How To Install OpenLDAP Server for Centralized Authentication

Lightweight Directory Access Protocol (LDAP in short) is an industry standard, lightweight, widely used set of protocols for accessing directory services. A directory service is a shared information infrastructure for accessing, managing, organizing, and updating everyday items and network resources, such as users, groups, devices, emails addresses, telephone numbers, volumes and many other objects.

The LDAP information model is based on entries. An entry in a LDAP directory represents a single unit or information and is uniquely identified by what is called a Distinguished Name (DN). Each of the entry’s attributes has a type and one or more values.

An attribute is a piece of information associated with an entry. The types are typically mnemonic strings, such as “cn” for common name, or “mail” for email address. Each attribute is assigned one or more values consisting in a space-separated list.

The following is an illustration of how information is arranged in the LDAP directory.

Ldap Information Model

Ldap Information Model

In this article, we will show how to install and configure OpenLDAP server for centralized authentication in Ubuntu 16.04/18.04 and CentOS 7.

Step 1: Installing LDAP Server

1. First start by installing OpenLDAP, an open source implementation of LDAP and some traditional LDAP management utilities using the following commands.

# yum install openldap openldap-servers	    #CentOS 7
$ sudo apt install slapd ldap-utils	    #Ubuntu 16.04/18.04

On Ubuntu, during the package installation, you will be prompted to enter the password for the admin entry in your LDAP directory, set a secure password and confirm it.

Configure Slapd Admin Password

Configure Slapd Admin Password

When the installation is complete, you can start the service as explained next.

2. On CentOS 7, run the following commands to start the openldap server daemon, enable it to auto-start at boot time and check if its up and running (on Ubuntu the service should be auto-started under systemd, you can simply check its status):

$ sudo systemctl start slapd
$ sudo systemctl enable slapd
$ sudo systemctl status slapd

3. Next, allow requests to the LDAP server daemon through the firewall as shown.

# firewall-cmd --add-service=ldap    #CentOS 7
$ sudo ufw allow ldap                #Ubuntu 16.04/18.04

Step 2: Configuring LDAP Server

Note: It is not recommended to manually edit the LDAP configuration, you need to add the configurations in a file and use the ldapadd or ldapmodify command to load them to the LDAP directory as shown below.

4. Now create a OpenLDAP administrative user and assign a password for that user. In the below command, a hashed value is created for the given password, take note of it, you will use it in the LDAP configuration file.

$ slappasswd

Create Ldap Admin User

Create Ldap Admin User

5. Then create an LDIF file (ldaprootpasswd.ldif) which is used to add an entry to the LDAP directory.

$ sudo vim ldaprootpasswd.ldif

Add the following contents in it:

dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}PASSWORD_CREATED

explaining the attribute-value pairs above:

  • olcDatabase: indicates a specific database instance name and can be typically found inside /etc/openldap/slapd.d/cn=config.
  • cn=config: indicates global config options.
  • PASSWORD: is the hashed string obtained while creating the administrative user.

6. Next, add the corresponding LDAP entry by specifying the URI referring to the ldap server and the file above.

$ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f ldaprootpasswd.ldif  

Add Parameters from Root Password File

Add Parameters from Root Password File

Step 3: Configuring LDAP Database

7. Now copy the sample database configuration file for slapd into the /var/lib/ldap directory, and set the correct permissions on the file.

$ sudo cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
$ sudo chown -R ldap:ldap /var/lib/ldap/DB_CONFIG
$ sudo systemctl restart slapd

8. Next, import some basic LDAP schemas from the /etc/openldap/schema directory as follows.

$ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif 
$ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif
$ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif

9. Now add your domain in the LDAP database and create a file called ldapdomain.ldif for your domain.

$ sudo vim ldapdomain.ldif 

Add the following content in it (replace example with your domain and PASSWORD with the hashed value obtained before):

dn: olcDatabase={1}monitor,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth"
  read by dn.base="cn=Manager,dc=example,dc=com" read by * none

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=example,dc=com

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=Manager,dc=example,dc=com

dn: olcDatabase={2}hdb,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}PASSWORD

dn: olcDatabase={2}hdb,cn=config
changetype: modify
add: olcAccess
olcAccess: {0}to attrs=userPassword,shadowLastChange by
  dn="cn=Manager,dc=example,dc=com" write by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=Manager,dc=example,dc=com" write by * read

10. Then add the above configuration to the LDAP database with the following command.

$ sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f ldapdomain.ldif

Load Domain Configuration

Load Domain Configuration

11. In this step, we need to add some entries to our LDAP directory. Create another file called baseldapdomain.ldif with the following content.

dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectclass: organization
o: example com
dc: example

dn: cn=Manager,dc=example,dc=com
objectClass: organizationalRole
cn: Manager
description: Directory Manager

dn: ou=People,dc=example,dc=com
objectClass: organizationalUnit
ou: People

dn: ou=Group,dc=example,dc=com
objectClass: organizationalUnit
ou: Group 

Save the file and then add the entries to the LDAP directory.

$ sudo ldapadd -Y EXTERNAL -x -D cn=Manager,dc=example,dc=com -W -f baseldapdomain.ldif

12. The next step is to create a LDAP user for exampletecmint, and set a password for this user as follows.

$ sudo useradd tecmint
$ sudo passwd tecmint

13. Then create the definitions for a LDAP group in a file called ldapgroup.ldif with the following content.

dn: cn=Manager,ou=Group,dc=example,dc=com
objectClass: top
objectClass: posixGroup
gidNumber: 1005

In the above configuration, gidNumber is the GID in /etc/group for tecmint and add it to the OpenLDAP directory.

$ sudo ldapadd -Y EXTERNAL -x  -W -D "cn=Manager,dc=example,dc=com" -f ldapgroup.ldif

14. Next, create another LDIF file called ldapuser.ldif and add the definitions for user tecmint.

dn: uid=tecmint,ou=People,dc=example,dc=com
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
cn: tecmint
uid: tecmint
uidNumber: 1005
gidNumber: 1005
homeDirectory: /home/tecmint
userPassword: {SSHA}PASSWORD_HERE
loginShell: /bin/bash
gecos: tecmint
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0

then load fthe configuration to the LDAP directory.

$ ldapadd -Y EXTERNAL  -x -D cn=Manager,dc=example,dc=com -W -f  ldapuser.ldif

Once you have setup a central server for authentication, the final part is to enable the client to authenticate using LDAP as explained in this guide:

  1. How to Configure LDAP Client to Connect External Authentication

For more information, see the appropriate documentation from OpenLDAP Software document catalog and Ubuntu users can refer to the OpenLDAP server guide.

Summary

OpenLDAP is a open source implementation of LDAP in Linux. In this article, we have shown how to install and configure OpenLDAP server for centralized authentication, in Ubuntu 16.04/18.04 and CentOS 7. If you have a question or thoughts to share, do not hesitate to reach us via the comment form below.

Source

How to Configure LDAP Client to Connect External Authentication

LDAP (short for Lightweight Directory Access Protocol) is an industry standard, widely used set of protocols for accessing directory services.

A directory service in simple terms is a centralized, network-based database optimized for read access. It stores and provides access to information that must either be shared between applications or is highly distributed.

Directory services play an important role in developing intranet and Internet applications by helping you share information about users, systems, networks, applications, and services throughout the network.

A typical use case for LDAP is to offer a centralized storage of usernames and passwords. This allows various applications (or services) to connect to the LDAP server to validate users.

After setting up a working LDAP server, you will need to install libraries on the client for connecting to it. In this article, we will show how to configure an LDAP client to connect to an external authentication source.

I hope you already having a working LDAP server environment, if not setup Up LDAP Server for LDAP-based Authentication.

How to Install and Configure LDAP Client in Ubuntu and CentOS

On the client systems, you will needs to install a few necessary packages to make authentication mechanism function correctly with an LDAP server.

Configure LDAP Client in Ubuntu 16.04 and 18.04

First start by installing the necessary packages by running the following command.

$ sudo apt update && sudo apt install libnss-ldap libpam-ldap ldap-utils nscd

During the installation, you will be prompted for details of your LDAP server (provide the values according to your environment). Note that the ldap-auth-config package which is auto-installed does the most of the configurations based on the inputs you enter.

Enter LDAP Server URI

Enter LDAP Server URI

Next, enter the name of the LDAP search base, you can use the components of their domain names for this purpose as shown in the screenshot.

Enter LDAP Search Base

Enter LDAP Search Base

Also choose the LDAP version to use and click Ok.

Select LDAP Version

Select LDAP Version

Now configure the option to allow you to make password utilities that use pam to behave like you would be changing local passwords and click Yes to continue..

