Linux
vmware esx 3.5i at usb drive with sata support
Yes, it is unsupported, but who cares? As you can read even microsoft does not support windows at vmware :). The VMware ESX 3.5i is free for some time. It is VMware answer for Microsoft’s Hyper-V - I think. Because the system compatybility is rather thin, and I would love to repleace my VMware Server machines with this top product! Because I have just two scsi disks, and a lot of others (sata for example) I would love to make use of it at this machine. What I need is: vmware esx 3.5i iso and a big (1GB is minimum!) pendrive. Let’s rock!
mount the vmware iso
# mount -o loop /storage/VMware-VMvisor-InstallerCD-3.5.0_Update_2-110271.i386.iso /mnt/vmCD/
then copy a install.tgz file to some place and extract it:
# cp install.tgz /storage/
# tar xvzf install.tgz
then take a look at file usr/lib/vmware/installer/VMware-VMvisor-big-3.5.0_Update_2-110271.i386.dd.bz2 “unbzip” it!
# bunzip2 VMware-VMvisor-big-3.5.0_Update_2-110271.i386.dd.bz2
then you will have one file, which is a disk image (yes, it’s bigger than 32MB thin install of esx, but it has much more drivers):
# ls -al VMware-VMvisor-big-3.5.0_Update_2-110271.i386.dd
-rwxr-xr-x 1 root root 786432000 sie 13 05:00 VMware-VMvisor-big-3.5.0_Update_2-110271.i386.dd
now we are going to write the image at the thumbdrive… it is at /dev/sda in my system
# dd if=VMware-VMvisor-big-3.5.0_Update_2-110271.i386.dd of=/dev/sda
after this, you have a bootable USB key (look if your bios support it!)! thanks to: vm-help for its tutorial
Failed dependencies while installing Kerio mail server at centos 5
while installing kerio mail server 6.5.2 at fresh centos 5 install (CentOS release 5.2 (Final)) i got sth like this:
# rpm -Uv /home/users/mrybak/kerio-kms-6.5.2-6426.linux.i386.rpm
error: Failed dependencies:
libstdc++.so.5 is needed by kerio-kms-6.5.2-6426.linux.i386
libstdc++.so.5(CXXABI_1.2) is needed by kerio-kms-6.5.2-6426.linux.i386
libstdc++.so.5(GLIBCPP_3.2) is needed by kerio-kms-6.5.2-6426.linux.i386
libstdc++.so.5(GLIBCPP_3.2.2) is needed by kerio-kms-6.5.2-6426.linux.i386
but I had libstdc++ libraries as you can see:
# rpm -qa |grep libstdc
libstdc++-devel-4.1.2-42.el5
libstdc++-4.1.2-42.el5
but:
# locate libstdc
/usr/lib/libstdc++.so.6
/usr/lib/libstdc++.so.6.0.8
so i have newer version that is needed, so:
# yum search libstdc
Loading “fastestmirror” plugin
Loading mirror speeds from cached hostfile
* base: ftp.cvut.cz
* updates: ftp.cvut.cz
* addons: ftp.cvut.cz
* extras: ftp.cvut.cz
libstdc++-devel.i386 : Header files and libraries for C++ development
compat-libstdc++-33.i386 : Compatibility standard C++ libraries
libstdc++-devel.i386 : Header files and libraries for C++ development
libstdc++.i386 : GNU Standard C++ Library
libstdc++.i386 : GNU Standard C++ Library
compat-libstdc++-296.i386 : Compatibility 2.96-RH standard C++ libraries
this is what I need, and after:
# yum install compat-libstdc++-33
Loading “fastestmirror” plugin
Loading mirror speeds from cached hostfile
* base: ftp.fi.muni.cz
* updates: ftp.fi.muni.cz
* addons: ftp.fi.muni.cz
* extras: ftp.fi.muni.cz
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
–> Running transaction check
—> Package compat-libstdc++-33.i386 0:3.2.3-61 set to be updated
–> Finished Dependency ResolutionDependencies Resolved
=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
compat-libstdc++-33 i386 3.2.3-61 base 232 kTransaction Summary
=============================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)Total download size: 232 k
Is this ok [y/N]: y
Downloading Packages:
(1/1): compat-libstdc++-3 100% |=========================| 232 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: compat-libstdc++-33 ######################### [1/1]Installed: compat-libstdc++-33.i386 0:3.2.3-61
Complete!
everything goes well…
[root@msuno ~]# rpm -Uv /home/users/mrybak/kerio-kms-6.5.2-6426.linux.i386.rpm
Preparing packages for installation…
kerio-kms-6.5.2-6426.linuxThank you for installing Kerio MailServer 6.5.2!
THANK YOU 
signature verification failed - PLD Linux
For some time I have this warning:
poldek:/all-avail> upgrade pam-*
Processing dependencies…
pam-0.80.1-14.i686 obsoleted by pam-0.80.1-17.i686
pam-libs-0.80.1-14.i686 obsoleted by pam-libs-0.80.1-17.i686
There are 2 packages to install, 2 to remove:
I pam-0.80.1-17.i686, pam-libs-0.80.1-17.i686
R pam-0.80.1-14.i686, pam-libs-0.80.1-14.i686
Need to get 520.9KB of archives (520.9KB to download).
After unpacking 1.3MB will be used.
