Alan Wylie's Web Site

Wed, 2023-09-27

How to check that you are running the latest version of microcode (processor firmware) for AMD. permalink

Have a look at your CPU info 

$ grep -E "^(model|microcode|cpu family)" /proc/cpuinfo  | sort -u
cpu family	: 21
microcode	: 0x6000852
model		: 2
model name	: AMD FX(tm)-8350 Eight-Core Processor

The "cpu family" is shown in decimal, convert to hex, i.e. 21 becomes 15h

Clone these repos 

git clone https://github.com/AMDESE/amd_ucode_info
git clone --depth=1 git://git.kernel.org/pub/scm/linux/kernel/git/dwmw2/linux-firmware.git

Get the info about the latest version of the microcode for the appropriate family. 

$ cd linux-firmware
$ ../amd_ucode_info/amd_ucode_info.py amd-ucode/microcode_amd_fam15h.bin
Microcode patches in amd-ucode/microcode_amd_fam15h.bin:
  Family=0x15 Model=0x01 Stepping=0x02: Patch=0x0600063e Length=2592 bytes
  Family=0x15 Model=0x02 Stepping=0x00: Patch=0x06000852 Length=2592 bytes
  Family=0x15 Model=0x10 Stepping=0x01: Patch=0x06001119 Length=2592 bytes

Check the version from "cpuinfo" matches the line for your Family/Model

Thu, 2023-09-21

Mozilla mercurial (.hg) certificate rotation permalink
Ignore this Mozilla documentation. It doesn't help and most (all?) of the mailing lists are dead. To fix this error message when doing hg pull -u:

pulling from https://hg.mozilla.org/releases/mozilla-beta/ abort: certificate for hg.mozilla.org has unexpected fingerprint sha256:.....

Visit https://hg.mozilla.org/, check the certificate there, get its fingerprint and paste that into .hg/hgrc under the root of the mercurial checkout directory.

Sat, 2023-02-18

Contact Me permalink

Please note that sending unsolicited marketing e-mail to an individual in the UK is an offence under Section 22 of the Privacy and Electronic Communications (EC Directive) Regulations 2003 http://www.legislation.gov.uk/uksi/2003/2426/regulation/22/made

If you are having difficulty e-mailing me, perhaps because of my anti-spam defenses, use this form (See also Hints on running a well-configured outgoing mail server and this guide )

Please enter the text "spammers are scum" in this field:



Your Name:


Your Email:


Your Message:



Mon, 2022-11-28

How to load the co-ordinates of caves into OsmAnd permalink

Updated Dec 2018, May 2019 and Nov 2022

Since the death of Professor Charles Read, his website at Leeds University has disappeared, however parts of it, but not the .gpx/.gpi files are available at archive.org, as well as at https://solocavediver.com/

(As an aside, I note that he has an Erdős number of 4)

OsmAnd is a free map app for Android, available from the Google Play Store: OsmAnd — Maps & GPS Offline.

Download and install, then add a couple of maps: "UK England Yorkshire" and "UK England NW". You might want to add contour lines, too. You can download a few maps free of charge and it's not a lot for a yearly subscription for unlimited downloads. The maps are stored on your phone, so good for places where connectivity is poor or expensive (I've used it in the Canary Islands).

To overlay the co-ordinates of caves:

* Use the Chrome browser
* visit http://cavemaps.org/data/
* accept the "connection not secure" warning
* long click on each of the three links to an nc .gpx file.
* save to the Downloads directory

* In OsmAnd, tap on the three bars at the bottom left to open the menu
* "My places", "My Tracks", "Import"
* Tap on the icon for a file, it changes to a tick, then "Open"
* for subsequent imports, click on the "+" at the bottom left.

* Finally, on the "My tracks" page, tap on the three dots to the right of a file and "show on map".

Wed, 2022-07-27

System clock losing several seconds per minute permalink
Note to self. If this happens again, shut the computer down, turn off the power supply and hold the power button down for several seconds to totally drain any voltage. Most interesting thing in the log: 

APIC calibration not consistent with PM-Timer: 0ms instead of 100ms
APIC delta adjusted to PM-Timer: 1440271 (1022)
[Update] adding tsc=unstable to the kernel boot command line in grub sorted the problem.

