Debian Time Machine Server

As usual, a little background for perspective. This the second time I have had to do this and to get it working I had to go scouring the Internet a little bit. This involved taking bits and pieces from a few sites then keeping my fingers crossed that it would work in the end.

There are two Macs in my household. I configured this at first so that both would dump their backups into one folder. This worked well but I noticed a few weird stuff from time to time and I remembered also reading were some people suggested keeping them separated because of issues that, I guess, could cause the stuff I was noticing. Because of this an a few other cosmetic factors, I decided to move the service to a different server and assign both computers to separate folders (I used separate LVM volumes so that they will have no effect on each other and I have flexibility to grow)

Installing Packages

The newer releases of OS X requires Netatalk 2.2.x+. However, Debian 6.0 (Squeeze) comes with 2.1, which won’t work with Mac OS X 10.8 “Mountain Lion”. If you are still running Debian 6.0 you can get netatalk 2.2 from Debian 7.0 (Wheezy) by doing the following as root.
First add the following line to /etc/apt/sources.list:

deb http://http.debian.net/debian wheezy main contrib non-free

Then run the following commands:

 aptitude update
 aptitude install netatalk avahi-daemon avahi-utils

You can revert the changes to /etc/apt/sources.list now and run “aptitude update” again. Obviously if you were already on Wheezy you won’t have to worry about this.

Setting up Netatalk
Let’s do some configs…

Change your /etc/netatalk/AppleVolumes.default file to export the Time Machine volume.

Look for the following line:

 #:DEFAULT: options:upriv,usedots 

And change it to something like this.  Also remove the hash sign:

 #:DEFAULT: cnidscheme:dbd options:upriv,usedots 

At the end of the file you’ll find a line that reads:

~/                     "Home Directory"

Add something like this below it:

/mnt/timemachine  "Time Machine"  allow:username cnidscheme:dbd volsizelimit:250000 options:usedots,upriv,tm
 
  • /mnt/timemachine is your backup folder.
  • “Time Machine” is a random label to identify your Time Machine volume.

The rest of the line contains various parameters to allow the Mac to “play nice” with this server as a Time Machine target. It’s important to add the options:tm at the end of the line so that Netatalk enables various special options for Time Machine. You can also add fancy options to restrict access to users logging in with specified accounts. But I have decided to keep it simple, at least for this round 😉

The next config file is /etc/netatalk/afpd.conf. Comment the last line like this:

# - -tcp -noddp -uamlist uams_dhx.so,uams_dhx2.so -nosavepassword

…and add this:

- -tcp -noddp -uamlist uams_dhx.so,uams_dhx2_passwd.so -nosavepassword

I guess you could also just replace it but I like an easy rollback path, just in case.

I am not sure if this command is actually needed for it to work but it didn’t cause it not work 🙂

touch /mnt/timemachine/.com.apple.timemachine.supported

Restart netatalk for the new configuration to take effect:

sudo service netatalk restart

For an additional layer of security I decided to create a dedicated user account that will only have access to the write to the backup folder. Time Machine will ask for this information on initial setup.


 sudo useradd -s /bin/false timemachine
 sudo passwd timemachine
 sudo chown -R timemachine:timemachine /mnt/timemachine
 

This takes care of the server side.

Client Setup
Now configure your OS X installation so it sees unsigned time machine volumes. Open the terminal app and execute the following command:

defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1

PS.
Older articles refer to creating a /etc/avahi/services/afpd.service file. With netatalk 2.2, this file is redundant: you do not need to create it.

SNMP with CygWin

I love CygWin. I helps me to combine the best of 2 worlds, the easy of use and convenience of Windows and the command line functionality of Linux. (This statement is blasphemy in some circles. I know). The challenge though is that sometimes it is difficult to have all the tools you need without first connecting to a Linux box, especially for times when this is not possible.

This is one example. I needed snmpwalk but it was not installed on the Linux boxes at my disposal. This is how I got it working in CygWin.

