Default Xorg Resolution

Recent versions of Linux and the Xorg X-Windows system have been engineered to require very little configuration settings to properly detect graphics options and display resolutions. In most cases graphics should “just work”.

The Xorg system stores all its configuration options in the file: xorg.conf. Many distributions including Fedora and CentOS keep this file in the /etc/X11/ directory. In the past this file would contain a great deal of information that was not easy to setup. However as of recent releases, this file is not required for graphics to work correctly. Both Fedora and CentOS will provide a very minimal xorg.conf file if required.

Typically the proper resolution for your display will be detected at run time. While this is great for most users, it often leads to strange resolutions or blank screens depending on your monitor or LCD screen.

EDIT: If you have NO file at all, on the Fedora wiki is: How to create xorg.conf. This works for both Fedora and CentOS.
There are two solutions if you have no xorg.conf. As ‘root’ run either of the following:

# yum install system-config-display
# system-config-display --noui


# yum install xorg-x11-server-Xorg
# Xorg -configure
# cp /etc/X11/xorg.conf

Whenever I install Fedora or CentOS with the X-server, I typically edit /etc/X11/xorg.conf and add the following Section (or at least the missing parts):

Section "Screen"
        Identifier "Screen0"
        Device     "Videocard0"
        DefaultDepth     24
        Subsection "Display"
                Viewport   0 0
                Depth     24
                Modes     "1024x768"

The Modes line will control the resolution. You should put the proper resolution for your display. You can also add mutiple modes if you monitor supports it. For example:

Modes     "1280x1024" "1024x768" "800x600"

If you have an LCD and Xorg does not properly detect the resolution, set the mode to the maximum resolution your LCD supports. If you have a standard CRT monitor that Xorg detects higher resolutions (with poor refresh rates) set the mode to the resolution you are comfortable. Also, if you have a CRT you can set multiple modes, then using either Gnome or KDE you can pick a resolution you prefer.

Note: This does NOT apply to everyone (most people will find the defaults correct), however many people have reported that setting a fixed resolution is helpful. Especially for some LCD’s which just seem to go blank.

For more information run man xorg.conf

Edit: 11/23/2009

All-In-One Configuration Tools

As I mentioned previously, I run many sites on my web server. Yesterday I decided to clean up some sites that their owners had neglected or not used. One such site was running Apache Tomcat Java Server, which I did not care to leave running.

Now I, like many users of commercial hosting plans, pay for cPanel/WHM which includes a myriad of options/configurations/settings to do almost everything on the server. Back in 2007, I had used the cPanel Addon to install Tomcat. It was an incredibly easy “1-click Install”. I never checked, but I just assumed it worked. Similarly I thought it would be just as easy to uninstall Tomcat. I clicked “Uninstall” and all went well and I didn’t see any immediate problems. Or so I thought …

Last night the Apache Webserver failed. I did not realize till this morning (6 hours later). After some digging I found that it was because Apache could not find some Tomcat/Java module. So much for a proper uninstall. I did not have time to debug the issue, so what did I do? I simply re-installed Tomcat. I just could not afford any more downtime! … I know, I know: Shame on me!

This incident is like many commonly seen in the Linux world: An all-in-one graphical configuration tool can do wonders, but somewhere due to interaction between components it can causes all sorts of unforeseen problems. The root problem here is that it is incredibly difficult to know all the intricacies and nuances for administrating multiple software systems. Add to that the occasional need to manually edit config files, and you create an unmanageable mess.

Do you remember linuxconf? … Back in the day (pre-2002) Red Hat included a configuration tool called linuxconf which could manage multiple system options using a variety of graphical and non-graphical interfaces. While this worked wonders for novices performing simple tasks (mounting disk partitions, adding users, setting network addresses), it caused all sorts of issues for more complex services (web server, mail server, samba). Unfortunately at that time, there were very few complete comprehensive tools for configuring complex servers. Users who got burned using linuxconf, eventually learned that the only guaranteed way to setup things was to read man pages and documentation, and then editing config files manually.

