Guys,uCertify is offering a 40% discount on all Prepkits. A user can select from extensive selection of over 300 PrepKits to help prepare for their IT certification exam(s). For a limited time only, uCertify is offering a humongous 40% discount! Buy any two PrepKits for $139.99 (compare to about $119.99 for each PrepKit!).

This time you can also take advantage of an additional discount by joining us on Facebook! All anyone have to do is like our page to be entitled to this private discount.

http://www.facebook.com/pages/ucertify/176752623633?v=app_4949752878

‘When you are forwarding ports through a tunnel, either locally or remotely (i.e., with the -L or -R switches), you can modify the session real-time. The way that you do this is after you start the session, you press SHIFT + ` + c (The ` key also has a ~ in it, which is the actual keypress sent to the session). If it doesn’t work the first time, press ENTER a couple of times and try it again. Once you get the “ssh>” prompt, type “?” for the commands you can put in. Here’s an example session:

[0908][scott@dev:~]$ ssh -R 8080:suseblog.com:8080 scott@suseblog.com
Password:
Last login: Thu Oct 15 11:59:43 2009 from 67.214.232.162
Have a lot of fun…
[1109][scott@mail:~]$ [PRESS SHIFT + ` + c HERE]
ssh> ?
Commands:
-L[bind_address:]port:host:hostport Request local forward
-R[bind_address:]port:host:hostport Request remote forward
-KR[bind_address:]port Cancel remote forward
[PRESS ENTER HERE]
[1110][scott@mail:~]$ [PRESS SHIFT + ` + c HERE]
ssh> -R8080:letslearnlinux.com:1080
Forwarding port.

[1110][scott@mail:~]$’

‘Getting the right cropping values using GIMP

In 5 steps:
Where to find the cropping values
1. Open up GIMP.
2. Open one of the images in GIMP.
3. Using the Rectangle Select Tool (hotkey “R”), select the area you want to be cropped.
4. Note the X, Y, Width and Height values GIMP gives you (have a look at the picture, you can find them in the GIMP main window).
5. Close GIMP (or leave it open if you plan to use it again soon).

We now have the values we need to tell the mogrify utility what to crop. Let’s go on and write a line that’ll execute mogrify in such a way that it’ll crop all our images!
Cropping the images

Now we’ll start working in the terminal. Open up your favourite one and cd to the directory where the images are located. Note that I strongly recommend having only the images that are to be cropped in the directory, nothing more. It saves you a lot of trouble. Well then, let’s start with the mogrify command. The syntax for cropping is as follows:

[rechosen@localhost ~]$ mogrify -crop {Width}x{Height}+{X}+{Y} image.png

Now don’t be scared, the {Width}, {Height} and so on simply are the places where you should put the values you got from GIMP! Note that I use a png file as an example, while mogrify is able to handle over 100 image file types. You don’t have to use png files with it. Anyway, if I’d fill in the values from the screenshot, the mogrify command would look like this:

[rechosen@localhost ~]$ mogrify -crop 643×393+7+83 image.png

The logic behind this system is the following: crop an area of 643 by 393 pixels, starting at 7 pixels from the left and 83 pixels from the top of the image. Got it? Ok then. The above command would overwrite image.png with a cropped version. But this still manipulates just a single image. The easiest way to make mogrify modify all images is just this:

[rechosen@localhost ~]$ mogrify -crop 643×393+7+83 *.png

The asterisk makes bash fill in all png files in the current directory, and mogrify will handle them all happily. After a (hopefully short) wait, all the images will have been cropped. If you want to crop images of an other format, just change “*.png” to, for example, “*.jpg” or “*.gif”.

You might want to give the cropped images other names, so that the original images will not be overwritten and it will be clear which images have been cropped and which haven’t. This is more complex, but hey, we’re working on Linux! Everything is possible if you take the time to write it.
Renaming the cropped images

In order to give the cropped images other names, we’ll use a bash loop. This time, we’ll use the convert utility. It is from the same family as mogrify, but it makes it easier for us to output to an other filename. I won’t explain the whole loop, as most of it is bash knowledge, but I will tell you which things you can/should alter to get the right results. There are loops for two cases, just pick the one of which you like the file naming the most.

* Case 1: You want the output files to be named like this: originalfile.png => cropped_originalfile.png (again, you can insert any of the over 100 supported image formats here, I just like png). The loop should be like this:

[rechosen@localhost ~]$ for file in *.png; do convert -crop {Width}x{Height}+{X}+{Y} $file cropped_$file; done

You should replace “png” with the extension you want (think of jpg, gif, png (of course) and so on), and the “{Width}”, “{Height}” etc with the values you got from GIMP. You may also replace “cropped_” with any prefix you like.
* Case 2: You want the output files to be named like this: originalfile.png => originalfile_cropped.png (or originalfile.jpg => originalfile_cropped.jpg, you name it). In that case, you should use the following loop:

[rechosen@localhost ~]$ for file in *.png; do convert -crop {Width}x{Height}+{X}+{Y} $file ${file%.png}_cropped.png; done

Again, replace “png” with the extension you want (watch it, there are 3 instances of it) and the “{Width}”, “{Height}” etc with the values you got from GIMP. You can also replace “_cropped” with any suffix you like.

Note that you can, in this case, easily modify the output format: if you want to output the cropped images in jpg format, you can just replace the third instance of “png” with “jpg”, no matter what format your input files are. The convert utility will detect it and change the image format automatically. ‘

‘Let’s have a look at a rather simple mencoder command that should create a WMP-compatible MPEG file:

[rechosen@localhost ~]$ mencoder
-oac lavc -ovc lavc -lavcopts acodec=mp2:vcodec=mpeg2video:mbd=1:vbitrate=1800 -of mpeg -o

Replace “
” with the video source (for example a file or a DVD scene) and “” with the file you want the output to be written to (e.g. “samplemovie.mpg” or “dvdbackup.mpeg”). You can also replace the value after “vbitrate=” with a higher or lower bitrate, depending on the desired quality of the outputfile (you could also leave it away entirely, but it will then default to 800, which is quite low and therefore pretty much only suitable for very low resolution movies).

Note that the above example will try to encode the movie at the same resolution and fps as the source. However, this does not always work correctly and also isn’t always what you want. Furthermore, the above example doesn’t use two-pass encoding. Two-pass encoding is useful because it results in a higher quality outputfile with about the same size (it needs to read the source twice, though).
A more feature-rich example

The next example features rescaling (adapting the resolution), specifies a framerate for the outputfile and encodes in two passes.

[rechosen@localhost ~]$ for i in {1,2}; do mencoder
-oac lavc -ovc lavc -lavcopts acodec=mp2:vcodec=mpeg2video:mbd=1:vpass=$i:vbitrate=1800 -of mpeg -ofps 25 -vf scale=640:480 -o ; done

Replace “
” with any source that can be read twice (a file or a DVD scene) and “” with the file you want the encoded data to be written to. You can alter the values after “-ofps=” and “-vf scale=” to change the framerate and the resolution of the outputfile, respectively (and of course you can alter the vbitrate again, too).

One more handy trick: you can set only the width of the encoded video and let mencoder determine the height, keeping the right aspect ratio:

[rechosen@localhost ~]$ for i in {1,2}; do mencoder
-oac lavc -ovc lavc -lavcopts acodec=mp2:vcodec=mpeg2video:mbd=1:vpass=$i:vbitrate=1800 -of mpeg -ofps 25 -vf scale -zoom -xy 640 -o ; done

Again, replace “
” with any source that can be read twice (a file or a DVD scene) and “” with the file you want the encoded data to be written to. You can alter the value after “-ofps=” again to change the framerate of the outputted data, and after “-zoom -xy ” is the value to change if you want a different width (note that values less than or equal to 8 will be interpreted as scaling factors, not as the width of the outputted video).’

