Monday, September 15, 2008

SELinux on Fedora Core workstations

SELinux - an introduction for desktop users

Introduction

This post is really just an introduction to SELinux on a desktop Linux machine. It is not intended for people running servers. It is also not an in depth look at SELinux, for that try here :- http://www.nsa.gov/selinux/ and http://www.nsa.gov/selinux/faq.html or try the FAQs at http://www.crypt.gen.nz/selinux/faq.html.

I have based this piece on my experiences with my home PC running, first Redhat 9, then Fedora Core 1 then 2 and now 3.

What is SELinux

SELinux is additional security that runs behind the normal Linux security. Note that I say behind normal Linux security. This means that SELinux only gets referred to if your request passes the normal Linux security.

SELinux comes with Fedora Core 2 and Fedora Core 3.

Do I need SELinux

The honest answer to that is, as a desktop user, no. Normal, non-SELinux, is probably secure enough for you, but as you get it as standard with fc2 and fc3, why not use it.

Strict and Targeted

The SELinux developers quickly realised that strict SELinux was going to cause some real problems to users and would require a fair degree of expertise in the end users, so they created a second flavour called targeted. Targeted is the flavour (policy) that you get by default with fc2 and fc3.

Targeted SELinux targets a number of daemons on your Linux machine that could be vulnerable to attack or be devastating to your machine. These daemons are - dhcpd, httpd, named, nscd, ntpd, portmapd, snmpd, squid and syslogd. The rest of the system runs as if SELinux was not switched on (they run in something called the unconfined_t domain).

Targeted policy

This is the default flavour of SELinux that you get with fc2 and fc3. From the list of daemons above, you can see that as a desktop user you will probably only ever be running two or three of them (syslogd, portmapd, and maybe dhcpd).

It is the targeted policy that I run on my home PC.

Strict Policy

I tried switching from targeted to strict on my home PC, but I couldn't even get it to boot (the init task ran foul of SELinux and I just got screens and screens of avc : denied messages. I suspect that this was due to me not running a relabel on my filesystem, and I couldn't use the autorelabel (more of that later) after reboot facility, as I could get it to boot (more on how I go out of that problem later). So I won't be going into the strict policy of SELinux in this piece.

What you notice with SELinux (targeted policy) running

The first thing you'll see is more messages at boot up. You get the following (or something similar) before you get the Init message (and then all of the various system process start okay messages).

 
Code:
security:  3 users, 4 roles, 320 types, 23 bools
security:  53 classes, 10921 rules
SELinux:  Completing initialization.
SELinux:  Setting up existing superblocks.
SELinux: initialized (dev hda2, type ext3), uses xattr
SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs
SELinux: initialized (dev selinuxfs, type selinuxfs), uses genfs_contexts
SELinux: initialized (dev mqueue, type mqueue), not configured for labeling
SELinux: initialized (dev hugetlbfs, type hugetlbfs), not configured for labeling
SELinux: initialized (dev devpts, type devpts), uses transition SIDs
SELinux: initialized (dev eventpollfs, type eventpollfs), uses genfs_contexts
SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs
SELinux: initialized (dev futexfs, type futexfs), uses genfs_contexts
SELinux: initialized (dev pipefs, type pipefs), uses task SIDs
SELinux: initialized (dev sockfs, type sockfs), uses task SIDs
SELinux: initialized (dev proc, type proc), uses genfs_contexts
SELinux: initialized (dev bdev, type bdev), uses genfs_contexts
SELinux: initialized (dev rootfs, type rootfs), uses genfs_contexts
SELinux: initialized (dev sysfs, type sysfs), uses genfs_contexts
SELinux: initialized (dev usbfs, type usbfs), uses genfs_contexts
SELinux: initialized (dev hda1, type ext2), uses xattr
SELinux: initialized (dev hda6, type ext3), uses xattr
SELinux: initialized (dev hdc1, type vfat), uses genfs_contexts
SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs
SELinux: initialized (dev binfmt_misc, type binfmt_misc), uses genfs_contexts
Apart from these messages, you should see nothing else out of the ordinary. If you find that certain of the processes that normally start at boot up fail, then see later for the solution.

