Vill du veta mer?
Senior System Developer
+46 (0)70-218 00 84
Våra medarbetares bloggar
Changing Broadcom Driver In Ubuntu
I have a Broadcom Wireless Network Adapter and I had all sort of problem with the standard driver, Broadcom STA Wireless driver or wl that the module is called.
To identify which Broadcom chipset you have. Run:
To identify which modules (driver) you are using (running):
I had the STA or wl module running. To remove all possible Broadcom modules.
And to really remove the default STA or wl module, also remove the debian package. After the purge, that remove configuration files as well, I double run apt-get with remove autoremove, which will remove unused package and finally I run clean, to clean the apt-get cache. All for precaution.
Now you must test which driver/module that suites you best. I started with the b43 driver/module.
To load the new module/driver.
Now test you installation, if successful reboot and double check, that everything is working correctly..
Other possible driver are b43legacy package firmware-b43legacy-installer and LP-PHY package firmware-b43-lpphy-installer.
For more hardware commands, please read http://magnus-k-karlsson.blogspot.se/2013/01/how-to-install-atheros-ar8161-ethernet.html
The Medibuntu Project has come to an end
For many people the first thing they have done after installing Ubuntu, was to add the Medibuntu repository. But now it is dead. See announcement Here.
But what is the impact? Not much. Ubuntu already offers most of the things that existed in Medibuntu and this only natural progress of the growth of Ubuntu.
Managing Network in RHEL 6
The simplest way to manage network settings is to use the system-config-network tool or the non-graphical variant system-config-network-tui
To start, stop, status all our network devices
Other useful tools are:
|ifconfig||Display our network settings.|
|ping||Used for check network connectivity|
|route -n||Display routing and Gateway|
|traceroute||Display network routing to a host.|
|netstat -nr||Display open ports.|
Main network configuration file is /etc/sysconfig/network-scripts/ifcfg-<name>.
Local routing for e.g. localhost, but also for static routing.
Main routing configuration file. Any changes will be overwritten, unless disabled in above sysconfig network-scripts with PEERDNS=no.
- network-scripts: /usr/share/doc/initscripts-<version>/sysconfig.txt
Using the Automounter Service on RHEL 6
RHEL 6 ships with a convenient network mounter service, the automounter.
To check if the automounter is running.
To use it, simply cd into the /net folder followed by nfs hostname.
The remote network share will be unmounted automatically when unused for a configurable timeout.
Managing LVM with RHEL 6
LVM (Logical Volume Manager) is a flexible way to handle disk space, since you can increase and decrease file systems, that is not possible to the same extent as in MBR (Master Boot Record) partitioning format.
NOTE: "It is generally recommended that you create a single partition that covers the whole disk to label as an LVM physical volume" [https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Logical_Volume_Manager_Administration/LVM_components.html#multiple_partitions]
The LVM is build up on three cornerstone.
- Physical Volume, PV
- Volume Group, VG
- Logical Volume, LV
Create a new partition with type 0x8E Linux LVM.
The Most Imported Commands
Create Physical Volume (PV), Volumme Group (VG) and Logical Volume (LV)
First lets create a new physical volume on the prerequisite partition.
Create volume group vg_test that span entire physical volume /dev/sda3
Create logical volumne with size 500 MB, named lv_test in volume group vg_test.
The lvcreate will now create a device block file in /dev/vgName/lvName that we now can create a filesystem on and mount.
Extends Logical Volume (LV)
Extend the logical volume lv_test with plus 500 MB.
Now you need to grow the file system.
Verify/test the new size of /data.
Reduce Logical Volume (LV)
When reducing a file system, you need to unmount it first.# umount /data
Then reduce the actual filesystem.
After the actual file system is reduced, we can now shrink the logical volume.
Finally test/verify, by remounting and check disk space
Extends Volume Group (VG)
First create a new physical volume.
Now lets extends existing volume group 'vg_test' with our new physical volume.
And last test/verify.
Reduce Volume Group (VG)
Remove existing volume group 'vg_test' with physical volume /dev/sda4.
