I was trying to install HALite, the WebUI for SaltStack, using the provided instructions. However, I kept getting the following errors when trying to create the certificates using Salt:

'tls.create_ca_signed_cert' is not available.  
'tls.create_ca' is not available.

Basically, the ’tls’ module in Salt simply didn’t appear to work. The reason for this is detailed on intothesaltmind.org:

Note: Use of the tls module within Salt requires the pyopenssl python extension.

That makes sense. We can fix this with something like:

apt-get install libffi-dev  
pip install -U pyOpenSSL  
/etc/init.d/salt-minion restart

Or, better yet, with Salt alone:

salt '*' cmd.run 'apt-get install libffi-dev'  
salt '*' pip.install pyOpenSSL  
salt '*' cmd.run "service salt-minion restart"

The commands to create the PKI key should work now:

Created Private Key: "/etc/pki/salt/salt_ca_cert.key." Created CA "salt": "/etc/pki/salt/salt_ca_cert.crt."  

I have had this issue before, solved it, and had it again.

Let’s say you plug in a USB drive into a Linux machine, and try to access it (mount it, partition it with fdisk/parted, or format it), and you get the error

Error opening /dev/sda: No medium found  

Naturally the first thing you will do is ensure that it appeared when you plugged it in, so you run ‘dmesg’ and get:

sd 2:0:0:0: [sda] 125045424 512-byte logical blocks: (64.0 GB/59.6 GiB)  

And it appears in /dev

Computer:~ $ ls /dev/sd*  
/dev/sda  
Computer:~ $  

Now what? Here’s what has bitten me twice: make sure the drive has enough power. Let’s say you mounted a 2.5" USB drive into a Raspberry Pi. The Pi probably doesn’t have enough current to power the drive, but it does have enough to make the drive recognisable. Or, if you are like me, the USB charger powering the drive is faulty, so even though it has power, it doesn’t have enough.

The next troubleshooting step should be obvious: give the drive enough power to completely spin up.

As a preface, I take absolutely no credit for the below instructions. Stefan L kindly sent these through these instructions on installing Debian on the 3310A. I need to send a special thanks to Stefan, as I receive a lot of emails about the 3310 - but I don’t have one, so I can’t really do much:

The only edit I’ve done is change out the links to my files on S3. If you find these helpful, or want to suggest an alteration, please leave a comment.

Download these files first:

• 2.6.31.5 kernel image
• 2.6.31.5 kernel headers
• 2.6.31-14 custom pata_rdc module

EDIT 16-03-2025: I have since removed these files.

The steps to install Lenny to CF in brief is:

1. Install i386 version of Lenny to CF on another computer
2. Add the revised kernel deb with dpkg -i *.deb
3. Change fstab from hda1 to sdb1 (sda1 if there is no micro sd card) - uuids may be better
4. Change /boot/grub/menu.lst to:

title           Debian GNU/Linux, kernel 2.6.31.5-vortex86-sl3
root            (hd0,0)
kernel          /boot/vmlinuz-2.6.31.5-vortex86-sl3 root=/dev/sdb1 ro verbose

5. Probably need to change /boot/grub/device.map

(hd1)   /dev/sda
(hd0)   /dev/sdb

With no micro sd it would be:

(hd0) /dev/sda

6. delete the section below “# PCI device ….” in /etc/udev/rules.d/70-persistent-net.rules (Otherwise the eBox network gets remapped to eth1 and may not appear if only eth0 is specified in the network settings)
7. Reboot & pray The next one is a revised initrd for the current Ubuntu 9.10: http://staff.washington.edu/lombaard/initrd.img-2.6.31-14-generic-pata_rdc. (EDIT 12-03-2025: Lost my image that was linked from here). The two changes are: blacklist dm_raid45 & add pata-rdc.ko “blacklist dm_raid45” needs to be added to /etc/modprobe.d/blacklist.conf I managed to boot into gnome desktop without any further problems. I have enabled PCI IDE Bus Mastering, plug&play and IDE native mode in the bios. Hope this saves someone else a few hours of frustration.

