Wednesday, September 27, 2006
Kill Linux processes with the same parent PID

1. use pstree to get the tree
2. use ps -g <group id>
3. use ps -j to list group id
4. use ps | awk | xargs kill -9

Tuesday, September 26, 2006
Virtual Network Computing(VNC)
Quoted from
by Frank Hilliard

How to  Run Linux KDE on an Windows Box

The answer is with a server-viewer application called Virtual Network Computing from AT&T Laboratories in Cambridge.

Get it from

Gunzip it and and untar it and it will create a subdirectory of its own called vnc_x86_linux_2.0. Change directory into it and open up the readme file using vi. It's easy, just type "vi README" and hit enter. Scroll down and you'll see that you have to copy five files to the /usr/local/bin directory. You also have to make a new /usr/local/vnc/classes directory and copy everything in the vnc_x86_linux_2.0 classes directory into it.

The moment of truth is when you run the vncserver script for the first time. Go into the directory you've put it in and type "./vncserver". This will prompt you for a password and launch the server on your system.

Getting KDE

Modify ~/.vnc/xstartup file
startkde &

remember to Disable screen saver

From client
From web browser http://yourserver:5801
From vnc viewer (the port number is 5900+screen number)

choose server yourserver:1 (screen number)

Friday, September 22, 2006
Javascript Debugger

For IE explorer, install MSE (Microsoft Script Editor) that is shipped
with office XP and office 2003.

For Firefox, see

Some cool stuff about Javascript

1. tailor the web page as you wish
2. view the html source in a better way
3. thousands of free Javascripts for use.

Monday, September 11, 2006
Java CodeDOM

From scratch

It is possible to create a CompilationUnit from scratch using the factory methods on AST. These method names start with new.... The following is an example that creates a HelloWorld class.

The first snippet is the generated output:

package example; 
import java.util.*;
public class HelloWorld {
public static void main(String[] args) {
System.out.println("Hello" + " world");

The following snippet is the corresponding code that generates the output.

AST ast = new AST();  
CompilationUnit unit = ast.newCompilationUnit();
PackageDeclaration packageDeclaration = ast.newPackageDeclaration();
ImportDeclaration importDeclaration = ast.newImportDeclaration();
QualifiedName name =
TypeDeclaration type = ast.newTypeDeclaration();
MethodDeclaration methodDeclaration = ast.newMethodDeclaration();
methodDeclaration.setModifiers(Modifier.PUBLIC | Modifier.STATIC);
SingleVariableDeclaration variableDeclaration = ast.newSingleVariableDeclaration();
org.eclipse.jdt.core.dom.Block block = ast.newBlock();
MethodInvocation methodInvocation = ast.newMethodInvocation();
name =
InfixExpression infixExpression = ast.newInfixExpression();
StringLiteral literal = ast.newStringLiteral();
literal = ast.newStringLiteral();
literal.setLiteralValue(" world");
ExpressionStatement expressionStatement =

Thursday, September 07, 2006
A good paper about File Permission from Clement Lefebvre

Get from, Contributed by Clement Lefebvre in Security

In GNU/Linux, file access is restricted. Users don't necessarily have the same rights when it comes to deleting, executing or even reading files. In fact, every file contain data such as its owner, its permissions and other information which defines exactly what can be done with it, and by whom.

Note: GNU/Linux treats everything as a file. As a consequence, directories use the same permission scheme.

Understanding file permissions

In GNU/Linux every user has his own user account, and is a member of one or more user groups. Similarly, each file belongs to a user and to a user group. For restricting file access, GNU/Linux (and Unix in general) defines three different types of rights:

- Read (symbolized by the letter r), which means that the file can be read;
- Write (symbolized by the letter w), which means that the content of the file can be changed;
- Execute (symbolized by the letter x), which means that the file can be executed.

For each file, each of these rights (Read, Write and Execute) are defined for three sets of users :

- The user (symbolized by the letter u), who is the owner of the file.
- The group (symbolized by the letter g), who represents all the users who are members of the group which the file belongs to (as a file belongs both to a user, and a user group).
- The others (symbolized by the letter o), who basically represent all the users that are neither members of the group nor the owner of the file.

For instance, if a file belongs to George (as the owner) and Administrators (as the group), it can define different Read, Write and Execute permissions for George, for members of the "Administrators" group, and for all other users.

