Debian unstable regains Xen Dom0 support

Good news everyone!

After a long time with no “modern” Linux Kernel available in Debian or Ubuntu for usage as Xen Dom0, the “Big Bang” release has been uploaded to Debian unstable. This actually means all the hardware support etc. from Kernel 2.6.32 AND Xen a simple ‘apt-get install’ away. Maybe we can even get Ubuntu Karmic DomUs running…

There’s some other goodies in it too, see Ben Hutchings Blog.

How to fix broken NX user authentication after OpenSSL fix

It looks like OpenSSH Keys generated on Debian derived distros (Ubuntu/Voyage etc.) are REALLY bad. I’m currently rolling out OpenSSL key updates as adviced on http://wiki.debian.org/SSLkeys.

One casualty of this update was my NX server using freenx. It just tells me that I can’t be authenticated. In the log /var/log/freenx.log it shows the following:

— NX SERVER START: -c /usr/lib/nx/nxserver – ORIG_COMMAND=
HELLO NXSERVER – Version 2.1.0-71 OS (GPL)
NX> 105 hello NXCLIENT – Version 2.1.0
NX> 134 Accepted protocol: 2.1.0
NX> 105 SET SHELL_MODE SHELL
NX> 105 SET AUTH_MODE PASSWORD
NX> 105 login
NX> 101 User: shuerlimann
NX> 102 Password:
NX> 404 ERROR: wrong password or login
NX> 999 Bye

This post talks about the NoMachine NX Server, but gave me the necessary clues: http://lists.kde.org/?l=freenx-knx&m=116542288527396&w=2

The magic command for freenx from http://datakeylive.com
on Ubuntu is

sudo rm /var/lib/nxserver/home/.ssh/known_hosts

This is necessary, as the SSH host key has been updated… Well, a more informative error message would’ve been nice, but I’m thankfull to the guys who produce freenx, anyway;-)

Duplicate partition table for RAID 1

Almost all HOWTOs for re-adding a drive to a RAID 1 I found on the internet told me to manually recreate the partition table on the new drive. But having 8 partitions, that’s no fun:-(

Here’s how I did it.

/dev/sda is the working drive, /dev/sdb the new one

sudo dd if=/dev/sda of=/dev/sdb count=1

You now have copied the main partition table. But as I’m using logical/extended partitions, I needed to copy those partition tables, too. I used fdisk to get at the sector:

sudo fdisk -ul /dev/sda

Disk /dev/sda: 251.0 GB, 251000193024 bytes
255 heads, 63 sectors/track, 30515 cylinders, total 490234752 sectors
Units = sectors of 1 * 512 = 512 bytes

Device Boot Start End Blocks Id System
/dev/sda1 63 996029 497983+ fd Linux raid autodetect
/dev/sda2 996030 6859754 2931862+ 82 Linux swap / Solaris
/dev/sda3 6859755 490223474 241681860 5 Extended
/dev/sda5 6859818 22490999 7815591 fd Linux raid autodetect
/dev/sda6 22491063 61561079 19535008+ fd Linux raid autodetect
/dev/sda7 61561143 81096119 9767488+ fd Linux raid autodetect
/dev/sda8 81096183 490223474 204563646 fd Linux raid autodetect

Look for the ‘Start’ of the ‘Extended’ partition and use it for ‘seek’ and ‘skip’:

sudo dd if=/dev/sda of=/dev/sdb count=1 skip=6859755 seek=6859755

That worked like a charm. I had to reboot to have the partition devices in /dev created, but that’s it:-)

Disclaimer: Double check source and target when doing such stuff. I didn’t check on more than 8 partitions…

Domain Aliases using bind9, exim4 and apache2

Domain Aliases

You sometimes like to create domain names that are miss-spellings or otherwise aliases. Here’s a HOWTO using bind9, exim4 and apache2

Bind

We use DNAME to specify a domain alias. Looks like NS entries are needed anyway. Don’t know yet ’bout MX, but first tests didn’t work…

Create a zone file like this, where zytolabor.ch is the alias domain
and zyto-labor.com the original domain name:

; /etc/bind/zytolabor.ch.db
@ IN SOA zytolabor.ch. shuerlimann.cyt.ch. (
2007042201 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
86400 ) ; Negative Cache TTL
;
@ DNAME zyto-labor.com.

@ IN NS keeper.zyto-labor.com.
@ IN NS penner.zyto-labor.com.

Add a zone declaration:

; /etc/bind/named.conf.local
zone “zytolabor.ch” {
type master;
file “/etc/bind/zytolabor.ch.db”;

allow-transfer {
solnet_ns;
switch_ns;
zytolabor_ns;
};
};

Restart bind and check log:

sudo /etc/init.d/bind9 restart
sudo less /var/log/daemon

Exim

Add domain to ‘dc_other_hostname’ in ‘/etc/exim4/update-exim4.conf.conf’ using ‘:’ as seperator and restart exim:

sudo /etc/init.d/exim4 restart

Apache

Assuming you’re using virtual hosts, there’s the ‘ServerAlias’ directive:

ServerAdmin ramon.egloff@cyt.ch
ServerName zyto-labor.com
ServerAlias http://www.zyto-labor.com

ServerAlias zyto-labor.ch
ServerAlias http://www.zyto-labor.ch

ServerAlias zytolabor.ch
ServerAlias http://www.zytolabor.ch

[…]

Just restart apache and start testing…

sudo /etc/init.d/apache2 restart

Howto use IsiSetup

Here’s a quick overview of the IsiSetup commands you need in your daily sysadmin work. You need to run them as root, maybe using sudo.

See changes since the last commit

isihost diff

Get a list of commits

isihost commits

Get a list of commits showing changed files

isihost changes

Start tracking files and folders

isihost add file1 dir2

Moving files and folders

isihost move old_path new_path

Stop tracking files and folders

isihost remove file1 dir2

Commit all changes

isihost commit

Commit selected files only

isihost commit-interactive

Restore the commited version of some files

isihost restore

Rollback some changes

isihost rollback