fedora


Compiling Wireshark 1.8.8 on Fedora 25 (64bit)

Recently we received some dissector plugins for Wireshark version 1.8.x, which is not available to install through the repositories.
So, we had to install it ourselves and we decided to use version 1.8.8 that was the latest version of the 1.8.x series available in the following FedoraProject.org page.
The source code is available at https://www.wireshark.org/download/src/all-versions/ and http://pkgs.fedoraproject.org/repo/pkgs/wireshark/.

Download the patched version here: wireshark-1.8.8.7z (patched) (5 downloads)

Synopsis

While configuring we run into a few problems, that we solved by installing the following packages:


sudo dnf install perl-podlators perl-Pod-Html gtk2-devel gtk3-devel libpcap-devel byacc flex -y;

When compiling we run into an error where an a wireshark enum was conflicting with a system one.
To resolve that issue we modified the file: epan/dissectors/packet-gluster.h and at line 357 we removed the next enum:

/* dir-entry types from libglusterfs/src/compat.h */
enum gluster_entry_types {
    DT_UNKNOWN = 0,
    DT_FIFO = 1,
    DT_CHR = 2,
    DT_DIR = 4,
    DT_BLK = 6,
    DT_REG = 8,
    DT_LNK = 10,
    DT_SOCK = 12,
    DT_WHT = 14
};

It is safe to delete it as it exists in the exact same form and same values in the system header files.
Please note that in version 1.8.15 we found the following enum, which shows that it was decided later on to just change the enum fields.

/* dir-entry types from libglusterfs/src/compat.h */
enum gluster_entry_types {
    GLUSTER_DT_UNKNOWN = 0,
    GLUSTER_DT_FIFO = 1,
    GLUSTER_DT_CHR = 2,
    GLUSTER_DT_DIR = 4,
    GLUSTER_DT_BLK = 6,
    GLUSTER_DT_REG = 8,
    GLUSTER_DT_LNK = 10,
    GLUSTER_DT_SOCK = 12,
    GLUSTER_DT_WHT = 14
};

Later during compilation we got the error that there was an undefined reference to g_memmove, we copied the definition of g_memmove (see below) from  packaging/macosx/native-gtk/glibconfig.h at line 81 and pasted it on the first line of the files ui/gtk/export_object_smb.c and epan/dissectors/packet-ssl-utils.c.

#define g_memmove(dest,src,len) G_STMT_START { memmove ((dest), (src), (len)); } G_STMT_END

Finally during documentation generation we had a problem with two authors that there were Non-ASCII characters in their names so we updated the file AUTHORS and replaced the names Peter Kovář  with Peter Kovar and Роман Донченко with Roman Donchenko which are strings that only contain ASCII characters.

Download the patched version here: wireshark-1.8.8.7z (patched) (5 downloads)

The Problems One by One

checking for pod2man... /usr/bin/pod2man
checking for pod2html... no
configure: error: I couldn't find pod2html; make sure it's installed and in your path

Solution: sudo dnf install perl-podlators perl-Pod-Html;

checking for GTK+ - version >= 2.12.0 and < 3.0... Package gtk+-2.0 was not found in the pkg-config search path.
Perhaps you should add the directory containing `gtk+-2.0.pc'
to the PKG_CONFIG_PATH environment variable
No package 'gtk+-2.0' found
no
*** Could not run GTK+ test program, checking why...
*** The test program failed to compile or link. See the file config.log for the
*** exact error that occured. This usually means GTK+ is incorrectly installed.
configure: error: Neither Qt nor GTK+ 2.12 or later are available, so Wireshark can't be compiled

Solution: sudo dnf install gtk2-devel gtk3-devel;

checking for pcap-config... no
checking for extraneous pcap header directories... not found
checking pcap.h usability... no
checking pcap.h presence... no
checking for pcap.h... no
configure: error: Header file pcap.h not found; if you installed libpcap
from source, did you also do "make install-incl", and if you installed a
binary package of libpcap, is there also a developer's package of libpcap,
and did you also install that package?

Solution: sudo dnf install libpcap-devel;

libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I../.. -I./../.. -I./.. -DINET6 -DG_DISABLE_DEPRECATED -DG_DISABLE_SINGLE_INCLUDES -DGSEAL_ENABLE -DGTK_DISABLE_DEPRECATED -DGTK_DISABLE_SINGLE_INCLUDES -D_FORTIFY_SOURCE=2 "-D_U_=__attribute__((unused))" -I/usr/local/include -DPLUGIN_DIR=\"/usr/local/lib/wireshark/plugins/1.8.8\" -g -O2 -Wall -W -Wextra -Wdeclaration-after-statement -Wendif-labels -Wpointer-arith -Wno-pointer-sign -Warray-bounds -Wcast-align -Wformat-security -Wold-style-definition -Wno-error=unused-but-set-variable -fexcess-precision=fast -pthread -I/usr/include/gtk-2.0 -I/usr/lib64/gtk-2.0/include -I/usr/include/pango-1.0 -I/usr/include/atk-1.0 -I/usr/include/cairo -I/usr/include/pixman-1 -I/usr/include/libdrm -I/usr/include/gdk-pixbuf-2.0 -I/usr/include/libpng16 -I/usr/include/pango-1.0 -I/usr/include/harfbuzz -I/usr/include/pango-1.0 -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/freetype2 -I/usr/include/libpng16 -MT libdissectors_la-packet-gluster_cli.lo -MD -MP -MF .deps/libdissectors_la-packet-gluster_cli.Tpo -c packet-gluster_cli.c  -fPIC -DPIC -o .libs/libdissectors_la-packet-gluster_cli.o
In file included from /usr/include/glib-2.0/glib/gdir.h:32:0,
                 from /usr/include/glib-2.0/glib.h:45,
                 from packet-gluster_cli.c:40:
packet-gluster.h:359:2: error: redeclaration of enumerator 'DT_UNKNOWN'
  DT_UNKNOWN = 0,
  ^
/usr/include/dirent.h:99:5: note: previous definition of 'DT_UNKNOWN' was here
     DT_UNKNOWN = 0,
     ^~~~~~~~~~
packet-gluster.h:360:2: error: redeclaration of enumerator 'DT_FIFO'
  DT_FIFO = 1,
  ^
/usr/include/dirent.h:101:5: note: previous definition of 'DT_FIFO' was here
     DT_FIFO = 1,
     ^~~~~~~
packet-gluster.h:361:2: error: redeclaration of enumerator 'DT_CHR'
  DT_CHR = 2,
  ^
/usr/include/dirent.h:103:5: note: previous definition of 'DT_CHR' was here
     DT_CHR = 2,
     ^~~~~~
packet-gluster.h:362:2: error: redeclaration of enumerator 'DT_DIR'
  DT_DIR = 4,
  ^
/usr/include/dirent.h:105:5: note: previous definition of 'DT_DIR' was here
     DT_DIR = 4,
     ^~~~~~
packet-gluster.h:363:2: error: redeclaration of enumerator 'DT_BLK'
  DT_BLK = 6,
  ^
/usr/include/dirent.h:107:5: note: previous definition of 'DT_BLK' was here
     DT_BLK = 6,
     ^~~~~~
packet-gluster.h:364:2: error: redeclaration of enumerator 'DT_REG'
  DT_REG = 8,
  ^
/usr/include/dirent.h:109:5: note: previous definition of 'DT_REG' was here
     DT_REG = 8,
     ^~~~~~
packet-gluster.h:365:2: error: redeclaration of enumerator 'DT_LNK'
  DT_LNK = 10,
  ^
/usr/include/dirent.h:111:5: note: previous definition of 'DT_LNK' was here
     DT_LNK = 10,
     ^~~~~~
packet-gluster.h:366:2: error: redeclaration of enumerator 'DT_SOCK'
  DT_SOCK = 12,
  ^
/usr/include/dirent.h:113:5: note: previous definition of 'DT_SOCK' was here
     DT_SOCK = 12,
     ^~~~~~~
packet-gluster.h:367:2: error: redeclaration of enumerator 'DT_WHT'
  DT_WHT = 14
  ^
/usr/include/dirent.h:115:5: note: previous definition of 'DT_WHT' was here
     DT_WHT = 14
     ^~~~~~
Makefile:6516: recipe for target 'libdissectors_la-packet-gluster_cli.lo' failed
make[5]: *** [libdissectors_la-packet-gluster_cli.lo] Error 1

Solution: edit epan/dissectors/packet-gluster.h and at line 357 delete this

/* dir-entry types from libglusterfs/src/compat.h */
enum gluster_entry_types {
    DT_UNKNOWN = 0,
    DT_FIFO = 1,
    DT_CHR = 2,
    DT_DIR = 4,
    DT_BLK = 6,
    DT_REG = 8,
    DT_LNK = 10,
    DT_SOCK = 12,
    DT_WHT = 14
};
libtool: link: gcc -DPYTHON_DIR= -g -O2 -Wall -W -Wextra -Wdeclaration-after-statement -Wendif-labels -Wpointer-arith -Wno-pointer-sign -Warray-bounds -Wcast-align -Wformat-security -Wold-style-definition -Wno-error=unused-but-set-variable -fexcess-precision=fast -pthread -I/usr/include/gtk-2.0 -I/usr/lib64/gtk-2.0/include -I/usr/include/pango-1.0 -I/usr/include/atk-1.0 -I/usr/include/cairo -I/usr/include/pixman-1 -I/usr/include/libdrm -I/usr/include/gdk-pixbuf-2.0 -I/usr/include/libpng16 -I/usr/include/pango-1.0 -I/usr/include/harfbuzz -I/usr/include/pango-1.0 -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/freetype2 -I/usr/include/libpng16 -Wl,--as-needed -o .libs/wireshark wireshark-capture-pcap-util-unix.o wireshark-capture-pcap-util.o wireshark-cfile.o wireshark-clopts_common.o wireshark-disabled_protos.o wireshark-frame_data_sequence.o wireshark-packet-range.o wireshark-print.o wireshark-ps.o wireshark-sync_pipe_write.o wireshark-timestats.o wireshark-tap-megaco-common.o wireshark-tap-rtp-common.o wireshark-version_info.o wireshark-capture_ifinfo.o wireshark-capture_sync.o wireshark-capture_ui_utils.o wireshark-airpcap_loader.o wireshark-capture.o wireshark-capture_info.o wireshark-capture_opts.o wireshark-color_filters.o wireshark-file.o wireshark-fileset.o wireshark-filters.o wireshark-g711.o wireshark-merge.o wireshark-proto_hier_stats.o wireshark-recent.o wireshark-summary.o wireshark-tempfile.o wireshark-u3.o .libs/wiresharkS.o -pthread -Wl,--export-dynamic -pthread -Wl,--export-dynamic  -L/usr/local/lib ui/gtk/libgtkui.a ui/gtk/libgtkui_dirty.a ui/libui.a codecs/libcodec.a wiretap/.libs/libwiretap.so epan/.libs/libwireshark.so wsutil/.libs/libwsutil.so -lpcap -lkrb5 -lk5crypto -lcom_err -lgtk-x11-2.0 -lgdk-x11-2.0 -lpangocairo-1.0 -latk-1.0 -lcairo -lgdk_pixbuf-2.0 -lgio-2.0 -lpangoft2-1.0 -lpango-1.0 -lgobject-2.0 -lfontconfig -lfreetype -lgthread-2.0 -lgmodule-2.0 -lglib-2.0 -lm -lz -pthread -Wl,-rpath -Wl,/usr/local/lib
ui/gtk/libgtkui.a(libgtkui_a-export_object_smb.o): In function `insert_chunk':
/home/george/Downloads/wireshark-1.8.8/ui/gtk/export_object_smb.c:230: undefined reference to `g_memmove'
collect2: error: ld returned 1 exit status