You also get some new commands to play with (more later).

New commands


--setatus--

The /usr/sbin/setatus command tells you the status of SELinux on your PC.

 
Code:
[root@localhost ~]# sestatus
SELinux status:         enabled
SELinuxfs mount:        /selinux
Current mode:           enforcing
Mode from config file:  enforcing
Policy version:         18
Policy from config file:targeted

Policy booleans:
allow_ypbind            active
dhcpd_disable_trans     inactive
httpd_disable_trans     inactive
httpd_enable_cgi        active
httpd_enable_homedirs   active
httpd_ssi_exec          active
httpd_tty_comm          inactive
httpd_unified           active
mysqld_disable_trans    inactive
named_disable_trans     inactive
named_write_master_zonesinactive
nscd_disable_trans      inactive
ntpd_disable_trans      inactive
portmap_disable_trans   inactive
postgresql_disable_transinactive
snmpd_disable_trans     inactive
squid_disable_trans     inactive
syslogd_disable_trans   inactive
use_nfs_home_dirs       inactive
use_samba_home_dirs     inactive
use_syslogng            inactive
winbind_disable_trans   inactive
ypbind_disable_trans    inactive
[root@localhost ~]#
As you can see from the display above, not only is SELinux enabled, but it is also enforcing (you can set SELinux to simply tell you of any breaches, but still allow them), and is using the targeted policy (as opposed to the experimental strict policy).

The above display also shows if certain of the targeted policy checks have been turned off (disabled), more of this later.


--id--

The id command has extra information as well as a new switch - "-Z".

 
Code:
[nerderello@localhost ~]$ id
uid=502(nerderello) gid=503(nerderello) groups=503(nerderello) context=user_u:system_r:unconfined_t

[nerderello@localhost ~]$ id -Z
user_u:system_r:unconfined_t
As you can see, the "id" command by itself shows the usual stuff, plus the new SELinux stuff (context). While the "id" command with the "-Z" switch only shows the new SELinux stuff.

The context shown is made up of three parts - the identity , the role , and the domain or type . This encompasses who you are and what you can do/have access to.

The settings, in the SELinux that Fedora ships, for these three things are fairly generic. As far as identity is concerned, you're either a "user-u" (ie. a normal user) or "root" (ie. the root / superuser).

Your identity will change when you do a "su -" in a terminal. This is because the targetted policy that Fedora ships does both a su and a SELinux newrole at the same time.

--ls -Z--

The new switch to the file list command - ls -Z - allows you to see the contexts of your files.

 
Code:
[nerderello@localhost ~]$ ls -alZ
drwx------  nerderel nerderel root:object_r:user_home_dir_t    .
drwxr-xr-x  root     root     system_u:object_r:home_root_t    ..
-rw-------  nerderel nerderel user_u:object_r:user_home_t      .bash_history
-rw-r--r--  nerderel nerderel root:object_r:user_home_t        .bash_logout
-rw-r--r--  nerderel nerderel root:object_r:user_home_t        .bash_profile
-rw-r--r--  nerderel nerderel root:object_r:user_home_t        .bashrc
-rw-r--r--  nerderel nerderel root:object_r:user_home_t        .emacs
-rw-r--r--  nerderel nerderel root:object_r:user_home_t        .gtkrc
drwxr-xr-x  nerderel nerderel root:object_r:user_home_t        .kde
-rw-rw-r--  nerderel nerderel user_u:object_r:user_home_t      test.txt
-rw-------  nerderel nerderel user_u:object_r:user_home_t      .viminfo
-rw-r--r--  nerderel nerderel root:object_r:user_home_t        .zshrc
[nerderello@localhost ~]$
As you can see from the above display I have used the -Z switch along with -al switches to get the hidden files as well.