I’ve been using Atheros for quite some time, and I’ve always liked the madwifi drivers. They allowed really easy switching into monitor mode, and decent levels of packet injection. However, since I’m mostly in an office now, instead of writing web apps in cafes and trying to score free internet, I don’t really need anything fancy. My gentoo stage 1 (3?) days are over. I use Ubuntu, because I’m lazy, and it mostly works.

My new laptop (well, 1.5 year old laptop now, but still new in my eyes) gave me the option between an Intel card and a Atheros wifi card. I chose the Atheros card; then the ath5k module came out, and life has been turbulent ever since.

In summary: the ath5k driver in the 2.6.28 kernel, which is what Ubuntu 9.04 uses, isn’t as up-to-date as the drivers in compat-wireless. Fancy that… This presents me with the option of compiling a new kernel specifically with it, or just installing compat-wireless. I’m lazy, so…

I’ll get a few basic troubleshooting commands out of the way first. After updating the kernel I kept getting disconnected - it appeared I was associate/disassociating frequently.

# dmesg
...
2577.134060] wlan0: associated
[ 2580.984838] wlan0: disassociating by local choice (reason=3)
...

# lspci | grep Atheros
03:00.0 Ethernet controller: Atheros Communications Inc. AR5212 802.11abg NIC (rev 01)

# ping 192.168.1.1
...
64 bytes from 192.168.1.1: icmp_seq=2409 ttl=64 time=1.13 ms
64 bytes from 192.168.1.1: icmp_seq=2410 ttl=64 time=2236.61 ms
64 bytes from 192.168.1.1: icmp_seq=2411 ttl=64 time=4562.40 ms
64 bytes from 192.168.1.1: icmp_seq=2412 ttl=64 time=6521.868 ms
...

The steps to resolve are as follows:

1. Make sure you have headers for your current kernel.
2. Make sure you have ability to compile programs.
3. Download and install compat-wireless
4. Unload and load the module.

So, first, use Synapitc to get the latest kernel headers and the ‘build-essential’ packages.

Next, download the compat-wireless package. I needed to use one from a few weeks ago because I received the following error:

make -C /lib/modules/2.6.28-15-generic/build M=/usr/src/compat-wireless-2009-09-22 modules
make[1]: Entering directory `/usr/src/linux-headers-2.6.28-15-generic'
CC [M]  /usr/src/compat-wireless-2009-09-22/drivers/net/wireless/b43/main.o
/usr/src/compat-wireless-2009-09-22/drivers/net/wireless/b43/main.c: In function 'b43_do_interrupt':
/usr/src/compat-wireless-2009-09-22/drivers/net/wireless/b43/main.c:1888: error: 'IRQ_WAKE_THREAD' undeclared (first use in this function)
/usr/src/compat-wireless-2009-09-22/drivers/net/wireless/b43/main.c:1888: error: (Each undeclared identifier is reported only once
/usr/src/compat-wireless-2009-09-22/drivers/net/wireless/b43/main.c:1888: error: for each function it appears in.)
/usr/src/compat-wireless-2009-09-22/drivers/net/wireless/b43/main.c: In function 'b43_request_firmware':
/usr/src/compat-wireless-2009-09-22/drivers/net/wireless/b43/main.c:2218: warning: format not a string literal and no format arguments
/usr/src/compat-wireless-2009-09-22/drivers/net/wireless/b43/main.c: In function 'b43_wireless_core_start':
/usr/src/compat-wireless-2009-09-22/drivers/net/wireless/b43/main.c:3867: error: implicit declaration of function 'request_threaded_irq'
make[4]: *** [/usr/src/compat-wireless-2009-09-22/drivers/net/wireless/b43/main.o] Error 1
make[3]: *** [/usr/src/compat-wireless-2009-09-22/drivers/net/wireless/b43] Error 2
make[2]: *** [/usr/src/compat-wireless-2009-09-22/drivers/net/wireless] Error 2
make[1]: *** [_module_/usr/src/compat-wireless-2009-09-22] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.28-15-generic'
make: *** [modules] Error 2

You can download a working 2009-09-05 set from orbit-lab.org

# tar -xpjf compat-wireless-2009-09-05.tar.bz2
# cd compat-wireless-2009-09-05
# make
# make install
# make unload
# modprobe ath5k

All done. My variable ping times and random disconnections seem to have been mitigated. Thanks wireless guys!