‘If you use bash for scripting you will undoubtedly have to use conditions a lot, for example for an if … then construct or a while loop. The syntax of these conditions can seem a bit daunting to learn and use. This tutorial aims to help the reader understanding conditions in bash, and provides a comprehensive list of the possibilities. A small amount of general shell knowledge is assumed.

Difficulty: Basic – Medium
Introduction

Bash features a lot of built-in checks and comparisons, coming in quite handy in many situations. You’ve probably seen if statements like the following before:

if [ $foo -ge 3 ]; then

The condition in this example is essentially a command. It may sound strange, but surrounding a comparison with square brackets is the same as using the built-in test command, like this:

if test $foo -ge 3; then

If $foo is Greater then or Equal to 3, the block after ‘then’ will be executed. If you always wondered why bash tends to use -ge or -eq instead of >= or ==, it’s because this condition type originates from a command, where -ge and -eq are options.
And that’s what if does essentially, checking the exit status of a command. I’ll explain that in more detail further in the tutorial.
There also are built-in checks that are more specific to shells. What
about this one?

if [ -f regularfile ]; then

The above condition is true if the file ‘regularfile’ exists and
is a regular file. A regular file means that it’s not a block or
character device, or a directory. This way, you can make sure a usable
file exists before doing something with it. You can even check if a
file is readable!

if [ -r readablefile]; then

The above condition is true if the file ‘readablefile’ exists and is readable. Easy, isn’t it?
The syntax of an if statement (a short explanation)

The basic syntax of an if … then statement is like this:

if ; then

fi

The condition is, depending on its type, surrounded by certain
brackets, eg. [ ]. You can read about the different types further on
in the tutorial. You can add commands to be executed when the condition is false using the else keyword, and use the elif (elseif) keyword to execute commands on another condition if the primary condition is false. The else keyword always comes last. Example:

if [ -r somefile ]; then
content=$(cat somefile)
elif [ -f somefile ]; then
echo “The file ’somefile’ exists but is not readable to the script.”
else
echo “The file ’somefile’ does not exist.”
fi

A short explanation of the example: first we check if the file somefile is readable (”if [ -r somefile ]“). If so, we read it into a variable. If not, we check if it actually exists (”elif [ -f somefile ]“). If that’s true, we report that it exists but isn’t readable (if it was, we would have read the content). If the file doesn’t exist, we report so, too. The condition at elif is only executed if the condition at if was false. The commands belonging to else are only executed if both conditions are false.
The basic rules of conditions

When you start writing and using your own conditions, there are some rules you should know to prevent getting errors that are hard to trace. Here follow three important ones:

1. Always keep spaces between the brackets and the actual check/comparison. The following won’t work:

if [$foo -ge 3]; then

Bash will complain about a “missing `]’”.
2. Always terminate the line before putting a new keyword like “then”. The words if, then, else, elif and fi are shell keywords, meaning that they cannot share the same line. Put a “;” between the previous statement and the keyword or place the keyword on the start of a new line. Bash will throw errors like “syntax error near unexpected token `fi’” if you don’t.
3. It is a good habit to quote string variables if you use them in conditions, because otherwise they are likely to give trouble if they contain
spaces and/or newlines. By quoting I mean:

if [ "$stringvar" == "tux" ]; then

There are a few cases in which you should not
quote, but they are rare. You will see one of them further on in the tutorial.

Also, there are two things that may be useful to know:

1. You can invert a condition by putting an “!” in front of it. Example:

if [ ! -f regularfile ]; then

Be sure to place the “!” inside the brackets!
2. You can combine conditions by using certain operators. For the single-bracket syntax that we’ve been using so far, you can use “-a” for and and “-o” for or. Example:

if [ $foo -ge 3 -a $foo -lt 10 ]; then

The above condition will return true if $foo contains an integer greater than or equal to 3 and Less Than 10. You can read more about these combining expressions at the respective condition syntaxes.

And, one more basic thing: don’t forget that conditions can also be used in other statements, like while and until. It is outside the scope of this tutorial to explain those, but you can read about them at the Bash Guide for Beginners.

Anyway, I’ve only shown you conditions between single brackets so far. There are more syntaxes, however, as you will read in the next section.
Different condition syntaxes

Bash features different syntaxes for conditions. I will list the three of them:
1. Single-bracket syntax

This is the condition syntax you have already seen in the previous paragraphs; it’s the oldest supported syntax. It supports three types of conditions:

* File-based conditions
o Allows different kinds of checks on a file. Example:

if [ -L symboliclink ]; then

The above condition is true if the file ’symboliclink’ exists and is a symbolic link. For more file-based conditions see the table below.
* String-based conditions
o Allows checks on a string and comparing of strings. Example one:

if [ -z "$emptystring" ]; then

The above condition is true if $emptystring is an empty string or an uninitialized variable. Example two:

if [ "$stringvar1" == "cheese" ]; then

The above condition is true if $stringvar1 contains just the string “cheese”. For more string-based conditions see the table below.
* Arithmetic (number-based) conditions
o Allows comparing integer numbers. Example:

if [ $num -lt 1 ]; then

The above condition returns true if $num is less than 1. For more arithmetic conditions see the table below.

2. Double-bracket syntax

You may have encountered conditions enclosed in double square brackets already, which look like this:

if [[ "$stringvar" == *string* ]]; then

The double-bracket syntax serves as an enhanced version of the single-bracket syntax; it mainly has the same features, but also some important differences with it. I will list them here:

* The first difference can be seen in the above example; when comparing strings, the double-bracket syntax features shell globbing. This means that an asterisk (”*”) will expand to literally anything, just as you probably know from normal command-line usage. Therefore, if $stringvar contains the phrase “string” anywhere, the condition will return true. Other forms of shell globbing are allowed, too. If you’d like to match both “String” and “string”, you could use the following syntax:

if [[ "$stringvar" == *[sS]tring* ]]; then

Note that only general shell globbing is allowed. Bash-specific things like {1..4} or {foo,bar} will not work. Also note that the globbing will not work if you quote the right string. In this case you should leave it unquoted.
* The second difference is that word splitting is prevented. Therefore, you could omit placing quotes around string variables and use a condition like the following without problems:

if [[ $stringvarwithspaces != foo ]]; then

Nevertheless, the quoting string variables remains a good habit, so I recommend just to keep doing it.
* The third difference consists of not expanding filenames. I will illustrate this difference using two examples, starting with the old single-bracket situation:

if [ -a *.sh ]; then

The above condition will return true if there is one single file in the working directory that has a .sh extension. If there are none, it will return false. If there are several .sh files, bash will throw an error and stop executing the script. This is because *.sh is expanded to the files in the working directory. Using double brackets prevents this:

if [[ -a *.sh ]]; then

The above condition will return true only if there is a file in the working directory called “*.sh”, no matter what other .sh files exist. The asterisk is taken literally, because the double-bracket syntax does not expand filenames.
* The fourth difference is the addition of more generally known combining expressions, or, more specific, the operators “&&” and “||”. Example:

if [[ $num -eq 3 && "$stringvar" == foo ]]; then

The above condition returns true if $num is equal to 3 and $stringvar is equal to “foo”. The -a and -o known from the single-bracket syntax is supported, too.

