tag:blogger.com,1999:blog-12998200401817970452024-03-13T00:44:57.497+00:00Martin's Random NotesMainly geeky stuff. I hope some of it is useful.Unknownnoreply@blogger.comBlogger102125tag:blogger.com,1999:blog-1299820040181797045.post-26069284522621601872024-02-03T16:11:00.002+00:002024-02-03T16:59:39.823+00:00Bad packet length 1144391034. ssh_dispatch_run_fatal: Connection to x.x.x.x port 22: Connection corrupted<p>In the last few days, I've started getting this message when connecting with SSH from Ubuntu 22.04 to Oracle Linux 8 systems. </p><p>Fix: <span style="font-family: courier; font-size: large;">ssh -c aes256-gcm@openssh.com user@host</span></p><p>Presumably either Ubuntu or Oracle Linux (and possibly RedHat) has messed up a patch for the default cipher (apparently chacha20-poly1305@openssh.com) for that combination of operating systems. But selecting aes256-gcm works around the problem.</p><p>This probably relates to early fixes for the <a href="https://terrapin-attack.com/ ">Terrapin vulnerabilities</a>.</p><p>UPDATE... If I merely disable cipher <span style="color: #222222; font-family: monospace; font-size: 16px; text-align: justify;">chacha20-poly1305@openssh.com </span>then the two ends negotiate cipher: aes128-ctr with MAC: umac-128-etm@openssh.com , and I get a different error:</p><div style="text-align: left;"><span style="font-family: courier;">Corrupted MAC on input. <br />ssh_dispatch_run_fatal: Connection to x.x.x.x port 22: message authentication code incorrect</span></div><p>So for now perhaps the easiest thing is to enable just cipher <span style="font-family: courier;">aes256-gcm@openssh.com </span>in /etc/ssh/ssh_config whilst we wait for more mature fixes for Terrapin. I'm reluctant to go forcing just one cipher on the server side, in case I lock myself out of a box.</p>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-62495670313760542992020-04-08T08:16:00.001+01:002020-04-08T08:26:23.692+01:00HOWTO: Stop "Finish your Chromebook Setup" pop-up from displayingI recently added a new sign-in account to our Chromebooks for the kids. They had been using "Browse As Guest", but I've disabled now, that so that I can deploy the Chrome browser extension "BlockSite" to block an addictive game page (Nightfall) on the BBC website without blocking the rest of that website.<br />
<br />
Normally I'd use a GMail account for signing into a Chromebook. That's really easy (even setting up a brand-new Chomebook from scratch only takes 1 minute) but this time around, the kids already had an iCloud account, so I used that rather than giving them Gmail access - as I don't think 5-year-olds need email accounts.<br />
<br />
It was nice to see that the Chromebook allows non-Google email accounts to be used for signing in. As ever with Chromebooks, it was very quick to set up. But there was one annoyance! Each time a new browser tab was opened, a small pop-up appeared:<br />
<br />
Finish your Chromebook Setup: [Try This] [Don't Try This]<br />
<br />
Clicking [Try This] just goes to a pointless marketing page containing no functionality whatsoever. Clicking [Don't Try This] makes the dialog box go away only to reappear next time you open a tab.<br />
<br />
The fix as noted at <a href="https://support.google.com/chromebook/thread/10029131?hl=en" target="_blank">https://support.google.com/chromebook/thread/10029131?hl=en</a> is :-<br />
<br />
<br />
<li>Go to your Google Account.</li>
<li>Select 'Data & Personalisation' from the left hand side list.</li>
<li>Scroll down to 'General preferences for the web'.</li>
<li>Complete the 'Language', 'Input Tools', 'Accessibility' and 'Search Settings' </li>
<br />
<div>
I'm not sure how much you need to put in those fields, but anyway it makes the nag prompt go away.<br />
<br />
One remaining annoyance is that user profiles can be deleted accidentally from the Chromebook login page without giving a password! Only the owner's account is immune from this.<br />
<br /></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-90307825852495822532020-02-09T17:32:00.001+00:002020-02-09T17:45:35.045+00:00FIXED: Ford Focus engine won't stop when switched off - and loud clicks from one loudspeakerIn case it helps anyone else... Here's how I fixed two weird faults that had appeared at the same time on my wife's 2013 Ford Focus Mk3, which is a 1.0 EcoBoost UK version.<br />
<br />
The faults were:-<br />
<br />
1. The engine didn't stop when the ignition key was switched off. It kept on running smoothly (not like the rough "dieseling" you sometimes get when you switch off an old car with a messed up carburettor). The rev counter stopped working, and I could hear a component shut off (probably the fuel pump), but the engine kept running, and responding to the throttle.<br />
<br />
2. A loud clicking noise was coming from the driver's door loudspeaker (even though the stereo was switched off).<br />
<br />
<a name='more'></a>I managed to stop the engine by turning the key all the way to the starting position, and then switching off - but even then the auto stop/start would restart the engine if the car was in neutral and you pressed the clutch. Otherwise the car remained drivable, though it sometimes almost stalled when pulling away at junctions.<br />
<br />
My local Ford garage couldn't look at it for a week, which gave me some time to ponder the symptoms... <br />
<br />
My first thought was that a relay was sticking closed, keeping the supply going to the ignition. Taking a wild guess, I tried changing relay R16, but that made no difference, so I stuck the original relay back to be on the safe side.<br />
<br />
I realised that whilst it might just be coincidence that two faults had occurred at the same time, it was also possible that the two faults were directly related. I speculated that the car stereo head unit was failing in such a way as to produce lots of electrical noise on the CAN bus - meaning that some of the control messages that normally pass around within the car, would no longer get through: including the message to stop the engine when the key was switched off.<br />
<br />
I hooked up an ELM327 OBD2 unit and read the status from the car. There seemed to be a load of random DTC errors - possibly indicating CAN bus errors, or possibly just indicating that no-one had cleared the DTC's for a couple of years. I don't know enough about what these diagnostics actually mean.<br />
<br />
So, I decided to pull out the stereo head unit and unplug it, and see if that fixed both the faults. YouTube had several good videos showing how to remove and unplug the central fascia/control panel (this include the two central air vents and all the stereo controls) - this is just two Torx screws. That done, a further two Torx screws allow the head unit to be removed. This is a metal box about the size of the car stereos of earlier years, but with no display or controls on it.<br />
<br />
I wasn't sure the car would even run with the stereo head unit removed - as I've heard of one car where the stereo performs essential car functions. But after carefully unplugging the connections on the back of the head unit, I found the car would start - and both the faults were gone - which was great!<br />
<br />
At this point I was thinking I'd need to source a second-hand head unit from a car breaker. So I read the part number off the label on the head unit, and started looking on EBay. But whilst doing so, I realised there was something metallic rattling around when I turned the head unit over. I suspected a loose bolt, but after shaking the unit a little, out popped some change: two coins totalling £1.20! I can only assume that a child stuffed the coins into the CD slot, possibly before we bought the car. My children all deny it (and to be fair I think they would have just kept the money).<br />
<br />
After refitting the head unit and the central fascia/control panel, the car now works normally, and the stereo appears none the worse for the incident.<br />
<br />
So this was a good outcome! But in the long term, perhaps the increasingly ubiquitous use of CAN bus technology on modern cars is going to cause some faults that are a real pain to diagnose.<br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-40701382625986100762019-11-14T14:55:00.002+00:002020-06-19T12:17:16.052+01:00Automatic Patch And Reboot on CentOS Server 6 7 or 8CentOS seems to lack easy commands for automatically patching a server and then rebooting it if anything needs restarting.<br />