Installing Cygwin

The first requirement is to have Cygwin installed. Cygwin can be download from the following Web site:

http://www.cygwin.com

You will find a a simple “Setup” program. Simply follow the instructions in the setup program to complete the install. If space is not a concern, I suggest you install the entire suite of tools. But there are certain packages which might be more relevant for this setup. These include:

  • make
  • gcc
  • openssl

Basically you want to look for and install packages necessary to compile/build binaries. If you run the “./configure” command (while installing a package from source) and it complains about missing libraries or packages you can rerun this process and add them. Then run “./configure” again.

Installing Net-SNMP

Net-SNMP is quite a safe install as well. Once you have Cygwin installed, you simply need to download the Net-SNMP source and execute a few commands from a bash shell and you will have finished.

Net-SNMP can be downloaded by following the link below:

http://www.net-snmp.org

You should download to a directory such as c:\cygwin\src\net-snmp-5.x.x. Once downloaded to that directory, open a bash shell and follow the steps below:

tar xvfz /src/net-snmp-5.x.x

cd /src/net-snmp-5.x.x
./configure
make
make install

If you haven’t done so already, you need to specify the following system environment variables:

MIBS=ALL
MIBSDIR=C:/PHP/MIBS

Test your work:
     snmpwalk -v 2c -c public [ipAddr] system

RaspBerry Pi – 1st Encounter

Back Story
I have wanted one of these boards to replace my Apple TV2 running XBMC for a long while now but as everybody knows the first version sold out almost immediately and the average price for one on the after-market is sometimes 3-4 times what the Element14 sells it for. They announced the second version and I decided to try get my hand on one before it hit the after-market. Long story short, after about a month of waiting on order fulfillment, I have it.
What to do?
At my office a couple of the guys have these configured as HTPCs (XBMC of course). I couple have positive feedback while others are so-so. The number one complaint I have heard it the speed. and digging further, I find a couple of them attribute it to slow SD cards. So I was worried that I might have to purchase another SD even though I already have one laying around. Of course I decided to try what I have on hand first, and I am happy with the results so far.
Here is what I have:
Hardware
Software
 Configuration
  • Installed with python script (install.py) from the site with a downloaded image
  • Install NTP
  • sudo dpkg-reconfigure tzdata for America/Montreal
  • Inside XBMC (Settings > Appearance > International) set location to Canada/Montreal
  • I use NFS shares, so I add those with the appropriate scrapers and allow it to scan the library
Conclusion
This is not my final setup but I think this gets me back to where I was before and I am okay with that. The main thing I wanted to test here is the performance of the SD card with RaspBMC and that seem to be working out. I don’t know if Class 4 would be too slow or if the doubling of the RAM from the previous model is making all the difference here (512MB vs 256MB). I don’t have a class 4 to test the difference, so all I know is this setup works…..for now 😀

HTC Evo 3D – Charging Issues

It’s not like my expertise, or lack thereof, will influence the decisions others make but since I made it public that, based on my experience, the Evo 3D might be flawed it is only fitting that I comeback here and withdraw the statement.

The original statement was made in a Google+ post where I basically made it known that people should think twice about buy HTC phones. This was basically the anger talking after I found my phone refusing to charge after I had allowed the battery to run completely dry. I called Rogers and got a replacement but I was reluctant to make the exchange because, even though it was just ~$30, it would mean I would have to spend it again to redo the carrier unlock the phone & get a proper screen protector.

So, I did some work on the phone over this last weekend and it turned out that ClockWorkMod 5.0.2.0, which I had installed since forever (at least 4-5mths), has a bug which causes it not to charge when your battery is totally dead. So the short version of the story is that I downgraded to 4.0.1.4 and it is all good now. But this also showed that there might be other issues with version 5 of CWM too. I say this because, when I was running it, I couldn’t install the OTA updates for my phone and I thought it was the fact that it was rooted which caused me not to be able to install these patches. But once I downgraded the CWM it worked like a charm.

