Category Archives: Linux

CentOS Host OS Crashes When Installing VMware Tools on a Guest OS Within VMware Workstation 10

Installing VMware Tools on a Windows 7 Guest OS in VMware Workstation 10.1 running on a CentOS 6.5 host always resulted in the host OS crashing.
This appears to be due to a combination of VMware Workstation 10.1 running on CentOS 6.5 with the most recent kernel (2.6.32-431.1.2.0.1.el6.x86_64 #1 SMP Fri Dec 13 13:06:13 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux). I see these two interesting items on the screen output followed by a call trace.

BUG: scheduling while atomic: vmware/6035/0x000002000
Pid: 6035, comm: vmware Tainted: G D --------- 2.6.32-431.1.2.0.1.el6.x86_64 #1

2013-12-28_vmware-host-crash
To resolve this issue:

# service vmware-workstation-server stop
# service vmware stop
# mv -v /usr/lib/vmware/modules/binary /usr/lib/vmware/modules/binary~orig
# rm /lib/modules/$(uname -r)/misc/v*.ko
# depmod -a
# yum install make gcc keneral-headers-$(uname -r) kernel-devel
# /usr/bin/vmware-modconfig --console --install-all
# service vmware start
# service vmware-workstation-server start

I could now attempt to install VMware Tools on a Windows 7 Guest OS without the host crashing. However, I now ran into another complication. The VMware Tools install would hang around the point of installing the ThinPrint module. Basically, the VMware Tools install hangs due to cruft left over from previous install attempts. Follow VMware KB Article 1001354 to remove cruft left over from previous VMware Tools installs. Then try reinstalling again.
You do not need to repeat this procedure since the offending modules are being removed in the steps above. During subsequent kernel upgrades, modules will be recompiled automatically.
VMware claims that “this issue should be fixed with the next update (10.0.2), and we will publish a kb article.”
UPDATE: The VMware community appears to agree that this issue is resolved in the Workstation 10.0.2 release.

My System Configuration

  • VMware Workstation 10.1
  • Host: CentOS 6.5 x86 64-bit
  • Guest: Windows 7 Professional SP1

References

Install Additional Common Linux Packages on CentOS Minimal Install

After performing a base install of CentOS 6.5 using the minimal install CD, you may find that a lot of commands that you would expect are not there. Do the following to install additional, basic Linux packages that are common to most Linux distributions:

# yum groupinstall "Base"

Run the following in order to see detailed information including a description and which packages it will install.

# yum groupinfo "Base"
Group: Base
 Description: The basic installation of CentOS Linux.
 Mandatory Packages:
   alsa-utils
   at
   authconfig
   bc
   bind-utils
   centos-indexhtml
   crontabs
   cyrus-sasl-plain
   dbus
   ed
   file
   logrotate
   lsof
   man
   ntsysv
   parted
   pciutils
   psacct
   quota
   setserial
   tmpwatch
   traceroute
 Default Packages:
   abrt-addon-ccpp
   abrt-addon-kerneloops
   abrt-addon-python
   abrt-cli
   acpid
   b43-fwcutter
   biosdevname
   blktrace
   bridge-utils
   bzip2
   cpuspeed
   cryptsetup-luks
   dmraid
   dosfstools
   eject
   ethtool
   fprintd-pam
   gnupg2
   hunspell
   hunspell-en
   irqbalance
   kexec-tools
   ledmon
   libaio
   lvm2
   man-pages
   man-pages-overrides
   mdadm
   microcode_ctl
   mlocate
   mtr
   nano
   ntp
   ntpdate
   openssh-clients
   pam_passwdqc
   pcmciautils
   pinfo
   plymouth
   pm-utils
   prelink
   rdate
   readahead
   rfkill
   rng-tools
   rsync
   scl-utils
   setuptool
   smartmontools
   sos
   strace
   sysstat
   system-config-firewall-tui
   system-config-network-tui
   systemtap-runtime
   tcpdump
   tcsh
   time
   unzip
   usbutils
   vconfig
   vim-enhanced
   virt-what
   wget
   which
   wireless-tools
   words
   xz
   yum-plugin-security
   yum-utils
   zip
 Optional Packages:
   PyPAM
   audispd-plugins
   brltty
   cpupowerutils
   device-mapper-persistent-data
   dos2unix
   dumpet
   ecryptfs-utils
   edac-utils
   genisoimage
   gpm
   kabi-yum-plugins
   kernel-doc
   linuxptp
   logwatch
   mkbootdisk
   mtools
   ncurses-term
   nss_db
   oddjob
   pax
   python-dmidecode
   python-volume_key
   rsyslog-gnutls
   rsyslog-gssapi
   rsyslog-relp
   sgpio
   sox
   squashfs-tools
   star
   tboot
   tunctl
   udftools
   unix2dos
   uuidd
   volume_key
   wodim
   x86info
   yum-plugin-aliases
   yum-plugin-changelog
   yum-plugin-downloadonly
   yum-plugin-tmprepo
   yum-plugin-verify
   yum-plugin-versionlock
   yum-presto
   zsh

