2006 October | OpenSUSE Linux Rants

openSUSE Linux 10.2 beta1 Released

by Scott Morris @ 2:33 pm. Filed under General SUSE, SUSE News

openSUSE Linux 10.2 beta1 has been released. The announcement from Andreas Jaeger is as follows:

I’m glad to announce the first beta of openSUSE 10.2 codename Basilisk
Lizard.

openSUSE 10.2 Beta1 contains a large number of enhancements and
updates done by the open source community and Novell’s development
teams.

We have i386 and x86-64 medias available for download, there’s no
PowerPC distribution since the installation fails on that platform
(Bug #213873).

I’d like to point out especially the following significant changes for
openSUSE 10.2 from our list of updates of all open source
subcomponents, integration of new subcomponents and improvements in
various areas:

  - Linux Kernel 2.6.18.1
  - glibc 2.5
  - Firefox 2.0
  - GNOME 2.16.1
  - KDE 3.5.5
  - X11 R7.2 RC
  - both KDE and GNOME feature improved start menus compared to
    upstream
  - improved desktop effects (compiz 0.2)
  - OpenOffice.org 2.0.4
  - Koffice 1.6
  - gnucash 2.0.2
  - ekiga 2.0.2 VoIP and video conferencing application
  - python 2.5
  - php 5.2 RC
  - cups 1.2.4
  - wink 1.5 software tutorial and presentation creatiation software
  - Using opensync instead of multisync for much better syncing
    between mobile devices and software.
  - numerous improvements to our package manager stack, including a
    new update notification applet (opensuse-updater) and a console
    application called zypper which are non-zmd based.  The update
    stack has been improved in both features and speed.
  - integration of powermanagement features into hal

See also http://en.opensuse.org/Factory/News – and the ChangeLog file
on the first media of each set for a really detailed overview.

Beta1 has a couple of rough edges, the most annoying ones are
documented at http://en.opensuse.org/Bugs:Most_Annoying_Bugs . For
now let me just point out the following:

* On some new installations an error occured preparing a hard disk Bug
  #214682. This seems to happen on disks without any prior
  partitioning and when using EVMS. EVMS is broken here. If this
  happens, start the installation again.
* zen-updater is not installed by default Bug #214877
* kpowersave crashes directly Bug #214881
* The product is not completely localised, localisation will be done
  for Beta2.
* Grub installs in MBR no matter what is selected in YaST2-bootloader
  (Bug #213256)
*  Major changes in the bluez-libs might lead to problems with
   connecting to Bluetooth-devices
* Help Center Integration of the openSUSE Manuals is work in
  progress. There are issues with the desktop files (Bug #213573)
* yelp segfaults (Bug #210429)
* The product is not completly localised, localisation will be done
  for Beta2.

openSUSE 10.2 Beta1 comes in different medias:
* 5 CDs, you need CDs 1-3 for a normal installation with just GNOME or
  KDE (any language)
* 1 AddOn CD with only binary packages on it
* 1 AddOn CD with language packages that are used for our tier 2
  languages (tier 1 languages are english, french, italian, spanish,
  german, chinese, japanese and czech - and support for those is on
  the standard 5 CDs) (the 5 CDs have support for installation in all
  languages, just extra packages are only on this extra media)
* 1 DVD containing the contents of the above 7 media
* a FTP tree with open source packages (only for the final version,
  for now use the factory tree)
* a FTP tree with binary packages (only for the final version, for now
  use the factory-extra tree)

We have created Delta ISOs from the DVD of Alpha5 and from the CDs of
Alpha4. Please use them for download. We have mastered the DVD5 for
i386 and x86-64 and will distribute it *only* via bittorrent – and as
deltas from the previous version.

For this release we would like to put up a call for testing, focusing
especially on these three areas:

* Python 2.5: As we upgraded to Python 2.5, we would like to ask you
  to test all Python-related packages, especially on x86-64.
* OpenOffice.org on x86-64 (yes, a native 64-bit OpenOffice.org package)
* the OpenSync 0.19 framework and its plugins

Please report all bugs you find on in our bugzilla as explained in
http://bugs.opensuse.org, discussion is most appropriate on the
opensuse-factory@opensuse.org mailing list.

Thanks to everybody making this release happen – and thanks to all
testing it!

Andreas

P.S. Here’re the usual handy URLs for download:

Download URLs for the torrents of the DELTA-ISOs:

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/openSUSE-10.2-Alpha4_Beta1-i386.torrent

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/openSUSE-10.2-Alpha4_Beta1-x86_64.torrent

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/openSUSE-10.2-Alpha5_Beta1-DVD-i386.torrent

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/openSUSE-10.2-Alpha5_Beta1-DVD-x86_64.torrent

Download URLs for the torrents of the ISOs:

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/openSUSE-10.2-Beta1-i386.torrent

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/openSUSE-10.2-Beta1-x86_64.torrent

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/openSUSE-10.2-Beta1-DVD-i386.torrent

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/openSUSE-10.2-Beta1-DVD-x86_64.torrent

Download URLs for the Add-On Media torrent:

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/openSUSE-10.2-Beta1-Addon-BiArch.torrent

Download URLs for the Add-On Media torrent:

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/openSUSE-10.2-Beta1-Addon-Lang-i386.torrent

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/openSUSE-10.2-Beta1-Addon-Lang-x86_64.torrent

Download URLs for the full Delta ISOs:

x86 architecture (Intel 32-bit) architecture:

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/delta-iso/openSUSE-10.2-Alpha4_Beta1-i386-CD1.delta.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/delta-iso/openSUSE-10.2-Alpha4_Beta1-i386-CD2.delta.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/delta-iso/openSUSE-10.2-Alpha4_Beta1-i386-CD3.delta.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/delta-iso/openSUSE-10.2-Alpha4_Beta1-i386-CD4.delta.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/delta-iso/openSUSE-10.2-Alpha4_Beta1-i386-CD5.delta.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/delta-iso/openSUSE-10.2-Alpha5_Beta1-DVD-i386.delta.iso

For x86-64 (AMD64 / EM64T) 64-bit architecture:

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/delta-iso/openSUSE-10.2-Alpha4_Beta1-x86_64-CD1.delta.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/delta-iso/openSUSE-10.2-Alpha4_Beta1-x86_64-CD2.delta.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/delta-iso/openSUSE-10.2-Alpha4_Beta1-x86_64-CD3.delta.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/delta-iso/openSUSE-10.2-Alpha4_Beta1-x86_64-CD4.delta.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/delta-iso/openSUSE-10.2-Alpha4_Beta1-x86_64-CD5.delta.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/delta-iso/openSUSE-10.2-Alpha5_Beta1-DVD-x86_64.delta.iso

Download URLs for the full ISOs:

x86 architecture (Intel 32-bit) architecture:

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/iso/openSUSE-10.2-Beta1-i386-CD1.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/iso/openSUSE-10.2-Beta1-i386-CD2.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/iso/openSUSE-10.2-Beta1-i386-CD3.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/iso/openSUSE-10.2-Beta1-i386-CD4.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/iso/openSUSE-10.2-Beta1-i386-CD5.iso

For x86-64 (AMD64 / EM64T) 64-bit architecture:

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/iso/openSUSE-10.2-Beta1-x86_64-CD1.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/iso/openSUSE-10.2-Beta1-x86_64-CD2.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/iso/openSUSE-10.2-Beta1-x86_64-CD3.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/iso/openSUSE-10.2-Beta1-x86_64-CD4.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/iso/openSUSE-10.2-Beta1-x86_64-CD5.iso

Download URLs for the Binary Add-On Media ISOs:

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/non-oss/openSUSE-10.2-Beta1-Addon-BiArch.iso

Download URLs for the Language Add-On Media ISOs:

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/non-oss/openSUSE-10.2-Beta1-Addon-Lang-i386.iso

http://download.opensuse.org/distribution/openSUSE-10.2-Beta1/non-oss/openSUSE-10.2-Beta1-Addon-Lang-x86_64.iso

[Comments (2)] [link]

Linux and FOSS gain additional support from a major proprietary software giant

by Scott Morris @ 9:34 am. Filed under General Linux, Linux News

I absolutely cannot pass this one up:

Zombies Control Half of Windows PCs – http://www.internetnews.com/stats/article.php/3640216

This article outlines what Microsoft has discovered from their OWN Windows Malicious Software Removal Tool.

Favorite quotes:

“Of the many forms of attacks uncovered during the first half of 2006, the company said backdoor Trojans which take control of infected computers can be found in almost one out of every two Windows-based systems.”

What a surprise this wasn’t.

“Of the 4 million Windows machines that used the MSRT, nearly 2 million contained at least one backdoor Trojan.”

This is a statistic that I have always dreamed of actually believing, and now I can. Again, this info comes directly from M$.

“While 50 percent seems high, the results are actually an improvement over last year, when 68 percent of computers had a backdoor Trojan.”

And what percentage of Linux machines have these types of problems?

* looks around *

No hands, huh? Wait, I’ve never heard of ANY Linux box having this type of plague raging through it.

Moral to the story: Use Linux. Be happy.

[Comments (6)] [link]

October 25, 2006

Linux and FOSS receive their first full support from Microsoft

by Scott Morris @ 6:53 am. Filed under General Linux, My Opinion

Yep, I do write a lot about how I detest Microsoft. That’s the *RANTS* part of SUSE LINUX RANTS…. it should actually be read SUSE/LINUX/RANTS. Nitroglycerin seems a better description for me than Nitrogen. The latter does not really react with anything, while the former very much does, being just a bit unstable. OK, a lot unstable.

Moving right along…

I stumbled upon this article which discusses the new Vista EULA. The basic premise is that you will have the right to install it on one computer at a time, for a maximum total of two. After that, you are just left out in the cold. Your only option after that is to purchase another license.

The article quotes the EULA as follows:

“The first user of the software may reassign the license to another device one time.”

Is everyone paying attention?

The only logical explanation I can find for this behavior is that Microsoft is tired of having the majority of the market share. Apparently, that is their way of telling people to use other alternatives. Like Linux, for example. You see, I think the days of good old M$ are numbered. It seems like a lot of M$ execs lately have either flown the coop or have announced that they will be leaving. Apparently, they know something that open source users also know, but the M$ fanbase does not: M$ has seen the peak of their reign.

With all the delays in Vista, all its great new features dropped, the license, the hardware requirements, and all such unfortunate related situations, it’s a disaster waiting to happen. What’s funny is that Linux users will hardly even feel any of the negative fallout of this. As a matter of fact, people are already starting to realize that they don’t have to pay a company many hundreds of dollars for indentured servitude. Really, when considering Windows and its users, which is the master and which is the slave?

All that said, people are realizing that there’s no need to pay all that money for something so bloated, resource-hungry, and otherwise without unique benefit. There is no need to have an aneurism worrying about viruses and spyware infesting your computer. No need to justify pirating the OS because you can’t afford it. With how far the big Linux players have come (e.g., openSUSE, Ubuntu, Fedora, Mandriva, etc.), one of them can very likely satisfy the requirements you have for your OS. You just want to point and click and never have to even think about the command line? SUSE will gladly provide that for you.

