Archive by Author | Giulio Turetta

Goodbye cciss, welcome hpsa!

During the upgrade from Debian Squeeze to Debian Wheezy you will be warned about the move (on linux-base package) from the cciss driver to the new hpsa: “Some HP Smart Array controllers are now handled by the new ‘hpsa’ driver, rather than the ‘cciss’ driver”.
Welcome hpsa! cciss really sucks!!!

Recently there have been problems with a mysql server which reported the following error messages:

INFO: task mysqld:8009 blocked for more than 120 seconds.
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.

Sometimes the server became very unstable due to this kind of blocks (problem partially solved by moving to the deadline io scheduler).
The problem with mysql blocks was solved by a Debian upgrade (moving to hpsa).

If you use cciss on your servers upgrade to hpsa as soon as possible!
hpsa offers better performance and (good news) it’s stable! ;)

Debian on MacBook Pro Retina 15″

This is a fast&furious how-to about installing Debian on a MacBook Pro Retina 15″ bought on January, 2014¹.
Please note that this how-to may become outdated: last update happened on 16 April, 2014.
Please note that this how-to involves dangerous operations: if you choose to follow this how-to your car may burn, your cat may rape your sister and you may buy a windows phone… no warranty!

I choose to install Debian Jessie 8.0 because:

  • it offers better support to the MBP Retina recent hardware
  • it isn’t actually the stable release but it is pretty stable
  • Jessie will be freezed on November 5 (“Remember, remember, the fifth of November!”) and will become the next stable release in about a year (May 2015)

Installing Debian on MacBook Pro Retina:

  1. download the Debian Jessie testing image (http://cdimage.debian.org/cdimage/weekly-builds/amd64/iso-dvd/) and create a bootable USB (dd if=debian-testing-amd64-DVD-1.iso of=/dev/sdX)
  2. boot your macbook pro holding down command+R
  3. use the disk utility, select the disk on the left panel (for example “251GB APPLE SSD”)
  4. on the partition scheme resize the “Macintosh HD” partition, drag the bottom right edge of the partition scheme up unless you have enought space for Debian (I’ve reserved only 50 GB to MacOSX because I really don’t use it), apply
  5. insert the Debian USB, reboot and hold down the options key (aka alt), remember to connect the LAN adapter before boot to Debian installer (hotplug wont work and wifi needs a non-free firmware), use tg3 as kernel module for ethernet adapter if requested
  6. select the EFI Boot relative to your Debian USB key and continue with the Debian installer (please note that I’ve selected XFCE on advanced options as Desktop Environment)
  7. when the installer arrives at the partitioning step select to proceed manually
  8. you can create the common partitions (boot, swap, root) but I suggest to setup an encrypted system²
  9. complete the install and reboot, you can’t boot Debian at this point, boot MacOS and go further…
  10. download the rEFInd USB bootable version (http://www.rodsbooks.com/refind/) and create a bootable USB
  11. insert the rEFInd USB, reboot and hold down the options key (aka alt)
  12. select the EFI Boot relative to your rEFInd USB key, rEFInd should permit to you to boot your Debian
  13. if you can boot your Debian by the rEFInd USB key just return to MacOS and install rEFInd permanently (it’s easy and a good tutorial is available on its website)

Complete the installation:

  1. update your apt sources.list to include the non-free packages
  2. install additional packages³: apt-get install firmware-linux-nonfree broadcom-sta-dkms
  3. reboot to use wifi and lan adapter
  4. to avoid random controller freeze you need to set a particular kernel boot option, edit /etc/default/grub and add the option libata.force=noncq (es. GRUB_CMDLINE_LINUX_DEFAULT=”quiet libata.force=noncq”) then reboot your system

Please note that the Intel video card works flawlessly, the Retina display is simply awasome but… but you need to adapt your desktop environment to use it on an high (very high) resolution (2880×1800), stay tuned, I will post about XFCE optimization for high DPI display as soon as I can! actually after some time spent to try to adapt XFCE on high resolution I’ve choose anyway to reduce the resolution to 1920×1200 mainly because most of the websites are not ready for high resolutions (low res design). This is not an XFCE fault, XFCE works well with high resolution4.

Please note that if you make use of kvm virtual machines you can be really disappointed about poor performance (install system base of Debian may take hours): don’t worry, you have to use the ext4 mount options nobarrier or barrier=0. If your vm is already installed simply update its /etc/fstab configuration. It’s a little more difficult to apply barrier=0 during installation:

  1. start Debian installer on the virtual machine and go further
  2. when the filesystem is ready (aka when the installation of base system starts) use CTRL+ALT+2 combo to move on the kvm console
  3. type sendkey ctrl-alt-f2 to move on another terminal of the vm
  4. use CTRL+ALT+F1 to comeback on the vm and press enter to start activate the command line
  5. execute the command mount -o remount,barrier=0 /target to disable the ext4 barrier feature
  6. use CTRL+ALT+F2 combo to return on the kvm console
  7. type sendkey ctrl-alt-f1 to return on the usual installation wizard of the vm
  8. use CTRL+ALT+F1 to comeback on the vm and complete the installation

If you want to use an external monitor no problem, just apply your custom setup with the xrandr command, for example:
xrandr --output DP1 --mode 1920x1080 --output eDP1 --mode 1920x1200 --below DP1
Run xrandr without arguments to list your screen(s), their names and their available modes.

Happy hacking!

2014-03-21 added libata.force=noncq custom kernel option
2014-03-21 added some info about my challenge to use XFCE on Retina
2014-03-21 added some note about problems about KVM virtual machines
2014-04-13 added some info about the use of an external monitor
2014-04-16 fixed some typos and fixed last update date

¹lspci of the MacBook Pro Retina 15″ used to produce this tutorial:

00:00.0 Host bridge: Intel Corporation Crystal Well DRAM Controller (rev 08)
00:01.0 PCI bridge: Intel Corporation Crystal Well PCI Express x16 Controller (rev 08)
00:02.0 VGA compatible controller: Intel Corporation Crystal Well Integrated Graphics Controller (rev 08)
00:03.0 Audio device: Intel Corporation Crystal Well HD Audio Controller (rev 08)
00:14.0 USB controller: Intel Corporation 8 Series/C220 Series Chipset Family USB xHCI (rev 05)
00:16.0 Communication controller: Intel Corporation 8 Series/C220 Series Chipset Family MEI Controller #1 (rev 04)
00:1b.0 Audio device: Intel Corporation 8 Series/C220 Series Chipset High Definition Audio Controller (rev 05)
00:1c.0 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #1 (rev d5)
00:1c.2 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #3 (rev d5)
00:1c.3 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #4 (rev d5)
00:1c.4 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #5 (rev d5)
00:1f.0 ISA bridge: Intel Corporation HM87 Express LPC Controller (rev 05)
00:1f.3 SMBus: Intel Corporation 8 Series/C220 Series Chipset Family SMBus Controller (rev 05)
02:00.0 Network controller: Broadcom Corporation BCM4360 802.11ac Wireless Network Adapter (rev 03)
03:00.0 Multimedia controller: Broadcom Corporation Device 1570
04:00.0 SATA controller: Samsung Electronics Co Ltd Apple PCIe SSD (rev 01)
05:00.0 PCI bridge: Intel Corporation Device 156d
06:00.0 PCI bridge: Intel Corporation Device 156d
06:03.0 PCI bridge: Intel Corporation Device 156d
06:04.0 PCI bridge: Intel Corporation Device 156d
06:05.0 PCI bridge: Intel Corporation Device 156d
06:06.0 PCI bridge: Intel Corporation Device 156d
07:00.0 System peripheral: Intel Corporation Device 156c
08:00.0 PCI bridge: Intel Corporation DSL3510 Thunderbolt Controller [Cactus Ridge]
09:00.0 PCI bridge: Intel Corporation DSL3510 Thunderbolt Controller [Cactus Ridge]
0a:00.0 Ethernet controller: Broadcom Corporation NetXtreme BCM57762 Gigabit Ethernet PCIe

²create an encrypted system

  1. create a small ext4 boot partition (1G)
  2. create an encrypted partition in the remaining space
  3. create an LVM group in the encrypted partition
  4. create two logical LVM partitions: the swap partition (double the size of your RAM), the root ext4 partition

³firmware package includes tg3 and broadcom package build the wl module needed for the wifi card

4you need to properly set the XFCE dpi option and you need to rebuild the composer theme because it uses raw images to compose its windows (download source package xfwm4-themes, edit the theme makefile and do some imagemagick tricks, feel free to ask if you are interested)

Debian Wheezy 7.0 on HP255 laptop

Debian Wheezy 7.0 works flawlessly on the HP255 laptop.

