Thomas Mathiesen’s Blog

Almost Christmas and we’ve got some snow here in The Netherlands!!!!

Ever wanted to authenticate ssh using keys, but allowing only a specific command to be run? It’s actually very easy:

Forced command

If the options phrase at the beginning of a line (in authorized_keys) contains the keyword command=”string”, then any ssh connection that authenticates using that particular key will only run the command specified, even if the command line it was given specified another command.

Nice

Ever come across a Acer Power 1000 not wanting to run CentOS 5.3 installer? It just hangs?
Well, enter this at the prompt: linux noapic acpi=off

..and it works

I have seen a nasty issue with Xen; trying to connect to a vm guest console, and it spits out this error:

[root@server ~]# xm console myserver
xenconsole: Could not open tty `/dev/pts/4′: No such file or directory

The problem is fixed by running xenconsoled command

/Thomas

This is just a note to self.. as I sometimes need to access USB devices on a KVM virtual guest. This time it’s actually for a freaking Scandisk USB device with something called U3. I need to use the USB stick to install easypeasy on my asus eeepc.. and I need to use the USB stick as a normal stick …
See this page for instructions

KVM seems to be the hot thing for the future, so I had to dig into it.. giving up VMWare and Virtualbox (keeping Xen knowledge as I work with it daily).

KVM with virtual manager is a breeze on Ubuntu 9.04, but if you want bridging it’s a whole different story.

So, here’s a note-to-self;

1. Setup br0 on Ubuntu (https://help.ubuntu.com/community/KVM)
2. Add your user to group libvirt and tun (create if needed)
3. run virsh
4. dump xml file of virtual guest
5. change from ‘user’ to ‘bridge’:

6. import xml (define /path/to/xml/file)
7. start virtual machine

ta-ta

Brother is really linux friendly, but using gscan2pdf is a bit of a pain when you have a webcam and two scanners.

My canon has an option called “calibration-cache”, which Brother doesn’t understand. If you run Ubuntu and gscan2pdf, just do this to get rid of the problem:

1. Open gscan2pdf
2. Click “scan”
3. If the new window starts by showing the canon scanner, change that to Brother.
4. Try to scan.. you will probably see the error “unknown option…”.
5. Close gscan2pdf and start it again..

After restarting gscan2pdf, it’ll default to the Brother scanner if that was the last one that you had chosen.. and only the Brother options are loaded.

Happy Linux’ing

/Thomas

If you run out of diskspace on a xen virtual machine (guest), it’s quite easy to expand the image file. I stole this receipt from here, just to make sure that I have a copy in case his/her website goes offline:

1. Stop the virtual server that is using the loop filesystem
2. Add some extra space to your loop filesystem file
# dd if=/dev/zero bs=1024k count=1024 >> loop_image_file

This adds 1GB to the end of a file called loop_image_file (make sure to use the append output redirector >> not a single >, otherwise you’ll have an empty 1GB file!)

3. Force a check on the resized/increased filesystem
# e2fsck -f loop_image_file

4. Resize the filesystem within the loop filesystem file
# resize2fs loop_image_file

5. Start the virtual server again

I have been trying to add a “shutdown icon” to the gnome desktop on Ubuntu 8.10. The goal is for the user to just double-click that icon, and the machine shuts down.
My issue was that triggering the /sbin/poweroff binary would only ask for my password:

myuser@mydesktop:/tmp$ sudo /sbin/poweroff
password:

So, I added myself to the /etc/sudoers file:
myuser ALL = NOPASSWD: /sbin/poweroff

and it simply DID NOT work!

I came across a post telling me why…
The reason is that /etc/sudoers is being read from the bottom and up. So, I was in a group that was mentioned on the bottom, which required passwords for everything. Now I move the line (myuser ALL = NOPASSWD: /sbin/poweroff) to the bottom of the file, and my gnome launcher works fine!