You can see from this display (above) that all apart from the test.txt and the .viminfo files have been created by root (when the user id of nerderello was setup).

--ps -Z--

The extra switch (-Z) for the process display command (ps), shows you the context of your processes.

 
Code:
[nerderello@localhost ~]$ ps -Z
LABEL                             PID TTY          TIME CMD
user_u:system_r:unconfined_t     4652 pts/1    00:00:00 bash
user_u:system_r:unconfined_t     4674 pts/1    00:00:00 ps
[nerderello@localhost ~]$
Yet again you can combine the -Z switch with others that you may use (like the obsolete -x switch, which is why you get the warning message, the -e switch would have been better).

 
Code:
[nerderello@localhost ~]$ ps -xZ
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
LABEL                             PID TTY      STAT   TIME COMMAND
user_u:system_r:unconfined_t     4001 ?        Ss     0:00 /bin/sh /etc/xdg/xfce
user_u:system_r:unconfined_t     4029 ?        Ss     0:00 /usr/bin/ssh-agent -s
user_u:system_r:unconfined_t     4056 ?        S      0:00 /usr/bin/dbus-launch 
user_u:system_r:unconfined_t     4057 ?        Ss     0:00 dbus-daemon-1 --fork 
user_u:system_r:unconfined_t     4061 ?        S      0:00 /bin/sh /etc/xdg/xfce
user_u:system_r:unconfined_t     4063 ?        S      0:00 xscreensaver -no-spla
user_u:system_r:unconfined_t     4068 ?        Ss     0:00 xfce-mcs-manager
user_u:system_r:unconfined_t     4070 ?        Ss     0:01 xfwm4 --daemon
user_u:system_r:unconfined_t     4071 ?        S      0:01 xftaskbar4
user_u:system_r:unconfined_t     4072 ?        S      0:05 xfdesktop
user_u:system_r:unconfined_t     4075 ?        S      0:06 /usr/bin/xfce4-panel
user_u:system_r:unconfined_t     4266 ?        S      0:00 /usr/libexec/gconfd-2
user_u:system_r:unconfined_t     4461 ?        S      0:16 gedit
user_u:system_r:unconfined_t     4463 ?        Ss     0:00 /usr/libexec/bonobo-a
user_u:system_r:unconfined_t     4465 ?        S      0:00 /usr/libexec/gam_serv
user_u:system_r:unconfined_t     4467 ?        Ss     0:00 /usr/bin/esd -termina
user_u:system_r:unconfined_t     4469 ?        S      0:00 xterm -title Terminal
user_u:system_r:unconfined_t     4471 pts/0    Ss     0:00 bash
user_u:system_r:unconfined_t     4650 ?        R      0:00 xterm -title Terminal
user_u:system_r:unconfined_t     4652 pts/1    Ss     0:00 bash
user_u:system_r:unconfined_t     4673 pts/1    R+     0:00 ps -xZ
[nerderello@localhost ~]$
Problems

The first problem I came across, when I upgraded to Fedora Core 2, was that the portmap daemon failed to start at boot, and I no longer had a syslog!

--daemons failing to start, no syslog--

There are a number of ways around this. You can sort out the filesystem so that it all works properly. Or (the first I used) simply turn SELinux off, a bit drastic, but it worked. Or you can disable the bit of SELinux that is causing the problems.

Sorting out the file system to allow proper SELinux operations

Get yourself to a command line prompt, as root or su -. Enter touch /.autorelabel . Reboot.

When your PC comes back up, you will get a warning message that the file system is being relabeled and that it make take some time. I found on my PC that it too about the same time a my regular "updatedb", about 5 or 6 minutes.

Once the relabel has completed, your PC will continue to boot in the normal way. The relabeling is a one off, you won't get this delay every time you boot up.

