Language Selection

English French German Italian Portuguese Spanish

today's howtos

Filed under
HowTos
  • How to unmount hard drives on Ubuntu

    If you need to unmount a hard drive in Ubuntu, the fastest and easiest way to do it is with Gnome Disks. Gnome Disks is a disk management tool. With it, users can manage hard drives, USB devices, and everything else storage-related.

  • Introducing the target settings and policies in SELinux - Linux Concept

    Before we embark on the journey of using these four automation frameworks, we need to clarify what we want to accomplish. After all, to truly compare automation frameworks, we need to test each framework with the same tests each time.

  • Linux firewalling and SECMARK support - Linux Concept

    The approach with TCP, UDP, and SCTP ports has a few downsides. One of them is that SELinux has no knowledge of the target host, so cannot reason about its security properties. This method also offers no way of limiting daemons from binding on any interface: in a multi-homed situation, we might want to make sure that a daemon only binds on the interface facing the internal network and not the internet-facing one, or vice versa.

    In the past, SELinux allowed support for this binding issue through the interface and node labels: a domain could be configured to only bind to one interface and not to any other, or even on a specific address (referred to as the node). This support had its flaws though, and has been largely deprecated in favor of SECMARK filtering.

    Before explaining SECMARK and how administrators can control it, let’s first take a quick look at Linux’s netfilter subsystem, the de facto standard for local firewall capabilities on Linux systems.

  • How to Take Screenshots on Ubuntu? 4 Different Methods

    The old wisdom says that a picture is worth a thousand words. The underlying idea is that information conveyed through looking at something is far more effective than hearing or reading a description of it.

    Screenshots are a sleek aid to have at your side, especially if you're trying to explain a complex topic. This guide will cover all the different ways to take screenshots on Ubuntu. So, without further ado, let's dive right in…

  • How to Migrate from CentOS to Oracle Linux

    With the shift in focus from CentOS project to CentOS Stream which will now serve as the upstream to RHEL, a few CentOS alternatives have been floated to replace CentOS 8.

    For while now CentOS has been widely used by small businesses and developers in server environments given that it provides the stability and reliability that RHEL offers at absolutely no cost. Being a rolling release and a Beta version for future RHEL releases, CentOS Stream will certainly not be recommended for production workloads.

  • How to Manually Add Software Repositories in Linux

    When you search for a package on Linux through the command line, your system's package manager looks for the package in various repositories. By default, every Linux distribution has some official repositories that contain stable packages supported by the distro team.

    However, when you try to grab a package not present in the official software repositories, the package manager will display an error. In such situations, what you can do is manually add the third-party repository to your system and then download the package.

    Let's see how you can add new repositories to your system's sources list.

  • How to Get Windows 11 Style System Panel in Ubuntu 20.04, 21.04 | UbuntuHandbook

    The upcoming Windows 11 has leaked online a few days ago. Here’s how to implement the new look and feel in Ubuntu 20.04, and/or Ubuntu 21.04.

    Gnome has a large collection of extensions to get additional and optional functionality. You can use dash to panel to combine the top-bar and the left dock into single. And Arc Menu extension is available to replace the default system app launcher.

  • How To Install OpenCart on Ubuntu 20.04 LTS - idroot

    In this tutorial, we will show you how to install OpenCart on Ubuntu 20.04 LTS. For those of you who didn’t know, OpenCart is a free open-source eCommerce platform for online merchants. OpenCart provides a professional and reliable foundation from which to build a successful online store. With features like User Management, Multi-Store, Affiliates, Discounts, Product Reviews, Multi-lingual and multiple Payment Gateways, OpenCart is a platform of choice for many online merchants.

    This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the OpenCart free shopping cart system on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

  • Controlling process communications using SELinux - Linux Concept

    Linux applications communicate with each other either directly or over a network. But the difference between direct communication and networked communication, from an application programmer’s point of view, is not always that big. Let’s look at the various communication methods that Linux supports and how SELinux aligns with them.

  • ( Easy ) Test Your Internet Download Speed in Linux Terminal

    Now one of the things that every modern person wants to know about his internet connection is the network speed. Most people don’t even know if 60 Megabits is a good or bad speed but they know more is better. So in order to understand network speed we have to understand what is good and bad speed? But how to do this in a really short and not boring way? The easy way is to trust us and take our word that speeds grater than 75 Megabits per second are great for home and watching 4k online TV and so on.

    For the more curious readers there is an article on Wikipedia explaining network speeds which you can read from here.

    Now your network speed is divided in two parts, the first part is the external network speed ( the speed after your home router ) and internal speed ( the speed that your home network runs at ). In this article we are interested in our speed after the router ( The speed that the network provider is selling us ) so that we can check if we are getting what they are selling to us. For this to be accurate we have to accept that the internal network speed ( our home LAN ) is capable of reaching the provided by the provider speeds ( for example if we have a 200 Megabit provided to our router, the router has to be capable to operate at gigabit speeds ).

  • A Beginner’s Guide to Software Repositories in Ubuntu

    While installing software on Ubuntu using the command line, you might have noticed the word "repository" often used in the output. If you're new to the whole Linux universe, then this might be a new term for you. What does it mean, and why does your system need these repositories?

    This article will introduce you to the concept of repositories in Ubuntu, along with a brief description of the various types of repositories available to use.

  • TAR vs. TAR.GZ Files: What’s the Difference?

    TAR archives are an integral part of a Linux ecosystem. All the packages that you install on your machine are provided in the form of compressed archives. Some of them have the TAR file extension, while other compressed archives use the TAR.GZ or TAR.BZ2 file format.

    But are TAR and TAR.GZ files essentially the same? And if not, what is the difference between these two file types? You will discover the answers to these questions in this post.

  • Securing high-speed InfiniBand networks in Linux - Linux Concept

    The InfiniBand standard is a relatively recent (in network history) technology that enables very high throughput and very low latency. It accomplishes this by having a very low overhead on the network layer (protocol) and direct access from user applications to the network level. This direct access also has implications for SELinux, as the Linux kernel is no longer actively involved in the transport of data across an InfiniBand link.

    Let’s first look at what InfiniBand looks like, after which we can see how to still apply SELinux controls to its communication flows.

  • Supporting CIPSO with NetLabel and SELinux - Linux Concept

    NetLabel/CIPSO labels and transmits sensitivities across the network. Unlike labeled IPsec, no other context information is sent or synchronized. So, when we consider the communication flows between two points, they will have a default, common SELinux type (rather than the SELinux type associated with the source or target) but will have sensitivity labels based on the sensitivity label of the remote side.

    Part of NetLabel’s configuration are mapping definitions that inform the system which communication flows (from selected interfaces, or even from configured IP addresses) are for a certain Domain of Interpretation (DOI). The CIPSO standard defines the DOI as a collection of systems that interpret the CIPSO label similarly, or, in our case, use the same SELinux policy and configuration of sensitivity labels.

    Once these mappings have been established, NetLabel/CIPSO will pass on the sensitivity information (and categories) between hosts. The context we will see on the communication flows will be netlabel_peer_t, a default context assigned to NetLabel/CIPSO-originated traffic.

    Through this approach, we can start daemons with a sensitivity range and thus only accept connections from users or clients that have the right security clearance, even on remote, NetLabel/CIPSO-enabled systems.

  • Understanding labeled networking in Linux - Linux Concept

    Another approach to further fine-tune access controls on the network level is to introduce labeled networking. With labeled networking, security information passes on between hosts (unlike SECMARK, which only starts when the netfilter subsystem receives the packet, and whose marking never leaves the host). This is also known as peer labeling, as the security information passes on between hosts (peers).

    The advantage of labeled networking is that security information remains across the network, allowing end-to-end enforcement on mandatory access-control settings between systems as well as retaining the sensitivity level of communication flows between systems. The major downside, however, is that this requires an additional network technology (protocol) that can manage labels on network packets or flows.

    SELinux currently supports two implementations as part of the labeled networking approach: NetLabel and labeled IPsec. With NetLabel, two implementations exist: fallback labeling and CIPSO. In both cases, only the sensitivity of the source domain is retained across the communication. Labeled IPsec supports transporting the entire security context with it.

  • Using labeled IPsec with SELinux - Linux Concept

    Although setting up and maintaining an IPsec setup is far beyond the scope of this book, let’s look at a simple IPsec example to show how to enable labeled IPsec on a system. Remember that the labeled network controls on the interface, node, and peer levels, as mentioned earlier, are automatically enabled the moment we use labeled IPsec.

  • Using I2C LCD display With Raspberry PI Pico and MicroPython

    Adding a display to Raspberry PI Pico allows getting real time information from connected devices without using a computer from USB port. I2C LCD displays (with PCF8574 backpack) are one of best solution to keep wiring simple

    In this tutorial I’m going to show you how to connect and use an I2C LCD display to Raspberry PI Pico.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.