). It is
worthwhile to be aware of these dangerous commands so that they are not executed by
accident or by malicious advice.
USB drives
USB drives are a major source of security risk and means of data theft.
An administrator password should be set for the computer BIOS and booting from a USB
drive or CD/DVD should be disabled. (Otherwise, any passerby can boot their own OS and
then use it to steal data from the hard drive.)
See this article (http://www.cyberciti.biz/faq/linux-disable-modprobe-loading-of-usb-storagedriver/) for methods of restricting USB usage to authorized users.
Prevent unauthorized boots and system access
Many computers are kept in places where casual passersby may have an opportunity to access
the computer, unobserved for short periods. In addition to physical precautions to prevent or
slow computer theft (such as locked cases, alarms, and security cables similar to those used to
189 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
slow bicycle theft), precautions (http://www.pcworld.com/article/114727
/lock_down_your_pc.html) should be taken to prevent an unauthorized operating system from
being booted using an external device (such as USB drive). Once such as external OS is booted,
it can be used to access most hard drive(s) on the computer and the contents copied to a
second external device (to be examined or unencrypted later). This is a common means of data
theft that is fast and easy to accomplish, and means to deter it should be taken on any public or
semi-public computer.
Set BIOS to restrict bootup to the hard drive only.
Set a Supervisor/Administrator password for your computer's BIOS. (I recommend
writing it down and taping it to the inside cover of the computer case prior to locking
the computer case.) Disable booting from all devices except the hard drive. Setting
the hard drive as the first priority boot device is not enough, as most current BIOS
menus allow manual selection of any enabled boot devices. Only the hard drive should
be left enabled.
Enable Hard Drive locking, if your computer's BIOS allows it. Most hard drives allow a
password to be set by the BIOS and stored in a chip on the hard drive controller which can
only be reset by disassembling the hard drive. (Some manufacturers provide a backdoor
security key, however.) BIOS versions found on newer computers/laptops allow this
password to be set in the BIOS, so that only a BIOS containing the correct password can
unlock the hard drive. (If the hard drive is then removed from the computer, it cannot be
accessed by any BIOS that does not have the correct password or backdoor security key.)
Note, however, that this precaution does not protect against booting from external devices
if the BIOS is still set to allow that.
There is a risk to this security measure. If you forget the password and the BIOS
passwords somehow get reset, the hard drive would become inaccessible. The BIOS
and Hard Drive password(s) should always be stored in a safe location.
Password protect the Grub bootloader. Without password protection, Grub can be used to
circumvent BIOS restrictions. See this section for Grub Legacy and this section for Grub2.
Make sure all user accounts are protected by a password, and always require passwords for
login. Never create an "administrator" user account (hidden or not) and leave it
unprotected by a password. Never enable automatic login without a password to any user
account.
It is possible to enable automatic login to a preferred password-protected user account
while simultaneously enabling a password-protected screensaver (the password for
which must still be entered even before initial user access). This is a reasonable
solution that offers protection while still allowing automatic login.
Make sure a password-protected screensaver is always enabled (that will engage after a
reasonably short period of inactivity).
Network Monitors
There are two types of network monitors: those that monitor your own system's network
settings and those that monitor network traffic. The latter includes security tools (that can also
be used as hackers tools) for exposing security weaknesses in a network. Be aware and be safe!
190 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
A list of available tools is at Top Ubuntu Security Tools (http://www.ubuntu-unleashed.com
/2008/06/top-security-tools-in-ubuntu.html) .
Netstat
Netstat (http://www.faqs.org/docs/linux_network/x-087-2-iface.netstat.html) is the Linux
command-line tool to monitor network status and functions. There are many usage parameters.
See the manual for help.
netstat
Etherape (Network monitoring)
EtherApe (http://etherape.sourceforge.net/) is a graphical utility that allows you to see (in
real-time) where connections are being made on your network, or between your network (or
computer) and the Internet. If you are experiencing unexpected network activity on your
computer or LAN and wish to see where the activity is occurring, this is an easy tool to use. Both
"local" user and "root user" installations are created; in general you must use the root user
installation to see all your network traffic.
sudo apt-get install etherape
List open files
Sometimes you will see your network slowing and want to know which files are sending data
over ports. Use this command:
lsof -i -n -P
Nmap
Nmap (http://nmap.org/) is a free open source utility for network exploration (including
showing open ports and running services) and security auditing. Install:
sudo apt-get install nmap
Scan your own PC:
nmap localhost
(Once you have found out which ports are open, use a firewall to close the ones you don't want
open.)
Nmap GUI
Install:
sudo apt-get install nmapfe
191 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
or you can try Zenmap:
sudo apt-get install zenmap
Nessus
Nessus (http://www.nessus.org) is a proprietary comprehensive vulnerability scanning suite that
is free for personal, non-enterprise usage. See the website for details.
Snort
Snort (http://www.snort.org/) is the de facto open source standard for intrusion detection. Install:
sudo apt-get install snort
It can be used with an MySQL database (sudo apt-get install snort-mysql) or with a PostgreSQL
database (sudo apt-get install snort-pgsql).
AcidBase
AcidBase (http://secureideas.sourceforge.net/) is an intrusion detection / basic analysis and
security engine that uses Snort. Install:
sudo apt-get install acidbase
AppArmor
AppArmor (http://en.opensuse.org/AppArmor) is a set of security enhancements developed by
Novell for SUSE Linux. It is installed in (K)ubuntu by default.
Disable AppArmor
AppArmor can prevent some services from running as expected and cannot be used in
conjunction with SELinux. To disable it:
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils
SELinux
SE Linux (http://en.wikipedia.org/wiki/Security-Enhanced_Linux) (Security Enhanced Linux) is an
NSA (US National Security Administration) recommended set of tools for enhanced security in
Linux systems. It enforces strict access controls (privileges) and is meant for mission-critical
installations. It is not suitable for the casual desktop user. It was first available in Hardy Heron
and is being updated for Intrepid Ibex. It is not compatible with AppArmor (which must first be
removed).
sudo apt-get install selinux
192 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Knockd (Port security)
Knockd (http://www.zeroflux.org/projects/knock) is a small server that listens for a pre-defined
sequence of port opening attempts (a "knock") before opening an otherwise closed firewall port
for communications. Install:
sudo apt-get install knockd
Network Management
Monitor your network or datacenter with a framework of utilities. Comparable to IBM Tivoli
(which can cost thousands of dollars), these solutions are generally available as either
community or enterprise editions.
Hyperic (http://www.hyperic.com/products/open-source-systems-monitoring.html) is an
open-source network monitoring framework that can be used in either a datacenter or a
cloud environment (it is used for Amazon Cloud). Both a free community version and a
subscription enterprise version are available.
Groundwork OpenSource (http://www.groundworkopensource.com/community/communityedition.html) offers a community edition that integrates other packages such as Nagios,
Nmap, and others. There is a subscription enterprise version as well. It has its roots in a
university setting.
OpenQRM (http://www.openqrm.com/) is the GPL-licensed, free open-source community
successor to the very popular network monitoring solution Qlusters. It is available
(http://sourceforge.net/project/showfiles.php?group_id=153504) as a Debian/Ubuntu
package. See the website for details.
Canonical offers the Landscape (http://www.canonical.com/projects/landscape) network
management service for $150 per node, with a free trial available.
Zenoss (http://www.zenoss.com/) is a commercial network monitoring subscription package
(about $150/node) with a limited free "core" edition also available.
Nagios
Nagios (http://www.nagios.org/) is a free open source network monitoring solution. It is
administered from a web interface (http://localhost/nagios) and is expandable using a large
number of available plugins. For additional configuration information, see the official Ubuntu
documentation (https://help.ubuntu.com/10.04/serverguide/C/nagios.html) . Install:
sudo apt-get install nagios3
Munin
Munin (http://munin-monitoring.org/) is a free GPL-licensed open source networking monitoring
tool based on RRDTool (http://en.wikipedia.org/wiki/RRDtool) , in which a master network node
queries other network resources, cataloging and graphically displaying changes. It has a web
interface and multiple plugins. For additional configuration information, see the official Ubuntu
documentation (https://help.ubuntu.com/10.04/serverguide/C/munin.html) . Install (http://muninmonitoring.org/wiki/LinuxInstallation) :
193 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
sudo apt-get install munin
Cacti Monitoring Server
Cacti (http://www.cacti.net/) is a complete, free open source network graphing solution designed
to harness the power of RRDTool (http://oss.oetiker.ch/rrdtool/) ’s data storage and graphing
functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition
methods, and user management features out of the box. It uses MySQL and PHP (part of the
LAMP server stack). All of this is wrapped in an intuitive, easy to use interface that makes sense
for LAN-sized installations up to complex networks with hundreds of devices. For more info see
Cacti Server Setup (http://www.ubuntugeek.com/install-and-configure-cacti-monitoring-tool-inubuntu-810-intrepid-ibex-server.html) . Install:
sudo apt-get install cacti
Cluster SSH
ClusterSSH (http://sourceforge.net/apps/mediawiki/clusterssh/index.php?title=Main_Page) allows
replication of a command on an administration console to be replicated via SSH to multiple
computers in a cluster. Install:
sudo apt-get install clusterssh
Enterprise Network Firewall
IPCop
IPCop (http://www.ipcop.org) is a free open source (GPL-licensed) firewall solution for use as an
independent appliance (on a dedicated PC) in an enterprise network. It allows remote
management and can protect multiple servers, including web and email servers. IPSec-based
OpenVPN is supported. The CD image .iso and other files can be downloaded here
(http://sourceforge.net/project/showfiles.php?group_id=40604&package_id=35093) . Installation
instructions are on the website.
SmoothWall
SmoothWall Express (http://www.smoothwall.org/) is an award-winning, free, open source (with a
GPL license) firewall solution for use as an independent appliance (on a dedicated PC) in an
enterprise network. Download the installation CD .iso image here (http://www.smoothwall.org
/get/) (server OS included), burn onto a CD, and install on a new, dedicated PC. Many features,
however, such as VPN server, database access authentications, and content filtering are only
implemented in a commercial version, however, and are not available in the community version.
Endian
Endian (http://www.endian.com/en/community/about/) is a very robust, free, open source
universal threat management appliance similar to IPCop and Smoothwall. It also incorporates
OpenVPN. Like Smoothwall, Dansguardian is used for content filtering (and is included in the
community edition). Commercial and hardware versions with some additional features,
automatic updates, and professional support are available. See the website for details.
194 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
LTSP (Thin client support)
LTSP (http://www.ltsp.org/) (the Linux Terminal Server Project) adds thin-client
(http://en.wikipedia.org/wiki/Thin_client) support to Linux servers. The package is free,
GPL-licensed, and the client can be used to run programs on either Linux or Windows LTSP
servers. There is a module for classroom management (ltsp-controlaula) as well. Installation
instructions are here (https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall) . The
alternate LiveCD can also be used to install a terminal server, as indicated in these instructions
(http://www.ubuntu.com/products/whatisubuntu/serveredition/technologies/ltsp) .
LTSP Server
Install:
sudo apt-get install ltsp-server ltsp-manager
LTSP Client
Install:
sudo apt-get ltsp-client
iTALC (Thin client for Education)
iTALC (http://italc.sourceforge.net/) is a free, open source (GPL-licensed) thin client solution that
supports both (K)Ubuntu Linux and Windows XP. It has been used widely in educational settings
to monitor, share, and control multiple workstations. See the website for download and
installation instructions.
Internet Cafe software
Internet Cafe (or CyberCafe) software is specialized LAN-administration software that includes
time usage monitoring, billing, and administration. It can also be used in schools, libraries, and
organizations with multiple monitored workstations requiring usage limits.
OutKafe
OutKafe (http://outkastsolutions.co.za/outkast/index.php?option=com_openwiki&id=outkafe) is a
free, open-source, GPL-licensed cybercafe solution based on a postgreSQL database server
stack. It is run on hundreds of sites. It is GTK-based but can be run with Kubuntu (KDE).
OpenKiosk
OpenKiosk (http://openkiosk.sourceforge.net/) is a free open source multi-platform server/client
solution for administering and monitoring groups of workstations, such as in libraries, school
labs, and internet cafes. Installation is from source files. See the website for details.
CafePilot
195 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
CafePilot (http://www.dijitanix.com/) is a free multi-platform Java-based server/client solution for
real-time monitoring and billing of Cybercafe workstations. A complete custom Ubuntu-based
LiveCD server/multiple-client solution (including OS and many applications for unlimited
workstations) is available for $100 here (http://www.dijitanix.com/index.php/cucci) .
Miscellaneous solutions
This thread (http://ask.slashdot.org/story/10/04/11/188217/What-Advice-For-a-Single-ParentAs-Server-Admin?from=rss&utm_source=feedburner&utm_medium=feed&
utm_campaign=Feed%3A+Slashdot%2FslashdotLinux+%28Slashdot%3A+Linux%29) discusses
several other solutions, including:
Untangle (http://www.untangle.com/)
m0n0wall (http://m0n0.ch/wall/)
ClearOS (http://clearfoundation.com)
Pessulus (Lockdown Editor)
Pessulus is a GTK (Gnome)-based utility that allows an a computer administrator to restrict
acccess to several administrative functions, including the command-line Terminal and many
other functions. This is useful on public kiosk PCs, for example. Install:
sudo apt-get install pessulus
Cluster (cloud) computing
Cloud computing (http://en.wikipedia.org/wiki/Cloud_computing) is the co-ordination of many
servers to maximise computing resources and efficiency. The use of virtual machines
(http://en.wikipedia.org/wiki/Virtual_machine) , load balancing (http://en.wikipedia.org
/wiki/Load_balancing_%28computing%29) , and VLAN (http://en.wikipedia.org/wiki/Virtual_LAN)
technology are combined into an integrated system. Distributed computing and parallel
processing underlies the networks of computers that are now used in a number of
supercomputing applications.
OpenStack cloud
OpenStack (http://www.openstack.org/) is the technology currently used by Ubuntu for cloud
computing as part of the Ubuntu Cloud Infrastructure (https://help.ubuntu.com/community
/UbuntuCloudInfrastructure) . (Also see the Ubuntu community help (https://help.ubuntu.com
/community/OpenStack) .) It is now included as part of Ubuntu server versions (starting with
12.04 LTS Precise).
See the Ubuntu private cloud (http://www.ubuntu.com/cloud/private-cloud) information to
set up an OpenStack cluster.
Eucalyptus cloud
Eucalyptus (http://eucalyptus.cs.ucsb.edu/) is a project from University of California Santa
Barbara to facilitate cluster computing on servers that have the Xen virtual machine
implementation enabled. Prior to 11.10 (Oneiric) it was available for the Ubuntu server edition
196 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
as the Ubuntu Enterprise Cloud (https://help.ubuntu.com/community/UEC) .
See the instructions for installing Eucalyptus on Debian systems
(http://www.eucalyptus.com/download/eucalyptus/debian) .
Beowulf
The Beowulf (http://en.wikipedia.org/wiki/Beowulf_cluster) cluster computing project is one of
the earliest cluster computing examples and provides the underpinning for a number of
Linux-based supercomputing clusters. A Beowulf cluster is designed to function like a single
supercomputer, and can be scaled to any number of nodes. It uses open source components.
See this introductory article (http://byobu.info
/wiki/Building_a_simple_Beowulf_Like_Cluster_with_Ubuntu) on creating a Beowulf cluster with
Ubuntu.
OSCAR (http://svn.oscar.openclustergroup.org/trac/oscar) is a software platform that allows
the creation of a Beowulf cluster on RedHat or Debian/Ubuntu Linux servers. See here
(http://svn.oscar.openclustergroup.org/trac/oscar/wiki/repoTesting) for instructions on
installing the .deb packages from repositories.
A warning about distributed computing
Cloud computing is often mistaken for remote hosting. While cloud computing using public hosts
may be beneficial in "farming out" a few of your non-sensitive computing needs, the recent ease
of cloning filesystems and the promiscuity of datacenters has placed a great deal of sensitive
data at risk when databases and critical server functions themselves are remotely hosted at a
site not under your complete control. Even "trusted" banks and other large businesses routinely
trade and sell our sensitive "private" data to multiple partners (sometimes for profit and
sometimes unwittingly). Hosted servers are compromised on a daily basis and it is not very easy
for an end customer to know how effective are the security practices of a remote hosting
service. Further, any data left on public storage devices (cloud servers) in the US for more than
180 days are subject to search and seizure by government agencies there. Therefore, it is
almost always more secure to host your own server(s) in house and to limit the traffic and
access to your databases and servers to members of your own organization. Learning how to run
your own servers is worth the effort, and powerful hardware on which to run them is inexpensive
these days.
The Ubuntu cloud computing environment allows you to recruit the multiple computers within
your own organization for distributed ("cloud") computing and thereby keep it all "in house"
(behind secure firewalls). You do not need to expose your organization to insecure remote public
hosts in order to use cloud computing.
BOINC (Berkeley Open Infrastructure for Network Computing)
BOINC (http://en.wikipedia.org/wiki/Berkeley_Open_Infrastructure_for_Network_Computing) is
middleware software developed at UC Berkeley (http://en.wikipedia.org
/wiki/Space_Sciences_Laboratory) to allow multiple computers to operate as a grid-based (cloud
based) supercomputer. There are over half a million computers participating in BOINC projects.
To install BOINC (http://wiki.debian.org/BOINC) and participate in one or more of these projects:
sudo apt-get install boinc
197 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Servers
Many server packages (such as Apache2, MySQL, PHP, etc.) can be installed individually, on
either a Desktop edition or a Server edition (using the tasksel command described below). It is
not necessary in general, therefore, to install Ubuntu Server if you only wish to use an
occasional server package on a Desktop edition. Most of the instructions for individual server
packages will work on the Server edition, on the Desktop edition, or on a Server edition that has
had an Ubuntu or Kubuntu desktop installed on it.
Nevertheless, the Server edition is optimised for speed and ease of monitoring and maintenance
when implemented in large networks and is therefore recommended. (For complete information
see the Ubuntu Server Guide (http://help.ubuntu.com/12.04/serverguide/index.html) .) It is
always possible to add an Ubuntu (Gnome) or Kubuntu (KDE) GUI desktop to an Ubuntu Server
at any time.
Download the latest Ubuntu Server ISO image from Ubuntu downloads
(http://www.ubuntu.com/download/server) .
See this guide (http://help.ubuntu.com/community/BurningIsoHowto) for burning the ISO
image to a CD.
Use the CD for installation of the server.
(If you are attempting to create a dual-boot or multi-boot configuration with multiple operating
systems on your computer, then see these tips.)
(Tip: During installation of the server, an initial user / password is created. Many servers are
intended to run unattended with little subsequent intervention and it can be easy to forget the
original user / password pair that is created at installation. I suggest writing this information
down and taping it to the inside of the computer case cover for later reference. (Lock the
computer case if you desire extra security.))
There are many server packages that are available to be installed as a one-step process during
the Server edition installation process from the LiveCD, or at any time (on most editions) using
the tasksel (http://wiki.debian.org/tasksel) command. For a list of server packages that can be
installed using the tasksel command:
sudo tasksel --list-tasks
or using a GUI list:
sudo tasksel
Ultimate Server Walkthrough
198 of 212
Using instructions from Ubuntuguide, an ultimate server can be created with two wikis
(MediaWiki), two Drupal websites, a Moodle online learning website, a BigBlueButton
teleconferencing server, an Ubuntu desktop, and dynamic DNS access from the web. All
components can be expanded and/or additional servers added.
Lucid ultimate server walkthrough.
Original Jaunty ultimate server walkthrough.
05/24/2012 07:12 AM
Ubuntu:Precise -
To run multiple servers on multiple computers on a LAN using only a single IP address
and router, see Reverse proxy Servers and Load Balancers.
Add a desktop to an Ubuntu Server
Packages that require server capabilities (such as Drupal with Apache, etc.) are often happier
when a Server edition is installed as the base OS. However, adding a desktop can make the
administration and maintenance of many packages easier for many users (albeit with a cost of
reduced server speed). Add an Ubuntu (Gnome) or Kubuntu (KDE) desktop to a server using:
or
sudo apt-get install kubuntu-desktop
LAMP server installation
During server installation, you will have the option of installing a LAMP (Linux, Apache, MySQL,
PHP) server stack. Many (but not all) open source servers use this integrated server stack.
Drupal, for example, needs to have a LAMP server installed. If you intend to install a groupware
server, however, make sure it is compatible with a LAMP server stack before choosing this
option. Many groupware servers will install LAMP (or their own variation) automatically, so you
do not need to install the LAMP stack. Others will install and use postgreSQL instead of MySQL,
so you would not need to install a LAMP server.
Apache2 + MySQL + PHP
This is the preferred method:
(Tip: During installation of the LAMP server, an initial MySQL "root" user password is created.
This information will sometimes be needed when installing other server packages that use
MySQL. I suggest writing the MySQL password down and taping it to the inside of the computer
case cover for later reference. (Lock the computer case if you desire extra security.))
Other servers
During server installation, you can choose other servers to install, as well. These include a Mail
server (Postfix with Dovecot), a DNS server (bind9), the OpenSSH server, a print server, a
Tomcat Java web server, a Samba file server (for use with Windows networks), and a virtual
machine host (Xen). Again, if you are using a groupware solution, you should be careful about
installing these services, as they may conflict with similar (but competing) servers which the
groupware solution will install by default.
eBox (server and network manager)
eBox (http://www.ebox-platform.com/) is a web-browser based server management platform that
199 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
is useful in managing multiple servers and networking functions in a small to medium business.
It is modular so that as the network grows and more networking functions or servers (such as
the ones listed below) are added, eBox can manage those, as well. Install:
sudo apt-get install ebox
OpenSSH server
OpenSSH allows encrypted communications through a designated secure port. See setting up an
SSH server.
Mail Server
There are two methods for setting up a mail server.
The dovecot-postfix package install the components and configuration files to use the
Maildir (mail spooling) folder system by default. See Dovecot-Postfix Mail server.
The mail-server task installs the components and configuration files to use the mbox (mail
spooling) system by default. This can be installed:
sudo tasksel install mail-server
Bind9 (DNS server)
BIND (http://en.wikipedia.org/wiki/BIND) DNS servers are the most commonly used on the
Internet. Bind9 is the current edition. See the usage instruction here (http://www.bind9.net
/manual/bind/9.2.5/Bv9ARM.html) . Also see the official Ubuntu documentation
(http://help.ubuntu.com/12.04/serverguide/dns.html) for more configuration information. It can
be installed using the tasksel option during installation of the Ubuntu server from the LiveCD, or
at any time using:
sudo tasksel install dns-server
Apache Tomcat (Java server)
Tomcat (http://tomcat.apache.org/) is a free open source platform from Apache which provides a
"pure Java" HTTP web server environment for Java code to run (see here (http://en.wikipedia.org
/wiki/Apache_tomcat) for more info).
It is not part of the Apache2 web server. See the official Ubuntu documentation
(http://help.ubuntu.com/12.04/serverguide/tomcat.html) for more configuration information. It
can be installed using the tasksel option during installation of the Ubuntu server from the
LiveCD, or at any time using:
sudo tasksel install tomcat-server
Xen virtual machine host
Xen (http://www.xen.org/) is a free open source virtualization platform that allows the host to run
200 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
"guest" operating systems simultaneously (see here (http://en.wikipedia.org/wiki/Xen) for more
info). Xen implementation in the (K)ubuntu server is based on integration with KVM
(http://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine) , the kernel-based virtualization
platform in Linux. KVM integrates with QEMU (http://bellard.org/qemu/about.html) components,
which have been merged with Xen.
Note: KVM requires a 64-bit processor with a virtualization extension, i.e. an Intel VT
(http://en.wikipedia.org/wiki/X86_virtualization#Intel_Virtualization_Technology_.28Intel_VT.29)
or AMD-V (http://en.wikipedia.org/wiki/X86_virtualization#AMD_virtualization_.28AMD-V.29) CPU,
therefore this package currently is successful only with the 64-bit Ubuntu server installation and
on those CPUs.
It can be installed using the tasksel option during installation of the Ubuntu server from the
LiveCD, or at any time using:
sudo tasksel install virt-host
Print server
Ubuntu uses the CUPS print server (http://help.ubuntu.com/12.04/serverguide/cups.html) , which
is integrated into the desktop. Installing a print server in Ubuntu Server is necessary only if you
do not intend to use a desktop (i.e. you intend a "headless" server). It can be installed using the
tasksel option during installation of the Ubuntu server from the LiveCD, or at any time using:
sudo tasksel install print-server
OpenLDAP
OpenLDAP (http://www.openldap.org/) is a community-based LDAP (http://en.wikipedia.org
/wiki/Lightweight_Directory_Access_Protocol) server that allows directory querying over TCP/IP,
generally for organizations arranged by domain. Ubuntu uses the slapd daemon for the
OpenLDAP server. See the official Ubuntu documentation (http://help.ubuntu.com/12.04
/serverguide/openldap-server.html) for more information about installation and setup.
Proxy server
Squid
Squid (http://www.squid-cache.org/) is a widely-used proxy web server and web cache daemon
that is useful for corporate or other large LANs that wish to accelerate and/or control traffic
through the LAN. For initial configuration information, see the official Ubuntu documentation
(http://help.ubuntu.com/12.04/serverguide/serverguide/C/squid.html) . Install:
sudo apt-get install squid
Privoxy
Privoxy (http://www.privoxy.org/) is a non-caching web proxy with advanced filtering capabilities
for enhancing privacy, modifying web page data and HTTP headers, controlling access, and
removing ads and other obnoxious Internet junk. It is easier to configure and more useful for
individual users. Install:
201 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Reverse proxy Servers and Load Balancers
A reverse proxy (http://en.wikipedia.org/wiki/Reverse_proxy) server allows incoming web traffic
on a LAN to be directed to multiple computers (each running one or more servers) on the LAN.
When redundant instances of a server exist on a LAN, a Load Balancer (http://en.wikipedia.org
/wiki/Load_balancing_%28computing%29) allows traffic to be directed to the most available
instance.
Pound (Reverse proxy and load balancer)
Pound (http://www.apsis.ch/pound/) is a free, open source (GPL-licensed) lightweight reverse
proxy and load balancer. Also see the Ubuntu Community (https://help.ubuntu.com/community
/Pound) instructions. Install:
sudo apt-get install pound
Apache Reverse proxy
The Apache2 server has a mod_proxy (http://httpd.apache.org/docs/2.2
/mod/mod_proxy.html#proxypass) module available that enables reverse proxies. See these
instructions for a simple method to implement reverse proxies using this Apache module.
Control panels
There are several free and/or GPL-licensed control panel utilities for managing multiple servers
on a single physical server or cluster of servers running Debian/Ubuntu-based servers. Here
(http://www.techmixer.com/best-free-web-hosting-control-panel-to-manage-web-hosting/) is a
brief overview.
Webmin (http://www.webmin.com/) is the most widely used web browser-based free open
source web hosting control panel for Linux.
GNUPanel (http://gnupanel.org/) is a free GPL-licensed web hosting control panel system
that is compatible with Debian/Ubuntu OS using PHP.
Web-cp.net (http://www.web-cp.net/) is a free GPL-licensed web hosting control panel
system that is compatible with Debian/Ubuntu OS using PHP.
Network Attached Servers
Here are some user-contributed suggestions regarding commercially available NAS/RAID
devices.
FreeNAS
FreeNAS (http://www.freenas.org/) allows a PC with several hard drives to function as a
self-contained network attached storage RAID device. It is a very small, fast system, so that an
older PCs could function quite well as an NAS.
202 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Setup RAID in Ubuntu/Kubuntu
See this thread (http://ubuntuforums.org/showthread.php?t=408461) for a discussion how to set
up RAID on an Ubuntu/Kubuntu server.
Databases
There are several free enterprise-strength databases that can be used in (K)Ubuntu Linux.
PostgreSQL
PostgreSQL (http://www.postgresql.org/) is a free standards-compliant enterprise-strength
open-source database, initially developed at UC Berkeley. See the PostgreSQL Server
documentation (http://www.postgresql.org/docs/8.4/static/admin.html) for server configuration
information. Install using the dummy task:
sudo tasksel postgresql-server
or install directly:
sudo apt-get install postgresql-8.4
or
sudo apt-get install postgresql
MySQL
MySQL (http://en.wikipedia.org/wiki/MySQL) is one of the most widely-used relational databases,
and has been licensed under the GPLv2. It has now been bought by Oracle as part of the
purchase of Sun. It has long been integrated into co-ordinated server platforms using the LAMP
stack, but it can also be installed separately.
sudo apt-get install mysql-server
Tips & Tricks
Run Command
You can run any application in your path using the Run Command. Use Alt+F2.
Turn off Hot Keys
This is the most evil option on any operating system, in my opinion. A mis-stroke enables any
number of random events. Unfortunately, this problem is pervasive in operating systems and is
difficult to turn off.
203 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Menu -> System -> Administration-> Advanced -> Input Actions -> General Settings ->
check "Disable KHotKeys daemon"
Menu -> System -> Administration-> Advanced -> Input Actions -> Gestures Settings
-> check "Disable mouse gestures globally"
If you wish to be selective about it (this doesn't often work, however), start by disabling
unnecessary desktop hotkeys.
Menu -> System -> Administration-> Advanced -> Keyboard & Mouse -> Keyboard
Shortcuts
Also, you may want to deactivate linking gestures to sticky and slow keys:
Menu -> System -> Administration -> Accessibility -> Activation Gestures -> uncheck "Use
gestures for activating sticky keys and slow keys"
Note: You probably will have to disable hotkeys in many applications, as well.
Hotkeys from the Synaptics Touchpad can be selectively turned off using this information
from the Ubuntu documentation (https://help.ubuntu.com/community
/SynapticsTouchpad#Ubuntu) .
Associate default applications
To assign the default DVD player (make sure you have enabled DVD playback capability
first:
Menu -> System -> Administration-> Advanced -> File Associations -> x-content ->
video-dvd -> Applications Preference order -> Add...
then choose your favourite media player. There are similar options for Blu-Ray (videobluray) and HD DVD (video-hddvd). Set each individually.
To assign the default player for playing mpegs (or other video formats):
Menu -> System -> Administration-> Advanced -> File Associations -> video -> mpeg ->
Applications Preference order -> Add...
then choose your favourite media player. You can do this for a host of video file formats,
including .wmv (x-ms-wmv, or Microsoft WMV format), .flv (x-flv, or Flash video), quicktime,
and so on.
To assign .pls audio streams to play through Audacious:
Menu -> System -> Administration-> Advanced -> File Associations -> audio -> x-scpls ->
Applications Preference order -> Move Audacious to the top (or Add... it).
Make sure *.pls appears in the Filename Patterns section.
Automatic user login
204 of 212
To accomplish this (yet still require a user password):
Menu -> System -> System Settings -> Login Manager -> Convenience -> Enable
Auto-Login (ticked) -> Lock session (ticked)
05/24/2012 07:12 AM
Ubuntu:Precise -
-> Pre-select user: Specified: Choose primary user
This ought to be combined with a password-protected screensaver.
Autostart a program at bootup
Any program (or script) can be made to Autostart at bootup by creating a symbolic link to that
program (or script) in the ~/.config/autostart folder.
For example, to start Firefox at bootup, create a symbolic link:
sudo ln -s /usr/bin/firefox ~/.config/autostart
Choose Bootup/Startup services
Preventing unneeded or unwanted services from loading at startup can improve system
performance.
Install the GTK-based Bootup-Manager:
sudo apt-get install bum
Run Bootup-Manager:
Menu -> System -> Bootup-Manager
Run a script from a menu item
It is possible to place a short script in a menu item / shortcut to answer an interactive query
(such as a password query). Here is an example that is used to enter a password during an SSH
negotiation. First, install the utility expect (http://linux.die.net/man/1/expect) :
sudo apt-get install expect
The use a command in the Menu Item / Shortcut similar to:
expect -c 'spawn ssh -l sshuser -L 5900:127.0.0.1:5900 remoteserver.remotedomain.org -p 22 ; expect assword ; send "sshpassword
In this example the password sshpassword is returned when the ssh program requires a
password. Expect waits for some text to be displayed in the command-line terminal then returns
text in return. The Menu Item must be "Run in terminal", therefore.
SHC (Encrypt scripts)
SHC (http://www.datsi.fi.upm.es/~frosal/) is a simple script compiler that will convert a script into
a binary, obscuring the code (and passwords, etc.). Usage instructions are here
(http://www.datsi.fi.upm.es/~frosal/sources/shc.html) . Install by adding the Debian Etch
repository:
sudo add-apt-repository 'http://archive.debian.org/debian etch main'
205 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
then install the shc package:
sudo apt-get install shc
Capture a screenshot
See this tutorial (http://tips.webdesign10.com/how-to-take-a-screenshot-on-ubuntu-linux) .
Customize desktop to look like KDE
In recent versions of Ubuntu, the Gnome desktop can be made to resemble the cleaner KDE
desktop with some customization. (Customizations are highly personal, and this section
represents preference only.)
See Desktop Customization.
Run a KDE 4 desktop from Ubuntu
It is possible to install the KDE4-based desktop (the default in Kubuntu) in Ubuntu.
apt-get install kubuntu-desktop
There is a risk of software bloat and some incompatibilities between modules when doing this. At
login, you can choose (as an option) whether to start the KDE (Kubuntu) desktop or the Gnome
(Ubuntu) desktop. Nevertheless, when there are two modules trying to perform the same
function (one from each desktop), it is possible to have conflicts.
Run a KDE 3 desktop from Ubuntu
You can also install the older KDE 3 desktop on Lucid, or almost any KDE3 application.
Add the following KDE 3 repositories:
sudo add-apt-repository ppa:kde3-maintainers
Install KDE 3.5 desktop:
sudo apt-get update
sudo apt-get install kubuntu-desktop-kde3
To install any KDE3 app, append "-kde3" suffix to package name. See Pearson Computing
(http://apt.pearsoncomputing.net/) for additional details.
Kill (end) a process
There are many tricks to try to fix a frozen PC. Press Alt+F2, and use killall to end the
frozen application. Example:
sudo killall amarok
sudo killall firefox
206 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
In order to terminate a stuck graphical application use the xkill utility. Press Alt+F2, type
xkill, and press Run. Point the cursor to the application you want to kill and press the left
mouse button. This should kill the selected application.
xkill
Another trick to try is pressing AltGr+SysRq+K (RightAlt+PrintScreen+K). This will log you
out. But, what happens if this does not work? Try pressing Ctrl+Alt+F1,login, enter your
password and run:
sudo killall gdm
sudo startx
View hidden files
In the Nautilus file manager, press:
Ctrl+ H
Mute notifications (alerts)
Notifications (alerts) can be disabled:
Menu -> System -> Preferences -> Sound -> Sound Effects -> Sound theme: -> No sounds
-> Close
GNOME notifications (alerts) are associated with sounds by default. This can also be
disabled separately:
Alt-F2 -> gconf-editor -> /apps/indicator-sound -> volume_mute (ticked)
Turn off login notification sound:
Menu -> System -> Preferences -> Startup Applications -> Startup Programs -> GNOME
Login Sound (unticked) -> Close
-> Menu -> System -> Administration -> Login Screen -> Unlock -> Play login sound
(unticked) -> Close
Random password generator
Pwgen is a command line utility to generate a block of random passwords. Run it from
Konsole (in Kubuntu) or Terminal (in Ubuntu). Install:
sudo apt-get install pwgen
Run pwgen:
pwgen
207 of 212
UUIDgen is a default utility to generate a random UUID. Run:
05/24/2012 07:12 AM
Ubuntu:Precise -
uuidgen
The random UUID can also be used as a password, if desired.
Password checker and enforcement
John the Ripper (http://www.openwall.com/john/) is a free open source password cracker that
uses a dictionary of over 4 million commonly used passwords in many languages. Because this
tool this widely available, it is useful for scanning and securing your own LAN and computers for
password strength. Install:
sudo apt-get install john
Passwdqc (http://www.openwall.com/passwdqc/) is a module to enforce password strength.
Install:
sudo apt-get install passwdqc
MD5Sum
To check the MD5 sum of a file, use this command in the command line:
md5sum filename
Filenames with spaces
Filenames or folder names with spaces in them should be enclosed with parentheses (" ").
For example, to change to a directory named "This Dir" or "/home/This Dir", use the
command:
cd "This Dir"
or
cd /home/"This Dir"
Alternatively, a space in a filename or folder name can be preceded with a backslash. For
example, to change to a directory named "This Dir" or "/home/This Dir":
cd This\ Dir
or
cd /home/This\ Dir
208 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
Alien
Alien (http://kitenet.net/~joey/code/alien/) is a method for converting (Red Hat) .rpm packages
into (Debian) .deb packages. It is not reliable and converted packages must be tested
extensively for functionality, with line changes often required. It is often more reliable to create
(Debian) .deb packages from source, and even the Alien software maintainers do not
recommend using Alien for important packages. To keep alien from changing the version
number, use the following command
alien -k rpm_file_name.rpm
Convert the package.rpm into a package.deb
alien -d package-name.rpm
Convert the package.rpm into a package.deb, and install the generated package
alien -i package-name.rpm
To convert .rpm to debian
sudo alien -k *.rpm
Software Troubleshooting
Permissions error on program startup
If you get a permissions error, try the following:
sudo chown -R user /home/user
Note: Replace user with the actual username. This command changes the owner of the
folder /home/user to user. -R means "recursively", i.e. including all subfolders.
CD-ROM Troubleshooting
If you receive the "cdrecord has no permission to open the device" error while burning using a
CD burner, open a terminal and type:
sudo chmod 777 /dev/scd0
209 of 212
Note: replace "/dev/scd0" with your own device.
Note: chmod 777 is the universal option for granting full permission to a folder. The
777 mask indicates that read, write, and execute permission is given to all users.
05/24/2012 07:12 AM
Ubuntu:Precise -
Licenses
Linux is largely a community of volunteers and as such represents one of the largest altruistic
efforts on earth. This includes companies who decide to contribute their own software into the
public domain for free use. The continued success of sharing depends on licenses that keep
software free and usable for anyone who wants to use it. However, there must be a method for
Linux users and developers to make money, as well. Licensing helps protect each of these
efforts. See the Wikipedia Free Software Licensing article (http://en.wikipedia.org/wiki/Freesoftware_license) and the GNU operating system licensing page (http://www.gnu.org/licenses
/licenses.html) for more complete information.
GPL license
The GPLv3 (http://en.wikipedia.org/wiki/GNU_General_Public_License) license (and the Affero
GPLv3 (http://en.wikipedia.org/wiki/Affero_General_Public_License) license for network-based
software) intends that the software module or package is free to use in any environment, and
furthermore, any software that relies on that GPLv3-licensed module must in turn also be
completely free. Commercial and proprietary software packages can't use or incorporate GPLv3licensed modules.
LGPL license
The Lesser GPL (http://en.wikipedia.org/wiki/GNU_Lesser_General_Public_License) license intends
that the software module or package is free to use in any environment, including in commercial
and proprietary software packages. This allows companies to develop proprietary packages
which includes LGPL-licensed modules, from which they can make a profit. The disadvantage is
that their products (which benefit from the LGPL-licensed modules) are not required to be in the
public domain in turn. (Many companies often later donate their entire package into the public
domain, however, after they no longer make a profit from them.)
Apache license
The Apache license (http://en.wikipedia.org/wiki/Apache_license) has been around a long time. It
is compatible with the GPLv3 license, but, unlike the GPLv3 license, it does not require modified
software to retain the Apache license. In other words, Apache-licensed software can be modified
and the modified software then made proprietary (and therefore not returned to the open source
community).
BSD license
The BSD license (http://en.wikipedia.org/wiki/BSD_licenses) is similar to a public domain license.
There are currently many confusing iterations of the BSD license, mostly regarding attribution
notices and advertising that is required to be provided along with any software derivatives. The
BSD license allows the option of propagation of either (otherwise-licensed) free open source
restrictions or proprietary restrictions. It therefore allows a mix of (otherwise-licensed)
proprietary modules and open sourced-licensed modules to co-exist in the same package. This
flexibility has made the BSD license popular with complex distributions (such as the (BSD
Unix-based) Mac OS X operating system, for example.
Proprietary licenses
There is a vast array of proprietary licenses, all different. You never know what your limitations
210 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
for software are unless you read every word. Most are attempts by lawyers to have an
opportunity to create a lawsuit in the future. Some may be called "free" licenses but have many
limitations which you will not be aware of until you are in the middle of a lawsuit. No license
outside of the GPLv3 license is recommended. Be careful when committing your organization to
a mission-critical software package with a proprietary license. Also see this outstanding article
on the Open Source Enterprise Trap (http://www.h-online.com/open/The-Open-Source-EnterpriseTrap--/features/112992) .
Requests
eBook version of this guide
See the Books Category for free Ubuntu eBooks based on this help guide.
There is an option in the menu bar at the left entitled "Printable version" which formats
pages for easier printing. You can print this (or any other document) to a PDF file easily. By
default, Ubuntu includes a "Print to File" option from its Print menu. Use this option to print
anything appearing in your browser into a PDF file. From Firefox (or any other browser or
program):
File -> Print -> Print to File -> Output Format: PDF
Import this guide into another wiki
How do I import a copy of Ubuntuguide into my own wiki?
See this page.
Other requested topics
Place your requests here.
How can I contribute?
Register and then add your suggestions directly to the wiki.
Afrikaans • ‫ﻗﻴﺪ اﻟﺘﺤﺮﻳﺮ‬- ‫ﻋﺮﺑﻲ‬- •
বাংলা (Bengali) • Български •
Català • 简体中文 (翻译中) • Česky
• Dansk • Deutsch • Español •
English • Estonian • Filipino •
edit (http://ubuntuguide.org
Français • Ελληνικά • Kurdî•
/index.php?title=Template:U_PrecisePangolinLanguageBar&
Languages: Lietuviškai• Latviešu • Hindi •
Indonesian • Magyarra • Melayu action=edit)
• Italiano • ⽇本語 (翻訳中) •
Қазақша • 한국어 • ລາວ • नेपाली •
Nederlands • Norsk • Русский •
Română • Suomi • Türkçe •
Svenska • �ංහල • Slovak • ‫ﻓﺎرﺳﯽ‬
211 of 212
05/24/2012 07:12 AM
Ubuntu:Precise -
‫ • • עברית • ﭘ�ﺘﻮ‬ไทย • Polski •
Português • Português do Brasil •
Shqip • Slovenski • Srpski •
Traditional Chinese • 繁體中文 •
Українська • ‫ • اُردو‬Việt • Ubuntu
language pages
(http://www.ubuntu.com/support
/community/locallanguage) •
Ubuntu Translators
(http://translations.launchpad.net
/+groups/ubuntu-translators)
This guide is maintained at the Linux Center (http://translate.google.com/translate?hl=en&
ie=UTF-8&sl=auto&tl=en&u=http://linux.edu.lv/&prev=_t) of the University of Latvia
(http://www.lu.lv/eng/) .
Please help test and perfect this guide. To edit pages you need to register.
Public Service Announcement
In the United States, two legislative bills were drafted to shut down a large part of the
Internet in that country, at the behest of attorneys for and politicians lobbied by the
entertainment industry there. If you are a resident of that country, you should read this
comprehensive article about SOPA and PIPA (http://www.techdirt.com/articles/20111122
/04254316872/definitive-post-why-sopa-protect-ip-are-bad-bad-ideas.shtml) and this
Stanford Law Review analysis (http://www.stanfordlawreview.org/online/dont-break-internet)
and then write to your local legislative representative about the likely severe unintended
consequences of these misguided bills. As an alternative to these bills (and in response to
worldwide protests), the OPEN (http://en.wikipedia.org
/wiki/Online_Protection_and_Enforcement_of_Digital_Trade_Act) bill has been drafted.
Protecting copyrights, patents, and intellectual property is a worthwhile goal. When
governments take draconian measures to enforce questionable claims of infringement and
damages, however, bad things such as complete shutdown of the internet (as happened in
China recently) begin to occur. Recognition of this type of problem has caused protest and
examination of the EU's ACTA (http://en.wikipedia.org/wiki/AntiCounterfeiting_Trade_Agreement) and Canada's C-11 Bill (http://en.wikipedia.org
/wiki/Copyright_Act_of_Canada#Bill_C-11) to ensure that interruption of the basic
mechanics of the Internet does not result from the (often ill-conceived) pursuit of "pirates."
Retrieved from "http://ubuntuguide.org/wiki/Ubuntu:Precise"
212 of 212
This page was last modified on 24 April 2012, at 14:41.
Content is available under Creative Commons Attribution-NonCommercial-ShareAlike
License.
05/24/2012 07:12 AM
UbuntuGuide Part2 -
http://ubuntuguide.org/index.php?title=UbuntuGuide_Part2&...
UbuntuGuide Part2
From
1 of 265
Contents
1 Boot from a Live CD
2 Multiple OS Installation
2.1 Introduction
2.1.1 Using Grub Legacy for the boot partition
2.2 Partition design
2.3 Windows partitions
2.3.1 Changing Windows partition sizes
2.3.1.1 Using Shrink Volume on Vista and Windows 7
2.3.1.2 Reinstalling Vista or Windows 7 on a new partition
2.3.1.2.1 Using Windows Recovery Disks
2.3.1.3 Windows XP (or earlier)
2.3.1.4 Windows bootloaders
2.4 Install your first Linux OS
2.5 Copy boot files to the small Grub partition
2.6 Reinstall Grub to MBR
2.7 Install your second Linux OS
2.8 Changing main Grub boot menu settings
2.8.1 Using UUIDs for the main Grub bootloader menu
2.8.2 Add MacOSX entry
2.9 Re-installing Grub Legacy after Windows upgrade or re-installation
2.10 Other chainloader options
2.10.1 Chainloading Grub2 from Grub Legacy
2.11 The (hd0,9) problem
2.12 Protecting Grub Legacy from cracking
2.13 Manipulating partitions on the hard drive
3 Manipulating Partitions
3.1 Use the (K)Ubuntu Desktop LiveCD
3.2 Use GParted to manage partitions
3.3 One linux-swap partition per computer
3.4 Creating and "moving" free space
3.5 Creating or resizing a partition
3.6 Changing Grub Legacy in a boot partition
3.7 Changing Grub2 in a changed partition
3.7.1 Booting (K)Ubuntu manually from Grub Legacy
3.7.2 Discovering the current kernel files manually
05/24/2012 08:14 AM
UbuntuGuide Part2 -
2 of 265
4
5
6
7
3.8 Changing Grub Legacy in a changed partition
Virtualbox in Windows
4.1 Install Virtualbox in Windows
4.2 Install Ubuntu edition for virtual machines
4.2.1 Install a desktop
4.2.2 Install Linux Guest Additions
4.2.3 Creating shared folders
Android emulation
5.1 Android SDK emulator
5.1.1 Networking for Android SDK
5.1.2 Installing an app
5.1.2.1 Netflix Android App
5.1.3 Other references
5.2 Android-x86 in VirtualBox
5.2.1 Networking for Android-x86
5.2.1.1 Troubleshooting Android-x86 networking
5.2.2 Installing apps
5.3 Other Android Virtual Machines
Screencasts
6.1 Creating screencasts (screencapture)
6.1.1 FFMPEG with x11grab
6.1.1.1 Run FFMPEG with x11grab
6.1.1.2 kX11grab
6.1.1.3 Install the newest version of FFMPEG with x11grab
6.1.2 Add a webcam to a screencast
6.1.3 Record microphone and speaker output simultaneously
6.1.4 recordMyDesktop
6.1.5 xvidcap with Audacity
6.1.6 Using VNC to capture another computer's screen
6.1.7 Troubleshooting tips
6.1.8 Screencasts in Windows
6.1.9 Examples
6.1.9.1 Exercise: Slideshow with audio track
6.2 Conversion / Editing
Video Conversion
7.1 Introduction
7.2 Mencoder
7.2.1 MP4 with AAC audio to AVI with Xvid / MP3
7.2.2 AVI to MPG
7.2.3 Add subtitles to video
7.2.4 Remove subtitles from an .MKV video
7.2.5 Trim a video
7.2.6 Resize a video
7.2.7 Convert to .MP3 audio file
7.3 FFMPEG
7.3.1 Flash video (.flv) to MPG-2 using FFMPEG
7.3.2 Convert to .MP3 audio file using FFMPEG
05/24/2012 08:14 AM
UbuntuGuide Part2 -
3 of 265
7.3.2.1 Convert Flash video audio to mp3
7.3.3 Edit/convert screencapture with FFMPEG
7.3.4 WinFF (FFMPEG GUI)
7.4 VobSub2SRT (Convert subtitles from .sub/.idx to .srt)
7.5 Join .MPG video segments
7.6 Split a file into segments
8 EBook Conversion
8.1 Calibre (eBook conversion)
8.1.1 Convert a web page to ePub format
8.1.2 Create an eBook cover
9 Email with PGP
9.1 Thunderbird with Enigmail
10 Mail Server setup
10.1 Introduction
10.2 Setting up MX records with a DNS registrar
10.3 Install the Mail server
10.4 Edit Postfix to reflect all variations of your domain name
10.5 Open and forward appropriate ports
10.6 Set up Dovecot to be used with Thunderbird
10.7 Create a Dovecot-compatible Maildir directory skeleton
10.8 Single User Quick Setup
10.9 Testing
10.10 Create a user for virtual mail
10.11 Configure Postfix with Dovecot for use with a vmail folder
10.12 Install and set up a MySQL database
10.13 Configure Postfix to be used with the MySQL database
10.14 Configure Dovecot to be used with the MySQL database
10.15 Adding virtual domains and users to a MySQL database
10.16 Install and set up an LDAP server
10.17 Set up Postfix with LDAP
10.18 Set up Dovecot with LDAP
10.19 Moving Maildir directories
10.20 Other Resources
11 Tor
11.1 Install Tor (Network privacy)
11.2 Torbutton (Firefox plug-in)
11.3 Tor Browser Bundle
11.4 Using proxies with Tor
11.4.1 usewithtor
11.4.2 torify
11.4.3 Privoxy
11.4.4 Other proxies
11.4.5 Ensuring applications use the proxy
11.4.5.1 Using specific applications with Tor
11.5 Tor GUIs
11.5.1 Vidalia (Tor interface)
11.5.2 Tork (KDE Tor interface)
05/24/2012 08:14 AM
UbuntuGuide Part2 -
4 of 265
11.5.2.1 Prevent autostart of proxies and Tor
11.6 Firewall considerations
11.6.1 Single computer
11.6.2 Proxy on LAN
11.6.3 Blocking all non-Tor traffic using iptables
11.6.4 Tor network initialization
11.7 Troubleshooting
11.8 Other resources
12 Remastersys
12.1 Install Remastersys
12.2 Create a custom distribution
12.3 Create a system backup
12.3.1 Using the Remastersys GUI
12.4 Edit Remastersys configuration file
13 Dynamic IP servers
13.1 Single URL and a DynDNS-capable router
13.2 Multiple URLs
13.2.1 ddclient
13.2.1.1 Edit ddclient configuration
13.2.1.1.1 Run ddclient using cron
13.2.1.2 Other DDNS services
13.3 Redirecting a URL
13.3.1 CNAME aliases
13.3.2 URL forwarding
13.3.3 Examples
13.3.3.1 Multiple domain name URLs, single Dynamic URL
14 FTP tips
14.1 Vsftpd (FTP server)
14.1.1 Using two separate user accounts for vsftpd
14.1.2 Securing vsftpd
14.1.3 Encrypting transfers with FTPS
14.1.3.1 Troubleshooting vsftpd
14.2 Proftpd (FTP server)
14.2.1 Configure proFTPd users to be "jailed" (chrooted) into their home
directories
14.2.2 Configure the proFTPd Server to allow anonymous FTP users to
only have "read only" access
14.2.3 Configure the proFTPd Server to allow anonymous FTP users to
have "read/write" access
14.2.4 Map the anonymous FTP user to a folder other than /home/ftp/
14.2.5 Change the default port number for the proFTPd Server
14.2.6 FTP to a remote (K)Ubuntu host from a Windows client
14.2.7 FTP to a remote Windows host from a (K)Ubuntu client
14.2.8 Configure the NAT/router/gateway/firewall for an FTP server
14.3 FTP troubleshooting
14.4 Google Android FTP clients
05/24/2012 08:14 AM
UbuntuGuide Part2 -
5 of 265
15
16
17
18
19
20
14.5 SFTP
14.5.1 SFTP clients
14.6 SFTP server
Using SSH to Port Forward
Limit OpenSSH users
16.1 How to limit the user accounts that can connect through ssh remotely
OpenVPN server Karmic
17.1 OpenVPN
17.1.1 Using a bridge interface
17.1.2 OpenVPN Server Installation
17.1.3 Server certificates
17.1.4 Client Certificates
17.1.5 Server Configuration
17.1.6 Client Configuration
17.1.7 Other resources
WebDAV
18.1 WebDAV Server Installation
18.1.1 Install Apache webserver
18.1.2 Open your firewall
18.1.3 Enable the Apache2 WebDAV modules
18.1.4 Create a folder for WebDAV use
18.1.5 Create or edit the virtual host file
18.1.6 Create password access for the WebDAV folders
18.1.7 Testing WebDAV
18.1.8 Set up Digest Authorization (encrypted passwords)
18.1.9 Enable WebDAV lock
18.2 Multiple WebDAV servers on a LAN using a single IP address and router
18.3 WebDAV with LDAP
18.4 WebDAV Clients
18.4.1 Dolphin
18.4.2 Nautilus
18.4.3 Firefox
18.4.4 Konqueror/Rekonq
18.4.5 Cadaver
18.4.6 Windows
18.4.6.1 Creating passwords for Windows clients
18.4.7 Android
18.5 References
Apache2 reverse proxies
MediaWiki tips
20.1 Install MediaWiki
20.1.1 ReCaptcha
20.2 Editing the LocalSettings.php configuration file
20.2.1 Increase PHP memory limits
20.2.2 Increase PHP uploaded file size limits
20.3 Change the default logo
05/24/2012 08:14 AM
UbuntuGuide Part2 -
6 of 265
20.4 Make backups
20.4.1 XML dump
20.4.1.1 Import XML dump
20.4.1.2 Export individual pages to XML
20.4.2 Full system backup
20.4.3 Upgrading
20.5 Backup and restore the MySQL database
20.5.1 Empty a database
20.6 Moving a MediaWiki installation to a new site
20.7 Install multiple MediaWiki sites
20.7.1 Multiple wikis
20.7.2 Multiple subwikis
20.7.3 Troubleshooting
20.8 Build your site
21 Mediawiki site building tips
21.1 Introduction
21.1.1 Choose the Main Page
21.2 Add Spam filters
21.2.1 Captcha
21.2.1.1 ConfirmEdit
21.2.1.2 ReCaptcha
21.2.2 Spam blacklist
21.2.3 Check Spambots
21.2.4 Bad Behavior
21.2.5 AkismetKlik
21.2.6 ConfirmAccount
21.3 SideBar Donate
21.4 Google AdSense
21.4.1 Google AdSense2
21.4.2 Google AdSense
21.5 ShareThis
21.6 Facilitate printing to an eBook
21.6.1 Collections
21.6.2 PdfBook
21.7 Add Quotations
21.8 Add Random elements as advertisements
21.9 Customise the Sidebar
21.10 Change skins
21.11 Change background colours
21.12 Add icons
21.13 Embed media into a document
21.14 Embed a PDF document
21.14.1 Use an external PDF viewer
21.14.2 Use Browser plugins
21.15 Use templates
21.16 Add WebDAV storage
21.17 Write a screenplay
05/24/2012 08:14 AM
UbuntuGuide Part2 -
7 of 265
21.18 Import (K)Ubuntuguide into your site
21.19.1 Mediawiki 1.15 on Firefox and Google tablet browsers
21.20 Collections
21.20.1 mwlib
21.20.1.1 Easy installation
21.20.1.2 Building latest version from source
21.20.1.3 Test mwlib
21.20.1.4 Start the mw server
21.20.2 Book Templates
21.21 PdfBook
22 Drupal6 tips
22.1 Drupal (Web content publishing)
22.1.1 Installation quirks
22.1.1.1 Exim vs. Postfix
22.1.1.2 Folder permissions
22.2 Browser installation
22.2.1 Status report
22.2.1.1 Updates
22.2.1.2 Cron
22.3 Multi-site Installation
22.3.1 Copy modules and themes folders
22.3.2 Update each site
22.3.3 Multisite cron
22.4 Build your site
23 Drupal site building tips
23.1 Introduction
23.2 Initial user setup
23.3 Create a Welcome page
23.4 Change your default logo
23.5 Create a new menu in the left sidebar
23.6 Increase PHP memory
23.6.1 Increase uploaded file size limits
23.7 Install content creation kit (CCK) and other important modules
23.8 Install Access Control modules
23.8.1 Enable permissions for added modules
23.9 Create a Calendar content page
23.9.1 Using Date Tools to Create a Calendar
23.10 Add Forums
23.11 Add Images
23.11.1 Install required modules
23.11.2 Configure settings
23.12 Embed a video
23.13 Add WYSIWYG editor
23.14 Update modules
23.15 Perform backups
23.15.1 Backup and migrate module
05/24/2012 08:14 AM
UbuntuGuide Part2 -
8 of 265
24
25
26
27
23.15.2 Backup and restore the MySQL database
23.15.2.1 Empty a database
23.15.3 Moving a Drupal6 installation to a new site
23.16 Use an SMTP server for email functions
23.16.1 Install PHPMailer
23.17 Add an online store to your website
23.17.1 Set up PayPal Website Payments Standard
23.17.2 Create a PayPal Donate button
23.17.3 Install Ubercart on Drupal
23.17.4 Setup PayPal with Ubercart
23.17.5 Trigger functions based on payment
23.17.6 Add realtime videochat to your website
23.17.7 Add BigBlueButton API
23.17.8 Add Kaltura video services
23.18 Upload and download files
23.18.1 Public files / attachments
23.18.1.1 Increase uploaded file size limits
23.19 Add a quotation module
23.19.1 Add the Fortune module to Drupal
23.19.2 Add the Quotes modules to Drupal
Moodle tips
24.1 Prepare your server
24.2 Installation
24.3 Set up a virtual server
24.3.1 Using Moodle with an existing URL
24.4 Add a custom theme to Moodle
24.5 Upgrading Moodle
Moodle Site Building
25.1 Using BigBlueButton with Moodle
25.2 Using Skype with Moodle
25.2.1 Add Skype Block
25.3 Adding quotations to a block
25.3.1 Add a Quotation of the Day block
Fortune
26.1 Fortunoid
26.2 Adding categories of fortunes (fortune modules)
26.3 Using Fortune in Drupal
26.4 Using Fortune in MediaWiki
DAViCal Calendar Server 0.9.7
27.1 Introduction
27.2 Preliminary Requirements
27.3 Set up the PostgreSQL database
27.4 Install the DaviCal package from repositories
27.5 Set up DaviCal PostgreSQL users
27.6 Setup the DaviCal database
27.7 Test that your database creation was successful
27.8 Set up Apache2
05/24/2012 08:14 AM
UbuntuGuide Part2 -
9 of 265
27.9 Create your configuration file
27.10 Start up DaviCal
27.10.1 Create TestUser
27.10.2 Administer users
27.10.2.1 Clarification of user types and relationships
27.10.2.1.1 User roles
27.10.2.1.2 Types of relationships
27.10.2.1.2.1 Example
27.11 Clients
27.11.1 Mozilla Sunbird / Thunderbird with Lightning
27.11.1.1 Idiosyncracies of Sunbird and Thunderbird Lightning
27.11.2 Kontact
27.11.3 Evolution
28 DAViCal Calendar Server 0.9.8
28.1 Introduction
28.2 Preliminary Requirements
28.3 Set up the PostgreSQL database
28.4 Install the DaviCal package from repositories
28.5 Set up DaviCal PostgreSQL users
28.6 Setup the DaviCal database
28.7 Test that your database creation was successful
28.8 Set up Apache2
28.9 Create your configuration file
28.10 Start up DaviCal
28.10.1 Create TestUser
28.10.2 Administer users
28.10.2.1 User roles
28.10.2.1.1 Grants and Permissions Example
28.11 Clients
28.11.1 Mozilla Sunbird / Thunderbird with Lightning
28.11.1.1 Idiosyncracies of Sunbird and Thunderbird Lightning
28.11.2 Kontact
28.11.3 Evolution
29 BigBlueButton
29.1 Install Ubuntu server
29.2 Sort out webserver conflicts
29.2.1 Changing the Apache listening port
29.3 Install BigBlueButton
29.3.1 32-bit Jaunty (9.04)
29.3.2 32-bit or 64-bit Lucid (10.04)
29.4 Ensure port availablility
29.4.1 Check the server's current IP address
29.4.1.1 Set a static IP address
29.4.2 Test BigBlueButton
29.4.2.1 Change the host location of the BigBlueButton server
29.4.3 Changing the BBB listening port
29.4.4 Change the virtual host configuration file of Nginx
05/24/2012 08:14 AM
UbuntuGuide Part2 -
30
31
32
33
34
35
29.5 Using BigBlueButton with Moodle
29.5.1 Install BBB <-> Moodle API
29.6 Add BigBlueButton API to Drupal6
29.7 Changing the BBB security salt
29.8 BBB - Standalone authentification with Apache2 web serving
Skulltag tips
30.1 Install Skulltag
30.2 Sound
30.2.1 Timidity Sound
30.2.2 FMOD Sound
30.3 Wad location
30.4 Firewall and Doomseeker
30.5 Hosting a Skulltag server
30.5.1 wlan0 vs. eth0
30.5.2 Storing your custom wads online
30.6 Doomseeker troubleshooting
ZDoom and GZDoom
MFC-7820N
32.1 Printer
32.1.1 Other models
32.2 Scanner
32.2.1 Scanning utilities
32.2.1.1 Xsane
32.2.1.2 gscan2pdf
32.2.1.3 Tesseract
32.3 Fax
32.3.1 Sending Faxes
32.3.1.1 Associate brpcfax with Postscript files as an output option
32.3.1.2 Sending faxes from Firefox
32.3.1.3 Sending faxes from OpenOffice
Ubuntuguide XML exports
33.1 Introduction
33.2 Export Ubuntuguide wiki pages into an XML file
33.3 Import the Ubuntuguide XML into a local wiki
33.4 Can I do this?
Community portal
34.1 Support sites
34.2 Wisdom
About UbuntuGuide
Boot from a Live CD
To boot from any CD (Including LiveCDs), you must make sure that your BIOS bootup
settings allow this. This is usually changed from the BIOS setup menu. The BIOS bootup
10 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
menu is usually accessed during the first few seconds after powering on your computer.
The BIOS setup access key is often displayed on your screen (often it is the F2, Delete, or
F10 key), depending on your BIOS. Further, most recent BIOS's allow a one-time choice
of the bootup medium, so that either a CD or USB can be chosen as the bootup medium
on a one-time basis (without changing the regular BIOS settings).
If the BIOS on your computer does not allow a one-time bootup-medium choice and you
must change the regular BIOS settings temporarily, then enter the BIOS setup menu and
hunt around for the settings for Bootup device priority (sometimes in the Advanced
Setup menu). Make sure your CD/DVD optical drive is listed as the first boot device,
before the hard drive.
If you intend to use a LiveUSB installation instead of a LiveCD, then set the boot order so
that the USB drive is listed first, before the hard drive. (Obviously, your BIOS must allow
booting from a USB drive for this option to be available.)
Once you have installed all your operating systems from the LiveCDs or LiveUSBs (or
finished using other bootable LiveCDs or LiveUSBs such as GParted), you can reset the
first bootup device to be the hard drive again.
After installation, most security experts then recommend restricting bootup to the hard
drive only. A BIOS password should also be created so that the BIOS bootup settings
cannot be changed by a casual passerby. In this manner a casual passerby will not be
able to boot their own LiveCD or LiveUSB onto your computer (and thereby potentially
change your computer without your permission).
Multiple OS Installation
These instructions are for installing more than two operating systems on your hard drive.
If you only need two operating systems (such as a Windows installation and a (K)ubuntu
Linux installation), it is easiest to just use the (K)ubuntu installer to do it for you (as
detailed on the main page).
Warning: As of version 9.10 (Karmic Koala), the (K)Ubuntu Desktop edition LiveCD
installer uses Grub2 (which is difficult to customize) and does not allow the specific steps
needed in this tutorial. DO NOT USE the Karmic Koala Desktop edition LiveCD for
installation if you have a dedicated boot partition, use more than 2 operating systems, or
chainload bootloaders. The (K)ubuntu Desktop edition LiveCD installer will overwrite your
Master Boot Record and you will then be forced to re-create it later. This is a flaw in the
LiveCD installer of Karmic Koala. Install the Alternate CD edition instead, or even the
Ubuntu Server edition (and then add the ubuntu-desktop afterwards).
Warning: During installation of 10.04 (Lucid Lynx) and later, there is an advanced option
(Ready to install -> Summary -> Advanced) to choose whether to install the GRUB2
bootloader into both the partition into which the (K)Ubuntu OS is installed as well as the
Master Boot Record MBR) or just to install it into the partition into which the (K)Ubuntu
OS is installed (only). If your system uses a boot partition, uses multiple OS (more than
2), or chainloads bootloaders then pay careful attention during this step. For systems
11 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
with boot partitions that have already been configured (and to which the Master Boot
Record already refers to as the partition which contains the initial bootloader), it is best
not to overwrite the MBR during any OS installation.
Example, from the Desktop version GUI installer, a point in the installation will
be reached:
Ready to install -> Summary -> Advanced -> Device for boot loader
installation: /dev/sda6
In this example, this setting will cause the GRUB2 bootloader to be installed into
/dev/sda6 only (the partition into which the new (K)Ubuntu OS is being installed). The
MBR (Master Boot Record) will not be changed. However, if the default setting of
/dev/sda were to be chosen, GRUB2 would not only be installed into partition /dev/sda6
(into which the (K)Ubuntu OS is installed) but also the MBR (designated as /dev/sda)
would be changed. The copy of GRUB2 stored in /dev/sda6 wwould then be designated
by the MBR as the master bootloader for all Operating Systems on the entire computer.
This is undesirable if you wish to use a master bootloader (such as Grub Legacy stored in
the boot partition) instead of GRUB2.
Introduction
The method described here involves creating a small boot partition in which to store a
set of Grub bootloader configuration files. (These files will be created during the first
Ubuntu Linux OS installation and then copied to the boot partition where they can
subsequently be edited.) The initial Grub menu will always be kept in this small boot
partition. Each operating system will then keep its own set of bootloader configuration
files within its own partition. The Grub menu residing in the boot partition will be only be
used to chainload (http://en.wikipedia.org
/wiki/Chainload#Chain_loading_in_boot_manager_programs) the specific bootloader files
stored in the partition of whichever operating system is chosen from the menu (no
matter whether the chosen operating system is a Windows, Mac, (K)ubuntu, or other
Linux operating system).
Each operating system can therefore use the bootloader/configuration file that is peculiar
to it, storing it in its own partition. If the kernel, filesystem, or even the bootloader files
for that operating system changes (within its own partition) for any reason, it will not
affect the kernel, filesystem, or bootloader files of the operating systems stored in the
other partitions. It will also not affect the primary bootup menu (stored in the boot
partition), and each operating system will be able keep its own independent bootup
process intact.
This avoids a common problem with many operating system installers (including Ubuntu)
which attempt to impose a single bootloader (http://en.wikipedia.org/wiki/Booting) on all
the operating systems residing on a hard drive. The installer overwrites the Master Boot
Record so that it only points to the bootloader installed with that operating system
(within that operating system's partition). When this happens, the bootloader files can
only be edited while running that particular operating system and cannot be adjusted by
any other operating system. Further, after this happens several times (following multiple
OS installations), it eventually becomes difficult to remember which partition has the
12 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
bootloader configuration files that the Master Boot Record points to. With the
chainloading method, you don't have to worry about that, any longer. The Master Boot
Record will be set to point to the bootloader configuration files stored in the boot
partition at all times. Once this is set up, the Master Boot Record need never be changed.
Here is some info about this method:
Installing Multiple Linux Distributions on a Single Box
(http://www.hentzenwerke.com
/wp/installingmultiplelinuxdistributions_onasinglebox.pdf)
Creating your Grub Partition (http://www.troubleshooters.com/linux
/grub/grubpartition.htm#_Creating_Your_Grub_Partition)
How to make a Grub partition (http://members.iinet.net.au/~herman546
/p15.html#How_to_make_a_separate_Grub_Partition_)
Ubuntu forums (http://ubuntuforums.org/showthread.php?t=724817)
Ubuntu forums (http://ubuntuforums.org/archive/index.php/t-1045237.html)
Using Grub Legacy for the boot partition
This method uses Grub Legacy as the bootloader to be installed to the boot partition
(because it is the easiest to customize). Starting with Karmic Koala 9.10, however,
Ubuntu/Kubuntu uses Grub 2 (instead of Grub Legacy) by default.
13 of 265
An easy and fast method is to use an Ubuntu Server edition 9.04 LiveCD
(http://releases.ubuntu.com/9.04/) (which uses Grub Legacy) to install the first
instance of Ubuntu Linux (and Grub Legacy). Use the minimal install (i.e. don't
install any extra packages), in the interest of speed. Proceed with the installation
instructions that install Grub to the Master Boot Record, as well as installing a
second copy of Grub Legacy to the local partition. Then copy the Grub Legacy
settings to the boot partition as described. Edit the Grub Legacy menu settings
stored in the boot partition so that chainloading to each planned partition is
enabled.
Once this is finished, re-install a newer version of Ubuntu/Kubuntu to the same
partition (overwriting the 9.04 server version). However, this time do not allow the
new installation process to overwrite the Master Boot Record. (We want the Master
Boot Record always to use Grub Legacy, not Grub2.) Install Grub2 (this time) to the
local partition only. This method is described in further detail below.
A second method involves installing (K)Ubuntu completely (using the LiveCD
installer), then removing Grub2 from the (K)Ubuntu partition. Grub Legacy is then
temporarily installed in its place and copied to the boot partition. The Master Boot
Record is set to refer to this copy of Grub Legacy stored in the boot partition. After
this has been done, Grub Legacy is then removed from the (K)Ubuntu installation
(but left in place in the boot partition) and Grub2 re-installed in the (K)Ubuntu
partition's /boot directory once again. This method is described in further detail
here.
Now the Master Boot Record will always use Grub Legacy (stored in the boot
05/24/2012 08:14 AM
UbuntuGuide Part2 -
partition) merely as a chainloader to each subsequent partition, where that chosen
partition's particular bootloader will be run directly from within the partition (no
matter if it is a Windows partition's bootloader, a (K)Ubuntu partition's bootloader
(e.g. Grub2), or a Mac partition's bootloader).
Partition design
Three primary partitions (http://en.wikipedia.org
/wiki/Disk_partitioning#PC_partition_types) and one extended partition are allowed on
your hard drive. The extended partition can be divided into a very large number of
logical partitions. Each Windows installation will need to be installed on a primary
partition. All the Linux (including Ubuntu/Kubuntu) installations, though, can (and should)
exist in logical partitions, so you can have as many as you want. The swap partition, also,
can (and should) live on a logical partition.
The easiest way to do this is to use the GParted Live CD as a partition manager, or using
the GParted application directly from the Ubuntu LiveCD (Menu -> System ->
Administration -> GParted) or KDE Partition Manager from newer versions of the Kubuntu
LiveCD.
14 of 265
At the minimum you will need:
one primary partition for each Windows OS
an extra small primary partition (which can be resized later, in case is needed).
If a Windows boot partition exists as a second NTFS partition, it should be left
alone. If there is a Windows recovery partition also installed, it can also be left
alone as long as there are only two NTFS partitions total on the hard drive (i.e.