Now, when you use the "ls -Z" you'll see that all of your files have a context, rather than just some.

Turning SELinux off

As you'd expect with Linux, there are a number of ways to turn off SELinux. You can :-

1) Add selinux=0 to the kernel line within your /boot/grub/grub.conf file. Then, when you next boot, SELinux will not be started.


2) Add SELINUX=disabled to your /etc/sysconfig/selinux file (which may be a link to "/etc/selinux/config").

Disable parts of SELinux

Within Gnome or KDE you can use the System menu option Security Level, which runs the gui based program system-config-securtylevel.

This has a tab marked SELinux, which shows you what you can turn on and off.

From the SELinux service protection option within (at the bottom) the list of options you can turn off (disable) SELinux protection for particular daemons, such as portmap and syslogd.

You can also, from the SELinux tab, stop/start the enforce option (SELinux can be run either to enforce its policy, or simply to report on any breaches - you'll get loads of avc: denied messages if you do).


--Not all of my files have a SELinux context--

After an upgrade of Fedora you may need to relabel your file system. This allows SELinux to give all files the correct context.

Get yourself to a command line prompt, as root or su -. Enter touch /.autorelabel . Reboot.

When your PC comes back up, you will get a warning message that the file system is being relabeled and that it make take some time. I found on my PC that it too about the same time a my regular "updatedb", about 5 or 6 minutes.
 
Posted by at No comments:

Howto Install NVIDIA 3D Drivers

I find myself retelling how to manually install the NVIDIA 3D drivers an awful lot. Here's a short tutorial that should work on any distro:

**Installing the Drivers**

1. Make sure you have the kernel-sources, gcc and make packages installed.

2. Download the latest driver from Nvidia's site

3. Go into runlevel 3 (no GUI). This can be acheived several ways:

a) By typing CTRL+ALT+F1(or F2-F6), then logging in as root and typing init 3

b) By typing a 3 at the GRUB boot prompt.

c) By editing your /etc/inittab. See below for details.

d) Debian/Ubuntu users may need to use /etc/init.d/gdm stop instead.

4. Log in as root user, if you aren't already.

5. Find the driver you just downloaded and run it using something like sh NVIDIA-1.0.8174.run

6. If it gives you any of the errors below, ignore them and continue:

a) It warns you about rivafb support.
b) It tells you it can't find a precompiled kernel module off the Nvidia website.

7. Stay logged in as root and type modprobe nvidia

NOTE:As of version 8174 of the Nvidia driver, you no longer need to manually edit your xorg.conf file. Skip steps 8 and 9 if you are installing this version or newer.

8. Edit your /etc/X11/xorg.conf in the section marked "Devices" that looks something like this:
 
Code:
Section "Device"
    Identifier  "Nvidia Geforce 2"
    Driver      "nv"
9. Change the "nv" line to "nvidia"

NOTE: Some distributions use XFree86 instead of X.org. The steps are the same, you're simply editing a different file: the /etc/X11/XF86Config-4 file.

10. Log out as root, and back in as a regular user, then type startx

11. If you see the Nvidia logo flash then you're done. If not your X Windows will error out. Start a thread, post the errors, and we'll try and help you from there.


**Editing your /etc/inittab**
Some distributions require you to edit your /etc/inittab file in order to boot in to non-graphical mode, which is required in order to install the Nvidia drivers. Here is how you do it:

1. Log in as root user from a console window by typing su and your root (administrator) password when it prompts you.

2. Open up your /etc/inittab file with a simple text editor. Any one will do but I like pico, so for example purposes that's what I'll use:
 
Code:
pico /etc/inittab
3. Look for a line that looks something like this:
 
Code:
id:5:initdefault
4. Change the 5 to a 3

5. Save the file and reboot.

6. Once Linux goes through its regular boot screens you should be greeted with a simple text login screen. Continue from step 4 above.
 
