Linux In Novell’s East Region

The Burton Group’s Chris Wolf is interviewed by Alex Barrett about the Future of Virtualization, and some context creep results in a message that’s not true to Chris’s points.

Chris Wolf took exception, and the time, to write not really a rebuttal of Alex’s article, but let’s say a “firm clarification” of the points taken out of context in her article.

Both are a very interesting read for anyone who’s even slightly interested in the very active Virtualization marketplace. Regardless of who said what, the main point is that while VMWare is the clear leader now, Xen virtualization is catching up, and while it may not surpass VMWare, it will become a very viable option for enterprise virtualization needs.

Enjoy,

RossB

In talking with several customers, it appears that your mileage will vary in terms of how long a laptop’s battery life might be if you run Linux. One thing’s for sure… making Linux more friendly towards power management is getting better and better. I can only speak of my own experiences. I’ve got a Lenovo T60p laptop, with an Intel Centrino Duo processor and I run SUSE Linux Enterprise Desktop 10 SP1. I typically get about 3-3.5 hours of battery life, and maybe a little less if I’m running wireless connections. What kind of battery life do you see on your hardware?

Obviously, the Linux community continues to work towards improving on this even further. Here’s a CNet article which talks about how developers are working on a “tickless” kernel which promises to make Linux even MORE frugal when it comes to energy usage. Additionally, here’s an article from SearchEnterpriseLinux.com that describes some of the collaboration between Novell and AMD related to power management.

Who knows, maybe I’ll be able to get 10 or 20 hours of battery life someday…

Once you get a good set of skills in system administration, or managing your application services, it’s a good idea to dive deeper into Linux’s many facets, particularly how you can tune and tweak performance of your systems.

One of my favorite guides for this is an IBM RedPaper, (IBM has RedBooks which are book or manual-sized treatments of technical topics, so therefore a whitepaper-sized set of content would then be a Red… well, you get the idea), called “Linux Performance and Tuning Guidelines“.

This is a very informative document, including such details as:

• The lifecycyle of a process
• How threads are created and what they contain
• The Linux Memory Architecture
• Linux File Systems
• I/O and Networking Subsystems
• Performance Metrics

The guide goes on to show you the monitoring tools available to all Linux distros, some benchmarking tools, how to analyze performance bottlenecks and how to tune the operating system to reduce those bottlenecks.

Seriously useful and highly recommended read for anyone who is responsible for a Linux system.

Enjoy,

RossB

Great article recapping the state of Education and Open Source, the distribution players, the add-ons available and some good explanations of some complex topics that affect Education customers. Recommended.

RossB

P.S.  From the Founder of the Free Software Foundation; Richard Stallman comes an article about how Schools should use exclusively open software.

WOW, I want one of these. A company from France by the name of Calao Systems has come up with a complete Linux PC that fits into a slightly bulky USB Key form factor. Measuring 3.3×1.4 inches and sporting an ARM Processor, 256MB RAM, an Ethernet port and 2 USB ports, it also has a 50 pin expansion port.

Talk about your awesome Cyber-cafe security tool, you’d know no one was snooping on you if you booted their computer with your own version of Linux (SUSE, of course!) from a USB key that looks like this one:

Of course there are distributions of Linux that will FIT on a USB Key, but so far this is the smallest Linux PC I have seen.

RossB

In one of those “a customer just asked me how the different word processors compare to each other” types of questions and answers, here’s a very helpful comparison of 14 word processors, including:

• Microsoft Word
• Wordperfect
• OpenOffice.org Write
• and 11 others.

I hope the authors of this comparison will continue to do the same excellent treatment for the rest of the Office suite components, the amount of detail is very helpful.

Enjoy,

RossB

Small business customers and VARs who service those customers might be interested to learn that Novell has a new, linux-based, small biz offering on the horizon. It is expected to be generally available in September 2007.
The Novell Open Workgroup Suite Small Business Edition is based on SUSE Linux Enterprise and includes:

• Novell GroupWise for e-mail and calendaring
• Novell Open Enterprise Server for advanced storage management, user and rights administration, and clustering and failover capabilities
• SUSE Linux Enterprise Desktop from Novell for complete desktop productivity; and
• Novell edition of the popular office productivity suite OpenOffice.org for Windows and Linux.

(from the press release…)

More than just a bundle of enterprise products priced for small businesses, Novell’s suite features a simple yet customizable installation process along with remote management capabilities so solution providers can remotely manage their small business customers’ IT infrastructures, thus reducing costs and improving service. The Novell Open Workgroup Suite Small Business Edition also has a newly developed integration layer that makes it easier for resellers and service providers to integrate their specialized products into the solution. The suite is supported by popular business software applications certified to work with SUSE Linux Enterprise.