Note that the and operator has precedence over the or operator, meaning that “&&” or “-a” will be evaluated before “||” or “-o”.
* The fifth difference is that the double-bracket syntax allows regex pattern matching using the “=~” operator. See the table for more information.

3. Double-parenthesis syntax

There also is another syntax for arithmetic (number-based) conditions, most likely adopted from the Korn shell:

if (( $num < = 5 )); then

The above condition is true if $num is less than or equal to 5. This syntax may seem more familiar to programmers. It features all the 'normal' operators, like "==", "<" and ">=”. It supports the “&&” and “||” combining expressions (but not the -a and -o ones!). It is equivalent to the built-in let command.
Table of conditions

The following table list the condition possibilities for both the single- and the double-bracket syntax. Save a single exception, the examples are given in single-bracket syntax, but are always compatible with double brackets.
1. File-based conditions:
Condition True if Example/explanation
[ -a existingfile ] file ‘existingfile’ exists. if [ -a tmp.tmp ]; then
rm -f tmp.tmp # Make sure we’re not bothered by an old temporary file
fi
[ -b blockspecialfile ] file ‘blockspecialfile’ exists and is block special. Block special files are special kernel files found in /dev, mainly used for ATA devices like hard disks, cd-roms and floppy disks.

if [ -b /dev/fd0 ]; then
dd if=floppy.img of=/dev/fd0 # Write an image to a floppy
fi
[ -c characterspecialfile ] file ‘characterspecialfile’ exists and is character special. Character special files are special kernel files found in /dev, used for all kinds of purposes (audio hardware, tty’s, but also /dev/null).

if [ -c /dev/dsp ]; then
cat raw.wav > /dev/dsp # This actually works for certain raw wav files
fi
[ -d directory ] file ‘directory’ exists and is a directory. In UNIX-style, directories are a special kind of file.

if [ -d ~/.kde ]; then
echo “You seem to be a kde user.”
fi
[ -e existingfile ] file ‘existingfile’ exists. (same as -a, see that entry for an example)
[ -f regularfile ] file ‘regularfile’ exists and is a regular file. A regular file is neither a block or character special file nor a directory.

if [ -f ~/.bashrc ]; then
source ~/.bashrc
fi
[ -g sgidfile ] file ’sgidfile’ exists and is set-group-ID. When the SGID-bit is set on a directory, all files created in that directory will inherit the group of the directory.

if [ -g . ]; then
echo “Created files are inheriting the group ‘$(ls -ld . | awk ‘{ print $4 }’)’ from the working directory.”
fi
[ -G fileownedbyeffectivegroup ] file ‘fileownedbyeffectivegroup’ exists and is owned by the effective group ID. The effective group id is the primary group id of the executing user.

if [ ! -G file ]; then # An exclamation mark inverts the outcome of the condition following it
chgrp $(id -g) file # Change the group if it’s not the effective one
fi
[ -h symboliclink ] file ’symboliclink’ exists and is a symbolic link. if [ -h $pathtofile ]; then
pathtofile=$(readlink -e $pathtofile) # Make sure $pathtofile contains the actual file and not a symlink to it
fi
[ -k stickyfile ] file ’stickyfile’ exists and has its sticky bit set. The sticky bit has got quite a history, but is now used to prevent world-writable directories from having their contents deletable by anyone.

if [ ! -k /tmp ]; then # An exclamation mark inverts the outcome of the condition following it
echo “Warning! Anyone can delete and/or rename your files in /tmp!”
fi
[ -L symboliclink ] file ’symboliclink’ exists and is a symbolic link. (same as -h, see that entry for an example)
[ -N modifiedsincelastread ] file ‘modifiedsincelastread’ exists and was modified after the last read. if [ -N /etc/crontab ]; then
killall -HUP crond # SIGHUP makes crond reread all crontabs
fi
[ -O fileownedbyeffectiveuser ] file ‘fileownedbyeffectiveuser’ exists and is owned by the user executing the script. if [ -O file ]; then
chmod 600 file # Makes the file private, which is a bad idea if you don’t own it
fi
[ -p namedpipe ] file ‘namedpipe’ exists and is a named pipe. A named pipe is a file in /dev/fd/ that can be read just once. See my bash tutorial for a case in which it’s used.

if [ -p $file ]; then
cp $file tmp.tmp # Make sure we’ll be able to read
file=”tmp.tmp” # the file as many times as we like
fi
[ -r readablefile ] file ‘readablefile’ exists and is readable to the script. if [-r file ]; then
content=$(cat file) # Set $content to the content of the file
fi
[ -s nonemptyfile ] file ‘nonemptyfile’ exists and has a size of more than 0 bytes. if [ -s logfile ]; then
gzip logfile # Backup the old logfile
touch logfile # before creating a fresh one.
fi
[ -S socket ] file ’socket’ exists and is a socket. A socket file is used for inter-process communication, and features an interface similar to a network connection.

if [ -S /var/lib/mysql/mysql.sock ]; then
mysql –socket=/var/lib/mysql/mysql.sock # See this MySQL tip
fi
[ -t openterminal ] file descriptor ‘openterminal’ exists and refers to an open terminal. Virtually everything is done using files on Linux/UNIX, and the terminal is no exception.

if [ -t /dev/pts/3 ]; then
echo -e “\nHello there. Message from terminal $(tty) to you.” > /dev/pts/3 # Anyone using that terminal will actually see this message!
fi
[ -u suidfile ] file ’suidfile’ exists and is set-user-ID. Setting the suid-bit on a file causes execution of that file to be done with the credentials of the owner of the file, not of the executing user.

if [ -u executable ]; then
echo “Running program executable as user $(ls -l executable | awk ‘{ print $3 }’).”
fi
[ -w writeablefile ] file ‘writeablefile’ exists and is writeable to the script. if [ -w /dev/hda ]; then
grub-install /dev/hda
fi
[ -x executablefile ] file ‘executablefile’ exists and is executable for the script. Note that the execute permission on a directory means that it’s searchable (you can see which files it contains).

if [ -x /root ]; then
echo “You can view the contents of the /root directory.”
fi
[ newerfile -nt olderfile ] file ‘newerfile’ was changed more recently than ‘olderfile’, or if ‘newerfile’ exists and ‘olderfile’ doesn’t. if [ story.txt1 -nt story.txt ]; then
echo “story.txt1 is newer than story.txt; I suggest continuing with the former.”
fi
[ olderfile -ot newerfile ] file ‘olderfile’ was changed longer ago than ‘newerfile’, or if ‘newerfile’ exists and ‘olderfile’ doesn’t. if [ /mnt/remote/remotefile -ot localfile ]; then
cp -f localfile /mnt/remote/remotefile # Make sure the remote location has the newest version of the file, too
fi
[ same -ef file ] file ’same’ and file ‘file’ refer to the same device/inode number. if [ /dev/cdrom -ef /dev/dvd ]; then
echo “Your primary cd drive appears to read dvd’s, too.”
fi
2. String-based conditions:
Condition True if Example/explanation
[ STRING1 == STRING2 ] STRING1 is equal to STRING2. if [ "$1" == "moo" ]; then
echo $cow # Ever tried executing ‘apt-get moo’?
fi

