Linux Mint 17.1: Navit (Car Navigation) Installation

I have been using Navit for car navigation around six years now. It is a very useful piece of software if you are like me (don’t have a normal navigation system hehe..). I have been traveling around Europe using this program. My first Navit setup ran on Pentium 3 Laptop. It was a little bit slow, but it worked. My second Navit run on Intel i3 Laptop with Debian Squeeze. It worked very good. Now I use the same Laptop with Linux Mint 17.1. My hardware consists of a Laptop and a Navilock Bluetooth BT-413 GPS receiver. And here is my software installation:

1. Install Navit:

$ sudo apt-get install navit
$ sudo apt-get install maptool

2. Install gpsd:

$ sudo apt-get install gpsd

3. Configure Bluetooth Device.

3.1. Here is my “/etc/bluetooth/rfcomm.conf”:

#
# RFCOMM configuration file.
#

rfcomm0 {
    # Automatically bind the device at startup
    bind yes;

    # Bluetooth address of the device
    device 00:09:DD:10:37:7A;

    # RFCOMM channel for the connection
    channel    1;

    # Description of the connection
    comment "BT-GPS";
}

3.2. Here is my “/etc/rc.local”:

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

# BT GPS Maus mit rfcomm0 binden
/usr/bin/rfcomm bind 0

exit 0

4. Download map (maps.navit-project.org):

planetextractor5. Configure navit.xml. Change the Map filename in xml file with the one you have downloaded. Mine is “osm_bbox_-5.1,45.5,10.9,53.6.bin”.

<map type="binfile" enabled="yes" data="~/.navit/maps/osm_bbox_-5.1,45.5,10.9,53.6.bin"/>

6. I found out that voice produced by Mbrola sounds better than directly from Espeak. Here is how to install Mbrola:

$ sudo apt-get install mbrola
$ sudo apt-get install mbrola-de7

7. Set the speech in navit.xml. Here is my setting:

<speech type="cmdline" data="espeak -vmb-de7 -s130 -a150 '%s' &amp;"/>

8. Start Navit:

navit29. Happy driving!

Linux Mint LMDE Mate: Missing Menu Button

I have experienced disappearing Mate Menu Button. I could solve the problem using solution on this page.

1. Press Alt-F2. And you will get following window.

run2. Type in following command, click run and you will get a terminal console.

$ mate-terminal

3. Type in following command and press enter.

$ mate-panel --reset

That’s it. Enjoy!

Linux Mint LMDE: Manually Create 70-persistent-net.rules

I have installed Linux Mint LMDE on a PC with 2 LAN ports and a WLAN card. And I realized that there is no file “70-persistent-net.rules” in directory “/etc/udev/rules.d”. This file is important for keeping the same name of network adapters across boots. After googling for a while, I have found the solution on this page.

Basically what I have done was executing this command:

$ sudo udevadm trigger --action=add

Thats it!

LTSP Client: Install PXE-Boot on Harddisk

Here is an easy way to create an LTSP Client without LAN Boot ROM.

1. Start computer using Tiny Core Linux CD.

2. Install Firefox:

screenshot-20150310@223212cropped3. Start Firefox and go to “http://rom-o-matic.net/gpxe/gpxe-1.0.1/contrib/rom-o-matic/”
and download “USB Keychain disk image”.

screenshot-20150310@2238264. From command line type following command:

$ sudo dd if=gpxe-1.0.1-gpxe.usb of=/dev/sda

5. Connect LAN cable to LTSP Server and reboot computer.
6. That’s it. Enjoy!

Linux Mint LMDE Server Setup #5: Public file sharing

I use two types of directory/file sharing: Samba and Ftp server

1. Samba

1.1. Mount drive to share:

$ sudo mkdir /mnt/drive
$ sudo mount -t ext4 /dev/<drive> /mnt/drive

1.2. To make the drive automatically mounted on boot, put following text to the end of “/etc/fstab”:

/dev/<drive>	/mnt/drive	ext4	defaults	0	2

1.3. Create folder to share:

$ sudo mkdir /mnt/drive/share

1.4. Change folder permission:

$ sudo chmod 777 /mnt/drive/share

1.5. Edit “/etc/samba/smb.conf”.

1.5.1. In order to make .exe files executable on samba share, put following line in section “global”:

[global]
   acl allow execute always = True

1.5.2. Put following text to the end of smb.conf file:

[share]
   comment = Freigabe Ordner
   path = /mnt/drive/share
   browseable = yes
   read only = no
   guest ok = yes
   create mask = 0777
   directory mask = 0777

