All posts by David Lehman

RSSOwl was unable to create a browser for reading news

Unfortunately, I failed to solve this issue, but I got around it.
Initially I downloaded RSSOwl for Linux (64 Bit) from here: http://www.rssowl.org/download. However, I would start to get the error message:
Error Creating Browser: RSSOwl was unable to create a browser for reading news. Please refer to the FAQ for further help. Click 'Ok' to open the FAQ now..
This issue is described in RSSOwl’s FAQ (http://www.rssowl.org/help#item_6j). However, following those instructions did not resolve my problem. Ultimately I downloaed the Ubuntu 64-bit Debian package from here: http://www.ubuntuupdates.org/package/getdeb_apps/precise/apps/getdeb/rssowl. Executing that installation of RSSOwl did have this problem.

References

Shrinking an ext4 File System and the Logical Volume Containing It

The following procedure will reduce both the ext4 file system and logical volume sizes by 10 GB. Initially the file system uses the entire size of the logical volume. Obviously, there needs to be at least 10 GB of disk space currently available. This procedure needs to be done with the file system unmounted. This should also work fine on ext2 and ext3.

root@ubuntu:/tmp# df -h /dev/mapper/mysql_s1_prod1_raid10-data
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/mysql_s1_prod1_raid10-data
                      241G  647M  228G   1% /local/mysql-s1-prod1_data
root@ubuntu:/tmp# umount /local/mysql-s1-prod1_data
root@ubuntu:/tmp# pvscan
  PV /dev/mapper/mysql-s1-prod0-t1-v1_fujitsu2-27   VG mysql_s1_prod0_raid1    lvm2 [78.12 GiB / 0    free]
  PV /dev/mapper/mysql-s1-prod1-t1-v1_fujitsu2-32   VG mysql_s1_prod1_raid1    lvm2 [78.12 GiB / 0    free]
  PV /dev/mapper/mysql-s1-prod0-t1-v2_fujitsu2-28   VG mysql_s1_prod0_raid10   lvm2 [244.14 GiB / 10.00 GiB free]
  PV /dev/mapper/mysql-s1-prod1-t1-v2_fujitsu2-35   VG mysql_s1_prod1_raid10   lvm2 [244.14 GiB / 0    free]
  PV /dev/sda2                                      VG system                  lvm2 [135.84 GiB / 102.32 GiB free]
  Total: 5 [780.36 GiB] / in use: 5 [780.36 GiB] / in no VG: 0 [0   ]
root@ubuntu:/tmp# lvscan
  ACTIVE            '/dev/mysql_s1_prod0_raid1/data' [78.12 GiB] inherit
  ACTIVE            '/dev/mysql_s1_prod1_raid1/data' [78.12 GiB] inherit
  ACTIVE            '/dev/mysql_s1_prod0_raid10/data' [234.14 GiB] inherit
  ACTIVE            '/dev/mysql_s1_prod1_raid10/data' [244.14 GiB] inherit
  ACTIVE            '/dev/system/root' [9.31 GiB] inherit
  ACTIVE            '/dev/system/var' [4.66 GiB] inherit
  ACTIVE            '/dev/system/tmp' [2.79 GiB] inherit
  ACTIVE            '/dev/system/swap' [2.79 GiB] inherit
  ACTIVE            '/dev/system/home' [4.66 GiB] inherit
  ACTIVE            '/dev/system/opt' [9.31 GiB] inherit
root@ubuntu:/tmp# e2fsck -fy /dev/mysql_s1_prod1_raid10/data
e2fsck 1.41.11 (14-Mar-2010)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/dev/mysql_s1_prod1_raid10/data: 127/16007168 files (2.4% non-contiguous), 1170118/63998976 blocks
root@ubuntu:/tmp# resize2fs -Mp /dev/mapper/mysql_s1_prod1_raid10-data
resize2fs 1.41.11 (14-Mar-2010)
Resizing the filesystem on /dev/mapper/mysql_s1_prod1_raid10-data to 291412 (4k) blocks.
Begin pass 2 (max = 88941)
Relocating blocks             XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Begin pass 3 (max = 1954)