I’ve started leaving my webcam on as a motion detector to find out who is leaving the shopping cards on our lawn, and ultimately have found it useful to stitch the images together into a movie. There are several ways to do this - and my way maybe isn’t the best - but it works for me.

I first installed and configured motion, which I’ve used for years. I then created a file in ~/.motion called motion.com:

$ cat ~/.motion/motion.conf

height 480
width 640
framerate 2

By creating this file, it allows me to start motion without modifying the global motion.conf file permissions, or gasp running it under sudo. There are lots of options you can put in your motion.com file.

With motion installed, and configured, now install mencoder.

I prefer to generate a seed file based on the creation date for each image. If you try to use mencoder with just a *.jpg, it works, but my video jumped around.

$ pwd
/home/path/Desktop/motion
$ ls -rt *.jpg > list.txt

This list.txt file now has the filenames, in chronological order, ready for consumption. I create the video like so:

mencoder mf://@list.txt -o `date +%G%m%d`.avi -ovc lavc -lavcopts vcodec=mjpeg

This will output a file with today’s date in a few seconds. Remember, the `’s are the key by the #1, not quotes.

Update: I’ve written up a short tutorial on the method I used to install Debian 5.0 on this device.

A few months ago I purchased the eBox-3300 from WDL Systems. The system was promptly shipped, and there were no “gotchas” from WDL. The little box fit my exact needs - it is small, and built very, very well. I flew back to Australia and, after some trial and error, installed Debian 5.0 on it. For quite some time I was just using the vmlinuz file provided by WDL, which was provided by ICOP (DMP). This worked well, but there were two issues:

1. I couldn’t load any modules (e.g. NFS).
2. I received an annoying email from OSSEC every few hours telling me it couldn’t find modules.dep.

At the end of last week I finally decided to do something about it, and considering this little box is “x86 compliant”, I figured it wouldn’t be too hard to create a new package. It has been several years since I last created a self-compiled Debian-packaged kernel, so I decided to document the process for the next time I do it. These steps are really just a summary - but if you have much Linux experience, they should be enough to guide you. If I’m unclear, just send me an email.

Because the eBox-3300 is embedded, I logically decided to create the package on another system. However, I wanted to maximize the chances of it working, so I installed Debian 5.0 in VirtualBox, updated it, and proceeded.

As a prep, you may need to install ncurses-dev and kernel-package in your build environment.

apt-get install ncurses-dev kernel-package

1. Download latest kernel from: http://www.kernel.org/pub/linux/kernel/v2.6/
2. Download the DMP provided patch/config file for 2.6.27.3, copy it to /usr/src. Alternatively, you can borrow my 2.6.29.3 config Make a backup.
3. Untar kernel, cd into the kernel directory. Issue:

make menuconfig

4. Configure kernel. If you used my config file, a lot of these should already be ticked.

• Load alternative config file, I selected mine as /usr/src/config-2.6.27.9-vortex86dx, or if you downloaded the one from me, use config-2.6.29.3-vortex86dx
• Enable generic x86 support
• Enable Kernel .config support
• Device drivers -> Network -> 10 or 100Mbit -> RDC R6040, set at built in
• Turn off generic IDE support
• Exit, make sure to save the kernel
• Verify .config exists. If it doesn’t, copy the config-2.6.x.x-vortex86dx file to .config

5. Create the kernel debs. In the kernel directory, issue these commands. This will build the kernel image, the headers, and the modules.

make-kpkg --initrd kernel_image kernel_source kernel_headers modules_image

6. Make coffee
7. Copy the debs to your running ebox by sftp (or usb, or whatever is available)
8. Install kernel in eBox-3300

dpkg -i linux-source-2.6.29.3-vortex86dx.deb
dpkg -i linux-headers-2.6.29.3-vortex86dx.deb
dpkg -i linux-image-2.6.29.3-vortex86dx.deb

9. Reboot. If you want my compiled kernel/sources/header .DEBs, just shoot me an email and I’ll make them available.

Summary: My only gripe about this little box was the lack of an easily customizable kernel, but no more. I’m still very happy with this $150 purchase.

I’ve hit this problem a few times, and figured I’d leave a note for myself how to fix it. Ubuntu 8.04 seems to hiccup sometimes (on a VPS) for generating the correct locales. In particular, I get this error, a lot:

perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LANG = "en_US.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").