there is no NTFS boot partition as well). If there are a total of 3 NTFS partitions
on the hard drive, then the third Windows NTFS partition (the recovery
partition) should be removed after creating Recovery CDs from it (see here).
one primary partition for the small boot partition (for storing a set of GRUB
files)
an extended partition for the Linux OSs (should be the last partition on the
hard drive)
In general I make:
my Windows partition 20 - 30 Gb -- filesystem type NTFS (or can even be
FAT32) and with the boot flag checked
my "extra" partition 2 Gb -- which I tend to format as filesystem FAT32 (but can
be anything, including ext3). If this is a Windows boot (or recovery) partition, it
can be left unchanged.
my Grub partition 50 - 100 Mb -- formatted to filesystem type ext3
the extended partition is the remainder
At the end of the hard drive I usually leave a few Gb of free space (to allow for
extra logical partition needs that I have not foreseen). This can't be done
unless the extended partition is the last partition.
05/24/2012 08:14 AM
UbuntuGuide Part2 -
I then divide the extended partition into logical partitions:
a /swap logical partition that is 2 Gb -- filesystem type linux-swap
a logical partition for the / (root) folder of each planned OS (at least 10 Gb
each, but 20-50 Gb is better) -- formatted as ext3 (or ext4 if you are planning
to use a newer Linux OS)
optionally, a logical partition for each specific use, such as for a groupware
partition (like Kolab, for example). I make this about 20 Gb and format it as
ext3, since most specific uses (like Kolab) will be comfortable with ext3.
Another example is creating a partition for the /home directory.
Note: If you are re-arranging (re-partitioning and re-formatting) your hard drive after
already having a Grub bootloader installed, you will not be able to boot into Windows (or
anything else) until you re-install Grub as part of a Linux OS re-installation. Panic not. Just
proceed in a calm and orderly fashion.
Windows partitions
It is easiest if your Windows partition is the first one installed. This is because the
Windows bootloader looks for Windows in the first partition. Also, Windows installers are
unpredictable and can overwrite anything that is already installed on the hard drive.
If you have a brand new computer with no OS pre-installed, partitioning and OS
installation is much easier. Create all your partitions before installing Windows. Make the
first partition NTFS (or the less secure FAT32, if you wish), intending it for the Windows
installation. Then divide the remainder of the hard drive (using GParted) using the
partitioning scheme outlined above.
Generally, a retail "boxed" version of Windows (instead of an OEM or "backup" copy)
installs quite happily to the first pre-configured, pre-sized partition. Go ahead and install
it there, then skip on ahead to installing the Linux OSs.
However, OEM and "backup" copies of Windows often have installation peculiarities
(including pre-configured spamware, spyware, and specific hardware configurations) that
will want to use the entire hard drive. Oh well, if you must, you must.
After doing so, you will then have to shrink the partition down to approximately 20-30 Gb
(or your desired size).
Changing Windows partition sizes
Using Shrink Volume on Vista and Windows 7
Make sure you heed the warnings that you should change the size of Windows Vista
and Windows 7 partitions from within Windows only (using Settings -> Control Panel ->
Administrative Tools -> Computer Management -> Storage -> Disk Management ->
Shrink Volume), or using specific Windows tools (http://www.howtogeek.com/howto
/windows-vista/working-around-windows-vistas-shrink-volume-inadequacy-problems/)
made exclusively for this purpose.
15 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Unlike Windows XP (and earlier Windows versions), Vista and Windows 7 does not allow
you to move the MFT (Master File Table) that controls the NTFS file structure.
Inexplicably, Microsoft locates this near the middle (or end) of the partition, somewhat
limiting the ability to resize (shrink) the partition completely. You will be able to gain
some hard drive from the "Shrink Volume" command (under Settings -> Control Panel ->
Administrative Tools -> Computer Management -> Storage -> Disk Management), but
not all of of the hard drive. I knew of no partition software that could move the MFT to a
different place on the hard drive safely, but this tutorial (http://www.howtogeek.com
/howto/windows-vista/working-around-windows-vistas-shrink-volume-inadequacyproblems/) suggested that Perfect Disk worked for this purpose. I therefore tried the trial
version of Perfect Disk, and it seemed to work for me very nicely. I was able to shrink my
Vista partition, using the steps in the tutorial (and Perfect Disk), from 300 Gb to 74 Gb.
This was perfect for me.
You must then reboot those Windows OSs (once or twice) to allow them to adjust
themselves to the partition size change (before using GParted for any other tasks). I have
ruined several Windows installations by using GParted to resize the partitions for
Windows Vista and Windows 7, or by forgetting to reboot Windows prior to using GParted.
During these reboots, the Windows bootloader stores information about the changed
partition size in its configuration file. If it doesn't have the chance to do this, the
Windows bootloader will no longer work properly, and you will not be able to boot
Windows.
Reinstalling Vista or Windows 7 on a new partition
A popular way to regain a significant amount of your hard drive with Vista/Windows 7 is
to first re-format and re-partition the hard drive, and then re-install Vista/Windows 7
afterwards. When this works, you can reinstall Vista/Windows 7 in as little as 30 Gb.
Using Windows Recovery Disks
For a Windows re-installation, you will either need a retail version of Windows or a
"Recovery" disk provided by your OEM (computer) manufacturer. The "Recovery" disk
must allow Windows re-installation to a partition of any size. (Some recovery disks only
allow re-installation to the entire hard drive).
My eMachines, Dell, and Toshiba Recovery disks, for example, allowed re-installation to
any size partition, but my HP Recovery Disks did not. The HP Recovery Disk erased the
entire hard drive (and all the data on it) and re-created a single Windows partition. All
partitions (and the data in them) were destroyed in the process. (I therefore do not
recommend using HP Recovery disks for this method. For HP computers with a Recovery
Disk, use the shrink volume method outlined above, instead).
Physical Recovery Disks are not always shipped with a new computer. For example, my
eMachines box instead provided a utility (eMachines -> eMachines Recovery
Management) to create (burn) a pair of Recovery DVDs using data stored on an image in
a recovery partition. If your OEM manufacturer gives you a similar option of burning
Recovery disks (instead of supplying Recovery CD/DVDs with your computer), make sure
you burn these disks prior to reformatting/repartitioning your hard drive. If your hard
drive becomes corrupted during the re-partitioning process and you haven't created
16 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Recovery Disks, it will be too late.
Once the Recovery Disks are burned, it is no longer necessary to keep the recovery
partition (and Windows can be re-installed without it).
As outlined in my partitioning scheme, I reserved the first primary partition for Windows.
This can either be left as free space at the beginning of the drive (to be formatted as
NTFS by the Windows installer later), or it can be formatted (by GParted, for example) as
an NTFS partition with the boot flag set. I left 60 Gb for this first primary partition area
(although 40 Gb is probably more than enough, since my Vista re-install occupied only 22
Gb). The Windows Recovery disk was able to re-install Windows no matter which method
I used. Since this was really a "new" install, I didn't have to worry about the MFT table
location problem, which was placed by the Windows installer within the new partition
without any difficulty.
Obviously, to completely re-install an operating system if you have been using your
computer a long time would entail an awful lot of work. You would have to back up all
your data files first, re-install all your programs after re-installing the operating system,
and then restore the data files you had backed up. I wouldn't want to do this on anything
but a new computer.
Windows XP (or earlier)
You can use GParted to resize a Windows XP partition directly (without needing
re-installation), but it is still best to reboot Windows XP twice after resizing its partition
(before taking any other steps with GParted). Review this tutorial
(http://www.howtogeek.com/howto/windows-vista/working-around-windows-vistas-shrinkvolume-inadequacy-problems/) 's section "Making Shrink Volume Work." Although
Windows XP does not have a shrink volume utility, to resize the partition using GParted,
these steps must be taken anyway. Specifically:
Use the Disk Cleanup Wizard to remove unnecessary files.
Uninstall "deadwood" programs and unneeded/unwanted Windows Components
(using Control Panel -> Add/Remove programs).
Disable System Restore (Control Panel -> System -> System Restore -> Turn off
System Restore on all drives)
Disable the page file (Control Panel -> System -> Advanced ->
Performance:Settings -> Advanced -> Virtual memory:Change -> No paging file
(ticked) -> Set)
Disable debugging (Control Panel -> System -> Advanced -> Startup and
Recovery:Settings -> Write debugging information: (none) )
Disable Hibernation (Control panel -> Power Options -> Hibernate -> Enable
hibernation (unticked) )
then reboot once (which will erase the C:\pagefile.sys file). Defragment the hard drive.
Then log off Windows and start GParted. Now you will be able to shrink the XP partition.
17 of 265
After resizing the NTFS Windows partition, quit GParted and log into Windows again.
Chkdsk will be run automatically and the computer will reboot. Login to a user
account in Windows. It will prompt you to reinstall new hardware (the resized
05/24/2012 08:14 AM
UbuntuGuide Part2 -
partition). Accept. Now turn back on the services turned off in the steps listed
above, in reverse order. To be safe, log off Windows and log in one extra time. Now
you are finished resizing the Windows XP partition and can proceed to other disk
manipulations with GParted (or other activities such as installing (K)Ubuntu).
Windows bootloaders
The Windows bootloader stores information about how big the partitions on the hard
drive are. If you change a partition size, Windows checks the new partition size at the
very next reboot (using either chkdsk in XP or a new utility in Vista/Windows 7). It then
writes that info to its bootloader configuration file. If you start mucking around with other
partitions before it has a chance to record the changes and reset itself accordingly, the
Windows bootloader will not be able to read the partition table properly (and will then
refuse to boot entirely).
Since Grub boots Windows merely by chainloading the Windows bootloader, if the
Windows bootloader doesn't work (i.e. doesn't recognize its own changed partition), then
you are sunk.
If you ignore these warnings, I almost guarantee you will fry your Windows partitioning
scheme and be unable to boot up Windows.
Install your first Linux OS
Read Using Grub Legacy for the boot partition to see why I recommend using
Ubuntu Server edition 9.04 (http://releases.ubuntu.com/9.04/) for this step.
Reboot into the Ubuntu 9.04 LiveCD (in my example I use the Ubuntu 9.04 Server
edition 9.04 (Jaunty) (http://releases.ubuntu.com/9.04/) LiveCD).
Install Ubuntu server -> (the usual pleasantries about language and mice and
keyboards and stuff)
-> "Starting up the partitioner" -> Partition Disks: Manual
18 of 265
When you see the list of partitions, you will have to configure them manually.
You should note the small (50-100 Mb) boot partition that was previously
created for use as the partition for the Grub chainloader files. In my
example it is /dev/sda3. Make a note of what yours is named.
Configure the swap partition.
This shouldn't need configuring if you set it up properly with GParted.
You can make sure that Use as: swap area is set.
Configure the root partition for the OS. Choose one of your logical
partitions, which in my scheme is #6, is ext3, and has about 30 Gb.
Use as: Ext3 journaling file system.
Format the partition: Yes, format it
Mount point: / - the root file system
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Bootable flag: off
Note: You should write down which device this / (root) partition is on.
You will need this information later for Grub settings. On mine, it is
/dev/sda6.
-> Finish partitioning and write changes to disk -> "Installing the base system" -> ... ->
->"Install the Grub boot loader to the master boot record?": YES -> Continue
In this step, Grub must be installed both on the MBR (master boot record) as well as
locally on the partition being installed (in this example /dev/sda6). The local version
will be chainloaded by the MBR version. Therefore, install Grub a second time:
-> Go Back -> Install the Grub boot loader on a hard disk -> "Install the Grub boot loader
to the master boot record?": NO -> Device for boot loader installation: /dev/sda6 ->
Continue
Copy boot files to the small Grub partition
Boot into your newly-installed Ubuntu 9.04 OS. Open a command-line terminal (if
you have installed a desktop).
Make a new directory and mount it in your new Ubuntu OS.
sudo
sudo
sudo
sudo
mkdir
mount
mkdir
mkdir
/media/GRUBpartition
/dev/sda3 -t ext3 /media/GRUBpartition
/media/GRUBpartition/boot
/media/GRUBpartition/boot/grub
Note: Use whatever the device name of your small Grub partition is (mine is
/dev/sda3)
Make sure there are full read/write write permissions (this step may be optional).
sudo chmod 777 /media/GRUBpartition/boot/grub
Copy all your grub files to the new partition
sudo cp -r /boot/grub/* /media/GRUBpartition/boot/grub
Edit the menu.lst
sudo nano /media/GRUBpartition/boot/grub/menu.lst
Place a chainloader entry as the first entry:
## ## End Default Options ##
19 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
title First (K)ubuntu OS (chainloader)
rootnoverify
(hd0,5)
chainloader
+1
title Second (K)ubuntu OS (chainloader)
rootnoverify
(hd0,6)
chainloader
+1
This assumes your first installed OS has its / (root) directory in /dev/hda6 (as in my
example above). Grub Legacy counts the first partition as 0, so sda6 becomes (hd0,5), or
hard drive 1 (it starts counting at zero), partition 6). If you want to chainload a
bootloader on a second hard drive, partition 4 (/dev/sdb4), you would specify (hd1,3),
instead, for example.
(I also put it an entry for my second planned OS, even though I haven't installed it yet.
That will save me time later. For more examples, see this section.)
Return the permissions so that only root can change or execute the files:
sudo chmod 744 /media/GRUBpartition/boot/grub
sudo chmod 744 /media/GRUBpartition/boot/grub/*
Reinstall Grub to MBR
Now that the files are copied, we need to tell Grub Legacy to look for them there. Do this
step from your Ubuntu 9.04 OS command-line terminal.
Start Grub Legacy:
sudo grub
grub> find /boot/grub/stage1
You should see the places there are grub configuration files.
(hd0,2)
(hd0,5)
Note that (hd0,2) corresponds to the small Grub partition (/dev/sda3), according to the
counting method outline above. (hd0,5) corresponds to your first Linux OS (in the
example /dev/sda6).
Make the small Grub partition the loadable Grub location.
grub> root (hd0,2)
grub> setup (hd0)
grub> quit
Install your second Linux OS
20 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Again I'm going to use (K)ubuntu for the example, although any OS can now be installed.
Reboot into an Ubuntu LiveCD (I recommend a Server or Alternate edition, because
some Desktop editions overwrite the Master Boot Record automatically, which is not
at all desirable at this stage).
Install Ubuntu server -> (the usual pleasantries about language and mice and
keyboards and stuff)
--> "Starting up the partitioner" -> Partition Disks: Manual
When you see the list of partitions, you will have to configure them manually.
Configure the swap partition.
This shouldn't need configuring if you set it up properly with GParted.
You can make sure that Use as: swap area is set.
Configure the root partition for the OS. Choose one of your logical
partitions, which in my scheme is #7, is ext4, and has about 30 Gb.
Use as: Ext4 journaling file system.
Format the partition: Yes, format it
Mount point: / - the root file system
Bootable flag: off
Note: You should write down which device the / (root) partition is on.
You will need this information later for Grub settings. On mine, it is
/dev/sda7.
-> Finish partitioning and write changes to disk. (It is OK to format the swap and / (root)
partitions.) -> "Installing the base system" -> ... ->
"Installing Grub boot loader" ->
"Install the Grub boot loader to the master boot record?": NO
"Install the Grub boot loader on a hard disk": /dev/sda7
Use whichever device that corresponds to your / (root) directory for this OS, of
course.
This ensures that the Grub bootloader is installed to this OS's partition, as well.
Finish installation and reboot. This system ought to be selected as the Second
Ubuntu OS, obviously.
Note: Once you have booted into this OS, you can now edit the chainloaded GRUB
bootloader's local settings for this OS (at /boot/grub/menu.lst or /etc/default/grub)
as usual, as you can for the first installed OS as well.
Changing main Grub boot menu settings
21 of 265
You can edit the local (chainloaded) Grub boot menu for each Linux OS that uses
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Grub Legacy (within the partition in which it is installed), if desired:
(kate can be used instead of nano as the text editor in Kubuntu, or gedit
instead of nano in Ubuntu.)
You can edit the local (chainloaded) Grub boot menu for each Linux OS that uses
Grub2 (within the partition in which it is installed), if desired (see these
instructions):
To change the main Grub boot menu, you will have to change the menu.lst found
on the small Grub boot partition.
If you are doing this from a Linux OS other than the first one you installed,
again make a new directory for mounting:
sudo mkdir /media/GRUBpartition
Mount the directory
sudo mount /dev/sda3 -t ext3 /media/GRUBpartition
Note: Use whatever the device name of your small Grub partition is (mine is
/dev/sda3)
Make sure there are full read/write write permissions (optional).
sudo chmod 777 /media/GRUBpartition/boot/grub/menu.lst
Edit the menu.lst
sudo nano /media/GRUBpartition/boot/grub/menu.lst
Edit or add new chainloader entries:
## ## End Default Options ##
title First (K)ubuntu OS (chainloader)
rootnoverify
(hd0,5)
chainloader
+1
rootnoverify
(hd0,6)
22 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 chainloader
+1
title Newest Whizbang OS on second hard drive, partition 4 (chainloader)
rootnoverify
(hd1, 3)
chainloader
+1
Grub starts counting from 0, so the first hard drive is number 0 and the first
partition is also number 0. sda6 (which is hard drive 1, partition 6) becomes
(hd0,5). If you want to chainload a bootloader on a second hard drive, partition
4 (/dev/sdb4), you would specify (hd1,3).
For (K)Ubuntu 10.04 or later, the menu item for chainloading should be (if
the OS is in /dev/sda7):
rootnoverify
(hd0,6)
kernel
/boot/grub/core.img
Return the permissions so that only root can change or execute the files
(optional):
sudo chmod 744 /media/GRUBpartition/boot/grub/menu.lst
Using UUIDs for the main Grub bootloader menu
Although newer bootloader configurations specify partitions using their UUID designation
(instead of using the (hd0,x) designation), this is problematic for the primary Grub
bootloader. In current OS installation paradigms, when an operating system is
re-installed within a partition, the UUID of that partition is simultaneously changed by the
installer. If the primary Grub bootloader were to reference a partition by its UUID instead
of by its position on the drive, (i.e. (hd0,x)), the primary Grub bootloader would no longer
be able to find the partition whenever a new operating system was installed within it
(and its UUID simultaneously changed).
For this reason, the primary Grub bootloader in the /boot partition should always use the
rootnoverify (hd0,x) (instead of UUIDs) nomenclature to identify partitions.
Add MacOSX entry
You can add a chainloader entry for a MAC OS that you might have installed on its own
partition (installed with its own bootloader on the partition). Here's the entry for a MAC
that is on partition /dev/sda9 (equivalent to (hd0,8):
title Mac OS X
root (hd0,8)
makeactive
chainloader +1
23 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Re-installing Grub Legacy after Windows upgrade or
re-installation
Windows installations, re-installations, and upgrades rewrite the Master Boot Record so
that it points to the Windows bootloader only (instead of to the copy of Grub in the boot
partition). The Master Boot Record must therefore be re-written so that it will again point
to the copy of Grub stored in your boot partition.
For this example, assume the boot partition is the /dev/sda3 partition (which is known as
(hd0,2) to Grub Legacy).
You must use a version of a LiveCD that has Grub Legacy, i.e. Kubuntu/Ubuntu 9.04
(Jaunty) (http://releases.ubuntu.com/9.04/) or earlier. Start the LiveCD and start a
command-line terminal (Terminal in Ubuntu or Konsole in Kubuntu). From the
command-line terminal start grub:
sudo grub
Then enter the commands to restore the Master Boot Record to point to the boot
partition at /dev/sda3:
> root (hd0,2)
> setup (hd0)
> quit
Then reboot. Your previously created Grub bootup-menu options should again appear.
Other chainloader options
In Grub Legacy it is possible to specify the root of the partition to be chainloaded using a
UUID instead of the hd(0,x) notation. If you do not know the UUID for the partition to be
chainloaded, it can be discovered using:
sudo blkid
Replace the
root (hd0,6)
entry in the /boot/grub/menu.lst file (of the primary /boot partition)
with
uuid xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
where xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx represents the actual UUID of the
24 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
partition to be chainloaded.
Example:
Replace the lines (in the /boot/grub/menu.lst file)
root (hd0,9)
chainloader +1
with the lines
chainloader +1
This method works no matter which operating system is to be chainloaded. It will not
work, however, for the operating system stored in (hd0,9) due to a quirk (see below).
Will it work for bootable devices (such as USB flashdrives) that have a UUID? I don't know
-- I haven't tried it yet!
This next method will only work when the operating system in the chainloaded
partition uses Grub Legacy (and has a local /boot/grub/menu.lst stored within the
partition):
Replace the lines (in /boot/grub/menu.lst)
root (hd0,9)
configfile /boot/grub/menu.lst
with the lines
configfile /boot/grub/menu.lst
Chainloading Grub2 from Grub Legacy
Grub2 is erratic. I no longer chainload it. Instead, it is possible to bypass Grub2
entirely and load an OS directly using Grub Legacy (stored in a boot partition, for
example) using an entry in menu.lst of the format:
title Kubuntu Oneiric OS (chainloader)
rootnoverify (hd0,6)
kernel /vmlinuz root=/dev/sda7 ro
initrd /initrd.img
25 of 265
My old method for chainloading Grub2 (installed in this example in the /dev/sda7
partition) from Grub Legacy used an entry in the Grub Legacy configuration file
(/boot/grub/menu.lst, stored in the standalone boot partition with the Grub Legacy
05/24/2012 08:14 AM
UbuntuGuide Part2 -
files) with this format:
title (K)Ubuntu Oneiric OS (chainloader)
kernel /boot/grub/core.img
The (hd0,9) problem
Grub Legacy has a quirk -- it does not like to chainload (hd0,9) using the command
chainloader +1. (Something about 9 + 1 = 10 requiring an extra digit, or something.)
Most people don't have more than 2 or 3 operating systems on their computer so it is
usually not an issue. Here at Ubuntuguide, however, we chainload as many as 10
different OS on every machine (not including virtual machines).
If the operating system in a chainloaded partition happens to use Grub Legacy (and
therefore uses /boot/grub/menu.lst locally), the alternative to
chainloader +1
is to use the command
configfile (hd0,9)/boot/grub/menu.lst
(This can be used for any partition in which the chainloaded operating system uses Grub
Legacy, not just (hd0,9). It will not work, however, if the chainloaded operating system
uses Grub2.)
This can alternatively be specified as
/boot/grub/menu.lst
It is also possible to chainload by specifying the UUID for the chainloaded partition
(hd0,9):
uuid xxxxx-xxxx-xxxx-xxxx-xxxxx
/boot/grub/menu.lst
Of course, you must find out the UUID for (hd0,9) first:
sudo blkid
Protecting Grub Legacy from cracking
26 of 265
See this section of the Grub Manual (http://www.gnu.org/software/grub/manual
05/24/2012 08:14 AM
UbuntuGuide Part2 -
/legacy/grub.html#Security) for important information on securing Grub Legacy.
Manipulating partitions on the hard drive
Most users that have multiple operating systems eventually choose to delete, resize, or
re-arrange the partitions containing the operating systems. This can become an anxietyproducing task especially when it comes to ensuring subsequent bootup capabilities.
For techniques to accomplish this successfully (for systems that have been configured
according to the guidelines above), see:
Manipulating Partitions
Most users that have multiple operating systems eventually choose to delete, resize, or
re-arrange the partitions containing the operating systems. This can become an anxietyproducing task especially when it comes to ensuring subsequent bootup capabilities.
Use the (K)Ubuntu Desktop LiveCD
There are several tools that are required to accomplish partition-manipulation tasks,
including GParted, KDE Partition Manager from newer versions of the Kubuntu LiveCD,
and several Linux commands accomplished from within a Linux command-line terminal.
The SystemRescueCD (http://www.sysresccd.org) (which has been a preferred tool for
many years) has all the required tools (and more), but uses as its operating system
Gentoo Linux instead of Ubuntu Linux (so it may be less familiar to many (K)Ubuntu
users). The Ubuntu Desktop LiveCD (http://ubuntuguide.org
/wiki/Ubuntu:All#Fresh_Installation) (32-bit regular version, Lucid 10.04LTS or later) can
be used instead of SystemRescueCD for most hard disk manipulation tasks, and already
has GParted included on it. (Kubuntu LiveCDs, Natty 11.04 or later, have KDE Partition
Manager (http://sourceforge.net/projects/partitionman) , which works almost identically
to GParted.)
Download and burn (http://ubuntuguide.org/wiki/Ubuntu:All#Fresh_Installation) onto
CD/DVD a copy of the Ubuntu Desktop LiveCD (32-bit regular version, Lucid
10.04LTS or later) or Kubuntu Desktop LiveCD (Natty 11.04 or later).
Boot into the (K)Ubuntu Desktop LiveCD and start it with the "Try (K)Ubuntu" option
(not the "Install" option).
Use GParted to manage partitions
(Note: These instructions can be accomplished in a similar fashion using the KDE
Partition Manager from newer versions of the Kubuntu LiveCD as well.)
27 of 265
Start GParted from the Ubuntu Desktop LiveCD:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Menu -> System -> Administration -> GParted
A graphical display of all the partitions on your hard disk will be shown. If you have
two hard disks on your system, they generally are referenced as /dev/sda and
/dev/sdb (or sometimes /dev/hda and /dev/hdb). GParted works with only one hard
disk at a time. To select which hard disk to work with, choose:
GParted menu -> Devices
Working with GParted is relatively intuitive. However, it is very easy to irreparably
damage your system by undertaking changes without a thorough knowledge of
partitions. It is highly recommended to read this article about multiple operating
systems for an overview. Specifically heed the warnings about using GParted to
change any NTFS partition on which a Windows OS systems resides. Windows has
quirks and peculiarities about its OS partition that is better managed with Windowsspecific tools. (NTFS partitions that do not have a Windows OS on them, however,
can be managed with GParted.)
It is especially important to recognize that deleting or adding a partition will change
the partition numbering scheme (and other partition characteristics) on the hard
drive. This is the major consideration in reorganizing your hard drive. Bootloaders
find and load operating systems based on their partition location, specified by the
partition number on the disk or by a UUID associated with the partition, both of
which can change when creating, changing, or deleting partitions.
GParted only allows changes to partitions that are subsequent to any locked
partitions on a hard drive (locked partitions are designated in GParted with a
key icon.) For this reason, it is best to have any partitions that are rarely likely
to change and/or likely to be locked (e.g. boot partitions, the linux-swap
partition, and Windows partitions that won't be manipulated) closer to the
beginning of the hard drive and to locate Linux partitions that will be
manipulated the most towards the end of the hard drive.
In general, the least problems occur when a test or temporary partition is the
last one on the hard drive. Adding, deleting, or changing the last partition on a
hard disk does not affect any of the preceding partitions, so it is the least
troublesome. Whenever possible, relegate a temporary or test partition
(and its operating system) to be the last partition of the hard drive.
Write down the details of all the partitions displayed in GParted on some scratch
paper, and note any changes that are made by GParted as they are made. In
specific, when GParted changes the designation of a partition (from /dev/sda8 to
/dev/sda7, for example), note this carefully, as this information becomes critical
later in changing bootloader settings.
One linux-swap partition per computer
28 of 265
Only one linux-swap partition is required for computers that will run only one
05/24/2012 08:14 AM
UbuntuGuide Part2 -
operating system at a time. (This does not apply to the special case of virtual
machines, but virtual machines do not use conventional partitions anyway. Virtual
machines are not viewed by a computer as independent operating systems but
instead are viewed as applications running within the primary operating system). If
already present on a hard drive, the linux-swap partition is used by the Ubuntu
LiveCD and therefore locked in GParted. If changes need to be made to the
linux-swap partition itself, therefore, use the GParted LiveCD or SystemRescueCD
instead of the Ubuntu LiveCD (and run GParted from one of them).
When installing, updating, re-arranging, or otherwise any Linux operating system, it
is not necessary to alter the linux-swap partition in any way. The linux-swap
partition is used by all Linux operating systems and is not peculiar to any Linux
distribution. There is no need to recreate it, reformat it, nor change it in any way
(except perhaps its size, which is ideally 2 Gb).
Creating and "moving" free space
There are two places free space ("unallocated space") can exist: within the extended
partition (assuming that one exists) and on the hard disk outside the extended partition.
Moving the free space so that it is inside or outside the extended partition is a skill that
must be mastered in order to successfully manage partitions.
When free space exists outside the extended partition, it can be used to create
or increase the size of any primary partition or the extended partition itself.
When free space exists within the extended partition, it can be used to create
or increase the size of any logical partition within the extended partition.
In addition, the position of free space determines how it can be used. Free space can
only be added to an existing partition if it is next to ("touching") that partition.
Free space can not itself be moved, however. Only partitions can be moved. "Moving free
space" really means that partitions themselves must be moved in such a way that the
free space "ends up" being in the desired location.
Free space can only be created by deleting or shrinking an existing partition. This is
the critical decision in manipulating partitions. Which partition can be shrunk or
deleted safely? (Again, be very careful not to shrink any partition with a Windows
OS on it using Gparted.)
Creating or resizing a partition
GParted can create many types of partitions, including ext4, ext3, NTFS, and FAT32,
which is the majority of partition types that most users will create. It can resize any of
these types of partitions as well. However, resizing an NTFS partition that contains a
Windows OS within it may cause problems with the Windows OS itself. (All NTFS and
FAT32 partitions should also be defragmented before resizing.)
29 of 265
The most important decision will be whether a new partition will be a primary
05/24/2012 08:14 AM
UbuntuGuide Part2 -
partition (to be used for a Windows operating system, for a Windows boot partition,
or for a Grub Legacy boot partition), an extended partition (of which there can only
be one per hard drive), or a logical partition that resides within a pre-existing
extended partition. All Linux partitions can be in logical partitions.
To create or increase the size of a logical partition within the extended
partition, the extended partition itself must already be big enough to
accommodate the new logical partition or its new size. To increase the size of
the extended partition itself, there must be free space available outside the
extended partition and contiguous to it ("touching" it). This requires
manipulating the exsting partitions (by moving them and/or shrinking them)
until the free space is in the necessary position. Once the free space is
contiguous with (and outside) the extended partition, the size of the extended
partition can be increased. This will have the effect of moving the free space
into the extended partition.
Once the free space is within the extended partition, it can be used to create
or increase the size of a logical partition. To increase the size of a logical
partition, the free space must be contiguous to (i.e. "touching") that logical
partition by rearranging the positions of the existing logical partitions within
the extended partition.
Changing Grub Legacy in a boot partition
When partitions have been moved, added, or deleted, the position and designation of all
partitions on a hard drive may change. For example, if the /dev/sda7 partition is deleted,
a partition that previously was designated as /dev/sda8 will now become /dev/sda7.
Grub Legacy (sometimes used in a freestanding boot partition) often boots operating
systems by referring to the partition (in which the OS is located) by its position on the
hard drive. In Grub Legacy, the position /dev/sda7 is referred to as (hd0,6), for example,
and /dev/sdb2 is referred to as (hd1,1).
After manipulating partitions on a hard disk, therefore, the main Grub Legacy menu.lst
(that resides on the boot partition) needs to be edited. This can be done by starting a
command-line terminal from the Ubuntu LiveCD:
Then follow the instructions here.
Changing Grub2 in a changed partition
Note: This section is being edited.
The hardest thing to do is to change Grub or Grub Legacy that exists within a partition
that has been changed or moved. If that partition uses Grub2, then the Grub2 bootloader
within that partition can be reconstructed using the Ubuntu LiveCD and then stored
within that partition once again.
30 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
For example, if a (K)Ubuntu operating system (Karmic 9.10 or later) has been moved
from /dev/sda8 and now resides at /dev/sda7, Grub2 can be reinstalled on that partition
for the (K)Ubuntu operating system there using the Ubuntu LiveCD. Open the
command-line terminal from the Ubuntu LiveCD:
and use the command:
sudo grub-install /dev/sda7
Booting (K)Ubuntu manually from Grub Legacy
When a partition has been changed whose operating system contains a Grub2
bootloader, the Grub2 bootloader might no longer function. If, however, a Grub Legacy
bootloader has been previously installed in its own boot partition on the system (as is
recommended here), the Grub Legacy bootloader can be used to manually boot the
operating system. (Once the operating system has been manually booted, Grub2 can
then be reconstructed from within the running OS.)
Reboot the computer without using the Ubuntu LiveCD. When the Grub Legacy
menu appears, enter the Grub Legacy command line (using the command c ):
In newer versions of (K)Ubuntu there are symbolic links to the current kernel files, so the
following commands can be entered at the grub prompt (the example assumes the OS is
in the partition at /dev/sda7):
grub>
grub>
grub>
grub>
root (hd0,6)
kernel /vmlinuz root=/dev/sda7 ro
initrd /initrd.img
boot
In newer versions of (K)Ubuntu, the following commands can also be used (if the
core.img has not been changed during updates):
grub> root (hd0,6)
grub> kernel /boot/grub/core.img
grub> boot
Once the OS has successfully booted, the Grub2 bootloader within it can be
reconstructed using the instructions here.
Discovering the current kernel files manually
In older versions of (K)Ubuntu, symbolic links were not included to the current kernel
files. For those versions, the kernel files must be discovered and then entered into the
Grub Legacy command line manually.
31 of 265
Discover the current kernel used by the OS. Using the Ubuntu LiveCD, open a
05/24/2012 08:14 AM
UbuntuGuide Part2 -
command-line Terminal:
If the designation of the partition is currently /dev/sda7, create a mount point for the
partition. Use ext4 if the partition uses an ext4 filesystem or ext3 if it uses an ext3
filesystem. If you are unsure about the partition's filesystem type or designation, use
GParted from the Ubuntu LiveCD to find out.
sudo mkdir /media/sda7
sudo mount -t ext4 /dev/sda7 /media/sda7
cd /media/sda7/boot
ls
Write down the most recent vmlinuz and initrd files listed there. As an example, the
latest files may be vmlinuz-2.6.32-21-generic and initrd.img-2.6.32-21-generic
Reboot the system and at the Grub Legacy menu, enter the Grub Legacy command
line (using the command c ). then enter the commands at the grub prompt:
grub>
grub>
grub>
grub>
root (hd0,6)
kernel /boot/vmlinuz-2.6.32-21-generic root=/dev/sda7 ro
initrd /boot/initrd.img-2.6.32-21-generic
boot
Once the operating system has successfully booted, Grub2 can be reconfigured
using the instructions here.
Changing Grub Legacy in a changed partition
Generally, only versions of (K)Ubuntu prior to Karmic use Grub Legacy by default. (Only
Hardy and Dapper are still supported.) The local Grub Legacy menu.lst of one of these
versions must be edited manually, using the instructions here.
Virtualbox (by Sun) has some advantages and disadvantages. There is a free proprietary
edition as well as a subscription-based enterprise edition. The free edition only allows
usage of a 32-bit operating system (as the guest OS) whereas the subscription edition
allows a 64-bit guest OS. (Both require registration.) There is also has a free open source
edition, but this is not easy to install in Windows (unlike in Linux). Virtualbox is available
for all operating system platforms, and therefore a virtual machine created in one
operating system (Windows, Apple, Linux) can be used in another. Furthermore, it is
possible to convert virtual machines created in Virtualbox to VMWare and vice versa.
I find both the installation process and the interface for Virtualbox quite user friendly (as
I do VMWare). So far I have had few difficulties with Virtualbox and recommend it.
32 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Install Virtualbox in Windows
Obtain and download a copy of the Virtualbox (binary) installer for your (Windows)
operating system here (http://www.virtualbox.org/wiki/Downloads) .
Install the program, following the prompts.
Start Virtualbox
Start menu -> Programs -> Sun Virtualbox -> Virtualbox
(Optional: Of course, if you would like Virtualbox to start every time you run Windows,
you can copy the Virtualbox shortcut into the Start menu -> Programs -> Startup folder.)
Create a new virtual machine:
Virtualbox -> New -> Next ->
Name: UbuntuVirtualServer
Operating System: Linux
Version: Ubuntu
-> Next -> Memory: Base memory size: 1024 Mb
Note: Use the amount of RAM for the virtual machine that you can afford. Linux
requires less memory to run than does Windows, but the amount of RAM that you
dedicate to the virtual machine in this step will not be available to the Windows
host. On my laptop, I have 3 Gb RAM, so I dedicate 1024 Mb (1 Gb) to the virtual
machine in this step and leave 2 Gb for Windows. You should always leave at least 1
Gb RAM for Windows (or it will run painfully slowly). Linux is able to run with only
512 Mb in server mode or 1 Gb in desktop mode (perhaps even less).
-> Next -> Virtual Hard Disk ->
Boot Hard Disk (Primary Master): (ticked)
Create new hard disk: (ticked)
-> Next -> Next -> Hard disk storage type:Dynamically expanding storage:
(ticked)
-> Next -> Virtual Disk Location and Size:
Location: UbuntuVirtualServer
Size: 8.00 GB
Note: Use whatever size you can afford in Windows. This will take space from your hard
drive (so make sure it is available to begin with). A Linux server can easily run in 8 GB,
but if you plan to run a GUI desktop in addition (the Ubuntu desktop or Kubuntu desktop,
for example), you should consider making this between 10 -20 GB. However, because
you have chosen the dynamically expanding storage in the preceding step, the virtual
machine will automatically expand storage later if you guess wrong here. (I usually just
accept 8 GB.)
-> Finish.
Now you will have a new virtual machine. You can create multiple virtual machines, in
33 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
this fashion. If you desire, you can run each new virtual machine simultaneously (if you
have enough RAM and hard drive resources).
Install Ubuntu edition for virtual machines
There is a version of the Ubuntu server that is optimised for usage within a virtual
machine. It is provided on the Ubuntu Server edition LiveCD. The LiveCD image (.iso)
found here (http://www.ubuntu.com/getubuntu/download-server) can be downloaded
onto your hard drive. It can then be installed directly into your virtual machine from the
hard drive. Alternatively, you can also burn the .iso image onto a CD and install Ubuntu
Server into the virtual machine from the CD. Both methods work identically during the
Ubuntu Server installation process.
The free version of Virtualbox only allows the use of a 32-bit operating system as a guest
OS, so you should download the 32-bit Ubuntu server (.iso) image.
Start the virtual machine you created in the previous step.
Virtualbox -> Ubuntu Virtual Server (highlighted) -> Start
The "First Run Wizard" will prompt for the location of the installation disk -> Next ->
CD/DVD-ROM device (ticked) ->
Media Source:
select the CD-ROM drive (if you burned the LiveCD (.iso) image onto a physical
CD), or
browse for the folder where you stored the (.iso) image onto your hard drive (if
you did not burn it to a physical CD)
-> Next ->
Install Ubuntu server virtual machine edition:
The First Run Wizard will automatically start the LiveCD from the location you indicated,
and you will see the Ubuntu Server LiveCD screen.
34 of 265
Choose language: English ->
Important: note this step carefully! Select the minimal virtual machine
installation mode:
* Click the F4 (modes) key -> Install a minimal virtual machine ->
Install Ubuntu Server
Select your installation options. When asked about partitioning, use the guided
partitioning method and use the entire disk. This uses the entire virtual machine
disk (which is 8 GB or whatever size you created when creating the virtual
machine), not the entire physical hard drive disk.
Finish the remainder of the Ubuntu server installation. At the conclusion the Ubuntu
system will automatically reboot within the virtual machine. When it restarts, you
will then have a fully function Ubuntu Server within the virtual machine.
Immediately update the operating system:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo apt-get update
Install a desktop
This is a decision that is difficult to make. Having an Ubuntu or Kubuntu GUI desktop is
nice, but it also slows down the virtual machine server considerably and takes a large
chunk of the 8.00 GB virtual disk (which may need to be dynamically expanded and
thereby occupy more space on your hard-drive).
If you intend to use many of the features of Ubuntu or Kubuntu, this is worthwhile. Install
a desktop:
or
After all the packages are installed, restart the OS within the virtual machine and
you should now boot into the GUI desktop.
Install Linux Guest Additions
If you have installed a (K)ubuntu desktop, you will definitely need this for functionality.
There are quirks. A general introduction is found at the VirtualBox Manual
(http://www.virtualbox.org/manual/UserManual.html#id2507643) . The Guest Additions
are contained within the VBoxGuestAdditions.iso CD image file contained within the
VirtualBox installation folder (on my Windows system it is in the C:\Program Files\Sun
\VirtualBox folder). (If there are errors using this file, it must be copied to a neutral
location (such the Documents folder) and used from there.)
Mount the VBoxGuestAdditions.iso as a virtual CD-ROM device (for the virtual
machine you have created in the preceding steps). (The virtual machine must be
stopped while doing this).
VirtualBox -> Machine -> Settings -> Storage
-> Add CD/DVD Device (CD icon with green + sign) -> Atrributes -> CD/DVD Device:
VBoxGuestAdditions.iso
Start the virtual machine.
From a command-line terminal (Terminal in Ubuntu or Konsole in Kubuntu), change
to the CD-ROM/DVD directory:
cd /media/cdrom0
35 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Install prerequisites:
sudo apt-get install dkms
Run the Guest Additions binary:
sudo ./VBoxGuesatAdditions-Linux-x86.run
(If you are using a 64-bit edition of Ubuntu as a guest OS, see the VirtualBox Manual
(http://www.virtualbox.org/manual/UserManual.html#id2507643) for additional
instructions. Because this is not an option with free versions of VirtualBox, I will not
discuss it here).
Once the installation is complete, you can unmount the VBoxGuestAdditions.iso as a
virtual CD. (The virtual machine must be stopped while doing this).
VirtualBox -> Machine -> Settings -> Storage -> Storage Tree
-> VBoxGuestAdditions.iso -> Removes the attachment highlighted in the Storage
Tree (CD icon with green - sign) -> Remove
Creating shared folders
This is a folder on your Windows host that will be shared with the Ubuntu virtual
machine. An extremely nice feature. The GuestAdditions must be installed to use this
feature. See the VirtualBox manual on Shared folders (http://www.virtualbox.org/manual
/UserManual.html#sharedfolders) for more information.
With the virtual machine stopped, designate a shared folder. In my example I use a
folder in Windows that is already commonly shared (C:\Users\Public\Documents).
VirtualBox -> Machine -> Settings -> General -> Shared Folders
-> Add Shared Folders (Ins) (Folder icon with a + symbol)
-> Folder Path: Other -> C:\Users\Public\Documents
-> Folder Name: PublicDocuments
Start the virtual machine.
Create a folder that will be associated with the shared Windows folder:
sudo mkdir /media/windows-shared
Test that the Windows shared folder can be mounted:
sudo mount -t vboxsf PublicDocuments /media/windows-shared
36 of 265
If there are no errors, then ensure the shared folder is mounted at every bootup of
the virtual machine. Edit the /etc/fstab file:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
(you can used gedit in Ubuntu or kate in Kubuntu instead of nano, if you'd like).
Add the line:
PublicDocuments /media/windows-shared vboxsf defaults 0 0
Reboot the virtual machine (sudo reboot).
Access /media/windows-shared just like any other folder (from Nautilus or Dolphin,
for example) within the virtual machine.
Access C:\Users\Public\Documents just like any other folder in the Windows host.
Android emulation
Android SDK emulator
Android SDK for Linux (http://developer.android.com/sdk/index.html) is a 32-bit Android
emulator/software development kit. It incorporates a QEMU virtual machine framework
as part of its installation. It provides a fully functional Android environment and apps can
be installed from (and run within) the emulator.
Install the pre-requisites:
sudo apt-get install ia32-libs default-jre
Note: ia32-libs is only needed on a 64-bit system. default-jre will also install
open-jdk6-jre.
Download the Android SDK (e.g. android-skd_r18-linux.tgz from here
(http://developer.android.com/sdk/index.html) and extract it (using Ark, for
example) to its default folder ~/android-sdk-linux/ (i.e. /home/user/androidsdk-linux/):
wget http://dl.google.com/android/android-sdk_r18-linux.tgz
tar xvf android-skd_r18-linux.tgz
Add the /home/user/android-sdk-linux/tools and /home/user/android-sdk-linux
/platform-tools/ directories to the PATH for the user (or for the system) by editing
/home/user/.profile (or /etc/profile for system-wide use):
sudo nano /home/user/.profile
37 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
and adding this line at the end:
export PATH=/home/user/android-sdk-linux/tools/:/home/user/android-sdk-linux/platform-tools/:$PATH
Save the file and then log out/log in (or reboot if changes were made to the system-wide
config file).
Change to the /home/user/android-sdk-linux/tools directory and start the Android
SDK Manager:
cd /home/user/android-sdk-linux/tools
./android
Install the "Tools" by ticking the appropriate boxes -> Install Packages
Choose which Android version to emulate and install it.
Android SDK Manager -> Android 4.0.3 (API 15) (ticked) -> Install packages
Still within the Android SDK Manager, create a virtual machine ("AVD") with the
desired Android system in it. The WXGA800 skin gives a widescreen (tablet)
appearance:
Android SDK Manager -> Tools -> Manage AVDs -> New
-> Name: Android4 -> Target: Android 4.0.3 - API Level 15 -> Size (of virtual
SDcard): 2 Gb -> Skin: Built-in: WXGA800 -> Hardware: Device ram size (in Mb):
<click> on 1024 -> 512
-> Create AVD
At the time of the creation of the virtual machine it is possible to adjust the amount
of RAM dedicated to your device (I personally only dedicate 384 Mb) or leave it at
the default of 1024 Mb if your system has plenty of RAM.
Close the Android SDK Manager. Now the new Android virtual machine can be
started from the command line terminal. (This command can also be added to a
menu item.)
emulator -avd Android4
where Android4 is the name of the virtual machine created in the previous step.
On less powerful computers, the startup of the emulator can be slow. Be patient.
Networking for Android SDK
Networking from the Android SDK virtual machine to my host computer's wired Ethernet
connection was transparent upon installation. I required no additional configuration and
all networking functions were operational.
38 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Installing an app
Once the Android emulator SDK is installed, install an app using these ADB
instructions (http://developer.android.com/guide/developing/tools/adb.html) or
directly from within an app marketplace (including Amazon App marketplace
(http://www.amazon.com/gp/feature.html?ie=UTF8&docId=1000626391&
ref=mas_gs) or F-Droid (http://f-droid.org/repository/browse/) ). The apps I tested
(such as Words with Fiends) work without problems.
Netflix Android App
A Netflix app for the Android market is available here (https://market.android.com
/details?id=com.netflix.mediaclient) or through the Amazon App marketplace
(http://www.amazon.com/gp/feature.html?ie=UTF8&docId=1000626391&ref=mas_gs) .
The Netflix app requires Android 2.3 or later. In my Android 4.0.3 emulator the Netflix
app successfully downloads and installs (through the Amazon App marketplace) and I am
able to login to my account.
Other references
A graphical installation guide Softpedia (http://news.softpedia.com/news/Howto-Run-Android-Applications-on-Ubuntu-115152.shtml) (2009).
Android-x86 in VirtualBox
In Virtualbox (or QEMU, VMWare, or other virtual environment), install Android-x86
(http://www.android-x86.org/documents/installhowto) using the installer burned to a CD
or USB drive. Details:
From your favorite package manager (Muon, Synaptic, etc.) you can install the
package virtualbox-qt, or from the command line:
sudo apt-get install virtualbox-qt
Both the proprietary binary for VirtualBox and the necessary dependency
virtualbox-dkms will be installed at the same time.
39 of 265
Download a version of the Android-x86 image (.iso) from here (http://www.androidx86.org/download) . I used the latest version for ASUS (eee) Netbooks.
Start VirtualBox:
Menu -> Utilities -> VirtualBox
Create a new Virtual Machine for the Android x-86 OS:
VirtualBox -> New -> Next -> Name: Android -> OS Type: Operating System: Linux
-> Version: Linux 2.6
05/24/2012 08:14 AM
UbuntuGuide Part2 -
-> Next -> Base Memory Size: 512 Mb -> Next -> Virtual hard disk: Create new hard
disk -> Next
-> File type: VDI -> Next -> Storage details: Dynamically allocated -> Next ->
Location: Android
-> Size: 8 Gb -> Summary: Create
Tweak the VirtualBox Settings so that mouse capture is enabled for the newly
created Android virtual machine. (Without this step you will not be able to use the
mouse (or touchpad) in Android.):
Virtualbox -> Settings -> System -> Enable absolute pointing device (unticked)
Choose the downloaded Android-x86 (.iso) as a virtual CD-ROM to be used by
VirtualBox:
VirtualBox -> Settings -> Storage -> Storage Tree: CD icon (Empty)
-> CD icon: Choose a virtual CD/DVD disk file ...
-> (click on the name of the downloaded android-x86-4.0-eeepc.iso file) -> Ok
Start the installation of android-x86 in the VirtualBox virtual machine:
VirtualBox -> Start --> Installation -- Install Android-x86 to hard disk
-> Choose Partition: Create/Modify partitions -> Ok -> New -> Primary -> Size (in
MB): 8588
-> Bootable -> Write -> Are you sure you want to write the partition table to disk?
(yes or no): yes -> <Enter>
-> Quit -> Please select a partition to install Android-x86: sda1 LINUX VBOX
HARDDISK -> OK ->
-> Choose filesystem: ext3 -> OK -> Are you sure to format the partition sda1? ->
Yes
-> Do you want to install bootloader GRUB? -> Yes -> Do you want to install /system
as read-write? (yes or no)
Note: the partition in this step is not on your physical hard drive but is entirely within the
virtual hard drive created in the previous step. You will not erase anything on your
physical hard drive during this step; only the contents within the virtual hard drive are at
stake (and to your physical hard drive, the virtual hard drive appears only as an 8 Gb
file). There is no danger of harming your hard drive no matter what you do here! During
installation of the Android OS, it makes sense to use the entire space of the newly
created virtual hard drive (8 Gb if following the instructions outlined above) for the
Android OS.
Once the installation is complete ("Congratulations! Android-x386 is installed
successfully")
-> Run Android-x86
During the first run, you can use the TAB button to navigate between options, or by
clicking on the Android virtual machine window, you can "capture" the mouse (a blue
pointer should appear) for use by the Android virtual machine. To return to the (K)Ubuntu
40 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
normal (white) mouse pointer, use the Right-Ctrl button.
-> Start -> (setup initial options as desired)
After completing the initial Android setup, shutdown the Android virtual machine
and tweak the VirtualBox settings so that the virtual CD-ROM no longer uses the
Android-x86.iso virtual CD:
VirtualBox -> Machine -> Close -> Power off the machine
-> Settings -> Storage -> CD-ROM icon (click) -> Host Drive DVD RW (select your
physical CD/DVD drive, which should be listed) -> Passthrough ('ticked') -> OK
The Android-x86 website says that only Soundblaster 16 works as a VirtualBox
soundcard for Android, so change the Audio settings for VirtualBox:
VirtualBox -> Settings -> Audio -> Audio controller: Soundblaster 16
Now when you Start the Android virtual machine, it should boot straight into
Android.
Networking for Android-x86
41 of 265
These instructions were tested using the android-x86-4.0-RC1-eeepc version of
Android-x86 and were adapted from those given here (http://code.google.com
/p/live-android/wiki/networkhowto) .
The Android OS only uses wireless networking (since no Android device has a wired
Ethernet adapter or socket). This can be linked to the (K)Ubuntu host's wireless
adapter using either the NAT or Bridged networking modes of VirtualBox.
If your (K)Ubuntu host only has a wired ethernet connection, then you will use the
eth0 connection within Android. In the Networking settings (Virtualbox -> Settings
-> Network -> Attached to:) you can use NAT or Bridged Adapter (eth0) but if you
intend to use any server functions from Android, you must use the Bridged Adapter
(eth0), so in general this is recommended. Start the Android virtual machine.
Make sure the host computer's firewall is off while testing connections.
Once the Android system has fully booted within the virtual machine, go to the root
command-line using <ALT>-<F1>.
The command line can also be reached through the Terminal Emulator:
Android -> Home icon -> App menu icon -> Terminal Emulator
You may then need to become the superuser from the command-line: su
(This step may be optional and is suggested only if needed for troubleshooting.
It is necessary if using the "route add" command in the next step.) From the
command line, enable the wired networking port using ifconfig. Use an unused
IP address on the main LAN:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
ifconfig eth0 192.168.0.59
(This step may be optional and is suggested only if needed for
troubleshooting.) For the eth0 connection set a route to the default gateway
(this should be the IP address of your router / DHCP server on your LAN):
route add default gw 192.168.0.1 dev eth0
For some reason, my connection would not work unless a DHCP connection is
enabled:
netcfg eth0 dhcp
Test to make sure traffic is reaching the router:
ping 192.168.0.1
Set a DNS provider (examples are 8.8.8.8 for Google, 8.26.56.26 for Comodo,
and 206.67.222.222 for OpenDNS).
setprop net.dns1 8.8.8.8
Return to the Android environment using <ALT>-<F7>.
Following these steps, start the Browser. If you get a webpage, then the connection
works. If not, make sure all firewalls are off (for your VirtualBox host) while testing
your setup.
Troubleshooting Android-x86 networking
Android is oriented towards wireless connections. The Android-x86 emulator does
not include the tools to do network bridging between the virtual wireless
connections and the wired connection (methods of which are discussed here
(http://forums.fedoraforum.org/showthread.php?t=231374) ). With a simple wlan0
(or in the virtual environment ifb1) to eth0 bridge, all the networking functions of
the Android environment could be enabled. Please write to the developer of
Android-x86 requesting this.
Installing apps
See Install an app in Android-x86 (http://www.android-x86.org/documents
/apphowto) .
Other Android Virtual Machines
42 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
See this Android v4 VM (http://www.vmlite.com/index.php?option=com_kunena&
Itemid=158&func=view&catid=9&id=8838) .
Screencasts
Creating screencasts (screencapture)
Several methods for creating screencasts in (K)Ubuntu Linux exist.
FFMPEG with x11grab
Recent versions of FFMPEG include x11grab, a module for screen capture. This method
gives the best results for screencaptures and is one of the the most flexible methods,
allowing a variety of audio inputs and audiovisual output formats.
Run FFMPEG with x11grab
The command for 2 channel audio recording using the ALSA input is:
ffmpeg -f alsa -ac 2 -ab 192k -i pulse -f x11grab -s 1024x768 -r 30 -i :0.0 -acodec pcm_s16le -vcodec libx264 -vpre loss
The order of the options is important (since some options override others). -f alsa
indicates the alsa audio input (an alternative is oss). -ac 2 indicates 2 channel recording
(use -ac 1 for mono). -ab 192k means 192 kb/sec audio, which may be too high for your
needs. (128k is average). -i pulse indicates to use Pulse Audio (assuming you have it set
up) for audio input. -i :0.0 means to capture screen 0.0 (the primary screen). -acodec
pcm_s16le means to save with lossless 16-bit audio encoding (which gives a large file).
You can use another audio format (such as libmp3lame) here if you wish, or re-encode
later when you do processing/convert to your final desired format. Also see the FFMPEG
x11grab documentation (http://ffmpeg.mplayerhq.hu/ffmpeg.html#SEC18) for other
options.
You can also capture to a video codec other than libx264 (although without the
corresponding quality of H.264/X264). In a command terminal, type ffmpeg -formats E to
see which video codecs your version of FFMPEG supports. For example, to create an .avi
file with an XVID video codec and an Mp3 audio codec, use the command:
ffmpeg -f alsa -ac 2 -ab 128k -i pulse -f x11grab -s 1024x768 -r 30 -i :0.0 -acodec libmp3lame -vcodec mpeg4 -vtag xvid
However, I find the quality to be far superior if the capture is done in H.264/X264 and
then converted to the (much smaller and more universal) XVID format in a separate step
afterwards.
43 of 265
Of course, the command can be used as a Menu item. When creating a Menu
item, make sure the "Advanced -> Run in terminal" box is ticked.
05/24/2012 08:14 AM
UbuntuGuide Part2 -
To stop the recording, enter "CTRL-C" (or "q" in earlier versions) in the terminal
window in which FFMPEG/x11grab is running.
If you have xwininfo installed (installed already in Debian/(K)Ubuntu), you can
replace
-s 1024x768
with
-s $(xwininfo -root | awk '/geometry/ {print $2}')
in order to automatically capture whatever-sized screen you have. The command
would then be:
ffmpeg -f alsa -ac 2 -ab 192k -i pulse -f x11grab -s $(xwininfo -root | awk '/geometry/ {print $2}') -r 30 -i :0.0 -acod
A benefit of using Pulse Audio is that several inputs can be combined, allowing both
microphone input and music input, for example. The relative volumes can be
controlled using Pulse Audio Volume Control (sudo apt-get install pavucontrol).
If you do not have Pulse Audio installed, you can capture from the primary audio
input card by replacing
-i pulse
with
-i hw:0,0
or
-i /dev/dsp
It is possible to record only part of the screen by specifying an offset from the upper
left corner of the screen. Use the option :0.0+10,20 where 10 is an example of a
x-offset from the left of the screen and 20 is an example of the Y offset from the top
of the screen. Also specify the size of the area to recorded, for example -s 320x240.
A complete command might then be
ffmpeg -f alsa -ac 2 -ab 128k -i pulse -f x11grab -s 320x240 -r 30 -i :0.0+10,20 -acodec libmp3lame -vcodec mpeg4 -vtag
44 of 265
After completing the screencapture, you can then edit and convert it to the desired
final format, using FFMPEG (perhaps with the WinFF GUI), mencoder (with or without
a front-end such as Avidemux), or a standalone video editor. Some examples of
05/24/2012 08:14 AM
UbuntuGuide Part2 -
conversion methods are here.
A video of this procedure is here on YouTube (https://www.youtube.com
/watch?v=quqL_lAETdI) .
kX11grab
kX11grab is the KDE version of QtX11grab (http://qx11grab.hjcms.de/) , a frontend for
FFMPEG/x11grab screengrabs. It is in alpha stage and does not yet work well.
Install kx11grab:
sudo apt-get install kx11grab
Start kX11grab:
K menu -> Utilities -> kx11grab
Install the newest version of FFMPEG with x11grab
Older repository-supplied versions of FFMPEG did not have X11grab nor X264
support in them. If you have a very old installation, you can install the newest
version of FFMPEG and X264 using the instructions from this thread
Note: The current, updated versions of FFMPEG in Lucid, Maverick, and Natty are all
compiled with x11grab and X264 capabilities. On my Lucid machine, X264 version 85 is
already installed, and on Natty, version 106 is already installed. The newest version of
X264 (as of 8-2011) is version 116.
If you want the most current version of FFMPEG and the H.264 / X264 video codec,
however, then compile and install new versions using these instructions
(http://ubuntuforums.org/showthread.php?t=786095) (recreated here).
Uninstall x264, libx264-dev, and ffmpeg:
sudo apt-get remove ffmpeg x264 libx264-dev
Install dependencies needed for retrieving, compiling, and running the new
versions (you may need to ensure the Universe and Multiverse repositories are
enabled):
sudo
sudo
sudo
sudo
sudo
45 of 265
apt-get
apt-get
apt-get
apt-get
apt-get
update
install
install
install
install
build-essential checkinstall git libfaac-dev libjack-jackd2-dev
libmp3lame-dev libopencore-amrnb-dev libopencore-amrwb-dev libsdl1.2-dev libtheora-dev
libva-dev libvdpau-dev libvorbis-dev libx11-dev libxfixes-dev libxvidcore-dev texi2html
yasm zlib1g-dev
Retrieve, compile, and install a new version of the X264 video codec
05/24/2012 08:14 AM
UbuntuGuide Part2 -
(http://www.videolan.org/developers/x264.html) from VideoLAN (makers of
VLC). (Note: Ubuntu normally installs x264 in /usr/bin/x264.):
cd
git clone git://git.videolan.org/x264
cd x264
./configure --enable-static
make
sudo checkinstall --pkgname=x264 --pkgversion="3:$(./version.sh|awk -F'[" ]' '/POINT/{print $4"+git"$5}')" --backup=no -
Note: Git uses port 9418 by default. Make sure the Git port is unblocked in your
firewall. The last command will build a .deb package named something similar
to /home/user/x264/x264_0.116.2074+git2641b9e-1_i386.deb. The installed
package can be removed later, if desired, using dpkg -r x264.
Retrieve, compile, and install a recent version of FFMPEG. (Note: Ubuntu
normally installs FFMPEG in /usr/bin/ffmpeg and related modules in /usr/bin
/ffplay, /usr/bin/ffprobe, /usr/bin/ffserver, and /usr/bin/qt-faststart.):
cd
git clone git://git.videolan.org/ffmpeg
cd ffmpeg
./configure --enable-gpl --enable-libfaac --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --en
make
sudo checkinstall --pkgname=ffmpeg --pkgversion="5:$(date +%Y%m%d%H%M)-git" --backup=no --deldoc=yes --fstrans=no --defa
hash x264 ffmpeg ffplay ffprobe
Note: Git uses port 9418 by default. Make sure the Git port is unblocked in your
firewall. The second-to-last command will build a .deb package named
something similar to /home/user/ffmpeg/ffmpeg_201109031233git-1_i386.deb. The installed package can be removed later, if desired, using
dpkg -r ffmpeg.
Some programs may expect ffmpeg to be in /usr/bin, so create a symbolic link:
sudo ln -s /home/user/ffmpeg/ffmpeg /usr/bin/ffmpeg
Add a webcam to a screencast
46 of 265
To show your webcam in your screencast, install one of three webcam applications:
Cheese (http://projects.gnome.org/cheese/) (sudo apt-get install cheese) is a
Gnome-based webcam application with many options and a re-sizable window.
Kamoso (http://kde-apps.org/content/show.php/Kamoso?content=111750)
(sudo apt-get install kamoso) is a KDE-based webcam application.
Xawtv (http://git.linuxtv.org/xawtv4.git) (sudo apt-get install xawtv) is a
Gtk-based application. Because the Xawtv window can be arranged so that
only the webcam image is shown, it is my favorite webcam display for
screencasts. (Click on "X" in the window bar -> Advanced -> No Border (ticked)
.)
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Any of these applications can be used in (K)Ubuntu.
Start the desired application until your webcam is showing. Position the webcam image
on your desktop as desired. Now start your screencapture and the webcam window will
be included.
Record microphone and speaker output simultaneously
This example assumes Pulse Audio is installed on the system. This was tested on Natty.
Make sure PulseAudio Volume Control is installed:
sudo apt-get install pavucontrol
Start FFMPEG/x11grab as above:
ffmpeg -f alsa -ac 2 -ab 192k -i pulse -f x11grab -s $(xwininfo -root | awk '/geometry/ {print $2}') -r 30 -i :0.0 -acod
Start an audio application (such as Audacious, Amarok, Rhythmbox, etc.) so that
some audio output is playing through the speakers.
Start PulseAudio Volume Control:
Menu -> Multimedia -> PulseAudio Volume Control
Select as an input "Monitor of Internal Audio Analog Stereo":
PulseAudio Volume Control -> Input Devices -> Show: All Input Devices
-> Make sure Monitor of Internal Audio Analog Stereo is not muted (click on
speaker icon)
Make sure your microphone is plugged in.
Select as an input "Internal Audio Analog Stereo: Analog Microphone":
PulseAudio Volume Control -> Input Devices -> Show: All Input Devices
-> Make sure "Monitor of Internal Audio Analog Stereo: Port: Analog
Microphone " is not muted (click on speaker icon)
Make sure the "Internal Audio Analog Stereo" device is selected for the ALSA plug-in
[ffmpeg] application:
PulseAudio Volume Control -> Recording -> ALSA plug-in [ffmpeg]: ALSA
capture from: Internal Audio Analog Stereo
recordMyDesktop
47 of 265
gtk-recordMyDesktop -- a one-step solution. Audio can be captured as well,
including through the microphone (whichever inputs are enabled in the mixer/pulse
audio system will be captured). Even a virtual machine like VirtualBox can send its
05/24/2012 08:14 AM
UbuntuGuide Part2 -
audio through the Pulse Audio system, so it can also be captured. The recorded .ogv
file can then be converted to a Flash video (.flv) with:
mencoder -ovc lavc -ofps 30 -oac mp3lame -af volnorm=1:0.5 your_file.ogv -o your_file.flv
or to an .avi (for use with Avidemux, for example):
mencoder -ovc lavc -ofps 30 -oac mp3lame -af volnorm=1:0.5 your_file.ogv -o your_file.avi
If mencoder is not installed:
sudo apt-get install mencoder
xvidcap with Audacity
Screencasts in Ubuntu (http://screencasts.ubuntu.com/Creating_Screencasts) -record video from a virtual (QEMU) desktop using xvidcap, then record audio using
Audacity, then put them together using Avidemux. Any virtual desktop (Virtualbox,
VMWare) could be used instead of QEMU.
Using VNC to capture another computer's screen
Hybrid Linux/Windows method (http://www.youtube.com/watch?v=NwNZDeB1k8s) -a YouTube video using two computers connected by VNC.
Troubleshooting tips
A method that has worked for me in the past is the method described using Avidemux. I
use either gtk-recordMyDesktop or xvidcap to capture the video, as above (saving as an
.avi). The problem for me is that Avidemux is rather particular about the audio formats it
will accept. I have found that it will not accept many mp3 files (depending on the codec
originally used to create the mp3 file). However, I have found that if I import any mp3 file
into Audacity and then re-export it as an mp3, Audacity will re-encode it with a codec
(libmp3lame) that Avidemux likes.
I can therefore combine the .avi video with the .mp3 audio (created by Audacity) using
Avidemux.
Screencasts in Windows
Some users will run (K)Ubuntu in a virtual machine (VirtualBox, VMWare, QEMU) in
Windows. For those users who wish to record a screencast, there are two good open
source screen recording utilities:
48 of 265
CamStudio (http://camstudio.org/) -- works similarly to gtk-recordMyDesktop, with
capabilities of converting to Flash videos (.flv and .swf). Records audio and video
05/24/2012 08:14 AM
UbuntuGuide Part2 -
with options for annotation and other effects.
Wink (http://www.debugmode.com/wink/) -- essentially a screen capture, it is good
for animations with each frame individually constructed. It can output to a video file,
including Flash videos.
Examples
Exercise: Slideshow with audio track
This may seem a bit cumbersome, but it works for me. If you have a better method
please add it! (Note: I now use the FFMPEG with x11grab method at the top of this page.
This method below was how I originally did it.)
Gwenview is installed by default in Kubuntu. I then install Avidemux, Audacity,
gtk-recordMyDesktop, mencoder, ffmpeg, and kubuntu-restricted-extras.
Start gtk-recordMyDesktop but do not use the sound recording portion (leave the
Sound Quality box unticked). I find that gtk-recordMyDesktop audio recording is
choppy and therefore less than desirable for me (even on my dual-core 64-bit
system with 3 Gb RAM).
Start Gwenview and find the folder with your pics that will be made into a slideshow.
Start gtk-recordMyDesktop recording and the start the slideshow (Gwenview ->
View - Start Slideshow). Record until all the slides have displayed. Then stop
gtk-recordMyDesktop recording. The file will be saved as an .ogv file (such as
MyRecordedFile.ogv).
Convert the .ogv file to an .avi file:
mencoder -ovc lavc -ofps 30 -oac mp3lame -af volnorm=1:0.5 MyRecordedFile.ogv -o MyRecordedFile.avi
Create your soundtrack from mp3's or recorded files using Audacity.
If you wish to join several mp3 files into a single mp3, you can concatenate
them:
cat File1.mp3 File2.mp3 File3.mp3 > CombinedFile.mp3
Import the mp3 file into Audacity and edit as desired. Export the resulting edited file into
a new mp3 file (such as MyAudacitySoundtrackFile.mp3). Even if you make no edits, you
should re-export every mp3 using Audacity because Avidemux doesn't always recognize
the codecs originally used to create many mp3s (but it always recognizes the mp3s
exported by Audacity).
49 of 265
Open Avidemux. Open your video file (Avidemux -> File -> Open ->
MyRecordedFile.avi).
05/24/2012 08:14 AM
UbuntuGuide Part2 -
If you wish to trim the file, move the A and B markers to the beginning and end
of the desired segment.
Add the soundtrack you created with Audacity. (Avidemux -> Audio -> Main Track ...
-> Audio Source: External MP3 -> External File: MyAudacitySoundtrackFile.mp3)
Save the file with the new soundtrack. (Avidemux -> File -> Save -> Save Video...
-> MyNewCombinedFile.avi)
This file can be uploaded directly to YouTub or other sites, or you can convert it into a
Flash video:
mencoder -ovc lavc -ofps 30 -oac mp3lame -af volnorm=1:0.5 MyNewCombinedFile.avi -o MyNewCombinedFile.flv
Conversion / Editing
See Video conversion.
Video Conversion
Introduction
There are lots of video and audio codecs and lots of methods and preferences for
converting between formats. These are only some basic examples. A good deal of trial
and error is often required for successful video conversion.
Mencoder and ffmpeg are the two packages that are the workhorses of video
conversion. Of these, mencoder is faster and generally gives better results.
Mencoder
Mencoder (http://www.mplayerhq.hu/DOCS/HTML/en/mencoder.html) is part of the
MPlayer (http://www.mplayerhq.hu/DOCS/HTML/en/index.html) set of libraries (that also
uses several of the FFMPEG libraries) for audio/visual conversion. If it is not installed on
your system, install it:
sudo apt-get install mencoder
MP4 with AAC audio to AVI with Xvid / MP3
50 of 265
AAC codecs are proprietary (http://en.wikipedia.org
/wiki/AAC#Licensing_and_patents) , of course, and many DVD players do not accept
it for this reason. Xvid is the open source version of DivX, and of course MP3 is a
widely available audio format.
05/24/2012 08:14 AM
UbuntuGuide Part2 -
The AVI container only allows a constant bitrate, so the MP3 audio must be encoded
at CBR. If the AAC is 5.1, it will be downcoded to stereo for MP3.
This example is a two-pass technique that allows the file size to be specified and
quality optimized for that filesize (using the information generated in the first pass).
In this example, a 700 Mb file is desired (and is specified by the negative value).