Scanning inode table          XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Begin pass 4 (max = 11)
Updating inode references     XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
The filesystem on /dev/mapper/mysql_s1_prod1_raid10-data is now 291412 blocks long.
root@ubuntu:/tmp# e2fsck -fy /dev/mysql_s1_prod1_raid10/data
e2fsck 1.41.11 (14-Mar-2010)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/dev/mysql_s1_prod1_raid10/data: 127/73728 files (2.4% non-contiguous), 160138/291412 blocks
root@ubuntu:/tmp# lvreduce -L -10G /dev/mapper/mysql_s1_prod1_raid10-data
  WARNING: Reducing active logical volume to 234.14 GiB
  THIS MAY DESTROY YOUR DATA (filesystem etc.)
Do you really want to reduce data? [y/n]: y
  Reducing logical volume data to 234.14 GiB
  Logical volume data successfully resized
root@ubuntu:/tmp# resize2fs /dev/mapper/mysql_s1_prod1_raid10-data
resize2fs 1.41.11 (14-Mar-2010)
Please run 'e2fsck -f /dev/mapper/mysql_s1_prod1_raid10-data' first.
root@ubuntu:/tmp# resize2fs /dev/mapper/mysql_s1_prod1_raid10-data
resize2fs 1.41.11 (14-Mar-2010)
Resizing the filesystem on /dev/mapper/mysql_s1_prod1_raid10-data to 61377536 (4k) blocks.
The filesystem on /dev/mapper/mysql_s1_prod1_raid10-data is now 61377536 blocks long.
root@ubuntu:/tmp# e2fsck -fy /dev/mysql_s1_prod1_raid10/data
e2fsck 1.41.11 (14-Mar-2010)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/dev/mysql_s1_prod1_raid10/data: 127/15351808 files (2.4% non-contiguous), 1128998/61377536 blocks
root@ubuntu:/tmp# df -h /dev/mapper/mysql_s1_prod1_raid10-data
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/mysql_s1_prod1_raid10-data
                      231G  647M  219G   1% /local/mysql-s1-prod1_data
root@ubuntu:/tmp# pvscan
  PV /dev/mapper/mysql-s1-prod0-t1-v1_fujitsu2-27   VG mysql_s1_prod0_raid1    lvm2 [78.12 GiB / 0    free]
  PV /dev/mapper/mysql-s1-prod1-t1-v1_fujitsu2-32   VG mysql_s1_prod1_raid1    lvm2 [78.12 GiB / 0    free]
  PV /dev/mapper/mysql-s1-prod0-t1-v2_fujitsu2-28   VG mysql_s1_prod0_raid10   lvm2 [244.14 GiB / 10.00 GiB free]
  PV /dev/mapper/mysql-s1-prod1-t1-v2_fujitsu2-35   VG mysql_s1_prod1_raid10   lvm2 [244.14 GiB / 10.00 GiB free]
  PV /dev/sda2                                      VG system                  lvm2 [135.84 GiB / 102.32 GiB free]
  Total: 5 [780.36 GiB] / in use: 5 [780.36 GiB] / in no VG: 0 [0   ]
root@ubuntu:/tmp# lvscan
  ACTIVE            '/dev/mysql_s1_prod0_raid1/data' [78.12 GiB] inherit
  ACTIVE            '/dev/mysql_s1_prod1_raid1/data' [78.12 GiB] inherit
  ACTIVE            '/dev/mysql_s1_prod0_raid10/data' [234.14 GiB] inherit
  ACTIVE            '/dev/mysql_s1_prod1_raid10/data' [234.14 GiB] inherit
  ACTIVE            '/dev/system/root' [9.31 GiB] inherit
  ACTIVE            '/dev/system/var' [4.66 GiB] inherit
  ACTIVE            '/dev/system/tmp' [2.79 GiB] inherit
  ACTIVE            '/dev/system/swap' [2.79 GiB] inherit
  ACTIVE            '/dev/system/home' [4.66 GiB] inherit
  ACTIVE            '/dev/system/opt' [9.31 GiB] inherit

Installing Oracle Java on Ubuntu

If you already have Ubuntu packages of JRE and/or JDK already installed, then you may leave them installed. However, you must uninstall IcedTea. The IcedTea project provides a harness to build the source code from http://openjdk.java.net using free software build tools and adds a number of features to the upstream OpenJDK codebase.

