Sunday 15 April 2012

A GNOME user's curious Peek At openSUSE 12.2 Milestone 3 (x86_64) / Live KDE / 4.8.1

This post is made from a Release 12.2 (Mantis) 64-bit/GNOME 3.4.0/Kernel Linux 3.3.0-2-desktop.(Live CD)/openSUSE 12.2 Milestone 3. I am a GNOME user(probably for about 3 years) and i was curious about KDE. People  always have been claiming that it is best "The Desktop Environment". I have never used KDE before and i wanted to try out KDE to find out what's so special about it and hence I downloaded the KDE live ISO which is available through Download openSUSE 12.2 Milestone 3 page and burned / wrote it onto a flash drive using SUSE Studio Image writer . As usual , I had to tweak my BIOS and make my flash drive the first boot device.
The boot process was smooth and the graphics were way cooler and much better than that of GNOME live CD and the KDE interface seems to be polished and refined. No wonder people feel that openSUSE  is a KDE centric distribution. I only wish that they put in the same effort and dedication into GNOME too . Other GNOME based distributions like FEDORA , MINT seem to provide lot of applications for GNOME and the default installation provides lot of features and interface is heavily refined and cool. Alas GNOME appears to receive step motherly treatment from openSUSE.
I Always thought KDE was a desktop environment but no , it thinks that it is world wide network :-),LOL.The excerpt from About KDE is below:-
"KDE is a world-wide network of software engineers, artists, writers, translators and facilitators who are committed to Free Software development. This community has created hundreds of Free Software applications as part of the KDE Development Platform and KDE Software Distribution."
The things i missed being used to GNOME 3 desktop were:-
  • By default all the windows couldn't be restored / moved / minimised / maximised using  "Alt space menu". It might have been configured but I didn't bother to dig deep into the settings
  • The application launcher was not mapped to the windows key on the keyboard.This added one more key on my keyboard to the useless list.
  • Sorely missed the GNOME activities application / window switcher which could be activated using a simple mouse gesture.
  • I couldn't capture screenshot of the current/active  window using Alt+PrintScr key combination
  • I usually use a note making tool on my desktop and when i tried to open the note making tool (KNotes),the default background colour light yellow was too bright to my liking.
  • Default view/tab in YaST doesn't show any installed packages.Being used to gnome version of YaST, I was wondering as to how come the installed packages were missing.I then found the installed packages under repositories tab
Moving on to the niceties of the KDE desktop.
  • Unlike GNOME 3.X , KDE 4.X looks and feels more mature
  • It seems to play very nicely and feels light weight compared to what i read elsewhere where they describe KDE as a resource hogging monster.
  • Compared to Nautilus ,Dolphin is loaded to the brim with features and a never ending list of customisations.I understand that Nautilus does have Nautilus Actions,but since it is not packaged by default on openSUSE. Dolphin wins over nautilus hands down.
  • Except for the GNOME Extensions ,GNOME currently doesn't offer any customisations whereas KDE offers a lot of inbuilt widgets like weather,CPU,clock etc:
  • The calendar on KDE was loaded /  pre populated with the holiday list which is a nice touch.
  • The music player Amarok came with a default track which is very useful for testing sound on a new installation.Though there is always a alternative way of opening pulse on GNOME or KMIX on KDE and testing the sound from there.
  • KDE experience felt closer to windows than GNOME.
  • I would love something similar to My Computer/Sysinfo on KDE on GNOME
KDE Desktop with clock,weather and CPU temperature widgets
My Computer or sysinfo is ultra cool
The confusing KDE Activities menu .Can some one tell me the difference between Desktop and Desktop Icons activities :-)
The ultra large icons in the Alt+Tab switcher made me feel that i am visually challenged
Amarok with a preloaded track "Art of Nations"
Too bad it crashed whenever i opened and closed it.
Calendar with preloaded holiday list is cool
Dolphin ,loaded with features.I liked the copy to list which is missing in Nautilus 3.X series
Infamous "K" Juggernaut (kwrite,Kcalc,Konsole,Kaffeine)
Though openSUSE offers only one browser(removes Epiphany) on GNOME ,it offers two default browsers namely Konqueror and Firefox on KDE
KMIX is a classic case of bad design on an otherwise wonderful desktop
Nice Application Launcher
YaST installer(QT version) should display all the installed package by default like the GTK version

Wednesday 4 April 2012

Quick Peek at GNOME 3.4

  Since I was pretty excited at the release of GNOME 3.4 ,I wanted to take a peek at it before openSUSE 12.2 comes out with GNOME 3.4 sometime around JULY 2012.I downloaded the GNOME 3.4 live ISO which is available through Getting GNOME page and wrote it onto a flash drive using SUSE Studio Image writer . I verified the hash code for the GNOME-3.4.iso using the hash tool built into FatRat download manager against GNOME-3.4.iso.md5sum.I then had to tweak with my bios which is pretty old. I wouldn't let me boot  boot from the flash drive unless it is the first boot device.
 The boot up was pretty snappy and the default wallpaper was pretty bland and bluish though many good wallpapers were available in gnome-control-center on the live cd.
Here is a screenshot of gnome-system-monitor of the live ISO cd.
 There was a working version of the Accessibility switcher (ctrl+Alt+Tab) and it was awesome on can navigate the activities menu pretty easier using activities switcher.
No improvements seen in Alt+Tab switcher. I wished that they would put in something like coverflow switcher. Guess we can always enhance it through extensions.
Similarly no significant improvements seen in Activities  window switcher
I usually use left handed mouse setting,thankfully the functionality worked and I could switch the default settings
Many default applications (libreoffice,package mangers,gnome-tweak-tool)on distributions like openSUSE is conspicuous by their absence. Also the live cd doesn't offer way to  install GNOME 3.4 onto you system unlike openSUSE live cds.
Many default games were available on the live cd
The Nautilus preview works well on GNOME 3.4.The below screenshot is a nautilus preview of pdf. It is amazing.
Here is a nautilus preview of a random text file
One could use the default browser epiphany on the live cd to view html 5 videos over the net.You need to first enable the html5 mode in youtube using this url . Amazingly without any codec installation it shows inbuilt support for h.264  and WebM video formats.
Once HTML 5 trial is activated on youtube one can enjoy videos which are available.
Epiphany menu on the right hand top is kind of cool. Also in maximize mode / full screen mode,the top bar of the browser disappears /gets integrated into the  Top Bar of the GNOME SHELL desktop.
The File and other menu items like preferences are accessible through the TOP BAR of GNOME SHELL.
The boxes virtual Machine is a promising tool.
The live cd has Rythmbox and totem to play songs and videos ,of course those which are encoded in flac and other OSS formats.
Now all that is left to do is upgrade to GNOME 3.4 from GNOME 3.2 as soon as openSUSE 12.2 comes out.

