WiFi Issues on Laptop Suspend | Ubuntu 16.04 Upgrade

Hello,

Many of you have faced issue of wifi connection when you suspend your laptop and resume on Ubuntu 16.04 LTS, specifically after upgrade from Ubuntu 14.04 LTS to Ubuntu 16.04 LTS, I have found this from Ubuntu Forums, Thought to share with you so that It will be helpful for you guys.

Wifi
Wifi

16.04 runs on systemd. Try the following:

sudo systemctl restart network-manager.service

If this works, you can create a script to automate it.

Open a terminal and type the following:

sudo nano /etc/systemd/system/wifi-resume.service

Now paste the script in there with a right click. Exit with CTRL + X and press Y to save. Now to activate it:

sudo systemctl enable wifi-resume.service

Script:

#/etc/systemd/system/wifi-resume.service 
#sudo systemctl enable wifi-resume.service 
[Unit] Description=Restart networkmanager at resume 
After=suspend.target After=hibernate.target 
After=hybrid-sleep.target 

[Service] Type=oneshot 
ExecStart=/bin/systemctl restart network-manager.service 

[Install] 
WantedBy=suspend.target 
WantedBy=hibernate.target 
WantedBy=hybrid-sleep.target

Reference Taken from : http://askubuntu.com/questions/761180/wifi-doesnt-work-after-suspend-after-16-04-upgrade

VirtualBox 5.x with SecureBoot on Fedora 24 | Ubuntu 16.04

Hello,

Today I have tried to Install Virtualbox 5.0.x on my Newly Installed Fedora 24. I expected it to run smoothly as expected but It failed in kernel module compilation with following error

(modprobe vboxdrv failed. Please use 'dmesg' to find out why)

Then After I tried to reload module again with command sudo modprobe vboxdrv and failed again with following error

modprobe: ERROR: could not insert 'vboxdrv': Required key not available

Second try hinted me that there is nothing wrong in VirtualBox but something related to “key”, So I tried to search for a solution and landed to Official VirtualBox ticket which confirmed the same https://www.virtualbox.org/ticket/11577

VirtualBox 5.0

Now I have tried find the way to Sign the key and received many links and started following Red Hat link to sign Module, Never thought it would be this much easy, Only Few steps and You are done.

Method 1:

  1. You will need root access or root equivalent access to follow this.
  2. First you will have to generate keys for the module with following command
     [root@tejasbarot ~]# openssl req -new -x509 -newkey rsa:2048 -keyout tejasbarot.keyout -outform DER -out tejasbarot.der -nodes -days 36500 -subj "/CN=TejasBarot/"

    Notes: CN=<Common-Name>, You can write your own name too, Cool ? 
    MOK stands for Module Owned Key

  3.  Now Time to Import module in MOKManager of UEFI with Following Command:
     [root@tejasbarot ~]# mokutil --import tejasbarot.der

    Note: It will prompt you password, Make sure you remember password you enter here, You will need to enter the same password at time importing module on reboot.

  4. Now Reboot / Restsart your Fedora 24 Box.
  5. It will display MOK Screen, Press any key within TEN SECONDS  else It will boot without MOK Module.
  6.  Select “Enroll MOK”

    Entroll MOK
  7. Click on “View Key 0″ to View Key Information, Click on “Continue” to proceed.2
  8. In Next Screen, Click on “Next” to Enroll Keys.3
  9. In next screen, It will ask you for a password which you have entered at time of importing MOK (In step 3)
    4
  10. Now Click on OK to reboot.5
  11. Now time to sign VirtualBox Modules with key generated in Step 2. Execute Following commands
    [root@tejasbarot ~]# /usr/src/kernels/$(uname -r)/scripts/sign-file sha256 ./tejasbarot.keyout ./tejasbarot.der $(modinfo -n vboxdrv)
    [root@tejasbarot ~]# /usr/src/kernels/$(uname -r)/scripts/sign-file sha256 ./tejasbarot.keyout ./tejasbarot.der $(modinfo -n vboxnetflt)
    [root@tejasbarot ~]# /usr/src/kernels/$(uname -r)/scripts/sign-file sha256 ./tejasbarot.keyout ./tejasbarot.der $(modinfo -n vboxnetadp)
    [root@tejasbarot ~]# /usr/src/kernels/$(uname -r)/scripts/sign-file sha256 ./tejasbarot.keyout ./tejasbarot.der $(modinfo -n vboxpci)

