Manually Run “Fix Permissions” From Recovery
I own a Samsung Galaxy Nexus running Android 4.0.4 (Ice Cream Sandwich). My phone is rooted and running a custom recovery (Clockworkmod Touch 5.8.0.2). I’m not sure if it’s been the case since I purchased the phone (and originally had the most recent non-touch version of Clockworkmod) or if it’s after upgrading to the touch version of CWM or if it’s as a result of me installing a custom ROM and just generally f---ing with my phone, but “Fix Permissions” doesn’t work from recovery any more. This wouldn’t be a big deal if I could run this from Rom Manager, however, my phone seems to stall every time I run this while Android is booted. It appears that it hangs while processing running applications, as every time it stalled I exited out of Fix Permissions (in Rom Manager), force closed the app it stalled on, then re-ran Fix Perms, and I’d make a little bit more progress, only to stall again on another app. Finally I FC’d enough apps that Fix Perms completed, but I had mixed feelings about the quality of the job I’d just performed.
When you run Fix Perms, the first line (helpfully) prints the script that is being run, which is “/data/data/com.koushikdutta.rommanager/files/fix_permissions”. Using this info, I attempted to boot into recovery and run the script manually from the ADB shell of my PC. Again, Fix Perms seemed to stall, only this time I knew it couldn’t be a running app that caused the issue (remember, I’m booted into recovery!). I issued an
“adb pull /data/data/com.koushikdutta.rommanager/files/fix_permissions”
to get a copy of the Fix Perms script on my computer and checked it out. It turns out that at the top of the script there is a big warning that states “Warning: if you want to run this script in cm-recovery change the above to #! /sbin/sh”. Fair enough. I changed the first line of the script to “#! /sbin/sh” and then pushed the script back to my phone using the following command:
“adb push fix_permissions /data/media”
I pushed the file to the “/data/media” directory instead of the original directory the file came from as that would have overwritten the original and not allowed it to run while Android is booted (not that it’s working anyway…). NOTE: The “/data/media” directory on the Galaxy Nexus is the virtual SD card (the GN doesn’t have removable media, so it tricks Android into thinking this directory is an SD card). If you’re using a different phone you’ll likely have to load the script into a different directory. It shouldn’t make a difference where you place the file, I just wouldn’t put it in the “/data/data” directory.
Once you’ve loaded the script onto your phone, set the proper executable permissions by issuing the command below. Remember to change the file path to wherever you placed the file.
“chmod +x /data/media/fix_permissions”
After that’s done, run the script by issuing:
“/data/media/fix_permissions”
The script should run and fix your file system permissions without stalling.
Squid Reverse SSL Proxy With Multiple Sites (on Windows)
I’ve been running my Exchange 2010 OWA site on a non-standard port (default is 443) for a while so that I can run SSL for my personal website (you’re reading it) on the standard port. My server is hosted at home, and I only have 1 public IP, so unless I (re-)installed everything on a single server, I could only have 1 site running on port 443.
This has been fine, up until yesterday, when I attempted to install Exchange 2010 SP2. The installation kept failing due to some issue with IIS. I assumed it was due to the fact that I had moved the OWA site from “Default Site Name” to it’s own site on the same server. To remedy, I removed the OWA, ECP and ActiveSync virtual directories and re-installed them in the default location on my Exchange box. After doing this, SP2 installed fine. However, now I am back at my original problem (2 servers needing incoming traffic on port 443). I could re-do the custom OWA setup, but what a PITA that’d be to do every time an Exchange update comes out (theoretically).
My solution: Squid! I fought Squid until the wee hours of the morning before calling it quits and going to bed. This morning I tried my configuration again, and this time I have success. The goal, of course, was to have Squid running on a local server and receiving all traffic on port 443, and based on the URL of the incoming request, redirect traffic to the proper server.
First thing you need to do is download Squid. The Windows binary can be obtained from here: http://squid.acmeconsulting.it/download/dl-squid.html. After you download it (it’s a zip file), extract it to c:/squid. By default, Squid expects to be here, so if you place it somewhere else you’ll have a little bit more work to do. This is my first experience with Squid, and as such I opted to use the stable release for Windows, which is 2.7, Stable8. Also, since I’m setting up a reverse proxy using SSL, I downloaded the SSL support version.
My configuration for squid.conf is below (edited to remove any personal information). This file needs to be located in the squid/etc directory. By default, there are example files in there for all config files. You’ll also need to rename cachemgr.conf.default and mime.conf.default to cachemgr.conf and mime.conf, respectively. I didn’t edit any settings within those files as I was under the impression that the defaults were fine. There’s a 4th file in there that doesn’t even need to be configured or renamed for this setup.
