potential threats
you are here
:[-->networks-->common linux issues]
base || news || coding || networks || linux || bioinf || stuff || contact
Solutions to common linux issues
Solutions to some problems/questions I encountered with linux. Most of them were not invented by me. I simply
searched the internet a bit and decided to put the information that was useful to solve the problems here.
installing java on debian sarge
reducing ads and pop-ups on websites
the pipe key (with "<", ">" and "|" symbols) does not work under X
Kmail / GPG : Kmail complains about a bad gpg passphrase
Spam filtering with Kmail and Spamassassin
Excluding Applications from Autostarting via KDE Sessionmanagement
Getting the HP Deskjet 5550 to work under debian
Restricting the usage of su (via wheel group, BSD-style)
ssh public key authentication
Error : Inconsistency detected by ld.so:
Burning a playlist in Amarok
Fun with the bash shell and our music collection
Playing multiple sounds at once under Linux
Kmail / GPG : Encryption failed : General Error
Firewalled FTP Server on a VServer
Using multimedia keyboards with linux
Running apps from ~/bin/ (or: permanently adding stuff to $PATH)
Switching between different system configurations in bootloader menu
Laptop with internal LCD and external LCD/Monitor : videos only visible on internal LCD
Quake 2 Sound sucks (is chopped into pieces)
Quake 3 has no sound at all (nforce2 and some other chipsets)
Installing the proprietary ATI fglrx driver on Debian etch (stable)
Getting rid of the system beep on Debian Linux
Backing up your cron jobs
Forcing a user to change his/her password at next login on linux
Preventing /etc/motd from getting overwritten at reboot (Debian Etch)
installing java on debian sarge
If you want/need to run Java applications under linux (or any OS), you need a Java Runtime Environment (JRE). There are free
ones and there is the non-free (but free of charge) version offered by Sun Microsystems. You should look out for
one of the free implementations if you want to develop Java applications. This article describes how to install
Sun's version.
1) install java-package via apt
# apt-get install java-package
2) grab java JRE for linux from Sun's Java Site .
3) change to the directory you downloaded the JRE and create debian package...
$ cd downloads
$ fakeroot make-jpkg jre-1_5_0_04-linux-i586.bin
4) ... and install it.
# dpkg -i sun-j2re1.5_1.5.0+update04_i386.deb
You're done. You may now install and run Java applications.
reducing ads and pop-ups on websites
You can reduce the number of advertisements and pop-up windows in webpages dramatically by
using the firefox browser combined with an adblocker plugin and a suitable ruleset. The next few
lines explain how to get that done.
1) install firefox via apt
# apt-get install mozilla-firefox
2) install the adblock plugin from adblock.mozdev.org by clicking on the link to the .pxi file in the download section of the page. The filename should be something like adblock-0.5-dev.pxi and firefox should open a window and ask you whether you want to install the software. If it doesn't, software installation from websites is disabled in the firefox preferences. Click on Edit -> Preferences in Firefox, choose Web Features and temporarily enable the option "allow web sites to install software".
3) grab the Filterset.G script from pierceive.com
4) import the filterset. this can by done by selecting Tools -> Adblock -> Preferences and clicking on Adblock Options -> Import Filters...
You're done. Restart Firefox and enjoy the web.
the pipe key (with "<", ">" and "|" symbols) does not work under X
This is due to a misconfiguration of the keyboard under X11 and can be corrected by changing the X11 config file, usually /etc/X11/XF86Config-4. In the Section "Input Device", make sure that you set XkbLayout to "pc105" :
Section "InputDevice"
Identifier "Generic Keyboard"
Driver "keyboard"
Option "CoreKeyboard"
Option "XkbRules" "xfree86"
Option "XkbModel" "pc105"
Option "XkbLayout" "de"
Option "XkbVariant" "nodeadkeys"
EndSection
Restart X / your display manager and the key works.
If you're using KDE, you can archieve the same result by going to KDE Start -> Conntrol Center -> Regional and Accessibility -> Keyboard Layout and selecting 'generic 105key (Intl) PC'.
Kmail / GPG : Kmail complains about a bad gpg passphrase
If Kmail gives you the following error :
Encrypted message (decryption not possible)
Reason: Crypto plug-in "openpgp" could not decrypt the data.