There are additional package groups that may be useful in order to easily setup a particular service. To see a list of all the installed and available package groups:

# yum grouplist

My System Configuration

  • CentOS 6.5 x86 64-bit

References

Install a Desktop Environment on CentOS Minimal Install

After performing a base install of CentOS 6.5 using the minimal install CD, do the following to install a basic GNOME desktop environment:

# yum groupinstall "Desktop" "Desktop Platform" "X Window System" "Fonts"

Run the following on a particular package group in order to see detailed information including a description and which packages it will install.

# yum groupinfo groupname

There are additional package groups if you want something more than a basic desktop environment. For example,

# yum -y groupinstall "General Purpose Desktop"

To see a list of all the installed and available package groups:

# yum grouplist

Once installed, you can start GNOME by running:

$ startx

or

$ /sbin/telinit 5

To have CentOS boot into runlevel 5 “X11” instead of runlevel 3 “Full multiuser mode”, modify the /etc/inittab file to change start up level from

id:3:initdefault:

to

id:5:initdefault:

My System Configuration

  • CentOS 6.5 x86 64-bit

References

VMware Workstation "Enter License Key" Button Doesn't Work

On VMware Workstation 9.0.2 running on Linux Mint 15 Olivia, “Help > Enter License Key > Enter License key” doesn’t do anything.
To enter your license key, run this command:

sudo /usr/lib/vmware/bin/vmware-enter-serial

A window will then pop up prompting for your license key, which you may now enter.

RSSOwl was unable to create a browser for reading news

Unfortunately, I failed to solve this issue, but I got around it.
Initially I downloaded RSSOwl for Linux (64 Bit) from here: http://www.rssowl.org/download. However, I would start to get the error message:
Error Creating Browser: RSSOwl was unable to create a browser for reading news. Please refer to the FAQ for further help. Click 'Ok' to open the FAQ now..
This issue is described in RSSOwl’s FAQ (http://www.rssowl.org/help#item_6j). However, following those instructions did not resolve my problem. Ultimately I downloaed the Ubuntu 64-bit Debian package from here: http://www.ubuntuupdates.org/package/getdeb_apps/precise/apps/getdeb/rssowl. Executing that installation of RSSOwl did have this problem.

References

Shrinking an ext4 File System and the Logical Volume Containing It

The following procedure will reduce both the ext4 file system and logical volume sizes by 10 GB. Initially the file system uses the entire size of the logical volume. Obviously, there needs to be at least 10 GB of disk space currently available. This procedure needs to be done with the file system unmounted. This should also work fine on ext2 and ext3.