Install Wheezy as usual then:

  1. add wheezy-backports to your APT sources, add this line
    deb http://YOURMIRROR.debian.org/debian wheezy-backports main
    to your /etc/apt/sources.list (or add a new file with the “.list” extension to /etc/apt/sources.list.d/), replace YOURMIRROR with your preferred mirror name (or with “ftp” to use the main mirror)
  2. resynchronize the package index files from their sources (you need to be root)
    # apt-get update
  3. install some updated firmwares from the backport mirror:
    # apt-get -t wheezy-backports install firmware-realtek firmware-ralink
  4. install linux-image from backports, please note that you may need to change the package name to fit the latest version available and your specific arch (take a look at your current kernel name with uname-r and find available backports with apt-cache -t wheezy-backports linux-image):
    # apt-get -t wheezy-backports install YOUR_LINUX_IMAGE_PACKAGE_NAME
    for example replace YOUR_LINUX_IMAGE_PACKAGE_NAME with linux-image-3.12-0.bpo.1-686-pae
  5. install pulseaudio if it is not already installed:
    # apt-get install pulseaudio

Ekiga registration error: Loop Detected

Today we cannot connect an Ekiga client to our Asterisk SIP server.
The error reported by Ekiga was “loop detected” (with a poor italian translation “rilevato ciclo”).
We found a solution by Asterisk CLI command “sip set debug on” and by inspecting the debugging log: Ekiga sends packets with a wrong address in class 169.254.0.0/16 assigned to eth0 (without cable) by DHCP.
As reported by RFC 169.254.0.0/16 is the “link local” block.
It was set aside for this special use in the Standards Track document, RFC 3927 and was further documented in the Best Current Practice RFC 5735. It is allocated for communication between hosts on a single link. Hosts obtain these addresses by auto-configuration, such as when a DHCP server cannot be found.
RFC specify that a router MUST NOT forward a packet with an IPv4 Link-Local source or destination address, and so Ekiga shouldn’t send a SIP packet with this kind of address.
Anyway, to resolve this problem, stop dhcp on a disconnected interface or remove this assigned address.

KVM virtualization with Debian GNU/Linux in 7 steps

1. Install required packages

# apt-get install bridge-utils kvm

2. Create an empty kvm virtual machine image:

# kvm-img create vm.qcow2 -f qcow2 20G

3. Prepare a bridge so you can attach to it the net interface of your vm.

3a. Setup your eth0 interface to capture all the traffic:

# ifconfig eth0 promisc up

3b. Create the bridge interface:

# brctl addbr br0

3c. Put your eth0 interface in the bridge (so it captures all the wire traffic and sends it to all the others interfaces in the bridge and vice-versa):

# brctl addif br0 eth0

4. Restore your network connection by the br0 interface (optional)

4a. Bring up your bridge interface and give to it an address (so you can use it as your ip address):

# ifconfig br0 <your_ip> <your_netmask> up

4b. Remember to restore your default gateway:

# ip route add default via <gateway_ip>

5. Start your virtual machine (-boot d to install Debian from the ~/iso/debian.iso image, optional)

# kvm -hda vm.qcow2 -cdrom ~/iso/debian.iso -boot d -net nic,vlan=0 -net tap,vlan=0,ifname=tapvm

6. Add tap interface of vm to your bridge

# brctl addif br0 tapvm

7. Enable forwarding and tell to iptables to allow tapvm traffic to flow through your pc

# sysctl -w net.ipv4.ip_forward=1
# iptables -A FORWARD -m physdev --physdev-out tapvm -j ACCEPT
# iptables -A FORWARD -m physdev --physdev-in tapvm -j ACCEPT

Debian Release Party!

Thank you Debian!
Welcome Wheezy!!! :-D

http://www.debian.org/News/2013/20130504

Thank you Debian!