The other thing is that, while Linux may still be a bit underpolished in an aspect or two, look at it this way: M$ has been making OSes for over 20 years now. Vista is the best they can do. Linux has been around for a little over 10 years. It has reached a maturity point where it is perfectly capable of performing as an enterprise desktop (a la Novell’s SUSE Linux Enterprise Desktop 10). It is not plagued with the gaping security holes and design flaws that haunt M$ OSes.

Linux has come a very long way in just over 10 years, and it will ONLY get better from here. That is the part that I really enjoy. The incredible progress of Linux has become even more apparent through projects like the development of XGL. That is like a beacon to the world that Linux is not just for technical wizards anymore. The open source community is interested, focused, and actively pursuing ways to make Linux more accessible to people who want their OS to “Just Work.”

M$ has seen its prime, and is only going downhill (probably won’t go away any time soon, though). Linux growth continues to explode, and is only getting better in leaps and bounds. And it doesn’t get viruses. And it’s free. And so is 99.9% of the software that runs on it. And it can likely do what you need. And it is very, very powerful. And people are realizing all of this. In an effort to drive this point home to everyone, M$ came up with this ingenius idea to put in the “Reassign to another device” clause. Absolutely brilliant.

[Comments (0)] [link]

October 17, 2006

Linux, Thunderbird, and Open Source are the way to go

by Scott Morris @ 7:02 am. Filed under General Linux

M$ Outlook has to be one of the biggest scams in history.

At work, we’re sending out a mass email to all our clients. As I’m testing the system, I notice several things. First off, Thunderbird renders everything I throw at it completely correctly. I send it stuff from other email clients in an array of formats, and it renders everything exactly as it should. The HTML looks just like it is supposed to. When I view the plain-text version of the message, it actually displays to me the veritable text/plain part of the email message. No problems there. Standards are wonderful when people comply to them.

Everything all set up correctly, I shoot some emails from my script over to a user running Outlook. I could scarcely believe my eyes. When we told Outlook to render the HTML version of the email, it looked fine. When we told it to render out the plain-text version, IT RENDERED THE HTML VERSION AS TEXT and completely disregarded the text/plain part of the email that was included. Boy, let’s invent our own set of standards and then force the entire world to use them. And let’s make them just different enough from the *REAL* standards that, in order to use the technology, everyone has to conform to the way *WE* do things. Rock on. Having a monopoly must really rock.

Also, in Thunderbird, to view an email message as plain-text, from the main Thunderbird window, you select VIEW, then MESSAGE BODY AS, then PLAIN TEXT. And then Thunderbird actually shows the text/plain part of the message. Slick and easy, and, of course standards-compliant.

In Outlook, you have to double-click the message to open it in a new window. Then, you have to click on the EDIT menu, and select EDIT MESSAGE. Then, you have to go over to the FORMAT menu, and select HTML. Then Outlook pops up a window saying, “If you do this, the Universe will implode and all your formatting will completely evaporate.” To which, you confusingly have to select YES. Only then will it show your message as text, and not even the real plain-text version of the email. It’s the HTML in the email rendered as plain-text.

Not to mention that you cannot save out an email from Outlook in the plain-text .eml format that the entire rest of the Universe uses. You save it out as a *BINARY* .msg format which, of course, is totally useless anywhere except in Outlook, thus completely nullifying the point of even saving out messages.

Oh, yeah, and there’s the fact that you cannot even export the address book in any format that is compatible with its Outlook Express little brother (which I’ve actually had decent experience with, once the security is tightened down; of course, that was before I started using Linux). You have to go through 23 third-party applications, converting it between CSV, LDAP, AVI, JPG, and ICO formats before you can even get it into Outlook Express. Then, you have to spend half a millenium fixing all of the fields that were imported wrong.

It surely must be nice to take a dump on a blank CD-ROM and call it usable software.

[Comments (4)] [link]

October 10, 2006

10 Ways to Audit Processes, Users, and Connections on a Linux Box

by Scott Morris @ 7:01 am. Filed under General Linux, How-To, SUSE Tips & Tricks

Recently, a network that I was using had a production server on it with some problems. One minute, we could connect to it just fine and the next minute, we couldn’t. I initially got in, ran ‘top’, tailed ‘/var/log/messages’, and ran ‘ps aux’ a few times. Absolutely nothing came up as strange.

It just so happened that we were pinging the server as we were rebooting it. As the machine shut down, it was still responding to pings. Red flag. There was an IP conflict with another machine. ‘nmap’ allowed for some OS fingerprinting, which gave us a little more information about the impostor (I’ll take the time here to tell you that it was a machine running Windows – massively underwhelming surprise there).

I looked around for something that might be useful as a monitor to let me know when that kind of thing happened. I didn’t really find anything. If you have any suggestions on tools that can do this, please leave a comment and point me in the right direction. Having found nothing, I set out to see if I could write something to do this.

I was quite pleased to notice that with an easy combination of the ‘ping’, ‘arp’, and ‘nslookup’ commands in a simple PHP script, I was able to acquire the information I needed to hack out a small monitor. It isn’t quite functional yet, but now it’s just a matter of how to store and report on the data. When I have it working, I’ll post it. Again, if you know of something that can monitor ARP tables on a local machine, and email a notification when things “look funny,” please enlighten me.

This also made me a little more aware of how I’d be able to monitor things on a given box in real-time, maybe with a handful of ’screen’ sessions while connected in remotely. I was looking for things that could answer some questions like:

Who is logged into the machine?
What are they doing?
Where are they logged in from?
What active TCP/UDP connections are there?
Where are these connections being made to/from?
What running processes are there?
Who do they belong to?
What was the command used to invoke them?

I was looking for answers to these types of questions.

Searching around, it became apparent that there is a decent handful of commands, to be sure. Let’s take a look at some of these commands and a slick tool that Steve told me about. As a general rule, running these commands as root provides more information.

