Lennart's weblog

Open source, computers, Africa and other more (or less) interesting stuff.

Category: Linux (page 3 of 7)

Fixing problems after giving your Samba server a new IP address

While moving my DHCP server to a Raspberry Pi I also changed some of the IPs handed out to my (virtual) servers. This lead to problems when I logged into Windows (which is tied to my Samba domain), Windows complained that my roaming profile wasn’t completely synced and browsing network shares didn’t work, copying from (mounted) network shares didn’t work, etc.

In the Samba log files I noticed some references to the old IP address (192.168.10.23), e.g.:

[2014/03/13 16:22:23,  0] nmbd/nmbd_become_dmb.c:237(become_domain_master_query_success)
  become_domain_master_query_success:
  There is already a domain master browser at IP 192.168.10.23 for workgroup SENW registered on subnet UNICAST_SUBNET.

and

  [2014/03/13 16:20:07,  0] nmbd/nmbd_browsesync.c:248(domain_master_node_status_fail)
  domain_master_node_status_fail:
  Doing a node status request to the domain master browser
  for workgroup SENW at IP 192.168.10.23 failed.
  Cannot sync browser lists.

Even after restarting smbd and nmbd, and checking my smb.conf thoroughly, these kept showing up.

It turns out (thanks a lot Matt Godbolt) that nmbd keeps caches in two files (paths as they are on my Ubuntu 12.04 server):

  • /var/cache/samba/browse.dat
  • /var/lib/samba/wins.dat

Simply stop nmbd, delete them, restart nmbd and you’re happy.

Slackware on the Raspberry Pi

I took some time this week to migrate my DNs and DCHP server from an Ubuntu virtual machine to my Raspberry Pi. I wanted to do this because these two servers are so essential to regular network functioning. Before this change whenever my server was down (for whatever reason) any machine connected to the LAN would stop having a working internet connection. Moreover, since I never got the VM to boot correctly on autostart I had to manually start it every time the server came back up again.
Conclusion: not ideal and pissed of family members ;-).

Since I had my Raspberry Pi lying around and, apart from a few toy projects, hadn’t used it for anything, I decided to use it for this task: low power requirements and hardware that was more than up to the task.

The question was which distribution to use. I could have gone for Raspbian (Debian for the Raspberry Pi), which would have blended well with my otherwise Ubuntu-minded network. However, partly for nostalgic reasons, partly make sure I don’t get too tied to one distribution, I decided to try and install Slackware, the distribution I used for my first steps in Linux Land.

I followed most of the steps from the fatdog.eu tutorial (see link below) to get everything running. It’s a very well written, extensive tutorial. Things where I followed my own judgement/experience were the fact that I didn’t use a USB stick to download the Slackware packages on (I used an NFS share on my server) and the package selection. With a relatively simple selection I now have about 2GB of disk usage.

Only one thing left to migrate to the Pi now: my LDAP server. Unfortunately it’s been several years since I configured OpenLDAP (on Ubuntu) and Slackware doesn’t include the OpenLDAP server by default. So this will be something for a rainy day…

Links:

Fixing the compose key in Emacs on Ubuntu 13.10

After upgrading to Ubuntu 13.10 some time ago I noticed that my compose key (i.e. the key that you press followed by e.g. c and , to create a รง) didn’t work anymore in Emacs. I found two bug reports on this issue [1, 2], both effectively suggesting the same solution: start Emacs like this

XMODIFIERS=@im=none emacs

So I added the following line to my ~/.zshrc and ~/.bashrc files:

alias emacs='XMODIFIERS=@im=none emacs'

(of course somewhere before I set my EDITOR variable). I also changed the command in the launcher I use (GLX-Dock/Cairo-Dock).
This doesn’t make it a system-wide (or even user-wide) fix, e.g. the Firefox add-on “It’s all text” doesn’t get it, but it covers most of my use cases.

Puppet commands change when upgrading to v3.0.0

After upgrading Puppet from versions < v3 to version 3.0.0 or higher, the main commands have changed, keep this in mind when reading my earlier post. From the ChangeLog:

Pre-2.6 Post-2.6
puppetmasterd puppet master
puppetd puppet agent
puppet puppet apply
puppetca puppet cert
ralsh puppet resource
puppetrun puppet kick
puppetqd puppet queue
filebucket puppet filebucket
puppetdoc puppet doc
pi puppet describe

Some examples

To run puppet on a client puppetd --test is changed to:

puppet agent --test

To show a list of clients waiting for signing of their certificates run the following on the master:

puppet cert list

instead of puppet ca -l. To list all certificates, run (on the master):

puppet cert list --all

To completely remove a client’s certificate on the master run:

puppet cert clean client.localdomain

and to sign a client certificate on the master run:

puppet cert sign client.localdomain

Permantly ban an IP address with fail2ban

Over the last few days I noticed in my logwatch e-mails that one IP address kept trying to log in to my server, even though it was blocked regularly by fail2ban.

Here’s a post that explains how to simply add a list of IP addresses to block permanently. There’s only one catch: the listing provided there contains an error, the word <name> is missing in the iptables command, probably due to HTML conversion. This is the correct line to be insterted into the actionstart section of /etc/fail2ban/action.d/iptables-multiport.conf:

cat /etc/fail2ban/ip.blacklist | while read IP; do iptables -I fail2ban-<name> 1 -s $IP -j DROP; done

Use the following command to check if the IP address is indeed banned:

$ sudo iptables  -L fail2ban-ssh
Chain fail2ban-ssh (1 references)
target     prot opt source               destination         
DROP       all  --  192.168.20.25        anywhere            
RETURN     all  --  anywhere             anywhere 

Replacing a character in a Bash variable name

Today I needed to replace a : in a bunch of file names with a -, so I wanted to write a Bash for-loop to do just that. I vaguely remembered that you can do character replacements within variables, but couldn’t remember the details.