Thank you Debian!

Thank you Debian!

Thank you Debian!

How-to Install Debian 6.0 (squeeze) Linux on HP 630 notebook model B815

Please note: this how-to is intended to be used with model B815 only.
There is another (old) version of HP630 that works well with default Debian 6.0 setup (it doesn’t need backports and video mode is configured correctly/automatically by Xorg).

HP 630 is another great notebook for business from HP with linux (or freedos) installed. Hp630 is not the best about performance but it’s fast with linux it’s ok with it’s easy and clean design. Its hardware is very good (almost everything is manufactured by Intel) and it’s cheap!

If you want Debian just install Debian 6.0 (Squeeze) with Desktop System, Notebook and Basic System files.

After installation run these commands from shell (as root):

cd ~
mv /etc/apt/sources.list /etc/apt/sources.list.original
touch /etc/apt/sources.list
echo "deb http://ftp.it.debian.org/debian/ squeeze main contrib non-free" >> /etc/apt/sources.list
echo "deb-src http://ftp.it.debian.org/debian/ squeeze main contrib non-free" >> /etc/apt/sources.list
echo "deb http://ftp.it.debian.org/debian/ squeeze-updates main contrib non-free" >> /etc/apt/sources.list
echo "deb-src http://ftp.it.debian.org/debian/ squeeze-updates main contrib non-free" >> /etc/apt/sources.list
echo "deb http://security.debian.org/ squeeze/updates main contrib" >> /etc/apt/sources.list
echo "deb-src http://security.debian.org/ squeeze/updates main contrib" >> /etc/apt/sources.list
echo "deb http://backports.debian.org/debian-backports squeeze-backports main" >> /etc/apt/sources.list
apt-get update
apt-get -t squeeze-backports install linux-image-3.2.0-0.bpo.1-amd64 libdrm-intel1 xserver-xorg-video-intel libegl1-mesa libegl1-mesa-drivers
apt-get install bluez-firmware firmware-linux firmware-atheros flashplugin-nonfree icedove ntp wireless-tools

Note that it needs backports repository and some updated packages to setup a correct video mode for its video chip (more info at http://backports.debian.org/).

Now you have a perfect business laptop with browser (firefox/iceweasel), email client (thunderbird/icedove) and openoffice (and whatever you want to install).

All hardware now works very well without any problem.
Enjoy.


					

fstab, boot, mount and STP: a big challenge to solve

Last week I have to fight with this problem: my host cannot mount by fstab at boot time but it mounts without problem after login by mount -a.
Syslog reports this error:

mount error 113 = No route to host
Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)

Online you can find too many posts about that error:

  • fstab not mounting my cifs, I have to manually call mount -a
  • unable to mount cifs (windows) partition through fstab
  • cifs not mounting on boot

In fact, it just reports that your host cannot contact your share-server ip.
And so we are going to troubleshoot…

1) Networking problem on host

Of course we focus on networking configuration of host: what’s the difference between manually call mount -a and fstab? When you manually mount, your network interface it’s already up (and you can easly test it with a ping to your server). But what about boot time?
Just look a /var/log/syslog and see what happens before your mount error alerts.
If your network configuration (/etc/network/interfaces or NetworkManager with “all users” automatic connection) it’s ok you can see something like “eth0 up”, “link up”, “eth0 ready” before mount errors! It seems ok!
To be sure, your can also use a fixed ip, but the problem remains!
My host use a fixed ip and syslog reports that my interface (eth0) it’s up before mount try to contact the remote server! WTF!?!? It use a fixed ip. It has eth0 up. Network setup it’s ok. This can make you(&me) crazy!

2) Networking problem on cable (bottom/physical layer)

If your network configuration is ok and up at mount time where is that fu**ing problem!? You can have a problem like this if you use a static ip address, a permanent up interface (without hotplug) but your cable is not connected. But your cable it’s just connected!!!
You can think that a mystical problem involves your packets but it’s strange that it happens only at boot time, after boot all is working fine!
As usual by IT, nothing is mystical: put your network tester in the closet.

3) No problem on host, no problem on cable, what’s next? Switch!

