Linux Blimp

One of the serious needs of a Linux system is to be kept up to date regularly with the latest security patches or updates available for the corresponding distribution.

In a previous article, we’ve explained how to configure automatic security update in Debian/Ubuntu, in this article we will explain how to set up your CentOS/RHEL 7/6 distribution to auto update essential security packages when needed.

Other Linux distributions in the same families (Fedora or Scientific Linux) can be configured similarly.

Configure Automatic Security Updates on CentOS/RHEL Systems

On CentOS/RHEL 7/6, you will need to install the following package:

# yum update -y && yum install yum-cron -y

Enable Automatic Security Updates on CentOS/RHEL 7

Once the installation is complete, open /etc/yum/yum-cron.conf and locate these lines – you will have to make sure that the values matches those listed here:

update_cmd = security
update_messages = yes
download_updates = yes
apply_updates = yes

The first line indicates that the unattended update command will be:

# yum --security upgrade

whereas the other lines enable notifications and automatic download and installation of security upgrades.

The following lines are also required to indicate that notifications will be sent via email from root@localhost to the same account (again, you may choose another one if you want).

emit_via = email
email_from = root@localhost
email_to = root

Enable Automatic Security Updates on CentOS/RHEL 6

By default, the cron is configured to download and install all updates immediately, but we can change this behavior in /etc/sysconfig/yum-cron configuration file by modifying these two parameters to yes.

# Don't install, just check (valid: yes|no)
CHECK_ONLY=yes

# Don't install, just check and download (valid: yes|no)
# Implies CHECK_ONLY=yes (gotta check first to see what to download)
DOWNLOAD_ONLY=yes

To enable email notification that about the security package updates, set the MAILTO parameter to a valid mail address.

# by default MAILTO is unset, so crond mails the output by itself
# example:  MAILTO=root
MAILTO=admin@tecmint.com

Finally, start and enable the yum-cron service:

------------- On CentOS/RHEL 7 ------------- 
systemctl start yum-cron
systemctl enable yum-cron

------------- On CentOS/RHEL 6 -------------  
# service yum-cron start
# chkconfig --level 35 yum-cron on

Congrats! You have successfully set up unattended upgrades on CentOS/RHEL 7/6.

Summary

In this article we have discussed how to keep your server updated regularly with the latest security patches or updates. Additionally, you learned how to configure email notifications in order to keep yourself updated when new patches are applied.

If you have any concerns about this article? Feel free to drop us a note using the comment form below. We look forward to hearing from you.

Source

Lightweight Directory Access Protocol (LDAP in short) is an industry standard, lightweight, widely used set of protocols for accessing directory services. A directory service is a shared information infrastructure for accessing, managing, organizing, and updating everyday items and network resources, such as users, groups, devices, emails addresses, telephone numbers, volumes and many other objects.

The LDAP information model is based on entries. An entry in a LDAP directory represents a single unit or information and is uniquely identified by what is called a Distinguished Name (DN). Each of the entry’s attributes has a type and one or more values.

An attribute is a piece of information associated with an entry. The types are typically mnemonic strings, such as “cn” for common name, or “mail” for email address. Each attribute is assigned one or more values consisting in a space-separated list.

The following is an illustration of how information is arranged in the LDAP directory.

Step 1: Installing LDAP Server

1. First start by installing OpenLDAP, an open source implementation of LDAP and some traditional LDAP management utilities using the following commands.

# yum install openldap openldap-servers	    #CentOS 7
$ sudo apt install slapd ldap-utils	    #Ubuntu 16.04/18.04

On Ubuntu, during the package installation, you will be prompted to enter the password for the admin entry in your LDAP directory, set a secure password and confirm it.

When the installation is complete, you can start the service as explained next.

2. On CentOS 7, run the following commands to start the openldap server daemon, enable it to auto-start at boot time and check if its up and running (on Ubuntu the service should be auto-started under systemd, you can simply check its status):

$ sudo systemctl start slapd
$ sudo systemctl enable slapd
$ sudo systemctl status slapd

3. Next, allow requests to the LDAP server daemon through the firewall as shown.

# firewall-cmd --add-service=ldap    #CentOS 7
$ sudo ufw allow ldap                #Ubuntu 16.04/18.04

Step 2: Configuring LDAP Server

Note: It is not recommended to manually edit the LDAP configuration, you need to add the configurations in a file and use the ldapadd or ldapmodify command to load them to the LDAP directory as shown below.

4. Now create a OpenLDAP administrative user and assign a password for that user. In the below command, a hashed value is created for the given password, take note of it, you will use it in the LDAP configuration file.

$ slappasswd

5. Then create an LDIF file (ldaprootpasswd.ldif) which is used to add an entry to the LDAP directory.

$ sudo vim ldaprootpasswd.ldif

Add the following contents in it:

dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}PASSWORD_CREATED

explaining the attribute-value pairs above:

• olcDatabase: indicates a specific database instance name and can be typically found inside /etc/openldap/slapd.d/cn=config.
• cn=config: indicates global config options.
• PASSWORD: is the hashed string obtained while creating the administrative user.

6. Next, add the corresponding LDAP entry by specifying the URI referring to the ldap server and the file above.

$ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f ldaprootpasswd.ldif  

Step 3: Configuring LDAP Database

7. Now copy the sample database configuration file for slapd into the /var/lib/ldap directory, and set the correct permissions on the file.

$ sudo cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
$ sudo chown -R ldap:ldap /var/lib/ldap/DB_CONFIG
$ sudo systemctl restart slapd

8. Next, import some basic LDAP schemas from the /etc/openldap/schema directory as follows.

$ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif 
$ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif
$ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif

9. Now add your domain in the LDAP database and create a file called ldapdomain.ldif for your domain.

$ sudo vim ldapdomain.ldif 

Add the following content in it (replace example with your domain and PASSWORD with the hashed value obtained before):

dn: olcDatabase={1}monitor,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth"
  read by dn.base="cn=Manager,dc=example,dc=com" read by * none

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=example,dc=com

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=Manager,dc=example,dc=com

dn: olcDatabase={2}hdb,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}PASSWORD

dn: olcDatabase={2}hdb,cn=config
changetype: modify
add: olcAccess
olcAccess: {0}to attrs=userPassword,shadowLastChange by
  dn="cn=Manager,dc=example,dc=com" write by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=Manager,dc=example,dc=com" write by * read

10. Then add the above configuration to the LDAP database with the following command.

$ sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f ldapdomain.ldif

11. In this step, we need to add some entries to our LDAP directory. Create another file called baseldapdomain.ldif with the following content.

dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectclass: organization
o: example com
dc: example

dn: cn=Manager,dc=example,dc=com
objectClass: organizationalRole
cn: Manager
description: Directory Manager

dn: ou=People,dc=example,dc=com
objectClass: organizationalUnit
ou: People

dn: ou=Group,dc=example,dc=com
objectClass: organizationalUnit
ou: Group 

Save the file and then add the entries to the LDAP directory.

