Category: Linux

The Linux operating system.

Categories
FreeBSD Hardware Linux ZFS

Fixing ZREPL after restoring a filesystem

ZREPL is a great tool for creating snapshots of your ZFS filesystems and then copying them to a remote ZFS storage server. I have been using ZREPL for some time and I recently relied upon it to restore filesystems. However, the experience revealed some gotchas.

The first time I had to rollback a filesystem from a local snapshot I found ZREPL didn’t want to continue replicating that host afterwards. I got into a mess with ZREPL’s ZFS holds and bookmarks and I ended up deleting all the snapshots on both sides of the replication, losing historical data that I wanted to keep.

A few weeks later I had to use a remote ZREPL snapshot to restore a laptop that needed a new hard drive. The restoration was successful, but getting ZREPL to continue replicating this machine was not. I manually trawled through the ZFS holds and bookmarks, clearing them as needed. I lost a few historical snapshots that I wanted to keep in the process and thought that there must be a better way. Using ZREPL after recoveries was proving to be less than ideal. I have found that better way and it is so simple that you will remember it.

Yesterday, I had to do another recovery. This time on a experimental server that I really should never have built using old SATA hard drives. The zpool had three drives in the pool, two mirrored and an online spare. When one of the mirrored drives failed, ZFS successfully resilvered to the spare. Before I had an opportunity to replace the failed drive, the other mirrored drive failed. It ran OK for a while on parity, but when I shut the machine down to replace the original failed drive, the server would not boot.

As I had hourly ZREPL replicas stored remotely and three more old replacement drives available, I was confident that this problem would not be a disaster. I replaced all three drives, reinstalled the OS and used ZFS send/recv to restore the filesystems from my remote ZREPL replica. The experimental server was operational, but ZREPL was no longer creating remote replicas as it should.

The following describes a simple method that I now use to do a full zpool restore. It is equally relevant if you have to restore an individual filesystem that has been replicated remotely by ZREPL either by rolling back a local snapshot or sending from a remote replica.

How To Restore Using ZREPL

Example Scenario

jewel.example.com
This is the host that needs a filesystem restoration. Hostname abbreviated to ‘jewel’.

zroot
This is the ZFS pool on ‘jewel’ that has a Root on ZFS filesystem containing the important data that must be restored.

safe.example.com
This is the ZREPL storage server. Hostname abbreviated to ‘safe’.

zdata
This is the ZFS pool on ‘safe’ that contains the ZFS snapshots that were replicated remotely by ZREPL.

Tip 1:

Always have a bootable recovery image available. It can be a USB datastick, a live CD or PXE boot disk. It should have the same OS (and version) as the system to be recovered. It must contain all of the necessary ZFS components so that you can import your ZFS pool without mounting the file systems. This enables you to restore a ZFS on Root system. Remember to update this recovery boot image whenever you upgrade the OS or ZFS features.

Tip 2:

Use a script that is run from Cron or Periodic to regularly create a text file report about your ZFS filesystems and their mountpoints. If you have access to a private git repository, have the script ‘add, commit and push’ the report to the repository. If you don’t have a private git repo, have the machine email you the reports instead. You will be thankful that you have the mountpoint information when you most need it!

After a fresh operating system install and the recreation of the zpool(s) required (You had that info kept safe in your private git repo), boot the host using the recovery disk image.

Establish that you can ssh as root between the remote ZREPL storage and the host to be recovered using passwordless certificate login. Get this proven to run in both directions first before doing anything else. If you are preparing your recovery image, consider using a hardware token authenticator like a Yubikey to store the private keys which is safer than leaving private keys for root on a bootable USB stick!

Login as root on jewel.example.com to import the empty ZFS pool that you have recently created as part of the OS install. The -f option is required to import a pool that has been previously mounted by another system.

root@jewel$

zpool import -f zroot

Login as root on safe.example.com to identify the snapshot(s) that you wish to restore

root@safe$

zfs list -t snapshot -H -o name \
| grep jewel.example.com \
| grep 20260212_11

-t snapshot : Lists only snapshots
-H : Strips the headers from the output
-o name : Includes only the snapshot names in the output
grep jewel.example.com : Reduces the output to reference only the machine of interest
grep 20260212_11 : Reduces the output to snapshots taken on 12 February 2026 in the hour of 11am

Select the latest snapshot that you know will contain everything that you want to restore. This will be one that completed successfully before the disaster.  Use ZFS Send/Recv over SSH to restore the filesystem.

root@safe$

zfs send -r zdata/zrepl/jewel.example.com/zroot@zrepl_20260212_1132_000 \

| pv \

| ssh root@jewel.example.com "zfs recv -Fu zroot"

Piping through ‘pv’ is optional. It shows progress of the data transfer, otherwise you just have to wait for the prompt to return on your terminal to know that it has finished.

If you cannot or do not want to perform a recursive restore as shown above, omit the -r option and send filesystems individually.

When the filesystem restoration has completed, shutdown the restored host and remove the USB live image recovery datastick.

root@jewel$

poweroff

Boot the restored host and check that all is OK and as expected.

Temporarily stop the ZREPL service at the end that drives the replica transfer. If ‘jewel’ is configured to push replicas to ‘safe’, stop ZREPL on jewel. Otherwise, stop ZREPL on safe.

The simple action that prevents ZREPL problems

Login as root on safe.example.com, now rename the dataset holding the replicas for jewel
root@safe$

zfs rename zdata/zrepl/jewel.example.com/zroot \
zdata/zrepl/jewel-20260212/zroot

All of that dataset’s snapshots will automatically be renamed to correspond with the new name of their parent.

Restart ZREPL and manually wake up a replication. The process will automatically create a new dataset called zdata/zrepl/jewel.example.com/zroot . This will allow ZREPL to continue to operate as normal, effectively starting afresh.

All of your historical snapshots for jewel will now be in zdata/zrepl/jewel-20260212/zroot and its descendants. These will not be pruned automatically. You can still use them for restores, but they are now outside of ZREPL.

If you want to recover disk space, delete the snapshots that you no longer need from zdata/zrepl/jewel-20260212/zroot.

Re-enable and restart ZREPL and you should find that replication is back to normal.

Categories
Linux Void Linux

Void Linux: UK Keyboard

To configure a Void Linux host located in the United Kingdom to make correct use of a British(English) UK keyboard, do the following:

Edit /etc/rc.conf, set the following values:

KEYMAP="uk"
TIMEZONE="Europe/London"

Then save your changes.

Check which locales are installed:

locale -a

For the UK, you will need en_GB.utf8 and en_GB.iso88591
These are likely to be commented out in the default install. Uncomment these in the locales configuration…

sudo nano /etc/default/libc-locales

When you have saved your changes, force regeneration of the required locales…

sudo xbps-reconfigure -f glibc-locales

You will get confirmation on screen. Logout, then login and test your £ sign on the keyboard.

Categories
FreeBSD Linux Windows

SSH: Copy keys without ssh-copy-id

I should really remember this as I have to use it often. Posting it here in the hope that it will stick eventually. I guess using it all the while instead of ssh-copy-id would do the trick.

cat ~/.ssh/id_ed25519.pub | ssh -o PubkeyAuthentication=no vincent@vlara.co.uk "mkdir -p ~/.ssh && cat >>~/.ssh/authorized_keys"
Categories
FreeBSD Linux

Encrypt 7-Zip Archive List

Z-Zip logo

I noticed a change in the default behaviour of 7-Zip 25.01 when using password protection, but I could be wrong. The default behaviour now is to leave the content list unencrypted and only encrypt the files in the archive.

Add the following option to your 7-Zip command line sequence to encrypt the archive list when using the -p option.

-mhe=on
Categories
FreeBSD Linux Windows

SSH: too many authentication failures

I am not entirely certain what the cause of this error is but it is particularly annoying when it happens on a headless system.

I think that the problem is caused by too many keys to choose from during key negotiation, or no key at all. I found this workaround.

ssh -o PubkeyAuthentication=no vince@host

Once a successful login with a password is possible, logout and copy the authentication key to the host…

ssh-copy-id -o PubkeyAuthentication=no vince@host

Then login with ssh again…

ssh vince@host

And ssh should authenticate without using a password.

If not, check the permissions on the destination’s .ssh directory and authorized_keys file

vince@host:~ %

chmod 700 .ssh

chmod 600 .ssh/authorized_keys

chown -R vince:vince .ssh

 

Categories
Alpine Linux FreeBSD Ubuntu

ZFS Trim

I noticed today that the FreeBSD ZFS pool that I created on my laptop SSD was not configured for TRIM. TRIM enables the SSD to recover space from previously written to blocks that have since had files deleted. This can help maintain performance of the SSD as it fills with data.

My pool is called zroot, so the command to check the value of the TRIM setting is:

zpool get autotrim zroot

The command to switch on automatic TRIM is:

zpool set autotrim=on zroot

 

Categories
Hardware Linux Ubuntu

Unable to enumerate USB device on port…

I have an old PC with what appears to be a broken implementation of USB. I cannot obtain a BIOS update and there is no BIOS setting to switch off USB either. Very old Linux distributions would run on this PC, but only on those with USB support as loadable modules. For later kernels with direct USB support I would get continuous error messages to the console.

