Understanding Linux File Permissions

Posted in Operating System with tags , on May 8, 2009 by muhrizky

This post will explain the concept of file permissions so we can get more understanding and after that I will give an instruction to modify it. Operating systems have more than one type of accounts where every single of account can be a member from one or more groups. I will describe this by a simple example. Bob is a single person that in this case Bob is an accounts, but Bob also a members of graduate student from local University and he work as a journalist. This two society members called as a groups in terms of operating systems. There are very lot of groups in Linux that can be build and assign depends on the system services. By this post, I will take only two of Linux default groups that will often needs to modify which are root and users groups.

terminal

The third and fourth column above told us about accounts owner and groups. As we can see file notepad is belong to muhrizky from users group.

Below is the command line syntax to take file ownership:
chown owner[.group] file

In case to change the file notepad ownership into root for example, you can execute:
#chown root.root notepad.txt

I will continue about permissions in more details. The first column from the image above is the specific file and directory permissions applied, where the first character show the type of object which are:

– for files
d for directories
l for file/directory symbolic links
c for character objects
b for block of objects
n for network objects

The next three sets of character defines an access permissions:

r for read
w for write
x for execute

So the file notepad have it’s permissions to read and write for the owner, read-only for users group members, and also for everyone else.

This is the command line format to change file or directory permissions:
chmod mode file

Where specific format for mode are:
[ugoa][+-=][rwx]

The first character bracket for mode defines as:

u for users
g for group
o for everyone else
a for All

The second bracket is a symbolic characters that can be modify to your needs whether to add (+), remove (-), or assign (=) permission.

Finally, the third bracket is to set access for read (r), write (w), or execute (x).

For example to modify notepad so it can be write by everyone, we can type:
$chmod a+w notepad

Besides doing that procedure, you can also modify file or directory by referring that to an octal codes for permissions. The codes are:

0 for no permissions
1 for execute-only
2 for write-only
3 for write and execute
4 for read-only
5 for read & execute
6 for read & write
7 for read, write & execute

In order to change the file permission into full-access for the owner, read-only for group, and also read-only access to everyone, you can type:
$chmod 744 notepad

How-To Install Gnome Slackbuilds on Slackware 12.2

Posted in Operating System with tags , , on April 8, 2009 by muhrizky

Gnome is one of the largest desktop environment besides KDE and Xfce that has dropped since the release of Slackware 10.2. According to the old 10.2 changelogs, Gnome Slackbuilds (gsb) is recommended to be the replacement of Gnome packages deployment because it has the minimal interference with Slackware base systems. With this post, I will give an instruction about how-to deploy gsb on Slackware 12.2 which at this time the packages itself are still on the development stages.

First, I must inform that gsb-packages size is large (approx. 1 GB) so I really recommend you to download all of the packages and place it inside your local hard drive. You can grab these stuff from the links below:

Next you need to remove Seamonkey application by using pkgtool. Stop. What is Seamonkey and why should I remove it? Seamonkey is a Mozilla-based suite browser that should be remove to avoid engine conflict with Firefox. Alright, now what is pkgtool and why should I used it? pkgtool is a text-based interface integrated into Slackware distribution, so every users can reconfigure the Slackware installation on their machines. But if you prefer removepkg command, so run it.

Next we need to install slapt-get from our local repositories. But before the installation, we need to make sure that the dependencies is already installed on your computer. The deps are: curl, glibc-solibs, gpgme, libgpg-error, libidn, and openssl-solibs. Once again i recommend you to use pkgtool. After the deps are completely installed, change your current working directory into where you put the repos path with slapt-get executable script. In case you do not know where exactly the script is located, search it by run this following command as root:

#find / -name slapt-get-*.tgz

After finds it, change the working directory and install slapt-get utility by running this command:

#upgradepkg --install-new slapt-get-*.tgz

Next find the slapt-getrc script and edit it by using your favorite text editor. For this time i use nano editor:

#nano /etc/slapt-get/slapt-getrc

I will separate this editing section into 2 parts. First, make sure there are 2 commenting lines that wrote:

# Working directory for local storage/cache
WORKINGDIR=/var/slapt-get
# Exclude package names and expressions
EXCLUDE=^kernel-.*,^glibc.*,.*-[0-9]+dl$,^devs$,^udev$,aaa_elflibs,x86_64

After we sure that the lines are in there and exactly the same as I type above, including every single wildcards, next for the second parts we must do is to add your local repositories into the lines below:

# Use a local path to a Slackware/GSB/other repo
#SOURCE=file:///path/to/repo/slackware/slackware-12.1/
SOURCE=file:///usr/local/src/gsb-current/

# Use a local mounted CDROM
SOURCE=file:///mnt/cdrom/

The first line section here told us whether to use Slackware installation media by link it to the ftp or http server. In this case you must modify the second line into:

SOURCE=ftp:///path/to/repo/slackware/slackware-12.2/

Or directly we can also use Slackware local media CD/DVD installation as same as I do with the script. Just don’t forget to mount your CD/DVD removable media by running this command as root:

#mount -t iso9660 /dev/cdrom /mnt/cdrom

Finish? Absolutely Not. But if you got frustrated now, smack your keyboard, but after that keep concentrate on learning. I already broke 2 of my keyboards since i learn Linux back at year 2003. Ok now i will continue and remember to keep your concentration.