Normally I just do ‘dpkg-reconfigure locales’, but with 8.04, this doesn’t seem to do squat. The solution is to edit the /var/lib/locales/supported.d/local file, and insert the correct locales (it will normally not exist, so create it):

# cat /var/lib/locales/supported.d/local
zh_TW.UTF-8 UTF-8
zh_TW BIG5
zh_TW.EUC-TW EUC-TW
en_US.UTF-8 UTF-8
en_US ISO-8859-1
en_US.ISO-8859-15 ISO-8859-15

You can then do a ‘dpkg-reconfigure locales’ and they will be generated correctly. For a list of supported locales, try this:

cat /usr/share/i18n/SUPPORTED | grep US

Back in 2000 I managed to acquire several retired systems to bring to Uni: this included 4-5 cheap P120 machines. At the time, I thought this was great; I had an OpenBSD box as my gateway, a FreeBSD box, a few Linux boxes, and likely something else that doesn’t even exist now. The school has a superfast connection, unlimited bandwidth, and I was curious. Although I didn’t really have time, I still managed to install and have all these servers running from my room.

I realized I was doing at home what I was being paid to do at work.

Fast forward to 2007, and my mindset has changed. In 2007 I didn’t want to have 6 servers running at once, I wanted to have one server running 12 servers at once! Thanks to Xen and VMware this was easily obtained. Initially using Xen, and then ESXi, I had the freedom to setup Domains, tear them down, and start over. Eventually, however, I realized I was doing at home what I was being paid to do at work. That doesn’t sound like fun. I also realized that, despite picking a motherboard and processor that could shift into low power usage, I was still using more watts than I needed to. I was also spending way too much time mucking around with things - I want to focus on just one or two projects at a time, and I really want to start programming more.

Last month I finally finished the ultimate ‘consolidation’: I moved everything to a tiny embedded Linux box. While back in the U.S. I contacted WDL Systems and requested for shipping costs on a tiny embedded box. I bought the eBox-3300, with an embedded board from ICOP, and it was promptly shipped out. After returning home to Sydney I migrated all my apps from the various virtual servers to my little box running Debian 5.0: OSSEC, Samba, Lighttpd, Asterisk and flow-tools. The little box is just perfect for what I need - a tiny home server. I still get around 8MB/sec transferring files, which indicates the network is still the bottleneck, and VOIP calls with Asterisk are still clear.

Overall, I’ve been happy with this little box. My ‘playing time’ with IT has gone down significantly, my energy usage has gone down, and I now have a server I can take with me wherever I go.

I like ESX. I like Linux. It is absurdly easy to configure Linux as an NFS server and mount it in ESXIi).

Installed NFS

I currently use Ubuntu Server for my home lab, but the process is basically the same for Red Hat and derivatives.

sudo apt-get install nfs-common
sudo apt-get install nfs-kernel-server

Next, configure NFS so it can server your local LAN. Normally you would list only specific servers, but, well, we’re being cheap and dirty today. Open /etc/exports in VI or your editor of choice.

/etc/exports

/media/disk/Images 192.168.0.0/24(rw,no_root_squash,async

Restart NFS.

sudo /etc/init.d/nfs-common

Go to Configuration -> Storage -> Add Storage.

Select NFS

Fill in the info, see screenshot.

Wait a minute. Voila! New datastore.

Images to come shortly.

I realized a few of my log files were growing unusually large, and even worse, logrotate was skipping them. I took a look in logrotate.d and straight away realized why: I had created silly names for the log file. logrotate look for .log files, but I had specified mine as .log – e.g. kelvinism_access_log. I was as familiar with logrotate when I set up the domains, so set forth to get them in the rotation.

Firstly, I had to rename the actual log files. So, to rename kelvinism_access_log to kelvinism_access.log, a one-liner:

for x in *_log; do mv $x `basename $x _log`.log; done;

Next, I needed to rename the log location inside each of the Apache config files. While a one-liner might be possible, I used the following tiny script:

#!/bin/sh
 
for x in *
do
sed 's/_log/\.log/' $x > /tmp/tmpfile.tmp
mv /tmp/tmpfile.tmp $x
done