Wow, if I was going to get a Microsoft product logo tattooed on my skin, (and that’s a huge IF, never happen), I’d probably not choose the logo from the worst MP3, umm, PlaysForSure, uhh, well it doesn’t play those either, the worst media player device ever, the Zune. Talk about obscure exclusive…

This guy looks like he regrets it already…

RossB

Update: LOL, the poor MS Zune Tattoo guy is getting a free ticket to Microsoft HQ to do an interview with the Channel 10 guys and to meet the Zune team.  It looks like tattooing yourself with a Microsoft Product Logo can save you airline ticket costs too!

Just wanted to post a little of my own personal experience… maybe I did something wrong, maybe not.

My laptop is a Lenovo T60p and I just did a fresh install of SUSE Linux Enterprise Desktop 10 SP1 code. I registered with my activation code to get any updates and downloaded them.

The installation automatically detected the right ATI driver for my card. The two packages that got installed were:

• ati-fglrxG01-kmp-bigsmp-8.36.5_2.6.16.46_0.12-1
• x11-video-fglrxG01-8.36.5-1

Looking at my Desktop Effects settings, this is what I see. Following the link for SAX2 runs fine, but ultimately does not help me to get those Desktop Effects working. The “3D Enabled” checkbox is even checked – but it’s grayed out. So how did I fix it?

I entered this single command as root from a terminal session:

# gnome-xgl-switch --enable-xgl

U ATI Technologies Inc Device: pci 0×71d4
DISABLE_USER_SUSPEND2DISK=”"
DISABLE_USER_SUSPEND2RAM=”"
DISABLE_USER_STANDBY=”"
Warning! MD5DIR is not set: you probably called this script outside SuSEconfig…!
Using MD5DIR=”/var/adm/SuSEconfig/md5″…
No changes for /etc/X11/xdm/Xservers
No changes for /etc/X11/xdm/xdm-config

After restarting the graphical environment, the Desktop Effects magically works! Here’s what the Desktop Effects box looks like afterwards… I’m a happy SLED user once again!

A while ago the Compiz compositing manager project was forked to form the Beryl project, but the two are back together again, with amazing new features and capabilities the main result. You can find more about what’s included, all the plugin’s and how to get things working by signing up for the Compiz-fusion mailing list.

The beryl project blog has a nice layout of the new features with a few static graphics, but there is a fun video that shows the new features in action, both are recommended for those who would like to see the latest advances in the cube interface.

Enjoy,

RossB

A research house that goes by the name of WatchMouse has posted numbers that show the combination of Apache and Linux is faster and more available than IIS and Windows. WatchMouse aggregated monitoring information from over 1500 websites covering many and varied business sectors in Europe, most based on Linux or Windows.

While the research showed that different countries seem to prefer a majority of Windows or Linux, the numbers differ between the business sectors those server’s are contained in or are representing.  Regardless of the location or purpose, Linux has a strong advantage over Windows in the areas of uptime and response time for requests.

Nearly 3/4 of the monitored sites have over 99.9 percent uptime, with the remaining coming in at that level or below.  99.9% uptime may seem outstanding, but this equates to almost 8 hours of downtime in a year, below most Service Level Agreements (SLA) currently in place.  Most companies preferring Windows over Linux seem to do so because of relative ease-of-use, but if that ease of use breaks the SLA, it becomes problematic.  It would be interesting to see what amount of time was spent patching and rebooting those same Windows servers in contrast to the Linux servers…

Another central theme of the study is the amount of time a user/visitor will wait for a page to load, with up to 4 seconds being deemed acceptable on the top end.  The study caps the wait time, maintaining that anything over 8 seconds for a site to respond will probably cause the user/visitor to go elsewhere.  This could have catastrophic results over time for an e-tailer, while, say, a museum or historical site would be relatively unaffected by losing a few unique views.

From the BusinessWire feed:  “Even though the companies in our study seem to prefer Windows over Linux, our research shows they would be better off using Linux/Apache-based websites,” said WatchMouse’s chief technology officer, Mark Pors.  “Research has shown that most web users are very impatient and will wait no longer than four seconds for a web page to load. Organisations need to become more aware of the impact the choice of web-server platform can have on their overall availability and performance.”

You can find the entire set of watched sites and much more data, including a number of reports that can be requested at the WatchMouse site.  (Which loads in less than 4 seconds…)

If you haven’t taken a look at SUSE Linux Enterprise Desktop 10, visit the product page first.