<br />
Basically I want to run a script via /etc/cronttab at regular intervals to patch a system and reboot if necessary. Obviously this might cause an outage (very rarely, some service won't restart), so we do it early in the morning, and we don't patch paired systems at the same time.<br />
<br />
My script for Centos 6, 7 or 8 is attached below but it's a bit scrappy! Does anyone have a better way?<br />
<br />
(UPDATED 19.6.20: Added 2>&1 stderr redirection to fix issue seen when running from /etc/cronttab on CentOS 8.)<br />
<br />
<a name='more'></a><span style="font-family: "courier new" , "courier" , monospace;">#!/bin/bash<br /><br />/usr/bin/yum -y -q upgrade<br /><br /># The needs-restarting util was moved into Yum for Centos 8...<br />if [[ -e /usr/bin/needs-restarting ]]<br />then<br /> needs_restarting="/usr/bin/needs-restarting"<br />else<br /> needs_restarting="/usr/bin/yum needs-restarting"<br />fi<br /><br />if [[ "`${needs_restarting} 2>&1 | /bin/grep -v 'Failed to read PID' | /usr/bin/wc -l`" != "0" ]]<br />then<br /> /bin/sync ; /bin/sleep 2 ; /sbin/reboot<br />fi<br /><br /><br /># If we get here, needs-restarting flagged no stale services...<br /># ... but we need to see if kernel has been updated!<br />running=`/bin/uname -r | /bin/sed -e 's/el[6789].*x86_64//'`<br />installed=`/bin/rpm -q kernel | /bin/sed -e 's/el[6789].*x86_64//' | /bin/sort -V | /usr/bin/tail -n 1 | /bin/sed -e 's/kernel-//'`<br />#echo In_RAM: ..${running}..<br />#echo On_DSK: ..${installed}..<br />if [[ $running != $installed ]]<br />then<br /> /bin/sync ; /bin/sleep 2 ; /sbin/reboot<br />fi</span>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-27460507881112625632019-11-13T10:58:00.000+00:002019-11-13T11:00:18.030+00:00HOWTO upload a Centos8 image to Digital Ocean<br />
So you'd like to run Centos 8 on Digital Ocean... But the Cloud version of Centos 8 has not been released yet, so therefore Digital Ocean does not offer Centos 8 as an option...<br />
<br />
No problem, just create a VM on your own workstation and then upload it as a Custom Image.<br />
<br />
This HOWTO assumes you have a desktop running a Linux OS, with a copy of the free VMware Player installed.<br />
<br />
<a name='more'></a><br />
<b>1) Create VM from Centos 8 ISO using VMware Player.</b><br />
<br />
- Select the Server option with no GUI and no packages selected. (Or maybe try picking the Minimal Install option? As we can always Yum Install packages later from Digital Ocean.)<br />
<br />
- To save a little size, run: "<span style="font-family: "courier new" , "courier" , monospace;">yum remove cockpit cockpit*</span>" if you don't expect to run the Cockpit GUI.<br />
<br />
<b>2) Run "<span style="font-family: "courier new" , "courier" , monospace;">dracut --force --no-hostonly</span>" </b>so that the kernel will boot on new virtual hardware after upload to DO...<br />
<br />
To quote <a href="https://fedoramagazine.org/initramfs-dracut-and-the-dracut-emergency-shell/">https://fedoramagazine.org/initramfs-dracut-and-the-dracut-emergency-shell/</a><br />
<br />
"The force parameter tells dracut that it is OK to overwrite the existing initramfs archive. The no-hostonly parameter overrides the default behavior of including only drivers that are germane to the currently-running computer and causes dracut to instead include all drivers in the initramfs.<br />
<br />
This means that dracut will now be "bloated" and have all the applicable drivers required for when the hard drive is moved. After you finish moving the hard drive you have to rerun dracut with dracut --force to regenerate a lightweight version of dracut."<br />
<br />
<b>3) Shut down the VM </b>and quit VMware.<br />
<br />
<b>4) Run "q<span style="font-family: "courier new" , "courier" , monospace;">emu-img convert VMNAME.vmdk VMNAME.qcow2</span>"</b> to export the VMDK files into a single QCOW2 file.<br />
(you may have to "<span style="font-family: "courier new" , "courier" , monospace;">yum install qemu-img</span>" first or perhaps apt-get it if you're on a Debian-derived distro).<br />
<br />
<b>5) <span style="font-family: "courier new" , "courier" , monospace;">gzip VMNAME.qcow2 </span></b>to make the image smaller before upload. For me, this produced an image of about 939 Megabytes, for upload to Digital Ocean as a custom image. You could also use Bzip for greater compression if you have a slow upload link.<br />
<br />
<b>6) Upload to Digital Ocean </b>(I used Firefox). After upload, the image will show as Pending for about 10 minutes... Then it will become available for deployment on new Dropleys.<br />
<br />
<b>7) Deploy Droplet</b> from image.<br />
<br />
<b>8) Boot Droplet and Bodge The Networking. </b> If like me you have not bothered to enable cloud-init, the network won't work initiallly, so it will be necessary to log in over the console and adjust /etc/sysconfig/network-scripts/ifcfg-ethXXX in order to get network access.<br />
<br />
- rename i<span style="font-family: "courier new" , "courier" , monospace;">fcfg-ethXXX</span> to match the name of the eth device shown in ifconfig<br />
- edit the file and:<br />
<span style="white-space: pre;"> </span>- set <span style="font-family: "courier new" , "courier" , monospace;">ONBOOT=yes</span><br />
<span style="white-space: pre;"> </span>- set <span style="font-family: "courier new" , "courier" , monospace;">DEVICE= </span>and <span style="font-family: "courier new" , "courier" , monospace;">NAME=</span> to match the name of the eth device shown in ifconfig<br />
<span style="white-space: pre;"> </span>- set the last 12 characters of the <span style="font-family: "courier new" , "courier" , monospace;">UUID=</span> to match the MAC of the eth device shown in ifconfig<br />
<span style="white-space: pre;"> </span>- set <span style="font-family: "courier new" , "courier" , monospace;">IPADDR=</span>, <span style="font-family: "courier new" , "courier" , monospace;">PREFIX=</span>, and <span style="font-family: "courier new" , "courier" , monospace;">GATEWAY=</span> to match the details shown at the bottom the console window.<br />
<span style="white-space: pre;"> </span>- set <span style="font-family: "courier new" , "courier" , monospace;">DNS1=1.1.1.1</span>, <span style="font-family: "courier new" , "courier" , monospace;">DNS2=1.0.0.1</span> (or whatever you prefer)<br />
<span style="white-space: pre;"> </span>- Hint: run "<span style="font-family: "courier new" , "courier" , monospace;">ipcalc</span>" if you need to calculate the Prefix length e.g. 20 from the netmask e.g. 255.255.240.0.<br />
<br />
After rebooting you should have SSH access.<br />
<br />
<b>9) Free up some RAM. </b>If you run "top" you will find you only appear to have about 820 MiB of RAM in total (if you are deploying a 1 GB droplet for economy.<br />
<br />
To free some memory:<br />
<br />
- run "<span style="font-family: "courier new" , "courier" , monospace;">dracut --force</span>" and reboot. This removes a little kernel bloat (see 2 above).<br />
<br />
- lose the crash kernel memory allocation:<br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;"># sed -i 's/crashkernel=auto/crashkernel=no/' /etc/default/grub</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># grub2-mkconfig -o /boot/grub2/grub.cfg </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Generating grub configuration file ...</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">done</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># reboot</span><br />
<br />
Now I have 981 MiB of RAM... Enough for a small server :-)<br />
<br />
Hope this was useful.<br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-43842024177678648842019-09-30T16:43:00.002+01:002019-09-30T16:43:20.290+01:00Fixed: Saeco Intuita coffee machine - water coming from steam wand onlyAt the weekend I decided it was time to decalcify my coffee machine - a Saeco Intuita bean to cup machine that's served us well for 5 years. I hadn't decalcified it for ages, and hadn't used the steam wand for months either.<br />
<br />
<b>After the cleaning cycle, I found the machine could not make coffee any more</b>. The brew unit seemed to be doing the rights things... Coffee beans were ground, and the little pucks of ground coffee were put into the waste hopper. But water came out of the steam wand, and no coffee from the coffee spout.<br />
<br />