Note: you can also use a single “=” instead of a double one.
[ STRING1 != STRING2 ] STRING1 is not equal to STRING2. if [ "$userinput" != "$password" ]; then
echo “Access denied! Wrong password!”
exit 1 # Stops script execution right here
fi
[ STRING1 \> STRING2 ] STRING1 sorts after STRING2 in the current locale (lexographically). The backslash before the angle bracket is there because the bracket needs to be escaped to be interpreted correctly. As an example we have a basic bubble sort:

(Don’t feel ashamed if you don’t understand this, it is a more complex example)

array=( linux tutorial blog )
swaps=1
while (( swaps > 0 )); do

swaps=0
for (( i=0; i < (( ${#array[@]} - 1 )) ; i++ )); do
if [ "${array[$i]}" \> “${array[$(( i + 1 ))]}” ]; then # Here is the sorting condition
tempstring=${array[$i]}
array[$i]=${array[$(( i + 1 ))]}
array[$(( i + 1 ))]=$tempstring
(( swaps=swaps + 1 ))
fi
done
done
echo ${array[@]} # Returns “blog linux tutorial”
[ STRING1 \< STRING2 ] STRING1 sorts before STRING2 in the current locale (lexographically).
[ -n NONEMPTYSTRING ] NONEMPTYSTRING has a length of more than zero. This condition only accepts valid strings, so be sure to quote anything you give to it.

if [ -n "$userinput" ]; then
userinput=parse($userinput) # Only parse if the user actually gave some input.
fi

Note that you can also omit the “-n”, as brackets with just a string in it behave the same.
[ -z EMPTYSTRING ] EMPTYSTRING is an empty string. This condition also accepts non-string input, like an uninitialized variable:

if [ -z $uninitializedvar ]; then
uninitializedvar=”initialized” # -z returns true on an uninitialized variable, so we initialize it here.
fi
Double-bracket syntax only:
[[ STRING1 =~ REGEXPATTERN ]] STRING1 matches REGEXPATTERN. If you are familiar with Regular Expressions, you can use this conditions to perform a regex match.

if [[ "$email" =~ "\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}\b” ]]; then
echo “\$email contains a valid e-mail address.”
fi
3. Arithmetic (number-based) conditions:
Condition True if Example/explanation
[ NUM1 -eq NUM2 ] NUM1 is EQual to NUM2. These conditions only accept integer numbers. Strings will be converted to integer numbers, if possible. Some random examples:

if [ $? -eq 0 ]; then # $? returns the exit status of the previous command
echo “Previous command ran succesfully.”
fi

if [ $(ps -p $pid -o ni=) -ne $(nice) ]; then
echo “Process $pid is running with a non-default nice value”
fi

if [ $num -lt 0 ]; then
echo “Negative numbers not allowed; exiting…”
exit 1
fi
[ NUM1 -ne NUM2 ] NUM1 is Not Equal to NUM2.
[ NUM1 -gt NUM2 ] NUM1 is Greater Than NUM2.
[ NUM1 -ge NUM2 ] NUM1 is Greater than or Equal to NUM2.
[ NUM1 -lt NUM2 ] NUM1 is Less Than NUM2.
[ NUM1 -le NUM2 ] NUM1 is Less than or Equal to NUM2.
4. Miscellaneous conditions:
Condition True if Example/explanation
[ -o shelloption ] shell option ’shelloption’ is enabled. Shell options modify the behaviour of bash, except a few unmodifiable ones that indicate the shell status.

if [ ! -o checkwinsize ] # An exclamation mark inverts the outcome of the condition following it
echo “Shell option checkwinsize is disabled; enabling it so you can resize you terminal window without problems.”
shopt -s checkwinsize # This shell option is modifiable
fi

if [ -o login_shell ]; then
echo “This a a login shell.” # This shell option is not modifiable

fi

With the double-parenthesis syntax, you can use the following conditions:
5. Double-parenthesis syntax conditions:
Condition True if Example/explanation
(( NUM1 == NUM2 )) NUM1 is equal to NUM2. These conditions only accept integer numbers. Strings will be converted to integer numbers, if possible. Some random examples:

if (( $? == 0 )); then # $? returns the exit status of the previous command
echo “Previous command ran succesfully.”
fi

if (( $(ps -p $pid -o ni=) != $(nice) )); then
echo “Process $pid is running with a non-default nice value”
fi

if (( $num < 0 )); then
echo "Negative numbers not allowed; exiting..."
exit 1
fi
(( NUM1 != NUM2 )) NUM1 is not equal to NUM2.
(( NUM1 > NUM2 )) NUM1 is greater than NUM2.
(( NUM1 >= NUM2 )) NUM1 is greater than or equal to NUM2.
(( NUM1 < NUM2 )) NUM1 is less than NUM2.
(( NUM1 <= NUM2 )) NUM1 is less than or equal to NUM2.

After this dry information load, here's a bit of explanation for those who want to know more...
Diving a little deeper

I said I'd tell more about the fact that if essentially checks the exit status of commands. And so I will. The basic rule of bash when it comes to conditions is 0 equals true, >0 equals false.
That’s pretty much the opposite of many programming languages where 0 equals false and 1 (or more) equals true. The reason behind this is that shells like bash deal with programs a lot. By UNIX convention, programs use an exit status for indicating whether execution went alright or an error occured. As a succesful execution doesn’t require any explanation, it needs only one exit status. If there was a problem, however, it is useful to know what went wrong. Therefore, 0 is used for a succesful execution, and 1-255 to indicate what kind of error occured. The meaning of the numbers 1-255 differs depending on the program returning them.

Anyway, if executes the block after then when the command returns 0. Yes, conditions are commands. The phrase [ $foo -ge 3 ] returns an exit status, and the other two syntaxes as well! Therefore, there’s a neat trick you can use to quickly test a condition:

[ $foo -ge 3 ] && echo true

In this example, “echo true” is only executed if “[ $foo -ge 3 ]” returns 0 (true). Why is that, you might ask. It’s because bash only evaluates a condition when needed. When using the and combining expression, both conditions need to be true to make the combining expression return true. If the first condition returns false, it doesn’t matter what the second one returns; the result will be false. Therefore, bash doesn’t evaluate the second condition, and that’s the reason why “echo true” is not executed in the example. This is the same for the or operator (”||”), where the second condition is not evaluated if the first one is true.

Well, so much for the diving. If you want to know even more, I’d like to point you to the Advanced Bash-Scripting Guide and maybe the Bash Reference Manual.’

‘System administration command. This simple backup utility accesses ext2 and ext3 file devices directly, quickly backing up files without affecting file access times. files may be specified as a mount point or as a list of files and directories to back up. While you can use this on a mounted system, dump may write corrupted information to the backup when the kernel has written only part of its cached information. Dump maintains a record of which files it has saved in /etc/dumpdates, and will perform incremental backups after creating an initial full backup. Use the restore command to restore a dump backup.
Options
-a

Write until end-of-media. Default behavior when writing to tape drives.

-A file

Create a table of contents for the archive in the specified file.

-bblocksize

Block size in kilobytes to use in dumped records. By default, it is 10, or 32 when dumping to a tape with a density greater than 6250BPI.

-Bblocks

Specify number of blocks to write per volume.

-c

Treat target as a 1700-foot-long cartridge tape drive with 8000 bpi. Override end-of-media detection.

-d density

Specify tape density.

-D file

Write dump information to file instead of /etc/dumpdates.

-E file

Exclude inodes specified in file.

-f files

Write backup volumes to the specified files or devices. Use – to write to standard output. Separate multiple files with a comma. Use host:file or user@host:file to write to a networked host using either the rmt program or the program specified by the RMT environment variable.

