zen.org Communal Weblog

I’ve got rkhunter installed on our Debian Etch box after a recent break-in on a home machine (long story, the short version involves silliness on my part changing to make my desktop receive incoming SSH connections—and leaving the patrick dummy account with its silly original password).

Every day I was getting two separate messages: one from rkhunter itself complaining

Warning: This operating system is not fully supported!

and the second from the daily cron job of running it, saying

/etc/cron.daily/rkhunter:
lsmod: QM_MODULES: Function not implemented

To hush the first, I edited the /var/lib/rkhunter/db/os.dat file and added the line

156:Debian 4.0 (i386):/usr/bin/md5sum:/bin:

I just read through the /usr/bin/rkhunter script to come up with the right syntax/values for this.

To make the daily cron mail stop, I edited the /etc/cron.daily/rkhunter script and changed the invocation line to redirect stderr to the log file (adding ‘2>&1‘) as well:

$RKHUNTER --cronjob --report-warnings-only --createlogfile /var/log/rkhunter.log > $OUTFILE 2>&1

Fingers crossed this does the trick.

The version of rsync installed with Tiger Mac OS X 10.4.11 isn’t the best … you can followsome great instructions and build the 3.0.6 version instead, getting a bit of a speed boost-up.

Anything to avoid typing commands you already know, and apply patches for changes someone else already did.

Our LaCie 500GB Mac Mini Hub drive, now a few years old, started a horrid clicking noise recently, and wouldn’t mount. Try as I might, it just kept failing. Crap, we lost everything on it! But a bunch of posts in different places, including the Mac OS X Hints Forum, talked about the power supply causing this sort of problem—and the disk itself is fine.

Elana had the great idea of taking the physical drive out of the LaCie case and putting it in an external drive enclosure. (Cuz I’ve amassed far too much stuff.) And voila, it worked just fine! Now I just need to get a cheap 500GB disk which I can use to mirror the contents of this disk, responding to the harsh reminder of how easy it is to lose vast amounts of data.

Some of which actually matters.

Earlier this year I got a SheevaPlug, a little box with some Flash memory and an ARM processor running Linux. It’s so friggin’ awesome! (Technical term.) My main motivation for getting it, aside from a cool toy, was its much lower power consumption compared to the Mac Mini.

For a few years now our Mini had been doing most of the maintenance efforts for our home network, including: DHCP; DNS; running the No-IP client so I can SSH in via our dynamic DSL connection with its random addresses; acting as a printer server; and work as a local NTP server (still to do). (My email folders were also on the Mini thru an IMAP server, but I’ve moved that onto my desktop for the moment.)

The SheevaPlug is now doing all of it. In particular, I’m finding name lookups for Web browsing is vastly faster than when the Mini was doing the effort.

This list offers the details of what I’ve done to use the SheevaPlug. I’ll add to it (to mirror my local ChangeLog) as we make any other tweaks or fixes. It’s not a lot of effort and the end result is great.

(Note: I still need to finish fixing the formatting of this for readability.)

Accessing the box
After initial power-on, logged in as root with the default password nosoup4u. Then I changed the root password to something I’m used to typing.
General Usability
1. As noted on “SheevaPlug”, edit /etc/dhcp3/dhclient.conf and comment out the the line
   

   #OFF#supersede domain-name-servers 127.0.0.1;

2. Ran dhclient eth0
3. Make sure APT will work by doing: mkdir -p /var/cache/apt/archives/partial
4. Install ntpdate with apt-get install ntpdate.
5. Edit /etc/rc.local and comment out the line
   

   #date 012618002009

   and add
   

   ntpdate ntp.maths.tcd.ie

6. Edit /etc/hostname and change the name from ‘debian‘ to ‘inara‘.
7. I should note the boot sequence for the SheevaPlug still specifies a different subnet:
   

   Nov 14 13:52:19 inara kernel: Kernel command line: console=ttyS0,115200 mtdparts=nand_mtd:0×400000@0×100000(uImage),0×1fb00000@0×500000(rootfs) rw root=/dev/mtdblock1 rw ip=10.4.50.4:10.4.50.5:10.4.50.5:255.255.255.0:DB88FXX81:eth0:none

8. * /etc/rc.local: Comment out
   #OFF#insmod /boot/fat.ko
   #OFF#insmod /boot/vfat.ko
   and add
   chmod 1777 /tmp /var/tmp
9. Edit /etc/fstab and add the lines
   

   tmpfs /var/log tmpfs defaults 0 0
   tmpfs /tmp tmpfs defaults 0 0

   to make the most frequent activity not actually write anything out to the flash memory. Too many writes to flash can accelerate its demise.