<b>The fix </b>was to run some more cleaning cycles, and to use the hot water mode (press the tea cup button) to run lots of hot water through the steam wand.<br />
<br />
I think the issue was that the decalcifying cycle must have disturbed some crud in the boiler, which then got stuck in the solenoid valve that controls the steam wand. With that valve blocked open by the crud, the water was taking the easy route and coming out of the steam wand rather than going through the brew unit.<br />
<br />
So.. if you get no coffee - just lots of water from the steam wand - your first step should be to set the machine to send hot water to the steam wand, and/or try one or two decalcifying cycles with or without decalcifying chemicals.<br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-47882456061866130602019-04-30T09:47:00.000+01:002019-04-30T09:47:14.464+01:00Fix: Windows 10 update stuck at 0% via HTTP ProxyMy new network requires my Windows 10 PC to sit behind an HTTP Proxy. Normally this is no problem - the proxy settings configured in the browser just work - but sometimes the Windows Update process gets stuck at 0%. Maybe there's a race condition.<br />
<br />
Fix: <br />
<span style="font-family: "Courier New", Courier, monospace;"> netsh winhttp set proxy proxy-server="1.2.3.4:3128"</span><br />
from an elevated command prompt, where 1.2.3.4 is your Proxy server IPUnknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-86306900816240253632019-04-14T11:55:00.001+01:002019-04-14T11:55:35.023+01:00FIXED! MacOS 10.14.4 Update Breaks Gmail in Apple MailLike many Mac users, after taking an automatic update to 10.14.4 in early April 2019, my dad found that Apple Mail could no longer send or receive mail on a Google Mail account. <br />
<br />
The messsage "Google requires completing authentication in Safari" kept popping up when Mail was opened. That took you to a Safari GMail login session - but that failed to work, even with the right password, so it went round and round in an endless loop... <br />
<br />
I managed to fix it via the following steps:<br />
<br />
<a name='more'></a>1. Quit the Apple Mail program.<br />
<br />
2. Turn off content blocking in Safari. Also delete all cookies and all cache contents.<br />
<br />
3. Turn on "less secure access" in Google: <a href="https://myaccount.google.com/lesssecureapps">https://myaccount.google.com/lesssecureapps</a> . (It is not less secure! That seems deliberately misleading to me....)<br />
<br />
4. In Apple's System Preferences / Internet Accounts pane, delete the Google account, then add it back.<br />
<br />
That seems to fix it. Possibly not all of those steps were needed.<br />
<br />
All in all, this was not very impressive from Apple. But in the interests of balance, perhaps I should mention that I had similar issues (never resolved) trying to make Microsoft Mail on Windows 10 work with Gmail. I have to say, the Thunderbird mail client just works - whether it's on Mac, Windows or Linux - despite the Mozilla team's budget being a tiny fraction of that enjoyed by Apple and Microsoft.<br />
<br />
<br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-46329314773598215802019-02-14T17:02:00.003+00:002019-02-14T17:03:47.218+00:00Fix for SSH login takes 90 seconds!So... We type:<br />
<div>
<br /></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">ssh user@host.example.com</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
and it hangs for ages before it lets you log in.</div>
<div>
<br /></div>
<div>
On older distros, you got a delay of around 30 seconds unless you set <span style="font-family: "courier new" , "courier" , monospace;">UseDNS=N</span>o in <span style="font-family: "courier new" , "courier" , monospace;">/etc/ssh/sshd_config </span>but that's the default on recent OS installs e.g. Ubuntu Server 18.04.</div>
<div>
<br /></div>
<div>
I had a different problem... The DNS for <span style="font-family: "courier new" , "courier" , monospace;">host.example.com</span> had both A and AAAA records, and somehow IPv6 was taking precedence over IPv4 - despite my machine having no working IPv6 route. This led to a login delay of around 90 seconds before it finally fell back to IPv4.</div>
<div>
<br /></div>
<div>
Fix: </div>
<div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">ssh -4 user@host.example.com</span></div>
</div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
Duh'oh!</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-36574762338615346082019-02-14T15:46:00.003+00:002019-02-14T17:04:08.136+00:00SCP the config from a Cisco ASAThe syntax you're looking for is:<br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">scp user@myfirewall.myfqdn.com:system:running-config myfirewall.txt</span><br />
<br />
Or indeed:<br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">scp user@myfirewall.myfqdn.com:system:startup-config myfirewall.txt</span><br />
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-40238960454795963882018-08-26T12:01:00.003+01:002018-08-26T12:01:51.884+01:00Ubuntu 18.04 - how to lose 127.0.0.53I dislike this automatic 127.0.0.53 DNS server you see by default in /etc/resolv.conf. Whilst it works most of the time, it makes it hard to tell which upstream DNS servers are really in use. Fortunately I found a fix...<br />
<a name='more'></a><br /><br />
To lose 127.0.0.53 as the DNS, disable the systemd-resolved service and stop it:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;"><span style="white-space: pre;"> </span>sudo systemctl disable systemd-resolved.service</span><br />
<span style="font-family: Courier New, Courier, monospace;"><span style="white-space: pre;"> </span>sudo service systemd-resolved stop</span><br />
<br />
Put the following line in the [main] section of your /etc/NetworkManager/NetworkManager.conf:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;"><span style="white-space: pre;"> </span>dns=default</span><br />
<br />
Delete the symlink /etc/resolv.conf<br />
<br />
<span style="font-family: Courier New, Courier, monospace;"><span style="white-space: pre;"> </span>rm /etc/resolv.conf</span><br />
<br />
Restart network-manager<br />
<br />
<span style="font-family: Courier New, Courier, monospace;"><span style="white-space: pre;"> </span>sudo service network-manager restart<span style="white-space: pre;"> </span></span><br />
<br />
The network connection make need to be taken down and up again to finally fix /etc/resolv.conf. Check the settings in the Network Manager GUI too, of course.<br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-74562638013035918992017-12-26T21:50:00.001+00:002017-12-26T21:50:35.220+00:00Linux script to cleanse unwanted MP3 tagsAfter making a copy of my CD collection converted from FLAC to MP3, I found it failed to play in a 5-year-old car stereo on a USB stick... My Ford Focus SYNC car stereo said "Indexing USB" for about an hour, then eventually said "Bad USB Media". (Sync is "powered by microsoft" which probably explains its general crapiness).<br />
<br />
From web searches, apparently some MP3 taggers include cover art and other crazy tags, which can confuse the Ford car stereos. Maybe my FLAC-to-MP3 script pulled in some such tags (as it seemed to go to internet to pull tag data).<br />
<br />
So here's a quick and dirty Ubuntu script to iterate over my entire MP3 collection and rip out any dicey looking tags. <br />
<br />
<b>strip_unwanted_id3_tags.sh</b><br />
<b><br /></b>
<pre>for TAG in TCOP APIC PRIV TXXX TCOP MCDI POPM TCON TDAT TENC TLEN TPUB TSSE WXXX
do
echo Stripping tag $TAG from all MP3 files below current folder...
find . -name *.mp3 -exec id3v2 -r $TAG '{}' \; >/dev/null
done
</pre>
<pre>
</pre>
The list of tags to remove came by using 'id3v2' to examine the entire collection, removing the more rarely used tags plus the album art ones. <br />
<br />
This seems to make my Ford Focus accept the 128GB FAT32 USB stick. In early testing however it has failed to play tracks in correct order - grrr....<br />
<br />
By contrast a VW car stereo of a similar age (their RNS 315 unit) accepted the original unaltered MP3 files on a 128GB FAT32 SD card and just worked! Much more impressive...Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-18929541422877827962017-12-26T21:37:00.001+00:002017-12-26T21:53:35.025+00:00Linux script to convert FLAC to MP3Found this somewhere on the net but have lost the source - apologies if you are the author!