The first section here is setting the cache directory (if you opt not to use the default). Please note: the default location is c:/squid/var/cache, however, if you simply extracted the Squid Windows binary zip to c:/squid, the /var/cache directory does not exist and will cause an error. Please create that directory (or whatever directory you specify below). Also, ensure that when typing directory paths you use the "/" slash instead of the normal Windows "\" slash.
#Set Cache Directory cache_dir ufs c:/path/to/cache_dir 100 16 256
This next section is specifying that we want HTTPS to run on port 443 and accelerate (cache) reverse requests. Then it points to the SSL certificate and the corresponding private key. I installed a non-password protected key, as I found that Squid would hang when starting if the key was protected (makes sense). The last part, "vhost", tells Squid that there are multiple sites. I found that without "vhost", my config didn't work as expected. Also, most documentation I found suggested adding "defaultsite=(url of default site)" to this line. This caused me major headaches, as Squid kept redirecting to the wrong site and I'd get 404 errors when the requested files didn't exist on the server I was directed to.
#Define Port(s) and Cert(s) (if appropriate)# https_port 443 accel cert=c:/path/to/cert/cert.crt key=c:/path/to/key/priv.key vhost
Here, we define the sites we are proxying to. "cache_peer" is followed by the internal IP address of the target host. 443 is the port number we're directing to. "ssl" tells Squid to use SSL. "login=PASS" allows for pass-through authentication (such as when using .htaccess). "name" specifies the name we'll use to refer to this host within Squid.
#Define Sites# cache_peer 1.1.1.1 parent 443 0 no-query originserver login=PASS ssl sslflags=DONT_VERIFY_PEER name=wordpress cache_peer 1.1.1.2 parent 443 0 no-query originserver login=PASS ssl sslflags=DONT_VERIFY_PEER name=exchange
Here we're configuring some ACLs for our proxy. I chose to add "-acl" to the name of my ACLs just for clarity. The last 2 parts of the first line (and 1 part of the second line) specify the destination URL(s) that the ACL will work for. The last line, "acl all", defines an ACL for all IP addresses. This will be used to deny all traffic access that doesn't meet our other conditions.
#ACLs# acl wordpress-acl dstdomain site.com www.site.com acl exchange-acl dstdomain owa.exchange.com acl all src 0.0.0.0/0.0.0.0
Here we're enabling the ACLs (as before we just defined them). "http_access allow" allows traffic using the specified ACL. My "cache_peer_access" statements seem to be saying the same thing as the "http_access" statements, however, this is what I ended up with after tons of trial and error, so I'm leaving it as-is. Those statements may be redundant and only 1 might be necessary. The last line, "never_direct", was only needed for Exchange OWA. If you're not hosting OWA, you can probably leave that off.
#Enable ACLs# http_access allow wordpress-acl cache_peer_access wordpress allow wordpress-acl http_access allow exchange-acl cache_peer_access exchange allow exchange-acl never_direct allow exchange-acl
Here we're denying all other requests to access our servers behind the proxy
#Deny all others# cache_peer_access wordpress deny all cache_peer_access exchange deny all
And that’s it! Install Squid as a service (if you haven’t done so already), by using the “squid.exe –i” command. The squid.exe file is in the squid/sbin/ directory. If you unzipped Squid to any other directory than c:/squid, you’ll need to add another switch (I think it’s “-f”) to the install command to specify the location of everything. Documentation for the Windows binary can be found here: http://squid.acmeconsulting.it/Squid27.html.
Please make sure that there are no port conflicts on the host running Squid. I found that when another program was running on port 443 Squid would hang when started from the Services console. Also, make sure that you have the necessary firewall ports open. Then start Squid from the Services console.
Now verify that everything’s working properly. Squid will create a log file in the same directory as the squid.exe file if there are any errors upon initialization. After that, logs will be created in the squid/var/logs directory.
VMware vCenter Storage View is blank/not updating
We upgraded our VMware infrastructure to v5 back around the time it was released late last summer. Since then I've been having an issue where the Storage View feature of vCenter would not load. I would receive a mostly blank screen that has a link to update the Storage View. Clicking that link had 0 effect. I finally started messing around trying to troubleshoot a few weeks ago (after nearly 6 months without Storage View). Something I did resolved the issue and it seemed to be working since.
Today I loaded my VI Client up and clicked the Storage View tab to check on something. To my displeasure I realized SV was broken again. This time, I finally determined why - the server vCenter is installed on had a port conflict with another process, the port in question being 8080, which was also being used by IIS for some other service I had installed at some point in the past (certainly NOT at the time that SV broke originally). I changed the port that the IIS instance was running on, restarted the VMware services, and voila, SV worked again.