Error: Bad passphrase
when trying to open an encrypted message, although you did not even get the chance to type a password,
you need to install pinentry-qt, gnupg2 and gpg-agent. This solves the problem.
Spam filtering with Kmail and Spamassassin
If the spam you receive is marked as spam by spamassassin, but not moved to the spam folder you
created, you need to check your filter rules.
You need 2 rules : one that pipes the mail you receive through "spamassassin -L" or "spamc" (the latter is
faster but requires the spamd daemon to run) AND one that moves the messages marked as spam to the spam folder.
Choose SETTINGS -- CONFIGURE FILTERS in Kmail and follow these examples :
Filter 1 - Name:"SpamCheck" Match:"Match all" Crit:"Size" Expr:"is less or equal to" Value:"256000 Bytes" Action:"Pipe through" Target:"spamc"
Filter 2 - Name:"MoveSpam" Match:"Match any" Crit:"X-Spam-Flag" Expr:"contains" Value:"yes" Action:"File into folder" Target:"Spam"
Excluding Applications from Autostarting via KDE Sessionmanagement
It can be very enerving to have kmail, kopete or other programs that assume you're connected to the inet
started automatically once you login to KDE. If you're at a place where there is no inet available or you
didn't configure your interfaces for the network yet, these apps will flood your screen with error messages.
I assume you didn't place these apps in ~./kde/Autostart, startx, startkde or any other of these autostart files,
which means that they are started by the kde session manager because you had them open when you closed your last session.
The solution seems (and actually is) quite obvious : place the application in the list of apps excluded from session management :-)
The list is at [K Start]=>[Control Center]=>[KDE Components]=>[Session Manager].
But there's no text describing what exactly you should put into that field. You may notice that 'app1 app2 app3' doesn't work or wonder whether you should write '/usr/bin/app1' or just 'app1'. Answer : putting 'app1' is sufficient, but you have to use the colon (:) as a delimiter. Took me some time to figure this out :-|.
So the text in the box should look similar to this :
kopete:skype:kmail
Integrating Kopete with XQF / setting away messages via script
XQF is a server browser for quake 3 (and many other games). You may want your IM app (kopete) to show some
game info to people trying to contact you through your AWAY message so they can join the server you're playing on.
This can be accomplished with a very simple shell script as XQF can be configured to place a launch-info file in ~/.qf/LaunchInfo.txt that contains all the Info you may want Kopete to show and it can also run a program (~./qf/PreLaunch) before starting the game :-)
Only question left : how to change kopetes AWAY message via a script/program? The solution is kopetes DCOP-interface. I've already written a scipt that does what i need, you can grab it here.
Getting the HP Deskjet 5550 to work under debian
I hate printers. They never work, and my usb dj5550 was no exception. I'm using
CUPS under debian sarge, the package name is cupsys. I also grabbed the foomatic packages
foomatic-db, foomatic-db-engine, foomatic-db-hpijs, foomatic-filters and hpijs.
There are a lot of printer drivers available in the foomatic-filters-ppds package, but
after adding the printer and chosing the DJ5550 driver in the KDE Printing Manager (you may
also use the webinterface of CUPS at 127.0.0.1:631), the only thing I got was the error message
Unable to load a valid driver for printer deskjet 5550. Error message received from manager:
(No error message.) Internal error.
Printing a test page resulted in the printer starting to print a few disordered lines that vaguely resembled
a postscript header and then spitting out blank pages until i pulled the plug :-(
I fixed the problem by generating a
PPD file for the printer at linuxprinting.org and
klicking on "other" when the list of drivers was presented to me in the Printing Manger. I selected
the ppd file (it is also available here ) I had generated and saved to my local hd and everything worked. Don't ask me why, maybe the driver that comes with
debian is simply broken.
restricting usage of su (via wheel group, BSD-style)
It is assumed that you want only the user spirit to be able to use su in the following lines.