<br />
<br />
Nice clean script to convert FLAC to MP3. Nice thing is that it leaves it alone if you've already done it... So you can run it again if you've added a few FLACs. Also, for those albums that I have as MP3 rather than FLAC anyway (e.g. Amazon autorip CDs) the script copies the MP3 across to the copy directory tree, which is just what I want.<br />
<br />
Works very nicely on Ubuntu 17.10. Idea is to convert my CD collection (stored as FLAC) into MP3 format for playing in the car on a USB stick.<br />
<a name='more'></a><br />
<pre><b> build_convert_job.sh </b></pre>
<pre><b>
</b>#!/bin/bash
FLAC_PATH=$1
CONV_PATH=$2
DEBUG=0;
function usage {
echo "";
echo " This script convert all flac files from a folder to mp3 files to a second folder";
echo "";
echo " Usage :";
echo " ./conv.sh {Source Folder} {Destination Folder}";
echo " note : booth folder must exist before starting this script";
echo " files other than flac are copied to the destination folder";
echo "";
}
if [ ! -d "$2" ]; then
echo "";
echo " ERROR : [$2] is not a directory.";
usage
exit 1
fi;
if [ ! -d "$2" ]; then
echo "";
echo " ERROR : [$2] is not a directory.";
usage
exit 1
fi;
COMMANDS="run.sh"
echo "" > run.sh
echo " convert from $FLAC_PATH to $CONV_PATH ";
find "${FLAC_PATH}" -type f |while read myFile; do
SRC_DIR=${myFile%/*}
SRC_FILE=${myFile##*/}
DST_DIR=$CONV_PATH/$SRC_DIR
mkdir -p "${DST_DIR}"
# TEST if the file is a flac ....
metaflac --show-md5sum "${myFile}" 2>/dev/null 1>/dev/null
if [ $? -eq 0 ]; then
echo -n " *** $myFile [FLAC !] : "
DST_FILE=${myFile%.*}
OUT_PATH="${DST_DIR}/$( echo $SRC_FILE | sed -e 's/.flac$/.mp3/')"
if [ $DEBUG == 1 ]; then
echo " SRC = $myFile";
echo " OUT = $OUT_PATH"
fi;
if [ -f "$OUT_PATH" ]; then
echo " exist, do nothing !";
else
echo " add to compress list !";
echo "ffmpeg -y -i \"${myFile}\" -codec:a libmp3lame -q:a 0 -map_metadata 0 -id3v2_version 3 \"${OUT_PATH}\" " >> $COMMANDS
fi;
else
echo -n " *** $SRC_FILE [NOT FLAC] : "
if [ -f "${CONV_PATH}/${myFile}" ]; then
echo " exist, do nothing !"
else
echo " copy."
cp "${myFile}" "${CONV_PATH}/${myFile}"
fi
fi
done;
echo " And now, CONVERT THE FLAC's!!! "
echo sh run.sh
</pre>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-84069895764589140212016-12-30T19:24:00.001+00:002019-01-07T14:18:22.104+00:00IPTABLES refresherNeeded to activate iptables on an Ubuntu server on DigitalOcean. Found some excellent write-ups on the DO site, to solve an initial problem running 'iptables -L' and to summarise the basic stuff - including the use of "conntrack" to make the rules properly stateful rather than just noddy.<br />
<br />
TL;DR: if "iptables -L" mutters something about "no such file or directory", you need to<br />
<div class="comments" style="background-color: white; box-sizing: border-box; clear: left; font-family: proxima-nova, sans-serif; margin: 0px; padding: 0px;">
<ul class="response-list" style="font-size: 20px; margin: 0px; padding: 0px; width: 750px;">
<li class="comment-container" data-level="0" id="comment_37364" style="box-sizing: border-box; list-style: none; margin: 0px; padding: 0px; position: relative;"><div class="response comment-body-container " data-highlight="" style="border-left: 0px; border-top: 0px; box-sizing: border-box; list-style-type: none; margin: 0px; overflow-x: auto; padding: 5px 0px 0px; position: relative; z-index: 0;">
<div class="ox-auto" style="overflow-x: auto;">
<div class="response-body content-body" style="clear: left; color: #3a3a3a; font-size: 14px; margin: 0px; overflow-x: auto; padding-right: 0px; word-break: normal;">
<div class="">
<div style="font-size: 15px; margin-bottom: 10px; padding: 0px;">
sudo apt-get install linux-image-$(uname -r)</div>
</div>
</div>
</div>
</div>
</li>
<li class="comment-container" data-level="0" id="comment_37364" style="box-sizing: border-box; list-style: none; margin: 0px; padding: 0px; position: relative;"><div style="font-size: 15px; margin-bottom: 10px; padding: 0px;">
<span style="background-color: transparent;">More info in the links below... </span><br />
<br />
<span style="background-color: transparent;"><span style="background-color: transparent;">PS:
You should run "iptables -L -n -v" not just "iptables -L". The "-n" prevents rDNS lookups. The "-v" says that the interface names for each rule will be listed,
without which you can't meaningfully review the ruleset!</span></span><br />
<br /></div>
</li>
</ul>
</div>
<a name='more'></a><a href="https://www.digitalocean.com/community/questions/problem-with-iptables" target="_blank">Problem with iptables -L</a><br />
<br />
<a href="https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-iptables-on-ubuntu-14-04" target="_blank">How To Set Up a Firewall Using Iptables on Ubuntu 14.04</a><br />
<br />
<a href="https://www.digitalocean.com/community/tutorials/how-the-iptables-firewall-works" target="_blank">How the Iptables Firewall Works</a><br />
<br />
<a href="https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands" target="_blank">Iptables Essentials: Common Firewall Rules and Commands</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-26481620264100087212016-03-17T17:16:00.000+00:002016-10-07T06:37:14.405+01:00Win7 clean installs - fixing Windows Update breakage<div class="moz-text-plain" graphical-quote="true" lang="x-unicode" style="font-family: -moz-fixed; font-size: 12px;" wrap="true">
<pre wrap="">For the second time in recent months, I did a clean install of Win7 x64
Enterprise and got a solid hang in Windows Update.<a name='more'></a>
First one was the "RTM" version. That hung in WU after installing SP1.
Second one was the "SP1" patched version. That hung in WU straight away.
In each case, Windows Update hang when looking for updates, with 100%
CPU use (fan on full).
Turns out this is fixed by rebooting (to get rid of the WU stuck
processes), then installing KB3102810 from MS via a Google search (*).
(*) You will need to install Firefox or Chrome first, because the MS
website doesn't support the MSIE version in Win7 SP1.</pre>
<pre wrap="">
</pre>
<pre wrap=""><pre wrap="">UPDATE: Ben P commented: <span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px; white-space: normal;">Martin, there’s a lot of sh!t google results out there, but this is the only one which works end to end: </span><a data-saferedirecturl="https://www.google.com/url?hl=en-GB&q=http://answers.microsoft.com/en-us/windows/forum/windows_7-update/windows-7-update-solution/f39a65fa-9d10-42e7-9bc0-7f5096b36d0c?auth%3D1&source=gmail&ust=1475904267603000&usg=AFQjCNGSYIFeaN4nl73BGiaColyi_NVbtg" href="http://answers.microsoft.com/en-us/windows/forum/windows_7-update/windows-7-update-solution/f39a65fa-9d10-42e7-9bc0-7f5096b36d0c?auth=1" style="color: #1155cc; font-family: arial, sans-serif; font-size: 12.8px; white-space: normal;" target="_blank">http://answers.microsoft.com/<wbr></wbr>en-us/windows/forum/windows_7-<wbr></wbr>update/windows-7-update-<wbr></wbr>solution/f39a65fa-9d10-42e7-<wbr></wbr>9bc0-7f5096b36d0c?auth=1</a> <span style="color: #222222; font-family: arial, sans-serif; font-size: 12.8px; white-space: normal;">This is slightly different to what you’ve got in your blog but… meh </span><span style="color: #222222; font-family: Wingdings; font-size: 12.8px; white-space: normal;">J</span></pre>
How can Microsoft keep on breaking this stuff?
