Monthly Archives: September 2017

ZorinOS Is a Great Linux Desktop For Any User | Linux.com


If there is one flavor of Linux that is best suited to help users transition from their current platform to Linux, I would have to go with ZorinOS. This conclusion might surprise a good number of Linux faithful. Why? Unlike most of the distributions claiming to hold sway of the “universal use,” ZorinOS doesn’t opt for the standard fare. Instead, ZorinOS offers its own desktop (aptly called Zorin Desktop). And, this pretty remarkable interface makes ZorinOS a great choice for new users, old users, and everything in-between.

Why? Because the Zorin Desktop can be easily reconfigured to look and feel like the desktop you are leaving behind. Is your platform of choice Windows 7 or XP? Zorin OS has you covered. If your prefered desktop is macOS, Unity, or GNOME 2, Zorin Ultimate can take care of you. If your interface of choice has been GNOME 3, Zorin Desktop can do that as well. Zorin Desktop is a veritable chameleon when it comes to change. With the Zorin Desktop, you can easily switch from a Windows 7/XP, macOS, Unity, or GNOME 2/3 interface — without having to install a single third-party piece of software.

It’s that Windows 7-like appearance that should attract new users. ZorinOS does one of the best jobs of mimicking Windows 7, than any other Linux desktop. So if you miss Windows 7, ZorinOS might be your next platform.

Let’s look at what Zorin OS offers that might make you want to flip the switch and finally either migrate to Linux or switch distributions.

The versions

It’s important to note that Zorin OS 12 is a complete rebuild from previous versions. Because of this, there may be bugs. Upon installation of Zorin OS Core, I’ve yet to experience a bug, but as with any major release, they will occur.

Zorin OS comes in three different flavors: Ultimate, Core, and Lite. Which version you select will depend on your hardware, how much software you want preinstalled, which desktop you want, and whether or not you require support.

The Lite Version

The Lite version is free and is streamlined to work on older, less-powered hardware. Zorin claims their Lite version will run hardware up to 14 years old. This version includes a lite version of the Zorin Desktop, LibreOffice, PlayOnLinux (via Wine), and the standard collection of Linux tools (e.g., terminal window, settings, multimedia viewer, etc.). With the Lite version, the developers moved away from the previous base LXDE environment and opted for a base of Xfce. This change allows the Zorin Lite desktop to better resemble the more powerful/flexible desktops of Core and Ultimate. That means that one thing missing from the Lite version is the ability easily switch between desktop layouts. So, if you’re looking for the ability to switch desktops, Lite might not be what you want.

The Lite version can be downloaded for free from the ZorinOS Lite download page.

The Core Version

Step up to the Core version, and you get the real ZorinOS experience. Out of the box, Zorin Desktop (based on GNOME) is set up to resemble Windows 7 (Figure 1).

Want to switch to a different type of Windows look (one that more closely resembles Windows XP) or even a standard GNOME desktop? Click on the Z menu (in the left corner of the desktop) and then click Settings. From within the Settings window, click Zorin Appearance. In the resulting window (Figure 2), you can configure your desktop to perfectly suit your needs.

Along with the ability to theme the desktop, the Core version offers a more suitable platform for getting your work done. You will still find LibreOffice (as in the Lite version), as well as the standard tools that come along with the GNOME desktop, the GIMP image editor, Pitivi video editor, Samba (with included file manager integration), Geary email client, Empathy messaging app, Chromium web browser, and more.

Speaking of web browser, Zorin includes a tool that every Linux distribution should have: the Zorin Web Browser Manager. With this app, users can easily install Firefox, Midori, or Epiphany. At one point, this tool also included Chrome, but it seems that is no more. You can click on the Z menu, go to Internet, and then click Zorin Web Browser Manager to easily install your browser of choice (Figure 3).

As I mentioned earlier, ZorinOS 12 (the latest release being 12.2) is a complete rewrite from previous versions. ZorinOS 11 also offered users the ability to switch to other styles of desktops, but it depended upon Avant Window Navigator (AWN) to do so. AWN is a dock-like bar that can be configured, in both form and function, to behave exactly as you like it. With ZorinOS 12, AWN is no more. From what I’ve seen so far, that choice has paid off in spades.