# addgroup wheel
# adduser spirit wheel
# adduser root wheel
# vim /etc/pam.d/su
now add the following line to the file you just opened in vi :
auth required pam_wheel.so group=wheel
done.
ssh public key authentication
1) on the client, generate your key and make sure its permissions are safe :
user@client> $ ssh-keygen -t dsa
user@client> $ chmod 400 ~/.ssh/id_dsa
NOTE : instead of doing steps 2) and 3) manually, you may use the ssh-copy-id program if available :
user@client> $ ssh-copy-id -i ~/.ssh/id_dsa.pub user@server
if you don't have ssh-copy-id available or don't want to use it, set things up manually :
2) copy public key to server :
user@client> $ scp ~/.ssh/id_dsa.pub user@server:/home/user/
3) place key in correct location, set permissions, rename it
user@server> $ cd
user@server> $ mkdir ~/.ssh
user@server> $ chmod 700 ~/.ssh
user@server> $ cat id_dsa.pub >> .ssh/authorized_keys
4) configure ssh server for pubkey authentication
root@server> # vi /etc/ssh/sshd_config
make sure the configfile contains the following line :
PubkeyAuthentication yes
5) disabling password authentication
you may want to disable password-only authentication in sshd_config for all of this to make sense, otherwise
users who don't have the key will be asked for the user password (this does not disable
the passwort you set to protect the ssh key, of course). the line is :
PasswordAuthentication no
6) making things easier on the client side
creating a ~/.ssh/config file like the example given below on your client is usually a good idea :
Host foobar
Hostname foobar.domain.org
IdentityFile2 /home/user/.ssh/id_dsa
Port 22
PreferredAuthentications publickey
Protocol 2
User user
you may then simply type
ssh foobar
to connect.
Error : Inconsistency detected by ld.so:
if you get the following error while trying to run a command, chances are you are using too much memory (RAM) on a shared system, maybe something like a vserver :
root@remotehost:~# apt-get install whatever-you-want
Inconsistency detected by ld.so: dl-minimal.c: 84: __libc_memalign: Assertion `page != ((void *) -1)' failed!
E: Method http has died unexpectedly!
E: Method /usr/lib/apt/methods/http did not start correctly
root@remotehost:~#
i got the message when trying to run apt-get under debian sarge on a box under heavy load, the lines starting with "E: Method..." are apt error messages. information on the inet was very rare.
it gets even more annoying if you're using too much memory and logout - the next login attempt via ssh is
doomed to fail :
user@localhost:~$ ssh remotehost
// login messages and server motd omitted here
Last login: Sat Aug 12 16:08:59 2006 from your-host.your-isp.net
-bash: xmalloc: ../bash/make_cmd.c:89: cannot allocate 1807 bytes (0 bytes allocated)
Connection to remotehost closed.
user@localhost:~$
the only solution is to stop programs/daemons that use lots of memory and are
not needed (or to get more RAM :-x). don't ask me why the existence of a swap partition with lots of
free diskspace doesn't solve this, but if you have further ideas or other opinions on this issue, please
contact me.
if you can't login via ssh anymore, you need to login to the rescue-system most vserver providers offer, chroot to your vserver and fix the issue by removing the startup links in /etc/init.d/ for services that use too much memory.
here is an example where i assume that the filesystem of your vserver is mounted on the rescuesystem under /mnt/ and that we want to stop starting spamassassin at boottime to get more memory :
user@localhost:~$ ssh root@rescuehost
// login messages and server motd omitted here
root@rescuehost:~# chroot /mnt
root@remotehost:/# update-rc.d -f spamassassin remove
// output of update-rc.d omitted here, note that update-rc.d is debian-specific
root@rescuehost:~#
that's it. reboot the server and you should be able to login via ssh again.
Burning a playlist in Amarok
Amarok rocks, and burning a playlist is very easy once you know how to do it ;-) :
- start Amarok and select the playlist you want to burn
- select all the tracks of the playlist (CTRL-A)
- right-click on any song and choose "Burn -> Selected Tracks as Audio CD"
Note : You need to have k3b installed for this to work.
Fun with the bash shell and our music collection
Let's just have some fun with bash(1), some standard UNIX tools and our music collection :-). We'll
clean it up and get some information on it. My collection consists of mp3-files organised in the following
way :
~/media/music/<band name>/<album name>/<track name>.mp3
So let's get some info on what we have.
