Computer
How To disable Time Machine’s MobileBackup
Starting with Lion I noticed that Time Machine is running even when my Time Capsule is not available. I also noticed that Finder shows a different amount of used disk space than df. My MacBook Pro’s SSD also got somewhat slow. Turned out it’s Time Machines MobileBackup function.
If you want to disable MobileBackup and free up the abused disk space, simply run the following command and reboot.
sudo tmutil disablelocal
How to fix SSH UTF-8 issues in Mac OS X Lion
After upgrading from Snow Leopard to Lion, ssh connections to remote servers using iTerm2 have issues with non ascii characters.
Luckily that’s easy to fix. Simply comment SendEnv LANG LC_* in /etc/ssh_config out.
Host * # SendEnv LANG LC_* # ForwardAgent no # ForwardX11 no ...
No other changes are needed. You could also permanently change your locale to UTF-8.
Just place export LANG=en_US.UTF-8 in your shell’s source file.
How to activate Serial Console on Debian Squeeze
Activating a Serial Console starting at the bootloader all the way up to a tty login requires just a few steps, but it took me some time to figure out all the knobs. Here’s how to do it with Debian Squeeze:
To have configruation changes persistent in Debian, you may not edit /boot/grub/grub.cfg directly, but need to edit/add the appropiate lines in /etc/defaults/grub:
GRUB_CMDLINE_LINUX_DEFAULT="console=tty0 console=ttyS0,9600n8" GRUB_TERMINAL=console GRUB_SERIAL_COMMAND="serial --speed=9600 --unit=0 --word=8 --parity=no --stop=1"
Now run update-grub and you’ll get the Bootloader and all Kernel and Init messages on your serial console the next time you boot.
To get a login promt on serial you need to modify /etc/inittab to:
1:2345:respawn:/sbin/getty 38400 tty1 2:23:respawn:/sbin/getty 38400 tty2 3:23:respawn:/sbin/getty 38400 tty3 4:23:respawn:/sbin/getty 38400 tty4 5:23:respawn:/sbin/getty 38400 tty5 6:23:respawn:/sbin/getty 38400 tty6 # Serial console s0:2345:respawn:/sbin/getty -L 9600 ttyS0 vt102
That’s it. run init q to reload init and activate serial login, or simply reboot.
A few WordPress security tips
A month or so ago my Website got attacked a couple of times using DDoS and application specific attacks. I don’t want to delate anyone, but this happened at exactly the same time my travel report about Prague suddenly got a lot of attention. Just sayin’…
Nothing happened, no one could break in using any exploits or brute force and the website didn’t even go down.
So as a guy with a few years of experience with Apache, Unix and at least a little bit of experience with WordPress, I thought I’d share the things I do to secure my blog. No, I am not a big fan of security trough obscurity. 
I run this website on my own server, not all of this might be possible if you’re on a shared hosting!
- non admin username
- get ssl (for wp-admin)
- require ssl for wp-admin in wp-config.php (add to end of file)
define('FORCE_SSL_ADMIN', true); - restrict access to wp-admin using htpasswd on ssl vhost
AuthType Basic AuthName "Unixhosts.org" AuthBasicProvider file AuthUserFile /etc/apache2/htpasswd Require valid-user
- enforce ssl for wp-admin and also htaccess authentication on default vhost
SSLOptions +StrictRequire SSLRequireSSL SSLRequire %{HTTP_HOST} eq "www.chrisk.de" ErrorDocument 403 https://www.chrisk.de/blog/wp-admin/ - ‘chown’ everything to root:root with only read access for the webserver
- and as always: use as few plugins as possible
There is one plugin you might want to use if you’re on a shared ssl: WordPress HTTPS. This helps you redirecting you to the correct folders on your shared ssl. Though it was still kind of buggy.
Intel 320 Series vs. OCZ Vertex 2 (vs. Apple)
Actually this post should be called NO OCZ NO or something like that…
I already wrote about the OCZ Vertex 2 E once or twice with somewhat mixed feelings.
Now after 6 months with the first one, and 3 months with the second one, I wouldn’t recommend buying any of these again. Well, at least not if you’re using Apple.
60Gb OCZ Vertex 2 E in my Mac Mini (6 Months old):
- huge loss in performance (maybe due to the lack of TRIM in OSX?)