Solution: Copy the definition of g_memmove (see below) from  packaging/macosx/native-gtk/glibconfig.h at line 81 and paste it on the first line of the files ui/gtk/export_object_smb.c and epan/dissectors/packet-ssl-utils.c.

#define g_memmove(dest,src,len) G_STMT_START { memmove ((dest), (src), (len)); } G_STMT_END
Making all in doc
make[2]: Entering directory '/home/george/Downloads/wireshark-1.8.8/doc'
/usr/bin/perl ./perlnoutf.pl ./make-authors-short.pl < ../AUTHORS > AUTHORS-SHORT
cp AUTHORS-SHORT ..
/usr/bin/perl ./perlnoutf.pl ./make-authors-format.pl < AUTHORS-SHORT > AUTHORS-SHORT-FORMAT
cat ./wireshark.pod.template AUTHORS-SHORT-FORMAT > wireshark.pod
/usr/bin/pod2man                    \
--center="The Wireshark Network Analyzer"    \
--release=1.8.8                \
wireshark.pod  > wireshark.1
Wide character in printf at /usr/share/perl5/vendor_perl/Pod/Simple.pm line 565.
wireshark.pod around line 3527: Non-ASCII character seen before =encoding in 'KovE<aacute>ř'. Assuming UTF-8
POD document had syntax errors at /usr/bin/pod2man line 71.

and

cat ./wireshark.pod.template AUTHORS-SHORT-FORMAT > wireshark.pod
/usr/bin/pod2man                    \
--center="The Wireshark Network Analyzer"    \
--release=1.8.8                \
wireshark.pod  > wireshark.1
Wide character in printf at /usr/share/perl5/vendor_perl/Pod/Simple.pm line 565.
wireshark.pod around line 3618: Non-ASCII character seen before =encoding in 'Роман'. Assuming UTF-8
POD document had syntax errors at /usr/bin/pod2man line 71.

Solution: update the file AUTHORS and replace the names the names Peter Kovář  with Peter Kovar and Роман Донченко with Roman Donchenko which are strings that only contain ASCII characters.

Download the patched version here: wireshark-1.8.8.7z (patched) (5 downloads)


Fedora 25: Program a sysmocom SIM card using HID OMNIKEY 3121

We got our hands on an HID OMNIKEY 3121 card reader that we were going to use to program a sysmocom sysmoUSIM-SJS1 SIM card on a Fedora 25 (64bit).

After attaching the card reader on the host machine, we executed lsusb to verify that we could see the card reader on the host machine.
Among the results we got the following line indicating that the card reader was available.

$ lsusb
...
Bus 003 Device 002: ID 076b:3022 OmniKey AG CardMan 3021
...

Then we added a SIM card to the reader to prepare it for reading and updated our system:

sudo dnf upgrade -y;

To read and program the SIM card we decided to use the pySim-prog utility (http://git.osmocom.org/pysim/about/).
pySim-prog is a small command line utility written in python, which is used for programming various programmable SIM/USIM cards like the sysmoUSIM-SJS1.

To use the utility, we first installed the needed dependencies using the following command:

sudo dnf install ca-certificates python-pip swig python-devel pcsc-lite-devel git pcsc-lite redhat-rpm-config pcsc-tools -y;

Then we started the pcscd service as such:

sudo systemctl start pcscd;

Please note that if you want to automatically start the pcscd service at each boot execute:

sudo systemctl enable pcscd;

Then we used sudo pcsc_scan tool to test that the reader is functioning properly as it regularly scans every PC/SC readers connected to the host.
We got some data similar to this:

$ sudo pcsc_scan 
PC/SC device scanner
V 1.4.25 (c) 2001-2011, Ludovic Rousseau <[email protected]>
Compiled with PC/SC lite version: 1.8.15
Using reader plug'n play mechanism
Scanning present readers...
0: OMNIKEY AG 3121 USB 00 00

Fri May 26 19:22:15 2017
Reader 0: OMNIKEY AG 3121 USB 00 00
  Card state: Card inserted, 
  ATR: 18 00 00 01 A5 3B 9F 96 80 1F 21 13 67 43 20 07 C7 80 31 A0 73 BE

ATR: 18 00 00 01 A5 3B 9F 96 80 1F 21 13 67 43 20 07 C7 80 31 A0 73 BE
+ TS = 3B --> Direct Convention
+ T0 = 9F, Y(1): 1001, K: 15 (historical bytes)
  TA(1) = 96 --> Fi=512, Di=32, 16 cycles/ETU
    250000 bits/s at 4 MHz, fMax for Fi = 5 MHz => 312500 bits/s
  TD(1) = 80 --> Y(i+1) = 1000, Protocol T = 0 
-----
  TD(2) = 1F --> Y(i+1) = 0001, Protocol T = 15 - Global interface bytes following 
-----
  TA(3) = C7 --> Clock stop: no preference - Class accepted by the card: (3G) A 5V B 3V C 1.8V 
+ Historical bytes: 00 00 01 80 31 A0 67 43 20 07 18 73 BE 21 13
  Category indicator byte: 80 (compact TLV data object)
    Tag: 3, len: 1 (card service data byte)
      Card service data byte: A0
        - Application selection: by full DF name
        - BER-TLV data objects available in EF.DIR
        - EF.DIR and EF.ATR access services: by GET RECORD(s) command
        - Card with MF
    Tag: 7, len: 3 (card capabilities)
      Selection methods: BE
        - DF selection by full DF name
        - DF selection by path
        - DF selection by file identifier
        - Implicit DF selection
        - Short EF identifier supported
        - Record number supported
      Data coding byte: 21
        - Behaviour of write functions: proprietary
        - Value 'FF' for the first byte of BER-TLV tag fields: invalid
        - Data unit in quartets: 2
      Command chaining, length fields and logical channels: 13
        - Logical channel number assignment: by the card
        - Maximum number of logical channels: 4
    Tag: 6, len: 7 (pre-issuing data)
      Data: 43 20 00 01 07 18 00
+ TCK = A5 (correct checksum)

Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
18 00 00 01 A5 3B 9F 96 80 1F 21 13 67 43 20 07 C7 80 31 A0 73 BE
    sysmoUSIM-SJS1 (Telecommunication)
    http://www.sysmocom.de/products/sysmousim-sjs1-sim-usim

We hit Ctrl+C to terminate the application.

After this successful test, we proceeded into getting the software of pysim and installing an additional python dependency called pyscard through pip.

sudo pip install --upgrade pip;
sudo pip install pyscard;

Later, we cloned the pysim repository:

git clone http://git.osmocom.org/pysim/;
cd pysim;

And finally, we started using it.

Read SIM information

To read the information on the SIM card, we executed the following

sudo python2 pySim-read.py --pcsc-device=0;

And got this back:

Reading ...
ICCID: 0000898100110000821
IMSI: 900659000010170
SMSP: fffffffffffffffffffafffafffbffffffffffffffff0581ffffffffffe1ffffffffffffffffff005155f5ffffffffffff000000
ACC: 0200
MSISDN: Not available
Done !

Write SIM information

To write to the SIM new information we executed the following:

sudo python2 pySim-prog.py --pcsc-device=0 --type sysmoUSIM-SJS1 --pin-adm=81297587 --mcc=901 --mnc=71 --imsi=901700106590000 --iccid=8982211003300110000 --opc=3987059FEF153333661279FB1FC74BE0 --ki=1DAA6FA8B2549F20D0F42113E62B9925;

Which resulted in the following successful message:

Insert card now (or CTRL-C to cancel)
Generated card parameters :
 > Name    : Magic
 > SMSP    : e1ffffffffffffffffffffffff0581005155f5ffffffffffff000000
 > ICCID   : 8982211003300110000
 > MCC/MNC : 901/71
 > IMSI    : 901700106590000
 > Ki      : 1DAA6FA8B2549F20D0F42113E62B9925
 > OPC     : 3987059FEF153333661279FB1FC74BE0
 > ACC     : None

Programming ...
Done !

 


Fedora 25: Workaround to install system-config-kickstart 1

Recently, we tried to install system-config-kickstart on a Fedora 25 x86_64 Workstation but it failed because dnf could not find an installation candidate for system-config-date.

The hack-ish solution

After reviewing the packages that were available at the time in https://kojipkgs.fedoraproject.org/packages/system-config-date/ we found the latest rpm version and we had dnf install that manually.
sudo dnf install https://kojipkgs.fedoraproject.org/packages/system-config-date/1.10.9/3.fc25/noarch/system-config-date-1.10.9-3.fc25.noarch.rpm python-kickstart system-config-kickstart;
The installation went smoothly and we were able to use system-config-kickstart.

