Mounting disks by ID

One think I discovered in my January foray into other distributions is that mounting disks by ID which is now the default in many distributions (such as SUSE and Ubuntu) is not such a good idea when you might be ripping some out.

In fact, Linux does not seem to take kindly to having hard disks ripped out at all!

I had to manually edit the device.map, menu.lst and fstab files of my existing distributions to get them working again after removing my two PATA drives that have driven me mad with buggy GRUB configurations.

Distributions January 2008

I was getting very frustrated with SUSE recently. Mainly because of the slow and flaky package management but also due to my scanning difficulties.

So I decided to do a quick test of a couple more Linux distributions. Here are a few quick notes.

MEPIS 7.0 Release 3

• There is a password on the Live CD login with no information on what it is (guessed demo)
• Install to disk has to run as root - it silently logged when run as demo with no indication as to why
• In the disk partitioner, there were no partition names or labels to give a guide to existing partitions - both SUSE and Mandriva give better information
• No wizard to help install my Wacom graphics tablet (this works great under SUSE)
• THERE IS NO SETTINGS WIZARD FOR NVIDIA! Any configuration has to be done by hand on the xorg.conf file - this alone discounts it as a Windows replacement (there wasn't one for download either that I could find)
• Installation does not set the time zone correctly according to the chosen location. The keyboard layout is left incorrect as well so that it has to be changed manually - lazy
• The auto-mounting of existing partitions is DREADFULL. It labels them as hd1, etc. rather than using labels. Worse, you have to automount them from Konqueror as a standard user but then you cannot access them as a standard user, only as root (which wont auto-mount them)

Good points are:

• It's Debian based
• Package management is faster than SUSE (by a loooooong way)
• Theres a nice NVIDIA driver installation wizard (but how daft that there is then no way of configuring it!)

My conclusion is - give it a miss, stick with SUSE or Ubuntu.

Mandriva 2008 One KDE

• I had several crashes with the configuration wizards. Once crashed, they will not run without a reboot but there is no indication as to why
• There was no automatic access to existing partitions from the Live CD. I had to manually mount them using the partition tool
• After installing/configuring the NVIDIA drivers and setting up a second monitor. I could not get Mandriva configured so that windows did not maximise to BOTH monitors. None of the other distributions I've tried have done this and I couldn't find any GUI way of stopping X from treating the two monitors as a single large one (at least without turning off TwinView altogether)
• In the Mandriva configuration wizards, the OK and Cancel buttons have a very nasty habit of swapping places. Normally you would expect the confirm action to be on one side and the cancel on the other - not to swap around randomly
• You seem to have to manually set up repository sources - not helpful
• The printer installation wizard does not parse the manufacturer. It told me what my printer was and who it was made by and then didn't bother to pre-select the Canon drivers in the list
• I couldn't find Kate on the application menus only KWrite
• There is no file manager listed in the menus only on the desktop
• In the package manager, almost no packages had a description against them, just a title
• Existing partitions are auto-mounted without their names/labels making it extremely hard to know which is which

Good points are:

• There is a UPS setup wizard
• The menu is nice, much better than a standard one

So, again, I really cannot recommend this distribution.

Conclusions

After this exercise, I even booted back to my Windows Vista partition thinking I might give up with Linux altogether!

Thankfully, a few minutes trying to run failing updates and using the relatively slow interface convinced me otherwise and I am back with SUSE 10.3 again. The grass may look green in those other OS's and distributions, but it isn't really.

Keeping information secure but accessible across platforms

One of the issues with Linux is that I can't use it under all circumstances. In particular I usually have to work with Windows at work. So I need cross-platform tools, especially now that I also make extensive use of a smartphone/PDA.

So here is a timely post - with the number of people in UK government departments carelessly loosing private or secret information, how do we keep this stuff secure while still being accessible from different platforms? Oh, and we don't really want to pay out money for the privilege if we don't have to!

Well, I've looked at 3 tools that will do everything we need and they wont cost a penny.

