Protocol digging

The netgear DGND3300 will log certain things to a remote listening syslogd, but they don't document facilities/priorities which makes it a lot less useful.

So from wireshark:

1. auth.info logins/login attempts
2. local0.warning external probes on the firewall (rule match)
3. syslog.info ntp requests to time-g.netgear.com (weird facility)
4. syslog.notice ddns requests and outcomes

Letters have no meaning

Xephyr occasionally gets more than a little confused about the current keyboard settings (caps lock get forced on... etc). One or more of the following sometimes restore normality:

• xkbset nullify lock
• setxkbmap gb
• restart the window manager as a last resort 

Into the Box

Mounting a box account as a file system on gentoo - as root:

1. unmask net-fs/davfs2-1.4.7 in portage
2. emerge -av davfs2
3. gpasswd -a ${your_user} davfs2
4. mkdir -p /dav/${your_user}
5. chown ${your_user}:${your_user} /dav/${your_user}
6. echo 'https://www.box.com/dav /dav/${your_user} davfs rw,user,noauto 0 0' >> /etc/fstab

Then as ${your_user}:

1. mkdir -p ~/.davfs2
2. echo "https://www.box.com/dav ${box_username} ${box_password}" >> ~/.davfs2/secrets
3. chmod 0600 ~/.davfs2/secrets
4. echo "use_locks 0" >> ~/.davfs2/davfs2.conf
5. mount /dev/${your_user}

The output from from df is wrong, but whatever... from the davfs2 README:

- If the server does not support RFC 4331 (most servers don't), davfs2 cannot
  calculate the free disk space on the server. ... So davfs can't help but lie. I tried to
  make the numbers look funny, so you will notice they are faked.

User env & non-interactive ssh

HP-UX has /etc/PATH which is read by /etc/profile except when you use ssh for remote command execution.

The trick to get a custom PATH is to add this to authorized_keys:

...
environment="BASH_ENV=.profile" ssh-dss AAAAB3NzaC1k{rest of relevant key}
...


Also check that this is set in sshd_config:

PermitUserEnvironment yes

check before/after with: ssh server env

Back-words & fore-words

xsel to move text selections back and forth from a tvtwm nested in a Xephyr and another display (e.g. the parent):

"C"   = m4 : all : f.exec "xsel -o | xsel --display :0.0 -i"
"V"   = m4 : all : f.exec "xsel --display :0.0 -o | xsel -i"

Super_L+C copies the current selection in a tvtwm managed display to :0.0
Super_L+V copies the current selection from :0.0 into the tvtwm managed display selection

mod4 (m4)  is Super_L, mapped to the MSWin key, when:

1. Windows Key is Super_L from xev 
2. Super_L is mapped inside Xephyr to mod4

And the mapping from inside the Xephyr display can be determined by:

$ xmodmap -p|grep Super_L
mod4        Super_L (0x85),  Super_R (0x86),  Super_L (0xce),  Hyper_L (0xcf)

$

The opposite direction from KDE4 to Xephyr:

System-Settings->Shortcuts and Gestures->Custom Shortcuts->Edit->New->Global Shortcut->Command/URL

The two new shortcuts can be put into a their own group and then exported/imported.

LXC through the looking glass

Checklist for an lxc gentoo (taken from a pre-existing image) container hosted on gentoo:

1. Start with Diego's static device tarball (to avoid TIOCSCTTY "open /dev/tty failed errors" "could not set controlling tty" from sshd)
2. To see boot up messages and avoid warnings from /etc/issue add: mknod -m 600 console c 5 1
3. Remove udev and all other not-relevant services (/etc/runlevels)
4. The container config should have: 'lxc.tty = 12' and 'lxc.pts = 128'
5. The container fstab should not have a /dev/pts devpts mount (cf newinstance mount option)
6. Stop the guest init from running gettys as required.

Then all that is needed is:

1. lxc-start -n konuk
2. lxc-console -n konuk
3. lxc-stop -n konuk

Debug

Useful for debugging are:

1. List running processes in the lxc: pstree $(lxc-info -n sakc1 --pid | awk '{ print $2 }')
2. The guest container log when the guest is started with: lxc-start -n konuk -l DEBUG -o /tmp/lxc.log
3. The guest /var/log/auth.log (configure sshd to report to it - /etc/ssh/sshd_config)

Cherrypick patch from the staging lxc on github:

--- lxc-ps_orig    2012-11-21 21:19:11.000000000 +0000

+++ lxc-ps      2013-01-20 22:24:32.000000000 +0000

@@ -56,7 +56,8 @@

                init_cgroup=${fields#*:}

 

                # Get the filesystem mountpoint of the hierarchy

-               mountpoint=$(grep -E "^cgroup [^ ]+ [^ ]+ ([^ ]+,)?$subsystems(,[^ ]+)? " /proc/self/mounts | cut -d ' ' -f 2)

+               mountpoint=$(awk -v subsysregex="(^|,)$subsystems(,|\$)" \

+                           '$3 == "cgroup" && $4 ~ subsysregex {print $2}' /proc/self/mounts)

                if [ -z "$mountpoint" ]; then continue; fi

 

                # Return the absolute path to the containers' parent cgroup

fstab

sysfs needs to be mounted so that the net scripts can see the various network interfaces are present - they check for entries in: /sys/class/net

Add to the container fstab (note: localmount may not run):

...

sysfs                   /lxc/konuk/sys                  sysfs   defaults 0 0

...

The symptom is:

 * Bringing up interface lo

 *   Caching network module dependencies

 *   ERROR: interface lo does not exist

 *   Ensure that you have loaded the correct kernel module for your hardware

 * ERROR: net.lo failed to start

Long delays ssh'ing into HP-UX

Easy to fix when you know:

# cd /var/adm

# cp /dev/null wtmps

# cp /dev/null btmps