Debian Package of the Day (static archived copy)

Hi there,

Once again, we urge you to help us keep this site up and running. Since February we only had three posts, far from the twice a week intended publishing rate (the one article per day idea was dropped long time ago). We desesperately need new articles to publish, remember that this site is made from the material our readers contribute, so it’s up to you to keep it running! We also need help editing articles, but that’s void if we don’t get articles to edit.

Now, we have a only couple of articles to publish, on Sunday you’ll be able to enjoy one and for now we’ll switch to a weekly rate. If things go better, we could go back to twice a week. If things don’t go better, it will be time to end the project.

Thanks for your attention, Tincho.

If you usually read Debaday, you must have noticed the recent lack of articles. We apologise for that, we’re lacking articles and editing manpower. We really need your help to keep the site running!

Article submitted by David Newgas. Guess what? We still need you to submit good articles about software you like!

I’ve always been interested in astronomy. But it was only after moving out of the city that I discovered merely by tilting my head up I could see some of the amazing things I had seen pictures of and learned about. Unfortunately, I knew very little about how to find interesting things in the sky.

This is where Stellarium comes in! Stellarium is a free/open source planetarium for your PC. It offers a splendid interface:

Many "Sky Cultures":

And beautiful graphics:

To install, just apt-get install stellarium. The user interface is easy — left-click and drag to move around, and mouse wheel to zoom in and out. Alternatively arrow keys can be used to move, and Ctrl-Up/Down to zoom. Usually Stellarium shows the stars rotating at the same speed as in reality (which is only obviously visible at high zoom). However, the controls in the bottom right corner allow time to be sped up or reversed. This is important for figuring out where objects will be in the sky.

Time shifting means that Stellarium can be used to simulate solar eclipses, comet passes and meteor showers (all of which have something which can be seen in the simulation).

The magnifying glass icon or Ctrl-F allows you to find objects. I recommend finding the especially beautiful Dumbbell Nebula, or the recently famous Comet McNaught (Hint, it is recognised as C/2006 P1).

Stellarium is beautiful to use to look at constellations. Turning on the first three toolbar options displays the constellations, their names and artwork of what they represent. In the language tab of the settings window (the spanner or "1" key) the “sky culture” can be changed, showing the constellations of the Chinese or Inuits, to name just two.

One fun thing to do is find a solar system object and press Ctrl-G. This takes you to a view from that planet, with positions and phase of other solar system objects calculated correctly.

After having a little play around with Stellarium, it#8217;s down to business. Find a little free time after dark, and before you go out, jump onto Stellarium. Set the time, date and place in the configuration window to when and where you will go out. Then find a few objects (maybe a dimmer planet like Saturn or Jupiter) with magnitude less than five (Magnitude is a negative logarithmic scale, lower numbers are brighter), and note down their positions relative to the cardinal points and nearby stars.
when you go out, try and find them! Many objects such as Orion’s Nebula or the planets can be seen with the naked eye. Charles Messier catalogued over 100 objects that can be made out with the naked eye. Try searching for M1 - M110 to find these. Binoculars or a small telescope make these more visible.

For those of you who feel like shelling out a bit of cash, Stellarium can be used to control telescopes, or even be projected onto a dome.

Have fun stargazing, both real and virtual!

If you usually read Debaday, you must have noticed the recent lack of articles. We apologise for that, we’re lacking articles and editing manpower. We really need your help to keep the site running!

Article submitted by Stevem. Guess what? We still need you to submit good articles about software you like!

On a recent vacation my laptop boot time (>4 min.) started getting on my nerves. I resolved to enjoy the vacation but fix things on my return. At home a few minutes with Google brought bootchart to my attention.

Boothchart won’t cure lengthy boot times but it will provide details about how the time is spent. Bootchart is actually two packages, bootchart, the profiler daemon to gather resource data from /proc during boot, and bootchart-view to create an image from the collected data.

bootchartd starts measuring as soon as /proc is mounted. From /proc it collects a sizeable amount of data about processes, including (in 2.6 kernels) disk utilization and throughput.

The documentation suggests to use BSD process accounting to exactly reconstruct the process tree. The CONFIG_BSD_PROCESS_ACCT_V3 feature is enabled in stock Debian kernels, so to use this, you just need to install the acct package.

I expected profiling the system boot would be complicated and I was prepared for some serious hacking to measure the process. In fact, it couldn’t be much easier.

The boot profiler is started as an option to the boot/loader kernel command line.

It works with LILO but Grub’s interactive boot makes it very simple:

1. Select your image entry from the boot menu
2. Type ‘e‘ to edit the entry
3. Append ‘init=/sbin/bootchartd‘ to the command line
4. Type ‘b‘ and you’ll be booting with bootchart profiling in effect

bootchartd starts itself and then launches /sbin/init. There’s no indication that logging is in effect, console output appears as usual. Once you login you’ll find all the boot data stored in a compressed tar, /var/log/bootchartd.tgz.

