USB devices not appearing in VMs

Hmmm, I went to use a USB device in my Win XP win and it wasn't showing up (Under VM/Removable Devices/USB Devices). This sure seems familiar but I can't find a blog post about it. A quick google turned up this hint which I really remember doing before. In fact I have a /etc/init.d/mountdevsubfs.sh.dpkg.old file with the changes applied, so I know I did.

However when I re-applied those changes I got an error running the script (see end of post).

Poking around a little more I found this advice which seemed cleaner, except it was a little flawed, when I tried adding the line as given to /etc/fstab, it didn't help and I noticed that if I actually tried to invoke the line, I got the following error:

# mount /proc/bus/usb
[mntent]: line 10 in /etc/fstab is bad

The "usbfs" on the begining seemed wrong to me, so I dropped that, resulting in the following line:

/dev/bus/usb /proc/bus/usb usbfs auto 0 0

Then I restarted VMWare ("/etc/init.d/vmware restart") and my USB devices appeared!

---

Changes I made to /etc/init.d/mountdevsubfs.sh:

# diff -c mountdevsubfs.sh.orig mountdevsubfs.sh
*** mountdevsubfs.sh.orig 2008-12-13 08:19:38.000000000 -0600
--- mountdevsubfs.sh 2008-12-13 08:20:25.000000000 -0600
***************
*** 39,44 ****
--- 39,51 ----
   # Mount /dev/pts. Master ptmx node is already created by udev.
   #
          domount devpts "" /dev/pts devpts -onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE
+  #
+  # Magic to make /proc/bus/usb work so USB devices appear in VMWare
+  #
+  mkdir -p /dev/bus/usb/.usbfs
+  domount usbfs "" /dev/bus/usb/.usbfs -obusmode=0700,devmode=0600,listmode=0644
+  ln -s .usbfs/devices /dev/bus/usb/devices
+  mount --rbind /dev/bus/usb /proc/bus/usb
  }
  
  case "$1" in

Error from I got from those changes:

# /etc/init.d/mountdevsubfs.sh start
Usage: mount -V                 : print version
       mount -h                 : print this help
       mount                    : list mounted filesystems
       mount -l                 : idem, including volume labels
So far the informational part. Next the mounting.
The command is `mount [-t fstype] something somewhere'.
Details found in /etc/fstab may be omitted.
       mount -a [-t|-O] ...     : mount all stuff from /etc/fstab
       mount device             : mount device at the known place
       mount directory          : mount known device here
       mount -t type dev dir    : ordinary mount command
Note that one does not really mount a device, one mounts
a filesystem (of the given type) found on the device.
One can also mount an already visible directory tree elsewhere:
       mount --bind olddir newdir
or move a subtree:
       mount --move olddir newdir
One can change the type of mount containing the directory dir:
       mount --make-shared dir
       mount --make-slave dir
       mount --make-private dir
       mount --make-unbindable dir
One can change the type of all the mounts in a mount subtree
containing the directory dir:
       mount --make-rshared dir
       mount --make-rslave dir
       mount --make-rprivate dir
       mount --make-runbindable dir
A device can be given by name, say /dev/hda1 or /dev/cdrom,
or by label, using  -L label  or by uuid, using  -U uuid .
Other options: [-nfFrsvw] [-o options] [-p passwdfd].
For many more details, say  man 8 mount .
ln: creating symbolic link `/dev/bus/usb/devices': File exists

Installing logwatch

I recently installed logwatch on all of my systems using these directions. Basically I just ran the following on reach system:

# aptitude install logwatch

Since I already had email to root forwarded to me, no other configuration was necessary. Now I get a nice daily email summary from each system.

NameVirtualHost *:80 has no VirtualHosts

After upgrading to 8.10 I saw the following error on an Apache reload:

# apache2ctl restart
[Sun Nov 16 13:36:23 2008] [warn] NameVirtualHost *:80 has no VirtualHosts

Updated Nov 16, 2008: My first solution (below) didn't work, correct solution now immediately follows...

Looks like the problem was I had to NameVirtualHost statements, one in /etc/apache2/ports.conf and one in /etc/apache2/sites-enabled/000-default.

To fix the problem, I simply commented on the declaration in /etc/apache2/ports.conf:

grep NameVirtualHost /etc/apache2/ports.conf
#NameVirtualHost *:80

Old solution I posted, that turned out, did not work.

To fix this, I added a ServerName directive, as follows:

<virtualhost *:80>
    ServerName hostname
    ServerAdmin webmaster@localhost

Upgrading my laptop to Ubuntu 8.10 - network manager applet woes!

After upgrading my Ubuntu servers to 8.10, I turned my attention to my Ubuntu laptop running Ubuntu desktop. I used the Network Upgrade for Ubuntu Desktops.

The upgrade went smoothly, though it took a few hours (much longer than the server upgrades) and seemed to go in spurts (perhaps because of apt-cacher?). I did get one pop-up message I noted for later:

Third party sources disabled

Some third party entries in your sources.list were disabled. You can re-enable them after the upgrade with the 'software-properties' tool or your package manager.

I installed new versions of:

• /etc/init.d/mountdevsubfs.sh

Files I kept:

• /etc/services

55 obsolete packages were removed.

Afterwards, I rebooted and the fun began as the system couldn't connect to my wireless network. First thing I noticed was the following message in /var/log/messages:

Nov 1 16:31:32 von-laptop kernel: [ 470.051333] input: b43-phy0 as /devices/virtual/input/input14
Nov 1 16:31:32 von-laptop kernel: [ 470.256065] b43-phy0: Loading firmware version 351.126 (2006-07-29 05:54:02)
Nov 1 16:31:32 von-laptop kernel: [ 470.256080] b43-phy0 warning: You are using an old firmware image. Support for old firmware will be removed in July 2008.
Nov 1 16:31:32 von-laptop kernel: [ 470.256085] b43-phy0 warning: You must go to http://linuxwireless.org/en/users/Drivers/b43#devicefirmware and download the latest firmware (version 4).

Following the directions pointed to by the log message I ran the following command which installed new wireless drivers.

# /usr/share/b43-fwcutter/install_bcm43xx_firmware.sh

I rebooted and the driver message disappeared, but didn't fix the original problem and I still wasn't getting on the network.

So, next I connected to my wired network. Or at least I tried. Evening after plugging into my cat5 ethernet, I still wasn't getting a network connection. Very weird.

After poking around some I realized that the system was actually connecting to the wireless network, it's just that it wasn't getting an IP addresss via DHCP correctly. If I ran 'dhclient' manually, I got on the network just fine. Only problem was every few minutes the network manager tried to reconnect me, so I had to kill it ('killall nm-applet') to stay connected.

Next I tried upgrading to the latest network manager (as I did previously). I added the following lines to /etc/apt/sources.list. Note these are the same lines I had before that the upgrade commented out, but with "hardy" changed to "intrepid".

deb http://ppa.launchpad.net/network-manager/ubuntu intrepid main
deb-src http://ppa.launchpad.net/network-manager/ubuntu intrepid main

And upgraded via apt-get:

# apt-get update
# apt-get upgrade

Which installed new versions of libnm-glib0, libnm-util0, and network-manager. And then I rebooted... and my network came back up!

Ok, lesson learned is apparently I need to be prepared to keep up to date with the network manager applet separately.

Update: One annoyance still remaining, my firefox is all messed up. Google toolbar and all my other extension buttons are gone. To get them back I had to disable the "Ubuntu Firefox Modifications" and then I was able to restore everything.

Getting VMWare back up and running under 8.10

After upgrading to 8.10 VMWare wasn't working. I started by following these directions to install VMWare server.