    NOTE:
    1. To make it work Properly, You will have to sign all modules of VirtualBox with generated
    keys.
    2. Everytime you run “/sbin/rcvboxdrv setup” after following step 3, Signed Modules will be removed and You will again  need to follow Step 11 and 12 , Only step 11 and 12 not from beginning. (This was not the case in Fedora 18 to 21)

  12. Restart vboxdrv service with following command
     [root@tejasbarot ~]# systemctl restart vboxdrv
     [root@tejasbarot ~]# systemctl status vboxdrv

    NOTE: If you find this line “Starting VirtualBox kernel modules [  OK  ]”, You are done, Start launching Virtual Machines.

REPEATING ONCE AGAIN, DO NOT EXECUTE “sudo /etc/init.d/vboxdrv setup” or “/sbin/rcvboxdrv setup” otherwise you will have to follow repeat Step No 11. and 12

Method 2:

DISABLE MOK Validation using following command

[root@tejasbarot ~]# mokutil --disable-validation

Method 3:

Switch to Legacy Mode from UEFI by Disabling SecureBoot from BIOS

References taken from : 
1. https://www.virtualbox.org/ticket/11577
2. https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sect-signing-kernel-modules-for-secure-boot.html
3. https://sourceware.org/systemtap/wiki/SecureBoot
4. http://gorka.eguileor.com/vbox-vmware-in-secureboot-linux/

Like and Share All Linux User’s Blog Facebook Page: https://www.FaceBook.com/AllLinuxUsersBlog

Change Time Zone from Command line | CentOS | RHEL | Ubuntu | Fedora

Hello,

As you all know, It is very easy to change Time Zone using Graphical Interface but this article will help you change TimeZone Using command line.

Time Zone

I have tested these steps on CentOS / RHEL and Ubuntu, Please comment down below if doesn’t work for you.

Please follow these steps as root or with root equivalent sudo rights:

  • Check Time Zone using following command
    [root@tejas-barot-linux-ahmedabad ~]# date
  • First Remove symbolic link of current time zone
     [root@tejas-barot-linux-ahmedabad ~]# rm /etc/localtime
     
  • Let’s Change the Time Zone from Command line
    [root@tejas-barot-linux-ahmedabad ~]# ln -sf /usr/share/zoneinfo/Asia/Kolkata /etc/localtime
     

Note : You can find your time zone under /usr/share/zoneinfo/

Disable rate-limiting in rsyslog v5 | Linux | RHEL | CentOS | Ubuntu

Hello,

First of all extremely sorry for not being active as I was busy with some work, Now back to the blogging.

This article will show you how to disable rsyslog rate-limiting, But You can also use rate-limiting according to your requirement.

How to use rate limiting in rsyslog?

This article is tested with rsyslog 5.7.1 on Fedora 13. It will not work with version of rsyslog prior to 5.7.1.

In rsyslog 5.7.1 we introduced rate limiting. This is a option for the Unix Socket Input module called imuxsock. In short, this option limits the amount of messages written into logfiles by a process, if the process tries to write huge amounts of messages in a short period of time.

To Read more Visit : http://www.rsyslog.com/tag/rate-limiting/

Rsyslog
Rsyslog

If you are receiving error messages like below in /var/log/messages

imuxsock begins to drop messages from pid 5923 due to rate-limiting 

Please following below method to stop / disable rate-limiting in rsyslog in version 5.

Note: rsyslog version 7 has this disabled by default but rsyslog version 5 has this enabled.