If you have, then you’re probably well aware that it does offer a substantial amount of applications (all supported) and functionality out of the box – unlike Windows, which comes with SOME, but not ALL of the apps.

For example, you would need to buy an office productivity suite (word processor, spreadsheet, presentation, etc.), project management software, digital photo editor, and more IN ADDITION to the Windows OS.   That makes the ROI possibilities for a Linux desktop even MORE attractive to the bean counters and makes that “automatic upgrade” to Vista and Office 2007 all the more difficult to justify.

SLED includes:

• Office suite (compatible with MS Office, btw)
• Web browser
• Email/Calendar clients
• Citrix/Terminal Server clients
• and MUCH MORE!!!

Well, what exactly is that “MUCH MORE” claim??  I’ve created a document which lists many of those additional applications.  I’ll email it to you upon request – just ask.  I’ll let you know when I get it posted somewhere too.  In the meantime…

Send your requests to kchin (at) novell.com

Want to get some training on how to administer and manage SUSE Linux Enterprise Desktop 10 for your enterprise?  Then this course, designated as Course 3086, is for you.  You can get details on the course here.

It’s coming soon to a training partner near you, and will help you prepare for the upcoming Novell Certified Linux Desktop Administrator 10 (CLDA 10) certification.

From the press release:

WALTHAM, Mass.— 18 Jun 2007— Novell today announced that the first service pack (SP1) for SUSE® Linux Enterprise 10 is now available to customers worldwide. Featuring significant enhancements in virtualization, high-performance computing, security, interoperability and system management, SUSE Linux Enterprise 10 SP1 from Novell® lets organizations take advantage of the latest technical advances in the best-engineered, lowest-cost and most-interoperable platform for mission-critical computing.

Novell today also announced the commercial availability of the SUSE Linux Enterprise Virtual Machine Driver Pack, a bundle of paravirtualized network, bus and block device drivers that enable unmodified Windows* and Linux* guest operating systems to run with near native performance in virtual environments created with the Xen* hypervisor technology integrated in SUSE Linux Enterprise and Intel* Virtualization Technology and AMD* Virtualization hardware.

“SUSE Linux Enterprise 10 SP1 gives us the opportunity to create cost-effective solutions for our customers who are running different platforms,” said Jan Aril Sigvartsen, CEO of hosting provider WebDeal. “For example, SUSE Linux Enterprise Server gives us the opportunity to run the same distribution on all our different architectures, while virtualization lets us easily run more than one operating system on the same hardware and move this virtual system around in our data center without downtime. This has been a cost-effective solution for us.”

More here and the press release is here.

[Updated 6/20 - by kchin]

If you like, here’s the SP1 marketing welcome page.

The major server enhancements to SUSE Linux Enterprise Server (SLES) 10 are:

• SUSE Linux Enterprise Virtual Machine Driver Pack
• Updated high-availability storage infrastructure (HASI)
• Enhanced security features, AppArmor
• Support for new processor technologies

The major desktop enhancements to SUSE Linux Enterprise Desktop (SLED) 10 are:

• Updated desktop user experience
• Enhanced security features
• Expanded OpenOffice.org support
• Desktop virtualization

And, you can download SLE 10 with SP1 from http://download.novell.com

If you’re looking to learn the basics about how to manage software using YAST on SUSE Linux, check out this free eBook.  Here’s the topics that are covered:

• Introduction
• Open YaST
• Installation Sources
• Finding YaST Installation Sources
• Registering Installation Sources in YaST
• Installing Software in YaST
• Uninstalling Software in YaST
• Conclusion

A short and sweet Cool Solutions article related to loading the base OS packages into a ZLM bundle:

In order to update SUSE Linux Enterprise 10 managed devices with ZENworks 7 Linux Management, you need to load the base operating system packages into a ZENworks 7 Linux Management bundle. This process can also be used to load the SLE 10 SDK into ZLM. Here’s how you do it… [the article]

Searchdatacenter.com has a great guide to understanding Virtualization in the Data Center online, it covers:

• Management and Metrics
• Saving Power
• Disaster Recovery
• Best Platforms for Virtualization
• Server Virtualization Software
• Support and Management Tools

This is just the right article to introduce someone to the concepts and tools involved in Data Center Virtualization.

Enjoy,

RossB

How many times have you tried to get something to someone, a file, archive or report, but it’s too big for email? Happens to me all the time, and I bet it does to a significant # of us, so what are the options for safely transferring a file to someone?

