postgresql FATAL: database system identifier differs between the primary and standby

This is due to two possible reasons:

  1. you did not do the initial filesystem sync (usually rsync)
  2. the recovery.conf contains errors

this page actually helped me

https://www.digitalocean.com/community/tutorials/how-to-set-up-master-slave-replication-on-postgresql-on-an-ubuntu-12-04-vps

Hope this helps

ISP: ERROR Shibboleth.SSO.SAML2 [xx]: failed to decrypt assertion: XMLSecurity exception while decrypting: OpenSSL:SymmetricKey::decryptFinish – Out of range padding value in final block

The Sp (service provider) replaced the SSL certificate and the metadata used from the Idp are not up-to-date with the public key of the ISP.

This instead is the error message on MS ADFS:

Docker cheat-sheet

Docker is great for development, but also, it gives you the superpower of extremely small images to easily move around docker containers.

I need this for personal stuff, but I think it can be useful to others, so let’s share it.

It’s a living list so I’m gonna add here stuff as soon as I need it.

Foreplay (Composer) – a.k.a. Install fest
#Install composer:
sudo apt-get -y install python-pip
sudo pip install docker-compose
Images
#Build an image from a dockerfile in pwd:
docker build --rm=true -t tagname .
#--rm=true -> Remove intermediate containers after a successful build
#-t, --tag=[] -> Name and optionally a tag in the 'name:tag' format
#-f, --file -> Name of the Dockerfile (Default is 'PATH/Dockerfile')
Docker Composer
#Start a container with:
docker-compose up -d
#up -> Create and start containers
#-d -> Detached mode: Run containers in the background,
       print new container names.
       Incompatible with --abort-on-container-exit.
Containers
#Check what's running:
docker ps

#Stop container:
docker stop {containerid}

 

 

Unable to configure permitted SSL ciphers SSL Library Error: 336486680 error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid command

You copy/pasted the virtualhost configuration from an output that truncated the long line that starts by

SSLCipherSuite

 

Am I right?

😉

Incoming search terms:

  • Unable to configure permitted SSL ciphers (1)

Extend Xen guest partition on a live system

nanites

No restart of the guest VM is required

on Dom0:

lvextend /dev/lvm/domU.lan-var -L +5G
Extending logical volumedomU.lan-var  to 7.00 GiB
Logical volume domU.com-var successfully resized

On DomU

resize2fs /dev/xvdaX #(where X is a number)
resize2fs 1.42.5 (29-Jul-2012)
Filesystem at /dev/xvdaX is mounted on /var; on-line resizing required
old_desc_blocks = 1, new_desc_blocks = 1
Performing an on-line resize of /dev/xvdaX to 1835008 (4k) blocks.
The filesystem on /dev/xvdaX is now 1835008 blocks long.

 

 

Asus X202E touchpad sensitivity with Ubuntu

The ones out there who decided to drop Windows 8 in favor of Ubuntu after buying an Asus X202E will probably face the issue of a too sensitive touchpad which makes the laptop barely usable, with a lot of random unwanted clicks especially during the “two finger scrolling”. The two finger scrolling is a feature I really don’t want to give up as well as the touch to click one, as i find them really convenient as long as I have to use the laptop as laptop, which means without an external pointing device such as a mouse.

First step to get to the desired settings is to check which hardware are we using.

As reported at this url http://superuser.com/questions/229839/reduce-laptop-touch-pad-sensitivity-in-ubuntu the best is to run the command:

xinput list

This will return the list of the input devices used by X (for a complete man page, refer to this : Xinput man page in a new tab)

From the list returned it will be easy to guess which is the touchpad device, in the Asus X202E it is:

ETPS/2 Elantech Touchpad (debian wiki here)

Since the laptop is equipped with a touchscreen display, do not confuse the touchpad with the digitizer of the display (Atmel Atmel maXTouch Digitizer).