First of all, we have the ‘w’ command. From the man page, we learn that the purpose of this command is to “Show who is logged on and what they are doing.” Sample output is as follows:

[0908][scott@suse-linux:~]$ w
 09:08:21 up 13 days, 22:10,  3 users,  load average: 0.00, 0.06, 0.08
USER     TTY        LOGIN@   IDLE   JCPU   PCPU WHAT
scott    :0        Mon08   ?xdm?   4:50   0.10s /bin/sh /opt/kde3/bin/startkde
scott    pts/0     Mon08   24:42m  0.00s  3.60s kded [kdeinit] --new-startup
scott    pts/1     09:08    0.00s  0.02s  0.00s w
[0908][scott@suse-linux:~]$

Then there’s the ‘who’ command, which has a similar purpose, “show who is logged on.” Output:

[0939][scott@suse-linux:~]$ who
scott    :0           2006-10-09 08:26 (console)
scott    pts/0        2006-10-09 08:26
scott    pts/1        2006-10-10 09:08
[0939][scott@suse-linux:~]$

Another command will display “info on the last login of each user.” Amazingly enough, it is the ‘lastlog’ command. Output:

[0942][scott@suse-linux:~]$ lastlog
Username                Port     Latest
at                               **Never logged in**
beagleindex                      **Never logged in**
bin                              **Never logged in**
daemon                           **Never logged in**
ftp                              **Never logged in**
games                            **Never logged in**
haldaemon                        **Never logged in**
lp                               **Never logged in**
mail                             **Never logged in**
man                              **Never logged in**
mdnsd                            **Never logged in**
messagebus                       **Never logged in**
news                             **Never logged in**
ntp                              **Never logged in**
postfix                          **Never logged in**
root                    tty1     Mon Sep 25 11:17:15 -0600 2006
sshd                             **Never logged in**
suse-ncc                         **Never logged in**
uucp                             **Never logged in**
wwwrun                           **Never logged in**
scott                   :0       Mon Oct  9 08:26:04 -0600 2006
[0942][scott@suse-linux:~]$

If you want to see the entire login history, you can get this with ‘last’. You can limit the number of lines displayed (15 in the example), as well. Output:

[0944][scott@suse-linux:~]$ last -15
scott    pts/1                         Tue Oct 10 09:08   still logged in
scott    pts/4                         Mon Oct  9 16:49 - 16:52  (00:03)
scott    pts/6                         Mon Oct  9 14:50 - 14:56  (00:06)
scott    pts/4                         Mon Oct  9 14:49 - 14:56  (00:07)
scott    pts/7                         Mon Oct  9 12:55 - 12:58  (00:03)
scott    pts/6                         Mon Oct  9 12:53 - 12:58  (00:05)
scott    pts/4                         Mon Oct  9 12:49 - 12:59  (00:09)
scott    pts/6                         Mon Oct  9 11:13 - 11:13  (00:00)
scott    pts/4                         Mon Oct  9 11:13 - 11:14  (00:01)
scott    pts/4                         Mon Oct  9 08:39 - 08:41  (00:01)
scott    pts/2                         Mon Oct  9 08:35 - 08:35  (00:00)
scott    pts/7                         Mon Oct  9 08:35 - 08:35  (00:00)
scott    pts/17                        Mon Oct  9 08:35 - 08:35  (00:00)
scott    pts/2                         Mon Oct  9 08:34 - 08:34  (00:00)
scott    pts/16                        Mon Oct  9 08:34 - 08:35  (00:00)

wtmp begins Mon Sep 25 08:28:24 2006
[0945][scott@suse-linux:~]$

One of the cooler commands is ‘netstat’. The man page states that its purpose is to “Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.” Experiement with the -u, -t, -a, -p, -e, and -n switches, or stick them all together:

suse-linux:/home/scott # netstat -utapen
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name
tcp        0      0 127.0.0.1:1863          0.0.0.0:*               LISTEN      1000       6725360    29228/ssh
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      0          7728       2774/portmap
tcp        0      0 127.0.0.1:2544          0.0.0.0:*               LISTEN      0          8763       3126/zmd
tcp        0      0 0.0.0.0:2803            0.0.0.0:*               LISTEN      0          8066       -
tcp        0      0 0.0.0.0:631             0.0.0.0:*               LISTEN      0          10809      3029/cupsd
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      0          8158       2987/master
tcp        0      0 192.168.0.162:2340      216.239.53.104:80       ESTABLISHED 1000       6933132    14485/firefox-bin
tcp        0      0 192.168.0.162:1023      192.168.0.161:2049      ESTABLISHED 0          6933362    -
tcp        0      0 192.168.0.162:1629      216.239.57.104:80       ESTABLISHED 1000       6933062    14485/firefox-bin
tcp        0      0 192.168.0.162:3980      202.181.132.131:80      ESTABLISHED 1000       6933068    14485/firefox-bin
tcp        0      0 192.168.0.162:3976      202.181.132.131:80      ESTABLISHED 1000       6933050    14485/firefox-bin
tcp        0      0 192.168.0.162:3973      202.181.132.131:80      ESTABLISHED 1000       6933047    14485/firefox-bin
tcp        0      0 192.168.0.162:3972      202.181.132.131:80      ESTABLISHED 1000       6933046    14485/firefox-bin
tcp        0      0 192.168.0.162:3975      202.181.132.131:80      ESTABLISHED 1000       6933049    14485/firefox-bin
tcp        0      0 192.168.0.162:3971      202.181.132.131:80      ESTABLISHED 1000       6933044    14485/firefox-bin
tcp        0      0 192.168.0.162:3970      202.181.132.131:80      ESTABLISHED 1000       6933043    14485/firefox-bin
tcp        0      0 192.168.0.162:2528      64.233.187.104:80       ESTABLISHED 1000       6933078    14485/firefox-bin
tcp        0      0 192.168.0.162:2140      65.204.194.118:22       ESTABLISHED 1000       6725356    29228/ssh
tcp        0    416 192.168.0.162:1199      192.168.0.3:22          ESTABLISHED 0          6933024    15247/ssh
tcp        0      0 ::1:1863                :::*                    LISTEN      1000       6725361    29228/ssh
tcp        0      0 :::22                   :::*                    LISTEN      0          8792       3149/sshd
tcp        0      0 ::1:25                  :::*                    LISTEN      0          8159       2987/master
udp        0      0 0.0.0.0:1024            0.0.0.0:*                           0          7686       2709/mdnsd
udp        0      0 0.0.0.0:1025            0.0.0.0:*                           0          8062       -
udp        0      0 127.0.0.1:4500          0.0.0.0:*                           0          9121       3285/racoon
udp        0      0 192.168.0.162:4500      0.0.0.0:*                           0          9119       3285/racoon
udp     9140      0 0.0.0.0:68              0.0.0.0:*                           0          7210       2652/dhcpcd
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           78         6592728    2709/mdnsd
udp        0      0 0.0.0.0:111             0.0.0.0:*                           0          7727       2774/portmap
udp        0      0 127.0.0.1:500           0.0.0.0:*                           0          9120       3285/racoon
udp        0      0 192.168.0.162:500       0.0.0.0:*                           0          9118       3285/racoon
udp        0      0 0.0.0.0:631             0.0.0.0:*                           0          10810      3029/cupsd
suse-linux:/home/scott #