Like I said above, the IIS instance was running prior to upgrading to vSphere 5, so I'm not sure exactly what caused the conflict. I don't know if vCenter 5 installs a new service to port 8080 by default or if I, in my infinite wisdom, set the port to use 8080. I know I set IIS to 8080 at one point to AVOID a port conflict with vCenter, however, I wasn't aware that vCenter was running any web services on ports other than 80 and 443. Long story short, make sure that the vCenter Management Webservices HTTP service isn't conflicting with anything else (according to VMware 8080 is the default port for the aforementioned service).
XBMC MKV – Green Video
I recently installed XBMC on my living room server in order to better supply my 1080p TV with downloaded media. Upon trying to play an MKV x264 movie, I was presented with an all green screen but the video's proper audio. It turns out that this was caused by enabling hardware acceleration, which was found under Settings->Video->Playback. I disabled hardware acceleration (which actually is the default settings; I had enabled it last night, thinking "why not"), and the video plays just fine, now.
The State of Bitcoin
It's currently 12:17pm EST (16:17 GMT) and Mt. Gox (the most prominent Bitcoin exchange, which last Sunday shut down all trading due to a huge site hack) was supped to resume trading at 11am EST. Currently the site says 15:30 GMT (45 minutes ago) is when trading is to resume, however, that obviously isn't going to happen. Hundreds of people are hanging out in the #mtgox channel on the Freenode IRC network, anxiously awaiting the return of Mt Gox.
Stay tuned for updates...
Windows 7–New User cannot logon <Solved>
Upon creating a new user and attempting to login, I received the following error message: "The User Profile Service failed the logon. User profile cannot be loaded." I'm running Windows 7 x64 SP1.
My current setup is:
C: drive (SSD) Program Files, Windows, ProgramData.
X: drive (HDD) Users, and everything else.
I use the Administrator account as my account. To set up the system, I created a temporary user, logged in, changed the registry to point the Users directory to the X: drive (and moved the Default and Public folders to the X:\Users directory). I then enabled the Admin account and logged in with it. This created my profile on the X drive.
However, I was trying to create another user account to test with. The account is named "Test". I receive the quoted error message upon attempts to log in. I checked the X:\Users folder and there is no profile for the Test account, not even a folder for it. I tried copying the Default profile and renaming it, but no dice. I also verified that the folder seemed to have the proper permissions (Full Control for System, Administrator, Administrators, as the Test account was an admin account as well). There is no entry in the registry under HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\ for the Test user, so I got a utility that could find that users' SID and created an entry for it, but still, I receive the original error message when trying to log in.
I finally solved the problem. It turns out that the X:\Users\Default folder needed to give the "Everyone" group Read, List folder contents, and Read and Execute permissions. When I copied the Default profile via the user profile screen, it didn't apply correct permissions; it just inherited those of the destination folder. Event Viewer showed that Windows didn't have permission to copy the Default profile to the X:\Users\Test folder. When I gave the Everyone group permission to the Default profile folder, I was then able to login with new users (and subsequently have them automatically create profiles).
SFC /scannow error 0x000006ba – The RPC Server is unavailable
While attempting to run a System File Check (sfc /scannow) on a Windows XP machine today I received the error 0x000006ba – The RPC Server is unavailable. I checked the services console and saw that the RPC service was running. After scratching my head for a few minutes, I decided that the SFC component must have been disabled (as the CD I installed from was a torrented ISO that has the latest updates). I figured the ISO must have been modified to disable the file checker for whatever reason.
Sidenote for the haters: I have a valid license, but I was deploying about 20 refurbished machines for coworkers and didn’t have the time or desire to install all of the Windows updates that were needed to get the machines fully updated.
Anyway, so after scouring the ultranet for a little bit, I came across an nLite setting that was probably employed when creating the Windows disk I downloaded. The settings is a registry entry to disable SFC. It’s located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon. It’s a DWORD value titled “SfcDisable” and was set to some random hex value. Change this to 0 and restart, and SFC should now work. Note: There was another value called SfcDisabled which was already set to 0. That threw me off for a moment, but then I saw the proper DWORD I was looking for, which was not already zero.
Manual WordPress Backup (on Windows)
I was running the WP-DB-Backup plugin for this blog up until recently when it suddenly stopped working. I tried troubleshooting a little bit before I said "screw it, I'll backup myself". My solution was to write a script that will create a dump of my MySQL database, add it and my WordPress directory to a password-protected 7-Zip file, then email it to my GMail account and automatically archive it for safe keeping. This was all created in one batch file. The steps I took to perform these actions are as follows:
1. For the first few lines of the script, we're going to set variables to set a date and time stamp on our archive, that way we'll know exactly where it came from (and won't overwrite anything if we choose to store the backup locally).
