DD-WRT, DNSmasq, fight!

May 7, 2012 1 comment

I half completed this mini project, including getting a GPS driven ntp time source working, but haven’t felt it necessary to finish the write-up…

Aim

  1. DHCP addresses for all connected hosts (some statically allocated)
  2. DNS caching on the router
  3. DHCP hostnames available through DNS (DNSmasq [Local DNS])
  4. (optional) Blackhole certain DNS queries for ad blocking (add-hosts/pixelserv?)
  5. (optional) DHCP options (4|42) – Time Server (Clients to sync time to router) (DNSmasq “dhcp-option = 42,192.168.0.4”)
  6. (optional) DHCP options (7) – Log Server (Central syslog server)
  7. (optional) DHCP options (123) – GeoConf

Method

Debian Squeeze – Openswan

September 19, 2011 Leave a comment

During installation, the /var/lib/dpkg/info/openswan.postinst post installation script fails to check whether a CA cert exists before trying to copy it.

This throws the mysterious error : "cp: cannot stat `': No such file or directory"

Wrap the offending line (around line 176) with a quick check :

if [ "$cafile" ]; then
cp "$cafile" /etc/ipsec.d/cacerts
fi

OSX dialog boxes

July 17, 2011 Leave a comment

Ever since OSX ran on X86 hardware, it has been my primary OS – exclusively on MacBook Pro’s – and whilst learning it’s idiosyncrasies didn’t take long, as a heavy user of keyboard shortcuts I’d always been frustrated by dialog box choices.

 

The Tab key wouldn’t switch between the buttons, holding Alt or Cmd doesn’t hint at any shortcut letters available, but what does work is pressing the first letter of each buttons text whilst holding Cmd.

So in the example dialog box above, Cmd-C would cancel the choice, Cmd-K would keep the file and lastly Cmd-M would move the file to the trash. Simple, but not as obvious as you might think!

Tags: ,

Debian squeeze, distcc-pump and kernel builds

June 18, 2011 Leave a comment

Compiling a new kernel on an Intel N270 Atom-based Linux system can be awfully slow, so setting up distcc or ccache begins to really make sense.

However, there’s something about ccache and the Linux build process that don’t play nicely, using it’s masquerade setup I didn’t get a single hit from its cache.

Distcc on the other hand, especially when distributed pre-processing too with the distcc-pump invocation has a dramatic effect on the time taken to produce a new kernel (it’s very easy to fire up a stripped down Debian virtual machine to use as an extra distcc node), and here’s how I setup this Debian Squeeze 6.0.1 installation :

 

Firstly, install the kernel source of your choice and distcc using apt :

# apt-get install distcc-pump linux-source-2.6.32

 
Secondly, fix the distcc-pump script as it looks for python modules in the version 2.5 path, whereas Debian Squeeze comes with 2.6 out of the box :

# vi +43 /usr/bin/distcc-pump
include_server='/usr/lib/pymodules/python2.6/include_server/include_server.py'

 
Thirdly, setup some hosts to distribute the compiling to, here I choose to limit my faster ‘compute’ node to eight simultaneous jobs, and just one job at a time for the slower Atom system (the cpp,lzo options tell distcc to push pre-processing jobs to this host also and compress the source files across the wire) :

# cat /etc/distcc/hosts
compute/8,cpp,lzo localhost/1

 
Finally, as we can’t pass a ‘-j8’ option to the make command to request eight threads of compiling at once, we set the environment variable CONCURRENCY_LEVEL accordingly, the distcc-pump startup creates a socket which distcc can then talk to, though it borks the PATH, so we change that back to put /usr/lib/distcc at the beginning for its masquerading as a compiler to work correctly, and thats all you need to do before compiling and installing your kernel the Debian way.

# export DISTCC_VERBOSE=0
# export CONCURRENCY_LEVEL=8
# eval `distcc-pump --startup`
# echo $PATH
/usr/bin:/usr/lib/distcc:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
# export PATH=/usr/lib/distcc:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
# cd /usr/src/linux-source-2.6.32
# make menuconfig
# fakeroot make-kpkg --initrd --append-to-version=testbuild --revision=0.1 kernel_image
# distcc-pump --shutdown
# dpkg -i ../linux-image-2.6.32.testbuild_0.1_i386.deb

Tags:

root password exposure on Ops Center provisioned hosts?

March 4, 2011 Leave a comment

# ls -l /var/opt/sun/jet/config/jumpstart.conf
-rwxr-xr-x 1 root other 1551 Apr 13 2010 /var/opt/sun/jet/config/jumpstart.conf

Contains the DES encrypted root password on line prefixed “JS_Default_Root_PW=” set during installation and is world-readable.

Tags:

PingChat! EULA

January 28, 2011 Leave a comment

Solaris 11 Express & VirtualBox & OSX

January 24, 2011 Leave a comment

Using curl, I downloaded sol-11-exp-201011-text-x86.iso, setup a basic VM in VirtualBox with four NICs and began to poke around.

My first impressions :

  • My ‘Network Adapters’ in VirtualBox are enumerated backwards in the VM. eg. Adapter1 is e1000g3, Adapter4 is e1000g0
  • DHCP is nice and easy (though a reboot after these steps was needed?) : ifconfig e1000g3 plumb;ifconfig e1000g3 dhcp start;touch /etc/dhcp.e1000g3;echo inet fry > /etc/hostname.e1000g3;cp /etc/nsswitch.dns /etc/nsswitch.conf;svcadm enable -r dns/client
  • NWAM is either going to take some getting used to, or is going to get disabled very quickly.