First up is Keepass. Keepass is a tool for storing passwords, primarily aimed at web site use but it serves perfectly well for storing any password type information and I use it for storing license numbers, router passwords, etc. Keepass runs on Windows as the main platform and that version has some really nice features such as a macro language for logging in to web sites and the ability to run local applications. This version does not need to be installed so it will run from a pen drive as well. There is also a version for Windows Mobile/PocketPC, just synchronise the database file to keep it in step with the desktop. Then there is KeepassX which runs under Linux and Mac OS. It is not quite as feature rich as the Windows version but it still does nicely.

The remaining two applications all work with virtual (or real) disk partitions by encrypting them and allowing you to access them like ordinary disks.

TrueCrypt comes first. This is supported on Windows and Linux (a Mac version is due out in Jan 2008). It is pretty easy to use under Windows. Linux only has a GUI for Gnome but you can also use ScramDisk for Linux as a GUI under KDE. TrueCrypt does not need to be installed so runs nicely from a pen drive. Sadly, there is no mobile version.

FreeOTFE is notable in that it supports Windows, Windows Mobile/PocketPC and Linux. The Linux support is via LUKS which is a standardised, well supported loopback encryption application (how to create a loopback secure container). I've not tried FreeOTFE yet, but it does seem to have a good range of capabilities. Under Windows, it also works with the Secure Tray utility (also by the same author, Sarah Dean) which allows for the automatic running of applications when a volume is mounted. I am sure that I'll be trying this out at some point. Update 2008-01-24: Sadly, the PDA version of FreeOTFE cannot mount Linux volumes so there is still not a true cross-platform solution. The best I can do is to set up TrueCrypt for PC/Linux (easier than FreeOTFE) and FreeOTFE for PC/PDA with an automated sync between the two. Update 2008-01-29: I've now actually tried FreeOTFE on a PC and on a WM5 device and I'm afraid that they tend to hang almost continuously so this is not really an option I can recommend. It's a shame as it looks great on paper. There is a real missed opportunity here, especially if the PDA version were to support Linux volumes.

Update 2008-07-10: An additional plus for FreeOTFE is that it does not require admin access (under Windows) to run. I suspect that this will get more and more important as more organisations lock down their PC's but continue to fail to provide sufficient support and capabilities.

Between TrueCrypt and FreeOTFE, I'd say the former is easier to use as it hides much of the gory bits away but FreeOTFE has the features and cross-platform support. I may well find use for both. Given the problems with FreeOTFE that I experienced. I'll carry on using TrueCrypt on Windows and Linux and Tombo on the PDA and Windows with manual copies between the two - drat, too much reliance on Windows.

Things to dislike about SUSE 10.3

OK, so we've have the good things about openSUSE 10.3, now for the bad.

• The repository and package installation management in openSUSE 10.3 sucks - bigtime!
• I'm often getting failures to read the control files from the Internet (though normal browsing works fine),
• it is slow - really very very very slow,
• and you do seem to get weird dependency issues more often than other distros,
• there are too many fairly standard packages missing from the default repositories so you have to configure third party ones (at least this is often easier with the 1-click install facility now available),
• 1-click install seems to often fail or takes >5 minutes to jump into life,
• Why do I have to keep importing new repository keys? It makes a mockery of the security because I get blasé about it and always say yes,
• Why does running a package install totally kill the system performance?
• I thought that there were a number of important commands missing from the distro but it turned out that the installation didn't set /sbin in the path so that things like the hdparm command were not found
• It sets the "name" of my machine to something based on what the DHCP server on my router has given it rather than the name of machine that I set on installation (this shows up in YAST and on the command line). Not really a problem but a niggle
• libata seems to break some software Update 2008-01-29: Hmm, not so sure now that scanning is working though I've also taken out my PATA hard drives so who knows? In fact, the release notes show that libata can be disabled at boot-time using the boot option "hwprobe=-modules.pata" if it causes problems
• In particular, scanning was only working with Kooka (which is very basic). My normal cross-platform scanning software - VueScan - doesn't work, nor does the propriatory version of iScan (for Epson scanners) Update 2008-01-29: Now sorted. It turned out I hadn't fully configured my Epson scanner in YAST. Though I don't know whether removing my PATA hard drives may have changed things also. Anyway, both VueScan and iScan now work - hooray!