root@ubuntu:/tmp# df -h /dev/mapper/mysql_s1_prod1_raid10-data
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/mysql_s1_prod1_raid10-data
                      241G  647M  228G   1% /local/mysql-s1-prod1_data
root@ubuntu:/tmp# umount /local/mysql-s1-prod1_data
root@ubuntu:/tmp# pvscan
  PV /dev/mapper/mysql-s1-prod0-t1-v1_fujitsu2-27   VG mysql_s1_prod0_raid1    lvm2 [78.12 GiB / 0    free]
  PV /dev/mapper/mysql-s1-prod1-t1-v1_fujitsu2-32   VG mysql_s1_prod1_raid1    lvm2 [78.12 GiB / 0    free]
  PV /dev/mapper/mysql-s1-prod0-t1-v2_fujitsu2-28   VG mysql_s1_prod0_raid10   lvm2 [244.14 GiB / 10.00 GiB free]
  PV /dev/mapper/mysql-s1-prod1-t1-v2_fujitsu2-35   VG mysql_s1_prod1_raid10   lvm2 [244.14 GiB / 0    free]
  PV /dev/sda2                                      VG system                  lvm2 [135.84 GiB / 102.32 GiB free]
  Total: 5 [780.36 GiB] / in use: 5 [780.36 GiB] / in no VG: 0 [0   ]
root@ubuntu:/tmp# lvscan
  ACTIVE            '/dev/mysql_s1_prod0_raid1/data' [78.12 GiB] inherit
  ACTIVE            '/dev/mysql_s1_prod1_raid1/data' [78.12 GiB] inherit
  ACTIVE            '/dev/mysql_s1_prod0_raid10/data' [234.14 GiB] inherit
  ACTIVE            '/dev/mysql_s1_prod1_raid10/data' [244.14 GiB] inherit
  ACTIVE            '/dev/system/root' [9.31 GiB] inherit
  ACTIVE            '/dev/system/var' [4.66 GiB] inherit
  ACTIVE            '/dev/system/tmp' [2.79 GiB] inherit
  ACTIVE            '/dev/system/swap' [2.79 GiB] inherit
  ACTIVE            '/dev/system/home' [4.66 GiB] inherit
  ACTIVE            '/dev/system/opt' [9.31 GiB] inherit
root@ubuntu:/tmp# e2fsck -fy /dev/mysql_s1_prod1_raid10/data
e2fsck 1.41.11 (14-Mar-2010)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/dev/mysql_s1_prod1_raid10/data: 127/16007168 files (2.4% non-contiguous), 1170118/63998976 blocks
root@ubuntu:/tmp# resize2fs -Mp /dev/mapper/mysql_s1_prod1_raid10-data
resize2fs 1.41.11 (14-Mar-2010)
Resizing the filesystem on /dev/mapper/mysql_s1_prod1_raid10-data to 291412 (4k) blocks.
Begin pass 2 (max = 88941)
Relocating blocks             XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Begin pass 3 (max = 1954)
Scanning inode table          XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Begin pass 4 (max = 11)
Updating inode references     XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
The filesystem on /dev/mapper/mysql_s1_prod1_raid10-data is now 291412 blocks long.
root@ubuntu:/tmp# e2fsck -fy /dev/mysql_s1_prod1_raid10/data
e2fsck 1.41.11 (14-Mar-2010)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/dev/mysql_s1_prod1_raid10/data: 127/73728 files (2.4% non-contiguous), 160138/291412 blocks
root@ubuntu:/tmp# lvreduce -L -10G /dev/mapper/mysql_s1_prod1_raid10-data
  WARNING: Reducing active logical volume to 234.14 GiB
  THIS MAY DESTROY YOUR DATA (filesystem etc.)
Do you really want to reduce data? [y/n]: y
  Reducing logical volume data to 234.14 GiB
  Logical volume data successfully resized
root@ubuntu:/tmp# resize2fs /dev/mapper/mysql_s1_prod1_raid10-data
resize2fs 1.41.11 (14-Mar-2010)
Please run 'e2fsck -f /dev/mapper/mysql_s1_prod1_raid10-data' first.
root@ubuntu:/tmp# resize2fs /dev/mapper/mysql_s1_prod1_raid10-data
resize2fs 1.41.11 (14-Mar-2010)
Resizing the filesystem on /dev/mapper/mysql_s1_prod1_raid10-data to 61377536 (4k) blocks.
The filesystem on /dev/mapper/mysql_s1_prod1_raid10-data is now 61377536 blocks long.
root@ubuntu:/tmp# e2fsck -fy /dev/mysql_s1_prod1_raid10/data
e2fsck 1.41.11 (14-Mar-2010)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/dev/mysql_s1_prod1_raid10/data: 127/15351808 files (2.4% non-contiguous), 1128998/61377536 blocks
root@ubuntu:/tmp# df -h /dev/mapper/mysql_s1_prod1_raid10-data
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/mysql_s1_prod1_raid10-data
                      231G  647M  219G   1% /local/mysql-s1-prod1_data
root@ubuntu:/tmp# pvscan
  PV /dev/mapper/mysql-s1-prod0-t1-v1_fujitsu2-27   VG mysql_s1_prod0_raid1    lvm2 [78.12 GiB / 0    free]
  PV /dev/mapper/mysql-s1-prod1-t1-v1_fujitsu2-32   VG mysql_s1_prod1_raid1    lvm2 [78.12 GiB / 0    free]
  PV /dev/mapper/mysql-s1-prod0-t1-v2_fujitsu2-28   VG mysql_s1_prod0_raid10   lvm2 [244.14 GiB / 10.00 GiB free]
  PV /dev/mapper/mysql-s1-prod1-t1-v2_fujitsu2-35   VG mysql_s1_prod1_raid10   lvm2 [244.14 GiB / 10.00 GiB free]
  PV /dev/sda2                                      VG system                  lvm2 [135.84 GiB / 102.32 GiB free]
  Total: 5 [780.36 GiB] / in use: 5 [780.36 GiB] / in no VG: 0 [0   ]
root@ubuntu:/tmp# lvscan
  ACTIVE            '/dev/mysql_s1_prod0_raid1/data' [78.12 GiB] inherit
  ACTIVE            '/dev/mysql_s1_prod1_raid1/data' [78.12 GiB] inherit
  ACTIVE            '/dev/mysql_s1_prod0_raid10/data' [234.14 GiB] inherit
  ACTIVE            '/dev/mysql_s1_prod1_raid10/data' [234.14 GiB] inherit
  ACTIVE            '/dev/system/root' [9.31 GiB] inherit
  ACTIVE            '/dev/system/var' [4.66 GiB] inherit
  ACTIVE            '/dev/system/tmp' [2.79 GiB] inherit
  ACTIVE            '/dev/system/swap' [2.79 GiB] inherit
  ACTIVE            '/dev/system/home' [4.66 GiB] inherit
  ACTIVE            '/dev/system/opt' [9.31 GiB] inherit

