LUG Community Blogs

Mick Morgan: raid performance

Planet ALUG - Mon, 02/05/2016 - 16:46

I have recently been building a new NAS box (of which, possibly, more later). In fact the build is really a rebuild because I initially built the server about three years ago in order to consolidate a bunch of services I was running on assorted separate servers into one place. That first build was a RAID 1 array of two 2 TB disks (to give me a mirrored setup with a total of 2 TB store). At the time that was sufficient to hold all my important data (backed up both to other networked devices and to standalone USB disks for safety). But I have just upgraded my main desktop machine to a nice shiny new core i7 Skylake box with 16 GB of DDR4 and a 3 TB disk. That disk is already two thirds full (my old machine had a rather full 2 TB disk). This meant that my NAS backup storage requirements exceeded the capacity of my RAID 1 setup. Adding disks wouldn’t help of course because all that would do is add mirror capability rather than capacity. So I decided to upgrade the NAS and bought a bunch of new 2 TB disks with the intention of setting up a RAID 5 array of 4 disks, thus giving a total storage capacity of 6 TB (8 TB minus 2 TB for parity). Furthermore I initially looked at using FreeNAS rather than my usual debian or ubuntu server with software RAID simply because it looked interesting and, with plugins, could probably meet most of my requirements. But I could not get the software to install properly and after three abortive attempts I gave up and decided that I didn’t really like freeBSD anyway….

So I opted to go back to mdadm on linux – at least I know that works. Better still I would be able to retain all my old setup from the old RAID 1 system without having to worry about finding plugins to handle my media streaming requirements, or owncloud installation, for example.

My previous build was on debian (which is by far my preferred server OS) but ubuntu server has recently been released in a LTS version at 16.04 and I thought it might be fun to try that instead. So I did. (For any readers who have not tried installing linux on a RAID system there are plenty of sites offering advice, but the official ubuntu pages are pretty good). During the build I hit what I initially thought was a snag because the installation seemed to get stuck at around the 83% level when it was apparently installing the linux kernel image and headers. Indeed I confess that on the first such installation I pulled the plug after about three hours of no apparent activity because I was beginning to think that there might be something wrong with my hardware (the earlier FreeNAS failures worried me). My on-line searches for assistance were initially not particularly helpful since none of the huge number of sites advising on software RAID installation bothered to mention that initial RAID 5 build (or rebuild) using large capacity disks takes a very long time because of the need to calculate the parity data. Incidentally, it is this parity data and its layout that gives RAID 5 its write performance penalty.

One useful outcome of my research about RAID 5 build times (which in my case eventually took just over 6 hours) was my discovery of the wintelguy’s site providing an on-line calculator (and much more besides) for RAID performance and capacity. There is even a very useful page allowing you to compare two separate configurations side by side – thoroughly recommended. More worrying, and thought provoking, is the reclaime.com calculator for RAID failure. That site suggests that the probability of successfully rebuilding a RAID 5 array of 4 * 2 TB disks after a failure is only 52.8%.

That is why you need to keep backups…….

Categories: LUG Community Blogs

Chris Lamb: Free software activities in April 2016

Planet ALUG - Sat, 30/04/2016 - 23:20

Here is my monthly update covering a large part of what I have been doing in the free software world (previously):

  • Added Python 3 support to django-template-tests, a tool to perform simple static analysis on Django templates. (#1)
  • Corrected my Chrome extension for the FastMail web interface to not disable the CTRL+Enter keyboard shortcut when authoring emails. (#3)
  • Corrected a subtle bug in my django-staticfiles-dotd "staticfiles" library where the Content-Length HTTP header was calculated incorrectly in the presence of Unicode characters resulting in truncated output. (#2)
  • Various fixes to django-slack, a library to easily post messages to the Slack group-messaging utility from projects using the Django web development framework:
    • Don't require an explicit backend import when using the Celery task queue backend. (#41)
    • Actually generate and send messages asynchronously when using the Celery backend. (#44)
  • Fixed an issue with my local-debian-mirror tool where the option to disable DEP-11 mirroring wasn't working. (#1)
  • Fixed an issue in django-hipchat, a library to easily post messages to the Hipchat group-messaging utility from projects using the Django web development framework where the templates were not includes when installing via PyPI. (#1)
  • Created a quick-and-dirty tool to scrape a Squarespace blog and convert it to a PDF so I can read them on my Kindle e-reader. (tree)
  • Updated django-keyerror — a library to post exceptions to the KeyError.com error tracking service — to silence an AttributeError exception in some error-reporting edge-cases. (commit)
  • Suggested an improvement to the documentation for the upcoming Twitter Bootstrap version for the deprecated .hidden and .show CSS classes. (#19789)
  • Submitted a documentation update to the Ansible sever configuration tool's ufw firewall module. (commit)
  • I also blogged about parsing Jenkins CI output to determine job success or failure.
Debian