Now we can easily get the initial parameter of the touchpad so we can tinker with them and the worst of the cases we can use them to revert the settings to the initial state.

To do this, to read the setting we are currently running with, the command to be issued is:

 xinput list-props "ETPS/2 Elantech Touchpad" | grep -i finger

This will return a few lines:

Synaptics Finger (289): 1, 1, 0
Synaptics Two-Finger Pressure (295): 282
Synaptics Two-Finger Width (296): 7
Synaptics Two-Finger Scrolling (299): 1, 1

We are going to tinker with the first parameter, “Synaptic Finger” in order to require much more pressure of the finger for the touchpad to become active.

what I type is:

sudo xinput set-prop "ETPS/2 Elantech Touchpad" "Synaptics Finger" 5 20 0

Where the second parameter (30) is the one used as threshold for the measured finger pressure. The first one seems to be the one used as “Release pressure” to measure the act of clicking.

I hope this short guide will be useful for other out there.

Final tip:

This settings will be gone after next reboot, so the best is to create a bash script and make it being executed at your login as suggested on this page: http://www.mepis.org/docs/en/index.php?title=Configuring_the_touchpad_with_xinput

so let’s create a script called touchpad.sh

#!/bin/bash
sudo xinput set-prop "ETPS/2 Elantech Touchpad" "Synaptics Finger" 5 20 0

Let’s make it executable with:

chmod 755 touchpad.sh

You conveniently save it under a easily accessible folder like /usr/bin

then, if ou use Gnome 2or 3 like me, it’s sufficient to do as reported on this page http://stackoverflow.com/questions/8247706/start-script-when-gnome-starts-up you can open the terminal and type:

gnome-session-properties

Using the graphical interface you can set it up and look for the script by just browsing the filesystem.

useful info here as well: https://help.ubuntu.com/community/SynapticsTouchpad

Enjoy your new configured touchpad.

asus x202e

Incoming search terms:

  • asus e202 linux (1)
  • asus e202 touchpad ubuntu (1)
  • asus yg fingerin (1)
  • kursor asus e202 tidak terbaca (1)
  • ubuntu touchpad sensitivity (1)
  • ubuntu タッチパッド 感度 (1)
  • لسبكس (1)

Update Samsung Galaxy tab 7 aka GT-P1000 codename P1 to 2.2.3 and Get it Rooted

First: if you are here it’s because you feel that something is wrong with mobile phones, you are close, now: take a look here http://www.gnu.org/philosophy/android-and-users-freedom.html

This is just the beginning, and it seems to be a mandatory step in order to run Cyanogenmod 11 on my Galaxy tab and get rid of malicious Samsung backdoor(s).

the procedure involves an update to Android 2.2.3 in order to be able to properly run Clockwork recovery.

But what I did is putting all together (both the upgrade and the clockwork recovery) so it will be very easy for me to redo the process and for my neighbours to do the same as me in order to get rid of a couple of backdoors well documented on the Free Software Foundation website.

You can trust me or not for downloading the needed files. Personally I don’t trust the source I had these files from as the files were encrypted and available on gdrive.  I used the one linked from the Cyanogenmod wiki page on GT-P1000 and just in order to install Cyanogenmod over it… but I found weird that they are encrypted.
I downloaded packages from here: https://www.youtube.com/watch?v=iI79j97R4qw and as you can see my question about why encrypting files is still unanswered.
Why encrypting a zip file if not for avoiding gdrive to scan it for viruses? The best option at this point for me is repeating the entire process starting from the stock image (replacing just the kernel image), the one you get either when you buy the tab or when you do the latest firmware update available. At least that case we will be sure that it will contain just the back-door from Samsung and Google proprietary software. This very case what I needed was the Clockwork recovery in order to install Cyanogenmod.

Download here needed FIles from my Gdrive account.

Simply extract the zip archive into a folder, `cd` into that folder and use the command line below (this is mainly for me so I won’t struggle again if I need it again).

