Category Archives: IT & Tech

Interesting stuff from the world of bits, bytes and hardware.

Repopulating a bogofilter wordlist.db after corruption

So it had to happen eventually: My 660MB wordlist.db file got corrupted without any chance of recovering or repairing it. Having amassed a large amount of spam messages in an mbox file called “spam” during bogofilter’s operation, it’s quite easy to repopulate the wordlist using the “formail” command:

$ formail -ds sh -c 'cat  | bogofilter -s ' < spam

This operation may take a while depending on your spam mailbox size and your disk speed, but it should set you up quickly with bogofilter in a working state.

It’s also advisable to check the spam mailbox for false positives *before* feeding it to formail to reduce the chance or legit mails ending up in your spambox due to false flagging by bogofilter.

 

Aldi Medion Grafik-Tablett unter Ubuntu

Feine Sache, das 40€-Tablett aus dem heutigen Aldi-Angebot läuft auch unter Linux…

usb 1-1.2: Product: Graphics Tablet
[25185.390571] usb 1-1.2: Manufacturer: WALTOP International Corp.
[25185.401639] input: WALTOP International Corp. Graphics Tablet as /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.2/1-1.2:1.0/input/input18
[25185.401888] hid-generic 0003:172F:0047.0003: input,hidraw2: USB HID v1.10 Mouse [WALTOP International Corp. Graphics Tablet] on usb-0000:00:1a.0-1.2/input0
[25917.665185] usb 1-1.2: USB disconnect, device number 5

 

Funktionstasten habe ich noch nicht alle ausprobiert, aber wenn es derart erkannt wird, ist das ja schon die halbe Miete!

Da das Haus hier voller Linkshänder ist, war die Drehbarkeit per Software wichtig, und die scheint ebenfalls zu funktionieren.

 

 

Growing a RAID1 mirror (destructively) on an HP Proliant Server using hpacucli

(c) hp.com

Recently, we’ve had to replace a RAID1 mirror consisting of 2 146GB drives with 2 300GB ones. As we were able to move the data elsewhere on the server during the process, this was possible online without rebooting the server and causing unnecessary downtimes. Here’s what we did:

– unmount the device if necessary (we were using it for Oracle raw devices so we had to move stuff within Oracle in order to be able to remove it)

– Identify the logical device (usually /dev/cciss/c0d0 or similar). For this example, we’ll be using /dev/cciss/c0d0 (the first logical drive on the first controller #0) .

– Find the logical drive for the mount point by using hpacucli:

show ctrl=0 ld all

then, for each logical drive <n>, do

show ctrl=0 ld <n> show

Eventually, you’ll find the Linux device in this line:

Disk Name: /dev/cciss/c0d0

– Find out which physical drives make up the logical drive by turning on their leds:

ctrl slot=0 ld 0 modify led=on

Now the blue leds on the drives should be lit. Pull the drives from the storage / box server and wait a minute or two.

hpacucli now should have marked the logical drive as failed:

ctrl slot=0 ld 0 show status
Status: Failed

Now install the new (hopefully larger ;-)) drives and use hpacucli again to verify it’s now seeing the larger drives:

ctrl slot=0 ld 0 show

 

You should now see the larger drives in these lines:

 

Mirror Group 0:
 physicaldrive 1I:1:3 (port 1I:box 1:bay 3, SAS, 300 GB, OK)
 Mirror Group 1:
 physicaldrive 2I:1:7 (port 2I:box 1:bay 7, SAS, 300 GB, OK)

Now you can re-enable the mirror, using those larger devices:

ctrl slot=0 ld 0 modify reenable

You’ll have to confirm that data on the LD will be lost, but it’s no biggie as you copied the stuff elsewhere, right? 😉

Finally, grow the logical drive to its new capacity:

ctrl slot=0 ld 5 modify size=286070

(this is for a 300GB SAS drive).

Instruct the Linux kernel to partprobe the new disks (they should come up empty with no partitions on them):

# partprobe

That’s it, you should now be able to access the new, larger logical drive using the old Linux device name at /dev/cciss/c0d0. Create partitions as needed and copy back your data to the new device.

 

 

Snipping and adding fade in / out effects using ffmpeg

While you might think ffmpeg is well documented on Linux given its relative maturity, I found the docs provided very confusing and even misleading as some filters (like “afade”) referenced in many examples weren’t even availble on Ubuntu 12.04 LTS. (check your own version using the “-filters” ffmpeg argument: After much searching and googling, I arrived at the solution below and I’m documenting it here for my own use and posterity 😉

Get the latest static ffmpeg build to make sure you have the “afade” filter available for Linux:

http://ffmpeg.gusari.org/static/

Extract ffmpeg to somewhere in your path (I use $HOME/bin). 