This information is from the Gentoo Wiki for Xvid and mencoder (http://en.gentoowiki.com/wiki/HOWTO_Mencoder_Introduction_Guide#XviD) .
mencoder <input.mp4> -ovc xvid -oac mp3lame -lameopts cbr:br=192 -xvidencopts pass=1 -o /dev/null
mencoder <input.mp4> -ovc xvid -oac mp3lame -lameopts cbr:br=192 -xvidencopts pass=2:bitrate=-700000 -o <output.avi>
AVI to MPG
The MPG format is sometimes useful for creating DVDs (using the MPEG-1 or
MPEG-2 video codec, which can be then used for vob files using QDVDAuthor or
ToVid). If the audio codec of the AVI file is already AC3 or MP3, it usually can be
copied. This example is take from the MPlayer/Mencoder documentation
(http://www.mplayerhq.hu/DOCS/HTML/en/menc-feat-mpeg.html) . Example:
mencoder <input.avi> -of mpeg -ovc lavc -lavcopts vcodec=mpeg1video -oac copy -o <output.mpg>
Add subtitles to video
Using mencoder:
mencoder -ovc [codec] [codec opts] -oac copy -sub [sub file.srt] -subfont-text-scale [3 normally]
In the example above, this would be:
mencoder <input.mp4> -ovc xvid -oac mp3lame -lameopts cbr:br=192 -xvidencopts pass=2:bitrate=-700000 -sub <subtitles.srt
Note: When adding subtitles to an .AVI video, you must transcode it completely. It is
not sufficient to merely add the subtitle track as listed above -- the entire video
must be re-transcoded. So, for example:
mencoder <input.avi> -ovc xvid -oac mp3lame -lameopts cbr:br=192 -xvidencopts pass=1 -o /dev/null
mencoder <input.avi> -ovc xvid -oac mp3lame -lameopts cbr:br=192 -xvidencopts pass=2:bitrate=-1400000 -sub <subtitles.sr
Remove subtitles from an .MKV video
Mastroska container (.MKV) video files can have multiple subtitles included. If a
conversion to an .AVI container format is desired (for playing on an older DVD player, for
example), the default subtitle file is hardcoded into the converted .AVI file, which may be
undesirable. To overcome this behaviour (so that the converted .AVI has no subtitles),
51 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
use the -sid 999 option:
mencoder <input.mkv> -sid 999 -ovc xvid -oac mp3lame -oac mp3lame -lameopts cbr:br=192 -xvidencopts pass=1 -o /dev/null
mencoder <input.mkv> -sid 999 -ovc xvid -oac mp3lame -oac mp3lame -lameopts cbr:br=192 -xvidencopts pass=2:bitrate=-1400
Trim a video
Using mencoder:
mencoder <input.avi> -ovc copy -oac mp3lame -ss 01:57:12 -endpos 00:04:08 -o <output.avi>
where -ss indicates the start position of the clip (hh:mm:ss) and -endpos indicates how
long the clip should be. (I use mp3lame for the audio codec because YouTube accepts
that.)
Resize a video
Using mencoder:
mencoder <input.avi> -ovc xvid -vf scale=320:240 -oac mp3lame -lameopts cbr:br=192 -xvidencopts pass=2:bitrate=-1400000
where -vf scale=320x240 indicates that the resulting video should be of that size. The
position of the suboption in the command string is important. It should immediately
follow the option -ovc <vcodec>.
52 of 265
HDTV resolution is usually 1920 x 1080 ("1080p") or 1280 x 720 ("720p"). A
standard definition widescreen TV has a maximum height of "480p" (usually 853 x
480 but sometimes 720 x 406). The standard width:height aspect ratio for cinema is
1.85:1, whereas the average aspect ratio for widescreen movies distributed for
display on television is 16:9 (1.78:1). When resizing a video, it is good to know the
original dimensions of the video and maintain the width to height aspect ratio in the
chosen scale.
Example: A video is distributed as 1280 x 692 (which has an aspect ratio of
1.85:1). The device (a low resolution television) on which it is to be displayed
has a maximum width of 720. The desired resolution would then be 720 x 390
to keep the aspect ratio at approximately 1.85:1. The option would then be -vf
scale=720:390. An analog television would require 10% overscan, making the
maximum width 648. To keep an aspect ratio of 1.85:1 would require a
resolution of 648 x 350, or a scale option of -vf scale=648:350.
Example: An HQ video is distributed as 1920 x 1080 (which has an aspect ratio
of 16:9). It is desired to view the video on a television with a maximum width
of 720p, which would require a final resolution of 720 x 406 to maintain an
aspect ratio of 16:9. The scale option would be -vf scale=720:406.
Example: An HQ video is distributed as 1920 x 1080 (which has an aspect ratio
05/24/2012 08:14 AM
UbuntuGuide Part2 -
of 16:9). It is desired to view the video on an analogue television with 10%
overscan, which would require a final resolution of 648 x 364 to maintain an
aspect ratio of 16:9. The scale option would be -vf scale=648:364.
Convert to .MP3 audio file
(Under construction)
Use Mplayer to extract audio to pcm .wav file:
mplayer <input.avi> -vc null -oa pcm -aofile -ss 1441.4 -endpos 260.1 <output.wav>
Then convert the .wav file to .mp3 with your favourite converter (such as
SoundConverter).
FFMPEG
FFMPEG (http://ffmpeg.org/) is the swiss-army knife of video and audio format
conversion. It succeeds when no other program can. It is free and open source. If it not
yet installed on your system as part of another package (it is used by many video/audio
editors), then install it:
sudo apt-get install ffmpeg
To convert many different formats, read the FFMPEG documentation
(http://ffmpeg.mplayerhq.hu/ffmpeg-doc.html) . Also see this tutorial (http://howtopages.org/ffmpeg/) .
Flash video (.flv) to MPG-2 using FFMPEG
To convert a saved Flash video (.flv) to an MPEG-2 format playable on a DVD,
convert:
ffmpeg -i samplevideo.flv -target ntsc-dvd samplevideo.mpg
53 of 265
Then use K3b (or Gnomebaker) to write the mpg file to a New DVD Data Project.
For PAL use -target pal-dvd. For widescreen, use -target film-dvd. For other
conversion tips, see this forum (http://ubuntuforums.org/archive/index.php
/t-1006250.html) . (Note: Most Flash video has very low resolution, with a
screen size of 360x270, for example. You may see a slight diminishment in
resolution if you wish to convert it to 720x480 (which is the NTSC standard
size) or other screen size. You can keep the original screen size and resolution
by omitting the -target parameter.) If your original file is 16:9 widescreen and
you desire a 4:3 letterbox output for playing on an overscanned TV, you may
need to pad the file so that the widescreen is not compressed (see this forum
05/24/2012 08:14 AM
UbuntuGuide Part2 -
(http://ubuntuforums.org/showthread.php?t=1010648) ):
ffmpeg -i samplevideo.flv -target ntsc-dvd -s 648x364 -padleft 36 -padright 36 -padtop 58 -padbottom 58 samplevideo.mpg
You can also use the WinFF GUI and add the command (as above) as a "Preset," for
subsequent use. For example:
Video converter (WinFF) -> Edit -> Presets ->
Preset Name: Letterbox -> Preset Label: 16:9 Widescreen to 4:3 Letterbox
Preset command: -target ntsc-dvd -s 648x364 -padleft 36 -padright 36 -padtop
58 -padbottom 58
Ouput file extension: mpg -> Category: DVD
-> Add/Update -> Save
To convert to MPEG-4 (mp4) files, use
ffmpeg -i samplevideo.flv outputvideo.mp4
FFMPEG requires that multiple restricted extra codecs be installed. This can be done
in a single easy step from the command-line Terminal:
sudo apt-get install kubuntu-restricted-extras
or
Convert to .MP3 audio file using FFMPEG
Convert Flash video audio to mp3
Once you have downloaded flash video content (.flv) from the Internet (using the
Video Download Helper plug-in for Firefox, for example), the audio component can
be converted to an mp3 using this command (from the command line Terminal).
(This will work for any type of video file, not just Flash.)
ffmpeg -i nameofvideoclip.flv -ab 160k -ac 2 -ar 44100 -vn nameoffile.mp3
where -i indicates the input, -ab indicates the bit rate (in this example 160kb/sec),
-vn means no video ouput, -ac 2 means 2 channels, -ar 44100 indicates the
sampling frequency. See FFMPEG docs (http://ffmpeg.mplayerhq.hu/ffmpegdoc.html#SEC11) for more info.
If I only want a segment of the video to be converted, I can use the time markers:
54 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
ffmpeg -i nameofvideoclip.flv -ss 00:00:09 -t 00:03:00 -ab 160k -ac 2 -ar 44100 -vn nameoffile.mp3
where -ss 00:00:09 indicates the point in the video (hh:mm:ss) at which to start
conversion and -t 00:03:00 indicates the amount of time (from the start point) to
convert.
As long as FFMPEG is already installed, the Video DownloadHelper plug-in for Firefox
already has an option to automatically convert an online video (such as those found
at YouTube) into an .MP3 file. (Settings are adjustable.) From the DownloadHelper
icon in Firefox, highlight the video to convert, then
DownloadHelper icon -> Download and Convert -> Converter options: MP3
Edit/convert screencapture with FFMPEG
Note: This section under construction.
Note: I now recommend using mencoder for all video conversion techniques. It uses
some of the ffmpeg libraries but is faster and gives more reliable and high-quality
results.
This is only one example of a wide variety of techniques. Once I have a captured
video, I want to convert it to XVID video (which is the format my older DVD player
accepts) and MP3 audio (mp3lame), which I will place in an AVI container (which my
DVD player also accepts).
ffmpeg -i Punchcast1.avi -vcodec mpeg4 -vtag xvid -acodec libmp3lame -ss 00:00:09 -t 00:03:00 Punchcast2.avi
I will start conversion (-ss) at second 9 (to eliminate unimportant things at the beginning)
and convert 3 minutes (-t) of video (00:03:00).
I happen to watch my screencasts on my old-fashioned 4:3 television. To do that, I
make a letterboxed video:
ffmpeg -i Punchcast1.avi -vcodec mpeg4 -vtag xvid -ss 00:00:09 -t 00:03:00 -s 648x364 -padleft 36 -padright 36 -padtop 5
My laptop screen is 1366x768, which I reduce to a size of 648x364. My TV wants
720x480, so I pad the sides and top/bottom. Why not a width of 720 initially? My older
television has 10% overscan, which cuts off 10% of the video. I therefore use (at least)
10% padding on the edges.
In newer versions of FFMPEG, the padding (and many other) options have changed. The
proper command is now:
ffmpeg -i Punchcast1.avi -vcodec mpeg4 -vtag xvid -ss 00:00:09 -t 00:03:00 -s 648x364 -vf pad 720:480:36:58 -acodec libm
55 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
ffmpeg movie=Punchcast1.avi:seek_point=9 -vcodec copy -acodec libmp3lame Punchcast1f.avi
WinFF (FFMPEG GUI)
WinFF (http://winff.org) is a free, GPL-licensed open source GUI frontend for FFMPEG.
Install:
sudo apt-get install winff xterm
Run:
Menu -> Applications -> Sound & Video -> WinFF
VobSub2SRT (Convert subtitles from .sub/.idx to
.srt)
VobSub2SRT (https://github.com/ruediger/VobSub2SRT) is a simple (GPLv3-licensed)
command line program to convert the image-based .idx / .sub subtitle files (used
with the .vob format found on commerical DVDs) into text-based .srt text subtitle
files by using OCR. It is based on code from the MPlayer project, Tesseract as OCR
software, and libavutil (part of the FFmpeg project).
Install dependencies:
sudo apt-get install libavutil-dev libtiff4-dev tesseract-ocr tesseract-ocr-dev tesseract-ocr-eng
sudo apt-get install pkg-config build-essential cmake
If you will be converting subtitles in languages other than English, you must
install tesseract for any or all of those languages as well:
sudo apt-get install tesseract-ocr-vie tesseract-ocr-deu tesseract-ocr-fra tesseract-ocr-ita
sudo apt-get install tesseract-ocr-nld tesseract-ocr-spa tesseract-ocr-por tesseract-ocr-deu-f
where vie is for Vietnamese, deu is for German, fra is for French, ita is for Italian, nld
is for Dutch, spa is for Spanish, por is for Portugeuse, and deu-f is for German
Fraktur script. If you don't you will get an error of the type: Unable to load
unicharset file /usr/share/tesseract-ocr/tessdata/xxx.unicharset.
Download and unzip the VobSub2SRT .zip file into its own directory:
mkdir vobsub2srt
cd vobsub2srt
wget -O vobsub2srt-current.zip https://github.com/ruediger/VobSub2SRT/zipball/ca53a18108eb08d6e2b853643d8c6838e2489823
unzip vobsub2srt-current.zip
rm vobsub2srt-current.zip
56 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
This will create a subdirectory with the current version. For example, my version is
vobsub2srt/ruediger-VobSub2SRT-ca53a18. Change into that directory then compile
and install the program.
cd ruediger-VobSub2SRT-ca53a18
./configure
make
sudo make install
This should install the program vobsub2srt to /usr/local/bin. You can uninstall
vobsub2srt with sudo make uninstall. You can build a *.deb package
(Debian/Ubuntu) with make package. The package is created in the build directory.
Convert the .sub / .idx pair of subtitle files (named Filename.sub and Filename.idx)
into a .srt sbutitle file (named Filename.srt):
vobsub2srt Filename
where Filename is the file name of the subtitle files WITHOUT the extension (.sub /
.idx).
If there are multiple languages in the .sub / .idx pair of subtitle files, you can select
which language to convert (using the 2-letter ISO 639-1 (http://en.wikipedia.org
/wiki/ISO_639-1) language code, e.g. en, fr, de, it, es, pt, etc.):
vobsub2srt --lang en Filename
Edit the .srt subtitle file for OCR mistakes (use the gedit text editor instead of kate if
using Ubuntu instead of Kubuntu):
kate Filename.srt
Join .MPG video segments
Individual video segments (MPEG-2, for example) can easily be joined:
cat samplevideo1.mpg samplevideo2.mpg samplevideo3.mpg > samplevideo123.mpg
You can then write the resulting MPEG-2 file to a DVD and play it in most DVD
players.
Split a file into segments
Any file can be split (http://en.wikipedia.org/wiki/Split_%28Unix%29) into segments using
the Linux command:
57 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
split -b 1440k my_big_file
which will split my_big_file into equal segments of size 1440 kb.
EBook Conversion
Calibre (eBook conversion)
Calibre (http://calibre-ebook.com/help) is an eBook reader, library manager, and tool for
conversion between many eBook formats (including the .epub format). Install:
sudo apt-get install calibre
Convert a web page to ePub format
The ePub (.epub) format is the default format for many eBook readers. Its format is
closely similar to HTML, CSS, and XML formatting of many web pages and, therefore,
ePub conversion is, in fact, most successful from HTML documents.
Save a complete webpage in .htm format:
Firefox -> File -> Save Page As... -> Filter: Web page, complete -> webpage.htm
Edit the .htm file (using kate in Kubuntu or gedit in Ubuntu) and delete any
elements of the page that you do not wish to be included in the eBook.
Start Calibre and add the downloaded/edited .htm file as a book to the Calibre
library:
Calibre -> Add Books... -> webpage.htm
Convert the downloaded/edited .htm file:
Calibre -> (highlight webpage.htm) -> Convert E-books -> Convert individually
Choose your conversion options.
Calibre is able to convert into .mobi format and many other eBook formats as well
(in a similar manner).
Create an eBook cover
Calibre allows the addition of a cover to an eBook. In general, a 525x700 px JPEG (.jpg)
image is easiest to use as a cover. I superimpose a 525x700 px cover image on a plain
590x750 px background in order to accommodate more eBook reader screens, but that
is a personal preference.
58 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Using Gimp, create a new image that is 590x750:
Gimp -> New... -> Image Size: 590x750
Then import the 525x700 image as a new layer:
Gimp -> File -> Open as Layers... -> MyCoverImage.png
which I position so the bottom edge of the imported image is at the bottom of the
blank area, and is, of course, centered.
Save the image as the new eBook cover. When prompted to either flatten the
image or merge the layers, either option will suffice.
The cover image can be selected (during the conversion process) in the Calibre ->
Convert E-books -> Metadata settings.
Email with PGP
Here are several method for setting up encrypted e-mail using PGP. OpenPGP is installed
by default in (K)Ubuntu using gpg/gpg2 (GnuPG).
Thunderbird with Enigmail
Thunderbird with Enigmail is available on all major OS platforms (Linux, Mac, Windows)
and is therefore the most widely available. Install:
sudo apt-get install thunderbird enigmail
59 of 265
Create a new e-mail account. Both Yahoo Mail (http://mail.yahoo.com) and Gmail
(http://mail.google.com) have free e-mail accounts available that can be used with
IMAP (http://en.wikipedia.org/wiki/Internet_Message_Access_Protocol) (which can be
used by Thunderbird).
Start Thunderbird:
Menu -> Internet -> Thunderbird
Set up your new e-mail account in Thunderbird to use IMAP. (In the example, Yahoo
Mail is used, but the method is the same for Gmail.) Make sure your firewall allows
ports 993 (IMAP) and 465 (SMTP) and 11371 (HKP).
Thunderbird -> file -> New -> Mail Account... -> (Enter Your name, Email address,
Password)
-> IMAP: Access folders and messages from multiple computers (ticked) -> Create
Account
Generate a new OpenPGP key pair:
Thunderbird -> OpenPGP -> Key Management -> Generate -> New Key Pair -> (fill
05/24/2012 08:14 AM
UbuntuGuide Part2 -
in desired passpharase, if any, and details)
-> Advanced -> Key Size: 1024 (should be sufficient) -> Key type: DSA & El Gamal
(should be sufficient) -> Generate key
-> "We highly recommend to generate a revocation certificate for your key..." ->
Generate Certificate
This method will use pre-selected key servers stored in the default Thunderbird
settings. If you wish to add selected key servers (such as keys.gnupg.net and
keyserver.ubuntu.com):
Thunderbird -> OpenPGP -> Preferences -> Keyserver -> Specify you keyserver(s):
-> keys.gnupg.net, keyserver.ubuntu.com -> OK
Turn off HTML in messages:
Thunderbird -> (Email Account ID) -> Composition & Addressing -> Compose
messages in HTML format (unticked) -> OK
Send and sign encrypted email with your OpenPGP key.
Thunderbird -> Write -> (compose message) -> OpenPGP -> Sign Message (ticked)
-> Encrypt Message (ticked) -> Send
Mail Server setup
Introduction
This setup uses the Postfix 2.7 (http://www.postfix.org/documentation.html) (SMTP
Server/MTA) / Dovecot 1.2 (http://wiki.dovecot.org/) (Pop3/IMAP Server) combination that
is installed as the Ubuntu/Debian mail server. It was tested on a Lucid (10.04.2) 64-bit
server with a Kubuntu (KDE) desktop.
To use it, MX records with a DNS registrar must be set up in advance.
Setting up MX records with a DNS registrar
In this example, I have a domain named mydomain.org which is registered at
MasterBlaster DNS Registrar. I will accept mail at mydomain.org and
mx.mydomain.org, so that mail addressed either as [email protected] or
[email protected] will be directed to my mail server to the mail account of
user1.
At MasterBlaster DNS Registrar, I create User MX records:
HOST
@
mx
60 of 265
MAILSERVER HOSTNAME
MAIL TYPE
MX PREF
TTL
mx.mydomain.org
mx.mydomain.org
MX
MX
10
10
1800
1800
05/24/2012 08:14 AM
UbuntuGuide Part2 -
I then make sure there is an A record for mx.mydomain.org so that it is directed to the
correct IP address. (I use LDAP, so I also include an A record for my LDAP server.)
HOST NAME
mx
ldap
IP ADDRESS/URL
RECORD TYPE
MX PREF
TTL
66.77.88.99
66.77.88.99
A (Address)
A (Address)
n/a
n/a
1800
1800
If the LAN on which the mail server's host computer is located uses Dynamic IP
addresses and you wish to use CNAME alias forwarding with your primary DNS
Registrar then see this section. I have read elsewhere that only an A record is
allowed as an MX DNS record type, but perhaps this is DNS Registrar-specific. My
MasterBlaster DNS Registrar allows a CNAME alias as the MX record type, as well.
HOST NAME
mx
ldap
IP ADDRESS/URL
RECORD TYPE
MX PREF
TTL
mydddomain.dyndns.org.
mydddomain.dyndns.org.
CNAME (Alias)
CNAME (Alias)
n/a
n/a
1800
1800
In this example, I have a dynamic IP address registered at DynDNS.com as
mydddomain.dyndns.org. (The registered dynamic DNS URL name does not have to have
any relation to the primary domain's registered URL.) The same Dynamic DNS URL that is
used as the CNAME alias for the record of other services can also be used as the CNAME
alias for the MX mail record. My server then updates the dynamic IP address for the
Dynamic DNS URL mydddomain.dyndns.org at DynDNS.com using ddclient.
Whenever address records are changed at a DNS Registrar, it can take as short as
half-an-hour (or at least as long as the TTL (in seconds), anyway) or sometimes as
long as several hours for the changes to propagate. (Dynamic IP addressing,
however, generally uses a very short TTL and the IP address update itself (by
ddclient) is nearly instantaneous). If you wish to know to which IP address your
email domain is currently being sent, try
telnet mx.mydomain.org 25
It should display a message with your current IP Address such as
"Trying 66.77.88.99..."
If it shows some other address, the changes have not yet propagated. Be patient.
Of course, until you have your Mail / SMTP server set up and all paths routed and
firewalls opened (for port 25, at least), you will get the message
"telnet: Unable to connect to remote host: Connection refused."
Install the Mail server
61 of 265
The integrated Mail server (Postfix 2.7 (http://www.postfix.org/documentation.html)
05/24/2012 08:14 AM
UbuntuGuide Part2 -
with Dovecot 1.2 (http://wiki.dovecot.org/) ) can be installed as a task which uses
the Maildir (http://wiki.dovecot.org/MailboxFormat) (mail spooling) file system:
sudo apt-get install dovecot-postfix
(Alternatively you can use sudo tasksel install mail-server or sudo tasksel with the Mail
server task, but the configuration files with these methods use the mbox
(http://wiki.dovecot.org/MailboxFormat) format by default instead.)
-> Postfix Configuration: General type of mail configuration: Internet site
-> Postfix Configuration: System mail name: mydomain.org
If there are problems with dependencies, they can often be fixed:
I also was forced to remove exim4 using apt-get on the command line because
exim4 was blocking the installation of postfix:
sudo apt-get remove --purge exim4
I did not remove exim4 through a package manager because my package manager
linked my drupal6 package to exim4; removing exim4 through a package manager
removed my drupal6 package as well. This linked behavior didn't occur when
removing exim4 through the command-line apt-get.
If the scripted Postfix installation fails, it can often be re-run:
sudo dpkg-reconfigure dovecot-postfix
or sometimes
sudo dpkg-reconfigure postfix
During installation, Postfix creates and uses a default (self-signed) security
certificate, as specified in the /etc/postfix/main.cf file:
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
Depending on the method of installation, these certificate files may already be
symbolically linked to similarly-named files. If not, create the symbolic links now:
sudo ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/certs/ssl-mail.pem
sudo ln -s /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/private/ssl-mail.key
62 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
I sometimes also use an additional symbolic link:
sudo ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/certs/cacert.pem
During installation, a (self-signed) SSL certificate is also created by Dovecot for this
domain. By default the certificate is created to /etc/ssl/certs/dovecot.pem and the
private key file is created to /etc/ssl/private/dovecot.pem (and the certificate set to
expire in 365 days). If you wish to change this, see the Dovecot wiki
(http://wiki.dovecot.org/SSL/CertificateCreation) .
It is easiest to stick with the snakeoil certificates when available, but to use the default
certificate of Dovecot instead, edit the Dovecot configuration file (use the gedit text
editor instead of kate if using Ubuntu instead of Kubuntu):
sudo kate /etc/dovecot/dovecot.conf
and uncomment (i.e. remove the # from) the lines:
ssl = yes
ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.pem
In versions of Dovecot installed with an integrated installer (such as dovecot-postfix),
leave the lines (in /etc/dovecot/dovecot.conf) commented out and instead edit the
appropriate configuration file in /etc/dovecot/conf.d. (Earlier versions used /etc/dovecot
/dovecot-postfix.conf.) For example (use the gedit text editor instead of kate if using
sudo kate /etc/dovecot/conf.d/10-dovecot-postfix.conf
using the same certificate files created by Postfix (that are referenced by the symbolic
links):
ssl = yes
ssl_cert_file = /etc/ssl/certs/ssl-mail.pem
ssl_key_file = /etc/ssl/private/ssl-mail.key
or if the snakeoil certificates are referenced directly, make no changes.
Restart Dovecot:
sudo /etc/init.d/dovecot restart
63 of 265
Optionally, install Mutt (http://en.wikipedia.org/wiki/Mutt_%28e-mail_client%29) for
testing IMAP mail from the command-line (Mutt is usually installed with Postfix), and
Roundcube (http://www.roundcube.net/) as a Java/AJAX-powered (browser-based)
webmail service. (An alternative to Roundcube is the PHP-based Squirrelmail
05/24/2012 08:14 AM
UbuntuGuide Part2 -
(http://www.squirrelmail.org/) ).
sudo apt-get install mutt
sudo apt-get install roundcube
I also like Thunderbird (https://www.mozilla.org/en-US/thunderbird/features) as my email
client when using a GUI-desktop.
sudo apt-get install thunderbird
Edit Postfix to reflect all variations of your domain
name
Edit the /etc/postfix/main.cf file (use the gedit text editor instead of kate if using
sudo kate /etc/postfix/main.cf
to reflect all possible variations of the email domain that will be used to send mail.
For example, I get mail at [email protected] and at
[email protected]. I therefore include mydomain.org and
mail.mydomain.org in the line:
mydestination = mydomain.org, mail.mydomain.org, MyServerHost.mydomain.org., localhost.mydomain.org., localhost
The dovecot-postfix installer edits the /etc/postfix/main.cf file so that it will be used
with the Maildir (mail spool) folder system (and will use the Dovecot mail delivery
system). You can verify that these lines are present:
home_mailbox = Maildir/
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-dovecot-postfix.conf -n -m "${EXTENSION}"
For earlier versions, the commands were:
home_mailbox = Maildir/
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot-postfix.conf -n -m "${EXTENSION}"
Open and forward appropriate ports
64 of 265
Of course, in order for your router to forward ports to your mail server, your mail
server must have a static IP on your LAN. I have never successfully been able to get
Network Manager to reliably maintain a static IP address, so I removed it and
created a static IP address. (Alternatively, you can remove network manager and
install Wicd, which allows static IP addresses over wired or wireless connections.)
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Your firewall also must not block the required incoming ports, and your router must
forward them to your mail server.
IMAP/IMAPS: Ports 143 and 993
Pop/Pops: Ports 110 and 995
SMTP: Ports 25 and 587
LDAP: Port 389
While troubleshooting, allow all these ports to remain unblocked by a firewall (both for
inbound and outbound traffic).
Set up Dovecot to listen to the ports by editing either /etc/dovecot/dovecot.conf
and/or /etc/dovecot/conf.d/10-dovecot-postfix.conf and/or /etc/dovecot/dovecotpostfix.conf (depending on your setup, or both). (Use the gedit text editor instead of
kate if using Ubuntu instead of Kubuntu.)
protocol imap {
listen = *:143
ssl_listen = *:993
...
imap_client_workarounds = tb-extra-mailbox-sep
}
protocol pop3 {
listen = *:110
ssl_listen = *:995
...
}
Note: I happen to use Thunderbird with IMAP, so I also add a workaround line that
enables usage of the Maildir (mail spooling) folder system with Thunderbird.
Set up Dovecot to be used with Thunderbird
To use with Thunderbird, edit the file /etc/dovecot/dovecot.conf and/or /etc/dovecot
/conf.d/10-dovecot-postfix.conf and/or /etc/dovecot/dovecot-postfix.conf (use the
gedit text editor instead of kate if using Ubuntu instead of Kubuntu):
and add the lines:
protocol imap {
...
imap_client_workarounds = tb-extra-mailbox-sep
}
65 of 265
In Thunderbird, under 'Server Settings' -> Advanced, uncheck "Show only
05/24/2012 08:14 AM
UbuntuGuide Part2 -
subscribed folders". (This may be optional).
While searching for server settings, the email client computer should not have
outgoing ports 25, 567, 143, 993, 110, 995, and/or 465 blocked, or Thunderbird will
not be able to connect automatically.
Create a Dovecot-compatible Maildir directory
skeleton
This is a set of default folders that can later be copied for each user. Include the folders
you think your users will use. (For additional tips, see the community Ubuntu Dovecot
page (https://help.ubuntu.com/community/Dovecot) .) Here is an example set:
sudo
sudo
sudo
sudo
sudo
maildirmake.dovecot
maildirmake.dovecot
maildirmake.dovecot
maildirmake.dovecot
maildirmake.dovecot
/etc/skel/Maildir
/etc/skel/Maildir/.Drafts
/etc/skel/Maildir/.Sent
/etc/skel/Maildir/.Trash
/etc/skel/Maildir/.Templates
Single User Quick Setup
66 of 265
This method uses system user accounts for email accounts. It uses the same pamdb
password file and authentication used for system users. It is useful (and quick and
easy) if you only have one email domain and only a few users (for each of whom
you don't mind creating a system account). An advantage is that it is trivial later to
copy (or move) the user's Maildir folder to another location for backup (or migration)
purposes.
Create a new user whose username (e.g. emailusername) will be the one you will
use for email.
K menu -> System -> System Settings -> Advanced -> User management -> User
Accounts -> New...
-> Details: Login Name: emailusername -> Ok -> Ok
I find it necessary to login once to the new user account for general housekeeping
purposes such as ensuring the correct password. I make the password the same as
the one I will use for the email account.
I then disable login for the new email user's account:
K menu -> System -> System Settings -> Advanced -> Login manager ->
Users -> Excluded users: emailusername
I also disable membership in all secondary groups:
K menu -> System -> System Settings -> Advanced -> User management ->
User accounts
05/24/2012 08:14 AM
UbuntuGuide Part2 -
-> emailusername -> Modify -> Privileges and Groups -> (untick all privileges
and all groups except emailusername)
I then logout and do the remaining steps from the primary system user's account.
Copy the Maildir skeleton to the new user's folder:
sudo cp -r /etc/skel/Maildir /home/emailusername/
sudo chown -R emailusername:emailusername /home/emailusername/Maildir
sudo chmod -R 770 /home/emailusername/Maildir
Edit the /etc/dovecot/dovecot.conf (and/or /etc/dovecot/conf.d/01-dovecotpostfix.conf and/or /etc/dovecot/dovecot-postfix.conf) file(s) so that the Maildir (mail
spool) folder system is used on a per-user basis. Change the appropriate line to
resemble:
mail_location = maildir:/home/%u/Maildir
Testing
Reload Dovecot and Postfix:
sudo /etc/init.d/postfix restart
Test that Postfix SMTP is running:
telnet localhost 25
and
telnet mail.mydomain.org 25
then test that Dovecot IMAP is running:
telnet localhost imap2
and
telnet mail.mydomain.org imap2
67 of 265
(for older versions of Dovecot, use telnet localhost imap)
Login (through imap) with the text-based email client Mutt:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
mutt -f imap://[email protected]
Use Thunderbird to create a new IMAP email account for
[email protected]. Accept the self-signed certificates. (You may
need to quit and restart Thunderbird again for the Maildir folders to register
correctly.)
Before starting any troubleshooting efforts, try rebooting the entire system once.
This will reload all configuration files.
This is all that is required for only a few users users on a small system. For multiple
email domains and numerous users, however, managing authentication (passwords)
and mailboxes will often require a method using virtual user files and/or a database
solution such as PostgreSQL, MySQL, or LDAP.
Create a user for virtual mail
Note: this is only used with a virtual vmail account, as with LDAP or a
database backend.
These steps are adapted from this tutorial (http://workaround.org/ispmail/squeeze
/setting-up-dovecot) .
Create a new user and group called vmail:
sudo groupadd -g 5000 vmail
sudo useradd -g vmail -u 5000 vmail -d /var/vmail -m
Give the folders appropriate permissions:
sudo chown -R vmail:vmail /var/vmail
sudo chmod u+w /var/vmail
Configure Postfix with Dovecot for use with a vmail
folder
Note: this is only used with a virtual vmail account, as with LDAP or a
database backend.
/postfix-dovecot) .
Edit /etc/postfix/master.cf (use the gedit text editor instead of kate if using Ubuntu
instead of Kubuntu):
sudo kate /etc/postfix/master.cf
68 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
and add the lines to the end:
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
(Note: the second line has to be indented by spaces.)
Edit /etc/postfix/main.cf (use the gedit text editor instead of kate if using Ubuntu
sudo kate /etc/postfix/main.cf
and add the lines:
virtual_transport=dovecot
dovecot_destination_recipient_limit=1
Restart Postfix:
sudo postfix reload
Install and set up a MySQL database
Note: Under construction (July 2007). Setting up a database backend is a
big task and it is not working for me yet. This section is here as my
personal reference only.
If you have not yet installed a LAMP (Linux, Apache, MySQL, PHP) server, do so now:
sudo apt-get install dbconfig-common php5-cli
During the setup of the lamp-server, you will be prompted to establish a root superuser
password for MySQL (e.g. rootmysqlpw). This is used many times (now and in the future),
so it is important to record it in a handy place. When setting up dbconfig-common, for
example, this password is requested. Also, clearly, you should choose Apache2 during
the dbconfig-common prompts.
Install phpMyAdmin:
sudo apt-get install phpmyadmin
Install the Postfix module for mysql:
sudo apt-get install postfix-mysql
69 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
If there are dependency issues or problems, fix them:
Start phpMyAdmin:
Firefox -> http://localhost/phpmyadmin
(If using a remote system, substitute your domain name URL for localhost.)
-> Username: root -> Password: rootmysqlpw
Create a new mailserver MySQL database:
-> phpMyAdmin -> Create new database: mailserver -> Create
or merely from the command line:
sudo mysqladmin -p create mailserver
(You will often be prompted once for your sudo password and then once again for the
root MySQL superuser's password (e.g. rootmysqlpw).)
If you make a mistake and wish to delete the database and start over, use
phpMyAdmin or the command:
sudo mysqladmin -p DROP mailserver
(You will often be prompted once for your sudo password and then once again for the
root MySQL superuser's password (e.g. rootmysqlpw).)
70 of 265
Further command-line options are presented here (http://workaround.org/ispmail
/squeeze/database-setup) , but I will use phpMyAdmin in the remaining steps.
Create a less privileged user for use by the mailserver database.
phpMyAdmin -> Databases -> mailserver -> Privileges -> Add a new user -> User
name: mailuser -> Host: Local
-> Password / Re-type: mailusersecretpw -> Data: Select (ticked) ->
Administration: Grant (ticked) -> Go
Create a table for the list of virtual domains:
phpMyAdmin -> Databases -> mailserver -> Create a new table on database
mailserver: Name: virtual_domains
-> Number of fields: 2 -> Go
-> Field: id -> Type: INT -> Length/Value: 11 -> Collation: utf8_unicode_ci
-> Index: PRIMARY -> AUTO_INCREMENT (ticked)
-> Field: name -> Type: VARCHAR -> Length/Value: 50 -> Collation: utf8_unicode_ci
05/24/2012 08:14 AM
UbuntuGuide Part2 -
-> Storage Engine: InnoDB -> Collation: utf8_unicode_ci -> Save
Create a table for the user accounts:
mailserver: Name: virtual_users
-> Field: domain_id -> Type: INT -> Length/Value: 11 -> Collation: utf8_unicode_ci
-> Field: password -> Type: VARCHAR -> Length/Value: 32 -> Collation:
utf8_unicode_ci
-> Field: email -> Type: VARCHAR -> Length/Value: 100 -> Collation: utf8_unicode_ci
-> Index: UNIQUE
-> domain_id: (ticked) -> Action: Index (Icon) -> Relation view -> domain_id:
FOREIGN KEY (INNODB): mailserver.virtual_domains.id
-> ON DELETE: CASCADE
Create a table for the aliases 9for forwarding emails from one account to the other):
mailserver: Name: virtual_aliases
-> Field: domain_id -> Type: INT -> Length/Value: 11 -> Collation: utf8_unicode_ci
-> Field: source -> Type: VARCHAR -> Length/Value: 100 -> Collation:
utf8_unicode_ci
-> Field: destination -> Type: VARCHAR -> Length/Value: 100 -> Collation:
utf8_unicode_ci
-> domain_id: (ticked) -> Action: Index (Icon) -> Relation view -> domain_id:
FOREIGN KEY (INNODB): mailserver.virtual_domains.id
-> ON DELETE: CASCADE
(Optional) Populate the database with test data, to be used later for testing
purposes.
sudo mysql -p
then enter your root superuser MySQL password (e.g. rootmysqlpw).
71 of 265
INSERT INTO `mailserver`.`virtual_domains` (
ìd` ,
`name`
)
VALUES (
'1', 'example.org'
05/24/2012 08:14 AM
UbuntuGuide Part2 -
);
INSERT INTO `mailserver`.`virtual_users` (
ìd` ,
`domain_id` ,
`password` ,
èmail`
)
VALUES (
'1', '1', MD5( 'summersun' ) , '[email protected]'
);
INSERT INTO `mailserver`.`virtual_aliases` (
ìd`,
`domain_id`,
`source`,
`destination`
)
VALUES (
'1', '1', '[email protected]', '[email protected]'
);
quit
Configure Postfix to be used with the MySQL
database
/postfix-database-configuration) . More options are there.
Create a file /etc/postfix/mysql-virtual-mailbox-domains.cf (use the gedit text editor
instead of kate if using Ubuntu instead of Kubuntu):
sudo kate /etc/postfix/mysql-virtual-mailbox-domains.cf
and add the lines (to match those created in the previous section):
user = mailuser
password = mailusersecretpw
hosts = 127.0.0.1
dbname = mailserver
query = SELECT 1 FROM virtual_domains WHERE name='%s'
Add the virtual_mailbox_domains configuration file to Postfix:
sudo postconf -e virtual_mailbox_domains=mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
72 of 265
Test the query (assuming you added the sample in the preceding section):
05/24/2012 08:14 AM
UbuntuGuide Part2 -
postmap -q example.org mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
The value "1" should be returned.
Create a file /etc/postfix/mysql-virtual-mailbox-maps.cf (use the gedit text editor
sudo kate /etc/postfix/mysql-virtual-mailbox-maps.cf
user = mailuser
hosts = 127.0.0.1
dbname = mailserver
query = SELECT 1 FROM virtual_users WHERE email='%s'
sudo postconf -e virtual_mailbox_maps=mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
postmap -q [email protected] mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
The value "1" should be returned.
Create a file /etc/postfix/mysql-virtual-alias-maps.cf (use the gedit text editor
sudo kate /etc/postfix/mysql-virtual-alias-maps.cf
user = mailuser
hosts = 127.0.0.1
dbname = mailserver
query = SELECT destination FROM virtual_aliases WHERE source='%s'
sudo postconf -e virtual_alias_maps=mysql:/etc/postfix/mysql-virtual-alias-maps.cf
73 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
postmap -q [email protected] mysql:/etc/postfix/mysql-virtual-alias-maps.cf
The value "[email protected]" should be returned.
Configure Dovecot to be used with the MySQL
database
/setting-up-dovecot) .
Edit the Dovecot configuration file (use the gedit text editor instead of kate if using
sudo kate /etc/dovecot/dovecot.conf
Comment (add a # to) the lines:
passdb pam {
}
Uncomment (remove the # from) the lines:
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
which tells Dovecot that the passwords are stored in an SQL database and add:
userdb static {
args = uid=5000 gid=5000 home=/var/vmail/%d/%n/Maildir allow_all_users=yes
}
to tell Dovecot where the mailboxes are located.
Change the socket listen section to resemble:
socket listen
master {
path =
mode =
user =
}
74 of 265
{
/var/run/dovecot/auth-master
0600
vmail
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
05/24/2012 08:14 AM
UbuntuGuide Part2 -
group = postfix
}
}
Change the protocol lda section to resemble:
protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
postmaster_address = [email protected]
mail_plugins = sieve
log_path =
}
Edit the /etc/dovecot/dovecot-sql.conf file (use the gedit text editor instead of kate
if using Ubuntu instead of Kubuntu):
sudo kate /etc/dovecot/dovecot-sql.conf
and change these settings:
driver = mysql
connect = host=127.0.0.1 dbname=mailserver user=mailuser password=mailusersecretpw
default_pass_scheme = PLAIN-MD5
password_query = SELECT email as user, password FROM virtual_users WHERE email='%u';
Restart Dovecot.
Adding virtual domains and users to a MySQL
database
(Optional) Populate the database with test data, to be used later for testing
purposes.
sudo mysql -p
then enter your root superuser MySQL password (e.g. rootmysqlpw).
75 of 265
INSERT INTO `mailserver`.`virtual_domains` (
ìd` ,
`name`
)
VALUES (
'1', 'example.org'
);
05/24/2012 08:14 AM
UbuntuGuide Part2 -
INSERT INTO `mailserver`.`virtual_users` (
ìd` ,
`domain_id` ,
`password` ,
èmail`
)
VALUES (
'1', '1', MD5( 'summersun' ) , '[email protected]'
);
INSERT INTO `mailserver`.`virtual_aliases` (
ìd`,
`domain_id`,
`source`,
`destination`
)
VALUES (
'1', '1', '[email protected]', '[email protected]'
);
quit
Install and set up an LDAP server
Note: Under construction (July 2007). Setting up LDAP is a big task and it
is not working for me yet. This section is here as my personal reference
only.
For an introduction to LDAP see the Ubuntu Server 10.04 OpenLDAP
(https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html) section and the
community Ubuntu OpenLDAP (https://help.ubuntu.com/community
/OpenLDAPServer) section.
Install the OpenLDAP server:
sudo apt-get install slapd ldap-utils
Install additional modules:
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
Create a backend LDIF file by copying the following example LDIF file, naming it
backend.mydomain.org.ldif, somewhere on your system (e.g. to the /etc/ldap folder)
(use the gedit text editor instead of kate if using Ubuntu instead of Kubuntu):
sudo kate /etc/ldap/backend.mydomain.org.ldif
# Load dynamic backend modules
dn: cn=module,cn=config
76 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/ldap
olcModuleload: back_hdb
# Database settings
dn: olcDatabase=hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcSuffix: dc=mydomain,dc=org
olcDbDirectory: /var/lib/ldap
olcRootDN: cn=admin,dc=mydomain,dc=org
olcRootPW: secretldapadminpw
olcDbConfig: set_cachesize 0 2097152 0
olcDbConfig: set_lk_max_objects 1500
olcDbConfig: set_lk_max_locks 1500
olcDbConfig: set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcAccess: to attrs=userPassword by dn="cn=admin,dc=mydomain,dc=org" write by anonymous auth by self write by * none
olcAccess: to attrs=shadowLastChange by self write by * read
olcAccess: to dn.base="" by * read
olcAccess: to * by dn="cn=admin,dc=mydomain,dc=org" write by * read
Note: Change olcRootPW: secretldapadminpw to a password of your choosing, and of
course, mydomain and org to match your own domain name. There must be a blank line
after "olcModuleload: back_hdb".
Add the backend file to the directory:
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/backend.mydomain.org.ldif
Create a frontend LDIF file by copying the following example LDIF file, naming it
frontend.mydomain.org.ldif, somewhere on your system (e.g. to the /etc/ldap folder)
sudo kate /etc/ldap/frontend.mydomain.org.ldif
# Create top-level object in domain
dn: dc=mydomain,dc=org
objectClass: top
objectClass: dcObject
objectclass: organization
o: Mydomain Organization
dc: Mydomain
description: LDAP Mydomain
# Admin user.
dn: cn=admin,dc=mydomain,dc=org
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword: secretldapadminpw
dn: ou=people,dc=mydomain,dc=org
objectClass: organizationalUnit
ou: people
77 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
dn: ou=groups,dc=mydomain,dc=org
objectClass: organizationalUnit
ou: groups
dn: uid=john,ou=people,dc=mydomain,dc=org
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: john
sn: Doe
givenName: John
cn: John Doe
displayName: John Doe
uidNumber: 1000
gidNumber: 10000
userPassword: jd_userpassword
gecos: John Doe
loginShell: /bin/bash
homeDirectory: /home/john
shadowExpire: -1
shadowFlag: 0
shadowWarning: 7
shadowMin: 8
shadowMax: 999999
shadowLastChange: 10877
mail: [email protected]
postalCode: 31000
l: Toulouse
o: Mydomain
mobile: +33 (0)6 xx xx xx xx
homePhone: +33 (0)5 xx xx xx xx
title: System Administrator
postalAddress:
initials: JD
dn: cn=mydomain,ou=groups,dc=mydomain,dc=org
objectClass: posixGroup
cn: mydomain
gidNumber: 10000
Note: Change userPassword: secretldapadminpw and userPassword: jd_userpassword to
passwords of your choosing, and of course, mydomain and org to match your own
domain name. Maintain the blank lines.
Add the frontend file to the directory:
sudo ldapadd -x -D cn=admin,dc=mydomain,dc=org -W -f /etc/ldap/frontend.mydomain.org.ldif
Set up Postfix with LDAP
only.
You can use many different methods for user authentication, including MySQL and
PostgreSQL databases. Using LDAP is only one of the methods available.
Install the postfix-ldap package:
sudo apt-get install postfix-ldap
78 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Set up Dovecot with LDAP
only.
Also see these community Ubuntu tips (https://help.ubuntu.com/community
/DovecotLDAP) .
Make sure your LDAP (http://en.wikipedia.org/wiki/LDAP) server host (e.g.
ldap.mydomain.org) is registered with your MasterBlaster DNS registrar.
Edit the etc/dovecot/dovecot-ldap.conf configuration file (use the gedit text editor
sudo kate etc/dovecot/dovecot-ldap.conf
Set the host(s) of the LDAP server(s) (port 389 is the LDAP default and can be
omitted):
hosts = ldap.mydomain.org:389
Set TLS to yes:
tls = yes
Set the LDAP version:
ldap_version = 3
Moving Maildir directories
Maildir directories can be moved from one server to another, but it is tricky. The
subfolders are designated as hidden files and hidden files must be moved
separately (they are not included in routine copies).
/Maildir/.Drafts
/Maildir/.Sent
/Maildir/.Trash
/Maildir/.Templates
Therefore, to copy a Maildir directory requires 2 commands:
sudo cp -pr /oldpath/Maildir/* /newpath/Maildir/
sudo cp -pr /oldpath/Maildir/.* /newpath/Maildir/
79 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
In this the -p designates to maintain permissions, and -r means recursive copying.
The problem is that the permissions from one server to the next may not match, and it
may become necessary to open all the permissions:
sudo chmod 777 -R newpath/Maildir/*
sudo chmod 777 -R newpath/Maildir/.*
If you can sort out the permissions required by your server (which may require root
permissions, postfix permissions, user permissions, or vmail virtual user permissions
depending on your setup) then do so, but until you are certain that everything else
works, it is easiest to open all permissions initially and then tighten them secondarily.
Once I determined the correct user (e.g. emailuser, root, postfix, or vmail, depending on
the system) I then changed the owner to the correct owner (chown user:user) and chmod
to 700 for all the Maildir directories.
Also be aware that most USB/Flash/Thumb drives are formatted as FAT32 and will not
maintain file permissions. Using them as copying media will not work (unless they are
re-formatted to ext3 or ext4). It is also tricky to maintain file permissions when using NFS
or SMB networked folders, since root permissions (root squashing) are disabled by
default and recent protocols do not easily permit the "no_root_squash" function. It is
easiest to use direct (or rsync) copying, or to copy to a (non-formatted) CD/DVD as an
intermediate medium.
Also, email files in Maildir folders are designated with the name of the original server.
When moving to a new server, it may be necessary to include the name of the old server
as a destination in the Postfix main.cf configuration file:
mydestination = oldserver.oldomain.org, newserver.newdomain.org
Other Resources
Community Ubuntu Dovecot tutorial (https://help.ubuntu.com/community/Dovecot) .
Workaround.org (http://workaround.org/ispmail/squeeze) 's widely referenced mail
server tutorial using a MySQL database for authentication.
A method using virtual files (https://help.ubuntu.com/community
/PostfixVirtualMailBoxClamSmtpHowto) for authentication (soemwhat simpler but
similar to the database method).
Tor
Tor (http://www.torproject.org/) is a project to allow privacy while using the Internet and
to limit usage tracking. It routes your traffic through several anonymous nodes, so that
your usage appears to come from an IP other than your own. (There are always risks
when using the Internet that even Tor can not help with, though. Read this
(http://www.torproject.org/download.html.en#Warning) .) Using Tor can slow down your
80 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Internet usage significantly, depending on how much traffic is being passed through the
Tor network (routine file-sharing or large downloads will also significantly reduce
performance of the Tor network.)
Install Tor (Network privacy)
Install Tor by following the instructions here (https://www.torproject.org/docs/debian)
. Note that the instructions require port 11371 on your firewall to be open to use the
gpg keyserver (and download the key for the debian package). Then see the Tor
installation guide (http://www.torproject.org/docs/tor-doc-unix.html) for details. In
general:
sudo apt-get install tor
Tor can be run in its default configuration from the command-line (or from a menu
item with the "Advanced -> Run in terminal" box ticked):
tor
A separate menu item can be created to reliably shutdown Tor:
sudo killall tor
By default Tor listens for socks traffic on port 9050. In general, applications
(including proxies) should send socks traffic to Tor over this port.
I don't like Tor to automatically start at boot, so I edit the /etc/tor/torrc configuration
file (use the gedit text editor instead of kate if using Ubuntu instead of Kubuntu):
sudo kate /etc/tor/torrc
and change the line so it looks like:
#RunAsDaemon 1
RunAsDaemon 0
then restart Tor:
sudo /etc/init.d/tor restart
Torbutton (Firefox plug-in)
Once Tor is installed and running properly, Torbutton (https://www.torproject.org
/torbutton/) allows you to choose whether to use Firefox through the Tor anonymizing
81 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
network or not. Install the .xpi extension directly from the website
(https://www.torproject.org/torbutton/) .
The standalone Torbutton add-on for Firefox disables many functions of Firefox, such
as the Drag and Drop function. It must therefore be disabled (Firefox -> Tools ->
Add-ons -> Extensions -> Torbutton -> Disable) while using many of these Firefox
functions.
Instead of the standalone Torbutton, the Tor Project recommends using the Tor Browser
Bundle (https://www.torproject.org/projects/torbrowser.html) (Tor, Vidalia GUI, a modified
version of Firefox, and Torbutton) for greater functionality and security.
Tor Browser Bundle
The Tor Browser Bundle (https://www.torproject.org/projects/torbrowser.html) (Tor, Vidalia
GUI, a modified version of Firefox, and Torbutton) provides greater functionality and
security than the stock Firefox version with the standalone Torbutton. Install from here
(https://www.torproject.org/projects/torbrowser.html) the version for your language and
unpack it. For example:
wget https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-x86_64-2.2.35-12-dev-en-US.tar.gz
tar -xvzf tor-browser-gnu-linux-x86_64-2.2.35-12-dev-en-US.tar.gz
Then change to the extracted directory and start the Tor Browser Bundle:
cd tor-browser_en-US
./start-tor-browser
A menu item can also be created with the command to start it.
Using proxies with Tor
usewithtor
If you installed a recent version of Tor from the repositories, you will have installed
the "usewithtor (http://code.google.com/p/torsocks/) " package. A number of
applications can be automatically redirected to the Torsocks proxy (torsocks
(http://code.google.com/p/torsocks/) ) with this utility:
usewithtor myapplication
A menu item with such a command can then be created.
82 of 265
By using torsocks, usewithtor will also block an application from sending UDP traffic
(which is not anonymized by the Tor network).
Applications that you wish to "usewithtor" (with torsocks) or "torify" (with tsocks)
05/24/2012 08:14 AM
UbuntuGuide Part2 -
should use port 8118 for the http proxy port and port 9050 for the socks port.
torify
Another method is to "torify (https://trac.torproject.org/projects/tor/wiki
/doc/TorifyHOWTO) " an application with a different tor socks proxy (tsocks
(http://tsocks.sourceforge.net/) ) if tsocks has been configured (edit /etc/tor
/tor-tsocks.conf).
torify myapplication
tsocks does not explictly block UDP traffic, so if it is desirable to allow UDP traffic
while anonymizing fttp traffic, use this method.
Privoxy
I use the Privoxy proxy to tunnel http traffic through Tor. Install the Privoxy http
proxy:
Applications can be set to send their http traffic to Privoxy over port 8118; Privoxy
will then in turn forward the http traffic to Tor over port 9050. (Use an IP address
other than 127.0.0.1 if Privoxy and/or Tor are not on the local machine. Use
localhost instead of 127.0.0.1 if using IPv6 addressing on your systems).
Note: For some older versions of Privoxy, users have reported better success designating
the address of the host computer as 127.0.0.1 instead of localhost in the configuration
settings.
Edit configuration files.
In the configuration file Privoxy is configured by default to listen on port
127.0.0.1:8118. See Firewall considerations. Edit the Privoxy configuration file
sudo kate /etc/privoxy/config
Add the lines
forward-socks5 / 127.0.0.1:9050 .
forward-socks4a / 127.0.0.1:9050 .
Note: socks5 allows more authentication choices, UDP for external DNS resolution, and
accommodates IPv6. (By including both lines, socks4a is used as a fallback if a program
does not support socks5.)
83 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Restart Privoxy:
sudo /etc/init.d/privoxy restart
Other proxies
Other proxies such as socat (http://www.dest-unreach.org/socat/doc/socat.html) , Polipo
(http://www.pps.jussieu.fr/~jch/software/polipo/) can also be used with Tor instead or
Privoxy. Squid (http://www.squid-cache.org/) can also be daisy-chained to one of the
proxies.
Ensuring applications use the proxy
See this advice (https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO
/Misc#UnixandLinuxConfiguration) . (Note: this is labeled as "old advice.") In
(K)Ubuntu, the bash configuration files are at ~/.profile (i.e. /home/user/.profile) for
the current user or at /etc/profile for system-wide usage. Using this advice, edit one
of those two files and add the lines at the end of the file:
http_proxy=http://127.0.0.1:8118/
HTTP_PROXY=$http_proxy
export http_proxy HTTP_PROXY
Using specific applications with Tor
Web Browsers (https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO
/WebBrowsers)
E-mail (https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/EMail)
IRC/SILC (https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/IrcSilc)
FTP (https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/TorifyHOWTO/FTP)
Misc (https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Misc)
Instant Messaging (https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO
/InstantMessaging)
Torchat can be used for IM through Tor. Install:
sudo apt-get install torchat
Other applications may allow for the http proxy and the chainloaded socks services
of Tor to be used independently (in parallel). Once Tor (and the relevant proxy or
proxies) are running, the http proxy 127.0.0.1:8118 and the socks proxy
127.0.0.1:9050 can be specified in the configuration settings of an application that
allows for this.
Tor GUIs
84 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
It is not necessary to use a GUI with Tor.
If you will use Tor with a GUI interface (such as Vidalia or TorK), however, edit the Tor
configuration file (use the gedit text editor instead of kate if using Ubuntu instead of
Kubuntu):
sudo kate /etc/tor/torrc
Add the line so that the GUI interface can control Tor over port 9051:
ControlPort 9051
Note: There is some concern that allowing control of Tor over port 9051 is not
secure. If you will not be using a GUI, this step is not advised.
Vidalia (Tor interface)
Vidalia (https://www.torproject.org/projects/vidalia.html) is the recommended Qt4-based
GUI frontend for Tor. If not installed with Tor, install:
sudo apt-get install vidalia
Tork (KDE Tor interface)
TorK (http://sourceforge.net/projects/tork/) is a KDE interface for Tor that relied on the
older Qt3 platform. It is no longer included in the (K)Ubuntu repositories (as of Natty
11.04). However, if desired it can still be installed (along with the required older Qt3
libraries) by adding the Maverick repository (http://packages.ubuntu.com/maverick
/amd64/tork/download) (directly or using a package manager):
deb http://ubuntu.mirror.cambrium.nl/ubuntu/ maverick main universe
Installing TorK also will install privoxy and unless you have also added the Tor
repository directly, will also install an older version of Tor from the Ubuntu universe
repositories. See these installation tips (http://ubuntuforums.org/archive/index.php
/t-800115.html) . Install:
sudo apt-get install tork privoxy
85 of 265
Run TorK (K menu -> Internet -> TorK Anonymity Manager) for the first time using
the First Run Wizard (TorK -> Tools -> First Run Wizard).
"No, tor is going to run on this PC" then "I have to start Tor manually" then
"Run A Tor client with default settings" then "I want to use Privoxy..." then
"Privoxy starts in the background when my computer boots up" then go
through the remaining options.
05/24/2012 08:14 AM
UbuntuGuide Part2 -
I then start ("Play") TorK as a Client. I happen to like Konqueror for Anonymous
browsing, since it worked the first time for me without a problem. I keep Firefox
for non-Tor browsing (so I don't have to change any of its settings) or install
Torbutton (see below). You may have to fiddle with your Network proxy settings
in Konqueror or Firefox (if things don't work the way you expect them to).
Allow the Firewall (like Firestarter) to allow ports 8118, 9050, 9051, or just turn off
the firewall completely, until everything is working. Then turn the firewall back on.
(You should monitor your firewall carefully. TorK has settings to automatically turn it
off, if you aren't careful.) No ports are required to be left open in the firewall for Tor
to work, as all traffic will be directed through the socks port 9050 (which avoids the
firewall).
Applications that you wish to "torify" (with tsocks) or "usewithtor" (with torsocks)
should use port 8118 (i.e. 127.0.0.1:8118) for the http proxy and port 9050
(127.0.0.1:9050) for the socks port.
Once configured as a client successfully, if you have the bandwidth and a stable
environment please enable the client/relay mode and/or server mode so that the Tor
bandwidth is increased.
Note: Tork constantly monitors the network (both Tor and non-Tor traffic). This can
cause slowing of the Tor traffic from your computer and even cause intermittent
interruptions. (Tor runs in the background and does not require Tork to be running as
a control module.) If Tor is running in a stable mode, it will be faster (and less
problematic) to stop Tork (sudo killall tork) and allow Tor to run in the background.
Note: Traffic that is routed through Privoxy (and then presumably to Tor from Privoxy
if configured correctly) will be logged as "non-Tor" traffic by Tork. As long as Privoxy
is working correctly, however, this traffic is being forwarded through the Tor socket.
Tork does not start Privoxy properly. Privoxy must be started (prior to starting Tork)
as a startup program (e.g. using the Bootup-Manager) or manually with the
command:
sudo /etc/init.d/privoxy start
Prevent autostart of proxies and Tor
Whenever I stopped the TorK GUI and then later wanted to start it again, I had to
manually kill the Privoxy and Tor processes first.
sudo killall privoxy
sudo killall tor
86 of 265
Further, Tor, Privoxy, and Polipo install themselves as automatically started services
at bootup. Preventing automatic startup (at boot) of Tor and Privoxy (and/or Polipo)
can be accomplished by one of the methods in this Ubuntu Forums thread
(http://ubuntuforums.org/showthread.php?t=1277224) . Personally, I like using
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Bootup-Manager:
sudo apt-get install bum
but another option is:
sudo update-rc.d tor disable
sudo update-rc.d privoxy disable
sudo update-rc.d polipo disable
which will also stop updates from re-installing the applications as startup services when
updates are made.
If Privoxy is stopped, it must be re-started with the Bootup-Manager or using the
command:
sudo /etc/init.d/privoxy start
Firewall considerations
Single computer
If you have the Tor client, the proxy client (Privoxy, Polipo, or socat), and the browser
client (or other application) on the same computer, you do not need to have any open
ports in order to use Tor. In such a circumstance it is safest to block all ports that connect
to the Internet. The socks proxy bypasses the firewall entirely (so there is no need to
leave any ports open in order for it to communicate).
By closing all ports (using a firewall), applications will be prevented from bypassing Tor
(accidentally or unknowingly). Later, if you wish to have some of your traffic directed
through Tor and some of your traffic traffic routed outside of Tor, you can open the ports
for the traffic that will not go through Tor.
Proxy on LAN
If the proxy (Privoxy, Polipo, socat, etc.) on your LAN is on a computer different from the
computer(s) that have the end-user client applications, it is best to open the port (e.g.
8118) for communication only between computers on the LAN (with the end-application
clients on them) and the computer on the LAN with the proxy on it. Port 8118 should
then not be open to the Internet but only to the computers on the LAN that will use the
proxy.
If the Proxy and Tor client are on different computers as well, port 9050 should be open
(on the LAN, not on the Internet) between the computer with the Proxy and the computer
with the Tor client only, so that the Proxy can forward traffic to the Tor client (but not to
the Internet). (Obviously, if the Proxy and the Tor client are on the same computer, there
is no need to open the 9050 port at all.)
87 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Blocking all non-Tor traffic using iptables
To ensure that no unprotected traffic "leaks" from applications without your knowledge, it
is possible to configure your firewall iptables to prevent all traffic except that which is
transmitted through Tor.
See this page (https://trac.torproject.org/projects/tor/wiki
/doc/BlockNonTorTrafficDebian) .
Tor network initialization
It may be necessary to open port 443 (or less desirably port 80) to allow resolution of the
nodes of the Tor network. Consider using DNS privacy methods.
Troubleshooting
Some routers (including a certain version of the Linksys WRT54G) slow down when
the incoming/outgoing connection log (cache) becomes full (which can happen with
many Tor or P2P connections). Disable the Log if this problem occurs.
Although applicable to p2p traffic, this information (http://ktorrent.org
/wiki/index.php/FAQ#Problem_solving) is generically applicable to Tor as well.
Other resources
Tor documentation (http://www.torproject.org/docs/documentation.html)
OnionCat (http://www.cypherpunk.at/onioncat/) transmits IP-based data
transparently through the Tor network on a location hidden basis.
Similar networks:
I2P (http://www.i2p2.de) is another anonymizing network similar to Tor. (See
instructions (http://www.i2p2.de/debian) and Ubuntu community help
(https://help.ubuntu.com/community/I2P) .)
Freenet (http://freenetproject.org/) is another anonymizing network similar to Tor.
Gnunet (https://gnunet.org/) is another anonymizing network similar to Tor.
List of similar networks at Wikipedia (https://secure.wikimedia.org/wikipedia/en/wiki
/Anonymous_P2P#List_of_anonymous_P2P_networks_and_clients)
Remastersys
Note: As of 10-2011 the developer of Remastersys has stopped development and no
longer distributes this software. These instructions are for reference of legacy users of
Remastersys only.
88 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Install Remastersys
Remastersys is available from Sourceforge (http://sourceforge.net/projects/remastersys
/files/) . (If using a repository installation from another source (not recommended), note
that the (Launchpad) repositories have versions that are different for Jaunty (and earlier)
than the ones used for Karmic and later.)
Obtain the .deb file from Sourceforge and install:
wget http://sourceforge.net/projects/remastersys/files/remastersys-ubuntu-karmic-lucid-maverick/remastersys_2.0.18-1_all
sudo dpkg -i remastersys_2.0.18-1_all.deb
Create a custom distribution
Remastersys copies all your settings exactly as they are set up in your system,
except for proprietary display drivers (and other proprietary hardware drivers).
Therefore, customize your distribution to your liking first, using a single user. (It is
recommended to keep an installation to less than 2 GB if you wish the remastered
distro to fit on a CD. If you intend to use DVDs, it can be larger.)
The custom distribution (dist) option does not retain any files in the /home directory (nor
even any users). A new user must be created upon installation from the custom disc.
Therefore, do not include any critical files or functions that require a user to be retained.
(If you do, use the backup option instead).
Once it is perfected, write the distribution to an .iso (for burning onto a distributable
CD (or DVD)):
sudo remastersys dist
Burn the .iso to a disk (https://help.ubuntu.com/community/BurningIsoHowto) .
Insert a blank CD or DVD (if the .iso file is more than 700 Mb, a DVD must be used).
Menu -> Multimedia -> K3b CD & DVD Burning -> Tools -> Burn DVD ISO Image...
-> Image to Burn: /home/resmastersys/remastersys/customdist.iso
-> Start -> Default Settings
Note: an MD5 sum will be calculated and displayed, which can be recorded (on the
disk, for example) for later verification.
Clean the temporary files (if the disc burned and works correctly):
sudo remasterys clean
Create a system backup
89 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
This method allows you to backup a multiple-user system using any privileged user, and
retains the user files and settings.
sudo remastersys backup
Using the Remastersys GUI
A GUI is available (after installation of the Remastersys package):
Menu -> System -> Remastersys Backup
Edit Remastersys configuration file
Choose the settings for the custom distro:
sudo nano /etc/remastersys.conf
Troubleshooting
See this page (http://klikit.pbworks.com
/Remastersys+-+Limitations+of+remastering) regarding Remastersys limitations.
For example, no single file can be 4 Gb or larger in size; only gdm or kdm can be
used as login managers; and all included packages must be available in the Ubuntu
repositories.
Dynamic IP servers
I happen to like the DynDNS service because they are one of the oldest (and have free
services available). The examples use this service, but there are other services that can
be used with similar setups.
Single URL and a DynDNS-capable router
My router happens to have a built-in updater for DynDNS (and for TZO). In the DDNS
section of the router configuration, I can set the name of a single URL I have registered
with DynDNS (or TZO), along with the username and password I have previously set up
at DynDNS.com (http://www.dyndns.com/services/dns/dyndns/) . The router does the rest
automatically for me. If you are using a single URL and have a similar router capability,
then this will be the easiest setup by far. First register for a username (with password) at
DynDNS (or TZO) and set the URL name there that the server on your host will use. Then
input the information into your router's configuration page. The router will do the rest.
Multiple URLs
90 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
I use multiple URLs because I run multiple webservers from my host computer. However,
the router I currently use only allows me to update one of the URLs. I therefore need an
updater program in order to update all of the URLs at the same time.
ddclient
ddclient (http://sourceforge.net/apps/trac/ddclient/wiki) is a perl-based client that
updates the DynDNS (or other dynamic IP DNS service) database to keep track of your
host computer's changing dynamic IP address. DynDNS is a public DNS
(http://en.wikipedia.org/wiki/Domain_Name_System) server, and will match your URL
name to whichever (current) dynamic IP address that the ddclient sends to DynDNS.
Setup will be easiest if you register for a username/password at DynDNS.com (or other
dynamic IP DNS service) and set up your desired URLs there, first. Then install the
updater client program:
sudo apt-get install ddclient
If this is the first time you have installed ddclient, you will be prompted for the
URL(s) you registered with DynDNS.com (http://www.dyndns.com/services
/dns/dyndns/) (or other dynamic IP DNS service). You will also be prompted for the
username/password your registered with DynDNS.com. Lastly, you will be asked
which ethernet port your primarily use to connect to the Internet (eth0 for wired,
wlan0 for wireless, usually).
The system will function with no further setup if you input the variables correctly. See
this DynDNS page (http://www.dyndns.com/support
/kb/using_ddclient_with_dyndns_services.html) for instructions on additional
customizations available for use with DynDNS.
Edit ddclient configuration
Edit the ddclient configuration file (use kate instead of nano in Kubuntu, or gedit
instead of nano in Ubuntu):
sudo nano /etc/ddclient.conf
To set the number of seconds between updates, I add the line
daemon=3600
My dynamic IP only changes rarely, so I only check it hourly (3600 seconds in an
hour).
To use secure SSL communications, I add the line
ssl=yes
91 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
To use the DynDNS checkip service (which will autodetect your current IP address), I
add the line
use=web, web=checkip.dyndns.com/, web-skip='IP Address'
My configuration file now looks like:
# Configuration file for ddclient generated by debconf
#
# /etc/ddclient.conf
#
# Check the current IP address. Either check the eth0 port for its current IP address (can't be used on a LAN),
# or use the DynDNS IP checking service.
daemon=3600
pid=/var/run/ddclient.pid
#use=if, if=eth0
#
# Login and change the values at the DynDNS site, using SSL.
protocol=dyndns2
ssl=yes
server=members.dyndns.org
login=myDynDNSusername
password=' myDynDNSuserpassword '
mysite_1.dynds.org,mysite_2.dyndns.org,mysite_3.dyndns.org
Note that the password must be enclosed in quotation marks, e.g
'myDynDNSuserpassword' for DynDNS.
Ensure that the configuration is working:
sudo ddclient -daemon=0 -debug -verbose -noquiet
Note that you can add additional services and/or domain names to be updated
simply by adding an additional block to the configuration file (appropriate for the
service). Here is an example (see below for references to additional examples).
protocol=otherDDNSservice
server=whatever.ddnsservice.org
login=MyOtherDDNSserviceusername
password=MyOtherDDNSservicepassword
mysite4.dnsservice.org, mysite5.dnsservice.org
Run ddclient using cron
Cron (http://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html) is the
automatic task scheduler for Linux systems. Although ddclient runs as a daemon, for
various reasons I have found it necessary to force an update at least once a day. This can
be done as a daily scheduled task, using cron.
92 of 265
Edit the crontab with administrative (root) privileges:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo crontab -e
Add the line:
45 04 * * * /etc/init.d/ddclient --force
This will run ddclient and force an update daily at 0400 (actually at 04:45). See here
(http://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html) for a full
description of cron and its options or Ubuntu Community Help (https://help.ubuntu.com
/community/CronHowto) .
Other DDNS services
The ddclient wiki (http://sourceforge.net/apps/trac/ddclient/wiki/Protocols) lists some
configurations for other services (NameCheap (http://namecheap.simplekb.com
/kb.show?show=article&articleid=583&categoryid=11) , DNSPark
(http://www.dnspark.com/services/dynamicDNS.php) , DSLReports
(http://www.dslreports.com/faq/240) , EasyDNS (http://www.easydns.com
/dynamicdns.php3) , ZoneEdit (http://www.zoneedit.com/doc/dynamic.html#faq1) ),
also.
More info can be found on the ddclient forums (http://sourceforge.net/projects
/ddclient/forums/forum/399428) .
A list of DDNS providers is at DMOZ (http://www.dmoz.org/Computers/Internet
/Protocols/DNS/DNS_Providers/Dynamic_DNS/) and Dynamic DNS
(http://dnslookup.me/dynamic-dns/) .
Choose a Dynamic DNS Registrar that is reputable and whom you trust. A
Dynamic DNS provider is able to redirect your server traffic to an anonymous IP
address by using a type of "man-in-the-middle" (http://en.wikipedia.org
/wiki/Man-in-the-middle_attack) redirection (and thereby potentially could
intercept your communications). This can be an obvious security risk. Always
use SSL/TLS and/or SASL authentication with security certificates, and be sure
to encrypt any email that has confidential information in it.
Redirecting a URL
Most free Dynamic DNS providers allow only 1 or 2 free URLs, and they usually include
the domain name of the provider itself. For example, DynDNS domains are often of the
format mydomain.dyndns.org or something similar.
If you have registered a URL with a different DNS registrar, it can be forwarded to the
free URL created at the dynamic DNS provider. (The Dynamic DNS providers (e.g.
DynDNS) hope that you will register your URL with them, of course, so that they can
make money.)
93 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
The dynamic domain URL (e.g. mydomain.dyndns.org) points to the numeric IP address
of your location (router/computer). When traffic is routed to this dynamic domain URL, it
is then re-rerouted to the correct numeric IP address. This can be a transparent process
and, if desired, it is not necessary to reference the dynamic URL except in the forwarding
rules from the original DNS registrar to the Dynamic DNS registrar (e.g. DynDNS).
Using forwarding rules, an infinite number of URLs can be forwarded to a single dynamic
URL. The primary host that resides at the destination IP address must then resolve the
forwarded URLs (using virtual host or .htaccess files) and direct them to the appropriate
server on the computer (or LAN).
CNAME aliases
Different DNS registrars have different methods of forwarding a URL, but in general there
is one method common to all of them: CNAME aliases.
If you have a URL registered with a DNS registrar, go to the DNS settings for your domain
name. Delete any A records (or other entries) and use only CNAME entries.
For example, let's say my free Dynamic DNS URL is mydomain.dyndns.org (at
DynDNS.com). My domain URL is mydomain.me, registered at SuperDuper DNS Registrar.
Logging into SuperDuper DNS Registrar, I edit the DNS settings for mydomain.me (which
in my control panel is found under Manage DNS). I make sure I have these entries:
Name Type Content
@ CNAME mydomain.dyndns.org.
www CNAME mydomain.dyndns.org.
The period ("full stop") at the end of the URL is important to designate that the CNAME is
a FQDN (fully qualified domain name). A CNAME should not have "http://" in it. The @
symbol indicates a URL name without the first segment, e.g. the URL mydomain.me by
itself.
Using CNAME aliasing, the original URL is retained in the browser. It is up to you (using
virtual host files or Rewrite rules in the .htaccess files of Apache, for example) if you wish
to massage the URL at your server (to change it to a canonical name) or redirect it.