Although the ZorinOS 12.2 dock isn’t nearly as configurable as it was in the 11th iteration, it’s much more stable. I remember, in previous iterations of the Zorin Desktop, when you switched from one style to another, the desktop could come to a crashing halt in doing so. Now, the switch is smooth as butter, and it’s dependable. This is all thanks to the GNOME base (which is one the single most stable desktops on the market).
Speaking of GNOME… regardless of which style of desktop you choose, you have access to the GNOME Activities Overview. This is a great addition for those that multitask and use virtual desktops. How you get to the Activities overview will depend upon which style of desktop you are using. If you’re working on either the Windows 7 or XP styles, click on the Z button and then click Activities Overview to open the tool (Figure 4). If you’re using the straight-up GNOME interface, just click the Activities button at the top left corner of the desktop.

The PlayOnLinux inclusion should not be overlooked. Considering that ZorinOS is aimed primarily at users hoping to migrate from Windows, having the ability to easily install Windows applications is a serious bonus. Open up the tool, click Install a Program, select a category, find the software you want to install (Figure 5), and click Install. It’s that easy. Do note that many of the software titles, found in PlayOnLinux, require installation media (be it from a physical media or a download file).

The inclusion of PlayOnLinux also makes Zorin OS a much more flexible platform. Developers, designers, artists — users of nearly every ilk — will have more tools at their disposal.

The Core version can be downloaded for a donation of 5, 10, or 25 Euros, or a custom donation, from the ZorinOS Download page.

The Ultimate Version

If you’re looking for a version of Zorin OS that packs everything (even the kitchen sink), Zorin OS Ultimate is what you want. This version includes everything from Zorin OS Core and adds the following:

  • MIXXX DJ Software

  • Blender 3D Suite

  • LMMS Music producer

  • KDEnlive Video Editor

  • MyPaint

  • Ardour Audio Workstation

  • Audacity Sound Editor

  • Inkscape Vector Editor

  • Builder IDE

  • Over 20 games

  • Added MacOS, GNOME 3, and Unity desktop layouts

  • Video wallpapers

  • Zorin Support (directly from the team of Zorin developers)

Understand that many of the above included software titles can be installed on the Core version (for free). The only thing you won’t find are the optional desktops, the video wallpaper, and the support — for those you must pay up for the Ultimate edition. All of the above can be had for a mere 19 Euros. For business users, that added support option will be key. From a user perspective, having the MacOS, Unity, and GNOME 2.x interfaces could be a real deal maker.

Windows, macOS, and GNOME users unite

No matter your desktop of choice, chances are you will feel right at home on the Zorin Desktop. With the latest release, ZorinOS has done a remarkable job of taking something that was already impressive and made it more stable, more usable, and more accessible than ever. If you’re a Windows 7 user, dreading having to migrate to Windows 10, you no longer have to sweat that change. Adopt ZorinOS 12 and keep working as you’ve done for years.

Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.

Jazz Up lm-sensors with Graphics and Notifications | Linux.com


When last we met, we learned about lm-sensors, the excellent tool for monitoring CPU temperature, fan speeds, and motherboard voltages. Now we’re going to learn about changing the labels in sensors output to make it more useful, look at some good graphical front ends, and see how to configure and send notifications.

Customizing Labels

The default labels for your various sensors are sometimes not very helpful, as this snippet of sensors output shows.

fan1:  900 RPM
fan2: 1020 RPM

Fortunately, we can change the labels to anything we want. Let us relabel fan1 and fan2 more descriptively in the lm-sensors configuration file. (See Advanced lm-sensors Tips and Tricks on Linux for information on lm-sensor’s configuration file.)

chip "nct6776-*"
  label fan1 "CPU fan"
  label fan2 "Case fan"

Now in the sensors output it’s clear what they are.

CPU fan:   900 RPM
Case fan: 1020 RPM

Psensor

Psensor is my favorite lm-sensors graphical front-end. It supports multiple system monitors, including lm-sensors, hddtemp, smartmontools, and XNVCtrl for monitoring NVidia GPU temperatures. I love its nice user-friendly interface because all configurations are right there and you don’t have to hunt for them (Figure 1).

There are checkboxes on the right of the main window to control which sensors appear in the graph. Click on any sensor to configure it; options include hiding it, graph color, setting alarm thresholds, enabling desktop notifications, and changing its name. Change colors, monitoring intervals, enable logging, and set which monitors Psensor listens to in the Psensor > Preferences menu (Figure 2).

Desktop alerts are good, and Psensor supports scripts to execute any kind of notifications or actions you want. Enter your script name on the Psensor > Preferences > Sensors tab, in the “Script executed when alarm is raised” field. This example script sends an email and shuts down the computer when CPU temperatures are too high.