How do they expect consumers to keep their computers patched if the
patch manager breaks on a clean install?
Grrr!</pre>
<pre wrap="">
</pre>
<pre wrap="">
<div class="MsoNormal" style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8px; white-space: normal;">
<br /></div>
</pre>
</div>
Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-5440509851265454542015-06-16T17:38:00.001+01:002015-06-16T17:46:04.826+01:00FIXED: VMware Workstation Shared Folders don't work The current release of VMware Tools fails to compile its Shared Folders (HGFS) module on Ubuntu 14.04 guest VMs.<br />
<br />
It seems that VMware has failed to keep their code up-to-date with routine updates to the Linux kernel for some months. <br />
<br />
Solution:<br />
1. Take a snapshot of your VM guest in case step 2 goes wrong...<br />
2. Patch the VMware Tools source code in your VM guest...<br />
<a name='more'></a><br />
<span style="font-family: "Courier New",Courier,monospace;">#!/bin/sh -x</span><span style="font-family: "Courier New",Courier,monospace;">
cd /usr/lib/vmware-tools/modules/source<br />
tar xf vmhgfs.tar<br />
grep -q d_u.d_alias vmhgfs-only/inode.c && echo "already patched" && exit 0<br />
sed -i -e s/d_alias/d_u.d_alias/ vmhgfs-only/inode.c<br />
cp -p vmhgfs.tar vmhgfs.tar.orig<br />
tar cf vmhgfs.tar vmhgfs-only<br />
vmware-config-tools.pl </span><br />
<br />
This works for VMware Workstation 11.1.0 build-2496824 with the 3.16.0-41-generic kernel on Ubuntu 14.04 LTS x86_64.<br />
<br />
Sources: <a href="https://github.com/rasa/vmware-tools-patches">https://github.com/rasa/vmware-tools-patches</a><br />
<a href="https://github.com/rasa/vmware-tools-patches/issues/29" target="_blank">https://github.com/rasa/vmware-tools-patches/issues/29 </a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-10294110063295050632015-05-11T20:55:00.000+01:002015-05-11T20:55:36.318+01:00Installing & Recovering Ubuntu Server 14.04 using BTRFS<span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">Our new servers are all running Ubuntu Server 14.04 LTS. This was chosen because it's free, it's fairly mainstream, and it's supported for security updates for 5 years between major releases (after which you can update in-place to a new major release).</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">An unexpected benefit of this system is that it supports BTRFS. This was something new to me, but it turns out to offer a simple way to recover a system in the event of a disastrous update, and to recover lost files in the event of the user deleting them by mistake. </span><br />
<span style="color: #222222; font-family: arial, sans-serif;"><span style="font-size: 12.8000001907349px;"><br /></span></span><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"></span>
<a name='more'></a> The basic idea with BTRFS is that at any time you can declare a snapshot. This happens instantly. It's a point-in-time image. It doesn't cost you any disk space, except in the sense that if you delete a file, it vanishes from the live filesystem but persists in any snapshots that were created earlier.<br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">For our purposes, this is great stuff because it takes the risk out of patching your servers automatically. Also, it makes it easy to recover lost data, especially for the mail server (where we need to hold 6 years of backups for legal reasons).</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">These features are useless unless you know that they exist - and how to drive them - hence I've written these notes to give a quick overview.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><h2>
<span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">HOWTO: Install an Ubuntu Server with BRTFS</span></h2>
<span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">OK, you'll probably start by downloading the 64-bit Ubuntu LTS Server ISO file and creating a bootable USB stick from it. There are several ways to make a bootable USB stick from an .ISO file, but if you're running an Ubuntu desktop, you can click Applications / System Tools / Administration / Startup Disk Creator and off it goes.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">Be aware of an annoying little bug in the Ubuntu Server 14.04.2 LTS when installing from USB stick: the install script will only get through the first few screens before announcing that /cdrom is inaccessible (with a Retry/Cancel text dialog box). This is easily fixed:</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> - Use CTRL/ALT/F2 to flip to the second text console. </span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> - Type 'mount' to see where the USB stick is mounted (e.g. /dev/sda1)</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> - Unmount it from wherever it is, and remount it onto /cdrom :</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> umount /dev/sda1</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> mount /dev/sda1 /cdrom</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> - Exit the shell (Ctrl/D)</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> - Use CTRL/ALT-F1 to flip back to the main installer screen.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> - Select the Retry option.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">So, you just install Ubuntu Server in the normal way, but when you get to the disk partitioning stage, don't select the "full auto" mode. Go for manual disk partitioning instead. Don't worry, it's still fairly automated. Choose to use the BTRFS file system in place of the default EXT4 filesystem. You want to end up with a small swap partition (say 8 GB max) and a BTRFS root partition. Hit the save option and the installer will finish up as usual.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><h2>
<span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">SO WHAT? What can BTRFS do for me? What's so cool about it?</span></h2>
<span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">OK, firstly let's install a helper tool to automatically snapshot the root filesystem before each apt-get operation...</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # apt-get install apt-btrfs-snapshot</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">Now check that all is well with snapshot facility:</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # apt-btrfs-snapshot supported</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> Supported</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">OK that looks good: the option to create snapshots looks to be working.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">Let's list the BTRFS subvolumes within our disk partition.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # btrfs subvolume list /</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ID 257 gen 41 top level 5 path @</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ID 258 gen 35 top level 5 path @home</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">OK, to begin with, we have two subvolumes off the root filesystem. "@" is everything except /home. "@home" is the /home folder any everything below it. This means that, if push comes to shove, you can roll back system-level changes without impacting users' home folders.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">So watch what happens now when we patch the system:-</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # apt-get update && apt-get -y dist-upgrade</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ... </span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ... lots of updates happen</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ...</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # btrfs subvolume list /</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ID 257 gen 41 top level 5 path @</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ID 258 gen 35 top level 5 path @home</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ID 262 gen 38 top level 5 path @apt-snapshot-2015-05-11_13:</span><wbr style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"></wbr><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">21:42</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">Yay! The apt-btrfs-snapshot package automatically took a snapshot of the root filesystem just before the updates were made. </span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">We can also find out about APT's automatic snapshots with a slightly different command:</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # apt-btrfs-snapshot list</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> Available snapshots:</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> @apt-snapshot-2015-05-11_13:</span><wbr style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"></wbr><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">21:42</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">Either way, we have a read-only backup of the root filesystem that we can revert to if we reboot and find the system won't work properly, or at all.