Redhat did eventually abandon linuxconf with RH8.0. And while many users did complain, ultimately it was a smart decision. Software projects cannot be held accountable if some 3rd-party tool mangled their config files. Even more importantly, how can someone be certain the tool made the change they requested without looking at the config output? You can’t.

Sadly even though I expected cPanel to do its job (considering it is not free), I should have been more careful on a live production server. While I’m not saying that every single “all-in-one” tool is a failure, I am saying that trusting any tool without validation is a very poor choice.

SSH Client Configuration

I have a VPS which is host to many websites. Some of those sites are permitted ssh access for their admins. However I am the admin to several sites myself. Each site has a different username (login/password) for administration. Additionally I have changed the ssh port to a different number (instead of the default 22) to avoid some script/bot attacks.

All of this makes for very inconvenient ssh usage and plenty of typing errors. For example:

# ssh -p33333
# ssh -p33333

Fortunately ssh provides a client configuration file to make “shortcuts” for things like this.
If you start by reading the ssh_config man page:

# man ssh_config

It will reveal 4 useful options:

  • Host – A “shortcut” name which can be used instead of the full hostname address.
  • Hostname – The real host name which is the actual server to log into.
  • Port – Port number on the host server.
  • User – The username used to log in. Typically ssh will use the current unix username if not specified.

So using the above example. I created the the file: ~/.ssh/config:

[mirandam@atlas ~]$ cd .ssh
[mirandam@atlas .ssh]$ touch config

with the following contents:

Host site1
Port 33333
User username_site1

Host site2
Port 33333
User username_site2

Now I can ssh to either site with a simpler command. These do exactly the same as the previous ssh commands:

# ssh site1
# ssh site2

NOTE: Read the man page carefully. If you see the following error:

Bad owner or permissions on /home/mirandam/.ssh/config

This means you did not properly set the permissions on the config file. To fix:

# chmod 600 ~/.ssh/config

There are many other options in the config file for users who might have more specific options (X11 Forwarding, Timeouts, Compression, etc.).
For anyone with multiple ssh accounts on different servers, this is very convenient to implement. Note this also works for scp and sftp.

Command Line DVD Burning

When I built my server, I only used a CD-RW/DVD-ROM combination drive. Whenever I remotely downloaded a ISO using wget or bittorrent, I would have to copy the 2-4GB file(s) from my server to either my desktop or laptop. I finally caved, and bought a DVD-RW drive for my server (even though it will get minimal usage).

(This was all on my CentOS 5 server, I executed these commands entirely remotely. )

After I installed the new drive, I ran dmesg to check how it was detected:

[mirandam@atlas ~]$ dmesg | grep DVD
hda: HP DVD Writer 1140d, ATAPI CD/DVD-ROM drive
hda: ATAPI 12X DVD-ROM DVD-R-RAM CD-R/RW drive, 2048kB Cache, UDMA(66)

The device is /dev/hda, which will be linked to the DVD device in /dev:

[mirandam@atlas ~]$ ls -l /dev | grep dvd
lrwxrwxrwx 1 root root         3 Aug 19 19:44 dvd -> hda
lrwxrwxrwx 1 root root         3 Aug 19 19:44 dvd-hda -> hda
lrwxrwxrwx 1 root root         3 Aug 19 19:44 dvdrw -> hda
lrwxrwxrwx 1 root root         3 Aug 19 19:44 dvdrw-hda -> hda
lrwxrwxrwx 1 root root         3 Aug 19 19:44 dvdwriter -> hda
lrwxrwxrwx 1 root root         3 Aug 19 19:44 dvdwriter-hda -> hda

Necessary Software

In order to work with DVD writing, you should have the dvd+rw-tools package installed. This will most likely be installed if you have Gnome or a CD/DVD app such as K3b. If not install via yum:

# yum install dvd+rw-tools

I wanted to erase a DVD+RW.

I had a junk DVD+RW (Memorex) laying around that I wanted quickly deleted. I used the dvd+rw-format command (it took less than 30 seconds):

[mirandam@atlas ~]$ sudo dvd+rw-format -force /dev/dvd
* BD/DVD+RW/-RAM format utility by <appro>, version 7.0.
* 4.7GB DVD+RW media detected.
* formatting 92.3\

I wanted to burn a downloaded ISO file onto the DVD+RW.