Last words i would like to spend about this is: I haven’t installed gapps as I don’t really need them. Why? Because I already have a browser and all those application are nothing else that browsers but with two more facets: first of all of them have so called helpers, which make those browsers more convenient to use) think about authentication and graphical optimization compared to usual mobile phone or tablet browser) Second: the can contain more than you need to run properly those web-services, they could contain back-doors triggered by so called push notifications. Basically nothing easier for criminal who want to steal your data.

So how to install an application for your new  fresh installed cyanogenmod?

Simple use F-droid and nothing else.

To complete this you need Heimdall. I used the Ubuntu version, so cmd parameters may differ with other operating systems version an from future version for this operating system.

Terminal command (please note that Heimdall for mac uses one single dash for distinguishing options instead on Ubuntu it uses two dashes):

heimdall flash --repartition --CACHE cache.rfs --DBDATAFS dbdata.rfs --FACTORYFS factoryfs.rfs --pit gt-p1000_mr.pit  --IBL+PBL boot.bin --MODEM modem.bin --PARAM param.lfs --SBL Sbl.bin --SBL2 Sbl.bin --KERNEL zImage --RECOVERY zImage --HIDDEN hidden.rfs --MOVINAND movinand.mst --verbose

After this you can easily install Cyanogenmod about which I will type a new post next weekend. I know it’s an old device but it’s still not bad at all and I think a lot of people could be interested in this.

Giuseppe

 

Incoming search terms:

  • اخر تحديث galaxy tab gt-p1000 (75)
  • تحديث galaxy tab gt p1000 (49)
  • تحديث gt-p1000 (46)
  • تحديث تاب p1000 (46)
  • تحديث سامسونج تاب gt-p1000 (41)
  • تحديث تاب gt-p1000 (38)
  • gt p1000 تحديث (37)
  • gt-p1000 اخر تحديث (32)
  • طريقة تحديث galaxy tab gt-p1000 (30)
  • gt-p1000 تحديث (24)

Using a linux NAS to daily backup my ispconfig server with Rsync

Daily backup of my ispconfig server with Rsync

I want to keep notes on how i manage to make this simple backup works.

Basically i have this 1TB NAS  WD MyBook World Edition running optware and i want to use it to get a fresh backup each day of the last week and one day for each past month.

The idea is to use rsync over ssh, so the first thing to do is to log in into the NAS and generate a RSA keypair to be used to access the server and make the backup automatic. Remember to NOT use a passfrase otherwise the automation won’t work.

~ # ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
44:86:dd:2e:f0:14:54:17:c5:ef:6f:d8:86:d6:b1:4c root@NAS

What i need to do now is to add the public part of the key to the “authorized_keys” file on the server, in the .ssh folder right into the home dir of the user which will be used for this purpose.

So grab the output of

cat  .ssh/id_rsa.pub

into the mouse clipboard and ssh into the server you want to backup.
Once there cd into the directory of the user you want to be used on the other side of rsync.
In my case i used the user backup, with the home directory in /var/backups.

If you want to do so, just check if the user is already oresent on the system.

In order to create a user called backup with the home directory in /var/backups as root type:

adduser --home /var/backups backup

As root i created the directory /var/backups/.ssh, then i chmod this directory in order to belong to the user backup. Then i become backup doing “su backup-“. Once became backup i created a file called authorized keys in the .ssh dir with the command

nano .ssh/authorized_keys

And then i pasted the content of the public key previously read with cat.

At this point save the file and go back to the NAS and try to see if it works:

ssh -l backup server.com -p 2202
Linux server.com 2.6.32-5-xen-amd64 #1 SMP Fri May 10 11:48:05 UTC 2013 x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
backup@server:~$

And of course it works. So the authentication part is done.

Now i have to go back to the “ONLINE” server and schedule the dump of the databases and the copy of the files in a directory where the user backup will synchronize a local folder on NAS with a remote folder on the ONLINE server.