To disable it, add following parameters to your /etc/rsyslog.conf , You need to add with root user or root equivalent user.

$SystemLogRateLimitInterval 0
$SystemLogRateLimitBurst 0

Execute following command to restart rsyslog services

service rsyslog restart

Linux: The GHOST Vulnerability | RHEL | CentOS

The GHOST vulnerability is a serious weakness in the Linux glibc library. It allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials. CVE-2015-0235 has been assigned to this issue.

 

Qualys security researchers discovered this bug and worked closely with Linux distribution vendors. And as a result of that we are releasing this advisory today as a co-ordinated effort, and patches for all distribution are available January 27, 2015.

 

What is glibc?

The GNU C Library or glibc is an implementation of the standard C library and a core part of the Linux operating system. Without this library a Linux system will not function.

 

What is the vulnerability?

During a code audit Qualys researchers discovered a buffer overflow in the __nss_hostname_digits_dots() function of glibc. This bug can be triggered both locally and remotely via all the gethostbyname*() functions. Applications have access to the DNS resolver primarily through the gethostbyname*() set of functions. These functions convert a hostname into an IP address.

 

Ghost Vulnerability
Ghost Vulnerability

 

 

What is the risk?

There is a remote code execution risk due to this vulnerability. An attacker who exploits this issue can gain complete control of the compromised system.

 

Is the risk real?

During our testing, we developed a proof-of-concept in which we send a specially created e-mail to a mail server and can get a remote shell to the Linux machine. This bypasses all existing protections (like ASLR, PIE and NX) on both 32-bit and 64-bit systems.

 

What can be done to mitigate the risk?

The best way to mitigate the risk is to apply a patch from your Linux vendor. Qualys has worked closely with Linux distribution vendors and patches are available as of today January 27, 2015.

 

Why is it called the GHOST vulnerability?

It is called as the GHOST vulnerability as it can be triggered by the GetHOST functions.

 

Is this a design flaw?

No. This is an implementation problem in the affected versions of the software.

 

What versions and operating systems are affected?

The first vulnerable version of the GNU C Library affected by this is glibc-2.2, released on November 10, 2000. We identified a number of factors that mitigate the impact of this bug. In particular, we discovered that it was fixed on May 21, 2013 (between the releases of glibc-2.17 and glibc-2.18). Unfortunately, it was not recognized as a security threat; as a result, most stable and long-term-support distributions were left exposed including Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7, Ubuntu 12.04, for example.

 

Where can I download the exploit?

We want to give everyone enough time to patch. According to our data once the vulnerability has reached its half-life we will release the exploit. Half-life is the time interval measuring a reduction of a vulnerability’s occurrence by half. Over time, this metric shows how successful efforts have been to eradicate vulnerability. A shorter half-life indicates faster remediation. Half-life was originally coined by Qualys in the Laws of Vulnerability.

 

Qualys customers can detect GHOST by scanning with the Qualys Vulnerability Management (VM) cloud solution as QID 123191. This means that Qualys customers can get reports detailing their enterprise-wide exposure during their next scanning cycle, which allows them to get visibility into the impact within their organization and efficiently track the remediation progress of this serious vulnerability.

 

References:

Qualys Advisory: https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt

RedHat: https://rhn.redhat.com/errata/RHSA-2015-0090.html

Ubuntu: https://launchpad.net/ubuntu/+source/eglibc

Debian: https://security-tracker.debian.org/tracker/CVE-2015-0235

Oracle Enterprise Linux: https://oss.oracle.com/pipermail/el-errata/2015-January/004810.html

CentOS: http://lists.centos.org/pipermail/centos-announce/2015-January/020906.html

OpenSUSE: http://lists.opensuse.org/opensuse-updates/2015-01/msg00085.html

GNU C Library: http://www.gnu.org/software/libc/

Mitre: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235

Link to Original Article : https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability

Hope this will be helpful to you all.

If you like this then Please Click Google +1 Button and Show Your Support. Your Support will encourage me to write more articles.

