Well, my first interview is Tuesday, even before my final pay check is due
Best posts made by travisdh1
RE: What Are You Doing Right Now
@RojoLoco That is a totally different life style to what I was imaging...
So where do they grow their plants if they don't have land to work? Where do they sleep if they don't own or rent? And don't they ever just get an urge to have a big fat juicy steak with a side of shrimp?
The answer to all those queries is "who cares, they're filthy hippies".
hey now, hippies have a use, like human shields.... or fertilizer for feed for beef farms..
DIY Environment Monitoring
Thought I'd drop one of my current projects here. It started as just wanting a way to see what the temperature in a room is without having to have someone go check. (It's another building in a locked room few people have a key for.)
We already have lots of project cases, and also already had a Raspberry Pi. The new $5 Pi would need a network connection of some sort, so figure $10 for the networked PC ($20 if you need a power supply and memory card as well). I splurged at $13 for a combination temperature and humidity sensor. I went ahead and added a door sensor as well, it was $2. I also got a Cobbler Plus GPIO Breakout for $8 and a Perma-Proto board for $6. Total cost for me was $29. If you need a Pi as well figure ~$50 for everything. Compare that to any of the commercial offerings!
I'll post the code I use for everything here, along with references where possible. After all, that's where the real cost of these little things end up being.
It might be good to add a battery backup to it as well, which is quite easy, but I have no real need for that (if the power is out, the temperature isn't going to be getting out of control.) Adafruit makes it really easy.
More reasons to never do business with Intuit
This is mostly to make things a matter of public record, in addition to a bit of a rant.
Got a call yesterday morning. They can't process credit cards. That office happens to use Intuit/Quickbooks for everything from inventory tracking, to payment processing and accounting. I've been down the road of getting away from Intuit often. Don't know if this will push them past the edge or not.
Ok, spent 2 hours manually doing updates because the automatic ones broke along the way somewhere. Updates complete. Good, we should be up and running. They try to login, and get asked for a code. Ok, check the email address... nothing.
Now I'm calling Intuit support (bad idea, but we're basically not in business at this point.) That's a 3 hour call where I'm told something is wrong with our email server.
Fine, hang up with one unhelpful peon. Go eat lunch (3:30pm at this point, my blood sugar is about to tank.)
Get back into the office around 4:30. Enough time to find something very interesting in the server logs...
2016-10-05 14:01:56 H=lvmailappout12.intuit.com [184.108.40.206]:30939 sender verify fail for <[email protected]>: response to "RCPT TO:<[email protected]>" from mailin.intuit.com [220.127.116.11] was: 550 #5.1.0 Address rejected. 2016-10-06 11:17:10 H=mailout203.intuit.com [18.104.22.168]:49121 X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=<[email protected]> rejected RCPT <[email protected]>: Sender verify failed
Now, I spent way to much time figuring out how to deal with spam, and have gotten it figured out for the most part. So, they are sending a confirmation code out using an address that their own email server does not acknowledge as being valid. Yet it's somehow my fault that the email is not being delivered.
Spent another 2 hours on the phone this morning going over the same stuff. We're working through alternatives, none of which are something the business would normally find acceptable.
This on top of them having me enable SSL2 in the browser. Uhm, these computers have to remain PCI compliant, and they just purposely made them non-compliant.
Malicious company, let it be known.
Cisco Security Vulnerability Thread.
Yes, they made my news feeds again today.
Since Cisco keeps being so popular with the security breaches and vulnerabilities, I figured it's time they get their very own thread.
RE: What Are You Doing Right Now
Thing learned today: Domain controller must have SMB v1 enabled for a Server 2003 member to join the domain.
I learned that I only have to get inside your LAN in order to steal all the network data.
900,000 Routers Knocked Offline in Germany amid Rumors of Cyber-Attack
On Facebook, Deutsche Telekom engineers recommended that users unplug their devices, wait for 30 seconds and restart their router. If the equipment fails to connect to the company's network, engineers told users to disconnect their device from the company's network permanently.
To compensate the downtime, Deutsche Telekom is offering free mobile Internet until the technical problem is resolved.
DSL routers all over Germany, and presumably worldwide if anyone else happens to be using the same DSL Modem that got hit by this.
