kdesudo for your own scripts – a little beautification

Tuesday, 29. November 2016

#!/bin/bash
kdesudo --comment "Dieses Programm benötigt Administrator Rechte" -d -i /usr/share/icons/breeze/places/22/user-identity.svg $1

 

i place this script in /usr/bin  and name it mysudo

i can then run a program with “mysudo script.sh” and instead of the whole path and the script name in the title AND the description it will look like this:

mysudo

 

 

Kubuntu 16.04 LTS && KDE NEON

Friday, 29. April 2016

#kde #neon is not a fullblown distribution by now. It is based on a minimal installation of ubuntu 16.04 LTS and delivers nothing but a plain ubuntu base with an up2date plasmashell on it.  no applications and other usefull additions whatsoever!!

you will have to install everything by hand – starting with “konsole” and “gtk3-breeze-engines” or things like “kate” and other stuff.

Therefore it’s probably a good idea to just use plain #kubuntu and add the neon package archive.

this is how you do it:

get the key for the package archive..

wget -q -O - http://archive.neon.kde.org/public.key | sudo apt-key add -

 

add the following line to your /etc/apt/sources.list

deb http://archive.neon.kde.org/release xenial main

and update/upgrade your system

sudo apt update
sudo apt full-upgrade

 

or (instead of the last line)

sudo apt-get dist-upgrade -o dpkg::options::="--force-overwrite"

 

 

if you break something on your first upgrade attempt don’t worry..  just   “sudo apt-get -f install” or “sudo dpkg –configure -a ” and run the upgrade again

 

HowTo setup ProFTPd an Users

Thursday, 3. December 2015

Install proftpd

sudo apt-get install proftpd

Add this line in /etc/shells file (sudo nano /etc/shells)

bin/false

Create the folders an the user

sudo mkdir /home/www/userdir

sudo useradd userftp -p your_password -d /home/www/userdir -s /bin/false -G ftpusers

sudo passwd userftp /home/www/userdir

sudo chown userftp:ftpusers

Change your configuration according to your needs

cat /etc/proftpd/proftpd.conf

Include /etc/proftpd/modules.conf
UseIPv6 on
IdentLookups off
ServerName “students.europagymnasium.at”
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayChdir .message true
ListOptions “-l”
DenyFilter \*.*/
RequireValidShell off
TimeoutLogin 20
RootLogin off
UseFtpUsers off
AllowStoreRestart on

# Lock all the users in home directory, ***** really important *****
DefaultRoot ~
Port 21
<IfModule mod_dynmasq.c>
</IfModule>
MaxInstances 30
User proftpd
Group nogroup
Umask 022 022
MaxClients 40
MaxClientsPerHost 40
MaxClientsPerUser 40
MaxHostsPerUser 40

AllowOverwrite on

Enabling WoL in the NIC

Thursday, 3. December 2015

copied from the Ubuntu Wiki:

Determining whether the NIC supports WoL

First, determine which NIC will be used, and then check whether it supports the Magic Packet™ using

sudo ethtool <NIC>

where <NIC> is the device name of your NIC, e.g. eth0. This command will output some information about your the capabilities of your NIC. If this output contains a line similar to the following:

Supports Wake-on: <letters>

where <letters> contains the letter g, the NIC should support the WoL Magic Packet™ method (for the other letters look at man ethtool).

Enabling WoL in the NIC

To check whether WoL is enabled in the NIC, one could use

sudo ethtool <NIC>

and look for

Wake-on: <letters>

If <letters> contains g and not d, then Magic Packet™ is enabled. However, if <letters> does contain d, WoL needs to be enabled by running the following command:

sudo ethtool -s <NIC> wol g

On most systems, issuing this command is required after each boot. If the system’s networking is configured via ifupdown, then it is easy to add the line up ethtool -s <NIC> wol g below the interface’s configuration stanza in /etc/network/interfaces. For example:

shahar@shahar-backup:~$ cat /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface

auto lo
iface lo inet loopback
# The primary network interface

auto eth0
iface eth0 inet static
        address 10.0.0.1
        netmask 255.255.255.0
        gateway 10.0.0.138
        up ethtool -s eth0 wol g

This will ensure that WoL is enabled in the NIC on each boot. Fore more information see the interfaces manual.