Another way to view information on running processes is with the ‘ps’ command. Add in the ‘auxf’ options for extra goodness. Because of the amount of output that this command generates, I will only include a small snippet here:

suse-linux:/home/scott # ps auxf
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0    720    68 ?        Ss   Sep26   0:01 init [5]
root         2  0.0  0.0      0     0 ?        SN   Sep26   0:02 [ksoftirqd/0]
root         3  0.0  0.0      0     0 ?        S<   Sep26   0:02 [events/0]
root         4  0.0  0.0      0     0 ?        S<   Sep26   0:00 [khelper]
root         5  0.0  0.0      0     0 ?        S<   Sep26   0:00 [kthread]
root         7  0.0  0.0      0     0 ?        S<   Sep26   0:14  \_ [kblockd/0]
root         8  0.0  0.0      0     0 ?        S<   Sep26   0:00  \_ [kacpid]
root        67  0.0  0.0      0     0 ?        S<   Sep26   0:00  \_ [kseriod]
root       109  0.0  0.0      0     0 ?        S<   Sep26   0:00  \_ [aio/0]
root       314  0.0  0.0      0     0 ?        S<   Sep26   0:00  \_ [cqueue/0]
root       352  0.0  0.0      0     0 ?        S<   Sep26   0:00  \_ [kpsmoused]
root       700  0.0  0.0      0     0 ?        S<   Sep26   0:00  \_ [ata/0]
root       709  0.0  0.0      0     0 ?        S<   Sep26   0:00  \_ [scsi_eh_0]
root       710  0.0  0.0      0     0 ?        S<   Sep26   0:00  \_ [scsi_eh_1]
root       742  0.0  0.0      0     0 ?        S<   Sep26   0:22  \_ [reiserfs/0]
root      1163  0.0  0.0      0     0 ?        S<   Sep26   0:00  \_ [khubd]
root      1278  0.0  0.0      0     0 ?        S<   Sep26   0:00  \_ [shpchpd]
root      2908  0.0  0.0      0     0 ?        S<   Sep26   0:00  \_ [kauditd]
root      2943  0.0  0.0      0     0 ?        S<   Sep26   0:00  \_ [rpciod/0]
root     18915  0.0  0.0      0     0 ?        S<   Sep27   0:00  \_ [cifsoplockd]
root     18916  0.0  0.0      0     0 ?        S<   Sep27   0:00  \_ [cifsdnotifyd]
root     24503  0.0  0.0      0     0 ?        S    Oct03   0:07  \_ [pdflush]
root     24504  0.0  0.0      0     0 ?        S    Oct03   0:08  \_ [pdflush]
root       108  0.0  0.0      0     0 ?        S    Sep26   0:14 [kswapd0]
root       822  0.0  0.0   1860   284 ?        S<s  Sep26   0:00 /sbin/udevd --daemon
root      1965  0.0  0.0   1892   452 ?        Ss   Sep26   0:00 /sbin/syslog-ng
root      1968  0.0  0.0   1664   256 ?        Ss   Sep26   0:00 /sbin/klogd -c 1 -x -x
root      2009  0.0  0.0   1796   220 ?        Ss   Sep26   0:00 /sbin/resmgrd
100       2011  0.0  0.1   3416   576 ?        Ss   Sep26   0:02 /usr/bin/dbus-daemon --system
root      2048  0.0  0.0   1644   144 ?        Ss   Sep26   0:00 /sbin/acpid
root      2091  0.0  0.2   4400  1212 ?        Ss   Sep26   0:02 /usr/sbin/hald --daemon=yes --retain-privileges
root      2466  0.0  0.0   1816   132 ?        S    Sep26   0:00  \_ hald-addon-acpi
root      2572  0.0  0.0   1816   140 ?        S    Sep26   0:53  \_ hald-addon-storage
root      2591  0.0  0.0   2932   304 ?        S    Sep26   0:00 /opt/kde3/bin/kdm
root     21894  0.1  6.0  40372 31284 tty7     Ss+  Oct06   9:30  \_ /usr/X11R6/bin/X -br -nolisten tcp :0 vt7 -auth /var/lib/xdm/authdir/authfiles/A:0-P
root     21895  0.0  0.0   3984   352 ?        S    Oct06   0:00  \_ -:0
scott    28134  0.0  0.0   4044   284 ?        Ss   Oct09   0:00      \_ /bin/sh /opt/kde3/bin/startkde
scott    28179  0.0  0.0   4392   252 ?        Ss   Oct09   0:00          \_ ssh-agent /bin/bash /etc/X11/xinit/xinitrc
scott    28232  0.0  0.0   1504   116 ?        S    Oct09   0:00          \_ kwrapper ksmserver
(etcetera)
suse-linux:/home/scott #