This is how it’s done:

for filename in *; do
    mv "$filename" "${filename/:/-}"
done

I put the variables in double quotes, because the file names contained spaces.

Showing other users (from LDAP) in the LightDM greeter

Ubuntu Linux uses the LightDM greeter (the login screen you see after booting). Since I’m using an LDAP server to store my user accounts and LightDM by default only shows local users I needed to tell LightDM to give me an ‘other user’ option where I can enter a user name and password (I first checked to see if my LDAP connection work by logging in with an LDAP user from the console (tty1).
LightDM is configured in /etc/lightdm/lightdm.conf, but also provides command line tools to set the options. To show the ‘other user’ use:

sudo /usr/lib/lightdm/lightdm-set-defaults --show-manual-login true

This will disable the user list. It adds the line

greeter-show-manual-login=true

to the lightdm.conf file.
If you only want to see the “Other” entry run:

sudo /usr/lib/lightdm/lightdm-set-defaults --hide-users true

And lastly you can turn off guest:

sudo /usr/lib/lightdm/lightdm-set-defaults --allow-guest false

Thanks to mfish at askubuntu.com!

Using BibTeX from org-mode

I use Emacsorg-mode a lot for writing notes, todo lists, presentations and writing short reports. Recently I started writing a larger report which I normally would have done in LaTeX. This time, since the notes related to the project were already in org format, I decided to write the whole report in org-mode. The one thing I needed for that was using BibTeX bibliographies (and RefTeX) from org-mode. A quick web search revealed that that can easily be done by adding the following to your .emacs file:

;; Configure RefTeX for use with org-mode. At the end of your
;; org-mode file you need to insert your style and bib file:
;; \bibliographystyle{plain}
;; \bibliography{ProbePosition}
;; See http://www.mfasold.net/blog/2009/02/using-emacs-org-mode-to-draft-papers/
(defun org-mode-reftex-setup ()
  (load-library "reftex")
  (and (buffer-file-name)
       (file-exists-p (buffer-file-name))
       (reftex-parse-all))
  (define-key org-mode-map (kbd "C-c )") 'reftex-citation)
  )
(add-hook 'org-mode-hook 'org-mode-reftex-setup)

After that, RefTeX works, but exporting the org document to PDF (via LaTeX) didn’t include the bibliography entries. A quick look at the error log showed that bibtex hadn’t been run, so the question was: how to tell org-mode to do that too when exporting. The answer is to tell org-mode to use the latexmk Perl script (on Debian/Ubuntu it is easily installed from the package repositories) when exporting to PDF. I added the following lines to my .emacs file:

;; Use latexmk for PDF export
(setq org-latex-to-pdf-process (list "latexmk -pdf -bibtex %f"))

Growing XFS and still not able to write files, enough free space

One of the XFS filesystems at work almost ran out of space recently, so I extended the Logical Volume it was on, followed by xfs_growfs. This worked fine, df -h showed enough free space for the upcoming data. In the XFS FAQ I read that by default all inodes are placed in the first 1 TB of disk, which could lead to problem. Therefore, I added the inode64 option to the mount options and ran

mount -o remount

on the partition.

While reviewing my log messages this morning I noticed a lot of

No space left on device

messages for that filesystem. Having this inode64 option in mind I wondered what went wrong. Although df -h and df -i showed enough free space and free inodes, respectively, I still couldn’t create a file. Again the XFS FAQ had an entry for that, but it puzzled me, because I was already using the inode64 option. Since the filesystem wasn’t in use I decided to completely unmount it and then mount it again. That worked. Apparently -o remount is not enough to enable the inode64 option.

Viewing a .bam file in the console

One thing we do regularly at work is taking a look at aligned sequences of human DNA as generated by what is called “next-generation sequencing”. This data is stored in so-called .bam files, which can get pretty large. For example, the .bam file for an individual whose whole genome is sequenced at 12x coverage is approximately 60GB.
To view these files, to check the alignment, look at the coverage of a specific region, etc, people typically use graphical browsers like the IGV or Savant. However, these require you to either run the tool on the server (which means relatively slow X-forwarding over SSH) or copying the BAM file to your local machine, which also takes a lot of time, especially if you want to take a look at a single region for a bunch of people.

For jobs like that I’ve found the text-based viewer integrated in SamTools to be very convenient. It’s a matter of running

samtools tview sample.bam /path/to/reference.genome.fasta

after which you get a view like this:

1000821   1000831   1000841   1000851   1000861   1000871   1000881   1000891   1000901
GGCCAGGCAGGGCTTCTGGGTGGAGTTCAAGGTGCATCCTGACCGCTGTCACCTTCAGACTCTGTCCCCTGGGGCTGGGGCAAGTGCCCGATGGGAGCGCA
.....................................................................................................
..........          ......................A.......................T...............G........A........C
...........                                     .....................................................
............                                           ..............................................
..........................................................C...........      .......................A.
...................................................................................        ..........
                                                                                           ..........

Using g followed by 1:23000000 you will jump to the given position on the given chromosome.
If the 1:23000000 doesn’t work, check the header of the BAM file to see how the chromosome is specified (sometimes it is chr1:23000000, for example):

samtools view -H sample.bam

In the above example the dots indicate nucleotides that are identical to the reference (shown in the second line), the positions with letters indicate reads where a different base was read. In this example all of them are probably sequencing or alignment errors because only one discordant read is observed at any position. If you find a column with letters that means this position is indeed different from the reference. Also notice how the various reads are aligned and that in this case the coverage doesn’t seem to be very high.

Older posts Newer posts

© 2019 Lennart's weblog

Theme by Anders NorenUp ↑