$ sudo ldapadd -Y EXTERNAL -x -D cn=Manager,dc=example,dc=com -W -f baseldapdomain.ldif

12. The next step is to create a LDAP user for example, tecmint, and set a password for this user as follows.

$ sudo useradd tecmint
$ sudo passwd tecmint

13. Then create the definitions for a LDAP group in a file called ldapgroup.ldif with the following content.

dn: cn=Manager,ou=Group,dc=example,dc=com
objectClass: top
objectClass: posixGroup
gidNumber: 1005

In the above configuration, gidNumber is the GID in /etc/group for tecmint and add it to the OpenLDAP directory.

$ sudo ldapadd -Y EXTERNAL -x  -W -D "cn=Manager,dc=example,dc=com" -f ldapgroup.ldif

14. Next, create another LDIF file called ldapuser.ldif and add the definitions for user tecmint.

dn: uid=tecmint,ou=People,dc=example,dc=com
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
cn: tecmint
uid: tecmint
uidNumber: 1005
gidNumber: 1005
homeDirectory: /home/tecmint
userPassword: {SSHA}PASSWORD_HERE
loginShell: /bin/bash
gecos: tecmint
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0

then load fthe configuration to the LDAP directory.

$ ldapadd -Y EXTERNAL  -x -D cn=Manager,dc=example,dc=com -W -f  ldapuser.ldif

Once you have setup a central server for authentication, the final part is to enable the client to authenticate using LDAP as explained in this guide:

1. How to Configure LDAP Client to Connect External Authentication

For more information, see the appropriate documentation from OpenLDAP Software document catalog and Ubuntu users can refer to the OpenLDAP server guide.

Summary

OpenLDAP is a open source implementation of LDAP in Linux. In this article, we have shown how to install and configure OpenLDAP server for centralized authentication, in Ubuntu 16.04/18.04 and CentOS 7. If you have a question or thoughts to share, do not hesitate to reach us via the comment form below.

Source

LDAP (short for Lightweight Directory Access Protocol) is an industry standard, widely used set of protocols for accessing directory services.

A directory service in simple terms is a centralized, network-based database optimized for read access. It stores and provides access to information that must either be shared between applications or is highly distributed.

Directory services play an important role in developing intranet and Internet applications by helping you share information about users, systems, networks, applications, and services throughout the network.

A typical use case for LDAP is to offer a centralized storage of usernames and passwords. This allows various applications (or services) to connect to the LDAP server to validate users.

After setting up a working LDAP server, you will need to install libraries on the client for connecting to it. In this article, we will show how to configure an LDAP client to connect to an external authentication source.

I hope you already having a working LDAP server environment, if not setup Up LDAP Server for LDAP-based Authentication.

How to Install and Configure LDAP Client in Ubuntu and CentOS

On the client systems, you will needs to install a few necessary packages to make authentication mechanism function correctly with an LDAP server.

Configure LDAP Client in Ubuntu 16.04 and 18.04

First start by installing the necessary packages by running the following command.

$ sudo apt update && sudo apt install libnss-ldap libpam-ldap ldap-utils nscd

During the installation, you will be prompted for details of your LDAP server (provide the values according to your environment). Note that the ldap-auth-config package which is auto-installed does the most of the configurations based on the inputs you enter.

Next, enter the name of the LDAP search base, you can use the components of their domain names for this purpose as shown in the screenshot.

Also choose the LDAP version to use and click Ok.

Now configure the option to allow you to make password utilities that use pam to behave like you would be changing local passwords and click Yes to continue..

Next, disable login requirement to the LDAP database using the next option.

Also define LDAP account for root and click Ok.

Next, enter the password to use when ldap-auth-config tries to login to the LDAP directory using the LDAP account for root.

The results of the dialog will be stored in the file /etc/ldap.conf. If you want to make any alterations, open and edit this file using your favorite command line editor.

Next, configure the LDAP profile for NSS by running.

$ sudo auth-client-config -t nss -p lac_ldap

Then configure the system to use LDAP for authentication by updating PAM configurations. From the menu, choose LDAP and any other authentication mechanisms you need. You should now be able to log in using LDAP-based credentials.

$ sudo pam-auth-update

In case you want the home directory of the user to be created automatically, then you need to perform one more configuration in the common-session PAM file.

$ sudo vim /etc/pam.d/common-session

Add this line in it.

session required pam_mkhomedir.so skel=/etc/skel umask=077

Save the changes and close the file. Then restart the NCSD (Name Service Cache Daemon) service with the following command.

$ sudo systemctl restart nscd
$ sudo systemctl enable nscd

Note: If you are using replication, LDAP clients will need to refer to multiple servers specified in /etc/ldap.conf. You can specify all the servers in this form:

uri ldap://ldap1.example.com  ldap://ldap2.example.com

This implies that the request will time out and if the Provider (ldap1.example.com) becomes unresponsive, the Consumer (ldap2.example.com) will attempt to be reached to process it.

To check the LDAP entries for a particular user from the server, run the getent command, for example.

$ getent passwd tecmint

If the above command displays details of the specified user from the /etc/passwd file, your client machine is now configured to authenticate with the LDAP server, you should be able to log in using LDAP-based credentials.

Configure LDAP Client in CentOS 7

To install the necessary packages, run the following command. Note that in this section, if you are operating the system as a non-root administrative user, use the sudo command to run all commands.

# yum update && yum install openldap openldap-clients nss-pam-ldapd

Next, enable the client system to authenticate using LDAP. You can use the authconfig utility, which is an interface for configuring system authentication resources.

Run the following command and replace example.com with your domain and dc=example,dc=com with your LDAP domain controller.

# authconfig --enableldap --enableldapauth --ldapserver=ldap.example.com --ldapbasedn="dc=example,dc=com" --enablemkhomedir --update

In the above command, the --enablemkhomedir option creates a local user home directory at the first connection if none exists.

Next, test if the LDAP entries for a particular user from the server, for example user tecmint.

$ getent passwd tecmint

The above command should display details of the specified user from the /etc/passwd file, which implies that the client machine is now configured to authenticate with the LDAP server.

Important: If SELinux is enabled on your system, you need to add a rule to allow creating home directories automatically by mkhomedir.

HHVM stands for HipHop Virtual Machine, is an open source virtual machine created for running Hack (it’s a programming language for HHVM) and PHP written applications. HHVM uses a last minute compilation path to achieve remarkable performance while keeping the flexibility that PHP programmers are addicted to. Till date, HHVM has achieved over a 9x increase in http request throughput and more than 5x cut in memory utilization (when running on low system memory) for Facebook compared with the PHP engine + APC (Alternative PHP Cache).

HHVM can also be used along with a FastCGI-based web-server like Nginx or Apache.

In this tutorial we shall look at steps for setting up Nginx/Apache web server, MariaDB database server and HHVM. For this setup, we will use Ubuntu 15.04 (64-bit) as HHVM runs on 64-bit system only, although Debian and Linux Mint distributions are also supported.

