Category Archives: System

OpenBSD chef client

OpenBSD chef client

If you like to install chef client on OpenBSD, you must install ruby on it:

pkg_add ruby
quirks-2.114 signed on 2015-08-09T11:57:52Z
Ambiguous: choose package for ruby
a       0: 
        1: ruby-1.8.7.374p4
        2: ruby-1.9.3.551p2
        3: ruby-2.0.0.645p0
        4: ruby-2.1.6p0
        5: ruby-2.2.2p0
Your choice: 5
ruby-2.2.2p0:libffi-3.1p0: ok
ruby-2.2.2p0:libyaml-0.1.6p1: ok
ruby-2.2.2p0:gmp-5.0.2p3: ok
ruby-2.2.2p0: ok
--- +ruby-2.2.2p0 -------------------
If you want to use this package as your default system ruby, as root
create symbolic links like so (overwriting any previous default):
 ln -sf /usr/local/bin/ruby22 /usr/local/bin/ruby
 ln -sf /usr/local/bin/erb22 /usr/local/bin/erb
 ln -sf /usr/local/bin/irb22 /usr/local/bin/irb
 ln -sf /usr/local/bin/rdoc22 /usr/local/bin/rdoc
 ln -sf /usr/local/bin/ri22 /usr/local/bin/ri
 ln -sf /usr/local/bin/rake22 /usr/local/bin/rake
 ln -sf /usr/local/bin/gem22 /usr/local/bin/gem

Now install chef client:

gem install chef

Removing lost physical volumes from a volume group

Removing lost physical volumes from a volume group

LVM
LVM

If you get this crazy message and you are lucky that all data are on the other disk, then you can use this steps.

Get the status of the physical volumes:

pvs
  Couldn't find device with uuid Lxx4Mu-37Ie-3Y2d-kXJe-hd6v-ynUI-pa1zxc.
  PV             VG        Fmt  Attr PSize   PFree  
  /dev/sda2      vg_system lvm2 a--u  99.61g   2.93g
  unknown device vg_system lvm2 a-mu 100.00g 100.00g

Get the status of the volume groups:

vgs
  Couldn't find device with uuid Lxx4Mu-37Ie-3Y2d-kXJe-hd6v-ynUI-pa1zxc.
  VG        #PV #LV #SN Attr   VSize   VFree  
  vg_system   2   5   0 wz-pn- 199.60g 102.92g

Get the status of the logical volumes and the devices:

lvs -a -o +devices
  Couldn't find device with uuid Lxx4Mu-37Ie-3Y2d-kXJe-hd6v-ynUI-pa1zxc.
  LV      VG        Attr       LSize  Pool Origin Data%  Meta%  Move Log Cpy%Sync Convert Devices         
  lv_home vg_system -wi-ao---- 53.71g                                                     /dev/sda2(0)    
  lv_root vg_system -wi-ao---- 14.65g                                                     /dev/sda2(13750)
  lv_swap vg_system -wi-ao----  3.91g                                                     /dev/sda2(17500)
  lv_tmp  vg_system -wi-ao----  4.88g                                                     /dev/sda2(18500)
  lv_var  vg_system -wi-ao---- 19.53g                                                     /dev/sda2(19750)

Now you can use the test option to try to remove the unknown device from the volume group:

vgreduce --test vg_system --removemissing
  TEST MODE: Metadata will NOT be updated and volumes will not be (de)activated.
  Couldn't find device with uuid Lxx4Mu-37Ie-3Y2d-kXJe-hd6v-ynUI-pa1zxc.
  Wrote out consistent volume group vg_system

Now remove it and write the change:

vgreduce vg_system --removemissing
  Couldn't find device with uuid Lxx4Mu-37Ie-3Y2d-kXJe-hd6v-ynUI-pa1zxc.
  Wrote out consistent volume group vg_system

You can see the error message is away:

root@tvhvma-psz111: [~]# vgs
  VG        #PV #LV #SN Attr   VSize  VFree
  vg_system   1   5   0 wz--n- 99.61g 2.93g

Now you can add the device again.

Add the physical volume:

pvcreate /dev/sdb1 
  Physical volume "/dev/sdb1" successfully created

Show the status from the physical volumes:

pvs
  PV         VG        Fmt  Attr PSize   PFree  
  /dev/sda2  vg_system lvm2 a--u  99.61g   2.93g
  /dev/sdb1            lvm2 ---- 100.00g 100.00g

Show the status from the volume group:

vgs
  VG        #PV #LV #SN Attr   VSize  VFree
  vg_system   1   5   0 wz--n- 99.61g 2.93g

Add the physical volume to the volume group:

vgextend vg_system /dev/sdb1
  Volume group "vg_system" successfully extended

Now you can see the aktiv physical volume:

pvs
  PV         VG        Fmt  Attr PSize   PFree  
  /dev/sda2  vg_system lvm2 a--u  99.61g   2.93g
  /dev/sdb1  vg_system lvm2 a--u 100.00g 100.00g

Show the status from the group and you can see now is more space.

vgs
  VG        #PV #LV #SN Attr   VSize   VFree  
  vg_system   2   5   0 wz--n- 199.60g 102.92g

Thunderbird 45 fix paragraph (two lines)

Thunderbird 45 fix paragraph (two lines)

If you update to the new Thunderbird version, the implemented a new “function”. If you press enter, you get two lines. This is very ugly and irritating for me.

