drac5 / 6 with latest java 1.8.60

new java, new headaches. but my colleague figured a way how to get the ip kvm working again with the latest java. here are his findings: ingredients: windows 8.1, j2se 1.8.60, firefox 41 or chrome 45.0.2454.99: go to the Control panel > java in the General tab: Settings > Delete files – mark all the ... Read More

more smaller icons in the windows 8 alt+tab / cool switch

recently i’ve moved from win7 to win8. i tend to have dozens of applications open and the default number of programs displayed after pressing alt+tab in win8 is too low. this registry change brings the win7-alike layout and adds more columns and rows: you might want to log off and log on for all the ... Read More

squid3 no longer working after upgrade to jessie

on one of the servers i’ve just upgraded to jessie i got my squid3 bricked. i could see the process in ps, yet it did not listen on tcp/3128: restarting it did not give anything interesting in /var/log/squid3/cache.log: after a while of clueless googling i thought – maybe there’s some problem with communication over loopback. ... Read More

audit/access logs in samba

i’ve ‘convinced’ my samba running under debian wheezy/jessie to provide me access audit logs without being too verbose. here’s how.

upgrade from wordpress 4.1.x to 4.2.x broke my menu editor

i’ve done a routine upgrade of wordpress 4.1.x to 4.2 and later 4.2.1. all seemed fine until the day i wanted to manually adjust the menu structure using wp-admin > appearance > menus. each attempt of saving my menu resulted in it being wiped out completely

BLKDE3815TYKH0E headaches

we’re setting up a small computer that will act as vpn end-point. we decided to try something smaller this time – BLKDE3815TYKH0E. as it turned out it’s not as well polished as one would expect from intel. my colleagues had to pull out debian wheezy usb pend-rive with the installer to be able to finish ... Read More

sip-audio-session, new libxml2

i’m using nagios to wake me up. not every day – only when there’s some outage. i have pair of nagios servers – one in Sweden, one in Poland – they cross-check one another and – for the most critical problems – send sms and make a phone call. for sms’es i’m using budgetsms.net, for ... Read More

xwiki, html macro tag and unwanted javascript

xwiki – by default – allows contributors to embed arbitrary html, including javascript. it does not take much effort to include something like: then you just need to lure your victim into visiting given wiki page while being logged – you’ll get a http request containing that person’s cookie that can be re-used to impersonate ... Read More

bridge on vlans on active-backup bonding under debian

the idea: i’d like to run kvm/lxc on debian, have guests bridged to couple of vlans and handle the network failover on the host level. network failure should be detected using arp probes not just the link [ mii ] status. after few attempts i got it working in the test environment.

useful tools for [web] malware removal

http://sitecheck.sucuri.net/ for checking if a live website is referring to some malicious js / having unwanted iframes https://www.rfxn.com/projects/linux-malware-detect/ and http://www.clamav.net/index.html and http://www.eset.com/ for scanning files for unwanted conten from the command line:

debian on dell poweredge 13th gen – r630

i’ve received for testing a new dell r630. before buying few of those i wanted to make sure that debian wheezy has kernel including all the needed drivers. it seems that it has.

UNION instead of OR in MySQL

i have MySQL that is run on arrays of increasing size: i remembered that the query optimizer will not be able to use existing indices for lastModified columns but.. the query execution time was acceptable, so i did not bother. recently much more data was added and query above, repeated quite often, caused a lot ... Read More

fsck on truecrypt

it’s high time to move away from truecrypt [ which i’m doing by moving to luks and btrfs on the top of it for extra thrills ], but i still have bunch of places that were not moved to the alternative full disk encryption. what do do when after unclean shutdown this happens: ?

OVH, failover IPs, IPv6, VMs

at work we rent a dedicated server from OVH; except unexplained openvpn throttling all is working pretty well for the price we pay. besides primary IPv4 address OVH can provide few additional ‘failover’ IPv4 addresses and /64 IPv6 subnet. in our setup some of IPv4s and IPv6s are routed to a KVM VM. below – ... Read More

idrac7 + ipmitool stopped working with firmware 1.56.55

i use ipmitool to check health of the poweredge servers from nagios. in essence i execute: and alert if the exist code is non-zero, then i execute and again – i alert on non-zero exit code, i also grep the file in search of lines not containing ok/ns. this was working fine for DRAC 5 ... Read More