Step 1: Installing Nginx and Apache Web Server

1. First do a system upgrade to update repository list with the help of following commands.

# apt-get update && apt-get upgrade

# apt-get install nginx

# apt-get install apache2

http://localhost
OR
http://IP-Address

# apt-get install mariadb-client mariadb-server

# systemctl start mysql
# mysql_secure_installation

Enter current password for root (enter for none) = press enter
Set root password? [Y/n] = y
Remove anonymous users[y/n] = y
Disallow root login remotely[y/n] = y
Remove test database and access to it [y/n] = y
Reload privileges tables now[y/n] = y 

# mysql -u root -p

# wget -O - http://dl.hhvm.com/conf/hhvm.gpg.key | apt-key add -
# echo deb http://dl.hhvm.com/ubuntu DISTRIBUTION_VERSION main | sudo tee /etc/apt/sources.list.d/hhvm.list
# apt-get update

# apt-get install -y hhvm

# update-rc.d hhvm defaults

# /usr/share/hhvm/install_fastcgi.sh

# /usr/bin/update-alternatives --install /usr/bin/php php /usr/bin/hhvm 60

# systemctl start hhvm

# nano /usr/share/nginx/html/hello.php       [For Nginx]
OR
# nano /var/www/html/hello.php               [For Nginx and Apache]

<?php
if (defined('HHVM_VERSION')) {
echo 'HHVM is working';
 phpinfo();
}
else {
echo 'HHVM is not working';
}
?>

http://localhost/info.php
OR
http://IP-Address/info.php

PostgreSQL (Postgres in short) is an open source, powerful, advanced, high performance and stable relational-document database system. It uses and enhances the SQL language coupled with a large number of features for secure data storage and management.

It is efficient, reliable, and scalable for handling large, complicated volumes of data and setting up enterprise-level and fault-tolerant environments, while ensuring high data integrity. Postgres is also highly extensible with features such as indexes comes with APIs so that you can develop your own solutions to solve your data storage challenges.

In this article, we will explain how to install PostgreSQL on an Ubuntu 18.04 server (also works on older Ubuntu releases) and learn some basic ways to use it.

How to Install PostgreSQL on Ubuntu

First, create a file /etc/apt/sources.list.d/pgdg.list which stores the repository configuration, then import the repository key to your system, update your system packages list and install Postgres package using following commands.

$ sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
$ sudo apt install wget ca-certificates
$ wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
$ sudo apt update
$ sudo apt install postgresql-10 pgadmin4

Once postgres has been installed, the database service started automatically and you can confirm by typing following command.

$ sudo systemctl status postgresql.service

How to Use PostgreSQL Roles and Databases

In postgres, client authentication is controlled by the /etc/postgresql/10/main/pg_hba.conf configuration file. The default authentication method is “peer” for the database administrator, meaning it gets the client’s operating system user name from the operating system and checks if it matches the requested database user name to allow access, for local connections (as shown in the following screenshot).

During the installation process, a system user account called postgres was created without a password, this is also the default database administrator user name.

$ sudo vim /etc/postgresql/10/main/pg_hba.conf

In addition, under postgres database access permission management is performed via roles. A role can be considered as either a database user, or a group of database users, depending on how the role is set up.

The default role is also postgres. Importantly, database roles are conceptually fully unconnected to operating system users, but practically they may not be separate (for example when it comes to client authentication).

Importantly, roles can own database objects, and can assign privileges on those objects to other roles to control who has access to which objects. In addition, it is possible to grant membership in a role to another role.

To configure other roles to use encrypted passwords to manage databases assigned to them, apart from the default postgres role, you need to change the line to.

Then restart the postgresql service to apply the recent changes.

$ sudo systemctl restart postgresql

How to Use PostgreSQL on Ubuntu

Once everything setup, you can access the postgres system account with the following command, where the -i flag tells sudo to run the shell specified by the target user’s password database entry as a login shell.

$ sudo -i -u postgres 
$ psql		#to launch the postgres shell program  
postgres=#

To access the postgres shell directly, without first accessing the postgres user account, run the following command.

$ sudo -i -u postgres psql

You can quit/exit the postgres by typing the following command.

postgres=# \q

Create PostgreSQL Database Roles

Create a new user role using the following command.

postgres=# CREATE ROLE tecmint;

To create a role with a LOGIN attribute, use the following command (roles with the LOGIN attribute can be considered the same as a database users).

postgres=#CREATE ROLE tecmint LOGIN;
OR
postgres=#CREATE USER name;	#assumes login function by default

A role can also be created with a password, this is useful if you configured the client authentication method to ask users to supply an encrypted password when connecting to the database.

postgres=#CREATE ROLE tecmint PASSWORD 'passwd_here'

List Existing PostgreSQL Database Roles

To list the existing user roles, use any of these commands.

postgres=# \du 				#shows actual users
OR
postgres=# SELECT rolname FROM pg_roles;

Drop a PostgreSQL Database Role

To drop any existing user role use the DROP ROLE command as shown.

postgres=# DROP ROLE tecmint;

Create a PostgreSQL Database

Once you have created a role with a particular name (for instance tecmint user), you can create a database (with the same name as the role) which will be managed by that role as shown.

postgres=# CREATE DATABASE tecmint;

Now to manage the database tecmint, access the postgres shell as the tecmint role, provide your password as follows.

$ sudo -i -u tecmint psql

Create a PostgreSQL Table

Creating tables is so easy, we will create a test table called authors, which stores information about TecMint.com authors, as shown.

tecmint=>CREATE TABLE authors (
    code      char(5) NOT NULL,
    name    varchar(40) NOT NULL,
    city varchar(40) NOT NULL
    joined_on date NOT NULL,	
    PRIMARY KEY (code)
);

After creating a table, try to populate it with some data, as follows.

tecmint=> INSERT INTO authors VALUES(1,'Ravi Saive','Mumbai','2012-08-15');

To view the data stored in a table, you can run a SELECT command.

tecmint=> SELECT * FROM authors;

List PostgreSQL Database Tables

You can list all tables in the current database with the following command.

tecmint=>\dt

Delete/Drop a PostgreSQL Table

To delete a table in the current database, use the DROP command.

tecmint=> DROP TABLE authors;

List All PostgreSQL Databases

To list all databases, use any of the following commands.

tecmint=>SELECT datname FROM pg_database;
OR
tecmint=>\list	#shows a detailed description 
OR
tecmint=>\l

Delete/Drop a PostgreSQL Database

If you want to delete a database, use the DROP command, for example.

tecmint=>DROP DATABASE tecmint;

Switch to Another PostgreSQL Database

You can also switch from one database to another easily using the following command.

tecmint=>\connect database_name

For more information, refer to the PostgreSQL 10.4 Documentation.

That’s it for now! In this article, we have explained how to install and use PostgreSQL database management system on Ubuntu 18.04. You can send us your queries or thoughts in the comments.

Source

It is that time of the year where we are earnestly anticipating the release of the next LTS version of what is undoubtedly one of the world’s most popular free operating system and if you’re a keen reader of Tecmint, you’ll know by now that we already covered the installation of the next iteration of Ubuntu’s desktop operating system in great detail – if you missed it, we have the link right down below.

