Chances are if you have looked at this blog you are interested in Linux or you know me personally. One of the major hurdles when someone wants to try out Linux is which one. I am hoping to give a slight overview of the features and benefits of each, so you can make the choice that fits you best.
Out of the popular distros the least user friendly are Slackware, Gentoo, Arch, Linux from Scratch (it's not really a distro, but a howto on putting a Linux system together from scratch) and probably a few others I can throw in the list. These three will guide you through what to do, but it is a lot of work to do it. It can be overwhelming for a beginner or even an advanced user like myself. I have never used Slackware, but I have tried. Gentoo I got running, and recently I tried to install it in a virtual machine, and the list of instructions was way to long and involved for someone with the amount of time I have. Arch was probably the easiest of the bunch, but it involves using the command line quite a bit. If you are up for a challenge, these would be the distributions to use. By the end you will know quite a bit about how Linux works.
We then have our server category. Normally for a server you do not want the latest, greatest, and fastest update cycle in the world. This means you will want to use something a little older with a little more trial than the average distro. Some distributions you would want to look at are Red Hat Enterprise Linux, Oracle Enterprise Linux, Debian, CentOS, and OpenSuSe. There are a few others I could mention, but these are probably the most stable as in few bugs. Red Hat, Oracle, and CentOS are all related to each other because Oracle and CentOS are derived from Red Hat. Debian stands on its own. OpenSuSe I know less about, and that is for a reason. I am not a fan of OpenSuSe because its package manager is slow and buggy, and the operating system reflects this fact in other areas. Red Hat you will have to pay a contract for updates and support, Oracle you will have to pay a contract for support, and CentOS you are your support. Debian is pretty respectable too, but Red Hat is the creme of the crop as far I am concerned. If you are on a limited budget, CentOS is the best way to go.
For a desktop system some of our other choices would be OpenSuSe, Fedora, Ubuntu, Debian, Mandrivia, and countless others. I am of the same opinion still on OpenSuse. Fedora is the latest, greatest, and fastest update cycle you can get. It is so fast, they call it the bleeding edge, and bleeding for a reason. There have been a few times where the bugs have been too much, and they get worked out within about a month of Fedora having a release most of the time. Sometimes it takes two or three months to get some of the bugs that bother you out. Otherwise it is a great desktop and it has been my primary distribution for the majority of my Linux experience with the exception of a semester. Ubuntu is based on Debian with a bit of a faster release cycle, but it is slower on updates than Fedora. Ubuntu makes heavy use of sudo which I think is fundamentally unsecure, but I will write more on that later. Ubuntu has a richer collection of software thanks to the fact it is based on Debian. Debian has a large software repository. Most open source projects will have a package somewhere in the Debian repository. I would vote using the Debian testing branch over Ubuntu, but that is me. As for Mandrivia, I know little about it.
My personal recommendations out of all the ones I have mentioned would be for the average user either Debian or Fedora. Debian for greater stability, but Fedora for better usability and possibly better support for new hardware. You can do more research at www.distrowatch.com.
Tuesday, January 18, 2011
Monday, January 10, 2011
The Unix File System: A Simple Design
Coming over from the Windows platform to a Linux/Unix platform can be challenging. I learned quickly there was some unlearning to do. One of the fundamental differences between Windows and Unix is how both treat storage devices and directory layout. As a competent user with Windows you get accustomed to knowing where programs go and temporary data is stored. It feels natural over time for things to go where they go. When you see the Linux operating system, it all seems so foreign, so strange. Where is the C drive? Where is Documents and Settings? Where are my programs? Where is everything?! And when a seasoned Linux user tries to explain it to you it takes time to sink in.
Part of the confusion is how Linux and Windows deal with storage devices or partitions for that matter. In Linux everything and I do mean everything is a file or folder. That sounds profoundly normal, but it's not. On Windows your hard disks and partitions on those hard disks are given drive letters and treated as devices rather than files. How could a device ever be a file? It's not. However the description of how to talk to the device is contained in a special file. This special file is used for the mount command to take this storage device or partition and attach it to the directory structure. An example of this is I have the /media directory for such a purpose. Let us say I want to take my USB drive and mount it. It will appear as /dev/sdb1. I run the mount command and the contents of my USB drive will show up in /media. To show how flexible this design is, I can have five hard drives with 20 different partitions on each and have all fit nicely under the tree structure on Linux. In Windows this would not be easy to do if not impossible since there are only 26 drive letters. The design has some advantages.
Now we need to explain the directory structure. Everything comes under what we call the / (root) directory. Here we have the directories /bin, /boot, /dev, /etc, /home, /lib, /media, /mnt, /opt, /proc, /root, /sbin, /srv, /tmp, /usr, and /var. Windows users it seems foreign doesn't it? The moment you can admit that Linux is not like Windows and it is a whole different breed of operating system you will make progress. If you keep looking for ways to compare it to Windows, that will only hinder your progress in the transition. That said we can continue.
The directory structure is something like this: /bin holds some basic programs needed for repairing the system and bringing it up. Some of these programs list the contents of a directory, change directories, change permissions on a file, change ownership of a file, search for a specified file, provide the utilities for accepting commands, etc. Stuff most end users don't even see.
Next up is the /boot folder. This contains the different components needed to load the operating system on boot up. Here we have our boot loader which gives us the option to boot Linux. In this folder is contained the configuration for the boot menu like which operating system you would like to boot Linux, Windows, FreeBSD, or several flavors of Linux. The kernel is loaded from this partition in that an image of it is placed here. Normally this folder doesn't take any more than 100 MiB.
/dev holds all the files that describe how our devices work. We have a file that describes how to interface with the CD-ROM, how to interface with this partition and that partition, how to utilize the mouse, etc.
If you ever needed to change settings on a system that affect the whole system or turn on some options more than likely /etc is the place to do it. This is where all the configuration files are located for several different pieces of software. In the past if you wanted to add another resolution to your monitor (assuming it supports it) you would either use a graphical tool to do this or add it by hand, but all the same it made changes in the /etc/X11/xorg.conf file. Needless to say this is one of the folders used to tweak the system.
Whatever happened to Documents and Settings? Users can store their content in their account folder which is located in the /home directory. The user folders hold files that users create, copy, or download. It also houses user specific configuration files that make the settings I set specific to me and not everyone else. This is the folder you are going to be more acquainted with than any other.
/lib holds the different libraries that programs on the system use. These libraries contain functions (a programming element) that can be reused for different programs and even different purposes. /media is where the system mounts different file systems and devices. /mnt is used for temporary file systems.
/opt is sometimes used for certain programs that you install through a tarball or RPM. /proc holds information pertaining to the system and other things needed by the kernel. /root is the root users home directory, so it is just like having the root accounts folder in / instead of /home. /sbin is similar to /bin, but it contains more programs related to file systems, networking tools, and system administration to only be used by someone with root privileges. I have not figured out what /srv does exactly because on my system it is empty.
/tmp hold temporary files much like C:\Temp. /usr is a folder that shares a bunch of things. Here we have programs, documentation, source code, more program libraries, backgrounds, pictures, etc. This is similar to Program Files on Windows in a sense, but it is much broader than that. /var holds logs, messages, and job spools primarily.
So there you have it. Now you should have a rough idea of how the Linux/Unix file system functions. With this information you can diagnose problems more easily and find more information to help you. Again for more specific details type in man hier on the command line to view the layout page.
Part of the confusion is how Linux and Windows deal with storage devices or partitions for that matter. In Linux everything and I do mean everything is a file or folder. That sounds profoundly normal, but it's not. On Windows your hard disks and partitions on those hard disks are given drive letters and treated as devices rather than files. How could a device ever be a file? It's not. However the description of how to talk to the device is contained in a special file. This special file is used for the mount command to take this storage device or partition and attach it to the directory structure. An example of this is I have the /media directory for such a purpose. Let us say I want to take my USB drive and mount it. It will appear as /dev/sdb1. I run the mount command and the contents of my USB drive will show up in /media. To show how flexible this design is, I can have five hard drives with 20 different partitions on each and have all fit nicely under the tree structure on Linux. In Windows this would not be easy to do if not impossible since there are only 26 drive letters. The design has some advantages.
Now we need to explain the directory structure. Everything comes under what we call the / (root) directory. Here we have the directories /bin, /boot, /dev, /etc, /home, /lib, /media, /mnt, /opt, /proc, /root, /sbin, /srv, /tmp, /usr, and /var. Windows users it seems foreign doesn't it? The moment you can admit that Linux is not like Windows and it is a whole different breed of operating system you will make progress. If you keep looking for ways to compare it to Windows, that will only hinder your progress in the transition. That said we can continue.
The directory structure is something like this: /bin holds some basic programs needed for repairing the system and bringing it up. Some of these programs list the contents of a directory, change directories, change permissions on a file, change ownership of a file, search for a specified file, provide the utilities for accepting commands, etc. Stuff most end users don't even see.
Next up is the /boot folder. This contains the different components needed to load the operating system on boot up. Here we have our boot loader which gives us the option to boot Linux. In this folder is contained the configuration for the boot menu like which operating system you would like to boot Linux, Windows, FreeBSD, or several flavors of Linux. The kernel is loaded from this partition in that an image of it is placed here. Normally this folder doesn't take any more than 100 MiB.
/dev holds all the files that describe how our devices work. We have a file that describes how to interface with the CD-ROM, how to interface with this partition and that partition, how to utilize the mouse, etc.
If you ever needed to change settings on a system that affect the whole system or turn on some options more than likely /etc is the place to do it. This is where all the configuration files are located for several different pieces of software. In the past if you wanted to add another resolution to your monitor (assuming it supports it) you would either use a graphical tool to do this or add it by hand, but all the same it made changes in the /etc/X11/xorg.conf file. Needless to say this is one of the folders used to tweak the system.
Whatever happened to Documents and Settings? Users can store their content in their account folder which is located in the /home directory. The user folders hold files that users create, copy, or download. It also houses user specific configuration files that make the settings I set specific to me and not everyone else. This is the folder you are going to be more acquainted with than any other.
/lib holds the different libraries that programs on the system use. These libraries contain functions (a programming element) that can be reused for different programs and even different purposes. /media is where the system mounts different file systems and devices. /mnt is used for temporary file systems.
/opt is sometimes used for certain programs that you install through a tarball or RPM. /proc holds information pertaining to the system and other things needed by the kernel. /root is the root users home directory, so it is just like having the root accounts folder in / instead of /home. /sbin is similar to /bin, but it contains more programs related to file systems, networking tools, and system administration to only be used by someone with root privileges. I have not figured out what /srv does exactly because on my system it is empty.
/tmp hold temporary files much like C:\Temp. /usr is a folder that shares a bunch of things. Here we have programs, documentation, source code, more program libraries, backgrounds, pictures, etc. This is similar to Program Files on Windows in a sense, but it is much broader than that. /var holds logs, messages, and job spools primarily.
So there you have it. Now you should have a rough idea of how the Linux/Unix file system functions. With this information you can diagnose problems more easily and find more information to help you. Again for more specific details type in man hier on the command line to view the layout page.
Saturday, January 8, 2011
Secure While Away From Keyboard
Security is something we all value and treasure. We like knowing the front door to our home is locked when in the cities, we appreciate the safety of our valuables in our vehicles, and we are strict guardians of our privacy. If you use Linux there may be a gap you are not aware of, just as I was not aware of it.
If you use wireless, an email client, chat client, or anything else the system might ask if it wants to save your password (or in my case doesn't); you could be vulnerable to having your passwords retrieved while you are absent. What am I talking about? The program that manages your passwords and encryption keys called Seahorse sometimes by default leaves your passwords in an accessible unlocked state in a folder called login. From here I can retrieve on my system my passwords for my Google and Hotmail accounts. This is rather discomforting for someone like me since I am a network administrator. If my passwords get leaked, that could mean serious trouble.
For the past month or two I have been paranoid about this discovery resulting in a prompt lock of my laptop's screen until my return. It's a good policy anyway, and I will continue to do it, but you can have a password required to use the keyring by right clicking on this folder and telling it to lock. The password to unlock it or use the keyring is your user account password. You can change this password which I have done to enhance security.
This makes me feel a little easier about my passwords and should help me sleep better in the future. I hope it does the same for you. I will mention more things you can do to keep the system secure in another article.
Update: January 13, 2011
Apparently every time you type in the password it unlocks that folder. For a little while I felt more secure. I am still looking into how to lock this program up, and there has been some discussion on the Seahorse mail list to implement password protect to view passwords. http://mail.gnome.org/archives/seahorse-list/2009-November/msg00005.html
Update: March 27, 2013
I just read this blog post which states the issues with having password protection on the Keyring or in Seahorse itself. In summary if they did that you would have to enter your password any time an application needs access to the keyring, and Seahorse password protection alone would provide a false sense of security. The solution is to lock your screen before you leave which is what I have done for the past two years with the exception of Fedora 15 when lock was broken. Since I was one a few Linux users in my environment I switched to the terminals you can get to using Ctl+Alt+F1-6. Only two or three people knew what they were looking at when I did that, so it was reasonably safer but not entirely.
If you use wireless, an email client, chat client, or anything else the system might ask if it wants to save your password (or in my case doesn't); you could be vulnerable to having your passwords retrieved while you are absent. What am I talking about? The program that manages your passwords and encryption keys called Seahorse sometimes by default leaves your passwords in an accessible unlocked state in a folder called login. From here I can retrieve on my system my passwords for my Google and Hotmail accounts. This is rather discomforting for someone like me since I am a network administrator. If my passwords get leaked, that could mean serious trouble.
For the past month or two I have been paranoid about this discovery resulting in a prompt lock of my laptop's screen until my return. It's a good policy anyway, and I will continue to do it, but you can have a password required to use the keyring by right clicking on this folder and telling it to lock. The password to unlock it or use the keyring is your user account password. You can change this password which I have done to enhance security.
This makes me feel a little easier about my passwords and should help me sleep better in the future. I hope it does the same for you. I will mention more things you can do to keep the system secure in another article.
Update: January 13, 2011
Apparently every time you type in the password it unlocks that folder. For a little while I felt more secure. I am still looking into how to lock this program up, and there has been some discussion on the Seahorse mail list to implement password protect to view passwords. http://mail.gnome.org/archives/seahorse-list/2009-November/msg00005.html
Update: March 27, 2013
I just read this blog post which states the issues with having password protection on the Keyring or in Seahorse itself. In summary if they did that you would have to enter your password any time an application needs access to the keyring, and Seahorse password protection alone would provide a false sense of security. The solution is to lock your screen before you leave which is what I have done for the past two years with the exception of Fedora 15 when lock was broken. Since I was one a few Linux users in my environment I switched to the terminals you can get to using Ctl+Alt+F1-6. Only two or three people knew what they were looking at when I did that, so it was reasonably safer but not entirely.
Monday, January 3, 2011
Documentation is not a bad thing...
Documentation is something that some people appreciate and others do not. I was among the class of those that did not. Using Linux put me in the class that did. Learning to appreciate documentation early on will help save you many a headache with using this operating system. Before I point you to resources that you can use, I will share some of my misfortunes.
As a Windows user I was accustomed to playing with settings until things would work the way I wanted them to. Doing this normally resulted in no injury to the system. The habit continued even into using Linux. Linux however fixed that. After I installed Fedora Core 4 in December of 2005 I quickly found I had some tweaking to do to get things working, but the graphical interface didn't seem to tweak or configure much. I soon found the only way (at the time) to get my video driver and wireless drivers working properly would involve using the command-line. I used it and installed my video driver first, rebooted the system, only to find my monitor displaying an interesting message telling me "Out of Range." My new Linux installation was now not accessible, or so I thought. Time for a clean install. I did that clean install a total of three times only to find that the problem was with how the driver tweaked my xorg.conf file. I had to manually set my monitor's refresh rates to avoid that problem. If I had read up on possible issues with xorg.conf, I could have possibly avoided the three reinstalls and made progress with setting up my system.
Another time that reading documentation is helpful is when a warning pops up on the program you are using. As a new Linux enthusiast and comfortable user I thought I could handle setting labels on my different partitions since I ran three or four different distributions. I used gparted (might have been the PartitionMagic clone) and clicked on setting the disk label (this is much different than changing the label on your partitions). A warning popped up which I thought was nothing because we are setting a new label and as a result just closed it without reading it (bad move). Not long after setting the new disk label all partitions that were in view disappeared. I had just changed the system that kept track of the partition tables and as a result all partition on that hard disk were now gone. I realized the mistake I had made and hoped it wasn't applied, so I rebooted only to find that even Grub had disappeared. Thankfully no important data was lost, and the only thing that was hurt was my pride.