10. Also change the root partition in /etc/fstab to specify noatime to also reduce unnecessary “disk” writes:
    

    rootfs / rootfs rw,noatime 0 0

11. Install wget (to download stuff), sysstat (to see how things are running), and rsync (to download/upload stuff) with : sudo apt-get install wget sysstat rsync
Network Time Support
1. Update the list of packages, then install NTP: sudo apt-get update && sudo apt-get install ntp
2. Edit /etc/ntp.conf and change the server line to be the Trinity College server: server ntp.maths.tcd.ie
3. As suggested on “New Plugger How To”, ran dpkg-reconfigure tzdata
   and selected Europe -> Dublin.
Logging in over the USB serial port
1. Follow the instructions at “Setting Up Serial Console Under Linux”
2. On my desktop (running Ubuntu 9.04), ran
   * On homer:
   sudo /sbin/modprobe -q ftdi-sio product=0×9e8f vendor=0×9e88
   sudo apt-get install cu
   sudo chown uucp /dev/ttyUSB1
   so I can then log into the SheevaPlug over a serial line with
   * sudo cu -s 115200 -l /dev/ttyUSB1
   This is really helpful when you make a typo and the box is no longer getting on your network properly!
Network Connection
1. Edited /etc/network/interfaces and changed it from doing DHCP to a static address:
   

   auto eth0
   #iface eth0 inet dhcp
   # /usr/share/doc/ifupdown/examples for more information.
   iface eth0 inet static
   address 192.168.20.8
   network 192.168.20.0
   netmask 255.255.255.0
   broadcast 192.168.20.255
   gateway 192.168.20.1

DHCP Server
1. Installed the DHCP server with: apt-get install dhcp3-server
2. Copied the /etc/dhcpd.conf file over from the Mini.
DNS Server
1. Install BIND with: apt-get install bind9
2. Edit /etc/bind/named.conf.local and add
   

   options {
   // use this to get faster lookups that we cache:
   forward first;
   forwarders {
   // Eircom:
   // BACKUP plan when DoS attacks hit eircom (2009-09-02)
   159.134.237.6;
   159.134.248.17;
   // as per http://broadbandsupport.eircom.net/ under Broadband Settings:
   // 213.94.190.194;
   // 213.94.190.236;
   // Try going straight to the Netopia box
   // 192.168.20.1;
   };
   allow-query { localhost; 192.168.20.0/24; };
   allow-transfer { localhost; };

   };
   zone “20.168.192.in-addr.arpa” IN {
   type master;
   file “192.168.20″;
   };
   zone “network.home” IN {
   type master;
   notify no;
   file “network.home”;
   };

3. Add files /etc/bind/192.168.20 and /etc/bind/network.home from the Mini.
No-IP Client
1. Get GCC off the CD that comes with the SheevaPlug box in SheevaPlug_Host_SWsupportPackageLinuxHost.zip.
2. Extract gcc.tar.bz2 from it, then extract files from that.
3. Download No-IP.
4. Extract the noip sources; may be in a directory noip-2.1.9-1.
5. Expecting ‘gcc’ and ‘noip-2.1.9-1′ are in the same directory, edit the makefile to have
   

   CC=../gcc/bin/arm-none-linux-gnueabi-gcc -O3

6. Do ‘cd noip-2.1.9-1′ and ‘make’, then copy the binary to /usr/local/bin/noip2.
7. Run “/usr/local/bin/noip2 -C” and answer its questions; you’ll need to have registered on no-ip.com to have a username and password to use with this free client.
8. Create the file /etc/init.d/noip2 using the example at http://www.togaware.com/linux/survivor/No_IP.html.
9. Do “chmod 755 /etc/init.d/noip2″ and then “update-rc.d noip2 defaults” so it’ll run when you boot.