root@ubuntu:~# aptitude search icedtea
i A icedtea-6-jre-cacao - Alternative JVM for OpenJDK, using Cacao
i A icedtea-6-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
i A icedtea-7-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
i A icedtea-netx - NetX - implementation of the Java Network
i A icedtea-plugin - web browser plugin based on OpenJDK and Ic
v icedtea6-jre-cacao -
v icedtea6-jre-cacao -
v icedtea6-plugin -
i icedtea6-plugin - web browser plugin to execute Java applets
root@ubuntu:~# aptitude remove icedtea6-plugin icedtea-plugin icedtea-netx icedtea-7-jre-jamvm icedtea-6-jre-jamvm icedtea-6-jre-cacao

Download Java from Java’s website: http://www.java.com. For 64-bit you want Linux x64 (the file name ending with x64.bin). In this example we downloaded jre-6u31-linux-x64.bin.
Then make a directory for Oracle Java. Move the downloaded file into this new directory:

root@ubuntu:~# mkdir -p /opt/java
root@ubuntu:~# cd /opt/java
root@ubuntu:/opt/java# mv /home/username/downloads/jre-6u31-linux-x64.bin .

Execute the file downloaded:

root@ubuntu:/opt/java$ sh jre-6u31-linux-x64.bin

This will create the directory /opt/java/jre1.6.0_31 containing your new instance of Java. Its name will match the version of Java downloaded. You may now delete the downloaded Java installation file:

root@ubuntu:/opt/java$ rm jre-6u31-linux-x64.bin

Tell the system that there is a new instance of Java available:

root@ubuntu:/opt/java# update-alternatives --install "/usr/bin/java" "java" "/opt/java/jre1.6.0_31/bin/java" 1
update-alternatives: using /opt/java/jre1.6.0_31/bin/java to provide /usr/bin/java (java) in manual mode.

Tell the system to default to the new Java instance:

root@ubuntu:/opt/java# update-alternatives --set java /opt/java/jre1.6.0_31/bin/java

Verify your system is now using this instance of Java:

root@ubuntu:/# java -showversion
java version "1.6.0_31"
Java(TM) SE Runtime Environment (build 1.6.0_31-b04)
Java HotSpot(TM) 64-Bit Server VM (build 20.6-b01, mixed mode)

References

APT Package Resource List for Old Ubuntu Releases

Package repositories for old Ubuntu releases are dropped from Ubuntu’s upstream package repository and are removed from Ubuntu package mirrors. However, Ubuntu still makes them available here: http://old-releases.ubuntu.com/ubuntu/. Here is an example /etc/apt/sources.list file for Ubuntu Dapper:

#
# /etc/apt/sources.list
# Ubuntu Dapper 6.06
#
#
# main and restricted:
#
#   These are the primary package archives.
#
deb     http://old-releases.ubuntu.com/ubuntu dapper main restricted
deb-src http://old-releases.ubuntu.com/ubuntu dapper main restricted
deb     http://old-releases.ubuntu.com/ubuntu dapper-updates main restricted
deb-src http://old-releases.ubuntu.com/ubuntu dapper-updates main restricted
deb     http://old-releases.ubuntu.com/ubuntu dapper-security main restricted
deb-src http://old-releases.ubuntu.com/ubuntu dapper-security main restricted
#
# universe:
#
#   Additional software from the larger pool of debian packages.  Gobs and
#   gobs of useful software lives here, however, software from this
#   repository is ENTIRELY UNSUPPORTED by the Ubuntu team.
#
#   Note: Some of the software in this repository may not be under a free
#         licence. Please satisfy yourself as to your rights to use the
#         software.
#
#   Note: Software in this repository WILL NOT receive any review or
#         updates from the Ubuntu security team.
#
deb     http://old-releases.ubuntu.com/ubuntu dapper universe
deb-src http://old-releases.ubuntu.com/ubuntu dapper universe
deb     http://old-releases.ubuntu.com/ubuntu dapper-updates universe
deb-src http://old-releases.ubuntu.com/ubuntu dapper-updates universe
deb     http://old-releases.ubuntu.com/ubuntu dapper-security universe
deb-src http://old-releases.ubuntu.com/ubuntu dapper-security universe
#
# multiverse:
#
#  Additional software that is "not free", which means the licensing
#  requirements of this software do not meet the Ubuntu "main" Component
#  Licence Policy.
#
#  Note: This software is not supported and usually cannot be fixed or
#  updated. Use it at your own risk.
deb     http://old-releases.ubuntu.com/ubuntu dapper multiverse
deb-src http://old-releases.ubuntu.com/ubuntu dapper multiverse
deb     http://old-releases.ubuntu.com/ubuntu dapper-updates multiverse
deb-src http://old-releases.ubuntu.com/ubuntu dapper-updates multiverse
deb     http://old-releases.ubuntu.com/ubuntu dapper-security multiverse
deb-src http://old-releases.ubuntu.com/ubuntu dapper-security multiverse
#
# backports:
#
#   Software from a newer release of the distribution, or even from the
#   development branch of the distribution, but built against this release.
#   It may provide newer features, but should be considered untested.
#
#   Note: Software in this repository WILL NOT receive any review or
#         updates from the Ubuntu security team.
#
#deb     http://old-releases.ubuntu.com/ubuntu dapper-backports main restricted
#deb-src http://old-releases.ubuntu.com/ubuntu dapper-backports main restricted
#deb     http://old-releases.ubuntu.com/ubuntu dapper-backports universe
#deb-src http://old-releases.ubuntu.com/ubuntu dapper-backports universe
#deb     http://old-releases.ubuntu.com/ubuntu dapper-backports multiverse
#deb-src http://old-releases.ubuntu.com/ubuntu dapper-backports multiverse