Creating an encrypted backup on a USB stick permalink

USB sticks are 1) slow to write and 2) wear out. I've previously ruined a stick by creating a LUKS encrypted filesystem on one and then rsync'ing my home directory to it.

My work-around has been to create the filesystem in a Logical Volume on my hard disc and then dd it

However, this doesn't work (anymore?). cryptsetup luksOpen of the USB stick fails: 

Jul 26 14:40:57 frodo kernel: device-mapper: table: 254:29: crypt: Device size is not multiple of sector_size feature (-EINVAL)
Jul 26 14:40:57 frodo kernel: device-mapper: ioctl: error adding target to table
This can be further worked around by mapping a loop filesystem of the correct size onto the LV: 
losetup --show --sizelimit 123730388992 -f /dev/vg1/templv

Example commands

## what is the size of the USB stick?
lsblk -b /dev/sdd
# NAME MAJ:MIN RM         SIZE RO TYPE MOUNTPOINTS
# sdd    8:48   1 123730388992  0 disk

## create LV of that size
lvcreate -n temp -L123730388992b vg1

## but it's too big
lsblk -b /dev/sdd /dev/mapper/vg1-temp
# NAME     MAJ:MIN RM         SIZE RO TYPE MOUNTPOINTS
# sdd        8:48   1 123730388992  0 disk
# vg1-temp 254:15   0 123731968000  0 lvm

## so set up a loop device
losetup --show --sizelimit 123730388992 -f /dev/vg1/temp

cryptsetup luksFormat /dev/loop0

cryptsetup --verbose --debug luksDump /dev/loop0  | grep "Device size"
# Device size 123730388992, offset 16777216.

cryptsetup luksOpen /dev/loop0 enc-usb

mkfs.f2fs /dev/mapper/enc-usb
mount /dev/mapper/enc-usb /mnt/usb

# now rsync the files to /mnt/usb

umount /mnt/usb/
cryptsetup luksClose enc-usb
losetup -d /dev/loop0

# copy to USB
dd if=/dev/vg1/temp of=/dev/sdd bs=4M status=progress

Wed, 2022-04-20

Unable to sign up to UPS using IPv6 permalink
I've got an IPv6 tunnel from he.net Trying to sign up to UPS "My Choice" failed repeatedly with the message

Sorry, we're unable to process this request. Please check your information and try again

Disabling IPv6 in the browser config made it work.

Tue, 2022-02-15

OBD USB interface permalink

Thu, 2022-01-06

Confusing error message: permalink 
$ ping -6 frodo
ping: frodo: Address family for hostname not supported
Is trying to say that there is an entry in /etc/hosts for frodo's IPv4 address, but not one for its IPv6 address.

Wed, 2020-12-30

Apache, PHP and "EROFS" permalink
Trying to install Nextcloud, I had failures with PHP not being able to write into the config directory.

"message":"Cannot write into \\"config\\" directory! This can usually be fixed by giving the webserver write access to the config directory.. Or, if you prefer to keep config.php file read only, set the option \\"config_is_read_only\\" to true in it

access("/usr/share/webapps/nextcloud/20.0.4/htdocs/config/config.php", W_OK) = -1 EROFS (Read-only file system)

I finally tracked down the meaning of the "EROFS" error - it was because I had this systemd config for the apache2 service:

ProtectSystem=full

See "man systemd.exec":

If true, mounts the /usr directory ... read-only for processes invoked by this unit

I solved it by setting "config_is_read_only" as suggested, but also needed to make sure that the "data" directory was under "/var/www". I also had to set "'writable' => false," in the "apps_paths" setting of "config.php".