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">So how would we revert to a snapshot? Suppose we reboot after taking those updates, only to find that the system is screwed. </span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">Let's boot from that USB stick again to rescue the system...</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> - Pick "Rescue a broken system" from the Ubuntu installer menu</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> - Follow the prompts during initialisation</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> - At "Enter rescue mode" prompt, you will be prompted to choose a root file system.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> -> Choose: "Do not use a root file system"</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> -> Then: "Execute a shell in the installer environment"</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">OK, if you type "mount" now, you can see which device that you booted from. So you should be able to work out which device your installation is on, and mount that...</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">Example output:</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # mount /dev/sdb1 /mnt</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # ls -l /mnt</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> drwxr-xr-x 1 root root 216 May 11 12:22 @</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> drwxr-xr-x 1 root root 166 May 11 10:13 @apt-snapshot-2015-05-11_13:</span><wbr style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"></wbr><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">21:42</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> drwxr-xr-x 1 root root 10 May 11 10:16 @home</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">So if we want to revert to that automatic apt-snapshot of the root filesystem, we just rename the live one to something else, then rename the snapshot to the live one. Then reboot.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # mv /mnt/@ /mnt/@-broken-root</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # mv /@apt-snapshot-2015-05-11_13:</span><wbr style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"></wbr><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">21:42 /mnt/@</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # reboot</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">Errr, that's it! When you reboot, you are using the root filesystem as it was before the failed update. But you can still access the broken system by mounting it elsewhere. To see how this might be done, use the mount command to check the physical drive, and the 'btrfs subvolume list /' command to view the subvolumes available:-</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # mount</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ...</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> /dev/sda1 on / type btrfs (rw,subvol=@)</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> /dev/sda1 on /home type btrfs (rw,subvol=@home)</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ...</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">OK so if we want to mount our brokenroot snapshot, we can do so like this:</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # btrfs subvolume list /</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ID 257 gen 57 top level 5 path @-broken-root</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ID 258 gen 61 top level 5 path @home</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ID 262 gen 66 top level 5 path @</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">OK so we can take a look at the failed folder like so:</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # mount -o ro,subvol=@-broken-root /dev/sda1 /mnt</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # ls -l /mnt</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">If we want to zap it, unmount it, mount the parent volume, and zap it:</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # umount /mnt</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # mount /dev/sda1 /mnt</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # mount</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> /dev/sda1 on / type btrfs (rw,subvol=@)</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> ..</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> /dev/sda1 on /home type btrfs (rw,subvol=@home)</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> /dev/sda1 on /mnt type btrfs (rw)</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # ls -l /mnt</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> drwxr-xr-x 1 root root 166 May 11 11:13 @</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> drwxr-xr-x 1 root root 216 May 11 13:22 @-broken-root</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> drwxr-xr-x 1 root root 10 May 11 11:16 @home</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # btrfs subvolume delete /mnt/@-broken-root</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> Delete subvolume '/mnt/@-broken-root'</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">We can also take snapshots of a subvolume at any time. So we would snapshot the home directory like so:</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # btrfs subvolume snapshot -r /home /snapshots/home-2015-05-11</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> Create a readonly snapshot of '/home' in '/snapshots/home-2015-05-11'</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">Probably best to keep all snapshots read-only to avoid confusion.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">You can list all the snapshots of a volume like so:-</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"> # btrfs subvolume list /</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br />
<blockquote style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">
ID 258 gen 79 top level 5 path @home<br />ID 261 gen 34 top level 5 path @home/itshc/home-TEST<br />ID 262 gen 80 top level 5 path @<br />ID 263 gen 78 top level 5 path @home/itshc/home-2015-05-11<br />ID 264 gen 79 top level 262 path tmp/home-foo</blockquote>
<span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">The only thing that annoys me slightly is that the snapshots get mounted at the mount point you specified when you took them. I think it would be simpler if they were created but not mounted anywhere until requested. It's probably best to stick them into a '/snapshots' folder to avoid confusion! </span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">A better way to take snapshots seems to be to temporarily mount the base device onto /mnt and take the snapshots from there...</span><br />
<blockquote style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">
# mount /dev/sda1 /mnt<br /><br /># btrfs subvolume snapshot -r /mnt/@home /mnt/@home_snapshot_2015_05_14<br />Create a readonly snapshot of '/mnt/@home' in '/mnt/@home_snapshot_2015_05_<wbr></wbr>14'<br /><br /># umount /mnt<br /><br /># btrfs subvolume list /<br />ID 258 gen 92 top level 5 path @home<br />ID 262 gen 91 top level 5 path @<br />...<br />ID 270 gen 95 top level 5 path @home_snapshot_2015_05_14<br /></blockquote>
<span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">This avoids all your snapshots showing up until you actually mount them.</span><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><br style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;" /><span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">BTW, some forums reckon it's best to mount BTRFS filesystems as 'noatime', particularly if there are lots of snapshots, to prevent unnecessary copy-on-write operations. But I can't see why that's needed if you make sure that all your snapshots are read-only.</span><br />
<span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;"><br /></span>
<span style="background-color: white; color: #222222; font-family: arial, sans-serif; font-size: 12.8000001907349px;">Grateful for any pointers from sysadmins who are already using BTRFS in anger.</span><br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-34646691782701914812015-01-15T09:11:00.001+00:002015-01-15T09:12:31.542+00:00FIX: Ubuntu 14.04 Software Updater hangs with message "Querying Software Sources" Had this problem today. Fixed after some head scratching ....<br />
<a name='more'></a><br />
Hanging with that message suggested that the Ubuntu machine couldn't see the Internet. But browsing with Firefox, and pinging hosts from the command line, all worked perfectly.<br />
<br />
No proxy was necessary, and indeed no proxy was set <span style="font-family: "Courier New",Courier,monospace;">System Settings / Network / Network Proxy</span>. Also, there were no proxy environment variables set: that is, <span style="font-family: "Courier New",Courier,monospace;">env | grep -i proxy</span> gave no output. All good...<br />