-F script

Run script at the end of each volume other than the last. dump will pass the current device and volume number to the script. The script should return 0 to continue, 1 to prompt for a new tape, or any other exit value to abort the dump. The script will run with the processes real user and group ID.

-i inodes

Specify a comma-separated list of inodes to skip.

-I n

Ignore the first n read errors. dump ignores 32 read errors by default. Specify 0 to ignore all errors. You may need to do this when dumping a mounted filesystem.

-j[level]

Compress each block using the bzlib library at the specified compression level. By default dump uses level 2 compression.

-k

Use Kerberos authentication when writing to a remote system.

-L label

Write the specified volume label into the dump header.

-m

Save only metadata when backing up changed but not modified files.

-M

Create a multivolume backup. Treat any filename provided with -f as a prefix.

-n

Use wall to notify members of group operator when prompting for information.

-q

Abort the backup instead of prompting for information when operator input is required.

-Q file

Create Quick Access information in the specified file for use by restore.

-s n

Write only n feet of tape in a single volume. Prompt for a new tape upon reaching this limit.

-S

Calculate and print the amount of space required to perform the backup, then exit.

-T date’

‘Last year Vector Linux came in four flavors. The list has now been expanded to seven different variations on the distribution: Standard, Deluxe, SOHO, Live, Light, Mini, and Light Live. SOHO, with KDE as the default desktop and all the most popular applications, is the full featured version. Standard is based on the Xfce4 desktop and provides superior speed and performance. Both are freely downloadable. Deluxe, available for purchase, is Standard plus a second CD with additional applications including KDE and OpenOffice. Live, as the name implies, is a live CD version of Standard. Light is a paired down, extremely lightweight version designed to run on older systems with as little as 64MB of RAM. In reality it will run with less than that. Light is built around either a JWM or Fluxbox desktop and lightweight applications. Mini is a further reduced version of Light that fits on a 5cm/3″ mini CD and requires only 1.1GB of disk space. Finally, Light Live is, as you’d expect, the live CD version of Light. So far only new Standard and Deluxe versions have been released but the others, all in various stages of development and testing, can already be sampled. This review will stick strictly with the Standard version from here on out.

My main box for testing Vector Linux 5.9 Standard my aging general purpose laptop, a five year old Toshiba Satellite 1805-S204 (1 GHz Celeron processor, 512MB RAM). Though this system has adequate memory for any current Linux distro it’s sufficiently challenged in terms of processing power for KDE to be sluggish and for Gnome to be noticeably slower than Xfce4 in most distros.

Vector Linux is almost to the point where it can seriously considered by almost any user, not just someone experienced with Linux, as most things do work as they should out of the virtual box. Some issues still require manually editing configuration files. I had hoped that by this point VL would be as user friendly as any distro out there but it isn’t there yet.

Installation and Configuration

Vector Linux 5.9 Standard is available for download as a single iso image. I’ve used both supported installation methods: a conventional installation booted from CD-ROM and a hosted installation booted from another Linux distribution already running on the system. There are two scripts provided for hosted installs: one which runs from an iso image on a mounted filesystem and one which runs from a CD-ROM that isn’t bootable. Directions and all the tools needed for a hosted installation from DOS or Windows are also provided. Installation across a network and automated installations, such as Red Hat’s kickstart, are not supported.

Vector Linux still uses an old fashioned text-based installer similar to Slackware, which is fine as far as I am concerned. A new, snazzy graphical installer is still promised for Vector Linux 6. I didn’t test to see if the installer now checks for adequate disk space, a problem with the VL 5.8 Standard installer. You need at least 3.2GB for a reasonably complete installation.

Disk partitioning is handled smoothly in VL 5.9. ext3, reiserfs, jfs, xfs, and trusty old ext2 are all supported. A list of common mount points is provided but the ability to define a non-standard mount point for a partition is lacking. Much like Slackware, Vector Linux still uses lilo and only lilo for the bootloader. Grub is available in the repository and can be installed after installation.

Video hardware detection remains relatively poor compared to other distributions and has not improved since 5.8. For example when I booted up to the GUI I was once again left with a small display in the middle of my screen surrounded by lots of black space. No amount of fiddling with X configuration in vasm (the GUI configuration tool) can make it work the way it should. It turns out the Monitor section of the /etc/X11/xorg.conf file doesn’t have proper horizontal and vertical refresh rates set and you are warned about this possibility by the installer. In addition, some options required by my laptop screen aren’t set. This problem has shown up for other users of Toshiba laptops with similar chipsets as well. Most major distributions simply don’t have problems like this in 2008.

In addition the installer doesn’t setup the system to load the kernel module needed to fully support my laptop at boot. I had to manually add:

modprobe toshiba

to my /etc/rc.d/rc.modules file to correct this. On a plain vanilla desktop system this wouldn’t be an issue, of course, but I suspect other laptop users, not just those of us with Toshiba machines, will need to do some tweaking by hand to get their laptops to be 100% functional under Vector Linux.

Printing and wireless networking aren’t handled by the installer and have to be configured after the system boots up for the first time. Expect to go into vasm or vasmCC to choose what services to start at boot as well.

One unique option in the Vector Linux installer is the ability to chose between HAL and VL-Hot for managing removable media. HAL, used by most distributions, continually polls the hardware and can have a performance impact on slower machines. VL-Hot is triggered by udev events and offers faster performance. It also uses rather long mount point paths which can be annoying if you work at the command line a lot. VL-Hot uses a second desktop icon for unmounting removable media which might be confusing to some. This is typical of many of the innovations found in Vector Linux: power users will love the flexibility and newcomers will wonder what it all means. I think most newcomers to Linux will find HAL easier to deal with.

Seamonkey is the default browser in Vector Linux. Alternate browsers (Firefox, Opera, and Dillo) are offered as options during installation. OpenOffice is not included in the iso but it is available from the repository after installation. AbiWord and Gnumeric are installed by default and Scribus, a desktop publisher, is an installer option. GIMP is also no longer included on the iso but rather is part of the new Multimedia Bonus Disc.

The installer and the documentation are in English, period. No other languages are supported despite huge progress in other areas of internationalization and localization.

Changes Since Vector Linux 5.8

There have been a huge number of changes in the latest release, both in applications and in configuration tools. Xfce 4.4.2 is the default desktop but VL has returned to the practice of offering alternative, lightweight desktops during the initial installation. This was dropped in 5.8. The alternate choices are JWM 2.0.1 and Fluxbox 1.0.0. KDE 3.5.9 is available in the repository as are a nice selection of lightweight window managers. If you choose Xfce you’ll find a much larger selection of panel applets available compared to 5.8. It’s still not the full selection from Xfce Goodies but I suspect most users will find what they want. Thunar is now the only fine manager installed by default but a number of others, including Xfe and pcmanfm, are available in the repository.

The biggest steps forward are the tools to manage and configure the system. vasm, the graphical system configuration tool, still isn’t the prettiest out there but it has a lot of functionality and works flawlessly. It’s now joined by vasmCC. The new Control Center is a fully graphical, pretty, and very functional tool for system configuration with most but not quite all the functionality of vasm. It’s reasonably easy to use and generally quite intuitive. OK, it would be more obvious for newcomers if an icon in the Network section was labeled “Network Configuration” instead of “Netconf”, but that’s a minor quibble. Once you get to below the second level of icons things look suspiciously like vasm but that’s to be expected and everything still works flawlessly.