Extract 70 seconds of audio, starting at 60 seconds into the file:

ffmpeg -i test.mp3  -ss 60 -t 70 test01.mp3

Add the fade-in effect (4 seconds):

ffmpeg -i test01.mp3 -af "afade=t=in:ss=0:d=4" test02.mp3

Add the fade-out effect (5 seconds, starting at 65 seconds) to the new file:

ffmpeg -i test02.mp3 -af "afade=t=out:st=65:d=5" test03.mp3

I guess this could be done in a better way, combining the snipping and the filtering in one go, but I couldn’t figure out the correct filter / snipping syntax. If you do, please comment.

 

Hoovers Piece of Pie

I finally got around to setting up my Raspberry Pie (v2, 512 mb RAM, 8GB SD-Card) over the last week. Right now, it’s a print- and openvpn server and also functions as a webcam using a logitech quickcam connected to the 2nd USB port.

I had no luck with Raspbian as it continuously failed to set up the ethernet port (even when hard-coding an ifconfig in /etc/rc.local), so I gave Arch Linux a try on the pie (that rhymes) and it worked like a charm beginning with the first boot (I had planned taking a look at Arch for a long time anyway, so this was the perfect opportunity.

 

pie01

 

As you can see, the pie is not really mounted in any sort of professional manner, but I hope to get around to building a Lego “case” for it over the weekend. Once it’s achieved a decent uptime, I’ll move the setup into the cellar but for now, I like to look at the blinking lights every once in a while when I’m hacking away on other projects 😉

Arch Linux is surprisingly lean and uses less than a Gigabyte of space on the SD-Card, currently about 1,1GB are used on the root partition out of 2gb that the setup allocated for it.

Edit: Case prototype made from LEGO :

pie_lego_case

 

 

Fixing the noisy internal fan in a Thrustmaster T500 RS wheel (without voiding your warranty)

Hi folks,

 

this post will explain how to fix the noisy, 5-cent fan that comes with most if not all ThrustMaster T500 RS wheel. To get this out of the way first: It’s simply incomprehensible why TM haven’t included a better quality fan with their otherwise extremely well-engineered product; A Euro or two extra wouldn’t have been to bad and would have gone a long way towards user satisfaction. Anyway, here goes.

 

DISCLAIMER: If you shock yourself of family member to death following this procedure, I’m certainly not the one to blame. I’m happy to know which end of the soldering iron gets hot, and that’s as far as my electronic skills go…. Gladly, none are required for this easy fix.

DISCLAMIER II: This fix looks *ugly*, and I mean ugly. No biggie though, it’s easy to improve on yourself so don’t worry. If you’re like me, you’re watching the road ahead while simracing and not caring about how your wheel looks.

t500RS_noisy_fan_fix

Parts list:

 

o Battery pack / 9V DC battery (I have some battery packs left over from my Tamiya RC car racing days)

o 12 cm PC fan (the more silent, the better; I’m using a 12cm xilence fan)

o cable connectors (you can also solder these if you want to)

How to go about it:

– Carefully cut off the mainboard connectors from the fan, you’ll only need the red and black cable, keep the yellow one though if you want to regulate the fan at a later point (I found this unneccessary though if you use a quiet fan to begin with)

– Unplug the metal connectors from your fan connector, removing the insulation as usual from the end of the cable

– Use cable connectors to connect  the bare-metal ends of the fan with the metal connectors from your plug

– connect the metal connectors to the poles on your battery pack / battery (make sure to get the polarity right, black <—> black and red <–> red, of course)

– By now, your fan should start turning. If not, your battery pack may be dead of you might have mixed up the wire polarities

– Use a piece of string to affix the fan to the *right side* on the whell housing. The left side won’t work as it doesn’t provide enough cooling to the wheel motor in order to prevent the internal fan from coming on after 20 minutes of usage or so.

– “Enjoy the xilence” 😉

 

Using Juniper Network Connect on Ubuntu / Linux Mint 64 bit with SecureID token authentication

Introduction

Why another step-by-step recipe? Well, none of the ones available worked for me on Linux Mint13 64bit, so here’s a quick rundown of what you need to do in order to connect to your juniper networks vpn gateway using Linux Mint / Ubuntu 64bit and your SecureID token (I cannot test any other methods).

Executive Summary  / Abstract

For the impatient, here’s a list of the required steps:

  • Ensure your browser has a working java plugin (I used firefox)
  • download latest jnc software from your vpn gateway
  • download the vpn gateway certificate & store it locally
  • ensure the first “java” found in your PATH is a 32 bit version (installed from Oracle’s tar.gz-Archive, for instance)
  • ensure /etc/resolv.conf exists, otherwise nsvc will segfault after making a connection

Need more info? Proceed at your own risk! 😉

Preparations

Remove / rename any previous installation from your home directory, changing to your home directory first:

cd
mv .juniper_networks backup_juniper_networks

Make sure you are using Firefox for the next step with the java plugin enabled and “xterm” installed on your system (ia32-libs are required so that your system can run 32bit binaries):

sudo apt-get install xterm ia32-libs

The Gritty Details

In firefox, type “about:plugins” in the browser bar and make sure the java plugin stuff comes up.