The following is just a set of sites and tools that I have found and used, some are easy, some are not, most require registration at the least and some require paying for an account, all are just my personal experience and opinion.

• Senduit.com – This is perhaps the most useful and easy site for quick one-off download links to any file, particularly if you want it to time out after a short duration. It’s very easy, you go to senduit.com, click on the Browse button, locate the file and submit it. The file will be uploaded and a short URL will appear that you can use to link to that file, like I have with this cool wallpaper file. Highly recommended, no registration needed, but not good if you constantly send out the same file[s] all the time and need predictable URL’s for them.
• Yousendit.com – This site offers a quick 7 day hosting option for free, including sending an email to your intended recipient that let’s them know what the URL for the file is and exhorts them to use the service. If you sign up for a free account, they give you a sent files history, an address book, 100 transfers per file and up to 100MB per file, and the for-pay options go up from there. I uploaded the same wallpaper file as a test. Recommended if you need more permanent digs for your files, and very handy if you need to quickly post shoot something to someone, the posting and emailing in one step is particularly handy. Large files will need an upgrade or for pay and may be better elsewhere.
• Zupload.com – This site is more like senduit.com, it’s pretty easy, you browse for the file, fill in the optional name, sender email and recipient emails and upload the file. The download URL for the wallpaper file appeared almost immediately and if you are happy with a 500MB file size limit and need unlimited downloads of that file, this is your site. (Note: Files are hosted for 30 days, then deleted, no other options exist).
• Dropsend.com – This site offers a whole table of options, from free and quite limited to for pay and mostly limited… Of particular note is the heavy restrictions for even the for pay and business plans. Maybe it’s just me, but having only 7 downloads and 1 user for a business plan is excessively restrictive, so unless you look at the options and like what you see, other sites might be more helpful.
• Leapfile.com – This site skips the for-free options and goes straight to for-pay, which seem to be fairly open and unrestricted, even in the description of their basic plan. They do offer a complete branded solution and integration to the customer’s website, which makes it an attractive option for a small or medium business who wants to provide files for ongoing download access. I have a friend who uses this service for distributing updates to software to customers, and recommended it.

Hopefully all this will be helpful for those of you who need to transfer legal and non-adult files, as the terms of service for all of these state those restrictions. If you have a particular site you like and use, recommend it in a comment and we’ll add it to the roster and give you credit.

Enjoy,

RossB

Check out this great article from the Novell Connections magazine that details a number of the many new features in SUSE Linux Enterprise 10 Service Pack 1.

Here’s a sample of the great info awaiting you:

RossB

Novell has done a lot of work to expand the the use cases for SUSE Linux Enterprise Desktop. Today SLED can be deployed in a number of ways from a fully locked down kiosk to a full blown laptop for general knowledge workers. Locked down environments are particularly useful in thinclient computing models.

One of the most compelling reasons to deploy SLED over a proprietary desktop is the ability to lock it down at a very granular level. This means that you have the ability to lock down desktops so that EVERYTHING is locked down, or just a few things.

There are a number of tools included in SLED to lockdown the desktop. In this article we’ll discuss how to manually lockdown the desktop using:

• Gconf
• Permissions and groups
• Removal of programs and modules
• Configuring files/settings

GConf is a system used by the GNOME desktop environment for storing configuration settings for the desktop and applications. Each user has a .gconf directory stored in their home directory that stores their individual settings. There is also a global gconf directory located in /etc/opt/gnome/gconf/. Administrators can mark settings as “default” or prevent users from changing the settings by marking them as “mandatory”.

There are several lockdown options stored in GConf. There are two great tools to configure GConf keys, gconf-editor and gconftool-2.

• gconf-editor (/opt/gnome/bin/gconf-editor) is a graphical tool that allows you to change local gconf keys or set global mandatory/default keys.
  • To set a key as mandatory or default, open gconf-editor as root, navigate to the key you want to set, right click on it and choose to set as mandatory or default.
  • You can search for gconf keys by going to the edit menu and choosing “find”.
• gconftool-2 (/opt/gnome/bin/gconftool-2) is a command line tool which allows you to modify gconf settings. It be used in creating a script to lockdown desktops as part of an automated/scripted deployment.  Gconftool-2 is also very useful when writing scripts to build and lockdown KIWI based images.  Listed below is an example of the syntax for changing a key which has a boolean key:
  • gconftool-2 –direct –config-source xml:readwrite:/etc/opt/gnome/gconf/gconf.xml.mandatory –type bool –set /apps/metacity/general/reduced_resources true
  • Here is the syntax for setting a string gconf key:
  • gconftool-2 –direct –config-source xml:readwrite:/etc/opt/gnome/gconf/gconf.xml.mandatory –type string –set /apps/metacity/window_keybindings/begin_resize disabled
  • Note how both keys being modified are in the gconf.xml.mandatory directory. To make a key default rather than mandatory switch gconf.xml.mandatory to gconf.xml.defaults.