1) I want a list that contains every album and the band :
spirit@threat:~$ cd media/music/
spirit@threat:~/media/music$ du -h . | awk -F'/' '{ if($3) printf $2; printf "%s", " - "; printf $3; printf "%s", "\n"}' | uniq | sort
This uses the ouput of du(1) and then sets awk's Field Seperator to "/" before printing the second field of each line (the band name) and a seperator (" - ") if a third field (the album name) exists. It makes sure no line is shown twice and sorts the whole output before printing it. Example output :
Air - Talkie Walkie
Beatsteaks - Living Targets
Chokebore - A taste for bitters
...
2) Let's see what file types we have in our collection and get rid of some of them
Find all types (extensions) of files which are not '.mp3' files :
spirit@threat:~$ find ~/media/music/ -type f ! -name *.mp3 | awk -F'.' '{print $NF}' | sort | uniq
Example output :
nfo
txt
url
wav
jpg
Mp3
ogg
db
m3u
...
I want to see the path and name of every .jpg-file in there :
spirit@threat:~$ find ~/media/music/ -type f -name '*.jpg'
...and delete all of them afterwards :
spirit@threat:~$ find ~/media/music/ -type f -name '*.jpg' -exec rm {} \;
3) Some stats
How many songs do I have?
spirit@threat:~$ find ~/media/music/ -type f -name '*.mp3' | wc -l
And how many bands?
spirit@threat:~$ ls -1 ~/media/music/ | wc -l
That's it for today.
Playing multiple sounds at once under Linux
If you can't play more than one sound at once, you're suffering from the widely known "device busy"-problem.
ALSA (Advanced Linux Sound Architecture, the new linux sound system) provides a method to fix this problem for ALSA-aware apps with the dmix plugin. OSS (Open Sound System, the old linux sound system) applications can be setup to also use dmix via aoss.
The dmix howto describes how to setup things properly for your soundcard. However, on my card (AC'97, snd-intel8x0 module), the sound was broken with this method, it only came in short bursts.
The Sound HOWTO on linux-gamers.net is very useful to. Read Section 12 if you want to play Quake 3, use Teamspeak and Listen to Music on a crappy AC'97 sound card. It involves the use of the KDE sound server artsd and starting the applications with 'artsdsp -m $app' instead of '$app'. For me and my AC'97 card it works!
Kmail / GPG : Encryption failed : General Error
I got seriously pissed of by gpg on debian sarge in the last time cause it refused to encrypt my outgoing mails with really great error messages like :
Encryption failed : General Error
I tried to get more out of it by running kwatchgnupg, but it didn't produce any output. Some
debian bug report i found
revealed the error is caused by some program messing up the ~/.gnupg/gpg.conf file, maybe kgpg.
To get rid of the error, edit your gpg.conf and remove any lines starting with 'encrypt-to'. Then restart
kgpg and kmail and try again.
Firewalled FTP Server on a VServer
Running an FTP Server behind a firewall is not that difficult if you can use the FTP connection
tracking module that IPtables offers. This is not the case if you're using a so-called vServer and
thus lack the ability to load kernel modules. Running active FTP is not an option today as this
would require changes on all clients that are behind firewalls or home routers.
So we need a way to
handle the situation where both client and server are behind firewalls AND there is no ip_conntrack_ftp
module available. This is only possible by configuring the FTP server to use a high port range for the
data connections from clients (rememeber, the server tells the clients the port to connect to on PASV) and
allow TCP connections to these ports.
Here is an example that shows how to do this for the proftpd FTP Server and the IPtables firewall.
1) Setup proftpd to use a passive port range. Add the following line to /etc/proftpd.conf :
PassivePorts 49152 65534
And don't forget to restart the server if it is running standalone :
/etc/init.d/proftpd restart
Now let's tell our firewall to allow incoming connections on these ports :
iptables -A INPUT -p tcp -m tcp --dport 49152:65534 -j ACCEPT
Done. Note that you may need to adapt the exact rules to your firewall, ftpserver and needs.
