Tuesday, August 22, 2006


1: Check kernel options.

File systems -->
[*] Quota support
< > Old quota format support
<*> Quota format v2 support

Usually I use Quota format v2, if compiled as a module, it is called "quota_v2".

2: Check whether the "quota" package is installed.
# emerge -av quota

3: Modify /etc/fstab file.
To enable user quota support for that partition, add "usrquota" to the options such as below:
/dev/hda6     /home           reiserfs            noatime,usrquota,grpquota   0 0

To enable group quota, add "grpquota" as well.

4: Remount the partition that you have modified or added in quota support:
# mount -o remount /home

If it does not work, reboot.

5: Quota Check:
# /sbin/quotacheck -cguvamf -F vfsv0

6: Rerun Quota Check for old version (optional)
# /sbin/quotacheck -cguvamf -F vfsold

7: Turn on Quotas:
# /sbin/quotaon -a

To see the report of quotas, issue this command:
# repquota -as

To set a user quota, issue the following command:

NAME is the user
BLOCK-SOFTLIMIT in kilobytes
BLOCK-HARDLIMIT in kilobytes
INODE-SORFLIMIT set it to 0 normally
INODE-HARDLIMIT set it to 0 also

Or use the "edquota" command:
#  edquota -u USERNAME

Hard limit works only when grace period is set. It specifies the absolute limit on the disk usage, which a quota user can't go beyond his hard limit. Users are permitted to exceed their soft limits for a grace period that may be specified per filesystem. Once the grace period has expired, the soft limit is enforced as a hard limit. To set the grace period:
# edquota -ut

Check quota as a user:
$ quota -s

Note: "/etc/init.d/quota start" doesn't work, I don't know why. I have to add "/sbin/quotaon -a" to /etc/conf.d/local.start to activate quota on boot.

Friday, August 04, 2006

Make mplayerplug-in work with Opera

If you have installed mplayerplug-in (3.25) and Opera (9.00) from portage, you'll find that the plug-ins work with mozilla-firefox but not Opera. To make it work, you need to compile it manually. First, unpack the source somewhere:
# tar xzvf /usr/portage/distfiles/mplayerplug-in-3.25.tar.gz -C /tmp
# cd /tmp/mplayerplug-in

Then you need to edit a file:
# nano -w plugingate/np_entry.cpp
Look for lines 108 and 109 - the ones like the following:

if(aNPNFuncs->size < sizeof(NPNetscapeFuncs))          

Comment them out by inserting "//" in front of each line:

//if(aNPNFuncs->size < sizeof(NPNetscapeFuncs))          

# ./configure --enable-x && make
To avoid mixing up the mplayerplug-ins in /opt/netscape/plugins (which work with mozilla-firefox), it's a good idea to install them in /opt/opera/lib/opera/plugins instead:
# cp -vi *.so *.xpt /opt/opera/lib/opera/plugins
and link the other plug-ins in /opt/netscape/plugins there:
# cd /opt/opera/lib/opera/plugins
# ls /opt/netscape/plugins
# ln -s /opt/netscape/plugins/flashplayer.xpt .
# ln -s /opt/netscape/plugins/libflashplayer.so .
# ln -s /opt/netscape/plugins/nphelix.so .
Then you need to prevent Opera from searching plug-ins in /opt/netscape/plugins. To do this, as a user:
$ nano -w ~/.opera/pluginpath.ini
Change the value for "/opt/netscape/plugins=" to 2 or 0.

To test it, start Opera, go to http://www.apple.com/trailers/. If your mplayer has been compiled with right USE flags, you should be able to watch these trailers in Opera now.

Wednesday, August 02, 2006


Again with Gentoo-sources + Reiser4 + Software Suspend 2, it's based on gentoo-sources-2.6.17-r4.

# Copyright 1999-2006 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $

K_WANT_GENPATCHES="base extras"

inherit kernel-2

KEYWORDS="~amd64 ~x86"
HOMEPAGE="http://dev.gentoo.org/~dsd/genpatches http://www.suspend2.net http://www.namesys.com/v4/v4.html"

DESCRIPTION="Full sources including the gentoo patchset, Software Suspend 2 and the Reiser4 patchset"


UNIPATCH_LIST="${DISTDIR}/${SUSPEND2_SRC}.tar.bz2 ${DISTDIR}/reiser4-for-${PV}${R4V}.patch.gz"

SRC_URI="${KERNEL_URI} ${GENPATCHES_URI} ${ARCH_URI} ${SUSPEND2_URI} ftp://ftp.namesys.com/pub/reiser4-for-${KV_MAJOR}.${KV_MINOR}/${PV}/reiser4-for-${PV}${R4V}.patch.gz"

pkg_postinst() {


einfo "For more info on this patchset, and how to report problems, see:"
einfo "${HOMEPAGE}"

Tuesday, August 01, 2006

File security

File protection with chmod

chmod 400 file - To protect a file against accidental overwriting.
chmod 500 directory - To protect yourself from accidentally removing, renaming or moving files from this directory.
chmod 600 file - A private file only changeable by the user who entered this command.
chmod 644 file - A publicly readable file that can only be changed by the issuing user.
chmod 660 file - Users belonging to your group can change this file, others don't have any access to it at all.
chmod 700 file - Protects a file against any access from other users, while the issuing user still has full access.
chmod 755 directory - For files that should be readable and executable by others, but only changeable by the issuing user.
chmod 775 file - Standard file sharing mode for a group.
chmod 777 file - Everybody can do everything to this file.

Logging on to another group

When you type id on the command line, you get a list of all the groups that you can possibly belong to. When initially connecting to a Gentoo system, a user will normally belong to the users group (the primary group for most users). To create new files that will belong to the groups other than the group users, a user can use the newgrp command to log into any of these groups. For example, to create files that are owned by the group audio, type:
$ newgrp audio
without having to use chgrp.

Sticky bit mode

When applied to a directory, it means a user can only change files in this directory when s/he is the user owner of the file or when the file has appropriate permissions. This feature is used on directories like /var/tmp, that have to be accessible for everyone, but where it is not appropriate for users to change or delete each other's data. The sticky bit is indicated by a t at the end of the file permission field:
$ ls -ld /var/tmp
drwxrwxrwt 9 root root 280 Aug 1 16:58 /var/tmp
The sticky bit is set using the command chmod o+t directory.

SGID (set group ID) on a directory

This is the standard way of sharing files in UNIX. Every file created in the directory will have the same group owner as the directory itself (while normal behavior would be that new files are owned by the users who create them). This way, users don't need to worry about file ownership when sharing directories:
$ mkdir ~/music
$ chgrp audio ~/music
$ chmod 775 ~/music
This will enable other users who belong to the audio group to write to the directory. But the files created will belong to the users group instead of the audio group. The solution is to set the SGID bit and all files subsequently placed there will have the group id of the directory automatically:
$ chmod g+s ~/music
Note: Files that are being moved to an SGID directory but were created elsewhere keep their original user and group owner.