The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,318 other followers

Archive for the ‘Linux’ Category

TUMBLEWEED Ordering cycle at boot with nss-lookup: named fails to start initially; workaround: manually `rcnamed start`

Posted by jpluimers on 2021/01/15

I have seen this on one Raspberry Pi 3 system: named failing to start during a normal reboot.

The solution is to manually rcnamed start as root after boot.

From [Wayback] TUMBLEWEED Ordering cycle at boot with nss-lookup, the rcnamed status is the same as on my system, but no solution in that thread:

# systemctl status named
● named.service - Berkeley Internet Name Domain (DNS)
     Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
     Active: inactive (dead) Jul 02 08:13:40 hpprol2 systemd[1]: nss-lookup.target: Found ordering cycle on named.service/start
Jul 02 08:13:40 hpprol2 systemd[1]: nss-lookup.target: Found dependency on time-sync.target/start
Jul 02 08:13:40 hpprol2 systemd[1]: nss-lookup.target: Found dependency on ntpd.service/start
Jul 02 08:13:40 hpprol2 systemd[1]: nss-lookup.target: Found dependency on nss-lookup.target/start
Jul 02 08:13:40 hpprol2 systemd[1]: nss-lookup.target: Job named.service/start deleted to break ordering cycle starting with nss-lookup.target/start

Apparently, sometimes there is a service startup dependency loop, and named becomes the victim of it, effectively rendering DNS inoperable.

My system was running this version of Tumbleweed:

statler:~ # cat /etc/SUSE-brand /etc/os-release 
openSUSE
VERSION = tumbleweed
NAME="openSUSE Tumbleweed"
# VERSION="20200825"
ID="opensuse-tumbleweed"
ID_LIKE="opensuse suse"
VERSION_ID="20200825"
PRETTY_NAME="openSUSE Tumbleweed"
ANSI_COLOR="0;32"
CPE_NAME="cpe:/o:opensuse:tumbleweed:20200825"
BUG_REPORT_URL="https://bugs.opensuse.org"
HOME_URL="https://www.opensuse.org/"
LOGO="distributor-logo"

On an identical system, the boot just worked fine, so it might be timing related.

waldorf:~ # cat /etc/SUSE-brand /etc/os-release 
openSUSE
VERSION = tumbleweed
NAME="openSUSE Tumbleweed"
# VERSION="20200825"
ID="opensuse-tumbleweed"
ID_LIKE="opensuse suse"
VERSION_ID="20200825"
PRETTY_NAME="openSUSE Tumbleweed"
ANSI_COLOR="0;32"
CPE_NAME="cpe:/o:opensuse:tumbleweed:20200825"
BUG_REPORT_URL="https://bugs.opensuse.org"
HOME_URL="https://www.opensuse.org/"
LOGO="distributor-logo"

It has been fixed late January 2021 as per [Wayback] Bug 1177491 – systemd ordering cycle with nss-lookup.target:

Josef Möllers 2021-01-27 15:50:15 UTC
Fixed by removing "Before=nss-lookup.target" from systemd's service file.

–jeroen

Posted in *nix, Linux, openSuSE, Power User, SuSE Linux | Leave a Comment »

Opensuse Community Account Migration

Posted by jpluimers on 2021/01/11

Apparently, during my 15 month rectum cancer fight, I missed the one month window of migrating my opensuse account (because of the sale of opensuse from Microfocus to a German investment company named EQT Partners).

I got the email on may 1st (right before my first surgery) and since I only just am recovering from the last surgery, discovered [Wayback] Community Account Migration:

The Community Accounts (aka. Bugzilla Accounts) will migration to the SUSE datacenter in Nuremberg

SUSE is the largest independent open source company.
We are finalizing this independence also on the technical level.
The Community Accounts (a.k.a. Bugzilla Accounts) were moved back to SUSE to a new system in our Nuremberg data center.

All accounts have been migrated. Except for the password.
To access your migrated account a migration tool was offered until June 18th
The migration is no longer possible.
To regain access to your account you have to request a password reset.
This requires that the account has your correct email address registered.
If this is not the case you will have to create a new account.