Make Local Root Database Admin

Make Local Root Database Admin

Next, disable login requirement to the LDAP database using the next option.

Disable Login to LDAP Database

Disable Login to LDAP Database

Also define LDAP account for root and click Ok.

Define LDAP Account for Root

Define LDAP Account for Root

Next, enter the password to use when ldap-auth-config tries to login to the LDAP directory using the LDAP account for root.

Enter LDAP Root Password

Enter LDAP Root Password

The results of the dialog will be stored in the file /etc/ldap.conf. If you want to make any alterations, open and edit this file using your favorite command line editor.

Next, configure the LDAP profile for NSS by running.

$ sudo auth-client-config -t nss -p lac_ldap

Then configure the system to use LDAP for authentication by updating PAM configurations. From the menu, choose LDAP and any other authentication mechanisms you need. You should now be able to log in using LDAP-based credentials.

$ sudo pam-auth-update

Configure PAM Authentication Mechanism

Configure PAM Authentication Mechanism

In case you want the home directory of the user to be created automatically, then you need to perform one more configuration in the common-session PAM file.

$ sudo vim /etc/pam.d/common-session

Add this line in it.

session required pam_mkhomedir.so skel=/etc/skel umask=077

Save the changes and close the file. Then restart the NCSD (Name Service Cache Daemon) service with the following command.

$ sudo systemctl restart nscd
$ sudo systemctl enable nscd

Note: If you are using replication, LDAP clients will need to refer to multiple servers specified in /etc/ldap.conf. You can specify all the servers in this form:

uri ldap://ldap1.example.com  ldap://ldap2.example.com

This implies that the request will time out and if the Provider (ldap1.example.com) becomes unresponsive, the Consumer (ldap2.example.com) will attempt to be reached to process it.

To check the LDAP entries for a particular user from the server, run the getent command, for example.

$ getent passwd tecmint

If the above command displays details of the specified user from the /etc/passwd file, your client machine is now configured to authenticate with the LDAP server, you should be able to log in using LDAP-based credentials.

Configure LDAP Client in CentOS 7

To install the necessary packages, run the following command. Note that in this section, if you are operating the system as a non-root administrative user, use the sudo command to run all commands.

# yum update && yum install openldap openldap-clients nss-pam-ldapd

Next, enable the client system to authenticate using LDAP. You can use the authconfig utility, which is an interface for configuring system authentication resources.

Run the following command and replace example.com with your domain and dc=example,dc=com with your LDAP domain controller.

# authconfig --enableldap --enableldapauth --ldapserver=ldap.example.com --ldapbasedn="dc=example,dc=com" --enablemkhomedir --update

In the above command, the --enablemkhomedir option creates a local user home directory at the first connection if none exists.

Next, test if the LDAP entries for a particular user from the server, for example user tecmint.

$ getent passwd tecmint

The above command should display details of the specified user from the /etc/passwd file, which implies that the client machine is now configured to authenticate with the LDAP server.

Important: If SELinux is enabled on your system, you need to add a rule to allow creating home directories automatically by mkhomedir.

For more information, consult the appropriate documentation from OpenLDAP Software document catalog.

Summary

LDAP, is a widely used protocol for querying and modifying a directory service. In this guide, we have shown how to configure an LDAP client to connect to an external authentication source, in Ubuntu and CentOS client machines. You can leave any questions or comments you may have using the feedback form below.

Source

Setting Up High-Performance ‘HHVM’ and Nginx/Apache with MariaDB on Debian/Ubuntu

HHVM stands for HipHop Virtual Machine, is an open source virtual machine created for running Hack (it’s a programming language for HHVM) and PHP written applications. HHVM uses a last minute compilation path to achieve remarkable performance while keeping the flexibility that PHP programmers are addicted to. Till date, HHVM has achieved over a 9x increase in http request throughput and more than 5x cut in memory utilization (when running on low system memory) for Facebook compared with the PHP engine + APC (Alternative PHP Cache).

HHVM can also be used along with a FastCGI-based web-server like Nginx or Apache.

Install HHVM, Nginx and Apache with MariaDB

Install HHVM, Nginx and Apache with MariaDB

In this tutorial we shall look at steps for setting up Nginx/Apache web server, MariaDB database server and HHVM. For this setup, we will use Ubuntu 15.04 (64-bit) as HHVM runs on 64-bit system only, although Debian and Linux Mint distributions are also supported.

Step 1: Installing Nginx and Apache Web Server

1. First do a system upgrade to update repository list with the help of following commands.

# apt-get update && apt-get upgrade

System Upgrade

System Upgrade

2. As I said HHVM can be used with both Nginx and Apache web server. So, it’s your choice which web server you will going to use, but here we will show you both web servers installation and how to use them with HHVM.

Installing Nginx

In this step, we will install Nginx/Apache web server from the packages repository using following command.

# apt-get install nginx

Install Nginx Web Server

Install Nginx Web Server

Installing Apache

# apt-get install apache2

Install Apache Web Server

Install Apache Web Server

At this point, you should be able to navigate to following URL and you will able to see Nginx or Apache default page.

http://localhost
OR
http://IP-Address
Nginx Default Page

Nginx Welcome Page

Nginx Welcome Page

Apache Default Page

Apache Default Page

Apache Default Page

Step 2: Install and Configure MariaDB

3. In this step, we will install MariaDB, as it providers better performance as compared to MySQL.

# apt-get install mariadb-client mariadb-server

Install MariaDB Database

Install MariaDB Database

4. After MariaDB successful installation, you can start MariaDB and set root password to secure the database:

# systemctl start mysql
# mysql_secure_installation

Answer the following questions by typing y or n and press enter. Make sure you read the instructions carefully before answering the questions.

Enter current password for root (enter for none) = press enter
Set root password? [Y/n] = y
Remove anonymous users[y/n] = y
Disallow root login remotely[y/n] = y
Remove test database and access to it [y/n] = y
Reload privileges tables now[y/n] = y 

5. After setting root password for MariaDB, you can connect to MariaDB prompt with the new root password.

# mysql -u root -p

Step 3: Installation of HHVM

6. At this stage we shall install and configure HHVM. You need to add the HHVM repository to your sources.list file and then you have to update your repository list using following series of commands.

# wget -O - http://dl.hhvm.com/conf/hhvm.gpg.key | apt-key add -
# echo deb http://dl.hhvm.com/ubuntu DISTRIBUTION_VERSION main | sudo tee /etc/apt/sources.list.d/hhvm.list
# apt-get update

Important: Don’t forget to replace DISTRIBUTION_VERSION with your Ubuntu distribution version (i.e. lucid, precise, or trusty.) and also on Debian replace with jessie or wheezy. On Linux Mint installation instructions are same, but petra is the only currently supported distribution.

After adding HHVM repository, you can easily install it as shown.

# apt-get install -y hhvm

Installing HHVM will start it up now, but it not configured to auto start at next system boot. To set auto start at next boot use the following command.

# update-rc.d hhvm defaults

Step 4: Configuring Nginx/Apache to Talk to HHVM

7. Now, nginx/apache and HHVM are installed and running as independent, so we need to configure both web servers to talk to each other. The crucial part is that we have to tell nginx/apache to forward all PHP files to HHVM to execute.

If you are using Nginx, follow this instructions as explained..

By default, the nginx configuration lives under /etc/nginx/sites-available/default and these config looks in /usr/share/nginx/html for files to execute, but it don’t know what to do with PHP.

To make Nginx to talk with HHVM, we need to run the following include script that will configure nginx correctly by placing a hhvm.conf at the beginning of the nginx config as mentioned above.

This script makes the nginx to talk to any file that ends with .hh or .php and send it to HHVM via fastcgi.

# /usr/share/hhvm/install_fastcgi.sh

Configure Nginx for HHVM

Configure Nginx for HHVM

Important: If you are using Apache, there isn’t any configuration is needed now.

8. Next, you need to use /usr/bin/hhvm to provide /usr/bin/php (php) by running this command below.

# /usr/bin/update-alternatives --install /usr/bin/php php /usr/bin/hhvm 60

After all the above steps are done, you can now start HHVM and test it.

# systemctl start hhvm

Step 5: Testing HHVM with Nginx/Apache

9. To verify that hhvm working, you need to create a hello.php file under nginx/apache document root directory.

# nano /usr/share/nginx/html/hello.php       [For Nginx]
OR
# nano /var/www/html/hello.php               [For Nginx and Apache]

Add the following snippet to this file.

<?php
if (defined('HHVM_VERSION')) {
echo 'HHVM is working';
 phpinfo();
}
else {
echo 'HHVM is not working';
}
?>

and then navigate to the following URL and verify to see “hello world“.

http://localhost/info.php
OR
http://IP-Address/info.php

HHVM Page

HHVM Page

If “HHVM” page appears, then it means you’re all set!