WiFi-Radar now allows changing configuration settings within the GUI with a new preferences tab. You no longer a need to manually edit a configuration file to setup a wireless network interface. In addition, the semi-graphical alternative, vwifi, also works flawlessly. gslapt, the graphical package manager, now correctly displays dependencies for most packages. All in all configuring Vector Linux is now easier than in any previous release in most cases.

Under the hood Vector Linux now runs on a 2.6.22.14 kernel. An updated 2.6.24.3 kernel is currently in testing. It’s worked flawlessly for me so far but I did have to compile an updated madwifi driver to work with it. That should be included in the final package. Users who stick with the default kernel are well advised to install the novmsplice module to close a significant security vulnerability which came to light after VL 5.9 was released.

Kernel level support for popular laptops works as expected. Tools for my laptop, such as toshset, are in the repository.

Multimedia applications including XMMS, Xine, and optionally MPlayer have all been updated. Canada, the home of Vector Linux, has no equivalent to the DMCA so all the libraries and Win32 codecs are installed by default. Vector Linux is ready to play your mp3 files and DVDs right out of the (virtual) box. People in the United States will need to remove some packages after installation in order to comply with the law.

k3b, the KDE tool for burning CDs and DVDs, is the nicest of its kind for any platform and is now available as an option during install. KDE does not have to be installed to use k3b in VL, but a number of required KDE libraries are automatically included if you choose this option. The alternative is xfburn, a rather simplistic and limited CD burner designed to integrate with Xfce. Graveman, which I found to be horribly buggy, is no longer included.

The number of games included in the iso image have been greatly reduced. The repository does contain a large selection of games that more than makes up for this.

One of the most interesting new tools included in Vector Linux 5.9 is vpackager, a remarkably easy to use graphical tool to build packages from source. I suspect a lot of relatively new Linux users who looked at compiling software from source code as a daunting task will be surprised at just how easy it can be with vpackager. vpackager is also designed to work with CruxPorts4Slax but unfortunately that functionality isn’t quite ready from prime time just yet. When everything works properly there will be a truly easy way to install software directly from source. A How-To for wriiting ports for CruxPorts4Slack is included in the Vector Linux Wiki.

Running Vector Linux 5.9 Standard

Unlike Ubuntu (or Xubuntu or Kubuntu) the VL installer doesn’t leave you with a stripped down system to build on. It takes the approach used by larger distributions (i.e.: Fedora, Suse, Mandriva) and gives you a system with a fairly comprehensive set of applications immediately available after installation and configuration.

One of the main reasons I keep coming back to Vector Linux after trying other distributions is because it clearly is the fastest distribution with a decent set of applications and features for my older hardware Once you get past installation and configuration I still give Vector Linux a slight edge over most other distributions in terms of a user friendly, well thought out desktop.

I did run into a few bugs. As I previously reported Vetcor Linux 5.9 installs a full set of fonts for X by default but only enables the TrueType and OpenType fonts. Installing a package called fontfix, currently in the testing repository, resolved this problem.

Another annoying but minor issue is a display problem in AbiWord. Vector Linux developers chose to go with the latest bleeding edge development version, 2.5.2, rather than the latest stable release. 2.5.2 generally works but I often get a floating part of the toolbar about halfway down my screen. It’s always on top and doesn’t go away when I change instances of AbiWord or even switch to another application window. It only disappears when I close the instance of AbiWord that caused the problem. I’ve also had some interesting (OK, weird) fonts and spacing magically appear in documents.

The included version of Opera is also bleeding edge, a preview release of 9.50. It mostly works well but I’ve run into some issues with Javascript and a few web forms.

The Vector Linux 5.9 repositories include far more packages than ever before. Unfortunately there is currently a large backlog of packages in the testing repository that haven’t made it to extra just yet. Users may need to enable the testing repository to find applications they want and then disable it again before doing a system upgrade. While the number of packaged applications for Vector Linux continues to grow rapidly it still falls far short of what is available for distributions like Debian, Mandriva, Ubuntu, or Fedora. VL 5.9 is based on Slackware 12 and any Slackware packages, including those from third party sources like linuxpackages.net or slacky.eu, should work on Vector with one caveat: dependency checking may not work correctly. It’s pretty easy to end up in dependency hell if you enable third party repositories.

Multimedia and graphics software, as well as software of interest to musicians, are not going to be an issue. The selection for Vector Linux is now truly up to par thanks to the new Multimedia Bonus Disc, which deserves a review of its own.

Security Concerns and Package Management

In my review of Vector Linux 5.8 Standard I devoted a lot of space to package management, specifically the fact that for the first time in a distribution derivative of Slackware packages could be handled much the same way as they can in Debian based distributions using slapt-get and gslapt. gslapt is very similar in look and feel to synaptic and works in much the same way. slapt-get is similar to apt-get though the command syntax is different. Other distributions, i.e.: Wolvix 1.1.0, have followed suit.

The good news is that throughout the lifecycle of Vector Linux 5.8 and now 5.9 doing a:

slapt-get –update
slapt-get –upgrade

does precisely what you’d expect it to: cleanly upgrade your system by finding all the latest patches and updates and installing them. The bad news is that in Vector Linux 5.9 this functionality has been disabled from gslapt, the graphical alternative. Writing in the Vector Linux forum, one user who calls herself GrannyGeek put it this way:

I’m not glad at all that the Mark All Upgrades and View Marked have been disabled. This is nannyism at its worst. I *like* to be able to see what upgrades are available in a way that’s less laborious than going through the whole lengthy list of packages. Marking upgrades and viewing what’s marked was a convenient way to do this.

Disabling that feature was a really bad idea because it makes keeping a system secure difficult for a Linux newcomer. There is now no automated method within the GUI to determine what patches are out there and install them.

It’s worse than that. While the Vector Linux developers have been lightning fast at getting new packages out to close security vulnerabilities since the release of 5.9, there is no set method to inform users that a patch is available or even necessary. A security section exists within the forum but it isn’t used. This wasn’t a big issue in VL 5.8 because one quick check of gslapt would show you what’s out there. That simply isn’t true any longer for users who aren’t knowledgeable and comfortable on the command line.

Internationalization and Localization

Support for languages other than English has always been an area where Vector Linux was weak compared to other distributions. There has been tremendous improvement in VL 5.9 in terms of providing the tools necessary for supporting a large variety of languages. What is still lacking are graphical configuration tools to allow a newcomer to change language, locale, and keyboard settings for the system default, individual users, or on a session by session bases.

A wide variety of international font sets for languages that use non-Latin character sets are now installed by default. One one hand I’m not sure how many Vector Linux users are likely to need the Syriac or Ethiopic fonts which are installed. On the other hand Vector Linux is probably the only distro where probably every web page in the world will likely be displayed correctly out of the box. Whether a user can read what’s displayed is another matter. I should note that the full set of Cyrillic fonts for X is installed by default but not enabled. The fontfix package I referred to earlier does remedy this. In addition the selection of fonts for a given set of non-Latin glyphs is generally small. Additional font packages are beginning to show up in the repository.

KDE i18n packages are in the main repository. fribidi, the software at the core of support for languages written right to left such as Arabic, Hebrew, and Thai, is installed by default. The Xfce4 keyboard switching applet is also included. That applet doesn’t alter the /etc/X11/xorg.conf file, though, so if you don’t have KDE installed you still have to manually edit that file to add support for additional keyboard layouts other than your chosen default.