I learnt a lot from this experience though:

  • How to relock the bootloader and reflash the factory ROM (Downloading the ROM was the hardest part)
  • How to setup ADB on Ubuntu 11.110 (I have always used it from Windows)
  • Most importantly, when a forum is 60+ pages long try to read and understand all of it before trying the things recommended. I might be working perfectly on page 5 but someone on page 40 is saying you better watch out for “this” really big nasty bug which will bite you in the ass 5 months down the road.

Moving Ringtones To Internal Memory – HTC EVO 3D

I just started my dance with the “Android” a couple weeks ago on the HTC Evo 3D and it has been a learning experience from typing on the on-screen keyboard to rooting. As is the purpose of this blog I try to post my learning experiences for later reference.

Ever since I got the phone I noticed that whenever I mounted the mircoSD to a computer, the ringtones would go back to the default/stock tones. Basically what was happening is, when the memory is mounted to the computer it is not accessible to the phone therefore no tones and it reverts to the settings it came with. This can be a bit annoying so I set out to do something about it. In this quest I discovered that the internal memory (/system to be exact) is mounted as read only therefore writing to that partition (read: placing files there) is not possible. So I couldn’t simply copy files onto it even though the phone was rooted.

I want this post to be as clear as possible so the the next person needing to do this wont have to go hunting around the web for bits and pieces like I had to. In order to do that though, and remain on topic, I will have to do a second post about how to get the adb stuff working. It took me a couple weeks, on and off, to get it but the crazy part is that I had it working from day 1 and didn’t even know. So I will put that together in another post as I said before.

Overview
I have pre-edited mp3s that I use as ringtones stored in my music folder on the mircoSD and what we will need to do is copy those to the Continue reading

Backup PostgreSQL Schemas

I have been handed the responsibility to manage the backups of a PostgreSQL database. Easy enough you would say, but there is a catch.

  1. The owner wants backups to be kept of each individual schema within the database
  2. I have never managed a PostgreSQL DB before

So not being one to back down from such a challenge, I searched high and low all over the Internet, but either the Internet community isn’t interested in doing this or I am not looking in the right places. So here, with the help of fragments of scripts from around the web, I have worked out a solution which accomplishes task at hand. It is all bottled in the script below which I think is self-explanatory with the aid of a generous helping comments scattered throughout the file.

#Description:
#This script will create a compressed backup of the Genesis Postgres Db and store it on a predefined folder.
#Backups that are older than 30days will also be removed automatically

####### Make and change to directory where backups will be saved #######
BASE_DIR="/path/to/backup/folder"
YMD=$(date "+%Y-%m-%d")
DIR="$BASE_DIR/$YMD"
mkdir -p $DIR
cd $DIR

####### Full Postgres Backup #######
sudo -u postgres pg_dumpall | gzip -c > All_Db.sql.gz

####### Individual Schema Backups #######
# 1. Select individual schemas within the database and pipe the results into sed which does Step 2
# 2. Clean up the output from the SQL above
#     - Get rid of the empty spaces at the beginning of each line
#     - Remove the head and tail info from the file(Title, labels, etc)
for schema in $(sudo -u dbOwnerUN psql -d DBName -c "SELECT schemata.schema_name FROM information_schema.schemata;"|sed 's/^[ \t]*//;s/[ \t]*$//;1,2d;N;$!P;$!D;$d');
do
sudo -u dbOwnerUN pg_dump -Ft -n "$schema" DBName | gzip -c > "$schema".sql.gz
done

####### Delete backup files older than 30 days #######
OLD=$(find $BASE_DIR -type d -mtime +30)
if [ -n "$OLD" ] ; then
echo deleting old backup files: $OLD
echo $OLD | xargs rm -rfv
fi

As I said, this is my first attempt at anything like this so it may not be the best or easiest way of accomplishing this. (I am just sharing what I know and recording for my reference). So please post comments if you have a better solution.

