javier arturo rodríguez

If you use VMware Player or VMware workstation under Linux and you’re an alt-tab fan like me, you might end up with stuck modifier keys, so you can’t use keys like Ctrl, Alt or Shift outside of VMware. Xiao Feng has written a nice script to recover from this annoying condition without having to reboot, and I tought I’d share it with everyone out there:

So you’re tired of watching the grass grow while your Linux RAID2 array rebuilds itself. Let’s take care of it:

$ echo 10000 > /proc/sys/dev/raid/speed_limit_min

This should give you a 10x speedup over the 1000kB/sec default — subject to the limitations of your actual bus bandwidth, of course.

After getting in closer-than-usual acquaintance with my mail server logs I thought I’d share a brief note I found in the Spamhaus PBL FAQ:

The first thing to know is: THE PBL IS NOT A BLACKLIST.

Oh, and since you’re already there you may want to linger a bit in this warning:

WARNING! Some post-delivery filters use “full Received line traversal” or “deep parsing”, where the filter reads all the IPs in the Received lines. Legitimate users, correctly sending good mail out through their ISP’s smarthost, will have PBL-listed IPs show up in the first (lowest) Received header where their ISP picks it up. Such mail should not be blocked! So, you should tell your filters to stop comparing IPs against PBL at the IP which hands off to your mail server! That last hand-off IP is the one which PBL is designed to check. If you cannot configure your filters that way, then do not use PBL to filter your mail. Instead, you may wish to use sbl-xbl.spamhaus.org, but even that may have unacceptable “false positive” filtering, for example when a an exploited end-user machine sends legitimate mail out through the ISP smarthost, or when the dynamic assignment changes the IP to an uninfected machine. Do not use PBL or XBL if you do not understand the issues of “deep parsing”.

(Emphasis mine)
So if your top-of-the-line multi-thousand-dollar antispam appliance starts blocking all my email just because there’s a dynamic IP address somewhere in the header and there’s no freaking way to turn it off please go ask for a refund. And stop bouncing my messages.
Oh and by the way the default SpamAssassin configuration in Debian assigns a 0.905 score if the last hop is in PBL.

And yes, SpamAssassin does the right thing and checks only the *last* external address — I’ve seen the code:

So once again kudos to Open Source — and Common Sense.

For completeness, here’s a followup to my post about using a Nokia N95 as a bluetooth modem under Linux. This is a working wvdial configuration for use with Telcel in Mexico.
Remember to enter your SIM’s PIN in pin-telcel, and refer to my previous post for complete instructions.

To use it, enter

Enjoy!

Did you know that you can use your data-enabled N95 to get a thethered Internet connection from Linux? The access mode and speed will depend on your actual coberture, and as usual YMMV, but I’ve been using this setup for a few months and it works fine.

Now in user mode use KBlueMon to find out the Bluetooth address of your device and write it down.
Then go ahead and initiate an OBEX file transfer to make sure that you can actually link to your phone and to establish a trust relationship. In your phone add the Laptop to your trusted device list, so it won’t nag you whenever you establish a link.
Now edit /etc/bluetooth/rfcomm.conf :

Replace your own device address after “device”.
Now edit /etc/wvdial to add these two entries:

You can give them any name you want. I have defined several providers, to avoid confusions and to use the provider at hand. Replace the “XXXX” in Init1 with your SIM’s PIN.
Now to use them restart the Bluetooth subsystem:

And use wvdial to dial out:

You should get an Internet link, complete with an IP, a default route and a couple of DNS servers. If it doesn’t, reboot your phone liberally.
Please note that this might get expensive quite quickly unless you get a data plan from your provider. Go ahead and make their day.
Enjoy!

If you try to do X forwarding by SSHing to an HP-UX host, you may get the dreaded “Can’t get IP address for X11 DISPLAY.” error. This is more common than you might think, and the reason is that an out-of-the box installation of HP-UX has four or five /etc/nsswitch.conf *examples* for you to install, but not an actual /etc/nsswitch.conf file. I guess this is buried somewhere on the documentation — hey, it might even be a FAQ, but I guess that shipping with a reasonable default wouldn’t hurt.
Well anyway, the following minimal /etc/nsswitch.conf should do for the vast majority of scenarios I can imagine:

Now SSH X forwarding should work and a myriad other disasters waiting to happen will surely be averted.