Conclusion

These steps are very easy to follow and hope your find this tutorial useful and if you get any error during installation of any packages, post a comment and we shall find solutions together. And any additional ideas are welcome.

Source

How to Install and Use PostgreSQL on Ubuntu 18.04

PostgreSQL (Postgres in short) is an open source, powerful, advanced, high performance and stable relational-document database system. It uses and enhances the SQL language coupled with a large number of features for secure data storage and management.

It is efficient, reliable, and scalable for handling large, complicated volumes of data and setting up enterprise-level and fault-tolerant environments, while ensuring high data integrity. Postgres is also highly extensible with features such as indexes comes with APIs so that you can develop your own solutions to solve your data storage challenges.

In this article, we will explain how to install PostgreSQL on an Ubuntu 18.04 server (also works on older Ubuntu releases) and learn some basic ways to use it.

How to Install PostgreSQL on Ubuntu

First, create a file /etc/apt/sources.list.d/pgdg.list which stores the repository configuration, then import the repository key to your system, update your system packages list and install Postgres package using following commands.

$ sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
$ sudo apt install wget ca-certificates
$ wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
$ sudo apt update
$ sudo apt install postgresql-10 pgadmin4

Once postgres has been installed, the database service started automatically and you can confirm by typing following command.

$ sudo systemctl status postgresql.service

Check PostgreSQL Service

Check PostgreSQL Service

How to Use PostgreSQL Roles and Databases

In postgres, client authentication is controlled by the /etc/postgresql/10/main/pg_hba.conf configuration file. The default authentication method is “peer” for the database administrator, meaning it gets the client’s operating system user name from the operating system and checks if it matches the requested database user name to allow access, for local connections (as shown in the following screenshot).

During the installation process, a system user account called postgres was created without a password, this is also the default database administrator user name.

$ sudo vim /etc/postgresql/10/main/pg_hba.conf

PostgreSQL Configuration File

PostgreSQL Configuration File

In addition, under postgres database access permission management is performed via roles. A role can be considered as either a database user, or a group of database users, depending on how the role is set up.

The default role is also postgres. Importantly, database roles are conceptually fully unconnected to operating system users, but practically they may not be separate (for example when it comes to client authentication).

Importantly, roles can own database objects, and can assign privileges on those objects to other roles to control who has access to which objects. In addition, it is possible to grant membership in a role to another role.

To configure other roles to use encrypted passwords to manage databases assigned to them, apart from the default postgres role, you need to change the line to.

Configure Roles in PostgreSQL

Configure Roles in PostgreSQL

Then restart the postgresql service to apply the recent changes.
$ sudo systemctl restart postgresql

How to Use PostgreSQL on Ubuntu

Once everything setup, you can access the postgres system account with the following command, where the -i flag tells sudo to run the shell specified by the target user’s password database entry as a login shell.

$ sudo -i -u postgres 
$ psql		#to launch the postgres shell program  
postgres=#

To access the postgres shell directly, without first accessing the postgres user account, run the following command.

$ sudo -i -u postgres psql

You can quit/exit the postgres by typing the following command.

postgres=# \q

Create PostgreSQL Database Roles

Create a new user role using the following command.

postgres=# CREATE ROLE tecmint;

To create a role with a LOGIN attribute, use the following command (roles with the LOGIN attribute can be considered the same as a database users).

postgres=#CREATE ROLE tecmint LOGIN;
OR
postgres=#CREATE USER name;	#assumes login function by default

A role can also be created with a password, this is useful if you configured the client authentication method to ask users to supply an encrypted password when connecting to the database.

postgres=#CREATE ROLE tecmint PASSWORD 'passwd_here'

List Existing PostgreSQL Database Roles

To list the existing user roles, use any of these commands.

postgres=# \du 				#shows actual users
OR
postgres=# SELECT rolname FROM pg_roles;

List PostgreSQL Roles

List PostgreSQL Roles

Drop a PostgreSQL Database Role

To drop any existing user role use the DROP ROLE command as shown.

postgres=# DROP ROLE tecmint;

Create a PostgreSQL Database

Once you have created a role with a particular name (for instance tecmint user), you can create a database (with the same name as the role) which will be managed by that role as shown.

postgres=# CREATE DATABASE tecmint;

Now to manage the database tecmint, access the postgres shell as the tecmint role, provide your password as follows.

$ sudo -i -u tecmint psql

Create a PostgreSQL Table

Creating tables is so easy, we will create a test table called authors, which stores information about TecMint.com authors, as shown.

tecmint=>CREATE TABLE authors (
    code      char(5) NOT NULL,
    name    varchar(40) NOT NULL,
    city varchar(40) NOT NULL
    joined_on date NOT NULL,	
    PRIMARY KEY (code)
);

Create PostgreSQL Table

Create PostgreSQL Table

After creating a table, try to populate it with some data, as follows.

tecmint=> INSERT INTO authors VALUES(1,'Ravi Saive','Mumbai','2012-08-15');

To view the data stored in a table, you can run a SELECT command.

tecmint=> SELECT * FROM authors;

Insert Data in PostgreSQL Table

Insert Data in PostgreSQL Table

List PostgreSQL Database Tables

You can list all tables in the current database with the following command.

tecmint=>\dt

List PostgreSQL Database Tables

List PostgreSQL Database Tables

Delete/Drop a PostgreSQL Table

To delete a table in the current database, use the DROP command.

tecmint=> DROP TABLE authors;

List All PostgreSQL Databases

To list all databases, use any of the following commands.

tecmint=>SELECT datname FROM pg_database;
OR
tecmint=>\list	#shows a detailed description 
OR
tecmint=>\l

List PostgreSQL Databases

List PostgreSQL Databases

Delete/Drop a PostgreSQL Database

If you want to delete a database, use the DROP command, for example.

tecmint=>DROP DATABASE tecmint;

Switch to Another PostgreSQL Database

You can also switch from one database to another easily using the following command.

tecmint=>\connect database_name

For more information, refer to the PostgreSQL 10.4 Documentation.

That’s it for now! In this article, we have explained how to install and use PostgreSQL database management system on Ubuntu 18.04. You can send us your queries or thoughts in the comments.

Source

Top 7 Things You’ll Mostly Need to Do After Installing Ubuntu 16.10/16.04

It is that time of the year where we are earnestly anticipating the release of the next LTS version of what is undoubtedly one of the world’s most popular free operating system and if you’re a keen reader of Tecmint, you’ll know by now that we already covered the installation of the next iteration of Ubuntu’s desktop operating system in great detail – if you missed it, we have the link right down below.

Here, I have compiled the things that you will most likely need to do after you might have completed the installation of Ubuntu 16.10 (Yakkety Yak) and installation of Ubuntu 16.04 Xenial Xerus so you might have a stable and safe system to play with.

I’ll try to keep this as concise as possible and not bore you with a terribly long list and you can be sure that this article comprises just about everything you’ll need to have to system humming as you’d like it.

Like I mentioned in the previous install article, the best practice for any Linux user or any PC user for that matter, is to have their PC updated once it’s installed so it may have all the latest security updates, patches and features.

You can either choose to update your system via the GUI-enabled inbuilt system update tool (image below) or if you’d rather do it the terminal way of things, below are self-descriptive images on how to but for the sake of newbies reading through with this, we’ll add a few notes with the images just to makes things a little.

Now let’s get on with this already.

1. Update Ubuntu 16.10/16.04 Xenial Xerus

1. First and foremost, we must update our sources; head on to the Unity dash on the top left corner and type in “software and updates”; open the app, and select the “other software” tab, tick both options, close the app (you’ll be prompted to enter you root PW) and go back to the same dash; this time around, type in “software updater” open the app and it should auto-update sources and show the available update size.

Ubuntu Software Updater

Ubuntu Software Updater

Ubuntu 16.04 Other Software Sources

Ubuntu 16.04 Other Software Sources

Ubuntu 16.04 Updating Cache

Ubuntu 16.04 Updating Cache

Using the preinstalled “software updater”.

Ubuntu Software Updater

Ubuntu Software Updater

Checking for Ubuntu Updates

Checking for Ubuntu Updates

Install Ubuntu Software Updates

Install Ubuntu Software Updates

Enter Root Password to Update Ubuntu

Enter Root Password to Update Ubuntu

Installing Ubuntu Updates

Installing Ubuntu Updates

Using the terminal; you’ll need to enter these commands consecutively.

$ sudo apt-get update
$ sudo apt-get upgrade

Ubuntu 16.04 Update

Ubuntu 16.04 Update

Ubuntu 16.04 Upgrade

Ubuntu 16.04 Upgrade

If you are still feeling a little lost, you may watch the video below that shows how to update Ubuntu 16.04 Xenial Xerus.