1.5.3. Here is my complete smb.conf:

#
# Sample configuration file for the Samba suite for Debian GNU/Linux.
#
#
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options most of which 
# are not shown in this example
#
# Some options that are often worth tuning have been included as
# commented-out examples in this file.
#  - When such options are commented with ";", the proposed setting
#    differs from the default Samba behaviour
#  - When commented with "#", the proposed setting is the default
#    behaviour of Samba but the option is considered important
#    enough to be mentioned here
#
# NOTE: Whenever you modify this file you should run the command
# "testparm" to check that you have not made any basic syntactic 
# errors. 
#======================= Global Settings =======================
[global]
# Enable file execution
acl allow execute always = True
## Browsing/Identification ###
# Change this to the workgroup/NT-domain name your Samba server will part of
#   workgroup = WORKGROUP
workgroup = ARBEITSGRUPPE
server string = MintServer
# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable its WINS Server
#   wins support = no
# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
;   wins server = w.x.y.z
# This will prevent nmbd to search for NetBIOS names through DNS.
dns proxy = no
#### Networking ####
# The specific set of interfaces / networks to bind to
# This can be either the interface name or an IP address/netmask;
# interface names are normally preferred
;   interfaces = 127.0.0.0/8 eth0
# Only bind to the named interfaces and/or networks; you must use the
# 'interfaces' option above to use this.
# It is recommended that you enable this feature if your Samba machine is
# not protected by a firewall or is a firewall itself.  However, this
# option cannot handle dynamic or non-broadcast interfaces correctly.
;   bind interfaces only = yes
#### Debugging/Accounting ####
# This tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/log.%m
# Cap the size of the individual log files (in KiB).
max log size = 1000
# If you want Samba to only log through syslog then set the following
# parameter to 'yes'.
#   syslog only = no
# We want Samba to log a minimum amount of information to syslog. Everything
# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log
# through syslog you should set the following parameter to something higher.
syslog = 0
# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d
####### Authentication #######
# Server role. Defines in which mode Samba will operate. Possible
# values are "standalone server", "member server", "classic primary
# domain controller", "classic backup domain controller", "active
# directory domain controller". 
#
# Most people will want "standalone sever" or "member server".
# Running as "active directory domain controller" will require first
# running "samba-tool domain provision" to wipe databases and create a
# new domain.
server role = standalone server
# If you are using encrypted passwords, Samba will need to know what
# password database type you are using.  
passdb backend = tdbsam
obey pam restrictions = yes
# This boolean parameter controls whether Samba attempts to sync the Unix
# password with the SMB password when the encrypted SMB password in the
# passdb is changed.
unix password sync = yes
# For Unix password sync to work on a Debian GNU/Linux system, the following
# parameters must be set (thanks to Ian Kahan <<kahan@informatik.tu-muenchen.de> for
# sending the correct chat script for the passwd program in Debian Sarge).
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
# This boolean controls whether PAM will be used for password changes
# when requested by an SMB client instead of the program listed in
# 'passwd program'. The default is 'no'.
pam password change = yes
# This option controls how unsuccessful authentication attempts are mapped
# to anonymous connections
map to guest = bad user
########## Domains ###########
#
# The following settings only takes effect if 'server role = primary
# classic domain controller', 'server role = backup domain controller'
# or 'domain logons' is set 
#
# It specifies the location of the user's
# profile directory from the client point of view) The following
# required a [profiles] share to be setup on the samba server (see
# below)
;   logon path = \\%N\profiles\%U
# Another common choice is storing the profile in the user's home directory
# (this is Samba's default)
#   logon path = \\%N\%U\profile
# The following setting only takes effect if 'domain logons' is set
# It specifies the location of a user's home directory (from the client
# point of view)
;   logon drive = H:
#   logon home = \\%N\%U
# The following setting only takes effect if 'domain logons' is set
# It specifies the script to run during logon. The script must be stored
# in the [netlogon] share
# NOTE: Must be store in 'DOS' file format convention
;   logon script = logon.cmd
# This allows Unix users to be created on the domain controller via the SAMR
# RPC pipe.  The example command creates a user account with a disabled Unix
# password; please adapt to your needs
; add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u
# This allows machine accounts to be created on the domain controller via the 
# SAMR RPC pipe.  
# The following assumes a "machines" group exists on the system
; add machine script  = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u
# This allows Unix groups to be created on the domain controller via the SAMR
# RPC pipe.  
; add group script = /usr/sbin/addgroup --force-badname %g
############ Misc ############
# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
;   include = /home/samba/etc/smb.conf.%m
# Some defaults for winbind (make sure you're not using the ranges
# for something else.)
;   idmap uid = 10000-20000
;   idmap gid = 10000-20000
;   template shell = /bin/bash
# Setup usershare options to enable non-root users to share folders
# with the net usershare command.
# Maximum number of usershare. 0 (default) means that usershare is disabled.
;   usershare max shares = 100
# Allow users who've been granted usershare privileges to create
# public shares, not just authenticated ones
usershare allow guests = yes
#======================= Share Definitions =======================
[homes]
comment = Home Directories
browseable = no
# By default, the home directories are exported read-only. Change the
# next parameter to 'no' if you want to be able to write to them.
read only = yes
# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
create mask = 0700
# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
directory mask = 0700
# By default, \\server\username shares can be connected to by anyone
# with access to the samba server.
# The following parameter makes sure that only "username" can connect
# to \\server\username
# This might need tweaking when using external authentication schemes
valid users = %S
# Un-comment the following and create the netlogon directory for Domain Logons
# (you need to configure Samba to act as a domain controller too.)
;[netlogon]
;   comment = Network Logon Service
;   path = /home/samba/netlogon
;   guest ok = yes
;   read only = yes
# Un-comment the following and create the profiles directory to store
# users profiles (see the "logon path" option above)
# (you need to configure Samba to act as a domain controller too.)
# The path below should be writable by all users so that their
# profile directory may be created the first time they log on
;[profiles]
;   comment = Users profiles
;   path = /home/samba/profiles
;   guest ok = no
;   browseable = no
;   create mask = 0600
;   directory mask = 0700
[printers]
comment = All Printers
browseable = no
path = /var/spool/samba
printable = yes
guest ok = no
read only = yes
create mask = 0700
# Windows clients look for this share name as a source of downloadable
# printer drivers
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
browseable = yes
read only = yes
guest ok = no
# Uncomment to allow remote administration of Windows print drivers.
# You may need to replace 'lpadmin' with the name of the group your
# admin users are members of.
# Please note that you also need to set appropriate Unix permissions
# to the drivers directory for these users to have write rights in it
;   write list = root, @lpadmin
[share]
comment = Freigabe Ordner
path = /mnt/drive/share
browseable = yes
read only = no
guest ok = yes
create mask = 0777
directory mask = 0777

1.6. Restart samba service:

$ sudo service samba restart

2. vsftpd

2.1. Install vsftpd:

$ sudo apt-get install vsftpd

2.2. Edit “/etc/vsftpd.conf”:

listen=NO
seccomp_sandbox=NO
anonymous_enable=YES
#allow_writeable_chroot=YES
anon_root=/mnt/drive
anon_umask=022
hide_ids=YES
local_enable=NO
write_enable=YES
chmod_enable=YES
dirlist_enable=YES
lock_upload_files=NO
virtual_use_local_privs=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
anon_world_readable_only=NO
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chown_uploads=YES
chown_username=ftp
guest_username=ftp
chown_upload_mode=0777
file_open_mode=0777
async_abor_enable=YES
ascii_upload_enable=YES
ascii_download_enable=YES
ftpd_banner=Welcome to Linux Mint FTP service.
ls_recurse_enable=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=YES
force_dot_files=YES
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=YES
ssl_sslv3=YES
ssl_ciphers=HIGH
require_ssl_reuse=NO