The original IEEE Transactions on Communications paper A Protocol for Packet Network Intercommunication (as a PDF) by Vint Cerf and Bob Kahn describing the seed that made the Internet come to be. Geek mana. I don’t know how long Princeton will keep it up there before I’ll have to delete the link.

I’ve got a bunch of photos I’d like to adjust to get rid of the redeye effect. A bit of searching found a few different tutorials on how to accomplish this in GIMP. But the effort is just plain nuts…you’re doing an awful lot of clicks and menus and finding your way down channels and tunnels … you’d never find the rest to do what should be a point-and-click sort of thing. (For those of us not using expensive commercial packages which have that…)

Because of a great howto, I discovered Digikam, a free KDE package which is perfect. You select a picture and click Edit, then select the region around the eyes. Click Enhance->Red Eye to see a popup showing both the original and, next to it, the fixed version. It’s perfect. Click OK, then Save, and you’re done.

I’ve found more often than not my attempts to log into my desktop (which is running Ubuntu Linux) have me staring at a black screen with a white cursor, waiting forever for the login window to come up. It appears this is because an uber-indexer, trackerd, is swallowing up all sorts of CPU time.

There’s no elegant way to disable it. I could kill the process, but that’s only usable until the next time I reboot the system or log off and log back in. So instead I had to do System -> Administration -> Synaptic Package Manager and search for “tracker” (not “trackerd” which doesn’t get it). I right-clicked on tracker, selected Mark for Complete Removal, and clicked Mark to accept that both of the packages libtaskbar-tracker and tracker-search-tool would be getting unistalled too. A click of Apply and then Apply again finally got rid of it. I quit the Synaptic Package Manager, my therapist to help me get away from this constant frustration.

Now if I walk away for more than five minutes, the screen saver will come on…but the idle system won’t give trackerd the ability to work it into the ground, in lieu of any other practical use of the system. Like, say, its user trying to actually use it.

This morning I discovered Apple has made a seductive play on having your printer hosted on a Mac and shared on your network. Bonjour for Windows was a simple exercise of installing and then using its wizard on the Vista laptop to find the printer. It was added with just a few clicks. No more messing with finding the .PPD file, drivers, whatever. Pretty slick!

This is awesome: in a fully automated way, convert a Cobol application to its iso-functional Java equivalent.

Hmm, garbage collect my savings account?

You can telnet to 192.168.0.1 to get the HN7000S’s vxWorks command prompt; for username do brighton and password do swordfish. Or telnet to 192.168.0.1 on port 1953 to get the menu interface.

Browsers can use the HN7000S box as a proxy to get traffic accelerated quite a bit by configuring to use 192.168.0.1 port 87 as the HTTP proxy (In the past some things have failed when going through this, though, but we don’t have any notes yet on what those were.
). In the list of exceptions to using the proxy, remember to put 192.168.0.1 itself there, as well as ‘localhost’ and 127.0.0.1, at least. I added our local subnet as well with 10.9.79.0/24 so I can properly visit the various access points, etc.

If SSL traffic is so slow as to be unusable, try configuring your browser to use a proxy for SSL also: host is 69.19.14.10 and port 3128. It’s not necessarily faster under normal circumstances.

Make sure anyone using your connection has DISABLED any operating system updates on their computer. Laptops which download Mac OS X updates, for example, will slam you to exceed the 24-hour download cap and make you suffer for 24 hours at ~30kps cuz of the (un)Fair Access Policy.

To get at the advanced configuration page, point at the URL
http://192.168.0.1/fs/advanced/advanced.html

The status page at
http://192.168.0.1/sys_status/
has a Diagnostics Code value like
0000-0002-6400-0002
You can visit
http://192.168.0.1/cgi/execAdvCom.bin?Command=30&NoAutoRefresh=1&PrintMsg=Diag%20Code%20Analyze
and put in the code from the status page. This will give you an explanation for why each of the particular bits are set to make up that series of numbers, with the values covering the most recent hour, 1 hour later, and 2 hours later.