Nur „echte“ Benutzerkonten anzeigen

Um am Login Bildschirm von Fedora nur jene Konten anzuzeigen, die sich in letzter Zeit eingeloggt haben, muss man nur eine kleine Änderung an der /etc/gdm/custom.conf Datei vornehmen:

--- old/custom.conf	2011-07-07 09:35:01.462829111 +0200
+++ new/custom.conf	2011-07-07 09:30:27.146258540 +0200
@@ -7,6 +7,7 @@

Damit werden nicht oder zB nur per scp genutzte Benutzernamen ausgeblendet.

Fedora 15 on NVIDIA NVS 3100M

In an earlier post, I already wrote about how to install the proprietary video driver on Fedora. In a brief update I suggested to change the acpi_sleep kernel option to accomplish proper display wake-up from standby. Unfortunately, that solution doesn’t work reliably in my experience. Today I found a solution that seems to successfully work around the problem of the black screen by waking up the screen „manually“.

Gernot Walzl wrote a „nasty workaround“ (quoting himself) in the form of the following script:


# 2011-06-12
# by Gernot WALZL

# nasty workaround for nvidia drivers to resume from dpms off/suspend

export DISPLAY=:0

getXauthority () {
  export XAUTHORITY=$(ps -C X -f | grep "$DISPLAY" \
    | sed -n 's/.* -auth \([^ ]*\).*/\1/p')

handle_line () {
  if echo "$1" | grep -e "(EE) NVIDIA.* DisplayPort link training failed" \
      > /dev/null; then
    xset dpms force on

tail --follow=name /var/log/Xorg.0.log --retry --lines=1 2> /dev/null \
  | while read line; do
    handle_line "$line"

To actually make this do its job, I copied it into /usr/local/bin, made it executable and created an autostart entry for GNOME 3 by saving the following lines under ~/.config/autostart/

[Desktop Entry]
Name=NVidia DPMS fix
Comment=Wakes up the display properly

I believe the problem that is being worked around is indicated by a line in the Xorg.0.log:

(WW) NVIDIA(GPU-0): AUO (DFP-3): Failed to set DisplayPort power state

Although I could only test this on my machine (HP EliteBook 8440p), with some luck this works for all cases where a similar log message is found.

Fedora Live USB with GRUB

As already mentioned in my last post, my laptop won’t boot from a USB stick prepared using a binary copy of an ISO (by means of dd). Here is the method I use to boot the Fedora Live images off my USB stick using GNU GRUB2. The device node of the USB driver is denoted /dev/sdX in the following and must be replaced with the actual device node (e.g. /dev/sdc).

  1. Prepare a partition on the USB stick and/or make sure there is enough space on it (it must be slightly larger than the ISO image).
  2. Make sure it is flagged bootable. ( fdisk -l /dev/sdX is your friend)
  3. Remember the name of the USB partition you’re going to use or if unlabelled, label it.
  4. Loop-mount the ISO image using something like mount -o loop /path/to/iso /mnt/loop
  5. Copy the content of the ISO over to the USB
  6. Install GRUB on the USB by issuing grub-install --no-floppy --root-directory=/mnt/usb /dev/sdX
  7. Create a /mnt/usb/boot/grub/grub.cfg with the following content
    menuentry "Fedora Live" {
     linux /isolinux/vmlinuz0 root=live:LABEL=XYZ rootfstype=auto ro liveimg quiet  rhgb rd_NO_LUKS rd_NO_MD rd_NO_DM
     initrd /isolinux/initrd0.img
    menuentry "Fedora Live (Basic Video)" {
     linux /isolinux/vmlinuz0 root=live:LABEL=XYZ rootfstype=auto ro liveimg quiet  rhgb rd_NO_LUKS rd_NO_MD rd_NO_DM xdriver=vesa nomodeset
     initrd /isolinux/initrd0.img

    where XYZ must be replaced by the actual partition name of your USB partition.

  8. Unmount and boot

Fedora 15 Live USB for HP 8440p

Unfortunately, none of the „common methods“ for creating a Live USB workes such that my HP EliteBook 8400p would boot them. The procedure described by Jordon Mears came closest. The only technical difference is, that for some obscure reason, the machine won’t boot from anything else than FAT when it comes to USB sticks.

Here are the slightly modified steps:

  1. Download the ISO image
  2. Unmount USB
  3. Delete partitions on the USB
  4. Create one primary partition of type 0x0c (Win 95 FAT LBA) of size ??.
  5. Make it bootable
  6. Use mkfs.vfat -n USB /dev/sdX1 to create the filesystem
  7. Make sure syslinux, and isomd5sum are installed
  8. Use livecd-iso-to-disk --overlay-size-mb 512 /path/to/iso /dev/sdX1
  9. Sync

Good luck!

Fedora 14 and SSH port forwarding

Yesterday I upgraded also my workstation to Fedora 14 and soon ran into a rather unexpected problem that I couldn’t resolve due to an overwhelming amount of misleading reports and discussions on the web a.k.a. „noise“. The use-case was, that I tunnel from home to my workstation via SSH on a regular basis and for different purposes. After yesterdays upgrade I double-checked that all firewall settings are OK to permit the connection before I went home. Initialising the tunnel later that evening went without a problem, but using it issued a weird error:

channel 2: open failed: administratively prohibited: open failed

A search on the web yielded all kinds of results, mostly referring to settings in the SSH daemon. All solutions either mentioned AllowTcpForwarding, which is anyway yes by default, or PermitTunnel, which has nothing to do with port forwarding. As was to be expected, these hints didn’t help in my case.

Desperate to find more useful keyword for a search, I ran ssh in verbose mode (with -vvv), which gave (global IP addresses are replaced by X.X.X.X):

debug1: Connection to port 11080 forwarding to socks port 0 requested.
debug2: fd 8 setting TCP_NODELAY
debug2: fd 8 setting O_NONBLOCK
debug3: fd 8 is O_NONBLOCK
debug1: channel 2: new [dynamic-tcpip]
debug2: channel 2: pre_dynamic: have 0
debug2: channel 2: pre_dynamic: have 3
debug2: channel 2: decode socks5
debug2: channel 2: socks5 auth done
debug2: channel 2: pre_dynamic: need more
debug2: channel 2: pre_dynamic: have 0
debug2: channel 2: pre_dynamic: have 10
debug2: channel 2: decode socks5
debug2: channel 2: socks5 post auth
debug2: channel 2: dynamic request: socks5 host X.X.X.X port 80 command 1
channel 2: open failed: administratively prohibited: open failed
debug2: channel 2: zombie
debug2: channel 2: garbage collecting
debug1: channel 2: free: direct-tcpip: listening port 11080 for X.X.X.X port 80, connect from port 59418, nchannels 3
debug3: channel 2: status: The following connections are open:
  #1 client-session (t4 r0 i0/0 o0/0 fd 5/6 cc -1)

debug3: channel 2: close_fds r 8 w 8 e -1

No luck either.

Finally, I had the idea that SELinux could interfere here without giving the SSH daemon the possibility of a helpful error message. When I logged into my workstation this morning, the SELinux warning gave the appropriate solution in the form of a command (to be issued by root):

$ setsebool -P sshd_forward_ports 1

This fixed the problem and everything now works as before. \me = happy.