Category Archives: Geeky

Technical stuff about Perl, Linux and computing & technology in general.

Creating and pushing new remote git branch

A note for my own reference, as I always forget how to create a remote branch then work with it later:

Create a new remote branch topic/add_awesomeness with, e.g.:


git push origin :origin:refs/heads/topic/add_awesomeness

Create a new local branch to track it:


git checkout --track -b add_awesomeness origin/topic/add_awesomeness

The unintuitive way to delete a remote branch is:


 git push origin :heads/topic/doc_cleanup

(There must be a better way than that…)

Incremental backups with rdiff-backup

My current backup solution is using rdiff-backup to do incremental backups. I’d previously been using plain rsync, but I wanted snapshots too, so I could retrieve a file as it looked at some point in the past (as Sod’s law guarantees that if a file was mistakenly deleted/clobbered, rsync will run between that happening and you noticing, so the backup will be clobbered too).

My setup involves the backup box running rdiff-backup, connecting to the machine to be backed up via SSH, using a passwordless SSH key for authentication. The entry in ~/.ssh/authorized_keys on the machine to be backed up allows that key to be used only to run rdiff-backup, nothing else, and only from the backup host, to provide as much security as possible.

I thought I’d document my setup here, both for easy future reference for myself when adding other boxes to back up, and for anyone else who may find it useful.

So, the steps I use are as follows:
Continue reading Incremental backups with rdiff-backup

Nagios plugin to monitor 3ware/LSI RAID

I wrote a basic Nagios plugin named nagios_3ware_raid_check to monitor the status of RAID arrays on 3ware/LSI hardware RAID controllers, but it was pretty limited.

Today I got a chance to improve it as I needed it for some machines at work; it now automatically figures out which card(s) are present, and checks the status of each RAID array on it. This means you don’t need to configure it to know which card number and unit to monitor, it just Does The Right Thing.

It uses the tw_cli utility available from the LSI website, which supports a wide range of 3ware/LSI RAID cards.

Example:

[dave@rasputin:~]$ /usr/local/bin/nagios_3ware_raid_check -v
Card 6 is a 8006-2LP
Unit u0 on card6 is a RAID-1 array of 931 GB and is OK
RAIDCHECK OK - Card 6 unit u0 RAID-1 OK (931GB)

When actually using it from Nagios, don’t use the -v (verbose) option – just use something like the following in nrpe_local.cfg:

# Monitor RAID status
command[check_raid]=/usr/local/bin/nagios_3ware_raid_check

Configuring CPAN.pm to use sudo to install

For security, I like to run CPAN.pm as a normal user so building & testing modules are all performed as a user rather than root, but of course the final installation needs to be done as root so that files can be copied to paths not writeable by normal users.

I always forget the options I need, so for my future reference as well as anyone else who finds it useful:

o conf make_install_make_command 'sudo make'
o conf mbuild_install_build_command 'sudo ./Build'

That means that the actual installation gets run via sudo, with everything else just being done as the user you started the CPAN client as.

(Of course, these days, you could also use cpanm (cpanminus) with its –sudo option…)

Slow SSH connections – hanging at GSSAPI auth

A particular box at $work had been slow to SSH to for a while, and I finally wanted to spend the time to find out why.

Running ssh -v thatmachine showed that it was hanging whilst attempting to authenticate with GSSAPI, with the slow section looking like:

debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1000' not found
debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1000' not found
debug1: Unspecified GSS failure.  Minor code may provide more information
debug1: Next authentication method: publickey
debug1: Offering public key: /home/davidp/.ssh/id_rsa
# authentication by public key then proceeded quickly

SSHing to the machine by IP instead, i.e. ssh -v 10.1.1.192, produced slightly different output:

debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: An invalid name was supplied
Cannot determine realm for numeric host address
debug1: An invalid name was supplied
Cannot determine realm for numeric host address
debug1: An invalid name was supplied
debug1: Next authentication method: publickey
# authentication by public key then succeeded quickly

It’s clear that it’s trying to authenticate using GSS-API (Kerberos), failing, then moving on to public key auth.

The fix is simple – disable attempts to use GSS-API by adding the following to ~/.ssh/config:

GSSAPIAuthentication no

Before adding that:

[davidp@columbia:~]$ time ssh 10.1.1.192 touch /dev/null | grep real
real	0m15.512s

After adding it:

[davidp@columbia:~]$ time ssh 10.1.1.192 touch /dev/null | grep real
real	0m0.611s

Problem solved.

Disabling wifi kill-switch on Inspiron 17R (N7010)

The wireless kill-switch (Fn+F2) on my Dell Inspiron 17R (N7010) laptop is getting on my tits, as I occasionally hi that key combination by accident when trying to use Ctrl + F2.

I can’t seem to see any way to disable this, and Google doesn’t seem to be able to find anything useful. Anyone have any ideas? There must be some way to ignore that key combination.

Running xev whilst pressing that key combination shows me:

KeyPress event, serial 33, synthetic NO, window 0x5c00001,
    root 0xb0, subw 0x0, time 39357273, (121,-345), root:(1426,350),
    state 0x0, keycode 246 (keysym 0x1008ff95, XF86WLAN), same_screen YES,
    XLookupString gives 0 bytes: 
    XmbLookupString gives 0 bytes: 
    XFilterEvent returns: False

KeyRelease event, serial 33, synthetic NO, window 0x5c00001,
    root 0xb0, subw 0x0, time 39357273, (121,-345), root:(1426,350),
    state 0x0, keycode 246 (keysym 0x1008ff95, XF86WLAN), same_screen YES,
    XLookupString gives 0 bytes: 
    XFilterEvent returns: False

So, if it’s being triggered by software, it’s keycode 246 I need to deactivate/map to something else, I believe.

However, I tried with:

xmodmap -e 'keycode 246 = NoSymbol'

… but no effect, it still kills the wireless. I’m hoping that someone might know how to do it, and/or that someone else Googling for how to do this will find this post, and perhaps share any ideas. If I figure it out, I’ll of course update this post with the solution.

UPDATE – I probably should have mentioned that this machine is running Ubuntu Linux. Also, I found that, in System > Preferences > Keyboard Shortcuts, I can assign a shortcut to the Fn+F2 key combination (the shortcut column shows 0xf6), and pressing Fn+F2 does indeed trigger that shortcut (launching a terminal window, for a test), but also still triggers the wifi killswitch. I suspect that, as well as being seen by the OS and software, it’s being directly intercepted by hardware to toggle the card?

UPDATE – to help people Googling for info on how to disable the wireless/wifi kill switch key combination / shortcut for this laptop, it’s a Dell 17R / N7010 with a Broadcom BCM4313 802.11b/g LP-PHY wireless adaptor.

Debugging WWW::Mechanize scripts – printing requests and responses

Just for fast and easy reference really, but for easy debugging to find out the exact HTTP requests being sent and HTTP responses received by a web-scraping script using the excellent WWW::Mechanize, you can simply add:


$mech->add_handler("request_send", sub { shift->dump; return });
$mech->add_handler("response_done", sub { shift->dump; return });

This will cause all HTTP requests and responses to be output, so you can see exactly what’s happening.

Monitoring network traffic with jnettop

Just a quick post about jnettop, a tool I find really useful for monitoring network traffic to see what other machines a machine is talking to, and how much traffic is being sent/received between them. (It also includes traffic going via the host you’re running it on, so very useful for firewall/gateway machines.)

Jnettop is a traffic visualiser, which captures traffic going through the host it is running from and displays streams sorted by bandwidth they use.

Basic screenshot:

Useful stuff.

ATV docked with space station – impressive stuff

This afternoon, ATV Johannes Kepler docked with the International Space Station (video here).

It’s delivering “4,534kg of propellant for International Space Station reboost and attitude control”, “1,600kg of dry cargo, 850kg of propellant for Russia’s Zvezda module and 100kg of oxygen”. Whilst attached to the ISS, it will “boost” it, compensating for decaying orbit caused by drag.

The thing, once released from the launch rocket, navigates itself into orbit behind the ISS, and automatically docks with it with astonishing 1.5 cm precision, all whilst while the spacecraft and the ISS are hurtling around the Earth at 28 000 km/h. Impressive stuff indeed. (See ATV flight phases.)