It looks like the account migration uses Okta (identity management) – Wikipedia as authentication service (quite odd for a German company to use a USA based company for authentication: hellp GDPR!), using mail servers having hostnames not ending in opensuse.org, but like o#.mailrelay.okta.com.

Hopefully identify emails do get through: they are now trying to get past my grey-list filters.

Edit:

The okta mail servers didn’t get through the grey-list, so I forced them to the secondary mail servers where they did get through.

It indicated migration is not possible any more and I should seek help:

At this time your password can only be reset by an administrator. To send them a request, go to your Sign-in Help page. Then click the Request help link.

So I did:

Hi,

Due to my 15 months fight with rectumcancer and the “SUSE Account Changes – Coming soon!” last May not indicating any deadline for the migration, I missed the one month account migration window (2020-05-18 to 2020-06-18) mentioned at https://idp-portal-info.suse.com/

Can you please re-activate the account jeroen.suffix@example.com and re-bind the forums.opensuse.org username accountname for me and send me a password reset email on that above email address?

Thanks,

–jeroen

Edit 20210112:

I got an account activation email, added password/question/mobile-phone-number, then got redirected to https://myaccount.suse.com/app/UserHome, then the “Forums” link allowed me to enter a forums alias the same as my old alias. So it looks it sort of works now: my old jpluimers posts have not been linked to my new account.

Some reading for when I have more energy:

I just checked and the email about migration did not indicate any deadline apart from that password reset links were valid for 90 days, a lot longer than one month window.

–jeroen

Posted in *nix, Linux, openSuSE, Power User, SuSE Linux | Leave a Comment »

Mariuz’s Blog: Understanding Debian: The Universal Operating System

Posted by jpluimers on 2020/12/25

Blast from the past: [WayBack] Mariuz’s Blog: Understanding Debian: The Universal Operating System.

Small image below; large image: [WayBackinfographic_debian.png.

Via [WayBack] Adrian Marius Popa – Google+

–jeroen

Posted in *nix, Debian, Linux, Power User | Leave a Comment »

mkcert: valid HTTPS certificates for localhost (Windows/Mac/Linux) — a short blog post about it, by FiloSottile

Posted by jpluimers on 2020/12/21

Cool: [WayBack] Filippo Valsorda on Twitter: “mkcert: valid HTTPS certificates for localhost — a short blog post mkcert now that it’s almost done 🔒 “

Blog post: [WayBackmkcert: valid HTTPS certificates for localhost:

The web is moving to HTTPS, preventing network attackers from observing or injecting page contents. But HTTPS needs TLS certificates, and while deployment is increasingly a solved issue thanks to the ACME protocol and Let’s Encrypt, development still mostly ends up happening over HTTP because no one can get an…

Code: [WayBack] GitHub – FiloSottile/mkcert: A simple zero-config tool to make locally trusted development certificates with any names you’d like.

It is cross platform and works way better than good old Windows makecert (which is from the 2000’s era: [Archive.is] Public Key Infrastructure: Second European PKI Workshop: Research and … – David Chadwick, Greece) European PKI Workshop: Research and Applications (1st : 2004 : Samos Island – Google Books).

Related:

–jeroen

Read the rest of this entry »

Posted in *nix, Apple, Encryption, HTTPS/TLS security, Linux, Mac OS X / OS X / MacOS, Power User, Security, Windows | Leave a Comment »

RAMBOOT – booting Linux into a RAM disk…

Posted by jpluimers on 2020/12/14

Interesting as this should work for other Linux distributions as well: [WayBack] RAMBOOT – How to booting Debian into a RAM disc for speed and silence. How to RAMBOOT. It’s a poor man’s SSD, or a way to get SSD benefits on a laptop … – Isaac Kuo – Google+

Via: [WayBack] RAMBOOT – How to booting Debian into a RAM disc for speed and silence. How to RAMBOOT. It’s a poor man’s SSD, or a way to get SSD benefits on a laptop … – Jürgen Christoffel – Google+

Covers: [WayBack] RAMBOOT is an initrd hack that loads the entire OS partition in RAM, making it run like an extremely fast SSD, at the expense of perhaps 1.5+GB of RAM.

A quick search revealed these:

–jeroen

Posted in *nix, *nix-tools, Linux, Power User | Leave a Comment »

 
<span>%d</span> bloggers like this: