Craig Box's journeys, stories and notes...


Archive for October, 2006

Periods in run-parts

Tuesday, October 31st, 2006

Repeat after me, Debian/Ubuntu sysadmins. You cannot use the period (.) character in /etc/foo.d directories. Can't can't can't.

Why? Well, man runparts says:

If the --lsbsysinit option is not given then the names must consist
entirely of upper and lower case letters, digits, underscores, and
hyphens.

So, you can't have files named "vhost.foo.co.nz" in your /etc/logrotate.d directory, and you can't have files named "awstats-foo.co.nz" in your /etc/cron.d directory.

As much of a big deal is made of Halloween, and as many groups of kids I saw walking the streets about 7:45, we only had one person knock on the door trick-or-treating. And we managed to successfully pretend we weren't here, sitting in the lounge watching Torchwood. (I keep waiting for the Doctor to turn up.)

Cheap server

Tuesday, October 31st, 2006

Note: this is long since sold.

IBM X335, $1 reserve.

Obviously, close friends need not enter.

Ubuntu Edgy released, foibles and all

Sunday, October 29th, 2006

I got a birthday present on Friday in the form of a new Ubuntu release, Edgy Eft. I downloaded the 6.10 ISO and promptly burned the 6.06 ISO to CD, only noticing when I got it home. Oh well, several hundred megs of downloads later...

Some notes:

  • Due to a change in Python packaging policy, python2.4-module packages are deprecated in favour of python-module packages that have an X-Python-Version field in their control file.
  • If you get a black screen & crash testing the beta NVIDIA driver, you probably need to edit /etc/modules and remove the eeprom driver. Found on the official NVIDIA Linux forum.

Beryl, the community Compiz fork, is, well, "a little over the top". After figuring out the settings to subdue it a little bit, I've got it usable. The settings dialog could do with a lot of love however, so anyone who is interested in UI and has free time (unfortunately I only currently hit one out of two) might like to volunteer to help.

I leave with a little laugh (courtesy of Jorge Bernal):

Bill Gates recommending Ubuntu

Post-post-post-Floyd coming to town

Wednesday, October 25th, 2006

What better way to break the 13 day silence than to point out that Roger Waters is coming to Auckland on January 29. According to his website, he's playing "Stadium". I really like the ambience of "Stadium".

ickets from Ticketmaster from 27 October, but of course their website doesn't know its happening.

Update: according to Brain Damage, the stadium is North Harbour Stadium, and you might be looking at $180 AUD for the cheapest tickets!

Exipick, and importing Apache certificates into IIS

Thursday, October 12th, 2006

Greig's cool find of the day:

Exim comes with a script called exipick, which lets you see just the parts of the mail queue that match a particular pattern. ie. we want to get notified of messages that are queued on a backup MX, but aren't just bounces to fake addresses that will eventually time out:

exipick '!$local_error_message'

Which makes looking at mail queues much easier:

root@elston:~# exipick | wc -l
96
root@elston:~# exipick '!$local_error_message' | wc -l
0

My find is a little less interesting, and a little more "just googled it", but if you have certificates in Apache crt/key format, and you want to import them into IIS, you can
do so with openssl:

/etc/ssl/site.net.nz# openssl pkcs12 -export -out site.p12 -inkey site.key -in site.crt

Read more at Michael's meanderings, including about the useful SSLDiag utility.

Windows utilities you didn't know about: dsacls.exe

Wednesday, October 11th, 2006

If you set permissions to lock yourself out of an object in Active Directory (or your co-worker does it for you - hi Pete!) then you can use the support tool ADSIEDIT to fix it.

Unless you've done something really difficult, like set DENY permission to "NT AUTHORITY\Authenticated Users".

The error was "An invalid directory name was passed" trying to change the properties on the object, which was also showing as a note, and not a container.

A suggestion to update the schema and clear the cache didn't work; what did work eventually, was this gem of a command line, suggested but not entirely correctly spelt out by knowledge base article 300444:

dsacls "CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=SITE NAME ,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOMAIN" /I:T /R "NT AUTHORITY\Authenticated Users"

And they say Windows isn't a CLI OS.

After using /R to remove the ACL, you can use /S to set it back to its inherited-from-parent ACL.

Ubuntu PPTP in Universe

Sunday, October 1st, 2006

Thanks to the efforts of the tireless ajmitch (does he ever sleep?), not only is my network-manager-pptp package mostly finished, it's also going to be available in the universe repository for Ubuntu Edgy.

Until it shows up online, you can grab and test it here:

Test early, test often.

Falling asleep on the stage again baby

Sunday, October 1st, 2006

I enjoyed Rockstar: INXS as live rock covers, played by a talented band, with sometimes some crappy singing in front of it. I came to enjoy the competition too (enjoyed it far less after the New Zealand Herald published the winner over four weeks before it aired in New Zealand). INXS's subsequent world tour included four dates in New Zealand (and has so far lasted almost a year, unlike the planned Rockstar: Rock Star Supernova "world tour", which they added a Canadian date to in order to qualify), the third of which I attended last Sunday.

I bought the tickets about three months ago; last week, I stressed for an hour after having lost them. I have three other sets of tickets in my drawer at work, and I turned the office upside down looking for them. I then convinced myself that I didn't actually buy any, but my friend Joe, who I was going with, must have bought them. Then I remembered him paying me for his, etc. Thankfully they turned up in my big stash of shows-I've-seen tickets (between the Rolling Stones and a Black Caps vs WI Twenty20 game).

The last time I went to the Logan Campbell Centre was to see Oasis, in 1998. I can only assume it's got smaller since then! Great venue though, well shaped and coloured - would suit theatre as well as rock. The opening band was Autozamm, who we arrived too late to see most of, but were still good as ever. Mixed a bit too loud for the event.

I was asked how INXS were by a few people: I found it very hard to tell my opinion. I thought I'd sum it up in numbers:

  • Number of songs off Kick played: 6 from a possible 12
  • Number of songs off Switch played: 7 from a possible 11
  • Number of other songs played: About 6, including "Folsom Prison Blues" by Johnny Cash
  • Age of lead singer: 33
  • Average age of other band members: 48
  • Average age of the women in the audience: Hard to tell.. probably 35
  • Number of beards on stage: 2.5

2.5 beards? Well, Andrew Farriss obviously has a full beard, so that's one; Kirk, Tim and JD really only qualify for half-each. Kirk however would make a fantastic entrant during Movember.

JD seemed a little too cliched rockstar. "It's fantastic to be here in Auckland Noo Zeeland, two nights, peace and love to the world, man". There was also some strained gangster-rap-esque lyrical riffs between songs, which might have been INXS back catalogue that I wasn't familiar with. However, the band was tight, the vocal delivery was pretty good on the old stuff and great on the new stuff, and without having seen a Hutchence-lead show to compare it against, it was a good night out.