Category Archives: Linux

UDF on MacOS and Linux

Recently I wanted to have the ability to use SSH to log in to my Amazon Lightsail instances from my work laptop. For privacy reasons, I didn’t want to put my SSH private key permanently on the laptop and I didn’t want to put the public key for my laptop on the Lightsail instances.

Since I’m very comfortable with the unix command line, I decided to put a new (password protected) private key on a flash drive so I could use that key to log in to the Linux instances.

The problem is permissions.

SSH won’t let you use a private key file with open permissions. If the key file is world readable, it will display an error and refuse to use it. There isn’t a workaround that I’ve been able to find (other than recompiling SSH from source with modifications).

This mean that the most common flash drive file systems (FAT, FAT32, & exFAT) can’t be used. None of those file system formats support permissions.

I could have formatted the flash drive using the MacOS HFS format, and installed the necessary packages on my Ubuntu Laptop to support that, but I wanted to go for something more generic.

After some research, I decided to give the User Defined File system (udf) a try.

I did have to install UDF support on the Ubuntu system, but that wasn’t a big deal.

sudo apt-get install udftools

To format the flash drive on my Mac, I used this command:

sudo newfs_udf -m blk -v <label> /dev/disk<n>

Important to note, the device file (/dev/disk<n>) must be the device itself, not a partition of the device (on Mac systems a partition will be denoted with ‘s9’ after the device name where 9 is the partition number, for example /dev/disk4s1).

After the UDF file system is created on the flash drive, you must … eject the drive, physically remove the device, and re-insert it. The device will now show up on the system as “/Volumes/<label>”.

Interestingly, the owner of the mounted device is the currently logged in user.

macbook-pro:newkey david$ ls -l /Volumes/FLASHDRIVE/
total 3
-rw-------@ 1 david  staff  1073 Jul 11 10:11 aws-key

I copied the new SSH private key file to the flash drive, made sure the permissions were correct, and ejected the drive.

I then inserted the drive into my Ubuntu system. It mounted correctly right away.

I was then able to log in to my Lightsail instances using the command

slogin -i /media/<my linux user id>/<flash drive label>/<private key file> ec2-user@<aws hostname>

Interestingly, when the UDF formatted flash drive is mounted, the owner is the logged in user, but had the correct permissions.

user@linux:~#: ls -l /media/user/FLASHDRIVE/
total 2
-rw-------- 1 user  user  1073 Jul 11 10:11 aws-key

So far it’s been working well. I’m pleased with this little project.

Xen, LVM, and Grub

I ran into an interesting problem with my new server the other day.

Due to a hardware problem with an external USB hard drive, I had to reboot the XEN host.

I had to do the reboot remotely … so I couldn’t intervene if something went wrong.  Yes, you guessed it, something did go wrong.

When I finally got home I found the system trying to boot ‘bree’ … which is one of the XEN guest machines.

Continue reading

CentOS Upgrade

Well, I’m pretty pleased with CentOS so far.

I just completed a minor version upgrade (5.5 to 5.6) via yum and it went very smoothly.  This involved 3 virtual guest and one host (the guests run inside the host).

I had one small glitch with the RPM database on middle-earth.  Some dependencies were screwed up, but that was corrected by running yum clean all.

In order to speed things up, I’m going to be mirroring the most current CentOS package repository on middle-earth … that way I can get the updates done much quicker (installs too).

Of course I still have to move a bunch of the applications to the virtual machine’s.  I think I’m close to being able to retire gondor.  Moving rivendell is going to a major effort.

Temporary LIBXML2 solution

Ginny has been bugging me about the problem she’s been having posting to her blog from the iPhone and other third party tools that she uses.

The problem has been narrowed down to a bug in LIBXML2 that causes leading angle brackets “<” to be stripped off of posts when processed through the XMLRPC support in PHP.   I logged the issue in the WordPress bug tracker, and the consensus is that the problem started manifesting after an automatic update applied by Fedora 8.

Well, to solve the problem I’ve moved Ginny’s blog to a temporary server running in a base Fedora 8 install in a VMWare instance.   Luckily WordPress stores most of it’s content in the MySQL database (not the images, unfortunately).   A bit of NFS magic to mount the appropriate directory in the virtual system, and it’s working fine.   The server itself only has Apache, PHP, MySQL client, SSH, and a few other bits & pieces to keep it running.   No automatic updates, GUI, compilers, etc.

Once the bug is fixed (either WordPress, using a different XML processing mechanism, or LIBXML2) I’ll move her server back to the main server.

In the mean time, her blog is going to run in the virtual machine ‘Hobbittown’ (named because it’s small).

SpamAssassin problem on Fedora 6

Yesterday I found that the RPM database on my Fedora Core 6 linux system’s were corrupted and that the regularly running update process was failing (without telling me, unfortunately).

After fixing the RPM database problem (rm -f /var/lib/rpm/__db.* && rpm -vv --rebuilddb) and running the update (yum update), I found that SpamAssassin’s update process wasn’t working anymore.

root@rivendell ~]# sa-update
Use of uninitialized value in concatenation (.) or string at /usr/lib/perl5/5.8.8/i386-linux-thread-multi/Scalar/Util.pm line 30.

Apparently one of the updates that were applied in the mass update caused SpamAssassin to break.

The same problem occurred when I tried to test the SpamAssassin rules.

root@rivendell ~]# spamassassin --lint
Use of uninitialized value in concatenation (.) or string at /usr/lib/perl5/5.8.8/i386-linux-thread-multi/Scalar/Util.pm line 30.

A bit of research turned up this link.

Luckily the fix was fairly easy … just update the Scalar-List-Utils CPAN package …

perl -MCPAN -e 'install "G/GB/GBARR/Scalar-List-Utils-1.18.tar.gz"

… and everything worked fine again.