Next slapt-get command will check for repositories packages that you had download into your local hard drive:

#slapt-get -c /etc/slapt-get/slapt-getrc --update

If there wasn’t any error in the process, we can continue to install the gsb-main packages into your machine:

#slapt-get -c /etc/slapt-get/slapt-getrc -y --retry 10 --upgrade

Here i can assume the installation will run correctly only if you successfully completed the previous local repos check process. Now it is time to deploy the complete gsb packages:

#slapt-get -c /etc/slapt-get/slapt-getrc -y --retry 10 --install gsb-complete

After all of this time consuming installation is completed, reboot your system Now.

Soon as you back to text-based Slackware login, run the X Window initialization as root:

#xwmconfig

From the selection screen, choose Gnome or Compiz-Gnome to run in case if your hardware, especially your video card with recent driver, is good enough. Exit the utility.

Finally, we can execute startx like usually we do to run the X Window environment.

Enjoy your new Gnome desktop environment.

Indosat (IM3) 3G/UMTS

Posted in Mobile with tags , on March 19, 2009 by muhrizky

Indosat (IM3) UMTS The images shown on the left is taken on Wednesday, March 18 2009 at 9:00 AM GMT+7

The other shot on Thursday, March 19 2009 2:00 AM

Two Tips on Database

Posted in Database with tags , on February 26, 2009 by muhrizky

Stored Procedures

Description: Scripts that contains one or more lines of Transact-SQL (T-SQL) codes in order to run an execution to and from the database.

Benefits:

  • Faster execution and reducing network traffic; because the actual process running inside the server, not in the client-side.
  • Security mechanism; because the statements are stored inside the server, so there are no data transfers in form of query scripts on the network traffic.
/*Calculate product TotalCost*/
CREATE PROCEDURE prcTotalCost
	@cOrderId char(6)
AS
BEGIN
	SELECT TotalCost = ((siQty * mCost) - mDiscount)
	FROM OrderDetail
	WHERE cOrderId = @cOrderId
END

Triggers

Description: Scripts that contains one or more lines of T-SQL codes in order to execute a group of statements to the database. This is usually used for Data Manipulation Language (DML) statements.

Benefits:

  • Can do checks to every related tables in a relationship.
  • Can do more complex ruleset or restriction to specific tables.
/*Automatically updates the numbers of quantity after sales*/
CREATE TRIGGER trgInventoryUsesiQty ON InventoryUse
FOR INSERT
AS
DECLARE @inventoryid char(6),
	@inventoryuseqty smallint
SELECT @inventoryid = InventoryUse.cInventoryId,
@inventoryuseqty = InventoryUse.siQty FROM InventoryUse
INNER JOIN inserted ON InventoryUse.siInventoryUseId =
inserted.siInventoryUseId
IF @inventoryuseqty >= 0
BEGIN
	UPDATE Inventories
	SET Inventories.siQoh = siQoh - @inventoryuseqty
	WHERE Inventories.cInventoryId = @inventoryid
END

Further Suggestions

Learn about what it called LINQ. LINQ is a set of T-SQL statements that can be directly integrate into a programming language. This is an applied technology introduce by Microsoft® in their current .NET environment.

Further Readings

There are a lot of other database techniques that can be used to simplify specific tasks according to the business process. This is also recommended for person who manage Active Directory Server, because actually the database works similar to Relational Database Management Systems (RDBMS). You can visit MSDN Library on SQL Server or any RDBMS websites to learn more about it.
Keywords: Cursors, Indexes, Views, Reporting Services.

Brief Explanation on Linux Login Screens and How-To Change It

Posted in Operating System with tags , on February 22, 2009 by muhrizky

As we can see now, there are two types of login screen in Linux based machines.
What’s the meaning of login screen? I believe that to understand a thing, we must first understand the terms. Login screen is something that appears on the screen after system initialization. On Windows® machine login screen called as Welcome screen.
Basically on the Unix systems, there is only one type of login screen: text based login. But in the modern Linux (which was build from Unix to Minix) we know that there are two types of login screen.