Here is an example /etc/apt/sources.list file for Ubuntu Hardy:

#
# /etc/apt/sources.list
# Ubuntu Hardy 8.04
#
#
# main and restricted:
#
#   These are the primary package archives.
#
deb     http://old-releases.ubuntu.com/ubuntu hardy main restricted
deb-src http://old-releases.ubuntu.com/ubuntu hardy main restricted
deb     http://old-releases.ubuntu.com/ubuntu hardy-updates main restricted
deb-src http://old-releases.ubuntu.com/ubuntu hardy-updates main restricted
deb     http://old-releases.ubuntu.com/ubuntu hardy-security main restricted
deb-src http://old-releases.ubuntu.com/ubuntu hardy-security main restricted
#
# universe:
#
#   Additional software from the larger pool of debian packages.  Gobs and
#   gobs of useful software lives here, however, software from this
#   repository is ENTIRELY UNSUPPORTED by the Ubuntu team.
#
#   Note: Some of the software in this repository may not be under a free
#         licence. Please satisfy yourself as to your rights to use the
#         software.
#
#   Note: Software in this repository WILL NOT receive any review or
#         updates from the Ubuntu security team.
#
deb     http://old-releases.ubuntu.com/ubuntu hardy universe
deb-src http://old-releases.ubuntu.com/ubuntu hardy universe
deb     http://old-releases.ubuntu.com/ubuntu hardy-updates universe
deb-src http://old-releases.ubuntu.com/ubuntu hardy-updates universe
deb     http://old-releases.ubuntu.com/ubuntu hardy-security universe
deb-src http://old-releases.ubuntu.com/ubuntu hardy-security universe
#
# multiverse:
#
#  Additional software that is "not free", which means the licensing
#  requirements of this software do not meet the Ubuntu "main" Component
#  Licence Policy.
#
#  Note: This software is not supported and usually cannot be fixed or
#  updated. Use it at your own risk.
deb     http://old-releases.ubuntu.com/ubuntu hardy multiverse
deb-src http://old-releases.ubuntu.com/ubuntu hardy multiverse
deb     http://old-releases.ubuntu.com/ubuntu hardy-updates multiverse
deb-src http://old-releases.ubuntu.com/ubuntu hardy-updates multiverse
deb     http://old-releases.ubuntu.com/ubuntu hardy-security multiverse
deb-src http://old-releases.ubuntu.com/ubuntu hardy-security multiverse
#
# backports:
#
#   Software from a newer release of the distribution, or even from the
#   development branch of the distribution, but built against this release.
#   It may provide newer features, but should be considered untested.
#
#   Note: Software in this repository WILL NOT receive any review or
#         updates from the Ubuntu security team.
#
#deb     http://old-releases.ubuntu.com/ubuntu hardy-backports main restricted
#deb-src http://old-releases.ubuntu.com/ubuntu hardy-backports main restricted
#deb     http://old-releases.ubuntu.com/ubuntu hardy-backports universe
#deb-src http://old-releases.ubuntu.com/ubuntu hardy-backports universe
#deb     http://old-releases.ubuntu.com/ubuntu hardy-backports multiverse
#deb-src http://old-releases.ubuntu.com/ubuntu hardy-backports multiverse