Output of successful installation

sudo dnf install https://kojipkgs.fedoraproject.org/packages/system-config-date/1.10.9/3.fc25/noarch/system-config-date-1.10.9-3.fc25.noarch.rpm python-kickstart system-config-kickstart
Last metadata expiration check: 2:57:07 ago on Sun May 14 08:43:53 2017.
Package python-kickstart-2.32-1.fc25.noarch is already installed, skipping.
Dependencies resolved.
===========================================================================================
 Package                          Arch        Version              Repository         Size
===========================================================================================
Installing:
 gnome-python2                    x86_64      2.28.1-18.fc25       fedora             51 k
 gnome-python2-canvas             x86_64      2.28.1-18.fc25       fedora             38 k
 libart_lgpl                      x86_64      2.3.21-15.fc25       fedora             71 k
 libglade2                        x86_64      2.6.4-14.fc24        fedora             67 k
 libgnomecanvas                   x86_64      2.30.3-11.fc24       fedora            230 k
 libselinux-python                x86_64      2.5-13.fc25          updates           239 k
 newt-python                      x86_64      0.52.19-2.fc25       fedora             60 k
 pygtk2-libglade                  x86_64      2.24.0-15.fc25       fedora             30 k
 pykickstart                      noarch      2.32-1.fc25          fedora             56 k
 python-slip                      noarch      0.6.4-4.fc25         fedora             37 k
 system-config-date               noarch      1.10.9-3.fc25        @commandline      602 k
 system-config-keyboard           noarch      1.4.0-10.fc25        fedora             38 k
 system-config-keyboard-base      noarch      1.4.0-10.fc25        fedora            108 k
 system-config-kickstart          noarch      2.9.3-3.fc24         fedora            361 k
 system-config-language           noarch      3.4.0-1.fc25         fedora            128 k

Transaction Summary
===========================================================================================
Install  15 Packages

Total size: 2.1 M
Total download size: 1.5 M
Installed size: 7.0 M
Is this ok [y/N]: y
Downloading Packages:
(1/14): gnome-python2-canvas-2.28.1-18.fc25.x86_64.rpm     370 kB/s |  38 kB     00:00    
(2/14): pygtk2-libglade-2.24.0-15.fc25.x86_64.rpm          797 kB/s |  30 kB     00:00    
(3/14): newt-python-0.52.19-2.fc25.x86_64.rpm              371 kB/s |  60 kB     00:00    
(4/14): python-slip-0.6.4-4.fc25.noarch.rpm                595 kB/s |  37 kB     00:00    
(5/14): system-config-keyboard-1.4.0-10.fc25.noarch.rpm    867 kB/s |  38 kB     00:00    
(6/14): pykickstart-2.32-1.fc25.noarch.rpm                 579 kB/s |  56 kB     00:00    
(7/14): gnome-python2-2.28.1-18.fc25.x86_64.rpm            586 kB/s |  51 kB     00:00    
(8/14): system-config-language-3.4.0-1.fc25.noarch.rpm     1.0 MB/s | 128 kB     00:00    
(9/14): libart_lgpl-2.3.21-15.fc25.x86_64.rpm              656 kB/s |  71 kB     00:00    
(10/14): system-config-kickstart-2.9.3-3.fc24.noarch.rpm   701 kB/s | 361 kB     00:00    
(11/14): libglade2-2.6.4-14.fc24.x86_64.rpm                581 kB/s |  67 kB     00:00    
(12/14): libgnomecanvas-2.30.3-11.fc24.x86_64.rpm          964 kB/s | 230 kB     00:00    
(13/14): system-config-keyboard-base-1.4.0-10.fc25.noarch. 826 kB/s | 108 kB     00:00    
(14/14): libselinux-python-2.5-13.fc25.x86_64.rpm          1.4 MB/s | 239 kB     00:00    
-------------------------------------------------------------------------------------------
Total                                                      597 kB/s | 1.5 MB     00:02     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Installing  : libglade2-2.6.4-14.fc24.x86_64                                        1/15 
  Installing  : pygtk2-libglade-2.24.0-15.fc25.x86_64                                 2/15 
  Installing  : libart_lgpl-2.3.21-15.fc25.x86_64                                     3/15 
  Installing  : newt-python-0.52.19-2.fc25.x86_64                                     4/15 
  Installing  : libgnomecanvas-2.30.3-11.fc24.x86_64                                  5/15 
  Installing  : libselinux-python-2.5-13.fc25.x86_64                                  6/15 
  Installing  : python-slip-0.6.4-4.fc25.noarch                                       7/15 
  Installing  : system-config-keyboard-base-1.4.0-10.fc25.noarch                      8/15 
  Installing  : system-config-keyboard-1.4.0-10.fc25.noarch                           9/15 
  Installing  : gnome-python2-2.28.1-18.fc25.x86_64                                  10/15 
  Installing  : gnome-python2-canvas-2.28.1-18.fc25.x86_64                           11/15 
  Installing  : system-config-date-1.10.9-3.fc25.noarch                              12/15 
  Installing  : system-config-language-3.4.0-1.fc25.noarch                           13/15 
  Installing  : pykickstart-2.32-1.fc25.noarch                                       14/15 
  Installing  : system-config-kickstart-2.9.3-3.fc24.noarch                          15/15 
  Verifying   : system-config-date-1.10.9-3.fc25.noarch                               1/15 
  Verifying   : system-config-kickstart-2.9.3-3.fc24.noarch                           2/15 
  Verifying   : gnome-python2-canvas-2.28.1-18.fc25.x86_64                            3/15 
  Verifying   : newt-python-0.52.19-2.fc25.x86_64                                     4/15 
  Verifying   : pygtk2-libglade-2.24.0-15.fc25.x86_64                                 5/15 
  Verifying   : python-slip-0.6.4-4.fc25.noarch                                       6/15 
  Verifying   : pykickstart-2.32-1.fc25.noarch                                        7/15 
  Verifying   : system-config-keyboard-1.4.0-10.fc25.noarch                           8/15 
  Verifying   : system-config-language-3.4.0-1.fc25.noarch                            9/15 
  Verifying   : gnome-python2-2.28.1-18.fc25.x86_64                                  10/15 
  Verifying   : libart_lgpl-2.3.21-15.fc25.x86_64                                    11/15 
  Verifying   : libgnomecanvas-2.30.3-11.fc24.x86_64                                 12/15 
  Verifying   : libglade2-2.6.4-14.fc24.x86_64                                       13/15 
  Verifying   : system-config-keyboard-base-1.4.0-10.fc25.noarch                     14/15 
  Verifying   : libselinux-python-2.5-13.fc25.x86_64                                 15/15 