- lvm(8): lvm - LVM2 tools
- pvcreate(8): pvcreate - initialize a disk or partition for use by LVM
- vgcreate(8): vgcreate - create a volume group
- lvcreate(8): lvcreate - create a logical volume in an existing volume group
- vgextend(8): vgextend - add physical volumes to a volume group
- vgreduce(8): vgreduce - reduce a volume group
- lvextend(8): lvextend - extend the size of a logical volume
- lvreduce(8): lvreduce - reduce the size of a logical volume
- resize2fs(8): resize2fs - ext2/ext3/ext4 file system resizer
Encrypting Disks with LUKS in RHEL 6
LUKS (Linux Unified Key Setup) is a standard for hard disk encryption. LUKS can encrypt both partition and LVM volumes. Here I will encrypt a partition.
Creata a new partition with fdisk.
Enrypt a Partition
First we need to encrypt the partition.
Next step is to unlock the partition via luksOpen <blockDeviceFile> <luksname>. The cryptsetup will after create a new mapped blocked device file under /dev/mapper/<luksname>.
Finally we format now the unencrypted partition we a file system and mount it.
Persistently Mount Encrypted Partition
To make the mounting persisted we normally add the block device file in /etc/fstab, but with encrypted storage we also need to add the encrypted partition to the list of devices to be unlocked during system startup. That is done by adding the luksname and block device file to the /etc/crypttab.
After that extra step, normally edit /etc/fstab.
Automatically Mount Encrypted Partition
To automatically unlock a encrypted partition we need to store the password on disk, has obvious security problems, but if wanted to the following.
Now edit /etc/crypttab and add password file.
Reboot and verify, that no password is needed and that encrypted partition is mounted.
Remove Encrypted Partition
- Remove mapped block device file from /etc/fstab.
- Remove luksName from /etc/crypttab.
- unmount the mapped block device: umount /dev/mapper/luksname.
- Lock encrypted partition: cryptsetup luksClose luksname.
- cryptsetup(8): cryptsetup - setup cryptographic volumes for dm-crypt (including LUKS extension)
- crypttab(5): /etc/crypttab - encrypted block device table
- fstab(5): /etc/fstab - static information about the filesystems
Managing Swap Space in RHEL 6
The swap space is used by the OS to handle overflow for parts of the RAM that are currently not being used.
The recommended size of the swap space is depending on how much RAM you have.
- < 2GB RAM, use 2GB swap
- > 2GB RAM, use 2GB + 2 * RAM size
How to Create a New Swap Partition
After reboot we need to format the new swap partition.
Next step is to activating it.
To verify/list current swap spaces.
To make this new swap space persistent, we need to add this new swap space to /etc/fstab.
Reboot and verify that new swap space is active.
How to Remove a Swap Partition
First deactive it.
Verify it is no longer active.
IF YOU HAVE ADDED IT TO /etc/fstab, DO NOT FORGET TO REMOVE IT FROM THERE AS WELL!
Managing Partions With RHEL 6
Most Linux distrobution, which is also the case with RHEL 6, uses the MBR (Master Boot Record) partitioning format. The MBR is designed to hold up to maximum 4 primary partition. If more is needed, you must use one primary as extended partition. And do not forget to let the extended partition use all remaining disk space. After creating an extended partition, you can create logical partition on the extended partiti
In a desktop RHEL, there is the graphical tool for managing our partition - palimpsest.
A never GUI tool that is maybe better is parted. The good thing with this tool is that it also can resize and copy partitions.
At the command line, you have the fdisk tool. When using the fdisk tool always use the following options:
- -c Switch off DOS-compatible mode.
- -u When listing partition tables, give sizes in sectors instead of cylinders.
Lets get started with fdisk and create a new primary partition.
After reboot you can check your new primary partition.
Now lets create an ext4 file system on the new primary partition.
And mount it.
If you want RHEL to automatically mount your new partition at boot, you need to add that to /etc/fstab. And the recommended way to identify the partition is with it's UUID.
And finally save and reboot.
How to Mount an USB Device in Linux
1. Before inserting the USB, check which disks you already have.
2. Create a new directory under /mnt to which you will mount your USB.
3. Now insert the USB and mount it.
4. Now you are ready to read and write to your USB.
5. To unmount.
In Linux a storage device is represented by a device file in /dev/.