Installing Oracle Java on Ubuntu

If you already have Ubuntu packages of JRE and/or JDK already installed, then you may leave them installed. However, you must uninstall IcedTea. The IcedTea project provides a harness to build the source code from http://openjdk.java.net using free software build tools and adds a number of features to the upstream OpenJDK codebase.

root@ubuntu:~# aptitude search icedtea
i A icedtea-6-jre-cacao - Alternative JVM for OpenJDK, using Cacao
i A icedtea-6-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
i A icedtea-7-jre-jamvm - Alternative JVM for OpenJDK, using JamVM
i A icedtea-netx - NetX - implementation of the Java Network
i A icedtea-plugin - web browser plugin based on OpenJDK and Ic
v icedtea6-jre-cacao -
v icedtea6-jre-cacao -
v icedtea6-plugin -
i icedtea6-plugin - web browser plugin to execute Java applets
root@ubuntu:~# aptitude remove icedtea6-plugin icedtea-plugin icedtea-netx icedtea-7-jre-jamvm icedtea-6-jre-jamvm icedtea-6-jre-cacao

Download Java from Java’s website: http://www.java.com. For 64-bit you want Linux x64 (the file name ending with x64.bin). In this example we downloaded jre-6u31-linux-x64.bin.
Then make a directory for Oracle Java. Move the downloaded file into this new directory:

root@ubuntu:~# mkdir -p /opt/java
root@ubuntu:~# cd /opt/java
root@ubuntu:/opt/java# mv /home/username/downloads/jre-6u31-linux-x64.bin .

Execute the file downloaded:

root@ubuntu:/opt/java$ sh jre-6u31-linux-x64.bin

This will create the directory /opt/java/jre1.6.0_31 containing your new instance of Java. Its name will match the version of Java downloaded. You may now delete the downloaded Java installation file:

root@ubuntu:/opt/java$ rm jre-6u31-linux-x64.bin

Tell the system that there is a new instance of Java available:

root@ubuntu:/opt/java# update-alternatives --install "/usr/bin/java" "java" "/opt/java/jre1.6.0_31/bin/java" 1
update-alternatives: using /opt/java/jre1.6.0_31/bin/java to provide /usr/bin/java (java) in manual mode.