Installed:
  gnome-python2.x86_64 2.28.1-18.fc25                                                      
  gnome-python2-canvas.x86_64 2.28.1-18.fc25                                               
  libart_lgpl.x86_64 2.3.21-15.fc25                                                        
  libglade2.x86_64 2.6.4-14.fc24                                                           
  libgnomecanvas.x86_64 2.30.3-11.fc24                                                     
  libselinux-python.x86_64 2.5-13.fc25                                                     
  newt-python.x86_64 0.52.19-2.fc25                                                        
  pygtk2-libglade.x86_64 2.24.0-15.fc25                                                    
  pykickstart.noarch 2.32-1.fc25                                                           
  python-slip.noarch 0.6.4-4.fc25                                                          
  system-config-date.noarch 1.10.9-3.fc25                                                  
  system-config-keyboard.noarch 1.4.0-10.fc25                                              
  system-config-keyboard-base.noarch 1.4.0-10.fc25                                         
  system-config-kickstart.noarch 2.9.3-3.fc24                                              
  system-config-language.noarch 3.4.0-1.fc25                                               

Complete!

Output of failed installation attempts

sudo dnf install system-config-kickstart;
 Last metadata expiration check: 2:55:26 ago on Sun May 14 08:43:53 2017.
 Error: nothing provides system-config-date needed by system-config-kickstart-2.9.3-3.fc24.noarch
 (try to add '--allowerasing' to command line to replace conflicting packages)
sudo dnf install system-config-kickstart --allowerasing;
 Last metadata expiration check: 1:44:34 ago on Sun May 14 08:43:53 2017.
 Error: nothing provides system-config-date needed by system-config-kickstart-2.9.3-3.fc24.noarch
sudo dnf install system-config-date;
 Last metadata expiration check: 2:22:31 ago on Sun May 14 08:43:53 2017.
 No package system-config-date available.
 Error: Unable to find a match.

How to Start/Stop or Enable/Disable firewalld on Fedora 25

firewalld (Dynamic Firewall Manager) tool provides a dynamically managed firewall. The tool enables network/firewall zones to define the trust level of network connections and/or interfaces. It has support both for IPv4 and IPv6 firewall settings. Also, it supports Ethernet bridges and allow you to separate between runtime and permanent configuration options. Finally, it supports an interface for services or applications to add firewall rules directly.

Disable firewalld

To disable firewalld, execute the following command as root or using sudo:

systemctl disable firewalld;

Enable firewalld

To enable firewalld, execute the following command as root or using sudo:

systemctl enable firewalld;

Stop firewalld

To stop (or deactivate) firewalld,execute the following command as root or using sudo:

systemctl stop firewalld;

Start firewalld

To start (or activate) firewalld, execute the following command as root or using sudo:

systemctl start firewalld;

Status of firewalld

To check the status of firewalld, execute the following command as root or using sudo:

systemctl status firewalld;

CONCEPTS

systemd provides a dependency system between various entities called “units” of 12 different types. Units encapsulate various objects that are relevant for system boot-up and maintenance. The majority of units are configured in unit configuration files, whose syntax and basic set of options is described in systemd.unit(5), however some are created automatically from other configuration, dynamically from system state or programmatically at runtime. Units may be “active” (meaning started, bound, plugged in, …, depending on the unit type, see below), or “inactive” (meaning stopped, unbound, unplugged, …), as well as in the process of being activated or deactivated, i.e. between the two states (these states are called “activating”, “deactivating”). A special “failed” state is available as well, which is very similar to “inactive” and is entered when the service failed in some way (process returned error code on exit, or crashed, or an operation timed out). If this state is entered, the cause will be logged, for later reference. Note that the various unit types may have a number of additional substates, which are mapped to the five generalized unit states described here.
— From man systemd

The above, in a nutshell:

  • enabled is a service that is configured to start when the system boots
  • disabled is a service that is configured to not start when the system boots
  • active is a service that is currently running
  • inactive is a service that is currently stopped and may be disabled, but it can be started and become active

Just some notes for setting up a new OS to develop projects on GNU/Linux Fedora

If the project is in C++ and uses mysql then install

sudo dnf install mysql++-devel;

If the project is in C/C++ and you are missing talloc.h install

sudo dnf install libtalloc-devel;

Set your name and email for all git projects

git config --global --edit
Then fill-in the configuration file similar to below
# This is Git's per-user configuration file.
[user]
# Please adapt and uncomment the following lines:
#       name = Michael, George
#       email = [email protected]
[user]
        name = Michael, George
        email = [email protected]
[gui]
        editor = gedit

or use these individual commands to set the configuration

[[email protected] ~]$ git config --global user.name "Michael, George"
[[email protected] ~]$ git config --global user.email "[email protected]"

Increase amount of inotify watchers

If you are using CLion or IntelliJ IDEA by jetbrains increase the amount of inotify watchers.
CLion, IntelliJ (and other tools of jetbrains) use inotify on GNU/Linux to monitor directories for changes. It’s common to encounter the system limit on the number of files they monitor.

inotify requires a watch handle to be set for each directory in the project. Unfortunately, the default limit of watch handles will not be enough for sized projects, and reaching the limit will force the jetbrains platform to fall back to recursive scans of directory trees.