- sometimes the mini won’t fall asleep or just wakes up again
120Gb OCZ Vertex 2 E in my MacBook Pro (10 weeks old):
- performance is still good
- suspend2disk doesn’t work. Known bug. OSX will crash. OCZ promised to fix it – but didn’t!
- sleep and direct wake-up results in the SSD not being recognized for ~10 minutes!!! No booting possible!
Most of the issues with OCZ’s SSDs seem to be sleep/hibernate related and from what I’ve heard do mostly affect Apple products, but their crappy support prevents me from buying any of their products again. They promised to release a firmware upgrade which fixes suspend2disk, but they did not. They closed the thread in their forums and don’t even respond to requests via eMail. But hey! At least they release the OCZ Vertex 3 – so you possibly get all these bugs fixed for just 180€!
All these issues and their non-responding support made me replace the Vertex with the new Intel 320 Series SSD. They might be slower according to their specs, but performance isn’t everything 
Which leads me to the next part of this post…
The Intel 320 120Gb SSD! I installed this one in my MacBook Pro last week and what shall I say? After one week everything is great. I’m not talking about pure performance. I didn’t NOTE any difference in real life performance, but just in case… here is a simple sequential performance check:
OCZ Vertex 2 E 120Gb:
homer:~ $ dd if=/dev/zero of=10000M.img bs=1024 count=10000000 10000000+0 records in 10000000+0 records out 10240000000 bytes transferred in 82.815477 secs (123648385 bytes/sec) homer:~ $ dd if=10000M.img of=/dev/null 20000000+0 records in 20000000+0 records out 10240000000 bytes transferred in 47.731347 secs (214534068 bytes/sec)
Intel 320 Series 120Gb:
homer:~ mrkofee$ dd if=/dev/zero of=10000M.img bs=1024 count=10000000 10000000+0 records in 10000000+0 records out 10240000000 bytes transferred in 108.879939 secs (94048546 bytes/sec) homer:~ mrkofee$ dd if=file.img of=/dev/null 20000000+0 records in 20000000+0 records out 10240000000 bytes transferred in 47.695655 secs (214694610 bytes/sec)
The Intel is a tad slower in pure sequential write performance, which is a bit disappointing considering it’s one generation newer than the Vertex 2… But, now to the important stuff
- Suspend2Disk: works
- Closing and directly opening the MBP: works
- Support: Well… it’s Intel. I don’t expect it to be any better than OCZ’s.
- The good feeling of reliability: works
I haven’t received any negative reports from friends about the Intel X25-M (the 320 Series predecessor) nor have I found much on the Interwebs… so I’m much happier with the Intel now…
How to Check services and restart using Monit
I have a monitoring service (Zabbix) which dies every few weeks, because it’s MySQL tables were locked for too long during a backup… Annoying! mostly because it’s then dead unnoticed for not just a few minutes. So, how do you monitor a monitoring service? Or simply… How do you restart any service that has just gone away in a simple way?
I recently came across monit. They state it’s up and running in just 15min. I got it faster
# Daemonize and check every 2mins.
set daemon 120
# Mail settings, in case you want to receive notifications
set mailserver relay.example.org
set mail-format { from: root@host1.example.org }
set alert admin@example.org
# The first check
check process zabbix_server with pidfile /var/run/zabbix/zabbix_server.pid
start program = "/etc/init.d/zabbix-server start"
stop program = "/etc/init.d/zabbix-server stop"
group server
You can also monitor network availability, application availability, file permissions and system utilization…
I think this tool is really great for a small network, though I don’t think it would scale that well. Just give it a try.
How to DSL and UMTS Failover on OpenBSD
OpenBSD. Is. Awesome. pf, carp, pfsync, ifstated, openbgp, openospfd… awesome.