Posted by at No comments:

Repartition hard drive Fedora Core 3 (FC3)

Recently I repartitioned the Hard Drive of a FC3 box. Steps taken as described hereinunder. Maybe the description can be used as tutorial.

B.R.
satimis

--- Description ---
Goal:
to repartition existing Hard Drive, adding 3 new partitions, namely /home, /lfs and /livecd and each having size 10G, 6G and 1G respectively.
/lfs (for building LinuxFromScratch using “Fedora Core 3” as host)
/livecd (for building LiveCD from LinuxFromScratch)
Operation System: Fedora Core 3
Bootloader: GRUB


A. Preparation before repartition
To find out the existing partitions
 
Code:
# fdisk -l /dev/hda
Disk /dev/hda: 40.0 GB, 40020664320 bytes
255 heads, 63 sectors/track, 4865 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device  Boot  Start End Blocks    Id System
/dev/hda1   * 1 13 104391    83 Linux
/dev/hda2  14 2563 20482875    83 Linux
/dev/hda3  2564 2690 1020127+    82 Linux swap
/dev/hda4  2691 4865 17470687+   5 Extended
/dev/hda5  2691 4865 17470656    83 Linux
To find out the size of Hard Drive/each partition and the system of each partition
 
Code:
# df -hT
Filesystem     Type Size     Used      Avail      Use%     Mounted on
/dev/hda2      ext3        20G      3.7G      15G       20%        /
/dev/hda1      ext3        99M      14M       80M      15%        /boot
none              tmpfs     125M     0           125M     0%         /dev/shm
/dev/hda5      ext3       17G       1.5G      15G      10%        /home

B. Repartition Steps

1. Boot into “init 1”, Single User Mode
During booting – on Bootloader window
1.1. Select the most recent kernel (using the “UP and “DOWN” arrows)
1.2. Press the "e" key to edit the commands for that kernel before booting
1.3. On next screen, choose the line mentioning "kernel /vmlinuz.........." and press "e" key again (also using the “UP and “DOWN” arrows)
1.4. On next screen, at the END of the line of "grub edit > kernel /vmlinuz..." hit space bar once to get a space before typing and type "init 1" without the (quotation marks) and then press "Enter" key.
1.5. Now coming back to previous screen and a line with "init 1" indicated at its end will appear. Press the "b" key to continue booting to “init 1” (text mode)

2.
sh-3.00# mount /dev/hda5 /mnt
Already mount
(This may not be true, please see steps 8. below)

3.
sh-3.00# mkdir /home2 && cp -ar /mnt/* /home2/

4.
sh-3.00# umount /dev/hda5
(no printout)

5.
Used fdisk to delete the partition (/dev/hda5) and to create 3 new partitions in the space left.

Remark:
d = delete a partition
m = print the menu
n = add a new partition
q = quit without saving change
w = write table to disk and exit

sh-3.00# fdisk /dev/hda
Command (m for help): (type) d
Partition number (1-5): (type) 5

Command (m for help): (type) n
First cylinder (2691-4865, default 2691): press [Enter]
Using default value 2691

Last cylinder of +size or +sizeM or +sizeK (2691-4865, default 4865): (type) +10000M and press [Enter]

Command (m for help): (type) n and press [Enter]
First cylinder (3908-4865, default 390: press [Enter]
Using default value 3908
Last cylinder of +size or +sizeM or +sizeK (3908-4865, default 4865): (type) +6000M and press [Enter]

Command (m for help): (type) n and press [Enter]
First cylinder (4638-4865, default 463: press [Enter]
Using default value 4638
Last cylinder of +size or +sizeM or +sizeK (4638-4865, default 4865): press [Enter]

Command (m for help): (type) w and press [Enter]

Partition table has been altered!
Calling ioctl() to read partition table
Warning: Re-reading the partition table failed with error 16: Device and resource busy
The kernel still uses the old table
The new table will be used at the next reboot
Syncing disk

6.
sh-3.00# (type) reboot and press [Enter]

FedoraCore3 rebooted automatically. Finally it came to warning screen suggesting to run “fsck” to fix problems.

