logic involved

SELinux is coming to Android. Called SEAndroid, the project looks pretty interesting:

Some distinctive features of our SE Android reference implementation in comparison to prior efforts of which we are aware include:

• Per-file security labeling support for yaffs2,
• Filesystem images (yaffs2 and ext4) labeled at build time,
• Kernel permission checks controlling Binder IPC,
• Labeling of service sockets and socket files created by init,
• Labeling of device nodes created by ueventd,
• Flexible, configurable labeling of apps and app data directories,
• Userspace permission checks controlling use of the Zygote socket commands,
• Minimal port of SELinux userspace,
• SELinux support for the Android toolbox,
• Small TE policy written from scratch for Android,
• Confined domains for system services and apps,
• Use of MLS categories to isolate apps.

Plesk ships Atmail, but the default installation has a minor problem: when you open your webmail site, all you get is a message box saying “Unable to get webmail password!”. This is not caused by the user, who might have entered wrong credentials (in fact, he hasn’t even seen the webmail page yet, let alone entered his password). It’s caused by Atmail being unable to connect to its MySQL database.
The origin of this problem is in /var/www/atmail/libs/Atmail/Config.php, line 4:

fopen("/etc/psa-webmail/atmail/.atmail.shadow")

For some reason, the fopen() call fails, but there are several ways of fixing this. The easiest is to get the database password from .atmail.shadow and hard-code it in Config.php.

Disclaimer: don’t do this if you don’t know exactly what you are doing, why you are doing it and which possible consequences might result.

Now, change your /var/www/atmail/libs/Atmail/Config.php like this:

//if (!($fd = fopen("/etc/psa-webmail/atmail/.atmail.shadow", "r"))) {
//  echo "<script>alert('Unable to get webmail password!')</script>";
//  exit();
//}
//fscanf($fd, "%s", $buff);
//fclose($fd);
$buff = 'MySQL_password';

Note that you changed an Atmail application file, and it is very likely to be reverted by the next Plesk/Atmail update. This patch will be very helpful in that situation.

I have been playing with SUSE Studio for quite some time, and it never fails to amaze me. In short, it’s a utility that allows you to build your own SuSE-based Linux: you start with a general selection (openSUSE, SLES, KDE, Gnome, a JeOS , …), add repositories and packages. Then you add your configuration: set your locale and keyboard, add users, rig the network settings and the firewall, add custom backgrounds and logos, add license(s) that have to be accepted by the end user, add your own files and folders, add your custom post-built/post-boot/first boot scripts … and change many more things.
After that, it’s time for building: you can create USB images, live CDs (.iso files), XEN guests and VMware / VirtualBox / KVM (.vmdk) appliances. Built time is just a few minutes, and you can either download your appliance or take it for a test drive it right away, on the SUSE Studio servers. For that, you can connect to the web server of your appliance, log in via SSH, or have the desktop displayed in an applet within your web browser.
One of the most interesting features of SUSE Studio is the ability to keep the changes you make in your test drive. In other words: you don’t have to stick with the web interface for refining your appliance, but you can apply the more delicate refinements in a live system.

The SUSE Gallery hosts an impressive number of appliances that were made with SUSE Studio. Let me highlight just a few examples:

• Android Developer’s Desktop Remix – an Android development environment, based on openSUSE
• BrowserBox – 22 versions of 13 different web browsers (Android Browser, Internet Explorer, Firefox, Chrome, Safari, Lynx, Opera, …)
• iFolder Server – run your own iFolder file synchronization server
• Chrome OS – well, mostly Google Chrome

The support for Google Contacts and Google Calendar in KDE 4.4 is pretty good. All you need is libgcal (sudo apt-get install libgcal0 in Kubuntu). This library provides Akonadi access to your Google account. Once it is installed you just have to configure it in Akonadi, and then you can access your Google contacts and calendar in KMail, KAddressBook, Kontact and Korganizer.

Unfortunately there is no sync option for Akregator and Google Reader yet.

Installing Ubuntu on a netbook is trivial. Installing Ubuntu/Kubuntu with full disk encryption is absolutely easy. Unfortunately, installing it on a netbook with full disk encryption is not (at least not without a CD-ROM drive).

First of all, the desktop Ubuntu and Kubuntu install images don’t support full disk encryption. So get the Alternate ISO from here (Kubuntu users this way, please). Then create a bootable USB drive using UNetbootin.

Ready? Then boot your netbook from the USB drive, and proceed with the installation using this guide. You will be able to select your country, keyboard and configure your network. Then the installation will fail, because the installer won’t find a CD-ROM drive. Yuck.

Okay, if there is no CD-ROM drive we just have to mount the installer ISO. For this we copy the alternate installer ISO to a second USB stick, plug it into the netbook and give the system a few seconds to recognize it. Then we use alt+F2 to switch to a command line and hit so we can enter commands. First, we should make sure that both USB drives are there:

ls -la /dev/sd*

should return something like this:

/dev/sda
/dev/sda1
/dev/sda2
/dev/sdb
/dev/sdc

/dev/sda is your hard disk, /dev/sdb is the USB drive you booted from, and /dev/sdc is the second USB drive containing the installer ISO file (unless you have a second hard drive). Use mount if you are not sure if and/or where your USB drives are mounted to.Now you can mount the second USB drive to /mnt and the ISO image to /cdrom:

mount -t vfat /dev/sdc /mnt
mount /mnt/ubuntu-10.04-alternate-i386.iso /cdrom/
exit

Next, hit alt+f1 to return to the install menu and select “Detect CD-ROM”. The installation will proceed as described in the blog post above.

Have fun with Ubuntu 10.04!