After spending some time Googling, I found this useful post

For Ubuntu 10.04 LTS I used the advice to create rules to deactivate USB entirely on this host. The first file that I created was /etc/udev/rules.d/20-disable-ehci.rules which contained the following code:-

ACTION=="add", SUBSYSTEM=="pci", DRIVER=="ehci_hcd", \
        RUN+="/bin/sh -c 'echo -n %k > %S%p/driver/unbind'"

When I rebooted the PC, it disabled one of the troublesome USB hubs but I was still getting error messages for another but much more frequently now. I experimented by creating a similar file to deactivate ohci but this didn’t do anything. I tried again with uhci and that worked, USB completely disabled.
/etc/udev/rules.d/30-disable-uhci.rules

ACTION=="add", SUBSYSTEM=="pci", DRIVER=="uhci_hcd", \
        RUN+="/bin/sh -c 'echo -n %k > %S%p/driver/unbind'"

So if you have two or more USB hubs throwing enumeration errors, try disabling both EHCI and UHCI, it worked for me.

Obviously, if you have any USB devices that you need to use with this host, forget it. You will need a new motherboard.

Categories
Hardware Linux Ubuntu

What to do with an OldWorld Mac?

PowerMac 8500 (CK6391DE8FA)During our recent house move I found my old and dusty PowerMac 8500/180 while we were packing up the contents of my garage. It had been placed on the bottom shelf of my car spares shelving for a time when I could either make a VGA adapter cable or acquire another old Mac monitor to replace the one that died. That was back in 2004, and as time passed by storage crates piled up in front of it and it was soon forgotten.

A long time ago I was a NetWare specialist and I had a variety of non intel computers in my private lab that I used for working on interoperability projects. Many of my customers had a small number of Macintosh computers in their organisations and I acquired my 8500 second hand when one of them switched to Windows a year after purchase.

I can’t say that I was a Mac specialist in any sense. My interest was purely interoperability with NetWare, Unix and other corporate host based systems. I tinkered a lot with Applescript and had a lot of fun with my 8500. However, I didn’t like the fact that Apple built the machine to be supported only by their own engineers. There weren’t any manuals for DIY upgrades as you were supposed to take the 8500 to an Apple technician for things like RAM upgrades. I soon learned that Apple products were all about lock-in. I found this aspect of Mac ownership distasteful to the point that I probably wouldn’t buy another Mac again even though I liked my 8500.

So time moves on. It’s 2011 and the 8500 is sitting in my new garage. I don’t want to leave it there to deteriorate for another seven years so I dust it off and bring it into the house to see if it still works. I still don’t have a Mac to VGA adapter but the 8500 has TV output. I connect it to my 42″ LCD TV using an RCA composite TV cable (Yellow-Red-White). After plugging the onboard Ethernet into a live switch on my LAN, and completing the remaining connections for power, keyboard and mouse, the Mac powers up and the familiar chime is heard all over the house through the TV speakers.

I was really pleased that it still worked after all this time. I found some old QuickTime video clips of the kids when they were younger in a folder on the hard drive. I guess when the monitor died I didn’t have any way of accessing my files to save them back then. I set about copying off the files I wanted to keep by uploading to my file storage using Internet Explorer 5 that was still on the Mac and then I began depersonalising the machine ready for disposal. While I was dragging files to the Wastebasket, I started to think that maybe I could use this machine with Ubuntu or Debian as part of my CCTV system. After all, it had on-board analogue video capture that was too fast for any hard-drives produced at the time. Perhaps someone had developed the necessary drivers for V4L2. I didn’t stop too check first, I downloaded a copy of Debian 6.0.2.1 as I thought this would work with an OldWorld Mac and set about installing it.

Oh dear. It appears that a Mac monitor is necessary to install Linux as the TV display doesn’t work when Bootx is used to start the Debian installation. The next problem I have is that I don’t have any Mac OS installation media any more to resize the Apple partitions. A house flood in 2009 saw a lot of my stuff go in the rubbish skip never to be replaced. All my obsolete computer manuals, books and software were either destroyed or water damaged and I’m fairly certain that my Mac OS 8 install disks went in the same skip. I pack up for the day and think about how I can resolve this problem overnight.

The following morning I have an idea. Another old PC that was similarly shelved had a Matrox Mystique card inside. This had a Mac display port so I thought It may have originally been Mac compatible. I relieve the PC of the Matrox card and install it in the Mac with a USB 2.0 + FireWire PCI card. A 60GB portable hard drive is connected to the USB port and a flat panel LCD display to the Mystique’s VGA port before rebooting the Mac.