The three letter naming convention for storage devices in Linux are:
- s - storage
- d - disc (such as SCSI, USB, SATA), cd - cd or dvd
- litteral order character, starting with a, then b, c, etc
Example: /dev/sda (SCSI, USB, SATA), /dev/sdb (SCSI, USB, SATA), /dev/scd (CD/DVD)
These device files represent the whole drive. Each drive is partitioned into partition. The first partition receives order number one, the next one two, etc
When a new storage device is added it will receive the last character order literal, here it is b (/dev/sdb). Another way to find out the device file is to tail the dmesg log file.
Here we see that the USB was allocated device name sdb. But when you mount you mount to a partition that contains a file system. And in general, most USB only have one partition, hence sdb1.
Securing SSH with Public/Private Key Authentication
The motive for using public/private key authentication are:
- Firstly for convinience, you no longer need to enter password (unless you encrypt your keys with password protected).
- Secondly, ones setup, you can remove password protection, which is a big cracking hole.
The remote user needs to exist on the remote server. If it does not. Create it. And at least LOGIN ONES, so that it's home directory is created. Otherwise you can eagerly created the home directory when you add the user.
Here I will use the existing user root, for simplicity.
Generate public and private keys, with NO password protection. I will here use the RSA algorithm and key length 2048 bits.
Next make sure that the ssh key directory and private key has proper file permission
The last step is to copy the client public key to the server. You can either do that manually, or with the ssh-copy-id tool. Here I will use the tool.
If you were setting up public/private key authentication for a different user, please replace root in above command with you user.
On the server side, open /etc/ssh/sshd_config and enable public/private key authentication
Then restart the ssh daemon service.
And finally verify that the keys directory and files have the proper file permission and SELinux type for your user.
Finally you need to test, to verify the installation. On the client machine switch to the user you had setup for and
RHEL: How to Switch Users in Multiuser Runlevels
Switching UserTo switch to a different user, e.g. student, run To switch to root
Most Linux distribution can be ran in 5 different runlevels. Runlevel 0 and 6 are special, which you can see below.
- 0 - Shutdown
- 1 - Single user mode, without network
- 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
- 3 - Full multiuser mode, with network.
- 4 - Unused
- 5 - X11, graphical mode with network
- 6 - Reboot
The default runlevel is set in /etc/inittab.
How to Switch Runlevels
You can switch the runlevel with init, e.g. init 3. But from the graphical mode, there is also a keyboard shortcut.
ctrl + alt + F1 - for init 1, ctrl + alt + F2 - for init 2, etc.
Accessing Network Files via NFS and CIFS in Linux
Working with remote file system under Linux is not hard. Below I will show how to use the two most common remote file system used:
- NFS - Network File System
- CIFS - Common Internet File System
NFSShow the NFS server’s export list. Mount. Note that the directory /remote must exist before mount, if not create it with mkdir /remotenfs. Unmount file systems
CIFS is the underlying remote file protocol used for samba server and which is the most common file server when having a mixed client environment with Windows and Linux.Install client library Show the CIFS server’s sharenames. Mount. Note that the directory /remote must exist before mount, if not create it with mkdir /remotecifs. Unmount file systems
Common vi commands
Most Linux server runs without a graphical interface and the most sure installed editor for file is the vi editor. But getting used with vi can be a little challenging. Below I will show you the most common vi commands.
|Close without saving||:q!|
|Write and close||:wq|
|Copy line and paste line||yy + p|
|Delete line and paste line||dd + P (capital)|
|Browse to next work||w|
|Browse to previous work||b|
|Go to first line||1G|
|Go to last line||G|
Linux File and Special Permission
The simplest file permission in Linux are the r (read), w (write), x (executable). These file permission yields for u (user), g (group) and o (other). They can be set both:
- Symbolically: +-r, +-w, +-x
- Numerically: r=4, w=2, x=1
There are three special permission: setuid, setgid and sticky. They can be both applied to files and directories, but then have different meanings.
|setuid||Only meaning for executable file: The executable file be be run as the file owner, not as the user that executes it.|
|setgid||Only meaning for executable file: The executable file be be run as the file group, not as the user that executes it.||All newly created file in directory, will inherit the parent directory group permission.|
|sticky||No effect.||All files created with a user that have write permission for a specific file can only remove that file, except for root.|
To set the special permission:
- Symbolically: setuid=u+s, setgid=g+s, sticky=o+t
- Numerically: setuid=4, setgid=2, sticky=1
Java EE 7 released and Packt Publishing is having 50% sales
Before and after Oracle was buying Sun, the development of the Java language slowed down. But now Oracle is picking up speed. The Java Enterprise Edition 6 was released in December 2009 but now this summer, EE 7 was released. Not bad. So if you want to get up to speed with the new feature in EE7 and read ebooks the Packt Publishing is having a 50% sales on all its ebooks, so feel free to check it out on http://bit.ly/1bqvB29 and use the discount code COL50.