#!/bin/bash
echo "I am shutting down right now!" | 
/usr/bin/mail -s "[LinuxServer] I'm melting, help" 
carla@bratgrrl.com && shutdown -h now

This simple script plays a sad trombone:

#!/bin/bash
play /home/carla/sounds/sad_trombone.wav

These scripts use good old-fashioned Unix commands to do the work. /usr/bin/mail is provided by the s-nail package on my Ubuntu 16.04 system. Other distributions use mailx, which installs the traditional BSD mail client.

mail can send messages directly, without needing an SMTP server. Maybe it’s just me, but I kept having problems and couldn’t get it to send messages, so I installed ssmtp, the simple SMTP server. If you’re already running an MTA like Postfix or Exim, you don’t need ssmtp. ssmtp is not a mail transfer agent (MTA) like Postfix and Exim. It is a simple relay agent that sends messages to an upstream mail server. You must configure /etc/ssmtp/ssmtp.conf to accept messages in the same way that you configure your mail client, with the server name and port, TLS/SSL type, and your authorization if your upstream server requires it. This example is typical of hosted mail servers, which usually rely on STARTTLS.

mailhub=mail.example.com:25
AuthUser=carla@example.com
AuthPass=password
UseSTARTTLS=YES

It also has options for configuring the locations of SSL certificates if necessary. Whatever your regular mail client needs is what ssmtp needs. If you get the “sendmail: Cannot open mail.example.com:25” error when you send a message then your port number or TLS/SSL configuration is wrong. See man 5 ssmtp.conf for complete options.

You also need to add all local system users that will send notifications to /etc/ssmtp/revaliases:

root:carla@example.com:mail.example.com:25
carla:carla@example.com:mail.example.com:25

Another cool notification option is to send yourself SMS text messages. There are a couple of ways to do this on Linux. One is to use a commercial SMS gateway, which is easy and costs a little money. Another way is to use a USB GSM modem plugged into your computer, with a prepaid SIM card. This is a fun topic for another day, and if you have done this, please give some details in the comments.

More Graphical Interfaces

Graphical front ends to lm-sensors come and go. Conky and xsensors are two reliable oldtimers. Conky is endlessly configurable and supports everything under the sun. xsensors is barebones. Both run without complaints on all Linux distributions.

I like having a set of temperature sensors in my taskbar. These are specific to the graphical desktop environment you are running. Thermal Monitor for KDE is pretty nice. I use xfce4-sensors-plugin on my Xfce4 desktop (Figure 3).

Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.

Security Tools to Check for Viruses and Malware on Linux | Linux.com


Wait, Linux needs antivirus and anti-malware solutions? I thought it was immune to such things. Perhaps a bit of clarification is necessary here.

First and foremost, no operating system is 100 percent immune to attack. Whether a machine is online or offline, it can fall victim to malicious code. Although Linux is less prone to such attacks than, say, Windows, there is no absolute when it comes to security. I have witnessed, first hand, Linux servers hit by rootkits that were so nasty, the only solution was to reinstall and hope the data backup was current. I’ve been a victim of a (very brief) hacker getting onto my desktop, because I accidentally left desktop sharing running (that was certainly an eye opener). The lesson? Even Linux can be vulnerable.

So why does Linux need tools to prevent viruses, malware, and rootkits? It should be obvious why every server needs protection from rootkits — because once you are hit with a rootkit, all bets are off as to whether you can recover without reinstalling the platform. It’s antivirus and anti-malware where admins start getting a bit confused.

Let me put it simply — if your server (or desktop for that matter) makes use of Samba or sshfs (or any other sharing means), those files will be opened by users running operating systems that are vulnerable. Do you really want to take the chance that your Samba share directory could be dishing out files that contain malicious code? If that should happen, your job becomes exponentially more difficult. Similarly, if that Linux machine performs as a mail server, you would be remiss to not include AV scanning (lest your users be forwarding malicious mail).

With all of that said, what are your options? Let’s take a look at a few tools, offered for the Linux platform, that do a good job of protecting you (and your users) from viruses, malware, and rootkits.

ClamAV

Without a doubt, ClamAV is the most popular option for keeping viruses off of your Linux machines and out of your shared directories. There are a few reasons why ClamAV is so popular among the Linux crowd. First, it’s open source, which in and of itself is a big win. Second, it’s very effective in finding trojans, viruses, malware, and other threats. ClamAV features a multi-threaded scanner daemon that is perfectly suited for mail servers and on-demand scanning.