Well the MySQL part has been solved in minutes thanks to my script for MySQL backup per db, the file part instead was done using this very small script: compress each sub folder in a separate tar archive. The second script actually doesn’t help that much because the folder structure in my webserver is not human friendly, indeed.

The human friendly folders arelinked into a who knows: /var/www/website.com -> /var/www/client1/web1/

So what i want is to have a tar archive made out of the real folder but with the name of the symlink.

Here i mixed up a couple of things like perl and bash scripting, let me illustrate:

First of all I mada a small bash script that identifies the symlinks and prints the output to a txt file, so create folder to contain the scripts:

sudo mkdir /scripts

a bash script using the command:

nano /scripts/files.sh

In the new file, paste the following content:

#!/bin/bash
cd /var/www
find . -maxdepth 1 -type l -print > /tmp/bck.list
sed -i 's/\.\///g' /tmp/bck.list
/scripts/backupper.pl

 

The real job is done by the “find ” command which will output each symlink present in /var/www
But since it runs in the /var/www folder, it will output the symlink name preceded by “./” which is not useful for our purposes. At this point it will be easy to understand why you need to use the output of find to replace “./” with sed.

Next step is a script capable of reading the config file (/tmp/bck.list) and compress the folder read from the config file in order to use tar to get the archive with the right name. Here you are the backupper.pl :

#!/usr/bin/perl -w
use warnings;
# configurable vars
my $file_list = '/tmp/bck.list';
my $start_dir = '/var/www';
my $output_dir = '/var/backups/server/web';
sub read_file_list {
  print "Reading list of files: $file_list\n";
  if ! (open(LIST, $file_list)) {
   print ("ERROR: Could not open $file_list: $!\n");
  }
  while (my $line = <LIST>) {
    chomp $line;
    unless ($line =~ /^#/) { 
    push(@backup_dirs, $line);
    }
   }
 close LIST;
 }
sub tar_backup_dirs {
  foreach my $dir (@backup_dirs) {
  print "Backup dir $dir\n";
  system("tar -czf " . $output_dir . "/" . $dir . ".tar.gz " . $start_dir . "/" . $dir. "/web");
  }
 }
read_file_list();
tar_backup_dirs();
exit();

 

Incoming search terms:

  • ispconfig backup (2)
  • nas palvelin kotiin (2)

Ubuntu 13.10 reinstall skype to get a decent sound

Too crappy sound and some of them stay stuck forever unless you close skype.

This way you get rid of the wrong version and you will get a fully working sound with skype

dpkg -r skype
sudo add-apt-repository "deb http://archive.canonical.com/ $(lsb_release -sc) partner"
sudo apt-get update
sudo apt-get install skype && sudo apt-get -f install

Installing Skype on Debian Wheezy 64bit

How to install Skype on your brand new Debian Wheezy 64bitSkype-debian

I’m migrating all my personal computers to Debian Wheezy (or Jessie in some cases). Personally i hate Skype but i have friends who don’t want to understand the importance of using open source software only, and for this reason i need Skype at least to school them to the open source life style.

Skype will come in what they claim being a multi  architecture package, but in the end it’s just a 32 bit package.

So if i want to install this program i have to enable the multiarch and i have to add the “i386” arcgitecture to my system. The guide at the address http://wiki.debian.org/Multiarch is pretty useful in this sense.

So to enable the multiarch superpowers open up a terminal and type:

dpkg --add-architecture i386

Time to download skype:

 http://www.skype.com/en/download-skype/skype-for-linux/downloading/?type=debian32

You can install your new “multiarch” skype typing:

dpkg -i skype-debian_4.2.0.11-1_i386.deb

At this point your package manager will complain about unsatisfied dependencies, which you will resolve with

apt-get -f install

Have nice chats with your friends!

Giuseppe