There is also ‘top’:

top - 11:51:08 up 14 days, 52 min,  3 users,  load average: 0.17, 0.18, 0.07
Tasks:  97 total,   2 running,  95 sleeping,   0 stopped,   0 zombie
Cpu(s):  0.7% us,  0.0% sy,  0.0% ni, 99.3% id,  0.0% wa,  0.0% hi,  0.0% si
Mem:    515636k total,   458484k used,    57152k free,    61080k buffers
Swap:  1052216k total,    38060k used,  1014156k free,   143860k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
21894 root      15   0  168m  30m 3980 R  0.7  6.1   9:41.42 X
    1 root      16   0   720   68   40 S  0.0  0.0   0:01.44 init
    2 root      34  19     0    0    0 S  0.0  0.0   0:02.62 ksoftirqd/0
    3 root      10  -5     0    0    0 S  0.0  0.0   0:02.04 events/0
    4 root      11  -5     0    0    0 S  0.0  0.0   0:00.00 khelper
    5 root      10  -5     0    0    0 S  0.0  0.0   0:00.00 kthread
    7 root      10  -5     0    0    0 S  0.0  0.0   0:14.01 kblockd/0
    8 root      20  -5     0    0    0 S  0.0  0.0   0:00.00 kacpid
   67 root      10  -5     0    0    0 S  0.0  0.0   0:00.00 kseriod
  108 root      15   0     0    0    0 S  0.0  0.0   0:14.37 kswapd0
  109 root      19  -5     0    0    0 S  0.0  0.0   0:00.00 aio/0
  314 root      16  -5     0    0    0 S  0.0  0.0   0:00.00 cqueue/0
  352 root      11  -5     0    0    0 S  0.0  0.0   0:00.00 kpsmoused
  700 root      11  -5     0    0    0 S  0.0  0.0   0:00.00 ata/0
  709 root      11  -5     0    0    0 S  0.0  0.0   0:00.00 scsi_eh_0
  710 root      11  -5     0    0    0 S  0.0  0.0   0:00.00 scsi_eh_1
  742 root      10  -5     0    0    0 S  0.0  0.0   0:22.08 reiserfs/0
  822 root      12  -4  1860  284  228 S  0.0  0.1   0:00.15 udevd
 1163 root      10  -5     0    0    0 S  0.0  0.0   0:00.00 khubd
 1278 root      11  -5     0    0    0 S  0.0  0.0   0:00.00 shpchpd
 1965 root      15   0  1892  452  324 S  0.0  0.1   0:00.08 syslog-ng
 1968 root      15   0  1664  256  192 S  0.0  0.0   0:00.00 klogd
 2009 root      16   0  1796  220  216 S  0.0  0.0   0:00.01 resmgrd
 2011 messageb  15   0  3416  576  444 S  0.0  0.1   0:02.88 dbus-daemon
 2048 root      16   0  1644  144  140 S  0.0  0.0   0:00.00 acpid
 2091 root      15   0  4400 1212  884 S  0.0  0.2   0:02.86 hald
 2466 root      25   0  1816  132  128 S  0.0  0.0   0:00.00 hald-addon-acpi
 2572 root      15   0  1816  140  124 S  0.0  0.0   0:53.57 hald-addon-stor
 2591 root      15   0  2932  304  260 S  0.0  0.1   0:00.01 kdm
 2652 root      16   0  1544  128   92 S  0.0  0.0   0:00.00 dhcpcd
 2709 mdnsd     15   0  2220  384  308 S  0.0  0.1   0:00.52 mdnsd
 2774 nobody    16   0  1560  220  164 S  0.0  0.0   0:00.01 portmap
 2908 root      10  -5     0    0    0 S  0.0  0.0   0:00.00 kauditd
 2930 root      13  -3  9984  336  264 S  0.0  0.1   0:00.00 auditd
 2943 root      10  -5     0    0    0 S  0.0  0.0   0:00.00 rpciod/0
 2944 root      19   0     0    0    0 S  0.0  0.0   0:00.00 lockd
 2987 root      16   0  5060  436  348 S  0.0  0.1   0:00.07 master
 3021 root      16   0  1808  268  220 S  0.0  0.1   0:00.05 cron
 3029 lp        15   0  7240  448  308 S  0.0  0.1   0:00.44 cupsd
 3100 root      15   0  107m  972  644 S  0.0  0.2   0:04.83 nscd
 3149 root      17   0  4952  152  148 S  0.0  0.0   0:00.09 sshd
 3223 root      16   0  4264  708  588 S  0.0  0.1   0:00.63 powersaved
 3285 root      15   0  3680  248  152 S  0.0  0.0   0:00.00 racoon
 3293 root      17   0  1960  212  208 S  0.0  0.0   0:00.00 mingetty
 3294 root      17   0  1960  196  192 S  0.0  0.0   0:00.00 mingetty
 3295 root      17   0  1960  196  192 S  0.0  0.0   0:00.00 mingetty
 3296 root      17   0  1960  196  192 S  0.0  0.0   0:00.00 mingetty
 3297 root      17   0  1960  196  192 S  0.0  0.0   0:00.00 mingetty