ClamAV can be run from command line or it with the ClamTK GUI. Both tools are easy to use and very dependable. Installing ClamAV is simple.

For Debian-based systems:

sudo apt install clamav

For RHEL/CentOS systems:

sudo yum install epel-release

sudo yum install clamav

For Fedora-based systems:

sudo dnf install clamav

For SUSE-based systems:

sudo zypper in clamav

If you’re running a Debian-based desktop, you can install ClamTK (the GUI) with the command:

sudo apt install clamtk

There are also third-party tools that can be added (to include support for the likes of MTA, POP3, Web & FTP, Filesys, MUA, Bindings, and more).

Upon installation, the first thing you’ll want to do is update the signatures with the command sudo freshclam. Once that completes, you can scan a directory with the command:

clamscan -r -i DIRECTORY

where DIRECTORY is the location to scan. The -r option means to recursively scan and the -i options means to only print out infected files. If you work with the GUI, it’s even easier. From the GUI you can run a scan and, should ClamAV find anything, act on it (Figure 1).

The one caveat to ClamAV is that it does not include real-time scanning. In fact, if you’re not using the ClamTK GUI, then to create a scheduled scan, you must make use of crontab. With the ClamTK GUI, you can only set up a schedule for your user home directory.

Sophos

If you’re looking for a non-open source solution from a company that’s been in the antivirus sector for quite some time, Sophos offers a free Linux scanner that does an outstanding job. This particular solution does on-access and on-demand scans for viruses, trojans, and malware. To prevent your Linux machine from becoming a distribution point for malicious software, Sophos Antivirus for Linux detects, blocks, and removes Windows, Mac, and Android malware. What makes Sophos stand above ClamAV is the inclusion of a real-time scanner. For desktops that share a lot of files, that is a deal maker.

Once you’ve agreed to the Sophos license (and entered a bit of information), you can download the distribution-agnostic installer, extract the file, and install with the command sudo sh install.sh. During the installation (Figure 2), you’ll be asked if you want to enable on-access scanning (real-time).

You will also be asked what type of auto-updating to be used for virus definitions. You can choose from Sophos servers, your own servers, or none. You can also choose to install the free or the supported version of Sophos as well as configure a proxy (if necessary).

When the installation completes, Sophos is running and protecting your machine in real time. There is no GUI for Sophos, so you’re restricted to the command line. You can check to see if Sophos is running with the command:

/opt/sophos-av/bin/savdstatus

Upon issuing the command, you should see Sophos Anti-Virus is active (Figure 3).

If you want to run an on-demand scan, it is as simple as:

savscan DIRECTORY

Where DIRECTORY is the directory to be scanned.

chkrootkit and rkhunter

No tool is more important to the security of your Linux server than either chkrootkit or rkhunter. These particular tools check for the likes of:

  • System binaries for rootkit modification

  • If the interface is in promiscuous mode

  • lastlog deletions

  • wtmp deletions

  • Signs of LKM trojans

  • Quick and dirty strings replacement

  • utmp deletions

The chkrootkit tool can be installed on Debian-based systems with the following command:

sudo apt install chkrootkit

The rkhunter tool can be installed on CentOS-like systems with the commands:

sudo yum install epel-release

sudo yum install rkhunter

Once installed, the usage is very simple: Issue either sudo chkrootkit or sudo rkhunter -c. Both commands will dive into the system and check for any known rootkits. During the rkhunter scan, you will have to press Enter on your keyboard (when prompted), as it runs through the different stages of the check. When the scan completes, both tools will report back their findings (Figure 4).

Stay safe

There are plenty more options out there, but these four tools should go a long way to keep you safe. Whether you only need a command line antivirus/malware/trojan scanner, a GUI, or a tool to hunt for rootkits, you’re covered. Just don’t fall into the trap of thinking that, because you’re using Linux, you are perfectly safe…even without protection.

Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.

Install Munin (Monitoring Tool) on Ubuntu 17.04 (zesty zapus) Server


Sponsored Link

Munin the monitoring tool surveys all your computers and remembers what it saw. It presents all the information in graphs through a web interface. Its emphasis is on plug and play capabilities. After completing a installation a high number of monitoring plugins will be playing with no more effort.

Using Munin you can easily monitor the performance of your computers, networks, SANs, applications, weather measurements and whatever comes to mind. It makes it easy to determine “what’s different today” when a performance problem crops up. It makes it easy to see how you’re doing capacity-wise on any resources.