URL forwarding
Some domain name registrars have a URL forwarding option. The method of
implementation varies from provider to provider, however, and (depending on the DNS
registrar) is often not as reliable as CNAME aliases. URL forwarding may be enabled using
a DNS setting (similar to a CNAME alias) such as "URL redirect" or it may be in the form
of a "Web forwarding" service. Check with your DNS registrar for specific instructions.
Examples
Multiple domain name URLs, single Dynamic URL
94 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
I have 3 servers on my host, each using a different domain name:
mysite_1.mydomain.org is registered at MasterBlaster DNS Registrar.
mysite_2.mydomain.org is registered at MasterBlaster DNS Registrar.
mysite_3.myotherdomain.me is registered at Felix DNS Registrar. This site can also
be accessed as myotherdomain.me and www.myotherdomain.me.
I registered a free Dynamic URL at DynDNS and using ddclient make sure it is forwarded
to my dynamic IP address (using the instructions above):
bagoftricks.dyndns.org
At MasterBlaster DNS Registrar I set up CNAME forwarding for mydomain.org:
Name Type Content
mysite_1 CNAME bagoftricks.dyndns.org.
At Felix DNS Registrar I set up CNAME forwarding for myotherdomain.me:
Name Type Content
@ CNAME bagoftricks.dyndns.org.
www CNAME bagoftricks.dyndns.org.
On the host computer on my LAN to which incoming port 80 and 443 traffic is initially
directed (by the router), I use Apache virtual host files for each of the incoming URLs.
For example, mysite_3.myotherdomain.me is a MediaWiki website stored at
/etc/mediawiki/mysite_3. There is a symbolic link from /var/www/MySite_3 to
/etc/mediawiki/mysite_3, which was created:
sudo ln -s /etc/mediawiki/mysite_3 /var/www/MySite_3
A virtual host configuration file named MySite3 was then created in /etc/apache2/sitesavailable (use gedit instead of kate in Ubuntu):
sudo kate /etc/apache2/sites-available/MySite3
and the settings created:
<VirtualHost *:80>
#
UseCanonicalName off
#
DocumentRoot /var/www/MySite_3
DirectoryIndex index.php index.html
#
ServerName mysite3.myotherdomain.me
## We want to be able to access the web site using foobar1.dyndns.org or www.foobar1.dyndns.org
ServerAlias www.myotherdomain.me myotherdomain.me
95 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
ServerAdmin webmaster@localhost
#
RewriteEngine On
#
<Directory /var/www/MySite_3>
Options Indexes FollowSymLinks MultiViews
Options FollowSymLinks MultiViews
# AllowOverride None
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>
The virtual host file was made active and Apache restarted:
sudo ln -s /etc/apache2/sites-available/MySite3 /etc/apache2/sites-enabled/MySite3
Mysite_1 is a Drupal6 website stored at /etc/drupal/6/sites/mysite_1.mydomain.org.
There is a symbolic link from /etc/drupal/6/sites/mysite_1.mydomain.org to
/var/www/MySite_1, which was created:
sudo ln -s /etc/drupal/6/sites/mysite_1.mydomain.org /var/www/MySite_1
<VirtualHost *:80>
#
#
#
ServerName mysite_1.mydomain.org
ServerAlias mysite_1.mydomain.org
#
RewriteEngine On
#
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>
96 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Similarly, Mysite_2 is a MediaWiki website stored at /etc/mediawiki/mysite_2. There
is a symbolic link from /etc/mediawiki/mysite_2 to /var/www/MySite_2, which was
created:
sudo ln -s /etc/mediawiki/mysite_2 /var/www/MySite_2
<VirtualHost *:80>
#
#
#
ServerAlias mysite_2.mydomain.org
#
RewriteEngine On
#
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>
If the servers are on different computers on the LAN, then Apache reverse proxy
virtual host files should be used.
FTP tips
FTP (File Transfer Protocol) (https://en.wikipedia.org/wiki/File_Transfer_Protocol) is a
standard network protocol used to transfer files from one host to another host over a
97 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
TCP-based network, such as a LAN or the Internet. FTP servers are very lightweight and
efficient (and require little system overhead to run).
FTP has been used for several decades and is ubiquitous, with clients
(https://en.wikipedia.org/wiki/Comparison_of_FTP_client_software) for every OS and
platform. FileZilla, for example, is one of the easiest and most powerful.
Almost all current FTP servers allow settings to enable FTPS (https://en.wikipedia.org
/wiki/FTPS) (TLS/SSL encrypted transfers). This is distinct from the practice of FTP
through an SSH connection (known as SFTP (https://en.wikipedia.org/wiki/FTPS) ) which
can only be done by users that already have complete user shells (with SSH capabilities
enabled) on the host computer (not a common scenario with shared web host servers,
for security reasons). The FileZilla client is compatible with all of the available security
implementations.
Vsftpd (FTP server)
vsftpd (http://vsftpd.beasts.org/) is an FTP server available in (K)Ubuntu. For
configuration information, see the official Ubuntu documentation
(https://help.ubuntu.com/11.04/serverguide/C/ftp-server.html) . Install:
sudo apt-get install vsftpd
Edit the configuration file /etc/vsftpd.conf (use gedit instead of kate if using Ubuntu
sudo kate /etc/vsftpd.conf
After changing the desired configuration settings, restart vsftpd:
sudo /etc/init.d/vsftpd restart
Using two separate user accounts for vsftpd
This is an example setup in which two authenticated user accounts (each with its own
password) are used for FTP files. One user account (ftprestricted) will be used for
restricted files, and one user account (ftpguest) will be used for less restricted files. The
rationale for such a setup is so that the two password-protected accounts will be created
with folders in the /home folder, with relative privilege separation from each other and
from the rest of the system. (In one commonly used setup, the /home folder is kept is
own isolated partition, thereby easing and securing file maintenance during system
upgrades (and other transitions). This example method maintains a FTP structure that is
in keeping with such a setup).
98 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
While logged in as a system administrator, create two news user accounts named
ftprestricted and ftpuser.
Menu -> System -> System Settings -> Advanced: User Management -> User
Accounts
-> New... -> Details -> Status: Enabled -> Login Name: ftprestricted -> Privileges
and Groups
-> Privileges: (untick all) -> Groups: (untick all) -> Password/Security ->
Password: Valid Until: Always (ticked) -> OK
-> New... -> Details -> Status: Enabled -> Login Name: ftpguest -> Privileges and
Groups
-> Privileges: (untick all) -> Groups: (untick all) -> Password/Security ->
Password: Valid Until: Always (ticked) -> OK
Log out, then log in once as ftprestricted. When prompted, enter a password (such
as ftpsecretpw) that will be used for all ftprestricted functions (including FTP
access). This will set up a complete shell / folder structure for ftprestricted. Log out,
then log in once as ftpguest. When prompted, enter a password (such as
ftpopenpw) that will be used for all ftpguest functions (including FTP access). This
will set up a complete shell/folder structure for ftpguest. finally, logout and then log
in once again as a system administrator.
Disable the ability of the two new user accounts (ftprestricted and ftpguest) to log
into the system:
Menu -> System -> System Settings -> Advanced: Login Manager -> Users ->
Excluded users: ftprestricted (ticked) -> ftpguest (tocked) -> OK
Using a File Manager with root-level privileges (sudo dolphin or sudo nautilus),
delete any undesirable folders (such as /Desktop, /Templates, /Maildir, etc.) from the
/home/ftprestricted and /home/ftpguest folders. (This will create a cleaner FTP folder
structure.)
Edit the vsftpd configuration file to allow authenticated access (but not anonymous
access). Allow read/write privileges (but not for anonymous users). (Use gedit
instead of kate if using Ubuntu instead of Kubuntu.) :
and make sure the following settings are included:
#
#anonymous_enable=YES
anonymous_enable=NO
#
#local_enable=NO
local_enable=YES
#
write_enable=YES
#
#anon_upload_enable=YES
99 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
anon_upload_enable=NO
#
Also set any other desired parameters. (With this setup, it is not necessary to chroot
"jail" a user nor to use a separate "ftpsecure" account.)
Save then restart vsftpd:
Now there will be two FTP accounts that can be used with the FTP server, each with
its own password and its own isolated set of folders (in the /home/ftprestricted and
/home/ftpguest directories). Naturally, any number of user accounts used strictly for
FTP could be created in a similar manner. An FTP client could then connect to the
server using Logontype: Normal and either the User: ftprestricted with Password:
ftpsecretpw or the User: ftpguest with Password: ftpopenpw.
Securing vsftpd
I only allow user accounts set up strictly for FTP to be accessed through FTP.
(Unfortunately, user account password sniffing and cracking is all too easy and
common these days. Should I allow regular user accounts the be accessed by FTP,
this is a huge security hole (IMO).) I therefore add all regular user accounts to the
"no FTP" list found at /etc/ftpusers (which, paradoxically, is a list of system user
accounts forbidden from using FTP).
sudo kate /etc/ftpusers
To this list I add all user accounts, except those designated solely for FTP (e.g.
ftprestricted and ftpguest created in the example of the preceding section).
Another method of restricting FTP user accounts is detailed in the official Ubuntu
documentation (https://help.ubuntu.com/11.04/serverguide/C/ftp-server.html) .
Encrypting transfers with FTPS
FTP can be encrypted using FTPS (https://en.wikipedia.org/wiki/FTPS) , which is FTP over
Secure Socket Layer (TLS/SSL). The discussion below is for explicit FTPS (FTPES).
To configure FTPS, edit /etc/vsftpd.conf (use gedit instead of kate if using Ubuntu
100 of 265
and at the bottom add:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
ssl_enable=Yes
It is also possible to add the "pseudo-" certificate and key that are often pre-installed (or
can be installed using the ssl-cert package -- sudo apt-get install ssl-cert) on a (K)Ubuntu
system by adding the lines:
#rsa_cert_file=/etc/ssl/certs/vsftpd.pem
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
In a production environment, however, these should be replaced with a certificate and
key generated for the specific host. For more information on certificates see the official
Ubuntu documentation (https://help.ubuntu.com/11.04/serverguide/C/certificatesand-security.html) .
Restart vsftpd, and non-anonymous users will be forced to use explicit FTPS:
When connecting (using the FileZilla client, for example), now use Servertype: FTP
over explicit TLS/SSL. A prompt will appear to accept the (snakeoil) certificate.
Troubleshooting vsftpd
When using regular FTP behind a firewall, vsftpd uses port 21 as the control port
and port 20 as the data port (in both active and passive mode). Make sure ports
20-21 are open in the outgoing firewall of the FTP client, the incoming firewall of the
vsftpd server, and that the router forwards ports 20-21 to the LAN IP address used
by the computer with the vsftpd server.
When using explicit FTPES behind a firewall, port 21 is still used as the control port,
but a port range (other than port 20) to be used for data (in both passive and active
modes) must be designated in the /etc/vsftpd.conf file, and opened/forwarded
accordingly. For example, edit /etc/vsftpd.conf (use gedit instead of kate if using
and specify a port range (for example 36020-36030) to use:
pasv_min_port=36020
pasv_max_port=36030
Restart vsftpd:
101 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Then make sure ports 21 and 36020-36030 are open in the outgoing firewall of the FTP
client, the incoming firewall of the vsftpd server, and that the router forwards ports 21
and 36020-36030 to the LAN IP address used by the computer with the vsftpd server.
Also make sure the FTP client specifies the port range for transfers. For example, in the
FileZilla client, these are set:
FileZilla -> Edit -> Settings ... -> FTP -> Transfer Mode: Passive (ticked)
-> Allow fall back to other transfer mode on failure (ticked) -- (this is optional)
-> Active Mode -> Limit local ports used by FileZilla (ticked)
-> Lowest available port: 36020 -> Highest available port: 36030
-> Passive mode -> Use the server's external IP address instead (ticked)
If this is not done correctly, this error will be displayed in the FTP client when trying to
connect (and there will be a failure to list the FTP directories):
"Server sent reply with unroutable address. Using server address instead."
Proftpd (FTP server)
Note: These Proftpd instructions were originally written for the Feisty version of
Ubuntuguide.
Proftpd (http://www.proftpd.org/) is an FTP server available in (K)Ubuntu that can be
used with either the MySQL or PostgreSQL database. Also see the Ubuntu
Community documentation (https://help.ubuntu.com/community/ProFTPD) . Install:
sudo apt-get install proftpd
Configure proFTPd users to be "jailed" (chrooted) into their home
directories
Edit the proftpd configuration file (making a backup first). (Use kate instead of gedit
if using Kubuntu instead of Ubuntu.):
sudo cp /etc/proftpd/proftpd.conf /etc/proftpd/proftpd.conf_backup
sudo gedit /etc/proftpd/proftpd.conf
Find this section
...
DenyFilter
...
102 of 265
\*.*/
and add this line below it:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
DefaultRoot
~
Save the edited file then restart proftpd:
sudo /etc/init.d/proftpd restart
Configure the proFTPd Server to allow anonymous FTP users to
only have "read only" access
Also see the UbuntuGeek ProftpD Server Setup in Ubuntu Tutorial
(http://www.ubuntugeek.com/settingup-an-ftp-server-on-ubuntu-with-proftpd.html)
Append the following lines at the end of file
<Anonymous ~ftp>
User
ftp
Group
nogroup
UserAlias
anonymous ftp
DirFakeUser on ftp
DirFakeGroup on ftp
RequireValidShell
off
MaxClients
10
DisplayLogin
welcome.msg
DisplayFirstChdir
.message
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
</Anonymous>
Configure the proFTPd Server to allow anonymous FTP users to
have "read/write" access
103 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
<Anonymous ~ftp>
User
ftp
Group
nogroup
UserAlias
anonymous ftp
DirFakeUser on ftp
DirFakeGroup on ftp
RequireValidShell
off
MaxClients
10
DisplayLogin
welcome.msg
DisplayFirstChdir
.message
</Anonymous>
Map the anonymous FTP user to a folder other than /home/ftp/
<Anonymous /location_of_folder/>
User
ftp
Group
nogroup
UserAlias
anonymous ftp
DirFakeUser on ftp
DirFakeGroup on ftp
RequireValidShell
off
MaxClients
10
DisplayLogin
welcome.msg
DisplayFirstChdir
.message
<Directory *>
<Limit WRITE>
DenyAll
</Limit>
</Directory>
</Anonymous>
Change the default port number for the proFTPd Server
104 of 265
For this example the new port number will be 77. Edit the proftpd configuration file
(making a backup first). (Use kate instead of gedit if using Kubuntu instead of
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Ubuntu.):
Find this line:
Port
21
Replace with the following line:
Port
77
Restart the FTP server:
FTP to a remote (K)Ubuntu host from a Windows client
Warning: An unsecured FTP server is a security risk. FTP servers should be used
either within a firewall-protected LAN only or over the Internet in conjunction with
TLS/SSL (FTPS), SSH (SFTP), or using a VPN connection.
The remote (K)Ubuntu host machine must have an FTP Server service running.
Download and install FileZilla for Windows here (http://prdownloads.sourceforge.net
/filezilla/FileZilla_2_2_18_setup.exe?download) .
FTP addresses take the form:
ftp://[username]:[password]@[hostname].[domain].[tld]:[portnumber]/[directory]/
Note: The username and password are optional. If they are not given (and the server is
not configured for anonymous access) they will be requested.
FTP to a remote Windows host from a (K)Ubuntu client
105 of 265
Warning: An unsecured FTP server is a security risk. FTP servers should be used
either within a firewall-protected LAN only or over the Internet in conjunction with
TLS/SSL (FTPS), SSH (SFTP), or using a VPN connection.
Install an FTP Server on your main file host. You can use FileZilla Server for Windows
(http://sourceforge.net/project/showfiles.php?group_id=21558) or CrossFTP Server
(http://www.crossftp.com/crossftpserver.htm) (which requires Java) for all platforms
(see this CrossFTP Server tutorial (http://www.crossftp.com/tutorials
/tutorial_server_setup_demo/tutorial_server_setup_demo.htm) ).
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Install an FTP client on your local client machine. Again, you can use FileZilla
(http://sourceforge.net/project/showfiles.php?group_id=21558) or CrossFTP
(http://www.crossftp.com/) .
FileZilla is available as a package:
The FTP address normally has the form:
ftp://[username]:[password]@[hostname]:[port]
Configure the NAT/router/gateway/firewall for an FTP server
The host machine must be running an FTP Server.
Configure your FTP server with a limited passive port range so that the same limited
TCP port range can be opened in the "incoming" firewall settings.
For proftpd, edit the /etc/proftpd/proftpd.conf configuration file (use kate
instead of gedit if using Kubuntu instead of Ubuntu):
and edit this line to indicate the desired port range to be used for FTP transfers:
PassivePorts xx-yy
For security, it's a good idea to operate the server on a non-standard port. See
changing the default port number for the FTP server. For proftpd, edit this line
in /etc/proftpd/proftpd.conf:
Port x
where x is the port over which you wish FTP traffic to be transmitted.
The NAT/router/gateway/firewall devices or software must be configured to allow the
configured incoming TCP ports (port x in the example) to be forwarded to your host
on the LAN.
FTP troubleshooting
106 of 265
If a connection is not allowed or is "refused," make sure the "outgoing" firewall
settings on the client allow the correct FTP ports to be open. The default FTP ports
are normally 20-21, unless non-standard ports have been designated and are being
05/24/2012 08:14 AM
UbuntuGuide Part2 -
used. In that case, the same "incoming" ports that are in use by the FTP server must
be allowed as "outgoing" ports by the firewall of the computer with the FTP client as
well.
If files do not transfer correctly (or appear to transfer from the client to the server
but then are not saved on the server), make sure the "Transfer mode" is correctly
set. For many servers the "Transfer mode" must be "Active," not "Passive." (Note
that this is a different issue from a "Passive" vs. "Active" connection.) This particular
problem kept me from connecting to one particular FTP server for over a year (and
no one knew the solution)! In the FileZilla FTP client, the Transfer Mode settings are
found:
FileZilla -> File: Site Manager... -> My Sites: (highlight FTP server host site) ->
Transfer Settings -> Transfer Mode -> Active (ticked)
Google Android FTP clients
Until Ubuntu is widely available on tablets, Google Android is the primary Linux
distribution used for a majority of tablets (and other mobile devices). Fortunately, there
are several FTP clients available for the Android OS that can connect to a
(K)Ubuntu-based FTP server. Note that as with all Android apps (especially those with ads
and access to all critical device functions), no guarantee of security can be expected and
it is not recommended to use them for private or sensitive uses. Always use complete
security and anonymity when enabling access from any Android device (or mobile device
using any other OS, for that matter).
AndFTP (http://www.lysesoft.com/products/andftp/index.html) -- available for direct
download here (http://www.lysesoft.com/products/andftp/index.html#download) and
also from the Google Android (https://market.android.com
/details?id=lysesoft.andftp) marketplace. It is free (no ads) and works quite well,
with support for FTPS (both explicit and implicit), SFTP, and SCP (SSH Secure copy).
SwiFTP (http://code.google.com/p/swiftp/) -- open source and available for direct
download here (http://code.google.com/p/swiftp/downloads/list) (free, with no ads);
a server version is also available from the F-Droid (http://f-droid.org/repository
/browse/?fdid=org.swiftp&fdpage=6) repository
FTPCafe (http://www.ftpcafe.com/) -- available from the Amazon Android App
(http://www.amazon.com/Droidware-UK-FtpCafe-FTP-Client/dp/B004WB1NMC
/ref=sr_1_1?ie=UTF8&s=mobile-apps&qid=1327947365) marketplace. The free
version is ad-based.
FTPDroid (http://berserkerdevel.blogspot.com/) -- available from the Google Android
(https://market.android.com/details?id=berserker.android.apps.ftpdroid)
marketplace. The free version is ad-based.
SFTP
SFTP (http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1) is a protocol for
transferring files using SSH certificate privileges, but is not strictly FTP through an SSH
connection.
107 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
From the command line, a user would connect an OpenSSH server on a computer
where 1) the user already has a shell account and 2) the user already has SSH
privileges established (either with an SSH key pair or with a password (using a
password is less secure)). From the command line, a connection would be
established:
sftp user:[email protected]
or
sftp [email protected]
(in the latter case you will be prompted for a password).
If you have created a public/private key pair using ssh-keygen, the private key must
be stored in /home/user/.ssh on the client computer. The key should be accessible
only to user
sudo chmod 600 /home/user/.ssh/identity
or
sudo chmod 600 /home/user/.ssh/id_rsa
To login once a key pair has been established:
sftp [email protected]
Note: You can run the command as a menu item, but the command must be "run in
terminal."
SFTP clients
108 of 265
FileZilla can create SFTP connections in a manner similar to other types of FTP.
Most Google Android clients (including AndFTP) can also create SFTP connections in
a manner similar to other types of FTP.
Nautilus File Manager (used in Ubuntu/Gnome) can access folders using SFTP by
Nautilus -> Go -> Location
-> sftp://username:[email protected]
or
-> sftp://[email protected] (in which case you will be prompted for a
05/24/2012 08:14 AM
UbuntuGuide Part2 -
password)
Replace username with your username and replace everything after the @ symbol with
the server's address. You will be prompted for a password if needed. If there is no
username (anonymous) omit the username and the @ symbol.
In the Dolphin file manager (used in Kubuntu/KDE), add an entry
Dolphin -> (right-click) in the Places column -> Add entry ... -> Location:
-> sftp://username:[email protected]
or
-> sftp://[email protected] (in which case you will be prompted for a
password)
SFTP server
The SFTP server is the OpenSSH server. SFTP capabilities are built into the OpenSSH
server. See this section for instructions on installing and customising an OpenSSH server.
If you can successfully establish an SSH connection, you will be able to successfully
establish an SFTP connection. No additional configuration is required.
The (K)Ubuntu host must be running an SSH Server.
The format of the client command to create an SSH tunnel to an OpenSSH host
listening on the default port 22 is:
ssh -L <local port>:<remote computer>:<remote port> <user>@<remote ip>
An example is:
ssh -L 6669:94.92.10.15:6667 foowho
In this example, local port 6669 on the local client computer is tunneled by encrypted
SSH over the default port 22 to the router at 94.92.10.15. The router must be set up to
forward port 22 to whatever the internal LAN IP (such as 192.168.0.56) of the SSH host
is. The host is running OpenSSH (ssdh service) and is set to listen to port 22. It then
routes the incoming data to the host port 6667, where presumably some other program
is waiting for data. foowho has an account on the host running the OpenSSH server.
SSH tunnels can also be established using URLs and even alternate ports. An example is:
ssh -L 5900:foobar.dyndns.org:5900 foowho -p 11022
109 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
In this example, local port 5900 on the client is forwarded through an SSH tunnel on port
11022 to foobar.dyndns.org. The DNS service translates foobar.dyndns.org into the
appropriate WAN (Internet) IP address, where the router is listening. The router is set up
to forward port 11022 to the LAN machine hosting the OpenSSH server, which is listening
on port 11022. It then sends the data to whatever program is running on port 5900 on
the host.
You can forward a local port to a different port on the remote host.
Example: Make port 80 (web server/browser) on the remote host at 10.0.2.10
available locally as port 81
ssh -L 81:10.0.2.10:80 [email protected]
You can create secure SSH tunnels to multiple hosts using multiple ports.
ssh -L 81:10.0.2.10:80 -L 82:10.0.2.20:80 -L 83:10.0.2.30:80 [email protected]
Now, local port 81 locally forwards to port 80 on the host at 10.0.2.10, local port 82
forwards to port 80 on the host at 10.0.2.20 and local port 83 forwards to port 80 on the
host at 10.0.2.30. In this example, user has an account on all three host machines at
10.0.2.10, 10.0.2.20, and 10.0.2.30.
Once port forwarding is set up by ssh, an application is directed to the SSH tunnel
for port usage by using the loopback as the destination.
Example 1:
ssh -L 81:10.0.2.10:80 [email protected]
http://localhost:81 or http://127.0.0.1/:81
will direct a web browser to use port 81 locally, which is being redirected by SSH to port
80 on the remote host at 10.0.2.10.
Example 2:
ssh -L 5900:foobar.dyndns.org:5900 foowho
vncviewer 127.0.0.1 or vncviewer localhost
will direct vncviewer (which uses port 5900 by default) to direct its traffic through the ssh
tunnel to the host at foobar.dyndns.org, where, presumably, a VNC server is listening on
port 5900.
Limit OpenSSH users
110 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
How to limit the user accounts that can connect
through ssh remotely
Note: When you initially enable the SSH server, any user with a valid account can
connect remotely. This can lead to security risks because password cracking tools
exist that try common username/password pairs. This method helps restrict login
access.
Keep a backup of the ssh server configuration file:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.ORIGINAL
Edit the configuration file (use the gedit text editor instead of kate if using Ubuntu
Change the parameter:
PermitRootLogin no
This disallows the root user from connecting through SSH remotely.
Add the parameter:
AllowUsers <user1> <user2> ...
and specify the usernames (space separated) that can connect remotely.
NOTE: This will allow ONLY the users specified to connect. You may use wildcards here
(example: j* will allow jsmith to connect but not fsmith).
You can also use:
DenyUsers <user1> <User2> ...
and specify, again using wildcards, users restricted from using SSH.
If you enable the OpenSSH server and you do not wish to enable any remote
connections, you may add:
AllowUsers nosuchuserhere
111 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
OpenVPN
One computer on a LAN can be designated as a VPN (http://en.wikipedia.org
/wiki/Virtual_private_network) server to allow encrypted traffic to pass between remote
clients and the computers on the LAN (through the VPN server portal). OpenVPN
(http://openvpn.net/) uses Public Key Infrastructure (PKI) (http://en.wikipedia.org
/wiki/Public_key_infrastructure) certificates when establishing an encrypted VPN
(http://en.wikipedia.org/wiki/Virtual_private_network) tunnel between two nodes (the
server and the client).
This hardware requirements of a dedicated VPN server depend on the number of
simultaneous communication tunnels that are anticipated. A very modest computer can
fulfill the needs of a VPN server if less than 10 VPN connections are anticipated. A VPN
server with dozens of tunnels may benefit from greater RAM and CPU speed. Of course,
the speed of the ethernet connection is the limiting factor, so robust networking cards
are very important (Gigabit speeds are desirable, at least).
Using a bridge interface
An OpenVPN server often uses a bridge interface. One network connection (an ethernet
card, for example) connects to the WAN (Internet) through which the VPN connection is
made, and a second network connection (a second ethernet card, for example) connects
to the LAN. The traffic between these two connections is "bridged." See Network
Interface Bridging for more details.
OpenVPN Server Installation
Install OpenVPN:
sudo apt-get install openvpn
Server certificates
Create the OpenVPN server certificates.
Copy the easy-rsa directory to /etc/openvpn. This will ensure that any changes
to the scripts will not be lost when the package is updated.
sudo mkdir /etc/openvpn/easy-rsa/
sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/
Edit /etc/openvpn/easy-rsa/vars and adjust the variables for your environment:
export
export
export
export
export
112 of 265
KEY_COUNTRY="US"
KEY_PROVINCE="CA"
KEY_CITY="MyCity"
KEY_ORG="MyCompany"
KEY_EMAIL="[email protected]"
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Run the scripts to create the server certificates:
cd /etc/openvpn/easy-rsa/easy-rsa
source vars
./clean-all
./build-dh
./pkitool --initca
./pkitool --server server
cd keys
openvpn --genkey --secret ta.key
sudo cp server.crt server.key ca.crt dh1024.pem ta.key /etc/openvpn/
Client Certificates
A VPN clients requires a certificate in order to authenticate itself to the VPN server.
Create the certificate:
cd /etc/openvpn/easy-rsa/
source vars
./pkitool hostname
Note: Replace hostname with the actual hostname of the client machine that will be
connecting to the VPN.
Copy the certificate files that have been created to the client:
/etc/openvpn/easy-rsa/hostname.ovpn
/etc/openvpn/easy-rsa/ca.crt
/etc/openvpn/easy-rsa/hostname.crt
/etc/openvpn/easy-rsa/hostname.key
/etc/openvpn/easy-rsa/ta.key
Note: Use the files that correspond to your client machine's hostname.
Server Configuration
On the OpenVPN server, modify /etc/openvpn/server.conf from the example file:
sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/
sudo gzip -d /etc/openvpn/server.conf.gz
Edit etc/openvpn/server.conf:
sudo nano /etc/openvpn/server.conf
Changing the following options to resemble:
local 172.18.100.101
dev tap0
113 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
server-bridge 172.18.100.101 255.255.255.0 172.18.100.105 172.18.100.200
push "route 172.18.100.1 255.255.255.0"
push "dhcp-option DNS 172.18.100.20"
push "dhcp-option DOMAIN example.com"
tls-auth ta.key 0 # This file is secret
user nobody
group nogroup
Notes:
local: is the IP address of the bridge interface.
server-bridge: needed when the configuration uses bridging. The
172.18.100.101 255.255.255.0 portion is the bridge interface and mask. The IP
range 172.18.100.105 172.18.100.200 is the range of IP addresses that will be
assigned to clients.
push: directives to add networking options for clients.
user and group: configure which user and group the openvpn daemon executes
as.
Replace all IP addresses and domain names above with those of your network.
Create helper scripts to add the tap interface to the bridge.
Create /etc/openvpn/up.sh:
sudo nano /etc/openvpn/up.sh
Add the lines:
#!/bin/sh
#
BR=$1
DEV=$2
MTU=$3
/sbin/ifconfig $DEV mtu $MTU promisc up
/usr/sbin/brctl addif $BR $DEV
Create /etc/openvpn/down.sh:
sudo nano /etc/openvpn/down.sh
Add the lines:
#!/bin/sh
#
BR=$1
DEV=$2
#
/usr/sbin/brctl delif $BR $DEV
/sbin/ifconfig $DEV down
Make the scripts executable:
sudo chmod 755 /etc/openvpn/down.sh
114 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo chmod 755 /etc/openvpn/up.sh
Restart OpenVpn:
sudo /etc/init.d/openvpn restart
Client Configuration
Copy the example client configuration file:
sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn
Edit the client configuration file:
sudo nano /etc/openvpn/client.conf
Change it to resemble:
dev tap
remote vpn.mycompany.com 1194
cert hostname.crt
key hostname.key
tls-auth ta.key 1
Note: Replace vpn.mycompany.com with the hostname of your VPN server, and
hostname.* with the actual certificate and key filenames that correspond to the
client.
Restart OpenVpn:
sudo /etc/init.d/openvpn restart
Connect the VPN client to the remote LAN through the OpenVPN server.
Other resources
Ubuntu 9.10 Server Guide (Karmic Koala) -- OpenVPN server
(https://help.ubuntu.com/9.10/serverguide/C/openvpn.html)
WebDAV
WebDAV (http://en.wikipedia.org/wiki/WebDAV) is a method for allowing remote access to
local folders via an HTTP-based web browser. In other words, an HTTP-based file server is
created (using the Apache2 server platform in these examples, since the Apache2
webserver has a built-in WebDAV module (http://httpd.apache.org/docs/2.2
/mod/mod_dav.html) ).
115 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
This can be combined with user authentication (using LDAP or a number of other
password mechanisms).
WebDAV Server Installation
Install Apache webserver
Apache2 must be installed, either alone or as part of a LAMP server.
sudo apt-get install apache2
or
Open your firewall
Remember, WebDAV is an HTTP server. The incoming default HTTP and/or HTTPS ports
(80 and/or 443) should be open to the server. It is, of course, also possible to use custom
ports by changing the allowed incoming ports in the firewall, the virtual host
configuration file, and, of course, the URL used to reach the WebDAV server.
Enable the Apache2 WebDAV modules
Enable the dav and dav_fs modules:
sudo a2enmod dav_fs
Restart Apache2:
Create a folder for WebDAV use
There are two options:
Create a WebDAV directory in the /var/www folder:
sudo mkdir /var/www/WebDAV1
or
Create a WebDAV directory in the /home/user/ (also known as ~/) folder and create a
symbolic link:
116 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
mkdir ~/WebDAV1
sudo ln -s ~/WebDAV1 /var/www/
Create a subdirectory for files:
mkdir /var/www/WebDAV1/files
Note: In the next several steps, file/folder ownership and permissions can also be
adjusted from a File Manager (such as Dolphin in Kubuntu or Nautilus in Ubuntu) as
root:
sudo dolphin
or
sudo nautilus
Make sure the owner of whichever WebDAV folder was created (and its subfolders,
using the -R recursive switch) is www-data (the user ID for Apache2) and the group
is that of your user ID (or, alternatively, root):
sudo chown -R www-data:user /var/www/WebDAV1
or
sudo chown -R www-data:user ~/WebDAV1
Alternatively you could create a webdav user group so that some group of local users
could access the files locally (instead of through WebDAV). Add the individual users to
that group and use webdav as the group instead of a single user (or root), for example:
sudo chown -R www-data:webdav /var/www/WebDAV1
To allow files in the WebDAV folder (and its subfolders, using the -R recursive switch)
to be Read/Write but not eXecutable (which may be a security risk on some
servers):
sudo chmod 664 -R /var/www/WebDAV1
or
sudo chmod 664 -R ~/WebDAV1
117 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Create or edit the virtual host file
Edit the virtual host (vhost) file used for the URL through which WebDAV will be
accessed (use the gedit text editor instead of kate if using Ubuntu instead of
Kubuntu):
sudo kate /etc/apache2/sites-available/mydomainhost
where mydomainhost is the name of the virtual host configuration file used for your URL.
If you are using the default virtual host file, edit that one.
Add the line
Alias /webdav1 /var/www/WebDAV1/files
so that accessing the WebDAV folder using the URL
http://myhost.mydomain.org/webdav1
will forward to the correct folder (/var/www/WebDAV1) on the computer.
The final virtual host file ought to resemble:
<VirtualHost *>
#
# UseCanonicalName off
# ServerName webdav1.mydomain.org
ServerName myhost.mydomain.org
ServerAlias 192.168.0.155 webdav1.mydomain.org
#
ServerAdmin root@localhost
DocumentRoot /var/www/
#
#
<Directory /var/www/WebDAV1/>
Options Indexes MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
</VirtualHost>
In this example, the WebDAV server is on the primary server, so the URL is the same as
that of the primary server (and would be accessed from http://myhost.mydomain.org
/webdav1). The primary server's IP address on the LAN (in this example) is
192.168.0.155, so to access it from the LAN, this address could also be used:
http://192.168.0.155/webdav1.
Enable the virtual host (vhost):
sudo ln -s /etc/apache2/sites-available/mydomainhost /etc/apache2/sites-enabled/
118 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Restart Apache2:
Test that the folders are reachable through Apache2 using:
http://localhost/webdav1
or
http://192.168.0.155/webdav1
Create password access for the WebDAV folders
Note: This method uses HTTP Basic Authentication as outlined in the Apache
documentation (http://httpd.apache.org/docs/2.0/mod/mod_dav.html) . However,
this same documentation recommends against routine use of HTTP Basic
Authentication (which transmits unencrypted passwords, inviting password sniffing)
and instead recommends HTTP Digest Authentication (http://httpd.apache.org
/docs/2.0/mod/mod_auth_digest.html) (or at least HTTP Basic Authentication over
SSL (http://httpd.apache.org/docs/2.0/mod/mod_ssl.html) ). Refer to the Apache
documentation for more details.
Create the WebDAV password file /var/www/WebDAV1/passwd.dav with the user
testuser. For more info see here (http://httpd.apache.org/docs/2.0/howto/auth.html)
. (The -c switch creates the file if it does not exist.):
sudo htpasswd -c /var/www/WebDAV1/passwd.dav testuser
Type in a password for the user testuser.
We will later use this userID when connecting to the WebDAV URL:
Add other users (e.g. testuser2, testuser3, etc.) as needed. (Omit the -c switch
because the password file already exists.)
sudo htpasswd /var/www/WebDAV1/passwd.dav testuser2
Note: See below for adding a password for users accessing WebDAV folders from
Windows clients.
Change the permissions of the /var/www/WebDAV1/passwd.dav file so that only
www-data (as owner) and user (or, alternatively, root) as the group can access it:
sudo chown www-data:user /var/www/WebDAV1/passwd.dav
119 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo chmod 660 /var/www/WebDAV1/passwd.dav
Note: I personally use chmod 460, which does not allow the www-data owner to
write to the file (only read permissions are allowed). Only members of the local
group user can read/write to the file using this chmod 460 setting.
Edit the virtual host (vhost) file /etc/apache2/sites-available/mydomainhost (use the
and add the following lines to it:
#
<Location /webdav1>
DAV On
AuthType Basic
AuthName "webdav1"
AuthUserFile /var/www/WebDAV1/passwd.dav
Require valid-user
</Location>
The final virtual host (vhost) file should resemble:
<VirtualHost *>
#
#
#
#
AllowOverride None
Order allow,deny
allow from all
</Directory>
#
<Location /webdav1>
DAV On
AuthType Basic
AuthName "webdav1"
AuthUserFile /var/www/WebDAV1/passwd.dav
Require valid-user
</Location>
</VirtualHost>
Reload Apache:
/etc/init.d/apache2 reload
120 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Testing WebDAV
Install cadaver, a command-line WebDAV client:
sudo apt-get install cadaver
Test if WebDAV works:
cadaver http://localhost/webdav1/
You should be prompted for a user name. Type in testuser and then the password for
testuser. If all goes well, you should be granted access which means WebDAV is working
ok. To leave the WebDAV shell, type quit:
server1:~# cadaver http://localhost/webdav1/
Authentication required for test on server `localhost':
Username: testuser
Password: *******
dav:/webdav1/> quit
Connection to `localhost' closed.
server1:~#
Set up Digest Authorization (encrypted passwords)
Enable the HTTP Digest Authentication (http://httpd.apache.org/docs/2.0
/mod/mod_auth_digest.html) module:
sudo a2enmod auth_digest
Create a digest authorization password file:
sudo htdigest -c /var/www/WebDAV1/digestpasswd.dav webdav1digest testuser
Add other users (e.g. testuser2, testuser3, etc.) as needed. (Omit the -c switch
because the password file already exists.)
sudo htdigest /var/www/WebDAV1/digestpasswd.dav webdav1digest testuser2
Note: See below for adding a password for users accessing WebDAV folders from
Windows clients.
Change the permissions of the /var/www/WebDAV1/digestpasswd.dav file so that
only www-data (as owner) and user (or, alternatively, root) as the group can access
it:
sudo chown www-data:user /var/www/WebDAV1/digestpasswd.dav
121 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo chmod 660 /var/www/WebDAV1/digestpasswd.dav
Note: I personally use chmod 460, which does not allow the www-data owner to
write to the file (only read permissions are allowed). Only members of the local
group user can read/write to the file using this chmod 460 setting.
Edit the virtual host (vhost) file /etc/apache2/sites-available/mydomainhost (use the
and this time add the following lines to it:
#
<Location /webdav1>
DAV On
AuthType Digest
AuthName "webdav1digest"
AuthUserFile /var/www/WebDAV1/digestpasswd.dav
Require valid-user
</Location>
so that the final file resembles:
<VirtualHost *>
#
#
#
#
AllowOverride None
Order allow,deny
allow from all
</Directory>
#
# <Location /webdav1>
# DAV On
# AuthType Basic
# AuthName "webdav1"
# AuthUserFile /var/www/WebDAV1/passwd.dav
# Require valid-user
# </Location>
#
<Location /webdav1>
DAV On
AuthType Digest
Require valid-user
</Location>
</VirtualHost>
122 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Enable WebDAV lock
Although optional, the lock database prevents multiple users from overwriting the same
file simultaneously.
Create a global Apache2 configuration file (use the gedit text editor instead of kate
if using Ubuntu instead of Kubuntu):
sudo kate /etc/apache2/conf.d/webdav
and add the single line:
DavLockDB /var/lock/apache2/DAVLock
It may be necessary to also add this line to the dav_fs configuration file:
sudo kate /etc/apache2/mods-available/dav_fs.conf
This directive indicates that the locking database files will be named DAVLock by the
dav_lock module. These database files will be stored by Apache in the /var/lock/apache2
folder.
By default, Apache2 allows a WebDAV client to set the file lock time. Many WebDAV
clients, for example, impose a file lock time of 2 minutes. A longer lock time can
optionally be imposed by the WebDAV server by adding an additional line:
DAVMinTimeout 5
where in this example the minimum file lock time is set to 5 minutes for all clients.
(The default is DAVMinTimeout 0, which indicates that no minimum file lock time is
imposed by the server and it is left up to the individual WebDAV clients).
Enable the Apache2 dav_lock module:
sudo a2enmod dav_lock
Restart Apache2:
Multiple WebDAV servers on a LAN using a single IP
address and router
Note: This section is undergoing editing.
123 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
To run multiple servers (including WebDAV servers) on multiple computers on a LAN
using only a single IP address and router, see this solution using reverse proxies in
Apache.
Each server should have a unique WebDAV folder name. Instead of using WebDAV1
and webdav1, different names, such as WebDAV2 and webdav2, WebDAV3 and
webdav3, WebDAV4 and webdav4, etc., should be used on each of the individual
computers.
Each computer's WebDAV folder would then be reached by its own unique label, e.g.
or
or
Alternatively, if each computer has its own unique URL, the unique URL can be used.
Adjust the reverse proxy virtual host file (on the primary server that acts as the
proxy/reverse proxy to the other servers) accordingly in order to enable this.
This does not always work and a lot of troubleshooting and trial and error is needed to
perfect rewrite rules. Sometimes a more relaible method is to just use the RedirectMatch
rule with the actual LAN IP address of the second server.
Here is a detailed example, although there are many ways to accomplish this.
On the primary server of the LAN (the one to which the router initially directs port
80 traffic), make sure the proxy/reverse proxy modules of Apache2 are enabled and
then restart Apache:
sudo a2enmod proxy
sudo a2enmod proxy_http
Also makes sure the rewrite module is on:
sudo a2enmod rewrite
124 of 265
This example assumes the primary server has its own set of WebDAV folders (as in
the steps outlined above), labeled webdav1/WebDAV1.
Duplicate the steps for the second server, substituting webdav2 and WebDAV2 in
each step.
On the primary server, edit the virtual host file for the primary URL (e.g.
05/24/2012 08:14 AM
UbuntuGuide Part2 -
/etc/apache2/sites-available/mydomainhost) by which the LAN is reached (use the
Near the beginning of the file add the lines:
#
#
RewriteEngine On
RedirectMatch (.*)/webdav2 http://192.168.0.156/webdav2
This example assumes, of course, that the second server is located on the LAN at IP
address 192.168.0.156. This ensures that the newly transformed URL gets sent to the
correct IP address on the LAN. This is the proxy function of the first server. (It also
specifies the reverse process.)
The file should now resemble:
<VirtualHost *>
#
#
RewriteEngine On
RedirectMatch (.*)/webdav2 http://192.168.0.156/webdav2
#
#
#
#
AllowOverride None
Order allow,deny
allow from all
</Directory>
#
# <Location /webdav1>
# DAV On
# AuthType Basic
# AuthName "webdav1"
# AuthUserFile /var/www/WebDAV1/passwd.dav
# Require valid-user
# </Location>
#
<Location /webdav1>
DAV On
AuthType Digest
Require valid-user
</Location>
</VirtualHost>
While this method is not required, it allows the second WebDAV server to be accessed
125 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
from another computer on the LAN either by http://myhost.mydomain.org/webdav2 or by
http://webdav2.mydomain.org. Using this method, by editing only the virtual host file on
the primary server (that acts as proxy), access to the secondary WebDAV server can be
selectively restricted to the LAN only or can be enabled for complete access from the
Internet at large.
WebDAV with LDAP
Note: This section is undergoing editing.
If an LDAP server exists already, you can use the Apache2 mod_authnz_ldap
(http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html) module.
Do you intend to place each person's website in a separate directory below the common
DAV root? If so, you'll probably want to limit access to each directory to its specific user
for security. An .htpasswd file in each directory is the easiest solution, but it's safer to put
all the access rules in the global WebDAV configuration file located in the /etc/apache2
/sites-enabled folder.
WebDAV Clients
Dolphin
The Dolphin File Manager used in the KDE desktop of Kubuntu has built-in WebDAV
support. A folder on a WebDAV server can be accessed directly by entering its location in
the location bar. Examples:
webdav://localhost/webdav1
or
webdav://myhost.mydomain.org/webdav1
Note that a location can be made a permanent folder in Dolphin by right-clicking on the
leftmost Places panel --> Add entry... -> Location: webdav://localhost/webdav1
Nautilus
The Nautilus File Manager used in the Gnome desktop of Ubuntu has built-in WebDAV
support. A folder on a WebDAV server can be accessed directly.
126 of 265
Nautilus -> File -> Connect to Server -> Service Type: WebDAV (HTTP) -> Server:
localhost/webdav1
or
Nautilus -> File -> Connect to Server -> Service Type: WebDAV (HTTP) -> Server:
myhost.mydomain.org/webdav1
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Firefox
The Firefox web browser natively recognizes WebDAV folders. Merely enter the URL of the
WebDAV folder in the location bar:
Konqueror/Rekonq
The Konqueror (now Rekonq) web browser of the KDE desktop in Kubuntu natively
recognizes WebDAV folders. Merely enter the URL of the WebDAV folder in the location
bar:
Cadaver
Cadaver is a command-line interface for WebDAV. It can be useful for automated and
script-based command-line functions, such a remote copying. Install:
sudo apt-get install cadaver
Windows
Windows Explorer in Windows has built-in WebDAV support. Map the WebDAV folder to a
lettered drive:
Windows Explorer -> Tools -> Map network drive... -> Folder:
Creating passwords for Windows clients
Some Windows clients (including Windows Explorer in XP) append the URL of the
WebDAV folder to the user name. For example, when a WebDAV request is made by
testuser3 to the WebDAV server at http://myhost.mydomain.org/webdav1, Windows will
send a request for access as myhost.mydomain.org\testuser3. To accommodate this
behavior, additional user accounts in the Windows format must be added to the
password file on the WebDAV server. Note the extra \ .
If using Basic Authentication, add the user to the password file:
sudo htpasswd /var/www/WebDAV1/passwd.dav myhost.mydomain.org\\testuser
127 of 265
If using Digest Authentication, add the user to the password file:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo htdigest /var/www/WebDAV1/digestpasswd.dav webdav1digest myhost.mydomain.org\\testuser
Note: There is a bug in the Windows WebDAV redirector when used with Digest
Authentication. (See this tutorial (http://barracudaserver.com/products
/BarracudaDrive/tutorials/mapping_windows_drive.lsp) for more details.) A
workaround entails mapping the WebDAV folder to a drive letter using the
command line. This can only be done in a Windows computer that has just
been booted.
Mount the WebDAV folder to a Windows drive letter with the Net use
(http://www.microsoft.com/resources/documentation/windows/xp/all
/proddocs/en-us/net_use.mspx) command. Enter the following into the
Windows Start menu -> Run... command line:
net use * "http://myhost.mydomain.org/webdav1/" testuserpassword /user:myhost.mydomain.org\testuser
A specific drive letter (such as W:) can be used instead of the *. The *
option specifies to mount the resource to the next available Windows
drive letter.
To make the mapping permanent, add the option /persistent:yes
A (.bat) batch file can be created that contains this net use
command. A Windows shortcut to this batch file can then be placed
in the Windows Start menu -> Programs -> Start folder. This will run
the net use command (from the batch file) at every bootup (following
the start of all basic services). The batch file may need to address
the net command by its absolute folder location:
C:\WINDOWS\system32\net use * "http://myhost.mydomain.org/webdav1/" testuserpassword /user:myhost.mydomain.org\testuser
To disconnect a web folder (either from the Start menu -> Run...
dialog box or from a batch file, where X: is mounted Windows drive
letter:
net use X: /delete
Android
The Android web browser natively recognizes WebDAV folders. Merely enter the URL
of the WebDAV folder in the location bar:
References
128 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Simple WebDAV setup (https://wiki.archlinux.org/index.php/Simple_WebDav_Setup)
and WebDAV authentication (https://wiki.archlinux.org/index.php
/WebDAV_authentication) (from the ArchLinux wiki)
Debian Administration article on WebDAV (http://www.debian-administration.org
/articles/285)
Tutorial (http://barracudaserver.com/products/BarracudaDrive/tutorials
/mapping_windows_drive.lsp) for using a Windows client to access a WebDAV folder.
WebDAV in Apache (http://www.webdav.org/mod_dav/install.html#apache)
This solution solves the problem of having multiple servers on a LAN which has a single
router connected to the Internet. The router forwards all port 80 traffic to a single
primary server. That server will then be required to act as a proxy for the other servers
on the LAN, redirecting incoming traffic addressed to the URLs of those other servers to
their respective LAN IP addresses.
This increases the amount of traffic passing through the primary server, so is not a
recommended solution for high volume situations unless the primary server is a
dedicated gateway/proxy server. (For high volume situations, a load balancer such as
Pound should be used.)
This method uses Apache2 virtual host configuration files on the primary server (to which
the router sends port 80 traffic).
On the primary server (which will act as the proxy), create a symbolic link to enable
the proxy modules in Apache2, then restart Apache2:
sudo ln -s /etc/apache2/mods-available/proxy.load /etc/apache2/mods-enabled
sudo ln -s /etc/apache2/mods-available/proxy_http.load /etc/apache2/mods-enabled
Edit a virtual host file for all secondary servers (use the gedit text editor instead of
kate if using Ubuntu instead of Kubuntu):
sudo kate /etc/apache2/sites-enabled/proxiedhosts
and edit the file so that it resembles:
<VirtualHost *:80>
#
ServerName internalserver2.mydomain.org
#
ProxyPreserveHost On
ProxyRequests off
ProxyPass / http://192.168.1.192/
ProxyPassReverse / http://192.168.1.192/
#
</VirtualHost>
#
129 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
#<VirtualHost *:80>
#
#ServerName internalserver3.mydomain.org
#
#
#
ProxyRequests off
#
ProxyPass / http://192.168.1.193/
#
#
#</VirtualHost>
#
#<VirtualHost *:80>
#
#ServerName internalserver4.mydomain.org
#
#
#
ProxyRequests off
#
ProxyPass / http://192.168.1.194/
#
#
#</VirtualHost>
Make sure that each URL for each server has an entry (and obviously remove the
hashmarks for each one that is active).
Activate the virtual host file by making a symbolic link to the Apache2 sites-enabled
folder then restarting Apache2:
sudo ln -s /etc/apache2/sites-enabled/proxiedhosts /etc/apache2/sites-enabled
Other resources
The information for this page was synthesized from these sources:
Configuring Apache virtual hosts for NAT (http://jeffbaier.com/articles/configuringapache-virtual-hosts-for-nat/) -- blog tutorial for Apache ProxyPass
Reverse proxy of virtual hosts with apache 2 (http://www.raskas.be/blog/2006/04/21
/reverse-proxy-of-virtual-hosts-with-apache-2/)
Apache2 mod_proxy instructions (http://httpd.apache.org/docs/2.2
/mod/mod_proxy.html#proxypass)
MediaWiki tips
MediaWiki (http://www.mediawiki.org) is the free, open source server software that
Wikipedia uses. It is scalable to very large uses. It runs on the LAMP server stack (which
uses the MySQL database and is available as an installation option with the (K)ubuntu
server), or it can be used with a postgreSQL database. (Other instructions are also
available here (http://www.mediawiki.org/wiki/Manual:Running_MediaWiki_on_Ubuntu) .)
Install MediaWiki
130 of 265
Install from the repositories:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Edit the config file so it recognizes MediaWiki (use the gedit text editor instead of
sudo kate /etc/mediawiki/apache.conf
Restart apache2:
Run/install MediaWiki by logging into:
You will be prompted for configuration variables to be set. You can accept the
default database name to be created (wikidb) and the default user for the database
(wikiuser). Choose a unique password for this wiki database. (You don't need to
remember this password for anything later, and, unfortunately, it isn't saved in an
encrypted manner, so don't use a sensitive password that you use anywhere else).
The trickiest part is the MySQL superuser name/ superuser password. Hopefully you
remember your MySQL superuser that you set at the time of LAMP (or MySQL)
installation.
Copy your local settings configuration file to /etc/mediawiki (and make a backup of
the original):
sudo cp /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki
sudo mv /var/lib/mediawiki/config/LocalSettings.php /var/lib/mediawiki/config/LocalSettings_at_install.php
Edit your configuration variables there (use the gedit text editor instead of kate if using
If you are using a virtual host server, make a symbolic link (named in this example
mywiki) from your /usr/share/mediawiki installation folder to your /var/www folder:
sudo ln -s /usr/share/mediawiki /var/www/mywiki
131 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
then make sure you have an apache2 virtual hosts configuration file (in /etc/apache2
/sites-available) that points to /var/www/mywiki as the DocumentRoot. Make a symbolic
link from your virtual host configuration file in /etc/apache2/sites-available to
/etc/apache2/sites-enabled to enable it. Restart apache2 after enabling the sites.
(Warning: MediaWiki is not secure at installation and can be easily hacked by new users.
Do not publish your wiki to the Internet before reading all the instructions and changing
the configuration file (LocalSettings.php) so that it is more secure.) You would then
access the database at:
http://my.virtualwikihost.org
ReCaptcha
I strongly recommend installing a Captcha mechanism immediately upon installation.
See this section.
Editing the LocalSettings.php configuration file
There are lots of configuration settings that can be set in this file. (See the MediaWiki
manual (http://www.mediawiki.org/wiki/Manual:Configuration_settings) .)
But during the time you are learning how to administer MediaWiki, you ought to take
some basic security steps. Otherwise you will be hacked within a few minutes of
publishing your wiki to the web. I suggest taking a gander at how to prevent access
(http://www.mediawiki.org/wiki/Manual:Preventing_access) before you start. Shut down
everything and then remove restrictions one by one once you are comfortable that you
have taken reasonable security precautions. (I have seen a lot of hacked wikis on the
web lately).
Disallow user creation by anyone other than the sysop. (There are a lot of clever
hackers out there who can change the settings faster than you can, if you let them
create an account.) Add these lines somewhere to LocalSettings.php:
#User restrictions
#Account creation by anonymous users
$wgGroupPermissions['*']['createaccount'] = false;
#Account creation by registered users
$wgGroupPermissions['user']['createaccount'] = false;
#Account creation by sysops
$wgGroupPermissions['sysop']['createaccount'] = true;
Note: * stands for anonynmous users, user stands for confirmed users, and sysop
obviously stands for sysops.
Disallow page editing, page creation, or talk page creation by anonymous users.
Add the lines:
#Anonymous user permissions
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['createpage'] = false;
132 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
$wgGroupPermissions['*']['createtalk'] = false;
Determine uploads privileges. Initially, I restrict allowed file uploads to .jpg, .gif, and
.png images. My first day I found .xls, extensions, and others stuff uploaded by
hackers, before I figured out how to stop this. I further restricted uploads by
anonymous users.
#Uploads rules
## To enable image uploads, make sure the 'images' directory
## is writable, then set this to true:
#$wgEnableUploads
= false;
$wgEnableUploads = true;
#Only allow restricted uploads
$wgCheckFileExtensions = true;
$wgStrictFileExtensions = true;
$wgFileExtensions = array('png', 'gif', 'jpg');
#Permissions for uploads
#Not for Anonymous
$wgGroupPermissions['*']['upload'] = false;
$wgGroupPermissions['*']['reupload'] = false;
$wgGroupPermissions['*']['reupload-shared'] = false;
#Uploads (but not re-uploads) for Users
$wgGroupPermissions['user']['upload'] = true;
$wgGroupPermissions['user']['reupload']
= false;
$wgGroupPermissions['user']['reupload-shared'] = false;
#Sysops
$wgGroupPermissions['sysop']['upload'] = true;
$wgGroupPermissions['sysop']['reupload'] = true;
$wgGroupPermissions['sysop']['reupload-shared'] = true;
As a further precaution, I made a separate images folder ( /etc/mediawiki/images )
that I use for my uploads. I then make an Alias to this folder in /etc/mediawiki
/apache.conf:
and adding the line:
Alias /images /etc/mediawiki/images
Lastly, I add a configuration file into the 'images' folder that prevents any scripts
that (somehow) get uploaded from executing:
cd /etc/mediawiki/images
sudo nano .htaccess
and adding the lines:
Options -Indexes
# No php execution in the upload area
php_admin_flag engine off
133 of 265
Note: If you are using multiple wikis (as outline below), images are
05/24/2012 08:14 AM
UbuntuGuide Part2 -
accessed through a script. Using the php_admin_flag engine off option will
disable this ability. Therefore, do not use this line in .htaccess when
creating multiple wikis. (For security options when using a multiple wiki
farm, read about img_ath.php (http://www.mediawiki.org
/wiki/Manual:Image_Authorisation#How_Does_img_auth.php_Work.3F) .)
See this section (http://www.mediawiki.org
/wiki/Manual:Image_Authorization#Another_Scenario.2C_Security_Motivated) to see why
I have taken these steps. It might seem paranoid, but I was hacked within one hour of
installing MediaWiki the first time I installed it. Now that I've learned some basics about
security, I've not been hacked again (to my knowledge!)
Increase PHP memory limits
If insufficient memory is allocated for PHP to process the wiki, an error ("memory
exhausted") will result. This line in LocalSettings.php is pretty important, therefore,
and should be near the beginning:
# If PHP's memory limit is very low, some operations may fail.
ini_set( 'memory_limit', '96M' );
Increase PHP uploaded file size limits
The default for filesize uploads in MediaWiki is only 2 Mb, which is entirely
insufficient for most purposes. Add these lines to LocalSettings.php to increase the
maximum filesize for uploads:
# Increase the maximum allowed filesize for uploads (in Mb)
ini_set( 'post_max_size', '50M' );
ini_set( 'upload_max_filesize', '50M' );
In addition, the global maximum file sizes allowed in PHP5 for Apache2 must be
increased as well. The PHP scripting language is used for uploads. Absolute upload
limits for the Apache webserver are set in a PHP configuration file and must be
changed there.
Your uploads are probably larger than the default upload limits of PHP (set at 2
Mb, or "2M", by default), so we will need to increase those. In the example
below, I will change the upload limit to 100 Mb ("100M"). Two parameters must
be changed in the php.ini configuration file in /etc/php5/apache2 (use the gedit
text editor instead of kate if using Ubuntu instead of Kubuntu):
cd /etc/php5/apache2
sudo kate php.ini
134 of 265
Change:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
post_max_size = 8M
to
post_max_size = 100M
Change:
upload_max_filesize = 2M
to
Save the file and restart apache2:
Change the default logo
I tried to use the $wglogo (http://www.mediawiki.org/wiki/Manual:$wgLogo) setting
in the LocalSettings.php file, but it did not work for me. Instead, I backed up the
original logo file and replaced it with the file I want to use (in this example
WikiLogo.png):
sudo mv /usr/share/mediawiki/skins/common/images/wiki.png /usr/share/mediawiki/skins/common/images/wikioriginal.png
sudo cp /home/user/WikiLogo.png /usr/share/mediawiki/skins/common/images/wiki.png
A transparent background for the logo is desirable. (You can use Gimp to create an alpha
transparency layer for any photo. See these instructions.) You can use Gimp or Gwenview
to resize the image.
At the same time I set the "Favicon" (the small icon that appears in a browser's
address bar or bookmark list) using the $wgFavicon (http://www.mediawiki.org
/wiki/Manual:$wgFavicon) setting in the LocalSettings.php file.
Make backups
MediaWiki saves its content files in whichever database you are using as a backend
(MySQL or PostgreSQL). For a full backup, you would have to backup the MediaWiki
database.
XML dump
It is easiest, however, to backup content with an XML dump, which can then be imported
135 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
to future (or even past) versions of MediaWiki. See these instructions
(http://www.mediawiki.org/wiki/Manual:Backing_up_a_wiki#XML_dump) . In brief:
If you do not have a backup folder, make one now:
sudo mkdir /etc/mediawiki/backups
sudo chmod -R 777 /etc/mediawiki/backups
Edit your LocalSettings.php file:
sudo nano /etc/mediawiki/LocalSettings.php
and add the lines:
##Database administrative user/password
$wgDBadminuser
= $wgDBuser;
$wgDBadminpassword = $wgDBpassword;
then run the XML dump script from a command-line terminal:
sudo php /usr/share/mediawiki/maintenance/dumpBackup.php --current > /etc/mediawiki/backups/MediaWikiBackup_DateToday
Note: I usually specify today's date in place of DateToday.
Note: To use this, php5-cli must already have been installed:
sudo apt-get install php5-cli
If you wish to protect this backup folder, you can change the permissions.
sudo chmod -R 444 /etc/mediawiki/backups
Import XML dump
To import the XML dump you made:
sudo php /usr/share/mediawiki/maintenance/importDump.php /etc/mediawiki/backups/MediaWikiBackup_DateToday
Note that when you import XML dumps, it maintains revision dates. if you have pages
that are more recent than the imported pages, then the more recent pages will be
retained. If you want to promote an imported page to the most recent page, you must do
this in the page history section (like usual).
This drove me nuts until I figured this out, because, of course, when you upgrade or
reinstall a wiki, the newly created Main Page will be the most recent (not the old Main
Page from the imported wiki). The imported Main Page does not show up unless you
136 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
promote the old version from the history file.
Export individual pages to XML
If you have sufficient privileges, you can export a page (or multiple pages) from within
the wiki. For example, to export Ubuntuguide:Karmic :
Wiki -> toolbox -> Special pages -> Page tools -> Export pages ->
Large text box: Ubuntu:Karmic
Include only the current revision, not the full history: (ticked)
Include templates: (ticked)
Save as file: (ticked)
The saved XML file can then be imported into another MediaWiki wiki using
Wiki -> toolbox -> Special pages -> Page tools -> Import pages ->
saved_export.xml
What I often do is look at the list of Special:AllPages and either copy the entire list or just
the pages I want to back up into the Special:Export list.
Full system backup
To backup images, user settings, and other settings, you would also back up the file
system (contained variably in the folders /etc/mediawiki, /var/lib/mediawiki, and
usr/share/mediawiki). See the MediaWiki backup instructions (http://www.mediawiki.org
/wiki/Manual:Backing_up_a_wiki) .
Upgrading
See Upgrading MediaWiki (http://www.mediawiki.org/wiki/Manual:Upgrading) .
The primary installation folder is at /usr/share/mediawiki, but user files are also
stored in /etc/mediawiki and /var/lib/mediawiki.
Backup and restore the MySQL database
This is an alternative that is necessary if you wish to backup during a migration of
your wiki. The best way is to backup the original database with a MySQL dump:
mysqldump -u user -p databasename > wikidatabasebackupfile.sql
or, if on a remote host:
mysqldump -h hostname -u username -p databasename > wikidatabasebackupfile.sql
137 of 265
Note that the username and password should be the username and password that
were used to create the specific database (not the MySQL root username/password).
05/24/2012 08:14 AM
UbuntuGuide Part2 -
(If you can't remember what they were, check the LocalSettings.php file for the
$wgDBname, $wgDBuser, and $wgDBpassword values).
The database should be restored to an empty database in the new site, because if
you re-install a new database in the new site and then attempt to restore your old
backed-up database on top of it, there is likely to be incompatibilities between the
two. Here the username and password are those for the new empty database just
created. (It probably is best to make them the same as those of the imported
database.)
mysql -u username -p databasename < wikidatabasebackupfile.sql
Notes: This was successful for me only if backing up and restoring to exactly the
same version of MediaWiki. I could not back up the database from one version of
MediaWiki then restore to an upgraded version of MediaWiki, because the scripts of
the upgraded version of MediaWiki did not access the database in the same
manner. I therefore performed upgrades only after moving the database.
Empty a database
I hesitate to put these instructions here. Be careful. This erases your database. Use it
only if you are confident that you have made good backups. I use this only if I have
created a database by accident (during the MediaWiki installation process) and wish to
erase/empty it.
mysql -u root -p
mysql> DROP DATABASE mysqlexampledatabase;
mysql> quit
If your MySQL superuser name is something other than root, then use that, of course.
Don't forget the semicolon ( ; ) at the end of each MySQL command.
Of course, once you erase the database, you must re-create a blank one for use with
MediaWiki.
sudo dpkg-reconfigure mediawiki
Then you can restore the backup (as created above with mysqldump) into the newly
recreated (but still empty) database.
mysql -u username -p databasename < wikidatabasebackupfile.sql
Moving a MediaWiki installation to a new site
138 of 265
Backup up the database from the old site as detailed above.
Install mediawiki on the new site (sudo apt-get install mediawiki). When creating the
05/24/2012 08:14 AM
UbuntuGuide Part2 -
database, use the same values as used on the old site. If you can't remember what
they were, look at the /etc/mediawiki/LocalSettings.php (or similar) file for the old
site (which contains the values for the old site).
On the new site, rename the newly created folders
/etc/mediawiki
/usr/share/mediawiki
/var/lib/mediawiki
to
/etc/mediawiki.bak
/usr/share/mediawiki.bak
/var/lib/mediawiki.bak
Copy the /etc/mediawiki , /usr/share/mediawiki , and /var/lib/mediawiki folders from
the old site to the new site. (This needs to be done as the root user, which can be
done with sudo dolphin).
Copy the database dumpfile from the old site to the new site.
Restore the database dumpfile on the new site.
Check the LocalSettings.php file (and other folder) permissions to make sure they
match the permissions of the original system. (Sometimes during the copy process
the ownership of all files and folders will be set to root.)
Notes: I have never been successful in performing an upgrade in the middle of this
process. I recommend moving the site exactly, and then performing any upgrades after it
is moved.
Install multiple MediaWiki sites
Multiple wikis
This method allows the installation of more than one wiki using different databases (on a
single server using the same source code). This setup is transparent to users and is
reasonably secure in terms of the images/files directory. This method also allows nested
subwikis. Similar methods can be found at the Mediawiki wiki (http://www.mediawiki.org
/wiki/Wiki_farm#Scenario_3:_Drupal-style_sites) .
139 of 265
Install MediaWiki from packages as usual (if not already done). MediaWiki is
installed by default to /usr/share/mediawiki. (If you wish to upgrade to a more
recent version (http://www.mediawiki.org/wiki/Download) , extract the latest
MediaWiki tar.gz archive into this folder.) A directory /etc/mediawiki is also created
when installing from the package.
In this method, it is not necessary (nor recommended) to edit the /etc/mediawiki
/apache.conf file (as is done in the single wiki installation).
Create a folder for each wiki (in this example named mywiki_1 and mywiki_2).
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo mkdir /etc/mediawiki/mywiki_1
sudo mkdir /etc/mediawiki/mywiki_2
Create an upload folder for images/files in each wiki folder:
sudo mkdir /etc/mediawiki/mywiki_1/images
sudo mkdir /etc/mediawiki/mywiki_2/images
You can add an .htaccess file to each images folder (as described above) for better
security.
The images folders should belong to the group www-data (the Apache2 group), and
the group should have "Can View & Modify Content" permissions.
sudo
sudo
sudo
sudo
chown
chown
chmod
chmod
root:www-data /etc/mediawiki/mywiki_1/images
root:www-data /etc/mediawiki/mywiki_2/images
664 /etc/mediawiki/mywiki_1/images
664 /etc/mediawiki/mywiki_2/images
Copy each 135x135 image that you wish to use as a wiki logo (in the upper left
corner) into the /etc/mediawiki/mywiki_x/images folder of each of the wikis. Rename
it WikiLogo.png in that folder.
Copy the LocalSettings.php configuration file for any existing wiki (if you have
already created one) as a backup (just in case something goes wrong):
sudo cp /etc/mediawiki/LocalSettings.php LocalSettings_backup.php
Note that you can also use this LocalSettings.php file for one of the wikis by copying
it into one of the wiki subfolders and then editing the appropriate lines in the
LocalSettings.php file once it is copied there (see below).
Rename the LocalSettings.php file in the original installation config folder to a
backup, as well:
sudo mv /var/lib/mediawiki/config/LocalSettings.php LocalSettings_original.php
140 of 265
Restart apache2:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Give the /var/lib/mediawiki/config folder read/write permissions during installation:
sudo chmod 777 /var/lib/mediawiki/config
Run/install MediaWiki from the (Konqueror/Firefox) web browser by logging into:
Wiki name: My Wiki 1
Contact e-mail: [email protected]
Admin username: wiki1_admin -> Password: wiki1_admin_pw
Object caching: No caching
E-mail features (all): disabled (optional)
Database config: MySQL -> Database host: localhost -> Database name:
wiki1db -> DB username: wiki1user -> DB password: wiki1pw -> Superuser
account: Use superuser account (ticked) -> Superuser name: root -> Superuser
password: root_mysql_pw -> Database table prefix: wiki1_
Copy your LocalSettings.php configuration file to /etc/mediawiki/mywiki_1 (and
make a backup of the original):
sudo cp /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki/mywiki_1
sudo mv /var/lib/mediawiki/config/LocalSettings.php /var/lib/mediawiki/config/LocalSettings_wiki1_install.php
Repeat the MediaWiki installation from the (Konqueror/Firefox) web browser by
again logging into:
Wiki name: My Wiki 2
wiki2db -> DB username: wiki2user -> DB password: wiki2pw -> Superuser
account: Use superuser account (ticked) -> Superuser name: root -> Superuser
password: root_mysql_pw -> Database table prefix: wiki2_
Copy your LocalSettings.php configuration file to /etc/mediawiki/mywiki_2 (and
make a backup of the original):
sudo cp /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki/mywiki_2
141 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo mv /var/lib/mediawiki/config/LocalSettings.php /var/lib/mediawiki/config/LocalSettings_wiki2_install.php
You can repeat this multiple times if you want more wikis.
Re-edit the config file:
Re-comment (add the #) the line:
#Alias /mediawiki /var/lib/mediawiki
Restart apache2:
Edit your LocalSettings.php configuration file for each wiki (use the gedit text editor
sudo kate /etc/mediawiki/mywiki_1/LocalSettings.php
sudo kate /etc/mediawiki/mywiki_2/LocalSettings.php
Make sure the following lines are included in the LocalSettings.php file, replacing
similar lines that already exist in the file and substituting mywiki_1 or mywiki_2
where appropriate:
#
#$wgScriptPath
= "/mediawiki";
$wgScriptPath
= "/mywiki_1";
$wgLogo
= "$wgScriptPath/images/WikiLogo.png";
#
$wgUploadDirectory
= $_SERVER['DOCUMENT_ROOT'].'/mywiki_1/images';
$wgUploadPath
= "$wgScriptPath/images";
#
#Database administrative user/password
$wgDBadminuser
= $wgDBuser;
$wgDBadminpassword
= $wgDBpassword;
#
#These are set for initial maximum security. They can be changed later.
#
#User restrictions
$wgGroupPermissions['*']['createaccount']
= false;
$wgGroupPermissions['user']['createaccount']
= false;
$wgGroupPermissions['sysop']['createaccount']
= true;
#
$wgGroupPermissions['*']['edit']
= false;
$wgGroupPermissions['*']['createpage']
= false;
$wgGroupPermissions['*']['createtalk']
= false;
#
142 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
#Uploads rules
#$wgEnableUploads
= false;
$wgEnableUploads
= true;
$wgCheckFileExtensions
= true;
$wgStrictFileExtensions
= true;
$wgFileExtensions
= array('png', 'gif', 'jpg');
#Not for Anonymous
$wgGroupPermissions['*']['upload']
= false;
$wgGroupPermissions['*']['reupload']
= false;
$wgGroupPermissions['*']['reupload-shared']
