Thursday, June 21, 2012

"DEFROUTE" in RHEL, CentOS or Fedora - a usage case for eth0

Here is the situation: There is a user with a remote office that includes networking equipment like printers, backup server etc. He uses a company provided CentOS laptop as the gateway for his network via a cell card since there is no other cheaper option available to get him connected. He travels with the laptop often and I don't need access to the equipment at his office unless he's there. The user always connects either via WIFI or a cell card for VPN connection depending on what is available. The laptop is running openvpn and is connecting to our company's openvpn server. No problem... until I want to also connect the laptops ethernet cable and use NetworkManager and use a DHCP server for the eth0... That's when the VPN drops and the laptop now has an incorrect default route. What's odd is that order of interface startup does not matter... dhcp on eth0 wins no matter what... bummer.


What's happening? Well, normally with DHCP, the client is given a default route as part of the information exchange. That eth0 default route takes over. It's just that simple... unless you give the networking system guidance on what to do in the form of the "DEFROUTE" option. The option has been around for a long time. The current Red Hat Enterprise Linux 6 Deployment Guide has DEFROUTE option hidden in the 8.2.4. Dialup Interfaces section. Here is a chunk of the information from the guide:
DEFROUTE=answer
where answer is one of the following:
  • yes — Set this interface as the default route.
  • no — Do not set this interface as the default route.         

In the past, I did not use the DEFROUTE option. I found that I could just statically assign the eth0 and *not* let NetworkManager have access to it (NM_CONTROLLED=no). In fact with Centos (and the like), NM seems to get disabled as a generally rule.

Also, if this was a server or I wanted to statically assign the interface, it would not be an issue. Just one of those fringe usage cases.

Thursday, June 14, 2012

LTSP 5.2.x rsh server on client install, setup and HOWTO

Don't start with the, "rsh is bad..." message. I know, I know! It's an internal test network and was just easy to do for remote client checking. Besides, the "ltsp-localapps" only works for the logged in user and does not allow for arbitrary root user interaction with the client. If there is a built-in way to do this, let me know. At some point, I may try sshd client setup.

I am using CentOS 6.x as the server OS and customize the client build to be CentOS 6.x also. LTSP 5.2 is the software from k12linux at fedorahostedI don't think that affects the directions below in any way, however. And if this looks like part of a script, you would be correct.

Change the LTS_HOME variable to your own LTSP client build location on the server as required:
export LTS_HOME="/opt/ltsp/i386"

Check to make sure rsh is allowed in securetty for the client:
grep -q "^rsh" $LTS_HOME/etc/securetty && echo rsh >> $LTS_HOME/etc/securetty

Get rsh-server installed into you chroot'd environment:
Option 1 (re)creates the client build to have rsh-server instaled and includes future builds:
edit the "/etc/ltsp/kickstart/Fedora/common/release/el6.ks" and add "rsh-server" *before* the "%end" line. Then (re)run the ltsp-build-client and ltsp-server-tweaks as if a new install:
ltsp-build-client 2>&1 |tee /tmp/ltsp-build-client.out-`date +%Y%m%d%H%M`
cd $LTS_HOME
setarch i386 chroot .
chkconfig rsh on
ltsp-server-tweaks

Option 2 install and setup the rsh-server for this client build only:
cd $LTS_HOME
setarch i386 chroot .
mount -t proc proc /proc
#set proxy if needed
yum install rsh-server
chkconfig rsh on
umount /proc

Get the clients /root to be based on the $LTS_HOME/root from the server and not a tmpfs by commenting the "/root" line of k12linux.rwtab:
sed -i 's/^empty[[:space:]]\/root/#empty\t\/root/'$LTS_HOME/etc/rwtab.d/k12linux.rwtab
OR for you perl peeps
perl -p -i -e "s/^empty\t\/root/\#empty\t\/root/g" $LTS_HOME/etc/rwtab.d/k12linux.rwtab

Note: To safeguard your custom options from accidental rpm update overwrites, please consider creating your own blah.ks file to be referenced in /etc/ltsp/ltsp-build-client.conf.

Properly create a .rhosts file for the clients root user. This script chunk assumes the primary (eth0) interface is the interface that communicates with the clients. If your primary server interface is not the interface for client connection, you will need to add/modify the client's .rhosts file accordingly:
echo "server-`hostname --ip` root" >> $LTS_HOME/root/.rhosts echo "rsh" >> $LTS_HOME/etc/securetty chmod 600  $LTS_HOME/root/.rhosts

Now boot the client and test an rsh command from the server to the client. If you have issues, you will want to add a "shell" option for the client in the correct lts.conf then reboot the client. For i386 arch, the file is "/var/lib/tftpboot/ltsp/i386/lts.conf". This will give you a chance to see the /var/log/messages file if you have not setup remote logging for the client.

