Archive for May, 2011

CrashPlan backup to Samba share on Linux

For about a week now I’ve been wrestling with implementing a system where CrashPlan would backup to my network drive. I ran into a really bit problem: When you mount a network location in Gnome using the GUI (gvfs), root can’t access it. Since the CrashPlan engine runs at root, it makes the network location unusable as a backup destination.

After a while of working on different ways to solve this rather large hurdle, I came up with the idea of simply mounting the network location using smbmount (mount.cifs). After some testing and tweaking, I was able to get it successfully working and added an entry to fstab to have it mount at boot time. I chose /mnt/mynas as the mount point.

See Synology DiskStation and Samba mount permissions for my method of getting it mounted with the correct file permissions.

Once it was set to mount at boot-time, I can now open the CrashPlan client and set /mnt/mynas as a destination folder, and now I have both local and off-site backups!

Feel free to share your thoughts and/or feedback in the comments below!

, , , , ,

Leave a comment

Synology DiskStation and Samba mount permissions

So today I was using smbmount to mount a network share from my Synology DiskStation to my Linux PC when I noticed a rather annoying file permissions issue that I couldn’t seem to fix. Why am I using smbmount and not Gnome’s GUI to mount? Because I need root to have access to the file system as well so that CrashPlan can back up to it.

Here’s what happened:

First, I mounted the share (as root):

smbmount //diskstation/mike /mnt/mynas -o credentials=/home/mike/mike.cred,uid=mike,gid=mike

(For more information on the smbmount or the mount.cifs credentials file, see the Ubuntu manpage for mount.cifs)

That worked great, except for when I do this (as root)…

ls -ld /mnt/mynas

… I get the following output:

drwxrwxrwx 17 mike mike 0 2011-05-20 09:25 mynas

I sure didn’t want the directory world-writable. So I tried specifying file_mode and dir_mode as both 0755 using the following (as root):

smbmount //diskstation/mike /mnt/mynas -o credentials=/home/mike/mike.cred,uid=mike,gid=mike,file_mode=0755,dir_mode=0755

Then I checked it:

ls -ld /mnt/mynas

… and got:

drwxrwxrwx 17 mike mike 0 2011-05-20 09:25 mynas

That didn’t do anything at all to help. Why? Because as it turns out the DiskStation is using a Samba server with CIFS extensions and is passing the permissions to smbmount (mount.cifs). The file_mode and dir_mode options are ignored if the remote server is using CIFS extensions.

file_mode=arg

If the server does not support the CIFS Unix extensions this overrides the default file mode.

dir_mode=arg

If the server does not support the CIFS Unix extensions this overrides the default mode for directories.

Source: Ubuntu manpages.

So there’s a couple of options here. First, I could set it to mount somewhere inside /home/mike, which would generally protect it. But I’d really like to know what’s up with the file permissions. So I did a little more Google-fu.

As it turns out, the CIFS extensions on the DiskStation can be disabled, all it takes is to edit a file. Lepoulpe posted on the Synology forums the following edit:

you can disable “unix extensions” in the ds106’s samba server. To achieve this, you need to add the folowing line in the [global] section of /usr/syno/etc/smb.conf :

unix extensions=no

So, I SSH’d into my DiskStation as root (should be the same password as ‘admin’ if you’re having trouble) and used the vi editor to make the edit. Afterwards, I restarted samba on the DiskStation by doing this:

/usr/syno/etc/rc.d/S80samba.sh restart

Then I remounted the Samba share as root…

smbmount //diskstation/mike /mnt/mynas -o credentials=/home/mike/mike.cred,uid=mike,gid=mike,file_mode=0750,dir_mode=0750

… and checked the permissions:

ls -ld /mnt/mynas

… and got the following output:

drwxr-x--- 17 mike mike 0 2011-05-20 09:25 mynas

Exactly right.

So now I have /mnt/mynas mounted to my share on the DiskStation. If I wanted it to mount on boot, I could add something like the following to /etc/fstab:

//diskstation/mike /mnt/mynas smbfs auto,credentials=/home/mike/mike.cred,uid=mike,gid=mike,dir_mode=0750,file_mode=0750,user 0 0

Questions about my method? Have any feedback or alternate methods to share? Please feel free to do so in the comments below. Thank you!

, , , , , , ,

Leave a comment

How to get Vendor and Device IDs in Windows to find missing drivers

If you’re missing a driver in Windows, it can be extremely frustrating if the manufacturer doesn’t have one listed on their website. That leaves you to go find it yourself on the Internet.

The key to getting working drivers revolves not around matching them to the manufacturer, but matching them to the device IDs. Believe it or not, Dell drivers will run the same device on a Toshiba, on an HP, etc as long as the device IDs on the hardware match that on the driver. You can even go directly to the chipset manufacturer’s (Realtek, Atheros, Intel, etc) website to get drivers from them.

So how do you find the device IDs?