2. Install Core Internet Applications

Install some core internet applications; Ubuntu 16.04 Xenial Xerux somes preinstalled with Firefox like every other Ubuntu distro before it however, it’s not the world’s most used browser and still lags behind Chromium – the open source version of Chrome — in terms of features and functionality.

You’ll find Chromium in the new Gnome application manager that ships with Ubuntu Xenial Xerux 16.04 LTS.

The other recommended applications to download include but not limited to:

  1. Skype – One if the world’s most popular VOIP service.
  2. Pidgin – Probably the best IM client.M
  3. Deluge – One of the best torrenting app.
  4. Mega – Free cloud backup with 50GB storage.
  5. CrashPlan – Always have your system backed up either locally or in the cloud for easy recovery later.
  6. Telegram – Privacy-centric multi-platform service.
  7. Uget – Easily one of the best download manager for Linux.
  8. Tor – Download the Tor browser for a complete anonymity online.

3. Install a Replacement Music App – Clementine

Clementine is by far the most superior multi-platform music playing app out there for Linux and it’s feature set is unmatched; it blows every other app out of the water be it VLCRthythmboxAudacious etc.

Perhaps the most prominent feature of Clementine is its ability to connect you to online music streaming services without the need of firing up a web browser or a specific third party app for each service.

You can simply connect your (Premium) Spotify account, Last.fmSky.fmGoogle DriveOnedrive, just to name a few.

Clementine also has its own built-in equalizer and you can download it via the Software center of open up the terminal, input:

$ sudo apt-get install clementine

and should be done in no time.

Don’t Miss: 21 Music Players for Linux Lovers – Worth Trying on Linux

Other noteworthy media applications that we almost always recommend you download include:

  1. VLC – the universal media player that has an extensive list of supported formats.
  2. Audacity – a simple minimalistic audio editing tool for both beginners and pro alike; comes with quite the list of features that will allow you maximize the extent at which you can modify an audio file or even create.
  3. Kodi (formerly XBMC) – the open source home theater submerges you in an entire media-centric universe that will has an extensive support for media files; ranging from your standard .MP3 files to the most obscure formats you can think of, be it under the music, video or photos category; Kodi will most likely have support for it.

Don’t Miss: 10 Best Linux Video Players of Year 2015

Even better, you can customized it to your heart’s content and enjoy an unparalled media experience.

  1. Handbrake – this is another cross platform application that should come in handy whenever you need to quickly convert a video file while still effectively shrinking the size.
  2. Spotify – for those of you that don’t have a premium Spotify subscription but will still like to enjoy the services it provides, then you’re mostly better off with official client for Linux that has a somewhat sub-par experience when compared to the clients on other platforms but should mostly suffice for whatever you throw at it.
Install Spotify on Ubuntu 16.10/16.04

To install Spotify, open up your terminal and enter the follow up commands from the first to the last; one after the other.

$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys BBEBDCB318AD50EC68650906
$ sudo apt-get update
$ sudo apt-get install spotify-client

Openshot – this is by far the most basic and straightforward video editing app available for Linux, that will allow just about anybody to start their hands out at video editing.

The interface is clean and it will help you quickly get things done. Mind you, Openshot does not come anywhere close in term of feature set and functionality when compared other well established tools like Adobe Premiere Pro on Windows, Kdenlive etc.

Don’t Miss: 8 Best Video Editing Softwares for Linux I Found in 2015

It’s just as basic as you can think.

Ubuntu restricted extras – you want to have this installed so you don’t have to worry about any missing codecs that will otherwise not allow some media files to play nice with the defaults of your system if not installed.

GIMP is by far the most popular free image manipulation tool (and perhaps the best alternative to Photoshop) available for Linux.

Don’t Miss: 15 Best Image or Photo Editing Softwares for Linux I Found in 2015

All of the aforementioned applications (except Spotify) are available in the new software center as a free install.

4. Install Synaptics and AppGrid

It is always nice to have alternative sources when it comes to application installation; particularly if you’re not a big fan of the new Software center or maybe you just want something minimalistic without all the bells and whistles? …. Or you just care for something more aesthetically pleasing.

Synaptics has always been there for as long as I can remember and it gives you a similar experience to that of Pamac and Octopi which are frontends for Arch Linux’s package manager.

You still get a GUI that is pretty stripped of all the usuals you’ll normally find on other app sources like comments, ratings and the likes.

CTRL+ALT+T to open up the terminal and type in:

$ sudo apt-get install synaptic

Alternatively, you can download it from the Software center.

Install Synaptic Package Manager

Install Synaptic Package Manager

Synaptic Package Manager on Ubuntu 16.04

Synaptic Package Manager on Ubuntu 16.04

AppGrid on the other hand, can be installed via the terminal by typing in the following commands consecutively.

$ sudo add-apt-repository ppa:appgrid/stable
$ sudo apt-get update
$ sudo apt-get install appgrid

Install Appgrid in Ubuntu 16.04

Install Appgrid in Ubuntu 16.04

Appgrid in Ubuntu 16.04

Appgrid in Ubuntu 16.04

So depending on what you really want, you can have as many as four options to install your apps from – Terminal, Gnome software center, AppGrid, and Synaptics (which is mostly used by power users).

5. Turn Off Online Search Results

The unity dash search results still include options from sources like Wikipedia and Amazon by default which can pose some security threats to the user of the system.

Thankfully though, Canonical has included an option to turn it off since 15.10. Just go to settings ->security and privacy -> select the search tab and turn off include online search results.

Ubuntu Settings Privacy Change

Ubuntu Settings Privacy Change

6. Install Unity Tweak Tool to Customize Ubuntu

Ubuntu’s stock Unity interface has always been barebone and hardly does anything change regards the general look and feel of it with every iteration – I really like to think of it as boring – (especially as an Android fanboy) hence, the need for some cool customization.

Which is where Unity’s tweak tool comes in; it’s available in the Gnome Software center. Download it and make your desktop your OWN.

Install Unity Tweak Tool on Ubuntu 16.04

Install Unity Tweak Tool on Ubuntu 16.04

7. Install Graphics Driver in Ubuntu

Lastly, you want to install the proper graphics driver of your system to enable smooth rendering of the GUI; this would mostly be required too if you’re looking to game with your PC via Steam, Video editing and so on.

Type in “software and updates” in the dash and go to the “additional drivers tab”; select as needed and apply changes.

Install Graphics Driver in Ubuntu

Install Graphics Driver in Ubuntu 16.04

We recommend that you go through with the list and you’ll just be ready to enjoy the rest of the Ubuntu Xenial Xerus experience as long as you need to.

From this point, you can now tailor the system to some other specific needs you might have; thereafter, it’s silky smooth sailing with this LTS release. If you do encounter any problems installing, or configuring the system as guided above, kindly let us know in the comments below.

Source

Initial Ubuntu Server Setup for Beginners

This tutorial will guide you on the first basic steps you need to configure on a new installed Ubuntu server in order to increase security and reliability for your server.

The configurations explained in this topic are almost the same for all Ubuntu server systems, regarding of the underlying OS platform, whether Ubuntu is installed on a bare-metal server, in a private virtual machine or a virtual machine spinned-out in a VPS public cloud.

Requirements

  1. Ubuntu Server Edition installation

Update and Upgrade Ubuntu System

The first step you need to take care of in case of fresh installation of Ubuntu server or a new deployed Ubuntu VPS is to make sure the system and all system components, such as the kernel, the package manager and all other installed packages are up-to-date with the latest released versions and security patches.

To update Ubuntu server, to log in to server’s console with an account with root privileges or directly as root and run the below commands in order to perform the update and upgrade process.

$ sudo apt update 

Update Ubuntu Server

Update Ubuntu Server

 

After running the update command, you will see the number of available packages for upgrading process and the command used for listing the packages upgrades.

$ sudo apt list --upgradable

List Upgrade Ubuntu Packages

List Upgrade Ubuntu Packages

After you’ve consulted the list of packages available for upgrading, issue the below command to start system upgrade process.

$ sudo apt upgrade

Upgrade Ubuntu Server Packages

Upgrade Ubuntu Server Packages

In order to remove all locally downloaded deb packages and all other apt-get caches, execute the below command.

$ sudo apt autoremove
$ sudo apt clean

Autoremove APT Packages and Cache

Autoremove APT Packages and Cache

Create New Account in Ubuntu

By default, as a security measure, the root account is completely disabled in Ubuntu. In order to create a new account on the system, log in to the system with the account user with root privileges and create a new account with the below command.

This new account will be granted with root powers privileges via sudo command and will be used to perform administrative tasks in the system. Make sure you setup a strong password to protect this account. Follow the adduser prompt to setup the user details and password.

$ sudo adduser ubuntu_user

Create User in Ubuntu

Create User in Ubuntu

If this account will be assigned to another system admin, you can force the user to change its password at the first log in attempt by issuing the following command.

$ sudo chage -d0 ubuntu_user

For now, the new added user cannot perform administrative tasks via sudo utility. To grant this new user account with administrative privileges you should add the user to “sudo” system group by issuing the below command.

$ sudo usermod -a -G sudo ubuntu_user

By default, all users belonging to the “sudo” group are allowed to execute commands with root privileges via sudo utility. Sudo command must be used before writing the command needed for execution, as shown in the below example.

$ sudo apt install package_name

Test if the new user has the root privileges granted, by logging in to the system and run the apt updatecommand prefixed with sudo.

$ su - ubuntu_user
$ sudo apt update

Verify New User

Verify New User

Configure System Hostname in Ubuntu

Usually, the machine hostname is set-up during the system installation process or when the VPS is created in the cloud. However, you should change the name of your machine in order to better reflect the destination of your server or to better describe its final purpose.

In a large company, machines are named after complex naming schemes in order to easily identify the machine in datacenter’s racks. For instance, if your Ubuntu machine will operate a mail server, the name of the machine should reflect this fact and you can setup machine hostname as mx01.mydomain.lan, for example.

To show details about your machine hostname run the following command.

$ hostnamectl

In order to change the name of your machine, issue hostnamectl command with the new name you will configure for your machine, as illustrated in the below excerpt.

$ sudo hostnamectl set-hostname tecmint

Verify the new name of your system with one of the below commands.

$ hostname
$ hostname -s
$ cat /etc/hostname 

Set Hostname in Ubuntu Server

Set Hostname in Ubuntu Server

Setup SSH with Public Key Authentication in Ubuntu

To increase system security degree of an Ubuntu server, you should set-up SSH public key authentication for an local account. In order to generate SSH Key Pair, the public and private key, with a specifying a key length, such as 2048 bits, execute the following command at your server console.

Make sure you’re logged in to the system with the user you’re setting up the SSH key.

$ su - ubuntu_user
$ ssh-keygen -t RSA -b 2048

Setup SSH Keys in Ubuntu

Setup SSH Keys in Ubuntu

While the key is generated, you will be prompted to add passphrase in order to secure the key. You can enter a strong passphrase or choose to leave the passphrase blank if you want to automate tasks via SSH server.

After the SSH key has been generated, you can copy the public key to a remote server by executing the below command. To install the public key to the remote SSH server you will need a remote user account with the proper permissions and credentials to log in to remote server.

$ ssh-copy-id remote_user@remote_server

Copy SSH Key to Remote Server

Copy SSH Key to Remote Server

You should be able to automatically log in via SSH to the remote server using the public key authentication method. You won’t need to add the remote user password while using SSH public key authentication.

After you’ve logged in to the remote server, you can start to execute commands, such as w command to list ssh remote logged in users, as shown in the below screenshot.

Type exit in the console to close the remote SSH session.

$ ssh remote_user@remote_server
$ w
$ exit

Verify SSH Passwordless Login

Verify SSH Passwordless Login

To see the content of your public SSH key in order to manually install the key to a remote SSH server, issue the following command.

$ cat ~/.ssh/id_rsa.pub

View SSH Key

View SSH Key

Secure SSH Server in Ubuntu

In order to secure the SSH daemon you should change the default SSH port number from 22 to a random port, higher than 1024, and disallow remote SSH access to the root account via password or key, by opening SSH server main configuration file and make the following changes.

$ sudo vi /etc/ssh/sshd_config

First, search the commented line #Port22 and add a new line underneath (replace the listening port number accordingly):

Port 2345

Don’t close the file, scroll down and search for the line #PermitRootLogin yes, uncomment the line by removing the # sign (hashtag) from the beginning of the line and modify the line to look like shown in the below excerpt.

PermitRootLogin no

Secure SSH Service

Secure SSH Service

Afterwards, restart the SSH server to apply the new settings and test the configuration by trying to log in from a remote machine to this server with the root account via the new port number. The access to root account via SSH should be restricted.

$ sudo systemctl restart sshd

Also, run netstat or ss command and filter the output via grep in order to show the new listening port number for SSH server.

$ sudo ss -tlpn| grep ssh
$ sudo netstat -tlpn| grep ssh

Verify SSH Port

Verify SSH Port

There are situations where you might want to automatically disconnect all remote SSH connections established into your server after a period of inactivity.

In order to enable this feature, execute the below command, which adds the TMOUT bash variable to your account .bashrc hidden file and forces every SSH connection made with the name of the user to be disconnected or dropped-out after 5 minutes of inactivity.

$ echo 'TMOUT=300' >> .bashrc

Run tail command to check if the variable has been correctly added at the end of .bashrc file. All subsequent SSH connections will be automatically closed after 5 minutes of inactivity from now on.

$ tail .bashrc

In the below screenshot, the remote SSH session from drupal machine to Ubuntu server via ubuntu_user account has been timed out and auto-logout after 5 minutes.

Auto Disconnect SSH Sessions

Auto Disconnect SSH Sessions

Configure Ubuntu Firewall UFW

Every server needs a well configured firewall in order to secure the system at network level. Ubuntu server uses UFW application to manage the iptables rules on the server.

Check the status of UFW firewall application in Ubuntu by issuing the below commands.

$ sudo systemctl status ufw
$ sudo ufw status

Check UFW Firewall Status

Check UFW Firewall Status

Usually, the UFW firewall daemon is up and running in Ubuntu server, but the rules are not applied by default. Before enabling UFW firewall policy in you system, first you should add a new rule to allow SSH traffic to pass through firewall via the changed SSH port. The rule can be added by executing the below command.

$ sudo ufw allow 2345/tcp

After you’ve allowed SSH traffic, you can enable and check UFW firewall application with the following commands.

$ sudo ufw enable
$ sudo ufw status

Open SSH Port and Verify

Open SSH Port and Verify

To add new firewall rules for other network services subsequently installed on your server, such as HTTP server, a mail server or other network services, use the below firewall commands examples as guide.

$ sudo ufw allow http  #allow http traffic
$ sudo ufw allow proto tcp from any to any port 25,443  # allow https and smtp traffic

To list all firewall rules run the below command.

$ sudo ufw status verbose

Check UFW Firewall Rules

Check UFW Firewall Rules

Set Ubuntu Server Time

To control or query Ubuntu server clock and other related time settings, execute timedatectl command with no argument.

In order to change your server’s time zone settings, first execute timedatectl command with list-timezones argument to list all available time zones and, then, set the time zone of your system as shown in the below excerpt.

$ sudo timedatectl 
$ sudo timedatectl list-timezones 
$ sudo timedatectl set-timezone Europe/Vienna

Set Ubuntu Timezone

Set Ubuntu Timezone

The new systemd-timesyncd systemd daemon client can be utilized in Ubuntu in order to provide an accurate time for your server across network and synchronize time with an upper time peer server.

To apply this new feature of Systemd, modify systemd-timesyncd daemon configuration file and add the closest geographically NTP servers to NTP statement line, as shown in the below file excerpt:

$ sudo nano /etc/systemd/timesyncd.conf

Add following configuration to timesyncd.conf file:

[Time]
NTP=0.pool.ntp.org 1.pool.ntp.org
FallbackNTP=ntp.ubuntu.com

NTP Time Configuration

NTP Time Configuration

To add your nearest geographically NTP servers, consult the NTP pool project server list at the following address: http://www.pool.ntp.org/en/

Afterwards, restart the Systemd timesync daemon to reflect changes and check daemon status by running the below commands. After restart, the daemon will start to sync time with the new ntp server peer.

$ sudo systemctl restart systemd-timesyncd.service 
$ sudo systemctl status systemd-timesyncd.service

Start TimeSyncd Service

Start TimeSyncd Service

Disable and Remove Unneeded Services in Ubuntu

In order to get a list of all TCP and UDP network services up-and-running by default in your Ubuntu server, execute the ss or netstat command.

$ sudo netstat -tulpn
OR
$ sudo ss -tulpn

List All Running Services

List All Running Services

Staring with Ubuntu 16.10 release, the default DNS resolver is now controlled by systemd-resolved service, as revealed by the output of netstat or ss commands.

You should also check the systemd-resolved service status by running the following command.

$ sudo systemctl status systemd-resolved.service

Check Systemd Resolved Status

Check Systemd Resolved Status

The systemd-resolved service binds on all enabled network interfaces and listens on ports 53 and 5355 TCPand UDP.