Here, I have compiled the things that you will most likely need to do after you might have completed the installation of Ubuntu 16.10 (Yakkety Yak) and installation of Ubuntu 16.04 Xenial Xerus so you might have a stable and safe system to play with.

I’ll try to keep this as concise as possible and not bore you with a terribly long list and you can be sure that this article comprises just about everything you’ll need to have to system humming as you’d like it.

Like I mentioned in the previous install article, the best practice for any Linux user or any PC user for that matter, is to have their PC updated once it’s installed so it may have all the latest security updates, patches and features.

You can either choose to update your system via the GUI-enabled inbuilt system update tool (image below) or if you’d rather do it the terminal way of things, below are self-descriptive images on how to but for the sake of newbies reading through with this, we’ll add a few notes with the images just to makes things a little.

Now let’s get on with this already.

1. Update Ubuntu 16.10/16.04 Xenial Xerus

1. First and foremost, we must update our sources; head on to the Unity dash on the top left corner and type in “software and updates”; open the app, and select the “other software” tab, tick both options, close the app (you’ll be prompted to enter you root PW) and go back to the same dash; this time around, type in “software updater” open the app and it should auto-update sources and show the available update size.

Using the preinstalled “software updater”.

Using the terminal; you’ll need to enter these commands consecutively.

$ sudo apt-get update
$ sudo apt-get upgrade

If you are still feeling a little lost, you may watch the video below that shows how to update Ubuntu 16.04 Xenial Xerus.

2. Install Core Internet Applications

Install some core internet applications; Ubuntu 16.04 Xenial Xerux somes preinstalled with Firefox like every other Ubuntu distro before it however, it’s not the world’s most used browser and still lags behind Chromium – the open source version of Chrome — in terms of features and functionality.

You’ll find Chromium in the new Gnome application manager that ships with Ubuntu Xenial Xerux 16.04 LTS.

The other recommended applications to download include but not limited to:

1. Skype – One if the world’s most popular VOIP service.
2. Pidgin – Probably the best IM client.M
3. Deluge – One of the best torrenting app.
4. Mega – Free cloud backup with 50GB storage.
5. CrashPlan – Always have your system backed up either locally or in the cloud for easy recovery later.
6. Telegram – Privacy-centric multi-platform service.
7. Uget – Easily one of the best download manager for Linux.
8. Tor – Download the Tor browser for a complete anonymity online.

3. Install a Replacement Music App – Clementine

Clementine is by far the most superior multi-platform music playing app out there for Linux and it’s feature set is unmatched; it blows every other app out of the water be it VLC, Rthythmbox, Audacious etc.

Perhaps the most prominent feature of Clementine is its ability to connect you to online music streaming services without the need of firing up a web browser or a specific third party app for each service.

You can simply connect your (Premium) Spotify account, Last.fm, Sky.fm, Google Drive, Onedrive, just to name a few.

Clementine also has its own built-in equalizer and you can download it via the Software center of open up the terminal, input:

$ sudo apt-get install clementine

and should be done in no time.

Don’t Miss: 21 Music Players for Linux Lovers – Worth Trying on Linux

Other noteworthy media applications that we almost always recommend you download include:

1. VLC – the universal media player that has an extensive list of supported formats.
2. Audacity – a simple minimalistic audio editing tool for both beginners and pro alike; comes with quite the list of features that will allow you maximize the extent at which you can modify an audio file or even create.
3. Kodi (formerly XBMC) – the open source home theater submerges you in an entire media-centric universe that will has an extensive support for media files; ranging from your standard .MP3 files to the most obscure formats you can think of, be it under the music, video or photos category; Kodi will most likely have support for it.

Don’t Miss: 10 Best Linux Video Players of Year 2015

Even better, you can customized it to your heart’s content and enjoy an unparalled media experience.

1. Handbrake – this is another cross platform application that should come in handy whenever you need to quickly convert a video file while still effectively shrinking the size.
2. Spotify – for those of you that don’t have a premium Spotify subscription but will still like to enjoy the services it provides, then you’re mostly better off with official client for Linux that has a somewhat sub-par experience when compared to the clients on other platforms but should mostly suffice for whatever you throw at it.

Install Spotify on Ubuntu 16.10/16.04

To install Spotify, open up your terminal and enter the follow up commands from the first to the last; one after the other.

$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys BBEBDCB318AD50EC68650906
$ sudo apt-get update
$ sudo apt-get install spotify-client

Openshot – this is by far the most basic and straightforward video editing app available for Linux, that will allow just about anybody to start their hands out at video editing.

The interface is clean and it will help you quickly get things done. Mind you, Openshot does not come anywhere close in term of feature set and functionality when compared other well established tools like Adobe Premiere Pro on Windows, Kdenlive etc.

Don’t Miss: 8 Best Video Editing Softwares for Linux I Found in 2015

It’s just as basic as you can think.

Ubuntu restricted extras – you want to have this installed so you don’t have to worry about any missing codecs that will otherwise not allow some media files to play nice with the defaults of your system if not installed.

GIMP is by far the most popular free image manipulation tool (and perhaps the best alternative to Photoshop) available for Linux.

Don’t Miss: 15 Best Image or Photo Editing Softwares for Linux I Found in 2015

All of the aforementioned applications (except Spotify) are available in the new software center as a free install.

4. Install Synaptics and AppGrid

It is always nice to have alternative sources when it comes to application installation; particularly if you’re not a big fan of the new Software center or maybe you just want something minimalistic without all the bells and whistles? …. Or you just care for something more aesthetically pleasing.

Synaptics has always been there for as long as I can remember and it gives you a similar experience to that of Pamac and Octopi which are frontends for Arch Linux’s package manager.

You still get a GUI that is pretty stripped of all the usuals you’ll normally find on other app sources like comments, ratings and the likes.

CTRL+ALT+T to open up the terminal and type in:

$ sudo apt-get install synaptic

Alternatively, you can download it from the Software center.

AppGrid on the other hand, can be installed via the terminal by typing in the following commands consecutively.

$ sudo add-apt-repository ppa:appgrid/stable
$ sudo apt-get update
$ sudo apt-get install appgrid

So depending on what you really want, you can have as many as four options to install your apps from – Terminal, Gnome software center, AppGrid, and Synaptics (which is mostly used by power users).

5. Turn Off Online Search Results

The unity dash search results still include options from sources like Wikipedia and Amazon by default which can pose some security threats to the user of the system.

Thankfully though, Canonical has included an option to turn it off since 15.10. Just go to settings ->security and privacy -> select the search tab and turn off include online search results.

6. Install Unity Tweak Tool to Customize Ubuntu

Ubuntu’s stock Unity interface has always been barebone and hardly does anything change regards the general look and feel of it with every iteration – I really like to think of it as boring – (especially as an Android fanboy) hence, the need for some cool customization.

Which is where Unity’s tweak tool comes in; it’s available in the Gnome Software center. Download it and make your desktop your OWN.