After pulling my hair for a couple of days I just realized that my DSL provider is blocking all outgoing connections to port 25 with an ICMP Unreachable packet, which translates as a totally bogus “no route to host” message (An ICMP RST would be more kosher, BTW). The only explanation that comes to my mind is that Telmex has finally realized that it has become one of the largest botnet hosts in the world and decided to do something about it. This is a terrible inconvenience for me, because I run a backup MX at my home office and all the email I write while I’m at home is relayed through it. And now it believes that it has been cut out from the Internet, and is suffering from Internet withdrawal syndrome. Oh, and all attempts to use an external relay -like my primary MTA or the office’s- through port 25 fail as well, so I have had to set up an elaborate workaround *just to send email*.
*Argh!* I hate to pay up for those ignorant Windows home users.
Add to that the fact that i get 800KBps tops in a 2GBps line, and recurrent reports of arbitrary bandwidth capping and Infinitum stops looking like a good alternative for home broadband. I’ll have to look for a cost-effective alternative, but after experiencing 20MBps/20EUR in Europe I’m afraid that I’ve been spoiled for life.
In the meantime, if you were expecting a mail from me in the last five days or so, I’m sorry to say that it is either on its way or lost forever.
Anyway… Merry Christmas!
Update 20080104: AJ Gibson points out in a comment that Telmex is willing to remove the block from your account if you are willing to jump through a few hoops. Just go to http://www.telmex.com/mx/asistencia/correoelectronico/faq_puerto_25.html and follow the instructions there. I registered yesterday and today I can connect back to external SMTP servers again. As mentioned in the comments, YMMV.

The product you are in charge of maintaining has been in active use for a decade. The manual is several megabytes long, and there’s an army of programmers, consultants and technical writers that make a living off it. As you might guess, it’s not an inexpensive product.
One of the routine tasks for that product -let’s say, “create a new UCM project”- is throughtly documented for the GUI use case, but the manual makes absolutely no mention of the CLI-based procedure. You go through the whole procedure armed with the aforementioned documentation and lots and lots of patience, second-guessing the developers and the technical writers every step of the way, but getting the work done with varying amounts of effort and frustration.
Then, in a key command, you hit a wall. The program complains:

Now “POLICY_DELIVER_NCO_SELACTS” returns *exactly* one match in Google, and it points to the aforementioned documentation. It’s “POLICY_DELIVER_NCO_SELACTS” all over.
After a lot of frustration,

shows that “POLICY_DELIVER_NCO_SELACTS” is a typo. They really meant “POLICY_DELIVER_NCO_SELACT” instead. No final “S”, you see! And this happened SOME TIME IN THE LAST TEN FREAKING YEARS.
The list of things I’d like to do to the project managers, documentors, and technical writers of this particular product suite is too graphic even for the Internet.
And most importantly — how do they get away with these levels of incompetence?

I just got a new ASUS M2V motherboard to replace a braindead server that would lock up on POST about 75% of the time. The new motherboard has a built-in Attansic L1 Gigabit Ethernet Adapter that is supported in Linux >= 2.6.21, but its driver is still missing from the daily Debian netinst CDs.

I tried David Johnson’s pre-compiled driver for AMD64 but it didn’t work right away, so I compiled AtL1Linux_v1.0.41.0 for the stock 2.6.18-4-486 kernel in the official Debian 4.0 netinst CD and tested it. Although it was supposed to work right out of the box I kept getting “invalid module format” messages. So I stripped out the version information with

and it worked immediately. I completed the installation and I will upgrade the server to 2.6.21-2-amd64 over the weekend. So here is a atl1.ko for 2.6.18-4-486 that should work just fine.

By the way, I stripped the version information off David’s atl1.ko but I didn’t get a chance to test it because I was in a hurry. Here it is anyway in case someone finds it useful: atl1.ko for 2.6.18-4-amd64.
Oh, by the way, the M2V has four PCI slots but no built-in VGA adapter, and most PCI-e video cards are so thick that the first slot becomes unusable. Since I bought this motherboard precisely to maximize the number of available PCI slots in the server… well, it just sucks.

I tought this was just a SpreadFirefox stunt, but I just found the most strange User-Agent in an Apache server log

*heh!* I guess it takes another Commodore fan to appreciate this kind of humor.