Running system-resolved caching DNS daemon on a production server can be dangerous due to the numerous number of DDOS attacks performed by malicious hackers against unsecured DNS servers.

In order to stop and disable this service, execute the following commands.

$ sudo systemctl stop systemd-resolved
$ sudo systemctl disable systemd-resolved

Disable Systemd Resolved Service

Disable Systemd Resolved Service

Verify if the service has been stopped and disabled by issuing ss or netstat command. The systemd-resolved listening ports, 53 and 5355 TCP and UDP, should not be listed in netstat or ss command output, as illustrated in the below.

You should also reboot the machine in order to completely disable all systemd-resolved daemon services and restore the default /etc/resolv.conf file.

$ sudo ss -tulpn
$ sudo netstat -tulpn
$ sudo systemctl reboot

Verify All Running Services

Verify All Running Services

Although, you’ve disabled some unwanted networking services to run in your server, there are also other services installed and running in your system, such as lxc process and snapd service. These services can be easily detected via pstop or pstree commands.

$ sudo ps aux
$ sudo top
$ sudo pstree

List Running Services in Tree Format

List Running Services in Tree Format

In case you’re not going to use LXC container virtualization in your server or start installing software packaged via Snap package manager, you should completely disable and remove these services, by issuing the below commands.

$ sudo apt autoremove --purge lxc-common lxcfs
$ sudo apt autoremove --purge snapd

That’s all! Now, Ubuntu server is now prepared for installing additional software needed for custom network services or applications, such as installing and configuring a web server, a database server, a file share service or other specific applications.

Source

Installation of Ubuntu 16.04 Server Edition (classics retro)

Ubuntu Server 16.04, also named Xenial Xerus, has been released by Canonical and it’s now ready for installation.

The details about this new LTS version can be found on the previous article: How to upgrade Ubuntu 15.10 to 16.04.

This topic will guide you on how you can install Ubuntu 16.04 Server Edition with Long Time Support on your machine.

If you’re looking for Desktop Edition, read our previous article: Installation of Ubuntu 16.04 Desktop

Requirements

  1. Ubuntu 16.04 Server ISO Image

Install Ubuntu 16.04 Server Edition

1. On the first step visit the above link and download the latest version of Ubuntu Server ISO image on your computer.

Once the image download completes, burn it to a CD or create a bootable USB disk using Unbootin (for BIOS machines) or Rufus (for UEFI machines).

2. Place the bootable media intro the appropriate drive, start-up the machine and instruct the BIOS/UEFI by pressing a special function key (F2F11F12) to boot-up from the inserted USB/CD drive.

In a few seconds you will be presented with the first screen of Ubuntu installer. Select your language to perform the installation and hit Enter key to move to the next screen.

Choose Ubuntu 16.04 Server Installation Language

Choose Ubuntu 16.04 Server Installation Language

3. Next, select the first option, Install Ubuntu Server and press Enter key to continue.

Install Ubuntu 16.04 Server

Install Ubuntu 16.04 Server

4. Select the language you with to install the system and press Enter again to continue further.

Select Language for Ubuntu 16.04 Server

Select Language for Ubuntu 16.04 Server

5. On the next series of screen choose your physical location from the presented list. If your location is different than the ones offered on the first screen, select other and hit Enter key, then select the location based on your continent and country. This location will be also used by the timezone system variable. Use the below screenshots as a guide.

Choose Location for Ubuntu 16.04 Server

Choose Location for Ubuntu 16.04 Server

Select Country Region

Select Country Region

Select Area Location

Select Area Location

6. Assign the locales and keyboard settings for your system as illustrated below and hit Enter to continue the installation setup.

Configure Locales

Configure Locales

Configure Keyboard Layout

Configure Keyboard Layout

7. The installer will load a series of additional components required for the next steps and will automatically configure your network settings in case you have a DHCP server on the LAN.

Because this installation is intended for a server it’s a good idea to setup a static IP address for your network interface.

To do this you can interrupt the automatic network configuration process by pressing on Cancel or once the installer reaches hostname phase you can hit on Go Back and choose to Configure network manually.

Set Ubuntu 16.04 Hostname

Set Ubuntu 16.04 Hostname

Configure Network Manually

Configure Network Manually

8. Enter your network settings accordingly (IP Address, netmask, gateway and at least two DNS nameservers) as illustrated on the below images.

Set Static IP Address on Ubuntu 16.04

Set Static IP Address on Ubuntu 16.04

Configure Network Mask for Ubuntu 16.04

Configure Network Mask for Ubuntu 16.04

Configure Network Gateway for Ubuntu 16.04

Configure Network Gateway for Ubuntu 16.04

Configure Network DNS on Ubuntu 16.04

Configure Network DNS on Ubuntu 16.04

9. On the next step setup a descriptive hostname for your machine and a domain (not necessary required) and hit on Continue to move to the next screen. This step concludes the network settings.

Set Ubuntu 16.04 Server Hostname

Set Ubuntu 16.04 Server Hostname

Set Ubuntu 16.04 Domain Name

Set Ubuntu 16.04 Domain Name

 

10. On this step the installer prompts you to setup a username and a password for your system. This username will be granted by the system with sudo powers, so, technically, this user will be the supreme administrator next to root account (which is disabled by default).

Thus, choose an inspired username, maybe hard to guess for security reasons, with a strong password and hit on Continue. Choose not to encrypt your home directory and press Enter to continue further.

Setup User and Password

Setup User and Password

11. Next, the installer will automatically set your clock based on the physical location configured earlier. In case the location is correctly chosen hit on Yes to continue to disk partition layout.

Configure System Clock

Configure System Clock

12. On the next step you can choose the method that will be used to slice up your disk. For instance, if you need to create custom partition scheme (such as /home/var/boot etc) choose Manual method.

For a general purpose server you can stick to Guided with LVM method as illustrated below, which automatically creates the partitions on your behalf.

Select Partition Method

Select Partition Method

13. Next, select the disk that will be used by the installer to create partitions and press Enter key.

Select Disk Partition

Select Disk Partition

14. Answer with Yes at the next screen in order to commit changes to disk with LVM scheme and hit on Continue to use the entire disk space for guided partitions.

Add Disk Partition Size

Add Disk Partition Size

Confirm Disk Partition Changes

Confirm Disk Partition Changes

15. Finally, approve for the last time the changes to be written to disk by pressing on Yes and the installation will now begin. From this step on all the changes will be committed to disk.

Confirm Disk Partition Changes

Confirm Disk Partition Changes

Installing Ubuntu 16.04 Server

Installing Ubuntu 16.04 Server

16. In case your system is behind a proxy or a firewall use the next screen to bypass the network restrictions, otherwise just leave it black and hit on Continue.

Configure System Package Manager

Configure System Package Manager

17. Next, the installer will configure apt repositories and will install the selected software. After it finishes the installation tasks a new screen will appear which will ask you how to manage the upgrade process. Select Noautomatic updates for now (you will manually select what updates are necessary) and hit Enter key to continue.

Manage Ubuntu 16.04 Upgrades

Manage Ubuntu 16.04 Upgrades

18. On the next step you will be asked to select what software to install. Select only standard system utilities and OpenSSH server (if you require remote access) by pressing the spacebar key and hit on Continue.

System Software Selection

System Software Selection

19. Once the installer finishes installing the software, a new screen will prompt you whether to install the Grubboot loader to hard disk MBR (first 512 byte sector). Obviously without the GRUB you can’t boot up your system after restart, so hit on Yes to continue with the installation.

Install Grub Boot Loader

Install Grub Boot Loader

20. Finally, after the boot loader is written to Hard Disk MBR, the installation process finishes. Hit on Continue to reboot the machine and remove the installation media.

Finish Ubuntu 16.04 Server Installation

Finish Ubuntu 16.04 Server Installation

21. After reboot, login to your system console using the credentials configured during the installation process and you’re good to go on production with your server.

Ubuntu 16.04 Server Login Prompt

Ubuntu 16.04 Server Login Prompt

That’s all! Keep in mind that this version of Ubuntu has official maintenance support from Canonical until 2021for hardware, bugs, software and security updates.

Source

How to Upgrade to Ubuntu 18.04 Bionic Beaver

Ubuntu 18.04 LTS (codenamed “Bionic Beaver”) stable version has been released. It will be supported for 5 years until April 2023.

In this article, we will explain how to upgrade to Ubuntu 18.04 Bionic Beaver from Ubuntu 16.04 LTS or 17.10.