To view the data run bootchart-view. It defaults to creating a SVG image but EPS and PNG outputs are possible with the --format option.

Here’s an example of the output:

By default the chart renderer doesn’t display most child processes. If you think that level of detail will be helpful, bootchart-view has a --no-prune option. Be warned, it will create a fairly large image.

Conclusion: I still haven’t significantly decreased my boot time, many before me have tried and failed, but I discovered a clever, easy-to-use profiling tool to diagnose boot problems.

The bootchart-view package has been available .

The bootchart package has been available .

Article submitted by Claudio Criscione. Guess what? We still need you to submit good articles about software you like!

Rkhunter and chkrootkit are tools to check for signs of a rootkit. They will inspect the system they’re running on and report anomalies either through the shell or via email.

Although an attacker able to install a rootkit is likely also able to easily escape or delete these tools, not every attacker is a skilful one. Not every script kiddie knows about these tools or the way to cover its tracks. Since every single error can make the difference, on either sides, an effortless passive protection can do no harm and adds one more (maybe thin) layer of security.

Both rkhunter and chkrootkit, indeed, can be deployed quickly and require little management effort.

Installation

Thanks to apt-get, aptitude and their super cow powers, we can just go for a

$ sudo aptitude install chkrootkit rkhunter

Or go root if you’re not a sudoer. Once installed, both packages will add a cron entry and automatically execute every day.

What they do

Both chkrootkit and rkhunter use a signature-rule/filter based system: they can detect the presence of known rootkits —via files or similar indicators— and flag anomalous conditions, like interfaces entering promiscuos mode or hidden files. In fact, not unlike anti-virus programs, rkhunter and chkrootkit indeed need periodical updates.

The signature based approach is a quite simple one, something like a big grep and strings combo: it is strongly suggested to have an alternate copy of some binary (egrep and strings, just to name a couple) so that —at the very least— the aggressor has to patch them too. Obviously, mounting the disk via another machine is far more reliable, even if it won’t allow you to find modified rootkits.

Both softwares provide MD5 signature verification on known binaries, with sort of a white list approach, thus trying to ensure that none of the most important binaries were tampered with. Among others, checks performed include searching for hidden directories and scanning for promiscuous interfaces and suspicious file permissions.

So, what are the differences?

Rkhunter pros

The autoupdate feature is a very nice feature to have. You just have to run rkhunter –update and the software will update the rootkit definitions. You can control the autoupdate behaviour via the /etc/default/rkhunter file, using the CRON_DB_UPDATE parameter, which is enabled by default. This will upgrade the system binaries MD5 database and the good/bad/black list of applications and program versions.

Other features of note include the ability to use WebJob to run rkhunter in a centralized manner, thus simplyfying administration, and the colorful interactive mode you can run with rkhunter -c.

Chkrootkit pros

Chkrootkit provides a differential mode where it reports only what changed between the latest scan and the previous one. While this is a very nice feature to limit the impact of false postives, one single missed mail can make the difference, so choosing whether it should be enabled or not is an important decision.

If the whole “grep and look for signatures” stuff is not enough for you, you can root chkrootkit in expert mode, with

# chkrootkit -x

This will give you a greatly improved control on what’s going on and more verbose output, but make sure to redirect the output somehow.

Chkrootkit has a nice modular design, with subcomponents taking care of differenct aspects, like lastlog and wtmp deletions. Last but not least, chkrootkit can run without installation and from a read only media.

The big decision

Maybe now you’re wondering “which one should I use?”. My answer is simply “both of them”. There is no reason not to do that, so go for it. Chkrootkit has been available since, at least, Sarge and Dapper. Rkhunter, being newer, has been available since Etch.

The chkrootkit package has been available .

The rkhunter package has been available .

Article submitted by Kam Salisbury. Guess what? We still need you to submit good articles about software you like!

Dillo is a extremely stable, fast and light web browser. Based on GTK+, you can install Dillo from apt-get or snyaptic for just about any hardware platform and window manager supported by Debian or Ubuntu. Dillo is written entirely in C for speed and compatibility and is best for tasks where being fast and frugal on memory are the highest priorities. Perfect for large image archive displays!

Dillo does not support several web protocols which helps it run faster. For example, standards compliant HTML content will be rendered correctly but do not expect the CSS, DHTML or Javascript to work correctly or at all.

Nevertheless, the version found in Debian already includes some patches that improve Dillo giving it support for: different encodings, anti-aliased fonts, frames, tabs, SSL and miscellaneous improvements. See this page for details.

A recent addition to the package, bugmeter displays the amount of HTML errors of the web page being viewed.

The project is currently looking for new developers, if interested please review the contact information at dillo.org.

Dillo has been available in both Debian and Ubuntu for many years