Linux

How to interpret smartctl messages like ‘Error: UNC at LBA’?

When running smartctl on your hard drive, you often get a plethora of information that can be hard to interpret for unexperienced users. This post attempts to provide aid in interpreting what the technical reasons behind the error messages are. If you’re looking for advice on whether to replace your hard drive, the only guidance I can give you is it might fail any time, so better backup your data, but it might also run for many years to come.. Furthermore, this article does not describe basic SMART WHEN_FAILED checking but rather interpretation of more subtle signs of possibly impending HDD failures.

Continue reading →

Posted by Uli Köhler in Linux

Automated domain name extraction from Let’s Encrypt certificate transparency logs

A few days ago, Let’s Encrypt into public beta. At the time of writing this article, almost 120k certificateshave been issued, including the certificate for TechOverflow.

I really like the Let’s Encrypt service and I believe it might actually change the way people perceive HTTPS encryption. However, there is one rarely-mentioned side-effect when protecting your domains with their certificates.

Let’s Encrypt publishes certificate transparency logs at crt.sh. This transparency does not come without side-effects, however: crt.sh effectively publishes.

In other words, hiding sites from the public by not publishing their (sub-)domain names anywhere will not work when you issue a certificate for the domain on services like Let’s Encrypt.

Continue reading →

Posted by Uli Köhler in Linux

nginx Let’s Encrypt authentication for reverse-proxy sites

Problem:

You have an nginx host that is configured as reverse-proxy-only like this:

server {
    server_name  my.domain;
    [...]
    location / {
        proxy_pass http://localhost:1234;
    }
}

For this host, you want to use Let’s Encrypt to automatically issue a certificate using the webroot method like this:

certbot certonly -a webroot --webroot-path ??? -d my.domain

The reverse-proxied webserver does not provide a webroot to use for the automated autentication process and you want to keep the flexibility of updating the cert at any time without manually modifying the nginx configuration.

Continue reading →

Posted by Uli Köhler in Linux, nginx

Fixing bad blocks on HDDs using fixhdd.py

Problem:

You hard drive or SMART tool reports errors when reading specific blocks similar to this message:

[3142.686141] end_request: I/O error, dev sda, sector 31415926

No matter how often you read the block, the hard drive still returns an error and does not reallocate the block.

Continue reading →

Posted by Uli Köhler in Linux, Python

How I solved my Toshiba Linux backlight issues

Symptomatics:

I have both the Toshiba Z830 and R850 for a couple of years now. On both, I’m using the current LTS versions of KUbuntu (at the time of writing this, 14.04). Although, I’m absolutely satisfied with them, there’s a little issue regarding the backlight:

On startup, the backlight works perfectly well. I can change the settings using FN+F6/F7 without any issues. However, after putting the device into standby and waking it up again, pressing said hotkeys shows the backlight percentage dialog, but does not change the brightness.

Because Ubuntu’s SSD reboots are pretty fast Iimply didn’t care about the issue for the past few years. However, out of curiosity, I successfully fixed the issue today.

Continue reading →

Posted by Uli Köhler in Linux

Checking if Hugepages are enabled in Linux

Problem:

On your Linux system, you want to check whether transparent hugepages are enabled on your system.

Solution:

It’s pretty simple:

cat /sys/kernel/mm/transparent_hugepage/enabled

You will get an output like this:

always [madvise] never

You’ll see a list of all possible options ( always, madvise, never ), with the currently active option being enclosed in brackets.madvise is the default.

Continue reading →

Posted by Uli Köhler in Linux, Performance

User Mode Linux for Beginners – Setup and first VM

Why another UML tutorial?

This is not the first tutorial on UML — there are hundreds of them publicly available on the internet. However, none of them seems to fulfill my requirements:

  • All my computers and servers (= UML hosts) run on x86_64, not on i386.
  • Use an up-to date (self-compiled) UML version, so you can use the latest features
  • One simple set of scripts. Execute them in the correct order to get it up and running – no config file editing etc.
  • Root should not be required (disregarding debootstrap) —> No /mnt mounts or similar
  • No nasty filesystem image that eats up space on the host and limits resources on the UML VM. HostFS eliminates all those disadvantages – if you want to limit VM space, use quotas.
  • No global state (e.g. mounting sth into /mnt), you should get another VM up and running concurrently by executing the setup scripts in another directory.
  • Step-by-step instructions, as automated and portable as possible, but still made to be read by humans.
  • No expansive techtalk. There are reference documentations out there for techtalk. A tutorial should tell you how to get it working, not why it works.

Continue reading →

Posted by Uli Köhler in Container, Linux

How to fix “Cannot find crt1.o” on Ubuntu

Problem:

You’re trying to compile something (e.g. using GCC) on Ubuntu, but you get an error message similar to this one:

/usr/bin/ld: error: cannot open crt1.o: No such file or directory
/usr/bin/ld: error: cannot open crti.o: No such file or directory
/usr/bin/ld: error: cannot open crtn.o: No such file or directory

Continue reading →

Posted by Uli Köhler in Build systems, Linux

How to compile & install libc++ on Linux

Problem:

You want to compile and install libc++ (sometimes also named libcxx), but CMake complains with this error message

CMake Error at cmake/Modules/MacroEnsureOutOfSourceBuild.cmake:7 (message):
libcxx requires an out of source build. Please create a separate</em>

build directory and run 'cmake /path/to/libcxx [options]' there.
Call Stack (most recent call first):
 CMakeLists.txt:24 (MACRO_ENSURE_OUT_OF_SOURCE_BUILD)
CMake Error at cmake/Modules/MacroEnsureOutOfSourceBuild.cmake:8 (message):
 In-source builds are not allowed.

CMake would overwrite the makefiles distributed with Compiler-RT.
 Please create a directory and run cmake from there, passing the path
 to this source directory as the last argument.
 This process created the file `CMakeCache.txt' and the directory `CMakeFiles'.
 Please delete them.
Call Stack (most recent call first):
 CMakeLists.txt:24 (MACRO_ENSURE_OUT_OF_SOURCE_BUILD)

Continue reading →

Posted by Uli Köhler in Build systems, C/C++, Linux

VNC: Scale VNC window

Problem:

You want to view a VNC on a screen with a different resolution than the screen you’re viewing (e.g. you want to view your Full HD desktop display on your Notebook).

Usually VNC viewers show scroll bars, but in some cases you need to view the entire screen at once.

Continue reading →

Posted by Uli Köhler in Linux