Author: Thomas

Samba 4.10 exiting quietly while Samba 4.9 works

On my Centos-7-server I’m compiling samba as a file server. This worked well up to version 4.9. After 4.10 was released, I did my compile routine, started smbd and it exited immediately and quietly. Even with debug output and in a debug build there was no conclusive output. Looking through the samba sources there where some points where the smbd server process exits without printing some message. so I started instrumenting this exits and working up the call tree to the point where the lock dir gets set. I did not change this via configure, so it was the default /var/lock which worked well for version 4.9, but version 4.10 and up need the configure option --with-lockdir=/var/run/lock/samba to run, why I did not fathom. Now everything works again.

Basic Auth with Microsoft Edge

If you wonder why Basic Authentication with Microsoft Edge browser is no longer working (no credentials dialog showing up), you may need to add the site to the local intranet sites in IE’s Internet Options.

Installing MyMedia For Alexa on Centos / MyMedia For Alexa auf Centos installieren

Some German first: Was Alexa definitiv fehlt, ist die eigene Musik-Bibliothek abspielen. Wer allerdings mit der Amazon-Bibliothek oder mit Prime Music Erfahrung hat, weiß, dass das nur wenn man viel Humor hat und auf Aussprache-Übungen steht ein Spaß ist. MyMediaAlexa löst auf jeden Fall das erste Problem: Es erlaubt, die eigenen mp3s mit Alexa abzuspielen. Dazu braucht man einen Server, der auf die Musik Zugriff hat, einen Alexa-Lautsprecher, die Bereitschaft 5$ Jahresgebühr zu zahlen und Geduld, weil der deutsche Alexa-Skill noch nicht veröffentlicht ist (aber im Beta-Test, das kann ich sagen).

Now back to English: If your home server is 64 bit Ubuntu, Debian or Arm-based, you can go to their homepage and download the installation package and do whatever you folks do with them. If you are rpm-based like me on Centos, it is a little bit more involved to get the MyMediaForAlexa-server up and running. Download the Debian-package, deb-files are simple archives, so ar -x mymedia_1.3.58.0-1_amd64.deb will extract it. Relevant is only data.tar.xz which a tar -xf data.tar.xz boldly extracts. Now, cd to opt/mymedia, create a directory /opt/mymedia and move and MyMediaForAlexa from the first to the second path (Note: The path is hardcoded, nowhere else it will work). Then edit the file mymedia.service.template and replace USERTEMPLATE with the user the service should run under. I’ve choosen root, but this may be a suboptimal solution. Then copy the file to /usr/lib/systemd/system as mymedia.service. Some house-keeping: systemctl daemon-reload; systemctl enable mymedia; systemctl start mymedia. Direct your browser to http://localhost:52051 (or the IP of your server if it is headless; you may need to tunnel via putty and ssh to your server, I’m not sure if it is necessary, but I’ve done it this way). Now you should be able to connect your Amazon account to MyMedia. At this point I had on Windows as well as on Linux an error “no internet connection”, killing and restarting the service resolved this.

Some hints: If there are problems, the error messages on the console offer from time to time to download logs. This is most helpful, look there if you have issues. As shortcut, direct your browser to http://localhost:52051/logs to download them directly. If your music is on a samba share visible to your windows server, you have to first connect the share with MyMediaForAlexa even if there is already a drive connected.

Using rar for backups

Some suggestions for using rar (or Winrar, if you translate the command line switches to the GUI equivalents) to backup folders. This are the “must” options:

-ma5 RAR5.0 Format
-m5 Compression (0: store, 1: min … 3: default … 5: max), I would use -m5
-htb BLAKE2 checksum (CRC32 is much to unreliable)
-qo+ “Quick open”, some additional data to open large rar archives quicker
-ts “Time stamp” in highest precission and all types
-rr1 “Recovery Record” 1% additional data to recover from up to 1% corruption in rar archives
-hppwd Encrypt headers and data with pwd

The following options are sensible but you have to check your use case. If you either make one time backups you would go add and lock: “rar a -k …”, or you make incremental backups, then it is update and keep versions: “rar u -ver3 …”

-r Recurse into subdirectories
-ep1 Remove base paths
-ow -ol -oh Save file security data, handle links
-k Lock archive (not with u)
-u (a -u = u) Update archive (not with -k)
-ver3 Versions of changed files to keep 3 (not with -k)
-v5g  Split archive in 5 gigabyte large chunks (not with u and therefore -ver)

Centos, Kolab and php-fpm

If you want to simultaneously use other PHP-versions or simply like to have the additional performance and manageability FastCGI Process Manager (PHP FPM) is the way to go. Basic receipt is:

yum install php-fpm
; Edit /etc/php-fpm.d/www.conf Listen-Port to 9054
systemctl enable php-fpm
systemctl start php-fpm
rm /etc/httpd/conf.modules.d/10-php.conf
; Edit in /etc/httpd/conf.d/ the websites you want to use PHP 5.4 FPM
            SetHandler "proxy:fcgi://"
apachectl graceful

Generally php-directives in conf and .htaccess-files don’t work with FPM. If you get errors on restarting httpd you have to remove those statements and either try to live without them or add .user.ini-files, add it to the global settings or use SetEnv-statements.
Kolab is tied to PHP 5.4 on Centos 7 and also needs some tweaking to work with FPM.

Continue reading “Centos, Kolab and php-fpm”

Pimping Centos 7 Part 3: btrfs-progs

Having a current mainline-kernel (Part 1), and using BTRFS (I would not recommend doing likewise, and RedHat won’t continue to support it) having the versionally fitting utilities would be great.

First step: Setting up everything (this list may not be complete, check configure output in step 2 that everything needed ist available)

yum remove btrfs-progs
yum install libuuid-devel libattr-devel zlib-devel libacl-devel e2fsprogs-devel libblkid-devel lzo-devel asciidoc xmlto
git clone

Second step: Script file

git pull
make && make install && make clean

Execute by executing

scl enable devtoolset-7 ./

The files get installed into /usr/local/bin, check by which btrfs and btrfs --version that everything worked out.

Pimping Centos 7 Part 2: Devtoolset-7 C/C++

Centos 7 comes with gcc 4.8.5 which is quite dated. Software Collections have a build for Devtoolset-6 with gcc 6.3.1. Devtoolset-7 with gcc 7.1.1 is in the making. So why don’t we snatch it right from the build server? Be sure to check if newer builds are available by sneaking down the URL and adjusting the URLs accordingly

yum install

As always with Software Collections, you have to enable it explicitly to use it:  scl enable devtoolset-7 "gcc -v". I’ve created a one-line shell script named

scl enable devtoolset-7 ./

which simply calls another script named with Devtoolset-7 enabled to do all the work (don’t forget to chmod +x both). Next time we put this to use.

Update 2017-10-11: The C++ toolset arrived at the Software Collections Server. No need anymore to grab it directly.

Update 2017-10-29: New version 7.2 is on the build server:

yum update[/pre]

Pimping Centos 7 Part 1: Kernel

Centos comes with kernel 3.10.0-514. This is not a problem securitywise, as RedHat patches security and some bug fixes into its distribution.

If you have nothing to lose but want to live on the bledding edge and want support for current hardware like dvb-tuners, then Elrepo is for you: Either long-term-support/lt or absolutly current kernels (mainline/ml) yum’ed directly to your server (and for years on mine with no issues). At the moment kernel 4.13.3 is current, within a day or two after release of kernel 4.14.0 a simple yum --enablerepo=elrepo-kernel update should install it.

rpm --import
rpm -Uvh
yum --enablerepo=elrepo-kernel install kernel-ml