Using multimedia keyboards with linux
To use the special key of your multimedia keyboard under linux, install the hotkeys package and the fonts it needs. This will do it for debian users :
apt-get install hotkeys libxosd2
Check if your keyboard is on the list of supported keyboards by looking at the keyboard definition files (*.def) in /usr/share/hotkeys or by typing the following command :
hotkeys -l
If it is not, you need to create you own def-file. This is easy : simply copy an existing one, adapt the keycodes for your keyboard and assign actions to the keys. You can get the keycodes by using the program xev and pressing a key. An example file for my Siemens W9020S keyboard can be found here. Note that the actions must not be commands but keywords known to hotkeys. Commands are assigned to the action keywords
later in /etc/hotkeys.conf (see below).
Note : You could also assign custom commands to a key directly in the def-file, but this is not recommended. Here's an example anyways :
<userdef keycode="130" command="quake3 +set fs_game cpma">Quake III CPMA</userdef>
When you've found/created the def-file, adapt /etc/hotkeys.conf to your needs and assign commands to the keys defined in the def-file. Here is an example that uses the multimedia keys defined in the example file shown above to control the amarok audio player :
############################## START of /etc/hotkeys.conf ################################
# choose keyboard, this is the name of the .def-file in /usr/share/hotkeys without file extension
# copy your .def-file there if you created it yourself, it must be in that directory to be used
Kbd=siemens-w9020s
# setup multimedia keys for usage with the amarok audio player using DCOP commands
PrevTrack=dcop amarok player prev
NextTrack=dcop amarok player next
Play=dcop amarok player playPause
Pause=dcop amarok player playPause
# make the OSD fancy
osd_font=-arphic-ar pl kaitim big5-bold-i-normal--0-250-0-0-c-0-*-*
osd_color=LawnGreen
osd_timeout=3
osd_position=bottom
osd_offset=25
############################## END of /etc/hotkeys.conf ################################
Start hotkeys and enjoy! You may want to start hotkeys automatically at KDE login by placing a symlink to hotkeys in your ~/.kde/Autostart directory :
ln -s $(which hotkeys) ~/.kde/Autostart/hotkeys
I'm using a laptop and do not have the USB keyboard attached all of the time. I therefore use this tiny bash script instead of a symlink to check if the keyboard is attached and start hotkeys only if it is.
Running apps from ~/bin/ (or: permanently adding stuff to $PATH)
To add a directory (~/bin/ is used in this example) to your $PATH variable do this :
export PATH="$HOME/bin:$PATH"
echo "PATH=\"\$HOME/bin:\$PATH\"" >> $HOME/.bashrc
Switching between different system configurations in bootloader menu
If you want to be able to select your system settings on your laptop in the boot menu (think dual-screen @ home,
internal LCD only elsewhere), you can define environment variables on the kernel command line and have
an initscript interprete them and copy the right config files in place depending on the value of the variable.
I've recently written an initscript for this purpose that is available below. See the file itself for more information on the usage.
download initscript
Laptop with internal LCD and external LCD/Monitor : videos only visible on internal LCD
I recently connected an external LCD to my laptop and was pretty confused when i tried to watch a movie on the external display
under Linux under the X11 Window System. Though the movie was visible in the xine window on the internal laptop LCD, only
a blue background image could be seen in the same window on the external LCD.
This is a problem with the video overlay and can easily be fixed by adding these lines to your X11 config file (if you're using XFree86 this
is most likely /etc/X11/XF86Config-4, the Xorg-Server uses /etc/X11/xorg.conf instead) under the "device" section that defines the settings
for your graphic card :
Option "OverlayOnCRTC1" "on"
Option "OverlayOnCRTC2" "on"
I found a hint to this solution on this Thinkwiki.org page and added the complete solution there.
Quake 2 Sound sucks (is chopped into pieces)
To get the sound wortking properly, open $HOME/.quake2/baseq2/config.cfg in your favorite editor and change the line
set snddriver "oss"
to the following line:
set snddriver "sdl"
Start quake2. :-)
Quake 3 has no sound at all (nforce2 and some other chipsets)
If all you want it sound for q3a quickly, do this as root and start Quake 3 afterwards:
echo "quake3.x86 0 0 direct" >> /proc/asound/card0/pcm0p/oss
echo "quake3.x86 0 0 disable" >> /proc/asound/card0/pcm0c/oss
Note that the commands above don't make the settings persistent, so you'll have to
add them to a file that is run with root priviledges at boot time. There's quite a few
files you could use, /etc/init.d/boot.local is a possibility. On Kubuntu, using
/etc/init.d/bootmisc.sh works fine.