@thwr, hope you're still running!
RE: Need advise, restoring domain controller and email server.
Great to hear you got an MS tech who was willing to help.
This has been my experience as well. They seemed to bend over backwards to assist in resolving my issues.
Sadly - it seems Scott has not had this experience.
It's like playing whack-a-mole, they do have some good people. The problem is, it's only some, and trying to find a good one is always difficult.
DNS-over-HTTPS with Fedora based PiHole and Cloudflare
How to setup DNS-over-HTTPS on Fedora based PiHole.
Now verified. Should be good, so let me know where I messed up.
I've also written a script, because I'll want to do this a few more times, and what IT person doesn't like automation?
Install the downloaded rpm file
sudo dnf -y localinstall ./cloudflared-stable-linux-amd64.rpm
Add a user for cloudflared to run as
sudo useradd -s /usr/sbin/nologin -r -M cloudflared
Change the executable ownership
sudo chown cloudflared:cloudflared /usr/local/bin/cloudflared
sudo nano /etc/default/cloudflared # Commandline args for cloudflared CLOUDFLARED_OPTS=--proxy-dns=true --proxy-dns-upstream https://22.214.171.124/dns-query --proxy-dns-upstream https://126.96.36.199/dns-query --proxy-dns-port 5053
Change ownership on /etc/default/cloudflared to cloudflared
sudo chown cloudflared:cloudflared /etc/default/cloudflared
sudo nano /lib/systemd/system/cloudflared.service [Unit] Description=cloudflared DNS over HTTPS proxy After=syslog.target network-online.target [Service] Type=simple User=cloudflared EnvironmentFile=/etc/default/cloudflared ExecStart=/usr/local/bin/cloudflared $CLOUDFLARED_OPTS Restart=on-failure RestartSec=10 KillMode=process [Install] WantedBy=multi-user.target
Enable, start, and check that cloudflared is running
sudo systemctl enable cloudflared
sudo systemctl start cloudflared
sudo systemctl status cloudflared
Check that the cloudflared service is working
dig @127.0.0.1 -p 5053 google.com
Should look something like:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> @127.0.0.1 -p 5053 google.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65181 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1536 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 299 IN A 243.65.127.221 ;; Query time: 3 msec ;; SERVER: 127.0.0.1#5053(127.0.0.1) ;; MSG SIZE rcvd: 65
Comment out with a # on the beginning of the line any existing 'server=' lines.
sed -i 's/server/#server/' /etc/dnsmasq.d/01-pihole.conf
Add a line containing 'server=127.0.0.1:5053'
sudo nano /etc/dnsmasq.d/01-pihole.conf
server=127.0.0.1:5053on the last line
Restart the pihole-FTL service
sudo systemctl restart pihole-FTL.service
Your PiHole install is now using CloudFlare's DNS over HTTPS.
RE: Favorite Linux Commands
In addition to the 3 you listed.
glances - the shell system monitor to use, everything including temp sensors if configured. Replaced htop, iftop, and iotop for me.
screen - because it's just handy to be able to leave programs running and logout at the same time.
Wrapping your head around LVM.
I was thinking about writing a beginners guide to LVM, but it's already been done so often already that I'll spare you all from my literary, lack of, skills. Instead, I'll link to a few places that I use for reference, outside of the man pages.
HowtoForge Walks you through all the basics, rather long.
The Geek Diary Has a shorter version with more graphics, but doesn't cover as much.
How to Geek Includes a handy chart of which options are available for PV, VG, and LV. Also covers snapshots succinctly.
One thing none of those mention that I've found very handy at times, lvm is it's own command. If you're stuck in a recovery shell, no internet access, and can't remember exactly what command(s) and options you need to use. Fire up lvm, and type 'help'. Once you figure out which command(s) are needed 'help command' should get you going. Frankly, it reminds me of how OpenVMS operated, which I never really liked. Great for when you don't even have man pages available tho.
That's it for now. I'll try to update this if anyone has more questions.
RE: Win a ticket to MangoCon courtesy of Colocation America!
Suddenly glad I haven't purchased the ticket yet, fingers crossed.
