Sometimes if a USB memory stick or memory card stops working cor-rectly, the best plan is to reformat it. To do this under Ubuntu, follow the steps below. Note that the instructions are extremely thorough—
first the partition on the memory stick is deleted, then a new one is created and subsequently formatted. This should return virtually any USB stick to life, provided it isn’t suffering from a hardware failure:
1. With the memory stick/card inserted, so its icon appears on the desktop, look for what it’s called (itslabel) and make a note.
2. Now you must find how Ubuntu refers to it on a technical level, so you can use the information later when formatting. Open a terminal window and type mount. Look through the list of results for the label you noted, and then make a note of the beginning of the line, which will begin /dev. For example, on my test system, the beginning of the line read:
/dev/sdb1 on /media/KINGSTON type vfat (rw.nosuid,nodev ...
FORMAT AUSBMEMORY STICK(OR CAMERA MEMORY CARD) 105
Figure 3.12: Finding out how a USB stick is referred to on a technical level (see Tip44, on the preceding page)
So I made a note of/dev/sdb1. See Figure3.12for an example from my test PC with the relevant line highlighted. What you discover may be different from my test PC because this identifier depends on how many hard disks and other removable storage devices that you have attached to your computer.
3. Right-click the desktop icon for the memory stick and selectUnmount Volume.
4. Back in the terminal window, type the following:
$ sudo cfdisk /dev/sdb
You should replace /dev/sdb with what you discovered earlier—
note that you will need to drop the number from the end. You should now see a listing showing the partition on the USB stick, as shown in Figure 3.13, on the next page. If you see an error message instead, hit any key to quitcfdiskand try the following:
$ sudo cfdisk -z /dev/sdb
5. If you didn’t see an error message, hit d to delete the partition.
Then, regardless of whether you saw an error message or not, hit n to create a new partition and hit Enter twice to accept
FORMAT AUSBMEMORY STICK(OR CAMERA MEMORY CARD) 106
Figure 3.13: Repartitioning the USB memory stick using cfdisk (see Tip44, on page104)
the default suggestions of partition type and size. Then hit t, hit Enter, and type 0C (that’s zero then C) to set the new par-tition type. Finally, hit W (that’s Shift plus w), typeyesand, once the partition table has finished being written to disk, type q to quit cfdisk (don’t worry about the error messaging saying that no primary partitions are marked bootable—this is irrelevant in this case).
6. If, at this stage, the USB stick’s icon suddenly reappears on the desktop, right-click it and once again selectUnmount volume(close the file browsing window first, if one has appeared). Then type the following into the terminal window to format the new partition:
$ sudo mkfs.vfat -F 32 -n USBSTICK -I /dev/sdb1
You should replaceUSBSTICKwith the label you want to apply to the device, and/dev/sdb1with the hardware identification you discov-ered earlier. Once the format has completed the USB memory stick should automatically mount on the desktop. If not, remove it and then reinsert it.
To learn how to do cool things with USB memory sticks, see Tip 31, on page88; Tip 113, on page 162; Tip 145, on page 188; Tip 229, on page270; Tip305, on page355; and Tip309, on page361.
PROTECTUBUNTU SO IT CAN’T BE BOOTED WITHOUT A PASSWORD 107
45 Protect Ubuntu so it can’t be booted without a password
You can lock the boot menu so that selected boot options won’t work unless the menu is unlocked by hitting p and typing a password. Addi-tionally, unless the menu is unlocked, it won’t be possible to edit the boot menu entries, so an intruder can’t edit a boot menu entry to get around the protection.
To be honest, a password-protected boot menu doesn’t offer any seri-ous security because it’s easily overcome by booting from the Ubuntu installation CD, which will provide unrestricted access to the hard disk contents.9However, the technique might be useful to protect your data from nosey family members or work colleagues who are casually nosey but not technically adept.
Start by opening a terminal window and typing the following:
$ grub-md5-crypt
You’ll then be prompted for a password. This will be the boot menu password, so type it carefully. Then type it again when prompted to confirm it. As with any password, it can include letters, numbers, sym-bols or spaces.
Once the password has been entered, a password hash is outputted at the prompt—a stream of seemingly random letters, numbers and/or symbols. This is the password in encrypted form. It’s encrypted so that it can be added to the boot menu configuration file in a way that people won’t be able to decode it by looking at the file.
To add it, open the boot menu file using Gedit:
$ gksu gedit /boot/grub/menu.lst
9. Better protection for a PC with a password-protected boot menu, as described in Tip45, can be had by simply removing the floppy and CD/DVD drive hardware from the PC, thus limiting the opportunities to use a boot media that will give root access.
You should also disable booting from removable storage in the PC’s BIOS, and add a BIOS password. Even after all this I can still think of a few ways of getting around the protection, but it’s perhaps as good as it can get, short of locking away the PC or mounting 24-hour surveillance on it.
PROTECTUBUNTU SO IT CAN’T BE BOOTED WITHOUT A PASSWORD 108
...and, at the top, add a new line that readspassword --md5, then, imme-diately following, copy and paste-in the password hash you created.
Here’s how the line looked on my test machine:
password --md5 $1$Qeb3b$XO.lbPvj47A3GEywBcR6m
Following this, look for the line in the boot menu file that refers to your Ubuntu installation. It’ll probably be something like the following, and will be immediately below a line that reads ## ## End Default Options ##
(note that I’ve truncated the third line of the entry for reproduction here):
Here’s how the entry looked after I’d finished editing it (again, with the third line truncated):
Addlockto all the other boot menu entries too, assuming you want to stop somebody booting them without typing the password—if you only want to stop Ubuntu being booted then no further work is needed. If lockisn’t added to an entry in the boot menu file then any user will be able to select that entry and boot into it.
See Figure3.14, on the next page for an example of how the boot menu file looked on my computer once I’d addedlockto each entry.
Once done, save the file and quit Gedit. Following this, test out your password protection by rebooting. Once the computer restarts, you’ll see that the boot menu appears as usual, and you’ll be able to move the selection highlight up and down using the cursor keys. But you won’t be able to select any to boot into—if you try, you’ll see the error messageError 32: Must be authenticated. You’ll then be prompted to hit a key and return to the boot menu. Hitting e to try and edit an entry won’t work either.
DUMP THE TEXT ON A VIR TUAL CONSOLE TO A FILE 109
Figure 3.14: Adding password-protection to the boot menu file (see Tip45, on page107)
To authenticate, hit p when the boot menu appears. Then type the password you chose earlier (the actual password, not the encrypted hash!). Following this you’ll be able to select any entry on the boot menu and subsequently boot the computer.
To do another interesting thing to the boot menu, see Tip 139, on page180.
46 Dump the text on a virtual console to a file
If you’re trying to fix a problem you might want to capture the out-put of a command for reproduction on a website forum, along with the command you typed to get the results. If you’re working in a terminal window you can cut and paste, but what if you’re working at a virtual
ELIMINATE THE TIME PERIOD DURING WHICH SUDO/GKSU POWERS HANG AROUND 110
console? If you simply want to capture the result of a command, just redirect the output:
$ ls > output.txt 2>&1
This will send both the output and error output (if any) of the ls com-mand tooutput.txt. If you want to capture the command you typed, and any other command-line detritus (including output), use the screen-dump command. The following will send everything currently on the current screen (command-line prompts included) to a text file called output.txt:
$ sudo screendump > output.txt
The command has to be issued as root because of permission issues but the resulting file will be owned by you.
For more virtual console tricks and tips, see Tip18, on page76; Tip179, on page219; Tip193, on page232; Tip198, on page 236; Tip207, on page241; and Tip233, on page276.