Go to Device manager, then find a device with a yellow exclamation mark (missing driver) and double-click it.

Go to the details tab. The drop-down should read “Device Instance ID”

Below it, read the ID and take the following bold bits from it:

pciven_10ec&dev_8136&subsys_ff661179&rev_024&38f101ee&0&00e0

In this case, the Vendor ID is 10EC and the Device ID is 8136. A common representation of this is the Vendor ID and the Device ID seperated by a colon or hyphen, such as 10EC:8136 or 10EC-8136. Running these through your favorite search engine should turn up drivers fairly quickly. If nothing else, it will help you find the full name of the device and help you find it on the chipset manufacturer’s website.

Another thing to note is the subsystem. That’s the part after the SUBSYS parameter. Windows shows it as 8 hex characters (in this case ff661179 but you can also find it represented as ff66:1179. This may be important in driver matching as well.

Be wary though — some sketchy download sites will trick you into giving away personal information (email address, cell phone number, etc) or ask that you install software (toolbar, driver installer) in order to download drivers from them. Avoid these scams!

Please feel free to comment!

, ,

Leave a comment

Don’t just check your tires, check your tire gauge

Lately the dramatic weather and temperature changes have caused my low tire pressure (TPMS) light on my car to come on every few days.

Even though I stop and check the tires, and adjust them all to the correct tire pressure, the light doesn’t always go off right away, or it will go off and then come back on shortly after. I actually thought I had a malfunctioning sensor for a while, because I would double-check the air in all the tires, then start driving and the light would stay on.

Yesterday I stopped and thought like a technician: If I readjust the tire pressure and the TPMS light is still on, one of two things are happening: Either my tire gauge is wrong, or the TPMS sensor is bad. Tire gauges are cheap, so eliminate that first.

I use one of those stick-type tire pressure gauges to check my tire pressure, the kind you find at the gas station for about $5 or so. I went to Wal-Mart and picked up a digital pressure gauge for about $6. Then I checked a single tire using both gauges, twice, alternating gauges.

The result was clear: My gauge was off.

the “stick” tire pressure gauge consistently measured 3-4 PSI higher than the digital gauge. I re-inflated the tires according to the digital gauge and the light went off immediately. The tires were actually properly inflated now. Since I already suspected the gauge was bad, this confirmed it rather quickly, and means that I was short 3-4 PSI per tire when I thought they were properly inflated. That’s why the TPMS light was always coming on — the tires weren’t actually properly inflated. Rather, they were a few pounds short.

The gauges are cheap enough, you’re probably good to buy a new one between summer and winter and re-check your tires, especially if your TPMS light is on, or you’re having trouble maintaining correct tire pressure — it could just be your gauge.

Leave a comment

Ubuntu, Apache, VirtualHosts, and SSL – part 2

In my first post about Ubuntu, Apache, VirtualHosts, and SSL I covered generating self-signed certificates and implementing them for Apache VirtualHosts. What I didn’t cover was — if you implemented this without a correct base configuration — you’d end up with some unexpected results if you tried to visit your base domain over SSL.

It’s simple to resolve this. First, edit /etc/apache2/ports.conf and modify as follows:

  
  # If you add NameVirtualHost *:443 here, you will also have to change
  # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
  # to 
  # Server Name Indication for SSL named virtual hosts is currently not
  # supported by MSIE on Windows XP.
+ NameVirtualHost *:443
  Listen 443
  

If you were reading closely, you know what to do next. Modify sites-available/default-ssl file and change the directive as follows:

Now, restart apache:

/etc/init.d/apache2 reload

Your base SSL domain will now display the expected DocumentRoot, but the certificate will contain the URL localhost.localdomain. To fix this run, as root:

make-ssl-cert generate-default-snakeoil --force-overwrite

— From /usr/share/doc/apache2.2-common/README.Debian.gz

If you install the ssl-cert package, a self-signed certificate will be
automatically created using the hostname currently configured on your computer.
You can recreate that certificate (e.g. after you have changed /etc/hosts or
DNS to give the correct hostname) as user root with:

make-ssl-cert generate-default-snakeoil –force-overwrite

Questions, comments, and feedback regarding this guide and welcome!

, , , , ,

Leave a comment

The configuration defaults for GNOME Power Manager have not been installed

A friend brought me a Ubuntu system with the following issue:

On entering gdm, the login prompt was displayed on a black background and the following message appeared in the top-right corner:

“The configuration defaults for GNOME Power Manager have not been installed correctly. Please contact your computer administrator.”

Trying to log in as any user account was unsuccessful.

I don’t remember where I found the fix, but here’s what I did to fix it:

Once the gdm login screen appears, press CTRL-ALT-F1, which will switch you to a text-based login prompt, and log in using an account that has sudo privleges.

Run the following command:

sudo dpkg --configure -a

It may take a minute or two to complete. After that:

sudo reboot

After the reboot, when gdm appears you should have your colored background and the message should not appear.