….Questions are also welcomed

Putty – Save Passwords

Ever since I started working on multiple servers on a regular basis I have been looking for a solution in which PuTTY is able to store passwords for the target machine. Now I think I have what can be deemed the closest thing to that (without applying keystrings or 3rd party programs), login sessions which are seeded with the relevant passwords though batch scripts.
First create and save putty session with username@IPAddr  and whatever other details are required from with PuTTY.
Next, open Notepad++ (or your preferred text editor) and create a windows batch (*.bat) file with following lines:
     cd c:\Program Files\Putty\
     putty -load "saved session name" -pw "password"
and save it like “session name.bat”
*** On some systems,especially 64 bit OS’s, Putty may be installed in “Program Files (x86)” instead of “Program Files” so make the necessary adjustment to the lines above.

Now just by double clicking on this batch file, you will be automatically logged on to the server without prompt for password. Downside is unencrypted password on your computer. You could explore using a bat-to-exe compiler which would help to mitigate some of the risk, at least from a casual prowler. ^_^

vsFTPd – Install and Configure

In this post I will go over how to install and configure one of my favorite FTP servers, vsFTPd. It’s a linux application which is known within the IT circles as being feature-rich, fast and secure, so I have adopted it as my tool of choice when the ‘job’ requires a FTP service.

Installing vsFTPd

I am using Ubuntu linux therefore my installation command is as follows:

 sudo apt-get install vsftpd

 

Configuration

To configure vsftpd to authenticate system users and allow them to upload files edit
/etc/vsftpd.conf:

local_enable=YES

write_enable=YES

Now when system users login to FTP they will start in their home directories where they can download, upload, create directories, etc. Similarly, by default, the anonymous users are not allowed to upload files to FTP server. To change this setting, you should uncomment the following line, and restart vsftpd:

anon_upload_enable=NO

The configuration file consists of many configuration parameters. The information about each parameter is available in the configuration file. Alternatively, you can refer to the man page, man 5 vsftpd.conf for details of each parameter. There are
options in /etc/vsftpd.conf to help make vsftpd more secure. For example users can be limited to their home directories by uncommenting:

chroot_local_user=YES

Restart the service

sudo service vsftpd restart

Related reading:
Creating Dummy FTP Users

Create Dummy FTP Users

So it happens time and time again, I research and learn how to do stuff and after couple months (read: days) when I want to do it again I can’t remember how. This is one of those things.

I don’t like the idea of FTP users having an actual login account on my servers. (It isn’t best practice either). It’s just a door way to break into your server waiting to be explored. To get around that on Linux, users with no privileges to login to the shell are created with their home folder being wherever I want FTP to access.

So let’s get going:
First, we define the “dummy” shell environment by editing ‘/etc/shells‘ with this command. (You can replace nano for your preferred text editor)

    sudo nano /etc/shells

Add the following line to the end of the file

    /bin/false

Create the user

    sudo useradd dummyuser –p crypticpwd –d /ftp/folder/path –s /bin/false

That’s it.

How to TOTALLY Quit Farmville

So this morning I have some projects to wrap up, but what do I find myself doing as soon as I log in to the computer? Checking on my crops on FV. This was the last straw. I find myself wasting at least 2hrs a day tending to this pointless “farm”. The problem is, I have already admitted that it is pointless and quit (by not plan anything) a while ago but repeatedly find myself getting sucked back into the madness.So this time I decided to remove the temptation all together.

As usual I did a quick google search and found a few suggestions. The first link I checked was  the 10 Steps to Quit Farmville. But these were primarily the things I tried in the previous attempts and as I said this only worked temporarily. Next I checked out a link to a FB discussion board topic on the matter.

Sifting through this is where I found the right prescription.

  • In the top right-hand corner of your Facebook page select the Account drop down and click on Application Settings.
  • This will bring up a page where all the third party applications which are allowed to access FB are listed. There you should find an entry for Farmville.
  • Click on the ‘X’ in the line of the application which you would like to quit (in this case Farmville).

If you are still receiving gifts from others then go and look at it but instead of accepting the gift or ignoring it, there is a link that says “Block this application” ( or something to that effect). Click it then press OK. After that Farmville or the notifications will not show up anywhere anymore.

I HAVE READ THAT THIS CANNOT BE UNDONE. SO BE SURE BEFORE YOU PROCEED.

Share/Bookmark