Latest Entries »

One of my frustrations since moving from using VMWare Workstation on a Linux desktop to using VMWare Fusion on a Mac, is the inability of the latter to select a physical device as a hard drive. For example, in VMWare Worsktation I could select, say, /dev/sdc as a disc device, which would allow me to boot off an external disc, or run a bootable diagnostic CD on the OS drive for another computer, for example a laptop that doesn’t have a optical drive.

But fear not: VMWare Fusion can deal with raw discs. It just doesn’t have the option in the graphical user interface. Here’s what to do:

1. Plug in the external disc and open Disc Utility.

2. In the left hand pane, click on the external disc entry, then click on info

3. Look for the “Disk Identifier” field and note the value. In my case, it is “disk4”

4. The next step requires that you know where your VMWare Library is stored. In my case, I have two drives in my Mac, and the second is where my VMWare resides, so /Volumes/DATA/VMWare. I created a subfolder for external discs, /Volumes/DATA/VMWare/External.

5. Armed with the information discovered in steps 3 and 4, open the terminal and run the following (all in one line):

/Applications/VMware\ create /dev/disk4 fullDevice /Volumes/DATA/VMware/External/external_drive ide

6. Make sure VMWare is closed. In Finder, open your VMWare library, right click on your virtual machine file (in my case WindowsXP), and choose “Show Package Contents”

7. Open the .vmx file (in my case, WindowsXP.vmx) in your favourite text editor, and add the following at the bottom:

ide1:1.present = "TRUE"
ide1:1.fileName = "/Volumes/DATA/VMware/External/external_drive.vmdk"
ide1:1.redo = ""

8. Save and close the file, and start VMWare. Your external drive should now show up in the virtual machine.

Be aware that the .vmdk file is specific to the drive it was built against. If you have several external drives, you’ll have to create a .vmdk file for each. Also be aware that the .vmdk file contains the /dev/disk4 (or similar) device name. If you have two or three external discs plugged in at random, the device names might changed, so you may have to edit the .vmdk file too.

Today my SuperDuper! backup failed, complaining about disc space. The log showed the error occuring with a file under /.MobileBackups. Say what?

This turns out to be a feature of Time Machine in OSX 1.7 – Backups are made locally in addition to your external drive. I don’t want this behaviour, so I disabled it:

sudo tmutil disablelocal

Simples ;)

Recently, I started seeing the following error in my mail logs on RHEL4 servers:

Sep 30 18:36:26 mx01 pop3(woody): file lib.c: line 37 (nearest_power): assertion
 failed: (num <= ((size_t)1 << (BITS_IN_SIZE_T-1)))
Sep 30 18:36:26 mx01 dovecot: child 11238 (pop3) killed with signal 6

This has been happening since dovecot-0.99.11-10.EL4, released on 18 August 2011. The changelog for this release shows:

- fix potential crash when parsing header names that contain NUL characters

It could be that this update introduced a bug, or it could simply be a coincidence and completely unrelated.

The problem is a malformed multi-part (rfc1341) message. These messages usually look something like this. In the headers, you'll see:

Content-type: multipart/mixed; boundary="M7qxj4rHbpfU"

The body, oversimplified, will look something like this:

Some text.

Content-type: foo

foo foo foo
foo foo foo
foo foo foo

Content-type: text/plain; charset=us-ascii 

bar bar bar
bar bar bar
bar bar bar


This last line, the closing encapsulation boundary, indicates that there are no further parts:


In cases where this crash happens, this line is missing. I suspect what's happening is that dovecot continue reading the next mail's headers as if it's part of the last part, until it reaches the new (unexpected) Content-type header.

To fix this, you can insert the missing boundary - copy one of the previous ones and add -- at the end. Or delete the offending mail - mutt -f will open the mailbox.

The other day, I encounetered a problem where Plesk would fail to save settings from the Web Hosting Settings page, giving only this error:

Error: Unable to update hosting preferences: hosting update is failed: webstatmng is failed –unset-config –domain-name=Domain name –stat-prog=

Rather uninformative, but it turned out to be fairly simple. The box had been upgraded from Plesk 7.5.4 to 9.5.4, and it seems something went wrong in the psa database:

# mysql -u admin -p`cat /etc/psa/.psa.shadow` psa -e "SELECT, h.webstat FROM hosting h, domains d WHERE dom_id=id AND name = '';"
| name        | webstat |
| |         | 
1 row in set (0.00 sec)

To remedy this, run the following MySQL query. Replace ‘none’ with ‘webalizer’ or ‘awstats’ where desired:

# mysql -u admin -p`cat /etc/psa/.psa.shadow` psa -e "UPDATE domains d, hosting h set h.webstat='none' WHERE AND''"

Or if you have more than one domain that has this problem, run the follwing to change all the empty webstat fields to ‘none’:

# mysql -u admin -p`cat /etc/psa/.psa.shadow` psa -e "UPDATE hosting SET webstat='none' WHERE webstat = '' "

Now, you can go back to Plesk’s Web Hosting Settings page and save your settings.

Microsoft’s Office 2011 for Mac leaves behind files in a number of places. When removing it, say to upgrade or downgrade or just re-install, it is good to remove all the left overs and start fresh. Here’s the quick and dirty of what to do.

Start by closing all MS Office components. If you’re reading my blog, you probably don’t need me to give you step-by-step instructions to do this through Finder. You can just copy the following into a terminal and be done with it. (Disclaimer: there may be mistakes):

sudo rm -rfv /Applications/Microsoft\ Office\ 2011
sudo rm -rfv /Library/LaunchDaemons/
sudo rm -rfv /Library/PrivilegedHelperTools/
sudo rm -rfv /Library/Preferences/*
sudo rm -rfv /Library/Application\ Support/Microsoft
sudo rm -rfv /Library/Receipts/Office2001_   #may not exist
sudo rm -rfv /Library/Fonts/Microsoft
sudo rm -rfv /private/var/db/receipts/*
rm -rfv ~/Library/Preferences/*
rm -rfv ~/Library/Preferences/Microsoft
rm -rfv ~/Library/Application\ Support/Microsoft
rm -rfv ~/Documents/Microsoft\ User\ Data

You’ll have to re-do the last four lines as each user, if you have multiple users on your Mac. Once you’re done, remove the icons from the Dock, and (because this is Microsoft after all) reboot!

Every now and then I encounter a server that have multiple external drives attached to it. When the server is rebooted – let’s say we just updated the kernel – it sometimes happens that the external drives don’t get assigned the same device numbers they had before. This, in turn, means that we can’t mount them the old way, i.e. by device number, via /etc/fstab.

Fortunately, there are alternative ways of doing this. Let’s start by finding out the filesytem ID.

For ext2/3/4, do:

# dumpe2fs /dev/sdb1 | grep UUID
dumpe2fs 1.39 (29-May-2006)
Filesystem UUID:          5fbb68f9-86af-4784-bdb3-3ab452a5f263

For reiserfs, do:

# debugreiserfs /dev/sdc1 | grep UUID
debugreiserfs 3.6.21 (2009

UUID: aa3c3244-83c2-491e-bab5-067c5e73ce9c

For xfs, do:

# xfs_admin -u /dev/sdc1 
UUID = 0d4139ef-db18-417c-8dc0-273f94acfa3a

JFS, as far as I can tell, does not automatically generate a UUID when you create the filesystem. You have to do it.

# jfs_tune -U random /dev/sdc1 
jfs_tune version 1.1.12, 24-Aug-2007
UUID updated successfully.

Now, to view the UUID, do:

# jfs_tune -l /dev/sdc1 | grep UUID
File system UUID:       cab1b11d-1f09-4dc6-aec8-b84537ff895f
External log UUID:      b02579b7-0100-0000-0000-000001000000

Now, adjust your /etc/fstab:

#/dev/sdc1                                 /backup   ext3  defaults 0 0 
UUID=b7bcf64a-e172-42ce-8ce7-12365cc72c6c  /backup   ext3  defaults 0 0

This will ensure that each filesystem is mounted in the right place, even if the device names come up in the wrong order.

I recently purchased an Asus EeePC 1201N for the purpose of running OS X Snow Leopard, Windows 7 and some flavour of Linux.  Each OS has a different purpose.  I’ve been looking for a lightweight laptop to take with me when travelling, specifically for the purpose of importing my photos, geotag them and keyword them while things are fresh in memory.  Aperture is my tool of choice, so I needed something with enough oomph and a decent enough display.   Windows is purely to get to know it, as I haven’t touched it since XP days, and I’m getting rusty.  Linux is what I use at work, and what I use for a lot of things outside of my day job.

As you might know, the wireless card in the 1201N doesn’t work in OS X, and the Dell 1510 card is widely recommended.  It uses a Broadcom BCM4322 chip, which works natively in OS X.  Unfortunately Broadcom chips tend to be somewhat shaky in Linux, unless you go with ndiswrapper for driver support, which wouldn’t work for my needs, so I had to look for something else.

Things are further complicated by the 1201N using a low-profile Mini-PCIe card.  There aren’t too many of them around, and finding one that has good driver support in both OS X and Linux, wasn’t easy.  Fortunately I stumbled upon a card based on the Atheros AR5B91 chip, which I know will work in Linux, and works natevly in OSX.

Atheros AR5B91 Mini-PCIe Wireless card

View full article »

I had to solve a problem for a customer where they need to delegate management of backup MX servers to their clients. Of course, they don’t want to give their clients root access to their server, but they can write an app that gives users access to certain entries in a database, based on their privileges. This means I can join my two favourite server apps in the world: Postfix + MySQL

First, we need to create a database and some tables. These are quick and dirty and only meant to be a proof of concept. The fields a pretty straight forward: id is just a number, domain is the domain being relayed, and destination is the primary MX or where ever you need the mail to go. The syntax is as per the Postfix transport documentation. :domain.tld will do an mx lookup on domain.tld, and smtp:host.domain.tld will deliver directly to the host specified. My database is called ‘backupmx’

CREATE TABLE `domains` (
  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
  `domain` varchar(128) NOT NULL DEFAULT '',
  `destination` varchar(128) NOT NULL DEFAULT '',
  PRIMARY KEY (`id`),
  UNIQUE KEY `domain` (`domain`)

CREATE TABLE `recipients` (
  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
  `address` varchar(255) NOT NULL DEFAULT '',
  PRIMARY KEY (`id`),
  KEY `address` (`address`)

View full article »

I encountered this today when trying to query a package on a Red Hat server:

rpmdb: Lock table is out of available locker entries
error: db4 error(22) from db-&gt;close: Invalid argument
error: cannot open Name index using db3 – Cannot allocate memory  (12)

This happens when an operation involving the rpm db gets interrupted and the locks not cleared.  The solution is rather simple:

1.   Make a backup of /var/lib/rpm   (because you never know)

2.   rm /var/lib/rpm/__db.00*

3.   rpm --rebuilddb

You should have a working rpm databse now.

ServerSignature and ServerTokens are two variables that determine how the Apache server describes itself, which makes it useful to keep some secrets.   While obscurity is not security, it’s nevertheless a good idea not to save a potential attacker time by giving them the exact versions of everything you run on your server.


ServerTokens describe how much information about itself Apache divulges, both in the HTTP headers, and in the signature on server-generated pages, such as errors and directory indexes.  Here are the possible settings and example values:

Full:  Apache/2.2.3 (Red Hat) mod_ssl/2.2.4 OpenSSL/0.9.7l DAV/2 mod_fastcgi/2.4.2 PHP/5.1.5 mod_jk/1.2.15
OS: Apache/2.2.3 (Red Hat)
Minimal: Apache/2.2.3
Minor: Apache/2.2
Major: Apache/2
ProductOnly:  Apache


This describes how Apache refers to itself in server-generated pages.  Possible values are On, Off or EMail.  On will give a message like:

Apache Server at Port 80

Where “Apache Server” is the result of the ServerTokens value.  Setting ServerSignature to EMail, will give something like (note the mailto link):

Apache Server at Port 80

And finally, setting it to Off, will show nothing.