Author Archives: Arun Natarajan

My Favourite MAC OS X applications

Text Editor

vi

Text Edit

Smultron: http://www.peterborgapps.com/smultron/

Komodo Edit: http://www.activestate.com/komodo-edit

Voice/Video Calls

Skype : http://skype.com

Google talk (browser plugin): : http://www.google.com/chat/video

G+ hangout

Web Browser

Firefox: http://www.mozilla.com/en-US/firefox/fx/

Chrome: http://www.google.com/chrome

Twitter Client

A Plus: http://www.aplus-app.com/

IM

Adium: http://adium.im/

Office Documents

Libre office: http://www.libreoffice.org/

Video Player

VLC: http://www.videolan.org/vlc/

Miro: http://www.getmiro.com/ ( an excellent stream and bit torrent client as well)

VOIP

Express Talk(free edition) : http://www.nch.com.au/talk/talkmaci.zip

Virtulization

VMware Fusion : http://www.vmware.com/products/fusion/overview.html

Sun Virtual Box (free): http://www.virtualbox.org/

Parellels: http://www.parallels.com/

PDF viewer

Adobe Reader: http://get.adobe.com/reader/

Audio Editing

Audacity: http://audacity.sourceforge.net/

Disk burning

Burn: http://burn-osx.sourceforge.net/

Disk Image backup

Carbon copy cloner: http://www.bombich.com/

VNC client

Chicken of the VNC: http://sourceforge.net/projects/cotvnc/

IPSEC VPN

Cisco Any connect

Subversion

Command line as always

Cornerstone, good if you require an interface: http://www.zennaware.com/cornerstone/index.php

Image Manipulation

GIMP: http://www.gimp.org/

Picasa: http://picasa.google.com/mac/

Xee: http://wakaba.c3.cx/s/apps/xee

Password Management

KeePassX: http://www.keepassx.org/

GPG Key Chain

MAC GPG: http://macgpg.sourceforge.net/

Terminal

iTerm: http://iterm.sourceforge.net/

The default terminal is really nice in Lion

Mail

Thunderbird: http://www.mozillamessaging.com/en-US/thunderbird/

Diagram

OmniGraffle: http://www.omnigroup.com/products/omnigraffle/

Packet Analysis

wireshark: http://www.wireshark.org/

./arun

 

 

 

Install Cpanel on FreeBSD 8.2

– Install FreeBSD with proper network and file system configuration (Ref:  http://docs.cpanel.net/twiki/bin/view/AllDocumentation/InstallationGuide/Quick-StartInstallationGuide)

– Install dependency packages:

# pkg_add -r wget

# pkg_add -r perl

# pkg_add -r rsync (required later for ports sync)

# pkg_add -r gmake

To Fix:

creating glibconfig.h
config.status: executing default commands
gmake: not found
child exited with value 127
Died at /usr/local/cpanel/bin/rrdtoolinstall line 109.

# pkg_add -r png // To fix the following error

To Fix : configure: error: requested PNG backend could not be enabled

– Create the following symlinks

# ln -s /usr/local/bin/wget /usr/bin/wget

# ln -s /lib/libcrypt.so.5 /lib/libcrypt.so.2 // To Fix: Shared object “libcrypt.so.2” not found,

# ln -s /lib/libc.so.7 /lib/libc.so.5 // To Fix: Shared object “libc.so.5” not found

ln -s /lib/libm.so.5 /lib/libm.so.3 // To Fix: “libm.so.3” not found

– Install Cpanel

cd /home

wget -N http://httpupdate.cpanel.net/latest

sh latest

– Once installation successful activate the license (make sure the ip is licensed –  http://www.cpanel.net/apps/verify/)  :

#  /usr/local/cpanel/cpkeyclt

– Start Cpanel

– Touch the following file

# touch /etc/rc.d/init.d/function // To fix:  Could not find functions file, your system may be broken

# /etc/init.d/cpanel start

Now you should be able to access Cpanel at https://< yourip >:2087/

Try to upgrade

Exim: /scripts/eximup –force (this will get the free bsd ports as well)
Cpanel : # /scripts/upcp

./arun

 

 

Drupal 7 issue with SQL Mode TRADITIONAL

PDOException: SQLSTATE[42000]: Syntax error or access violation: 1231 Variable ‘sql_mode’ can’t be set to the value of ‘TRADITIONAL’ in lock_may_be_available() (line 165 of /includes/lock.inc).

This was the case when I installed Drupal 7 with Cpanel/Fantastico, the drupal site was displaying the above error.

This issue is discussed at drupal issues . try to patch it as mentioned in the url.

