Advanced Linux configuration. Tricks with window managers.

You may want to do this if: KDE/GNOME is too unstable for you, you are short on RAM (memory), want something faster, less bloated, prettier, you are tired of a unified look, or just plain curious( I use blackbox on my laptop because it just doesn't have the power for KDE or Gnome). For an overview of available managers go to http://www.plig.org/xwinman/ Before you decide which window manager you will use by default, you will want to have the ability to decide on startup where you want to go today. There are a couple of programs available for this task that are reported to work. guichooser and wmchoose ( http://linux.umbc.edu/software/wmchoose/wmchoose.html ), and for those of you running RedHat or systems based on it, you can run 'switchdesk' to switch between KDE, GNOME, and AFTERSTEP.

If the above information does not help you you can use the following script I found online. You may or may not have a file called .xinitrc ( notice the period this is a hidden file ) Create one using your favorite text editor and place the following inside

#!/bin/bash
#
# .xsession/.xinitrc
#
# choose a window manager
#

defaultwm=kde
#set the window manager to $1 if it was supplied
windowmgr=${1:-$defaultwm}
#start the respective window managers
case ${windowmgr} in
kde|kwm|kdestart)
WINDOWMANAGER=startkde
;;
fvwm|fvwm2)
WINDOWMANAGER=fvwm2
;;
fvwm95)
WINDOWMANAGER=fvwm95
;;
gnome)
WINDOWMANAGER=gnome-session
;;

*) WINDOWMANAGER=windowmgr # default for unknown wm's
esac
#
# load resources
#
if [ -f /usr/X11R6/lib/X11/Xmodmap ]; then
xmodmap /usr/X11R6/lib/X11/Xmodmap
fi
if [ -f ~/.Xmodmap ]; then
xmodmap ~/.Xmodmap
fi
if [ -f ~/.Xdefaults ]; then
xrdb -merge ~/.Xdefaults
fi

if [ -f ~/.Xresources ]; then
xrdb -merge ~/.Xresources
fi
#
# finally start the window manager
#
exec $WINDOWMANAGER

You will need to have the window managers installed and you can also add lines to start other window managers.
I have tested this script and it does work. If you don't have the listed window managers then startx just throws you back to a command prompt.
To start X with the window manager of your choice you just type startx gnome or startx kde or well you get the idea.

Note: You only need to do this if you need new features, you want to learn something, or you just want to show off :0)

Getting a kernel update wrong is a popular way of breaking a Linux system (been there, done that...).
Make sure you have a working bootdisk. Most distros allow the creation of one during the install. (If you don't have one make one with 'mkbootdisk kernel#'(man mkbootdisk for more info). Another good option is to get a mini distribution like tomsrtbt ( http://www.toms.net/rb/ ). This is a generic boot/root disk with a ton of useful utilities.
Basically the best way to upgrade is to patch the source for your current version. You will need to know your current kernel version( look it up in /boot or type 'uname -r'). Get the patch(es) from http://www.linuxhq.com/ . You will need all the patches up to the kernel number you want to upgrade to (to upgrade from 2.2.7 to 2.2.9 you will need patch-2.2.8 as well as patch-2.2.9).
If you want to upgrade to a development kernel or from one major number to another. You will need to get the original kernel source package, and usually you will have to update other packages as well. Unpack the patch(es) and move them to /usr/src. 'cd' to /usr/src and type 'patch -t -p0 <patch-2.2.x ( x being the number of the patch). If you are patching the original source you might want to omit the -t option. Repeat if you are applying more than one patch.
Type 'cd linux'. Type 'make xconfig' (or make menuconfig if you are not in X) and choose your poison. Next type 'make dep', then 'make clean', 'make bzImage'(some people combine these into one command I prefer to do it one at a time). If you are compiling the original source type 'export PATH=$PATH:/usr/src/linux/include' first.
Next if you chose to make any options modular you will need to do a 'make modules' and a 'make modules_install' When complete do a 'make install' to install the kernel, system map, and run lilo. If you are compiling from a patched kernel source, you will note that the new modules directory still carries the old version number. To avoid confusion, change the name of the modules directory by typing 'mv old_version_number new_version_number' this makes sure the right modules load at boot time. Take a deep breath, cross your fingers and reboot. If your new kernel boots relax and make a new boot disk. In case it doesn't work go back and try again, or ask in your favorite newsgroup.

1. Don't work as root. root is allowed to do everything which also means 'everything wrong'. If you are expected to do root tasks, use thought and caution. Don't consider having restricted rights as a nuisance, but as a protection.
Tips:
If you just want to issue one command that requires root privileges, type 'su -c [command]'. The shell will execute this command and get you automatically back to your user account. 'su -' instead of 'su' will simulate a real login which is especially useful for issuing commands that reside in /sbin or /usr/sbin, because these are only part of the root environment. Programs like ' sudo ' or 'super ' let you run specified commands as if you were root. Be sure to read and understand their documentation.

2. Protect the root account with a good password. An intruder getting access to the root account is a worst-case scenario. Tip: Don't use a plain word from a dictionary. Instead think of a sentence and use the words' initials. Better: mix some numbers in. Best: use a good password-generating program.