To make a custom PXE boot logo change, create/modify a theme run the following command from within the chroot:
ltsp-rewrap-latest-kernel

To apply a new theme
Create a new plymouth theme. You can do this by making simple variations on the stock theme by taking a copy of the default theme using the procedure below. You can replace "newtheme" in the commands below with whatever name you want to give the new theme. This procedure assumes the chroot is in the /opt/ltsp/i386 directory.
Start by copying the folder with this command:

cp -a /opt/ltsp/i386/usr/share/plymouth/themes/solar /opt/ltsp/i386/usr/share/plymouth/themes/newtheme

Now modify "newtheme" as appropriate.  First go into the new theme 
directory by typing:
cd /opt/ltsp/i386/usr/share/plymouth/themes/newtheme

Then rename the .plymouth file by running:

mv rings.plymouth newtheme.plymouth

Edit the .plymouth file and change:

Name=Rings

to:

Name=Newtheme

and change:

ImageDir=/usr/share/plymouth/themes/rings

to

ImageDir=/usr/share/plymouth/themes/newtheme

You may also want to change the background colors. BackgroundStartColor is the color at the top of the screen and BackgroundEndColor is the color at the bottom of the screen. Plymouth will make a gradient of these colors across the screen. For example to make the background change from white to black change the lines:
BackgroundStartColor=0x080808
BackgroundEndColor=0x080808

to:

BackgroundStartColor=0xffffff
BackgroundEndColor=0x000000

When finished making changes save the file.

Next replace the image file named header-image.png with the desired replacement. Do not change the name of this file!

The exact size does not seem to matter as the plymouth will center it in 
the screen above the animated "rings".
You can also get fancy and replace all the other progress images also.

Chroot to the client directory by running:

chroot /opt/ltsp/i386

Activate the new theme with this command:

plymouth-set-default-theme newtheme

Note: you may get an error from sed (ex: sed: warning: failed to set default file creation context to unconfined_u:object_r:usr_t:s0: No such file or directory). This does not seem to cause problems.
Build a new initramfs file with the new theme:

ltsp-rewrap-latest-kernel

Exit the chroot by typing:

exit

and update the tftp directory with the new initramfs by typing:

ltsp-update-kernels

If you use NBD you will also need to run:

ltsp-update-image

Now fire up a client and enjoy the new theme!

Thursday, May 24, 2012

Static DHCP is better than IP address assignment on a device

//BEGIN RANT//

Attention standalone network attached device vendors like large copier manufacturers:

Please train your onsite personnel in understanding that a DHCP assigned address is not always a "Dynamic" address. Please help them understand that there is such a beast as "Static Allocation DHCP" or "Address Reservation". And that Static DHCP gives the equipment *the same address* every time. And help them realize that the equipment will work just fine on the network and won't magically just break. And that I can change every part of the network properties without touching the dumb box or it's crappy web/console interface. Please also train them to not go behind a client's back who gives explicit instructions on keeping the DHCP option enabled (and then enabling a static address on the device).

//END RANT//

Tuesday, May 22, 2012

JShot - multiplatform screen capture and annotator

Recently, I needed to do a minor amount of screen annotation. I was very pleased to have found JShot for my Linux system. As quoted from the website,
"JShot is a free and multiplatform screen capture and uploader application which allows you to capture and annotate a part of your screen and share it via the Internet in one step."
And as luck would have it, one of the upload options is for Google's Picasaweb that helps provide images for Blogger.

JShot is a usefully featured screen capture program. It is fast in screen, area or region capture. JShot has an optional toolbar dock that lets you quickly take the screenshot you want. There are several easy to select and use annotation tools. The tools include circles, ovals, squares, rectangles, arrows or text. I like the transparency and highlight options for those tools. Arrows and text input pivot and rotate with little effort. Text input font is easy to modify.

JShot will also open arbitrary image files for annotation beyond just the screenshot image taken. Nice additional features include the mentioned Picasaweb single click upload as well as FTP or Dropbox to name just a couple. You can even free-hand draw on your screen prior to screen capture (yes that is close to my normal handwriting scribble).

JShot also includes an extendable plugin capability for those needing something more. Did I mention the Java Web Start option?

There are just a couple of minor issues from my usage attempts. First, large images can not be scaled to fit on the screen. Also, the shapes can not be rotated (not that you rotate a circle). They move on an vertical or horizontal axis only. The "File" -> "Open" dialog does not remember last settings (for stuff like this, the date sort is more often what I want). I would also like to see the auto-number name incrementing that other screen capture utilities have like ksnapshot.  Another only slightly annoyance is the "File" -> "Exit" produces a "All unsaved data will be lost" message even if you *just* saved. Fairly nit-picky issues overall. None outweigh the very useful capability.