Fire up your browser and go to your regular VPN login page to log in, using your secureid and token like you would on Windows.

Download & install the juniper networks software as usual, allow the java executable to run. (an xterm will come up asking you for your password). At least this much seemed to work out of the box for me.

If everything goes well, you’ll find a new .juniper_networks directory in your home directory.

Change into that directory and install a 32bit JDK from java.sun.com. I used this one:

 

cd .juniper_networks

wget http://download.oracle.com/otn-pub/java/jdk/7u17-b02/jdk-7u17-linux-i586.tar.gz

 

If wget doesn’t work, point your browser to java.sun.com and download the file manually, then move the tar archive to the .juniper_networks-Folder once the download is complete.

Extract the tar.gz file in your .juniper_networks directory:

tar xvzf jdk-7u17-linux-i586.tar.gz

Rename it to something like “java32” or thereabouts:

mv jdk-7u17-linux-i586 java32

Prepend the new jdk “bin” directory to your PATH:

export PATH=$HOME/.juniper_networks/java32/bin:$PATH

Make sure you’re getting the right java:

which java 
$HOME/.juniper_networks/java32/bin/java

Now comes the really braindead part: Create a file /etc/resolv.conf, otherwise ncsvc will segfault after launch:

sudo emacs /etc/resolv.conf

Enter a std nameserver here, the important thing is that this file exists:

nameserver 8.8.8.8

Save the file. On you std. dhcp / network managed Ubuntu, this file won’t exist where jnc expects it, so you have to create it manually. Nice…

Obtain your gateway’s SSL cert using the shell script provided in the “tmp” directory of your jnc installation:

cd ~/.juniper_networks/tmp

chmod +x ./getx509certificate.sh 

./getx509certificate.sh your.vpn.server.com ../network_connect/vpn.crt

Change to your network_connect directory and run the “ncsvc” Command like so:

./ncsvc -h your.server.com -r "Your Realm Name"  -f vpn.crt -L 5 -u username -p xxxxYYYYYY

If you don’t know the realm, check the HTML source of your login page, it’s usually passed along to the cgi script using some form of “hidden” input tag.  “xxxx” is your SecureID pin, with “YYYYYY” indicates the current token.

That’s it. Check the file ncsvc.log for any errors that might crop up. To track down the resolv.conf problem, I had to run “strace” on the command line above, dirty work but if it solves the problem…

Conclusion

All of this could be scripted up nicely (the PATH modification, the resolv.conf bits and so on), but wouldn’t it be easier if Juniper fixed their software? It’s quite hard to believe such a pile of crap should be let loose unto the world by such a renowned company, who knows what else lies waiting in this huge binary blob… sorry for the rant.  😉

References

http://www.joshhardman.net/juniper-network-connect-vpn-linux-64-bit/

http://ubuntuforums.org/showthread.php?t=232607&page=45&p=11189826#post11189826

 

Hope this helps some of you, feel free to comment if you run into problems.

 

 

Fixing Google Chrome Alsa plugin volume issues

If you’re on Linux, this may have happened to you: Google Chrome’s flash plugin all of a sudden sets the audio playback volume to 100% whenever you play a youtube video which may end up in serious sound distortion for all other apps on your system, including google chrome.

 

Here’s how to fix it:

 

– make sure you have the “pavucontrol” application install (pulse audio volume control panel)

 

– with a youtube or other flash video running, fire up pavucontrol, it should look something like this:

https://dl.dropbox.com/u/1983539/pavucontrol.png

Simply drag the “chrome alsa” volume slider to 30% or so and you should be all set to enjoy non-distorted sound in both chrome and Linux (Ubuntu 10.04 in my case) again.

 

How to generate a self-signed root CA certificate (that you can import in Firefox ;-)

For a job-related project I’ve been fiddling with openssl to create a new CA instance for self-signed certificates.

 

Initially I had problems importing our root CA cert into firefox, but finally got it working after some googling. The main problem is that by default on Red Hat 5.x, the file /etc/pki/tls/openssl.conf has the following entry set to FALSE:

 

basicConstraints=CA:FALSE

So you when you create the root CA certificate using

/etc/pki/tls/misc/CA -newca

the root ca cert will end up with the above constraint set to FALSE. Firefox doesn’t like that and will consequently refuse to import the certificate as a new CA.

Solution: Simply fire up your text editor of choice (I prefer GNU Emacs ;)) and change the line above in your openssl.conf file to read

basicConstraints = CA:TRUE

and you should have no problems importing the certificate into Firefox and other browsers.

