Odi's astoundingly incomplete notes
New entriesCode
back | nextpreventing CUPS password prompt
Add Unix groups to CUPS:
Add your user to that group:
/etc/cups/cups-files:
SystemGroup lpadmin rootSet permissions to access the local secret:
chgrp -R lpadmin /run/cups/certsThis directory contains a secret that is read by CUPS utilities like
cupsenable. They pass that secret in HTTP Authorization headers to the local HTTP socket when sending command.Add your user to that group:
usermod -a -G lpadmin myuser
Add comment
Be bloody careful with CNAME records
Be careful when doing something stupid!
CNAME records are useful. Especially together with external hosting services.
You run your domain and control DNS yourself but you host a website on an external service. They manage the IP of that site and give you a name that may look like
Never create a CNAME record for the zone name!
Also when caches start picking up the SOA information of the wrong zone, they apply the TTL values of that zone. So getting control of your zone back may not be easy and is not under your control anymore.
Also any secondary DNS server will pickup the zone redirect and may completely stop updating the zone from your authorative server. You need to manually fix that on the secondary DNS!
CNAME records are useful. Especially together with external hosting services.
You run your domain and control DNS yourself but you host a website on an external service. They manage the IP of that site and give you a name that may look like
examplesite383.hostingprovider.biz and already points to the correct IP. You want to map it into your DNS zone with a nice name like www.fancyproduct.com so creating a CNAME that points tha name www to your hosting provider's name is a practical way to go. You also want to do the same without the www prefix, but mind you! Creating a CNAME for fancyproduct.com would redirect the complete zone to a different one!Never create a CNAME record for the zone name!
Also when caches start picking up the SOA information of the wrong zone, they apply the TTL values of that zone. So getting control of your zone back may not be easy and is not under your control anymore.
Also any secondary DNS server will pickup the zone redirect and may completely stop updating the zone from your authorative server. You need to manually fix that on the secondary DNS!
When Oracle does not register with the listener
If your Oracle database does not register with the listener, you get ORA-12505. Normally the DB registeres automatically after a while. But you can force it to do that.
As SYS:
Check the listener status:
Check which listener the DB wants to register with:
As SYS:
ALTER SYSTEM REGISTER;However, if it did not register automatically, chances are that this does not help either.
Check the listener status:
lsnrctl statusCheck the listener's log file (filename is in the status output).
Check which listener the DB wants to register with:
select name, value from v$parameter where name in ('local_listener', 'remote_listener');
This gives you a TNS name. Check that this TNS name is defined in $ORACLE_HOME/network/admin/tnsnames.ora Such an entry looks like:
LISTENER_SID = (ADDRESS = (PROTOCOL = TCP)(HOST = oracle.example.com)(PORT = 1521))
ORDImage leaks files in /tmp
In Oracle 12.2.0.1 the following call leaks an imageio file in /tmp. Not nice.
ORDImage.processCopy(pImageBlob, 'maxscale='100 100', destBlob);GUI code is prone to memory leaks
Synology load
Are they sure they want to run all sorts of crap as root without any limits?
top - 15:12:11 up 12 min, 1 user, load average: 98.10, 40.27, 17.04 Tasks: 271 total, 112 running, 159 sleeping, 0 stopped, 0 zombie %Cpu(s): 17.0 us, 81.7 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.7 hi, 0.6 si, 0.0 st GiB Mem : 0.113 total, 0.008 free, 0.066 used, 0.039 buff/cache GiB Swap: 2.000 total, 1.801 free, 0.199 used. 0.006 avail Mem PID USER PR NI VIRT RES %CPU %MEM TIME+ S COMMAND 8000 root 20 0 61.2m 4.8m 1.1 4.2 0:00.79 R synoscgi_SYNO.Core.Package.Thumb.Server_1_get 8014 root 20 0 61.2m 4.8m 1.1 4.2 0:00.79 R synoscgi_SYNO.Core.Package.Thumb.Server_1_get 8020 root 20 0 61.2m 4.8m 1.1 4.2 0:00.80 R synoscgi_SYNO.Core.Package.Thumb.Server_1_get 8022 root 20 0 61.2m 4.8m 1.1 4.2 0:00.78 R synoscgi_SYNO.Core.Package.Thumb.Server_1_get 8024 root 20 0 61.2m 4.8m 1.1 4.2 0:00.78 R synoscgi_SYNO.Core.Package.Server_1_get_timestamp 8025 root 20 0 61.2m 4.8m 1.1 4.2 0:00.85 R synoscgi_SYNO.Core.Package.Thumb.Server_1_get 7994 root 20 0 61.2m 4.8m 1.1 4.2 0:00.74 R synoscgi_SYNO.Core.Package.Thumb.Server_1_get 7995 root 20 0 61.2m 4.8m 1.1 4.2 0:00.85 R synoscgi_SYNO.Core.Package.Thumb.Server_1_get
.. well, as far as they do (sometimes?) not really know what they are doing, it seems so.
This is why synology nas no longer are my favourites and I am not willing to recommend them.
This is why synology nas no longer are my favourites and I am not willing to recommend them.