7. Install Graphics Driver in Ubuntu

Lastly, you want to install the proper graphics driver of your system to enable smooth rendering of the GUI; this would mostly be required too if you’re looking to game with your PC via Steam, Video editing and so on.

Type in “software and updates” in the dash and go to the “additional drivers tab”; select as needed and apply changes.

We recommend that you go through with the list and you’ll just be ready to enjoy the rest of the Ubuntu Xenial Xerus experience as long as you need to.

From this point, you can now tailor the system to some other specific needs you might have; thereafter, it’s silky smooth sailing with this LTS release. If you do encounter any problems installing, or configuring the system as guided above, kindly let us know in the comments below.

Source

This tutorial will guide you on the first basic steps you need to configure on a new installed Ubuntu server in order to increase security and reliability for your server.

The configurations explained in this topic are almost the same for all Ubuntu server systems, regarding of the underlying OS platform, whether Ubuntu is installed on a bare-metal server, in a private virtual machine or a virtual machine spinned-out in a VPS public cloud.

Requirements

1. Ubuntu Server Edition installation

Update and Upgrade Ubuntu System

The first step you need to take care of in case of fresh installation of Ubuntu server or a new deployed Ubuntu VPS is to make sure the system and all system components, such as the kernel, the package manager and all other installed packages are up-to-date with the latest released versions and security patches.

To update Ubuntu server, to log in to server’s console with an account with root privileges or directly as root and run the below commands in order to perform the update and upgrade process.

$ sudo apt update 

After running the update command, you will see the number of available packages for upgrading process and the command used for listing the packages upgrades.

$ sudo apt list --upgradable

After you’ve consulted the list of packages available for upgrading, issue the below command to start system upgrade process.

$ sudo apt upgrade

In order to remove all locally downloaded deb packages and all other apt-get caches, execute the below command.

$ sudo apt autoremove
$ sudo apt clean

Create New Account in Ubuntu

By default, as a security measure, the root account is completely disabled in Ubuntu. In order to create a new account on the system, log in to the system with the account user with root privileges and create a new account with the below command.

This new account will be granted with root powers privileges via sudo command and will be used to perform administrative tasks in the system. Make sure you setup a strong password to protect this account. Follow the adduser prompt to setup the user details and password.

$ sudo adduser ubuntu_user

If this account will be assigned to another system admin, you can force the user to change its password at the first log in attempt by issuing the following command.

$ sudo chage -d0 ubuntu_user

For now, the new added user cannot perform administrative tasks via sudo utility. To grant this new user account with administrative privileges you should add the user to “sudo” system group by issuing the below command.

$ sudo usermod -a -G sudo ubuntu_user

By default, all users belonging to the “sudo” group are allowed to execute commands with root privileges via sudo utility. Sudo command must be used before writing the command needed for execution, as shown in the below example.

$ sudo apt install package_name

Test if the new user has the root privileges granted, by logging in to the system and run the apt updatecommand prefixed with sudo.

$ su - ubuntu_user
$ sudo apt update

Configure System Hostname in Ubuntu

Usually, the machine hostname is set-up during the system installation process or when the VPS is created in the cloud. However, you should change the name of your machine in order to better reflect the destination of your server or to better describe its final purpose.

In a large company, machines are named after complex naming schemes in order to easily identify the machine in datacenter’s racks. For instance, if your Ubuntu machine will operate a mail server, the name of the machine should reflect this fact and you can setup machine hostname as mx01.mydomain.lan, for example.

To show details about your machine hostname run the following command.

$ hostnamectl

In order to change the name of your machine, issue hostnamectl command with the new name you will configure for your machine, as illustrated in the below excerpt.

$ sudo hostnamectl set-hostname tecmint

Verify the new name of your system with one of the below commands.

$ hostname
$ hostname -s
$ cat /etc/hostname 

Setup SSH with Public Key Authentication in Ubuntu

To increase system security degree of an Ubuntu server, you should set-up SSH public key authentication for an local account. In order to generate SSH Key Pair, the public and private key, with a specifying a key length, such as 2048 bits, execute the following command at your server console.

Make sure you’re logged in to the system with the user you’re setting up the SSH key.

$ su - ubuntu_user
$ ssh-keygen -t RSA -b 2048

While the key is generated, you will be prompted to add passphrase in order to secure the key. You can enter a strong passphrase or choose to leave the passphrase blank if you want to automate tasks via SSH server.

After the SSH key has been generated, you can copy the public key to a remote server by executing the below command. To install the public key to the remote SSH server you will need a remote user account with the proper permissions and credentials to log in to remote server.

$ ssh-copy-id remote_user@remote_server

You should be able to automatically log in via SSH to the remote server using the public key authentication method. You won’t need to add the remote user password while using SSH public key authentication.

After you’ve logged in to the remote server, you can start to execute commands, such as w command to list ssh remote logged in users, as shown in the below screenshot.

Type exit in the console to close the remote SSH session.

$ ssh remote_user@remote_server
$ w
$ exit

To see the content of your public SSH key in order to manually install the key to a remote SSH server, issue the following command.

$ cat ~/.ssh/id_rsa.pub

Secure SSH Server in Ubuntu

In order to secure the SSH daemon you should change the default SSH port number from 22 to a random port, higher than 1024, and disallow remote SSH access to the root account via password or key, by opening SSH server main configuration file and make the following changes.

$ sudo vi /etc/ssh/sshd_config

First, search the commented line #Port22 and add a new line underneath (replace the listening port number accordingly):

Port 2345

Don’t close the file, scroll down and search for the line #PermitRootLogin yes, uncomment the line by removing the # sign (hashtag) from the beginning of the line and modify the line to look like shown in the below excerpt.

PermitRootLogin no

Afterwards, restart the SSH server to apply the new settings and test the configuration by trying to log in from a remote machine to this server with the root account via the new port number. The access to root account via SSH should be restricted.

$ sudo systemctl restart sshd

Also, run netstat or ss command and filter the output via grep in order to show the new listening port number for SSH server.

$ sudo ss -tlpn| grep ssh
$ sudo netstat -tlpn| grep ssh

There are situations where you might want to automatically disconnect all remote SSH connections established into your server after a period of inactivity.

In order to enable this feature, execute the below command, which adds the TMOUT bash variable to your account .bashrc hidden file and forces every SSH connection made with the name of the user to be disconnected or dropped-out after 5 minutes of inactivity.

$ echo 'TMOUT=300' >> .bashrc

Run tail command to check if the variable has been correctly added at the end of .bashrc file. All subsequent SSH connections will be automatically closed after 5 minutes of inactivity from now on.

$ tail .bashrc

In the below screenshot, the remote SSH session from drupal machine to Ubuntu server via ubuntu_user account has been timed out and auto-logout after 5 minutes.

Configure Ubuntu Firewall UFW

Every server needs a well configured firewall in order to secure the system at network level. Ubuntu server uses UFW application to manage the iptables rules on the server.

Check the status of UFW firewall application in Ubuntu by issuing the below commands.

