Add timestamps to the Bash history

I have to admit that I use my bash history as my personal journal. Of course it will never replace a ‘proper’ documentation, but it is still pretty useful since I can easily find all commands that are relevant for a particular system. Especially regardings some maintenance that you only need to do once in a while it is hard for me to remember the correct syntax without consulting the manuals or some other external documentation.

Theres one drawback though: By default, the bash history helps you finding the command itself, but not when it was issued for the last time. A quick modification in the bash profile resolves this issue.

Read More “Add timestamps to the Bash history”
|

Ubuntu 22.04: Packages have been kept back

A while ago, I updated my remaining Ubuntu 20.04 VMs to 22.04.

The upgrade process itself finished without any issues, but things started to fall apart when regular packages rolled in after a couple of days: Suddenly, apt started to complain about packages that have been kept back during the upgrade process. Seeing some seemingly broken packages on a clean system without any third-party repositories is quite unusual.

The following packages have been kept back:
fwupd grub-efi-amd64 grub-efi-amd64-bin grub-efi-amd64-signed libfwupd2 libfwupdplugin5 php8.1-cli php8.1-common php8.1-gd php8.1-mbstring php8.1-mysql php8.1-opcache php8.1-readline php8.1-xml qemu-guest-agent snapd tzdata
0 upgraded, 0 newly installed, 0 to remove and 17 not upgraded.
Read More “Ubuntu 22.04: Packages have been kept back”
|

Gentoo: freetype, harfbuzz and circular dependencies

Somtimes, building the freetype library failes due to circular dependencies between the harfbuzz and the freetype libraries depending on the set USE flags. This can be solved by the following order of installation:

USE="-harfbuzz" emerge -1 media-libs/freetype
emerge -1 media-libs/harfbuzz
emerge -1 media-libs/freetype

Future updates should work without any further issues though.

rsync: Modify file ownership during transfers

A couple of weeks ago, I had to merge two seperate Linux systems into a single one. Obviously, I had to keep and migrate all the home directories as well. Therefore, I added all missing users on the ‘target system’ and simply restored the home directories from a backup (which was way easier due to my configuration). Since there were no recent changes, I could simply ignore the ‘gap’ of a couple of hours between the last backup run and the current time.

The problem: Since the primary purpose of the backup is to allow a full restore of the system, it is being created with the --numeric-ids parameter. This lead to a mismatch of the file permissions on the ‘target system’ since I didn’t match the user and group IDs beforehand.

Read More “rsync: Modify file ownership during transfers”
|

Using qemu-guest-agent as interface between VMs and Proxmox host systems

Since virtual machines created with KVM/QEMU are not simple containers but quite isolated from the hosts environment, QEMU offers a companion service called qemu-guest-agent for Linux guests. qemu-guest-agent acts as an interface between the VMs and the host system.

Some features like passing ACPI information for a clean guest shutdown are pretty well-known. However, did you know that you can even send commands to your VMs directly from your Proxmox host system?

Proxmox Virtual Environment uses KVM/QEMU as virtualization technology. Since calling the qemu-guest-agent interface is not very intuitive by itself, Proxmox provides the qm guest command which acts like a bridge between the host system and the VMs.

Read More “Using qemu-guest-agent as interface between VMs and Proxmox host systems”

Apache2: Restrict access based on file extensions

The following ruleset in Apache 2.4’s vHost or server configuration allows us to only grant access to some specific file extensions. All files not covered by the following rule are not accessible via the web server:

# Restrict access to allowed file extensions
<FilesMatch ".+\.(?!(php|css|js|png|jpg|jpeg)$)[^\.]+?$">
        Require all denied
</FilesMatch>

In this case, we only allow the extensions .php, .css, .js, .png, .jpg and .jpeg. This rule first prevents access to all file types. Then, it explicitly allows access to some files by excluding them from the general rule.

Since these rules will also work in an .htaccess file, full access to the server configuration is not required.

Proxmox: Throttled backups for better performance

On a Proxmox node managed by myself, I’m relying on Proxmox’s integrated backup function as part of my backup concept. Since the server is mostly used for storage purposes, it’s equipped with ‘traditional’ HDDs instead of SSDs.

The VMs are running on a RAID10 on ZFS, the backups are stored on a seperate RAID1 on the same machine. In the beginning this worked very well, but with an increasing load on the Proxmox node due to a growing number of VMs, I ran into more and more problems caused by high I/O load.

Read More “Proxmox: Throttled backups for better performance”

How to use Snap Packages in Gentoo

One of the main advantages of snap packages is the possibility to use them not only on one Linux distribution like ‘traditional’ packages, but on a wide variety of distributions without having to modify or rebuild them. Many distributions provide the necessary snapd daemon in their repositories.

It is entirely possible to use snap packages with Gentoo too. Even building new snap packages with snapcraft and multipass or LXD will be possible afterwards.

Read More “How to use Snap Packages in Gentoo”

Manjaro: Fixing the screen resolution in VMware

Note: This article is probably outdated. I received reports that simply restarting the vmtoolsd service doesn’t work anymore.

Due to a bug in current versions of Manjaro, it is not possible to change the screen resolution if Manjaro is running as a VMware guest. Neither changing the resolution manually nor using the “Fit Guest Now” option is working correctly. Since the screen resolution is pinned to 800×600 pixels, it’s almost impossible to properly use the VM. I was able to reproduce the issue with my VM running Manjaro with the KDE desktop.

Read More “Manjaro: Fixing the screen resolution in VMware”

Official kernel packages for Gentoo?

In comparison to other Linux distributions, Gentoo handles kernel installations and upgrades quite differently. While other distributions deploy new kernel release over their package management, Gentoo only packages the kernel sources. It’s up to the user to compile and install the kernel in a second step. Gentoo developer Michał Górny is about to change that with the introcution of an official Gentoo kernel.

Traditionally, configuring and installing the kernel is done either manually or simplified by using genkernel. While configuring the own kernel allows a high level of adjustment to the hardware in use or to specific workloads, genkernel creates a more “generic” kernel.

Read More “Official kernel packages for Gentoo?”