Thursday, 23 May 2019

Cross compile packages for OpenWRT / LEDE

For this tutorial I'll be using Fedora 29 for the build host.

We'll install the necessary dependencies firstly:

sudo dnf install asciidoc binutils bzip2 flex git gawk intltool zlib gmake ncurses openssl-devel patchutils p5-extutils-makemaker unzip wget gettext libxslt zlib-devel boost-jam perl-XML-Parser libusb-devel dev86 sharutils java-1.7.0-openjdk-devel b43-fwcutter zip

The next step is to obtain the OpenWRT SDK which will allows us to cross-compile packages that we require on OpenWRT.

I'll be using a BT Home Hub 5A for this exercise - so I browse the releases:

https://downloads.openwrt.org/releases/17.01.4/targets/lantiq/xrx200/

Under the supplementary section you should find the SDK e.g.

lede-sdk-<version-number>-<vendor>-<model>_gcc-<version number>_musl-<version number>.Linux-<architecure>.tar.xz

We'll proceed by downloading and extracting it:

wget https://downloads.openwrt.org/releases/17.01.4/targets/lantiq/xrx200/lede-sdk-17.01.4-lantiq-xrx200_gcc-5.4.0_musl-1.1.16.Linux-x86_64.tar.xz

tar xvf lede-sdk-17.01.4-lantiq-xrx200_gcc-5.4.0_musl-1.1.16.Linux-x86_64.tar.xz && cd lede-sdk-17.01.4-lantiq-xrx200_gcc-5.4.0_musl-1.1.16.Linux-x86_64

The default feeds will be targeted at 17.01.4 and hence be missing fping - however the current master branch has fping available - so we'll add the following line to feeds.conf.default ensure it's indexed / available:

src-git fping https://github.com/openwrt/packages.git

Update the feeds (as defined in feeds.conf.default):

./scripts/feeds update -a

and grab fping with:

./scripts/feeds install fping

We'll generate our config file:

make menuconfig

Select 'Network' and ensure the fping package is marked with an 'M' and then save the changes to '.config'

Also make sure that cryptographic signing is disabled (otherwise the build process will fail): 'Global build settings' > Untick 'Cryptographically sign package lists' and hit Save.

We'll now attempt to compile fping:

make -j1 V=s

The binary is created in the following directory:

bin/packages/mips_24kc/fping/

Finally upload the package via SFTP/SCP to the router and install it with opkg:

opkg install fping_4.2-1_mips_24kc.ipk

Wednesday, 8 May 2019

Linux: Backup Options

There are countless ways to backup disks easily with Linux - however I'm going to demonstrate some of the more commonly used methods.

Forenote: Always ensure the discs are not in use / mounted while performing the below operations otherwise it is likely that new / changed files will be corrupted and will run into problems with the file system.

Backing up a disk with dd 

sudo dd if=/dev/xvda of=/mnt/usbdrive | sync

or better yet we can use a sane block size (dd uses 512 bytes by default):

sudo dd bs=16M if=/dev/xvda of=/mnt/usbdrive | sync

Backing up a disk with dd over ssh

Utilising SSH provides us with encryption - ideal for remote backups e.g. over public networks:

sudo ssh user@remote "dd if=/dev/xvda1 " | dd of=backup.gz

However it does introduce an overhead due to the encryption - so we can pipe it into gzip in order to speed things up:

sudo ssh user@remote "dd if=/dev/xvda1 | gzip -1 -" | dd of=backup.gz

Backing up a mounted system with rsync

If the system is currently mounted we can use rsync to perform a backup (ensuring we exclude certain directories such as /dev, /mnt etc):

sudo rsync -aAXv / --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found"} /mnt

In the above command we employ 'archive' mode that ensures symbolic links, devices, permissions, ownerships, modification times, ACLs, and extended attributes are preserved.

and over rsync over SSH

sudo rsync -aAXve ssh user@remote:/ --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found"} /mnt

There are of course many other ways to skin a cat e.g. using netcat (which is significantly faster than dd over SSH - however lacks encryption.) 

Sources

Thursday, 18 April 2019

Uploading ISO's to storage domains in oVirt

oVirt currently doesn't allow you to upload ISO's over its web interface - you'll need to use the cli to do this.

If you wish to upload an ISO to an ISO storage domain you should issue you should issue:

engine-iso-uploader --iso-domain <storage-domain-name> upload <path-to-iso>


Wednesday, 10 April 2019

Tuesday, 9 April 2019

Preventing kernel modules from being loaded at the bootloader / grub in CentOS 7 / RHEL

Although this will typically done with the mod probe there are situations where the need to disable specific kernel modules before loading the kernel are necessary. One such situation is while I was installing a fresh instance of CentOS on an older server.

At the CentOS bootloader select the relevant entry and hit tab. You should now be able to edit the Linux kernel (vmlinuz) boot parameters.

Simply append:

module_blacklist=<module_name>

and hit enter.

This should theoretically work on all modern kernels / distros - so is not just limited to CentOS / RHEL.

Source: https://www.kernel.org/doc/Documentation/admin-guide/kernel-parameters.txt

Saturday, 16 March 2019

Using yum to download a package and all it's associated dependencies

This tutorial will demonstrate how to do a download-only of a package and all of it's dependancies.

To elaborate - I recently installed Fedora 29 on a Macbook, but unfortunately there was no native support for the WLAN driver.

However it was available from RPMFusion - packaged under 'akmod-wl' - however downloading this and all of it's dependancies would have taken a long time - so instead we can use plugin for yum called 'yum-downloadonly':

yum install yum-downloadonly

We can then issue something like follows to download the required packages on a working computer which is running Fedora 29 (though ensure it is running exactly the same minor version as well!):

sudo yum install --downloadonly --downloaddir=/tmp akmod-wl

However this is not ideal largely due to the fact that it will download all required packages that the system needs. If some of these packages are already installed on the system they will be omitted.

So instead I came up with the idea of quickly building a jail with the basic packages to get yum up and running (this would mimic the newly installed OS):

mkdir -p /chroot/fedora29/var/lib/rpm

rpm --root /chroot/fedora29 --initdb

yumdownloader --destdir=/var/tmp fedora-release
cd /var/tmp
rpm --root /chroot/fedora29 -ivh --nodeps fedora-release*rpm

sudo yum install --installroot=/chroot/fedora29 --downloadonly --downloaddir=/tmp akmod-wl

Then copy everything from the temp folder onto the new workstation and issue:

rpm -i *

Friday, 15 March 2019

Generating a new UUID for XFS/EXT2/3/4 filesystems

Although very rare there will be circumstances were you encounter duplicate filesystem UUIDs.

Upon mounting one e.g.:

mount -t auto /dev/sdb1

mount: wrong fs type, bad option, bad superblock on /dev/sdb1

Tailing dmesg provides the clue as to what has gone wrong:

[ 1103.580854] XFS (xvdp1): Filesystem has duplicate UUID xxxxxx-yyyyyy-zzzzz-aaaa-bbbbbbbbbbb - can't mount

So we'll need to change the UUID of one of disks - to do this with an XFS filesystem we can use:

xfs_admin -U generate /dev/sdb1

and with the EXT family we can use:

uuidgen

<generated UUID>

tune2fs /dev/xvdp1 -U <generated UUID>

Finally attempt to remount:

mount -t auto /dev/sdb1