Reading file permissions : ls -l

All information related to file permissions is contained within the file and can be viewed by the "ls -l" command:

ls -l myfile -rwxr-x---  1 george administrators 10 2006-03-09 21:31 myfile

As you can see in this example, the "ls -l" command gives a lot of information about the file "myfile":

- Its name, "myfile";
- Its permissions, "-rwxr-x---";
- Its owner, "george";
- Its group, "administrators";
- And other information which is not relevant to this article.

The way permissions are shown can seem a bit confusing if you're new to GNU/Linux or Unix, but don't be mistaken, it is very simple. The first character simply indicates the type of file as indicated in the table below:

Character Type of file
- regular file
d directory
l symbolic link
s socket
p named pipe
c character device file (unbuffered)
b blocked device file (buffered)

In this case myfile is a regular file. Let's have a look at the other nine characters: "rwxr-x---".

The first three characters indicate whether or not the read, write and execute permissions are given to the owner (in this case, George). If they are, their character representation appear (r, w or x), otherwise they are replaced by the character "-". In the same manner, the next three characters indicate whether or not these permissions are given to the group (in this case, Administrators). Finally, the last three characters indicate whether the same rights are given to the others (in this case, people who are not members of the Administrators group).

Letter Permission
r Read
w Write
x Execute, Go through (for directories)
- No permission

Letter Type of users
u User (owner of the file)
g Group (group to which belong the file)
o Other (users who are neither a member of the Group nor the owner of the file)
a All (everybody)

So, in our example myfile features the following set of permissions : "

". This means that George has all three rights on it, that members of the Administrators group can only read (R) and execute (X) the file, and that everybody else can't do anything with the file.

You could imagine that this file, written and maintained by George could be an executable script dedicated to the administrators and not made available to other users.. but hey.. this is only an example, so let's not assume too much :) The important thing is that you now understand the concept of file permissions and that you know how to read them using the "ls -l" command. The next step is to learn how to change them.

Changing file permissions : chmod

You can change the permissions of your files (or other people's files if you're the root superuser) by using the command "chmod". The syntax is very simple. For instance if George decides to give write permissions to the administrators, he will type:

chmod g+w myfile

g represents the group of the file (administrators).
w represents the write permission.
+ represents the fact that the permission is added.

If George then lists the permissions using ls -l he obtains:

ls -l myfile -rwxrwx---  1 george administrators 10 2006-03-09 21:31 myfile

As you can see, the administrators now have write access to the file, and permission to change its content.

The "chmod" command takes 4 parameters:

- The type of users to apply the change of permissions for (u for user, g for group, o for others, a combination of them or a for all three of them).
- The type of change to make (+ to add permissions, - to remove permissions, = to define permissions)
- The type of permissions to apply the change with (r for read, w for write, x for execute)
- The file or group of files to apply the change on (filename for a precise file, but wildcard characters for multiple files)

Let's have a look at a few examples:

- chmod o+r myfile adds read permission to the others on myfile;
- chmod ug+rx myfile adds read and execute permissions to both the owner (user) and the group on myfile;
- chmod a-rwx myfile removes all permissions to everybody (all) on myfile;
- chmod a=rx *.txt defines permissions to be read and write to everybody on all files suffixed by .txt.

The chmod command also accepts another syntax which is quite popular among system administrators: the octal system. Rather than using letters such as u, g, o, a, r, w and x.. you can use octal numbers. The main advantage is that once you're used to it, it is faster to use. Also, because it sets permissions rather than adding or removing them, you don't accidentally overlook anything. Here is how the octal numbers work:

Each permission is given a value:

Permission Value
- 0
x 1
w 2
r 4

Values add up when you combine permissions. Consequently the total value can go from 0 (no permission at all) to 7 (full permissions):

Permission Value
--- 0
--x 1
-w- 2
-wx 3
r-- 4
r-x 5
rw- 6
rwx 7

Finally a value is given for each of the three types of users (User, Group and Other) and these three numbers ranging from 0 to 7 are put together to form the octal number. This is the number you can use with "chmod".

For instance:

chmod 750 myfile

750 means 7 (rwx) for the owner, 5 (r-x) for the group and 0 (---) for others. As a result, the permissions of myfile will be "rwxr-x---". As seen above this command is equivalent to:

chmod u=rwx,g=rx myfile; chmod o-rwx myfile;  

Here are some common uses of the octal numbers:

- chmod 755 myfile : rwxr-xr-x, all rights to the owner, other people only read and execute;
- chmod 644 myfile : rw-r--r--, owner car read and write, other people only read;
- chmod 777 myfile : can be considered bad practice in some cases, full permissions to everybody.

Changing file owner or group : chown, chgrp

You can give ownership of your files to somebody else, or change the group that they belong to, by using the commands "chown" and "chgrp". "chown" allows you yo change the owner of the file, and "chgrp" allows you to change its group.

For instance, if George decides to give ownership of myfile to Robert, he can simply type:

chown robert myfile

Also, if Robert later on decides to make the file only available to members of the group "SeniorAdmin" group rather than to those of the group "Administrators", he can type:

chgrp senioradmin myfile

Note: The "chown" command also allows to change the group ownership. In fact George could have directly typed the following command:

chown robert:senioradmin myfile

Setting the sticky bit on a directory : chmod +t

If you have a look at the /tmp permissions, in most GNU/Linux distributions, you'll see the following:

clem@pluto:/$ ls -l | grep tmp drwxrwxrwt   10 root root  4096 2006-03-10 12:40 tmp

The "t" in the end of the permissions is called the "sticky bit". It replaces the "x" and indicates that in this directory, files can only be deleted by their owners, the owner of the directory or the root superuser. This way, it is not enough for a user to have write permission on /tmp, he also needs to be the owner of the file to be able to delete it.

In order to set or to remove the sticky bit, use the following commands:

chmod +t tmp chmod -t tmp

Setting the SGID attribute on a directory : chmod g+s

If the SGID (Set Group Identification) attribute is set on a directory, files created in that directory inherit its group ownership. If the SGID is not set the file's group ownership corresponds to the user's default group.

In order to set the SGID on a directory or to remove it, use the following commands:

chmod g+s directory chmod g-s directory

When set, the SGID attribute is represented by the letter "s" which replaces the "x" in the group permissions:

ls -l directory drwxrwsr-x  10 george administrators  4096 2006-03-10 12:50 directory

Setting SUID and SGID attributes on executable files : chmod u+s, chmod g+s

By default, when a user executes a file, the process which results in this execution has the same permissions as those of the user. In fact, the process inherits his default group and user identification.

If you set the SUID attribute on an executable file, the process resulting in its execution doesn't use the user's identification but the user identification of the file owner.

For instance, consider the script which tries to write things into mylog.log :

ls -l -rwxrwxrwx  10 george administrators  4096 2006-03-10 12:50 -rwxrwx---  10 george administrators  4096 2006-03-10 12:50 mylog.log

As you can see in this example, George gave full permissions to everybody on but he forgot to do so on mylog.log. When Robert executes, the process runs using Robert's user identification and Robert's default group (robert:senioradmin). As a consequence, myscript fails and reports that it can't write in mylog.log.

In order to fix this problem George could simply give full permissions to everybody on mylog.log. But this would make it possible for anybody to write in mylog.log, and George only wants this file to be updated by his program. For this he sets the SUID bit on

chmod u+s

As a consequence, when a user executes the script the resulting process uses George's user identification rather than the user's. If set on an executable file, the SUID makes the process inherit the owner's user identification rather than the one of the user who executed it. This fixes the problem, and even though nobody but George can write directly in mylog.log, anybody can execute which updates the file content.

Similarly, it is possible to set the SGID attribute on an executable file. This makes the process use the owner's default group instead of the user's one. This is done by:

 chmod g+s 

By setting SUID and SGID attributes the owner makes it possible for other users to execute the file as if they were him or members of his default group.

The SUID and GUID are represented by a "s" which replaces the "x" character respectively in the user and group permissions:

chmod u+s ls -l -rwsrwxrwx  10 george administrators  4096 2006-03-10 12:50 chmod u-s chmod g+s ls -l -rwxrwsrwx  10 george administrators  4096 2006-03-10 12:50

Setting the default file creation permissions : umask

When a file is created, its permissions are set by default depending on the umask setting. This value is usually set for all users in /etc/profile and can be obtained by typing:


The default umask value is usually 022. It is an octal number which indicates what rights will be removed by default to all new files. For instance, 022 indicates that write permissions will not be given to group and other.

By default, and with a umask of 000, files get mode 666 and directories get mode 777. As a result, with a default umask value of 022, newly created files get a default mode 644 (666 - 022 = 644) and directories get a default mode 755 (777 - 022 = 755).

In order to change the umask value, simply use the umask command and give it an octal number. For instance, if you want all new directories to get permissions rwxr-xr--- and files to get permissions rw-r----- by default (modes 750 and 640), you'll need to use a umask value which removes all rights to other, and write permissions to the group : 027. The command to use is:

umask 027

Wednesday, September 06, 2006
Semantic Web
from an email talking about AJAX and XLINK, to RDF, to Semantic Web

In wikipedia, search RDF to get the information about Semantic Web

Powered by Blogger