I have not been much of a java app fan, but JShot is a very well done utility that will remain in my Linux geek toolbox. Hope you enjoy this utility as much as I have. And just to be clear, JShot screen capture and annotator works for Mac, Windows and Linux.

Monday, May 21, 2012

Google Voice + Talkatone + iPhone/Android = Google VOIP phone

I had an older iPhone 3gs sitting around after upgrading to an (much better) Android handset a while back. The contract was over for the iPhone and was ultimately claimed by my son. He has been watching Youtube videos and playing games on the thing ever since. For some strange reason, I decided to check for SMS and VOIP options for it's WIFI connection. The generic search of "iphone 3gs VOIP" lead to many options. Most were not free or just not what I was thinking. At some point I stumbled onto the free Talkatone app with the promise of "Unlimited FREE calls, texts and picture sharing to Facebook and GTalk friends, or any phone number in US/Canada." Wow, what a statement. I am happy to say that from my point of view, they are correct.

The Getting Started section spells out the general procedure. It was actually easy. I had already setup a Google account for my son and just added the Google Voice upgrade. No big deal. With prerequisites done, the Talkatone install was easy. The combination just worked. My only marginal issue is the voice lag starts to get on the slightly noticeable side. Not a deal breaker noticeable mind you. And yes, I was able to call the iPhone from other phones just like they say.

I did try to setup a SIP account at an early stage of just playing with a couple of apps. Not very easy and did not work for me. So, having this combo made my geeky day. Besides, almost any time you can integrate with Google, you are going to be better off. It has so much of my digital life anyway.

Just so it's clear, Talkatone will work on both the iPhone from the App Store and Android handset from Google play.

This is not actually a thorough review or install howto. I just have some general praise for a geeky and fun product combination that works. The Talkatone peeps have done a great job!

Enjoy

Thursday, March 22, 2012

CentOS 6.2 BCM4312 working wifi howto

Linux on laptops has come a LONG way over the years. I am happy to say that most Linux installs for laptops go with very little or no issues. Recently decided to install CentOS 6 (but I'm sure this applies to RHEL 6 or SL6) on an otherwise decent Dell D630 laptop. My only issue was wifi not working out of the box. The "issue" seems to be mostly about the BCM4312 802.11 card in the laptop. Here is the easy fix:

1. Get the "updated" el6 b43-firmware rpm from the Russian Fedora guys. (make sure it's the *el6* version)
 
wget "http://koji.russianfedora.ru/koji/buildinfo?buildID=1041"

2. Install it (current version depreciates the b43-openfwwf package nicely)
yum install b43-firmware-5.10.56.27.3-2.el6.noarch.rpm

3. Wait several seconds and the wifi light comes on and wifi works!

I originally tried with the documented b43-fwcutter -w "$FIRMWARE_INSTALL_DIR" broadcom-wl-5.100.138/linux/wl_apsta.o but failed to extract the firmware needed.

I also looked into the kmod-compat-wireless but current information suggest, "RHEL6 packages are broken at present". Enjoy.

Here is all of the info from the BCM4312 card in question:

lspci | grep BCM
0c:00.0 Network controller: Broadcom Corporation BCM4312 802.11b/g LP-PHY (rev 01)

lspci -n | grep 14e4
0c:00.0 0280: 14e4:4315 (rev 01)

Original /var/log/messages indicated:
b43-phy0 ERROR: Firmware file "b43/ucode15.fw" not found
b43-phy0 ERROR: Firmware file "b43-open/ucode15.fw" not found
b43-phy0 ERROR: You must go to http://wireless.kernel.org/en/users/...devicefirmware and download the correct firmware for this driver version. Please carefully read all instructions on this website.

Sunday, March 18, 2012

Google Music Manger issue with .ogg file?

Had a very head scratching issue with the (at least the) Linux version of Goggle Music Manger. GMM claims to have uploaded all of the songs and produced some errors on some individual song titles. I didn't think much of the errors since the upload showed successful. I then went to the Google Play page to take the next step of creating some play lists. To my surprise, I only had the original group of files I uploaded a while back and the recently purchased songs from Google (practically a) give-way of albums from last week. I went back to look at the errors noted by Google Music Manager and deleted from disk the files that were named in the errors. I was left with a single error from the "Run Troubleshooter" option; and the error listed that had no filename and a error with just "Failed to upload". Kinda odd to find no filename... Finally noticed that after hitting "Apply" and "Ok" I saw a "0%" on a Al DiMeola song and went searching for it. Immediately after moving the file from the original disk location on my system, Google Music Manger had a little green icon turn on and Google Play began to see the songs. That Al DiMeola song was an otherwise legit and playable .ogg file. I can only suspect that GMM does not like OGG files at this point, but doesn't want to ignore them. Hope my pain is your gain with Google Music Manager.