Category Archives: Linux

Keyboard layout switching to USA in Ubuntu 11.04

I recently upgraded the keyboard in my Dell E4300 from a standard USA model to a backlit UK model. All went great however I noticed that the keyboard layout kept switching back to the USA layout. It seemed to happen after every reboot, and also randomly in the middle of the session.

There’s even a bug in launchpad about it which I commented on: https://bugs.launchpad.net/ubuntu/+bug/762111

There were two factors causing the layout to switch and the USA layout to be reinstated.

Firstly when logging in the session was set to the USA layout. To fix this logout, select your user name and then look for the keyboard symbol down the bottom of the screen.

The second feature causing seemingly random switches during sessions was the “Separate layout for each window” option in Keyboard Preferences (Keyboard Preferences is in system settings and the option is on the layout tab).

If you deactivate this, remove the USA layout, apply system wide and make sure the GDM session is set to the correct layout on login you shouldn’t have any more problems with randomly switching keyboard layouts!

Getting the most out of Terminator

Terminator in action

Terminator is a must-have tool for Linux administrators. It’s a terminal emulator that supports multiple terminals via tabs, but also by dividing up its window with horizontal and vertical splits.

The user documentation is a bit sparse, in fact what you see in the man page is what you get. In this post I’ll take you through the features that I think make Terminator the best terminal emulator around.
Continue reading

Setting up a secure Ubuntu LAMP server

Disclaimer: This article is provided for your information only, and simply following this guide will not make your server “secure”. As the server administrator you are ultimately responsible for its security!

Intro

Having recently been through the process of setting up a few Ubuntu LAMP (Linux, Apache, MySQL, PHP) servers lately I thought I’d make an article out of my notes and provide a starters guide to setting up the LAMP stack on Ubuntu.

It goes without saying that the only truly secure computer is one with no network connection, no ports or input devices and is locked in a bank vault, but such a machine is not terribly useful. Regretfully, compromises must be made to allow functionality! Besides presuming insecurity, there are a lot of things you can do to make your server more secure and keep out the vast majority of would-be hackers running port scans, meta-exploit scripts and dictionary attacks.
Continue reading

A quick look at Unity in Ubuntu 11.04

I usually jump on the latest Ubuntu release before it hits the final release stage, but this time it was with a bit more trepidation than usual. You see they’ve replaced the shell with a completely new one – Unity. And to say that not everyone likes it would be a minor understatement.

The good news is that Unity is undoubtedly a step forward in practical user interface terms. The classic Gnome panel is really showing its age, and doesn’t lend itself to wide screen formats due to having panels on both the top and bottom of the screen. SUSE addressed this by created a start menu like launcher, but it was always a bit clunky and barely an improvement over Windows XP.

So how is Unity different? It is perhaps more informative to talk about how it is similar…
Continue reading

Recovering a RAID5 mdadm array with two failed devices

Update 1/11/2019

If you’ve reached this article by Googling how to recover a RAID array, I suggest you don’t use this guide. The Linux RAID wiki has much more correct, complete, and authoritative information. In retrospect I was very lucky not to destroy the data, but this article is an interesting account of how I did it.

Update

Before reading this article you should know that it is now quite old and there is a better method – ‘mdadm –assemble –force’ (it may have been there all along). This will try to assemble the array by marking previously failed drives as good. From the man page:

If mdadm cannot find enough working devices to start the array, but can find some devices that are recorded as having failed, then it will mark those devices as working so that the array can be started.

I would however strongly suggest that you first disconnect the drive that failed first. If you need to discover which device failed first, or assemble doesn’t work and you need to manually recreate the array, then read on.

I found myself in an interesting situation with my parents home server today (Ubuntu 10.04). Hardware wise it’s not the best setup – two of the drives are in an external enclose connected with eSATA cables. I did encourage Dad to buy a proper enclosure, but was unsuccessful. This is a demonstration of why eSATA is a very bad idea for RAID devices.

What happened was that one of the cables had been bumped, disconnecting one of the drives. Thus the array was running in a degraded state for over a month – not good. Anyway I noticed this when logging in one day to fix something else. The device wasn’t visible so I told Dad to check the cable, but unfortunately when he went to secure the cable, he must have somehow disconnected the another one. This caused a second drive to fail so the array immediately stopped.

Despite having no hardware failure, the situation is similar to someone replacing the wrong drive in a raid array. Recovering it was an interesting experience, so here I’ve documented the process.
Continue reading

Splitting files with dd

We have an ESXi box hosted with Rackspace, it took a bit of pushing to get them to install ESXi it in the first place as they tried to get us to use their cloud offering. But this is a staging environment and we want something dedicated on hardware we control so we can get an idea of performance without other people’s workloads muddying the water.

Anyway, I’ve been having a bit of fun getting our server template uploaded to it, which is only 11GB compressed – not exactly large, but apparently large enough to be inconvenient.

In my experience the datastore upload tool in the vSphere client frequently fails on large files. In this case I was getting the “Failed to log into NFC server” error, which is probably due to a requisite port not being open. I didn’t like that tool anyway, move on.

The trusty-but-slow scp method was also failing however. Uploads would start but consistently stall at about the 1GB mark. Not sure if it’s a buffer or something getting filled in dropbear (which is designed to be a lightweight ssh server and really shouldn’t need to deal with files this large), but Googling didn’t turn up much.
Continue reading

Likewise Open – problems rejoining domain after upgrade

There seems to be a common problem with Likewise open not gracefully upgrading on Ubuntu, e.g. – upgrading a system from the distribution supplied Likewise-open 5 in Ubuntu 10.10 to the latest packages from the Likewise website (Likewise 6.0 at the time of writing).

The system in this case was an old Ubuntu 9.10 server using Likewise Open 5. After some patching and an update to the current vmware tools it started failing to authenticate domain users, so I decided to upgrade to the latest version. However after the upgrade I was getting an error when trying to join the domain:

Error: ERROR_FILE_NOT_FOUND code 0x00000002

The obvious solution is to remove all likewise packages and purge the config, however that didn’t seem to work either. What DID work, was removing & purging the config, manually removing a few directories that were not empty, purging a few other seemingly related packages which were marked as no longer required after the uninstall, and finally reinstalling.
Continue reading

Google Search from the command line

I won’t go into the details of why you would want to do this, suffice to say that I do and searched for a wee while on the best way to do it. Bizarrely Google’s own CLI tools don’t include search.

The only 3rd-party solutions I could find open the results in a web browser, which isn’t really what I wanted. So I wrote a REALLY ugly one-line script, but it works for me, so why not share. Maybe it will inspire someone with more talent!

It requires curl and vilistextum which aren’t in a default Ubuntu install, for more barebones OS’s you may need to install awk as well.

#!/bin/bash

curl -A "Mozilla/4.0" "http://www.google.com/search?q=$1%20$2%20$3" | vilistextum -k - - | awk 'NR > 23' | less

Then chmod +x it, install the script in /usr/bin and you can search from the commandline by typing [nameOfScript] [search terms]. e.g. to search for “testing 123” I type:
g testing 123

Yes there’s a lot wrong with this, for a start if you want more than 3 search terms you’ll have to add another argument (%20$4) after the q= string. I’m sure there’s a more elegant way of doing it by using $@, or $# to get the number of arguments and combining them all in a loop. But then it becomes a 5-line script rather than 1.

Also the result is not exactly pretty, but if you use a graphical terminal such as gnome-terminal all the links will be clickable and will open in your default browser.

Alternatively you could pipe the result to lynx, which actually parses html properly, but then any links would open in lynx which is not what I wanted:

#!/bin/bash

curl -A "Mozilla/4.0" "http://www.google.com/search?q=$1%20$2%20$3" | lynx --stdin

.

Bash script to alert when memory gets low

We have a web server that’s running out of memory about once every couple of weeks. The problem is that when it happens the swap file is totally full, the system is unresponsive and it usually needs a hard reboot. So it’s a bit difficult to debug. To avoid digging through log files I don’t understand I elected to put a script in /etc/cron.hourly which checks the total amount of free memory (including swap and physical). If there is less than 256mb free (this server has 512mb of ram and a 1gb swap so at this point the situation is serious), it dumps the process list to /tmp/processes.txt and sends me an email with it attached.

Note that mutt must be installed (‘apt-get install mutt’ on Debian/Ubuntu, or ‘yum install mutt’ on RedHat/CentOS).

#!/bin/bash

free=`free -mt | grep Total | awk '{print $4}'`

if [ $free -lt 256 ]; then
        ps -eo %mem,pid,user,args >/tmp/processes.txt
        echo 'Warning, free memory is '$free'mb' | mutt -a /tmp/processes.txt -s "Server alert" [email protected]
fi

Then of course make it executable and symlink to cron.hourly:

chmod +x /etc/scripts/memalert.sh
ln -s -t /etc/cron.hourly/memalert.sh /etc/scripts/memalert.sh

Au Revoir Ubuntu, Bonjour Fedora

If you check the about page and previous posts you’ll note that I’ve been travelling the past few months. In fact I’ve just settled in London and started looking for a job.

There are several shortcomings on my CV that have made it difficult to get past the recruitment agents for a lot of the roles I am interested in. Firstly there’s the lack of big corporate experience – I worked as a technical consultant on a major corporate contract for close to 6 months but the majority of my experience (including almost all of my “BAU” experience) has come from the education sector. Secondly, there’s lack of experience on 100+ Linux server sites (unfortunately no schools are that big in New Zealand, and we don’t have the federated district IT model that many state schools operate in the US). Finally and perhaps most critically is the lack of production experience with Red Hat Linux.

My own personal Linux dabbling experience has come from Ubuntu and Debian Linux. At work it’s been Debian and SUSE. However the number of roles that mention these distributions in the UK is insignificant compared to the number that mention RedHat and CentOS (CentOS is a clone of Red Hat Enterprise Linux, basically Red Hat with all the branding stripped and separately maintained repositories). In New Zealand Red Hat is hardly an endangered species, but roles that mention it are similar in number to those that mention Debian, SUSE and even Ubuntu, so lack of experience with it is not really an issue.

In the UK however, it most certainly is an issue for recruiters searching for “Red Hat” in CV databases. So it is for this reason that I must farewell Ubuntu and switch to the red team – which if I am to take this seriously means adopting Fedora (presently Fedora 13) for my day to day computing.

I made the switch yesterday, and so far no problems. There is less hand-holding for sure, but I like how it doesn’t try to hide what’s happening under the hood. The flexible installer was also nice, if not as attractive as Ubuntu’s. I also like how Fedora ships software as the upstream maintainers intended – this strikes me as a more sustainable long term solution than having to backport distribution-specific patches every release, but at the same time it doesn’t have the “coherent vision” of Ubuntu, and there are some niceties in Lucid that I really appreciated such as the messaging notification area.

As a professional tool for software developers and Linux IT professionals, Fedora is a fine choice. For end-users and Linux enthusiasts who don’t have to use a specific distribution in their work, Ubuntu is generally an easier distribution to get in to. In fact I wouldn’t recommend Fedora for anyone other than Linux geeks because only the two most recent versions are supported. This means a forced upgrade every 12 months minimum. Ubuntu LTS releases on the other hand are supported for 3 years on the desktop and 5 on the server. The previous 8.04 LTS release will still be supported on the desktop until April 2011. Install Lucid today and you will get security updates for it until April 2013.

Why not CentOS 5.5? Too old. Having been accustomed to the current versions of software shipped with Ubuntu it’s a bit hard to go back to Gnome 2.16! (Gnome 2.16 was released in September 2006 and was the version shipped with Ubuntu 6.10, Fedora 13 ships with the current stable 2.30 release).
As desktop distributions, CentOS and RHEL are simply too far behind to be competitive, except in large environments with legacy apps which require absolute stability of APIs. However modern applications are often browser based, so for any environment considering a desktop deployment of Linux that doesn’t depend on legacy desktop software, I’d be suggesting a very hard look at Ubuntu LTS.

Despite the title I won’t be abandoning Ubuntu entirely, in fact I play to keep tabs on each release (maybe even dual boot to test each one) but professional needs have dictated that I upskill in “the Red Hat way”. Let’s hope this has a happy ending!