Remark: Ignore it. Don't take any action. The trick is here. The PC is now already booted to “init 1”, the Single User Mode.

7.
Continue
# mkfs -t ext3 /dev/hda5
# mkfs -t ext3 /dev/hda6
# mkfs -t ext3 /dev/hda7
(all no printout)

8.
# cp -ar /home2/* /home/
Another trick happened here. It seemed copying all data back to /home but nothing actioned. The Hard Drive was working with the pilot light on.

9.
# mkdir /mnt/lfs
# mkdir /mnt/livecd

10.
Edited /etc/fstab
# nano /etc/fstab

Original /etc/fstab before editing;
 
Code:
# cat /etc/fstab
# This file is edited by fstab-sync - see 'man fstab-sync' for details
LABEL=/               /                                 ext3      defaults                 1 1
LABEL=/boot        /boot                          ext3      defaults                 1 2
none                     /dev/pts                      devpts  gid=5,mode=620   0 0
none                     /dev/shm                    tmpfs    defaults                 0 0
LABEL=/home      /home                        ext3      defaults                 1 2
none                      /proc                         proc      defaults                  0 0
none                      /sys                           sysfs     defaults                 0 0
/dev/hda3              swap                         swap     defaults                 0 0
/dev/hdd                /media/cdrom            auto    pamconsole,exec,noauto,fscontext=system_u:object_r:removable_t,managed 0 0
/dev/hdc                /media/cdrecorder    auto    pamconsole,exec,noauto,fscontext=system_u:object_r:removable_t,managed 0 0
/dev/fd0                /media/floppy            auto    pamconsole,exec,noauto,fscontext=system_u:object_r:removable_t,managed 0 0
Changed
 
Code:
LABEL=/home        /home                      ext3      defaults                1 2
to
 
Code:
/dev/hda5               /home                      ext3      defaults                1 2
Added:
 
Code:
/dev/hda6               /mnt/lfs                    ext3     defaults                 1 2
/dev/hda7               /mnt/livecd               ext3     defaults                1 2
/etc/fstab after editing;
 
Code:
# This file is edited by fstab-sync - see 'man fstab-sync' for details
LABEL=/               /                                 ext3      defaults                 1 1
LABEL=/boot        /boot                          ext3      defaults                 1 2
none                     /dev/pts                     devpts  gid=5,mode=620   0 0
none                     /dev/shm                   tmpfs    defaults                 0 0
/dev/hda5               /home                      ext3      defaults                 1 2
none                       /proc                        proc     defaults                  0 0
none                       /sys                          sysfs    defaults                 0 0
/dev/hda3               swap                        swap    defaults                 0 0
/dev/hda6               /mnt/lfs                     ext3     defaults                 1 2
/dev/hda7               /mnt/livecd               ext3     defaults                 1 2
/dev/hdd                 /media/cdrom           auto    pamconsole,exec,noauto,fscontext=system_u:object_r:removable_t,managed 0 0
/dev/hdc                /media/cdrecorder     auto    pamconsole,exec,noauto,fscontext=system_u:object_r:removable_t,managed 0 0
/dev/fd0                /media/floppy              auto    pamconsole,exec,noauto,fscontext=system_u:object_r:removable_t,managed 0 0
11.
# reboot
Rebooted PC again

PC rebooted without problem to Login screen. I was not allowed to login as user, saying /home/user/ not found. But I was allowed to login as Root.