You can also watch the system log with the ‘tail’ command. An example is as follows:

suse-linux:/home/scott # tail -f /var/log/messages
Oct 10 09:51:15 suse-linux kernel: device eth0 left promiscuous mode
Oct 10 09:53:38 suse-linux kernel: device eth0 entered promiscuous mode
Oct 10 09:54:39 suse-linux kernel: device eth0 left promiscuous mode
Oct 10 09:57:47 suse-linux kernel: device eth0 entered promiscuous mode
Oct 10 10:04:14 suse-linux kernel: device eth0 left promiscuous mode
Oct 10 10:06:00 suse-linux kernel: device eth0 entered promiscuous mode
Oct 10 10:28:18 suse-linux syslog-ng[1965]: STATS: dropped 0
Oct 10 11:17:46 suse-linux kernel: device eth0 left promiscuous mode
Oct 10 11:28:18 suse-linux syslog-ng[1965]: STATS: dropped 0
Oct 10 11:43:38 suse-linux su: (to root) scott on /dev/pts/3

It is a good idea to leave this window open as it refreshes automatically as more information is added to the log file.

Lastly, it is possible to view the open files by a user or process with ‘lsof’. Open files by process 14865:

suse-linux:/home/scott # lsof -p 14865
COMMAND   PID USER   FD   TYPE DEVICE    SIZE   NODE NAME
bash    14865 root  cwd    DIR    3,7    2760      4 /home/scott
bash    14865 root  rtd    DIR    3,6     568      2 /
bash    14865 root  txt    REG    3,6  501804 109334 /bin/bash
bash    14865 root  mem    REG    0,0              0 [heap] (stat: No such file or directory)
bash    14865 root  mem    REG    3,6  217016  60456 /var/run/nscd/passwd
bash    14865 root  mem    REG    3,6  208464  17233 /usr/lib/locale/en_US.utf8/LC_CTYPE
bash    14865 root  mem    REG    3,6  880086  17234 /usr/lib/locale/en_US.utf8/LC_COLLATE
bash    14865 root  mem    REG    3,6 1404242  13934 /lib/libc-2.4.so
bash    14865 root  mem    REG    3,6   13814  13940 /lib/libdl-2.4.so
bash    14865 root  mem    REG    3,6  288188  17765 /lib/libncurses.so.5.5
bash    14865 root  mem    REG    3,6   26696  18379 /lib/libhistory.so.5.1
bash    14865 root  mem    REG    3,6  189436  18381 /lib/libreadline.so.5.1
bash    14865 root  mem    REG    3,6      54  17208 /usr/lib/locale/en_US.utf8/LC_NUMERIC
bash    14865 root  mem    REG    3,6    2451  15037 /usr/lib/locale/en_US.utf8/LC_TIME
bash    14865 root  mem    REG    3,6     286  15036 /usr/lib/locale/en_US.utf8/LC_MONETARY
bash    14865 root  mem    REG    3,6      52  17198 /usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES
bash    14865 root  mem    REG    3,6      34  17039 /usr/lib/locale/en_US.utf8/LC_PAPER
bash    14865 root  mem    REG    3,6      77  17001 /usr/lib/locale/en_US.utf8/LC_NAME
bash    14865 root  mem    REG    3,6     155  15033 /usr/lib/locale/en_US.utf8/LC_ADDRESS
bash    14865 root  mem    REG    3,6      59  17000 /usr/lib/locale/en_US.utf8/LC_TELEPHONE
bash    14865 root  mem    REG    3,6      23  17002 /usr/lib/locale/en_US.utf8/LC_MEASUREMENT
bash    14865 root  mem    REG    3,6   25404  50721 /usr/lib/gconv/gconv-modules.cache
bash    14865 root  mem    REG    3,6     373  15034 /usr/lib/locale/en_US.utf8/LC_IDENTIFICATION
bash    14865 root  mem    REG    3,6  124463  13927 /lib/ld-2.4.so
bash    14865 root    0u   CHR  136,1              3 /dev/pts/1
bash    14865 root    1u   CHR  136,1              3 /dev/pts/1
bash    14865 root    2u   CHR  136,1              3 /dev/pts/1
bash    14865 root    4r   REG    3,7    4097  50837 /home/scott/.fonts.cache-2
bash    14865 root  255u   CHR  136,1              3 /dev/pts/1
suse-linux:/home/scott #

Open files by user ‘postfix’:

suse-linux:/home/scott # lsof -u postfix
COMMAND   PID    USER   FD   TYPE     DEVICE    SIZE    NODE NAME
pickup  15122 postfix  cwd    DIR        3,6     384   42756 /var/spool/postfix
pickup  15122 postfix  rtd    DIR        3,6     568       2 /
pickup  15122 postfix  txt    REG        3,6   10412   42441 /usr/lib/postfix/pickup
pickup  15122 postfix  mem    REG        0,0               0 [heap] (stat: No such file or directory)
pickup  15122 postfix  mem    REG        3,6  217016   60458 /var/run/nscd/group
pickup  15122 postfix  mem    REG        3,6  217016   60456 /var/run/nscd/passwd
pickup  15122 postfix  mem    REG        3,6  100331   13960 /lib/libpthread-2.4.so
pickup  15122 postfix  mem    REG        3,6   13814   13940 /lib/libdl-2.4.so
pickup  15122 postfix  mem    REG        3,6 1404242   13934 /lib/libc-2.4.so
pickup  15122 postfix  mem    REG        3,6   74278   13962 /lib/libresolv-2.4.so
pickup  15122 postfix  mem    REG        3,6   87850   13945 /lib/libnsl-2.4.so
pickup  15122 postfix  mem    REG        3,6  931232   18430 /usr/lib/libdb-4.3.so
pickup  15122 postfix  mem    REG        3,6 1208240   33727 /usr/lib/libcrypto.so.0.9.8
pickup  15122 postfix  mem    REG        3,6  246884  221993 /usr/lib/libssl.so.0.9.8
pickup  15122 postfix  mem    REG        3,6   85772   23833 /usr/lib/libsasl2.so.2.0.21
pickup  15122 postfix  mem    REG        3,6  179596   18503 /usr/lib/libpcre.so.0.0.1
pickup  15122 postfix  mem    REG        3,6   58310   37480 /usr/lib/liblber-2.3.so.0.2.7
pickup  15122 postfix  mem    REG        3,6  255945   37482 /usr/lib/libldap-2.3.so.0.2.7
pickup  15122 postfix  mem    REG        3,6  152580   42426 /usr/lib/libpostfix-util.so.1.0.1
pickup  15122 postfix  mem    REG        3,6  158192   42417 /usr/lib/libpostfix-global.so.1.0.1
pickup  15122 postfix  mem    REG        3,6   22676   42420 /usr/lib/libpostfix-master.so.1.0.1
pickup  15122 postfix  mem    REG        3,6  124463   13927 /lib/ld-2.4.so
pickup  15122 postfix    0u   CHR        1,3            2228 /dev/null
pickup  15122 postfix    1u   CHR        1,3            2228 /dev/null
pickup  15122 postfix    2u   CHR        1,3            2228 /dev/null
pickup  15122 postfix    3r  FIFO        0,5            8265 pipe
pickup  15122 postfix    4w  FIFO        0,5            8265 pipe
pickup  15122 postfix    5u  unix 0xd8df8080         6722083 socket
pickup  15122 postfix    6u  FIFO        3,6           46668 /var/spool/postfix/public/pickup
pickup  15122 postfix    7u  unix 0xd8df8980         6931500 socket
qmgr    28927 postfix  cwd    DIR        3,6     384   42756 /var/spool/postfix
qmgr    28927 postfix  rtd    DIR        3,6     568       2 /
qmgr    28927 postfix  txt    REG        3,6   45508   42771 /usr/lib/postfix/qmgr
qmgr    28927 postfix  mem    REG        0,0               0 [heap] (stat: No such file or directory)
qmgr    28927 postfix  mem    REG        3,6  217016   60458 /var/run/nscd/group
qmgr    28927 postfix  mem    REG        3,6  217016   60456 /var/run/nscd/passwd
qmgr    28927 postfix  mem    REG        3,6  100331   13960 /lib/libpthread-2.4.so
qmgr    28927 postfix  mem    REG        3,6   13814   13940 /lib/libdl-2.4.so
qmgr    28927 postfix  mem    REG        3,6 1404242   13934 /lib/libc-2.4.so
qmgr    28927 postfix  mem    REG        3,6   74278   13962 /lib/libresolv-2.4.so
qmgr    28927 postfix  mem    REG        3,6   87850   13945 /lib/libnsl-2.4.so
qmgr    28927 postfix  mem    REG        3,6  931232   18430 /usr/lib/libdb-4.3.so
qmgr    28927 postfix  mem    REG        3,6 1208240   33727 /usr/lib/libcrypto.so.0.9.8
qmgr    28927 postfix  mem    REG        3,6  246884  221993 /usr/lib/libssl.so.0.9.8
qmgr    28927 postfix  mem    REG        3,6   85772   23833 /usr/lib/libsasl2.so.2.0.21
qmgr    28927 postfix  mem    REG        3,6  179596   18503 /usr/lib/libpcre.so.0.0.1
qmgr    28927 postfix  mem    REG        3,6   58310   37480 /usr/lib/liblber-2.3.so.0.2.7
qmgr    28927 postfix  mem    REG        3,6  255945   37482 /usr/lib/libldap-2.3.so.0.2.7
qmgr    28927 postfix  mem    REG        3,6  152580   42426 /usr/lib/libpostfix-util.so.1.0.1
qmgr    28927 postfix  mem    REG        3,6  158192   42417 /usr/lib/libpostfix-global.so.1.0.1
qmgr    28927 postfix  mem    REG        3,6   22676   42420 /usr/lib/libpostfix-master.so.1.0.1
qmgr    28927 postfix  mem    REG        3,6  124463   13927 /lib/ld-2.4.so
qmgr    28927 postfix    0u   CHR        1,3            2228 /dev/null
qmgr    28927 postfix    1u   CHR        1,3            2228 /dev/null
qmgr    28927 postfix    2u   CHR        1,3            2228 /dev/null
qmgr    28927 postfix    3r  FIFO        0,5            8265 pipe
qmgr    28927 postfix    4w  FIFO        0,5            8265 pipe
qmgr    28927 postfix    5u  unix 0xc4b5ae00         6722087 socket
qmgr    28927 postfix    6u  FIFO        3,6           47906 /var/spool/postfix/public/qmgr
qmgr    28927 postfix    7u  unix 0xdb47be00         6722148 socket
suse-linux:/home/scott #

With these types of commands, it becomes much more possible to determine what is going on with a given machine. Especially when you use the information from one command as input to the others. As a final note, my good bud Steve told me about this one tool, called whowatch that will give you some of this information real-time and refreshes continuously. It was helpful and useful to me, and I do recommend it.

These are the majority of useful tools and commands that I found to get detailed real-time information about who is doing what from where on a given box. I’m interested in any additional thoughts or suggestions that anyone may have on this. Leave a comment with such info, that all may benefit.

[Comments (2)] [link]