My work in the Reproducible Builds project was covered in our weekly reports. (#48, #49, #50, #51 & #52)

Uploads
  • redis (2:3.0.7-3) — Adding, amongst some other changes, systemd LimitNOFILE support to allow a higher number of open file descriptors.
RC bugs

I filed 58 FTBFS bugs against agg, basex, c++-annotations, camera.app, cl-babel, cl-lparallel, collab-qa-tools, diagnostics, enjarify, enscript, felix-main, girara, gnome-shell-pomodoro, golang-github-spf13-viper, gst-plugins-base0.10, gstreamer0.10, guessnet, htslib, ifrit, indicator-session, jackson-module-afterburner, kamera, lgogdownloader, libbde, libmlx4, libsqlite3-0:, libykneomgr, nifti2dicom, node-starttls, nuitka, oath-toolkit, pdf-presenter-console, perlbal, poker-engine, pycountry, pysycache, python-oslo.privsep, python-shade, r-cran-tgp, raincat, rapache, resteasy, ruby-crb-blast, ruby-email-reply-parser, ruby-gollum-lib, samtools, sipwitch, sooperlooper, tomcat-maven-plugin, transmission, trivial-features, tuskar-ui, twinkle, twisted-web2, uclmmbase, workrave, xlog & yafc.

FTP Team

As a Debian FTP assistant I ACCEPTed 135 packages: aptitude, asm, beagle, blends, btrfs-progs, camitk, cegui-mk2, cmor-tables, containerd, debian-science, debops, debops-playbooks, designate-dashboard, efitools, facedetect, flask-testing, fstl, ganeti-os-noop, gnupg, golang-fsnotify, golang-github-appc-goaci, golang-github-benbjohnson-tmpl, golang-github-dchest-safefile, golang-github-docker-go, golang-github-dylanmei-winrmtest, golang-github-hawkular-hawkular-client-go, golang-github-hlandau-degoutils, golang-github-hpcloud-tail, golang-github-klauspost-pgzip, golang-github-kyokomi-emoji, golang-github-masterminds-semver-dev, golang-github-masterminds-vcs-dev, golang-github-masterzen-xmlpath, golang-github-mitchellh-ioprogress, golang-github-smartystreets-assertions, golang-gopkg-hlandau-configurable.v1, golang-gopkg-hlandau-easyconfig.v1, golang-gopkg-hlandau-service.v2, golang-objx, golang-pty, golang-text, gpaste, gradle-plugin-protobuf, grip, haskell-brick, haskell-hledger-ui, haskell-lambdabot-haskell-plugins, haskell-text-zipper, haskell-werewolf, hkgerman, howdoi, jupyter-client, jupyter-core, letsencrypt.sh, libbpp-phyl, libbpp-raa, libbpp-seq, libbpp-seq-omics, libcbor-xs-perl, libdancer-plugin-email-perl, libdata-page-pageset-perl, libevt, libevtx, libgit-version-compare-perl, libgovirt, libmsiecf, libnet-ldap-server-test-perl, libpgobject-type-datetime-perl, libpgobject-type-json-perl, libpng1.6, librest-client-perl, libsecp256k1, libsmali-java, libtemplates-parser, libtest-requires-git-perl, libtext-xslate-perl, linux, linux-signed, mandelbulber2, netlib-java, nginx, node-rc, node-utml, nvidia-cuda-toolkit, openfst, openjdk-9, openssl, php-cache-integration-tests, pulseaudio, pyfr, pygccxml, pytest-runner, python-adventure, python-arrayfire, python-django-feincms, python-fastimport, python-fitsio, python-imagesize, python-lib389, python-libtrace, python-neovim-gui, python3-proselint, pythonpy, pyzo, r-cran-ca, r-cran-fitbitscraper, r-cran-goftest, r-cran-rnexml, r-cran-rprotobuf, rrdtool, ruby-proxifier, ruby-seamless-database-pool, ruby-syslog-logger, rustc, s5, sahara-dashboard, salt-formula-ceilometer, salt-formula-cinder, salt-formula-glance, salt-formula-heat, salt-formula-horizon, salt-formula-keystone, salt-formula-neutron, salt-formula-nova, seer, simplejson, smrtanalysis, tiles-autotag, tqdm, tran, trove-dashboard, vim, vulkan, xapian-bindings & xapian-core.

Categories: LUG Community Blogs

Jonathan McDowell: Notes on Kodi + IR remotes

Planet ALUG - Tue, 26/04/2016 - 21:32

This post is largely to remind myself of the details next time I hit something similar; I found bits of relevant information all over the place, but not in one single location.

I love Kodi. These days the Debian packages give me a nice out of the box experience that is easy to use. The problem comes in dealing with remote controls and making best use of the available buttons. In particular I want to upgrade the VDR setup my parents have to a more modern machine that’s capable of running Kodi. In this instance an AMD E350 nettop, which isn’t recent but does have sufficient hardware acceleration of video decoding to do the job. Plus it has a built in fintek CIR setup.

First step was finding a decent remote. The fintek is a proper IR receiver supported by the in-kernel decoding options, so I had a lot of flexibility. As it happened I ended up with a surplus to requirements Virgin V Box HD remote (URC174000-04R01). This has the advantage of looking exactly like a STB remote, because it is one.

Pointed it at the box, saw that the fintek_cir module was already installed and fired up irrecord. Failed to get it to actually record properly. Googled lots. Found ir-keytable. Fired up ir-keytable -t and managed to get sensible output with the RC-5 decoder. Used irrecord -l to get a list of valid button names and proceed to construct a vboxhd file which I dropped in /etc/rc_keymaps/. I then added a

fintek-cir * vboxhd

line to /etc/rc_maps.cfg to force my new keymap to be loaded on boot.

That got my remote working, but then came the issue of dealing with the fact that some keys worked fine in Kodi and others didn’t. This seems to be an issue with scancodes above 0xff. I could have remapped the remote not to use any of these, but instead I went down the inputlirc approach (which is already in use on the existing VDR box).

For this I needed a stable device file to point it at; the /dev/input/eventN file wasn’t stable and as a platform device it didn’t end up with a useful entry in /dev/input/by-id. A ‘quick’

udevadm info -a -p $(udevadm info -q path -n /dev/input/eventN)

provided me with the PNP id (FIT0002) allowing me to create /etc/udev/rules.d/70-remote-control.rules containing

KERNEL=="event*",ATTRS{id}=="FIT0002",SYMLINK="input/remote"

Bingo, a /dev/input/remote symlink. /etc/defaults/inputlirc ended up containing:

EVENTS="/dev/input/remote" OPTIONS="-g -m 0"

The options tell it to grab the device for its own exclusive use, and to take all scancodes rather than letting the keyboard ones through to the normal keyboard layer. I didn’t want anything other than things specifically configured to use the remote to get the key presses.

At this point Kodi refused to actually do anything with the key presses. Looking at ~kodi/.kodi/temp/kodi.log I could see them getting seen, but not understood. Further searching led me to construct an Lircmap.xml - in particular the piece I needed was the <remote device="/dev/input/remote"> bit. The existing /usr/share/kodi/system/Lircmap.xml provided a good starting point for what I wanted and I dropped my generated file in ~kodi/.kodi/userdata/.

(Sadly it turns out I got lucky with the remote; it seems to be using the RC-5x variant which was broken in 3.17; works fine with the 3.16 kernel in Debian 8 (jessie) but nothing later. I’ve narrowed down the offending commit and raised #117221.)

Helpful pages included:

Categories: LUG Community Blogs

Debian Bits: Debian welcomes its 2016 summer interns

Planet HantsLUG - Sun, 24/04/2016 - 20:00

We're excited to announce that Debian has selected 29 interns to work with us this summer: 4 in Outreachy, and 25 in the Google Summer of Code.

Here is the list of projects and the interns who will work on them:

Android SDK tools in Debian:

APT - dpkg communications rework:

Continuous Integration for Debian-Med packages:

Extending the Debian Developer Horizon:

Improving and extending AppRecommender:

Improving the debsources frontend:

Improving voice, video and chat communication with Free Software:

MIPS and MIPSEL ports improvements:

Reproducible Builds for Debian and Free Software:

Support for KLEE in Debile:

The Google Summer of Code and Outreachy programs are possible in Debian thanks to the effort of Debian developers and contributors that dedicate part of their free time to mentor students and outreach tasks.

Join us and help extend Debian! You can follow the students weekly reports on the debian-outreach mailing-list, chat with us on our IRC channel or on each project's team mailing lists.

Congratulations to all of them!

Categories: LUG Community Blogs

Jonathan McDowell: Going to DebConf 16

Planet ALUG - Mon, 18/04/2016 - 14:12

Whoop! Looking forward to it already (though will probably spend it feeling I should be finishing my dissertation).

Outbound:

2016-07-01 15:20 DUB -> 16:45 LHR BA0837 2016-07-01 21:35 LHR -> 10:00 CPT BA0059

Inbound:

2016-07-10 19:20 CPT -> 06:15 LHR BA0058 2016-07-11 09:20 LHR -> 10:45 DUB BA0828

(image stolen from Gunnar)

Categories: LUG Community Blogs

Jonathan McDowell: Going to DebConf 16

Planet ALUG - Mon, 18/04/2016 - 14:12

Whoop! Looking forward to it already (though will probably spend it feeling I should be finishing my dissertation).

Outbound:

2016-07-01 15:20 DUB -> 16:45 LHR BA0837 2016-07-01 21:35 LHR -> 10:00 CPT BA0059

Inbound:

2016-07-10 19:20 CPT -> 06:15 LHR BA0058 2016-07-11 09:20 LHR -> 10:45 DUB BA0828

(image stolen from Gunnar)

Categories: LUG Community Blogs

Debian Bits: DPL elections 2016, congratulations Mehdi Dogguy!

Planet HantsLUG - Sun, 17/04/2016 - 17:40

The Debian Project Leader elections finished yesterday and the winner is Mehdi Dogguy! Of a total of 1023 developers, 282 developers voted using the Condorcet method.

More information about the result is available in the Debian Project Leader Elections 2016 page.

The new term for the project leader starts today April 17th and expire on April 17th 2017.

Categories: LUG Community Blogs

Bring-A-Box, Saturday 11 June 2016, All Saints, Mitcham

Surrey LUG - Fri, 15/04/2016 - 19:54
Start: 2016-06-11 12:00 End: 2016-06-11 12:00

We have regular sessions on the second Saturday of each month. Bring a 'box', bring a notebook, bring anything that might run Linux, or just bring yourself and enjoy socialising/learning/teaching or simply chilling out!

This month's meeting is at the All Saints Centre, Mitcham, Surrey.  CR4 4JN

New members are very welcome. We're not a cliquey bunch, so you won't feel out of place! Usually between 15 and 30 people come along.

Categories: LUG Community Blogs

Bring-A-Box, Saturday 14th May 2016

Surrey LUG - Fri, 15/04/2016 - 19:50
Start: 2016-05-14 12:00 End: 2016-05-14 12:00

Venue to be found.  Watch this space!  No!  Better still, find a venue and discuss it on the mailing list!

Categories: LUG Community Blogs

Jonathan McDowell: Software in the Public Interest contributing members: Check your activity status!

Planet ALUG - Wed, 13/04/2016 - 13:04

That’s a longer title than I’d like, but I want to try and catch the attention of anyone who might have missed more directed notifications about this. If you’re not an SPI contributing member there’s probably nothing to see here…

Although I decided not to stand for re-election at the Software in the Public Interest (SPI) board elections last July, I haven’t stopped my involvement with the organisation. In particular I’ve spent some time working on an overhaul of the members website and rolling it out. One of the things this has enabled is implementation of 2009-11-04.jmd.1: Contributing membership expiry, by tracking activity in elections and providing an easy way for a member to indicate they consider themselves active even if they haven’t voted.

The plan is that this will run at some point after the completion of every board election. A first pass of cleanups was completed nearly a month ago, contacting all contributing members who’d never been seen to vote and asking them to update their status if they were still active. A second round, of people who didn’t vote in the last board election (in 2014), is currently under way. Affected members will have been emailed directly and there was a mail to spi-announce, but I’m aware people often overlook these things or filter mail off somewhere that doesn’t get read often.

If you are an SPI Contributing member who considers themselves an active member I strongly recommend you login to the SPI Members Website and check the “Last active” date displayed is after 2014-07-14 (i.e. post the start of the last board election). If it’s not, click on the “Update” link beside the date. The updated date will be shown once you’ve done so.

Why does pruning inactive members matter? The 2015 X.Org election results provide at least one indication of why ensuring you have an engaged membership is important - they failed to make a by-laws change that a vast majority of votes were in favour of, due to failing to make quorum. (If you’re an X.org member, go vote!)

Categories: LUG Community Blogs

Jonathan McDowell: Software in the Public Interest contributing members: Check your activity status!

Planet ALUG - Wed, 13/04/2016 - 13:04

That’s a longer title than I’d like, but I want to try and catch the attention of anyone who might have missed more directed notifications about this. If you’re not an SPI contributing member there’s probably nothing to see here…

Although I decided not to stand for re-election at the Software in the Public Interest (SPI) board elections last July, I haven’t stopped my involvement with the organisation. In particular I’ve spent some time working on an overhaul of the members website and rolling it out. One of the things this has enabled is implementation of 2009-11-04.jmd.1: Contributing membership expiry, by tracking activity in elections and providing an easy way for a member to indicate they consider themselves active even if they haven’t voted.

The plan is that this will run at some point after the completion of every board election. A first pass of cleanups was completed nearly a month ago, contacting all contributing members who’d never been seen to vote and asking them to update their status if they were still active. A second round, of people who didn’t vote in the last board election (in 2014), is currently under way. Affected members will have been emailed directly and there was a mail to spi-announce, but I’m aware people often overlook these things or filter mail off somewhere that doesn’t get read often.

If you are an SPI Contributing member who considers themselves an active member I strongly recommend you login to the SPI Members Website and check the “Last active” date displayed is after 2014-07-14 (i.e. post the start of the last board election). If it’s not, click on the “Update” link beside the date. The updated date will be shown once you’ve done so.

Why does pruning inactive members matter? The 2015 X.Org election results provide at least one indication of why ensuring you have an engaged membership is important - they failed to make a by-laws change that a vast majority of votes were in favour of, due to failing to make quorum. (If you’re an X.org member, go vote!)

Categories: LUG Community Blogs

Chris Lamb: Parsing Jenkins log output to determine job status

Planet ALUG - Mon, 11/04/2016 - 18:28

I recently made the same mistake a number of times when adding new hosts to my Ansible configuration and decided to ensure it couldn't happen again. The specifics of this particular issue were that whilst I had added the hostname to inventory file, I had neglected to add the host to the relevant group in my playbook:

oldhost newhost [mygroup] oldhost # missing newhost here

ansible-playbook would output no hosts matched but crucially return with an successful exit code. My continuous integration system (Jenkins) would infer that the task was successful and not notify me that anything was wrong:

$ ansible-playbook deploy-mygroup.yml --limit-hosts=newhost <snip> PLAY [deploy] ************************************************* skipping: no hosts matched PLAY RECAP **************************************************** [ERROR]: No plays were matched by any host. $ echo $? 0

This seemed to violate a few principles to me (at the very least due of the "loud" use of ERROR without the corresponding return code) so I filed a pull request against Ansible that added an optional --error-if-no-plays-matched switch:

$ ansible-playbook [..] --error-if-no-plays-matched <snip> [ERROR]: No plays were matched by any host. $ echo $? 1

In the end, upstream decided to pass on it as it could be implemented via a plugin system and desiring an immediate and potentially more-general solution I briefly looked into parsing the ansible-playbook output before moving onto parsing the Jenkins log itself.

This turned out to be straightforward; using the Text-Finder plugin, I configured my Jenkins job to simply error if the log contained the string skipping: no hosts matched:

I am using the Job DSL plugin so that my configuration is backed onto revision control (highly recommended) so I actually used its textFinder publisher rather than the interface above:

publishers { textFinder(/^skipping: no hosts matched$/, '', true, false, false) }

This results in the job "correctly" failing and alerting me:

+ ansible-playbook deploy-mygroup.yml --limit-hosts=newhost <snip> PLAY [deploy] ************************************************* skipping: no hosts matched PLAY RECAP **************************************************** [ERROR]: No plays were matched by any host. Checking console output /var/lib/jenkins/jobs/deploy-mygroup/builds/126/log: skipping: no hosts matched Build step 'Jenkins Text Finder' changed build result to FAILURE Finished: FAILURE
Categories: LUG Community Blogs

Steve Kemp: Recycling old ideas ..

Planet HantsLUG - Sat, 09/04/2016 - 14:47

My previous blog post was about fuzzing and finding segfaults in GNU Awk. At the time of this update they still remain unfixed.

Reading about a new release of mutt I've seen a lot of complaints about how it handles HTML mail, by shelling out to lynx or w3m. As I have a vested interest in console based mail-clients I wanted to have a quick check to see how dangerous that could be. After all it wasn't so long ago that I discovered that printing a fingerprint of an SSH key could be dangerous, so the idea of parsing untrusted HTML is something I could see.

In fact back in 2005 I reported that some specific HTML could crash Mozilla's firefox. Due to some ordering issues my Firefox bug was eventually reported as a duplicate, and although it seemed to qualify for the Mozilla bug-bounty and a CVE assignment I never received any actual cash. Shame. I'd have been more interested in testing the browser if I had a cheque to hang on my wall (and never cash).

Anyway full-circle. Fuzzing the w3m console-based browser resulted in a bunch of segfaults when running this:

w3m -dump $file.html

Anyway each of the two bugs I reported were fixed in a day or two, and both involved gnarly UTF-8/encoding transformations. Many thanks to Tatsuya Kinoshita for such prompt attention and excellent debugging skills.

And lynx? Still no segfaults. I'll leave the fuzzer running over the weekend and if there are no faults found by Monday I guess I'll move on to links.

Categories: LUG Community Blogs

Steve Engledow (stilvoid): Disco

Planet ALUG - Fri, 08/04/2016 - 17:09

Things I discovered this week:

  • I really, really don't like sesame oil.

    I spent all day yesterday complaining that there was a smell of burnt plastic in the house. Today I shared a sandwich with my wife and it tasted like burnt plastic smells. Turns out this was the sesame oil she just bought and loves. Yuck.

  • I've become quite unfit over the past 3 months.

    Since starting my new job, I haven't had the daily cycle ride into the office (I work from home or get the train to wherever I need to be) and it's really beginning to show. I decided to go for a bike ride on my lunch break today. 30 minutes and a handful of miles later, I was a sweaty, panting mass.

  • Making smoothies using only fruit is a bad idea.

    Since buying a smoothie maker (a blender, a blender, a blender) I've been trying various strategies depending on how guilty I'm feeling. Today I decided to try a smoothie with just three ingredients: grapes (lots of them), a pear, and a dash of cranberry juice. It was, without a doubt, the sweetest thing I have ever tasted. I ended up necking some and then watering it down.

  • I should have bought a new monitor ages ago.

    I've been using a TV that I bought years ago as my main monitor for ages and recently decided I wanted something a bit better (the monitor only went up to 1680x1050) so I bought a monitor. What an improvement!

Categories: LUG Community Blogs

Bring-A-Box, Saturday 9th April 2016, Station pub, W Byfleet

Surrey LUG - Thu, 07/04/2016 - 16:04
Start: 2016-04-09 12:00 End: 2016-04-09 12:00

We have regular sessions on the second Saturday of each month. Bring a 'box', bring a notebook, bring anything that might run Linux, or just bring yourself and enjoy socialising/learning/teaching or simply chilling out!

This month's meeting is at the Station Pub in West Byfleet, Surrey.

New members are very welcome. We're not a cliquey bunch, so you won't feel out of place! Usually between 15 and 30 people come along.

Categories: LUG Community Blogs

Andy Smith: rsync and sudo conundrum

Planet HantsLUG - Wed, 06/04/2016 - 15:21

Scenario:

  • You’re logged in to hostA
  • You need to rsync some files from hostB to hostA
  • The files on hostB are only readable by root and they must be written by root locally (hostA)
  • You have sudo access to root on both
  • You have ssh public key access to both
  • root can’t ssh between the two

Normally you’d do this:

hostA$ rsync -av hostB:/foo/ /foo/

but you can’t because your user can’t read /foo on hostB.

So then you might try making rsync run as root on hostB:

hostA$ rsync --rsync-path='sudo rsync' -av hostB:/foo/ /foo/

but that fails because ssh needs a pseudo-terminal to ask you for your sudo password on hostB:

sudo: no tty present and no askpass program specified rsync: connection unexpectedly closed (0 bytes received so far) [Receiver] rsync error: error in rsync protocol data stream (code 12) at io.c(226) [Receiver=3.1.1]

So then you can try giving it an askpass program:

hostA$ rsync \ --rsync-path='SUDO_ASKPASS=/usr/bin/ssh-askpass sudo rsync' \ -av hostB:/foo/ /foo/

and that nearly works! It pops up an askpass dialog (so you need X11 forwarding) which takes your password and does stuff as root on hostB. But ultimately fails because it’s running as your unprivileged user locally (hostA) and can’t write the files. So then you try running the lot under sudo:

hostA$ sudo rsync \ --rsync-path='SUDO_ASKPASS=/usr/bin/ssh-askpass sudo rsync' \ -av hostB:/foo/ /foo/

This fails because X11 forwarding doesn’t work through the local sudo. So become root locally first, then tell rsync to ssh as you:

hostA$ sudo -i hostA# rsync \ -e 'sudo -u youruser ssh' \ --rsync-path 'SUDO_ASKPASS=/usr/bin/ssh-askpass sudo rsync'\ -av hostB:/foo /foo

Success!

Answer cobbled together with help from dutchie, dne and dg12158. Any improvements? Not needing X11 forwarding would be nice.

Alternate methods:

  • Use tar: $ ssh \ -t hostB 'sudo tar -C /foo -cf - .' \ | sudo tar -C /foo -xvf -
  • Add public key access for root
  • Use filesystem ACLs to allow unprivileged user to read files on hostB.
Categories: LUG Community Blogs

Wayne Stallwood (DrJeep): Simple USB2 Host Switch

Planet ALUG - Sat, 02/04/2016 - 20:38
Initially created for the BigBox 3D printer to allow use of both the Internal Raspberry Pi running Octoprint and the rear mounted USB port for diagnostic access. The Rumba has only one USB port and can only be attached to one of these at a time.

However this circuit will work in any other scenario where you want to be able to switch between USB Hosts.

Plug a Host PC or other host device into port X1 and the device you want to control into Port X3, everything should work as normal.

Plug an additional powered Host PC or other host device into Port X2 and and the host plugged into Port X1 should be disconnected in preference to this device which should now be connected to the device plugged into port X3.

Please note, in many cases, particularly with devices that are bus powered like memory sticks, the device will not function if there is no powered host PC plugged into port X1

Categories: LUG Community Blogs

Debian Bits: Debian announces partnership to sub-contract publicity and press to an outside marketing agency

Planet HantsLUG - Fri, 01/04/2016 - 06:10

Last year we started to push more of Debian news and information away the single news source of the DPN into other media services. Debian has been more active than ever on our many IRC channels, free software based social networks, and unofficial Twitter and Facebook feeds. Today we have decided to announce the next stage in keeping Debian at the forefront of media by sub-contracting publicity and press to an outside marketing agency.

The marketing agency (name will be disclosed soon) has provided an AI system (running entirely with free software) which will be fed with all the content of Debian mailing lists and sources.debian.net to understand the character of the Debian community and then better customize future articles, interviews, and event news.

However, some bits of personal information are also needed. Please install the "publicity" package and you'll be presented a form to fill in your data: name, surname, phone, snail mail address, place of birth, names of family members, employers or employees. Each person providing their data to the agency will receive coupon for a 20% discount in the download (purchase) of next Debian release (valid only for downloads from the official site www.debian.org).

We kindly ask every Debian community member to sign up in, at least, one of theses services: Twitter, Whatsapp, Slack or Facebook (IRC, mailing lists, and free software based RTC are allegedly not so 'cool'). Users need not be concerned with losing the features that the IRC bots provide (so long KGB!) as they will be replaced by Tay-like AI systems. The most visible change will be that MeetBot will no longer log the meetings anymore, but we have bribed an NSA employee so they pass the relevant messages to us.

"If this 'centralization, outsourcing and pay-and-forget' approach goes well with publicity, I'm considering running for DPL in 2017 to extend this model to other areas of Debian" said Laura Arjona Reina, (now) former publicity delegate.

A new logo and mascot has been designed too, as a symbol of this new era embracing the standards of branding and corporate messaging. Please consider voting in favor of it, in the General Resolution that will be proposed soon:

Categories: LUG Community Blogs
Syndicate content