six demon bag

Wind, fire, all that kind of thing!

2020-06-25

Barracuda Backup Agent for Linux Unattended Installation (Update)

This is a brief update to my previous post Barracuda Backup Agent for Linux Unattended Installation. In recent versions the name of the actual installer binary has changed to UiConsole. The problem and solution remain the same, though.

Download and unpack the archive, then run

echo '/opt/barracuda' | ./lin/$(uname -m)/UiConsole

to install the agent to a different directory. To uninstall run

echo 'u' | ./lin/$(uname -m)/UiConsole

Note that uninstallation leaves an auto-generated SSL certificate in the directory <installdir>/config, so you need to clean up manually afterwards. Also, the public download location for the agents has apparently been removed. Now you need to download the agent from the Cloud Control web UI (System → Software-Downloads).

Posted 21:32 [permalink]

2020-06-03

Disable Firefox 77 Address Bar Popout

*sigh* Another day, another Firefox fuckup. One of the more annoying new "features" in recent Firefox versions is the address bar jumping at you when it gets the focus. In Firefox 75 that misbehavior could be corrected with a couple adjustments in about:config:

browser.urlbar.openViewOnFocus false
browser.urlbar.update1 false
browser.urlbar.update1.interventions false
browser.urlbar.update1.searchTips false

However, with Firefox 77 those settings don't work anymore (you can reset/delete them). Because who would ever want to disable what Mozilla developers in their infinite wisdom decided that you must like?

See more ...

Posted 12:42 [permalink]

2020-04-30

Shell Patterns (4) - Limiting Execution Time

This is a short series describing some Bash constructs that I frequently use in my scripts.

Sometimes you want a script to give up on what it's trying to do after some period of time. The simplest way for limiting the time a given statement may take for execution is the timeout command.

$ timout 2 ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.031 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.012 ms
$ echo $?
124

However, timeout is only useful for limiting the execution time of a single (blocking) command. Consider for instance a situation where you deployed a VM or an LXD container, and need to wait for cloud-init to complete on that system. Or a situation where you sent an asynchronous request to a REST API. timeout won't help you there. You need to poll the system or API repeatedly until the respective "operation completed" indicator appears.

See more ...

Posted 22:35 [permalink]

2020-03-23

Shell Patterns (3) - Structured Output

This is a short series describing some Bash constructs that I frequently use in my scripts.

On Linux (and many other operating systems) it's common to have regular and error output written to stdout and stderr respectively. In shell scripts you'd use the echo or printf commands for displaying messages, and redirect stdout to stderr for having the message displayed on stderr.

echo 'foo'       # output goes to stdout
echo 'bar' 1>&2  # output goes to stderr

There may be different levels of information that you want to separate from each other, though, like having additional debug output that you don't want to pollute stdout or stderr. For that you can use the file descriptors 3 through 9.

See more ...

Posted 15:22 [permalink]

2020-03-06

Shell Patterns (2) - Error Handling

This is a short series describing some Bash constructs that I frequently use in my scripts.

When writing scripts for automation purposes you normally want the scripts to terminate when something goes wrong. Because terminating in a controlled way is usually better than blindly continuing execution when the assumptions subsequent commands are based on aren't valid anymore.

Bash provides several options for controlling error handling, the most commonly used ones being

  • -e (or -o errexit): Exit immediately when a command terminates with a non-zero exit code.
  • -u (or -o nounset): Treat unset variables and parameters (except for $@ and $*) as errors when expanding them. This prevents problems due to misspelled variables.

There are some issues with using just these two options, though:

See more ...

Posted 17:25 [permalink]

2020-02-24

Shell Patterns (1) - Logging

This is a short series describing some Bash constructs that I frequently use in my scripts.

What do you do when you run fully automated scripts in the background, but still want to keep track of what they're doing and, more importantly, when something goes wrong? The answer is, of course, you log what the script is doing (or is about to do).

There are two commonly used ways of implementing logging in Bash scripts:

Personally, I prefer the latter, since it allows not only for managing log files independently of the process creating the log output, but also for filtering log data and/or forwarding it to a central loghost.

See more ...

Posted 20:47 [permalink]

2019-05-06

Run a time server in an LXC container

Running a network time server in an LXC container normally doesn't work even if you run the container in privileged mode. The reason is that containers drop certain capabilities upon startup for security reasons (sys_module, mac_admin, mac_override, sys_time).

See more ...

Posted 21:38 [permalink]

2017-09-29

LXD upgrade fails on Ubuntu 16.04 without Systemd

Recently I tried to install LXD (Canonical's container manager) from backports on a Ubuntu 16.04 system (running without Systemd). The version shipping with the system (2.0) doesn't suffice, because I need the new storage API that was introduced with LXD 2.15. However, upgrading to the backports package failed post-install:

invoke-rc.d: initscript lxd, action "start" failed.
dpkg: error processing package lxd (--configure):
 subprocess installed post-installation script returned error exit status 1
Processing triggers for ureadahead (0.100.0-19) ...
Errors were encountered while processing:
 lxd
E: Sub-process /usr/bin/dpkg returned an error code (1)

Which was weird, since the upgrade had worked for me before.

See more ...

Posted 13:57 [permalink]

2017-08-04

Useful settings for grub on Debian

Boot a kernel just once

If you want to test a new kernel without having access to the console you need to make sure that the system comes back up with the old kernel if the new one panics. Add a setting panic=2 to the kernel commandline in /etc/default/grub to have the system automatically reboot in case of a kernel panic, and tell grub to boot a saved kernel by default:

GRUB_DEFAULT="saved"
GRUB_CMDLINE_LINUX="panic=2"

See more ...