$ sudo systemctl status ufw
$ sudo ufw status

Usually, the UFW firewall daemon is up and running in Ubuntu server, but the rules are not applied by default. Before enabling UFW firewall policy in you system, first you should add a new rule to allow SSH traffic to pass through firewall via the changed SSH port. The rule can be added by executing the below command.

$ sudo ufw allow 2345/tcp

After you’ve allowed SSH traffic, you can enable and check UFW firewall application with the following commands.

$ sudo ufw enable
$ sudo ufw status

To add new firewall rules for other network services subsequently installed on your server, such as HTTP server, a mail server or other network services, use the below firewall commands examples as guide.

$ sudo ufw allow http  #allow http traffic
$ sudo ufw allow proto tcp from any to any port 25,443  # allow https and smtp traffic

To list all firewall rules run the below command.

$ sudo ufw status verbose

Set Ubuntu Server Time

To control or query Ubuntu server clock and other related time settings, execute timedatectl command with no argument.

In order to change your server’s time zone settings, first execute timedatectl command with list-timezones argument to list all available time zones and, then, set the time zone of your system as shown in the below excerpt.

$ sudo timedatectl 
$ sudo timedatectl list-timezones 
$ sudo timedatectl set-timezone Europe/Vienna

The new systemd-timesyncd systemd daemon client can be utilized in Ubuntu in order to provide an accurate time for your server across network and synchronize time with an upper time peer server.

To apply this new feature of Systemd, modify systemd-timesyncd daemon configuration file and add the closest geographically NTP servers to NTP statement line, as shown in the below file excerpt:

$ sudo nano /etc/systemd/timesyncd.conf

Add following configuration to timesyncd.conf file:

[Time]
NTP=0.pool.ntp.org 1.pool.ntp.org
FallbackNTP=ntp.ubuntu.com

To add your nearest geographically NTP servers, consult the NTP pool project server list at the following address: http://www.pool.ntp.org/en/

Afterwards, restart the Systemd timesync daemon to reflect changes and check daemon status by running the below commands. After restart, the daemon will start to sync time with the new ntp server peer.

$ sudo systemctl restart systemd-timesyncd.service 
$ sudo systemctl status systemd-timesyncd.service

Disable and Remove Unneeded Services in Ubuntu

In order to get a list of all TCP and UDP network services up-and-running by default in your Ubuntu server, execute the ss or netstat command.

$ sudo netstat -tulpn
OR
$ sudo ss -tulpn

Staring with Ubuntu 16.10 release, the default DNS resolver is now controlled by systemd-resolved service, as revealed by the output of netstat or ss commands.

You should also check the systemd-resolved service status by running the following command.

$ sudo systemctl status systemd-resolved.service

The systemd-resolved service binds on all enabled network interfaces and listens on ports 53 and 5355 TCPand UDP.

Running system-resolved caching DNS daemon on a production server can be dangerous due to the numerous number of DDOS attacks performed by malicious hackers against unsecured DNS servers.

In order to stop and disable this service, execute the following commands.

$ sudo systemctl stop systemd-resolved
$ sudo systemctl disable systemd-resolved

Verify if the service has been stopped and disabled by issuing ss or netstat command. The systemd-resolved listening ports, 53 and 5355 TCP and UDP, should not be listed in netstat or ss command output, as illustrated in the below.

You should also reboot the machine in order to completely disable all systemd-resolved daemon services and restore the default /etc/resolv.conf file.

$ sudo ss -tulpn
$ sudo netstat -tulpn
$ sudo systemctl reboot

Although, you’ve disabled some unwanted networking services to run in your server, there are also other services installed and running in your system, such as lxc process and snapd service. These services can be easily detected via ps, top or pstree commands.

$ sudo ps aux
$ sudo top
$ sudo pstree

In case you’re not going to use LXC container virtualization in your server or start installing software packaged via Snap package manager, you should completely disable and remove these services, by issuing the below commands.

$ sudo apt autoremove --purge lxc-common lxcfs
$ sudo apt autoremove --purge snapd

That’s all! Now, Ubuntu server is now prepared for installing additional software needed for custom network services or applications, such as installing and configuring a web server, a database server, a file share service or other specific applications.

Source

Ubuntu Server 16.04, also named Xenial Xerus, has been released by Canonical and it’s now ready for installation.

The details about this new LTS version can be found on the previous article: How to upgrade Ubuntu 15.10 to 16.04.

This topic will guide you on how you can install Ubuntu 16.04 Server Edition with Long Time Support on your machine.

If you’re looking for Desktop Edition, read our previous article: Installation of Ubuntu 16.04 Desktop

Requirements

1. Ubuntu 16.04 Server ISO Image

Install Ubuntu 16.04 Server Edition

1. On the first step visit the above link and download the latest version of Ubuntu Server ISO image on your computer.

Once the image download completes, burn it to a CD or create a bootable USB disk using Unbootin (for BIOS machines) or Rufus (for UEFI machines).

2. Place the bootable media intro the appropriate drive, start-up the machine and instruct the BIOS/UEFI by pressing a special function key (F2, F11, F12) to boot-up from the inserted USB/CD drive.

In a few seconds you will be presented with the first screen of Ubuntu installer. Select your language to perform the installation and hit Enter key to move to the next screen.

3. Next, select the first option, Install Ubuntu Server and press Enter key to continue.

4. Select the language you with to install the system and press Enter again to continue further.

5. On the next series of screen choose your physical location from the presented list. If your location is different than the ones offered on the first screen, select other and hit Enter key, then select the location based on your continent and country. This location will be also used by the timezone system variable. Use the below screenshots as a guide.

6. Assign the locales and keyboard settings for your system as illustrated below and hit Enter to continue the installation setup.

7. The installer will load a series of additional components required for the next steps and will automatically configure your network settings in case you have a DHCP server on the LAN.

Because this installation is intended for a server it’s a good idea to setup a static IP address for your network interface.

To do this you can interrupt the automatic network configuration process by pressing on Cancel or once the installer reaches hostname phase you can hit on Go Back and choose to Configure network manually.

8. Enter your network settings accordingly (IP Address, netmask, gateway and at least two DNS nameservers) as illustrated on the below images.

9. On the next step setup a descriptive hostname for your machine and a domain (not necessary required) and hit on Continue to move to the next screen. This step concludes the network settings.

10. On this step the installer prompts you to setup a username and a password for your system. This username will be granted by the system with sudo powers, so, technically, this user will be the supreme administrator next to root account (which is disabled by default).

Thus, choose an inspired username, maybe hard to guess for security reasons, with a strong password and hit on Continue. Choose not to encrypt your home directory and press Enter to continue further.

11. Next, the installer will automatically set your clock based on the physical location configured earlier. In case the location is correctly chosen hit on Yes to continue to disk partition layout.

12. On the next step you can choose the method that will be used to slice up your disk. For instance, if you need to create custom partition scheme (such as /home, /var, /boot etc) choose Manual method.

For a general purpose server you can stick to Guided with LVM method as illustrated below, which automatically creates the partitions on your behalf.

