≡ Menu


Red Hat Enterprise Linux 5.2 Released

Red Hat enterprise Linux version 5.2 has been released and available via a Red Hat Network subscription. This update brings broad refresh of hardware support and improved quality, combined with new features and enhancements in areas such as virtualization, desktop, networking, storage & clustering and security.

Virtualization of very large systems, with up to 64 CPUs and 512 GB of memory, is now possible. Virtualization support for NUMA-based architectures is provided, as well as security, performance, manageability and robustness improvements. CPU frequency scaling support for virtualized environments also allows for reduced power consumption.

Red Hat Enterprise Linux 5.2 provides enhanced capabilities for several hardware architectures, covering x86/x86-64, Itanium, IBM POWER and IBM System z, which provide improved performance, power usage, scalability and manageability. For example, support for Intel's Dynamic Acceleration Technology permits power saving by quiescing idle CPU cores, and offers performance gains by potentially overclocking busy cores within safe thermal levels. Other hardware enhancements include extensive device driver updates, covering storage, network and graphics devices, and certification of IBM's new Cell Blade systems.

Red Hat Enterprise Linux becomes a certified operating system for IBM's new high-performance blade server based on Cell Broadband Engine (Cell/B.E) Architecture.

Desktop version includes latest cutting edge softwares:

  • Evolution 2.12.3
  • Firefox 3
  • OpenOffice 2.3.0
  • Thunderbird 2.0

Red Hat Cluster Suite, which is included in Red Hat Enterprise Linux 5 Advanced Platform, now has a Resource Event Scripting Language that enables sophisticated application failover capabilities. It also newly supports SCSI-3 reservation fencing support for active/active and active/passive DM/MPIO (multipathing), which widens the range of storage devices that can be used in clusters.

Improved iSCSI support allows users to set-up diskless systems with a root volume on the iSCSI server, a common requirement in high-density Blade environments.

How do I upgrade my system?

First, make sure you backup existing configuration and data. Next, simply type the following two commands:
# yum update
# reboot

Verify that everything is working fine including all services:
# netstat -tulpn
# netstat -nat
# tail -f /var/log/messages
# egrep -i 'error|warn' /var/log/messages
# egrep -i 'error|warn' /path/to/apps/log/file

Alternatively, you can click on the "Red Hat Network Alert Notification GUI Tool" - which is a notifier that appears on the panel and alerts users when software package updates are available for the systems. This is point and click method.

If you are CentOS Linux user wait for some time to get all updates. More information available at Red Hat web site.

It was discovered that a buffer overflow in the GIF image parsing code of Tk, a cross-platform graphical toolkit, could lead to denial of service and potentially the execution of arbitrary code. This is affected on all Linux / UNIX distributions.


Package : libtk-img
Vulnerability : buffer overflow
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2008-0553

Debian / Ubuntu Linux Fix

Type the following command:
# apt-get update
# apt-get upgrade

Download Firefox 3 Release Candidate 1

Firefox 3 release candidate 1 (RC1) is available for download from official project web site. Firefox 3 is based upon Gecko 1.9 engine, which has more than 14,000 updates including some major re-architecting to provide improved performance, stability, rendering correctness, and code simplification and sustainability. Firefox 3 has been built on top of this new platform resulting in a more secure, easier to use, more personal product with a lot more under the hood to offer website and Firefox add-on developers.

Quick Firefox 3 RC1 Installation

Type the following command at a shell prompt:
$ cd /tmp && wget 'http://download.mozilla.org/?product=firefox-3.0rc1&os=linux&lang=en-US'
$ tar -jxvf firefox-3.0rc1.tar.bz2

Backup existing settings:
$ mkdir ~/backup
$ cp -avr ~/.mozilla/ ~/backup/

Now install new firefox at /opt:
$ sudo tar -jxvf firefox-3.0rc1.tar.bz2 -C /opt/
Start Firefox:
$ /opt/firefox/firefox &

(Fig.01: Firefox 3 in action [click to enlarge image])

Download FireFox 3 RC1 for Windows / Linux / OS X

A word about addons

Following addons are not compatible with FF3:

  • Firebug (beta version should work with FF3, see comments below)
  • Yslow
  • Google toolbar
  • Stumble toolbar

Updated for accuracy!

Upgrading lighttpd is a piece of cake. There are two methods:

a) Use yum or apt-get or FreeBSD ports / command to update binary lighttpd package

b) Just download latest lighttpd tar ball from official web site and install the same.