Posted 01:45 [permalink]

IPMI interface network configuration from Linux

Load the relevant modules, either via modprobe or by entering them into /etc/modules (so they're loaded automatically on the next system startup).

modprobe ipmi_devintf
modprobe ipmi_si

See more ...

Posted 00:36 [permalink]

2017-03-21

Verifying checksums on Windows systems - correctly

Posted here, since the Fedora people apparently can't be bothered to fix their documentation.

In January 2016 I came across this question on StackOverflow, asking about an OutOfMemory error when validating the SHA256 checksum of a Fedora ISO image. The Fedora documentation suggested reading the full file and then calculating the checksum from the bytes:

$sha256.ComputeHash([System.IO.File]::ReadAllBytes("$PWD\$image"))

Why anyone would even want to read an entire ISO image into memory for a checksum calculation is beyond me. The recommended way of doing this is to open the file as a stream and calculate the checksum on that stream:

See more ...

Posted 00:24 [permalink]

2016-12-17

Disable AVAHI Daemon on Debian

To prevent the AVAHI daemon on Debian systems from running without actually uninstalling the package avahi-daemon or touching the runlevels do this:

touch /var/run/avahi-daemon/disabled-for-unicast-local
sed -i 's/^#\?\(AVAHI_DAEMON_DETECT_LOCAL\)=.*/\1=1/' /etc/default/avahi-daemon
service restart avahi-daemon

I've seen people suggest putting a line exit 0 into /etc/default/avahi-daemon, but I wouldn't recommend that, because it would prevent not only starting the daemon, but also stopping it.

Posted 13:31 [permalink]

2015-12-31

Barracuda Backup Agent for Linux Unattended Installation

Barracuda Networks provide agents for their backup appliance for various operating systems. Unfortunately the Linux agent (unlike the Windows agent) does not come with an option for a silent installation, and it doesn't look like the vendor can be bothered to do anything about it.

Instead of being able specify a path on the commandline (or at least force a silent installaton to the default path) you're always prompted for the path where the agent should be installed:

/tmp # tar xzf barracuda_backup_agent-x.x.x.tar.gz
/tmp # cd barracuda_backup_agent-x.x.x
/tmp/barracuda_backup_agent-x.x.x # ./install
Please choose an installation path, or press enter for default.
[/usr/local/barracuda/bbs]: _

See more ...

Posted 01:13 [permalink]

2014-07-11

Force Extensions into SeaMonkey

SeaMonkey is my preferred web browser, because I'm quite comfortable with its user interface. However, some of my favorite extensions (namely text/plain and ReloadEvery) claim to be incompatible when trying to install them, although they actually work just fine with SeaMonkey. Here's how you can convince an extension that SeaMonkey is totally fine for installation.

See more ...

Posted 19:58 [permalink]

2014-02-16

Create a Local Yum Repository

When setting up RedHat Enterprise Linux (RHEL) or CentOS systems I always find it handy to have a local repository with the RPMs from the install media. On hosts without Internet connection it saves me the trouble of having to shuffle install media around whenever I need to install an additional package after the system was initially set up. Even if the host is configured to use an online repository, keeping a local repository doesn't hurt except for a little extra disk space, which is cheap enough these days.

See more ...

Posted 16:30 [permalink]

2013-03-12

TSM BA Client 6.4 on Debian

Although IBM doesn't officially support its TSM client on Linux distributions other than SLES and RHEL the client works quite nicely on Debian. With version 6.4 you need at least the following 4 packages on AMD64 systems:

  • TIVsm-BA
  • TIVsm-API64
  • gskcrypt64
  • gskssl64

See more ...

Posted 00:46 [permalink]

2012-11-16

Loop-mount VirtualBox Disk Images

On Linux you can mount disk images via loopback devices. Partitions inside disk images can be made accessible via kpartx from the multipath-tools. Unfortunately this does not work for VirtualBox disk images (.vdi). It's possible to loop-mount those disk images as network block devices, though.

See more ...

Posted 01:53 [permalink]

2009-04-26

Patch for kh2reg.py

On Linux you can simply store a server's public key in your known_hosts file to avoid being prompted for host key verification. However, PuTTY stores server public keys in a different format, so you can't simply import a public key into the Windows registry and be done with it. You can convert known_hosts files to .reg file format with this script from the PuTTY homepage, but unfortunately the script doesn't account for entries that use a non-default port:

[a.b.c.d]:2222 ssh-rsa AAAA...

This patch fixes the issue. You can also download an already patched version of the script.

Update: The official version of kh2reg.py has been updated.

Posted 22:00 [permalink]

2005-02-27

Multiboot

Dual-booting Windows 9x and Windows 2000
(Windows 2000 installed first)

Let's say you would like to install Windows 9x and Windows 2000 on the same computer and make the system dual-boot. What would be the right order to install the operating systems?

Microsoft suggests to install Windows 9x first and Windows 2000 afterwards. Although this is the easy way I suggest not to do so. The procedure will install the bootloader on the Windows 9x partition where it cannot be protected by NTFS ACLs (the FAT filesystems do not support permissions). Maybe you have heard that installing Windows 9x first was the only possibility to dual-boot Windows 9x and 2000. Rest assured that's nothing but an urban legend. It is possible, although not as simple as the other way.

See more ...

Posted 12:49 [permalink]