Following that, I upgraded vmware-tools on each vm using these directions (I couldn't find any explicitly for 8.10).

Note that you'll want to do this from the console, as you'll lose networking during the process.

I ran into the following problem at one point:

Error: Unable to execute "/usr/bin/vmware-uninstall-tools.pl.

Following the advice in this thread, I ran vmware-tools-distrib/bin/vmware-uninstall-tools.pl and though it returned a few errors itself, it cleared up the problem.

Things seemed to work OK, except the vmhgfs and vmxnet drivers both failed to build. I don't care about vmhgfs since I don't use shared folders, but vmxnet (the "fast network interface") sure sounds handy. So I hope to come back to this.

Upgrading to Ubuntu 8.10

Ok, upgrading from 8.04 to 8.10. I started with my servers and followed the directions at Network Upgrade for Ubuntu Servers.

update-manager-core was already installed. I edited /etc/update-manager/release-upgrades and set "Prompt=normal", changing from "lts".

Then I tried running 'do-release-upgrade' and ran into my first problem:

# do-release-upgrade
Checking for a new ubuntu release
Failed Upgrade tool signature
Done Upgrade tool
Done downloading
extracting 'intrepid.tar.gz'
authenticate 'intrepid.tar.gz' against 'intrepid.tar.gz.gpg'
exception from gpg: GnuPG exited non-zero, with code 131072
Debug information:

gpg: WARNING: unsafe permissions on homedir `/tmp/tmpc88EwD'

gpg: can't open `/tmp/tmpc88EwD/intrepid.tar.gz.gpg'
gpg: verify signatures failed: file open error

Authentication failed
Authenticating the upgrade failed. There may be a problem with the network or with the server.

I suspected this has something to do with my use of apt-cacher. Poking around the net I found this bug which backed that up and provided a patch to apt-cacher.

Back on my caching system, I did the following to apply the patch:

# cp /usr/sbin/apt-cacher /usr/sbin/apt-cacher.orig
# vi /usr/sbin/apt-cacher
# diff /usr/sbin/apt-cacher.orig /usr/sbin/apt-cacher

111c111,112
<                  'Translation-.+\.bz2'
---
>                  'Translation-.+\.bz2',
>                    '[:alpha:]*\.tar\.gz\.gpg$'

And then I had to restart apt-cacher:

# /etc/init.d/apt-cacher restart
Restarting Apt-Cacher: apt-cacher.

Then back on my upgrading system, I ran 'do-release-upgrade' again and it worked fine.

On various systems, I installed the new version of:

• /etc/dhcp3/dhclient.conf
• /etc/apt/apt.conf.d/01ubuntu

I kept my versions of the following files:

• /etc/apache2/apache2.conf
• /etc/apache2/sites-available/default
• /etc/php5/apache2/php.ini
• /etc/smb.conf
• /etc/services
• /etc/smb.conf
• /etc/apt-cacher/apt-cacher.conf

I removed 19-20 obsolete packages and then answered "y" to reboot at the end. When the system came back up, all looked good:

$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=8.10
DISTRIB_CODENAME=intrepid
DISTRIB_DESCRIPTION="Ubuntu 8.10"

For my mythbuntu box, I followed the same network upgrade procedure as above. 54 obsolete packages were removed.

Still to go is getting VMWare back up and working and upgrading my Ubuntu laptop. Those will follow in separate posts.

Installing apt-cacher

In preparation for upgrading to 8.10 I decided to install a apt-cacher on my home network. Basically I followed the directions at the link in the prior sentence with some tweaks as described below.

First, install:

# apt-get install apt-cacher

Then configure the deamon to always be on by editing /etc/default/apt-cacher and changing AUTOSTART=0 to AUTOSTART=1:

vi /etc/default/apt-cacher

Then I edited /etc/apt-cacher/apt-cacher.conf to restrict access to my local network. I also added the path_map directive, though I'm pretty sure I'm not using it right now.

# cd /etc/apt-cacher
# cp apt-cacher.conf apt-cacher.conf.orig
# diff apt-cacher.conf.orig apt-cacher.conf
40c40
< allowed_hosts=* --- > allowed_hosts=192.168.1.0/24, 127.0.1.1
141a142,143
> path_map = debuntu repository.debuntu.org ; ubuntu archive.ubuntu.com/ubuntu; ubuntu-updates archive.ubuntu.com/ubuntu ; ubuntu-security security.ubuntu.com/ubuntu
>

Ok, first addition to the directions here. Later when the anacron job /etc/cron.daily/apt-cacher ran, I got the following errors:

Use of uninitialized value in concatenation (.) or string at /usr/share/apt-cacher//apt-cacher-lib.pl line 169, <$listpipe> line 244.
Use of uninitialized value in concatenation (.) or string at /usr/share/apt-cacher//apt-cacher-lib.pl line 169, <$listpipe> line 245.

I found this bug report describing the error. Following the report, I edited /usr/share/apt-cacher/apt-cacher-lib.pl as described in the bug report.

Ok, now you are ready to fire up apt-cacher. The missing log messages happen the first time and then went away.

# /etc/init.d/apt-cacher restart
Restarting Apt-Cacher: apt-cacherWarning: /var/log/apt-cacher/access.log missing. Creating.
Warning: /var/log/apt-cacher/error.log missing. Creating.
.

At this point you should be able to point your web broser at http://cache-host:3142/ (replace "cache-host" with the actual IP or hostname of your host) and see the apt-cacher status page. You can also visit http://cache-host:3142/report/ to get a report of how well your cacher is doing, though it won't have any interesting content until it's been running for a day.

Then I imported existing package from /var/cache/apt/archives/ to apt-cacher repository:

# /usr/share/apt-cacher/apt-cacher-import.pl /var/cache/apt/archives

Ok, now to configure the client systems, including the system on which apt-cacher is running, I followed the advice from EWB's comment and created /etc/apt/apt.conf.d/90local-proxy on each system (again, replace cache-host with your actual IP address or hostname):

# vi /etc/apt/apt.conf.d/90local-proxy
# cat /etc/apt/apt.conf.d/90local-proxy
Acquire::http::Proxy "http://cache-host:3142";

Now you can do a apt-get update. Expect this to take a while the first time you run it.

# apt-get update

That's it. Just sit back and enjoy the caching.

Update: After upgrading 5 systems (1 server, 3 VMs and my laptop) to 8.10 using the cacher, here the stats from the report for the day showed it saved me 48% of my apt-get traffic (956MB out of 1980MB).

WPA on Dell Inspiron 6000: No luck

My other system is a Dell Inspiron 6000 laptop on which I also have Ubuntu 8.04 running. I tried moving my wireless to WPA today and had no luck getting the laptop working. Every time I entered the WPA passphrase, it would try to connect for 10 seconds and then prompt for the passphrase again.

I tried these directions to no avail.

I tried following the directions here and installing the latest and greatest network manager, but to no avail.

I tried disabling the Gnome Network Manager and following these directions, but no luck either.

This guy apparently just thinks I'm an idiot.

Anyone got WPA working on a Dell Inspiron 6000 with Ubuntu 8.04? Getting wireless working was a snap, but WPA is eluding me so far...

In case it maters, I have d a Broadcom BCM4318:

% lspci | grep Wireless
03:03.0 Network controller: Broadcom Corporation BCM4318 [AirForce One 54g] 802.11g Wireless LAN Controller (rev 02)

Update: Well the youtube guy was right, I'm an idiot :-) Turns out I must have had a cut'n'paste error when I set the password on my WPA network, so it worked from the machine I set it on (pasted the same password), but somehow I transcribed it wrong into my KeePass database. Once I got the right password, things work fine.

Turning off screen saving (one more time)...

I've been wrangling with the screensaver and DPMS on my Mythbuntu box (see here and here).