A full set of aspell dictionaries are now in the repository as are language packs for Mozilla Firefox, Thunderbird, and Sunbird. This is a huge step forward. Strangely langauge packs for Seamonkey, the default browser in VL, aren’t there yet. Open Office internationalization packages and dictionaries are also still missing.

If your goal is a truly localized system, not just a system running in English with support for other languages, you still need to do significant work to make it happen in Vector Linux Standard. Most all packages are now built with whatever translations are available. However, the default display manager is a rebuilt, trimmed down version of kdm. As previously noted language switching at login is not supported. If you want to change the default language or locale you have to do it at the command line and/or by editing appropriate configuration files.

Conclusions

Many of the issues I complained about in my previous review of Vector Linux 5.8 were fixed in 5.9. The installer still has some issues with hardware detection on my laptop. I had to do only minor configuration tweaking after installation and I was up and running. Someone with well supported desktop hardware might find the Vector Linux “just works” for them. Internationalization and localization are vastly improved in VL 5.9 but there still is a long way to go to make it user friendly and some packages are still lacking.

Once you have Vector Linux installed, configured, and customized to your needs it’s an absolute pleasure to run. It’s fast and sleek and well thought out. Experienced Linux users and those willing to roll up their sleeves and learn will likely find Vector Linux to be one of the best desktop distributions out there. Newcomers and anyone else who just wants things to work after a simple installation may still find that getting Vector Linux 5.9 is still an exercise in frustration if there is anything that isn’t vanilla in their system. Those whose primary language is something other than English and aren’t bothered by the lack of GUI tools may find that Vector Linux 5.9 finally meets there needs. Newcomers to Linux and anyone uncomfortable with manually editing configuration files will find that getting VL to work for them in their own language is more than they bargained for.

Vector Linux 5.9 is their best release yet. It just isn’t for everyone. Vector Linux was about 90% of the way to being about the best distro out there a year ago. While tremendous progress has been made in some areas in other areas, like keeping a system upgraded and secure, VL actually took a step backwards with this release. With a little more attention to the needs of newcomers Vector Linux could become the next big Linux distribution.

I have yet to find a perfect Linux distribution and I have never written a review where I didn’t find something to complain about. Even with the issues I’ve raised Vector Linux is still my favorite distribution for the desktop or laptop.’

‘A few weeks ago a new version of RSSTail came out. After reading the RSSTail page I found out that you can use RSSTail as a plugin to a fantastic application called multitaill. That is when I realized that multitail is actually written by the same person.

If you rely on tail, or have ever used tail you’ll probably enjoy this one. As the name implies it is a pager like tail except that it supports for more than one stream. Now, I know some of you have probably used some wizardry do get your favorite pager to show multiple streams, either in the same output or by using screen / splitvt but multitail really simplifies the process. It has all kinds of settings (such as color) and allows you to manage your tail’d files on the fly and even save the current view for later use. It does have a little bit of a learning curve but I think it is well worth it, especially if one of your hobbies includes log watching.’

‘Researchers at Sophos discovered that Apple updated the anti-malware protection built-into Mac OS X when it released a new version earlier this week.

Mac OS X 10.6.4 has been updated to provide limited protection against OSX/Pinhead-B (called HellRTS by Apple), a backdoor Trojan which can allow remote hackers to gain control over Mac computers for the purposes of identity theft, spying and the distribution of spam.

This malware was distributed disguised as the iPhoto application by malicious hackers.

Sophos researchers discovered that Apple updated a file called XProtect.plist – the file that contains elementary signatures of a handful of Mac threats – to detect HellRTS.

‘

‘Facebook, Twitter and Skype are Internet behemoths, counting hundreds of millions users each, so it is not surprising that many malicious email campaigns masquerade as legitimate notices coming from these three sources.

The number of emails that try to trick recipients into downloading malicious files has surged in the last few days. Users are notified that their Twitter or Facebook password has been reset, that they should check details of purchases effected through Skype, that they have messages waiting for them, etc.

What these emails have in common is that they contain a .html file, which changes name from email to email, but always contains a a script that redirects the users to a website rife with malicious code that tries to exploit vulnerabilities in Adobe, IE and Java and through them download malware on the users’ computer.

A Bkis security researcher thinks we are witnessing the birth of a new trend. According to him, attackers will be switching to this kind malicious files for two reasons:

* A lot of people have learned by now that .exe and .zip files in attachments are probably bad news and they delete the email, but .html files have managed to avoid looking instantly suspicious.
* These .html attachments don’t contain any kind of malicious or exploit code, which makes them perfect for bypassing antivirus programs integrated in mail servers or antivirus solutions in general:

When you think about it, the file in question does the exact same thing a malicious link would do, but – once again – many users have learned not to click on those either.
‘

‘Symantec released its new security threat report which highlights key trends in cybercrime from Jan.1, 2009 to Dec. 31, 2009. In a year bookended by two very prominent cyber attacks – Conficker in the opening months of the year and Hydraq at the very end – the report reveals continued growth in both the volume and sophistication of cybercrime attacks.

Notable trends highlighted in this year’s report include:

An increase in the number of targeted threats focused on enterprises
Given the potential for monetary gain from compromised corporate intellectual property (IP), cybercriminals have turned their attention toward enterprises. The report found that attackers are leveraging the abundance of personal information openly available on social networking sites to synthesize socially engineered attacks on key individuals within targeted companies. Hydraq gained a great deal of notoriety at the beginning of 2010, but was only the latest in a long line of such targeted attacks including Shadow Network in 2009 and Ghostnet in 2008.

Attack toolkits make cybercrime easier than ever
Cybercrime attack toolkits have lowered the bar to entry for new cybercriminals, making it easy for unskilled attackers to compromise computers and steal information. One such toolkit called Zeus (Zbot), which can be purchased for as little as $700, automates the process of creating customized malware capable of stealing personal information. Using kits like Zeus, attackers created literally millions of new malicious code variants in an effort to evade detection by security software.

Web-based attacks continued to grow unabated
Today’s attackers leverage social engineering techniques to lure unsuspecting users to malicious websites. These websites then attack the victim’s Web browser and vulnerable plug-ins normally used to view video or document files. In particular, 2009 saw dramatic growth in the number of Web-based attacks targeted at PDF viewers; this accounted for 49 percent of observed Web-based attacks. This is a sizeable increase from the 11 percent reported in 2008.

Malicious activity takes root in emerging countries
The report saw firm signs that malicious activity is now taking root in countries with an emerging broadband infrastructure, such as Brazil, India, Poland, Vietnam and Russia. In 2009, these countries moved up the rankings as a source and target of malicious activity by cybercriminals. The findings from the report suggest that government crackdowns in developed countries have led cybercriminals to launch their attacks from the developing world, where they are less likely to be prosecuted.