img1. Graphical login screen

Fig.1. Graphical login screen

Fig.2. Text-based login screen

Fig.2. Text-based login screen

For anybody who prefer a “simplified” Linux distribution likes Fedora, Mandriva, OpenSUSE, and Ubuntu means that when the system loads, it will show you a graphical login screen similar to the Windows® environment. But there is also another type of distribution which serve a text-based login screen like on the Berkeley Software Distribution (BSD) family or Slackware Linux. Now for the practice, we can modify the boot screen by editing the /etc/inittab as root by using any favorite text editor, for example vi or vim, pico, and nano. Inside the script, find the line wrote id:3:initdefault and change the number 3 into:

0 = halt
1 = single user mode
2 = unused (but configured the same as runlevel 3)
3 = multiuser mode (default Slackware runlevel)
4 = X11 with KDM/GDM/XDM (session managers)
5 = unused (but configured the same as runlevel 3)
6 = reboot

The runlevel maybe different on your machine, so you must read also inside the preconfigured inittab script. Reboot the system then and see your modified login screen. Curious about how exactly Linux runs its boot sequence? I found a links that will explain you in clearly how the boot process runs from computer Basic Input-Output System (BIOS) initialization until the login screen appear. In my opinion, this kind of article will give everyone a clear understanding so I demand you to read it at IBM DeveloperWorks: Slackware Linux 101

How-To Install VirtualBox on Slackware 12.2

Posted in Operating System with tags , , on December 30, 2008 by muhrizky

VirtualBox is a virtualization software from Sun Microsystems. In easy words, it means that we can run one or more operating systems inside one machine. This notes will guide you to deploy VirtualBox on a Slackware 12.2 machine.

1. First, you need to prepare all package dependencies for VirtualBox, which are:

  • icu4c
  • xerces-c
  • xalan
  • acpica
  • libatomic_ops
  • libsamplerate
  • libsnd
  • pulseaudio

You can get all of this packages from SlackBuilds so it can be more simple and centralized. We also need to learn how-to compile the source with help of pre-defined SlackBuilds scripts by reading their documentation.

2.1. Get the appropriate installer from VirtualBox that we need to execute on Slackware platform. Looks for the one with .run file extention.

2.2. You can also grab VirtualBox OSE packages from SlackBuilds. This is including virtualbox-ose and virtualbox-kernel. Then compile and execute them in the same way as you did on previous packages dependencies. Read the instructions carefully. If you choose this method for installation, after this you can skip directly to step sixth.

Note: According to VirtualBox sites, they mention about Qt4 as another dependencies. So here you can compile Qt4 before virtualbox-ose, but this is optional. Warning!!! It tooks so long to compile Qt4. I do that for two and a half hour on my machine with Pentium D 805, 4 Gigs DDR-II, and SATA-AHCI.

3. Third, modify the installer permissions by running this command as root:

#chmod 755 VirtualBox-xxx-xxxxx-Linux_xxx.run

This will assign permissions so that only root can modify the installer and the others group can only read and execute.

4. Run the installer as root:

#./VirtualBox-xxx-xxxxx-Linux_xxx.run

5. Next, we need to create a symbolic link from a specific file:

#ln -s /lib/libcap.so.x.xx /lib/libcap.so.1

This fifth step is a problem that i discover from kernel message. But until this notes was published, i still don’t know from where this problem arise.

6. Sixth, insert your user account into vboxusers group:

#usermod -a -G vboxusers username

Here you can also use KUser an X application from KDE environment.

7. Seventh, assume everything is working well, we can find the VirtualBox launcher from KMenu>>System>>Sun xVM VirtualBox.

Finally, don’t forget to read the User Manual for instruction guides which locates at /opt/VirtualBox-xxx/

ARP Poisoning

Posted in Security with tags , on December 15, 2008 by muhrizky

ARP (Address Resolution Protocol) is a method to generates an IP (Internet Protocol) address from one or multiple hosts. TCP/IP (Transmission Control Protocol/Internet Protocol) shows that every single packet in this type of communication protocol must contains MAC (Media Access Control) address from sender and also receiver. This kind of information is stored in the header. It means that packets, e-mail for example, cannot be send or we will get a transmission errors if it doesn’t contains a MAC address in their header. Well of course you cannot send package without the recipient address right?

ARP works by broadcasting inside particular network and after it gets the information, ARP stores it inside a cache. This term cache means volatile. One day, there is a confidential e-mail that you only want someone can read it. This packet also include with a single unique IP and MAC address which are 63.8.8.64 for the IP and AE:19:D2:33:4B:FC for MAC. Now, what will happen if your ARP cache has been poisoned before it? The actual recipient that you want to be able to read is only a person who got an IP 65.8.8.66 Not 63.8.8.64!! Sorry to say that your e-mail is not confidential anymore.

How can it be?? It is positively confidential e-mail!! Simple. This is because your ARP cache is being poisoned and someone clone their MAC address (yes, it is possible) into AE:19:D2:33:4B:FC and so be recognized as a true recipient of your e-mail.