Penguin, small TECH.BARWICK.DE
Start
 

Recent posts

Categories

Archive

Syndication

 



Powered By

Info

Friday, December 10, 2010   1:11 PM

XFCE and Xmodmap

OK, this has been driving me crazy for a bit - all I want to do is map the ol' caps lock key to CTRL using my .Xmodmap, but it seems XFCE4 overrides any settings made in .Xmodmap.

Turns out the solution (at least in Xubuntu 10.10 ,"Maverick Meerkat") is to navigate to "Xfce Menu" > "Settings" -> "Keyboard" and to click the "Use system defaults" option:

XFCE4 Keyboard Settings

On a related note, I wonder if this solution still works...


Posted in Linux | add a comment

Tuesday, August 31, 2010  12:50 AM

Purebot from www.puritysearch.net

I noticed this fella hammering away at one of my sites:

195.42.102.25 - - [31/Aug/2010:02:16:10 +0200] "GET /some/url.html HTTP/1.1" 200 13427 "-" "Mozilla/5.0 (compatible; Purebot/1.1; +http://www.puritysearch.net/)"
195.42.102.25 - - [31/Aug/2010:02:16:12 +0200] "GET /some/other/url.html HTTP/1.1" 200 55822 "-" "Mozilla/5.0 (compatible; Purebot/1.1; +http://www.puritysearch.net/)"

The URL in the browser UA string appears at first glance to be some kind of search site, but the "category link" on the page are stuffed with the kind of keywords you associate with spam of all kinds and no actual search results were returned for a couple of common keywords.

It now has its own entry in the Bad Bot List and some special rules at firewall level. Hasta la vista.



Tuesday, January 5, 2010   3:45 PM

Web Royalty - ignoble spam

Here at Penguin Blogs, Inc. we get a fair bit of comment spam. Most of it is automatically blocked by a fairly ingenious filter mechanism, but from time to time unknowns get through such as contentless posts like the following:

Very nice posting. I liked it.
thank you for your great posting.
Well that was a nice post

Purportedly this was written by a "Nick Matyas" of "Web Royalty" - what looks to be a legitimate SEO consultancy (look them up yourself, I'm not giving them the benefit of a link) but who are either using underhanded spamming methods, or have made a bad choice in outsourcing their own SEO.

Whatever, their URL is now on the filter list for this and many other sites, so they won't be troubling us here again.



Saturday, November 28, 2009   9:30 AM

Installing a RocketRaid 1740 (rr174x) in Ubuntu 8.04

The RocketRaid 1740 (rr174x) is a  4-channel PCI to Serial ATA II RAID controller, which according to the documentation is "ideal for small business home and office servers, NAS storage, workgroup and web servers". In this case it is being used in a generic PC to create and manage a RAID5 array of 4 1TB disks for a simple data storage facility.

The 174x (and other HighPoint products) have good and well-documented driver support for a range of operating systems including diverse Linux distributions and FreeBSD, see here for details:

http://www.highpoint-tech.com/BIOS_Driver/page/rr1740.htm

It appears the most reliable way to install the driver is to use the "Open Source Driver" provided at the bottom of the drivers page. Follow a fresh installation the following packages need to be installed to do this:

  • gcc
  • make
  • linux-headers-$(uname -r)

Download the .tgz file to a suitable directory, and in the directory product/rr1740pm/linux/ execute "make install". (No need for a prior "make").

Following a reboot the rr174x kernel module should be successfully installed and issuing dmesg | grep rr174x  should produce output like this:

[   27.757987] rr174x: module license 'Proprietary' taints kernel.
[   27.766618] rr174x:RocketRAID 174x controller driver v2.4 (Nov 28 2009 17:49:58)
[   27.766694] rr174x:adapter at PCI 2:4:0, IRQ 18
[   28.342352] rr174x:start channel [0,0]
[   28.343802] rr174x:start channel [0,1]
[   28.345248] rr174x:start channel [0,2]
[   28.346694] rr174x:start channel [0,3]
[   28.556067] rr174x:[0 0] Start channel soft reset.
[   28.556094] rr174x:[0 1] Start channel soft reset.
[   28.556115] rr174x:[0 2] Start channel soft reset.
[   28.556134] rr174x:[0 3] Start channel soft reset.
[   28.956572] rr174x:channel [0,0] started successfully
[   29.088461] rr174x:channel [0,1] started successfully
[   29.210253] rr174x:channel [0,2] started successfully
[   29.322073] rr174x:channel [0,3] started successfully
[   29.416168] scsi2 : rr174x

 

Update: this works in exactly the same way in Ubuntu 10.4 LTS, so presumably all recent Ubuntu versions, and probably most recent Linux distributions.


Posted in Linux | add a comment

Tuesday, October 13, 2009   1:25 PM

exim: no IP address found for host

The problem:

Mails from a particular customer are frequently being rejected by our mail server (exim) because the hostname provided by the sending mail server does not resolve to the sending IP address. For example:

2009-10-13 18:29:31 no IP address found for host mail3.example.com (during SMTP connection from [80.92.x.xx])
2009-10-13 18:29:31 H=(www3.example.com) [80.92.xx.xx] F=<support@example.com> rejected RCPT <someone@example.co.jp>: host lookup failed (80.92.xx.xx does not match any IP address for mail3.example.com)

The solution:

In an ideal world the customer's IT department (or at least whoever is responsible for their IT affairs) would fix the problem at their end, as it would be in their own interest to do so. However, experience shows that it's hard to get hold of the right person or people, let alone explain what the problem is and what they can do about it (especially if several layers of outsourcing are involved).

Failing that, it would be convenient if our mail server software had some sort of facility for whitelisting particular IP addresses / hosts. Unfortunately however, mail server administration is not my speciality, and here experience shows that even if such an option exists, I can search for hours before definitively establishing its existence (or lack thereof) and implementing it in a way which doesn't screw with the rest of the mail server configuration.

Another possibility would be to switch off hostname validation entirely (if such an option exists), however this would open the floodgates to all the spam mail which is being rejected by this test (the current mainlog has 4965 such entries for the last 13 days).

Much simple, in the end, is to add an entry for the offending hostname in /etc/hosts, a matter of a few seconds and in the short term much less invasive than messing around with the mailserver configuration. It's useful to annotate what the entry is there for of course, and also bear in mind any issues which could arise through a particular hostname being "hardwired" to a particular IP address. The latter would be the case e.g. if another application on the same server needed to access other services under the same hostname (in one case I have had to add the primary domain name of a customer to /etc/hosts so we can receive their mails).


Posted in Solutions | add a comment

Tuesday, September 29, 2009   1:00 AM

Emacs with antialiased fonts in Ubuntu / Xubuntu

When it comes to the great vi versus Emacs debate, I am firmly on both sides of the fence, using vi (or vim) for smaller, command-line based editing tasks (particularly when working on remote servers); and Emacs for software development. Unfortunately, the default Emacs installation in Linux is, to put it mildly, butt-ugly:

Screenshot of standard Emacs in Linux

(Click for full-sized version... it doesn't look quite so bad when scaled down).

Playing around with the standard font selection settings doesn't help much as the standard Emacs package does not support antialiased fonts in Linux (or more precisely X.org). However since version 23.1 XFT is supported, albeit experimentially, which provides much nicer font display:

Screenshot of emacs-snapshot package

In Ubuntu the package emacs-snapshot provides antialiased font support and seems to work without any problems.

More details on XFT-enabled Emacs are here: http://www.emacswiki.org/emacs/XftGnuEmacs


Posted in Linux | add a comment

Wednesday, September 23, 2009   2:10 PM

Mapping capslock to CTRL in Ubuntu using HAL

Over the last couple of years I've been leading a somewhat itinerant lifestyle and have been mainly relying on products from the House of Jobs for my UNIXoid computing needs. Consequently I haven't been keeping up with the latest developments in desktop Linux, and having just had the opportunity to set up a brand-new PC with Xubuntu, I'm suffering a little bit of culture shock: for some reason everything "just worked". It basically installed itself with no manual editing of configuration files necessary.

However, in Xubuntu there doesn't seem to be a simple, mouse-based way of mapping the goddam awful CAPSLOCK key to CTRL. No problem, I thought. Just let me get at /etc/X11/XF86Config /etc/X11/xorg.conf with a handy text editor, just like in the good old days. Weird. Not much in there, is there? A bit of poking around online reveals that HAL appears to have taken over, and my PC is trying to eject me from the pod bays into the vacuum of space. No, scratch that, HAL stands for "Hardware Abstraction Layer" and is something nifty which takes care of the nasty business of different sorts of hardware devices being plugged in. It also provides the capability to create XML configuration files modifying the behaviour of attached devices, such as the keyboard. The place to do this is in the directory /etc/hal/fdi/policy/ and the file can have any name, provided it ends in .fdi

For setting the caps lock key to CTRL the following appears to work:

<?xml version="1.0" encoding="UTF-8"?>
<deviceinfo version="0.2"> 
  <device>
    <match key="info.capabilities" contains="input.keyboard">
      <merge key="input.xkb.Options" type="string">ctrl:nocaps</merge>
      <merge key="input.x11_options.XkbOptions" type="string">ctrl:nocaps</merge>
    </match>
  </device>
</deviceinfo>

X.org needs to be restarted for the configuration to take effect. (Some sources indicated restarting the hal daemon will cause the new settings to be registered, but this didn't work for me.)

Note that HAL is scheduled for replacement (which might explain repeated "I can't let you do that, Dave" entries in /var/log/messages) by something called DeviceKit, which will be even niftier (though quite possibly requiring a totally different style of configuration.


Posted in Linux | add a comment

Monday, September 21, 2009   1:25 AM

Pointing an SVN working copy to a different server

Having moved a bit recently and being busy at the same time, I still haven't got round to setting up my home network quite the way I'd like it. With the result that a while back I checked out some code from a Subversion repository to a laptop, and when I came to check it back in the LAN IP of the box with the repository on it had changed. Of course the working copy was still pointing to the old IP, making it impossible to commit my code changed, and the cheap consumer-grade router which looks after the network doesn't seem capable of assigning IP addresses based on MAC address. How to get the working copy pointed at the changed IP address?

Castig about in the .svn directories in the working copy, each contains a text file named "entries" which in turn contains two lines which look like this:

svn+ssh://192.168.0.5/path/to/svn/project/trunk svn+ssh://192.168.0.5/path/to/svn

Manually updating the IP address seemed to work for that directory, so a simple

sed -i 's/svn+ssh:\/\/192\.168\.0\.5\//svn+ssh:\/\/svn.local\//'

took care of the entire working copy. Rather than just update the IP address I created an entry in /etc/hosts for svn.local, so should the repository IP address change again before I get things sorted, all I need to do is update the IP address here rather than mess about with SVN internals.

(Another workaround would be to make a tarball of the working copy without the .svn directories, delete the working copy, check it out again and untar the code over the new working copy.)


Posted in Devel | add a comment

Thursday, September 17, 2009   4:32 AM

SVN repository backup

A quick shell script to make an atomic copy of a Subversion repository using svn hotcopy:

#!/bin/bash SVNDIR=/home/svn/ BACKUPDIR=/tmp/svn.`date +%Y-%m-%d`/ BACKUPFILE=/tmp/svn.`date +%Y-%m-%d`.tgz mkdir $BACKUPDIR svnadmin hotcopy $SVNDIR $BACKUPDIR tar -C $BACKUPDIR -czf $BACKUPFILE . scp $BACKUPFILE someuser@somewhere.example.com:svnbackup/ \ && rm $BACKUPFILE && rm -rf $BACKUPDIR

Posted in Devel | add a comment

Monday, September 14, 2009   2:55 AM

Windows malware removal

Quick self-note:

MalwareBytes ( http://www.malwarebytes.org/ )

 Comboxfix ( http://www.bleepingcomputer.com/combofix/ )

MS Malicious Software Removal Tool: http://www.microsoft.com/security/malwareremove/default.aspx

Also: list of sites worth blocking: http://www.grc.com/sn/hosts_mvps_org.txt


Posted in Solutions | add a comment

Friday, August 21, 2009  12:21 AM

Preventing SSH session timeouts

When accessing a remote server via SSH from a workstation connected to the internet via e.g. a NATed router setup, quite often the SSH will just hang after a short period of inactivity.

To prevent this, add the following lines to the SSH daemon config file (usually /etc/ssh/sshd_config):

KeepAlive yes
ClientAliveInterval 30

and restart the daemon (a reload may not be effective).

Also note that the SSH session used to make the change to the SSH daemon may not benefit from the modified configuration.


Posted in Solutions | add a comment

I recently purchased an HP 2133 mini-notebook, and while it's quite a nice piece of equipment it does have some annoyances. One of which is the Synaptics touchpad, which appears to simulate a left-click of the mouse if the cursor hovers over certain GUI elements for more than a second or two - this makes working without a proper mouse a right royal pain in the posterior. This appears to be the default hardware behaviour, as the same thing happened in the pre-installed Windows Vista.

After some trawling through Google it appears the solution is to add the following line to the relevant InputDevice section of xorg.conf:

    Option "TapButton1" "0" 

After restarting X this seems to solve the problem.


Posted in Linux | add a comment