Mac OS 8.1 starts up and is displayed on the TV. I pop in the Debian CD-ROM and copy the installation kernel and ramdrive to the Linux Kernel folder in the Mac System Folder and configure Bootx to use them. Starting Debian from Bootx the TV display loses its signal and shows the default blue screen. The LCD monitor is now showing a familiar penguin and I can see that Linux is booting and in the hardware detection phase.

I manage to successfully create a Linux partition and swap partition on the USB hard drive but the installation always stalls at some point when unpacking an archive on the CD-ROM. Looking at the logs, the installation is almost there, but the live kernel has not been created in /boot and it’s not good enough to even try building it by hand. Disappointed, I abandon this project yet again to think about it overnight.

Next morning I have an idea. I downloaded the last Ubuntu distribution that officially supported the PowerPC architecture. The Alternate install image for Ubuntu 6.06 LTS PPC seemed most appropriate considering that my Mac has only 96MB of RAM. I replaced the Bootx kernel and ramdrive from this CD and recommenced installation.

Screenshot of Ubuntu 6.06 on my PowerMacSuccess! The installation is plodding along well. I let it run on its own all day, coming back now and again to check progress and answer any waiting prompts. When it finished I rebooted and logged in to Ubuntu at 640×480 resolution. I started up the System Monitor and had a played a game of Solitaire before tweaking a few settings one by one.

Disaster strikes! Somewhere during the installation I failed to notice that the Mac didn’t have a network connection when running Linux. My Ethernet switch indicates that the on-board MACE (Mac Ethernet) is present at 10Mbps but it won’t DHCP or accept a static IP address. I try installing an Intel E100B PCI adapter and it’s the same. Booting back into Mac OS 8.1 there’s no network now. I just can’t get it to connect. I tried zapping the PRAM and NV but I couldn’t check the OpenFirmware on the serial port as I don’t have a Mac serial lead anymore.

Without a network connection, this 8500 is useless to me. So, the final enjoyment I got from my Mac was using Ubuntu 6.06 on it. I’m not sure if it was any quicker than Mac OS 8.1 as I only have 96MB of RAM installed but it was an interesting exercise on how to get Ubuntu running on a Mac without the Mac OS install discs.

Sadly, I don’t have a use for a Mac that cannot connect to my LAN. I can’t explain why the MACE shows a connection on my switch but refuses to load TCP/IP. Maybe the logic board got a static zap when I was plugging in PCI boards. Maybe I have pressed some key sequence that has deactivated the board in OpenFirmware without my knowledge. If I don’t find a way of getting the onboard Ethernet running again under Mac OS this Mac will be going to the recycling centre very soon.

Categories
Security Ubuntu

Installing Zoneminder on Ubuntu 11.04

I have been experimenting with Zoneminder recently, using the pre-built package for Ubuntu 11.04. I couldn’t get the package to work properly but found some very useful instructions in the Zoneminder Wiki that made it work.

When I finish the installation I will put this into an install script.

 

 

Categories
MythTV

MythTV Preshutdown check for UPnP AV clients

I have reconfigured my MythTV backend server to shutdown automatically when there are no recordings within the next couple of hours. It does this using ACPI and wakes up automatically using the NVRAM Alarm function built in to the computer’s motherboard. However, one annoying aspect that I found quite quickly afterwards was that my backend would shutdown while I was watching recordings on my PlayStation3 or WD TV Live.

I found that the MythTV event mechanism for detecting clients and playback only seems to work for MythTV frontends and not for UPnP AV clients like the PS3.

After thinking about the problem for a while, I realised that all I needed was a script that could detect my UPnP AV clients and tell MythTV not to shutdown just yet.

Fortunately, MythTV has the ability to specify such a script to be called. It only needs to return ‘1’ to the calling process to inhibit the reboot, or ‘0’ to let it go ahead.

UPnP AV clients connect to the backend using port 6544. The netstat program reports UPnP clients as ‘ESTABLISHED’ if they are in use. It also reports other states when a recording has ended but I don’t care if my backend powers down on an idle playback device so my preshutdown check script is really simple. It probably needs some modification if you use a MythTV Frontend. I only use MythWeb with UPnP clients so I can’t test a frontend with it.


#!/bin/bash
# Pre shutdown check command should return one of the following values
# 0 : Allows the backend to reboot
# 1 : Sends the backend around the idle timeout again
# 2 : Resets the Client Connected flag (not set in any case for UPNP clients)
# This script detects UPnP AV clients so the return value of 2 is never used.

netstat -tun | grep :6544 | grep -i established
if [ $? = "0" ] ; then
# Grep found a match
exit 1
else
# Grep found nothing
exit 0
fi

# End of file

The output of the grep’d netstat is recorded in /var/log/mythtv/backend.log so you can see a history of it working.

Privacy Preference Center

Consent Management

Necessary

Advertising

Analytics

Other