Friday, January 16, 2015

mbuffer on FreeNAS + sending a recursive ZFS dataset

So I wanted to follow this procedure for doing a copy of a ZFS filesystem from one FreeNAS box to another. However, mbuffer isn't available for FreeNAS, and the devs aren't planning on adding it either. Fortunately, there is a working FreeBSD port of it available for install.

* Make sure you have SSH enabled on both systems. For this example, I'm assuming you're using the root user, or familiar with sudo users.
* On system #1, logged in via SSH, use wget to download an AMD64 version 9.3 or later copy of the mbuffer package.  At this time, that'd be the mhash- file.
* Also use wget to download the security/mhash package. At this time, that'd be the mbuffer-2014.03.10.txz file.
* Run pkg add -f (name of txz file) for each of the two downloads.
* Repeat the previous steps to download and install the txz files on system #2.

As for the procedure itself, it seems to get hung-up on redirecting the mbuffer output. Fortunately, there's a switch for silent operation. Here is the updated command to send a datapool and its recursive subvolumes to system #2, using SSH from system #1. You'll need to take a zfs snapshot beforehand.

zfs snapshot -r drivepool/dataset@snapshotname

zfs send -R drivepool/dataset@snapshotname | mbuffer -q -s 128k -m 1G | ssh root@system2 'mbuffer -q -s 128k -m 1G | zfs receive -F drivepool/dataset'

Monday, March 24, 2014

A brief test of using case-sensitive filenames on Windows 8 and Server 2012R2

If you load the Services for NFS module on Windows, and set the following reg key, you can enable partial support for non case insensitive (think Linux/Unix) filenames. This was done with Windows 8.1 and Server 2012 R2: I figure it should work like this on 7 or 2012; the functionality has been around for at least 10 years as far as I can tell.

HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel
obcaseinsensitive = 0

Quick observations...

  • On the workstation, one cannot create sensitive filenames directly: locally, or on an SMB share.
  • On the server, sensitive filenames co-exist just fine. They can also be copied by SMB, or downloaded with Filezilla FTP, and still remain sensitive.
  • Case-sensitive files can be copied back to an SMB share on the server, and retain their sensitivity.

Monday, December 2, 2013

Getting pictures placed with users on Active Directory + Exchange

If you're looking to get user photos working on your Exchange contact lists, there is a little bit of process involved. You'll need a copy of jpegtran and Image Resizer installed on either the server or a workstation to generate the correct picture imports.

  • Resize any copies of photos you need to 96x96 px using Image Resizer.
  • The photos need to be under 10KB. Use jpegtran.exe -optimize OLD.jpg NEW.jpg on each picture to accomplish that.
  • Fire up the Exchange Powershell console on your mail server.
  • Get-ADGroupMember Employees | select name > userlist.txt
  • Using the names from the userlist.txt file, do an Import-RecipientDataProperty -Identity "PERSON" -Picture -FileData ([Byte[]]$(Get-Content -Path "FILENAME" -Encoding Byte -ReadCount 0)) on each user that has a picture waiting for him or her.

  • Footnote: I usually attribute what I can, but since I took the Powershell command notes, I have lost track of their original source.

    Tuesday, November 19, 2013

    Quick fix for getting WebEx players to work in Windows 8.1 on Firefox and Chrome

    • Right-click on Firefox / Chrome in your taskbar
    • Right-click on Firefox / Chrome in the list, and select “Properties”
    • “Compatibility” -> “Change settings for all users”
    • “Run this program” as “Windows 8” in the drop-down list.
    • OK until you get out of the menus. Restart Firefox/Chrome as needed.

    The WebEx plugins apparently test for what OS they're running on. The version string difference by the 8.1 upgrade causes it to declare as unsupported, even though 8.1 didn't really modify anything WebEx would use. I assume a future update will fix this.

    Added: using compatibility mode might be breaking Adobe Flash. Use compatibility mode only as needed.

    Friday, November 1, 2013

    Migrating Bitvise SSH keys to Linux

    If you're using Bitvise as a Windows SSH/SFTP client, and need to migrate/copy a public/private key over to Linux, there are a few steps involved.

    1. Using keypair manager in Bitvise, export the public key to Standard SSH2 format. Save as .
    2. Back in keypair manager, export the private key in OpenSSH format; it will ask if you want to keep the current passphrase or not. Save as id_rsa.pem .
    3. Using Bitvise or other software, copy the new files over to the remote system.
    4. Login to the remote system and become root.
    5. Make sure the files are in the /root/.ssh directory. If you have to create the directory, make sure you run chmod 700 /root/.ssh .
    6. In the ssh directory, run openssl rsa -in id_rsa.pem > id_rsa , and enter the passphrase as needed.
    7. You can delete the id_rsa.pem file.
    8. chmod 600 /root/.ssh/*
    9. Remember to delete unsafe copies of the private key.

    Friday, September 13, 2013

    Sharepoint drive space issues

    Over the past two months, I have been taming a Sharepoint 2010 instance to use less disk space (among other issues).

    Wednesday, September 4, 2013

    Notes on dealing with init.d and Upstart

    An issue I've ran into of late, concerns the deployment of a standardized application across different Linux servers. There is no completely consistent method of causing a program to run across multiple distributions as a service.


    There are two major versions of Upstart in use right now. One is version 0.6.5: its used in CentOS / RHEL 6.x , and Ubuntu 10.04 LTS. The other is version 1.4 or newer: its used from Ubuntu 12.04 LTS and onward.

    The following is censored version of an upstart script I assembled from online resources: Upstart Cookbook & UpstartHowto. The idea is to invoke a second script to do all the application work: the function of the startup script should be just that. But for security reasons, I need that script to run as a specific user. If its an older Ubuntu, or a RHEL/CentOS system, I could uncomment the "exec sudo" line (and I still haven't tested that on RHEL/CentOS atm). If its a newer Ubuntu, I can uncomment the "setuid" and "exec" line without sudo.

    description "Program"
    start on runlevel [2345]
    stop on runlevel [!2345]
    env PROGDIR=/opt/program
    #setuid proguser
    #exec /opt/program/
    #exec sudo -u proguser /opt/program/
    end script


    /etc/rc.d/init.d/functions competes with /lib/lsb/init-functions , depending on the distro. Scripts that use the former, can run on RHEL / CentOS 5.x and 6.x systems: these usually use "daemon" and "killproc".  Scripts that use the latter, appear to run on other distributions, and updated Debian/Ubuntu systems. But this difference is why when you install a program on your Linux system, its given startup script may not work: the distributions offer different functions.