= false;
$wgGroupPermissions['user']['upload']
= true;
= false;
#Sysops
$wgGroupPermissions['sysop']['upload']
= true;
$wgGroupPermissions['sysop']['reupload']
= true;
#
#For ReCaptcha -- this requires installing the Recaptcha extension
#
#require_once( "$IP/extensions/recaptcha/ReCaptcha.php" );
# Sign up for these at http://recaptcha.net/api/getkey
#$recaptcha_public_key = ' xyxyxyxyxyxyxyxyx ';
#$recaptcha_private_key = ' ababababababababa ';
#
#The clears the cache daily, which I use to change rotating content (pictures, fortunes, etc.) daily.
#
require("includes/GlobalFunctions.php");
$wgCacheEpoch = wfTimestamp( TS_MW, time() - 86400 ); # 60*60*24 = 1 day
In addition, a private wiki page should only be able to be read by registered users,
so add these lines to LocalSettings.php for any private wiki:
#This example will disable viewing of all pages not listed in $wgWhitelistRead, then re-enable for registered users only
$wgGroupPermissions['*']['read']
= false;
# The following line is not actually necessary, since it's in the defaults. Setting
# '*' to false doesn't disable rights for groups that have the right separately set
# to true!
$wgGroupPermissions['user']['read'] = true;
Link the files from your installation directory to each wiki folder:
sudo ln -s /usr/share/mediawiki/* /etc/mediawiki/mywiki_1/.
sudo ln -s /usr/share/mediawiki/* /etc/mediawiki/mywiki_2/.
For each wiki, create a subfolder in the Apache2 folder /var/www.
sudo mkdir /var/www/Mywiki_1
sudo mkdir /var/www/MyWiki_2
For each wiki, create a symbolic link from the Apache2 subfolder to the main wiki
folder:
sudo ln -s /etc/mediawiki/mywiki_1 /var/www/MyWiki_1/mywiki_1
143 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo ln -s /etc/mediawiki/mywiki_2 /var/www/MyWiki_2/mywiki_2
Note: It is possible to create nested subwikis for each of the primary wikis. See
the next section.
For each wiki, create and edit a virtual host (vhost) Apache2 configuration file (e.g.
/etc/apache2/sites-available/mywiki_1vhost). (Use the gedit text editor instead of
kate if using Ubuntu instead of Kubuntu.):
sudo kate /etc/apache2/sites-available/mywiki_1vhost
so that the lines are similar to:
<VirtualHost *:80>
#
DocumentRoot /var/www/MyWiki_1
#
ServerName mywiki_1.mydomain.org
ServerAlias *.mywiki_1.mydomain.org
#
RewriteEngine On
RewriteCond %{REQUEST_URI} !^subwiki1*
RewriteRule
^/(/.*|)$ /mywiki_1/$1 [R]
#
<Directory /var/www/MyWiki_1>
#AllowOverride None
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>
Create a virtual host file for mywiki_2 as well.
Pay attention to the rewrite rule:
RewriteEngine On
RewriteRule
^/(/.*|)$ /mywiki_1/$1 [R]
This is a complex rule that means that as long as the REQUEST_URI (which is the part
after the server name, i.e. http://mywiki_x.mydomain.org/REQUEST_URI) does not match
subwiki1 or subwiki2 (the symbol ! means not), then use mywiki_1 as the default
directory. This rule allows the use not only of a primary wiki but also subwikis (see the
next section) for each of the primary wikis.
144 of 265
Remember that your virtual host configuration files won't be active until you make
symbolic links:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo ln -s /etc/apache2/sites-available/mywiki_1vhost /etc/apache2/sites-enabled
sudo ln -s /etc/apache2/sites-available/mywiki_2vhost /etc/apache2/sites-enabled
Make sure the rewrite engine is enabled:
Restart Apache:
The two separate wiki sites will now be available:
http://mywiki_1.mydomain.org
and
http://mywiki_2.mydomain.org
Multiple subwikis
MediaWiki is a very powerful system, but you must choose whether to make it
completely public or completely private (it does not yet have fine-grained per-page
access controls). One solution is to create one subwiki for private usage and another
subwiki for public display.
Below is outlined a method for creating multiple subwikis. Each subwiki will have its own
database and its own LocalSettings.php configuration file as well as Images (/Files)
directory. However, all the subwikis will share the underlying MediaWiki code (stored in
the installation directory). When it is time to upgrade, the files in the installation
directory can be upgraded without risking the loss of the files in each subwiki folder.
I have adapted information originally posted here (http://booleandreams.wordpress.com
/2007/06/12/running-multiple-instance-of-mediawiki-on-the-same-server-using-the-samesource-code/#comment-18433) and here (http://www.mediawiki.org
/wiki/Manual:Wiki_family) . (None of the independent instructions on those sites worked
for me, however, so I used a combination of all of them.)
The instructions below worked for me on (K)Ubuntu 9.04 (Jaunty), 9.10 (Karmic), and
10.04 (Lucid) using MediaWiki 1.13 and 1.15 and PHP5.
145 of 265
Install MediaWiki from packages as usual (if not already done). MediaWiki is
installed by default to /usr/share/mediawiki. (If you wish to upgrade to a more
recent version (http://www.mediawiki.org/wiki/Download) , extract the latest
MediaWiki tar.gz archive into this folder.) A directory /etc/mediawiki is also created
when installing from the package.
In this method, it is not necessary (nor recommended) to edit the /etc/mediawiki
/apache.conf file (as is done in the single wiki installation).
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Create a folder for each subsite (in this example named subwiki1 and subwiki2).
sudo mkdir /etc/mediawiki/subwiki1
sudo mkdir /etc/mediawiki/subwiki2
Create an upload folder for images/files in each subwiki folder:
sudo mkdir /etc/mediawiki/subwiki1/images
sudo mkdir /etc/mediawiki/subwiki2/images
You can add an .htaccess file to each images folder (as described above) for better
security.
The images folders should belong to the group www-data (the Apache2 group), and
the group should have "Can View & Modify Content" permissions.
sudo
sudo
sudo
sudo
chown
chown
chmod
chmod
root:www-data /etc/mediawiki/subwiki1/images
root:www-data /etc/mediawiki/subwiki2/images
664 /etc/mediawiki/subwiki1/images
664 /etc/mediawiki/subwiki2/images
Copy each 135x135 image that you wish to use as a wiki logo (in the upper left
corner) into the /etc/mediawiki/subwikix/images folder of each of the subwikis.
Rename it WikiLogo.png in that folder.
Copy the LocalSettings.php configuration file for any existing wiki (if you have
already created one) as a backup (just in case something goes wrong):
sudo cp /etc/mediawiki/LocalSettings.php LocalSettings_backup.php
Note that you can also use this LocalSettings.php file for one of the subwikis by
copying it into a subwiki folder and then changing the appropriate lines in the
LocalSettings.php file once it is copied there (see below).
Rename the LocalSettings.php file in the original installation config folder to a
backup, as well:
sudo mv /var/lib/mediawiki/config/LocalSettings.php LocalSettings_original.php
Run/install MediaWiki from the (Konqueror/Firefox) web browser by logging into:
146 of 265
Wiki name: My Subwiki 1
05/24/2012 08:14 AM
UbuntuGuide Part2 -
subwiki1db -> DB username: subwiki1user -> DB password: subwiki1pw ->
Superuser account: Use superuser account (ticked) -> Superuser name: root ->
Superuser password: root_mysql_pw -> Database table prefix: subwiki1_
Copy your LocalSettings.php configuration file to /etc/mediawiki/subwiki1 (and make
a backup of the original):
sudo cp /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki/subwiki1
sudo mv /var/lib/mediawiki/config/LocalSettings.php /var/lib/mediawiki/config/LocalSettings_subwiki1_install.php
Repeat the MediaWiki installation from the (Konqueror/Firefox) web browser by
again logging into:
Wiki name: My Subwiki 2
subwiki2db -> DB username: subwiki2user -> DB password: subwiki2pw ->
Superuser account: Use superuser account (ticked) -> Superuser name: root ->
Superuser password: root_mysql_pw -> Database table prefix: subwiki2_
Copy your LocalSettings.php configuration file to /etc/mediawiki/subwiki2 (and make
a backup of the original):
sudo cp /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki/subwiki2
sudo mv /var/lib/mediawiki/config/LocalSettings.php /var/lib/mediawiki/config/LocalSettings_subwiki2_install.php
You can repeat this multiple times if you want more wikis.
The LocalSettings.php configuration file for each wiki must be edited. See this
tutorial. There are many security settings that must be changed before going live,
or the site will certainly be hacked.
Edit your LocalSettings.php configuration file for each subwiki (use the gedit text
editor instead of kate if using Ubuntu instead of Kubuntu):
sudo kate /etc/mediawiki/subwiki1/LocalSettings.php
sudo kate /etc/mediawiki/subwiki2/LocalSettings.php
147 of 265
similar lines that already exist in the file and substituting subwiki1 or subwiki2
05/24/2012 08:14 AM
UbuntuGuide Part2 -
where appropriate:
#
#$wgScriptPath
= "/mediawiki";
$wgScriptPath
= "/subwiki1";
$wgLogo
#
$wgUploadDirectory
= $_SERVER['DOCUMENT_ROOT'].'/subwiki1/images';
$wgUploadPath
#
$wgDBadminuser
= $wgDBuser;
$wgDBadminpassword
= $wgDBpassword;
#
#
#User restrictions
= false;
= false;
= true;
#
= false;
= false;
= false;
#
#Uploads rules
#$wgEnableUploads
= false;
$wgEnableUploads
= true;
= true;
= true;
$wgFileExtensions
#Not for Anonymous
= false;
= false;
= false;
= true;
= false;
#Sysops
= true;
= true;
#
#
#
#
148 of 265
so add these lines to LocalSettings.php for any private subwiki:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
= false;
# to true!
Create a subfolder in the Apache2 folder /var/www.
sudo mkdir /var/www/Mywiki
Note: It is possible to create multiple primary wikis, each with several subwikis.
Each primary wiki should have its own subfolder in the Apache2 folder
/var/www. See this section.
Create symbolic links from the Apache2 subfolder to the subwiki folders:
sudo mkdir /var/www/MyWiki
sudo ln -s /etc/mediawiki/subwiki1 /var/www/MyWiki/subwiki1
sudo ln -s /etc/mediawiki/subwiki2 /var/www/MyWiki/subwiki2
Link the files from your installation directory to each subwiki folder:
sudo ln -s /usr/share/mediawiki/* /etc/mediawiki/subwiki1/.
sudo ln -s /usr/share/mediawiki/* /etc/mediawiki/subwiki2/.
Create and edit a virtual host (vhost) Apache2 configuration file (e.g. /etc/apache2
/sites-available/mywikivhost). (Use the gedit text editor instead of kate if using
Ubuntu instead of Kubuntu.):
sudo kate /etc/apache2/sites-available/mywikivhost
<VirtualHost *:80>
#
DocumentRoot /var/www/MyWiki
#
ServerName mywiki.mydomain.org
ServerAlias *.mywiki.mydomain.org
#
RewriteEngine On
RewriteRule
^/(/.*|)$ /subwiki1/$1 [R]
#
<Directory /var/www/MyWiki>
#AllowOverride None
Order allow,deny
allow from all
149 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
</Directory>
#
</VirtualHost>
RewriteEngine On
RewriteRule
^/(/.*|)$ /subwiki1/$1 [R]
after the server name, i.e. http://mywiki.mydomain.org/REQUEST_URI) does not match
subwiki1 or subwiki2 (the symbol ! means not), then use subwiki1 as the default
directory.
Remember that your virtual host configuration file won't be active until you make a
symbolic link:
sudo ln -s /etc/apache2/sites-available/mywikivhost /etc/apache2/sites-enabled
Make sure the rewrite engine is enabled:
Restart Apache:
The two separate wiki sites will now be available:
http://mywiki.mydomain.org or http://mywiki.mydomain.org/subwiki1
and
http://mywiki.mydomain.org/subwiki2
Troubleshooting
150 of 265
If you are trying to add more subsites to an existing multi-site installation, then you
must have only one Apache2 virtual host configuration file pointing to MediaWiki.
That virtual host configuration file must point to the main installation files
(/usr/share/mediawiki) as if you were installing a single user for the first time. (This
is necessary for the installation scripts to create the new database properly.)
This is most easily done by deleting the links in the /etc/apache2/sites-enabled
folder that correspond to the already existing subsite virtual hosts configuration files
located in the /etc/apache2/sites-available folder. (You can leave the files in the
/etc/apache2/sites-available folder alone). Then restart apache2 ( sudo /etc/init.d
/apache2 restart).
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Then make sure that you have a single virtual host file that points to /usr/share
/mediawiki in the /etc/apache2/sites-available folder, as well as a link to it in the
/etc/apache2/sites-enabled folder. Then restart apache2 (sudo /etc/init.d/apache2
restart) again.
After you have finished an additional installation, you can re-enable the specific
subsite virtual host configuration files in the /etc/apache2/sites-available folder by
again making links from them into the /etc/apache2/sites-enabled folder (and, of
course, restarting apache2).
Pay close attention to the variable in LocalSettings.php:
$wgScriptPath = "/mediawiki";
If using multiple wikis, this should be changed.
If your virtual hosts and /var/www symbolic links point the URL directly to the
folder in which the subwiki resides, then the variable should be:
$wgScriptPath = "";
For example, if subwiki_1 is located at /etc/mediawiki/subwiki_1 and the virtual
host file points the URL to the directory /var/www/subwiki_1, which is
symbolically linked to /etc/mediawiki/subwiki_1 using
sudo ln -s /etc/mediawiki/subwiki_1 /var/www/subwiki_1
then in LocalSettings.php the $wgScriptPath variable should be:
$wgScriptPath = "";
If you are using multiple subwikis of the format www.mydomain.org/Subwiki_2
and www.mydomain.org/Subwiki_3, and there is a folder /var/www/Wikis with
symbolic links to the various subwikis:
sudo ln -s
sudo ln -s
sudo ln -s /etc/mediawiki/subwiki_2 /var/www/Wikis/subwiki_2
sudo ln -s /etc/mediawiki/subwiki_3 /var/www/Wikis/subwiki_3
and the virtual host file for www.mydomain.org points only to the directory
/var/www/Wikis, then in LocalSettings.php the $wgScriptPath variables should be:
$wgScriptPath = "/subwiki_2";
151 of 265
or
05/24/2012 08:14 AM
UbuntuGuide Part2 -
$wgScriptPath = "/subwiki_3";
Build your site
You should be ready to go. Start building your site.
Mediawiki site building tips
Introduction
MediaWiki (http://www.mediawiki.org) is one of the most widely used wiki servers in the
world. It is the software used by Wikipedia (http://en.wikipedia.org/wiki/MediaWiki) . It is
free and open source and can be customised to many different uses by installing
additional modules. This page is a cookbook of how I set up a MediaWiki site and may be
helpful for getting an initial site customized. I am assuming you have one (or multiple)
MediaWiki installations running using these instructions.
Choose the Main Page
Edit the page " Mediawiki:Mainpage " from within your wiki and as content enter the
name of the page you wish to designate as your main page. For more info, see this
section (http://www.mediawiki.org
/wiki/Manual:FAQ#How_do_I_change_which_page_is_the_main_page.3F) of the Mediawiki
FAQ (http://www.mediawiki.org/wiki/Manual:FAQ) .
Add Spam filters
See this article (http://www.umasswiki.com/wiki/UMassWiki:Blocking_Spam_In_Mediawiki)
for several effective methods for stopping MediaWiki spam.
Captcha
ConfirmEdit
The ConfirmEdit (http://www.mediawiki.org/wiki/Extension:ConfirmEdit) extension is a
way to combat automated (spam) edits using a simple text, math, or question-based
Captcha (http://en.wikipedia.org/wiki/CAPTCHA) mechanism. Install:
sudo wget http://upload.wikimedia.org/ext-dist/ConfirmEdit-MW1.16-r62678.tar.gz
sudo tar -xzf ConfirmEdit-MW1.16-r62678.tar.gz -C /var/lib/mediawiki/extensions
sudo rm ConfirmEdit-MW1.16-r62678.tar.gz
152 of 265
Add the following line near the end of LocalSettings.php:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
require_once( "$IP/extensions/ConfirmEdit/ConfirmEdit.php" );
ReCaptcha
ReCaptcha (http://recaptcha.net/learnmore.html) is a webservice Captcha
(http://en.wikipedia.org/wiki/CAPTCHA) module to present a text challenge for user-input
that is unreadable by computer bots, lessening the chance of automated input (spam
and vandalism). This can be used for wikis and for other uses. A ReCaptcha extension
(http://www.mediawiki.org/wiki/Extension:ReCAPTCHA) for MediaWiki is available.
Download and install:
cd /var/lib/mediawiki/extensions
sudo wget -O currentrecaptcha.zip http://recaptcha.googlecode.com/files/recaptcha-mediawiki-1.7.zip
sudo unzip currentrecaptcha.zip
sudo rm currentrecaptcha.zip
Sign up for a private/public key pair from the Google ReCaptcha
(https://www.google.com/recaptcha/admin/create?app%3Dmediawiki) website.
Edit the Mediawiki LocalSettings.php file (assuming you put it in /etc/mediwiki). (Use
the gedit text editor instead of kate if using Ubuntu instead of Kubuntu.):
#For ReCaptcha
require_once( "$IP/extensions/recaptcha/ReCaptcha.php" );
$recaptcha_public_key = ' xyxyxyxyxyxyxyxyx ';
$recaptcha_private_key = ' ababababababababa ';
where xyxyxyxyxyxyxyxyx is the public key obtained in the previous step and
ababababababababa is the private key.
Now ReCaptcha should appear automatically for new user sign-ups, anonymous edits
that contain new external links, and brute-force password cracking attempts. Captcha
behavior can be modified by adding lines to LocalSettings.php:
// Fix the default captcha behaviour
$wgGroupPermissions['*'
]['skipcaptcha']
$wgGroupPermissions['user'
]['skipcaptcha']
$wgGroupPermissions['autoconfirmed']['skipcaptcha']
$wgGroupPermissions['bot'
]['skipcaptcha']
$wgGroupPermissions['sysop'
]['skipcaptcha']
#
$wgCaptchaTriggers['edit']
= true;
$wgCaptchaTriggers['create']
= true;
$wgCaptchaTriggers['createaccount'] = true;
153 of 265
=
=
=
=
=
false;
true;
true;
true; // registered bots
true;
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Spam blacklist
SpamBlacklist (http://www.mediawiki.org/wiki/Extension:SpamBlacklist) is an extension
that prevents edits that include one of the URLs in a spam list. The default blacklist is the
one used by Wikimedia (http://meta.wikimedia.org/wiki/Spam_blacklist) . Install:
sudo mkdir /var/lib/mediawiki/extensions/SpamBlacklist
cd /var/lib/mediawiki/extensions/SpamBlacklist
sudo wget http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/SpamBlacklist/SpamBlacklist.php
sudo wget http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/SpamBlacklist/SpamBlacklist_body.php
sudo wget http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/SpamBlacklist/SpamBlacklist.i18n.php
sudo wget http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/SpamBlacklist/cleanup.php
sudo wget http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/SpamBlacklist/README
Add to the end of your LocalSettings.php file:
#
# This is the SpamBlacklist from Wikimedia:
require_once( "$IP/extensions/SpamBlacklist/SpamBlacklist.php" );
#
$wgSpamBlacklistFiles = array("http://meta.wikimedia.org/wiki/Spam_blacklist");
#
Alternatively, you could download the Wikimedia blacklist from
http://meta.wikimedia.org/wiki/Spam_blacklist into a file named wikimedia_blacklist
that is stored in the /var/lib/mediawiki/extensions/SpamBlacklist folder. Then in
LocalSettings.php use the variable:
$wgSpamBlacklistFiles = array("$IP/extensions/SpamBlacklist/wikimedia_blacklist");
Add specific websites (or rules) to the pages:
MediaWiki:Spam-blacklist
and
MediaWiki:Spam-whitelist
Note: I advise putting an administrator lock on MediaWiki:Spam-whitelist.
Check Spambots
Check Spambots (http://www.mediawiki.org/wiki/Extension:Check_Spambots) is an
automated script that may be configured to query the one of several spambot or
open-proxy-IP-address databases prior to allowing a user to perform a function. (APIs are
required for several of these databases.) Install:
sudo mkdir /var/lib/mediawiki/extensions/CheckSpambots
cd /var/lib/mediawiki/extensions/CheckSpambots
154 of 265
Copy the CheckSpambots.php script from this location (http://www.mediawiki.org
/wiki/Extension:Check_Spambots) and save it as /var/lib/mediawiki/extensions
05/24/2012 08:14 AM
UbuntuGuide Part2 -
/CheckSpambots/CheckSpambots.php (use the gedit text editor instead of kate if
sudo kate /var/lib/mediawiki/extensions/CheckSpambots/CheckSpambots.php
Also download and save into the /var/lib/mediawiki/extensions/CheckSpambots folder the
files (use the gedit text editor instead of kate if using Ubuntu instead of Kubuntu):
check_spammers_plain.php (http://www.mediawiki.org
/wiki/Extension:Check_Spambots/check_spammers_plain.php) :
sudo kate /var/lib/mediawiki/extensions/CheckSpambots/check_spammers_plain.php
en.php (http://www.mediawiki.org/wiki/Extension:Check_Spambots/en.php) :
sudo kate /var/lib/mediawiki/extensions/CheckSpambots/en.php
functions.php (http://www.mediawiki.org/wiki/Extension:Check_Spambots
/functions.php) :
sudo kate /var/lib/mediawiki/extensions/CheckSpambots/functions.php
config.php (http://www.mediawiki.org/wiki/Extension:Check_Spambots/config.php) :
sudo kate /var/lib/mediawiki/extensions/CheckSpambots/config.php
Edit the config.php to choose which databases to check, where to log results, and other
variables.
Add to the end of your LocalSettings.php file these lines:
#
# CheckSpambots
#
require_once("extensions/CheckSpambots/CheckSpambots.php");
#
$wgEnableSorbs = false;
#
Note: The $wgEnableSorbs variable is not required with/after MediaWiki 1.16.
Bad Behavior
Bad Behavior (http://www.mediawiki.org/wiki/Extension:Bad_Behavior) is an extension
(created for Wordpress blogs) which blocks e-mail harvesters, spambots, and other
malicious intent. See the configuration (http://bad-behavior.ioerror.us/documentation
/configuration/) settings. Install:
155 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
cd /var/lib/mediawiki/extensions
sudo wget http://downloads.wordpress.org/plugin/bad-behavior.2.0.41.zip
sudo unzip bad-behavior.2.0.41.zip
sudo rm bad-behavior.2.0.41.zip
Towards the end of your LocalSettings.php file add the lines:
#
# the Bad Behavior extension
#
include_once( "$IP/includes/DatabaseFunctions.php" );
include( "$IP/extensions/bad-behavior/bad-behavior-mediawiki.php" );
#
Bad-behavior logs to a database, which doesn't work for me. Turn this off by editing
the bad-behavior-mediawiki.php file (use the gedit text editor instead of kate if
sudo kate /var/lib/mediawiki/extensions/bad-behavior/bad-behavior-mediawiki.php
and change the line:
'logging' => true,
to
'logging' => false,
AkismetKlik
AkismetKlik (http://www.mediawiki.org/wiki/Extension:AkismetKlik) uses the Akismet
engine (created for Wordpress blogs) to filter comment spammers.
ConfirmAccount
The Confirm Account (http://www.mediawiki.org/wiki/Extension:ConfirmAccount)
extension disables direct account creation and requires the approval of new accounts by
a bureaucrat. (As spam becomes increasingly prevalent, this maneuver often becomes
necessary).
SideBar Donate
This SideBarDonateBox (http://www.mediawiki.org/wiki/Extension:SidebarDonateBox)
extension adds a PayPal donate button (https://www.paypal.com/us/cgibin/?cmd=_donate-intro-outside) to the Sidebar. (Sign up with PayPal donate
(https://www.paypal.com/us/cgi-bin/?cmd=_donate-intro-outside) and generate the code
for a Donate button first.) Install:
156 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo mkdir /var/lib/mediawiki/extensions/SidebarDonateBox
cd /var/lib/mediawiki/extensions/SidebarDonateBox
sudo wget http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/SidebarDonateBox/SidebarDonateBox.php
Add to the LocalSettings.php file code similar to this:
# This is for the Sidebar PayPal button
#
require_once("$IP/extensions/SidebarDonateBox/SidebarDonateBox.php");
#
#$egSidebarDonateBoxContent = 'PayPal code';
#
$egSidebarDonateBoxContent = '<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="12345678">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>';
#
Replace the value 12345678 with the value for the PayPal Donate button
generated for your account.
Google AdSense
Few websites make money from placing ads, anymore, simply because there are so
many websites. (In 5 years I made no more than a dollar.) Still, Google Adsense is one of
the few ways to easily place ads on your site. (Google is selective about its partners
these days, so make sure your website is mature and fully functional before signing up
with Google AdSense.)
Sign up for Google AdSense (https://www.google.com/adsense/apply) and wait for a
confirmation e-mail (usually takes 2 days).
Create an ad unit as instructed in the confirmation e-mail.
Google AdSense -> AdSense Setup -> AdSense for Content
-> Ad unit - Choose if you just want images, text or both -> Continue
-> Format: 124 x 240 Vertical Banner
-> Colors: Graphite (or your preference)
-> Other desired settings -> Submit and get code
Save the generated code to a text file.
Google AdSense2
The MediaWiki Google AdSense 2 (http://www.mediawiki.org
/wiki/Extension:Google_AdSense_2) extension places an AdSense box in the MediaWiki
sidebar. This has the advantage of being visible on every page. You must create a 124 x
240 Vertical Banner ad unit to use with it.
157 of 265
Download and install :
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo wget http://upload.wikimedia.org/ext-dist/GoogleAdSense-MW1.16-r61946.tar.gz
sudo tar -xzf GoogleAdSense-MW1.16-r61946.tar.gz -C /var/lib/mediawiki/extensions
Using the settings found in the generated code, edit your LocalSettings.php file,
adding the lines:
#
# This section is for Google AdSense
#
require_once( "$IP/extensions/GoogleAdSense/GoogleAdSense.php" );
$wgGoogleAdSenseClient = 'replace this with the client name';
$wgGoogleAdSenseSlot = 'replace this with the slot name';
$wgGoogleAdSenseID = 'replace this with your ID';
// Width of the AdSense box, specified in your AdSense account
$wgGoogleAdSenseWidth = 120;
// Height of the AdSense box, specified in your AdSense account
$wgGoogleAdSenseHeight = 240;
// Source URL of the AdSense script
$wgGoogleAdSenseSrc
= "http://pagead2.googlesyndication.com/pagead/show_ads.js";
// Show the AdSense box only for anonymous users
$wgGoogleAdSenseAnonOnly = false;
#
While logged into your MediaWiki site as an administrator, edit the page
Mediawiki:Common.css and add the lines:
/* Pad Google AdSense box in portlet in sidebar */
#p-googleadsense .pBody {
padding-top: 5px;
text-align: center;
}
Google AdSense will now appear in the sidebar. Obviously, users who block scripts
(using NoScript, for example) or block ads (using Adblock Plus, for example) will not
be able to view the ads. To test whether the ads display correctly, make sure your
own script and ad blockers (if any) are turned off, as well.
Google AdSense
The original Google AdSense (http://www.mediawiki.org/wiki/Extension:GoogleAdSense)
Mediawiki extension uses tags to place ads. Both this extension and the AdSense2
extension (for the sidebar) can be used simultaneously (as long as they are stored in
differently-named extensions folders).
Download and extract:
sudo wget -O GoogleAdSense.zip http://www.paulgu.com/files/getfile/getfile.php?id=10
sudo unzip GoogleAdSense.zip
sudo rm GoogleAdSense.zip
158 of 265
This will give you a folder named GoogleAdSense. However, this is the same folder
name as the folder for Google AdSense2, so rename the folder while moving it to
the extensions folder:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo mv GoogleAdSense /var/lib/mediawiki/extensions/GoogleAdSense30
Generate a content ad unit in the Google AdSense account. Long horizontal ads can
be created as 728 x 90. Copy the generated code into a file and save it for
reference.
Edit the GoogleAdSense.php file (use the gedit text editor instead of kate if using
sudo kate /var/lib/mediawiki/extensions/GoogleAdSense30/GoogleAdSense.php
Find the line:
$PUBLISHER_ID = "pub-xxxxxxxxxxxxxxxx";
and replace pub-xxxxxxxxxxxxxxxx with the publisher ID (aka google_ad_client) that was
generated during your ad unit code generation.
Find the line:
'C01' => array('unitID' => 'xxx', 'width' => '728', 'height' => '90', 'position' => 'none'),
and replace xxx with the google_ad_slot number (such as 1234567890) that corresponds
to the ad unit you wish to use. Note the C01. This will be the uid that corresponds to this
ad unit. The width and height should correspond to those of the ad unit being used.
Edit your LocalSettings.php file and add the lines:
#
# Google Adsense. Edit /var/lib/mediawiki/extensions/GoogleAdSense30/GoogleAdSense.php.
# Use tags such as <google uid="C01" position="none"></google>
#
include_once( "$IP/extensions/GoogleAdSense30/GoogleAdSense.php" );
#
Then you can place your ad on any page by placing a tag such as
<google uid="C01" position="none"></google>
ShareThis
The ShareThis (http://www.mediawiki.org/wiki/Extension:ShareThis) extension provides
links to popular social bookmarking and news sources. It works without modification for
the Monobook skin.
159 of 265
Install:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo mkdir /var/lib/mediawiki/extensions/ShareThis
cd /var/lib/mediawiki/extensions/ShareThis
Copy the ShareThis script (http://jimbojw.com/wiki/index.php?title=ShareThis) into a
text file:
sudo kate /var/lib/mediawiki/extensions/ShareThis/ShareThis.php
This is a PHP script, so make sure the first line is:
<?php
Install the associated icons:
cd /usr/share/mediawiki/skins/common/images
sudo wget http://jimbojw.com/download/sharethis-icons.zip
sudo unzip sharethis-icons.zip
sudo rm sharethis-icons.zip
Edit your LocalSettings.php file and add the lines:
#
# Add ShareThis to the sidebar
require_once( "$IP/extensions/ShareThis/ShareThis.php" );
$wgShowShareThisSidebar = true;
#
Facilitate printing to an eBook
Collections
The Collection (http://www.mediawiki.org/wiki/Extension:Collection) extension facilitates
grouping pages for export to PDF or other format. (See Wikieducator
(http://wikieducator.org/Help:Collections) for an example). This is the system Wikipedia
uses to create eBooks. It can be used with MediaWiki 1.14 or later. For more information
see this article.
PdfBook
Some wiki users like to print out part or all of the wiki into an ebook (PDF format). This
can be facilitated with the PdfBook (http://www.mediawiki.org/wiki/Extension:PdfBook)
extension. For more information see this article.
Add Quotations
Bashfr (http://www.mediawiki.org/wiki/Extension:Bashfr) is an extension that uses a text
file in the Fortune (http://en.wikipedia.org/wiki/Fortune_%28Unix%29) format and
160 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
displays one random quote from that file.
Create a folder named bashfr in the extensions folder of your site. In a multi-site
wiki, this will be at /etc/mediawiki/sites/subsite_x/extensions. Otherwise the default
location is at /var/lib/mediawiki/extensions.
sudo mkdir /var/lib/mediawiki/extensions/bashfr
Create a text file named bashfr.php in this directory into which you will copy the PHP
code found here (http://www.mediawiki.org/wiki/Extension:Bashfr#Code) (use the
gedit text editor instead of kate if using Ubuntu instead of Kubuntu).
sudo kate /var/lib/mediawiki/extensions/bashfr/bashfr.php
Edit the LocalSettings.php file for your wiki and add these lines (towards the end of
the file):
# For the Bashfr quotations module
#
require_once("$IP/extensions/bashfr/bashfr.php");
#
Copy (or create) a text file in the Fortune format with a list of the quotations in it. It
should look like:
I reject your reality and substitute my own...
%
This is one of those "What the hell am I doing?" moments, over!
%
We got a robot in the water, he's stuffed with tuna and it's just another day here at Mythbusters.
It is possible to include a URL as the text in a quotation. (Most browsers will
then automatically change the text into an actual link.) In this way, a list of
random URL links can also be displayed through the Fortune display.
My reality comes from http://ubuntuguide.org
%
When I wonder "What the hell I am doing?" I go to Kubuntuguide at http://ubuntuguide.org/wiki/Kubuntuguide
%
MediaWiki is the premier wiki. Visit their website: http://www.mediawiki.org/wiki/MediaWiki
Copy this file to the /var/lib/mediawiki/extensions/bashfr folder (or to your subsite's
particular extensions folder) and rename it to bashfr_fortunes .
Wherever you want to place a random quotation from this file, place this tag on
your MediaWiki page:
<bashfr />
161 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Add or edit quotations merely by editing the bashfr_fortunes text file. Be sure to
maintain the format of a Fortune file (i.e. with a % symbol between each quotation).
Add these lines to the LocalSettings.php file so that a new quote appears every day
(or more frequently by using a number smaller than 86400, which is the interval in
seconds in which to clear the cache).
# This clears the cache daily, which I use to change rotating content (pictures, fortunes, etc.) daily.
#
Add Random elements as advertisements
Random (http://www.mediawiki.org/wiki/Extension:Random) is an extension that allows
one (or more) of a selection of items (or wiki elements) in a list to be presented
randomly. This extension allows wiki tags (and elements) so that a combination of
images, text, and URL links can be presented together (which together would constitute
a typical ad). This is useful for displaying advertisements specific to (and stored within)
the wiki.
Create a folder named Random in the extensions folder of your site. In a multi-site
wiki, this will be at /etc/mediawiki/sites/subsite_x/extensions. Otherwise the default
location is at /var/lib/mediawiki/extensions.
sudo mkdir /var/lib/mediawiki/extensions/Random
Create a text file named Random.php in this directory into which you will copy the
PHP code found here (http://www.mediawiki.org/wiki/Extension:Random#Code) (use
the gedit text editor instead of kate if using Ubuntu instead of Kubuntu).
sudo kate /var/lib/mediawiki/extensions/Random/Random.php
the file):
# For the Random extension, used to randomly select an item from a list
#
require_once("$IP/extensions/Random/Random.php");
#
An example use of this tag would resemble:
<random>
<format>Visit our sponsor: [%ITEM%]</format>
<item>http://ubuntuguide.org UbuntuGuide</item>
<item>http://ubuntuguide.org/wiki/KubuntuGuide Kubuntuguide</item>
<item>http://www.mediawiki.org MediaWiki</item>
</random>
162 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
In this example, one of the three items in the list would be randomly selected to
replace %ITEM%, yielding an external wiki link in this format: [http://ubuntuguide.org
UbuntuGuide], which would appear on a wiki page:
Visit our sponsor: UbuntuGuide (http://ubuntuguide.org)
To create ads with images (that can be the size, shape, and format of an ad banner,
for example), use this type of tag (note that the caption portion of the tag is only
functional in MediaWiki 1.17 or later):
<center>
<random>
<format>Visit our sponsor:<br>[[%ITEM%]]</format>
<item>File:Tech_tux.png|48px|center|link=http://ubuntuguide.org UbuntuGuide|Visit our sponsor: UbuntuGuide</item>
<item>File:ExampleAdPic2.png|55px|center|link=http://ubuntuguide.org/wiki/Kubuntuguide|Visit our sponsor: KubuntuGuide</
<item>File:ExampleAdPic3.jpg|center|link=http://exampleexternaldomain.info|caption</item>
</random>
</center>
yielding an external wiki link in this format:
[[File:Tech_tux.png|48px|center|link=http://ubuntuguide.org|Visit our sponsor:
UbuntuGuide]] which would appear (in versions prior to MediaWiki 1.17) on the wiki
page:
Visit our sponsor:
The most robust method of creating ads would be to create a series of templates
(each with an ad contained within the template). The Random extension would then
be used to rotate the ad templates:
<random>
<format>{{%ITEM%}}</format>
<item>AdTemplate1</item>
</random>
where AdTemplate1 would represent the wiki page at Template:AdTemplate1,
AdTemplate2 would represent the wiki page at Template:AdTemplate2, and AdTemplate3
would represent the wiki page at Template:AdTemplate3. (In general it is best that an
administator "protect" the Template:AdTemplateX pages.) If Template:AdTemplate1 were
to contain code such as:
[[File:Tech_tux.png|48px|center|link=http://ubuntuguide.org|Visit our sponsor: UbuntuGuide]]
<center>Visit our sponsor: [http://ubuntuguide.org UbuntuGuide]</center>
then the Random extension would yield {{AdTemplate1}} which (in versions prior to
MediaWiki 1.17) would appear on a wiki page:
163 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Visit our sponsor: UbuntuGuide (http://ubuntuguide.org)
If desired, the tag code (with the list to be randomly rotated) can be placed in a
template (e.g. Template:MyWikiSponsors ) and then just the corresponding template
tag (e.g. {{MyWikiSponsors}} ) could be placed within a wiki page. (It is then highly
recommended that a wiki administrator "protect" the template so it cannot be
changed by casual wiki users.)
The {{MyWikiSponsors}} tag could then also be placed in a custom block in
the Sidebar to enable a rotation of random "ad" presentations in the sidebar.
Add these lines to the LocalSettings.php file so that a new quote appears every day
(or more frequently by using a number smaller than 86400, which is the interval in
seconds in which to clear the cache).
# This clears the cache daily, which I use to change rotating content (pictures, fortunes, etc.) daily.
#
Customise the Sidebar
CustomNavBlocks (http://www.mediawiki.org/wiki/Extension:CustomNavBlocks) is an
extension that allows regular MediaWiki wiki pages to be used in the Sidebar. This allows
extensive customisation of the sidebar, including the addition of any kind of element
such as images, numbered lists, and nested lists.
Create a folder named CustomNavBlocks in the extensions folder of your site. In a
multi-site wiki, this will be at /etc/mediawiki/sites/subsite_x/extensions. Otherwise
the default location is at /var/lib/mediawiki/extensions.
sudo mkdir /var/lib/mediawiki/extensions/CustomNavBlocks
Create a text file named CustomNavBlocks.php in this directory into which you will
copy the PHP code found here (http://git.fsinf.at/mediawiki/customnavblocks/blobs
/master/CustomNavBlocks.php) (use the gedit text editor instead of kate if using
Ubuntu instead of Kubuntu).
sudo kate /var/lib/mediawiki/extensions/CustomNavBlocks/CustomNavBlocks.php
Alternatively, download and install the code directly into the extension folder
(recommended):
sudo mkdir /var/lib/mediawiki/extensions/CustomNavBlocks
cd /var/lib/mediawiki/extensions/CustomNavBlocks
164 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo wget http://git.fsinf.at/mediawiki/customnavblocks/blobs/raw/master/CustomNavBlocks.php
Edit the LocalSettings.php file for your wiki and add these lines (toward the end of
the file):
# Installs the CustomNavBlocks extension, used to customise the MediaWiki Sidebar
#
require_once( "$IP/extensions/CustomNavBlocks/CustomNavBlocks.php" );
$wgCustomNavBlocksEnable = true;
#
Create a wiki page named MediaWiki:CustomNavBlocks. This stores the names of
the individual wiki pages, each of which will comprise a custom Sidebar block. Edit
the content to resemble:
CustomBlockUbuntu|Ubuntu
CustomBlockKubuntu|Kubuntu
SEARCH
CustomBlockRecLinks|Recommended Links
CustomBlockSidebarAd|Sponsor
CustomBlock5|Title of Block 5
DONATE
Note that several special reserved words such as SEARCH and DONATE (if using the
Sidebar Donate extension) can be used by themselves.
Create the individual wiki pages MediaWiki:CustomBlockUbuntu,
MediaWiki:CustomBlockKubuntu, MediaWiki:CustomBlockRecLinks,
MediaWiki:CustomBlockSidebarAd, MediaWiki:CustomBlock5, etc.
Edit each page to reflect the content you wish to appear in each block. It is possible to
use regular wiki tags in these pages. Adjust the content and formatting of each page so
that it appears in the Sidebar as desired.
Randomised content (including images) using the Random extension (as described
above) can also be placed in a MediaWiki:CustomBlock page as a type of Sidebar Ad
(with random ad rotation).
Each wiki page (used for the sidebar) should be "protected" by an administrator to
prevent a casual wiki user from changing it. (Note: All wiki pages with the
Mediawiki: prefix are automatically protected already, and can only be edited by
administrators anyway (and therefore do not require additional protection.))
Change skins
Skins in MediaWiki are stored in /usr/share/mediawiki/skins and are particular to the
version of MediaWiki in use. In MediaWiki 1.16, the 'vector' skin (the new default for
Wikimedia and for the upcoming MediaWiki 1.17) can be chosen by editing the
LocalSettings.php file and changing:
165 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
$wgDefaultSkin = 'monobook';
to
$wgDefaultSkin = 'vector';
Change background colours
The background colours are set in the CSS code for the skin being used. For example, if
the Monobook skin is being used, the variables are found in /skins/monobook/main.css.
There are background colours for many different areas of the wiki; each must be
changed separately. Background colours are specified using certain words (such as
white, grey, red, blue, green, yellow) or using hex-codes, examples of which are shown
here (http://www.theodora.com/html_colors.html) . For example, the main body
background colour is set to #f9f9f9 in /skins/monobook/main.css:
body {
font: x-small sans-serif;
background: #f9f9f9 url(headbg.jpg) 0 0 no-repeat;
color: black;
margin: 0;
padding: 0;
}
or the content background colour set:
#content {
background: white;
color: black;
border: 1px solid #aaa;
border-right: none;
line-height: 1.5em;
}
Add icons
A wide variety of GPL (and some LGPL) icons are available at Wikimedia Commons
(http://commons.wikimedia.org/wiki/Nuvola/apps) . There is also a large number of icons
available in the OpenClipArt Library.
Icons on a page are best displayed at a size of 48 px. Small icons in a regular line of
text are often displayed at 16 px. Icon files that have been saved as an image File in
the wiki can then be displayed (see the MediaWiki Help:Images
(http://www.mediawiki.org/wiki/Help:Images#Rendering_a_single_image) section for
more info) using a tag in the generic format:
[[File:filename.extension|options|altlabel|caption]]
166 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
where the |options|, |altlabel|, and |caption| sections are optional. (Note: the |caption|
option only works in MediaWiki 1.17 and later, and then only displays if an |altlabel| is
also designated.) For example:
[[File:Prefapp1.png|center|link=http://ubuntuguide.org|16 px|Preferred app 1]]
where the |link=http://ubuntuguide.org| is an optional link for the icon, and can be the
name of another internal wiki page (but without [[ ]] tags) or an external link (when
preceded by http://). An "alt" label (which is displayed when the mouse is rolled over the
icon) is included in this example but no caption. The |center| option is also optional, as is
the display size |16px|.
Embed media into a document
If media files (such as .mp3 audio files) are to be uploaded directly into the wiki,
make sure the upload of the media filetype is allowed by editing the
$wgFileExtensions variable in LocalSettings.php so that it includes it. For example,
to allow .mp3 files:
$wgFileExtensions = array('pdf', 'png', 'gif', 'jpg', 'flv', 'swf', 'mp3');
Media files can be used as a link for any text using this type of tag:
[[Media:MyMediaFile.mp3|any text you wish]]
As an example, this text has an audio file linked to it:
You Haven't ?
Embed a PDF document
If PDF files are to be uploaded directly into the wiki, make sure the upload of PDF
files are allowed by editing the $wgFileExtensions variable in LocalSettings.php so
that it includes pdf. For example:
$wgFileExtensions = array('pdf', 'png', 'gif', 'jpg', 'flv', 'swf');
Use an external PDF viewer
This method is the easiest and most universal.
A PDF document is uploaded as a file into MediaWiki. A link placed in a wiki page of
this format:
[[Media:uploadedpdffile.pdf|Description of this PDF File]]
167 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
will access the uploaded file for display in an external PDF viewer (such as Okular,
Evince, or Acrobat Reader).
Use Browser plugins
A PDF file can be displayed on a wiki page (using tags), but each user must have their
browser configured to handle PDF files (with an appropriate plugin or a setting that
directs the browser to an external viewer). An advantage of this method is that a PDF file
can be viewed on the wiki page at the same time as additional text on the wiki page
(that is not part of the PDF file). Not all browsers have a PDF-viewing plugin (such as this
one for Firefox) available, however, so the desired result may not be displayed in every
browser.
To display the PDF files within wiki pages, install the EmbedPDF
(http://www.mediawiki.org/wiki/Extension:EmbedPDF) plugin:
Create a folder for the extension:
sudo mkdir /var/lib/mediawiki/extensions/embedpdf
Copy the EmbedPDF.php script from this location (http://www.mediawiki.org
/wiki/Extension:EmbedPDF) and save it as /var/lib/mediawiki/extensions/embedpdf
/EmbedPDF.php (use the gedit text editor instead of kate if using Ubuntu instead of
Kubuntu):
sudo kate /var/lib/mediawiki/extensions/embedpdf/EmbedPDF.php
Edit the LocalSettings.php file for your wiki and add these lines (towards the
end of the file):
#
# This section is for EmbedPDF tags
require_once("$IP/extensions/embedpdf/EmbedPDF.php");
#
Display an uploaded PDF file by using the tags on a wiki page similar to:
<pdf>http://some.site.com/with/a/document.pdf</pdf>
or
<pdf>Your_uploaded_document.pdf</pdf>
Use templates
This took me a long time to appreciate. I have now converted my wiki(s) so that all
168 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
content is stored in templates, not on the actual wiki pages themselves. When content is
stored in templates in this manner, the display of any wiki page can be changed merely
by re-arranging the order of the templates (which contain the actual content) within it.
A template is designated by tags similar to {{MycontentTemplate1}} and
{{MycontentTemplate2}} and content is then entered directly into the wiki pages
that correspond to them: Template:MycontentTemplate1 and
Template:MycontentTemplate2.
A wiki page that displays one way can then be created using
{{MycontentTemplate1}}
or can be re-arranged to display differently merely by changing the order of the template
tags:
While this method of wiki creation takes extra steps to implement, in the long run it
provides the greatest flexibility. If you intend to create a complex wiki, a plan that
includes the liberal usage of templates (from the outset) will save a lot of time later on.
Add WebDAV storage
WebDAV (http://en.wikipedia.org/wiki/WebDAV) is a method for online storage and
versioning of documents with access control. It is sometimes useful to use WebDAV in
conjunction with MediaWiki in order to store documents with different levels of security.
WebDAV server functions are provided by the WebDAV module of the Apache2 server
(http://httpd.apache.org/docs/2.2/mod/mod_dav.html) (on which MediaWiki also runs).
See these WebDAV instructions,
Write a screenplay
Ok, this is a pretty esoteric use. I happen to use MediaWiki to write books and
screenplays. The ScreenPlay (http://www.mediawiki.org/wiki/Extension:ScreenPlay)
extension allows me to format the text in the format required for screenplays.
Create a folder for the extension:
sudo mkdir /var/lib/mediawiki/extensions/screenplay
Download and extract the extension:
wget -O ScreenPlay.zip http://siege.org/pub/mwspe/ScreenPlay-0.5.php.zip
sudo unzip ScreenPlay.zip
169 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo rm ScreenPlay.zip
Move the script into the extensions folder:
sudo mv ScreenPlay*.php /var/lib/mediawiki/extensions/screenplay/ScreenPlay.php
the file):
#
# This section is for ScreenPlay tags
require_once("$IP/extensions/screenplay/ScreenPlay.php");
#
An example of the usage of this extension is at this Congo Kitabu
(http://zebraworldcup.dyndns.org/CongoKitabuTeaser) screenplay site.
Import (K)Ubuntuguide into your site
How do I import a copy of (K)Ubuntuguide into my own wiki?
See this page for Ubuntuguide or this page for Kubuntuguide.
Troubleshooting
Mediawiki 1.15 on Firefox and Google tablet browsers
MediaWiki 1.15 does not display correctly in Google and Firefox browsers on tablets and
mobile devices. To correct this, use the solution found here (http://svn.wikimedia.org
/viewvc/mediawiki/trunk/phase3/skins/common/wikibits.js?r1=53141&r2=53140&
pathrev=53141) :
Edit /skins/common/wikibits.js with your text editor.
Comment (using // at the beginning of the relevant lines):
var is_khtml = navigator.vendor == 'KDE' ||
( document.childNodes && !document.all && !navigator.taintEnabled );
and
} else if (is_khtml) {
importStylesheetURI(stylepath+'/'+skin+'/KHTMLFixes.css');
Collections
The Collection (http://www.mediawiki.org/wiki/Extension:Collection) extension facilitates
170 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
grouping pages for export to PDF or other format. (See Wikieducator
(http://wikieducator.org/Help:Collections) for an example). This is the system Wikipedia
uses to create eBooks. It can be used with MediaWiki 1.14 or later. See this extensive
tutorial (http://edutechwiki.unige.ch
/en/Mediawiki_collection_extension_installation#Collection_extension_installation) . Also
see instructions for using this extension as a Book tool (http://meta.wikimedia.org
/wiki/Book_tool) .
Install cURL for Php5:
sudo apt-get install php5-curl
Download (http://www.mediawiki.org/wiki/Special:ExtensionDistributor/Collection)
the Collection extension and install:
wget http://upload.wikimedia.org/ext-dist/Collection-MW1.16-r66255.tar.gz
sudo tar -xzf Collection-MW1.16-r66255.tar.gz -C /var/lib/mediawiki/extensions
sudo rm Collection-MW1.16-r66255.tar.gz
Edit LocalSettings.php and add the lines (for details on settings see this README
(http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions/Collection
/README.txt) ):
#
# Add the Collections modules and settings:
#
require_once("$IP/extensions/Collection/Collection.php");
#
#$wgCollectionMWServeURL = "(string)"; // URL of a render server (default "http://tools.pediapress.com/mw-serve/")
#$wgCollectionMWServeCert = "(string)"; // (string) = SSL certificate filename, PEM format, for mw-serve render server.
# Needed for self-signed certificates, otherwise cURL will throw an error. The default is null, i.e. no certificate.
#$wgCollectionMWServeCredentials = "(string)"; // "USERNAME:PASSWORD" (or "USERNAME:PASSWORD:DOMAIN" if you're using LD
# Needed only if the MediaWiki requires to be logged in to view articles
#$wgCollectionFormats = array('rl' => 'PDF',) // Array of supported formats. Example: $wgCollectionFormats = array('rl'
#$wgCollectionArticleNamespaces = (array);
# List of namespace numbers for pages which can be added to a collection.
# Category pages (NS_CATEGORY) are always an exception (all articles in a
# category are added, not the category page itself). Default is::
# array(NS_MAIN, NS_TALK, NS_USER, NS_USER_TALK, NS_PROJECT, NS_PROJECT_TALK, NS_MEDIAWIKI, NS_MEDIAWIKI_TALK,
# 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111,);
#$wgCommunityCollectionNamespace = (integer); // Namespace for community (non-personal) collections (Default = ``NS_PROJ
# Needed only if the system message Coll-community_book_prefix has not been set.
#$wgCollectionMaxArticles = (integer); // Maximum number of articles allowed in a collection (Default 500)
#$wgCollectionLicenseName = "(string)"; // License name for articles in this MediaWiki (Default null)
# If set to ``null`` the localized version of the word "License" is used.
#$wgCollectionLicenseURL = "(string)"; // URL of an article containing the full license (Default null)
#$wgEnableWriteAPI = true; // Enables saving a collection as a wiki (Default = true)
#$wgGroupPermissions['user']['collectionsaveasuserpage'] = true;
#$wgGroupPermissions['autoconfirmed']['collectionsaveascommunitypage'] = true;
Edit the Template:Saved_book page and copy lines similar to those found here
(http://en.wikipedia.org/wiki/Template:Saved_book) .
mwlib
The default for the Collections extension is to use the online renderer found at
171 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Pediapress. However, a local Python-based rendering server can be installed (mwlib)
using these instructions (http://code.pediapress.com/wiki/wiki/mwlib-install) .
Easy installation
sudo apt-get install g++ perl python python-dev python-setuptools python-imaging
Note: python-setuptools >= 0.6c11 is required, but is not included in (K)Ubuntu Lucid or
earlier. Download and install (using sudo dpkg -i) a newer python-setuptools
(http://packages.debian.org/sid/python-setuptools) .deb package from the Debian
(unstable) repositories. Also required is a newer python-pkg-resources
(http://packages.debian.org/sid/python-pkg-resources) .deb package.
Download and install program files:
sudo easy_install mwlib
Download and install the rendering library for PDF (ReportLab):
sudo easy_install mwlib.rl
Building latest version from source
sudo apt-get install make g++ perl python python-dev python-setuptools python-imaging re2c
Download the code:
sudo git clone git://code.pediapress.com/mwlib
Build from the downloaded source:
cd mwlib
sudo make
Install:
sudo python setup.py build install
Test mwlib
172 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Check installed renderers:
mw-render --list-writers
Check help:
mw-render --help
Render a test page, first from Wikipedia then from your own wiki:
mw-render -w rl -o test.pdf -c http://en.wikipedia.org/w 'World Economic Forum'
and
mw-render -w rl -o test.pdf -c http://mywiki.mydomain.org ' Sample Article '
Start the mw server
For detailed usage instructions see here (http://code.pediapress.com/wiki/wiki/Examples)
.
Start the server.
sudo mw-serve --protocol=http --port=8899 --interface=127.0.0.1 -d
or, simply
sudo mw-serve -d
These settings are the default, except for -d. The -d switch indicates to run as a daemon.
Although the default port is 8899, this can be changed. (Don't forget to open necessary
firewalls and to forward ports on your router if the rendering server is to be publicly
accessible.)
This command can be added as a startup command. For example, copy the command to
a startup script (use the gedit text editor instead of kate if using Ubuntu instead of
Kubuntu):
sudo kate ~/.kde/Autostart/mwserver.sh
The command can also be added as a menu item.
The script or the menu item (as a Program) can also be added to the Autostart menu:
173 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
K menu -> System -> System Settings -> Advanced -> Autostart -> Add Script... (or Add program...)
Edit the LocalSettings.php file so that the variable now reads:
$wgCollectionMWServeURL = "http://127.0.0.1:8899";
Book Templates
Copy the contents from the Wikipedia Template:Saved_book (http://en.wikipedia.org
/wiki/Template:Saved_book) to your Template:Saved_book page and edit it as
desired.
PdfBook
(This method is complex and difficult to implement (but robust once
accomplished). Compare to the Collections method that Wikipedia uses. This
page is undergoing construction.)
Some wiki users like to print out part or all of the wiki into an ebook (PDF format). This
can be facilitated with the PdfBook (http://www.mediawiki.org/wiki/Extension:PdfBook)
extension. For more information see this article.
Install the htmldoc module in your OS:
sudo apt-get install htmldoc
Download (http://www.mediawiki.org/wiki/Special:ExtensionDistributor/PdfBook) and
install:
wget http://upload.wikimedia.org/ext-dist/PdfBook-MW1.16-r60653.tar.gz
sudo tar -xzf PdfBook-MW1.16-r60653.tar.gz -C /var/lib/mediawiki/extensions
sudo rm PdfBook-MW1.16-r60653.tar.gz
Edit the LocalSettings.php file and add the lines:
#
# PdfBook settings
#
require_once( "$IP/extensions/PdfBook/PdfBook.php" );
#
#$wgPdfBookLeftMargin
// 1cm
Default Left page margin
#$wgPdfBookRightMargin
// 1cm
Default Right page margin
#$wgPdfBookTopMargin
// 1cm
Default Top page margin
#$wgPdfBookBottomMargin // 1cm
Default Bottom page margin
#$wgPdfBookFont
// Arial
Default font to use if unspecified in content
#$wgPdfBookFontSize
// 8
Default Point size of default font
#$wgPdfBookLinkColour
// 217A28 Default Colour to use when rendering hyperlinks in text
#$wgPdfBookTocLevels
// 2
Default Number of outline levels to use when building the table of contents
#$wgPdfBookExclude
// empty
Default List of article titles which should not be included in the book
#
174 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
There will be a Category:Books. Each book will have then its own separate Category
named for the book (such as Category:MyBook1). Each chapter (or article) for the
book will have a tag assigning it to that Category.
Create page named Category:MyBook1 and add the lines:
{{pdf}}
{{book
| name
= MyBook1
| author = Perspectoff
| buy
= [http://mypurchasesite.mydomain.org Purchase Site]<sup>(free delivery!)</sup>
}}
[[Category:Books]]
Add any descriptive information about the eBook that you like. The
chapters/articles to be included will be listed at the bottom as subcategories.
To each page that will be in the eBook, add a link within the page (top or bottom of
the page):
[[Category:MyBook1|042]]
where 042 represents the chapter/article number.
Edit the Template:pdf page to contain the lines:
{{message|icon=[[File:Book.png|60px]]|text=This selection of articles can be
}}
'''[{{fullurl:{{FULLPAGENAMEE}}|action=pdf
Be sure to upload an image File (in this example named Book.png) to be used
as the book icon.
Edit the Template:Message page to contain the lines:
{|style="width: 100%;margin: 15px 0 0 0;padding: 3px;border: 1px solid #ccc;background: #f4f4f4;text-align: left;vertic
||
{|style="background:none;border:none;margin:0;padding:0;vertical-align:middle;"
|{{{icon|}}}
|{{{text}}}
|}
|}<noinclude>
The message template is used to format other templates. It uses the class=message css
tag within MediaWiki:Common.css.
Usage:
{{Message|icon=[[Image:Info_Icon.png|50px]]|text=This is a test}}
creates:
175 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
{{Message|icon=[[Image:Info_Icon.png|50px]]|text=This is a test}}
[[Category:Formatting templates]]</noinclude>
Edit the Template:Book and add the lines:
<noinclude>{{info|This template should be included within any article which represents a book. The article title should
<br>
Until we have a semantic form, you can copy and paste the following parameters from the box into your new book article a
<br>
<pre>
{{Book
|name = [[***]]
|author = [[***]]
|publisher = ***
|buy = ***
|ISBN = ***
|keywords = ***
|image = [[***]]
}}
</pre>
Once you have saved the new article with information about the book, an entry for that book will appear in the [[:Catego
[[Category:Required semantic forms]]
</noinclude>
{{Wbox|name=Book: {{{name}}}|content=
{{sbo}}{{!}}cellspacing=0 cellpadding=5 border=0
{{!}}{{!}}'''Author'''{{!!}}{{{author}}}
{{!}}rowspan=5 valign=top{{!}}{{#if:{{{image|}}}|[[Image:{{{image}}}|100px|right]]}}
{{!}}{{!}}'''Publisher'''{{!!}}{{{publisher}}}
{{!}}{{!}}'''Buy from'''{{!!}}{{{buy}}}
{{!}}{{!}}'''ISBN'''{{!!}}{{{ISBN}}}
{{!}}{{!}}'''Keywords'''{{!!}}{{{keywords}}}
{{!}}{{sbc}}
{{edit this form|Book}}
}}
<includeonly>[[Category:Books]]</includeonly>
<noinclude>[[Category:Records]][[Category:Organisational templates|{{PAGENAME}}]]</noinclude>
Edit the Template:Info page and add the lines:
{{message|icon=[[File:Info256.png|40px]]|text={{{1}}}}}
<noinclude>[[Category:Formatting templates]]</noinclude>
Don't forget to upload an Info256.png image as an icon.
Edit the Template:Wbox page and add the lines:
<includeonly>{| align={{{align|right}}} style="border-spacing:8px; margin:8px;"
{{#switch: {{{colour|purple}}} |
green={{!}} class="MainPageBG" style="width:{{{width|55}}}%; border:1px solid #cef2e0; background:#f5fffa; vertical-alig
blue={{!}} class="MainPageBG" style="width:{{{width|55}}}%; border:1px solid #cedff2; background:#f5faff; vertical-align
purple={{!}} class="MainPageBG" style="width:{{{width|100}}}%; border:1px solid #ddcef2; background:#faf5ff; vertical-al
}}
{|width="100%" cellpadding="2" cellspacing="5" style="vertical-align:top; background:{#switch: {{{colour|purple}}}|gree
176 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
! <div style="margin:0; background:{{#switch: {{{colour|purple}}}|green=#cef2e0|blue=#cedff2|#ddcef2}}; font-size:120%;
||style="color:#000;"| {{#if: {{{content|}}} | {{{content}}} | {{:{{{name}}}}} }}
||}
|}
</includeonly>
<noinclude>==Usage==
*name = article name, name used in box, if {{{contents}}} is omitted, then the name is a link, and {{{name}}} is transcl
*contents = optional, if supplied the wikitext is placed under the box
*colour = green|blue|purple (default)
*align = left|center|right (default)
*width = pixel number (300 default)
=== Examples ===
Wikitext content;
<pre>
{{Wbox|name=Foo|content=Fodda|colour=purple|align=center|width=100}}
{{Wbox|name=Foo|content=Fodda|colour=green|align=center|width=100}}
{{Wbox|name=Foo|content=Fodda|colour=blue|align=center|width=100}}
</pre>
Renders;
{| =
|- align="center" valign="top"
| {{Wbox|name=Foo|content=Fodda|colour=purple|align=center|width=100}}
| {{Wbox|name=Foo|content=Fodda|colour=green|align=center|width=100}}
| {{Wbox|name=Foo|content=Fodda|colour=blue|align=center|width=100}}
|}
</noinclude>
Drupal6 tips
Drupal (Web content publishing)
Drupal (http://drupal.org/) is the leading open-source package for website creation and
content collaboration. A modular approach to website building, from simple out-ofthe-box websites to complex sites, is possible with a short learning curve. Get more info
on how to get started (http://drupal.org/getting-started) . Drupal requires an installation
of a LAMP server stack; if you have not already installed LAMP, it will be installed along
with Drupal 6. I have found it easier to use the MySQL (http://en.wikipedia.org
/wiki/MySQL) database (the "M" in LAMP), but Drupal6 can also integrate with PostgreSQL
(http://en.wikipedia.org/wiki/Postgresql) if you have it installed. Drupal is available as a
package, or from the command-line terminal:
After everything is installed (and the problems below sorted out), make sure the
apache2 rewrite engine module is enabled, then restart the apache2 server:
177 of 265
Finish installation through your browser:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
http://localhost/drupal6/install.php
Installation quirks
Exim vs. Postfix
Exim (http://www.exim.org/) and Postfix (http://www.postfix.org/) are mail handlers. I had
installed Postfix at the time I installed my Ubuntu server (but was not using it). But
Drupal uses Exim and therefore removes Postfix at installation and installs Exim instead.
Therefore, it is better not to use Drupal on a mail server that uses Postfix.
Folder permissions
The files folder must belong to the www-data group, and the group must have "Can View
& Modify Content" permissions.
The dbconfig.php file must belong to the www-data group, and the group must have
"Can read" permissions.
Prior to the initial installation through the browser, make sure the settings.php file
initially has "Can View & Modify Content" permissions set for Owner, Group, and Others.
If it doesn't, an installation error will be generated. (As part of the installation process,
the permissions will subsequently be adjusted to their final desired settings
automatically.)
Browser installation
Status report
Updates
You may get the message that you need to update. The message won't go away. It's less
easy once you've set up your site, so you should do it now.
Download the recommended update to your /etc/drupal folder and extract it. For
example:
cd /etc/drupal
sudo wget -O drupal-current.tar.gz http://ftp.drupal.org/files/projects/drupal-6.16.tar.gz
sudo tar zxvf drupal-current.tar.gz
178 of 265
Read the UPGRADE.txt file that was extracted. It has complete details how to
upgrade. The following instructions are for first time installation only, since I am not
backing up the databases (which is a step you should not skip if you have already
been using Drupal):
Go offline:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
http://localhost/drupal6/?q=admin/settings/site-maintenance ->
Offline
or
Drupal -> Administer -> Site configuration -> Site maintenance ->
off-line -> Save configuration
Copy all the files that were extracted into the installation directory (which is
/usr/share/drupal6):
sudo cp -rf /etc/drupal/drupal-6.16/* /usr/share/drupal6
Note: the option -f forces the old files to be overwritten.
Update the core database tables using the provided script:
http://localhost/drupal6/update.php
Go back online:
http://localhost/drupal6/?q=admin/settings/site-maintenance -> Online
There are lots of other steps to take if you are already using Drupal, so read the
UPGRADE.txt file carefully.
If you are upgrading a multi-site version, it is trickier. If the core modules and
themes were originally copied to the /etc/drupal/6/sites/all folder, the newly-updated
core modules and themes should again be copied there. (Be careful, though, not to
overwrite your own customized themes if you have already created some or
modified the originals.)
sudo cp -rf /etc/drupal/drupal-6.16/modules/* /etc/drupal/6/sites/all/modules
sudo cp -rf /etc/drupal/drupal-6.16/themes/* /etc/drupal/6/sites/all/themes
Each of the multiple sites must then be updated individually.
Note: Many users do not use customized themes and prefer to have the core modules
and themes always updated along with their core Drupal updates. For these users, it is
best not to copy the core modules and themes into the /etc/drupal/6/sites/all folder.
(Whenever the core installation is then updated, therefore, the modules and themes in
the core installation directory (i.e. /usr/share/drupal6) will be simultaneously updated.)
These users will only install add-on modules and customized themes into their
/etc/drupal/6/sites/all or /etc/drupal/6/sites/mysite_x folders.
Cron
The documentation for this task is here (http://drupal.org/cron) . My site is small, so my
cron task is daily and simple (and can be run by hand using):
http://localhost/drupal6/cron.php
I can add the task to my cron list:
179 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo crontab -e
And add the line (with the nano editor, or the one you prefer):
45 18 * * * /usr/bin/wget -O - -q -t 1 http://localhost/drupal6/cron.php
this will run the script at 45 minutes after 1800 every day.
If you want it to run every hour on the hour, then use:
0 * * * * /usr/bin/wget -O - -q -t 1 http://localhost/drupal6/cron.php
Multi-site Installation
If you intend to run multiple websites, using a single Drupal6 installation, then follow
these instructions (http://drupal.org/node/138889) carefully. I could only get this to work
if each site had its own domain name, e.g mysite_1.mydomain.org and
mysite_2.mydomain.org. (I could not get it to work for mysite.mydomain.org/subsite_1
and mysite.mydomain.org/subsite_2).
Install Drupal6 and the first website (mysite_1.mydomain.org).
Configure database for drupal6 with dbconfig-common? Yes
Database type to be used by Drupal6: mysql
Password of your database's administrative user: mysqlrootpassword
MySQL application password for drupal6: mysqldrupal6password
Copy the /etc/drupal/6/sites/default folder to the first subsite (in this example
named mysite_1.mydomain.org).
sudo cp -r /etc/drupal/6/sites/default /etc/drupal/6/sites/mysite_1.mydomain.org
Remove the symbolic link and create a new files folder. The files folder should
belong to the group www-data, and the group should have "Can View & Modify
Content" permissions.:
sudo
sudo
sudo
sudo
180 of 265
rm /etc/drupal/6/sites/mysite_1.mydomain.org/files
mkdir /etc/drupal/6/sites/mysite_1.mydomain.org/files
chown -R root:www-data /etc/drupal/6/sites/mysite_1.mydomain.org/files
chmod 764 /etc/drupal/6/sites/mysite_1.mydomain.org/files
Copy a 135x135 image that you wish to use as a logo (in the upper left corner) into
the /etc/drupal/6/sites/mysite_1.mydomain.org/files folder. Rename it WebLogo.png
in that folder.
Create a virtual host file for the new sites:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo nano /etc/apache2/sites-available/drupal6virtualhost
Add the lines:
#
# Virtual hosting configuration for Drupal6
#
#
<VirtualHost *:80>
ServerAdmin webmaster@mysite_1.mydomain.org
#
DocumentRoot /usr/share/drupal6/
ServerAlias *.mysite_1.mydomain.org mysite_1.mydomain.org
RewriteEngine On
RewriteOptions inherit
</VirtualHost>
#
<VirtualHost *:80>
ServerAdmin webmaster@mysite_2.mydomain.org
#
ServerAlias *.mysite_2.mydomain.org mysite_2.mydomain.org
RewriteEngine On
</VirtualHost>
symbolic link:
sudo ln -s /etc/apache2/sites-available/drupal6virtualhost /etc/apache2/sites-enabled
Restart Apache:
Install the first website through the (Konqueror/Firefox) browser:
http://mysite_1.mydomain.org/install.php
181 of 265
Site Name: My Website 1
Site e-mail address: webmaster@mysite_1.mydomain.org
Administrator Account Username: webmaster -> Password: mywebmasterpassword
Clean URLs: Enabled
Makes sure only administrators can create new accounts initially, or you will have
lots of new guest within the first 30 minutes of being live.
Drupal -> Administer -> User management -> User settings -> Only site
administrators can create new accounts
Now you will re-install a new database for each planned subsite.:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo dpkg-reconfigure drupal6
Re-install database for drupal6? Yes
Database type to be used by drupal6: mysql
Connection method for MySQL database of drupal6: unix socket
Name of your database's administrative user: root
Password of your database's administrative user: mysqlrootpassword
username for drupal6: drupal6b
database name for drupal6: drupal6b
Copy the /etc/drupal/6/sites/default folder to the second subsite (in this example
named mysite_2.mydomain.org).
sudo cp -r /etc/drupal/6/sites/default /etc/drupal/6/sites/mysite_2.mydomain.org
sudo
sudo
sudo
sudo
rm /etc/drupal/6/sites/mysite_2.mydomain.org/files
mkdir /etc/drupal/6/sites/mysite_2.mydomain.org/files
chown -R root:www-data /etc/drupal/6/sites/mysite_2.mydomain.org/files
chmod 764 /etc/drupal/6/sites/mysite_2.mydomain.org/files
Sometimes the permissions of the settings.php and dbconfig.php must be
unrestricted during installation:
sudo chmod 777 /etc/drupal/6/sites/mysite_2.mydomain.org/settings.php
sudo chmod 777 /etc/drupal/6/sites/mysite_2.mydomain.org/dbconfig.php
182 of 265
Install the second website through the (Konqueror/Firefox) browser:
http://mysite_2.mydomain.org/install.php
Site Name: My Website 2
Site e-mail address: webmaster@mysite_2.mydomain.org
Administrator Account Username: webmaster -> Password: mywebmasterpassword
Clean URLs: Enabled
This process can be repeated if desired (if enough URLs are available).
The two websites will be available:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
http://mysite_1.mydomain.org
and
http://mysite_2.mydomain.org
Now you have two separate sites. When it is time to upgrade, you will only have to
upgrade the core Drupal installation.
Copy modules and themes folders
Files, themes, and modules to be shared by all subsites should go in the "all"
subsite. (This is an optional step, but if you don't, then the core installation modules
and themes folders will be used for common files. If you modify any of the core
installation modules or themes, they will be overwritten at the time of an upgrade).
Copy the code folders:
sudo cp -a /usr/share/drupal6/modules/ /etc/drupal/6/sites/all
sudo cp -a /usr/share/drupal6/themes /etc/drupal/6/sites/all
and (optionally) make a directory for shared files:
sudo mkdir /etc/drupal/6/sites/all/files
sudo chmod 777 /etc/drupal/6/sites/all/files
(Optionally), copy the themes and modules from the core installation folder to your
subsite folder, so you can customize them without changing the core installation:
cp -a /usr/share/drupal6/modules/ /etc/drupal/6/sites/mysite_x.mydomain.org
cp -a /usr/share/drupal6/themes /etc/drupal/6/sites/mysite_x.mydomain.org
Note: If you do these steps before installing each subsite, Drupal will get confused and
will display an error. Therefore, do this step only after completing the installation
(install.php) script. During installation, Drupal only likes to find one modules folder (i.e.
the one in /usr/share/drupal6). If you are adding subsites after having already used
Drupal for a while, then temporarily rename the modules (and themes) folders in the
/etc/drupal/6/sites/all folder to something else (such as modules.bak and themes.bak).
Make sure there are no modules or themes folders in the subsite folder (i.e. in the
/etc/drupal/6/sites/mysite_x.mydomain.org folder) until after installation has been
completed. Then you can complete the steps above (or merely rename modules.bak and
themes.bak to modules and themes again). You may need to run the update.php script
for each subsite again, after doing this.
Note: Many users do not use customized themes and prefer to have the core modules
and themes updated along with their core Drupal updates. For these users, it is best not
to copy the core modules and themes into the /etc/drupal/6/sites/all folder. (Whenever
the core installation is then updated, therefore, the modules and themes in the core
installation directory (i.e. /usr/share/drupal6) will be simultaneously updated.) These
users will only install add-on modules and customized themes into their /etc/drupal
/6/sites/all or /etc/drupal/6/sites/mysite_x folders.
183 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Update each site
There are a variety of error messages that may occur when using a multi-site installation
(from initially using shared configuration files). Many can be cured just by updating each
subsite individually. This will update configuration files and store them in your subsite
folder(s). You must be logged in as the original user of the subsite to run the update
script.
http://mysite_x.mydomain.org/update.php
Multisite cron
Refer to these instructions (http://drupal.org/node/246091) . I can add the task(s) to my
cron list:
sudo crontab -e
And add the lines (with the nano editor, or the one you prefer):
45 18 * * * /usr/bin/wget -O - -q -t 1 http://mysite_1.mydomain.org/cron.php
this will run the scripts separately, at 45 minutes after the 1800 hour, the 1900
hour, and the 2000 hour every day (each site at a different hour).
If you want all the cron scripts to run every hour, then stagger them:
0 * * * * /usr/bin/wget -O - -q -t 1 http://mysite_1.mydomain.org/cron.php
this runs one script on the hour (0), one script at 20 minutes past the hour, and
one script at 40 minutes past the hour.
Build your site
You should be ready to go. Start building your site.
Drupal site building tips
Introduction
Drupal (http://drupal.org/) is one of the most widely used website servers in the world. It
is even used by the US White House (http://drupal.org/whitehouse-gov-launcheson-drupal-engages-community) . It is free and open source and can be customised to
184 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
many different uses by installing additional modules. This page is a cookbook of how I
set up a Drupal site and may be helpful for getting an initial site customized. I am
assuming you have one (or multiple) Drupal installations running using these
instructions.
Initial user setup
It is not a good idea to give anonymous users access to the site or create accounts
until you have the site completely set up and are ready to publish. There are people
trolling the web looking for new setups, who will create an account and start
installing modules faster than you can. Turn off anonymous user accounts:
administrators can create new user accounts.
Create an administrator user role:
Drupal -> Administer -> User management -> Roles -> Add role -> administrator ->
edit permissions -> check all
Create a new user who will be an administrator
Drupal -> Administer -> User management -> Users -> Add user -> Adminuser ->
roles -> administrator
Use this user as your everyday administrator, saving the user you created at
installation as the superuser
Create a Welcome page
Create a Welcome page:
Drupal -> Create content -> Page
You can choose where the display will end by adding the tag at the end:

Note: If you don't put this tag at the end, the display of the page (known as the
"teaser") will be truncated to 300 characters by default. This behavior can be
changed:
Drupal -> Administer -> Content management -> Post Settings -> Length of
trimmed posts: Unlimited
Change your default logo
185 of 265
The ideal size for a logo is about 110 x 100 pixels. A transparent background for the
logo is desirable. (You can use Gimp to create an alpha transparency layer for any
05/24/2012 08:14 AM
UbuntuGuide Part2 -
photo. See these instructions (http://www.fabiovisentin.com/tutorial
/GIMP_transparent_image/gimp_how_to_make_transparent_image.asp) .) You can
use Gimp or Gwenview to resize the image.
The default logo is specific to the Theme you are using. If you are using the default
Garland theme, for example, change the logo:
Drupal -> Administer -> Themes -> Garland -> configure -> Logo image settings ->
Use the default logo: unticked ->
Upload logo image: your_own_customised_logo.png
Create a new menu in the left sidebar
When most users create new content (such as a Page or Story), they place it in the
Primary Links or Secondary Links menus. At installation, Primary Links and Secondary
Links appear at the top of the page, which looks nice. But what if you want a new menu,
that appears (for example) only on the left sidebar?
Create a new menu:
Drupal -> Administer -> Site building -> Menus -> Add menu ->
Menu name: mynewmenu -> Title: My New Menu -> Description: This is a custom
menu I created. ->
Place the new menu in the left sidebar:
Drupal -> Administer -> Site building -> Blocks -> Disabled ->
My New Menu -> Left sidebar -> Save blocks
Add items to the menu (these can be external links or links to internal pages):
Drupal -> Administer -> Site building -> Menus ->
My New Menu -> Add item
Note that you can also create new content and add it to this new menu at any time.
Increase PHP memory
Increase PHP memory (or you will get a "memory exhausted" error). (Use the gedit
text editor instead of kate if using Ubuntu instead of Kubuntu.):
sudo kate /etc/drupal/6/sites/mysite_x/settings.php
Add this line at the end:
ini_set('memory_limit', '96M');
186 of 265
I used to use 32M, but 96M helps with graphics.
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Increase uploaded file size limits
The PHP scripting language is used for uploads. Absolute upload limits for the Apache
webserver are set in a PHP configuration file and must be changed there.
Your uploads are probably larger than the default upload limits of PHP (set at 2
Mb, or "2M", by default), so we will need to increase those. In the example
below, I will change the upload limit to 100 Mb ("100M"). Two parameters must
be changed in the php.ini configuration file in /etc/php5/apache2 (use the gedit
text editor instead of kate if using Ubuntu instead of Kubuntu):
cd /etc/php5/apache2
sudo kate php.ini
Change:
post_max_size = 8M
to
post_max_size = 100M
Change:
to
Save the file and restart apache2:
Install content creation kit (CCK) and other
important modules
If you have a multi-site installation, create modules and themes folders within the
/etc/drupal/6/sites/mysite_x folder, which will be specific to that site. If you wish to
use modules and themes for all your subsites, then create modules and themes
folders in the /etc/drupal/6/sites/all folder.
If you install your custom modules and themes in the root installation directory
(/usr/share/drupal6), then they will be overwritten every time you do an upgrade, (which
187 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
may or may not be desirable to you).
Although the recommended procedure is to install each module one-by-one
(updating and setting the functions for each installed module individually), you may
be able to install them all, update once, then set the functions for all the module
simultaneously. This will only work if you have increased the PHP memory (as
detailed in the previous step).
Install the CCK (http://drupal.org/project/cck) module:
cd /etc/drupal/6/sites/all/modules
sudo wget http://ftp.drupal.org/files/projects/cck-6.x-2.6.tar.gz
sudo tar zxvf cck-6.x-2.6.tar.gz
sudo rm cck-6.x-2.6.tar.gz
Note: If you wish this module to be available to only one subsite, then install it
instead into the /etc/drupal/6/sites/mysite_x/modules folder.
Note: You must update and adjust permissions after module installation.
Drupal -> Administer -> Modules -> CCK -> select CCK module functions to enable
Install the Views (http://drupal.org/project/views) module:
sudo wget http://ftp.drupal.org/files/projects/views-6.x-2.10.tar.gz
sudo tar zxvf views-6.x-2.10.tar.gz
sudo rm views-6.x-2.10.tar.gz
Drupal -> Administer -> Modules -> Views -> select Views module functions to
enable
When you wish to configure the Views properties of a content node, go to:
Drupal -> Administer -> Site Building -> Views -> Enable and Edit the node Views
you wish to use
Install the Date (http://drupal.org/project/date) module:
sudo wget http://ftp.drupal.org/files/projects/date-6.x-2.4.tar.gz
sudo tar zxvf date-6.x-2.4.tar.gz
sudo rm date-6.x-2.4.tar.gz
188 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Drupal -> Administer -> Modules -> Date/Time -> select Date/Time module
functions to enable
Install the jQuery UI (http://drupal.org/project/jquery_ui) module:
sudo wget http://ftp.drupal.org/files/projects/jquery_ui-6.x-1.3.tar.gz
sudo tar zxvf jquery_ui-6.x-1.3.tar.gz
sudo rm jquery_ui-6.x-1.3.tar.gz
cd /etc/drupal/6/sites/all/modules/jquery_ui
sudo wget http://jquery-ui.googlecode.com/files/jquery.ui-1.6.zip
sudo unzip jquery.ui-1.6.zip
sudo rm jquery.ui-1.6.zip
sudo cp -r jquery.ui-1.6 jquery.ui
Drupal -> Administer -> Modules -> User interface -> select jQuery UI module
functions to enable
Install the Event (http://drupal.org/project/event) module:
sudo wget http://ftp.drupal.org/files/projects/event-6.x-2.x-dev.tar.gz
sudo tar zxvf event-6.x-2.x-dev.tar.gz
sudo rm event-6.x-2.x-dev.tar.gz
Install a few miscellaneous Event:Datepicker modules (see this thread
(http://drupal.org/node/619084) ):
cd /etc/drupal/6/sites/all/modules/event/contrib/datepicker
sudo wget http://www.kelvinluck.com/assets/jquery/datePicker/v2/demo/styles/datePicker.css
sudo wget http://www.kelvinluck.com/assets/jquery/datePicker/v2/demo/scripts/jquery.datePicker.js
sudo wget http://www.kelvinluck.com/assets/jquery/datePicker/v2/demo/scripts/date.js
Drupal -> Administer -> Modules -> Event -> select Date Picker module functions to
enable
Install the Signup (http://drupal.org/project/signup) and Calendar (http://drupal.org
/project/calendar) modules:
sudo wget http://ftp.drupal.org/files/projects/signup-6.x-1.0-rc6.tar.gz
sudo tar zxvf signup-6.x-1.0-rc6.tar.gz
189 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo rm signup-6.x-1.0-rc6.tar.gz
sudo wget http://ftp.drupal.org/files/projects/calendar-6.x-2.2.tar.gz
sudo tar zxvf calendar-6.x-2.2.tar.gz
sudo rm calendar-6.x-2.2.tar.gz
Drupal -> Administer -> Modules -> Date/Time -> select Calendar module functions
to enable
Install the Advanced Help (http://drupal.org/project/advanced_help) module:
sudo wget http://ftp.drupal.org/files/projects/advanced_help-6.x-1.2.tar.gz
sudo tar zxvf advanced_help-6.x-1.2.tar.gz
sudo rm advanced_help-6.x-1.2.tar.gz
Drupal -> Administer -> Modules -> Other -> select Advanced Help module
functions to enable
Install the FeedAPI (http://drupal.org/project/feedapi) module (allows iCal feeds into
Drupal):
sudo wget http://ftp.drupal.org/files/projects/feedapi-6.x-1.8.tar.gz
sudo tar zxvf feedapi-6.x-1.8.tar.gz
sudo rm feedapi-6.x-1.8.tar.gz
Drupal -> Administer -> Modules -> Feed API Add-on -> select iCal parser module to
enable
Install the iCal parser (http://drupal.org/project/parser_ical) module (parses iCal
feeds into Drupal):
sudo wget http://ftp.drupal.org/files/projects/parser_ical-6.x-1.1.tar.gz
sudo tar zxvf parser_ical-6.x-1.1.tar.gz
sudo rm parser_ical-6.x-1.1.tar.gz
190 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Drupal -> Administer -> Modules -> Feed API Default -> select Feed API module
functions to enable
Install SimplePie (http://drupal.org/project/simplepie) , a module that facilitates RSS
feeds through the FeedAPI module:
sudo wget http://ftp.drupal.org/files/projects/simplepie-6.x-1.0-beta1.tar.gz
sudo tar zxvf simplepie-6.x-1.0-beta1.tar.gz
sudo rm simplepie-6.x-1.0-beta1.tar.gz
cd /etc/drupal/6/sites/all/modules/simplepie/lib
sudo wget http://simplepie.org/downloads/simplepie_1.2.zip
sudo unzip simplepie_1.2.zip
sudo rm simplepie_1.2.zip
sudo cp simplepie_1.2/simplepie.inc .
sudo cp simplepie_1.2/simplepie.inc /etc/drupal/6/sites/all/modules/feedapi/parser_simplepie
Drupal -> Administer -> Modules -> Other (and FeedAPI Default) -> SimplePie
module functions to enable
(Optional:) Install the dCaldav (http://www.dcaldav.com/) module (for importing
CALDAV server info into Drupal):
sudo wget http://www.dcaldav.com/system/files/dcaldav-0.2.1.tar.gz
sudo tar zxvf dcaldav-0.2.1.tar.gz
sudo rm dcaldav-0.2.1.tar.gz
Drupal -> Administer -> Modules -> Other -> select dCaldav module functions to
enable
Install Access Control modules
Install the ACL (http://drupal.org/project/acl) module (an API that allows per-user
access controls in Drupal):
191 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo wget http://ftp.drupal.org/files/projects/acl-6.x-1.0.tar.gz
sudo tar zxvf acl-6.x-1.0.tar.gz
sudo rm acl-6.x-1.0.tar.gz
Install the Content Access (http://drupal.org/project/content_access) module (gives
fine-grained access control over individual content pages):
sudo wget http://ftp.drupal.org/files/projects/content_access-6.x-1.2.tar.gz
sudo tar zxvf content_access-6.x-1.2.tar.gz
sudo rm content_access-6.x-1.2.tar.gz
Install the Forum Access (http://drupal.org/project/forum_access) module (gives
fine-grained access control over individual forum pages):
sudo wget http://ftp.drupal.org/files/projects/forum_access-6.x-1.0.tar.gz
sudo tar zxvf forum_access-6.x-1.0.tar.gz
sudo rm forum_access-6.x-1.0.tar.gz
Note: If you wish these modules to be available to only one subsite, then install
them instead into the /etc/drupal/6/sites/mysite_x/modules folder.
Drupal -> Administer -> Modules -> Forum Access -> select ACL, Content
Access, and Forum Access module functions to enable -> Rebuild Permissions
(follow the prompts)
You must enable Access Control for each Content Type:
Drupal -> Administer -> Content Management -> Content types -> Page -> Edit ->
Access Control -> Enable per content node access control settings: ticked
Enable permissions for added modules
Any time a new module is installed or the configuration of the module is changed,
the database must be updated. This is especially important if you are running
multiple sites, since configuration files must be created for each subsite. Updates
can only be done by an administrator with suitable privileges for that site (usually
the original user for the site or subsite):
http://mysite_x.mydomain.org/update.php
192 of 265
By default, permissions are turned off for any new modules that you have installed.
After installing a new module, go to the permissions page and select permissions for
each user role that will be able to access the functions of the new module(s):
Drupal -> Administer -> User management -> Permissions
05/24/2012 08:14 AM
UbuntuGuide Part2 -
and tick or un-tick the features that should be available to each class of user.
Create a Calendar content page
Using Date Tools to Create a Calendar
Create a custom Date and Time format which will display only the time (to be used
later for the display fields):
Drupal -> Administer -> Site configuration -> Date and Time -> Locale:Default Time
Zone:Choose your timezone -> Save configuration
Drupal -> Administer -> Site Configuration -> Date and Time -> Formats -> Add
Format ->
->Format string: H:i
(This adds a format type to the drop-down selection which only displays
hours and minutes.)
Drupal -> Administer -> Site Configuration -> Date and Time -> Formats -> Add
format type ->
->Name: Time only -> Type: timeonly -> Save configuration
Drupal -> Administer -> Site Configuration -> Date and Time -> Formats ->
Configure ->
->Time only Date format: (the dropdown box should now show your recently
created time format, so select it) -> Save configuration
Note: You must update after creating this content type.
193 of 265
The Date Tools Wizard simplifies setting up a Date content type to be used with a
Calendar display.
Drupal -> Administer -> Content Management -> Date Tools -> Date Wizard ->
Save
Drupal -> Administer -> Site Building -> Views -> calendar_date -> Fields: Content:
Date - From date -> Edit -> Format: Time only -> Update
Drupal -> Administer -> Content Management -> Content Type -> Date -> Manage
Fields -> Label:Date: Configure -> Default value for To date: Same as From date ->
Input format: Your preference -> Global Settings: Required (ticked) -> To Date:
Optional -> Default Display: Long -> Save
Drupal -> Administer -> Site Building -> Views -> calendar -> Enable
Create some (event) content:
Drupal -> Create content -> Date -> create an event
View your calendar to see if it came out correctly:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Drupal -> Administer -> Site building -> Views -> calendar_date -> Edit -> View
"Calendar page"
Add the calendar to the menu:
Drupal -> Administer -> Site building -> Menus -> Primary Links -> Add item ->
Path: calendar-date -> Menu link title: Calendar -> Save
The permissions must be set to see the content. For each user role you wish to
access the calendar, you must enable the "access all views" permission:
Drupal -> Administer -> User management -> Permissions -> views module ->
access all views
Also, the times will only show up if you specifically enable the field_date views
permission:
Drupal -> Administer -> User management -> Permissions -> content_permissions
module -> view field_date
Add Forums
Enable forums:
Drupal -> Administer -> Modules -> Core -> select Forum module functions to
enable
Enable first forum "container", which will contain several related forums:
Drupal -> Administer -> Content Management -> Forum -> Add container ->
General Forums
-> Add forum -> Forum Name:Forum_1 -> Parent:General Forums -> Weight:1
Enable Forums on the Navigation menu:
Drupal -> Administer -> Site Building -> Menus -> Navigation -> Forum: tick box ->
Weight:1
If you wish users to be able to reply to forum posts, permissions for comments must
be enabled.
Add Images
Increase PHP memory (or you will get a "memory exhausted" error).
Install required modules
194 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Make sure "Clean URL's" are enabled:
Drupal -> Site configuration -> Clean URLs -> Run the clean url test -> Clean URLs:
Enabled
The primary module for images is ImageField, which replaces the older module
Image. ImageField works with CCK.
Install the ImageField (http://drupal.org/project/imagefield) module, the FileField
(http://drupal.org/project/filefield) module, the ImageAPI (http://drupal.org/project
/imageapi) module, and the ImageCache (http://drupal.org/project/imagecache)
module:
sudo wget http://ftp.drupal.org/files/projects/imagefield-6.x-3.3.tar.gz
sudo tar zxvf imagefield-6.x-3.3.tar.gz
sudo rm imagefield-6.x-3.3.tar.gz
sudo wget http://ftp.drupal.org/files/projects/filefield-6.x-3.3.tar.gz
sudo tar zxvf filefield-6.x-3.3.tar.gz
sudo rm filefield-6.x-3.3.tar.gz
sudo wget http://ftp.drupal.org/files/projects/imageapi-6.x-1.8.tar.gz
sudo tar zxvf imageapi-6.x-1.8.tar.gz
sudo rm imageapi-6.x-1.8.tar.gz
sudo wget http://ftp.drupal.org/files/projects/imagecache-6.x-2.0-beta10.tar.gz
sudo tar zxvf imagecache-6.x-2.0-beta10.tar.gz
sudo rm imagecache-6.x-2.0-beta10.tar.gz
Drupal -> Administer -> Modules -> CCK -> select FileField and ImageField module
functions to enable
Drupal -> Administer -> Modules -> ImageCache -> select ImageCache and
ImageAPI module functions to enable
Install the GetID3 (http://drupal.org/project/getid3) module (required by FileField)
and its updated library. Then remove the security-risk demos folder:
sudo wget http://ftp.drupal.org/files/projects/getid3-6.x-1.3.tar.gz
sudo tar zxvf getid3-6.x-1.3.tar.gz
sudo rm getid3-6.x-1.3.tar.gz
cd getid3
sudo wget -O getid3-6.x-1.7.9.zip http://sourceforge.net/projects/getid3/files/getID3%28%29%201.x/1.7.9/getid3-1.7.9.zip
sudo unzip getid3-6.x-1.7.9.zip
sudo rm getid3-6.x-1.7.9.zip
cd demos
sudo rm *
cd ..
sudo rmdir demos
195 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Drupal -> Administer -> Site Configuration -> GetID3 -> Path: sites/all/modules
/getid3/getid3-1.7.9/getid3 -> Save configuration
Drupal -> Administer -> Modules -> Other -> select GetID3 module function to
enable
Install the Token (http://drupal.org/project/token) module, the Views Gallery
(http://drupal.org/project/views_gallery) module, Node Reference URL
(http://drupal.org/project/nodereference_url) module, and the Views Attach
(http://drupal.org/project/views_attach) module:
sudo wget http://ftp.drupal.org/files/projects/token-6.x-1.12.tar.gz
sudo tar zxvf token-6.x-1.12.tar.gz
sudo rm token-6.x-1.12.tar.gz
sudo wget http://ftp.drupal.org/files/projects/views_gallery-6.x-1.2.tar.gz
sudo tar zxvf views_gallery-6.x-1.2.tar.gz
sudo rm views_gallery-6.x-1.2.tar.gz
sudo wget http://ftp.drupal.org/files/projects/nodereference_url-6.x-1.6.tar.gz
sudo tar zxvf nodereference_url-6.x-1.6.tar.gz
sudo rm nodereference_url-6.x-1.6.tar.gz
sudo wget http://ftp.drupal.org/files/projects/views_attach-6.x-2.2.tar.gz
sudo tar zxvf views_attach-6.x-2.2.tar.gz
sudo rm views_attach-6.x-2.2.tar.gz
Drupal -> Administer -> Site Configuration -> GetID3 -> Path: sites/all/modules
/getid3/getid3-1.7.9/getid3 -> Save configuration
Install the Thickbox (http://drupal.org/project/thickbox) module (used to overlay
images on web pages (http://drupal.org/node/266126) ):
sudo wget http://ftp.drupal.org/files/projects/thickbox-6.x-1.6.tar.gz
sudo tar zxvf thickbox-6.x-1.6.tar.gz
sudo rm thickbox-6.x-1.6.tar.gz
Drupal -> Administer -> Modules -> Other -> select Thickbox module functions to
enable
Configure settings
196 of 265
Configure ImageCache:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Drupal -> Administer -> Site building -> ImageCache -> Add new Preset ->
-> thumbnail -> Save preset -> Actions -> Add scale and crop -> Width: 150 Height:
150 -> Create Action
Drupal -> Administer -> Site building -> ImageCache -> Add new Preset ->
-> fullsize -> Save preset -> Actions -> Add scale -> Width: 500 Height: (blank) ->
Allow upscaling: ticked -> Create Action
Create a Photo content type:
Drupal -> Administer -> Content management -> Content type -> Add content type
-> Name : Photo -> Type: photo -> Description: A post that includes a nicely
formatted image -> Save content type -> Photo -> Manage fields -> Add field ->
Name: photofield -> field_photofield -> Select a field type: File -> Select a widget:
Image -> Save -> photofield customization fields: (fill in desired settings) -> Save
field settings -> Save
-> Display fields -> Label: (hidden) -> Teaser: thumbnail image linked to node ->
Fullnode: fullsize image -> Save
Create an image (Photo content):
Drupal -> Create content -> Photo -> Name: Photoexample_1 -> photofield:
photo_filename_1.png -> Upload -> Save
Embed a video
You can easily embed a flash video from YouTube on any page. When creating a web
page, make sure "Full HTML" is enabled as an input format:
Drupal -> Create content -> Page (or any content type) -> Input format -> Full
HTML
For any YouTube video, the code which allows a video to be embedded on your website is
found on the YouTube page in the upper right corner in the "Embed" box. Copy this code
snippet.
In the "Body:" section of your Drupal Page (or other content), paste the code snippet and
save. The video is now embedded on that page.
Add WYSIWYG editor
Apparently the choices here are FCKEditor, BUEditor, and TinyMCE editor. All require
IMCE for image handling.
197 of 265
Install IMCE (http://drupal.org/project/imce) .
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo wget http://ftp.drupal.org/files/projects/imce-6.x-1.3.tar.gz
sudo tar zxvf imce-6.x-1.3.tar.gz
sudo rm imce-6.x-1.3.tar.gz
Install one of the editors, such as BUEditor (http://drupal.org/project/bueditor) :
sudo wget http://ftp.drupal.org/files/projects/bueditor-6.x-2.1.tar.gz
sudo tar zxvf bueditor-6.x-2.1.tar.gz
sudo rm bueditor-6.x-2.1.tar.gz
Drupal -> Administer -> Modules -> Other -> select IMCE and BUEditor module
functions to enable
Update modules
Periodically, added modules are updated for security and functionality reasons. As
always, backups are routinely advised before updating. In Drupal, most module updates
are accomplished by overwriting old code with new code, not by patches. Therefore, if
you have a highly customised installation, perform updates with care.
In this example, I will update Ubercart. Updating a module is essentially the
re-installation of the new update, overwriting the old update.
Install the new update for Ubercart (http://drupal.org/project/ubercart) :
sudo wget http://ftp.drupal.org/files/projects/ubercart-6.x-2.2.tar.gz
sudo tar zxvf ubercart-6.x-2.2.tar.gz
sudo rm ubercart-6.x-2.2.tar.gz
Note: If a module is available to only one subsite, install the update instead into the
/etc/drupal/6/sites/mysite_x/modules folder.
Note: You must update after module re-installation.
Perform backups
Yeah, you need to do it. See the Drupal 6 backup instructions (http://drupal.org/upgrade
/backing-up-the-db) . Also see this module for customised backups (http://drupal.org
/project/backup_migrate) .
Backup and migrate module
198 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Install the Backup and migrate module (http://drupal.org/project/backup_migrate) .
This module only supports MySQL, so if you are using postgreSQL, do not use it.
Also, this module does not work if you intend to perform an upgrade. Do not use it
for backup and restore during an upgrade (it can only be used to backup and restore
to exactly the same version of Drupal6).
sudo wget http://ftp.drupal.org/files/projects/backup_migrate-6.x-2.2.tar.gz
sudo tar zxvf backup_migrate-6.x-2.2.tar.gz
sudo rm backup_migrate-6.x-2.2.tar.gz
Drupal -> Administer -> Site building -> Modules -> Other -> select Backup and
migrate module functions to enable
The module saves manual backups by default to /etc/drupal/6/sites/mysite_x/files
/backup_migrate/manual and cron-scheduled backups to /etc/drupal/6/sites/mysite_x/files
/backup_migrate/scheduled, but you can (and should) change this:
Drupal -> Administer -> Backup and migrate -> Destinations
Perform a Quick backup into the "manual" backup directory:
Drupal -> Administer -> Backup and migrate -> Backup -> Quick Backup -> Backup
from Default Database to Manual Backups Directory using Default Settings ->
Backup Now
Backup and restore the MySQL database
This is an alternative to the Backup and migrate module that is necessary if you
wish to backup during a migration of your website. The best way is to backup the
original database with a MySQL dump:
mysqldump -u user -p databasename > drupaldatabasebackupfile.sql
or, if on a remote host:
mysqldump -h hostname -u username -p databasename > drupaldatabasebackupfile.sql
199 of 265
Note that the username and password should be the username and password that
were used to create the specific database (not the MySQL root username/password).
The database should be restored to an empty database in the new site, because if
you re-install a new database in the new site and then attempt to restore your old
backed-up database on top of it, there is likely to be incompatibilities between the
05/24/2012 08:14 AM
UbuntuGuide Part2 -
two. Here the username and password are those for the new empty database just
created. (It probably is best to make them the same as those of the imported
database.)
mysql -u username -p databasename < drupaldatabasebackupfile.sql
Notes: This was successful for me only if backing up and restoring to exactly the
same version of Drupal6. I could not back up the database from one version of
Drupal6 then restore to an upgraded version of Drupal6, because the scripts of the
upgraded version of Drupal6 did not access the database in the same manner. I
therefore performed upgrades only after moving the database.
Empty a database
I hesitate to put these instructions here. Be careful. This erases your database. Use it
only if you are confident that you have made good backups. I use this only if I have
created a database by accident (during the Drupal6 installation process) and wish to
erase/empty it.
mysql -u root -p
mysql> DROP DATABASE mysqlexampledatabase;
mysql> quit
If your MySQL superuser name is something other than root, then use that, of course.
Don't forget the semicolon ( ; ) at the end of each MySQL command.
Of course, once you erase the database, you must re-create a blank one for use with
Drupal6.
Then you can restore the backup (as created above with mysqldump) into the newly
recreated (but still empty) database.
mysql -u username -p databasename < drupaldatabasebackupfile.sql
Moving a Drupal6 installation to a new site
200 of 265
Backup up the database from the old site as detailed above.
Install drupal6 on the new site (sudo apt-get install drupal6). When creating the
database, use the same values as used on the old site. If you can't remember what
they were, look at the /etc/drupal/6/sites/default/dbconfig.php (or similar) file for the
old site (which contains the values for the old site).
On the new site, rename the newly created folders
05/24/2012 08:14 AM
UbuntuGuide Part2 -
/etc/drupal/6
/usr/share/drupal6
/var/lib/drupal6
to
/etc/drupal/6.bak
/usr/share/drupal6.bak
/var/lib/drupal6.bak
Copy the /etc/drupal/6, /usr/share/drupal6, and /var/lib/drupal6 folders from the old
site to the new site. (This needs to be done as the root user, which can be done with
sudo dolphin).
Copy the database dumpfile from the old site to the new site.
Restore the database dumpfile on the new site.
Check the settings.php, dbconfig.php, files and other folder permissions to make
sure they match the permissions of the original system. (Sometimes during the
copy process the ownership of all files and folders will be set to root.) In particular,
make sure that dbconfig.php belongs to the www-data group.
Notes: I have never been successful in performing an upgrade in the middle of this
process. I recommend moving the site exactly, and then performing any upgrades after it
is moved.
Use an SMTP server for email functions
I don't have a mail server on my system. Instead, I use an offsite mail handler that
accepts the SMTP/POP3 protocols. Drupal can be configured to route its mail through
SMTP/POP3 as well. If you are using SMTP, make sure outbound port 25 is open. If using
secure SMTP (i.e. through SSL), then make sure outbound port 465 is open.
Install PHPMailer
Install the PHPMailer libraries on Ubuntu:
sudo apt-get install libphp-phpmailer
Install PHPMailer (http://drupal.org/project/phpmailer) into Drupal:
sudo wget http://ftp.drupal.org/files/projects/phpmailer-6.x-2.1.tar.gz
sudo tar zxvf phpmailer-6.x-2.1.tar.gz
sudo rm phpmailer-6.x-2.1.tar.gz
201 of 265
Copy the necessary files from the libphp-phpmailer Ubuntu package into the module
directory:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo mkdir /etc/drupal/6/sites/all/modules/phpmailer/libraries
sudo cp /usr/share/php/libphp-phpmailer/class* /etc/drupal/6/sites/all/libraries/phpmailer
Note: You must update after module installation.
Drupal -> Administer -> Modules -> Mail -> select PHPMailer module functions to
enable
Enter your SMTP settings:
Drupal -> Administer -> Site configuration -> PHPMailer
Add an online store to your website
Drupal has a completely free and powerful online store called Ubercart
(http://www.ubercart.org/) . Other solutions include Zen Cart (http://www.zen-cart.com/)
and osCommerce (http://www.oscommerce.com/) .
Set up PayPal Website Payments Standard
202 of 265
Establish a bank account at your financial institution to be used exclusively with
PayPal. Do not use your regular bank accounts, as PayPal will have access to both
deposits and withdrawals from this account. (You can use a savings account, as all
transactions between PayPal and the account will be electronic.)
There are basically two types of payment schemes for PayPal:
Website Payments Standard (https://www.paypal.com/us/cgibin/webscr?cmd=_wp-standard-overview-outside&nav=2.0.0) -- no monthly
fee. 2.9% + $0.30 per (attempted) transaction. The customer goes to the
PayPal site for payment then returns to the website.
Website Payments Pro (http://www.ubercart.org/paypal) -- $30 monthly fee.
2.9% + $0.30 per (attempted) transaction (less if significant volume). All
transactions are performed through a gateway, without leaving the website.
In addition, there is Express Checkout (https://www.paypal.com/us/cgibin/webscr?cmd=xpt/Merchant/merchant/ExpressCheckoutIntro-outside) for
PayPal registered customers. The customer goes to the PayPal site then
returns.
Until your needs are greater, Website Payments Standard is the least expensive
solution to use. Create a PayPal (http://www.paypal.com) Premier account. (The
Premier account allows you to both buy and sell items.) Verify your email address
and bank account. To verify your bank account, use the "Confirm deposits" method.
(The instant verification method involves giving your secure online banking
information (regarding your bank account) to PayPal, which is strongly advised
against.) Verification of your bank account is a 4 day process, in general.
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Create a PayPal Donate button
While logged in to the PayPal site, create your button(s) for donations (or payment
or checkout) through the PayPal website.
PayPal -> Merchant Services -> Create Buttons -> Donate
Customise your button(s) as desired. When you "Create button" or "Save changes,"
the code for the button will be displayed. Copy the PayPal button code.
On your Drupal website, create a new block in which to display the newly created
button. In this example I will place this new block in the right sidebar.
Drupal -> Administer -> Site building -> Blocks -> Add block ->
Block description: PayPal block
Block title: Donations
Block body: Paste the code from your PayPal button here
Input format: Full HTML
Customize other settings as desired -> Save block
Place the newly created block into the right sidebar:
Drupal -> Administer -> Site building -> Blocks -> PayPal block -> Disabled ->
Dropdown: Right sidebar -> Save blocks
Install Ubercart on Drupal
Ubercart (http://www.ubercart.org/) is the premier online store for use with Drupal.
Install Token (http://drupal.org/project/token) and Ubercart (http://drupal.org/project
/ubercart) :
203 of 265
Drupal -> Administer -> Modules -> Ubercart -> select the Ubercart module
functions you intend to use
PayPal requires cURL. Install the curl-php library in Ubuntu/Kubuntu (see this link
(http://drupal.org/node/511064) for more info):
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Read the Ubercart documentation (http://www.ubercart.org/docs/user
/8386/configuring_your_store) to set up your online store/services. Run:
Drupal -> Administer -> Store administration
Setup PayPal with Ubercart
Undergoing revisions.
Check that a payment has been processed:
Drupal -> Administer -> Store Administration -> Orders -> View by status: Payment
received
Trigger functions based on payment
The benefit of using Ubercart in Drupal is that access to website functions can be
triggered based on a payment regimen. For example, access to webcam modules (such
as videochat or webcams) can be enabled (using the ContentAccess (http://drupal.org
/project/content_access) module) after payment is processed by Ubercart through
Paypal. This allows consumer-based telemedicine, a very desirable service for physicians.
Ubercart allows actions to be triggered (http://www.ubercart.org/docs/user
/7657/configuring_conditional_actions) , predicated on conditions being met (such as a
PayPal payment notification being received). This can include the startup of other
modules.
Drupal -> Administer -> Store administration -> Conditional actions
Add realtime videochat to your website
(This section under construction).
The following modules add videochat to Drupal:
SkypeSupport (http://drupal.org/project/skypesupport) (also see Skype Status
(http://drupal.org/project/skype_status) )
DimDim videoconferencing support (http://drupal.org/project/dimdim)
Red5 Flash Server (http://drupal.org/project/red5flashserver)
Webcams (http://drupal.org/project/webcams)
Add BigBlueButton API
204 of 265
BigBlueButton is a standalone videoconferencing server. Install the BigBlueButton
API (http://drupal.org/project/bbb) that is able to call the BBB server from within
Drupal:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo wget http://ftp.drupal.org/files/projects/bbb-6.x-1.x-dev.tar.gz
sudo tar zxvf bbb-6.x-1.x-dev.tar.gz
sudo rm bbb-6.x-1.x-dev.tar.gz
Drupal -> Administer -> Modules -> Big Blue Button -> select the Big Blue Button
module functions you intend to use
Test the BigBlueButton settings:
Drupal -> Site administration -> BigBlueButton Conferencing -> Test connection.
Change the URL to the address of your BBB server (e.g.
http://mybbbsite.dyndns.org:81/bigbluebutton/) and the Security Salt (found in
bigbluebutton.properties on the BBB server in the
/var/lib/tomcat6/webapps/bigbluebutton/WEB-INF/classes/bigbluebutton.properties
configuration file, in the setting:
beans.dynamicConferenceService.securitySalt=your_security_salt_number_here
Create a new content type named Teleconference:
Drupal -> Administer -> Content management -> Content types -> Add content
type
-> Name: Teleconference -> Type: teleconference -> Big Blue Button settings -> Treat
this node type as conference: (ticked) -> Show links to join / start a meeting beneath the
node: (ticked) -> Display meeting status on node: (ticked) -> Save content type
Create a new node of content type Teleconference:
Drupal -> Create content -> Teleconference -> Conference settings -> ...
Add Kaltura video services
See these instructions (http://www.kaltura.org/drupal-kaltura-module-all-one-videomodule) for adding the API for the community edition of Kaltura
(http://www.kaltura.org/) , a video editor and manager for your website.
Upload and download files
Whether a file is available for private or public download depends, of course, whether the
205 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
page to which it is attached is available privately or publicly. In addition, there are
methods for maintaining private download folders (for FTP or other access).
Public files / attachments
In general, files are "attached" to a page. See Uploading files with Drupal
(http://drupal.org/handbook/modules/upload) for information about changing
permissions.
Attach a file to an existing page (examplepage):
Drupal -> Administer -> Content Management -> Content -> examplepage -> edit
-> File attachments -> Attach new file: your file to upload -> Attach -> Save
Increase uploaded file size limits
Increase the uploaded file size limit for PHP.
Add a quotation module
Add the Fortune module to Drupal
Fortune is a *nix utility to display quotations from preselected files. Drupal has a plugin
(http://drupal.org/project/fortune) to display these quotations from within a webpage.
Although a nice module, a disadvantage is that it uses monospace font and currently
does not have options to adjust the font type and size. See here for installation details.
Add the Quotes modules to Drupal
Download the Quotes (http://drupal.org/project/quotes) module:
cd /etc/drupal/6/all/sites/modules
sudo wget http://ftp.drupal.org/files/projects/quotes-6.x-1.40.tar.gz
sudo tar zxvf quotes-6.x-1.40.tar.gz
sudo rm quotes-6.x-1.40.tar.gz
206 of 265
Drupal -> Administer -> Site building -> Modules -> Other -> Quotes (ticked) ->
Save configuration
Create a Quotes content and import your quotations. You can create a quotation one
by one, or a large number of Quotations all at once (from a file, for example). Each
quotation is created as an individual content item. The "display in Quote blocks"
option determines whether a Quotes block (created in the next step to display a
rotation of the quotations) will include the particular quotation(s) created in this
05/24/2012 08:14 AM
UbuntuGuide Part2 -
step.
Drupal -> Create content -> Quotes
->Name: Quote%id -> Display in quote blocks: (ticked)
I use quotations from the Fortune (http://en.wikipedia.org/wiki/Fortune_%28Unix%29)
program, which are in a particular text file format that looks like:
%
%
I copy the contents of the text file into the input box.
-> Format: Import Fortune file -> Comment settings: Disabled -> Save
This will create as many content items as are in the Fortune file. If there are hundreds of
quotes, you will have hundreds of Quote content items.
Configure the Quotes settings so that Quotes can appear as a block:
Drupal -> Administer -> Site configuration -> Quotes
-> Configure blocks -> Name: Quotes -> Add block -> Configure block
-> Update options -> Update every 6 seconds
-> Show block on specific pages -> Show on only the listed pages: choose
the pages to display on
-> Save block
Add the Quotes Block on your site:
Drupal -> Administer -> Site building -> Blocks -> Quotes:Quotes -> Location
Moodle tips
Prepare your server
Moodle is meant to be run on a server. It requires Apache2, the PHP scripting
language, and a database (either MySQL or postgreSQL). While many users feel
postgreSQL is a better database, MySQL is more widely used and is easier for first
time users (since there are many integrated packages that use it). A LAMP server
(Linux, Apache2, MySQL, PHP) can easily be installed:
207 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
When installing the LAMP server, note the MySQL root password carefully. This will be
required during Moodle installation.
Moodle must know where the server is located. (You must also have a way for other
users to reach it.) The FQDN (Fully Qualified Domain Name) refers to the location of
the server on which the Moodle database is located. In general, there are two
options: localhost (meaning the database will be located on the same computer on
which Moodle will be installed) or a URL. (Of course, the URL could still refer to the
same computer).
Don't worry, whichever option you choose can be changed later. For initial installation, it
is easiest to use localhost as the FQDN (and also wherever it is available as an
installation option).
Installation
Moodle (http://moodle.org/) is a free open source platform for hosting online learning
courses. It can be integrated with webinar software. A LAMP server installation is
required (sudo tasksel install lamp-server). Also find free Moodle themes here
(http://moodle.org/mod/data/view.php?id=6552) . Install:
Database server software for Moodle: mysql-server -> follow remainder of
instructions. Assuming the database is hosted on the same computer as the one
Moodle is being installed upon, accept localhost for the options when prompted.
Edit Moodle configuration options (if needed). (Use the gedit text editor instead of
kate if using Ubuntu instead of Kubuntu.):
Edit Moodle apache2 configuration file (if needed). (Use the gedit text editor instead
of kate if using Ubuntu instead of Kubuntu.):
sudo kate /etc/moodle/apache.conf
Finish installation through the browser. (I recommend the "unattended" installation.)
http://localhost/moodle/admin
Set up a virtual server
The whole point of Moodle is that users can access it over a network. The easiest way is
to set up a URL for your server so that users can reach Moodle using the URL. Several
steps are necessary.
208 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Make sure the server on which Moodle is running has a static IP address on the LAN.
If you have a router on your network, forward incoming traffic on ports 80 and 443
(http and https) from the router to the (static) LAN IP address of the server hosting
Moodle.
The firewall on the Moodle server should allow all incoming traffic on ports 80 and
443.
A URL for your Moodle site should have been established with a DNS name server
on the Internet. It is possible to use a Dynamic DNS server, as well. An example URL
is mymoodleserver.dyndns.org.
A virtual host file in /etc/apache2/sites-available must be created for Moodle.
cd /etc/apache2/sites-available
sudo cp default moodlevirtualhost
It should be edited (sudo gedit /etc/apache2/sites-available/moodlevirtualhost)
to look like
<VirtualHost *:80>
ServerAdmin [email protected]
#
DocumentRoot /usr/share/moodle/
ServerName mymoodleserver.dyndns.org
ServerAlias www.mymoodleserver.dyndns.org mymoodleserver.dyndns.org
#RewriteEngine On
#RewriteOptions inherit
</VirtualHost>
Notes: The Rewrite options are listed here only for forward compatibility with Apache
rewrite rules. They are only used for multi-site installations and can, in general, remain
commented out (with the #).
The virtual host file should be linked to /etc/apache2/sites-enabled and apache2
restarted (sudo etc/init.d/apache2 restart).
sudo ln -s /etc/apache2/sites-available/moodlevirtualhost /etc/apache2/sites-enabled
Edit the /etc/moodle/config.php file (sudo gedit /etc/moodle/config.php) so that the
FQDN (in this case the URL) is correctly noted.
$CFG->wwwroot = 'http://mymoodleserver.dyndns.org/moodle';
Login to the Moodle server:
http://mymoodleserver.dyndns.org
Using Moodle with an existing URL
209 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
It is possible to use Moodle with an existing URL. If, for example, you already have a
server at myserver.dyndns.org, it is possible to use Moodle at the URL
myserver.dyndns.org/moodle.
In such a situation, no additional virtual host file needs to be created for Moodle; the
virtual host file for the existing myserver.dyndns.org server is sufficient.
This is possible because the /etc/moodle/apache.conf file contains the line
Alias /moodle /usr/share/moodle/
and traffic to the host server will therefore be forwarded accordingly.
Edit the /etc/moodle/config.php file (sudo kate /etc/moodle/config.php) so that the
FQDN (in this case the URL) is correctly noted.
$CFG->wwwroot = 'http://myserver.dyndns.org/moodle';
Login to the Moodle server:
http://myserver.dyndns.org/moodle
Add a custom theme to Moodle
Find free Moodle themes here (http://moodle.org/mod/data/view.php?id=6552) .
Also check out this theme tip (http://moodle.org/mod/data/view.php?d=26&
rid=1567) .
Download one. Extract the zip file (by clicking on the filename in Nautilus, for
example).
Copy the extracted folder to /usr/share/moodle/theme
From Moodle, install the new theme:
Moodle -> Appearance -> Themes -> Theme Selector
Copy a custom footer logo (ideal size 55px x 55px) to /etc/moodle and name it
moodlelogo55.png. Link this file to the Moodle pix folder:
sudo ln -s /etc/moodle/moodlelogo55.png /usr/share/moodle/pix
The front page footer logo can then be changed by editing:
sudo nano /usr/share/moodle/lib/weblib.php
and editing the $homelink values from
210 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
$homelink
= '<div class="sitelink">'.
'<a title="Moodle '. $CFG->release .'" href="http://moodle.org/">'.
'<img style="width:100px;height:30px" src="pix/moodlelogo.gif" alt="moodlelogo" /></a></div>';
to
$homelink
= '<div class="sitelink">'.
'<a title="My Home Page" href="http://myhomepage.org/">'.
'<img style="width:55px;height:55px" src="pix/moodlelogo55.png" alt="mylogoname" /></a></div>';
where My Home Page, http://myhomepage.org, moodlelogo55.png, and mylogoname are
examples, of course.
Upgrading Moodle
See this Moodle Upgrade instruction page (http://docs.moodle.org/en/Upgrading) for
introductory details.
Copy the Moodle software directory as a backup:
sudo cp -r /usr/share/moodle /usr/share/moodle_bak
Copy the Moodle data directory as a backup:
sudo cp -r /var/lib/moodle /var/lib/moodle_bak
Copy the local Moodle configuration directory as a backup:
sudo cp -r /etc/moodle /etc/moodle_bak
Dump your MySQL database content:
mysqldump -u username -p -C -Q -e --create-options moodle > moodle-backup-2010-04-01.sql
where username is the database MySQL user account name used to create the Moodle
database during Moodle installation. The corresponding Moodle database password will
be requested. (If you have forgotten these, they are recorded in the /etc/moodle
/config.php file as $CFG->$dbuser and $CFG->$dbpass).
Download and unzip the current Moodle package:
sudo wget http://download.moodle.org/download.php/direct/stable19/moodle-weekly-19.zip
sudo unzip moodle-weekly-19.zip
sudo rm moodle-weekly-19.zip
211 of 265
Copy the new, extracted /moodle folder contents into the original /usr/share/moodle
05/24/2012 08:14 AM
UbuntuGuide Part2 -
folder, overwriting the files there.
yes | sudo cp -r moodle/* /usr/share/moodle
Note: This method ensures that any files you have previously added, but for which no
updates are available, remain in the /usr/share/moodle folder.
Make sure there is a symbolic link from your original config.php file in /etc/moodle to
/usr/share/moodle. If not, create one:
sudo ln -s /etc/moodle/config.php /usr/share/moodle
There is a minor error in the version.php module numbering scheme from one
version to the next. Edit the version.php file:
sudo nano /etc/moodle/version.php
Change the line
$version = 2007101571.04;
to
$version = 2007101597.04;
Note: The new version number specified in $version must at least be greater than the
$version number found in the version.php file located in the backup folder for the
previous moodle installation (now presumably at /user/share/moodle_bak/version.php).
Login to your Moodle site (as an administrator) and load the new system:
Moodle -> Site Administration -> Notifications (Make sure to click on Notifications)
Moodle Site Building
Using BigBlueButton with Moodle
See this section.
Using Skype with Moodle
Add Skype Block
212 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Adding quotations to a block
Add a Quotation of the Day block
See this Moodle forum thread (http://moodle.org/mod/forum/discuss.php?d=41547)
.
Fortune
Fortunoid
Fortunoid is a Plasma Widget that serves as a frontend GUI for the fortune
(http://linux.die.net/man/6/fortune) package.
Installing the Fortunoid widget package (in Kubuntu/KDE) by
sudo apt-get install plasma-widget-fortunoid
will also install the fortune package. If only the fortune package is desired (which can be
run in a command-line terminal), it can be installed by itself:
sudo apt-get install fortune
or
sudo apt-get install fortune-mod
The fortune module can be customized.
The quotations themselves are stored in the /usr/share/games/fortunes folders.
There are multiple categories of quotations, and the file for each category can be
edited directly.
When using the command-line, categories of quotations can be selected merely by
specifying them. Example:
fortune zippy science
213 of 265
There are many options for the command-line fortune utility (see here
(http://linux.die.net/man/6/fortune) ). Any or all of these command-line options can
be entered as an argument in the Fortunoid widget.
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Adding categories of fortunes (fortune modules)
See this list (http://fortunes.pbworks.com/) of the original fortune modules
(categories).
Other modules can often be found by a Google search for fortune-mod.
Wikiquotes (http://en.wikiquote.org) is an online repository for quotations. A
webpage can easily be copied to a text file, for conversion into a fortune data file
(see below). An example page is Wikiquotes -- Zen proverbs (http://en.wikiquote.org
/wiki/Zen_proverbs) .
See this brief tutorial (http://www.jason.mock.ws/wordpress/2007/07/10/creatingfortune-files) .
Make sure fortune-mod is installed:
sudo apt-get install fortune-mod
Change to the fortune directory:
cd /usr/share/games/fortunes
Edit a category text file with quotations separated by % symbols:
%
%
Then, for example, save this text file as newcategory1.
It is also possible to include a URL as the text in a quotation. (Most browsers
will then automatically change the text into an actual link.) In this way, a list of
random URL links can be displayed through the Fortune module.
My reality comes from http://ubuntuguide.org
%
When I wonder "What the hell I am doing?" I go to Kubuntuguide at http://ubuntuguide.org/wiki/Kubuntuguide
%
MediaWiki is the premier wiki. Vist their website: http://www.mediawiki.org/wiki/MediaWiki
There is also a UTF-8 file which is merely a symbolic link to the text file:
sudo ln -s newcategory1 newcategory1.u8
Convert the text file into a data file for use by fortune.
sudo strfile newcategory1 newcategory1.dat
214 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Select newcategory1 as a command-line option or as an argument in Fortunoid.
Using Fortune in Drupal
A Drupal plugin for Fortune (http://drupal.org/project/fortune) is available. While this
is a nice module, the disadvantage of it is that it displays the quotations in
Monotext; there is no ability to select font size and type.
On a server with Drupal installed, download the module:
cd /etc/drupal/6/all/sites/modules
sudo wget http://ftp.drupal.org/files/projects/fortune-6.x-1.0.tar.gz
sudo tar zxvf fortune-6.x-1.0.tar.gz
sudo rm fortune-6.x-1.0.tar.gz
Note: The module can also be placed in a particular subsite's module folder (if there are
multiple Drupal subsites on the server), instead of in the sites/all/modules folder.
Enable the module:
Drupal -> Administer -> Site building -> Modules -> Other -> Fortune (ticked) ->
Save configuration
Load the module (update) and set permissions in Drupal as usual.
Configure the Fortune settings:
Drupal -> Administer -> Site configuration -> Fortune
-> Select the categories of quotations desired -> Submit
Add the Fortune Block on your site:
Drupal -> Administer -> Site building -> Blocks -> Fortune -> Configure
-> Show block on only the listed pages (ticked): list of pages you wish Fortune block
shown on -> Save
Using Fortune in MediaWiki
See this section.
215 of 265
Note: The repositories contain DAViCal 0.9.7 and these instructions are for that
version. If you wish instructions for a more recent version, see the DAViCal 0.9.8 tips
page or consult the DAViCal site (http://wiki.davical.org/w/Release_Notes
/0.9.9.2#Debian_.2F_Ubuntu) for instructions on adding the DAViCal repository and
installing the most recent version directly.
05/24/2012 08:14 AM
UbuntuGuide Part2 -
DAViCal (http://wiki.davical.org/w/Main_Page) is a CalDAV (http://en.wikipedia.org
/wiki/CalDAV) , postgreSQL, Apache and php-based shared Calendar server that
works with Mozilla Thunderbird/Lightning/Sunbird, Evolution, and other calendar
clients.
Install:
The following detailed instructions are duplicated and updated on the DAViCal website
(http://wiki.davical.org/w/Ubuntu_Jaunty) .
Introduction
DaviCal (http://wiki.davical.org/w/Release_Notes) has been included in the Ubuntu
repositories as a .deb package.
The instructions below are for a new user with a new Ubuntu Server installation.
(Obviously, if you are already using the Ubuntu Server, you will probably have done
many of the steps already.)
Preliminary Requirements
It is possible to select the PostgreSQL database task and the LAMP (Linux, Apache2,
MySQL, PHP) tasks at the time of the server installation, or at any later time using:
sudo tasksel install postgresql-server
At a minimum, you will need PostgreSQL (https://help.ubuntu.com/10.04/serverguide
/C/postgresql.html) (see below), Apache2 (https://help.ubuntu.com/10.04/serverguide
/C/httpd.html) (see below), and PHP (https://help.ubuntu.com/10.04/serverguide
/C/php5.html) . You can install PHP separately (i.e. not part of the integrated LAMP stack),
if you wish, following these Ubuntu instructions (https://help.ubuntu.com/10.04
/serverguide/C/php5.html) .
Note that in later versions of (K)Ubuntu, PostgreSQL 8.4 will be installed instead of
PostgreSQL 8.3. Installation steps must take this into account.
Set up the PostgreSQL database
See these Ubuntu instructions (https://help.ubuntu.com/community/PostgreSQL) .
Use the Hardy Installation instructions (for PostgreSQL 8.3) as well as the Basic
Server Setup instructions for Gutsy/Hardy. In short, install (if you already haven't):
216 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Basic Server Setup:
sudo -u postgres psql postgres
Set a password for the postgres superuser:
\password postgres
(You may need to quit using \q when you are done).
Create the first database:
sudo -u postgres createdb mydb
Install the DaviCal package from repositories
Set up DaviCal PostgreSQL users
Create the DaviCal users (first becoming the the system root superuser, using sudo
su, then becoming the database superuser, postgres):
sudo su
su postgres -c "createuser davical_app"
exit
You will get asked about superusers, roles and databases, but just say "No" to all
questions. This functional ID needs only minimum rights. Repeat the process to create
one more user, "davical_dba":
sudo su
su postgres -c "createuser davical_dba"
exit
Note: In the (older) main DAViCAL site installation page, the user created at this step is
"general." This account name is for older versions. You do not need to create a user
named "general" any longer.
Edit the configuration file pg_hba.conf:
sudo nano /etc/postgresql/8.3/main/pg_hba.conf
217 of 265
(Use 8.4 instead of 8.3 if Postgresql 8.4 was installed on your system.)
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Add the following 4 lines near (or at) the top;
local all all trust
local davical davical_dba trust
local davical davical_app trust
host davical davical_app 127.0.0.1/32 trust
(The last line is for accessing the database over TCP/IP, assuming the database and the
Apache2 server are on the same computer. See here (http://rscds.sourceforge.net
/installation.php) under "Connecting to the Database" for more details.)
Restart the postgreSQL server:
sudo /etc/init.d/postgresql-8.3 restart
Setup the DaviCal database
Run the database creation/installation script:
sudo su
su postgres -c /usr/share/davical/dba/create-database.sh
exit
Write down the admin password when it is displayed. You will need it later.
Once the creation script has run correctly, again edit the pg_hba.conf file:
and remove the line
local all all trust
(This step is not strictly necessary for the installation, but do you really want anybody
with a local account to have free access to all the databases?)
Restart the database daemon:
218 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Test that your database creation was successful
sudo su
su postgres
psql davical
davical=# \z
davical=# \q
exit
exit
You should see a table with a list of access permissions to "davical_dba". (Typing "\q"
exits pqsl.)
Set up Apache2
Install Apache2, if you have not done so already. See the Ubuntu documentation
(https://help.ubuntu.com/9.10/serverguide/C/httpd.html) for help.
In your router settings (assuming you have one), set your port forwarding so that your
port 80 (http) and 443 (https) is forwarded to your server. Make sure your server firewall
(if you have one) allows incoming ports 80 and 443.
I set up a dynamicDNS URL name (at DynDNS.org) called mydavicalsite.dyndns.org,
which gets forwarded to my router's IP address by DynDNS.org. (My router happens to
keep the DynDNS settings updated.) I want this to be forwarded to the server on my LAN.
I therefore created a virtual host setup in the Apache2 schema by copying the default
virtualhost settings file to a new virtualhost settings file for mydavicalsite:
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/mydavicalsite
I edited the virtualhost config file:
sudo nano /etc/apache2/sites-available/mydavicalsite
so that these lines were used (instead of the original ones):
#
# Virtual Host def for Debian package DAViCal
<VirtualHost *:80>
DocumentRoot /usr/share/davical/htdocs
ServerName mydavicalsite.dyndns.org
ServerAlias calendar.mydavicalsite.dyndns.org
Alias /images/ /usr/share/davical/htdocs/images/
<Directory /usr/share/davical/htdocs/>
AllowOverride None
Order allow,deny
219 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Allow from all
</Directory>
php_value include_path /usr/share/awl/inc
php_value magic_quotes_gpc 0
php_value register_globals 0
php_value error_reporting "E_ALL & ~E_NOTICE"
php_value default_charset "utf-8"
</VirtualHost>
To then make the virtualhost file active, I made a symbolic link from the virtualhost
configuration file in the apache2 "sites-available" folder to the apache2 "sites-enabled"
folder:
sudo ln -s /etc/apache2/sites-available/mydavicalsite /etc/apache2/sites-enabled/mydavicalsite
Then restart apache2:
Create your configuration file
Edit your own configuration file in /etc/davical. (Use your own domain name instead of
the one in the example, of course.):
sudo nano /etc/davical/mydavicalsite.dyndns.org-conf.php
You can merely include the following lines.
<?php
// $c->domain_name = "mydavicalsite.dyndns.org";
// $c->sysabbr
= 'rscds';
$c->admin_email = '[email protected]';
$c->system_name = "Really Simple CalDAV Store";
// $c->collections_always_exist = true;
// $c->enable_row_linking = true;
$c->default_locale = en_US.UTF-8;
$c->pg_connect[] = 'dbname=davical port=5432 user=davical_app';
?>
(Beware not to include any empty lines after the '?>'.)
Start up DaviCal
From your browser, go to
http://mydavicalsite.dyndns.org
220 of 265
or
05/24/2012 08:14 AM
UbuntuGuide Part2 -
http://mydavicalsite.dyndns.org/cal
Use admin as your initial login, and the password assigned to you at installation (you did
write it down, didn't you?)
(See here (http://wiki.davical.org/w/Installation_Experiences
/Feb_2008:_Ubuntu_6.10#If_you_forgot_the_Admin_Password) if you forgot your
password. In brief:
>sudo su
>su postgres
>psql davical -c 'select username, password from usr;'
Only the initial "admin" password is stored in plain text. All subsequent users have their
password stored in an encrypted state. If you change the admin password through the
web interface it will also be encrypted from that point forward.)
Optionally copy a configuration file for testing on the localhost server (this did not
work correctly for me, though):
sudo ln -s /etc/davical/mydavicalsite.dyndns.org-conf.php /etc/davical/localhost-conf.php
sudo ln -s /usr/share/davical/htdocs /var/www/davical
Then you can also log through localhost using your browser:
http://localhost/davical
Create TestUser
I created a testuser (that was not an administrator) using the admin login (above), and
gave it a password davtest. I created a calendar, using the default location
/testuser/home
I then installed both Sunbird
sudo apt-get install sunbird
and Thunderbird with Lightning:
sudo apt-get install thunderbird lightning-extension
Making sure that my firewall wasn't blocking any ports (while testing), or at least allowed
80 and 443 through, I created a new network calendar in both Sunbird and Thunderbird.
221 of 265
Sunbird -> File -> New Calendar... -> On the Network -> CalDAV ->
Location: http://mydavicalsite.dyndns.org/caldav.php/testuser/home ->
Name: testuser
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Thunderbird -> Calendar -> Calendar -> New Calendar... -> On the Network ->
CalDAV ->
Location: http://mydavicalsite.dyndns.org/caldav.php/testuser/home
Name: testuser
I then entered a calendar entry in Sunbird. I then reloaded the remote calendar:
Sunbird -> File -> Reload Remote Calendars
and when I did the same in Thunderbird Calendar
Thunderbird -> Calendar -> Reload button
then the two calendars were synchronized and both showed the same events.
Voila! Shared calendars.
Administer users
If I made an error in a user setup (from the DaviCAL web interface as the admin user), to
correct it I had to make the user inactive and then activate him/her again, at which time I
could change the settings.
I had to make a user Public if I wanted to view his/her calendar. The "relationships" are
discussed on other pages (http://rscds.sourceforge.net/administration.php) .
Clarification of user types and relationships
Note: These instructions are peculiar to version 0.9.7. Newer versions have been revised
and use a different permissions structure.
The official documentation on this site is very confusing to me. Here's what I worked out:
User roles
A "user" is really a type of account. There are four types of "user" roles in DAViCal. Not all
of them represent individual users.
222 of 265
Admin: This type of user does not have a calendar (or calendar folder). This type of
user account administers the DAViCal database by logging into the administration
web interface (only). It is the only type of user that can create new users and
change their status (e.g. "active" vs. "inactive", "language", relationships to other
types of user accounts, etc.).
Public: This is an individual user (as in "John Q. Public," I guess. Don't ask me why it
is called a Public account). Every individual user who wants to have an individual
calendar must have a Public account. Each individual user (with a Public account)
can also belong to (i.e. have a "relationship" with) a group and/or (group calendar)
resource.
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Group: This type of account is meant as a placeholder for several Public users to
belong to (have a "relationship" with). It acts as a user in some ways, but it is not an
individual user's account.
Resource: This is an account for a group calendar, basically. A group (or an
individual Public user) must have a "relationship" with the resource to administer
the group calendar associated with it. A Public user should not simultaneously have
both an individual relationship with a resource as well as a relationship with a group
that has a relationship with the same resource.
Types of relationships
A "relationship" defines the types of privileges one user account has in relation to
another user account.
Administers: This means that this user can change the settings of another user
account through the web administration interface. It does not mean that this user
can access or change the calendar of another user account (which must be done as
an "Assistant to...").
is Assistant to: This means the user can directly read and change the calendar of
another Public user or Resource (using a client program). Also, if a Public user is
defined with the relationship that it "Administers" a Group user account, and the
Group user account is an "Assistant to" a Resource (calendar) account, then the
Public user will also be able to directly read and change the calendar of the
Resource account (using a client program), as well.
Can read from: This means the user can directly read (but not change) the calendar
of another Public user or Resource (using a client program). Also, if a Public user is
defined with the relationship that it "Administers" a Group user account, and the
Group user account is given the relationship privilege "Can read from" a Resource
(calendar) account, then the Public user will also be able to directly read (but not
change) the calendar of the Resource account (using a client program), as well.
Can see free/busy time of: The free/busy time setting hides the details of events.
This is useful when sensitive details are on a calendar that not every shared user
ought to be able to see. When this privilege is given, only that events are scheduled
(and not their details) are revealed to the Public user that has this relationship (or to
all the Public users that belong to a Group with this type of relationship).
Example
(Other examples are given here (http://rscds.sourceforge.net/administration.php) ).
I have a sensitive PowWow group calendar which I want to share with different users.
Using the web administration interface and the initial "admin" account (see above), I first
create a new administrator user (account) named BigChief (user role "Admin"). He does
not have his own calendar.
223 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
There are seven new "Public" users (each with their own calendar by default) that I then
create through the web interface (using either my admin or BigChief user account). The
seven Public users are Chief1, Chief 2, Indian1, Indian2, Squaw1, Squaw2, and Janitor. I
want to ensure that each can be administered by the BigChief administrator account, so I
define the "relationships to" each user to include that the BigChief user "Administers"
each account.
Again through the administration web interface, I then set up a new Group user account
(with the user role "Group"), with a username of "Braves". I define the relationships to
this group: for each Public user (found in the dropdown box), Indian1 and Indian2, I select
"Administers" (which confers full rights to each member (Indian1 and Indian2) in the
Group to do whatever the Group Braves can do).
I then set up a second Group user account with a username of "Squaws." Again I give
each user (in the dropdown box) full privileges for (i.e. "Administers") this group.
Once more through the administration web interface, I finally set up a new user account
with the user role of "Resource", which will be the account which contains the actual
group calendar. I name this user "PowWowCalendar" (which is what I want to call the
group calendar).
For PowWowCalendar, I want BigChief to administer it. In the "Relationship to this user"
section, therefore, I select (from the dropdown menu) that the user BigChief
"Administers" this (group calendar) resource. I want Chief1 and Chief2 to read and
change the PowWowCalendar directly. I therefore select each individually in the
dropdown section and defines each with "Is Assistant to..." relationship privileges.
I then want all the Indians in the Braves group to also be able to read and change this
group calendar resource, so I then select that the (group) user Braves "is Assistant to"
this (group calendar) resource. I want all the squaws to be able to read the calendar only,
so I select that the (group) user Squaws "Can read from" this (group calendar) resource.
Lastly, I don't want the Janitor to see the actual details of the calendar, so I select that
the Janitor user "Can see free/busy time of" this (group calendar) resource.
Now I have to set up the clients.
Each Public user (Chief1, Chief 2, Indian1, Indian2, Squaw1, Squaw2, and Janitor) will set
their own user/password combination in their own calendar client. Then each will create
a new CalDAV calendar "on the network" (see above for Sunbird/Thunderbird/Lightning
instructions) with the location
http://mydavicalsite.dyndns.org/caldav.php/PowWowCalendar/home
Each user should then be able to see the resource calendar with the privileges assigned
above.
(Note that BigChief will not be able to access the calendar as an administrator. I think
this is a bug in the system. If you wish BigChief to read and change the events in the
calendar, he must be "Assistant to..." the (calendar) resource user).
224 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Clients
Multiple Email/Calendar/PIM clients work with DAViCal. See this list (http://wiki.davical.org
/w/CalDAV_Clients) , although almost all CALDAV-compatible clients will work.
Mozilla Sunbird / Thunderbird with Lightning
Mozilla Sunbird is a standalone calendar application, while Lightning is a plugin for the
email program Thunderbird which is made to work almost identically to Sunbird (but from
within Thunderbird, of course).
Idiosyncracies of Sunbird and Thunderbird Lightning
There are two ways to use Sunbird (or the Lightning Extension for Thunderbird): without
a saved user name / password combination, or with one. The first is to leave the user
name / password unsaved. This will require that you enter the user name / password
each time you log in (which can be tiresome, eventually). If using a computer with many
users, this is desirable. When prompted to enter the user name and password, merely do
not tick the box prompting whether to save the user name /password.
The second method involves saving the user name / password when prompted. However,
Sunbird only likes one saved user name. If there are more than one, it will not know
which user name to use when logging in to the server. Therefore, do not attempt to save
more than one user name / password.
When a user has subscribed to many calendars, that user can view one or many
calendars (for which the user has privileges) at the same time by individually checking or
unchecking the boxe next to each calendar name.
However, changes made from the calendar screen itself will only apply to the calendar
which is highlighted (in the calendar list), whether or not that calendar's box is actually
checked.
To view the calendar (and the changes), however, the calendar must also be checked. It
is therefore possible to add/change events to a highlighted calendar but not be able to
see the changes (if you have that calendar's name highlighted but not checked).
This point can't be stressed enough -- changes to the calendar are applied to whichever
calendar is highlighted, but to see the changes, the calendar must also be checked.
Kontact
Kontact is the personal information manager for KDE (used in Kubuntu). There are some
instructions on the DAViCal website (http://wiki.davical.org/w/CalDAV_Clients/Kontact) ,
but despite the warnings there, the calendar functions of the current version of Kontact
work very nicely with DAViCal. In brief:
225 of 265
Add a new calendar:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Kontact -> <Right Click> Calendar -> Add... -> Calendar in remote file
(in French: "Calendrier dans un fichier distant")
Use the same URL for "Download from" and "Upload to"
Example: http://calendar.example.com/caldav.php/user/home
The calendar must exist in order to use it, of course, or Kontact will send an error
(such as "file http://calendar.example.com/caldav.php/user/home does not exist").
You must create the calendar using the DAViCal web-based administration interface.
These instructions apply to both Kontact and Korganizer.
Evolution
See the DAViCal website (http://wiki.davical.org/w/CalDAV_Clients/Evolution) for some
details. I haven't used Evolution with DAViCal, so if you have, please add your experience
here (as well as on the DAViCal website).
These instructions are for DAViCal ver. 0.9.8, which is a major rewrite of DAViCal.
(This new version is not yet available in the repositories.) If you wish instructions for
a more recent version, consult the DAViCal site (http://wiki.davical.org
/w/Release_Notes/0.9.9.2#Debian_.2F_Ubuntu) for instructions on adding the
DAViCal repository and installing the most recent version directly.
The instructions for ver. 0.9.7 (from the repositories) are here. DAViCal
(http://wiki.davical.org/w/Main_Page) is a CalDAV (http://en.wikipedia.org/wiki/CalDAV) ,
postgreSQL, Apache and php-based shared Calendar server that works with Mozilla
Thunderbird/Lightning/Sunbird, Evolution, and other calendar clients.
If you wish to use the the older version (0.9.7) from the Ubuntu repositories:
Install the newest version (> 0.9.8) from the DAViCal repositories:
sudo
echo
sudo
sudo
apt-key advanced --keyserver pgp.net.nz --recv-keys F6E0FA5CF0307507BB23A512EAFCFEBF8FEB8EBF
"deb http://debian.mcmillan.net.nz/debian lenny awm " | sudo tee /etc/apt/sources.list.d/davical.list
apt-get update
apt-get install davical
Note: Port 11371 must be open in the firewall to allow the keyserver.
The following detailed instructions are duplicated and updated on the DAViCal website
(http://wiki.davical.org/w/Ubuntu_Karmic) .
Introduction
226 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
DaviCal (http://wiki.davical.org/w/Release_Notes) has been included in the Ubuntu
repositories as a .deb package.
The instructions below are for a new user with a new Ubuntu Server installation.
(Obviously, if you are already using the Ubuntu Server, you will probably have done
many of the steps already.)
Preliminary Requirements
It is possible to select the PostgreSQL database task and the LAMP (Linux, Apache2,
MySQL, PHP) tasks at the time of the server installation, or at any later time using:
sudo tasksel install postgresql-server
At a minimum, you will need PostgreSQL (https://help.ubuntu.com/10.04/serverguide
/C/postgresql.html) (see below), Apache2 (https://help.ubuntu.com/10.04/serverguide
/C/httpd.html) (see below), and PHP (https://help.ubuntu.com/10.04/serverguide
/C/php5.html) . You can install PHP separately (i.e. not part of the integrated LAMP stack),
if you wish, following these Ubuntu instructions (https://help.ubuntu.com/10.04
/serverguide/C/php5.html) .
Note that in later versions of (K)Ubuntu, PostgreSQL 8.4 will be installed instead of
PostgreSQL 8.3. Installation steps must take this into account.
Set up the PostgreSQL database
See these Ubuntu instructions (https://help.ubuntu.com/community/PostgreSQL) .
Use the Hardy Installation instructions (for PostgreSQL 8.3) as well as the Basic
Server Setup instructions for Gutsy/Hardy. In short, install (if you already haven't):
Basic Server Setup:
sudo -u postgres psql postgres
Set a password for the postgres superuser:
\password postgres
(You may need to quit using \q when you are done).
Create the first database:
sudo -u postgres createdb mydb
227 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Install the DaviCal package from repositories
Set up DaviCal PostgreSQL users
Create the DaviCal users (first becoming the the system root superuser, using sudo
su, then becoming the database superuser, postgres):
sudo su
su postgres -c "createuser davical_app"
exit
You will get asked about superusers, roles and databases, but just say "No" to all
questions. This functional ID needs only minimum rights. Repeat the process to create
one more user, "davical_dba":
sudo su
su postgres -c "createuser davical_dba"
exit
Note: In the (older) main DAViCAL site installation page, the user created at this step is
"general." This account name is for older versions. You do not need to create a user
named "general" any longer.
Edit the configuration file pg_hba.conf:
Add the following 4 lines near (or at) the top;
local all all trust
local davical davical_dba trust
local davical davical_app trust
host davical davical_app 127.0.0.1/32 trust
(The last line is for accessing the database over TCP/IP, assuming the database and the
apache2 server are on the same computer. See here (http://rscds.sourceforge.net
/installation.php) under "Connecting to the Database" for more details.)
Restart the postgreSQL server:
Setup the DaviCal database
228 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Run the database creation/installation script:
sudo su
su postgres -c /usr/share/davical/dba/create-database.sh
exit
Write down the admin password when it is displayed. You will need it later.
Once the creation script has run correctly, again edit the pg_hba.conf file:
and remove the line
local all all trust
(This step is not strictly necessary for the installation, but do you really want anybody
with a local account to have free access to all the databases?)
Restart the database daemon:
Test that your database creation was successful
sudo su
su postgres
psql davical
davical=# \z
davical=# \q
exit
exit
You should see a table with a list of access permissions to "davical_dba". (Typing "\q"
exits pqsl.)
Set up Apache2
Install the Apache2 webserver, if you have not done so already. See the Ubuntu
documentation (https://help.ubuntu.com/9.10/serverguide/C/httpd.html) for help.
In your router settings (assuming you have one), set your port forwarding so that your
port 80 (http) and 443 (https) is forwarded to your server. Make sure your server firewall
(if you have one) allows incoming ports 80 and 443.
229 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
I set up a dynamicDNS URL name at DynDNS.org called mydavicalsite.dyndns.org, which
gets forwarded to my router's IP address by DynDNS.org. (My router happens to keep the
DynDNS settings updated.) I want this to be forwarded to the server on my LAN.
I therefore created a virtual host setup in the Apache2 schema by copying the default
virtualhost settings file to a new virtualhost settings file for mydavicalsite:
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/mydavicalsite
I edited the virtualhost config file:
sudo gedit /etc/apache2/sites-available/mydavicalsite
so that these lines were used (instead of the original ones):
#
<VirtualHost *:80>
ServerName mydavicalsite.dyndns.org
ServerAlias calendar.mydavicalsite.dyndns.org
AllowOverride None
Order allow,deny
Allow from all
</Directory>
php_value open_basedir 1
</VirtualHost>
To then make the virtualhost file active, I made a symbolic link from the virtualhost
configuration file in the apache2 "sites-available" folder to the apache2 "sites-enabled"
folder:
sudo ln -s /etc/apache2/sites-available/mydavicalsite /etc/apache2/sites-enabled/mydavicalsite
Then restart apache2:
Create your configuration file
Edit your own configuration file in /etc/davical. (Use your own domain name instead of
the one in the example, of course.):
230 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo gedit /etc/davical/mydavicalsite.dyndns.org-conf.php
You can merely include the following lines:
<?php
// $c->domain_name = "mydavicalsite.dyndns.org";
// $c->sysabbr
= 'rscds';
$c->admin_email = '[email protected]';
$c->system_name = "Really Simple CalDAV Store";
// $c->collections_always_exist = true;
// $c->enable_row_linking = true;
$c->default_locale = en_US.UTF-8;
$c->pg_connect[] = 'dbname=davical port=5432 user=davical_app';
Start up DaviCal
From your browser, go to
http://mydavicalsite.dyndns.org
or
http://mydavicalsite.dyndns.org/cal
Use admin as your initial login, and the password assigned to you at installation (you did
write it down, didn't you?)
(See here (http://wiki.davical.org/w/Installation_Experiences
/Feb_2008:_Ubuntu_6.10#If_you_forgot_the_Admin_Password) if you forgot your
password. In brief:
>sudo su
>su postgres
>psql davical -c 'select username, password from usr;'
Only the initial "admin" password is stored in plain text. All subsequent users have their
password stored in an encrypted state. If you change the admin password through the
web interface it will also be encrypted from that point forward.)
Optionally copy a configuration file for testing on the localhost server (this did not
work correctly for me, though):
sudo ln -s /etc/davical/mydavicalsite.dyndns.org-conf.php /etc/davical/localhost-conf.php
sudo ln -s /usr/share/davical/htdocs /var/www/davical
Then you can also log through localhost using your browser:
http://localhost/davical
231 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Create TestUser
I created a testuser (that was not an administrator) using the admin login (above), and
gave it a password davtest. I created a calendar, using the default location
/testuser/home
I then installed both Sunbird
sudo apt-get install sunbird
and Thunderbird with Lightning:
sudo apt-get install thunderbird lightning-extension
Making sure that my firewall wasn't blocking any ports (while testing), or at least allowed
80 and 443 through, I created a new network calendar in both Sunbird and Thunderbird.
Sunbird -> File -> New Calendar... -> On the Network -> CalDAV ->
Location: http://mydavicalsite.dyndns.org/caldav.php/testuser/home ->
Name: testuser
Thunderbird -> Calendar -> Calendar -> New Calendar... -> On the Network ->
CalDAV ->
Location: http://mydavicalsite.dyndns.org/caldav.php/testuser/home
Name: testuser
I then entered a calendar entry in Sunbird. I then reloaded the remote calendar:
Sunbird -> File -> Reload Remote Calendars
and when I did the same in Thunderbird Calendar
Thunderbird -> Calendar -> Reload button
then the two calendars were synchronized and both showed the same events.
Voila! Shared calendars.
Administer users
If I made an error in a user setup (from the DaviCAL web interface as the admin user), to
correct it I had to make the user inactive and then activate him/her again, at which time I
could change the settings.
I had to make a user Public if I wanted to view his/her calendar. The "relationships" are
discussed on other pages (http://rscds.sourceforge.net/administration.php) .
User roles
232 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
In DAViCal 0.9.8 onwards, users are referred to as 'Principals'. A "user" is really a type of
account. There are three types of "Principal" in DAViCal. Not all of them represent
individual users.
Person: This is an individual user. Every individual user who wants to have an
individual calendar must have a Person account.
Group: This type of account is meant as a placeholder for mediating access. It acts
as a user in some ways, but it is not intended to be an individual user's account.
Privileges will usually be granted to a group, in order that the group can grant
privileges on to many individuals.
Resource: This is an account for a shared calendar, such as for booking a meeting
room, or an office vehicle. Various resources will usually grant privileges to a Group
(or directly to a Person) must have a "relationship" with the resource to administer
the group calendar associated with it.
Additionally, a user may be set as an 'Administrator'. These users administer the DAViCal
database by logging into the administration web interface. It is the only type of user that
can create new users and change their status (e.g. "active" vs. "inactive"). Users who are
set to 'inactive' can no longer log into DAViCal.
Grants and Permissions Example
More information is at the DAViCal website (http://wiki.davical.org/w/Permissions) .
I have a sensitive PowWow group calendar which I want to share with different users.
Using the web administration interface and the initial "admin" account (see above), I first
create a new Person (account) named BigChief. He does not have his own calendar.
There are seven new "Public" users (each with their own calendar by default) that I then
create through the web interface (using either my original admin or new 'BigChief' admin
account). The seven Public users are Chief1, Chief 2, Indian1, Indian2, Squaw1, Squaw2,
and Janitor.
Again through the administration web interface, I then set up a new 'Group' account,
with a username of "Braves". In this account I grant ALL privileges to each of the
members (Indian1 and Indian2) which confers full rights to each member (Indian1 and
Indian2) in the Group to do whatever the Group Braves can do.
I then set up a second Group user account with a username of "Squaws." Again I create a
grant of ALL privileges to each user (i.e. Squaw1 & Squaw2).
Once more through the administration web interface, I set up a new 'Resource' account,
which will contains the actual group calendar. I name this user "PowWowCalendar"
(which is what I want to call the group calendar).
For PowWowCalendar, I want BigChief to administer it, so I create a grant, giving ALL
privileges to BigChief. I want Chief1 and Chief2 to read and change the PowWowCalendar
directly. I therefore add another grant to each individually, giving them write, read and
233 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
free/busy privileges. Since these Chiefs can also send/respond to meeting invitations on
behalf of the group in general I also give the chiefs schedule privileges, although DAViCal
will not support that feature until 0.9.9 is released.
I then want all the Indians in the Braves group to also be able to read and change this
group calendar resource, so I create two more grants, to the 'Braves' and 'Squaws'
groups, conferring write, read and free/busy privileges also.
Lastly, I don't want the Janitor to see the actual details of the calendar, but I do want him
to know when the meetings are happening. And in fact I don't mind if anyone else in the
organisation can see when the meetings are, so I set the Default Privileges to 'Free/Busy'.
Now I have to set up the clients.
Each real user (Chief1, Chief 2, Indian1, Indian2, Squaw1, Squaw2, and Janitor) will set
their own user/password combination in their own calendar client. Then each will create
a new CalDAV calendar "on the network" (see above for Sunbird/Thunderbird/Lightning
instructions) with the location
http://mydavicalsite.dyndns.org/caldav.php/PowWowCalendar/home
Each user should then be able to see the resource calendar with the privileges assigned
above.
Clients
Multiple Email/Calendar/PIM clients work with DAViCal. See this list (http://wiki.davical.org
/w/CalDAV_Clients) , although almost all CALDAV-compatible clients will work.
Mozilla Sunbird / Thunderbird with Lightning
Mozilla Sunbird is a standalone calendar application, while Lightning is a plugin for the
email program Thunderbird which is made to work almost identically to Sunbird (but from
within Thunderbird, of course).
Idiosyncracies of Sunbird and Thunderbird Lightning
There are two ways to use Sunbird (or the Lightning Extension for Thunderbird): without
a saved user name / password combination, or with one. The first is to leave the user
name / password unsaved. This will require that you enter the user name / password
each time you log in (which can be tiresome, eventually). If using a computer with many
users, this is desirable. When prompted to enter the user name and password, merely do
not tick the box prompting whether to save the user name /password.
The second method involves saving the user name / password when prompted. However,
Sunbird only likes one saved user name. If there are more than one, it will not know
which user name to use when logging in to the server. Therefore, do not attempt to save
more than one user name / password.
When a user has subscribed to many calendars, that user can view one or many
234 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
calendars (for which the user has privileges) at the same time by individually checking or
unchecking the boxe next to each calendar name.
However, changes made from the calendar screen itself will only apply to the calendar
which is highlighted (in the calendar list), whether or not that calendar's box is actually
checked.
To view the calendar (and the changes), however, the calendar must also be checked. It
is therefore possible to add/change events to a highlighted calendar but not be able to
see the changes (if you have that calendar's name highlighted but not checked).
This point can't be stressed enough -- changes to the calendar are applied to whichever
calendar is highlighted, but to see the changes, the calendar must also be checked.
Kontact
Kontact is the personal information manager for KDE (used in Kubuntu). There are some
instructions on the DAViCal website (http://wiki.davical.org/w/CalDAV_Clients/Kontact) ,
but despite the warnings there, the calendar functions of the current version of Kontact
work very nicely with DAViCal. In brief:
Add a new calendar:
Kontact -> <Right Click> Calendar -> Add... -> Calendar in remote file
(in French: "Calendrier dans un fichier distant")
Use the same URL for "Download from" and "Upload to"
Example: http://calendar.example.com/caldav.php/user/home
The calendar must exist in order to use it, of course, or Kontact will send an error
(such as "file http://calendar.example.com/caldav.php/user/home does not exist").
You must create the calendar using the DAViCal web-based administration interface.
These instructions apply to both Kontact and Korganizer.
Evolution
See the DAViCal website (http://wiki.davical.org/w/CalDAV_Clients/Evolution) for some
details. I haven't used Evolution with DAViCal, so if you have, please add your experience
here (as well as on the DAViCal website).
BigBlueButton
BigBlueButton (http://bigbluebutton.org/) is a web conferencing server that takes
advantage of several other open source servers (http://bigbluebutton.org/components) .
It is a complex package that I prefer to run on its own Ubuntu server (either on a
standalone machine, in a separate partition, or within a virtual machine). This is
necessary partly because BigBlueButton runs either on a 32-bit Ubuntu Jaunty 9.04 OS or
on a 32-bit or 64-bit Lucid 10.04 OS currently, and I use a more recent edition of the
(K)Ubuntu OS for everything else.
235 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Also, the default configuration of BigBlueButton uses ports for its components that might
occasionally conflict with other servers. Rather than reconfigure all the other servers (to
avoid the possibility of port conflicts with BigBlueButton), it is easier to install (and easier
to maintain) BigBlueButton if it is in a self-contained environment.
If BigBlueButton is to be used only for a webinar once-in-a-while, it might be easiest to
set it up in its own partition. (A full BBB installation uses 2 Gb hard disk space, so a 4 Gb
partition ought to be sufficient. If plenty of hard disk space is available, use 8 Gb for the
partition.) Install the Ubuntu server (or desktop) OS within that partition first. (See this
section for details on a method to accomplish this.) Then install BigBlueButton.
Installing in a virtual machine (such as VirtualBox, VMWare, QEMU, or Xen) makes sense
if the computer host has lots of computing capacity (3 Gb of RAM or greater and a
powerful CPU) and a large hard drive. (BigBlueButton recommends dedicating at least 1
Gb RAM to it on a 2 GHz dual-core processor. A full installation requires 2 Gb, so a 4 Gb
virtual hard drive ought to be sufficient. If plenty of hard disk space is available, use 8 Gb
for the virtual hard drive.) Installation in a virtual machine can be accomplished using
the installation method outlined below (after installing an Ubuntu OS within the virtual
machine), or a VMWare appliance (http://code.google.com/p/bigbluebutton
/wiki/BigBlueButtonVM) can be used (for those who have installed a VMWare Player).
If a spare computer is available and frequent usage is anticipated, installing on a
standalone computer (as the server) would be most economical (and easiest to maintain)
in the long run.
As always, I recommend a test system and a production system. These can be parallel
installations on separate partitions (or within separate virtual machines), for example, of
which only one at a time is running.
The following instructions are for a new installation, including the Ubuntu server OS,
within one of these three environments.
Install Ubuntu server
I recommend installing the Ubuntu server and then later adding an Ubuntu or
Kubuntu desktop if desired (although it is not necessary to have a desktop, and I
don't use one).
BigBlueButton provides packages for the 32-bit Jaunty (9.04) edition or for the 32-bit or
64-bit Lucid (10.04) editions. Install your desired server version (Ubuntu server 9.04
(http://releases.ubuntu.com/9.04/) or Ubuntu server 10.04 (http://releases.ubuntu.com
/10.04/) ). (Jaunty uses the ext3 filesystem by default, so I would probably stick with that
if using that version.) I do not recommend installing any additional packages.
BigBlueButton will install all the additional packages that it needs (through its own
installation script) itself.
Update and upgrade the basic server:
sudo apt-get update
236 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
To speed bootup, edit the Grub timeout to be one second (Note: Jaunty 9.04 uses
Grub Legacy, not Grub2).
Change to
timeout 1
instead of the 10 second (timeout 10) that is the default.
Sort out webserver conflicts
BigBlueButton uses Nginx (http://wiki.nginx.org/) as a webserver instead of Apache2.
(Nginx is used by many high-volume server sites such as Sourceforge, Hulu, Github,
Wordpress, and TorrentReactor).
If installing Ubuntu server for the first time, do not install the full LAMP (Linux,
Apache2, MySQL, PHP) stack as an option, since Apache installation is not needed.
BigBlueButton will install the individual MySQL and PHP components during its own
installation.
If you are installing BigBlueButton on an Ubuntu server that is already running
Apache, you must decide on a port scheme so that the two webservers do not
conflict.
Changing the Apache listening port
The Nginx webserver (used by BigBlueButton) is installed so that it uses the standard
webserver port 80. Apache2, if installed, also uses this standard webserver port by
default. It is possible to edit an Apache2 configuration file, however, so that it listens on
a non-standard port:
sudo nano /etc/apache2/ports.conf
and the port number 80 changed to a different port number (such as 82). Then reload
Apache2:
This avoids conflicts while installing and testing BigBlueButton. (Of course, for the most
part, any servers using Apache2 will be non-functional unless all corresponding virtual
host settings are also changed.)
237 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Later, I usually prefer to set the BigBlueButton listening port to 81 and return the
Apache2 listening port to 80.
Install BigBlueButton
32-bit Jaunty (9.04)
Retrieve and add the BigBlueButton repository key:
wget http://archive.bigbluebutton.org/bigbluebutton.asc
sudo apt-key add bigbluebutton.asc
Add the BigBlueButton Repositories to your repository list:
echo "deb http://archive.bigbluebutton.org/ bigbluebutton main" | sudo tee /etc/apt/sources.list.d/bigbluebutton.list
sudo apt-get update
Install BigBlueButton:
sudo apt-get install bigbluebutton
Install desktop sharing:
sudo apt-get install bbb-apps-deskshare
32-bit or 64-bit Lucid (10.04)
Retrieve and add the BigBlueButton repository key:
wget http://archive.bigbluebutton.org/bigbluebutton.asc
sudo apt-key add bigbluebutton.asc
Add the BigBlueButton Repositories to your repository list:
echo "deb http://archive.bigbluebutton.org/lucid bigbluebutton-lucid main" | sudo tee /etc/apt/sources.list.d/bigblueb
Ensure the multiverse is in the souces list (needed for msttcorefonts):
echo "deb http://us.archive.ubuntu.com/ubuntu/ lucid multiverse" | sudo tee -a /etc/apt/sources.list
Update the software lists:
sudo apt-get update
238 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Install asterisk (you can hit enter for the prompt for dialing prefix):
sudo apt-get install asterisk
Install BigBlueButton
sudo apt-get install bigbluebutton
Restart BigBlueButton:
sudo bbb-conf --restart
sudo bbb-conf --check
Ensure port availablility
BigBlueButton components use port 1935 for RTMP (streaming video), 9123 for desktop
sharing (with Xuggler (http://www.xuggle.com/xuggler/) ), and port 80 for the Nginx
webserver.
Internally, the Red5 Flash server uses port 5080, the Tomcat6 java server uses port 8080,
Asterisk uses UDP port 5060 for the SIP interface (plus SIP ports 6079-6099 and RTP
ports 3000-3029). The Asterisk Management Interface uses port 5038.
For this reason, during installation and troubleshooting, it is best not to use a firewall
with BigBlueButton, and it should be placed in a DMZ. (The UFW firewall installed with
Ubuntu Jaunty 9.04 is not enabled by default, so this is not problematic initially.)
A server in the DMZ is at increased risk of hacking, so this is another significant reason to
keep BigBlueButton quarantined within its own dedicated server environment
(machine/partition/virtual machine).
Once installation is complete and tested, a firewall is probably a good idea, especially if
you are hosting BBB on the same machine as other servers.
Check the server's current IP address
Usually this will be the IP address of the server on the LAN. To display:
ifconfig
Set a static IP address
The Ubuntu server(/desktop) on which BigBlueButton is installed should have a static IP
address so that it can reliably be located on the network. If on a LAN, this will be a static
LAN IP address (such as 192.168.0.55), to which the router must forward the appropriate
ports.
239 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
See How to set a static IP address.
Test BigBlueButton
If the LAN IP address of the BigBlueButton server is shown by ifconfig to be, for example,
192.168.0.55, then access the server from another computer on the LAN by logging
in from any web browser to:
http://192.168.0.55
Big Blue Button should now be fully functional.
Change the host location of the BigBlueButton server
A utility exists to quickly change the server_name of the Nginx (and other BigBlueButton)
configuration files. The server_name can be an IP address (such as 68.67.66.65) or a URL
(such as bigbluebutton.mydomain.org).
sudo bbb-conf --setip bigbluebutton.mydomain.org
If it doesn't seem to work, try a clean restart of the BigBlueButton system:
sudo bbb-conf --clean
Changing the BBB listening port
If BBB is working satisfactorily using the default settings, it is then possible to change the
listening port as well as the hostname/IP address at which it will be located.
If the port listening port has been changed to 81 (see above), then use the
command:
sudo bbb-conf --setip bigbluebutton.mydomain.org:81
Also change the Nginx webserver listening port (see below).
Reboot the server.
Now the BigBlueButton server can be accessed:
http://bigbluebutton.mydomain.org:81
Change the virtual host configuration file of Nginx
Nginx (http://wiki.nginx.org/) is the web server used by BigBlueButton. It is similar to
Apache in many ways. Virtual host configuration files are stored in /etc/nginx/sites240 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
available (and the virtual host configuration file made active by linking it into the
/etc/nginx/sites-enabled folder).
BigBlueButton uses an Nginx virtual host configuration folder at /etc/nginx/sites-available
/bigbluebutton (which is already linked into the sites-enabled folder). This can be edited
(and must be edited if the "bbb-conf --setip" utility in the previous section is used to
change the BBB listening port).
sudo nano /etc/nginx/sites-available/bigbluebutton
To change the listening port, edit the line
listen 80;
to the port that should be listened on (in my example 81). Do not use 8080, since it is
already used.
listen 81;
If you intend to use Apache2 on this server (and will always use Nginx on port 81),
then also edit the default Nginx configuration file:
sudo nano /etc/nginx/sites-available/default
so that it also listens on port 81:
listen 81;
Restart Nginx:
sudo /etc/init.d/nginx restart
Check the changed settings:
bbb-conf --check
Reboot the server.
I then usually like to return the Apache2 listening port to 80.
Using BigBlueButton with Moodle
If Moodle and BigBlueButton are hosted within the same LAN (or on the same physical
machine), then the webservers (that they use) ought to be on different listening ports.
Moodle uses Apache2, and I find it easiest to leave this at port 80; I assign port 81 to
241 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Nginx (and BigBlueButton).
In my set up, I use the same URL for both Moodle and BigBlueButton:
http://smartestowl.mydomain.org
for Moodle and
http://smartestowl.mydomain.org:81
for BigBlueButton.
Install BBB <-> Moodle API
A troubleshooting forum (http://groups.google.com/group/bigbluebuttondev/browse_thread/thread/9a12c2500bf34af5/056839210335ab31?lnk=gst&
q=moodle#056839210335ab31) for this API exists. Refer to it for problems.
Download the API from DualCode into the /usr/share/moodle/mod folder and unzip:
sudo wget http://www.dualcode.com/bigbluebutton/bigbluebutton.zip
sudo unzip bigbluebutton.zip
Copy the bigbluebutton/mod/bigbluebutton folder (and its contents) into the
/usr/share/moodle/mod folder:
sudo mkdir /usr/share/moodle/mod/bigbluebutton
sudo cp -r bigbluebutton/mod/bigbluebutton/* /usr/share/moodle/mod/bigbluebutton/
Copy the bigbluebutton/lang folder contents into the /usr/share/moodle/lang folder:
sudo cp -r bigbluebutton/lang/* /usr/share/moodle/lang/
Remove the original files:
sudo rm bigbluebutton.zip
sudo rm -r bigbluebutton/*
sudo rmdir bigbluebutton
242 of 265
Login to the Moodle site (as an administrator) and load the module:
-> Activities -> Manage Activities -> BigBlueButton -> Settings
-> Input the IP address/URL of your BigBlueButton server. Do not enter the leading
http:// .
05/24/2012 08:14 AM
UbuntuGuide Part2 -
-> Input the Security Salt from your BigBlueButton server. This is in a file called
“bigbluebutton.properties” on the BigBlueButton server. On my Ubuntu server I
found it at
The security salt string can be found:
beans.dynamicConferenceService.securitySalt=your_number_here
Input that long string of numbers and letters to the field in Moodle.
-> Put a star in the Meeting IDs field. That will allow an unlimited number of rooms
to be created. You can also put any number here to restrict how many rooms on
your BigBlueButton server you want running at any one time. (This can eventually
become important for performance reasons.)
In the (Course) Weekly Outline:
-> Add an activity... -> BigBlueButton ->
and set the desired passwords for the meeting, etc.
Add BigBlueButton API to Drupal6
BigBlueButton is a standalone videoconferencing server. Install the BigBlueButton
API (http://drupal.org/project/bbb) that is able to call the BBB server from within
Drupal:
243 of 265
Drupal -> Site administration -> BigBlueButton Conferencing -> Test connection.
Change the URL to the address of your BBB server (e.g.
http://mybbbsite.dyndns.org:81/bigbluebutton/) and the Security Salt (found in
bigbluebutton.properties on the BBB server in the
05/24/2012 08:14 AM
UbuntuGuide Part2 -
configuration file, in the setting:
type
Changing the BBB security salt
In general this is not necessary. However, if you think your BigBlueButton system may
have been compromised in some way, the security salt (which keeps passwords and
communications safe) can be changed.
Generate a new Universal Unique ID (UUID), which is basically a long string of
random numbers with dashes. This random number will serve as the security salt
key:
uuidgen
Copy the string (including dashes) several places, replacing the existing security
salt (if any) at each location:
/var/lib/tomcat6/webapps/bigbluebutton/demo/bbb_api_conf.jsp
sudo gedit /var/lib/tomcat6/webapps/bigbluebutton/demo/bbb_api_conf.jsp
/var/lib/tomcat6/webapps/bigbluebutton/WEB-INF/classes
/bigbluebutton.properties
sudo gedit /var/lib/tomcat6/webapps/bigbluebutton/WEB-INF/classes/bigbluebutton.properties
244 of 265
the Settings of the BigBlueButton plugin for Moodle (while logged into Moodle
as an administrator)
05/24/2012 08:14 AM
UbuntuGuide Part2 -
the Settings of the BigBlueButton plugin for Drupal (while logged into Drupal as
an administrator)
Do a clean restart of the BigBlueButton server:
BBB - Standalone authentification with Apache2 web
serving
Follow this tutorial http://code.google.com/p/bigbluebutton/wiki/InstallationUbuntu
Change BBB port 80 to port 81
bbb-conf - setip bbb_url.com:81
In the file /etc/nginx/sites-enabled/default
Change port 80 to port 81
Install apache2
apt-get install apache2
Create this file:
/etc/apache2/sites-available/bbb-redirect
Add the following line to this file : /etc/apache2/sites-available/bbb-redirect
Redirect / http://bbb_url.com:81/bigbluebutton/conference
Restart apache2
/etc/init.d/apache2 restart
Copy /var/lib/tomcat6/webapps/bigbluebutton/demo to /var/lib/tomcat6/webapps
/bigbluebutton/conference
cp -R /var/lib/tomcat6/webapps/bigbluebutton/demo /var/lib/tomcat6/webapps/bigbluebutton/conference
245 of 265
In this folder /var/lib/tomcat6/webapps/bigbluebutton/conference
Copy demo3.jsp to index.jsp
05/24/2012 08:14 AM
UbuntuGuide Part2 -
cp demo3.jsp index.jsp
Customize index.jsp as you wish. (you need basic knowledge with java and html)
Restart tomcat6
/etc/init.d/tomcat6 restart
Attempt to access the server's URL: http://bbb_url.com.
Voila!, the BBB server should be accessible with authentication.
Skulltag tips
Note: I use both the latest Skulltag and ZDoom with Doomseeker on Kubuntu Oneiric and
it is very fast with good graphics and good sound. (I had some problems in Maverick and
Natty, which are now resolved.)
Install Skulltag
Skulltag (http://wiki.skulltag.net) is an updated version of ZDoom (http://zdoom.org
/wiki/Compile_ZDoom_on_Linux) that includes network play. See the website
(http://wiki.skulltag.net/Installation_for_Ubuntu) for simple (K)Ubuntu installation
instructions. (You can use the Freedoom Iwad (see below) if you don't have an original
Doom2.wad.) Note: Most of the modules require dependencies from the Universe
repositories. Make sure you have the Universe repositories enabled (Synaptic Package
Manager -> Settings -> Repositories -> Edit Software Sources -> Community-maintained
Open Source software (universe) -> (ticked)).
Add the skulltag repositories, update, and install Skulltag and DoomSeeker (the
Skulltag online server utility):
echo "deb http://skulltag.net/download/files/release/deb/ jaunty multiverse" | sudo tee /etc/apt/sources.list.d/skulltag
sudo apt-get update
sudo apt-get install skulltag doomseeker-skulltag
If you don't have a doom2.wad, tnt.wad, or plutonia.wad already, you can copy the
freedoom.wad to your ~/.skulltag folder:
cd ~/.skulltag
wget http://mirror.cinquix.com/pub/savannah/freedoom/freedoom-iwad/freedoom-iwad-0.6.4.zip
unzip freedoom-iwad-0.6.4.zip
cp freedoom*/doom2.wad .
rm freedoom-iwad-0.6.4.zip
246 of 265
If you receive this error (I did not) when running for the first time :
05/24/2012 08:14 AM
UbuntuGuide Part2 -
skulltag: error while loading shared libraries: libsnes_spc.so: cannot open shared object file: No such file or director
then copy libsnes_spc.so from the skulltag directory to /usr/lib/ :
sudo cp libsnes_spc.so /usr/lib
Sound
Skulltag MIDI sound options can be set to OPL Synth Emulation (recommended), Timidity,
or FMOD. (I have never been able to get FMOD to work.) On my (K)Ubuntu system, OPL
Synth Emulation is already installed. Select the sound server:
Skulltag -> ESC -> Options -> Sound Options -> MIDI Device -> OPL Synth
Emulation
Timidity Sound
If you wish to use the Timidity (MIDI) sound system instead, then prior to starting
Skulltag (and selecting the sound options), install:
sudo apt-get install timidity timidity-interfaces-extra
FMOD Sound
FMOD (http://www.fmod.org/) is not installed by default in (K)Ubuntu. If you wish to
use FMOD for MIDI, then download the appropriate version for your Linux OS here
(http://www.fmod.org/index.php/download) and install the latest version (example is
for a 64-bit OS):
wget http://www.fmod.org/index.php/release/version/fmodapi44000linux64.tar.gz
tar -xvzf fmodapi44000linux64.tar.gz
sudo cp fmodapi40000linux64/api/lib/libfmodex64-4.40.00.so /usr/lib/libfmodex64-4.40.00.so
sudo ln -s /usr/lib/libfmodex64-4.40.00.so /usr/lib/libfmodex64.so
(Obviously, use the 32-bit version if you have a 32-bit OS.)
Set the sound options while running Skulltag to select your sound interface.
Alternate instructions: If you receive the error
skulltag: error while loading shared libraries: libfmodex32-4.24.16.so: cannot open shared object file: No such file or
or
skulltag: error while loading shared libraries: libfmodex64-4.24.16.so: cannot open shared object file: No such file or
247 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
this means that you need to download and install FMOD manually. From my experience,
Skulltag just ignores the .so files provided in the skulltag directory. It's easy to fix.
Download one of these:
32 bit linux: http://www.fmod.org/index.php/release/version/fmodapi42416linux.tar.gz
or
64 bit linux: http://www.fmod.org/index.php/release/version/fmodapi42416linux64.tar.gz
Extract to a directory somewhere, and in a command-line terminal navigate to
that directory (using cd), where there should be a file named "makefile," and
"make" the package:
sudo make install
This installs FMOD to /usr/local/lib.
Change to the directory (within the extracted file) /api/lib/
Skulltag will only work on ubuntu if libfmodex-4.24.16.so
(libfmodex64-4.24.16.so for 64 bit linux) is in /usr/lib/:
sudo cp /usr/local/lib/libfmodex64-4.24.16.so /usr/lib/
or
sudo cp /usr/local/lib/libfmodex-4.24.16.so /usr/lib/
Then link the specific files to the generic file:
sudo ln -s /usr/lib/libfmodex64-4.24.16.so /usr/lib/libfmodex64.so
sudo ln -s /usr/local/lib/libfmodex64-4.24.16.so /usr/local/lib/libfmodex64.so
If you receive an error about LibSDL, then be sure it is installed:
sudo apt-get install libsdl-image1.2
Wad location
Longtime Doom players may already have a collection of wads. If you have all your wads
in a single directory (like I do), you must set Doomseeker to look in that directory for
wads. For example, my wads are in /home/mainuser/wads, so I set Doomseeker:
248 of 265
Doomseeker -> Options -> Configure -> File paths -> Add -> /home/mainuser/wads
-> Ok
05/24/2012 08:14 AM
UbuntuGuide Part2 -
I also like any new wads that are downloaded by Doomseeker (Wadseeker) to be stored
in the same directory:
Doomseeker -> Options -> Configure -> Wadseeker -> General -> Directory where
Wadseeker will place the wads into: -> /home/mainuser/wads -> Ok
I happen to have stored my original doom2.wad, tnt.wad, and plutonia.wad in that
directory already. The Freedoom wad could be copied (as doom2.wad) into this directory
as well, if one of the original commercial wads are not available.
Firewall and Doomseeker
Doomseeker is the GUI that helps with online play. Skulltag has a centralized master
website that keeps track of every hosted Skulltag server online. This master website uses
port 15300, so this port must be open for outbound traffic in order to access the list.
I use Firestarter to control my firewall (iptables). To open the outgoing Doomseeker port
15300 in the firewall:
Firestarter -> Policy -> Editing: Outbound traffic policy -> Allow service: right-click
-> Add rule -> Allow service: Port: 15300 -> When the source is: Firewall host ->
Comment: Doomseeker master server comm port -> Add
When Doomseeker is now started, a list of servers will be displayed. However, the
servers may all be using different ports for Skulltag, and the details will not appear. This
is where a decision has to be made. If you want to be able to communicate with all the
servers listed, you must open up all your outgoing ports, or at least a wide range of
ports. If you want to communicate with only a select few servers, you can open only the
ports they are using. Although Doomseeker servers generally use ports 10666 - 10800,
there are many Skulltag servers that don't use Doomseeker, and they may use ports
numbering anywhere from 7000 to 21000.
Opening your firewall is a security risk, of course, and the user must make the decision
whether to open a wide range of ports or not. To open all outgoing ports (which is really
the only way to easily access all the Skulltag servers) using Firestarter, change the
outgoing policy to "permissive":
Firestarter -> Policy -> Editing: Outbound traffic policy -> Permissive by default,
blacklist traffic: (ticked)
This is effect opens up your system to all outgoing traffic, which is a security risk,
somewhat. (Trojans and backdoor channels, if present on your computer for some
reason, will then be free to communicate). Therefore, don't do this on a work computer
or on a computer where sensitive data compromise might be a concern.
If you plan to only play on a few select servers (of friends, for example) and you know
that their servers are hosted on, say, ports 10666 - 10700, then leave the policy set to
"restrictive by default" and just open those ports, :
249 of 265
Firestarter -> Policy -> Editing: Outbound traffic policy -> Restrictive by default,
whitelist traffic: (ticked) -> Allow service: right-click -> Add rule -> Allow service:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Port: 10666-10700 -> When the source is: Firewall host -> Comment: Skulltag
servers -> Add
Hosting a Skulltag server
Installation of Skulltag includes installation of the server module, skulltag-server.
Doomseeker provides a GUI interface that starts up skulltag-server, which is very
convenient (Doomseeker -> File -> Create server).
Using Doomseeker's Create server option (http://skulltag.net
/wiki/Creating_a_personal_Server_with_Doomseeker) , all the settings for your
server can be set. The information will be sent to the Skulltag master server (over
port 15300) and your server will then be listed there. When you refresh the
Doomseeker server list, you should be able to find your server. You can then
connect to it yourself and become a player.
By default, Doomseeker creates your Skulltag server on port 10666. If you might be
creating two servers, the second will be created on port 10667. Therefore, if you are
on a LAN, you must forward these ports to your computer's LAN IP address (from
your router). You must have access to your router to do this (and each router is
different), so consult your router's guide.
You can find out the local LAN IP address of your computer from a
command-line interface terminal (such as Terminal in Ubuntu or Konsole)
in Kubuntu) using the command:
ifconfig
Set your router to forward ports 10666-10667 to your computer's local
LAN IP address.
Of course, your firewall must also allow incoming traffic on these ports. I use
Firestarter to control my firewall (iptables). To open the incoming Skulltag server
ports in the firewall:
Firestarter -> Policy -> Editing: Inbound traffic policy -> Allow service:
right-click -> Add rule -> Allow service: Port: 10666-10667 -> When the source
is: Anyone -> Comment: Skulltag servers -> Add
wlan0 vs. eth0
Note: In the newest versions of Skulltag I no longer need to do interface bridging as
described below.
When I set up my Skulltag server using version 0.98c, the skulltag-server module often
tried to use eth0 (the wired NIC) as the primary communications port, even though I only
connected to the LAN/internet over the wireless wlan0 port. This was unpredictable, as
sometimes it attempted to use wlan0 and sometimes eth0, even though only wlan0 (the
250 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
wireless port) was connected (eth0 was not connected, i.e. no wired connection).
The only way I found to work around this behavior was to bridge eth0 to wlan0, so that
any traffic to eth0 was then sent over wlan0.
To enable bridging, install bridge-utils:
sudo apt-get install bridge-utils
Edit the network interfaces configuration file (use the gedit text editor instead of
so that it resembles:
# The loopback network interface
auto lo
iface lo inet loopback
#
auto wlan0
iface wlan0 inet dhcp
#
bridge_ports wlan0 eth0
Then I restarted the networking (or rebooted):
This successfully bridged the eth0 port to the wlan0 port. Now when the Skulltag server
started, it thinks it is hosting through the eth0 port but it is now actually hosted through
the wlan0 port.
Storing your custom wads online
Ok, you have to be a Doom fanatic to build your own wads. But one of the advantages of
Skulltag is that you can host a server using your own wads (for Deathmatch,
Cooperative, or other team play). There are a few websites that will store your wads for
you, and keep a large variety of wads available to be used for your own server. An easy
one to use is FatHax (http://wadhost.fathax.com/) . If you use FatHax (or any other wad
site) for your wads, be sure to list it as the "URL" in your server, so that players
attempting to play will be directed to that location to download wads.
Doomseeker troubleshooting
251 of 265
The current package of Doomseeker (0.8.1) available from the skulltag.net
repository works fine for me.
These instructions remain for reference only; they should not longer be needed. I
05/24/2012 08:14 AM
UbuntuGuide Part2 -
was not able to get the Debian/Ubuntu package of Doomseeker 0.7-beta to work
properly (even though Doomseeker 0.6 worked fine). (Multiple errors were returned
that plugins were "not available" when using the package-installed binary at /usr/bin
/doomseeker.)
I therefore installed the newest Subversion package of Doomseeker and compiled it
manually instead, using the instructions here (http://www.skulltag.net/doomseeker
/svn.php) . This version of Doomseeker worked for me without problem.
Updated specific instructions 3-1-2012:
I downloaded the Doomseeker 0.8.1b + Wadseeker 0.7.1 tarball (doomseeker0.8.1b_src.tar.bz2) from here (http://doomseeker.drdteam.org/download.php)
and unpacked it.
wget http://doomseeker.drdteam.org/files/doomseeker-0.8.1b_src.tar.bz2
tar -xvjf doomseeker-0.8.1b_src.tar.bz2
This extracted this version to the folder ~/doomseeker-0.8.1b_src.
I then compiled it by hand using these instructions (http://www.skulltag.net
/doomseeker/svn.php) , specifically:
sudo apt-get install g++ cmake libqt4-dev mercurial zlib1g-dev libbz2-dev
cd doomseeker-0.8.1b_src
mkdir build
cd build
cmake ..
make
sudo make install
It installs to the /usr/local/share/doomseeker folder with the binary at /usr/local
/bin/doomseeker so that a menu item must be created with the command:
/usr/local/bin/doomseeker
ZDoom and GZDoom
Both ZDoom and GZDoom (the OpenGL version of ZDoom) can be downloaded as
packages from the Skulltag repository as well. After installing the Skulltag repository:
sudo apt-get install zdoom doomseeker doomseeker-zdaemon python-zdaemon
or
sudo apt-get install gzdoom doomseeker doomseeker-zdaemon python-zdaemon
252 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Midi sound is most easily enabled using OPL Synth Emulation:
ZDoom -> ESC -> Options -> Sound -> Midi Device: OPL Synth Emulation
MFC-7820N
I have about a dozen of this Brother MFC-7820N multifunction printer/scanner/fax
machine on my networks. Other Brother MFC models are similar to set up, so the steps in
this article are probably similar to those needed for other models as well. For additional
drivers and instructions see the Brother help site (http://welcome.solutions.brother.com
/bsc/public_s/id/linux/en/index.html) .
Printer
The BR-Script3 and Foomatic/Postscript PPD files that are supplied automatically do
not work well with graphics (the Foomatic/Postscript PPD often doesn't work at all).
Printing graphics can take longer than 4 minutes, or can freeze altogether. Install
the Brother CUPS drivers instead:
sudo apt-get install brother-lpr-drivers-laser brother-cups-wrapper-laser
These CUPS driver packages also work for these Brother laser models: DCP-7010
DCP-7020 DCP-7025 DCP-8060 DCP-8065DN FAX-2820 FAX-2920 HL-2030 HL-2040
HL-2070N HL-5240 HL-5250DN HL-5270DN HL-5280DW MFC-7220 MFC-7225N MFC-7420
MFC-7820N MFC-8460N MFC-8660DN MFC-8860DN MFC-8870DW.
My printer is on a network (at LAN IP address 192.168.0.125 which is set manually
from the printer console). (K)Ubuntu will find the printer on the network
automatically (assuming all firewalls are turned off) and install the correct drivers.
Menu -> System -> System Settings -> Printer configuration -> New Printer ->
New Network Printer
At this stage my printer was automatically recognized and the device URI filled in for me
as
socket://192.168.0.125:9100
I was able to name the printer and select the printer driver:
->Brother -> MFC-7820N for CUPS
Avoid the "MFC-7820N -> BR-Script3" and the "MFC-7820N -> Foomatic/Postscript"
options (see above).
253 of 265
In my firewall, I allowed all traffic to/from 192.168.0.125. On networks where I have
multiple Brother printers, I opened port 9100 (in and out) for the entire subnet
05/24/2012 08:14 AM
UbuntuGuide Part2 -
192.168.0.1/24 (i.e. 192.168.0.1 - 192.168.0.255).
Other models
My 7820N model is installed by (K)Ubuntu automatically, but other models may need the
installation of the LPR and cupswrapper drivers individually.
Search the package manager for a package that corresponds to your model first. If none
is available, then .deb packages for the drivers for each model can each be downloaded
from the Brother website (http://welcome.solutions.brother.com/bsc/public_s/id/linux
/en/download_prn.html) . Then install them (this example uses the MFC-7340 drivers):
sudo dpkg -i --force-all brmfc7340lpr-2.0.2-1.i386.deb
sudo dpkg -i --force-all cupswrapperMFC7340-2.0.2-1.i386.deb
Scanner
These instructions are for a networked scanner/printer. There are other instructions
(http://welcome.solutions.brother.com/bsc/public_s/id/linux/en/instruction_scn1.html) for
a USB-connected scanner/printer.
Install pre-requisites (if not already installed):
sudo apt-get install sane-utils
The 7820N uses a brscan2 driver, as listed here
(http://welcome.solutions.brother.com/bsc/public_s/id/linux/en/download_scn.html) .
Download the .deb package for the drivers for the printer (use the appropriate
64-bit or 32-bit version -- replace amd64 with i386 if needed) and install
(http://welcome.solutions.brother.com/bsc/public_s/id/linux
/en/instruction_scn1.html) them:
sudo wget -O brscan_driver.deb http://www.brother.com/pub/bsc/linux/dlf/brscan2-0.2.5-1.amd64.deb
sudo dpkg -i brscan_driver.deb
If you would like to use the Scan key on the scanner/printer itself, then also install the
scankeytool (http://welcome.solutions.brother.com/bsc/public_s/id/linux
/en/instruction_scn3.html) :
sudo wget -O brscan_scankeytool.deb http://www.brother.com/pub/bsc/linux/dlf/brscan-skey-0.2.1-3.amd64.deb
sudo dpkg -i brscan_scankeytool.deb
Check to see if the driver is installed:
sudo dpkg -l | grep Brother
254 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Add a network scanner entry for your model. (brsaneconfig2 is the command for the
brscan2 driver.)
brsaneconfig2 -a name=SCANNER model=MFC-7820N ip=192.168.0.125
Check to see if the network scanner is recognized:
brsaneconfig2 -q | grep SCANNER
(These instructions are per this FAQ for (K)Ubuntu 11.10 or greater
/en/faq_scn.html#f00101) ):
Copy brscan2 files from /usr/lib64 to /usr/lib:
sudo
sudo
sudo
sudo
sudo
sudo
sudo
sudo
sudo
cp
cp
cp
cp
cp
cp
cp
cp
cp
/usr/lib64/libbrscandec2.so.1.0.0 /usr/lib
/usr/lib64/sane/libsane-brother2.so.1.0.7 /usr/lib/sane
/usr/lib64/sane/libsane-brother2.so.1 /usr/lib/sane
/usr/lib64/sane/libsane-brother2.so /usr/lib/sane
/usr/lib64/libbrcolm2.so.1.0.1 /usr/lib
/usr/lib64/libbrcolm2.so /usr/lib
/usr/lib64/libbrscandec2.so.1 /usr/lib
/usr/lib64/libbrscandec2.so /usr/lib
/usr/lib64/libbrcolm2.so.1 /usr/lib
(As of Precise Pangolin 12.04 LTS my scanner is working using these steps.)
(These instructions are per this FAQ for (K)Ubuntu 9.10 to 11.04
/en/instruction_scn1c.html#u9.10) ):
Edit /lib/udev/rules.d/40-libsane.rules:
sudo kate /lib/udev/rules.d/40-libsane.rules
and add either (the second one is for the MFC-7820N specifically, which I used, whereas
the first one is generic for all Brother scanners):
# Brother scanners
ATTRS{idVendor}=="04f9", ENV{libsane_matched}="yes"
or
# Brother 7820N scanner
ATTRS{idVendor}=="04f9", ATTRS{idProduct}=="0181", ENV{libsane_matched}="yes"
then reboot.
255 of 265
Install a scanning utility, such as Xsane:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
then start it:
Menu -> Applications -> Graphics -> Xsane Image Scanner
Scan a sample image using the Scan button. If it works then setup is complete.
Scanning utilities
There are many utilities for use with scanning.
Xsane
Xsane is the standard scanning utility for Linux. Install:
gscan2pdf
Gscan2pdf scans directly to a PDF document. Install:
Tesseract
Tesseract is a command-line OCR. Install:
sudo apt-get install tesseract-ocr
Fax
If using a firewall, make sure traffic to the IP address of the scanner/printer (in my
example 192.168.0.125) is enabled.
Note: The next several steps may be accomplished in recent versions of (K)Ubuntu using
the single step:
sudo apt-get install brother-lpr-drivers-laser brother-cups-wrapper-laser
Install pre-requisites if using a 64-bit OS:
256 of 265
Create spool directory and Cups directory if they do not exist:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
sudo mkdir /var/spool/lpd
sudo mkdir /usr/share/cups/model
Download drivers and install them.
sudo
sudo
sudo
sudo
wget
wget
dpkg
dpkg
-O
-O
-i
-i
brfax_lpddriver.deb http://www.brother.com/pub/bsc/linux/dlf/brmfcfaxlpd-1.0.0-1.i386.deb
brfax_cupsdriver.deb http://www.brother.com/pub/bsc/linux/dlf/brmfcfaxcups-1.0.0-1.i386.deb
--force-all brfax_lpddriver.deb
--force-all brfax_cupsdriver.deb
Check to see if the driver is installed:
sudo dpkg -l | grep Brother
Copy the PPD files:
sudo cp /usr/share/cups/model/brfax_cups.ppd /usr/share/ppd
sudo /etc/init.d/cups restart
Secure the brfax CUPS filter file:
sudo chmod 755 /usr/lib/cups/filter/brfaxfilter
sudo /etc/init.d/cups restart
Check the CUPS settings to see if the BRFAX shows up as a listed printer (usually
with the Device URI of usb:/dev/usb/lp0). If it does, then you are done. If not, use
the next step to complete configuration.
Configure the Fax options through a web-browser interface:
http://localhost:631/printers
-> BRFAX -> Modify Printer -> Other network printers: LPD/LPR Host or Printer
(ticked) -> Continue
-> Connection: lpd://192.168.0.125/binary_p1 -> Continue
-> Description: BRFAX -> Location: Home network -> Continue
-> Make: Brother -> Continue -> Model: Current Driver - BRMFCFAX for CUPS
-> Modify Printer
Send a test fax to make sure the driver is functioning correctly:
brpcfax -o fax-number=(fax-number) (filename)
(Note: You will need Java installed to use brpcfax. The easiest way to install Java is to
install kubuntu-restricted-extras, which also installs other programs, or install
openjdk-6-jre alone:)
257 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
or, alternatively
sudo apt-get install openjdk-6-jre
Sending Faxes
The brpcfax utility only will send files in Postscript (.ps) format. The easiest way to
accomplish faxing is to create a Kubuntu menu item (in the Office submenu, for example)
entitled Send Fax with the Command: brpcfax sendfax.ps
Any program can then print to a file named sendfax.ps.
Starting the menu item will then invoke the brpcfax utility to send the file.
Associate brpcfax with Postscript files as an output option
This method entails associating Postscript files with the brpcfax utility.
K menu -> System -> System Settings -> Advanced -> File Associations -> Configure file
associations
-> application -> postscript -> Application preference order: Add
-> Select the program for the file type: brpcfax -P BRFAX -o PAPER=A4 -> Ok ->
Apply
Now any document saved as a Postscript (.ps) file can be faxed from the Dolphin (or
Nautilus) file manager. Right-click on the saved Postscript file and use the "Open With ->
brpcfax" option.
Sending faxes from Firefox
Print as a Postscript file.
Using the "Open With -> brpcfax" method as described in the preceding section, fax
the saved file from Dolphin (or Nautilus).
Sending faxes from OpenOffice
Run spadmin doing from the command-line interface terminal:
/usr/lib/openoffice/program/spadmin
258 of 265
-> New Printer -> Connect a fax device -> Next -> Use the following driver for this
fax connection: A specific driver, to adapt the format to another printer (ticked) ->
05/24/2012 08:14 AM
UbuntuGuide Part2 -
->Please select a suitable driver: Generic Printer (ticked) -> Please enter a command line
appropriate for this device:
/usr/bin/brpcfax -o fax-number=(PHONE)
-> Next -> Please enter a name for the fax connection: Fax printer -> Finish
Troubleshooting
ia32-libs allows 32-bit drivers to be used on 64-bit systems. Some printer drivers
are only available in 32-bit versions. If so, install ia32-libs first:
This is useful if your printer only has a 32-bit driver available (designated by i386 in the
name. 64-bit drivers are designated with amd64 or x86_64 in the name).
If you don't know whether your system is a 32-bit or 64-bit system:
uname -a
You should see either i386 or x86_64 somewhere in the result.
Introduction
Ubuntuguide, like Wikipedia and many other websites, uses MediaWiki. It is easy to
export pages in XML format and then import them into another wiki.
While the XML files may also be able to be imported to other wikis such as Moin Moin and
Twiki, I have not tried it. (I have edited recent versions of Ubuntuguide to be as
consistent as possible with both MediaWiki and Moin Moin formatting, but there are
subtle differences between the two so that I cannot guarantee compatibility with Moin
Moin).
Export Ubuntuguide wiki pages into an XML file
Examine the list of wiki pages available at Ubuntuguide:
Ubuntuguide -> Toolbox: Special Pages -> Lists of pages: All pages
Many of these pages will not be necessary for your private copy. Copy only the names of
the wiki pages files you wish to export. The recommended list is below.
259 of 265
Export the desired pages from Ubuntuguide as an XML export:
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Ubuntuguide wiki -> Toolbox: Special Pages -> Page tools: Export pages
(Note: This list of (English-language) wiki pages was accurate for the recent Precise
version. You may want to check all pages to see if something you want is missing from
this list.)
Ubuntu:All
Boot from a Live CD
Multiple OS Installation Jaunty
Lucid Multiple OS Installation
Android emulation
Email with PGP
Tor
Mail Server setup
Screencasts
Video Conversion
Video ripping tips
EBook Conversion
Transparent Image Backgrounds
Wink 64bit
Remastersys
Dynamic IP servers
FTP tips
Limit the user accounts that can connect through OpenSSH remotely
OpenVPN server
WebDAV
Ultimate Server Jaunty
Ultimate Server Jaunty with OpenVistA EHR
Ultimate Server Jaunty Customization
Ultimate Server Jaunty Customization_OV
Ultimate Server Lucid
Ultimate Server Lucid with OpenVistA EHR
Ultimate Server Lucid Customization
Ultimate Server Lucid Customization_OV
MediaWiki tips
Collections tips
PdfBook tips
Drupal6 tips
Old Drupal6 tips
Moodle tips
Fortune
DAViCal tips
DAViCal current version
BigBlueButton
WebHuddle tips
OpenVistA EHR
WorldVistA_EHR
WorldVistA tips
Skulltag tips
MFC-7820N
Upgrades
Ubuntuguide page lists
DefaultApplications
Main Page
Template:U All/Introduction
Template:Ubuntuguide core wikipages
Template:Ubuntuguide Jaunty wikipages
Template:Ubuntuguide Jauntycore wikipages
260 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Template:Ubuntuguide Karmic wikipages
Template:Ubuntuguide Karmiccore wikipages
Template:Ubuntuguide Lucid wikipages
Template:Ubuntuguide Lucidcore wikipages
Template:Ubuntuguide Natty wikipages
Template:Ubuntuguide Nattycore wikipages
Template:Ultimate Server Jaunty Core
Template:USJ Customize Core
Template:USJ Customize NewUser
Template:USJ Customize OV
Template:USJ Adjust SSH
Template:USJ New SSH Users
Template:USJ networking
Template:Ultimate Server Lucid Core
Template:USL Customize Core
Template:USL Customize NewUser
Template:USL Customize OV
Template:USL Adjust SSH
Template:USL New SSH Users
Template:USL networking
Template:OpenVistA EHR
Template:OpenVistA Server functions
Template:WorldVistA
Template:Licenses
Template:Android emulation
Template:Drupal BBB
Template:Moodle installation
Template:PartitionDesign
Template:WindowsPartitions
Template:U RegisterHeader
VirtualServers
Ubuntu:Precise
Template:U Precise/Administration
Template:U Precise/Introduction
Template:U Precise/General
Template:U Precise/OtherVersions
Template:U Precise/OtherResources
Template:U Precise/Installation
Template:U Precise/Repositories
Template:U Precise/Packages
Template:U Precise/DesktopAddons
Template:U Precise/Requests
Template:Precise/Virtualization
Template:U Precise/EdutainmentIntro
Template:Precise/Edutainment
Template:Precise/Games
Template:U Precise/Internet
Template:Precise/Videoconferencing
Template:U Precise/Privacy
Template:U Precise/ProprietaryExtras
Template:U Precise/Troubleshooting
Template:Precise/Graphics
Template:Precise/Screencapture
Template:Precise/Video
Template:Precise/Audio
Template:Precise/AudioVideoConversion
Template:U Precise/CD DVD
Template:U Precise/Music
Template:Precise/MediaCenters
Template:Precise/HomeAutomation
Template:Precise/Office
Template:Precise/Financial
Template:Precise/Groupware
Template:Precise/Wiki
Template:Precise/WebPublishing
Template:Precise/Maps
Template:Precise/Development
Template:Precise/Science
Template:Precise/MiscApps
Template:Precise/Utilities
Template:Precise/Backup
261 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Template:Precise/Hardware
Template:Precise/Networking
Template:Precise/NetworkAdmin
Template:Precise/Servers
-> Include only the current revision, not the full history (ticked) -> Offer to save as a
file: (ticked) -> Export -> Save file
-> Ubuntuguide-xxxxx.xml
Here is a list of the primary wiki pages for several different editions of Ubuntuguide.
Import the Ubuntuguide XML into a local wiki
Import the Ubuntuguide XML export file into the local wiki:
Local wiki -> log in -> Username: wikiadmin -> Password: wikiadminpassword ->
Log in
-> Special Pages -> Page Tools -> Import pages -> Browse -> Ubuntuguidexxxxx.xml -> Open -> Upload file
Edit the Main Page of the wiki and add a link to the online Ubuntuguide as well as
the imported copy:
*[[Ubuntu_Precise|Ubuntuguide Precise (local copy for editing)]]
*[http://ubuntuguide.org Ubuntuguide (online)]
The idea is to edit the locally stored Ubuntuguide as you customize your system. It can
also serve as a template and an example of how to use the MediaWiki wiki.
Edit the local copy of Ubuntuguide to hide irrelevant links. In MediaWiki, use the
 tags to comment out instructions or text that should not be
displayed. Example:
Ubuntuguide Precise (local copy for editing) -> edit ->