Gentoo intel-microcode reorg
Gentoo has given more love to its
The new USE flag
sys-firmware/intel-microcode package. It's now easier than ever to update microcode automatically early on boot. This is a valuable alternative to shipping microcode within the BIOS. I mean honestly, who regularly checks for BIOS updates? Much easier by doing that through an ebuild.The new USE flag
initramfs now builds a cpio archive at /boot/intel-uc.img ready to be used by grub. In /boot/grub/grub.cfg:
menuentry 'Gentoo Linux 4.14' {
root=hd0,1
linux /boot/linux-4.14.12 root=LABEL=ROOT ro rootfstype=ext4 net.ifnames=0
initrd /boot/intel-uc.img /boot/initrd.img
}
Note how the microcode intitramfs is simply prepended to the boot initramfs (initrd). A kernel that has microcode laoding support enabled will find it there, upload the microcode into the cpu and then discard the initramfs blob, and continue booting with the initrd.img. The first line in your dmesg output will show:
microcode: microcode updated early to revision 0x80, date = 2018-01-04
Gentoo enables PIE
Gentoo has new profiles that require you to "recompile everything". That is technically not really necessary. Only static libraries really need recompiling.
Here is why:
A static library is just an archive of .o files (similar to tar), nothing more, and linking against a static library is roughly the same as just adding more .o files to the linker line. You can also link a static library into a shared library - the code in the static library is then just copied into the shared library (but the code then must be compiled with -fPIC, as with all other code that is used in shared libraries).
You can find static libs like so:
Here is why:
A static library is just an archive of .o files (similar to tar), nothing more, and linking against a static library is roughly the same as just adding more .o files to the linker line. You can also link a static library into a shared library - the code in the static library is then just copied into the shared library (but the code then must be compiled with -fPIC, as with all other code that is used in shared libraries).
You can find static libs like so:
equery b $(find /usr/lib/ /lib/ -name *.a) | awk '{ print $1; }' | sort | uniq
Typically this yields packages like elfutils, libbsd, nss, iproute2, keyutils, texinfo, flex, db, numactl.Gentoo python-3.5 update woes
Your latest emerge -uavD @world may result in the following error:
Solve this by manually installing python-3.5 (only) first and recompiling the resulting USE flag changes:
# required by sys-apps/portage-2.3.13-r1::gentoo[python_targets_python3_4,-build,python_targets_python2_7,-python_targets_python3_5] # required by virtual/package-manager-0::gentoo # required by @system # required by @world (argument) >=dev-python/pyblake2-0.9.3-r1 python_targets_python3_4That's because python-3.5 as well as python-3.6 and a new version of portage went stable, that in turn causes python USE flag changes and portage can't figure out correctly what to do.
Solve this by manually installing python-3.5 (only) first and recompiling the resulting USE flag changes:
emerge -1av python:3.5 eselect python update emerge -1avD --changed-use @worldThat should let you update world again and depclean will remove python-3.4 for you.
emerge -uavD @world emerge --depclean
pulseaudio: xmalloc.c: Assertion 'size < (1024*1024*96)' failed
I noticed that Firefox was not playing any sound any more. Apparently pulseaudio stopped working. Manually running pa showed the following error:
xmalloc.c: Assertion 'size < (1024*1024*96)' failed at /var/tmp/portage/media-sound/pulseaudio-10.0/work/pulseaudio-10.0/src/pulse/xmalloc.c:72, function pa_xmalloc0(). Aborting.
This means it is trying to allocate a ridiculous amount of memory.
Looking at the backtrace in gdb reveals:
strace tells us quickly:
back
|
next
xmalloc.c: Assertion 'size < (1024*1024*96)' failed at /var/tmp/portage/media-sound/pulseaudio-10.0/work/pulseaudio-10.0/src/pulse/xmalloc.c:72, function pa_xmalloc0(). Aborting.
This means it is trying to allocate a ridiculous amount of memory.
Looking at the backtrace in gdb reveals:
(gdb) bt #0 0x00007ffff6a5ef50 in raise () from /lib64/libc.so.6 #1 0x00007ffff6a60bfa in abort () from /lib64/libc.so.6 #2 0x00007ffff7914b32 in pa_xmalloc0 () from /usr/lib64/libpulse.so.0 #3 0x00007ffff7ba1db1 in pa_database_open () from /usr/lib64/pulseaudio/libpulsecore-10.0.so #4 0x00007fffeed60468 in module_card_restore_LTX_pa__init () from /usr/lib64/pulse-10.0/modules/module-card-restore.so #5 0x00007ffff7b5ac98 in pa_module_load () from /usr/lib64/pulseaudio/libpulsecore-10.0.so #6 0x00007ffff7b49751 in ?? () from /usr/lib64/pulseaudio/libpulsecore-10.0.so #7 0x00007ffff7b4fd2c in pa_cli_command_execute_line_stateful () from /usr/lib64/pulseaudio/libpulsecore-10.0.so #8 0x00007ffff7b50551 in pa_cli_command_execute_file_stream () from /usr/lib64/pulseaudio/libpulsecore-10.0.so #9 0x0000000000406e55 in main ()So it is trying to read some database. What database?
strace tells us quickly:
open("/home/xoxo/.pulse/91b2f1e2678a89a9c38b83075061a39a-card-database.x86_64-pc-linux-gnu.simple", O_RDONLY|O_CLOEXEC) = 9
So likely this thingy is corrupt. Solved this with:rm -rf .pulse