Some nice linux tutorials

Some very nice articles and tutorials on Linux, find here. Pretty nice collection.

sunflower – file manager.

Sunflower file manager is a new file manager that has couple of interesting features, that I liked, not that I use graphical file managers much.

It has a in-built command line, terminal and other interesting features, so what are you waiting for just head over and download and install :

rpm -ivh http://sunflower-fm.org/pub/sunflower-0.1a.58-1.noarch.rpm

Or head over to their downloads page at :

http://sunflower-fm.org/pub/

There is still no home-page and might come soon.

Xephyr – Nested X Server

Nested X-Server is running a X server root window within your running X-windows session like Gnome or KDE. This could be useful if you want to keep all you ssh windows in one window or maybe run all you IRC, firefox, chat and others inside one window, or maybe run another window manager itself.

Lets first install ::

sudo yum install xorg-x11-server-Xephyr

Once done, you can define an alias to do the magic with your nested server. So, lets define an alias:

xca – Graphical X.509 certificate management tool

If you are looking for some tool to manage X.509 certificates then probably xca is your best guess. This is  a graphical tool and you can open any file and view the keys in it.

So, first install it:

sudo yum install xca

And some information on xca::

Description :   X Certificate and Key management is a graphic interface for managing

asymmetric keys like RSA or DSA, certificates and revocation lists. It is

intended as a small CA for creation and signing certificates. It uses the

OpenSSL library for the cryptographic operations.
:   Certificate signing requests (PKCS#10), certificates (X509v3), the signing

of requests, the creation of self-signed certificates, certificate revocation

lists and SmartCards are supported. For an easy company-wide use, customizable

templates can be used for certificate and request generation. The PKI structures

can be imported and exported in several formats like PKCS#7, PKCS#12, PEM,

DER, PKCS#8. All cryptographic data are stored in a byte order agnostic file

format, portable across operating systems.

Related articles across the web

• Creating Self Signed Certificates for your Fortigate Firewalls
• Secure Mobile X.509 Certificate Delivery – SecureAuth and MobileIron
• X.509 Certificates
• Public Key Document Signing for Oslo Messaging

Fedora.next – what is it?

Fedora.next is being much talked about but what it really is. If you want some insight’s and understand what it is, head over to this presentation.

A nice presentation that explains the concept for Fedora.next.

Related articles across the web

• A proposal for Fedora’s website (considering Fedora.next)
• Fedora Packaging Workshop Managua

Sandbox apache (httpd) for better security.

Apache/httpd is something which you would like to have contained. And now fedora provides a native way/mechanism to to so with virt-sandbox-service. With this, you can create a virtualized sanbox service and then connect/list/manage such with virsh.

We will be using LXC.

Basically its couple of commands and you have a contained service running.

# List all the containers
virsh -c lxc:/// list

# Create the sandbox, all default parameters. Will take dhcp address.
virt-sandbox-service create -C  --username amitag -u httpd.service httpd_conta

# Create the container with static IP.
virt-sandbox-service create -C  --username amitag -u httpd.service -N \
address=192.168.122.11/24%192.168.122.255  httpd_conta#Enable and start the service.
virt-sandbox-service start httpd_conta
virt-sandbox-service enable httpd_conta#Delete the container if not required any more.
virt-sandbox-service delete  httpd_conta

Sandbox Firefox – First step to security

First we will setup cgroup to limit cpu and memory usage, so here we go:

Add the configuration in /etc/cgconfig.conf

#------start cgconfig----------------
#new group
group firefox {
    perm {
        task {
#user your login id and group here, so that you can control this group
        uid = amitag;
        gid = amitag;
        }
        admin {
# same as above, set to your login id and group.
           uid = amitag;
           gid = amitag;
        }
    }
# set the limits for cpu.. by default there are 1024 shares of cpu with no other groups,
# so share of 102 would be around 10% .
    cpu{
        cpu.shares="102";
    }
# limit the cpus to be used to only 0-1
    cpuset{
        cpuset.cpus=0-1;
        cpuset.mems=0;
    }
# limit the maximum memory to 700Mb.
    memory {
        memory.limit_in_bytes="700M";
        memory.max_usage_in_bytes="0";
    }
}
#------end cgconfig----------------