Archive for the ‘Fedora’ Category.
November 19, 2009, 2:56 pm
A hotly debated topic this week has been a decision made with the latest release of Fedora. The 12th release has made it so that local users can install signed packages from the repositories, without root access.
You can read all the nerd-rage here:
Fedora 12 allows any user to install software on a machine without the root password. Drama on the mailing list.
Oddly enough they didn’t see this important enough to include on the release notes. Some will argue this is not much of an issue, well I would ask you to consider this security breach of the Fedora signing servers a little more than a year ago:
https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html
With that taken into consideration, this is a pretty big deal.
Jeff Garzik’s replies seem to be the most eloquent arguments for reverting to the F11 security posture, in case anyone here thinks this change is a good thing:
Now for what this blog usually does, which is gives more solutions than commentary, here is how you fix your Fedora 12’s broken security model:
Simply run:
pklalockdown –lockdown org.freedesktop.packagekit.package-install
This will re-enable the old (better) behavior for installing signed packages with a known key. Once this is done your Fedora 12 will no longer be on par with Windows98, enjoy.
February 9, 2009, 9:50 am
Simple enough, add an exclude line to the end of your [main] section in /etc/yum.conf , and you are done. Your yum.conf should look something like this:
[main]
cachedir=/var/cache/yum
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=3
exclude=gdm pidgin
This will prevent upgrades of the gdm package as well as pidgin. The list of apps in the exclude should be space sepeated. Shell wildcards ( * ? ) can also be included.
January 19, 2009, 9:08 am
In Redhat, Fedora, or Centos Linux, you’re required to type command such as “service sshd start” and the main problem is NO auto complete for service command by default. Yes I admitted I’m lazy guy!
So how to set AUTO COMPLETE “service” command on Redhat/Centos? Read Below.
Continue reading ‘Redhat/Fedora: Auto Complete for the “service” command’ »
January 10, 2009, 8:03 pm
Thanks to this guide by axel, I was able to get rid of the simple blue/light blue/white bar loader and get the fancy graphical loader better known as Plymouth. Keep in mind that I am using it on a laptop that has Intel 945GM graphics.
I’m going to keep things basic without a lot of jargon. If you’d like more details on this, visit this page.
Continue reading ‘How To Enable Graphical Boot with Plymouth on Fedora 10’ »
January 8, 2009, 12:44 pm
This is a tutorial on how to get VirtualBox up and running on Fedora 10. Also, this tutorial is for the 32-Bit version of VirtualBox, so you’ll have to customize a little more to get the 64-bit version running. Everything in the “code” sections should be copy/pasted/typed into the terminal. Right, let’s get to it:
Continue reading ‘How To Install VirtualBox on Fedora 10’ »
January 8, 2009, 10:27 am
Compared to previous versions, installing TrueCrypt 6.1 on Fedora 10 was quite straightforward. Here is a quick list of steps to follow:
Continue reading ‘TrueCrypt 6.1 Install Guide For Fedora 10’ »
November 12, 2008, 11:19 am
A “service” is a program that starts automatically when you start your computer, and runs in the background. For example, the “network” service sets up your connection to the Internet and keeps it running correctly.
There are two ways to manage services in Fedora, one using the graphical tools, and one using only the command line. If you’re not in a graphical environment, use the command line method.
Continue reading ‘How to manage services in Fedora/Redhat’ »
October 3, 2008, 7:35 am
So say that you are running out of resources and can’t buy a new Ethernet card for the system, or there’s not enough slots for another one. No problem, whatever the reason, we can assign two or more IP addresses to our linux box using only one NIC.
I’ll do it in Fedora.
- Go to /etc/sysconfig/network-scripts/ directory
- Copy ifcfg-eth0 to the same directory and name the copy as ifcfg-eth0:0.
- Edit ifcfg-eth0:0 and enter your new IP address settings
And you’re done. So simple na. You can add up to 255 different IP addresses to one linux machine using this technique
July 4, 2008, 10:56 am
TrueCrypt (http://www.truecrypt.org/) is a popular free on-the-fly disk encryption software that can encrypt files, partitions, whole disks and even a windows installation. It is an extremely useful and important tool if you wish to keep personal and confidential data from being accessed by unauthorized people. TrueCrypt even supports plausible deniability, allowing you to hide an encrypted volume inside another volume. TrueCrypt volumes are indistinguishable from random data, so an adversary cannot prove that you have a TrueCrypt volume hidden inside a dummy encrypted volume.
Unfortunately, the TrueCrypt website only provides binaries for Ubuntu and OpenSuSE, so for those of us running other distros, the only option is to compile from source. The steps below outline the installation procedure on a Fedora 9 machine.
Continue reading ‘Installing TrueCrypt in Fedora 9’ »
May 12, 2008, 6:00 pm
by DanWalsh
Who’s afraid of SELinux? Well, if you are, you shouldn’t be! Thanks to the introduction of new GUI tools, customizing your system’s protection by creating new policy modules is easier than ever. In this article, Dan Walsh gently walks you through the policy module creation process.
A lot of people think that building a new SELinux policy is magic, but magic tricks never seem quite as difficult once you know how they’re done. This article explains how I build a policy module and gives you the step-by-step process for using the tools to build your own.
Continue reading ‘A step-by-step guide to building a new SELinux policy module’ »