RE: What Are You Doing Right Now
Just got home, fairly shitty day...but this one sums it up....
customer has a problem with a printer on a Mac, trying to fix it by removing and reinstalling etc, all the usual stuff. My test print works fine to it from word, but he's trying to print an excel sheet. Not got a clue (and I still hate macs) so tell him I'm going to do some research and is that ok. He says yes....so I look into it, find a few possible solutions, ring him back "Nope, you've run out of time, I have things to do now." - well....it's obviously not that ephin important then is it.
Mac users are the worst
takes shelter from incoming flames
A religion on its own....
RE: Apple Completely Redesigning the Mac Pro Again
But they were forthcoming about the fact that the current Mac Pro isn’t meeting the needs of all the users who need a Mac Pro. Federighi:
"I think we designed ourselves into a bit of a thermal corner, if you will. We designed a system with the kind of GPUs that at the time we thought we needed, and that we thought we could well serve with a two GPU architecture. That that was the thermal limit we needed, or the thermal capacity we needed. But workloads didn’t materialize to fit that as broadly as we hoped.
Being able to put larger single GPUs required a different system architecture and more thermal capacity than that system was designed to accommodate. So it became fairly difficult to adjust. At the same time, so many of our customers were moving to iMac that we saw a path to address many, many more of those that were finding themselves limited by a Mac Pro through next generation iMac. And really put a lot of our energy behind that."
In other words: We thought everyone would redesign their apps to work well on our 2 mid range GPU system, and ignored the entire industry that has always said a single fast GPU is better than 2 mid range GPUs.
RE: Amazon Echo Look Adds Camera Capabilities to the AI Platform
Amazon with a camera in your bedroom? Am I the only one thinking I could get some advice on other things than just fasion?
RE: Miscellaneous Tech News
Microsoft employee installs Chrome Midway through presentation because Edge keeps crashing.
You just can't make this stuff up.
RE: Remote Desktop to Fedora 28?
So I've setup my old laptop with Fedora v28 workstation.
What can I use to, (for want of the correct Linux terminology), RDP into my Fedora laptop when I'm out in the field?
Not being command line savvy, it will need to be a GUI interface.
If you want RDP, install xrdp, start the service and enable it to run at boot.
sudo dnf -y install xrdp sudo systemctl start xrdp sudo systemctl enable xrdp sudo firewall-cmd --permanent --add-port=3389/tcp sudo firewall-cmd --reload
Will install it, start the service, enable the service at boot time, and open the local firewall port for it.
RE: Something not said enough;
@gjacobse vey few things are more rewarding than giving a helping hand. We all have to keep up the fight against things like IPODs.
Or getting a good FFS from @JaredBusch when needed.
Doing both of those things is so valuable, and not done in so many other places.
Exchange auto mapped account removal.
So this is somewhat for my own future reference, as it was a pita to track down online.
Scenario: User had been delegated access to another user account. Now does not need or want to see the email from the other user account.
I found the actual solution here: https://www.msoutlook.info/question/673
Add-MailboxPermission -Identity <shared mailbox alias> -User <your mailbox alias> -AccessRights FullAccess -InheritanceType All -Automapping $false
This was the only way to remove the shared mailbox from the user account when delegation was setup on the server. All the other articles say to remove the account from Outlook, that doesn't exist.
How to use Wasabi with Xen Orchestra
You'll need a VM on your XenServer/XCP-ng server to act as a proxy. I'm assuming you're starting with an up to date Fedora Server install. You'll also need a Wasabi account, bucket, key and secret.
sudo dnf -y install s3fs-fuse sudo echo "Your_Key:Your_Secret" > /root/.passwd-s3fs sudo chmod 600 /root/.passwd-s3fs sudo mkdir /backup sudo echo "s3fs#mybucket /backup fuse _netdev,allow_other,use_path_request_style,url=https://s3.wasabisys.com 0 0" >> /etc/fstab sudo dnf -y install nfs-utils sudo systemctl enable --now rpcbind sudo echo "/backup ipofserver(rw,fsid=1000)" > /etc/exports sudo systemctl enable --now nfs-server sudo firewall-cmd --permanent --add-service=nfs sudo firewall-cmd --reload
Now you just mount the NFS directory from Xen Orchestra like normal. If you need help with that, go talk to @DustinB3403.
My mount point currently shows 256T Avail.