Mon, 2018-09-03

About me: permalink
I'm a computer hacker (in the original meaning of the word), a caver, a fell-walker, and cyclist.

mail me at alan@wylie.me.uk

My PGP public key(s)

Note that sending unsolicited marketing e-mail to an individual in the UK is an offence under the Privacy and Electronic Communications (EC Directive) Regulations 2003 and that the collection and processing of personal information is regulated by the Data Protection Act.

alan

Fri, 2018-04-27

I started seeing repeated delivery failure messages from the Linux Kernel Mailing list: permalink 

postfix/cleanup[20414]: 2819B22313: info: header Subject: Do You Need A Hand? from vger.kernel.org[209.132.180.67];
opendkim[7694]: too much header data
A quick Google suggested that this was because the header size was greater than the default of 65536 that OpenDKIM accepts. I tried increasing this to 262144, but this didn't help. I then set 
On-Security            accept
in opendkim.conf. This caused the mail to be accepted. I then had a look inside the mail: 
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sego.es; s=default;
<snip>

$ grep DKIM-Signature msg.5SAz | wc -l
1000

$ sed -n '1,/^$/p' msg.6SAz | wc -c
396117
What on earth are sego.es playing at?

Sun, 2018-03-11

If postfix isn't delivering mail and you have this message in your log file permalink 
amavis: (!!)TROUBLE in pre_loop_hook: config: no rules were found!  Do you need to run 'sa-update'?
check the permissions on subdirectories under 
/var/lib/spamassassin
e.g. 
/var/lib/spamassassin/3.004001/
If root has a restrictive umask of 0077, then files need to be set world readable 
chmod -R a+rX  /var/lib/spamassassin/3.004001/

Thu, 2018-03-01

"Opening '/proc/net/rpc/nfs4.nametoid/channel' failed: errno 2" permalink

If you get the above error, make sure that you have CONFIG_NFSD_V4 enabled in your kernel config.

Thu, 2018-01-11

After seeing Greg K-H's comments permalink
about old Long Term Support kernels, I updated a couple of servers from 4.4 to 4.14. I ran into a problem with named (BIND) failing to start. 
kernel: mmap: named (6332): VmData 35500032 exceed data ulimit 2097152. Update limits or use boot option ignore_rlimit_data.
It seems that having the line 
datasize 2M;
in named.conf is the cause. Just remove that line. It seems that it's commonly been copied for donkeys' years: I can first find it in a config from September 2003.

Thu, 2017-11-09

With systemd 235, playing "Black Mesa" in a systemd-nspawn container stopper working: permalink
Running glxinfo gave the error 
libGL error: failed to open drm device: Operation not permitted
and strace showed: 
open("/dev/dri/card0", O_RDWR|O_LARGEFILE|O_CLOEXEC) = -1 EPERM (Operation not permitted)
The fix is to add 
--property='DeviceAllow=/dev/dri/card0 rw'
to the systemd-nspawn command line

Wed, 2017-10-04

Solved: pcap errors permalink 
# iftop -i eth0
interface: eth0
pcap_open_live(eth0): eth0: socket: Address family not supported by protocol
# dmesg | tail
[595841.213279] iftop uses obsolete (PF_INET,SOCK_PACKET)
Make sure that CONFIG_PACKET and CONFIG_PACKET_DIAG are enabled in your kernel config 
$ diff .config.old .config
3c3
< # Linux/x86 4.4.70 Kernel Configuration
---
> # Linux/x86 4.4.89 Kernel Configuration
635c635,636
< # CONFIG_PACKET is not set
---
> CONFIG_PACKET=m
> CONFIG_PACKET_DIAG=m
$

Tue, 2016-11-01

umount: /mnt/tmp: device is busy permalink

If you are trying to unmount a device, you get the error "device is busy", but lsof/fuser don't show any process holding the device open, it could be that a file on the device is associated with a loop device.

try 

# losetup -a
/dev/loop/0: [0821]:25280514 (image) offset=55273881600
# losetup  -d /dev/loop0 
# umount /mnt/tmp
(updated, 2016-11-01) 
dmsetup info | grep loop
dmsetup remove loop0p2
dmsetup remove loop0p3
may help too

Thu, 2016-03-03

More hints on unmounting a filesystem: permalink
(previously) 
# ls -l /dev/mapper/
# dmsetup ls
# dmsetup info loop0p2
# dmsetup remove loop0p2
# losetup -a
# losetup -d loop0
# umount /mnt/tmp

Thu, 2016-02-04

Windows Security Applications (2007-12) permalink
(updated for Malwarebytes, 2016-02-04) When working with friend's PCs, here are some applications I install: