Category: Linux

Problem:

You’ve uploaded a DEB package to a Launchpad PPA (e.g. using dput), but you get an error message similar to this:

Solution:

You need to use a proper email address (which must be registered in Launchpad) in debian/changelog .

In order to do this, set the $DEBEMAIL environment variable before running dch

Example:

export DEBEMAIL=myemail@example.com
dch [...]

If $DEBEMAIL is not set, [username]@[hostname] will be used

Problem:

You are trying to run a docker container or do the docker tutorial, but you only get an error message like this:

docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.26/containers/create: dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.

 Solution:

The error message tells you that your current user can’t access the docker engine, because you’re lacking permissions to access the unix socket to communicate with the engine.

As a temporary solution, you can use sudo to run the failed command as root.
However it is recommended to fix the issue by adding the current user to the docker group:

Run this command in your favourite shell and then completely log out of your account and log back in (if in doubt, reboot!):

sudo usermod -a -G docker $USER

After doing that, you should be able to run the command without any issues. Run docker run hello-world as a normal user in order to check if it works. Reboot if the issue still persists.

Logging out and logging back in is required because the group change will not have an effect unless your session is closed.

When running smartctl on your hard drive, you often get a plethora of information that can be hard to interpret for unexperienced users. This post attempts to provide aid in interpreting what the technical reasons behind the error messages are. If you’re looking for advice on whether to replace your hard drive, the only guidance I can give you is it might fail any time, so better backup your data, but it might also run for many years to come.. Furthermore, this article does not describe basic SMART WHEN_FAILED checking but rather interpretation of more subtle signs of possibly impending HDD failures.

Read more

A few days ago, Let’s Encrypt into public beta. At the time of writing this article, almost 120k certificateshave been issued, including the certificate for TechOverflow.

I really like the Let’s Encrypt service and I believe it might actually change the way people perceive HTTPS encryption. However, there is one rarely-mentioned side-effect when protecting your domains with their certificates.

Let’s Encrypt publishes certificate transparency logs at crt.sh. This transparency does not come without side-effects, however: crt.sh effectively publishes.

In other words, hiding sites from the public by not publishing their (sub-)domain names anywhere will not work when you issue a certificate for the domain on services like Let’s Encrypt.

Read more

Problem:

You have an nginx host that is configured as reverse-proxy-only like this:

server {
    server_name  my.domain;
    [...]
    location / {
        proxy_pass http://localhost:1234;
    }
}

For this host, you want to use Let’s Encrypt to automatically issue a certificate using the webroot method like this:

certbot certonly -a webroot --webroot-path ??? -d my.domain

The reverse-proxied webserver does not provide a webroot to use for the automated autentication process and you want to keep the flexibility of updating the cert at any time without manually modifying the nginx configuration.

Read more

After upgrading my server from Debian Wheezy to Jessie, I encountered the following error during apt-get update:

/usr/lib/apt/methods/https: symbol lookup error: /usr/lib/x86_64-linux-gnu/libhogweed.so.2: undefined symbol: __gmpn_cnd_add_n

Read more

Problem:

You want to query the current resolution of a screen connected as framebuffer device (e.g. /dev/fb0). Read more

Symptomatics:

I have both the Toshiba Z830 and R850 for a couple of years now. On both, I’m using the current LTS versions of KUbuntu (at the time of writing this, 14.04). Although, I’m absolutely satisfied with them, there’s a little issue regarding the backlight:

On startup, the backlight works perfectly well. I can change the settings using FN+F6/F7 without any issues. However, after putting the device into standby and waking it up again, pressing said hotkeys shows the backlight percentage dialog, but does not change the brightness.

Because Ubuntu’s SSD reboots are pretty fast Iimply didn’t care about the issue for the past few years. However, out of curiosity, I successfully fixed the issue today.

Read more

Problem:

You use saltstack to automatically deploy configuration to your servers. After installing nginx with the default config, you need to increase the server_names_hash_bucket_size because it won’t startup otherwise.

Read more

Problem:

You want to create a binary DEB package of the msgpack C++ binding. However, there is no official DEB package available.

Read more

Why another UML tutorial?

This is not the first tutorial on UML — there are hundreds of them publicly available on the internet. However, none of them seems to fulfill my requirements:

• All my computers and servers (= UML hosts) run on x86_64, not on i386.
• Use an up-to date (self-compiled) UML version, so you can use the latest features
• One simple set of scripts. Execute them in the correct order to get it up and running – no config file editing etc.
• Root should not be required (disregarding debootstrap) —> No /mnt mounts or similar
• No nasty filesystem image that eats up space on the host and limits resources on the UML VM. HostFS eliminates all those disadvantages – if you want to limit VM space, use quotas.
• No global state (e.g. mounting sth into /mnt), you should get another VM up and running concurrently by executing the setup scripts in another directory.
• Step-by-step instructions, as automated and portable as possible, but still made to be read by humans.
• No expansive techtalk. There are reference documentations out there for techtalk. A tutorial should tell you how to get it working, not why it works.

Read more

Problem:

You want to add a ssh key using ssh-add. It fails with this message:

Could not open a connection to your authentication agent.