GConf Schema is broken down into 5 main categories: apps, desktop, schema, schemas, and system. As far as lockdown is concerned the main categories of interest are apps and desktop. Listed below are some important gconf keys which you can modify to customize and lockdown your desktops. Remember that these keys can be set as default or mandatory for users.

• /apps/gnome-screensaver/idle_activation_enabled –This will force the screen saver to come on when the session is idle
• /apps/gnome-screensaver/idle_delay –The number of minutes of inactivity before the session is considered idle.
• /apps/gnome-screensaver/lock_enabled –Set this to TRUE to lock the screen when the screensaver goes active.
• /apps/nautilus/preferences/show_desktop –If set to true, then Nautilus will draw the icons on the desktop. If false the user will not be able to interact with the file system through the Desktop.
• /apps/panel/global/locked_down –If true, the panel will not allow any changes to the configuration of the panel. Individual applets may need to be locked down separately however. The panel must be restarted for this to take effect.
• /desktop/gnome/applications/main-menu/lock-down/search_area_visible –set to true if the search area should be visible and active.
• /desktop/gnome/applications/main-menu/lock-down/user_modifiable_apps –set to true if the user is allowed to modify the list of user-specified or “Favorite” applications.
• /desktop/gnome/background/picture_filename –File to use for the background image
• /desktop/gnome/lockdown/disable_command_line –Prevent the user from accessing the terminal or specifying a command line to be executed. For example, this would disable access to the panel’s “Run Application” dialog.
• /desktop/gnome/lockdown/disable_printing –Prevent the user from printing. For example, this would disable access to all applications’ “Print” dialogs.
• /desktop/gnome/lockdown/disable_print_setup –Prevent the user from modifying print settings. For example, this would disable access to all applications’ “Print Setup” dialogs.
• /desktop/gnome/lockdown/disable_save_to_disk –Prevent the user from saving files to disk. For example, this would disable access to all applications’ “Save as” dialogs.
• /desktop/gnome/remote_access/ –There are a number of settings in this directory for configuring remote access through vnc.

There are many other useful keys and some new ones we have introduced in SLED 10 SP1. I suggest that you spend some time browsing through gconf with gconf-editor. Each key has a “description” associated with it that will give you some info on what it does.

Permissions and Groups is another useful way of locking down Desktops. You can modify permissions on particular applications so that only users who are in a specific group can have access to it. In the example Below I show you how to change permissions on Firefox and GnomeTerminal so that user1 can use firefox and gnome-terminal, but user2 can only use gnome-terminal.

#Here I create two groups
groupadd gnometerminal -g 203
groupadd firefox -g 204

#Here I assign local users to the appropriate group or groups
usermod user1 -A gnometerminal,firefox
usermod user2 -G gnometerminal

#Here I change the ownership of the applications to lock out others from accessing it and changing it.
chown root:firefox /usr/bin/firefox
chown root:gnometerminal /opt/gnome/bin/gnome-terminal

#Here I change the permissions of the applications to lock out others from accessing it and changing it.
chmod 754 /usr/bin/firefox
chmod 754 /opt/gnome/bin/gnome-terminal

Another way to lock down the system is by removing components. The easiest way to prevent users from using certain applications is by not installing them in the first place. You can remove applications by using the YaST software management module or by using the rpm -e command.

You can further lockdown the system by removing certain kernel modules. By removing the following module you can prevent the system from recognizing USB mass storage devices (like flash drives, usb drives, iPods etc.), but still use USB keyboards and mice.

/lib/modules/2.6.16.46-0.12-smp/kernel/drivers/usb/storage/usb-storage.ko (you can use the uname -r command to determine which version of the kernel you’re using).

While you can use gconf to prevent users from getting to terminals installed on the system you need to configure /etc/X11/xorg.conf to prevent access to virtual terminals. In the “ServerLayout” section add the following lines to prevent users from switching to a virtual terminal and to prevent them from killing X by typing ctrl-alt-backspace:

Option DontVTSwitch True
Option DontZap Yes

This article only shows a small subset of the lockdown functionality of SUSE Linux Enterprise Desktop, but it should get you well on your way. Have a lot of fun!