Modern switches uses the STP (Spanning Tree Protocol) on all ports by default to prevent bridge loops and the broadcast radiation.
When a device is first attached to a switch (STP enabled) port, it will not immediately start to forward data. It will instead go through a number of states while it determines the topology of the network. When a host is attached such as a computer, printer or server the port will always go into the forwarding state, albeit after a delay of about 30 seconds while it goes through the listening and learning states. Bingo!
Our interface it’s up and its configuration is ok but our switch don’t forward our host’s packets for about 30 seconds and so we cannot mount by fstab at boot!

4) Solution

A switch with STP is probably managed and your can configure STP properties.
My switch is able to disable STP globally or on a specific port.
Because STP is completely useless for a generic host (and only wasted my time) I have turn STP off on port of host. You can do so safely.
If you cannot turn off STP by port your can disable it globally but be sure that you don’t need it (or booommm).
If you cannot turn off STP on your switch (globally or by port) you can lower the “hello time” STP param to 1 (default is 2) but this can only reduce the listening/learning time (your host may always try to mount before).
If you dont want to turn off STP (or you can’t) you can remove the “auto” option from fstab and put a mount command like sleep 30 && mount /mnt/myshare & in your /etc/rc.local (sleep ensures that your mount happens after 30 seconds when your STP switch port starts to forward).

Happy hacking!!!

Note: 30 seconds it’s just an indication, STP can take usually 30 to 50 seconds to respond to a topology change. If your switch uses  RSTP (Rapid Spanning Tree Protocol) it’s typically able to respond to changes within 3 × Hello times (default: 3 times 2 seconds).

Debian Squeeze/Wheezy (6.0/7.0) and Xerox Unified Driver v. 7-15

Xerox Unified Driver works very well and you can install it without any problem from console or by the X (gui) wizard. At the moment it doesn’t support officialy Debian >=6.0 (it supports old Debian 3.1, 4.0, 5.0 32/64bit) so this isn’t a real bug in fact but it can be a problem if you use squeeze/wheezy.

insserv: warning: script 'K07smfpd' missing LSB tags and overrides
insserv: warning: script 'smfpd' missing LSB tags and overrides
insserv: There is a loop at service rmnologin if started
insserv: There is a loop between service rmnologin and mountnfs if started
insserv:  loop involving service mountnfs at depth 6
insserv:  loop involving service nfs-common at depth 5
insserv: There is a loop between service rmnologin and checkroot if started
insserv:  loop involving service checkroot at depth 3
insserv:  loop involving service mountdevsubfs at depth 2
insserv: Starting smfpd depends on rmnologin and therefore on system facility `$all' which can not be true!
(...)
insserv: Starting smfpd depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Max recursions depth 99 reached
insserv:  loop involving service portmap at depth 4
insserv: There is a loop between service rmnologin and pcmcia if started
insserv:  loop involving service pcmcia at depth 2
insserv:  loop involving service udev at depth 1
insserv:  loop involving service module-init-tools at depth 4
insserv:  loop involving service mountnfs-bootclean at depth 8
insserv:  loop involving service exim4 at depth 8
insserv: There is a loop between service rmnologin and mountoverflowtmp if started
insserv:  loop involving service mountoverflowtmp at depth 3
insserv:  loop involving service mountall-bootclean at depth 2
insserv:  loop involving service avahi at depth 8
insserv: There is a loop between service rmnologin and ifupdown if started
insserv:  loop involving service ifupdown at depth 5
insserv:  loop involving service ifupdown-clean at depth 4
insserv:  loop involving service fuse at depth 11
insserv:  loop involving service networking at depth 7
insserv:  loop involving service mountall at depth 5
insserv:  loop involving service checkfs at depth 4
insserv: There is a loop between service rmnologin and ifupdown-clean if started
insserv: There is a loop at service smfpd if started
insserv:  loop involving service smfpd at depth 1
insserv:  loop involving service hwclockfirst at depth 4
insserv:  loop involving service hostname at depth 5
insserv: There is a loop between service rmnologin and mountall if started
insserv:  loop involving service mtab at depth 7
insserv: exiting now without changing boot order!
update-rc.d: error: insserv rejected the script header

To solve this problem you can:

  1. uninstall Xerox Unified Driver, update your system or install your software and then reinstall the Xerox driver
  2. “If your MFP device is not connected to LPT port, you can safely disable execution of this script” so remove /etc/init.d/smfpd (and its symlinks) from your init.d and rc.X folders
  3. Recommended: “LSBize” the init script to fix the problem (http://wiki.debian.org/LSBInitScripts). Add these lines to your /etc/init.d/smfpd (at EOF is ok because position is not important, so you can also use a combo of cat /patch >> /etc/init.d/smfpd if you want to fix it automatically) create a new file named smfpd in /usr/share/insserv/overrides/ with the following content:
    ### BEGIN INIT INFO
    # Provides:          smfpd
    # Required-Start:    $syslog
    # Required-Stop:     $syslog
    # Default-Start:     2 3 4 5
    # Default-Stop:      0 1 6
    # Short-Description: Xerox Unified Linux Driver LPT Support daemon
    # Description:       Enable support for LPT port service provided by Xerox Unified Linux Driver package.
    ### END INIT INFO

And just request support for Debian -6.0- 7.0 ;)

update 2011-08-12: there is another minor bug in install.sh at line 1187 because –reload_rules is wrong, change it to –reload-rules
update 2013-06-14: mmmm, Xerox didn’t fix, so I’ve updated my post for Debian Wheezy 7.0
update 2013-07-02: thanks to darac’s comment I’ve learned a better way to do the work: put an override file in /usr/share/insserv/overrides/ as indicated by insserv man page

How-to Install Debian 6.0 (squeeze) Linux on HP 620 notebook

HP 620. It’s a great notebook for business. Hp620 is not the best about performance but it’s fast – really fast! with linux – and it’s ok with it’s easy and clean design. Its hardware is very good (almost everything is manufactured by Intel) and it’s cheap!

Above all, you can also buy it pre-installed with Linux (Suse Enterprise Desktop)!

If you want Debian just install Debian 6.0 (Squeeze) with Desktop System, Notebook and Basic System files.
After installation run these commands from shell (as root).

cd ~
mv /etc/apt/sources.list /etc/apt/sources.list.original
touch /etc/apt/sources.list
echo "deb http://ftp.it.debian.org/debian/ squeeze main contrib non-free" >> /etc/apt/sources.list
echo "deb-src http://ftp.it.debian.org/debian/ squeeze main contrib non-free" >> /etc/apt/sources.list
echo "deb http://ftp.it.debian.org/debian/ squeeze-updates main contrib non-free" >> /etc/apt/sources.list
echo "deb-src http://ftp.it.debian.org/debian/ squeeze-updates main contrib non-free" >> /etc/apt/sources.list
echo "deb http://security.debian.org/ squeeze/updates main contrib" >> /etc/apt/sources.list
echo "deb-src http://security.debian.org/ squeeze/updates main contrib" >> /etc/apt/sources.list
apt-get update
apt-get install flashplugin-nonfree icedove icedove-l10n-it ntp wireless-tools
apt-get --yes install linux-headers-2.6-686 build-essential module-assistant pulseaudio firmware-ralink
m-a update && m-a prepare
m-a a-i -t alsa-source
echo "acpiphp" >> /etc/modules
echo "ata_piix" >> /etc/modules
echo "cfg80211" >> /etc/modules
echo "iTCO_vendor_support" >> /etc/modules
echo "iTCO_wdt" >> /etc/modules
echo "pci_hotplug" >> /etc/modules
echo "rt3090sta" >> /etc/modules
echo "snd_mixer_oss" >> /etc/modules
echo "snd_pcm_oss" >> /etc/modules
echo "speedstep_lib" >> /etc/modules
echo "tpm" >> /etc/modules
echo "tpm_bios" >> /etc/modules
echo "tpm_tis" >> /etc/modules
echo "auto lo" > /etc/network/interfaces
echo "iface lo inet loopback" >> /etc/network/interfaces
echo "allow-hotplug eth0" >> /etc/network/interfaces

Now you have a perfect business laptop with browser (firefox/iceweasel), email client (thunderbird/icedove) and openoffice (and whatever you want to install).

All hardware now works very well without any problem.
Enjoy.

Follow

Get every new post delivered to your Inbox.