Monday 2 April 2012

Securing GNOME 3.2.1 openSUSE 12.1

 In order to secure my GNOME 3 desktop I use a combination of following tools . This ensures that there is multilevel protection on my system. Prevention is always better than cure :-) . All the software described below are being used on openSUSE 12.1 / GNOME 3.2.1.
==>Clam Antivirus & Fireclam Addon(gecko based browser like Firefox and SeaMonkey)
==>AppArmor
==>Rootkit Hunter & chkrootkit
Clam Antivirus
Salient Features of Clam Antivirus are:-
==>ClamAV is an open source (GPL) Antivirus engine
==>It can detect Trojans, viruses, malware and other malicious threats.
==>It is the de facto standard for mail gateway scanning.
==>It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning
==>The core ClamAV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats.
==>Tool for automatic signature updates.There is a scheduler for scheduling scans as well as option to schedule update the definitions.
==>The software can update virus signatures,GUI and Antivirus engine independently.
Installation:-
Clam Antivirus can be installed using the famous 1- Click Install on . Alternatively it can installed from this search page.
Usage:-
It can be found under Activities ( Windows Key ) ==> Applications ==> System Tools ==> ClamTk.
After hitting windows key one can type in "clamtk"  and GNOME 3 desktop will intuitively show clamtk GUI
It can also be launched using command "clamtk" through quick launch window (Alt + F2 )
Main Window After installation
The signatures can be updated using update window.The update menu can be located under help menu
The following screenshot is how the application looks after updation
Fireclam Addon
One can force automatically scan all the downloaded files using Fireclam Addon which can be installed onto a gecko based browser. After installation the addon will automatically invoke clamscan to scan the files being downloaded the  whenever files are downloaded through the browser
SeaMonkey showing Fireclam installed
Clamscan shown running in "gnome-system-monitor" when files are being downloaded
AppArmor 
==>AppArmor proactively protects the OS and Apps from threats by enforcing good behavior and preventing even unknown application flaws from being exploited.
==> AppArmor security policies completely define what system resources individual applications can access, and with what privileges. A number of default policies are included with AppArmor.
Installation:-
Here is the 1- Click install for installing AppArmor . Alternatively it can installed from this search page. After installing AppArmor one should restart the system to activate the software.
Usage:- 
To check the status of the profiles that have been installed you can run the command "aa-status" from "gnome-terminal".
Sample output for aa-status(shows whether profiles are AppArmor successfully installed or not)
linux-9p85:~> sudo /usr/sbin/aa-status
root's password:
apparmor module is loaded.
27 profiles are loaded.
27 profiles are in enforce mode.
   /bin/ping
...
   /usr/sbin/smbldap-useradd///etc/init.d/nscd
   /usr/{sbin/traceroute,bin/traceroute.db}
0 profiles are in complain mode.
3 processes have profiles defined.
3 processes are in enforce mode.
...
Create New Profiles:-
A good article demonstrating setting up of new / additional  AppArmor profiles here using YaST .One can also take a look at the  detailed article about it here in ubuntu forums.
rkhunter & chkrootkit
==>Rootkit Hunter and chkrootkit are very useful command line / CLI based tools which can be invoked through "gnome-terminal" and can detect a variety of malware.
==>Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers.
==>chkrootkit is a set of tools that detect rootkit (a program that hides the presence of attackers) symptoms on a system
Installation:- 
Here is the 1- Click install for installing rkhunter . Alternatively it can installed from this search page.
Here is the 1- Click install for installing chkrootkit . Alternatively it can installed from this search page.
Usage:-
rkhunter update
rkhunter can be updated using command "sudo rkhunter --update"
Sample rkhunter update process output:-
linux-9p85:~> sudo rkhunter --update
root's password:
[ Rootkit Hunter version 1.3.8 ]
Checking rkhunter data files...
  Checking file mirrors.dat                                  [ No update ]
  Checking file programs_bad.dat                             [ Updated ]
...
rkhunter scan
rkhunter can be used to check for rootkit using the command"sudo rkhunter -c"
Sample output for rkhunter usage:-
linux-9p85:~> sudo rkhunter -c
[ Rootkit Hunter version 1.3.8 ]
Checking system commands...
Checking for rootkits...
  Performing check of known rootkit files and directories
    55808 Trojan - Variant A                                 [ Not found ]
    ADM Worm                                                 [ Not found ]
    AjaKit Rootkit                                           [ Not found ]
...
chkrootkit scan
Sample output for chkrootkit usage:- 
linux-9p85:~> sudo /sbin/chkrootkit
ROOTDIR is `/'
Checking `amd'... not found
Checking `basename'... not infected
Checking `biff'... not found
Checking `chfn'... not infected
.....