Munin uses the excellent RRDTool (written by Tobi Oetiker) and the framework is written in Perl, while plugins may be written in any language. Munin has a master/node architecture in which the master connects to all the nodes at regular intervals and asks them for data. It then stores the data in RRD files, and (if needed) updates the graphs. One of the main goals has been ease of creating new plugins (graphs).

Preparing Your system

Install apache web server using the following command

sudo apt-get install apache2

Now proceed with munin server installation using the following command from your terminal

sudo apt-get install munin

Once the package is installed, you only need to make a few changes to get your installation working.

Configuring Munin server

You need to edit the /etc/munin/munin.conf file

sudo vi /etc/munin/munin.conf

Change the following lines

Change 1

#dbdir /var/lib/munin
#htmldir /var/cache/munin/www
#logdir /var/log/munin
#rundir /var/run/munin

to

dbdir /var/lib/munin
htmldir /var/www/munin
logdir /var/log/munin
rundir /var/run/munin

Change 2

#tmpldir /etc/munin/templates

to

tmpldir /etc/munin/templates

Change 3

the server name on the line localhost.localdomain should be updated to display the hostname, domain name, or other identifier you’d like to use for your monitoring server

# a simple host tree
[localhost.localdomain]
address 127.0.0.1
use_node_name yes

to

[MuninMonitor]
address 127.0.0.1
use_node_name yes

Change 4

You need to edit the munin apache configuration

sudo vi /etc/munin/apache.conf

Change the following line in the starting of the file

Alias /munin /var/cache/munin/www

to

Alias /munin /var/www/munin

and

We also need to allow connections from outside of the local computer for this do the following changes

<Directory /var/cache/munin/www>
Order allow,deny
Allow from localhost 127.0.0.0/8 ::1
Options None

to

<Directory /var/munin/www>
Order allow,deny
#Allow from localhost 127.0.0.0/8 ::1
Allow from all
Options None

you will need to create the directory path that you referenced in the munin.conf file and modify the ownership to allow munin to write to it:

sudo mkdir /var/www/munin

sudo chown munin:munin /var/www/munin

Now you need to restart the munin and apache services using the following commands

sudo service munin-node restart

sudo service apache2 restart

It might take a few minutes to generate the necessary graphs and html files. After about five minutes, your files should be created and you will be able to access your data. You should be able to access your munin details at:

http://yourserver_ip_address/munin

Screenshots

1

2

If you get an error message in your browser similar to the following, you need to wait longer for munin to create the files

Forbidden

You don’t have permission to access /munin/

Configure Remote Monitoring

Munin can easily monitor multiple servers at once.If you want to monitor remote servers you need to following this procedure.

First you need to install munin client package using the following commands

sudo apt-get install munin-node

Now you need to edit the munin-node.conf file to specify that your monitoring server is allowed to poll the client for information.

sudo vi /etc/munin/munin-node.conf

Search for the section that has the line “allow ^127.0.0.1$”. Modify the IP address to reflect your monitoring server’s IP address.If your server ip is 172.30.2.100

allow ^.172.30.2.100$

Save and exit the file

You need to restart the munin client using the following information

sudo service munin-node restart

Now you need to login in to your munin server and edit the munin.conf file

sudo vi /etc/munin/munin.conf

Copy the following section and change the ip address to your remote server client ip address

[MuninMonitor]
address 127.0.0.1
use_node_name yes

to

[MuninMonitor]
address 172.30.2.101
use_node_name yes

Finall you need to restart the apache server using the following command

sudo service apache2 restart

Additional Plugins

The munin-plugins-extra package contains performance checks additional services such as DNS, DHCP, Samba, etc. To install the package run the following command from the terminal

sudo apt-get install munin-plugins-extra

Make sure you have install this package on both the server and node machines.

Sponsored Link



Related posts

Linux Networking Cookbook ($17 Value) FREE For a Limited Time


Move beyond the basics of how a Linux machine works and gain a better understanding of Linux networks and their configuration.

This is a hands-on solution guide to building, maintaining, and securing a network using Linux.

What You Will Learn:

Route an IPv6 netblock to your local network
Modify your named instance to support setting hostnames for your IPv6 addresses
Use SSH for remote console access
Configure NGINX with TLS
Secure XMPP with TLS
Leverage iptables6 to firewall your IPv6 traffic
Configure Samba as an Active Directory compatible directory service

Related posts