Disadvantage of the method described above: Quake 3 will block your sound device.
This means that other apps that try to use it while q3a is running (i.e., teamspeak or amarok)
can't do so.
You may want to give aoss a try if this is not acceptable for you. Have a look at the manpage, then try something like
aoss quake3
If you are running KDE and its sound daemon, artsd, you may also want to have a look at artsdsp and try something like
artsdsp -m /usr/local/games/quake3/quake3.x86
Hope this helped.
Installing the proprietary ATI fglrx driver on Debian etch (stable)
This can be done in less then 5 minutes. You'll need to be root to do this. Let's make sure you've got the repositories setup correctly first, you'll obviously need non-free to install proprietary software on Debian.
Check /etc/apt/sources.list and make sure that there's a line similar to this one:
deb http://debian.tu-bs.de/debian/ etch main contrib non-free
The part up to (and including) the word etch may look different for you, but you need to have the word non-free in there.
Let's update the repos and go to work now:
apt-get update
apt-get install fglrx-driver fglrx-control fglrx-kernel-src module-assistant
cd /usr/src/
module-assistant prepare
module-assistant a-i fglrx
Now edit your X11 config file, /etc/X11/xorg.conf. Search for the Section "Device" and find the Driver line. It most likely reads Driver "vesa" or Driver "radeon". Change that line to:
Driver "fglrx"
You can now reboot and enjoy 3D acceleration.
Getting rid of the system beep on Debian linux
That annoying beep is caused by the so-called PC speaker. You could easily pull its plug on a desktop PC, but this gets harder on a laptop. So we'll just unload the driver as root:
rmmod pcspkr
As you may already have guessed, the little bugging fellow will be reborn at the next reboot, so let's kill him forever. Add the following line to /etc/modprobe.d/blacklist:
blacklist pcspkr
Save the file and you're done.
Backing up your cron jobs
This explains how to backup your crontab to transfer it to another server. This is NOT an article about backing up all of your data regularly using cron!
OK, this is very easy. Export your crontab to a file:
myuser@oldhost> $ crontab -l > crontab-myuser-oldhost.cron
Now copy that file to the new server (wget, scp, whatever). Then install it and make sure it is there:
myuser@newhost> $ crontab crontab-myuser-oldhost.cron
myuser@newhost> $ crontab -l
Done. (Note that cron jobs for various system services may hide in /etc/cron* and that you can simply copy those files, but that is none of your business unless you are root. If you want to backup the cron jobs of various users as root and are unsure which users have cron jobs, have a look at /var/spool/cron/crontabs/.)
Forcing a user to change his/her password at next login on linux
You can do this with the passwd command. If you want to force john to change his password the next time he logs into his account, do this as root:
root@box> # passwd -e john
If you want a pasword to expire at a certain date or need more options, have a look at the usermod(8) command.
user@box> $ man 8 usermod
Preventing /etc/motd from getting overwritten at reboot (Debian Etch)
When I recently migrated a server from Debian Woody to Etch I was surprised because my welcome message in /etc/motd got overwritten at reboot. As I discovered some time later, I should maybe have read the documentation :p. From the Debian Etch release notes:
/etc/motd is now a symlink to /var/run/motd which is rebuilt by /etc/init.d/bootmisc.sh from a template, /etc/motd.tail, at each reboot. It means that changes made to /etc/motd will be lost. Changes made into /etc/motd.tail are not automatically applied to /etc/motd other than at reboot.
Also, the EDITMOTD variable at /etc/default/rcS no longer has any effect. If you wish to disable updating of the motd, or want to maintain your own content for the message of the day you just have to point the /etc/motd symlink to a different file such as /etc/motd.static and make your changes there.
So this should help:
root@box> # echo "your welcome message here" > /etc/motd.static
root@box> # rm /etc/motd
root@box> # ln -s /etc/motd.static /etc/motd
base || news || coding || networks || linux || bioinf || stuff || contact