<br />
It turned out that the file <span style="font-family: "Courier New",Courier,monospace;">/etc/apt/apt.conf</span> contained some proxy definitions specific to APT (the package manager that the Software Updater uses), for an office network that I sometimes connect to. I'm sure that I didn't enter those lines! Deleting them fixed the problem. <br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-13795163891266512612014-12-27T11:32:00.001+00:002014-12-27T11:32:11.812+00:00UK OS Paper Maps are safe!Contrary to press reports, there seem to be no plans to stop printing the Ordnance Survey core paper map products. <a href="https://www.ordnancesurvey.co.uk/blog/2014/03/maintaining-national-coverage-of-paper-maps-in-great-britain-commitment-from-ordnance-survey/" target="_blank">https://www.ordnancesurvey.co.uk/blog/2014/03/maintaining-national-coverage-of-paper-maps-in-great-britain-commitment-from-ordnance-survey/</a>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-1676532804116177472014-12-12T22:02:00.004+00:002014-12-19T11:06:05.138+00:00FIX: Airport Utility does not find any devices - Mac OS X Yosemite (10.10.1)Apple appears to have changed the way the Airport Utility admin application finds Airport and Time Capsule devices. This may also apply to the Time Machine tools for backing up and restoring Mac files. There is a simple fix...<br />
<a name='more'></a><br />
<b>Symptom:</b> Under OS X Yosemite, the Apple Airport Utility (v6.3.4) fails to find any compatible Apple devices. But "File / Configure Other" can be used successfully if you happen to know the IP address of the box you wish to administer.<br />
<br />
So... The auto discovery mechanism must have got broken when Mac OS X 10.10 was released.<br />
<br />
<b>Fix: </b>Switch off your Mac OS X firewall. Reboot your Mac. Try again!<br />
<b><br /></b>
<b>Comment:</b> This used to "just work" on earlier Mac OS X releases, but the new software smacks of poor design. Surely the auto discovery protocol should play nicely with the stateful firewall on the local host. If that's not possible for some reason, then the application needs to warn the user if their firewall settings must be changed for the application to work properly.<br />
<br />
I find it particularly irksome that dropping the firewall isn't enough - you also have to reboot the Mac. Reminiscent of older Microsoft operating systems.<br />
<br />
<b>UPDATE:</b> Another related bug in Yosemite (10.10.1). In the Finder, can't connect to my Time Capsule share without dropping the firewall and rebooting. That is, when I click on a short cut in Finder, the Finder hangs, then eventually announces that the Time Capsule can't be found. But it just works if I switch off the Mac firewall and reboot the Mac. This is crazy! The Mac is acting as a client, not a server, so the firewall setting shouldn't matter. Poor design or poor implementation? I would be grateful for any insight into this mess.<br />
<br />Unknownnoreply@blogger.com4tag:blogger.com,1999:blog-1299820040181797045.post-41923925455673247192014-12-02T11:31:00.000+00:002014-12-02T11:32:33.721+00:00Fix for "openssl s_client -connect" cert verification errorsFor Ubuntu 14.04, the correct syntax is:<br />
<b><span style="font-family: "Courier New",Courier,monospace;">openssl s_client -CApath /etc/ssl/certs -connect www.example.com:443</span></b><br />
<a name='more'></a><br />
If you miss out the -CApath option, you may get the following errors buried in the output:<br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">verify error:num=19:self signed certificate in certificate chain</span><br />
<span style="font-family: "Courier New",Courier,monospace;">Verify return code: 19 (self signed certificate in certificate chain)</span><br />
<br />
Or (depending on how the Certificate was set up):- <br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">verify error:num=20:unable to get local issuer certificate</span><br />
<span style="font-family: "Courier New",Courier,monospace;">Verify return code: 20 (unable to get local issuer certificate</span><br />
<br />
With the correct CApath, you should be seeing<br />
<br />
<b><span style="font-family: "Courier New",Courier,monospace;">Verify return code: 0 (ok)</span></b><br />
<br />
near the bottom of the output.<br />
<br />Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-11739952854043858052014-09-19T06:54:00.000+01:002014-10-19T11:43:57.150+01:00HOWTO: Tag music files automatically, based on folder and file namePasted at the bottom of this article is a Bash script I ran last night to tag my audio collection. I was hoping this would enable Google Play Music to recognize the metadata in the tags, so that I could browse and stream music by genre, album, artist, etc. But as noted below, the tagging process worked, but Google Play Music ignored it :-(<br />
<a name='more'></a><br />
UPDATE: the tagging process seems to have worked, but I have concluded that Google Play Music is too dumbed down to be useful for any serious music library. I have 5,500 tracks of various genres including Jazz and Classical. The problems with Google Play Music are:<br />
<ul>
<li>Uploads are matched against their library for speed (i.e. uploads are aborted if they think they have a match already). Sometimes this will give you the wrong track.</li>
<li>Your tags are largely ignored and replaced with often inaccurate tags. A couple of albums ended up with tags in Russian when I'd uploaded valid tags in English.</li>
<li>Your genre tags are totally ignored - meaning that you can't browse by genre, then artist, then album - so it's hard to navigate round a music library of any size.</li>
<ul>
<li>NOTE. I've been setting Ascii genre tags with mid3v2. But I'll try setting numeric genre tags and see if that works in Google Play Music. See: <a href="http://en.wikipedia.org/wiki/ID3#List_of_genres" target="_blank">http://en.wikipedia.org/wiki/ID3#List_of_genres</a></li>
</ul>
</ul>
My next step will be to use <span style="font-family: "Courier New",Courier,monospace;">minidlna</span> on FreeBSD or Linux, to serve the music whilst preserving the folder hierarchy to aid navigation. It seems that minidlna should be able to stream to Google Chromecast devices as far cheaper alternatives to Sonos units. I've got an adapter plug to get the sound from the Chromecast HDMI so that I don't need to use a TV or a multimedia amp. So, it should be possible to use an Android application like <span style="font-family: "Courier New",Courier,monospace;">LocalCast</span> to command the Chromecast to play streams directly from the MiniDLNA server. That is, the Android device is just a controller, not a music source.<br />
<br />
The Chromecast can't play FLAC files natively by the way. So I'm just in the process of copying my FLAC audio tree to MP3 using a bash script with FLAC and LAME.<br />
<span style="font-size: small;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace; font-size: small;">#!/bin/bash<br />#<br /># Auto-tag music files stored in folders named as: <br /># genre/artist/album/nn track name.flac<br /># Allows for special characters in folder and file names...<br /># Allows for arbitrary folder depths...<br />#<br /># Key tool is mid3v2 from mutagen: install on Ubuntu 14.04 by:<br /># sudo apt-get install python-pip;sudo pip install mutagen<br /><br />cd Music<br />for GENRE in * <br />do <br /> find "./${GENRE}" -name *.flac | while read FLACNAME<br /> do<br /> DIRNAME=`dirname "${FLACNAME}"`</span><br />
<span style="font-family: "Courier New", Courier, monospace; font-size: small;"> BASENAME=`basename -s .flac "${FLACNAME}"`<br /> TRACK_NUM=`echo $BASENAME | cut -f1 -d\ `<br /> TRACK_NAME=`echo $BASENAME | cut -f2-99 -d\ `<br /> TRACK_COUNT=`ls -l "${DIRNAME}"/*.flac | wc -l`<br /> ALBUM_NAME=`basename "${DIRNAME}"`<br /> PARENT_FOLDER=`dirname "${DIRNAME}"` <br /> ARTIST_NAME=`basename "${PARENT_FOLDER}"`<br /><br /> printf "%q %q %q %q %q %q %q\n" "mid3v2" "-g${GENRE}" "-a${ARTIST_NAME}" "-A${ALBUM_NAME}" "-T${TRACK_NUM}/${TRACK_COUNT}" "-t${TRACK_NAME}" "${FLACNAME}"<br /><br /> done<br />done</span>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-1299820040181797045.post-58473748911251210602014-09-12T13:11:00.000+01:002014-09-20T20:18:56.699+01:00HOWTO: Dual-SIM Cisco 819 Router ConfigIn the hope that it helps others, here is a working config from a dual-SIM Cisco 819 router. Not clever, just a basic working config to get you started.<br />
<a name='more'></a><span style="font-size: x-small;"><span style="font-family: "Courier New",Courier,monospace;">!</span></span><br />
<span style="font-size: x-small;"><span style="font-family: "Courier New",Courier,monospace;">! This config is for a Cisco 819 router with 2 SIM cards from different carriers.<br />! Default to primary SIM, failover to secondary SIM.<br />!<br />! For bonus points, it ought to be possible to set the GigE port</span></span><br />
<span style="font-size: x-small;"><span style="font-family: "Courier New",Courier,monospace;">! as the primary WAN link, and set up an IP SLA to fail over to the</span></span><br />
<span style="font-size: x-small;"><span style="font-family: "Courier New",Courier,monospace;">! cellular interface when the primary WAN link fails.<br />! <br />! The SIM-card-related config is done from the IOS command line,</span></span><br />
<span style="font-size: x-small;"><span style="font-family: "Courier New",Courier,monospace;">! not from "config" mode.<br />! To set up new SIM cards, log in to the router over SSH, </span></span><br />
<span style="font-size: x-small;"><span style="font-family: "Courier New",Courier,monospace;">! go into Enable mode, then type something like this:-<br />! cellular 0 lte profile create 4 three.co.uk ! for 3 UK<br />! cellular 0 lte profile create 5 internet ! for Manx Telecom<br />! Some networks don't care what APN you set, so you might not need that.<br /><br />! The router will bring up the internet link on the primary SIM.<br />! It should fail over to the second SIM if the first one loses coverage.<br />! Failover timer is set to 3 minutes in the config. <br />! When testing, bear in mind that it can take a few minutes for a cellular radio<br />! to scan round the different frequencies before it finds the right networks.<br />!<br />! I could only test failover by powering up with the 1st SIM removed.<br /><br />!<br />! Last configuration change at 21:46:24 UTC Mon Aug 4 2014 by cisco<br />version 15.3<br />service timestamps debug datetime msec<br />service timestamps log datetime msec<br />no service password-encryption<br />!<br />hostname router819<br />!<br />boot-start-marker<br />boot-end-marker<br />!<br />aqm-register-fnf<br />!<br />! enable secret 5 <removed><br />enable password Password456<br />!<br />no aaa new-model<br />!<br />!<br />no ip dhcp conflict logging<br />ip dhcp excluded-address 10.50.100.1 10.50.100.199<br />!<br />ip dhcp pool lan-client-pool<br /> network 10.50.100.0 255.255.255.0<br /> dns-server 8.8.8.8 8.8.4.4 <br /> default-router 10.50.100.1 <br /> lease 7<br />!<br />ip domain name router.router<br />ip cef<br />no ipv6 cef<br />!<br />multilink bundle-name authenticated<br />!<br />chat-script lte "" "AT!CALL" TIMEOUT 20 "OK"<br />! <br />!<br />! license udi pid C819HG-4G-G-K9 sn <removed><br />!<br />username FatController privilege 15 password 0 Password123<br />!<br />controller Cellular 0<br /> lte sim profile 4 ims 4 slot 0<br /> lte sim profile 5 ims 5 slot 1<br /> lte sim max-retry 65535<br /> lte failovertimer 3<br />!<br />ip ssh version 2<br />! <br />interface Cellular0<br /> ip address negotiated<br /> ip nat outside<br /> encapsulation slip<br /> dialer in-band<br /> dialer pool-member 1<br /> dialer-group 1<br /> async mode interactive<br /> routing dynamic<br />!<br />interface FastEthernet0<br /> switchport access vlan 100<br /> no ip address<br />!<br />interface FastEthernet1<br /> switchport access vlan 100<br /> no ip address<br />!<br />interface FastEthernet2<br /> switchport access vlan 100<br /> no ip address<br />!<br />interface FastEthernet3<br /> switchport access vlan 100<br /> no ip address<br />!<br />interface GigabitEthernet0<br /> no ip address<br /> shutdown<br /> duplex auto<br /> speed auto<br />!<br />interface Serial0<br /> no ip address<br /> shutdown<br /> clock rate 2000000<br />!<br />interface Vlan1<br /> no ip address<br />!<br />interface Vlan100<br /> ip address 10.50.100.1 255.255.255.0<br /> ip nat inside<br /> ip virtual-reassembly in<br />!<br />interface Dialer1<br /> ip address negotiated<br /> ip nat outside<br /> ip virtual-reassembly in<br /> encapsulation slip<br /> dialer pool 1<br /> dialer idle-timeout 0<br /> dialer string lte<br /> dialer persistent<br /> dialer-group 1<br />!<br />ip forward-protocol nd<br />no ip http server<br />ip http authentication local<br />no ip http secure-server<br />ip http timeout-policy idle 60 life 86400 requests 10000<br />!<br />!<br />ip nat inside source list MyNAT interface Dialer1 overload<br />ip route 0.0.0.0 0.0.0.0 Dialer1<br />!<br />ip access-list standard MGMT_ACCESS<br /> permit 10.50.100.0 0.0.0.255<br />ip access-list standard MyNAT<br /> permit 10.50.100.0 0.0.0.255<br />! <br />dialer-list 1 protocol ip permit<br />!<br />!<br />control-plane<br />!<br />!<br />!<br />mgcp behavior rsip-range tgcp-only<br />mgcp behavior comedia-role none<br />mgcp behavior comedia-check-media-src disable<br />mgcp behavior comedia-sdp-force disable<br />!<br />mgcp profile default<br />!<br /><br />line con 0<br /> script dialer lte<br /> no modem enable<br />line aux 0<br />line 2<br /> no activation-character<br /> no exec<br /> transport preferred none<br /> transport input all<br /> stopbits 1<br />line 3<br /> script dialer lte<br /> modem InOut<br /> no exec<br /> transport input all<br /> transport output all<br /> rxspeed 236800<br /> txspeed 118000<br />line vty 0 4<br /> access-class MGMT_ACCESS in<br /> privilege level 15<br /> password Password123<br /> login local<br /> transport input telnet ssh<br />!<br />scheduler allocate 20000 1000<br />!<br />end</removed></removed></span></span>Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-1299820040181797045.post-32203076019055699832014-09-07T09:42:00.001+01:002014-09-07T09:43:04.407+01:00Mounting Apple Time Capsule share from Ubuntu 14.04Older Apple Time Capsule NAS devices don't support NTLMv2: only NTLM. So when mounting an SMB share from such a device, you need to manually select NTLM as your security mode. Otherwise the CIFS Client fails to mount the share, and reports a permission error.<br />
<a name='more'></a><br />
So, the correct syntax for Ubuntu 14.04 is:-<br />
<span style="font-family: "Courier New",Courier,monospace;"> sudo mount -t cifs //1.2.3.4/Data -o username=</span><span style="font-family: "Courier New",Courier,monospace;"><span style="font-family: "Courier New",Courier,monospace;">example</span>,password=</span><span style="font-family: "Courier New",Courier,monospace;"><span style="font-family: "Courier New",Courier,monospace;">example</span>,sec=ntlm /mnt/example</span><br />
<br />
where 1.2.3.4 is the IP address of your Time Capsule.<br />
<br />
If the CIFS client isn't installed on your Ubuntu box then first you just need to run:-<span style="font-family: "Courier New",Courier,monospace;"> </span><br />
<span style="font-family: "Courier New",Courier,monospace;"> sudo apt-get install cifs-utils</span><br />
<br />
For bonus points you can of course pass the login credentials from a protected file in your home directory rather than passing it on the command line (where it's visible in process listings and bash shell history files).<br />
<br />
If you're not sure of the mount point name, ask first:-<br />
<span style="font-family: "Courier New",Courier,monospace;"> smbclient -U example -L //1.2.3.4</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> Enter example's password: </span><br />
<br />
... and a list of shares will be shown. You want the one of type "Disk".<br />
<br />Unknownnoreply@blogger.com20tag:blogger.com,1999:blog-1299820040181797045.post-73204710557881985942014-08-24T12:39:00.001+01:002014-08-24T12:39:38.578+01:00FIXED: Ubuntu Server cron error message: invoke-rc.d: initscript php5-fpm, action "reopen-logs" failed in logrotateFound a simple fix for this error in my Ubuntu Server 14.04 cron logs arising from one of the logrotate scripts:-<br />
<a name='more'></a><span style="font-family: "Courier New",Courier,monospace;">/etc/cron.daily/logrotate:<br />initctl: invalid command: reopen-logs<br />Try `initctl --help' for more information.<br />invoke-rc.d: initscript php5-fpm, action "reopen-logs" failed.<br />error: error running non-shared postrotate script for /var/log/php5-fpm.log of '/var/log/php5-fpm.log '<br />run-parts: /etc/cron.daily/logrotate exited with return code 1</span><br />
<br />
This comes from <span style="font-family: "Courier New",Courier,monospace;">/etc/logrotate.d/php5-fpm</span> :-<br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">/var/log/php5-fpm.log {<br /> rotate 12<br /> weekly<br /> missingok<br /> notifempty<br /> compress<br /> delaycompress<br /> postrotate<br /> invoke-rc.d php5-fpm reopen-logs > /dev/null<br /> endscript<br />}</span><br />
<br />
The problem is that the <span style="font-family: "Courier New",Courier,monospace;">php5-fpm</span> init script doesn't have a parameter '<span style="font-family: "Courier New",Courier,monospace;">reopen-logs</span>'.<br />
<br />
So the simple fix is to change '<span style="font-family: "Courier New",Courier,monospace;">reopen-logs</span>' to '<span style="font-family: "Courier New",Courier,monospace;">restart</span>'.<br />
<br />
Presumably this is an error in the php5-fpm package, i.e. the installation script has set up a logrotate entry that calls their package with an invalid argument. Easily fixed anyway. <br />
<br />
<br />
<br />Unknownnoreply@blogger.com5