13. Next, select the disk that will be used by the installer to create partitions and press Enter key.

14. Answer with Yes at the next screen in order to commit changes to disk with LVM scheme and hit on Continue to use the entire disk space for guided partitions.

15. Finally, approve for the last time the changes to be written to disk by pressing on Yes and the installation will now begin. From this step on all the changes will be committed to disk.

16. In case your system is behind a proxy or a firewall use the next screen to bypass the network restrictions, otherwise just leave it black and hit on Continue.

17. Next, the installer will configure apt repositories and will install the selected software. After it finishes the installation tasks a new screen will appear which will ask you how to manage the upgrade process. Select Noautomatic updates for now (you will manually select what updates are necessary) and hit Enter key to continue.

18. On the next step you will be asked to select what software to install. Select only standard system utilities and OpenSSH server (if you require remote access) by pressing the spacebar key and hit on Continue.

19. Once the installer finishes installing the software, a new screen will prompt you whether to install the Grubboot loader to hard disk MBR (first 512 byte sector). Obviously without the GRUB you can’t boot up your system after restart, so hit on Yes to continue with the installation.

20. Finally, after the boot loader is written to Hard Disk MBR, the installation process finishes. Hit on Continue to reboot the machine and remove the installation media.

21. After reboot, login to your system console using the credentials configured during the installation process and you’re good to go on production with your server.

That’s all! Keep in mind that this version of Ubuntu has official maintenance support from Canonical until 2021for hardware, bugs, software and security updates.

Source

Ubuntu 18.04 LTS (codenamed “Bionic Beaver”) stable version has been released. It will be supported for 5 years until April 2023.

In this article, we will explain how to upgrade to Ubuntu 18.04 Bionic Beaver from Ubuntu 16.04 LTS or 17.10.

What’s New in Ubuntu 18.04

Before we proceed to the upgrade instructions, let’s look at some of the base system new features and changes in 18.04:

• Ships in with Linux kernel 4.15.
• OpenJDK 10 is the default JRE/JDK.
• Gcc is now set to default to compile applications.
• The default CIFS/SMB protocol version change in CIFS mounts.
• Supports mitigations to protect against Spectre and Meltdown.
• Bolt and thunderbolt-tools have been promoted to main.
• Libteam which is available in the Network manager, offers teaming support.
• Systemd-resolved is the default resolver.
• ifupdown has been deprecated in favor of netplan.io, in new installs.
• networkctl command can be used to view a summary of network devices.
• GPG binary is provided by gnupg2.
• Swap file will be used by default instead of a swap partition, in new installs.
• Python 2 is no longer comes preinstalled, and Python 3 has been updated to 3.6.
• For new installs, the installer no longer offers the encrypted home option using ecryptfs-utils.
• OpenSSH no longer uses RSA keys smaller than 1024 bits and much more under desktop and server versions.

Warning: Start by backing up your existing Ubuntu installation or important files (documents, images and many more), before performing an upgrade. This is recommended because, sometimes, upgrades do not go well as planned.

Upgrade to Ubuntu 18.04 Desktop

1. First of all, ensure that your existing Ubuntu system is up-to-date, otherwise run the commands below to update the apt package source cache and perform an upgrade of installed packages, to the latest versions.

$ sudo apt update
$ sudo apt upgrade 

Then, restart your system to finish installing the updates.

2. Next, launch the “Software & Updates” application from System Settings.

3. Then click on the third Tab “Updates”.

4. Next, On Ubuntu 17.04, set the “Notify me of a new Ubuntu version” dropdown menu to “For any new version”. You will be asked to authenticate, enter your password to continue. On Ubuntu 16.04, leave this setting to “For long-term support versions”.

5. Then search for “Software Updater” and launch it or open a terminal and run the update-manager command as shown.

$ update-manager -cd 

The update manager should open up and inform you like this: New distribution release ‘18.04’ is available.

6. Next, click on “Upgrade” and enter your password to continue. Then you will be shown the Ubuntu 18.04release notes page. Read through it and click Upgrade.

7. Now your upgrade process will start as shown in the following screenshot.

8. Read the details of the upgrade and confirm that you want to upgrade by clicking on “Start Upgrade”.

9. Once you have confirmed that you want the upgrade, the update manager will start downloading Ubuntu 18.04 packages as shown in the following screenshot. When all packages have been retrieved, the process can not be canceled. You can click on “Terminal” to see how the upgrade process is unfolding.

10. Afterwards, all the Ubuntu 18.04 packages will be installed on the system (this will take some time), then you will be asked to either remove or keep obsolete packages. After clean up and restart the system to complete the upgrade.

11. Then, you can login and start using Ubuntu 18.04 LTS.

Upgrade to Ubuntu 18.04 Server

If you do not have physical access to your server, the upgrade can be performed over SSH, though this method has one major limitation; in case of loss of connectivity, it is harder to recover. However, the GNU screen program is used to automatically re-attach in case of dropped connection problems.

1. Begin by installing the update-manager-core package, if it is not already installed as shown.

$ sudo apt install update-manager-core

2. Next, ensure that the prompt line in /etc/update-manager/release-upgrades is set to normal. If that is the case, launch the upgrade tool with the following command.

$ sudo do-release-upgrade 

3. Then follow the on-screen instructions to continue.

You can find more information, especially concerning changes in desktop and server releases, from the Ubuntu 18.04 release notes page.

Source

A little too early, not too late.

Here, we already have a guided installation procedure on the next iteration of the world’s most popular free operating system — Ubuntu 16.04 LTS.

Canonical currently released the first beta images of Ubuntu 16.04; however, there’s no standard Unity flavor at this time and sadly, we won’t be seeing it until the 24th of March – which is the release date for beta 2 — and we should see stable builds emerging in by April 21st — followed by subsequent release candidates.

If you’re worried on how this guide will work with the first point release, worry no more as the installation procedure hasn’t changed so much from the previous releases so if you are familiar with the installation of previously released Ubuntu versions, then you shouldn’t find it too hard breezing through with this one.

Ubuntu 16.04 Xenial Xerus is now official and you can download either the 32bit or 64bit ISO images from herebeforehand.

Once you’ve done that, you may now continue with the installation procedure which is absolutely straight forward; however, if you do run into problems, you can always leave a comment down below.

We also covered on how you can dual boot Ubuntu 16.04 with your current windows 10 or 8 system even though we have a previous guide on that subject here – just call this an updated version.

If you’re looking for Server Edition installation, read our article: Installation of Ubuntu 16.04 Server

As you’re probably familiar with, the installation of multiple OSes in a dual/triple boot configuration requires a bit of technical expertise from your end – as you might have to go into your BIOS or UEFI (on newer systems) to do some manual configuration but that shouldn’t be too difficult.

For systems with legacy BIOS, all you’ll need to do is change the boot order and depending on your system, you might have to press the F2, F10, F12, DEL key to enter your BIOS (you might need to Google your way around that) – while on the latter i.e UEFI, you’d mostly need to disable secure boot and fast boot and enable legacy support — that is, if the OS you’re trying to install doesn’t have UEFI support baked in by default – but, such isn’t the case of Ubuntu Xenial Xerus 16.04 LTS.