At this point I've got DPMS off but still have one nagging issue - some screensaver is kicking on and I have to press a button on the remote to get it to turn off. Better than having to hit a key on the keyboard, but still not what I want - I just want to turn on the monitor and see my MythTV dammit.

First, I figured out that I could disable DPMS with the ~/.xsessionrc file, e.g:

$ cat ~/.xsessionrc
xset s noblank
xset s off
xset -dpms

Now, that should turn off the X screensaver too, but seems like something is still running. Ah, poking around I find I have gnome-screensaver running:

$ ps auxwww | grep gnome-screensaver
user 6086 0.0 0.1 15420 4908 ? Ss Oct19 0:32 gnome-screensaver

Poking around the net, I came across this thread, and I followed the directions to kill the gnome-screensaver:

$ killall gnome-screensaver
$ ps auxwww | grep gnome-screensaver
user 32499 0.0 0.0 3004 764 pts/1 R+ 08:34 0:00 grep gnome-screensaver

After that I played around a little and that did the trick - no more screensaver kicking on! So, following the directions a little further down in the thread I turned it off permanently:

$ gconftool-2 --type boolean -s /apps/gnome_settings_daemon/screensaver/start_screensaver false

So at this point I think I finally have all the screensavers, DPMS, etc. turned off on my MythBuntu box using the directions above.

Update 11/3/2008: Well, the gconftool-2 command above didn't persist through a reboot. So following these directions, I did the following (will update when I've confirmed if it worked or didn't):

gconftool-2 --type bool --set /apps/gnome-screensaver/idle_activation_enabled false

Update 1/10/2009: Well, the above didn't work. Next I tried directions in this post. First, I ran "gconf-editor" from a command-line. Then I selected "Apps" and "gnome-screensaver". Under the options for "gnome-screensaver" I deselected the option for "idle_activation_enabled".

After that, I rebooted and re-ran gconf-editor to make sure the "idle-activation_enabled" variable was still de-selected and it was. I've been watching my mythtv system idle now for over an hour and no screensaver. Success finally.

Creating ssh-only account

I wanted to create some accounts that could only be accessed via ssh key authentication. These would be accessed via cron jobs on another system for backing things up. Here's my process.

On the target host, create the account:

# useradd -m web-server-backup

You can verify this account has no password by the prescence of the "!" in the second field in /etc/shadow:

# grep web-server-backup /etc/shadow
web-server-backup:!:14171:0:99999:7:::

Now, back on the system that will be accessing the account, create a ssh key pair. Since this will be running unattended from cron, I will leave the password empty (i.e. just hit return):

# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): just hit return
Enter same passphrase again: just hit return
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
d3:ac:99:5f:9c:30:69:98:ad:ab:e9:e5:ef:34:38:bf root@web-server

Copy the public key you just created into your clipboard:

# cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArh6BSw0F1Li/Oh1GbqF6uTv34P4e0Ow7NMco962aHe070vGjlyqIE3CrOU9d3/ztoL7QgalegWj7WfWQ44I8Jz0WGTzLcssYhvluaHzBp5z8QKVvmSpj39f43kAYP0b2GdUwGZL9AER72MRZSxmaybzGoVK12bPr6t18gaAWl9c3b1Ng8MFbp7vvNptfb6NwikfOaL4vTqRfNuVWv6vxaw3xfE+8iuI8ubckUCqrNfayVmfgCmxNS5o9GauHSAZdXhH1xDkZ0ikjo4SAjYz83/eyNdrwef6GTQj+FXwsaiGSpz9B0IOWt613+MhI/uoXRTO2jNzJstBcQa19GbX0Hw== root@web-server

Now on the target account, create ~/.ssh:and copy the public key into ~/.ssh/authorized_keys:

# sudo -u web-server-backup -i
$ mkdir ~/.ssh
$ chmod 700 ~/.ssh
$ cat > ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArh6BSw0F1Li/Oh1GbqF6uTv34P4e0Ow7NMco962aHe070vGjlyqIE3CrOU9d3/ztoL7QgalegWj7WfWQ44I8Jz0WGTzLcssYhvluaHzBp5z8QKVvmSpj39f43kAYP0b2GdUwGZL9AER72MRZSxmaybzGoVK12bPr6t18gaAWl9c3b1Ng8MFbp7vvNptfb6NwikfOaL4vTqRfNuVWv6vxaw3xfE+8iuI8ubckUCqrNfayVmfgCmxNS5o9GauHSAZdXhH1xDkZ0ikjo4SAjYz83/eyNdrwef6GTQj+FXwsaiGSpz9B0IOWt613+MhI/uoXRTO2jNzJstBcQa19GbX0Hw== root@web-server
$ chmod 600 ~/.ssh/authorized_keys

Now back on the accessing account, you should be able to access the target account without a password. The first time you do this you will be prompted to trust the host key of the target system, so you should do this once to make this process without prompt.

# ssh -l web-server-backup file-server date
The authenticity of host 'file-server (192.168.1.12)' can't be established.
RSA key fingerprint is 4c:7a:f0:ba:0f:60:45:4b:b8:f1:cc:17:88:59:74:f0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'file-server,192.168.1.12' (RSA) to the list of known hosts.
Sun Oct 19 13:06:52 CDT 2008

Now it should work seamlessly:

# ssh -l web-server-backup file-server date
Sun Oct 19 13:08:19 CDT 2008

sbackup without GUI

I recently wanted to install and run sbackup without using the GUI interface (this was on my mythbuntu system and I didn't want to interrupt my show). Not that the sbackup package unfortunately requires X11 and Gnome, so you can't use it on a lean server system.

Start by installing it:

# apt-get install sbackup

The configuration is in /etc/sbackup.conf, edit this file. Basically you want to set your target and then under [dirconfig] set what paths you want backed up.

# cp /etc/sbackup.conf /etc/sbackup.conf.orig
# vi /etc/sbackup.conf
# diff /etc/sbackup.conf.orig /etc/sbackup.conf
8,9c8,9
< target=/var/backup
< #target=ssh://user:pass@example.com/home/user/backup/
---
> #target=/var/backup
> target=ssh://casey-backup@file-server/mnt/backups/casey
37,38c37,38
< /usr/local/=1
< /var/=1
---
> /usr/local/=0
> /var/=0

You can test your configuration by running /usr/sbin/sbackupd (this returns nothing for me, which apparently indicates success):

# /usr/sbin/sbackupd

Now install a cron job to run it (this one runs it every night at 12:30):

# cat /etc/cron.d/sbackup
30 12 * * * root test -x /usr/sbin/sbackupd && /usr/sbin/sbackupd

MythMusic

Just a quick entry about getting music playing working on MythBuntu. Basically just follow the directions at the MythTV MythMusic page.

Some configuration I did:

1. Under Utilities/Setup->Setup->Media Settings->Music Settings ->Player Settings->screen 1 check "show entire music tree"
2. On screen 3 set up some vizualizers
3. Under Utilities/Setup->Setup->Media Settings->Music Settings ->Ripper settings->screen 2, set the following:
   
   • Encoding: Lame (MP3)
   • Default Rip Quality: Medium
   • Enable "Use variable bitrates"

That's it for playing. I still can't import CD's at this point - it causes mythtv-frontend to crash! Looks like this bug.

Auto-updates under mythbuntu

Seems like mythbuntu doesn't install any sort of auto-update process, so I did the following to set one up.

First, I installed cron-apt:

# apt-get install cron-apt

Then, I created the following cron job:

# crontab -e
# crontab -l | tail -1
0 1 * * * /usr/bin/cron-apt && /usr/bin/apt-get -y dist-upgrade

Adding more space for MythTV

I noticed that my mythtv data directory was almost full:

# df | grep data
/dev/sda6 190957912 176125932 5208248 98% /mnt/data

Since I had 256GB of disk I wasn't using, I decided to add that as a second data directory for MythTV. So I mounted this partition as /mnt/data2 and then created /mnt/data2/mythtv

I then made sure mythtv owned the new directory:

# chown mythtv:mythtv /mnt/data2/mythtv

Then I added this directory to the default MythTV storage group, which was the usual MythTV menu hell:

1. Select "Utilities/Setup"


2. Select "Setup"


3. Select "MythBuntu" and enter root password when prompted


4. Select "MythTV Configuration"


5. Select "Launch MythTV Setup"


6. Select "Storage Directories"


7. Select "Default"


8. Select "Add New Directory"


9. Enter the name of the new directory (e.g. "/mnt/data2/mythtv")


10. Hit Escape 3 times to start exiting out


11. At this point I was presented with a warning that *none* of my mythtv data directories were writable. After double checking that I entered it right and that the directories were actually writable by themythtv user, I selected "No, I know what I'm doing"
    
12. Continue to exit out of menus by selecting "OK"


13. I canceled running mythfilldatabase


14. At this point things seemed to hang for 20-30 seconds with me just starting at a blank MythTV background. I think you just wait it out. I hit escape a couple times, but don't know that actually did anything.


15. Select "Quit"


16. Hit Escape until you get back to the top-level MythTV menu and then select "Information Center"


17. Select "System Status"


18. Under "Machine" you should now see the second directory listed.

More memory and another hard disk...

Running the VMs, I was concerned about memory, being that the system only had a GB, which doesn't got far with VMs running. Looking in the system I saw it had two free slots, so I found 2 GB cheap and intstalled them and all looked good after booting:

$ dmesg | grep Memory
[ 19.312226] Memory: 3041212k/3079040k available (2177k kernel code, 36516k reserved, 1006k data, 368k init, 2161536k highmem)

I also installed another hard drive. I had already filled to the two bays at the bottom front (the original drive plus one more), but I found that a third drive could be put into an open bay under the CD-rom drive. I don't see any way of nicely adding a fourth though...

Upgrading Mediawiki

There was an announcement of a security update to mediawiki, so I upgraded. Here are the steps that worked for me, based on the directions at http://www.mediawiki.org/wiki/Manual:Upgrading_MediaWiki.

Download the latest version:

# cd /tmp
# wget http://download.wikimedia.org/mediawiki/1.13/mediawiki-1.13.2.tar.gz

Stop Apache:

# /etc/init.d/apache2 stop

Backup the database:

# mysqldump --all-databases --xml -p > db-backup.xml
Enter password:
root@web-server:~# ls -l db-backup.xml
-rw-r--r-- 1 root root 6008760 2008-10-03 06:34 db-backup.xml

Backup my current wiki directory:

# cd /var/www
# tar cvfz wiki-backup.tar.gz wiki/

Installed the new software:

# tar xvfz /tmp/mediawiki-1.13.2.tar.gz -C wiki/ --strip-components=1

I didn't have AdminSettings.php, so I created that, setting values for wgDBadminuser and wgDBadminpassword:

# cd wiki
# cp AdminSettings.sample AdminSettings.php
# vi AdminSettings.php

Ran update.php:

# cd maintenance/
# php update.php
MediaWiki 1.13.2 Updater

Going to run database updates for wikidb-mw_
Depending on the size of your database this may take a while!
Abort with control-c in the next five seconds...0
...have ipb_id field in ipblocks table.
...snip...
Deleting old default messages (this may take a long time!)...Done
Checking site_stats row...ok.
Purging caches...done.
Done.

Restart Apache:

# /etc/init.d/apache2 start
* Starting web server apache2
...done.

And fired up a web browser and tested. Everything looked good.

Redirecting / to /mythweb

Minor tweak to make connections to http://host/ on my mythweb host redirect automatically to mythweb. Add the following to the beginning of /etc/apache2/sites-enabled/mythweb.conf (before the Directory declaration):

RedirectMatch ^/$ /mythweb/

And restart Apache:

# /etc/init.d/apache2 reload

Configuring automatic update of IP address in DynDNS and OpenDNS

Updated March 29, 2009: Removed '-daemon 300' flag from /etc/cron.daily/ddclient script.

I wanted to configure automatic updating of the dynamic IP address assigned by my ISP to both OpenDNS and DynDNS. I did this using ddclient.

Directions for configuring ddclient for OpenDNS can be found here and directions for DynDNS can be found here.

Here's what I did:

# apt-get install ddclient
I went ahead and entered configuration for DynDNS during the install when prompted.
# vi /etc/ddclient.conf
# cat ddclient.conf

# Configuration file for ddclient
#
# /etc/ddclient.conf

pid=/var/run/ddclient.pid
ssl=yes
protocol=dyndns2
use=web
server=members.dyndns.org
login=dyndns-login
password=dyndns-password
my-addr.dyndns.org

##
## OpenDNS.com account-configuration
##
use=web, web=whatismyip.org
server=updates.opendns.com
protocol=dyndns2
login=opendns-login
password=opendns-password
OpenDNS-Network-Label

# chmod 600 /etc/ddclient.conf
# vi /etc/cron.daily/ddclient
# cat /etc/cron.daily/ddclient

#!/bin/sh
/usr/sbin/ddclient -syslog

# chmod +x /etc/cron.daily/ddclient

Installing Samba on Ubuntu Server

Previously I had installed Samba via the Ubuntu desktop, but now I wanted to do it on Ubuntu server.

First, I installed samba:

apt-get install samba

At the end of the install on my VMWare host system, I got the warning below:

--------- IMPORTANT INFORMATION FOR XINETD USERS ----------
The following line will be added to your /etc/inetd.conf file:

## netbios-ssn     stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/smbd

If you are indeed using xinetd, you will have to convert the
above into /etc/xinetd.conf format, and add it manually. See
/usr/share/doc/xinetd/README.Debian for more information.
-----------------------------------------------------------

I didn't end up having to do anything special, but wanted to mention it anyways.

Next, I edited /etc/samba/smb.conf to look like the one below. (You'll want to replace "username" with an actual username or list of usernames.)

 
[global]
   workgroup = WORKGROUP
   server string = %h server (Samba, Ubuntu)
# This will prevent nmbd to search for NetBIOS names through DNS.
   dns proxy = no

# This tells Samba to use a separate log file for each machine
# that connects
   log file = /var/log/samba/log.%m

# Cap the size of the individual log files (in KiB).
   max log size = 1000

# Do something sensible when Samba crashes: mail the admin a backtrace
   panic action = /usr/share/samba/panic-action %d

# "security = user" is always a good idea. This will require a Unix account
# in this server for every user accessing the server.
   security = user
   encrypt passwords = true
   passdb backend = tdbsam
   obey pam restrictions = yes
   invalid users = root
# This option controls how nsuccessful authentication attempts are mapped 
# to anonymous connections
   map to guest = bad user
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

[tmp]
   comment = tmp
   path = /tmp
   valid users = username
   writable = yes
   create mask = 0644
   directory mask = 0755

You can validate your smb.conf file by running 'testparm', e.g:

# testparm -s
Load smb config files from /etc/samba/smb.conf
Processing section "[music]"
Loaded services file OK.
...

Restart Samba:

# /etc/init.d/samba reload
* Reloading /etc/samba/smb.conf smbd only
...done.

Add samba users via smbpassword:

smbpasswd -a username

That's it.

BTW, one tidbit, if you get "Error code -6602" on the client, this is caused by a non-existent path in /etc/samba/smb.conf.

mythtv-status missing config errors

The following cron job, running as root, kept emailing me output complaining about "No config found":

[ -x /etc/init.d/mythtv-status ] && /etc/init.d/mythtv-status reload > /dev/null

Replicating it from the commandline worked:

# mythtv-status > /dev/null
No config found; attempting to find mythbackend via UPnP.

After playing around a bit, I figured out it was coming from the MythTV Perl module:

# perl -e "require MythTV"
No config found; attempting to find mythbackend via UPnP.
No backends found. Please copy /root/.mythtv/config.xml from a working MythTV installation instead.
Compilation failed in require at -e line 1.

Copying ~/.mythtv/config.xml from the mythtv account to the root account solved the problem.

Locking, but not expiring, root

I don't want to allow direct root login (not just via ssh as described here but via console or any other way. Basically I want to make it so everything has to go through sudo. (Why? Because I like the fact everything is traceable back to given user.)

I had previously tried using 'passwd -l' as root to lock that account, but that seems to have the unwanted side effect of causing root's cron jobs to fail, as I see the following message in syslog whenever a roon cron job comes time to run:

CRON[11591]: User account has expired

The solution I found is as follows. Before you do this you want to make sure you have the ability to do things as root via sudo, or you will lock yourself out (see here for directions on this).

First, I undid what I did before and unlock the account (skip this if you didn't previously lock the root account):

# passwd -u root
Password changed.

Then edit /etc/shadow by hand and change root's password field to "!", e.g.:

# grep root /etc/shadow
root:!:14145:0:99999:7::1:

Just to make sure test the setup by running 'ssh -l root localhost' and try logging in. You shouldn't be able to.

/dev/vmon: host clock rate change request syslog messages

On my VMWare host system I was seeing frequent (2-3/minute) syslog messages like the following that was making my syslog really hard to view:

/dev/vmmon[12315]: host clock rate change request 26 -> 30

Searching around on the net, a number of other people have seen this problem. I tried several things before finding one that worked for me.

First that that didn't work for me, based on this thread, I tried removing powernowd ('apt-get remove powernowd') but that offered no change.

Next thing that didn't work, based on this blog page, I followed the advice on this vmware knowledge based page:

# cat /proc/cpuinfo | grep "MHz"
cpu MHz : 2400.000
# vi /etc/vmware/config
# tail -3 /etc/vmware/config
host.cpukHz = 2400000
host.noTSC = TRUE
ptsc.noTSC = TRUE

and restarted vmware ('/etc/init.d/vmware restart'), but no luck.

Finally, what worked, even though it wasn't supposed to solve my problem, was, based on this page, I added the following to/etc/vmware/config:

host.useFastClock = FALSE

and restarted vmware ('/etc/init.d/vmware restart'). And that did it! No more syslog message about clock rate changes.

To clean up, I re-installed powernowd ('apt-get install powernowd') and that didn't seem to have any ill effects. I left all the changes to /etc/vmware/config.

Changing the mythweb password

The Mythbuntu installation of mythweb uses htdigest instead of htpassword, with a domain of "MythTV":

# htdigest /etc/mythtv/mythweb-digest MythTV mythtv
Adding user mythtv in realm MythTV
New password:
Re-type new password:

Getting outgoing email working

I wanted outgoing email to work (should have done this a while ago). I basically followed these directions with one importance exception. When I ran "dpkg-reconfigure postfix" and it asked "Other destinations to accept mail for (blank for none):" I made this field "localhost, localhost.localdomain" - the default included the FQDN I entered for "mail name" which caused all email to that FQDN to be tried to delivered locally, which I didn't want.

This page was useful for figuring out by ISP's SMTP server.

If you have problems, look at the logs in /var/log/mail.*

Once I was sure everything was working, I added .forward files for all the users to redirect to my normal, external email account.

MythBuntu MythTV Tweaks

After getting MythBuntu installed, I did the following tweaks to MythTV:

• Disabling DPMS (screen power saver): Previously I did it with the session manager, but Mythbuntu doesn't have the equivalent. So based on this thread, I did the following:
  

  $ vi ~/.xsessionrc
  $ cat ~/.xsessionrc
  xset s noblank
  xset s off
  xset -dpms
  Now restart desktop so changes take effect
  $ sudo /etc/init.d/gdm restart
  

  Updated Oct 24, 2008: I later also disabled the gnome-screensaver
  
• I was still getting commercials during playback of recorded shows. Poking around it seemed like all the options for commercial remove were select, but then I found under Utilities/Setup -> Setup -> TV Settings -> Playback on screen 8 "Automatically Skip Commercials" which I set to "Automatically Skip"
• I wanted my familiar Blootube theme back. I found this under Utilities/Setup -> Setup -> Appearance on screen 1.
• I wanted channel changing during live TV to take effect immediately. This was done with a combination of two options: Utilities/Setup -> Setup -> TV Settings -> General screen 1, select "Change channels immediately without select", and Utilities/Setup -> Setup -> TV Settings -> Playback OSD screen 1, unselect "Always use Browse Mode"
• Under Utilities/Setup -> Setup -> TV Settings -> Playback, screen 2, I set "Action on playback exit" to "Save Position and exit" and "Prompt at end of Recording".
• Configured MythFillDatbase to run automatically. Utilities/Setup -> Setup -> TV Settings -> General screen 6, enable "Automatically run mythfilldatabase". For "Arguments" I used "--refresh-all --quiet" and for "Log Path" I used "/tmp/mythfilldatabase.log". Everything else I left as is.
• Next I wanted to get the extra buttons on my remote working. So under Utilities/Setup -> Edit Keys I bound keys to the various screens I wanted shortcuts to under "JumpPoints". (Hint: to jump to the "Watch Recordings" screen, use the "TV Recording Playback" action as the target.)
  
  A hint, run "irw" as root and press keys on your remote to figure out their names, e.g. the following shows me pressing the Blue and Go keys:
  

  # irw
  00000000000017a9 00 Blue Hauppauge_350
  00000000000017a9 01 Blue Hauppauge_350
  00000000000017a9 02 Blue Hauppauge_350
  00000000000017bb 00 Go Hauppauge_350
  00000000000017bb 01 Go Hauppauge_350
  00000000000017bb 02 Go Hauppauge_350
  

  
  
  The I edited ~/.lirc/mythtv and bound the remote commands to those keys (the "config" option).
  

  $ cd ~/.lirc
  $ cp mythtv mythtv.orig
  $ vi mythtv
  $ diff -c mythtv.orig mythtv
  *** mythtv.orig 2008-09-24 21:05:35.000000000 -0500
  --- mythtv 2008-09-24 21:39:34.000000000 -0500
  ***************
  *** 733,738 ****
  --- 733,774 ----
  begin
  remote = Hauppauge_350
  prog = mythtv
  + button = Blue
  + config = d
  + repeat = 0
  + delay = 0
  + end
  +
  + begin
  + remote = Hauppauge_350
  + prog = mythtv
  + button = Videos
  + config = r
  + repeat = 0
  + delay = 0
  + end
  +
  + begin
  + remote = Hauppauge_350
  + prog = mythtv
  + button = TV
  + config = l
  + repeat = 0
  + delay = 0
  + end
  +
  + begin
  + remote = Hauppauge_350
  + prog = mythtv
  + button = RED
  + config = m
  + repeat = 0
  + delay = 0
  + end
  +
  + begin
  + remote = Hauppauge_350
  + prog = mythtv
  button = 7
  config = 7
  repeat = 0
  

  
  Next I tried restarting lirc:
  

  
  sudo /etc/init.d/lirc restart
  

  
  But that just caused my remote to stop working with mythtv all together, so I rebooted and all worked fine.