Please Keep in Touch with Social Networking :- 

Facebook Page :- https://www.facebook.com/AllLinuxUsersBlog

SAR GUI: Export sar / sysstat reports as PDF using kSar

Hello,

If you are Linux Administrator you must know what SAR is, sar is a very useful utility for Linux Administrators to get the report of CPU Usage and You can monitor I/O, CPU Usage, Idle system state using sar utility. This article will help you to read / export sar reports in Graphical mode.

In this HowTo, I will show you how you can export sar reports as PDF / JPG / PNG using kSar tool.

ksar - PDF
ksar – PDF

In RHEL / CentOS you will find sar reports under /var/log/sa

In Ubuntu / Debian based Linux you will find sar reports under /var/log/sysstat

Perform following steps to export sar report:

1. Make Sure Java is installed on your system to open kSar Utility.

2. Download kSar Utility from below URL

http://sourceforge.net/projects/ksar/

3. Extract / Unzip Downloaded ksar-x-x-x.zip file

root@tejas-barot-linux-ahmedabad:~/Downloads# unzip kSar-5.0.6.zip

4. Give Executable permission to kSar.jar

root@tejas-barot-linux-ahmedabad:~/Downloads/kSar-5.0.6# chmod +x kSar.jar

5. Execute below command to open java file (kSar.jar):

root@tejas-barot-linux-ahmedabad:~/Downloads/kSar-5.0.6# java -jar kSar.jar

6. Now Click on Data -> Load from Text file…

7. Provide Path of sar reports path:

For RHEL: /var/log/sa/sarXX
For Debian/Ubuntu: /var/log/sysstat/sarXX

8. Select “Export to PDF / JPG / PNG” from Data  To Export sar report as PDF / JPG / PNG

Enjoy Sysstat Monitoring 🙂 Enjoy GUI Reports 🙂 Enjoy Linux 🙂 Enjoy Open Source 🙂

This is how you can export sar reports in Graphical format.

If you like this then Please Click Google +1 Button and Show Your Support. Your Support will encourage me to write more articles.

Please Keep in Touch with Social Networking :-

Facebook Page :- https://www.facebook.com/AllLinuxUsersBlog

Linux: Install Samsung SCX-4650 Printer / Scanner | Ubuntu 14.04 LTS

Hello,

Today I am sharing steps to Install and Configure Samsung SCX-4650 Printer / Scanner on Linux (Ubuntu 14.04 LTS), This method is very simple and easy to Install on Ubuntu Linux, You just need to download drivers and Install using scripts.

Samsung SCX-4650
Samsung SCX-4650

Perform following steps to Install Samsung SCX-4650 on Ubuntu 14.04 LTS

1. You need ‘root’ equivalent user rights to Install and Configure Printer scanner.

2. Make sure Internet is running directly so It will install Drivers if required.

3. Download Samsung Drivers from Linkhttp://goo.gl/ymWtZ3

4. Extract Downloaded file :

root@tejas-barot-linux:~# tar zxvf ULD_v1.00.29.tar.gz

5. Now Let’s Install Printer :

root@tejas-barot-linux:~# cd uld
root@tejas-barot-linux:~/uld# chmod +x install-printer.sh
root@tejas-barot-linux:~/uld# ./install-printer.sh

6. Now Let’s Install Scanner :

root@tejas-barot-linux:~# cd uld
root@tejas-barot-linux:~/uld# chmod +x install-scanner.sh
root@tejas-barot-linux:~/uld# ./install-scanner.sh

7. That’s It. Driver / Packages for Samsung SCX-4650 Printer and Scanner both are installed and ready to use.

Enjoy Printing on Linux 🙂 Enjoy Linux 🙂 Enjoy Open Source 🙂

If you like this then Please Click Google +1 Button and Show Your Support. Your Support will encourage me to write more articles.

Please Keep in Touch with Social Networking :- 
Facebook Page :- https://www.facebook.com/AllLinuxUsersBlog