Here is my ifstated.conf to fail-over between DSL and UMTS connections. Note that this only really works with OpenBSD >=4.9, because earlier versions seem to have issues where set-state is executed before init finished, which causes UMTS to start on every 24h disconnect of the DSL line.
init-state auto
# pppoe0 is my DSL connection
pppoe0_up = "pppoe0.link.up"
# figure out which state to start with
state auto {
if $pppoe0_up {
set-state dsl_up
}
if !$pppoe0_up {
set-state dsl_down
}
}
# DSL is up. Don't do anything until it fails.
state dsl_up {
init {
run "/sbin/ifconfig | mail -s 'DSL up' root"
}
if !$pppoe0_up {
set-state dsl_down
}
}
# DSL is down. Wait a few seconds (24h disconnect).
# Then go ahead and start UMTS, but only if DSL isn't back up!
state dsl_down {
init {
run "/bin/sleep 30; /sbin/ifconfig | mail -s 'DSL down' root"
}
if $pppoe0_up {
set-state dsl_up
}
if !$pppoe0_up {
set-state umts_start
}
}
# Start pppd and bring UMTS up, until pppoe0 is still down
state umts_start {
init {
run "/usr/sbin/pppd call o2"
run "sleep 30; /sbin/ifconfig | mail -s 'Starting UMTS' root"
}
if $pppoe0_up {
set-state umts_stop
}
}
# If pppoe0 is back up, kill pppd and switch back to dsl_up
state umts_stop {
init {
run "/usr/bin/pkill pppd"
run "/sbin/ifconfig | mail -s 'Stopping UMTS' root"
}
set-state dsl_up
}
How to OpenBSD with Huawei E1750 UMTS
Getting my OpenBSD (4.8) box to talk an Huawei E1750 USB UMTS Stick as a backup solution turned out to be not very straight forward, so in case you are in a similar situation…
Have a look at man umsm to see which devices are supported by OpenBSD.
The UMTS (USB)-Sticks are registered as /dev/cuaUX, where X is the number of your device… You’ll need userland pppd to connect. Place your peer configuration in /etc/ppp/peers/o2 for example:
cuaU0 connect /etc/ppp/connect.o2 disconnect /etc/ppp/disconnect.o2 nocrtscts xonxoff #:0.0.0.2 because 0.0.0.1 is the alias for my DSL default gateway :0.0.0.2 noipdefault ipcp-accept-local defaultroute novj nobsdcomp novjccomp nopcomp noaccomp noauth nomagic persist
You’ll also need Chat scripts to connect and disconnect the connection. Note that you’ll need to at least adjust /etc/ppp/connect.o2 to suit your provider:
#!/bin/sh chat -vs \ ABORT 'NO CARRIER' \ ABORT 'NO DIALTONE' \ ABORT ERROR \ ABORT 'NO ANSWER' \ ABORT BUSY '' \ at OK \ atz OK \ # uncomment the following if your SIM is PIN protected # and replace **** with your PIN #at+cpin=**** OK \ 'AT+CGDCONT=1,"IP","pinternet.interkom.de"' OK \ 'atdt*99***1#' CONNECT
And /etc/ppp/disconnect.o2 looks like:
#!/bin/sh chat -vs \ ABORT 'NO CARRIER' \ ABORT 'NO DIALTONE' \ ABORT ERROR \ ABORT 'NO ANSWER' \ ABORT BUSY '' \ '\K' '' '+++ATH'
Now make sure ppp0 is initialized on startup…
touch /etc/hostname.ppp0 sh /etc/netstart ppp0
… and to connect simply run pppd call o2 and pkill pppd to disconnect. Run ifconfig ppp0 to see if your connection is up and running:
ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
priority: 0
groups: ppp egress
inet 10.150.81.109 --> 0.0.0.2 netmask 0xfffffffc
Next post will be about auto fail-over between this and my regular DSL connection.
Shared Hosting vs. Virtual Server – Performance
Earlier this year I moved this blog from a shared hosting at Hetzner to a Virtual Server. Although the Vserver is rather low-end, the page load improvements are impressive! See this Pingdom chart:
Adobe Reader X on Mac OS X – Kidding me?
I just installed Adobe Reader X on my Core2Duo Mac Mini… Adobe? Really? Why is a simple PDF Reader that slow? I have a 1200 pages PDF which I can nicely scroll through using Preview.app, but with Reader X?! Nope. Simple lagging. No fun. Makes reading an eBook reaaaally crappy!
Sadly Preview.app currently doesn’t have support for PDF signatures, so I’ll need Reader X for that, but hopefully that changes with Mac OS X Lion!
Search this Site
Hi, my name is Chris. I am a wannabe photog, traveler & geek that lives in Hesse, Germany. more about me...
follow me on TwitterMy flickr Fotos
Sponsoring