References

Encrypting a Directory using TrueCrypt

Create a password protected encrypted file container using TrueCrypt stored in the path ~/encrypted/encrypted.tc. The following script will decrypt this file and mount it as the directory ~/encrypted/encrypted. It will also unmount the directory when you are done.
 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/bin/sh
# truecrypt-encrypted
# Mount and unmount an encrypted TrueCrypt directory.
#
# Author: Dave Lehman <dave@nowherelan.com>; http://nowherelan.com
# Date Created: 2012-01-01
# Version: 1.0
################################################################################
SCRIPTNAME=truecrypt-encrypted
ENCRYPTED_FILE=$HOME/encrypted/encrypted.tc
DECRYPTED_MNT=$HOME/encrypted/encrypted
mount(){
    mkdir -p $DECRYPTED_MNT
    truecrypt --text $ENCRYPTED_FILE $DECRYPTED_MNT
    return 0
}
umount(){
    truecrypt --text --dismount $DECRYPTED_FILE
    return 0
}
status(){
    truecrypt --text --list $DECRYPTED_FILE
    return 0
}
case "$1" in
    --mount)
        mount
        ;;
    --umount)
        umount
        ;;
    --status)
        status
        ;;
    *)
        echo "Usage: $SCRIPTNAME {--mount|--umount|--status}" >&2
        exit 0
        ;;
esac
exit 0

curl: (60) SSL certificate problem, verify that the CA cert is OK

When using curl, you may receive the following error message if you are missing the CA certificate in the directory tree /usr/local/share/ca-certificates/ for the site you are trying to connect to:

user@hardy:/tmp$ curl https://example.com
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). The default
 bundle is named curl-ca-bundle.crt; you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).

The easiest way around this is to turn off curl’s verification of the certificate, using the -k (or –insecure) option. However, the best way is to add the associated CA certificate to your system by following these directions: Adding Additional SSL CA certificates.
On Ubuntu Hardy, curl is compiled to use the file /etc/ssl/certs/ca-certificates.crt. You will see the following when executing curl against a site using HTTPS:

* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none

On Ubuntu Lucid, curl is compiled to use the CA certificate directory /etc/ssl/certs/. You will see the following when executing curl against a site using HTTPS:

* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs

You can override this with the –ca-cert or –capath options.

Adding Additional SSL CA certificates

On Ubuntu, SSL CA certificates are stored in subdirectories of /usr/local/share/ca-certificates. In order to add additional CA certificates, first create a new subdirectory to store your CAs:

sudo mkdir /usr/local/share/ca-certificates/added

Then add your CA certificates to this directory. These files should have a .crt extension (e.g., my_ca.crt). Then append a line for each certificate you add to the configuration file /etc/ca-certificates.conf (e.g., “added/my_ca.crt“). Finally, run

sudo update-ca-certificates --fresh

This command reads the file /etc/ca-certificates.conf, updates the directory /etc/ssl/certs to hold SSL certificates and generates the file /etc/ssl/certs/certificates.crt. The script update-ca-certificates will use the command c_rehash take a hash value of each .crt file. It then creates symbolic links in the directory /etc/ssl/certs for each of the files named by the hash value. This is useful as many programs require directories to be set up like this in order to find the certificates they require. /etc/ssl/certs/certificates.crt is a concatenated single-file version of CA certificates. It contains all CA certificates that were activated in /etc/ca-certificates.conf.
Use the file command to verify that the .crt files you add use Unix newline characters, otherwise the /etc/ssl/certs/certificates.crt file may not be generated properly.

References

Convert text files between DOS and Unix

DOS text files traditionally have CR/LF (carriage return/line feed) pairs as their new line delimiters while Unix text files traditionally have LFs (line feeds) to terminate each line. Tofrodos comprises one program, “fromdos” alias “todos”, which converts text files to and from these formats. Use “fromdos” to convert DOS text files to the Unix format, and “todos” to convert Unix text files to the DOS format.
Homepage: http://www.thefreecountry.com/tofrodos/
To install on Ubuntu:

sudo aptitude install tofrodos

The following signatures were invalid: BADSIG 40976EAF437D05B5

I would get this error whenever I would run ‘sudo aptitude update’ or ‘sudo apt-get update’:

W: GPG error: http://mirror.anl.gov oneiric Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>

I was able to resolve this issue for this GPG public key in particular by doing the following:

sudo apt-get clean
sudo mv /var/lib/apt/lists /tmp
sudo mkdir /var/lib/apt/lists
sudo apt-get update