Category Archives: other

Vagrant 1.8.5 – public key problem

If you like to create with kitchen a new Vagrant instance with the Vagrant version 1.8.5 you get the following problem:

           default: Vagrant insecure key detected. Vagrant will automatically replace
           default: this with a newly generated keypair for better security.
           default: Inserting generated public key within guest...
           default: Removing insecure key from the guest if it's present...
           default: Key inserted! Disconnecting and reconnecting using new SSH key...
           default: Warning: Authentication failure. Retrying...
           default: Warning: Authentication failure. Retrying...
           default: Warning: Authentication failure. Retrying...
           default: Warning: Authentication failure. Retrying...
           default: Warning: Authentication failure. Retrying...
           default: Warning: Authentication failure. Retrying...
           default: Warning: Authentication failure. Retrying...
           default: Warning: Authentication failure. Retrying...

To fix this, you should create this file:

vi .vagrant.d/Vagrantfile

With the content:

Vagrant.configure("2") do |config|
  config.ssh.insert_key = false

rsync status with lsof

To see the status from rsync, you can use lsof:

lsof -ad3-999 -c rsync


rsync   8097 root    3r   REG             252,17   404832 7559983121 /srv/data/safematix
rsync   8097 root    4u  unix 0xffff8806f4447080      0t0      85225 type=STREAM
rsync   8097 root    5u  unix 0xffff8806f4444ec0      0t0      85226 type=STREAM
rsync   8098 root    3u  unix 0xffff880738502580      0t0      77431 type=STREAM
rsync   8099 root    4u  unix 0xffff880738500b40      0t0      77432 type=STREAM

Raspberry Pi ntp server gps

raspberry pi ntp server gps


You need:

stty -F /dev/ttyAMA0 raw 9600 cs8 clocal -cstopb

test gps

cat /dev/ttyAMA0



(eg, remove console=ttyAMA0,115200 and if there, kgdboc=ttyAMA0,115200) /boot/cmdline.txt

dwc_otg.lpm_enable=0 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline rootwait

Install ntp package

apt-get install ntp gpsd


# Default settings for the gpsd init script and the hotplug wrapper.

# Start the gpsd daemon automatically at boot time

# Use USB hotplugging to add new USB devices automatically to the daemon

# Devices gpsd should collect to at boot time.
# They need to be read/writeable, either by user gpsd or the group dialout.

# Other options you want to pass to gpsd


#ExecStart=/usr/sbin/gpsd -N $GPSD_OPTIONS $DEVICES
ExecStart=/usr/sbin/gpsd -N -b -n /dev/ttyAMA0


cd /etc/ntp
wget &> /dev/null
service ntp restart &> /dev/null


0 0 31 6,12 * root /usr/local/bin/
mkdir /etc/ntp

download the leap-seconds.list the first time



driftfile /var/lib/ntp/ntp.drift
leapfile /etc/ntp/leap-seconds.list

# Enable this if you want statistics to be logged.
statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

# pool
server iburst
server iburst
server iburst
server iburst

server iburst
fudge flag1 1 flag2 0 time2 0.600 refid GPS

# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details.  The web page 
# might also be helpful.
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery

# Local users may interrogate the ntp server more closely.
restrict ::1

# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
restrict mask notrust

# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)

# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines.  Please do this only if you trust everybody on the network!
#disable auth


query and synchronize against a pool

ntpdate -q

KERNEL==”ttyAMA0″, SYMLINK+=”gps0″
KERNEL==”pps0″, SYMLINK+=”gpspps0″

The NTP status codes that ntpq is showing you are on this list, yours is showing an “*” which means you aren’t using the PPS, just the serial output of the GPS chip. You might want to look into that as the PPS is probably going to give you better time accuracy.

o = pps peer
* = sys peer
# = too distant
+ = selected
x = false ticker
– = discarded

[![MIT license](](

curl HTTP-header only

curl HTTP-header only

-I, --head
              (HTTP/FTP/FILE) Fetch the HTTP-header only! HTTP-servers feature the command HEAD which this uses to get nothing but the header of a document. When used on an FTP or FILE file, curl displays the file size and last modification time only.
root@vh01 ~ # curl -I 
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 08 Nov 2015 15:51:31 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Status: 302 Found
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Set-Cookie: _gitlab_session=08f48dd9e9a254b8ef0531f16e58963c; path=/; expires=Sun, 15 Nov 2015 15:51:31 -0000; secure; HttpOnly
Set-Cookie: request_method=HEAD; path=/
X-Request-Id: 20f8f32e-79ca-4bdd-97c0-092e70e39abc
X-Runtime: 0.007302
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Public-Key-Pins: pin-sha256="tqbNSQH3NzwHzRVt1iYPI4cncKFhKQRCDrt8nt4mqhE="; pin-sha256="5C8kvU039KouVrl52D0eZSGf4Onjo4Khs8tmyTlV3nU="; max-age=5184000; includeSubDomains

ownCloud occ

ownCloud occ

Go to the ownCloud directory /var/www/owncloud and run occ

sudo -u www-data php occ 
ownCloud version 8.2.0

 [options] command [arguments]

 --help (-h)           Display this help message
 --quiet (-q)          Do not output any message
 --verbose (-v|vv|vvv) Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug
 --version (-V)        Display this application version
 --ansi                Force ANSI output
 --no-ansi             Disable ANSI output
 --no-interaction (-n) Do not ask any interactive question

Available commands:
 check                                check dependencies of the server environment
 help                                 Displays help for a command
 list                                 Lists commands
 status                               show some status information
 upgrade                              run upgrade routines after installation of a new release. The release has to be installed before.
 app:check-code                       check code to be compliant
 app:disable                          disable an app
 app:enable                           enable an app
 app:list                             List all available apps
 background:ajax                      Use ajax to run background jobs
 background:cron                      Use cron to run background jobs
 background:webcron                   Use webcron to run background jobs
 config:app:delete                    Delete an app config value
 config:app:get                       Get an app config value
 config:app:set                       Set an app config value
 config:import                        Import a list of configs
 config:list                          List all configs
 config:system:delete                 Delete a system config value
 config:system:get                    Get a system config value
 config:system:set                    Set a system config value
 db:convert-type                      Convert the ownCloud database to the newly configured one
 db:generate-change-script            generates the change script from the current connected db to db_structure.xml
 encryption:change-key-storage-root   Change key storage root
 encryption:decrypt-all               Disable server-side encryption and decrypt all files
 encryption:disable                   Disable encryption
 encryption:enable                    Enable encryption
 encryption:encrypt-all               Encrypt all files for all users
 encryption:list-modules              List all available encryption modules
 encryption:set-default-module        Set the encryption default module
 encryption:show-key-storage-root     Show current key storage root
 encryption:status                    Lists the current status of encryption
 files:cleanup                        cleanup filecache
 files:scan                           rescan filesystem
 l10n:createjs                        Create javascript translation files for a given app
 log:manage                           manage logging configuration
 log:owncloud                         manipulate ownCloud logging backend
 maintenance:mimetype:update-db       Update database mimetypes and update filecache
 maintenance:mimetype:update-js       Update mimetypelist.js
 maintenance:mode                     set maintenance mode
 maintenance:repair                   repair this installation
 maintenance:singleuser               set single user mode
 trashbin:cleanup                     Remove deleted files
 user:add                             adds a user
 user:delete                          deletes the specified user
 user:lastseen                        shows when the user was logged it last time
 user:report                          shows how many users have access
 user:resetpassword                   Resets the password of the named user
 versions:cleanup                     Delete versions

Enable ownCloud maintenance mode

sudo -u www-data php occ maintenance:mode --on

Disable ownCloud maintenance mode

sudo -u www-data php occ maintenance:mode --off

Upgrade ownCloud

sudo -u www-data php occ upgrade
ownCloud or one of the apps require upgrade - only a limited number of commands are available
Set log level to debug - current level: 'Warning'
Checked database schema update
Checked database schema update for apps
Updated database
Disabled 3rd-party app: documents
Disabled 3rd-party app: search_lucene
Updating  ...
Updated  to 2.0
Updating  ...
Updated  to 14.2.0
Updating  ...
Updated  to 1.2.0
Updating  ...
Updated  to 2.1.3
Updating  ...
Updated  to 0.7.0
Updating  ...
Updated  to 0.7.0
Updating  ...
Updated  to 1.1.0
Updating  ...
Updated  to 0.3.0
Update successful
Maintenance mode is kept active
Reset log level to 'Warning'

Status from ownCloud

sudo -u www-data php occ status
  - installed: true
  - version:
  - versionstring: 8.2.0
  - edition: 

ntpd and OpenNTPD status

ntpd and OpenNTPD status


ntpq -p
ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
*    2 u   19   64  377    0.572   -0.064   0.173    3 u   28   64  377    0.406    0.021   0.298


Since OpenBSD 5.5, you have the tool ntpctl

ntpctl -s all
ntpctl -s all
4/4 peers valid, clock unsynced

   wt tl st  next  poll          offset       delay      jitter from pool 
    1 10  2   29s   32s         0.268ms     8.530ms     1.015ms from pool 
    1 10  1   31s   33s         0.075ms     9.118ms     0.575ms from pool 
    1 10  2    1s   32s        -0.835ms     9.015ms     0.791ms from pool 
    1 10  3    5s   32s         0.459ms     9.860ms     1.492ms

rsync not older

rsync not older

Copy all data are not older than 23 days.

Version 01 – from file path

find /var/log/nginx -mtime -23 -printf %P\\0 | rsync -av --files-from=- --from0 /var/log/nginx/ safematix@

Version 02 – full path

find /var/log/nginx -mtime -23 -print0 | rsync -av --files-from=- --from0 / safematix@