3. Turn inetd off (e.g. via 'linuxconf'-services ( some of the distros now use a file called xineted, it is almost identical it does have somewhat better security)). You only need inetd if you want to provide services like ftp to other clients. With Mandrake's/RedHat's default settings running inetd on a connected box is like wearing a bunny dress during hunting season. If you decide to run it anyway (e.g. for a local news server like leafnode) take a look at /etc/inetd.conf, /etc/hosts.allow and /etc/hosts.deny and choose reasonable settings (the defaults are crap) + install tpcd (it's in the tcp_wrappers.rpm).
You can find out more about Linuxconf and how to use it at http://www.solucorp.qc.ca/linuxconf/

4. Stay informed about security issues. Read at least the weekly security section of Linux Weekly News ( http://www.lwn.net/ ). See if the listed exploits pose a threat to you and get the updates.

6. Get ssh or openssh if you are doing things like telnet.
Recommended reading: Linux Security HOWTO, man inetd, man hosts.allow, man hosts.deny

7. Download a copy of Securing & Optimizing Linux: The Ultimate Solution v2.0 from OpenNA It's probally the best thing out there for hardening your system.

Use 'top', 'xtop' or 'ktop'. They will show all processes and the strain they put on your system. They will also allow you to kill misbehaving processes.

Rename commands: If you recently switched from DOS this error may occur annoyingly often: you want to list a directory typing 'dir', which the shell will refuse. Now that's where aliases come in. aliases are defined either in /etc/bashrc (system wide) or in ~/.bashrc (per user settings). Type 'alias dir=ls' save and after the next login, typing 'dir' will execute 'ls' (of course 'ls' itself will remain functioning) and list the directory.
Tips: Two aliases I found especially useful are ls="ls -F" (use quotes if one argument has spaces or special signs!) Now 'ls' will discriminate by itself files, links and sub directories. cdu="cd .." Now 'cdu' will take me up one directory instead of having to type 'cd ..' which is awkward and prone to typos. You may also define shortcuts to directories: cds="cd /usr/src/linux" Use your imagination!
Recommend reading: man bash (chapter aliases)
Changing path settings: You have just installed this nice app and want to start it and the shell just keeps telling you: 'command not found'. And now you enter the whole path and finally the program comes up but dies after a few seconds? What the hell? Sounds like the executable of your program is installed in a directory that is not part of your $PATH. To find out, just type $PATH so the installation directory isn't there, what now? Since this is Linux you have the choice: either you link the executable to a directory which is in $PATH or you include the directory in your $PATH. The first method is advisable if the executable resides in a directory which will most likely will not have other executables in it (like /usr/local/lib/garblefarble/). You then type ln -s /usr/local/lib/garblefarble/executeme /usr/bin/executeme). Now 'ls /usr/bin' will reveal an entry for executeme and you may start the program from the prompt. The second method is to be preferred for directories in which more installation programs will but executables in (like /usr/local/bin or /usr/games which are by default not part of $PATH). Edit /etc/profile (system-wide settings) or ~/.bash_profile (user specific settings) and add this line 'export PATH=$PATH:[directory to be added]' On next login this directory will be part of your $PATH. If you want that directory to be added right now, type the same line again at a shell prompt.
Recommended reading: Path (mini-) HOWTO Changing the shell prompt:
The default Mandrake/RedHat prompt is pretty dumb. It tells you in which directory you are, but not where that directory is. Well, it's Linux, let's change that. You have to edit two files: /etc/profile, /etc/bashrc Put in both the same string. My current string is: PS1="\u:\w \\$ " which gives me: tekmate:/usr/src $ or root:/usr/src # You may add characters for current time (\t), date (\d), hostname (\h) asf.
See man bash (Chapter Prompting) for more.
If you want a really cool prompt without much hassle, you should get the bashprompt package from http://bash.current.nu/.
Recommended reading: Bash Prompt HOWTO

Mandrake's/RedHat's default setting is having all daemons enabled which is certainly some kind of overkill and may even introduce nasty problems (see security section). The easiest way to disable them continuously is by using 'linuxconf' ('administration/control panel/services). Most likely to be superfluous are: firewall: handles firewalls :-). If you have not set one up, or your box doesn't connect through one to the Internet, you don't need it. gpm: handles mouse on console. If you only work within X or don't use the mouse on the console, you don't need it. Some X programs may even have problems when gpm is enabled (e.g. Netscape Navigator). You will still be able to use the mouse in a xterm. inet: handles dial-in services. If you only use dial-out (e.g. for connecting to the internet), disable it. There are severe security issues with that daemon (read the security section for more). nfsfs: handles the network file system of Novell Netware. If your box is not part of a Novell network, you can turn it off. pcmcia: only useful with notebooks. sendmail: handles sendmail. If you use a mail program that can do SMTP (send mails) on its own (like kmail or Netscape mail), you don't need it. ypbind: handles NIS (Network Information Service) domains. Most likely you are not part of such a domain, so you can disable it.