12.
After login as Root I discovered /home being empty. Started Kconsole
# cp -ar /home2/* /home/

Logout and relogin. This time I was allowed to login as “user”


Remark:
1)Using /lfs and /mnt/lfs is only following the LFS instruction
2)Better using -v flag to replace -r flag
cp -av /home2/* /home/
to copy all data back
 
Posted by at No comments:

The complete guide to using Gmail with Thunderbird, Mozilla Mail, Evolution, and Kmai

The complete guide to using Gmail with Thunderbird, Mozilla Mail, Evolution, and Kmail

Here is how to set up a gmail account in Thunderbird, Mozilla mail, Evolution and Kmail. This tutorial is meant to help out anyone, especially a noob such as myself, so it's in for dummies language. I wrote this tutorial because of the lack of good resources on how to do this that I could find. By looking at this document you can get a clue on how to set up gmail in any other email program.

Regardless of the email program you want to use, POP must be enabled in gmail

To do this log onto your gmail account (eg: www.gmail.com) and select “settings” which is located in the top right corner. Then click on “forwarding and pop.” Enable the option “Enable POP for all mail (even mail that's already been downloaded).

Thunderbird and Mozilla Mail

Start Thunderbird or Mozilla Mail

Select “File,” “New,” Account

On the window that pops up select “email account,” and next

Then type in your name in the top box, and your email address in the bottom, and click next

On the next window select “POP” as the type of incoming server, then name the incoming server “pop.gmail.com,” it doesn't matter if “Use Global Inbox is enabled” is checked, it makes all of your email accounts report to the same inbox, check it or uncheck it as you wish, and finally click next.

After that make your user name is the same as your email address and click next

Then type in an account name (eg: inbox, gmail, home) this is what you click on to access this account and can be whatever you want, and click next

Click finish

Next click on “edit,” “Account Settings” in Thunderbird or “Mail and Newsgroup Account Settings” in Mozilla Mail, and from the menu of the new window select “server settings.” Make the port “995” and Check “Use secure connection (ssh)”

Your done! See bottom for notes regarding problems and errors.


Evolution

Start Evolution

Click on “Edit,” then “Preferences”

Click “Add”

Type in your name, email address, reply to address, (what email address you want people to write back to you with) and your organization, if any, and click forward.

Select your server type as “POP,” your host as “pop.gmail.com,” and make sure that your username is the same as your email address. Then under “Use Secure Connection” select always, and your “Authentication Type” as password, and finally click forward.

On the next page adjust settings as you like, they will not interfere with whether gmail will work with evolution or not. Then click forward.

Select server type as “smtp,” type in “smtp.gmail.com” as the host, and check that the “Host requires authentication” box is checked. Next, select, for “Use Secure Connection,” always. Finally, make sure that Authentication type is “Plain” and your user name should be the same as you email address. Click Forward.

On this page name your account whatever you want, it will not interfere with setup and click Forward.

Click apply.

Your done! See bottom for notes regarding problems.

Kmail

Start Kmail

Go to “Settings,” then “Configure Kmail”

Click on accounts
Click “Add”

Select POP3 on the window that pops up and OK

On this window type in whatever you want your account to be called under “Account Name.” Then type your login, which is your entire email address, and your password. Next for the host type in “pop.gmail.com,” and change the port to 950. Change the rest of the settings to your liking.

Then on the top tab, arrow over to “Extras” For encryption select “Use ssl for secure mail download,” and for Authentication Method, select “Clear Text.”

Your done! See below for notes regarding problems.



I'll be happy to help you with any problems you may have, but please, double check that you've followed the instructions, and make sure you post any error messages that you may have. If you know you have messages in your inbox, but they don't show up enable pop again in gmail. To get messages in my inbox that were there before I configured any of the email programs I covered here I had to repeat that step.

Also here a basic chart on the needs of gmail provided by google: http://gmail.google.com/support/bin/...7&ctx=en:match

 

Posted by at No comments:

How to Triboot a Computer

Have you ever wondered what it would be like to run three different operating systems on one computer? Well with a technique called tribooting its very possible. This guide will show you how you can turn your computer into a triboot (allows a computer to run three different operating systems).We will be using the GRUB boot loader to Triboot since it offers many methods and is the easiest to use. After the computer is setup to triboot it will be able to do a variety of activities. These include fixing a Windows Install and learning how to use Linux and BSD (Berkeley Software Distribution developed at Berkeley California and one of the decedents of Unix).