Wow, if it is possible for something to have too many options, MythTV is guilty...

Mythbuntu install

Ok, I had previously gotten my MythTV configuration messed up, so I decided I had been itching to try Mythbuntu, I would start with a fresh installation.

Here I the steps I took:

1. Downloaded Mythbuntu 8.04.1 and burned to a CD.


2. Booted CD and ran the Mythbuntu installer.


3. I used the Manual partitioner and partitioned my 250GB disk into a 50GB partition for the OS and a 200GB partition for program storage. (This worked out, at the end I'm still only using <2GB of the 50GB partition.)


4. Did the Advanced Install and took the default for everything except:
   
   
   
   • I disable the Samba Service.
   
   
   • I set passwords on mythweb and mysql servers.
   
   


5. I enabled a "Hauppage TV card" remote.

It then did it thing and then launched Mythtv-setup (I already have a schedules direct account). In mythtv-setup I did the following:

1. Under "Capture Cards", I added a new capture card. As I did previously I used MPEG-2 encoder card (PVR-x50, PVR-500) for my WinTV-PVR 250.


2. Under "Video Sources", I added my Schedules Direct lineup. It retrieved my lineup just fine.


3. Under "Input Connections", I set the Tuner 1 video source to Schedules Direct and fetched the channels from listings source.
4. 
   
5. Under "Storage Groups", I added the directory to the 200GB partition to the Default group.

I exited from mythtv-setup and mythfilldb ran. It then restarted, ejecting the CD for me.

After the system came up, the MythTV fronend started. I could see a full program guide under Manager Recordings/Schedule Recordings/Program Guide which was good.

But "Watch TV" didn't work; the screen would just blank and then come back to the menu. Hmmm, there was a little popup in the corner about restricted drivers. I exited MythTV and clicked on the little "driver icon" in the upper right of the desktop. A menu came up wanting to know if I wanted to enable "NVIDIA accelerated graphics driver". I enabled and it tried to install nvidia-glx-new_169.12 but got a 404 error.

I opened a Terminal and run 'sudo apt-get update' and then tried the driver enable again and it worked. I then rebooted.

Damn. Watching TV still didn't work.

Under Setup/Mythbuntu, there is a Propriety Drivers section and I installed the NVIDIA configuration utility and ran it. Ran fine, and I didn't do anything with it. But it just locked up my display when I tried to quit it.

Ah, after reading the advice here and looking in /var/log/mythtv/mythbackend, that provided the missing clue:

2008-09-22 21:52:33.292 TFW, Error: Opening file '/mnt/data/mythtv/1002_20080922215232.mpg'.
eno: Permission denied (13)

The directory /mnt/data was where I had mounted the 200GB partition and then I had created mythtv but I (i.e. the user I had provided during installation) owned it. Apparently, the mythtv user needed to own it.

# chown mythtv:mythtv /mnt/data/mythtv/

And now Watch TV worked!

Some minor administration followed:

1. Reset static IP address using directions here. Note that as soon as I changed /etc/networks/interfaces, the eth0 network went away and I had to run '/etc/init.d/networking restart' to restore it.


2. Installed some utils I like:
   

   apt-get install screen cvs



3. Ran '/usr/bin/apt-get -y dist-upgrade' to update everything.


4. Ran 'apt-get autoremove' to clean up


5. And a reboot after all of that...

Ok, everything seems to be basically working at this point except for some minor tweaks with the remote and channgel changing with mythtv. But I got a bunch of recordings scheduled and that's enough for tonight.

Testing web server with nikto

I wanted to give my web server a quick test for any major security problems. nikto was recommended to me as a good way to do that. I downloaded and installed (unpacked really) it:

# cd /tmp
# wget http://www.cirt.net/nikto/nikto-current.tar.gz
# tar xvfz nikto-current.tar.gz
# mv nikto /usr/local/nikto-2.03

And then I ran it against my webserver. Seems like a number of software packages are out of date, but are the freshest in the Ubuntu repositories. All together, nothing I'm concerned about.

# /usr/local/nikto-2.03/nikto.pl -h web-server
- Nikto v2.03/2.04
---------------------------------------------------------------------------
+ Target IP: 192.168.1.11
+ Target Hostname: web-server
+ Target Port: 80
+ Start Time: 2008-09-15 16:58:59
---------------------------------------------------------------------------
+ Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.3 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g
- Root page / redirects to: /wiki/
+ Apache/2.2.8 appears to be outdated (current is at least Apache/2.2.9). Apache 1.3.39 and 2.0.61 are also current.
+ PHP/5.2.4-2ubuntu5.3 appears to be outdated (current is at least 5.2.6RC4)
+ mod_ssl/2.2.8 appears to be outdated (current is at least 2.8.31) (may depend on server version)
+ mod_ssl/2.2.8 OpenSSL/0.9.8g - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell (difficult to exploit). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0082.
+ OSVDB-3268: GET /icons/ : Directory indexing is enabled: /icons
+ OSVDB-3233: GET /icons/README : Apache default file found.
+ 3577 items checked: 6 item(s) reported on remote host
+ End Time: 2008-09-15 17:00:48 (109 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

Test Options: -h web-server
---------------------------------------------------------------------------

Installing VMware sevrer on Ubuntu server

I had previously installed vmware-server 1.0.7 on by ubuntu laptop, so now I went to install it on my server system, but I ran into the following when vmware-config.pl was running:

None of the pre-built vmmon modules for VMware Server is suitable for your
running kernel. Do you want this program to try to build the vmmon module for
your system (you need to have a C compiler installed on your system)? [yes]

Using compiler "/usr/bin/gcc". Use environment variable CC to override.

Your kernel was built with "gcc" version "4.2.3", while you are trying to use
"/usr/bin/gcc" version "4.2.4". This configuration is not recommended and
VMware Server may crash if you'll continue. Please try to use exactly same
compiler as one used for building your kernel. Do you want to go with compiler
"/usr/bin/gcc" version "4.2.4" anyway? [no]

Ok, so off to the web for help and I came across this thread. I tried installing gcc-4.2.3 as suggested, but no luck:

# dpkg -i /var/cache/apt/archives/gcc_4%3a4.2.3-1ubuntu6_i386.deb
(Reading database ... 188652 files and directories currently installed.)
Preparing to replace gcc 4:4.2.3-1ubuntu6 (using .../gcc_4%3a4.2.3-1ubuntu6_i386.deb) ...
Removing old gcc doc directory.
Unpacking replacement gcc ...
Setting up gcc (4:4.2.3-1ubuntu6) ...

root@casey:/tmp/vmware-server-distrib# ls -l /usr/bin/gcc*
lrwxrwxrwx 1 root root 7 2008-09-14 16:28 /usr/bin/gcc -> gcc-4.2
-rwxr-xr-x 1 root root 206692 2008-03-11 04:37 /usr/bin/gcc-4.1
-rwxr-xr-x 1 root root 193372 2008-09-10 14:14 /usr/bin/gcc-4.2
-rwxr-xr-x 1 root root 16312 2008-03-11 04:32 /usr/bin/gccbug-4.1
-rwxr-xr-x 1 root root 2018 2007-06-04 19:59 /usr/bin/gccmakedep
root@casey:/tmp/vmware-server-distrib# gcc --version
gcc (GCC) 4.2.4 (Ubuntu 4.2.4-1ubuntu1)
Copyright (C) 2007 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

So, I went with the comment from ztirffritz and build with gcc 4.2.4. So far it seems to be working.

Connect to Server and Bookmarks

In case you haven't discovered Ubuntu's "Connect to Server" feature you should. If you are administering, or even accessing multiple systems, it's a big help. Basically you can make any remote host you have ssh access to appear as a Nautilus (i.e. file browser) folder on your local system.