Questions, comments, and feedback on this are welcome.

,

Leave a comment

Forcing SSL for phpMyAdmin

After configuring WordPress to force SSL in the administration area, I was in phpMyAdmin and realized that it’s also not configured to do the same by default.

From the phpMyAdmin Wiki, add the following line at the end of your /etc/phpmyadmin/config.inc.php file

$cfg['ForceSSL'] = TRUE;

This will cause sessions to force SSL.

If you’re having issues making this work for you, check out my article involving Apache and SSL.

Questions, comments, and feedback are welcome.

, , , ,

Leave a comment

Forcing the WordPress administration over SSL

From the WordPress administration over SSL guide, add the following directive to your wp-config.php file:

define('FORCE_SSL_ADMIN', true);

This will cause logins and admin pages to force SSL sessions.

If you’re having issues making this work for you, check out my article involving Apache and SSL.

Questions, comments, and feedback are welcome.

, , , ,

Leave a comment

convmv – Useful linux filename conversion utility

Every now and then I’ll run into an issue with a website’s uploader. They ask me to upload a picture, but then when I click their upload button, none of my pictures appear in the dialog. After troubleshooting for a few, it turns out that they’re limiting file masks to [*.jpg, *.jpeg, *.bmp, *.png] etc. But — because I copied my pictures over from a windows installation, they have all-capital file extensions. Linux uses a case-sensitive file system, so it regards these as different. Renaming a file to a lowercase extension [*.jpg] caused it to show up in the dialog which is what I wanted — but manually renaming thousands of pictures in dozens of directories was out of the question.

I could have written a bash script to do the renaming in a few minutes but I found something better — convmv. This simple utility makes filename conversions / renaming a breeze. By default, it runs in ‘test’ mode so that you can see what will happen before it does the job.

For my case, I needed to rename all the files to lowercase, so I used:

convmv --lower *

That showed me a verbose listing of everything it would do (test mode). However, I wanted to do the entire Pictures folder and everything under it. The new command from my Pictures folder became:

convmv --lower -r *

To get it to actually do the job, I had to specify --notest as well.

convmv --lower -r --notest *

It did it’s work within seconds and everything was lowercase. In my opinion, much easier and better than a bash script.

Convmv has plenty of other options, so next time you need to do filename conversion, check it out.

Questions, comments, feedback? Please share in the comments below. Thank you.

,

Leave a comment

Looks like another World of Warcraft phishing email

Recceived via email:

— EMAIL HEADERS —

Delivered-To: [removed]
Received: by 10.229.13.1 with SMTP id z1cs147675qcz;
Wed, 11 May 2011 02:41:18 -0700 (PDT)
Received: by 10.52.72.227 with SMTP id g3mr1653385vdv.226.1305106878430;
Wed, 11 May 2011 02:41:18 -0700 (PDT)
Return-Path:
Received: from ccnjp.com ([117.25.128.116])
by mx.google.com with ESMTP id fc6si6654414vbb.60.2011.05.11.02.41.06;
Wed, 11 May 2011 02:41:18 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning ddxie7@hotmail.com does not designate 117.25.128.116 as permitted sender) client-ip=117.25.128.116;
Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning ddxie7@hotmail.com does not designate 117.25.128.116 as permitted sender)
smtp.mail=ddxie7@hotmail.com
Message-ID:
From: “noreply@blizzard.com”
To: [removed]
Subject: Battle.net Account – Account Change Notice
Date: Wed, 11 May 2011 17:41:07 +0800
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=”—-=_NextPart_000_007F_019E656F.13A525A0″
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
This is a multi-part message in MIME format.

— EMAIL BODY —

Hello,

This is an automated notification regarding your Battle.net account. Some or all of your contact information was recently modified through the Account Management website.

*** If you made recent account changes, please disregard this automatic notification.

*** If you did NOT make any changes to your account, we recommend you log in to http://www.battle.net.en-us-wordofwarcraft.net/login/en/login.asp?ref=https%3A%2F%2Fus.battle.net%2Faccount%2Fmanagement%2Fbeta-profile.xml&app=bam

your account settings.

If you cannot sign into Account Management using the link above, or if unauthorized changes continue to happen, please contact Blizzard Billing & Account Services for further assistance.

Billing & Account Services can be reached at 1-800-59-BLIZZARD (1-800-592-5499 Mon-Fri, 8AM-8PM Pacific Time) or at billing@blizzard.com.

Account security is solely the responsibility of the accountholder. Please be advised that in the event of a compromised account, Blizzard representatives will typically lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.

Regards,

The Battle.net Support Team
Blizzard Entertainment
http://www.blizzard.com/support
Online Privacy Policy

— END —

A close look at the email headers and the link they suggest you click on gives this one away. Never take an ‘account security’ email at face value.

Leave a comment