Can I do this?
Sure. Knock yourself out. This site is licensed under the Creative Commons AttributionNonCommercial-ShareAlike License (http://creativecommons.org/licenses/by-nc-sa/3.0/) ,
so you can take whatever you want, except for the name (which is and has been
reserved to this site for many years). Improve the site, if you can. Add pictures, videos,
or whatever.
If your wiki is (or will be) accessible publicly or from the Internet, just be sure to name
the site something other than Ubuntuguide or Ubuntu Guide (or anything
indistinguishable). Those are legally protected names specific to this site (and
trademarks are not open under the license).
262 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Community portal
Want a turn-key system with many of the free solutions featured in this guide installed
for your office, clinic, or small business?
Need customization, support, training, document integration, and integration with
existing computer systems?
We'll hold your hand.
Support sites
Check out our support site at Bidwell Healthcare Consulting
(http://ubuntudoctorsguild.dyndns.org/moodle) (demo Moodle site).
These sites/organisations have sponsored Ubuntuguide/Kubuntuguide in one way or the
other. If you would like to be a sponsor and advertise here, contact an administrator.
Wisdom
Of course, you could also do it yourself by installing your own Ultimate Server.
We are cups, constantly and quietly being filled.
The trick is knowing how to tip ourselves over
263 of 265
05/24/2012 08:14 AM
UbuntuGuide Part2 -
and let the beautiful stuff out.
About UbuntuGuide
This is the original UbuntuGuide. It is a straightforward guide for Ubuntu, the Unity and
Gnome desktop versions of Ubuntu. It was started in December 2005, just after the
release of Ubuntu Breezy Badger (in October 2005).
KubuntuGuide was started in June 2007 (and was maintained independently as
Kubuntuguide.org and then as Kubuntuguide.info). UbuntuGuide and KubuntuGuide were
merged on this site in 2012.
Parts of UbuntuGuide (http://ubuntuguide.org) (and KubuntuGuide
(http://ubuntuguide.org/wiki/Kubuntuguide) ) have been used in other Ubuntu / Kubuntu
documentation. It has long been edited by the user community, is updated frequently,
and has tips that are often tailored to each release of Ubuntu. There are many poor
imitations (including some who have copied the names UbuntuGuide and KubuntuGuide),
but none come close to the clarity and breadth of this guide.
(K)Ubuntuguide was forged by John Henry, edited by Perspectoff with the help of
Mediocre Fred, and maintains itself with the help of the Borg. Much of our philosophy
comes from Buckaroo Banzai, although there have been whispered rumours that
followers of Captain GnuBeard may lurk amongst our contributors.
It has been hosted at the Linux Center (http://translate.google.com/translate?hl=en&
ie=UTF-8&sl=auto&tl=en&u=http://linux.edu.lv/&prev=_t) of the University of Latvia
(http://www.lu.lv/eng/) for the past several years. Krampo keeps the site running on the
server.
There is no primary author of the site, though, as it is a collaborative wiki.
264 of 265
Please register and contribute!
05/24/2012 08:14 AM
UbuntuGuide Part2 -
Retrieved from "http://ubuntuguide.org/wiki/UbuntuGuide_Part2"
265 of 265
This page was last modified on 8 February 2012, at 01:04.
Content is available under Creative Commons Attribution-NonCommercialShareAlike License.
05/24/2012 08:14 AM
UbuntuGuide Part3 -
1 of 92
UbuntuGuide Part3
From
Contents
1 Ultimate Server Lucid K
1.1 Introduction
1.2 Install the base OS (Ubuntu Server 10.04 Lucid)
1.3 Add a Kubuntu desktop
1.4 Set networking parameters
1.5 Enable BIOS power-up
1.6 Install Firefox
1.7 Obtain an Internet URL
1.8 Adjust SSH for remote connections
1.9 Install the BigBlueButton teleconferencing system
1.10 Install the Firewall
1.11 Install Moodle
1.13 Import Kubuntuguide into your local wiki
1.14 Install Drupal6
1.15 Install ddclient
1.16 Add menu items for websites
1.17 Add Audacious audio player
1.18 Install DAViCal group calendar server
1.19 Allow Reverse proxies
1.20 Adding new SSH users
1.21 Add security scanners
1.22 Changing passwords and other customization
1.23 More Ultimate Servers
2 Ultimate Server Lucid Customization
2.4 Configure ddclient
2.5 Change important passwords
2.6 Customize BigBlueButton
2.7 Customize Moodle
2.8 Customize MediaWiki
2.9 Customize Drupal
2.10 Customize DAViCal
05/24/2012 08:16 AM
UbuntuGuide Part3 -
2 of 92
2.13 Inactivate old users
2.14 Change hostname (optional)
3 Ultimate Server Lucid K with OpenVistA EHR
3.1 Introduction
3.2 Install the base OS (Ubuntu Server 10.04 Lucid)
3.3 Add a Kubuntu desktop
3.6 Install Firefox
3.9 Install the BigBlueButton teleconferencing system
3.10 Install the Firewall
3.11 Install Moodle
3.13 Import Kubuntuguide into your local wiki
3.14 Install Drupal6
3.15 Install ddclient
3.16 Add menu items for websites
3.17 Add Audacious audio player
3.18 Install DAViCal group calendar server
3.19 Allow Reverse proxies
3.21 Add security scanners
3.22 Install an EHR (Electronic Health Record) system
3.22.1 Install OpenVistA server
3.22.2 Install OpenVistA-CIS Linux client
3.22.2.1 Connecting through an SSH tunnel
3.22.3 Adjust Login Manager IDs
3.23 Changing passwords and other customization
4 OpenVistA EHR
4.1 Install pre-requisites
4.4 Install an EHR (Electronic Health Record) system
4.4.1 Install OpenVistA server
4.4.2 Install OpenVistA-CIS Linux client
4.4.2.1 Connecting through an SSH tunnel
4.4.3 Adjust Login Manager IDs
4.5 VistA Server functions
4.7 Other resources
5 WorldVistA tips
05/24/2012 08:16 AM
UbuntuGuide Part3 -
3 of 92
Ultimate Server Lucid K
Introduction
This walkthrough is for (K)Ubuntu Lucid 10.04 (32-bit or 64-bit) because the
BigBlueButton teleconferencing server requires either Lucid 10.04 (32-bit or 64-bit) or
Jaunty 9.04 (32-bit only).
The software updater may prompt you to upgrade the distribution to a newer release
(e.g. to Maverick 10.10). This is not recommended because BigBlueButton may then stop
functioning properly.
All variables that can be (and usually ought to be) changed are noted in italics. Do not
attempt to use any italicized variable exactly as written; all of them are fictitious and will
not work (especially for web services)! Create your own variable in place of the italicized
one.
Furthermore, this website is viewed by over 20,000 users per month. Don't attempt to
use any of the example passwords used here (that would be highly insecure). Create
your own passwords.
Install the base OS (Ubuntu Server 10.04 Lucid)
Shrink the Windows Partition. For Windows Vista and Windows 7 computers, use
Perfect Disk Trial edition (http://www.perfectdisk.com/products/home-perfectdisk11home-premium/free-trial) . See this tutorial (http://www.howtogeek.com/howto
/windows-vista/working-around-windows-vistas-shrink-volume-inadequacyproblems/) .
Partition the hard drive. Use this Multiple OS Installation scheme. The GParted utility
can be found on the Ubuntu Desktop LiveCD (but not the Kubuntu Desktop LiveCD)
or a GParted LiveCD can be downloaded and used directly.
Onto another computer, download and burn Ubuntu Server Lucid 10.04
(http://releases.ubuntu.com/lucid/) . (See this tutorial (https://help.ubuntu.com
/community/BurningIsoHowto) for instructions on burning the CD.)
Install Ubuntu Lucid Server (32-bit or 64-bit) into its own partition. If you followed
the Multiple OS Installation scheme, then the Windows OS will be in partition 1 (and
possibly 2, if you have a recovery partition), the /boot partition will be in partition 3,
and partition 4 will be an extended partition. The extended partition ought to have
been divided into a 2 Gb swap logical partition and 2 equally sized logical partitions
for Linux (one for a production partition and one as a test/upgrade partition).
For installation it is best if the computer is connected to the Internet by a wired
ethernet connection.
Hostname: Lucid64Server00
05/24/2012 08:16 AM
UbuntuGuide Part3 -
4 of 92
Partitioning: Manual
Choose the partition created for the new Lucid operating system (e.g.
/dev/sda6). Use as: Ext4 journaling file system -> Format the partition: yes,
format it -> Mount point: / - the root file system -> Done setting up the
partition -> Finish partitioning and write changes to disk -> Write changes to
disk?: Yes
During the Ubuntu Server installation, install the LAMP server and OpenSSH servers
and the PostgreSQL database. Record the system administrator ID/password and the
MySQL root (superuser) password. Note the partition name and number (e.g.
/dev/sda6).
Full name for the new user: Lucidadmin00 -> Username for your account:
lucidadmin00 -> Choose a password for the new user: lucidword00
(Note: You could also generate a random password and use it here. Just be sure
to record it in an accessible location.)
Note: You could also install the LAMP server stack, the OpenSSH server, or the
PostgreSQL database at a later time using the menu-driven installation system:
sudo tasksel
Encrypt your home directory: No (this is optional, but on this system the
primary user's home directory is not used much so there is little need to
encrypt it.)
HTTP proxy information -- this is used if your organization has a firewall or
other gateway to the outside Internet. A network administrator will have the
information for this. Most small businesses will not have such a gateway and it
can be left blank, in this case.
How do you want to install updates...? No automatic updates
This is, of course, user preference. However, updates are sometimes sent out before they
are completely tested with all hardware, which can cause problems with very new or
very old hardware. Some systems can be brought to a halt by automatic updates,
especially updates of the Linux kernel.
For this reason, complete manual control of updates is highly recommended (on
production systems). In fact, many users routinely run two parallel systems (a test
system and a production system) and install updates on the test system first (in order to
make sure all updates work properly) prior to installing the updates on the production
system. This practice is extremely important to ensuring stability on critical systems and
servers.
Choose software to install:
LAMP server (ticked) -> OpenSSH server (ticked) -> PostgreSQL database
05/24/2012 08:16 AM
UbuntuGuide Part3 -
5 of 92
New password for the MySQL "root" user: lucidsql00
(Note: You could also generate a random password and use it here. Just be sure to
record it in an accessible location.)
Install the GRUB boot loader to the master boot record? No -> Device for boot
loader installation: /dev/sda6
Note: this assumes a /boot partition and multiple partitions. Under the general
scheme above, the first free partition will usually be /dev/sda6, but if you
already have other OSs or other peculiarities, take extra care during this step.
This is the trickiest step of the installation. It is important to set up the Master Boot
Loader to recognize the new partition. Re-read the Multiple OS Installation tutorial
very carefully and completely. In short, the bootloader needs to be copied to the
/boot partition (usually /dev/sda3) and customized there so that it chainloads the
bootloader installed locally in your new OS partition (e.g. /dev/sda6). Once this is
set up correctly, reboot and the menu will allow booting into the new OS.
Login for the first time.
Lucid64Server00: lucidadmin00
Password: lucidword00
Shorten the boot time:
Change the timeout value:
GRUB_TIMEOUT=1
(Note: Save the changes with CTRL-O then CTRL-X.)
Update the system.
sudo
sudo
sudo
sudo
apt-get update
apt-get upgrade
apt-get install build-essential dkms
reboot
Older versions of (K)Ubuntu (Jaunty and earlier) also required:
05/24/2012 08:16 AM
UbuntuGuide Part3 -
6 of 92
sudo reboot
Note: This step was also previously required after every kernel upgrade (as is done
automatically if you have enabled automatic updates). If graphics aren't working for any
reason, try making sure the headers are installed correctly and updating again.
Install the password generator for use with the remainder of the installation.
Many users also generate a password for the root superuser at this time:
sudo passwd root
Add a Kubuntu desktop
Install a Kubuntu desktop.
Note: The end user can also install the restricted extras:
Reboot the system:
sudo reboot
Once the Kubuntu desktop has been installed, all commands can then be entered
into the command-line terminal Konsole:
Menu -> System -> Konsole
Note: Kubuntu Jaunty included an (automatic) kernel upgrade that at some point
disabled the Nvidia graphics drivers (on computers with Nvidia graphics). If this
happens for your system, the desktop will be unable to start at bootup and only the
command-line will be presented. To correct this problem, merely install the linuxheaders again:
sudo reboot
then the Nvidia graphics drivers should install correctly and the desktop will start
normally.
05/24/2012 08:16 AM
UbuntuGuide Part3 -
7 of 92
Set networking parameters
Set a static IP address for your server.
sudo gedit /etc/network/interfaces
and edit the lines to resemble:
# iface eth0 inet dhcp
#
address 192.168.0.99
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
and restart networking:
Enable BIOS power-up
Power failures happen. It is possible to change the BIOS settings so that after a power
failure the computer will automatically powerup and restart to the default OS (as set in
the bootloader configuration). This is a critical function for servers. At bootup, enter the
BIOS menu using whichevever key is appropriate for your computer's BIOS:
[F2], [F1], [F10], or [DEL] -> Power Management Setup -> PowerOn After Pwr-Fail:
On -> Save -> Reboot
Install Firefox
Install Firefox:
This can also be done from the Kubuntu desktop menu:
Menu -> Internet -> Install Firefox Web Browser
Start Firefox and install security add-ons:
Firefox -> Tools -> Add-ons -> Get Add-ons -> NoScript -> Add to Firefox ->
Install
Firefox -> Tools -> Add-ons -> Get Add-ons -> AdBlock Plus -> Add to Firefox ->
Install
05/24/2012 08:16 AM
UbuntuGuide Part3 -
8 of 92
Add a menu item/shortcut to this guide (to enable copying and pasting of the
remaining commands directly from the guide) and to the customization guide:
Kubuntuguide (Ultimate Server Walkthrough) -- firefox http://kubuntuguide.org
/Ultimate_Server_Lucid_K
Ultimate Server Customization (Kubuntuguide) -- firefox
http://kubuntuguide.org/Ubuntu_Server_Lucid_Customization_OV
Obtain an Internet URL
If a static Internet URL is not available, obtain a dynamic DNS URL. (This must be
changed for each OS installation, as it is specific to that installation).
Create an email account for administrative use with this server, such as at mail.com
(http://www.mail.com) , mail.google.com, or mail.yahoo.com.
([email protected] / mylucidword000 / 1/1/01 / securityquestionanswer)
Create a DynDNS account for use with this server, at DynDNS.org
(http://www.dyndns.com) . (myluciddnsid / myluciddnsword /
[email protected])
In this walkthrough, several URLs are used. It is possible to create all of them at once at
this stage:
mylucid00.dyndns.org
mylucidbbb00.dyndns.org
mylucidmoodle00.dyndns.org
mylucidwiki00.dyndns.org
mylucidweb00.dyndns.org
DynDNS allows 5 free URLs. After installation has been completed, I generally
remove mylucidweb00.dyndns.org and create mylucidcalendar00.dyndns.org (for
use with DAViCal) instead.
Adjust SSH for remote connections
If the OpenSSH server was not installed on your server at initial installation, it can
be installed now.
The default SSH port is 22, but this may conflict with other SSH servers on your
network. Change the SSH port to a custom port. Also disallow password-based
logins, for now, to prevent unauthorized logins. See this tutorial.
sudo gedit /etc/ssh/sshd_config
change the listening port:
05/24/2012 08:16 AM
UbuntuGuide Part3 -
9 of 92
Port 22199
and disallow Password-based authentication by changing the line::
to
Make sure the OpenSSH server knows that it must look for the authorized_keys
file. Uncomment the line:
AuthorizedKeysFile %h/.ssh/authorized_keys
Make sure the router forwards the selected listening port (e.g. 22199) to the IP
address (e.g. 192.168.0.99) of the server.
Install X11VNC:
Add an X11VNC Server menu item with the command:
x11vnc --forever
-> Place in system tray (ticked)
Create an SSH keypair for automated login:
Generate a key pair (by default, a 2048-bit RSA key pair is created):
ssh-keygen
Accept the default location for the key file ( /home/user/.ssh/id_rsa ).
Leave the passphrase empty
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Make sure the directory /home/serveruser/.ssh exists; if not, create one using:
mkdir ~/.ssh
(In this instance, user = serveruser = lucidadmin00, so the folder
/home/lucidadmin00/.ssh ought to already exist).
Make sure that a file named authorized_keys (with write privileges) is in that folder. If
not, create such a file (using the touch command to create an empty file) while logged
into the server as serveruser (i.e. lucidadmin00):
cd ~/.ssh
Concatenate the newly-generated id_rsa.pub key to the authorized_keys file:
cd ~/.ssh
Create a test connection:
Start the X11VNC Server (as above)
Connect VNC through the SSH tunnel with the commands:
ssh -l lucidadmin00 -L 5900:127.0.0.1:5900 mylucid00.dyndns.org -p 22199
vinagre vnc://127.0.0.1
or with a single-line command (which can be placed in a Menu item / shortcut):
ssh -f -l lucidadmin00 -L 5900:127.0.0.1:5900 mylucid00.dyndns.org -p 22199 sleep 5; vinagre vnc://127.0.0.1
Note: vinagre -- fullscreen vnc://127.0.0.1 will start the VNC connection in fullscreen
mode (but should only be used when connecting from other computers).
Install the BigBlueButton teleconferencing system
Read this BigBlueButton tutorial. Also see this demo site
(http://demo.bigbluebutton.org/) .
Create a BigBlueButton URL for use with your server, e.g. mylucidbbb00.dyndns.org
DYNDns.com account -> Add Host Services -> ...
Change the Apache listening port during BigBlueButton installation.
10 of 92
sudo kate /etc/apache2/ports.conf
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Change the port value:
Listen 82
Restart Apache 2:
Make sure the Universe Repositories are enabled.
Obtain and install (http://code.google.com/p/bigbluebutton
/wiki/InstallationUbuntu#Installing_BigBlueButton_using_Ubuntu_Packages) the
BigBlueButton teleconferencing server:
wget
sudo
echo
sudo
sudo
http://archive.bigbluebutton.org/bigbluebutton.asc
apt-key add bigbluebutton.asc
"deb http://archive.bigbluebutton.org/lucid bigbluebutton-lucid main" | sudo tee /etc/apt/sources.list.d/bigbluebut
apt-get update
apt-get install asterisk bigbluebutton
During installation, enter the MySQL "root" user password when prompted:
lucidsql00
On the router, forward ports 81, 1935, 9123 to the LAN IP address of the BBB server
(e.g. 192.168.0.99).
Edit the Nginx webserver configuration file used for BigBlueButton:
and change the listening port:
listen 81;
Repeat for the default Nginx configuration file:
11 of 92
listen 81;
then restart Nginx:
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Configure the other BBB server components to run on port 81. Use the URL
(mylucidbbb00.dyndns.org) that was setup at DYNDns.org:
sudo bbb-conf --setip mylucidbbb00.dyndns.org:81
Change the Apache port back to 80:
Listen 80
Restart Apache 2:
Add a menu item/shortcut to the BBB server:
MyLucid BigBlueButton (Teleconferencing) -- firefox
http://mylucidbbb00.dyndns.org:81
Install the Firewall
Add Firestarter firewall:
Start Firestarter:
Menu -> Internet -> Firestarter
and allow the incoming (inbound) and outgoing (outbound) ports:
80, 443, 81, 9123, 1935, 22199
Each port must be separately added as a rule for inbound and outbound traffic. For
example, to enable port 80:
12 of 92
Firestarter -> Policy -> Editing: Inbound traffic policy -> Allow service (right click on
white box) -> Add rule -> Port: 80 -> When the source is: Anyone -> Add -> Apply
Policy
05/24/2012 08:16 AM
UbuntuGuide Part3 -
and
whitelist traffic -> Allow service (right click on white box) -> Add rule -> Port: 80 ->
When the source is: Firewall host -> Add -> Apply Policy
(Note: It is pointed out to me repeatedly that Firestarter is not being currently
updated. However, Firestarter is not the actual firewall. iptables is, and iptables is
continually updated as part of the Linux kernel. Firestarter is merely an easy-to-use
front-end for editing the iptables rules that has been stable for a long time. Other
choices for this task include ufw/gufw (which is markedly more difficult to use, IMO).
This is completely an area of user preference. The instructions above for Firestarter
are not easily transferable to ufw/gufw.)
Install Moodle
Read this Moodle tutorial. Also see this demo site
(http://ubuntudoctorsguild.dyndns.org/moodle/) .
If the LAMP server stack has not been previously installed, do it now. Make sure the
MySQL "root" user password (such as lucidsql00) that is created during this process
is recorded for future use.
Install:
Choose the mysql-server, since it is already installed.
Should access to this server be restricted to localhost? No
Is your FQDN correct? Yes (don't worry whether it is or isn't -- this can be
adjusted later)
Should https be required to access this Moodle server? No
Should a default database be created for Moodle on localhost? Yes
root's MySQL password: lucidsql00
Moodle database password: mylucidmoodleword00
Edit the Moodle configuration file:
so that the FQDN (in this case the URL) is correctly noted:
13 of 92
$CFG->wwwroot = 'http://mylucid00.dyndns.org/moodle';
Finish installation by logging in to the Moodle server at http://localhost/moodle
05/24/2012 08:16 AM
UbuntuGuide Part3 -
/admin or:
http://mylucid00.dyndns.org/moodle/admin -> Unattended installation? (ticked)
Admin user: mylucid00admin
Admin password: mylucid00word
Admin e-mail: [email protected]
City: MyTown
Site name: My Lucid Moodle 00
Add the BigBlueButton API:
sudo
sudo
sudo
sudo
sudo
sudo
sudo
sudo
wget http://www.dualcode.com/bigbluebutton/bigbluebutton.zip
unzip bigbluebutton.zip
mkdir /usr/share/moodle/mod/bigbluebutton
cp -r bigbluebutton/mod/bigbluebutton/* /usr/share/moodle/mod/bigbluebutton/
cp -r bigbluebutton/lang/* /usr/share/moodle/lang/
rm bigbluebutton.zip
rm -r bigbluebutton/*
rmdir bigbluebutton
-> Input the IP address/URL of your BigBlueButton server
(mylucidbbb00.dyndns.org:81). Do not enter the leading http:// .
found it at /var/lib/tomcat6/webapps/bigbluebutton/WEB-INF/classes
/bigbluebutton.properties:
sudo kate /var/lib/tomcat6/webapps/bigbluebutton/WEB-INF/classes/bigbluebutton.properties
14 of 92
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Add a menu item / shortcut to the Moodle server:
My Lucid Moodle (Teaching site) -- firefox http://mylucid00.dyndns.org/moodle
Install MediaWiki
Read this MediaWiki tutorial. Also see this demo site
(http://ubuntudoctorsguild.dyndns.org) .
Two separate wikis are created. One will be for private internal usage and one for a
public audience.
Create an additional URLs (Add Host) at DynDNS.com: mylucidwiki00.dyndns.org.
Install MediaWiki:
Create a folder for each subsite (in this example named private and public.
sudo mkdir /etc/mediawiki/private
sudo mkdir /etc/mediawiki/public
Create an upload folder for images in each subwiki folder:
sudo mkdir /etc/mediawiki/private/images
sudo mkdir /etc/mediawiki/public/images
Copy a 135x135 image that you wish to use as a wiki logo (in the upper left corner)
into the /etc/mediawiki/subwiki/images folder for each subwiki, naming it
WikiLogo.png there. For example:
15 of 92
sudo cp ~/Pictures/mybestpic135.png /etc/mediawiki/public/images/WikiLogo.png
sudo cp ~/Pictures/mysecondbestpic135.png /etc/mediawiki/private/images/WikiLogo.png
The images folders should belong to the group www-data, and the group should
have "Can View & Modify Content" permissions.
05/24/2012 08:16 AM
UbuntuGuide Part3 -
sudo
sudo
sudo
sudo
chown
chown
chmod
chmod
root:www-data /etc/mediawiki/private/images
root:www-data /etc/mediawiki/public/images
774 /etc/mediawiki/private/images
774 /etc/mediawiki/public/images
Restart apache2:
Run/install MediaWiki from the web browser by logging into:
firefox http://localhost/mediawiki
Wiki name: My Lucid Wiki (Private)
Admin username: mylucid00admin -> Password: mylucid00word
E-mail features (all): disabled
mylucid00wikipriv -> DB username: mylucid00priv -> DB password:
mylucid00privword -> Superuser account: Use superuser account (ticked) ->
Superuser name: root -> Superuser password: lucidsql00 -> Database table
prefix: mylucid00prv_
the original):
sudo cp /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki/private
sudo mv /var/lib/mediawiki/config/LocalSettings.php /var/lib/mediawiki/config/LocalSettings_mylucid00private_install.php
Repeat the MediaWiki installation from the web browser by again logging into:
16 of 92
Wiki name: My Lucid Wiki (Public)
05/24/2012 08:16 AM
UbuntuGuide Part3 -
mylucid00wikipub -> DB username: mylucid00pub -> DB password:
mylucid00pubword -> Superuser account: Use superuser account (ticked) ->
prefix: mylucid00pub_
the original):
sudo cp /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki/public
sudo mv /var/lib/mediawiki/config/LocalSettings.php /var/lib/mediawiki/config/LocalSettings_mylucid00public_install.php
Edit your configuration variables:
sudo kate /etc/mediawiki/private/LocalSettings.php
sudo kate /etc/mediawiki/public/LocalSettings.php
similar lines that already exist in the file and substituting private or public where
appropriate:
17 of 92
#
#$wgScriptPath
= "/mediawiki";
$wgScriptPath
= "/private";
$wgLogo
#
$wgUploadDirectory
= $_SERVER['DOCUMENT_ROOT'].'/private/images';
$wgUploadPath
#
$wgDBadminuser
= $wgDBuser;
$wgDBadminpassword
= $wgDBpassword;
#
#
#User restrictions
= false;
= false;
= true;
05/24/2012 08:16 AM
UbuntuGuide Part3 -
#
= false;
= false;
= false;
#
#Uploads rules
#$wgEnableUploads
= false;
$wgEnableUploads
= true;
= true;
= true;
$wgFileExtensions
#Not for Anonymous
= false;
= false;
= false;
= true;
= false;
#Sysops
= true;
= true;
#
#
#
#
= false;
# to true!
Make symbolic links from the Apache2 folder to the subwiki folders:
sudo mkdir /var/www/Wikis
sudo ln -s /etc/mediawiki/private /var/www/Wikis/private
sudo ln -s /etc/mediawiki/public /var/www/Wikis/public
18 of 92
sudo ln -s /usr/share/mediawiki/* /etc/mediawiki/private/.
sudo ln -s /usr/share/mediawiki/* /etc/mediawiki/public/.
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Create and edit an Apache2 configuration file (e.g. /etc/apache2/sites-available
/wikivirtualhost):
sudo kate /etc/apache2/sites-available/wikivirtualhost
<VirtualHost *:80>
#
DocumentRoot /var/www/Wikis
#
ServerName mylucidwiki00.dyndns.org
ServerAlias *.mylucidwiki00.dyndns.org
#
RewriteEngine On
RewriteCond %{REQUEST_URI} !^private*
RewriteCond %{REQUEST_URI} !^public*
RewriteRule
^/(/.*|)$ /public/$1 [R]
#
<Directory /var/www/Wikis>
#AllowOverride None
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>
RewriteEngine On
RewriteRule
^/(/.*|)$ /public/$1 [R]
after the server name, i.e. http://mylucidwiki00.dyndns.org/REQUEST_URI) does not
match private or public (the symbol ! means not), then use public as the default
directory.
symbolic link:
sudo ln -s /etc/apache2/sites-available/wikivirtualhost /etc/apache2/sites-enabled
Restart Apache:
19 of 92
The two sites will be available:
05/24/2012 08:16 AM
UbuntuGuide Part3 -
http://mylucidwiki00.dyndns.org or http://mylucidwiki00.dyndns.org/public
and
http://mylucidwiki00.dyndns.org/private
Add menu items / shortcuts to the Wiki(s):
My Lucid Wiki (Public) (MediaWiki) -- firefox http://mylucidwiki00.dyndns.org
and
My Lucid Wiki (Private) (MediaWiki) -- firefox http://mylucidwiki00.dyndns.org
/private
Import Kubuntuguide into your local wiki
Read this tutorial on importing Kubuntuguide into the local wiki.
Examine the list of wiki pages available at Kubuntuguide:
Kubuntuguide.org -> Toolbox: Special Pages -> All pages
Many of these pages will not be necessary for your private copy. Copy only the names of
the wiki pages files you wish to export. The recommended list is below.
Export the desired pages from Kubuntuguide as an XML export:
Kubuntuguide.org wiki -> Toolbox: Special Pages -> Export pages
(Note: This list of (English-language) wiki pages was accurate for the recent Lucid
version. You may want to check all pages to see if something you want is missing from
this list.)
20 of 92
All
Boot from a Live CD
Multiple OS Installation Jaunty
Lucid Multiple OS Installation
Android emulation
Dolphin file manager
Screencasts
Video Conversion
Video ripping tips
EBook Conversion
Transparent Image Backgrounds
Email with PGP
Tor
Kwooty
Mail Server setup
Wink 64bit
Remastersys
Dynamic IP servers
FTP tips
Limit the user accounts that can connect through OpenSSH remotely
OpenVPN server Jaunty
05/24/2012 08:16 AM
UbuntuGuide Part3 -
21 of 92
WebDAV
Ultimate Server Jaunty
Ultimate Server Jaunty K
Ultimate Server Jaunty with OpenVistA EHR
Ultimate Server Jaunty K with OpenVistA EHR
Ultimate Server Jaunty Customization
Ultimate Server Jaunty Customization OV
Ultimate Server Lucid K
Ultimate Server Lucid K with OpenVistA EHR
Ultimate Server Lucid Customization OV
MediaWiki tips
Collections tips
PdfBook tips
Drupal6 tips
Installing Drupal on a shared webhost
Old Drupal6 tips
Moodle tips
Fortune
DAViCal tips
DAViCal current version
BigBlueButton
WebHuddle tips
OpenVistA EHR
WorldVistA tips
Ubuntu-Med FAQ
Skulltag tips
MFC-7820N
Upgrades
Kubuntuguide XML exports
Kubuntuguide page lists
DefaultApplications
Main Page
Kubuntuguide
Template:K All/Introduction
Template:Kubuntuguide core wikipages
Template:Kubuntuguide Language wikipages
Template:Kubuntuguide Hardy wikipages
Template:Kubuntuguide Hardycore wikipages
Template:Kubuntuguide HardyLanguages
Template:Kubuntuguide Jaunty wikipages
Template:Kubuntuguide Jauntycore wikipages
Template:Kubuntuguide JauntyLanguages
Template:Kubuntuguide Karmic wikipages
Template:Kubuntuguide Karmiccore wikipages
Template:Kubuntuguide KarmicLanguages
Template:Kubuntuguide Lucid wikipages
Template:Kubuntuguide Lucidcore wikipages
Template:Kubuntuguide LucidLanguages
Template:Kubuntuguide Maverick wikipages
Template:Kubuntuguide Maverickcore wikipages
Template:Kubuntuguide MaverickLanguages
Template:Ultimate Server Jaunty Core
Template:USJ Customize Core
Template:USJ Customize NewUser
Template:USJ Customize OV
Template:USJ Adjust SSH
Template:USJ New SSH Users
Template:USJ networking
Template:Ultimate Server Lucid Core
Template:USL Customize Core
Template:USL Customize NewUser
Template:USL Customize OV
Template:USL Adjust SSH
Template:USL New SSH Users
Template:USL networking
Template:OpenVistA EHR
05/24/2012 08:16 AM
UbuntuGuide Part3 -
22 of 92
Template:OpenVistA Server functions
Template:Android emulation
Template:WorldVistA
Template:Licenses
Template:Drupal BBB
Template:Moodle installation
Template:PartitionDesign
Template:WindowsPartitions
Template:Dolphin file manager
Template:K RegisterHeader
VirtualServers
Lucid
Template:K Lucid/Administration
Template:K Lucid/Introduction
Template:K Lucid/General
Template:K Lucid/OtherVersions
Template:K Lucid/OtherResources
Template:K Lucid/Installation
Template:K Lucid/Repositories
Template:K Lucid/Packages
Template:K Lucid/DesktopAddons
Template:K Lucid/Requests
Template:Lucid/Virtualization
Template:K Lucid/EdutainmentIntro
Template:Lucid/Edutainment
Template:Lucid/Games
Template:K Lucid/Internet
Template:Lucid/Videoconferencing
Template:K Lucid/Privacy
Template:K Lucid/ProprietaryExtras
Template:K Lucid/Troubleshooting
Template:K Lucid/Graphics
Template:Lucid/Screencapture
Template:Lucid/Video
Template:Lucid/Audio
Template:Lucid/AudioVideoConversion
Template:K Lucid/CD DVD
Template:K Lucid/Music
Template:Lucid/MediaCenters
Template:Lucid/HomeAutomation
Template:Lucid/Office
Template:Lucid/Financial
Template:Lucid/Groupware
Template:Lucid/Wiki
Template:Lucid/WebPublishing
Template:K Lucid/Maps
Template:Lucid/Development
Template:Lucid/Science
Template:Lucid/MiscApps
Template:K Lucid/Utilities
Template:Lucid/Backup
Template:Lucid/Hardware
Template:Lucid/Networking
Template:Lucid/NetworkAdmin
Template:Lucid/Servers
-> Include only the current revision, not the full history (ticked) -> Offer to save as a
file: (ticked) -> Export -> Save file
-> Kubuntuguide-xxxxx.xml
Import the Kubuntuguide XML export file into the local wiki:
Local wiki -> log in -> Username: wikiadmin -> Password: wikiadminpassword ->
Log in
-> Special Pages -> Page Tools -> Import pages -> Browse -> Kubuntuguidexxxxx.xml -> Open -> Upload file
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Edit the Main Page of the wiki and add a link to the online Kubuntuguide as well as
the imported copy:
*[[Lucid|Kubuntuguide Lucid (local copy for editing)]]
*[http://kubuntuguide.org/Lucid Kubuntuguide Lucid (online)]
The idea is to edit the locally stored Kubuntuguide as you customize your system. It can
also serve as a template and an example of how to use the MediaWiki wiki.
Edit the local copy of Kubuntuguide to hide irrelevant links. In MediaWiki, use the
 tags to comment out instructions or text that should not be
displayed. Example:
Kubuntuguide Lucid (local copy for editing) -> edit ->