Other ISTR highlights:

* Malicious code is more rampant than ever. In 2009, Symantec identified more than 240 million distinct new malicious programs, a 100 percent increase over 2008.
* Top threats. The Sality.AE virus, the Brisv Trojan and the SillyFDC worm were the threats most frequently blocked by Symantec security software in 2009.
* Downadup (Conficker) still very prevalent. It was estimated that Downadup was on more than 6.5 million PCs worldwide at the end of 2009. Thus far, machines still infected with Downadup/Conficker have not been utilized for any significant criminal activity, but the threat remains a viable one.
* Compromised identity information continues to grow. Sixty percent of all data breaches that exposed identities were the result of hacking. In a sign that this issue is not limited to a few larger enterprises, the Symantec State of Enterprise Security Report 2010 reported that 75 percent of enterprises surveyed experienced some form of cyber attack in 2009.
* Another turbulent year for spam. In 2009, spam made up 88 percent of all e-mail observed by Symantec, with a high of 90.4 percent in May and a low of 73.7 percent in February. Of the 107 billion spam messages distributed globally per day on average, 85 percent were from botnets. The 10 major bot networks, including Cutwail, Rustock and Mega-D now control at least 5 million compromised computers. Throughout 2009, Symantec saw botnet infected computers being advertised in the underground economy for as little as 3 cents per computer.
* Applying security patches continues to be a challenge for many users. The report found that maintaining a secure, patched system became more challenging than ever in 2009. Moreover, many users are failing to patch even very old vulnerabilities. For example, the Microsoft Internet Explorer ADODB.Stream Object File Installation Weakness was published on August 23, 2003, and fixes have been available since July 2, 2004, yet it was the second-most attacked Web-based vulnerability in 2009.

“Attackers have evolved from simple scams to highly sophisticated espionage campaigns targeting some of the world’s largest corporations and government entities,” said Stephen Trilling, senior VP, Security Technology and Response, Symantec. “The scale of these attacks and the fact that they originate from across the world, makes this a truly international problem requiring the cooperation of both the private sector and world governments.”

The complete report is available here. ‘net-security.org

‘Qubes is an open source operating system based on Linux, which is designed to provide strong security for desktop computing. Its unique selling point is that all applications that are run on Qubes is sand-boxed from each other.

This is achieved by way of virtualization of all applications using Xen Hypervisor.

Computer systems usually provide OS security in three basic ways, namely -

1. Security by correctness,
2. Security by obscurity, and
3. Security by isolation.

Qubes OS developers have embraced the path of security by isolation. To do this Qubes utilizes virtualization technology to isolate various programs from each other. This makes Qubes OS a secure by default operating system.

The idea is that virtual machines will be created on demand, for each application and discarded after use. Industry pundits have coined a new name for it – Disposable Virtual Machine technology.’linuxhelp.blogspot.com

PHP 4 introduced a foreach construct, much like Perl and some other languages. This simply gives an easy way to iterate over arrays. foreach works only on arrays, and will issue an error when you try to use it on a variable with a different data type or an uninitialized variable. There are two syntaxes; the second is a minor but useful extension of the first:

foreach (array_expression as $value)
statement
foreach (array_expression as $key => $value)
statement

The first form loops over the array given by array_expression. On each loop, the value of the current element is assigned to $value and the internal array pointer is advanced by one (so on the next loop, you’ll be looking at the next element).

The second form does the same thing, except that the current element’s key will be assigned to the variable $key on each loop.

As of PHP 5, it is possible to iterate objects too.

Note: When foreach first starts executing, the internal array pointer is automatically reset to the first element of the array. This means that you do not need to call reset() before a foreach loop.

Note: Unless the array is referenced, foreach operates on a copy of the specified array and not the array itself. foreach has some side effects on the array pointer. Don’t rely on the array pointer during or after the foreach without resetting it.

As of PHP 5, you can easily modify array’s elements by preceding $value with &. This will assign reference instead of copying the value.
< ?php
$arr = array(1, 2, 3, 4);
foreach ($arr as &$value) {
$value = $value * 2;
}
// $arr is now array(2, 4, 6, unset($value); // break the reference with the last element
?>
This is possible only if iterated array can be referenced (i.e. is variable), that means the following code won’t work:
< ?php
foreach (array(1, 2, 3, 4) as &$value) {
$value = $value * 2;
}

?>
Warning

Reference of a $value and the last array element remain even after the foreach loop. It is recommended to destroy it by unset().

Note: foreach does not support the ability to suppress error messages using ‘@’.

You may have noticed that the following are functionally identical:
< ?php
$arr = array("one", "two", "three");
reset($arr);
while (list(, $value) = each($arr)) {
echo "Value: $value
\n”;
}

foreach ($arr as $value) {
echo “Value: $value
\n”;
}
?>
The following are also functionally identical:
< ?php
$arr = array("one", "two", "three");
reset($arr);
while (list($key, $value) = each($arr)) {
echo "Key: $key; Value: $value
\n”;
}

foreach ($arr as $key => $value) {
echo “Key: $key; Value: $value
\n”;
}
?>

Some more examples to demonstrate usages:
< ?php
/* foreach example 1: value only */

$a = array(1, 2, 3, 17);

foreach ($a as $v) {
echo "Current value of \$a: $v.\n";
}

/* foreach example 2: value (with its manual access notation printed for illustration) */

$a = array(1, 2, 3, 17);

$i = 0; /* for illustrative purposes only */

foreach ($a as $v) {
echo "\$a[$i] => $v.\n”;
$i++;
}

/* foreach example 3: key and value */

$a = array(
“one” => 1,
“two” => 2,
“three” => 3,
“seventeen” => 17
);

foreach ($a as $k => $v) {
echo “\$a[$k] => $v.\n”;
}

/* foreach example 4: multi-dimensional arrays */
$a = array();
$a[0][0] = “a”;
$a[0][1] = “b”;
$a[1][0] = “y”;
$a[1][1] = “z”;

foreach ($a as $v1) {
foreach ($v1 as $v2) {
echo “$v2\n”;
}
}

/* foreach example 5: dynamic arrays */

foreach (array(1, 2, 3, 4, 5) as $v) {
echo “$v\n”;
}
?>

The include_once() statement includes and evaluates the specified file during the execution of the script. This is a behavior similar to the include() statement, with the only difference being that if the code from a file has already been included, it will not be included again. As the name suggests, it will be included just once.

include_once() may be used in cases where the same file might be included and evaluated more than once during a particular execution of a script, so in this case it may help avoid problems such as function redefinitions, variable value reassignments, etc.

See the include() documentation for information about how this function works.

Note: With PHP 4, _once functionality differs with case-insensitive operating systems (like Windows) so for example:

Example #1 include_once() with a case insensitive OS in PHP 4
< ?php
include_once "a.php"; // this will include a.php
include_once "A.php"; // this will include a.php again! (PHP 4 only)
?>

This behaviour changed in PHP 5, so for example with Windows the path is normalized first so that C:\PROGRA~1\A.php is realized the same as C:\Program Files\a.php and the file is included just once.

Multiple files can be uploaded using different name for input.

It is also possible to upload multiple files simultaneously and have the information organized automatically in arrays for you. To do so, you need to use the same array submission syntax in the HTML form as you do with multiple selects and checkboxes:

Example #1 Uploading multiple files

When the above form is submitted, the arrays $_FILES['userfile'], $_FILES['userfile']['name'], and $_FILES['userfile']['size'] will be initialized (as well as in $HTTP_POST_FILES for PHP versions prior to 4.1.0). When register_globals is on, globals for uploaded files are also initialized. Each of these will be a numerically indexed array of the appropriate values for the submitted files.

For instance, assume that the filenames /home/test/review.html and /home/test/xwp.out are submitted. In this case, $_FILES['userfile']['name'][0] would contain the value review.html, and $_FILES['userfile']['name'][1] would contain the value xwp.out. Similarly, $_FILES['userfile']['size'][0] would contain review.html’s file size, and so forth.

$_FILES['userfile']['name'][0], $_FILES['userfile']['tmp_name'][0], $_FILES['userfile']['size'][0], and $_FILES['userfile']['type'][0] are also set.