Testing Wake-On-LAN

Test WoL by powering off the system and trying to send it the magic packet using:

Build Phaser dev branch (html5 game dev framework) with node and grunt on ubuntu

Sunday, 3. August 2014

sudo apt-get install git

this installs git on your pc

git clone -b dev https://github.com/photonstorm/phaser.git

do this to get the latest phaser source of the dev branch

sudo apt-get install npm

install node

sudo npm install -g grunt-cli

install grunt commandline interface

 npm install

in your phaser directory to pick up the node packages that phaser uses

sudo ln -s /usr/bin/nodejs /usr/bin/node

do this to compensate for a ubuntu naming error

 grunt

build phaser  and grab your new phaser js file(s) under ./dist/   🙂

 

glhf !

German spellchecking in KDE Plasma

Monday, 30. June 2014

if you have an english installation but work in europe/germany/austria you eventually may want to  use  a german spellchecker

systemsettings – locale – spellchecker  only lists the english  language

 

you need to install the aspell and maybe (for libre office) hunspell packages:

sudo apt-get install hunspell-de-de aspell-de

Installing Nginx with PHP on (k)ubuntu

Sunday, 15. June 2014

sudo apt-get install php5-common php5-cli php5-fpm

sudo apt-get install nginx

sudo service nginx start

Test that it’s working (should see “Welcome to nginx!”)

sudo service nginx stop

In your nginx site configuration (/etc/nginx/sites-available/default) scroll down to where it says “location ~ .php {” and uncomment lines so it looks like this:

location ~ \.php$ {
  fastcgi_split_path_info ^(.+\.php)(/.+)$
  fastcgi_pass unix:/var/run/php5-fpm.sock;
  fastcgi_index index.php;
  include fastcgi_params;
}

 

if you are using kubuntu 16.04 with php5 those lines should look like this:

 

location ~ \.php$ {  
        fastcgi_split_path_info ^(.+\.php)(/.+)$;   
        fastcgi_pass unix:/var/run/php5-fpm.sock; 
        include fastcgi_params;         
        include snippets/fastcgi-php.conf; 
}

 

and then:

sudo service php5-fpm restart
sudo service nginx restart

Your default web root is located at /usr/share/nginx/www (per the config file). (See root /usr/share/nginx/www;)

You could change it to root /home/user/webroot;

 

To enabel autoindex on nginx add:

autoindex on;

to your location section


linux user without password – just press enter to destroy everything ;-)

Saturday, 25. January 2014

i would definitely NOT RECOMMEND this but if you must do it..  here is a way to do it 

 

open a terminal…

sudo nano -B /etc/shadow

This will open the /etc/shadow file (the one that contains all the passwords) in a text editor called Nano.

Once you have it open, find the appropriate line for the account in question. It’ll look something like this:

guest:$1$2TUdk8Z0$tb2Fn6Idgo8dq9EgYv4xZ0:13721:0:99999:7:::

Change the second part (in bold here) to match this second part (also in bold):

guest:U6aMy0wojraho:13721:0:99999:7:::

Then save the file (Control-X, Y, Enter).

hide the cashew (kde plasma)

Thursday, 23. January 2014

hide the cashew 

i know that aaron seigo wouldn’t like this very much but if you are smart enough to NOT disable the rightclick on the desktop and NOT disable the run command interface while removing all the panels.. you could remove the cashew without ending up with an unconfigurable desktop..

how to remove the cashew? 