I used the growisofs command. I tried using sudo but it refused, so logged in directly as root.

[mirandam@atlas ISO]$ su -
[root@atlas ~]# cd ~mirandam/ISO/

[root@atlas ISO]# growisofs -dvd-compat -Z /dev/dvd=DVD_Image.iso -speed 2
Executing 'builtin_dd if=DVD_Image.iso of=/dev/dvd obs=32k seek=0'
/dev/dvd: restarting DVD+RW format...
/dev/dvd: "Current Write Speed" is 4.1x1352KBps.
   31490048/2530975744 ( 1.2%) @4.0x, remaining 7:56 RBU 100.0% UBU   2.4%
 2512584704/2530975744 (99.3%) @4.0x, remaining 0:03 RBU 100.0% UBU  99.8%
builtin_dd: 1235840*2KB out @ average 4.0x1352KBps
/dev/dvd: flushing cache
/dev/dvd: writing lead-out

As you can see, it took about 8 minutes (fast!) for this to finish. After it finished, I mounted the new DVD to test it (my image was udf, most linux CD/DVD images are iso9660):

[mirandam@atlas ~]$ sudo mount /dev/dvd /mnt/dvd -t udf

When I got back to the server, my DVD+RW was ready for me.

I plan to always leave a DVD+RW media in the drive so it can serve as an means for backup. Automating the process may also be a good idea.

More Info

Supported Features

Sounds like something Fedora users might relate to…

I hear many of you finally have smooth Flash support, but me and my Intel card are still waiting on a kernel patch somewhere in the pipeline before we can watch Jon Stewart smoothly.

Google Apps for Domains

I spend way too much time and effort tweaking my SpamAssassin settings on my server just so I can get my email and spam situation manageable.

Anyways, I’m getting sick of the trouble so I am trying out Google Apps for Domains. This allows me to use my own domain name, but using Gmail for email and other Google web based applications (such as “Docs” and “Calendar”) all for free. It is basically the whole set of Google applications made to work from your own domain. The best part is that it can be configured to work without interfering with your actual website. So you can still run your blog, web page or forum.

There are some significant benefits since Google is managing a lot of the software on their side.

In Gmail I can create easily email address aliases or use “subadressing” without messing with things like CPanel or Exim. This is very useful for mailing lists among other things.

Even though Google Apps was designed for multiple users, it is just affective for a single user. The Calendar feature can be used online or it can be made to work with desktop applications like Evolution.

If you want to use this free service, all you need is a domain name (you don’t necessarily need hosting). I was a bit hesitant to mess my main server, so I decided use my unused which I have through 1and1. Google does a very good job providing information for configurations through some of the most popular domain name providers. Using 1and1 config options, I can redirect subdomains such as directly to the Gmail login for my domain.

Google Apps for Domains can be used for individuals or even communities or groups (of up to 50 people) for free. The enterprise options provide even more features (at a cost). If you ever considered trying it out, it is not too expensive to get a $7 domain name and the setup takes merely a few hours.

So far I’ve found it quite convenient, and I might migrate further to Google Apps in the future. Even though I too have my reservations about Google’s Privacy issues, this feature is too nice to ignore.

SELinux – the good

There is brief intro presentation on SELinux for “everyday” users. The 12th slides is titled “SELinux – the good”. It has quoted someone by the name Larry Loeb:

“Let me assure you that this action by the NSA was the crypto-equivalent of the Pope coming down off the balcony in Rome, working the crowd with a few loaves of bread and some fish, and then inviting everyone to come over to his place to watch the soccer game and have a few beers. There are some things that one just never expects to see, and the NSA handing out source code along with details of the security mechanism behind it was right up there on that list.”

I just found that hilarious so I had to pass it on.

I had been disabling SELinux, since it was released in FC2, but as of Fedora 9 I leave it on. For the most part now, it operates pretty transparently.

(Presentation link via James Morris)