2.3. Create self-signed SSL Certificate:

$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem

2.4. Create file “/etc/xinetd.d/vsftpd” and put following text into that file:

service ftp
{
socket_type             = stream
wait                    = no
user                    = root
server                  = /usr/sbin/vsftpd
log_on_success  += HOST DURATION
log_on_failure  += HOST
disable                 = no
}

2.5. Restart xinetd:

$ sudo service xinetd restart

That’s it. Enjoy!

Linux Mint LMDE Server Setup #4: Guacamole Remote Desktop

Here is how I installed Guacamole on LMDE Server:

1. Install guacamole-tomcat and libguac-client-rdp0:

$ sudo apt-get install guacamole-tomcat libguac-client-rdp0

2. Modify “/etc/guacamole/user-mapping.xml”. Mine looks like this:

<user-mapping>
<authorize 
username="user"
password="5f4dcc3b5aa765d61d8327deb882cf99"
encoding="md5">
<connection name="Mint LMDE Server">
<protocol>vnc</protocol>
<param name="hostname">localhost</param>
<param name="port">5900</param>
</connection>
<connection name="Windows 7 Ultimate">
<protocol>rdp</protocol>
<param name="hostname">localhost</param>
<param name="port">3389</param>
</connection>
</authorize>
</user-mapping>

3. To get md5 hash from a password you can do like this:

 $ echo -n <your password> | md5sum

4. Install lightdm and lightdm-gtk-greeter and set it to be default window manager:

$ sudo apt-get install lightdm lightdm-gtk-greeter

5. Modify “/etc/lightdm/lightdm.conf”. Here is how mine looks like:

[LightDM]
start-default-seat=true
[XDMCPServer]
enabled=true
port=177
[SeatDefaults]
allow-guest=false
user-session=mate
session-wrapper=mate-session
greeter-session=lightdm-gtk-greeter
greeter-hide-users=true

6. Install vnc server:

$ sudo apt-get install vnc4server

7. Install xinet.d:

$ sudo apt-get install xinetd

8. Create file “/etc/xinetd.d/vnc” and put following text into that file:

service vnc
{
disable     = no
socket_type = stream
protocol    = tcp
wait        = no
user        = nobody
server      = /usr/bin/Xvnc4
server_args = -inetd -once -query localhost -geometry 1920x1080 -depth 24 -securitytypes=none
type        = UNLISTED
port        = 5900
}

9. Restart xinetd, tomcat6 and guacd:

$ sudo service xinetd restart
$ sudo service tomcat6 restart
$ sudo service guacd restart

10. Open a webbrowser and go to <server address>:8080/guacamole.

guacamole1guacamole2guacamole3guacamole4guacamole5

11. Enjoy!

Linux Mint LMDE Server Setup #3: Epoptes for LTSP

Here is how I installed Epoptes on my LMDE Server:

1. Install epoptes:

$ sudo apt-get install epoptes

2. Add user to group epoptes:

$ sudo gpasswd -a <username> epoptes

3. Install x11vnc in order to enable screen broadcast:

$ sudo apt-get install x11vnc

4. Install epoptes-client on ltsp client:

$ sudo chroot /opt/ltsp/i386
# apt-get install epoptes-client
# epoptes-client -c
# exit

5. Reboot computer, start ltsp-client and start epoptes:

epoptes1epoptes2epoptes3

6. Enjoy!

Linux Mint LMDE Server Setup #1: Install LTSP Server

Here is how I installed LTSP Server for 32 bit Clients on Linux Mint Debian Edition 64 bit MATE:

1. Install LTSP server:

$ sudo apt-get install ltsp-server-standalone

2. Set static IP address:

My computer has 3 network adapters (eth0, eth1 and wlan0). I want eth1 to be used by dhcp-server and the rest will be dynamically managed by network-manager.