Install Drupal6
Read this Drupal6 tutorial. Also see this demo site
(http://www.vincentmazzarellamd.org/) .
Create two additional URLs (Add Hosts) at DynDNS.com: mylucid00.dyndns.org and
Install Drupal6 and the first website (mylucid00.dyndns.org).
Configure database for drupal6 with dbconfig-common? Yes
Database type to be used by Drupal6: mysql
Password of your database's administrative user: lucidsql00
MySQL application password for drupal6: mylucid00drupalword
Copy the /etc/drupal/6/sites/default folder to the first subsite (in this example
named mylucid00.dyndns.org).
23 of 92
sudo cp -r /etc/drupal/6/sites/default /etc/drupal/6/sites/mylucid00.dyndns.org
05/24/2012 08:16 AM
UbuntuGuide Part3 -
sudo
sudo
sudo
sudo
rm /etc/drupal/6/sites/mylucid00.dyndns.org/files
mkdir /etc/drupal/6/sites/mylucid00.dyndns.org/files
chown root:www-data /etc/drupal/6/sites/mylucid00.dyndns.org/files
chmod 774 /etc/drupal/6/sites/mylucid00.dyndns.org/files
the /etc/drupal/6/sites/mylucid00.dyndns.org/files folder, naming it WebLogo.png
there. For example:
sudo cp ~/Pictures/mybestpic110.png /etc/drupal/6/sites/mylucid00.dyndns.org/files/WebLogo.png
The permissions of the settings.php and dbconfig.php files must be unrestricted
during installation:
sudo chmod 777 /etc/drupal/6/sites/mylucid00.dyndns.org/settings.php
sudo chmod 777 /etc/drupal/6/sites/mylucid00.dyndns.org/dbconfig.php
Create a virtual host file for the new sites:
sudo kate /etc/apache2/sites-available/drupal6virtualhost
Add the lines:
#
#
#
<VirtualHost *:80>
#
ServerName mylucid00.dyndns.org
ServerAlias *.mylucid00.dyndns.org mylucid00.dyndns.org
RewriteEngine On
</VirtualHost>
#
<VirtualHost *:80>
#
ServerName mylucidweb00.dyndns.org
ServerAlias *.mylucidweb00.dyndns.org mylucidweb00.dyndns.org
RewriteEngine On
</VirtualHost>
symbolic link:
24 of 92
sudo ln -s /etc/apache2/sites-available/drupal6virtualhost /etc/apache2/sites-enabled
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Restart Apache:
Install the first website through the web browser:
firefox http://mylucid00.dyndns.org/install.php
Site Name: My Lucid 00
Site e-mail address: [email protected]
Administrator Account Username: mylucid00admin -> Password: mylucid00word
Clean URLs: Enabled
The permissions of the settings.php and dbconfig.php files must be restricted after
installation:
sudo chmod 744 /etc/drupal/6/sites/mylucid00.dyndns.org/settings.php
sudo chown root:www-data /etc/drupal/6/sites/mylucid00.dyndns.org/dbconfig.php
sudo chmod 740 /etc/drupal/6/sites/mylucid00.dyndns.org/dbconfig.php
While still logged in as an administrator, update the database:
http://mylucid00.dyndns.org/update.php
Now you will re-install a new database for each planned subsite.:
25 of 92
Re-install database for drupal6? Yes
Database type to be used by drupal6: mysql
Connection method for MySQL database of drupal6: unix socket
Name of your database's administrative user: root
Password of your database's administrative user: lucidsql00
username for drupal6: drupal6b
database name for drupal6: drupal6b
Copy the /etc/drupal/6/sites/default folder to the second subsite (in this example
named mylucidweb00.dyndns.org).
05/24/2012 08:16 AM
UbuntuGuide Part3 -
sudo cp -r /etc/drupal/6/sites/default /etc/drupal/6/sites/mylucidweb00.dyndns.org
sudo
sudo
sudo
sudo
rm /etc/drupal/6/sites/mylucidweb00.dyndns.org/files
mkdir /etc/drupal/6/sites/mylucidweb00.dyndns.org/files
chown root:www-data /etc/drupal/6/sites/mylucidweb00.dyndns.org/files
chmod 774 /etc/drupal/6/sites/mylucidweb00.dyndns.org/files
the /etc/drupal/6/sites/mylucidweb00.dyndns.org/files folder, naming it
WebLogo.png there. For example:
sudo cp ~/Pictures/mysecondbestpic110.png /etc/drupal/6/sites/mylucidweb00.dyndns.org/files/WebLogo.png
The permissions of the settings.php and dbconfig.php must be unrestricted during
installation:
sudo chmod 777 /etc/drupal/6/sites/mylucidweb00.dyndns.org/settings.php
sudo chmod 777 /etc/drupal/6/sites/mylucidweb00.dyndns.org/dbconfig.php
Install the second website through the web browser:
firefox http://mylucidweb00.dyndns.org/install.php
Site Name: My Lucid Web 00
Site e-mail address: [email protected]
Administrator Account Username: mylucid00admin -> Password: mylucid00word
Clean URLs: Enabled
The permissions of the settings.php and dbconfig.php files must be restricted after
installation:
26 of 92
sudo chmod 744 /etc/drupal/6/sites/mylucidweb00.dyndns.org/settings.php
sudo chown root:www-data /etc/drupal/6/sites/mylucidweb00.dyndns.org/dbconfig.php
sudo chmod 740 /etc/drupal/6/sites/mylucidweb00.dyndns.org/dbconfig.php
05/24/2012 08:16 AM
UbuntuGuide Part3 -
While still logged in as an administrator, update the database:
http://mylucidweb00.dyndns.org/update.php
This process can be repeated if desired (if enough URLs are available).
The two websites will be available from the web:
http://mylucid00.dyndns.org
and
http://mylucidweb00.dyndns.org
Set up the cron task for each site:
sudo crontab -e
And add the lines (with the nano editor, or the one you prefer):
45 * 18 * * /usr/bin/wget -O - -q -t 1 http://mylucid00.dyndns.org/cron.php
45 * 19 * * /usr/bin/wget -O - -q -t 1 http://mylucidweb00.dyndns.org/cron.php
this will run the scripts separately, at 45 minutes after the 1800 hour and the
1900 hour every day (each site at a different hour).
After all sites are installed, create an /etc/drupal/6/sites/all folder in which to store
shared modules and themes. Copy the folders:
sudo mkdir /etc/drupal/6/sites/all
sudo mkdir /etc/drupal/6/sites/all/modules
sudo mdkir /etc/drupal/6/sites/all/themes
and (optionally) make a directory for shared files:
sudo mkdir /etc/drupal/6/sites/all/files
sudo chmod 777 /etc/drupal/6/sites/all/files
then update each website again (while logged in as the administrator for each
website).
27 of 92
http://mylucidweb00.dyndns.org/update.php
Now read Drupal6 site building tips (http://kubuntuguide.org
/Drupal_site_building_tips) .
Change theme and add WebLogo:
Drupal -> Administer -> Themes -> Garland -> configure -> color set: Ash -> Logo
05/24/2012 08:16 AM
UbuntuGuide Part3 -
image settings -> Use the default logo: (unticked)
-> Path to custom logo: sites/mylucid00.dyndns.org/files/WebLogo.png
Add Ubercart online store.
Install PayPal cURL-php library pre-requisite (see this link (http://drupal.org
/node/511064) for more info):
Install the BigBlueButton videoconferencing server API (http://drupal.org
/project/bbb) (that is able to call the BBB server from within Drupal):
Note: Enable permissions for added modules update and adjust permissions
(http://kubuntuguide.org
/Drupal_site_building_tips#Enable_permissions_for_added_modules) after module
installation.
then update:
Drupal -> Site administration -> Site configuration -> BigBlueButton Conferencing
-> Base URL: http://mylucidbbb00.dyndns.org:81/bigbluebutton/
-> Change the Security Salt (found in a file called “bigbluebutton.properties” on the
BigBlueButton server). On my Ubuntu server I found it at /var/lib/tomcat6/webapps
/bigbluebutton/WEB-INF/classes/bigbluebutton.properties:
Copy the security salt number found in the setting:
28 of 92
-> Save configuration -> Test connection
05/24/2012 08:16 AM
UbuntuGuide Part3 -
type
Add a Welcome page and a link to public wiki
Drupal -> Create Content -> Page -> Welcome -> ... -> Promoted to front page
(ticked) -> Save
Drupal -> Administer -> Site building -> Menus -> Primary links -> Add item ->
Path: http://mylucidwiki00.dyndns.org/public -> Menu link title: My Lucid Wiki ->
Weight: 10 -> Save
Add menu items / shortcuts to the Drupal Website(s):
My Lucid Website (Public) (Drupal) -- firefox http://mylucid00.dyndns.org
and
My Lucid Website (Private) (Drupal) -- firefox http://mylucidweb00.dyndns.org
(Optionally) Install Token (http://drupal.org/project/token) and Ubercart
(http://drupal.org/project/ubercart) :
Note: You must Enable permissions for added modules update and adjust
permissions (http://kubuntuguide.org
/Drupal_site_building_tips#Enable_permissions_for_added_modules) after module
installation.
Drupal -> Administer -> Modules -> Ubercart -> select the Ubercart module
functions you intend to use
then update:
29 of 92
Read the Ubercart documentation (http://www.ubercart.org/docs/user
/8386/configuring_your_store) to set up your online store/services. Run:
Drupal -> Administer -> Store administration
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Further customize each website by installing the modules as detailed here.
Install ddclient
Install (see this tutorial):
sudo apt-get install ddclient
Dynamic DNS service provider: www.dyndns.com
DynDNS fully qualified domain names: mylucid00.dyndns.org,
mylucidweb00.dyndns.org, mylucidwiki00.dyndns.org, mylucidbbb00.dyndns.org,
Username for dynamic DNS service: myluciddnsid -> Password: myluciddnsword
Network interface (eth0, wlan0, etc.) used for dynamic DNS service: eth0
Edit the ddclient configuration file:
sudo kate /etc/ddclient.conf
#
#
daemon=3600
ssl=yes
protocol=dyndns2
#use=if, if=eth0
login=myluciddnsid
password=' myluciddnsword '
# mylucid00.dyndns.org,mylucidweb00.dyndns.org,mylucidwiki00.dyndns.org,mylucidbbb00.dyndns.org,mylucidmoodle00.dyndns.o
mylucid00.dyndns.org,mylucidcalendar00.dyndns.org,mylucidwiki00.dyndns.org,mylucidbbb00.dyndns.org,mylucidmoodle00.dyndn
Note: There are companies on the Internet other than DynDNS.com that provide
Dynamic DNS services as well (but several of them are very unreliable, in my
experience). DynDNS.com is one of the oldest and most stable. I have found it
convenient to forward my URLs (that I already had at other DNS providers) to the
DynDNS URLs created in this walkthrough. However, if your original DNS provider
supports reliable Dynamic DNS services, you may be able to get it to work with
ddclient as well. See the instructions in the tutorial.
Add menu items for websites
Add a menu item for each website:
30 of 92
My Lucid 00 (Drupal6 Website) -- firefox http://mylucid00.dyndns.org
05/24/2012 08:16 AM
UbuntuGuide Part3 -
My Lucid 00 Web (Drupal6 Website) -- firefox http://mylucidweb00.dyndns.org
My Lucid 00 BBB (BigBlueButton Teleconferencing) -- firefox
My Lucid 00 Wiki (Public) -- firefox http://mylucidwiki00.dyndns.org
My Lucid 00 Wiki (Private) -- firefox http://mylucidwiki00.dyndns.org/private
My Lucid 00 Moodle (Teaching site) -- firefox http://mylucidmoodle00.dyndns.org
Add Audacious audio player
This is an optional component. I use this to stream music from Shoutcast Internet
Radio to the office stereo system by plugging the computer output jack into the
office stereo input jack. Install:
sudo apt-get install audacious audacious-plugins
Change the Audacious audio to ALSA (unless you are willing to configure
PulseAudio) and use the classic skin:
Audacious -> Preferences -> Audio -> Current audio plugin: ALSA Output Plugin
-> Appearance -> Classic -> Close
Using the Menu Editor, create a menu item to Shoutcast Internet Radio with the
command:
firefox http://classic.shoutcast.com
Start Shoutcast Internet Radio and click on a radio station. When prompted for the
file association, choose Audacious:
"You have chose to open shoutcast-playlist.pls which is a: PLS file. What should
Firefox want do with this file?" -> Open with ... -> Browse -> File system... -> usr ->
bin -> audacious -> Open -> Do this automatically for files like this from now on:
(ticked) -> OK
Install DAViCal group calendar server
If a full groupware server (Kolab, eGroupware, or Zimbra) is to be installed, there is no
need for DaviCal. As a standalone group calendar server, though, it can't be beat.
Read these installation instructions.
Install the Sunbird calendaring client.
Allow Reverse proxies
If you have one LAN router that forwards all port 80 traffic to a single server yet you
have multiple physical servers on the LAN (each using their own set of URLs), then the
31 of 92
05/24/2012 08:16 AM
UbuntuGuide Part3 -
primary server (to which all port 80 traffic is sent) will have to act as a reverse proxy for
the other servers. This is accomplished through Apache2 reverse proxies. See this
tutorial.
Adding new SSH users
On the server, create a second user account (that guest users can use for SSH
purposes) with a password dissimilar to any other passwords (such as
mylucidguestpassword):
sudo
sudo
sudo
sudo
useradd -m mylucid00guest
passwd mylucid00guest
mkdir /home/mylucid00guest/.ssh
chmod 777 /home/mylucid00guest/.ssh
Allow OpenSSH Password Authentication temporarily. Edit the OpenSSH
configuration file:
and temporarily allow Password-based Authentication by changing the line:
to
PasswordAuthentication yes
From the new Linux user's client computer:
ssh-keygen
scp -P 22199 ~/.ssh/id_rsa.pub [email protected]:~/.ssh/id_rsa.pub
When prompted, of course, the guest password, mylucidguestpassword, should be
entered.
Back on the server (logged in as the administrator lucidadmin00), turn off the
OpenSSH Password Authentication again:
Change the line:
32 of 92
05/24/2012 08:16 AM
UbuntuGuide Part3 -
PasswordAuthentication yes
to
It is then usually best (for security reasons) to now change the guest password to
something completely different:
sudo passwd mylucid00guest
Copy the new id_rsa.pub key to the mylucid00admin folder and concatenate it to
the authorized_keys file there:
sudo cp /home/mylucid00guest/.ssh/id_rsa.pub /home/lucidadmin00/.ssh/id_rsaguest.pub
sudo chown -R lucidadmin00 /home/lucidadmin00
cd ~/.ssh
cat authorized_keys id_rsaguest.pub >> authorized_keys
Note: this new /home/lucidadmin00/.ssh/authorized_keys file should also be copied to
/home/client9260/.ssh/authorized_keys and /home/text9260/.ssh/authorized_keys as
detailed in the subsequent OpenVistA EHR section.
If Windows-based PuTTY SSH users are to be added to the system, then see this
tutorial. The SSH keys must be tweaked to be used with OpenSSH, copied to the
server, and then concatenated to the authorized_keys file in a similar fashion.
Add security scanners
Don't believe the hype about Linux being free from viruses, trojans, and rootkits.
They happen (although less common than in other operating systems). The biggest
risk comes from installing software from repositories other than official Ubuntu
repositories. Be careful. Here are some recommended security utilities:
KlamAV is the KDE/Kubuntu frontend for ClamAV anti-virus suite. Install:
33 of 92
sudo apt-get install klamav
Run:
Menu -> System -> KlamAV Anti-Virus Manager
Rkhunter is a rootkit hunter. Install and run:
05/24/2012 08:16 AM
UbuntuGuide Part3 -
sudo apt-get install rkhunter
sudo rkhunter
Chkrootkit is another rootkit hunter. Install and run:
sudo apt-get install chkrootkit
sudo ./chkrootkit
Changing passwords and other customization
See Ultimate Server Lucid Customization
More Ultimate Servers
Additional servers can be added to the preceding framework, of course. Here are some
examples:
Ultimate Server Lucid with OpenVistA EHR. The editor of Kubuntuguide is a surgeon
(http://www.vincentmazzarellamd.org) in Northern California, USA. Here is a
combination of the Ultimate Server with an open-source electronic health record,
OpenVistA.
These instructions ought to be followed for every installation method of the Ultimate
Server Lucid, except when installing using the step-by-step walkthrough. When
completed, a reasonably secure installation will have been achieved. The steps are
meant to be done in order, because some later steps are dependent on earlier steps.
These steps should take about 30 minutes to perform.
Change the computer's BIOS settings so that after a power failure the computer will
automatically powerup and restart to the default OS. (This is important for servers.)
At bootup, enter the BIOS menu using whichevever key is appropriate for your
computer's BIOS:
[F2], [F1], [F10], or [DEL] -> Power Management Setup -> PowerOn After
Pwr-Fail: On -> Save -> Reboot
34 of 92
Set the static IP address for your server. If your computer already has a static LAN IP
address assigned on your network, use it. Otherwise choose a static LAN IP address
that (preferably) is not part of the DHCP address range used by your router (or
05/24/2012 08:16 AM
UbuntuGuide Part3 -
DHCP server). (Use the gedit text editor instead of kate if using Ubuntu instead of
Kubuntu.)
#
address 192.168.0.99
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
35 of 92
Email:
Email address: [email protected] Password: mylucidword000 DOB: 1/1/01
Favorite question: securityquestionanswer
How to change:
Mail.com -> Sign in (email address/password) -> Settings -> Accounts ->
Change your Mail.com password -> Password: click here to change password
Note: These are examples only. You must obtain your own account and
password to use with the system. You can use a pre-established email account or
create a new one at Mail.com (https://signup.mail.com) , Gmail
(https://www.google.com/accounts/NewAccount?service=mail) , or Yahoo Mail
(http://mail.yahoo.com) .
Dynamic DNS:
ID: myluciddnsid Password: myluciddnsword Email: [email protected]
How to change:
DynDNS.com -> Log in (Username/Password) -> Account Settings: Change
Password
Note: These are examples only. You must obtain your own account and
password to use with the system. While several Dynamic DNS services are
available and can be used, the walkthrough instructions refer to DynDNS.com
(https://www.dyndns.com/account/entrance/) . Decide on a naming scheme for your
set of servers. The installation walkthrough uses mylucid00.dyndns.org,
05/24/2012 08:16 AM
UbuntuGuide Part3 -
mylucidbbb00.dyndns.org, mylucidmoodle00.dyndns.org,
mylucidwiki00.dyndns.org, mylucidcalendar00.dyndns.org, and
mylucidweb00.dyndns.org, but (obviously) these cannot be used for your system
and you must choose a new naming scheme.
DynDNS.com allows the creation five free domain name URLs, so choose your
naming scheme carefully and then create/activate the 5 URLs for your system at
DynDNS.com. For example:
clarkkent.dyndns.org, clarkkentbbb.dyndns.org, clarkkentmoodle.dyndns.org,
clarkkentwiki.dyndns.org, clarkkentcalendar.dyndns.org, and
clarkkentweb.dyndns.org.
Configure ddclient
Edit the ddclient configuration file (mandatory). (Use the gedit text editor instead
of kate if using Ubuntu instead of Kubuntu.):
sudo kate /etc/ddclient.conf
#
#
daemon=3600
ssl=yes
protocol=dyndns2
#use=if, if=eth0
login=clarkkent
password=' kryptonite '
# clarkkent.dyndns.org,clarkkentbbb.dyndns.org,clarkkentmoodle.dyndns.org,clarkkentwiki.dyndns.org,clarkkentweb.dyndns.o
clarkkent.dyndns.org,clarkkentbbb.dyndns.org,clarkkentmoodle.dyndns.org,clarkkentwiki.dyndns.org,clarkkentcalendar.dyndn
Clearly you must use your own login ID and password (created during signup at
DynDNS.com), and replace the server URL names with the ones that match your
naming scheme (and which you activated at DynDNS.com).
Change important passwords
System:
ID: lucidadmin00 Password: lucidword00
How to change (mandatory):
36 of 92
sudo passwd lucidadmin00
05/24/2012 08:16 AM
UbuntuGuide Part3 -
System guest:
ID: mylucid00guest Password: mylucidguestpassword
sudo passwd mylucid00guest
MySQL
ID: root Password: lucidsql00
How to change (recommended):
mysqladmin -u root --password=lucidsql00 password newrootsqlpw
If you have lost the MySQL root user password entirely, then see this solution
(http://www.cyberciti.biz/faq/lost-mysql-admin-password/) .
Customize BigBlueButton
Customize BigBlueButton:
If your chosen URL for the BigBlueButton is clarkkentbbb.dyndns.org, for example, then
sudo bbb-conf --setip clarkkentbbb.dyndns.org:81
Although optional, I highly recommend creating a new security salt (UUID) for
BigBlueButton. See these instructions.
Edit the menu item/shortcut to the BBB server:
Clark Kent's BigBlueButton (Teleconferencing) -- firefox
http://clarkkentbbb.dyndns.org:81
Make sure your router forwards ports 81, 9123, and 1935 to your server's LAN
IP address.
Customize Moodle
Customize Moodle:
Edit the Apache2 virtual host configuration file for the Moodle Server (use the
37 of 92
sudo kate /etc/apache2/sites-available/moodlevirtualhost
05/24/2012 08:16 AM
UbuntuGuide Part3 -
so that the contents resemble:
<VirtualHost *:80>
#
DocumentRoot /usr/share/moodle/
ServerName clarkkentmoodle.dyndns.org
ServerAlias www.clarkkentmoodle.dyndns.org clarkkentmoodle.dyndns.org
#RewriteEngine On
#RewriteOptions inherit
</VirtualHost>
Activate the new virtual host configuration:
Edit the Moodle configuration file (use the gedit text editor instead of kate if
$CFG->wwwroot = 'http://clarkkentmoodle.dyndns.org/moodle';
Login to the server (http://clarkkentmoodle.dyndns.org) and change the
primary admin password (and create a new user/password if desired):
ID: mylucid00admin Password: mylucid00word
Moodle -> Login (using ID/Password) -> Site Administration: Accounts:
Browse List of Users
-> MyLucid Admin -> Change password
Edit the menu item/shortcut to the Moodle server:
Clark Kent's Moodle (Online Teaching) -- firefox
http://clarkkentmoodle.dyndns.org
Customize MediaWiki
Customize MediaWiki:
Edit the Apache2 configuration file (e.g. /etc/apache2/sites-available
/wikivirtualhost). (Use the gedit text editor instead of kate if using Ubuntu
instead of Kubuntu.):
38 of 92
05/24/2012 08:16 AM
UbuntuGuide Part3 -
<VirtualHost *:80>
#
#
ServerName clarkkentwiki.dyndns.org
ServerAlias *.clarkkentwiki.dyndns.org
#
RewriteEngine On
RewriteRule
^/(/.*|)$ /public/$1 [R]
#
#AllowOverride None
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>
Change the password for each wiki individually by logging in separately
(http://clarkkent.dyndns.org/public and http://clarkkent.dyndns.org/private). The ID
and password are initially the same for both wikis (but this obviously can be
changed).
How to change (mandatory for each wiki):
MediaWiki -> Login (using ID/Password) -> my preferences -> Change
password
Edit the menu items / shortcuts to the Wiki(s):
Clark Kent's Wiki (Public) (MediaWiki) -- firefox http://clarkkentwiki.dyndns.org
and
Clark Kent's Wiki (Private) (MediaWiki) -- firefox http://clarkkentwiki.dyndns.org
/private
Customize Drupal
39 of 92
Customize the Drupal6 website(s):
Rename the website folders to correspond to your chosen URL naming scheme.
For example:
05/24/2012 08:16 AM
UbuntuGuide Part3 -
sudo mv /etc/drupal/6/sites/mylucid00.dyndns.org /etc/drupal/6/sites/clarkkent.dyndns.org
sudo mv /etc/drupal/6/sites/mylucidweb00.dyndns.org /etc/drupal/6/sites/clarkkentweb.dyndns.org
Edit the virtual host file for the new sites (use the gedit text editor instead of
sudo kate /etc/apache2/sites-available/drupal6virtualhost
#
#
#
<VirtualHost *:80>
#
ServerName clarkkent.dyndns.org
ServerAlias *.clarkkent.dyndns.org clarkkent.dyndns.org
RewriteEngine On
</VirtualHost>
#
<VirtualHost *:80>
#
ServerName clarkkentweb.dyndns.org
ServerAlias *.clarkkentweb.dyndns.org clarkkentweb.dyndns.org
RewriteEngine On
</VirtualHost>
Edit the cron task so that it reflects the new URLs correctly:
sudo crontab -e
And edit the lines (with the nano editor, or the one you prefer) so that they resemble:
40 of 92
45 * 18 * * /usr/bin/wget -O - -q -t 1 http://clarkkent.dyndns.org/cron.php
45 * 19 * * /usr/bin/wget -O - -q -t 1 http://clarkkentweb.dyndns.org/cron.php
Login to each website individually (http://clarkkent.dyndns.org and
http://clarkkentweb.dyndns.org) and adjust the admin user password and the
Theme settings. (Until you adjust the Theme settings, the graphics will not
display properly).
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Drupal6 -> Login (using ID/Password) -> My account -> Edit -> Password
change the Theme settings:
Drupal6 -> Administer -> Site building -> Themes -> Garland: configure ->
Path to custom logo: sites/clarkkent.dyndns.org/WebLogo.png
(Use clarkkentweb.dyndns.org when customizing the other website,
obviously.)
update the websites:
http://clarkkent.dyndns.org/update.php
http://clarkkentweb.dyndns.org/update.php
Note: DynDNS only allows 5 free URLs. If you have activated
clarkkentcalendar.dyndns.org as the 5th URL, you will not be able to connect through the
web to clarkkentweb.dyndns.org. However, it is possible to deactivate a URL on DynDNS,
create/activate a new URL, go through the customization steps using the activated URL,
then deactivate that URL (if is no longer desired) and reactivate the (previously
deactivated) desired one(s).
Edit the menu items / shortcuts to the Drupal Website(s):
Clark Kent's Website (Public) (Drupal) -- firefox http://clarkkent.dyndns.org
and
Clark Kent's Website (Private) (Drupal) -- firefox http://clarkkentweb.dyndns.org
Customize DAViCal
Customize the DAViCal Group Calendar:
Rename the configuration file to correspond to your chosen URL naming
scheme. For example:
sudo mv /etc/davical/mylucidcalendar00.dyndns.org-conf.php /etc/davical/clarkkentcalendar.dyndns.org-conf.php
Edit the virtualhost config file (use the gedit text editor instead of kate if using
sudo kate /etc/apache2/sites-available/mydavicalsite
so that these lines resemble:
41 of 92
#
<VirtualHost *:80>
ServerName clarkkentcalendar.dyndns.org
ServerAlias calendar.clarkkent.dyndns.org
05/24/2012 08:16 AM
UbuntuGuide Part3 -
AllowOverride None
Order allow,deny
Allow from all
</Directory>
php_value open_basedir 1
</VirtualHost>
Login to the calendar server (http://clarkkentcalendar.dyndns.org) and change
the admin password.
DAViCal Admin webpage -> login (User Name/Password) -> User
Functions: List Users
-> mylucid00admin -> Confirm password: (enter new password) -> Apply
changes
The usual default SSH port is 22, but in the Ultimate Server this has been changed
to port 22199. You can change it again, if you choose. Make sure your router
forwards traffic for the chosen port to your computer's LAN IP address (as set
above). (Use the gedit text editor instead of kate if using Ubuntu instead of
Kubuntu.)
Port 22199
42 of 92
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Remove the insecure SSH files distributed with the system and generate new ones:
sudo rm /home/lucidadmin00/.ssh/*
ssh-keygen
Accept the default location for the key file ( /home/lucidadmin00/.ssh/id_rsa ).
cd ~/.ssh
cd ~/.ssh
Adding new SSH users
Add a new user and change the password for that user (optional):
sudo useradd -m myownuserID
sudo passwd myownuserpw
Login using the new user ID to complete the installation.
Create an SSH keypair for automated login by the new user:
ssh-keygen
Accept the default location for the key file ( /home/myownuserID/.ssh/id_rsa ).
Make sure that a file named authorized_keys (with write privileges) is in the
/home/myownuserID/.ssh folder. If not, create such a file (using the "touch"
command to create an empty file) after logging into the server as myownuserID:
43 of 92
cd ~/.ssh
Alternatively, you can copy the original authorized_keys file from the
/etc/lucidadmin00/.ssh folder (as long as it has been revised and is not the original
insecure authorized_keys file distributed with the system). This is useful if you wish
to keep both the lucidadmin00 and myownuserID users.
05/24/2012 08:16 AM
UbuntuGuide Part3 -
sudo cp /home/lucidadmin00/.ssh/authorized_keys /home/myownuserID/.ssh/authorized_keys
sudo chown -R myownuserID /home/myownuserID
cd ~/.ssh
Inactivate old users
Inactivate old users (this is easiest from the GUI desktop once installation has been
completed):
Menu -> System -> KUser User Manager -> highlight userID -> Account disabled
(ticked)
If you merely wish to exclude a user from appearing on the Login screen:
Menu -> System -> System Settings -> Advanced -> Login Manager -> Users ->
tick the users to exclude from the Login screen
Change hostname (optional)
Discover the current hostname and the Fully Qualified Domain Name:
hostname
hostname --fqdn
I don't recommend changing the hostname, but it can be changed by editing
the /etc/hostname file and the /etc/hosts file (use the gedit text editor instead
of kate if using Ubuntu instead of Kubuntu)
sudo kate /etc/hostname
sudo kate /etc/hosts
It is not necessary for security reasons to change your hostname, and it is not
recommended especially if you have already been using the system for a while (as the
hostname can be used in several configuration files other than the two noted).
Ultimate Server Lucid K with OpenVistA
EHR
Introduction
44 of 92
05/24/2012 08:16 AM
UbuntuGuide Part3 -
This walkthrough is for (K)Ubuntu Lucid 10.04 (32-bit or 64-bit) because the
BigBlueButton teleconferencing server requires either Lucid 10.04 (32-bit or 64-bit) or
Jaunty 9.04 (32-bit only).
The software updater may prompt you to upgrade the distribution to a newer release
(e.g. to Maverick 10.10). This is not recommended because BigBlueButton may then stop
functioning properly.
All variables that can be (and usually ought to be) changed are noted in italics. Do not
attempt to use any italicized variable exactly as written; all of them are fictitious and will
not work (especially for web services)! Create your own variable in place of the italicized
one.
Furthermore, this website is viewed by over 20,000 users per month. Don't attempt to
use any of the example passwords used here (that would be highly insecure). Create
your own passwords.
Install the base OS (Ubuntu Server 10.04 Lucid)
45 of 92
Shrink the Windows Partition. For Windows Vista and Windows 7 computers, use
Perfect Disk Trial edition (http://www.perfectdisk.com/products/home-perfectdisk11home-premium/free-trial) . See this tutorial (http://www.howtogeek.com/howto
/windows-vista/working-around-windows-vistas-shrink-volume-inadequacyproblems/) .
Partition the hard drive. Use this Multiple OS Installation scheme. The GParted utility
can be found on the Ubuntu Desktop LiveCD (but not the Kubuntu Desktop LiveCD)
or a GParted LiveCD can be downloaded and used directly.
Onto another computer, download and burn Ubuntu Server Lucid 10.04
(http://releases.ubuntu.com/lucid/) . (See this tutorial (https://help.ubuntu.com
/community/BurningIsoHowto) for instructions on burning the CD.)
Install Ubuntu Lucid Server (32-bit or 64-bit) into its own partition. If you followed
the Multiple OS Installation scheme, then the Windows OS will be in partition 1 (and
possibly 2, if you have a recovery partition), the /boot partition will be in partition 3,
and partition 4 will be an extended partition. The extended partition ought to have
been divided into a 2 Gb swap logical partition and 2 equally sized logical partitions
for Linux (one for a production partition and one as a test/upgrade partition).
For installation it is best if the computer is connected to the Internet by a wired
ethernet connection.
Partitioning: Manual
Choose the partition created for the new Lucid operating system (e.g.
/dev/sda6). Use as: Ext4 journaling file system -> Format the partition: yes,
format it -> Mount point: / - the root file system -> Done setting up the
05/24/2012 08:16 AM
UbuntuGuide Part3 -
partition -> Finish partitioning and write changes to disk -> Write changes to
disk?: Yes
During the Ubuntu Server installation, install the LAMP server and OpenSSH servers
and the PostgreSQL database. Record the system administrator ID/password and the
MySQL root (superuser) password. Note the partition name and number (e.g.
/dev/sda6).
Full name for the new user: Lucidadmin00 -> Username for your account:
lucidadmin00 -> Choose a password for the new user: lucidword00
(Note: You could also generate a random password and use it here. Just be sure
to record it in an accessible location.)
Note: You could also install the LAMP server stack, the OpenSSH server, or the
PostgreSQL database at a later time using the menu-driven installation system:
sudo tasksel
Encrypt your home directory: No (this is optional, but on this system the
primary user's home directory is not used much so there is little need to
encrypt it.)
HTTP proxy information -- this is used if your organization has a firewall or
other gateway to the outside Internet. A network administrator will have the
information for this. Most small businesses will not have such a gateway and it
can be left blank, in this case.
How do you want to install updates...? No automatic updates
This is, of course, user preference. However, updates are sometimes sent out before they
are completely tested with all hardware, which can cause problems with very new or
very old hardware. Some systems can be brought to a halt by automatic updates,
especially updates of the Linux kernel.
For this reason, complete manual control of updates is highly recommended (on
production systems). In fact, many users routinely run two parallel systems (a test
system and a production system) and install updates on the test system first (in order to
make sure all updates work properly) prior to installing the updates on the production
system. This practice is extremely important to ensuring stability on critical systems and
servers.
46 of 92
Choose software to install:
LAMP server (ticked) -> OpenSSH server (ticked) -> PostgreSQL database
New password for the MySQL "root" user: lucidsql00
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Install the GRUB boot loader to the master boot record? No -> Device for boot
loader installation: /dev/sda6
Note: this assumes a /boot partition and multiple partitions. Under the general
scheme above, the first free partition will usually be /dev/sda6, but if you
already have other OSs or other peculiarities, take extra care during this step.
This is the trickiest step of the installation. It is important to set up the Master Boot
Loader to recognize the new partition. Re-read the Multiple OS Installation tutorial
very carefully and completely. In short, the bootloader needs to be copied to the
/boot partition (usually /dev/sda3) and customized there so that it chainloads the
bootloader installed locally in your new OS partition (e.g. /dev/sda6). Once this is
set up correctly, reboot and the menu will allow booting into the new OS.
Login for the first time.
Lucid64Server00: lucidadmin00
Password: lucidword00
Shorten the boot time:
Change the timeout value:
GRUB_TIMEOUT=1
(Note: Save the changes with CTRL-O then CTRL-X.)
Update the system.
sudo
sudo
sudo
sudo
apt-get update
apt-get upgrade
apt-get install build-essential dkms
reboot
Older versions of (K)Ubuntu (Jaunty and earlier) also required:
sudo reboot
Note: This step was also previously required after every kernel upgrade (as is done
automatically if you have enabled automatic updates). If graphics aren't working for any
reason, try making sure the headers are installed correctly and updating again.
47 of 92
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Install the password generator for use with the remainder of the installation.
Many users also generate a password for the root superuser at this time:
sudo passwd root
Add a Kubuntu desktop
Install a Kubuntu desktop.
Note: The end user can also install the restricted extras:
Reboot the system:
sudo reboot
Once the Kubuntu desktop has been installed, all commands can then be entered
into the command-line terminal Konsole:
Menu -> System -> Konsole
Note: Kubuntu Jaunty included an (automatic) kernel upgrade that at some point
disabled the Nvidia graphics drivers (on computers with Nvidia graphics). If this
happens for your system, the desktop will be unable to start at bootup and only the
command-line will be presented. To correct this problem, merely install the linuxheaders again:
sudo reboot
then the Nvidia graphics drivers should install correctly and the desktop will start
normally.
48 of 92
Set a static IP address for your server.
05/24/2012 08:16 AM
UbuntuGuide Part3 -
sudo gedit /etc/network/interfaces
#
address 192.168.0.99
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
Power failures happen. It is possible to change the BIOS settings so that after a power
failure the computer will automatically powerup and restart to the default OS (as set in
the bootloader configuration). This is a critical function for servers. At bootup, enter the
BIOS menu using whichevever key is appropriate for your computer's BIOS:
[F2], [F1], [F10], or [DEL] -> Power Management Setup -> PowerOn After Pwr-Fail:
On -> Save -> Reboot
Install Firefox
Install Firefox:
49 of 92
This can also be done from the Kubuntu desktop menu:
Menu -> Internet -> Install Firefox Web Browser
Start Firefox and install security add-ons:
Firefox -> Tools -> Add-ons -> Get Add-ons -> NoScript -> Add to Firefox ->
Install
Firefox -> Tools -> Add-ons -> Get Add-ons -> AdBlock Plus -> Add to Firefox ->
Install
Add a menu item/shortcut to this guide (to enable copying and pasting of the
remaining commands directly from the guide) and to the customization guide:
Kubuntuguide (Ultimate Server Walkthrough) -- firefox http://kubuntuguide.org
/Ultimate_Server_Lucid_K
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Ultimate Server Customization (Kubuntuguide) -- firefox
http://kubuntuguide.org/Ubuntu_Server_Lucid_Customization_OV
If a static Internet URL is not available, obtain a dynamic DNS URL. (This must be
changed for each OS installation, as it is specific to that installation).
Create an email account for administrative use with this server, such as at mail.com
(http://www.mail.com) , mail.google.com, or mail.yahoo.com.
([email protected] / mylucidword000 / 1/1/01 / securityquestionanswer)
Create a DynDNS account for use with this server, at DynDNS.org
(http://www.dyndns.com) . (myluciddnsid / myluciddnsword /
[email protected])
In this walkthrough, several URLs are used. It is possible to create all of them at once at
this stage:
mylucid00.dyndns.org
mylucidbbb00.dyndns.org
mylucidwiki00.dyndns.org
DynDNS allows 5 free URLs. After installation has been completed, I generally
remove mylucidweb00.dyndns.org and create mylucidcalendar00.dyndns.org (for
use with DAViCal) instead.
If the OpenSSH server was not installed on your server at initial installation, it can
be installed now.
The default SSH port is 22, but this may conflict with other SSH servers on your
network. Change the SSH port to a custom port. Also disallow password-based
logins, for now, to prevent unauthorized logins. See this tutorial.
50 of 92
Port 22199
and disallow Password-based authentication by changing the line::
05/24/2012 08:16 AM
UbuntuGuide Part3 -
to
Make sure the OpenSSH server knows that it must look for the authorized_keys
file. Uncomment the line:
AuthorizedKeysFile %h/.ssh/authorized_keys
Install X11VNC:
Add an X11VNC Server menu item with the command:
x11vnc --forever
-> Place in system tray (ticked)
Create an SSH keypair for automated login:
ssh-keygen
Accept the default location for the key file ( /home/user/.ssh/id_rsa ).
Make sure the directory /home/serveruser/.ssh exists; if not, create one using:
51 of 92
mkdir ~/.ssh
05/24/2012 08:16 AM
UbuntuGuide Part3 -
(In this instance, user = serveruser = lucidadmin00, so the folder
/home/lucidadmin00/.ssh ought to already exist).
Make sure that a file named authorized_keys (with write privileges) is in that folder. If
not, create such a file (using the touch command to create an empty file) while logged
into the server as serveruser (i.e. lucidadmin00):
cd ~/.ssh
cd ~/.ssh
Create a test connection:
Start the X11VNC Server (as above)
Connect VNC through the SSH tunnel with the commands:
ssh -l lucidadmin00 -L 5900:127.0.0.1:5900 mylucid00.dyndns.org -p 22199
vinagre vnc://127.0.0.1
or with a single-line command (which can be placed in a Menu item / shortcut):
ssh -f -l lucidadmin00 -L 5900:127.0.0.1:5900 mylucid00.dyndns.org -p 22199 sleep 5; vinagre vnc://127.0.0.1
Note: vinagre -- fullscreen vnc://127.0.0.1 will start the VNC connection in fullscreen
mode (but should only be used when connecting from other computers).
Install the BigBlueButton teleconferencing system
Read this BigBlueButton tutorial. Also see this demo site
(http://demo.bigbluebutton.org/) .
Create a BigBlueButton URL for use with your server, e.g. mylucidbbb00.dyndns.org
DYNDns.com account -> Add Host Services -> ...
Change the Apache listening port during BigBlueButton installation.
sudo kate /etc/apache2/ports.conf
52 of 92
Listen 82
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Restart Apache 2:
Make sure the Universe Repositories are enabled.
Obtain and install (http://code.google.com/p/bigbluebutton
/wiki/InstallationUbuntu#Installing_BigBlueButton_using_Ubuntu_Packages) the
BigBlueButton teleconferencing server:
wget
sudo
echo
sudo
sudo
http://archive.bigbluebutton.org/bigbluebutton.asc
apt-key add bigbluebutton.asc
"deb http://archive.bigbluebutton.org/lucid bigbluebutton-lucid main" | sudo tee /etc/apt/sources.list.d/bigbluebut
apt-get update
apt-get install asterisk bigbluebutton
During installation, enter the MySQL "root" user password when prompted:
lucidsql00
On the router, forward ports 81, 1935, 9123 to the LAN IP address of the BBB server
(e.g. 192.168.0.99).
Edit the Nginx webserver configuration file used for BigBlueButton:
listen 81;
Repeat for the default Nginx configuration file:
listen 81;
then restart Nginx:
53 of 92
Configure the other BBB server components to run on port 81. Use the URL
(mylucidbbb00.dyndns.org) that was setup at DYNDns.org:
05/24/2012 08:16 AM
UbuntuGuide Part3 -
sudo bbb-conf --setip mylucidbbb00.dyndns.org:81
Change the Apache port back to 80:
Listen 80
Restart Apache 2:
Add a menu item/shortcut to the BBB server:
MyLucid BigBlueButton (Teleconferencing) -- firefox
Install the Firewall
Add Firestarter firewall:
Start Firestarter:
Menu -> Internet -> Firestarter
and allow the incoming (inbound) and outgoing (outbound) ports:
80, 443, 81, 9123, 1935, 22199
Each port must be separately added as a rule for inbound and outbound traffic. For
example, to enable port 80:
Firestarter -> Policy -> Editing: Inbound traffic policy -> Allow service (right click on
white box) -> Add rule -> Port: 80 -> When the source is: Anyone -> Add -> Apply
Policy
and
54 of 92
whitelist traffic -> Allow service (right click on white box) -> Add rule -> Port: 80 ->
When the source is: Firewall host -> Add -> Apply Policy
05/24/2012 08:16 AM
UbuntuGuide Part3 -
(Note: It is pointed out to me repeatedly that Firestarter is not being currently
updated. However, Firestarter is not the actual firewall. iptables is, and iptables is
continually updated as part of the Linux kernel. Firestarter is merely an easy-to-use
front-end for editing the iptables rules that has been stable for a long time. Other
choices for this task include ufw/gufw (which is markedly more difficult to use, IMO).
This is completely an area of user preference. The instructions above for Firestarter
are not easily transferable to ufw/gufw.)
Install Moodle
Read this Moodle tutorial. Also see this demo site
(http://ubuntudoctorsguild.dyndns.org/moodle/) .
Install:
Choose the mysql-server, since it is already installed.
Should access to this server be restricted to localhost? No
Is your FQDN correct? Yes (don't worry whether it is or isn't -- this can be
adjusted later)
Should https be required to access this Moodle server? No
Should a default database be created for Moodle on localhost? Yes
root's MySQL password: lucidsql00
Moodle database password: mylucidmoodleword00
Edit the Moodle configuration file:
55 of 92
$CFG->wwwroot = 'http://mylucid00.dyndns.org/moodle';
Finish installation by logging in to the Moodle server at http://localhost/moodle
/admin or:
http://mylucid00.dyndns.org/moodle/admin -> Unattended installation? (ticked)
Admin user: mylucid00admin
Admin password: mylucid00word
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Admin e-mail: [email protected]
City: MyTown
Site name: My Lucid Moodle 00
Add the BigBlueButton API:
sudo
sudo
sudo
sudo
sudo
sudo
sudo
sudo
wget http://www.dualcode.com/bigbluebutton/bigbluebutton.zip
unzip bigbluebutton.zip
mkdir /usr/share/moodle/mod/bigbluebutton
cp -r bigbluebutton/mod/bigbluebutton/* /usr/share/moodle/mod/bigbluebutton/
cp -r bigbluebutton/lang/* /usr/share/moodle/lang/
rm bigbluebutton.zip
rm -r bigbluebutton/*
rmdir bigbluebutton
-> Input the IP address/URL of your BigBlueButton server
(mylucidbbb00.dyndns.org:81). Do not enter the leading http:// .
found it at /var/lib/tomcat6/webapps/bigbluebutton/WEB-INF/classes
/bigbluebutton.properties:
56 of 92
Add a menu item / shortcut to the Moodle server:
05/24/2012 08:16 AM
UbuntuGuide Part3 -
My Lucid Moodle (Teaching site) -- firefox http://mylucid00.dyndns.org/moodle
Install MediaWiki
Read this MediaWiki tutorial. Also see this demo site
(http://ubuntudoctorsguild.dyndns.org) .
Two separate wikis are created. One will be for private internal usage and one for a
public audience.
Create an additional URLs (Add Host) at DynDNS.com: mylucidwiki00.dyndns.org.
Install MediaWiki:
Create a folder for each subsite (in this example named private and public.
sudo mkdir /etc/mediawiki/private
sudo mkdir /etc/mediawiki/public
Create an upload folder for images in each subwiki folder:
sudo mkdir /etc/mediawiki/private/images
sudo mkdir /etc/mediawiki/public/images
Copy a 135x135 image that you wish to use as a wiki logo (in the upper left corner)
into the /etc/mediawiki/subwiki/images folder for each subwiki, naming it
WikiLogo.png there. For example:
sudo cp ~/Pictures/mybestpic135.png /etc/mediawiki/public/images/WikiLogo.png
sudo cp ~/Pictures/mysecondbestpic135.png /etc/mediawiki/private/images/WikiLogo.png
The images folders should belong to the group www-data, and the group should
have "Can View & Modify Content" permissions.
57 of 92
sudo
sudo
sudo
sudo
chown
chown
chmod
chmod
root:www-data /etc/mediawiki/private/images
root:www-data /etc/mediawiki/public/images
774 /etc/mediawiki/private/images
774 /etc/mediawiki/public/images
05/24/2012 08:16 AM
UbuntuGuide Part3 -
Restart apache2:
Run/install MediaWiki from the web browser by logging into:
Wiki name: My Lucid Wiki (Private)
mylucid00wikipriv -> DB username: mylucid00priv -> DB password:
mylucid00privword -> Superuser account: Use superuser account (ticked) ->
prefix: mylucid00prv_
the original):
sudo cp /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki/private
sudo mv /var/lib/mediawiki/config/LocalSettings.php /var/lib/mediawiki/config/LocalSettings_mylucid00private_install.php
Repeat the MediaWiki installation from the web browser by again logging into:
58 of 92
Wiki name: My Lucid Wiki (Public)
mylucid00wikipub -> DB username: mylucid00pub -> DB password:
05/24/2012 08:16 AM
UbuntuGuide Part3 -
mylucid00pubword -> Superuser account: Use superuser account (ticked) ->
prefix: mylucid00pub_
the original):
sudo cp /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki/public
sudo mv /var/lib/mediawiki/config/LocalSettings.php /var/lib/mediawiki/config/LocalSettings_mylucid00public_install.php
Edit your configuration variables:
sudo kate /etc/mediawiki/private/LocalSettings.php
sudo kate /etc/mediawiki/public/LocalSettings.php
similar lines that already exist in the file and substituting private or public where
appropriate:
59 of 92
#
#$wgScriptPath
= "/mediawiki";
$wgScriptPath
= "/private";
$wgLogo
#
$wgUploadDirectory
= $_SERVER['DOCUMENT_ROOT'].'/private/images';
$wgUploadPath
#
$wgDBadminuser
= $wgDBuser;
$wgDBadminpassword
= $wgDBpassword;
#
#
#User restrictions
= false;
= false;
= true;
#
= false;
= false;
= false;
#
#Uploads rules
05/24/2012 08:16 AM
UbuntuGuide Part3 -
#$wgEnableUploads
= false;
$wgEnableUploads
= true;
= true;
= true;
$wgFileExtensions
#Not for Anonymous
= false;
= false;
= false;
= true;
= false;
#Sysops
= true;
= true;
#
#
#
#
= false;
# to true!
Make symbolic links from the Apache2 folder to the subwiki folders:
sudo mkdir /var/www/Wikis
sudo ln -s /etc/mediawiki/private /var/www/Wikis/private
sudo ln -s /etc/mediawiki/public /var/www/Wikis/public
sudo ln -s /usr/share/mediawiki/* /etc/mediawiki/private/.
sudo ln -s /usr/share/mediawiki/* /etc/mediawiki/public/.
Create and edit an Apache2 configuration file (e.g. /etc/apache2/sites-available
/wikivirtualhost):
60 of 92
05/24/2012 08:16 AM
UbuntuGuide Part3 -
<VirtualHost *:80>
#
#
ServerName mylucidwiki00.dyndns.org
ServerAlias *.mylucidwiki00.dyndns.org
#
RewriteEngine On
RewriteRule
^/(/.*|)$ /public/$1 [R]
#
#AllowOverride None
Order allow,deny
allow from all
</Directory>
#
</VirtualHost>
RewriteEngine On
RewriteRule
^/(/.*|)$ /public/$1 [R]
after the server name, i.e. http://mylucidwiki00.dyndns.org/REQUEST_URI) does not
match private or public (the symbol ! means not), then use public as the default
directory.
symbolic link:

Ubuntu Guide 12.04 Precise - Ubuntu System settings and software

Transcription

Similar documents

HB 125 HYDRAULIC CHAIN TENSIONER INSTRUCTIONS

build the ultimate rock star home

Dry Cleaners and Laundromats

CYCRA Probend Instructions

CYCRA Probend Instructions

HIPSTERS TURBO 400 TRANSBRAKE This is the quickest and

full circle

tv dinner - Ubuntu User

Xactimate System Requirements

Page Views