But for me it works with the following change, just removed the TRADITIONAL mode, not  sure it is the correct way to fix it. You can verify the sql modes at http://dev.mysql.com/doc/refman/5.0/en/server-sql-mode.html ,  Anyway now there is no errors in drupal site and I am able to login.

(includes/database/mysql/database.inc) Line: 65

New file
<  $this->exec(“SET sql_mode=’ANSI,ONLY_FULL_GROUP_BY'”);

Old file
>  $this->exec(“SET sql_mode=’ANSI,TRADITIONAL'”);

Also setting up the sql connection mode to SET SESSION sql_mode = "ANSI,TRADITIONAL"; is an option instead of above change.

./arun

 

 


Install and configure RSA web agent with Redhat EL5 and Apache

Login to RSA interface:

– Create the apache server as agent host with type web agent
– Generate the config file (zip file containing sdconf.rec) from RSA interface, and download to your local machine

Login to the web server

– Download the RSA web agent installation files from RSA website.

# mkdir -p /var/ace

– Copy and extract (sdconf.rec) the downloaded config file
# chmod 755 sdconf.rec

– Create the sdopts.rec file with the ip address of the machine, if you have multiple ip address assigned to the server or if the RSA we agent is a virtual machine. Otherwise the authentication might break with following kind of errors
“100: Access denied. The RSA ACE/Server rejected the Passcode. Please try again.” , “attempted to authenticate using authenticator “SecurID_Native”. The user belongs to security domain “SystemDomain””

# echo "CLIENT_IP=" > sdopts.rec
# chown -R webuser:webuser /var/ace

– Now install the RSA web agent

# tar xvf WebAgent_70_Apache_RHEL5_32_379_08201024.tar
# cd CD/
# chmod u+x install
# ./install

– Enter the location of sdconf.rec

– Configure the apache virtual host

It was found that web agent breaks if apache starts multiple server thread, so would be better to limit the thread.

< IfModule prefork.c >
StartServers 1
MinSpareServers 1
MaxSpareServers 1
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
< /IfModule >

– Now start apache and you will be able to access the RSA web interface.

Once authenticated, the RSA server will create a node secret for the agent host and will be copied automatically to the web server.

This web interface is mainly useful for the token users to reset or enable to token assigned to him.

./arun

Changing RSA passwords

 

Reset SSH Password:
——————-
Log in to Operations console (Master):

Administration --> Networking --> Configure connectivity using SSH

Do the same procedure on Replica also (if any), it is manual process.

Reset Operations console password:
———————————-
Login to the master appliance with SSH

$ sudo -s // sudo as root
# su - rsaadmin // change user to rsaadmin
$ cd /usr/local/RSASecurity/RSAAuthenticationManager/ //navigate to RSA installation path
$ cd utils
$ ./rsautil manage-oc-administrator -a update // Execute

// Enter Super administrators name
// Enter Super administrators password
// Enter operation console user
// Set the new password

Do the same steps on replica
Error: This operation can be performed only on a primary instance.
But the password got changed

Reset Master password:
———————
Login to the master appliance with SSH

$ sudo -s // sudo as root
# su - rsaadmin // change user to rsaadmin
$ cd /usr/local/RSASecurity/RSAAuthenticationManager/ //navigate to RSA installation path
$ cd utils
$ ./rsautil manage-secrets --action change --new-password <enter_the_new_password>

Do the same procedure on the replica device.

Reset Security Console Password:
———————————
Login to Security Console

Identity-->Users-->Manage Existing // Search for your admin username in internal datase

Change password for the admin user
This action will be automatically replicated to replica.

./arun

Configure IPv6 squid

Squid 3.1+ support IPv6

– Compile and install 3.1.x version of squid.

# useradd -d /opt/squid squid

# wget http://www.squid-cache.org/Versions/v3/3.1/squid-3.1.11-20110228.tar.gz

# tar xvzf squid-3.1.11-20110228.tar.gz

# cd squid-3.1.11-20110228; ./configure –prefix=/opt/squid/

# make; make install

# /opt/squid/sbin/squid -z

Configure squid

edit /opt/squid/etc/squid.conf

cache_effective_user squid

acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

acl to_ipv6 dst ipv6
http_access allow to_ipv6 !all
tcp_outgoing_address 2001:: to_ipv6
tcp_outgoing_address 12.34.56.78 !to_ipv6

And add necessary acls to allow access for your network to squid.

Testing:

$ telnet <v6_address> 3128
Trying 2001::…
Connected to 2001::..
Escape character is ‘^]’.
get http://ipv6.google.com/
HTTP/1.0 200 OK

Check the access.log to make sure

1298965141.719    477 2001:: TCP_MISS/200 25918 GET http://ipv6.google.com/ – DIRECT/2a00:1450:8002::6a text/html

Performance issues with KVM – Redhat

The general performance issue with KVM is due to DISK I/O

– by default the Redhat KVM guest are created with x86_64 architecuture, if you installed 32 bit operating system change this to i686.

<os>
<type arch=’i686′ machine=’rhel5.6.0′>hvm</type>
<boot dev=’hd’/>

– Make sure the hypervisor used is correct in the configuration , either qemu or kvm

<domain type=’kvm’>

or

<domain type=’kvm’>

– Use virtio drivers if the guest is paravirtulized (http://www.ibm.com/developerworks/linux/library/l-virtio/index.html?ca=dgr-lnxw97Viriodth-LX&S_TACT=105AGX59&S_CMP=grlnxw97 http://publib.boulder.ibm.com/infocenter/lnxinfo/v3r0m0/index.jsp?topic=/liaat/liaatbpparavirt.htm)

./arun

yum update, IndexError: tuple index out of range

If you happen to get this error while updating server with yum update

.
.
.
File “/usr/lib/python2.4/site-packages/M2Crypto/m2urllib2.py”, line 82, in https_open
h.request(req.get_method(), req.get_selector(), req.data, headers)
File “/usr/lib/python2.4/httplib.py”, line 813, in request
if v[0] != 32 or not self.auto_open:
IndexError: tuple index out of range

disable the location aware access from rhn.

Ref:
http://kbase.redhat.com/faq/docs/DOC-16881

./arun

Converting LVM virtual machine storage to image

To convert the LVM disk to qcow2 formatted disk image,

Use lvdisplay to get the Logical volume name

$ sudo lvdisplay

Use qemu-img to convert to the required image format

# qemu-img convert -O qcow2 /dev/mapper/lv_name <destination_file>.qcow2

eg:

# qemu-img convert -O qcow2 /dev/mapper/disk1 disk1.qcow2

This will be useful to replicate the virtual machines to other hardware.

./arun

Install CyanogenMod 6 (Android 2.2 Froyo alternative) on HTC Dream (ADP1)

Atlast managed to get the 2.2 flavour on ADP1. (this installation is only applicable for root’d Android developer phone HTC dream)

  • Requirements:

Tools: fastboot

images:
Amon_Ra 1.7.0 ( http://files.androidspin.com/downloads.php?dir=amon_ra/RECOVERY/&file=recovery-RA-dream-v1.7.0.img )
radio image for adp1 (http://sapphire-port-dream.googlecode.com/files/ota-radio-2_22_19_26I.zip)
update-cm-6.0.0-DS-signed.zip (http://forum.cyanogenmod.com/files/file/95-update-cm-600-ds-signedzip/)
gapps-mdpi-tiny-20100926-signed.zip (http://forum.cyanogenmod.com/files/file/124-google-addon-mdpi-tiny-20101020/)
DangerSPL (http://sapphire-port-dream.googlecode.com/files/spl-signed.zip)

  • Procedure:

Ref : http://wiki.cyanogenmod.com/index.php?title=Full_Update_Guide_-_Android_Dev_Phone_1#Installing_a_Custom_Recovery_Image

– Download and copy all these images to the root of your sdcard except the recovery image

  • Install custom recovery image:

– boot the phone in fastboot mode by pressing camera button while rebooting

– From your machine make sure the device is visible

# ./fastboot-mac devices
HT845Gxxxxx fastboot

– flash the cyanogen recovery image and reboot

# ./fastboot-mac flash recovery recovery-RA-dream-v1.7.0.img
sending ‘recovery’ (4594 KB)… OKAY
writing ‘recovery’… OKAY

# ./fastboot-mac reboot

– Once the phone is rebooted make sure  you have the 1.7 recovery image

  • Flash the radio image

Now flash the radio once the phone rebooted to recovery RA 1.7.0 by pressing the home button while rebooting
– select install zip from sdcard and choose the radio image , once the installation is done reboot the phone and make sure that you have the 2_22_19_26I base band version


  • Flash danger spl now

Ref: http://wiki.cyanogenmod.com/index.php?title=DangerSPL_%26_CyanogenMod_5/6#Install_DangerSPL

boot the phone in recovery mode, and select install zip from sdcard and select install the danger spl image, reboot

This will update the Hboot to 1.33.2005,  this is required to increase the ROM size to hold the cm6 image.

  • flash the cyanogen mode 6 images

Ref : http://wiki.cyanogenmod.com/index.php?title=DangerSPL_%26_CyanogenMod_5/6#Installing_CyanogenMod_ROM

boot the phone again in recovery mode, select and install the cm 6 image, reboot the phone and make sure that you can boot in to the new cyanogen 6.

  • Install the google addons

The important thing is dont install the full version of google apps on ADP1 just use the MDPI tiny version. otherwise the phone cannot boot properly.

Ref: http://wiki.cyanogenmod.com/index.php?title=Latest_Version#Google_Apps

Now clear wipe the cache and reboot the phone, That is it. Now you have ADP1 installed with Cyanogenmod 6, Enjoy..

./arun

Install *.apk to android phone

It was disappointing that the android devices selling in most of the gulf countries doesnt have market place installed 🙁 – One of the core and major feature of androis is missing.

Anyway the softwares available in Android Package file (apk) can be installed by downloading it to the pc using adb

eg: to install slide me market place, an alternative for google market place.
download the latest apk from http://slideme.org/.
$ ./adb install ~/sam2.apk
1686 KB/s (506724 bytes in 0.293s)
pkg: /data/local/tmp/sam2.apk
Success

./arun

Exporting display over ssh

To export the display from a remote server over ssh:

ssh -X user@host

Just made sure that, X11 forwarding is enabled on the sshd_config .

Once the connection is made, you can make sure the display is exported using:

# echo $DISPLAY
localhost:10.0

if the value is empty, make sure you have the necessary package (mkxauth) installed to create .XAuthority file.

./arun

IPv6 configuration for KVM guests

It is simple and straight forward to enable IPv6 on KVM guests

Configure the host machine with IPv6 Address on the bridge interface

cat ifcfg-br0

IPV6INIT=yes
IPV6ADDR=xxxx.xx::10
IPV6_DEFAULTGW=xxxx.xx::1
IPV6_AUTOCONF=no

Configure the interface on virutal machines with ipv6 address

cat ifcfg-eth0

IPV6INIT=yes
IPV6ADDR=xxxx.xx::11
IPV6_DEFAULTGW=xxxx.xx::1
IPV6_AUTOCONF=no

Add the the necessary firewall rules to ip6tables on the host machine

-A FORWARD -m physdev –physdev-is-bridged -j ACCEPT.

./arun

NAT with port forwarding on Virtual Box

You can use the host-only-adapter networking, if you require the virtual machine to be accessible only from the host machine. In this case your virtual machine will not have access to anywhere outside the host. Read more about virtual box networking at http://www.virtualbox.org/manual/ch06.html

On the other hand NAT enabled interface can communicate with clients outside the host, but the host cannot access the services on the virtual machine directly. We need to enabled port forwarding with NAT interface to achieve this.

On Linux:
If you need to have ssh accessible from host machine to virtual machine,

$ VBoxManage modifyvm "VM Name" --natpf1 "openssh,tcp,127.0.0.1,2222,,22"

Where –natpf1 is for adapter1, openssh is just a anme, and you can also input the ip address of virtual machine like

$ VBoxManage modifyvm "VM Name" --natpf1 "openssh,tcp,127.0.0.1,2222,10.0.2.20,22"

(assume the virtual machine ip is 10.0.2.20)

Now you can make ssh connection from host like, $ ssh localhost -p 2222

We can use same port number for port number about 1024 , say for a service running on port 8080 we can forward it with

VBoxManage modifyvm "VM Name" --natpf1 "proxy,tcp,127.0.0.1,8080,10.0.2.20,8080"

These rules will be added to the .VirtualBox/Machines/machine_name/machine_name.xml file like:
< Forwarding name="openssh" proto="1" hostip="127.0.0.1" hostport="2222" guestip=10.0.2.20 guestport="2222"/>

You can forward connection to any port on virtual host like this.

Make sure that the virtual machine interface is closed and the vm is not running while you change it, otherwise the changes will not take effect.

On Windows:

VBoxManage setextradata "VM Name" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/guestssh/Protocol" TCP
VBoxManage setextradata "VM Name" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/guestssh/GuestPort" 22
VBoxManage setextradata "VM Name" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/guestssh/HostPort" 2222

* Replace VM Name with your virtual instance name

./arun

Convert KVM images to Virtual Box (VDI)

It took a while to get the KVM image working with Sun virtual box.

The advantages of a virtual box image is, you can run it on any platform (linux, mac or windows), works without virtualization enabled processor and will work on a 32bit machine
Here are the steps to create an image that works with virtual box:

From the KVM installed server

$ qemu-img convert kvm-os.img -O raw kvm-os-raw.img

Copy the image (kvm-os-raw.img) to virtual box machine

$ VBoxManage convertfromraw --format VDI kvm-os-raw.img vbox.vdi

Converting from raw image file=”kvm-os-raw.img” to file=”vbox.vdi”…
Creating dynamic image with size ….

This will create a virtual box compatible image
Incase required you can compact the image to actual size

$ VBoxManage modifyvdi /home/user/vbox.vdi compact

0%…10%…20%…30%…40%…50%…60%…70%
Here the path to vdi image must be absolute.

Now you can create a new virtual machine from virtual box console/command line, with the vdi image as storage.
Boot the machine and hope for the best 🙂
But it wasn’t easy for me even after this beautiful vdi image, boot hangs with a kernel panic, file system not found.

To fix this issue, we need to recreate the initrd image in the virtual machine:
instructions to do it for redhat:
– Boot the virtual machine in rescue mode with Redhat CD

> linux rescue

# chroot /mnt/sysimage

take a backup of existing initrd

# cp /boot/initrd-2.6.xxx.img initrd-2.6-old

create new initrd image

# mkinitrd -v /boot/initrd-new.img kernel-version

// eg: mkinitrd -v /boot/initrd-new.img 2.6.18-194.8.1.el5

edit the grub configuration and replace the initrd image name with new one

# cat /boot/grub/menu.lst

Reboot the machine and see if it boots 🙂

Hope this will be helpful for someone, I spent hours to get it working 🙂 .
./arun

Netboot KVM guest

To install the KVM guest operating system (eg: RHEL) from the network
– Create the bridge interface on the KVM host machine (http://arunnsblog.com/2010/04/09/virtualization-with-kvm-under-redhat-linux-migrate-vmware-virtual-images-to-kvm/)
– Make sure that the gateway is configured in the bridge interface (GATEWAY=).
– Make sure that you have the required rules added to the iptables:
-A FORWARD -m physdev --physdev-is-bridged -j ACCEPT
– Create virtual machine with supported network interface type (pcnet, rtl8139 used to work)
– Add the mac address of kvm guest to the dhcp server

Start the virtual machine and see if it can kick start from the network.

You can trouble shoot with a tcpdump on the KVM host machine:
tcpdump -i br0 port bootps -vvv -s 1500

./arun

Compile and install python with mysql for users

To run custom python version for a useraccount:

download the latest version of python

$ wget http://www.python.org/ftp/python/2.6.5/Python-2.6.5.tgz
$ tar xvzf Python-2.6.5.tgz
$ cd Python-2.6.5
$ ./configure --prefix=/home/username/python-2.6.5
$ make
$ make install

Install setuptools
as root:

# ln -s /home/username/python-2.6.5/bin/python2.6 /usr/bin/ *this is required for setuptools

as normal user:

$ wget http://pypi.python.org/packages/source/s/setuptools/setuptools-0.6c11.tar.gz#md5=7df2a529a074f613b509fb44feefe74e
$ tar xvzf setuptools-0.6c11.tar.gz
$ sh setuptools-0.6c11-py2.6.egg --prefix=~/python-2.6.5/

download mysql-python

$ wget http://downloads.sourceforge.net/project/mysql-python/mysql-python-test/1.2.3c1/MySQL-python-1.2.3c1.tar.gz?use_mirror=citylan
$ tar xvzf MySQL-python-1.2.3c1.tar.gz
$ cd MySQL-python-1.2.3c1
$ /home/username/python-2.6.5/bin/python setup.py build
$ /home/username/python-2.6.5/bin/python setup.py install

Done:

sh-3.00$ python2.6
Python 2.6.5 (r265:79063, May 23 2010, 14:40:28)
>>> import MySQLdb
>>>

./arun

KVM image on LVM

Convert qcow2/raw images to LVM logical volume to use with KVM:

– Convert the qcow2 image to raw format (if it is in qcow2)
$ qemu-img convert image.qcow2 -O raw image.raw

– Create the physical volume for LVM
# pvcreate /dev/sdb
(replace the device with correspond to the system)

– Create the volume group
# vgcreate pool1 /dev/sdb
(replace pool1 with the name as required)

– Create Logical volume with same size as the image
# lvcreate -n justaname --size 50G pool1
(replace justaname and size as per the requirements)
Use lvresize incase you required the change the volume size

– dd the raw image to lvm logical volume
# dd if=image.raw of=/dev/pool1/justaname bs=8M
(Change the block size according to the requirements.

Edit the kvm xml configuration for the corresponding virutal machine to use the logical volume

< disk type='block' device='disk' >
< source dev='/dev/pool1/justaname'/ >
< /code >

./arun