2.1. Start text editor:

$ sudo nano /etc/network/interfaces

2.2. My “/etc/network/interfaces” looks like this:

# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d
auto eth1
iface eth1 inet static
address 192.168.67.1
netmask 255.255.255.0

3. Configure DHCP Server:

3.1. Edit file “/etc/ltsp/dhcpd.conf”:

#
# Default LTSP dhcpd.conf config file.
#
authoritative;
subnet 192.168.67.0 netmask 255.255.255.0 {
range 192.168.67.20 192.168.67.250;
option domain-name "homenet.local";
option domain-name-servers 192.168.67.1;
option broadcast-address 192.168.67.255;
option routers 192.168.67.1;
next-server 192.168.67.1;
# get-lease-hostnames true;
option subnet-mask 255.255.255.0;
option root-path "/opt/ltsp/i386";
if substring( option vendor-class-identifier, 0, 9 ) = "PXEClient" {
filename "/ltsp/i386/pxelinux.0";
} else {
filename "/ltsp/i386/nbi.img";
}
}

3.2. Append “/etc/ltsp/dhcpd.conf” at the end of file “/etc/dhcp/dhcpd.conf”:

$ su
# echo "include \"/etc/ltsp/dhcpd.conf\";" >> /etc/dhcp/dhcpd.conf

4. Build client:

$ sudo ltsp-build-client --dist wheezy --arch i386

5. Share LTSP root directory on NFS drive:

$ su
# echo "/opt/ltsp          *(ro,no_root_squash,async,no_subtree_check)" >> /etc/exports

6. Restart Computer.

7. Boot Thin Clients:

screenshot-20150222@184523

8. Enjoy!

vsftpd with SSL for anonymous user on Linux Mint 17.1

Here is how I install and configure vsftpd with SSL for anonymous user on Linux Mint 17.1

1. Install vsftpd

$ sudo apt-get install vsftpd

2. Edit file “/etc/vsftpd.conf”. Here is my configuration file:

listen=YES
anonymous_enable=YES
anon_root=/home/ftp
local_enable=YES
write_enable=YES
local_umask=022
anon_upload_enable=YES
anon_umask=022
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
chown_uploads=YES
chown_username=ftp
async_abor_enable=YES
ascii_upload_enable=YES
ftpd_banner=Welcome to Linux Mint Server FTP service.
chroot_local_user=NO
chroot_list_enable=NO
ls_recurse_enable=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=YES
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=YES
ssl_sslv3=YES
require_ssl_reuse=NO
ssl_ciphers=HIGH
force_dot_files=YES
hide_ids=YES
anon_world_readable_only=NO
file_open_mode=0755

3. Create ftp directory for anonymous. I also created 2 subdirectories, one directory only for anonymous download (files or folders in this directory cannot be modified or deleted) and the other one for anonymous upload (files and folders in this directory can be modified by anonymous user).

$ sudo mkdir /home/ftp
$ sudo mkdir /home/ftp/download
$ sudo mkdir /home/ftp/upload

4. Set folder permissions

$ sudo chown -R ftp:ftp /home/ftp
$ sudo chmod a-w /home/ftp
$ sudo chmod 555 /home/ftp/download
$ sudo chmod 777 /home/ftp/upload

5. Create SSL certificate

$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem

6. Start vsftpd. Test vsftpd by starting it manually.

$ sudo vsftpd

7. Restart the system.

8. Now we can test the new ftp server using Filezilla. Open Filezilla and put the server address in and leave the username and password blank. We should see something like this.

vsftpd_anonymous9. If we want to connect using existing username, we have to set an account for that server. To open this window click File->Server Manager. After put in username, password and account name click connect.

vsftpd_user10. That’s it!