To disable this, please go to the settings, composition and disable “When using paragraph format, the enter key creates a new paragraph”

thunderbird 45 fix
thunderbird 45 fix

Now you can press enter and it will be normal again.

Ubuntu upgrade from 14.04 to 16.04

Ubuntu upgrade from 14.04 to 16.04

logo-ubuntu
logo-ubuntu

To upgrade from Ubuntu 14.04 to 16.04, you can use the ubuntu tool update-manager. This tool make a clean upgrade from the system.

Please before update your system.

sudo apt-get update
sudo apt-get dist-upgrade

If you are done with the upgrade, install the update-manager-core.

sudo apt-get install update-manager-core

Now upgrade to the new ubuntu release.

sudo do-release-upgrade -d

Raspberry Pi ntp server gps

raspberry pi ntp server gps

RASPBERRY PI NTP SERVER GPS
RASPBERRY PI NTP SERVER GPS

You need:

stty -F /dev/ttyAMA0 raw 9600 cs8 clocal -cstopb

test gps

cat /dev/ttyAMA0

gpsmon

gpsmon
gpsmon

(eg, remove console=ttyAMA0,115200 and if there, kgdboc=ttyAMA0,115200) /boot/cmdline.txt

dwc_otg.lpm_enable=0 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait

Install ntp package

apt-get install ntp gpsd

/etc/default/gpsd

# Default settings for the gpsd init script and the hotplug wrapper.

# Start the gpsd daemon automatically at boot time
START_DAEMON="true"

# Use USB hotplugging to add new USB devices automatically to the daemon
USBAUTO="false"

# Devices gpsd should collect to at boot time.
# They need to be read/writeable, either by user gpsd or the group dialout.
DEVICES="/dev/ttyAMA0"

# Other options you want to pass to gpsd
GPSD_OPTIONS="-b -n"

/lib/systemd/system/gpsd.service

#ExecStart=/usr/sbin/gpsd -N $GPSD_OPTIONS $DEVICES
ExecStart=/usr/sbin/gpsd -N -b -n /dev/ttyAMA0

/usr/local/bin/leap-seconds.sh

#!/bin/sh
cd /etc/ntp
wget https://www.ietf.org/timezones/data/leap-seconds.list &> /dev/null
service ntp restart &> /dev/null

/etc/cron.d/ntp

0 0 31 6,12 * root /usr/local/bin/leap-seconds.sh
mkdir /etc/ntp

download the leap-seconds.list the first time

/usr/local/bin/leap-seconds.sh

/etc/ntp.conf

driftfile /var/lib/ntp/ntp.drift
leapfile /etc/ntp/leap-seconds.list

# Enable this if you want statistics to be logged.
statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

# pool
server 0.ch.pool.ntp.org iburst
server 1.ch.pool.ntp.org iburst
server 2.ch.pool.ntp.org iburst
server 3.ch.pool.ntp.org iburst


# HW GPS
server 127.127.28.0 iburst
fudge 127.127.28.0 flag1 1 flag2 0 time2 0.600 refid GPS

# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details.  The web page 
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1

# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
restrict 172.23.0.0 mask 255.255.0.0 notrust

# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255

# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines.  Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient

Tricks:

query and synchronize against a pool

ntpdate -q 0.ch.pool.ntp.org 1.ch.pool.ntp.org

/etc/udev/rules.d/99-com.rules
KERNEL==”ttyAMA0″, SYMLINK+=”gps0″
KERNEL==”pps0″, SYMLINK+=”gpspps0″

The NTP status codes that ntpq is showing you are on this list, yours is showing an “*” which means you aren’t using the PPS, just the serial output of the GPS chip. You might want to look into that as the PPS is probably going to give you better time accuracy.

o = pps peer
* = sys peer
# = too distant
+ = selected
x = false ticker
– = discarded

[![MIT license](http://img.shields.io/badge/license-MIT-brightgreen.svg)](http://opensource.org/licenses/MIT)

curl HTTP-header only

curl HTTP-header only

-I, --head
              (HTTP/FTP/FILE) Fetch the HTTP-header only! HTTP-servers feature the command HEAD which this uses to get nothing but the header of a document. When used on an FTP or FILE file, curl displays the file size and last modification time only.
root@vh01 ~ # curl -I https://git.safematix.com 
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 08 Nov 2015 15:51:31 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Status: 302 Found
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Location: https://git.safematix.com/users/sign_in
Cache-Control: no-cache
Set-Cookie: _gitlab_session=08f48dd9e9a254b8ef0531f16e58963c; path=/; expires=Sun, 15 Nov 2015 15:51:31 -0000; secure; HttpOnly
Set-Cookie: request_method=HEAD; path=/
X-Request-Id: 20f8f32e-79ca-4bdd-97c0-092e70e39abc
X-Runtime: 0.007302
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Public-Key-Pins: pin-sha256="tqbNSQH3NzwHzRVt1iYPI4cncKFhKQRCDrt8nt4mqhE="; pin-sha256="5C8kvU039KouVrl52D0eZSGf4Onjo4Khs8tmyTlV3nU="; max-age=5184000; includeSubDomains

Too many authentication failures for root

Too many authentication failures for root

If you get the following error, the most reason is, that you have to many ssh keys.

“Received disconnect from 172.23.23.23: 2: Too many authentication failures for root”

This is easy to fix for password authentication

ssh -o PubkeyAuthentication=no safematix@172.23.23.23

This is easy to fix for a other key

ssh -i .ssh/keyfile safematix@172.23.23.23