Groesbeek, view of the 'National Liberation Museum 1944-1945' in Groesbeek. © Ton Kersten
Fork me on GitHub
Posts tagged as old

SSH troubles resolved

2010-01-05 (37) by Ton Kersten, tagged as old

When I was installing a new server I thought that it would be nice to have the server display a nice banner when I contact it. With OpenSSH this is rather easy to achieve. Just setting the Banner option in /etc/ssh/sshd_config should do the trick. I also thought it would be nice to have the servername displayed, created with Figlet. So when I login the screen should look something like this:

 _ __ ___  _   _ ___  ___ _ ____   _____ _ __ 
| '_ ` _ \| | | / __|/ _ \ '__\ \ / / _ \ '__|
| | | | | | |_| \__ \  __/ |   \ V /  __/ |   
|_| |_| |_|\__, |___/\___|_|    \_/ \___|_|   
           |___/

I set this all up and when I logged in the screen looked like:

 _ __ ___  _   _ ___  ___ _ ____   _____ _ __ 
| '_ ` _ \\| | | / __|/ _ \\ '__\\ \\ / / _ \\ '__|
| | | | | | |_| \\__ \\  __/ |   \\ V /  __/ |   
|_| |_| |_|\\__, |___/\\___|_|    \\_/ \\___|_|   
           |___/

I guess you can understand it's not what I wanted. All backslashes are doubled, hmmm weird.

Poking around in the system (CentOS 5.4) seemed to lead me to the mingetty command, because that's what's used to login.

In the source code of mingetty I found:

if ((fd = fopen (ISSUE, "r"))) {
    while ((c = getc (fd)) != EOF) {
        if (c == '\\')
            output_special_char (getc(fd));
        else
            putchar (c);
    }
    fflush (stdout);
    fclose (fd);
}

so that could be it.

As a test I put a mingetty escape sequence in the /etc/issue file, but that showed up completely the same, no mingetty translation. So that's not it. Not that many options left. Maybe the OpenSSH server displaying the backslashes the wrong way.

Tracing the OpenSSH server source code showed that it couldn't be that one, because the Banner file is just sent by an atomic write.

But, if it's not the server, maybe it's the client. Another source code scan of the OpenSSH stuff revealed the culprit. In the file sshconnect2.c the function input_userauth_banner displays the banner, sent from the server. On line 417 (in my source tree, OpenSSH version 5.3p1) it says

strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL);

So "unsafe" characters and "octal" characters are encoded. The man page of strnvis states:

There is one additional flag, VIS_NOSLASH, which inhibits
the doubling of backslashes and the backslash before the
default format

So I changed the line to

strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);

recompiled SSH and reconnected to my new, shiny server.

Hurray, problem solved.

Checking the Internet I found out that someone already found this bug and checked it in with the OpenSSH developers (about an hour before I tried to check it in). It will be resolved in version 5.4, but it can still take some time to find it's way into all distributions.

Git version 1.6.6

2010-01-04 (36) by Ton Kersten, tagged as old

A new git (1.6.6) arrived and I thought I should create RPM's for this again.

These new RPM's can be found in the files section.

It's broken again

2009-11-20 (35) by Ton Kersten, tagged as old

A new git (1.6.5.3) arrived and I thought I should create RPM's for this again.

This turned out to be rather tedious and frustrating.

Running

rpmbuild -ba git.spec

as usual gave me this error

I/O error : Attempt to load network entity http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd
/home/tonk/rpmbuild/BUILD/git-1.6.5.2/Documentation/git-add.xml:2: warning: \
failed to load external entity "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"
Hmm, never seen that one before. Digging around in the Makefile and adding a lot of echo's to
display some debugging info, I found it.

I recently upgraded to CentOS 5.4 and now it turns out that CentOS breaks things. In the file /etc/asciidoc/docbook.conf` it says:

... and that's wrong. There is no file for version 4.5. I didn't feel like finding out how to repair all these packages and the "dependency hell" involved. I just didn't have the stomach for it, right now (not at 01:30 AM).

So, no nice repairs, but I just changed the above line to:

(See the subtle difference between the two, 4.5 versus 4.2)

Now it all works, although I still do not know which package really breaks things.

If I ever find out I will let you know.

MDNS name resolving problem

2009-11-10 (34) by Ton Kersten, tagged as old
Within a mixed Linux and Microsoft Windows network I ran into the following problem: A host with the hostname linux1.firm.local could be pinged and found with nslookup and dig, but it was impossible to start a ssh session. The result kept being: Unknown host. Playing Cherlock Holmes revealed that this had to do with Avahi and mdns, so with the .local part of the hostname. In my /etc/nsswitch.conf the hosts: line read: (Using Ubuntu 8.04, 9.04 and even 10.04)
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
This results in searching the IP address of the host through mdns4_minimal. The .local domain now spoils it for me (use strings on mdns4_minimal and be amazed. The problem can be solved very easy. Just replace the hosts: line in the /etc/nsswitch.conf with:
hosts: files dns mdns4
See also: Avahi

UNIX version 7 on x86

2009-11-05 (33) by Ton Kersten, tagged as old

A co-worker at our company found a VMware image for an ancient UNIX version, called UNIX V7. This version dates back to the good old days of 1979, and therefore it is now already 30 years old. He found this at Nordier.

It's is incredible that a UNIX version of so long ago already supports multi-processing and multi-user.

I tried to run this version of UNIX on my VMware server version 2.0, but it got stuck at the command prompt. I could have spent a great deal of time getting it to work, but playing with KVM recently, I decided to convert the image to KVM.

This was quiet simple.

qemu-img convert <vmware-flat-file> -O qcow2 <kvm-file>

I then defined a new virtual machine in KVM with this new image and it all ran as a charm.

For all UNIX adepts, like me, this is a very nice thing to have and to study, just to see how it worked 30 years ago.

The complete image is available in the files section.

Just extract the files and correct the disk image path in the v7x86.xml file and import the file into KVM.

virsh define v7x86.xml

Enjoy the files!

Git 1.6.5.1 RPM's online

2009-10-19 (32) by Ton Kersten, tagged as old

Again, there is a new version of the Git Version Control System available, named version 1.6.5.1. This version contains some bug-fixes, no feature enhancements.

This new version (1.6.5.1) is now packaged and online in the files section.

Enjoy!

Git 1.6.5 RPM's online

2009-10-12 (31) by Ton Kersten, tagged as old

This morning I found out that there is a new version for the Git Version Control System. This new version (1.6.5) in now packaged and online in the files section.

Enjoy!

OpenFiler repair exercise

2009-09-16 (30) by Ton Kersten, tagged as old

At our local radio station (Omroep Groesbeek) we use OpenFiler version 2.3 for our storage solution.

Yesterday, however, we didn't have a storage solution but a storage problem. None of the exported disks could be accessed, neither through Samba nor NFS. Further investigation showed that the operating disk was completely kaputt. I tried to make a clone of the disk with CloneZilla but the clone failed and the new file systems where unusable as well.

Read more »

git RPM's online

2009-09-14 (29) by Ton Kersten, tagged as old

Using git on a daily basis now, it bugged me that there are no RPM's for git on CentOS 5.3. At the git download site it's possible to download versions for Fedora 9, but that's not what I want or need.

So I decided to make my own. Downloading the source, unpacking and running make git.spec gave me a basic spec file to start with.
After minor tweaks I tried to cook the RPM, but I was in for a surprise.

Read more »

My git Hash filter

2009-08-10 (28) by Ton Kersten, tagged as old

Some time ago I told you about the vigit program, to combine editing and submitting to git. This had some disadvantages, that made me search for a better solution.

I found this in the git filtering capabilities.

Read more »