For the first lines of the script, write:
set T=%time:~0,5% set UniqueDir=%date:/=-% %T::=-%
For the next line, we're going to set the location of the backup file. Type out:
set backupfile="c:\path to backup\%UniqueDir%.7z"
2. Create the MySQL dump. To do this, add the line
"C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqldump.exe" --user=MySQL-user-here --password=pw-here blog-db-name-here > c:\path to backup\blog_name.sql
3. Create the 7-Zip archive by archiving the SQL file we created along with the WordPress directory of your site. Start by downloading and installing 7-Zip. Then, add the line:
"C:\Program Files\7-Zip\7z.exe" a -t7z -pPASSWORD-HERE %backupfile% C:\inetpub\wwwroot\website_name\wordpress c:\path to backup\blog_name.sql
This creates the password protected archive named Date + Time.7z at the location you specify in the "backupfile" variable. The archive is protected with PASSWORD-HERE (and please note the lack of a space between the "-p" switch and the password. The archive includes the wordpress directory specified and the blog_name.sql file specified. You can add whatever other files you'd like after that, if desired.
4. Now it's time to email the archive. To do this, we need to download the program “SendEmail”. This is a command line utility that will allow us to send email messages via the command line (or batch file, in this case). Once you’ve downloaded it, extract the contents of the zip file to c:\SendEmail. Now we’re going to add a line to our batch file that says:
"c:\sendemail\sendEmail.exe" -f sender@sender.com -t recipient@recipient.com -u Blog Backup for %UniqueDir% -m "See attached for backup" -s SMTP Server Here -xu SMTP User, if needed -xp SMTP PW, if needed -a %backupfile%
You can exclude the -xu and -xp switches if you don't need to authenticate with your mail server to send messages.
5. This part is optional. To remove the backup files from the local machine, we add two lines to delete the SQL dump file and the 7-Zip archive we've created:
del c:\path to backup\blog_name.sql del %backupfile%
That's it! Now all that's left to do is create a scheduled task using the Windows Task Scheduler to run this every evening (or however often you feel like). This will create a SQL dump, 7-Zip it with the WordPress directory, email it to a specified address, then delete the local copy of the backup. A full version of the script is below:
set T=%time:~0,5% set UniqueDir=%date:/=-% %T::=-% set backupfile="c:\path to backup\%UniqueDir%.7z" "C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqldump.exe" --user=MySQL-user-here --password=pw-here blog-db-name-here > c:\path to backup\blog_name.sql "C:\Program Files\7-Zip\7z.exe" a -t7z -pPASSWORD-HERE %backupfile% C:\inetpub\wwwroot\website_name\wordpress c:\path to backup\blog_name.sql "C:\sendemail\sendEmail.exe" -f sender@sender.com -t recipient@recipient.com -u Blog Backup for %UniqueDir% -m "See attached for backup" -s SMTP Server Here -xu SMTP User, if needed -xp SMTP PW, if needed -a %backupfile% del c:\path to backup\blog_name.sql del %backupfile%
WordPress–Add Text To Single Scrolling Line
While working on another post and attempting to insert code, I came across the problem of not being able to insert single lines of code on one line within WordPress. This ends up displaying a confusing, multiple line display of what should only be one line of code. The solution for this was to first install the WP-Syntax plugin. Then, when typing out lines of code that need to retain formatting, wrap your text in <pre lang=”text”> (or whatever language you want; the WP page for that plugin lists all of the available options) and </pre> tags (in HTML view). This will output your text just as you entered it, meaning if you’ve been working in the Visual Editor, and your quotes are now displayed as ", you need to change them back to “”.
An example of incorrect display is:
sadfkl;sdagjkl;fs;lhasdgl;ajkl;sdgajkl;sdgajkl;sdgajkl;sdgajkl;sdgsdahl;sdfjhsdkl;gjkl;sdghsdkl;agjl;sdfjklsdfjksd;l
And corrected:
sadfkl;sdagjkl;fs;lhasdgl;ajkl;sdgajkl;sdgajkl;sdgajkl;sdgajkl;sdgsdahl;sdfjhsdkl;gjkl;sdghsdkl;agjl;sdfjklsdfjksd;l
VMware ESX/ESXi 4–Windows Server 2008 R2 Mouse Choppy <Solved>
I had made a previous post a while back about the mouse being choppy while using the VMware console with Server 2008. I stated in that post that as of that writing, there was no fix for 2008 R2. There appears to be a fix now, however. The server I’m running is ESX 4.1.0-348481 (which is the RTM of ESX 4.1 Update 1). To get the mouse choppiness to stop, open up Device Manager and select the display adapter. Update the driver and manually choose the location of the driver (which is located in C:\Program Files\Common Files\VMware\Drivers\video). After selecting that location and clicking “Next”, it automatically found the proper driver and installed it, and after a reboot, the mouse choppiness was fixed. I had already enabled hardware acceleration for the adapter, so if you update the driver and are still having issues, ensure you’ve enabled hardware acceleration. I’m also running the latest version of VMware Tools on this machine, so if this directory doesn’t exist, or this doesn’t work for you, make sure VMware Tools are up to date.