Under "Places" click on "Connect to Server". For "Service type" select "SSH". Under Server put in the remote hostname. You can probably leave Port and Folder empty. If your User Name differs on the remote system, put that in under "User Name". If you want to save it as a Bookmark for easy future connections, click "Add Bookmark" and give it a name.

Click connect. If you are running SSH-Agent and have your keys set up appropriately, you'll need to enter nothing further, you should just get a open window showing the filesystem on the remote machine. Otherwise you'll be prompted for a password.

BTW, you can access and edit your bookmarks on any open Nautilus window under the Bookmarks menu.

Installing VMware server 1.07

I saw there was a new version (1.07) of vmware-server available, so I went ahead and pulled it down and installed it.

One thing I quickly figured out was you can't skip running /usr/bin/vmware-config.pl - if you do that you won't find the VMWare Server Console in your Applications menu. I did just take the default answer for everything.

Once that was done I tried firing up the Console, but it wouldn't start. No error message, it would just appear in the task list and then disappear. Trying to run it from the commandline resulted in the following error:

# /usr/bin/vmware
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4' not found (required by /usr/lib/libcairo.so.2)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0' not found (required by /usr/lib/libstdc++.so.6)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4' not found (required by /usr/lib/libcairo.so.2)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0' not found (required by /usr/lib/libstdc++.so.6)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_3.4' not found (required by /usr/lib/libcairo.so.2)
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libgcc_s.so.1/libgcc_s.so.1: version `GCC_4.2.0' not found (required by /usr/lib/libstdc++.so.6)

Ok, time to google and, as usual, the net comes through.

# cd /usr/lib/vmware/lib
# mkdir bak
# mv libgcc_s.so.1/libgcc_s.so.1 bak

And all seems good now.

Reverse proxying with Apache

I had a network-attached webcam that I want to reverse proxy through apache to take advantage of its https support. The camera is at 192.168.1.253. Here are the steps I took:

# a2enmod proxy proxy_http
# vi /etc/apache2/sites-available/webcam-proxy
# cat /etc/apache2/sites-available/webcam-proxy
ProxyRequests Off

<Proxy *>
Order deny,allow
Allow from all
</Proxy>

ProxyPass /webcam http://192.168.1.253/
# a2ensite webcam-proxy
# /etc/init.d/apache2 reload

Time synchronization in VMs

---

This post is the wrong way to go about things, see this article for details, but basically what you want to do is make sure you have the following in the VM's .vmx file:

tools.syncTime = "TRUE"

---

I'm noticed some serious time drift in my VMs (almost a day over a couple of weeks). Since I'm not running VMWare tools (I'm not running X), I needed a way to keep things in sync.

According to this page, time is synchronized at boot, which seems to be true, but isn't enough in my case.

So as suggested on the page, I installed ntp, but apparently the ntp-simple package no longer exists:

# apt-get install ntp-simple
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package ntp-simple is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
However the following packages replace it:
ntp
E: Package ntp-simple has no installation candidate

So I installed ntp instead:

# apt-get install ntp

Then I edit /etc/ntp.conf to use all the North American servers:

# vi /etc/ntp.conf
# grep ^server /etc/ntp.conf
server ntp.ubuntu.com
server 0.north-america.pool.ntp.org
server 1.north-america.pool.ntp.org
server 2.north-america.pool.ntp.org
server 3.north-america.pool.ntp.org

Running MythWeb remotely

---

DO NOT FOLLOW THESE DIRECTIONS: They've messed with my MythTV install, causing it to become unstable and forget all its recording scheduling information.
I strongly suspect it has to do with the database tweaking I did at the end, but I'm not going to try and fix it. I'm just going to run MythWeb locally, probably on a fest mythbuntu install.

---

This describes my installation of MythWeb on a server (192.168.1.11) that was separate from the system running my MythTV front end, back end and mysql database (192.168.1.10)

First, on the mythtv system, configure MySQL to accept remote connections:

# grep bind /etc/mysql/my.cnf
bind-address = 0.0.0.0
# /etc/init.d/mysql restart
* Stopping MySQL database server mysqld [ OK ]
* Starting MySQL database server mysqld [ OK ]
* Checking for corrupt, not cleanly closed and upgrade needing tables.

Now create a mythweb user in the mysql database. Replace "XXXXXXXX" here with an actual password you'll use again later. (I think you could get away with skipping this step and then using the mythtv user later. I'm also not sure you need to "grant all" permissions.)

# mysql --user=root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 163
Server version: 5.0.51a-3ubuntu5.2 (Ubuntu)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> grant all privileges on mythconverg.* to mythweb@192.168.1.11 identified by 'XXXXXXXX';
Query OK, 0 rows affected (0.06 sec)
mysql> select host,user from user;
+--------------+------------------+
| host | user |
+--------------+------------------+
| 192.168.1.11 | mythweb |
| casey | root |
| localhost | debian-sys-maint |
| localhost | mythtv |
| localhost | root |
+--------------+------------------+
5 rows in set (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.04 sec)

Mythweb uses the MasterServerIP value from the settings table to find the backend. In my case this was set to 127.0.0.1, which was fine if Mythweb is on the same system, but breaks things if they are are different systems. So change that to tell mythweb where to find the mythtv back end:

mysql> update settings set data='192.168.1.10' where value='MasterServerIP';
Query OK, 1 row affected (0.02 sec)
Rows matched: 1 Changed: 1 Warnings: 0

mysql> select data from settings where value='MasterServerIP';
+--------------+
| data |
+--------------+
| 192.168.1.10 |
+--------------+
1 row in set (0.00 sec

Ok, now on web server system install mythweb:

# apt-get install mythweb

And tell mythweb where to find the mysql database. Replace 'XXXXXXXX' here with the password for the mythweb user you created in the mysql database previously. (If you skipping creating the mythweb user earlier, this is where you would put in your mysql mythtv login and password instead.)

# cd /etc/apache2/sites-available/
# vi mythweb.conf
# grep db_ mythweb.conf
setenv db_server "192.168.1.10"
setenv db_name "mythconverg"
setenv db_login "mythweb"
setenv db_password "XXXXXXXX"
# apache2ctl restart

And things should be working. Don't forget to require authentication.

Backups...

I'm trying sbackup for backups. We'll see how it goes.

Update: this seems to be going great. I was using NFS, but I'd like to get away from that and since I notice sbackup supports scp, I've create a backup user and am trying it with that new account.

Update(2): sbackup appeared to have hung on me, as I got email from cron: "E: Another Simple Backup daemon already running: exiting" I did a "ps auxwww | grep sbackupd" and kill the process (a python script actually) and will check on it tomorrow...

Installing NFS

Used the directions here. Nothing more to say.

What I did was to mount a USB drive attached to the VM Host system inside the VM Guest and then export it via both NFS and Samba, esentally making the USB drive available across my home network. I'm a little concerned about performance, but we'll see how it goes.

Disabling Monitor Power Saver

Update October 25, 2008: I've made improvements on what I describe in this post - please see this later post.

So after upgraded to Hardy Heron I'm having an annoying problem that the system keeps putting the monitor into power save mode after a couple hours. This is a problem because I turn on the monitor with my remote but I still have to go hit a key on the keyboard to then use MythTV. Not ideal. It's definitely power saving (as opposed to a screen saver) since the monitor goes into a power-off mode with the power LED blinking.

First thing I did was check System/Preferences/Power Management. But both "Put computer to sleep when inactive for:" and "Put display to sleep when inactive for:" were set to Never.

So, I tried the directions here for installing bum. A couple of notes:

• After installing the Bootup Manager, you'll find it under System Administration
• The Gnome-Power-Manager is just called Power Manager.