sudo chmod 600 /usr/lib/kde4/plasma_toolbox_desktoptoolbox.so

this will last until the next plasma update that touches this file.. (unless you make it immutable)
but it’s a oneliner.. just do it again after the update 🙂

KDE SC | Plasma KIOSK Framework – far from perfect but functional

Friday, 13. December 2013

Did you install a kde-centric distribution on your parents pc? do you want to set up an internet terminal in a public area or in your office and you are tired of being called because a toolbar or an important widget has suddenly disappeared ?

the solution seems easy..  lock down plasma-desktop !

there is one preferred way to do so..  the kiosk framework

http://techbase.kde.org/KDE_System_Administration/Kiosk/Keys

 

Create a file called  /etc/kde4/kdeglobals (or add your options to ~/.kde/share/config/kdeglobals) and write something like the following in it:  (there was a GUI for that in development but it seems dead by now)

[KDE Action Restrictions][$i]
action/lock_screen=false #hide rightclick unlock option
movable_toolbars=false #lock toolbars
run_command=false #disable krunner (alt-f2)
action/run_command=false #disable krunner (rightclick)
plasma-desktop/add_activities=false # not working right now
action/kwin_rmb=false # disable kwin context menu
action/logout=false # disable logout option
plasma/containment_actions=false
plasma/containment_context_menu=false
plasma/allow_configure_when_locked=false #no rightclick on plasmoids
plasma/plasma-desktop/unlockedDesktop=false #this is new

The [$i] will make the whole section immutable – that means it will not be overwritten by any user config-files read afterwards. (the given example will remove the lock-screen option, disable the run-command interface (krunner), lock application toolbars and (maybe in the future) disable the add activities feature, also the option to remove the logout entry and completely disable the context menu on kwin’s titlebar is working in 4.11  yay!!!)

 ____________________________________________________

Unfortunately some of the options in the kiosk documentation (especially the plasma specific ones) are not up2date therefore you will not be able to lock down plasma completely (at least not right now) but there is another solution to lock down plasma and make the “unlock widgets” entry disappear !

just write a single [$i] in the first line of  ~/.kde/share/config/plasma-desktop-appletsrc  -and- ~/.kde/share/config/plasma-desktoprc this will make the whole file immutable and hide the unlock widgets context menu entry.

Of course [$i] can be used to lock down specific widgets(sections) or just single options like height or width of the folder view widget for example.

Be aware that anybody who knows how to find those config files is still able to alter them e.g. remove the [$i]! 

In order to secure the desktop completely you’ll have to copy those files  to /etc/kde4  and go one step further…. disable rightclick on the plasma desktop containment: rightclick on the desktop – Mouse Actions – remove “Right-Button”

 ____________________________________________________

It is really hard to lock linux/plasma down..  there are still several ways to get control of the system when you know your way around keyboard shortcuts..  you could change to a new tty for example.. or just invoke any suitable keyboard shortcut. In my special case there is actually no need for a keyboard so i managed to lock down almost everything …  only the cashew with it’s “add activities” feature remains..  since there is no reliable way to remove the cashew and no way to remove the activities feature this leaves plenty of space to mess around with the desktop and make it unusable for the next user at the KIOSK PC.   (activities can be added but interestingly you can’t remove them afterwards in the locked state ^^)

 for now the only way i found to restrict everything was to remove the cashew completely by setting the rights of the cashew library to forbidden:

sudo chmod 600 /usr/lib/kde4/plasma_toolbox_desktoptoolbox.so 

 

So after all i got this totally locked down system where the only thing a user is allowed to do is to start one single task ( a unique one click live-linux-usb installer based on kubuntu 😉  http://life-edu.eu/

 

With a keyboard attached i’m able to administer the complete system thx to “krunner” (the only shortcut left alive) and with the two scripts i wrote, “desktop-lock” and “desktop-unlock”, im able to toggle the KIOSK mode in seconds ^^

make-life1

 

KIOSK.zip  (bash scripts – you should know what you are doing)