So if you ever read in a support forum or chat channel the expression RTM or read the manual, please take it to heart. It is never a bad thing and yields more good than evil. Documentation is your friend in this new world because this new world will let you do anything, and only sometimes does it let you know you are about to get into trouble. Place high value on those manual pages and other resources.
The man and info commands are fairly helpful. If you are looking for quick answers Google is normally more helpful, but sometimes if you know what you are looking for the man pages are a help too. Using info will help with most GNU packages such as emacs, info, bash, etc. You can pull up a directory of all info documentation on your system by only typing info at the command prompt. To find out more about how to use man or info just type in the commands "man man" and "man info."
If you are looking for more friendly guides than manual and info pages, some other resources may be in order. The Linux Documentation Project (www.tldp.org) has excellent guides, tutorials, how-tos, and also all the man pages. O'Reilly (oreilly.com) is a publisher that most high quality books on Linux and other free/open source packages come from. Forums specific to your distribution are another great place to find help.
Hopefully you can avoid the same pitfalls and others that I ran into as a new Linux user. Expect to need to do some reading or a lot of time repairing your system without it. These days using your system the way I used Windows is a little safer now thanks to the administrative tools for Ubuntu and Fedora. When I started we were beginning to make the transition and I sit among those who know how to use the command-line. Your experience should be more pleasant.
As a Windows user I was accustomed to playing with settings until things would work the way I wanted them to. Doing this normally resulted in no injury to the system. The habit continued even into using Linux. Linux however fixed that. After I installed Fedora Core 4 in December of 2005 I quickly found I had some tweaking to do to get things working, but the graphical interface didn't seem to tweak or configure much. I soon found the only way (at the time) to get my video driver and wireless drivers working properly would involve using the command-line. I used it and installed my video driver first, rebooted the system, only to find my monitor displaying an interesting message telling me "Out of Range." My new Linux installation was now not accessible, or so I thought. Time for a clean install. I did that clean install a total of three times only to find that the problem was with how the driver tweaked my xorg.conf file. I had to manually set my monitor's refresh rates to avoid that problem. If I had read up on possible issues with xorg.conf, I could have possibly avoided the three reinstalls and made progress with setting up my system.
Another time that reading documentation is helpful is when a warning pops up on the program you are using. As a new Linux enthusiast and comfortable user I thought I could handle setting labels on my different partitions since I ran three or four different distributions. I used gparted (might have been the PartitionMagic clone) and clicked on setting the disk label (this is much different than changing the label on your partitions). A warning popped up which I thought was nothing because we are setting a new label and as a result just closed it without reading it (bad move). Not long after setting the new disk label all partitions that were in view disappeared. I had just changed the system that kept track of the partition tables and as a result all partition on that hard disk were now gone. I realized the mistake I had made and hoped it wasn't applied, so I rebooted only to find that even Grub had disappeared. Thankfully no important data was lost, and the only thing that was hurt was my pride.
So if you ever read in a support forum or chat channel the expression RTM or read the manual, please take it to heart. It is never a bad thing and yields more good than evil. Documentation is your friend in this new world because this new world will let you do anything, and only sometimes does it let you know you are about to get into trouble. Place high value on those manual pages and other resources.
The man and info commands are fairly helpful. If you are looking for quick answers Google is normally more helpful, but sometimes if you know what you are looking for the man pages are a help too. Using info will help with most GNU packages such as emacs, info, bash, etc. You can pull up a directory of all info documentation on your system by only typing info at the command prompt. To find out more about how to use man or info just type in the commands "man man" and "man info."
If you are looking for more friendly guides than manual and info pages, some other resources may be in order. The Linux Documentation Project (www.tldp.org) has excellent guides, tutorials, how-tos, and also all the man pages. O'Reilly (oreilly.com) is a publisher that most high quality books on Linux and other free/open source packages come from. Forums specific to your distribution are another great place to find help.
Hopefully you can avoid the same pitfalls and others that I ran into as a new Linux user. Expect to need to do some reading or a lot of time repairing your system without it. These days using your system the way I used Windows is a little safer now thanks to the administrative tools for Ubuntu and Fedora. When I started we were beginning to make the transition and I sit among those who know how to use the command-line. Your experience should be more pleasant.
Subscribe to:
Posts (Atom)