Create a file (as root) called /etc/sysctl.d/idea.conf and add the following content to it to increase the number of watchers to 512K

fs.inotify.max_user_watches = 524288

Then call sysctl to reload the settings and apply the new configuration

[[email protected] ~]$ sudo sysctl -p --system;
  •  -p[FILE] or --load[=FILE]: Load in sysctl settings from the file  specified  or /etc/sysctl.conf if none  given.
    Specifying - as filename means reading data from standard input. Using this option will mean arguments to sysctl are files, which are read in the order they are specified.
    The file argument may be specified as regular expression.
  •  --system: Load settings from all system configuration files.
     /run/sysctl.d/*.conf
     /etc/sysctl.d/*.conf
     /usr/local/lib/sysctl.d/*.conf
     /usr/lib/sysctl.d/*.conf
     /lib/sysctl.d/*.conf
     /etc/sysctl.conf

Fedora 25: install / start / enable ssh server

Install

To install the openssh-server, you need to install the openssh-server package:

sudo dnf install -y openssh-server;

Start

To start the sshd daemon (openssh-server) in the current session:

sudo systemctl start sshd.service;

Stop

To stop the active (if any) sshd daemon in the current session:

sudo systemctl stop sshd.service;

Enable

To configure the sshd daemon to start automatically at boot time:

sudo systemctl enable sshd.service;

You will get an output similar to this:

ln -s '/usr/lib/systemd/system/sshd.service' '/etc/systemd/system/multi-user.target.wants/sshd.service'

Disable

To configure the sshd daemon to stop automatic initialization at boot time:

sudo systemctl disable sshd.service;

Fedora 25 with GNOME 3: Making a Wi-Fi hotspot 4

Recently we tried to create a Wi-Fi hotspot on Fedora 25 running GNOME 3.

When we clicked on the Use as Hotspot... button  on the network manager it did not activate the hotspot.
Actually, nothing changed after we clicked on the button.
We tried this several times, some while being disconnected from all networks, others with having the Wi-Fi device disabled etc. None of the tests payed out.

To mitigate the problem, we used nm-connection-editor to create the hotspot configuration and then activate it from the network manager.

After we starter nm-connection-editor, we pressed the Add button to create a new configuration:

From the prompt, we selected the option Wi-Fi and then clicked on the Create... button.

In the newly appeared window, we filled in

  • the Connection name (which is not used by the system, it is only for us to identify which configuration this is),
  • then the SSID (which is the name of the network you will create and connect to),
  • we set Mode to Hotspot

Then we switched to the Wi-Fi Security tab where we filled in the type of protection we want the hotspot to have and the password for it.

We clicked Save and then we closed the Network Connections window as well.

From the network manager, we clicked on Use as Hotspot... button and then the Turn On button on the confirmation popup to finish the activation.

After this, the network manager changed its screen and showed a page which had all the necessary information that are needed to connect to our newly created hotspot.

Note:

In case you cannot connect because the password verification fails even though you are providing the correct password, you can always do the ugly hack of setting up a hotspot with no security to get your job done…


g++ not found on Fedora 25

On a Fedora 25 (64bit) we got the error g++ not found.

We could have installed g++ using:


sudo dnf install gcc-c++ -y;

But we wanted to install all common additional development tools that we might need for C/C++ development in the future without going over the list of available packages to find which ones.
To do so, we installed all the packages of the group that is marked to be used for C development using dnf as follows:


sudo dnf group install "C Development Tools and Libraries" -y;


Fedora 24: Solution to gcrypt.h: No such file or directory

Recently we tried to compile cisco-decrypt.c* on Fedora 24 (64bit).
We got the full source code from the website of Maurice Massar.
Download full source code here: cisco-decrypt.c (compressed) (58 downloads)

We needed this tool to configure the Gnome 3 native network client to connect to a specific Cisco VPN network.
During the configuration we setup a “Cisco Compatible VPN (vpnc)” VPN.

* Please note that this tool is NOT a hacking nor cracking tool. In order for you to make any use of it, you need to have a valid PCF file given to you by your system administrator. It is only useful when you need to get the group password to configure a system that does not accept the PCF file with the encrypted password.

To compile the code you can use one of the following two methods:

Compilation method 1

gcc -Wall -o cisco-decrypt cisco-decrypt.c $(libgcrypt-config --libs --cflags)

If the package libgcrypt-devel is not installed you will get a prompt message as follows, which will instruct you to install the missing package.
You need to type y to both questions so that the installation will proceed. Once the installation is done, execute once more the compilation command.

As you can see below, you might get a whole bunch of errors, ignore them and try to compile once more. It seems to be a bug that will not affect the end result (at least in this scenario).

gcc -Wall -o cisco-decrypt cisco-decrypt.c $(libgcrypt-config --libs --cflags)
bash: libgcrypt-config: command not found...
Install package 'libgcrypt-devel' to provide command 'libgcrypt-config'? [N/y] y

Proceed with changes? [N/y] y

gcc: error: Waiting: No such file or directory
gcc: error: in: No such file or directory
gcc: error: queue...: No such file or directory
gcc: error: Loading: No such file or directory
gcc: error: list: No such file or directory
gcc: error: of: No such file or directory
gcc: error: packages....: No such file or directory
gcc: error: The: No such file or directory
gcc: error: following: No such file or directory
gcc: error: packages: No such file or directory
gcc: error: have: No such file or directory
gcc: error: to: No such file or directory
gcc: error: be: No such file or directory
gcc: error: installed:: No such file or directory
gcc: error: libgcrypt-devel-1.6.6-1.fc24.x86_64: No such file or directory
gcc: error: Development: No such file or directory
gcc: error: files: No such file or directory
gcc: error: for: No such file or directory
gcc: error: the: No such file or directory
gcc: error: libgcrypt: No such file or directory
gcc: error: package: No such file or directory
gcc: error: libgpg-error-devel-1.24-1.fc24.x86_64: No such file or directory
gcc: error: Development: No such file or directory
gcc: error: files: No such file or directory
gcc: error: for: No such file or directory
gcc: error: the: No such file or directory
gcc: error: libgpg-error: No such file or directory
gcc: error: package: No such file or directory
gcc: error: Waiting: No such file or directory
gcc: error: in: No such file or directory
gcc: error: queue...: No such file or directory
gcc: error: Waiting: No such file or directory
gcc: error: for: No such file or directory
gcc: error: authentication...: No such file or directory
gcc: error: Waiting: No such file or directory
gcc: error: in: No such file or directory
gcc: error: queue...: No such file or directory
gcc: error: Downloading: No such file or directory
gcc: error: packages...: No such file or directory
gcc: error: Requesting: No such file or directory
gcc: error: data...: No such file or directory
gcc: error: Testing: No such file or directory
gcc: error: changes...: No such file or directory
gcc: error: Installing: No such file or directory
gcc: error: packages...: No such file or directory

Compilation method 2

In case the above method does not work for you for some reason, you can try the following.

gcc -Wall -o cisco-decrypt cisco-decrypt.c -lgcrypt

If the package libgcrypt-devel is not installed you will get an error as follows.

gcc -Wall -o cisco-decrypt cisco-decrypt.c -lgcrypt
cisco-decrypt.c:30:20: fatal error: gcrypt.h: No such file or directory
 #include <gcrypt.h>
                    ^
compilation terminated.

In this case use

sudo dnf install libgcrypt-devel

to install the missing library and try again to compile.

To use

Open your PCF file with a text editor. Find the line that starts with enc_GroupPwd= and copy the characters after that.

Paste the characters as the first command line argument to the newly compiled application. The password will be the line returned right after.


./cisco-decrypt 886E2FC74BFCD8B6FAF47784C386A50D0C1A5D0528D1E682B7EBAB6B2E91E792E389914767193F9114FA26C1E192034754F85FC97ED36509
Th!sIsMyK3y#

Other notes

In the case you get these errors:

/tmp/ccHrH1kZ.o: In function `c_decrypt':
cisco-decrypt.c:(.text+0x243): undefined reference to `gcry_md_hash_buffer'
cisco-decrypt.c:(.text+0x267): undefined reference to `gcry_md_hash_buffer'
cisco-decrypt.c:(.text+0x2b4): undefined reference to `gcry_md_hash_buffer'
cisco-decrypt.c:(.text+0x31d): undefined reference to `gcry_cipher_open'
cisco-decrypt.c:(.text+0x33b): undefined reference to `gcry_cipher_setkey'
cisco-decrypt.c:(.text+0x356): undefined reference to `gcry_cipher_setiv'
cisco-decrypt.c:(.text+0x382): undefined reference to `gcry_cipher_decrypt'
cisco-decrypt.c:(.text+0x391): undefined reference to `gcry_cipher_close'
/tmp/ccHrH1kZ.o: In function `main':
cisco-decrypt.c:(.text+0x41e): undefined reference to `gcry_check_version'
collect2: error: ld returned 1 exit status

It most probably means that you did not add on your compilation command one of the following two parameters

  1. $(libgcrypt-config –libs –cflags)
  2. -lgcrypt

You need one of these two options to be on the command line to compile.


Fedora 23: Support exfat

The Background:

Recently we got our hands on a GoPro Hero4 Black camera and we used a 64GB memory card as storage. The file system on the card is exFAT (Extended File Allocation Table), which is a Microsoft file system designed for flash drives. It is proprietary and Microsoft owns patents on several elements of its design. exFAT has been adopted by the SD Card Association as the default file system for SDXC cards larger than 32GiB.

The issue:

Fedora does not support exFat due to the licensing issues that Microsoft applied to the product and thus we could not mount the card on our machine.

The solution:

We installed the fuse-exfat driver from rpmfusion.org using the following commands.

#Enable access to both the free and the nonfree repository
#free repository: for Open Source Software (as defined by the Fedora Licensing Guidelines) which the Fedora project cannot ship due to other reasons
#nonfree repository: for redistributable software that is not Open Source Software (as defined by the Fedora Licensing Guidelines); this includes software with publicly available source-code that has "no commercial use"-like restrictions 
su -c 'dnf install http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm';

#Perform the installation
sudo dnf install fuse-exfat;

More background:

RPM Fusion provides software that the Fedora Project or Red Hat doesn’t want to ship. That software is provided as precompiled RPMs for all current Fedora versions and Red Hat Enterprise Linux 5 and 6.