What’s New in Ubuntu 18.04

Before we proceed to the upgrade instructions, let’s look at some of the base system new features and changes in 18.04:

  • Ships in with Linux kernel 4.15.
  • OpenJDK 10 is the default JRE/JDK.
  • Gcc is now set to default to compile applications.
  • The default CIFS/SMB protocol version change in CIFS mounts.
  • Supports mitigations to protect against Spectre and Meltdown.
  • Bolt and thunderbolt-tools have been promoted to main.
  • Libteam which is available in the Network manager, offers teaming support.
  • Systemd-resolved is the default resolver.
  • ifupdown has been deprecated in favor of netplan.io, in new installs.
  • networkctl command can be used to view a summary of network devices.
  • GPG binary is provided by gnupg2.
  • Swap file will be used by default instead of a swap partition, in new installs.
  • Python 2 is no longer comes preinstalled, and Python 3 has been updated to 3.6.
  • For new installs, the installer no longer offers the encrypted home option using ecryptfs-utils.
  • OpenSSH no longer uses RSA keys smaller than 1024 bits and much more under desktop and server versions.

Warning: Start by backing up your existing Ubuntu installation or important files (documents, images and many more), before performing an upgrade. This is recommended because, sometimes, upgrades do not go well as planned.

A backup will ensure that your data remains intact, and you can recover it, in case of any failures during the upgrade process, that could lead to data loss.

Upgrade to Ubuntu 18.04 Desktop

1. First of all, ensure that your existing Ubuntu system is up-to-date, otherwise run the commands below to update the apt package source cache and perform an upgrade of installed packages, to the latest versions.

$ sudo apt update
$ sudo apt upgrade 

Then, restart your system to finish installing the updates.

2. Next, launch the “Software & Updates” application from System Settings.

Ubuntu Software and Updates

Ubuntu Software and Updates

3. Then click on the third Tab “Updates”.

Select Updates

Select Updates

4. Next, On Ubuntu 17.04, set the “Notify me of a new Ubuntu version” dropdown menu to “For any new version”. You will be asked to authenticate, enter your password to continue. On Ubuntu 16.04, leave this setting to “For long-term support versions”.

Notify New Ubuntu Version

Notify New Ubuntu Version

5. Then search for “Software Updater” and launch it or open a terminal and run the update-manager command as shown.

$ update-manager -cd 

The update manager should open up and inform you like this: New distribution release ‘18.04’ is available.

Run Update Manager

Run Update Manager

6. Next, click on “Upgrade” and enter your password to continue. Then you will be shown the Ubuntu 18.04release notes page. Read through it and click Upgrade.

Upgrade to Ubuntu 18.04

Upgrade to Ubuntu 18.04

7. Now your upgrade process will start as shown in the following screenshot.

Ubuntu Upgrade Process

Ubuntu Upgrade Process

8. Read the details of the upgrade and confirm that you want to upgrade by clicking on “Start Upgrade”.

Start Ubuntu Upgrade

Start Ubuntu Upgrade

9. Once you have confirmed that you want the upgrade, the update manager will start downloading Ubuntu 18.04 packages as shown in the following screenshot. When all packages have been retrieved, the process can not be canceled. You can click on “Terminal” to see how the upgrade process is unfolding.

Downloading Ubuntu 18.04 Packages

Downloading Ubuntu 18.04 Packages

10. Afterwards, all the Ubuntu 18.04 packages will be installed on the system (this will take some time), then you will be asked to either remove or keep obsolete packages. After clean up and restart the system to complete the upgrade.

Restart Ubuntu to Complete Upgrade

Restart Ubuntu to Complete Upgrade

11. Then, you can login and start using Ubuntu 18.04 LTS.

Ubuntu 18.04 Login

Ubuntu 18.04 Login

Ubuntu 18.04 Desktop

Ubuntu 18.04 Desktop

Ubuntu 18.04 Summary

Ubuntu 18.04 Summary

Upgrade to Ubuntu 18.04 Server

If you do not have physical access to your server, the upgrade can be performed over SSH, though this method has one major limitation; in case of loss of connectivity, it is harder to recover. However, the GNU screen program is used to automatically re-attach in case of dropped connection problems.

1. Begin by installing the update-manager-core package, if it is not already installed as shown.

$ sudo apt install update-manager-core

2. Next, ensure that the prompt line in /etc/update-manager/release-upgrades is set to normal. If that is the case, launch the upgrade tool with the following command.

$ sudo do-release-upgrade 

3. Then follow the on-screen instructions to continue.

You can find more information, especially concerning changes in desktop and server releases, from the Ubuntu 18.04 release notes page.

Source

Ubuntu 16.04 LTS (Xenial Xerus) Installation Guide (classics retro).

A little too early, not too late.

Here, we already have a guided installation procedure on the next iteration of the world’s most popular free operating system — Ubuntu 16.04 LTS.

Canonical currently released the first beta images of Ubuntu 16.04; however, there’s no standard Unity flavor at this time and sadly, we won’t be seeing it until the 24th of March – which is the release date for beta 2 — and we should see stable builds emerging in by April 21st — followed by subsequent release candidates.

If you’re worried on how this guide will work with the first point release, worry no more as the installation procedure hasn’t changed so much from the previous releases so if you are familiar with the installation of previously released Ubuntu versions, then you shouldn’t find it too hard breezing through with this one.

Ubuntu 16.04 Xenial Xerus is now official and you can download either the 32bit or 64bit ISO images from herebeforehand.

Once you’ve done that, you may now continue with the installation procedure which is absolutely straight forward; however, if you do run into problems, you can always leave a comment down below.

We also covered on how you can dual boot Ubuntu 16.04 with your current windows 10 or 8 system even though we have a previous guide on that subject here – just call this an updated version.

If you’re looking for Server Edition installation, read our article: Installation of Ubuntu 16.04 Server

As you’re probably familiar with, the installation of multiple OSes in a dual/triple boot configuration requires a bit of technical expertise from your end – as you might have to go into your BIOS or UEFI (on newer systems) to do some manual configuration but that shouldn’t be too difficult.

For systems with legacy BIOS, all you’ll need to do is change the boot order and depending on your system, you might have to press the F2F10F12DEL key to enter your BIOS (you might need to Google your way around that) – while on the latter i.e UEFI, you’d mostly need to disable secure boot and fast boot and enable legacy support — that is, if the OS you’re trying to install doesn’t have UEFI support baked in by default – but, such isn’t the case of Ubuntu Xenial Xerus 16.04 LTS.

Ubuntu 16.04 LTS comes with UEFI support and it should install just fine on your PC – be it in a dual boot fashion or a single install.

As usual, pre-requisites, we must get.

Ubuntu is currently only available as an alpha install and you can proceed and download the most recent daily build image from here.

We’d assume you’ve downloaded the latest stable build from the official Ubuntu mirrors as provided in the links above.

Once, you have your ISO image ready, you may now proceed to creating a bootable disk with Rufus, or universal USB installer. You’d mostly want to go with the former as it’s as straight forward as (making an installable USB) can get – moving forward, get your PC set (plug it in), make sure you’re connected to the internet and you’re good to go.

Note: Given the time at which this article was originally published, the standard Ubuntu flavor is only available in alpha; however, we’ll be update this guide (if needed) once the beta 2 image is available for download and the stable release too.

At this point, we’ve updated the article as promised so you may proceed with full confidence in the procedure.

The curated list of features to be expected with the final build of Ubuntu include:

  1. First Ubuntu LTS to ship Systemd as the default service manager.
  2. Mir display server.
  3. Ubuntu 16.04 will ship in two variants, one with Unity 7 and another with Unity 8. With the latter expected to become standard after the release of 16.10.
  4. Unity launcher position change (to whatever side of the screen you want to place it).
  5. The server filesystem ZFS will also be implemented in the next LTS release.
  6. Linux kernel 4.4 will ship with 16.04 LTS.
  7. Considering it being an LTS release, you’ll also get 5 years ongoing software support.
  8. Gnome software center to replace Ubuntu’s archaic software center experience.
  9. The Ubuntu devs also hope to implement Snappy have implemented Snappy with Unity 7 which is the GUI of Xenial Xerus. however, it’s unlikely that it will be ready be the time Xenial Xerus will be making its way to the market by April.
  10. Firmware updates via the Gnome software center is also a possibility.
  11. After being severely bashed by privacy advocates, Ubuntu 16.04 LTS will finally turned off by default, the controversial online search (that gathers search results from the likes of Wikipedia and Amazon when you launch the dash to search for something locally stored on your PC). It’s now turned off by default.

Ubuntu Settings Privacy Change

Ubuntu Settings Privacy Change

Once we have all that cleared up, you may now proceed.

Ubuntu 16.04 Installation Guide

1. First off, plug in your USB drive into the intended install PC after which you’ll power the said system up and boot from USB disk (provided you’ve done the needed BIOS or UEFI configuration as mentioned above).