Ubuntu 16.04 LTS comes with UEFI support and it should install just fine on your PC – be it in a dual boot fashion or a single install.

As usual, pre-requisites, we must get.

Ubuntu is currently only available as an alpha install and you can proceed and download the most recent daily build image from here.

We’d assume you’ve downloaded the latest stable build from the official Ubuntu mirrors as provided in the links above.

Once, you have your ISO image ready, you may now proceed to creating a bootable disk with Rufus, or universal USB installer. You’d mostly want to go with the former as it’s as straight forward as (making an installable USB) can get – moving forward, get your PC set (plug it in), make sure you’re connected to the internet and you’re good to go.

Note: Given the time at which this article was originally published, the standard Ubuntu flavor is only available in alpha; however, we’ll be update this guide (if needed) once the beta 2 image is available for download and the stable release too.

At this point, we’ve updated the article as promised so you may proceed with full confidence in the procedure.

The curated list of features to be expected with the final build of Ubuntu include:

1. First Ubuntu LTS to ship Systemd as the default service manager.
2. Mir display server.
3. Ubuntu 16.04 will ship in two variants, one with Unity 7 and another with Unity 8. With the latter expected to become standard after the release of 16.10.
4. Unity launcher position change (to whatever side of the screen you want to place it).
5. The server filesystem ZFS will also be implemented in the next LTS release.
6. Linux kernel 4.4 will ship with 16.04 LTS.
7. Considering it being an LTS release, you’ll also get 5 years ongoing software support.
8. Gnome software center to replace Ubuntu’s archaic software center experience.
9. The Ubuntu devs also hope to implement Snappy have implemented Snappy with Unity 7 which is the GUI of Xenial Xerus. however, it’s unlikely that it will be ready be the time Xenial Xerus will be making its way to the market by April.
10. Firmware updates via the Gnome software center is also a possibility.
11. After being severely bashed by privacy advocates, Ubuntu 16.04 LTS will finally turned off by default, the controversial online search (that gathers search results from the likes of Wikipedia and Amazon when you launch the dash to search for something locally stored on your PC). It’s now turned off by default.

Once we have all that cleared up, you may now proceed.

Ubuntu 16.04 Installation Guide

1. First off, plug in your USB drive into the intended install PC after which you’ll power the said system up and boot from USB disk (provided you’ve done the needed BIOS or UEFI configuration as mentioned above).

And you are greeted with what may seem a familiar screen – depending on how much time you’ve had with Ubuntu and derivatives in the past. Well, you want to proceed by clicking the install Ubuntu button but if you’d rather give the system a spin first, then go ahead and select the first option (try Ubuntu).

When you now decide to proceed with the installation, you’ll get a dissimilar welcome screen – thereafter, everything is pretty much the same if you decide to NOT try the OS first.

As you can see on the left bar of both screenshots, you’ll have to choose your language as needed; and this, of course, will be the default (once installed) throughout the system.

2. Next up is your preparation screen and you should tick both options before you continue so you won’t have to go through the hassle of installing updates and codecs after you might have completed the installation. If you are without an internet connection though, the first option will be greyed out, but then you can tick the second and continue your installation.

3. At this point, you have to choose your installation type and the first screenshot is an automated process, even if you have an operating system already installed, the installer will auto-detect it and allow you partition the drive in the next screen with simple sliders that will auto-allocate your assigned space for the Ubuntu partition.

Choose an option as needed and proceed – you may also decide to encrypt your disk or use (LVM) logical volume manager with your Ubuntu installation – but we advise that you select those ONLY if you know what you’re doing.

If you’d prefer to manually partition your disk though for Ubuntu 16.04 dual boot with Windows, go to the end of the article at section Ubuntu 16.04 Manual Partitioning and come back to #5 to continue with the installation.

4. Prompt to confirm that you want the changes to be made to your internal drive; click continue to move onto the next screen.

5. This is where you select your current location; hint: the setup auto-detects your location if you’re connected to the internet.

6. Configure as needed — depending on your type of keyboard and default input language.

7. This is where you enter your user details in the right order – that is, descending; after which you can click continue to proceed to the next screen.

8. Right up next, is the beginning of installation which (depending on your PC hardware), can take a long or short time.

9. At this point, the installation is complete and now, you may restart your PC.

10. Once you’ve restarted, you are now greeted with the login screen where you input your password (or in the case of multiple users select your name) and press enter to continue to the Unity7/8 DE.

11. Ubuntu 16.04 desktop.

Update Ubuntu 16.04

12. A good practice for any Linux user is to update the system once it’s done installing – hence, a brief how-to-update walkthrough.

First off, go on to the Unity dash (which is the square button on the top left corner in the image above and below) and search for “software and updates”, open it and select the “other sources” tab, tick both options (mind you, you’ll be prompted to enter your root password) the software cache is updated and you’re good to go.

Once you have that setup, you may not go to the same dash and type in “terminal” and enter the follow-up commands (consecutively) to update your Ubuntu installation.

$ sudo apt-get update
$ sudo apt-get upgrade

13. The new gnome app store in Ubuntu is perhaps the most prominent feature of the OS and as of this writing, it doesn’t exactly seem to function as expected, however, considering the alpha status of the image I’m using, such things are expected and most issues and whatnot should be ironed out before the “stable” is ready for prime-time in April.

Ubuntu 16.04 Manual Partitioning

Manual partitioning — #3 for those of you that will rather take this route.

3a. Instead of “Erase disk and install Ubuntu”, go ahead and choose the last option “something else”.

3b. Depending on the number of physical drives you have hooked up in your PC, they can be labelled as dev/sda, dev/sdb, dev/sdc and so on. In my case, however, I’ve only got one HD to install Ubuntu in – dev/sda.

3c. Now you may go on and create a partition table.

3d. After you might have done that, you want to proceed and create the partitions you’ll need for Ubuntu (by clicking the + button in the lower area of the partition screen); if you’re on a low specced PC with say, 2GB of RAM, it’s advisable to create a minimum swap partition (equivalent of virtual memory on Windows) that is twice the size of the physical memory. In my case, I have 2GB of RAM so I created a swap partition of 4GB.

In the case where your PC has 8GB (or more) of physical memory, it is rather irrelevant to create a swap space of twice that amount (cause you’ll never get to use even half of it) so it only makes sense to create something not too big – something like 2GB will be just okay.

3e. Once you’re done creating your swap, you can now go ahead and create a root partition with the rest of the free space available. However, if you’d prefer a separate partition for your home folder, you can as well create it, but you’re mostly fine with a single partition.

3f. From the screenshot below, my swap is labelled “/dev/sda1 swap” and my root partition is “/dev/sda2 /”.

3g. lastly, confirm that you want to write the changes to disk and go back to #5 to continue your installation.

If you encounter any difficulty while installing, let us know in the comments below and we’ll respond as quickly as we can.

Source