Well, despite all of these, I'm still finding it the best available right now. Overall I'd have to say that it is a well balanced distro and does most things you want right out of the box. I'll stick with it for now.

More on the GRUB bug (with mixed PATA and SATA drives)

I've mentioned this one a couple of times so I'll give a bit more detail because it is a nightmare to solve if you don't know what is going on.

If you have both a parallel ATA (PATA, this is the way most hard drives were connected on desktops and laptops until around 18 months ago) and a serial ATA (SATA) hard disk controller on your PC (as many do) and hard drives connected to both controllers, you are going to get hit by the GRUB PATA/SATA bug.

When you boot from a CD/DVD drive (generally connected to the PATA controller) to install Linux, GRUB will see your hard drives in a specific order. It lists them as (hd0,0) etc. and this numbering is mapped onto the actual devices (e.g. /dev/hda for PATA or /dev/sda for SATA) using a mapping file in the grub folder.

The problem is that when you re-boot from a hard drive rather than the removable drive, it is likely that the order of the drives will change and GRUB can't currently handle this.

You have a couple of choices now. You could install openSUSE 10.3 which treats all drives as though they were SCSI (e.g. /dev/sda etc.), no problems there.

If you want to use another distro though (e.g. Ubuntu), try this:

After installation from CD/DVD, reboot without the CD/DVD and see if GRUB works. If it fails to find the boot loader, you can edit the grub menu manually from within GRUB itself, see the documentation for details. Now you can play with the default drive (the "root (hd0,0)" bit) until you find the right one. Hint: you can type "(hd" and press tab to get a valid list of drives and partitions.

Once you have found the correct drive to use you can now boot normally.

Next, find the location of the grub install files (should be in /boot/grub).

As root, edit the device.map file and reset the device map to how the devices look when you are NOT booted from a CD - you should be able to work this out from your currently mounted devices.

Alternatively, edit the GRUB menu.list file to correct the "root" statements to the correct drives.

Yes, it's a mess and has been that way for at least two years. I first noticed it when Knoppix (the first of the really good live distros) stopped working on my desktop PC though I didn't know what the problem was then.

Here are some links to more information:

• http://kubuntuforums.net/forums/index.php?topic=3081671.0
• https://help.ubuntu.com/community/RecoveringUbuntuAfterInstallingWindows?action=show&redirect=RestoreGrub
• https://help.ubuntu.com/community/GrubHowto?highlight=%28grub%29

While I'm at it, here are some quick instructions for rebuilding GRUB:

1. sudo -i (or su)
2. grub (runs grub shell)
3. find /boot/grub/stage1 (if it doesnt work, try without /boot) => should return installation drive, e.g. (hdx,y)
4. root (hdx,y)
5. setup (hd0) (for installation on MBR of disk 0. Alt: (hdx,y) to install on boot partition, etc.)
6. quit

On Ubuntu, try update-grub to rebuild grub menu and reinstall On all distros, grub-install /dev/hdx

Things to like about openSUSE 10.3

It works well out of the box.

Things it doesn't do wrong

I didn't need to get round the GRUB bug since SUSE treats PATA and SATA disks as pseudo SCSI disks and nothing gets confused when rebooting.

It didn't kill my graphics card with a buggy NV driver.

My Soundblaster Live card works correctly with digital output and everything.

My old, serial connected, Wacom graphics tablet just works.

Once installed, Compiz Fusion just works.

Bluetooth just works.

Things it does well

Start-up and shut-down of the PC is really fast.

There are lots of custom settings scripts built in to YAST2 so no need to hunt round for files to edit by hand.

There is a sensible set of applications in the standard build without overdoing it.

In particular, the scripts for editing the graphics settings of xorg save manually editing the conf file which is always rather fraught (though there is a problem after the NVidia drivers have been installed, I'll talk about that in another post).

Sensible options are generally chosen during installation. For example, if you change the language option to English (UK) during installation, the locale and keyboard options are automatically chosen as UK.