Retrieving ac-updates::pam-libs-0.80.1-17.i686.rpm…
………………………… 100.0% [139.9K (99.0K/s)]
Retrieving ac-updates::pam-0.80.1-17.i686.rpm…
………………………… 100.0% [381.0K (230.0K/s)]
error: pam-libs-0.80.1-17: signature verification failed
error: pam-0.80.1-17: signature verification failed
There were signature verification errors. Proceed? [N/y]
and finally I would love to make it clean!
But when I tried to do (followed by pld docs!!!):
rpm –import ftp://ftp.pld-linux.org/dists/2.0/PLD-2.0-Ac-GPG-key.asc
i got:
error: ftp://ftp.pld-linux.org/dists/2.0/PLD-2.0-Ac-GPG-key.asc: import read failed(-1).
So if you are scarred of “man in the middle” just to this:
wget -q ftp://ftp.pld-linux.org/dists/2.0/PLD-2.0-Ac-GPG-key.asc
rpm –import PLD-2.0-Ac-GPG-key.asc
best regards!
openvpn force tun/tap number
I made some vpn tunnels, but by default interface number is taken form successfull connect sequence. If you would like to set it up in config file instead of:
dev tun
use:
dev tun0
openvpn configuration, some problems with understanding certs
I have some problems with understanding the certs things… but I found rather clear howto at openvpn site:
next tip, for much more security in openvpn is setting:
server side:
tls-auth /path/to/ta.key 0
client side:
tls-auth /path/to/ta.key 1
first you should generate this cert by:
openvpn –genkey –secret ta.key
and maybe changing the default blowfish alghoritm (128bit) with 256-bit AES by adding:
cipher AES-256-CBC
niceshaper class file generator
Because I found rather impossible to write almost 100 entries into my class.ns file (form niceshaper 0.6), I did really easy oneliner to to this :)… proof of concept, but you can easly use it.
for i in `seq 10 100`; do echo -e “class download eth1 computer$i \n match dstip 192.168.2.$i \n htb prio 2 \nclass upload eth0 computer$i \n match srcip 192.168.2.$i \n htb prio 2 \n”; done >> class.nc
and the output simple output looks like this (one entry)
class download eth1 computer11
match dstip 192.168.2.11
htb prio 2
class upload eth0 computer11
match srcip 192.168.2.11
htb prio 2
you need explanation? OK…
seq x y - make sequential output from x to y, so if your IP class is from 22 to 38 change it to seq 22 38
everything else is based at number generated from seq so the computerXX identifier is same as its end of IP address, which for me is not a big problem, but there is no problem to take an entries form cat users.txt
my new bootsplash
How do you find my new bootsplash? It is based on u-fingerprint …
It’s looks really eye-catching 
DS3200 performance tests #1
today I made some tests at DS3200, I’m fully dissapointed of it’s power, but maybe I do sth wrong? Take a look:
# mount |grep reiser
/dev/sde1 on /tmp/test type reiserfs (rw,noatime,nodiratime)
/dev/sdf1 on /tmp/test2 type reiserfs (rw,noatime,nodiratime)
/dev/sdg1 on /tmp/test3 type reiserfs (rw,noatime,nodiratime)
everything connected from dual controller IBM DS3200 (SAS), with SATA 750GB disks.
/dev/sde1 is raid0 at 4 disks
/dev/sdf1 is raid10 at 4 disks
/dev/sdg1 is raid5 at 4 disks
and the tests:
# dd if=/dev/zero of=/tmp/test/pliczek count=5000 bs=1M 5000+0 records in
5000+0 records out
5242880000 bytes (5.2 GB) copied, 66.6999 s, 78.6 MB/s
# dd if=/dev/zero of=/tmp/test2/pliczek count=5000 bs=1M
5000+0 records in
5000+0 records out
5242880000 bytes (5.2 GB) copied, 191.962 s, 27.3 MB/s
# dd if=/dev/zero of=/tmp/test3/pliczek count=5000 bs=1M
5000+0 records in
5000+0 records out
5242880000 bytes (5.2 GB) copied, 130.41 s, 40.2 MB/s
raid5 looks better than raid10?????
now read tests:
# dd if=/tmp/test/pliczek of=/dev/null count=5000 bs=1M
5000+0 records in
5000+0 records out
5242880000 bytes (5.2 GB) copied, 21.179 s, 248 MB/s
# dd if=/tmp/test2/pliczek of=/dev/null count=5000 bs=1M
5000+0 records in
5000+0 records out
5242880000 bytes (5.2 GB) copied, 33.007 s, 159 MB/s
# dd if=/tmp/test3/pliczek of=/dev/null count=5000 bs=1M
5000+0 records in
5000+0 records out
5242880000 bytes (5.2 GB) copied, 22.7079 s, 231 MB/s
why raid10 is much slower than raid5?
files with no valid users
Totay tip:
sometimes in some migrations, reinstall or sth, or even in backup places, you have some files owned by no valid user for current system. It is rather high security issue (in mulituser systems), so you can find every file that does not have a valid user which can be found in /etc/passwd, how?
find / -nouser > no_no_valid_user
glsa-check… securitity in gentoo
what is glsa-check - you can find here http://gentoo-wiki.com/Glsa-check
why to use it - because it shows every possible security hole made by outdated software. Because the output of glsa-check is rather chatty - my own grep method is like this:
glsa-check -d affected |grep -e “Affected package”