Tell the system to default to the new Java instance:

root@ubuntu:/opt/java# update-alternatives --set java /opt/java/jre1.6.0_31/bin/java

Verify your system is now using this instance of Java:

root@ubuntu:/# java -showversion
java version "1.6.0_31"
Java(TM) SE Runtime Environment (build 1.6.0_31-b04)
Java HotSpot(TM) 64-Bit Server VM (build 20.6-b01, mixed mode)

References

APT Package Resource List for Old Ubuntu Releases

Package repositories for old Ubuntu releases are dropped from Ubuntu’s upstream package repository and are removed from Ubuntu package mirrors. However, Ubuntu still makes them available here: http://old-releases.ubuntu.com/ubuntu/. Here is an example /etc/apt/sources.list file for Ubuntu Dapper:

#
# /etc/apt/sources.list
# Ubuntu Dapper 6.06
#
#
# main and restricted:
#
#   These are the primary package archives.
#
deb     http://old-releases.ubuntu.com/ubuntu dapper main restricted
deb-src http://old-releases.ubuntu.com/ubuntu dapper main restricted
deb     http://old-releases.ubuntu.com/ubuntu dapper-updates main restricted
deb-src http://old-releases.ubuntu.com/ubuntu dapper-updates main restricted
deb     http://old-releases.ubuntu.com/ubuntu dapper-security main restricted
deb-src http://old-releases.ubuntu.com/ubuntu dapper-security main restricted
#
# universe:
#
#   Additional software from the larger pool of debian packages.  Gobs and
#   gobs of useful software lives here, however, software from this
#   repository is ENTIRELY UNSUPPORTED by the Ubuntu team.
#
#   Note: Some of the software in this repository may not be under a free
#         licence. Please satisfy yourself as to your rights to use the
#         software.
#
#   Note: Software in this repository WILL NOT receive any review or
#         updates from the Ubuntu security team.
#
deb     http://old-releases.ubuntu.com/ubuntu dapper universe
deb-src http://old-releases.ubuntu.com/ubuntu dapper universe
deb     http://old-releases.ubuntu.com/ubuntu dapper-updates universe
deb-src http://old-releases.ubuntu.com/ubuntu dapper-updates universe
deb     http://old-releases.ubuntu.com/ubuntu dapper-security universe
deb-src http://old-releases.ubuntu.com/ubuntu dapper-security universe
#
# multiverse:
#
#  Additional software that is "not free", which means the licensing
#  requirements of this software do not meet the Ubuntu "main" Component
#  Licence Policy.
#
#  Note: This software is not supported and usually cannot be fixed or
#  updated. Use it at your own risk.
deb     http://old-releases.ubuntu.com/ubuntu dapper multiverse
deb-src http://old-releases.ubuntu.com/ubuntu dapper multiverse
deb     http://old-releases.ubuntu.com/ubuntu dapper-updates multiverse
deb-src http://old-releases.ubuntu.com/ubuntu dapper-updates multiverse
deb     http://old-releases.ubuntu.com/ubuntu dapper-security multiverse
deb-src http://old-releases.ubuntu.com/ubuntu dapper-security multiverse
#
# backports:
#
#   Software from a newer release of the distribution, or even from the
#   development branch of the distribution, but built against this release.
#   It may provide newer features, but should be considered untested.
#
#   Note: Software in this repository WILL NOT receive any review or
#         updates from the Ubuntu security team.
#
#deb     http://old-releases.ubuntu.com/ubuntu dapper-backports main restricted
#deb-src http://old-releases.ubuntu.com/ubuntu dapper-backports main restricted
#deb     http://old-releases.ubuntu.com/ubuntu dapper-backports universe
#deb-src http://old-releases.ubuntu.com/ubuntu dapper-backports universe
#deb     http://old-releases.ubuntu.com/ubuntu dapper-backports multiverse
#deb-src http://old-releases.ubuntu.com/ubuntu dapper-backports multiverse

Here is an example /etc/apt/sources.list file for Ubuntu Hardy:

#
# /etc/apt/sources.list
# Ubuntu Hardy 8.04
#
#
# main and restricted:
#
#   These are the primary package archives.
#
deb     http://old-releases.ubuntu.com/ubuntu hardy main restricted
deb-src http://old-releases.ubuntu.com/ubuntu hardy main restricted
deb     http://old-releases.ubuntu.com/ubuntu hardy-updates main restricted
deb-src http://old-releases.ubuntu.com/ubuntu hardy-updates main restricted
deb     http://old-releases.ubuntu.com/ubuntu hardy-security main restricted
deb-src http://old-releases.ubuntu.com/ubuntu hardy-security main restricted
#
# universe:
#
#   Additional software from the larger pool of debian packages.  Gobs and
#   gobs of useful software lives here, however, software from this
#   repository is ENTIRELY UNSUPPORTED by the Ubuntu team.
#
#   Note: Some of the software in this repository may not be under a free
#         licence. Please satisfy yourself as to your rights to use the
#         software.
#
#   Note: Software in this repository WILL NOT receive any review or
#         updates from the Ubuntu security team.
#
deb     http://old-releases.ubuntu.com/ubuntu hardy universe
deb-src http://old-releases.ubuntu.com/ubuntu hardy universe
deb     http://old-releases.ubuntu.com/ubuntu hardy-updates universe
deb-src http://old-releases.ubuntu.com/ubuntu hardy-updates universe
deb     http://old-releases.ubuntu.com/ubuntu hardy-security universe
deb-src http://old-releases.ubuntu.com/ubuntu hardy-security universe
#
# multiverse:
#
#  Additional software that is "not free", which means the licensing
#  requirements of this software do not meet the Ubuntu "main" Component
#  Licence Policy.
#
#  Note: This software is not supported and usually cannot be fixed or
#  updated. Use it at your own risk.
deb     http://old-releases.ubuntu.com/ubuntu hardy multiverse
deb-src http://old-releases.ubuntu.com/ubuntu hardy multiverse
deb     http://old-releases.ubuntu.com/ubuntu hardy-updates multiverse
deb-src http://old-releases.ubuntu.com/ubuntu hardy-updates multiverse
deb     http://old-releases.ubuntu.com/ubuntu hardy-security multiverse
deb-src http://old-releases.ubuntu.com/ubuntu hardy-security multiverse
#
# backports:
#
#   Software from a newer release of the distribution, or even from the
#   development branch of the distribution, but built against this release.
#   It may provide newer features, but should be considered untested.
#
#   Note: Software in this repository WILL NOT receive any review or
#         updates from the Ubuntu security team.
#
#deb     http://old-releases.ubuntu.com/ubuntu hardy-backports main restricted
#deb-src http://old-releases.ubuntu.com/ubuntu hardy-backports main restricted
#deb     http://old-releases.ubuntu.com/ubuntu hardy-backports universe
#deb-src http://old-releases.ubuntu.com/ubuntu hardy-backports universe
#deb     http://old-releases.ubuntu.com/ubuntu hardy-backports multiverse
#deb-src http://old-releases.ubuntu.com/ubuntu hardy-backports multiverse

References

Encrypting a Directory using TrueCrypt

Create a password protected encrypted file container using TrueCrypt stored in the path ~/encrypted/encrypted.tc. The following script will decrypt this file and mount it as the directory ~/encrypted/encrypted. It will also unmount the directory when you are done.
 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/bin/sh
# truecrypt-encrypted
# Mount and unmount an encrypted TrueCrypt directory.
#
# Author: Dave Lehman <dave@nowherelan.com>; http://nowherelan.com
# Date Created: 2012-01-01
# Version: 1.0
################################################################################
SCRIPTNAME=truecrypt-encrypted
ENCRYPTED_FILE=$HOME/encrypted/encrypted.tc
DECRYPTED_MNT=$HOME/encrypted/encrypted
mount(){
    mkdir -p $DECRYPTED_MNT
    truecrypt --text $ENCRYPTED_FILE $DECRYPTED_MNT
    return 0
}
umount(){
    truecrypt --text --dismount $DECRYPTED_FILE
    return 0
}
status(){
    truecrypt --text --list $DECRYPTED_FILE
    return 0
}
case "$1" in
    --mount)
        mount
        ;;
    --umount)
        umount
        ;;
    --status)
        status
        ;;
    *)
        echo "Usage: $SCRIPTNAME {--mount|--umount|--status}" >&2
        exit 0
        ;;
esac
exit 0

curl: (60) SSL certificate problem, verify that the CA cert is OK

When using curl, you may receive the following error message if you are missing the CA certificate in the directory tree /usr/local/share/ca-certificates/ for the site you are trying to connect to:

user@hardy:/tmp$ curl https://example.com
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). The default
 bundle is named curl-ca-bundle.crt; you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).

The easiest way around this is to turn off curl’s verification of the certificate, using the -k (or –insecure) option. However, the best way is to add the associated CA certificate to your system by following these directions: Adding Additional SSL CA certificates.
On Ubuntu Hardy, curl is compiled to use the file /etc/ssl/certs/ca-certificates.crt. You will see the following when executing curl against a site using HTTPS:

* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none

On Ubuntu Lucid, curl is compiled to use the CA certificate directory /etc/ssl/certs/. You will see the following when executing curl against a site using HTTPS:

* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs

You can override this with the –ca-cert or –capath options.