To start tribooting you will need an operating system already installed. In this case we will use Windows since its the most common operating system available. Next you will need two other operating systems to boot. In this case we will use two Linux distros since they are easy to triboot with.

Now that we have all the operating systems available we need to partition the hardrive. This is because the Windows installation takes up the whole hardrive. To get around this we use a program called a partitioner to divide the hard drive up. This guide will focus on the Ubuntu and GParted Live cd both of which contain GParted. You can get the latest Ubuntu Live cd from http://www.ubuntu.com/ or http://www.gparted.com for the latest GParted Live cd.

Encase you don't feel like using GParted there are other partitioners you can use. These include Disk Druid in Fedora Core, QTParted in SuSE, and Kdrak in Mandriva. There are also three partitioners Parted,fdisk and cfdisk which are in text mode and are recommended for advanced users. Before you resize a Windows partition there are some basic guidelines that should be followed. The first of which is that the Windows should be backed up. This is because in some cases resizing the hardrive can remove data. The diskdefrag tool should run so that the data is all in one spot. Then you should run chkdsk(A command in windows that checks the integrity of hardrives) and lastly its good to run a virus and spyware scan. Once this is complete you are ready to partition your hardrive so the computer can be ready to triboot.

The first step is to place the Ubuntu or GParted live cd into the computer and let it boot. If its not booting you will have to go into the BIOS. This can be done by pressing the Delete, F1, F2 or F10 key. The key that needs to be pressed depends on the number it displays when the computer boots up. While in the BIOS you will then find an option for the boot order(the order in which the drives boot) which should be setup in this order Floppy, Cdrom, Hardrive.

Once Ubuntu is up and running you must now unmount all drives. You must do this for all of the drives or else the computer can't be partitioned. Next you click on the program named GParted in the menu. This will startup GParted and will give you the drives you can resize. First we are going to resize the Windows NTFS partition. To do this you select the partition labeled NTFS and right-click on it, then select Resize. GParted will now ask you how much space you would like to give it. You can either view it in Megabytes or Gigabytes. After clicking OK you'll see an updated view of your partitions.

Next you will create an extended partition to fill the free space that you gave by resizing NTFS. To do this all you do is click on the free space and on the option to create a partition (it will be an icon somewhere near the upper left of the screen). Then choose the option to make it an extended partition, and move the slider at the top to choose the size you want. After you've done this you'll be able to click inside this partition and choose to create another partition.

This time make it a logical partition, and format it as ext3 (ext3 is one of the most common Linux partitions). Once you've finished this, repeat for the remainder of the partition, to create the second logical ext3 partition inside the extended partition. Its also best to create a swap partition(a swap partition as a partition in Linux that can be used as if it were RAM). The process to do this is basically the same as before just click on some empty space, choose the partition size and type and your set/

Note that nothing has actually changed yet; you must select File then Commit to apply the changes. You will then see a progress dialog that tells how much of the partitioning is complete. When it gets to 100% just click the ok button. To get out of GParted just select file in the title bar and quit.

Now that you have partitioned your drive triboot the last step is to install the other operating system in the two logical partitions inside the extended partition. During the installs the Linux distros will ask if you would like them to be added to the MBR(Master Boot Record) in GRUB. Just say yes to both of these and once the installs are complete you can now triboot your computer. If you would like a guide with graphics and pictures here are some websites that will help.


http://ca.geocities.com/zachandloric...windowsxp.html
http://www.mepis.org/olddocs/partiti...ur-hard-drive/
http://www.linuxiso.org/viewdoc.php/isofaq.html
Posted by at 1 comment:
Subscribe to: Posts (Atom)