Then I rebooted and still no luck, after a couple of hours the monitor is asleep again.

Poking around on the web, I found this useful page on screen blanking under X. I verified that I can reproduce the screen blanking I'm experiencing with the following command:

% sleep 1; xset dpms force off

So, I poked a little deeper at my settings. I believe the "0" values indicate that X shouldn't be turning the monitor off:

% xset q
...
DPMS (Energy Star):
Standyby: 0 Suspend: 0 Off: 0
DPMS is Enabled
Monitor is On
...

But I pushed ahead and next I tried turning off dpms:

% xset -dpms

That seemed to do the trick! Several hours have passed and the screen is still awake.

Ok, now how do I make it permanent. I launched System/Preferences/Sessions. Then I clicked on "Add". For Name I put "Disable DPMS", for Command "xset -dpms" and left Comment blank. Clicked on OK and then Close and then I rebooted the system (I probably could have just logged out and back in, but I like to make sure things work from a boot).

And that seems to have worked, at least 'xset q' now shows DPMS as disabled. Hopefully that ends this tale.

Installing VMWare server

So, I wanted to play with virtual machines. I installed VMWare-server following the directions here. I ended up installing VMware-server version 1.0.6 and this was on my Ubuntu 8.04.1 Desktop system.

BTW, the apt-get approach did not work for me.

I then proceeded to download Ubuntu 8.04.1 Server and installed it in a new VM. (BTW, I did try installing a Ubuntu appliance, but I had problems with eth0 not showing up, which in retrospect I suspect might have been solved if I had followed the directions here.)

Installing VMWare Tools into the VM was also tricky. I suspect because it had a 2.6.24-19-server kernel and most of the directions out there are for older kernels. The directions I did find that worked are here.

That's it. Have to say, I'm fairly impressed so far.

Upgrading from 7.04 to 8.04

Following directions at:
http://www.ubuntu.com/getubuntu/upgrading

Start with upgrade to 7.10:
https://help.ubuntu.com/community/GutsyUpgrades

That worked flawlessly. Then I basically repeated that step, running the Update Manager again, to upgrade to 8.04.

This time, it didn't go so well. The update froze at

Generating locales...
en_AU.UTF-8...

Fortunately, this thread on the Ubuntu forums shorted things out for me.

So now things seems to be up and running for the most part...

One thing that is obviously broken is the remote control - aka LIRC. No surprise, it breaks every time the wind blows I'm sorry to say.

I reinstalled LIRC per directions here. Except, my lirc device was /dev/lirc/0 instead of /dev/lirc0. This effected some of the testing and also meant I had to change /etc/lirc/hardware.conf:

REMOTE_DEVICE="/dev/lirc0"

to

REMOTE_DEVICE="/dev/lirc/0"

Then a reboot (always seems necessary with lirc) and that seems to be working.

Ok, Apache doesn't seem to be running. But I think it's time to look into a VMWare appliance...

Locking down the web server

My next step was to lock down the web server to prevent any anonymous access.

First was to tweak /etc/apache2/apache2.conf (see this previous post for more information:

<Directory /var/www/>
AuthType Basic
AuthName "Casey Web"
AuthUserFile /etc/apache2/basicauth
Require valid-user
</Directory>

Second, I tweaked mediawiki to not allow anonymous access to any page by editing /var/lib/mediawiki1.7/LocalSettings.php. I changed the following line:

$wgWhitelistRead = array ("Main Page", "Special:Userlogin", "Wikipedia:Help");

to:

$wgWhitelistRead = array ("Special:Userlogin");

Adding SSL support to Apache2

I wanted to increase security and add https support to my Apache2 install. Poking around I found directions here. Which I basically followed:

# apt-get install ssl-cert
# mkdir /etc/apache2/ssl
# make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
# a2enmod ssl
# cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
# vi /etc/apache2/sites-available/ssl
# diff /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl

1,2c1,2
< NameVirtualHost *
< <VirtualHost *>
---
> NameVirtualHost *:443
> <VirtualHost *:443>
4a5,7
>       SSLEngine On
>       SSLCertificateFile /etc/apache2/ssl/apache.pem
>

# a2ensite ssl
# /etc/init.d/apache2 reload
# cp /etc/apache2/sites-available/default /etc/apache2/sites-available/default.orig
# vi /etc/apache2/sites-available/default
# diff /etc/apache2/sites-available/default.orig /etc/apache2/sites-available/default

1,2c1,2
< NameVirtualHost *
< <VirtualHost *>
---
> NameVirtualHost *:80
> <VirtualHost *:80>

But then I ran into this problem:
# /etc/init.d/apache2 start

* Starting web server (apache2)...
[Sat Aug 09 17:28:50 2008] [warn] The Alias directive in /etc/apache2/sites-enabled/001-mediawiki at line 1 will probably never match because it overlaps an earlier Alias.
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs
...fail!

Which I fixed by commenting out the Listen directive in ports.conf:
# vi /etc/apache2/ports.conf
# cat /etc/apache2/ports.conf

#Listen 80

That got things working.

While I was playing with Apache configuration, I went ahead and fixed a warning about a undefined server name:

# vi /etc/apache2/apache2.conf
# grep ServerName /etc/apache2/apache2.conf
ServerName casey.vwelch.com

LIRC (remote) not working

I rebooted my Ubuntu system and suddenly the remote wasn't working. I poked around and noticed lirc was not running.

# ps auxwww | grep lirc
root     14915  0.0  0.0   2884   752 pts/0    R+   21:09   0:00 grep lirc
#

Poking around in the logs, it looked like lirc was dying when lircmd was started (I verified this by starting them sequentially):

# tail /var/log/daemon.log
Jul 30 21:00:43 casey lircd-0.8.2-CVS[6792]: lircd(userspace) ready
Jul 30 21:00:48 casey lircd-0.8.2-CVS[6792]: accepted new client on /dev/lircd
Jul 30 21:00:48 casey lircd-0.8.2-CVS[6792]: could not get file information for /dev/lirc
Jul 30 21:00:48 casey lircd-0.8.2-CVS[6792]: default_init(): No such file or directory
Jul 30 21:00:48 casey lircd-0.8.2-CVS[6792]: caught signal
#

So I downloaded LIRC 0.8.3 (I had been running 0.8.1) from the project download page and build according to directions at: http://www.mythtv.org/wiki/index.php/LIRC_on_Ubuntu_Edgy_Eft

Then the daemon seemed to start fine, though I still had to reboot to get the remote working.

# /etc/init.d/lirc start
Starting lirc daemon: lircd lircmd.
# ps auxwww | grep lirc
root     14842  0.0  0.0      0     0 ?        S    21:07   0:00 [lirc_dev]
root     14909  0.0  0.0   2876   552 ?        Ss   21:09   0:00 /usr/sbin/lircd --device=/dev/lirc
root     14911  0.0  0.0   1636   236 ?        Ss   21:09   0:00 /usr/sbin/lircmd
root     14915  0.0  0.0   2884   752 pts/0    R+   21:09   0:00 grep lirc
#

Fixing the auto-updating

A while ago I set up automatic updating of patches. Well, today I took a look and it didn't look like things were working (running 'apt-get dist-upgrade' produced a big, long list of stuff that needed to be installed).

I added "-y" to the "apt-get" command in /etc/cron.daily and that seemed to fix things:

# vi /etc/cron.daily/auto-update
# cat /etc/cron.daily/auto-update
#!/bin/bash
/usr/sbin/cron-apt
/usr/bin/apt-get -y dist-upgrade

Updated mythfilldatabase cron job

Based on this post I changed my crontab entry to:

0 6 * * * /usr/bin/mythfilldatabase --refresh-all --quiet