Let us see how to upgrade lighttpd using source code (tar ball).

# 1 : Download lighttpd

Use wget or lftp command line http / ftp accelerator tools:
$ cd /opt
$ wget http://www.lighttpd.net/download/lighttpd-1.4.17.tar.gz

# 2 : Verify lighttpd

Use sha1sum or md5sum hash to verify lighttpd tar ball integrity:
$ md5sum lighttpd-1.4.17.tar.gz

# 3: Configure lighttpd

Now configure and compile lighttpd web server:
$ ./configure
$ make

# 4: Stop lighttpd

First stop currently running lighttpd web server:
# /etc/init.d/lighttpd stop
Make sure you are in installation directory, use the following command to uninstall old version:
# make uninstall

# 5: Install lighttpd

Just enter the following command:
# make install
Start lighttpd:
# /etc/init.d/lighttpd start
Watch out for lighttpd log files for any problems:
# tail -f /var/log/messages
# tail -f /var/log/lighttpd/error.log
# tail -f /var/log/lighttpd/scripts.log
# tail -f /var/log/lighttpd/access.log

A note about binary package upgrade method

You can download rpm file or use yum / apt-get command:
apt-get update lighttpd
yum update lighttpd

Download of the day: Lighttpd web server 1.4.17

Finally, new Lighttpd 1.4.17 has been released. This is security and bug fix update. I had updated my box and now this site is powered by 1.4.17.

Download lighttpd

Visit official web site here

Install and configure Lighttpd under Linux

(a) See how to install and configure lighttpd under RHEL

(b) See all lighttpd related articles

Malware is used for a harmful purpose. It can be in your software or hardware. Email and free (don't confuse with OSS) or pirated software is the most famous way to spread malware. It is inserted in a system w/o user notification.

Wikipedia defines Malware as:

Malware is software designed to infiltrate or damage a computer system without the owner's informed consent. It is a portmanteau of the words "malicious" and "software". The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

It will be a nice idea to block malware spreading urls and website. Setting up a mlaware blacklist in Postix MTA is quite easy. The Malware Block List is a free, automated and user contributed system for checking URLs for the presence of Viruses, Trojans, Worms, or any other software considered Malware. The list is available in 25 formats.

Create a blacklist

First you need to create a blacklist, type the following command:
# wget -O - http://www.malware.com.br/cgi/submit?action=list_postfix > /etc/postfix/mbl-body-deny

Configure Postfix

Open postfix main.cf file:
# vi /etc/postfix/main.cf
Setup postfix body_check directive:
body_checks = regexp:/etc/postfix/mbl-body-deny

Restart Postfix

Now just restart postfix:
# postmap /etc/postfix/mbl-body-deny
# /etc/init.d/postfix restart

Automate procedure

You need to setup a cron job to automate entire procedure. Create a shell script as follows (Download link):

# Script to update malware urls
/usr/bin/wget -O - http://www.malware.com.br/cgi/submit?action=list_postfix > /etc/postfix/mbl-body-deny
/usr/sbin/postmap /etc/postfix/mbl-body-deny
/etc/init.d/postfix reload

Add cronjob as follows:
40 23 * * * /etc/admin/scripts/fetch.postfixmalware.sh >/dev/null 2>&1

You may wan to combine this feature with mime attachments blocking and anti spam blacklist for the best result.

Further readings

Looking for bug fixes and performance improvements, Novell is offering first service pack. I’ve noticed boot speed and other speed improvements. My office presentation laptop has Suse Linux and I’ve update the same :)

SUSE Linux Enterprise 10 SP1 and Virtual Machine Driver Pack contain several innovations, many of which came from direct collaboration with customers and partners

From the official press release:

Novell today announced that the first service pack (SP1) for SUSE Linux Enterprise 10 is now available to customers worldwide. Featuring significant enhancements in virtualization, high-performance computing, security, interoperability and system management, SUSE Linux Enterprise 10 SP1 from Novell® lets organizations take advantage of the latest technical advances in the best-engineered, lowest-cost and most-interoperable platform for mission-critical computing.

Service Pack 1 Enhancements

  • Enhanced virtualization support and management
  • Updated high-availability storage infrastructure
  • Support for new processor technologies, including Quad-Core Intel Xeon and Quad-Core AMD Opteron processors.
  • Enhanced security features
  • Audit subsystem enrichment
  • Support for Novell Open Enterprise Server 2.

Download Novell enterprise Linux service pack 1 - SP1 - ISO image