 

Remember to undo the change before you generate your first self signed server certificate or you may run into other problems when trying to use these certificates in web- or mail servers.

It’s also worthwhile checking the other stuff in openssl.conf if you want to change settings such as default key length or certificate validity periods.

 

Fixing Linux Mint LMDE Flash Plugin sound issues

I recently updated my main Linux machine to Linux Mint Debian Edition (LMDE) because I’m not happy with Canonical’s “unity” strategy and trying to kill Gnome 2.x outright instead of fixing what’s wrong with it.

Most stuff worked well out of the box, but somehow the flash plugin could no longer play sounds.

A post on the Linux Mint forums was especially helpful in fixing this issue. As the “root” user, issue the following command:

 

touch /etc/asound.conf

Then, open the above file in your favourite text editor (mine’s “emacs”) and add the following lines:

pcm.pulse {
    type pulse
}
ctl.pulse {
    type pulse
}
pcm.!default {
    type pulse
}
ctl.!default {
    type pulse
}

 

Save the file and reboot your system and from then on, the flash plugin in Firefox / Chrome / what have you should be able to play sound again.

 

Another serious bout of nethack addiction

Following the recent announcement of the “nethack & variants” world championships, I’ve dug into that fantastic game once more which I have been playing since the late eighties, back then on my meagre Amiga 500.

 

Only today, I managed a decent game playing the usual “Ranger – Elf – Chaotic” character again, even meeting my ghost on level #9 or so of the gnomish mines.

 

Some random nymph stole my +2 elven cloak and bow on the Oracle level (hadn’t seen that in a while either as I’m usually headed straight down the Mines when I find them), only one altar in Minetown and not many else extras to speak of didn’t make things easier.

 

Eventually I made it to the bottom of the mines, plundering the wine cellar and all, but my AC never got below -3 at 63HP, so when faced with an air elemental on the mine bottom and a winged gargoyle on the level #9, I was faced with choosing my favourite kind of death.

 

I wish I would have kept that chickatrice corpse I had, but for fear of fumbling, falling down the stairs without remembering to unwield it first I carelessly dropped it.

 

Well, “hoover the male elven ranger” died with nearly 40k points, so it wasn’t a bad game at all. I’ve also picked up collecting and identifying daggers, they make a great weapon for throwing once your skill picks up (I could throw four at atime), sadly for lack of potions and scrolls, I never got around to blessing them or they would have made an even better weapon.

 

Bring on the next character! I’ve never ascended, and I probably never will, but one can dream. I had really forgotten what a wonderful game nethack is.

 

Resetting google chrome / chromium on Linux

Just the other day, my favourite browser started acting up on Linux Mint 10: whenever I started google chrome or chromium, the entire window would lock up and I’d have to kill the process using xkill.

I decided to start with a fresh set of preferences which is no biggie as google chrome’s nice sync feature makes it a snap to restore one’s favourite bookmarks, accounts and so on, so here’s what I did:

 

Open up a shell and type the following commands (make sure neither chromium nor chrome are running beforehand):

$ cd ~
$ mkdir backup
$ mv .config/.chromium .config/google-chrome backup/

Start google chrome, and you should be greeted by the familiar welcome screen.

 

Caveat: Only tried this on Linux Mint 10 (Ubuntu based), YMMV depending on the distro of your choice.

 

Some unscientific Linux filesystem benchmarks

I just did some rudimentary benchmarking of various Linux filesystems on Ubuntu 10.10/32 bit, doing an rsync -av of /usr /about 3,5GB of data) to a USB-connected, freshly formatted ATA drive (Seagate Barracuda 750g), here are the results (caveat: I used the system for web browsing and some shell stuff during the runs, so take the numbers with a large grain of salt):

xfs: 10m 1sec

jfs: 9m 5sec

btrfs: 7m 29sec

ext4: 6m 47sec

All filesystems were formatted using default parameters.

If it wasn’t for the long delay creating a largish ext4 fs as it writes its inode tables, I guess I’d be using ext4 more! 😉 Nice work also on btrfs, I guess there’s some more performance to be gained as the file system comes of age.

Batch-Scaling a directory of jpeg images using ImageMagick’s “convert” cli tool

Recently, I had to scale down a series of images in different resolutions down to a web-friendly 600xsomething size so I could upload them to Zope’s internal Medusa ftp server without having to wait hours or breaking the resulting picture page with humongous images. Here’s how I did it, assuming the pics reside in a directory called “picdir” in my home directory:

cd ~/picdir
mkdir web # create a temporary dir to hold the scaled down images
for f in *jpg *JPG ; do
 convert -geometry 600x "$f" web/"$f"
 #convert to 600px width at most, let convert figure out the rest
  echo $file
done

Of course, this only works for landscape format pics, portrait format pictures will end up slightly larger because of their greater vertical size.