A couple of years ago Ludovico Magnocavallo tackled the issue of bulk conversion of MySQL tables from MyISAM to InnoDB with an elegant bash snippet.

The original post also suggests using grep to limit the scope of the conversion to just a few tables.
(It seems that now Google *does* yield practical answers to this question ;-)

Last night I opened KDE control center to change my desktop settings and I was shocked when I found that kcontrol was empty but for the OBEX Devices panel. Alll the modules that were supposed to be inside kcontrol where inside the KDE “Lost and Found” folder instead. A superficial search in the KDE mailing lists returned a few matches about this problem on KDE4 (did you know that kcontrol is currently unmaintained and that it’s gonna die real soon now?) but I’m currently in KDE 3.5.5 so that doesn’t apply to me.
Tonight Google came to the rescue: after digging a bit more I found this post in the debian forums which mentions that this might be a bug in a debian package and spells out the answer to my problem:

Voilá! Now my kcontrol is fully populated again.

After a few weeks using the auxiliary battery instead of the CD-ROM drive, I needed to read a DVD. Surprise! It didn’t work. Reboot. Still no luck.
dmesg didn’t show anything about IDE, and /proc/ide was empty. It was like the CD-ROM didn’t exists at all.
The explanation might be that the CD-ROM is a SATA drive, not PATA. Graham William’s GNU/Linux Desktop Survival Guide holds the key to enable the drive. In short:

Voilá.
(Part of the ongoing Debian GNU/Linux on Dell D620 saga.

VMware has made available VMware Player for free for a few months now. I had been having problems making it run under the latest kernels in Debian GNU/Linux until I found out about the Czech University vmware-any-any patch. Of course, this is unsupported, so YMMV.

A typical installation run would go like this:

Answer the questions about installation directories, initscript dirs and such, but *do not configure VMware yet*. I repeat: do not configure VMware yet.

Now we’ll patch the source with vmware-any-any

This will patch the vmware-config.pl script, the kernel modules source code and the VMware binary itself if necessary. Now you may run vmware-config.pl when prompted. Please note that for this you must install the linux-tree-2.6.xx package for your current kernel version, and the source must be unpacked under /usr/src/linux. This is supposed to work fine when you have installed just the kernel headers instead, but I always go for the full kernel because -as you may have noticed- I compile a bunch of stuff into my kernel anyway.
After module compilation vmware-config.pl will prompt for network configuration and prompt to enable the Google searchbar (!). The last lines in the configuration should be something like this:

Now you may head back to VMWare’s site to download a pre-configured appliance to run in your brand-new VMware player installation. Or go to EasyVMX to build your very own virtual machine. In any case, remember to drop a line to thank VMware for releasing this kick-ass product for free!

I managed to get TwinView working on the Dell Latitude D620 under Debian GNU/Linux and I’ve been using it for a few weeks now without any problem whatsoever.

The key section in /etc/X11/xorg.conf is this:

I’m using an external 1280×1024 LCD, and I use the KDE control center (Peripherals/Display) to switch between metamodes. The nice thing is that whenever the X server starts and it doesn’t sense the external display it automagically defaults to using only the built-in display. Moreover, TwinView handles gracefully the “hole” below the 1440×900 display. Now what I’d really like to do is to specify that the primary monitor is the built-in display instead of the external LCD, but that can wait a bit longer.

Of course, you can download the complete xorg.conf I’m using, with my finely-tuned (right) TrackPoint and TouchPad configuration.

After running several updates on a particular server during the weekend, this morning I got a report that svn was down. a quick insection of libapache2-svn error log turned out this error message:

After googling it I found out that this has been reported as Debian Bug#342508, which promptly refers you to read /usr/share/doc/subversion/README.db4.3.gz. The recipe works just fine, and I reproduce it here for completeness:

In the same document there’s a note that recommends to migrate the repository from DBD to FSFS. Since I’ve seen some serious trouble with OpenLDAP’s Berkeley DB backend before and the SVN database is over 1GB right now, I’ll schedule a mainteinance window for this migration ASAP.

When you have to install packages that live out of dpkg, don’t you hate to install their dependencies by hand? I do.
Even though this is exactly what CPAN.pm does, there is a Debian way: If you have another machine with the correct dependencies already installed, you can use dpkg to copy those over.
For instance, this one-liner requests installation of the same Perl libraries that live in another machine:

You may replace the first regexp to whatever your want (e.g. “^libapache-mod” for perl modules, “^lib.*java” for Java libraries and so on).
Gotta love Debian.

This is an old sysadmin trick, but a good one all the same.
Suppose that you finished installing a brand-new Debian GNU/Linux server, and for whatever reason you forgot to set aside some space for a swap partition. Or you correctly got some swap space at installation time but now you desperately need some more. Well, despair not. It’s a little known fact that you can have swap space in a file on top of the filesystem instead of using a dedicated block device.
This simple recipe will give you 2Gb of swap space. Here we go:

Now add this newly created swap space to your /etc/fstab:

Teoretically, you won’t get the same performance as using a dedicated block device, and if the file actually gets fragmented it might drop rigt to the floor, so if you try this at all do it as soon as possible after installation. So if what you’re trying to do is to *increase* your available swap space instead, you may add a priority option to give preference to the block-device swap space:

And just this time activate the swapspace with addswap (The initscripts will do it on every boot thereafter):

That’s all there is to it. I particularily like how newer BOFH generations look at this with some skepticism at first, and with endless amazement later.

Last thursday the hard disk drive on a development machine died big time. First it started to behave erratically and dmesg showed that it has having trouble with some bad blocks. It did not survive a reboot: ReiserFS woud not mount it on boot, and reiserfsck running from an Accelerated Knoppix CD refused to bring it back to life. At first glance, the disk was beyond repair.
Of course, upon closer inspection, it turned out that the warranty expired exactly two months ago. Normally -after swearing my heart off- I would just replace the disk and make myself a nice paperweight or some other modern art piece -I’ve been looking forward to make one of those nice HDD clocks- but in the guts of that particular HDD were some uncomitted changes that I just wasn’t on the mood of rewriting. Besides, even though most of the data was expendable, the configuration hadn’t been backed up in quite a while (Yes, there is a pattern here).
So here’s the recipe I usually apply in these situations using Kurt Garloff’s dd_rescue. First get a brand-new HDD of approximately the same capacity and place both disks in a working Linux box (Depending on your necessities, booting from Knoppix might do). Let’s call the old, dying HDD /dev/hdg, and the spankin’ new disk will be /dev/hde. For the sake of simplicity, let’s assume that /dev/hdg was partitioned in /dev/hdg1 for swap and /dev/hdg2 for data.
First we’ll copy the entire data partition from /dev/hdg2 to /dev/hde2:

This will take a long, long time. dd_rescue starts with a reasonable block size, but whenever it encounters and error it retries a few times with a smaller block size before skipping the defective blocks and moving along. This is useful because it will copy all data in every readable block, instead of giving up at the first error like dd does. In my case, this took more than a day for a 248GB partition.
Once the data is in a new disk you can try to mount it directly, although it is a good idea to run reiserfsck first to make sure that the files you’ll copy are usable.

Now here you might run into a small obstacle. Ideally I would buy the exact same model as the old drive for recovery purposes, because that guarantees that an exact bit-for-bit copy will work in most cases, partition maps and all. However in this case I bought a different brand, which resulted in a slightly smaller drive and a completely different geometry. When this happens, reiserfsck will complain about the different partition size, and suggests that you rebuild the superblock:

Now you can do a normal reiserfsck.
When you’re done just mount the new partition and copy your data to a safe place:

After this you can reformat the new drive for normal usage. Mine is being debbootstrapped as I write this.
This little recipe has saved quite some data and a few disks, including most of mcleod’s late Xbox hard disk. As usual your mileage may vary, but with a litle luck you just might get some of your files back.
Now about that crappy Maxtor HDD… I might just go for the wind chimes instead.

Gammu -the GNU All Mobile Management Utilities formerly known as MyGnokki2- is a full-featured cellphone manager for *nix and Win32. Its makefile knows about .debs and .rpms, it is incredibly easy to configure and -unlike Gnokii- it supports the Nokia 3200 (RH-31) right out of the box through an inexpensive DKU-5 cable.
Right now I’m using this simple /etc/gammurc under Debian GNU/Linux with kernel 2.6.12:

# gammu --identify duly reports