And you are greeted with what may seem a familiar screen – depending on how much time you’ve had with Ubuntu and derivatives in the past. Well, you want to proceed by clicking the install Ubuntu button but if you’d rather give the system a spin first, then go ahead and select the first option (try Ubuntu).

Ubuntu 16.04 Installation

Ubuntu 16.04 Installation

When you now decide to proceed with the installation, you’ll get a dissimilar welcome screen – thereafter, everything is pretty much the same if you decide to NOT try the OS first.

As you can see on the left bar of both screenshots, you’ll have to choose your language as needed; and this, of course, will be the default (once installed) throughout the system.

2. Next up is your preparation screen and you should tick both options before you continue so you won’t have to go through the hassle of installing updates and codecs after you might have completed the installation. If you are without an internet connection though, the first option will be greyed out, but then you can tick the second and continue your installation.

Preparing to Install Ubuntu 16.04

Preparing to Install Ubuntu 16.04

3. At this point, you have to choose your installation type and the first screenshot is an automated process, even if you have an operating system already installed, the installer will auto-detect it and allow you partition the drive in the next screen with simple sliders that will auto-allocate your assigned space for the Ubuntu partition.

Choose an option as needed and proceed – you may also decide to encrypt your disk or use (LVM) logical volume manager with your Ubuntu installation – but we advise that you select those ONLY if you know what you’re doing.

If you’d prefer to manually partition your disk though for Ubuntu 16.04 dual boot with Windows, go to the end of the article at section Ubuntu 16.04 Manual Partitioning and come back to #5 to continue with the installation.

Select Ubuntu 16.04 Installation Type

Select Ubuntu 16.04 Installation Type

4. Prompt to confirm that you want the changes to be made to your internal drive; click continue to move onto the next screen.

Write Changes to Disk

Write Changes to Disk

5. This is where you select your current location; hint: the setup auto-detects your location if you’re connected to the internet.

Select Current Location

Select Current Location

6. Configure as needed — depending on your type of keyboard and default input language.

Select Keyboard Layout

Select Keyboard Layout

7. This is where you enter your user details in the right order – that is, descending; after which you can click continue to proceed to the next screen.

Create User Account

Create User Account

8. Right up next, is the beginning of installation which (depending on your PC hardware), can take a long or short time.

Ubuntu 16.04 Installation Process

Ubuntu 16.04 Installation Process

9. At this point, the installation is complete and now, you may restart your PC.

Ubuntu 16.04 Installation Complete

Ubuntu 16.04 Installation Complete

10. Once you’ve restarted, you are now greeted with the login screen where you input your password (or in the case of multiple users select your name) and press enter to continue to the Unity7/8 DE.

Ubuntu 16.04 Login Screen

Ubuntu 16.04 Login Screen

11. Ubuntu 16.04 desktop.

Ubuntu 16.04 Desktop Loading

Ubuntu 16.04 Desktop Loading

Ubuntu 16.04 Desktop with Applications

Ubuntu 16.04 Desktop with Applications

Update Ubuntu 16.04

12. A good practice for any Linux user is to update the system once it’s done installing – hence, a brief how-to-update walkthrough.

First off, go on to the Unity dash (which is the square button on the top left corner in the image above and below) and search for “software and updates”, open it and select the “other sources” tab, tick both options (mind you, you’ll be prompted to enter your root password) the software cache is updated and you’re good to go.

Ubuntu 16.04 Software and Updates

Ubuntu 16.04 Software and Updates

Ubuntu 16.04 Other Software Sources

Ubuntu 16.04 Other Software Sources

Ubuntu 16.04 Updating Cache

Ubuntu 16.04 Updating Cache

Once you have that setup, you may not go to the same dash and type in “terminal” and enter the follow-up commands (consecutively) to update your Ubuntu installation.

$ sudo apt-get update
$ sudo apt-get upgrade

Ubuntu 16.04 Update

Ubuntu 16.04 Update

Ubuntu 16.04 Upgrade

Ubuntu 16.04 Upgrade

13. The new gnome app store in Ubuntu is perhaps the most prominent feature of the OS and as of this writing, it doesn’t exactly seem to function as expected, however, considering the alpha status of the image I’m using, such things are expected and most issues and whatnot should be ironed out before the “stable” is ready for prime-time in April.

Ubuntu 16.04 Gnome Software Center

Ubuntu 16.04 Gnome Software Center

Ubuntu 16.04 Manual Partitioning

Manual partitioning — #3 for those of you that will rather take this route.

3a. Instead of “Erase disk and install Ubuntu”, go ahead and choose the last option “something else”.

Ubuntu 16.04 Manual Partitioning

Ubuntu 16.04 Manual Partitioning

3b. Depending on the number of physical drives you have hooked up in your PC, they can be labelled as dev/sdadev/sdbdev/sdc and so on. In my case, however, I’ve only got one HD to install Ubuntu in – dev/sda.

Ubuntu 16.04 Select Installation Partition

Ubuntu 16.04 Select Installation Partition

3c. Now you may go on and create a partition table.

Create New Partition Table for Ubuntu 16.04

Create New Partition Table for Ubuntu 16.04

3d. After you might have done that, you want to proceed and create the partitions you’ll need for Ubuntu (by clicking the + button in the lower area of the partition screen); if you’re on a low specced PC with say, 2GB of RAM, it’s advisable to create a minimum swap partition (equivalent of virtual memory on Windows) that is twice the size of the physical memory. In my case, I have 2GB of RAM so I created a swap partition of 4GB.

Create Swap Partition for Ubuntu 16.04

Create Swap Partition for Ubuntu 16.04

In the case where your PC has 8GB (or more) of physical memory, it is rather irrelevant to create a swap space of twice that amount (cause you’ll never get to use even half of it) so it only makes sense to create something not too big – something like 2GB will be just okay.

3e. Once you’re done creating your swap, you can now go ahead and create a root partition with the rest of the free space available. However, if you’d prefer a separate partition for your home folder, you can as well create it, but you’re mostly fine with a single partition.

Create Root Partition for Ubuntu 16.04

Create Root Partition for Ubuntu 16.04

3f. From the screenshot below, my swap is labelled “/dev/sda1 swap” and my root partition is “/dev/sda2 /”.

Ubuntu 16.04 Custom Partition Table

Ubuntu 16.04 Custom Partition Table

3g. lastly, confirm that you want to write the changes to disk and go back to #5 to continue your installation.

Confirm Ubuntu 16.04 Partition Changes

Confirm Ubuntu 16.04 Partition Changes

If you encounter any difficulty while installing, let us know in the comments below and we’ll respond as quickly as we can.

Source

How to Install and Run VLC Media Player as Root in Linux

VLC is a free and open source cross-platform multimedia player, encoder and streamer that works. It is a very popular (and possibly the most used) media player out there.

Some of its notable features include support for almost all (if not most) multimedia files, it also supports Audio CDs, VCDs, and DVDs. Additionally, VLC supports various streaming protocols enabling users to stream content over a network.

Suggested Read: 10 Best Open Source Media Players for Linux

In this article, we will show you a simple hack that will enable you to run VLC media player as root user in Linux.

Note: There is a reason why VLC won’t run in a root account (or can’t be run as root), so because the root account is for system maintenance only, not for everyday activities.

Install VLC Player in Linux

Installing VLC is so easy, it is available in official repositories of mainstream Linux distros, just run the following command on your respective Linux distribution.

$ sudo apt install vlc   	 #Debain/Ubuntu
$ sudo yum install vlc 	         #RHEL/CentOS
$ sudo dnf install vlc   	 #Fedora 22+

If you are running your Linux system as root, for example Kali Linux, you’ll get the error below when you try to run VLC.

"VLC is not supposed to be run as root. Sorry. If you need to use real-time priorities and/or privileged TCP ports you can use vlc-wrapper (make sure it is Set-UID root and cannot be run by non-trusted users first)."

Alternative Ways to Run VLC as Root User

Run the sed command below to make changes in the VLC binary file, it will replace the geteuid variable (which determines the effective user ID of the calling process) with getppid (which will determine the parent process ID of the calling process).

In this command, ‘s/geteuid/getppid/‘ (regexp=geteuid, replacement=getppid) does the magic.

$ sudo sed -i 's/geteuid/getppid/' /usr/bin/vlc

Alternatively, edit the VLC binary file using a hex-editor such as blesshexeditor. Then search for geteuid string and replace it with getppid, save the file and exit.

Yet again, another way around this is to download and compile the VLC source code by passing the --enable-run-as-root flag to ./configure and VLC should be able to run as root.

That’s all! You should now run VLC as root user in Linux. To share any thoughts, use the feedback form below.

Source

WP2Social Auto Publish Powered By : XYZScripts.com