Keeping track of the different component version in EE 6 and EE 7
The Java Enterprise Edition has changed a lot from previously making heavy usage of XML configuration and now using Annotation instead, which leaves XML files almost empty compared to older EE version. But all these changes is also a headache to developers that must keep track of the different version in the different EE version. A good summary site for that is
and for JPA
And another good reference site for JPA is
Getting started with GNOME 3 on Fedora 19
At work I usually work at the server side which means in most cases for Java project, working with some sort of Linux distro. One popular Linux distro for server are Red Hat Enterprise Linux, RHEL. But using RHEL is not meant for using at the client side. And the closest thing to RHEL at the client is Fedora (both supported by Red Hat).
It's been a while since I used Fedora and a lot have happened. And for you guys out there that are starting to use Fedora or any other Linux distro that are using GNOME, I can warmly recommend this easy to use site:
On this site you can easily install and configure GNOME 3 tweak, such as my favorite Dash to Dock - https://extensions.gnome.org/extension/307/dash-to-dock/. Which is my first GNOME tweak I installed after installing Fedora 19.
Review of Instant Apache Wicket 6
In the last day I had the pleasure to read a beginners book for Apache Wicket 6 - Instant Apache Wicket 6 http://bit.ly/15w4LEI. The book is good, it takes the reader through the most imported steps to get started with Apache Wicket. Such as creating a new project, how to use the fast jetty web server to view your wicket pages and maybe the most imported thing. How to debug a wicket application with Eclipse IDE. So if you are looking for a beginners book for Apache Wicket 6 I can recommend this book.
But with all beginners book you should always be a little careful when completely copying beginners example code into your production code. Such an example in this book is the login example. Creating safe login code is actually a little tricky and requires extra care. Things that you must take into consideration when creating login code are:
- Login pages must be completely stateless, which means ones submitted from the client, they must be totally forgotten. You do not want sensitive data, such password, be accessible when clicking browse back. Or be kept in server session cache. Apache Wicket is out-of-box almost always stateful.
- Paying extra care of session management is always imported. Use cookie to store client session id and not URL, which are cached in web server log, proxy log, client web browser history, etc.
- Always set session timeout.
- Make cookie not accessible for other sites client script, which you hinder by using http only flag.
- And of course always use SSL, even for login pages.
Above is just a handful of things that you should pay attention to when developing security code.
I'm a great Wicket fan and wicket have a lot of ready to use graphical component, such DatePicket, Paginated List, Sortable List, Multiple File Upload, etc. You can see a lot of them in action on http://www.wicket-library.com/wicket-examples/index.html.
Also if you need more Wicket component, look at the different wicketstuff project. To get an overview on them all search maven central repo at http://search.maven.org/#search|ga|1|org.wicketstuff.
Som Red Hat Ready Partner besöker MSC Redhat EMEA Partner Conference i Madrid!
Jag besöker just nu Redhat EMEA Partner Conference i Madrid.
Heta ämnen är Open Hybrid Cloud, Red Hat Openstack, Red Hat Openshift och JBOSS Middleware.
Complete Configuration of MySQL 5 DataSource in JBoss EAP 6
Here I will describe how to configure a MySQL 5 DataSource for JBoss EAP 6.
Install MySQL JDBC Driver as JBoss EAP 6 Module
Create a new directory under modules and a new module.xml file.
Download the MySQL JDBC driver and put it in the same catalog as module.xml. If necessary correct resource path below, with the downloaded jdbc driver file name.
If this is a server installation make sure that the new directories and files get the right permission.
Configure JBoss EAP 6 DataSource
Here we will use JBoss EAP 6 in standalone mode, but if you like to use the domain mode, the configuration is the same. Open $JBOSS_HOME/standalone/configuration/standalone.xml.
- JBoss EAP 6.1 Administration and Configuration Guide. Chapter 6.6. Datasource Configuration
- MySQL 5 Manual. Chapter 126.96.36.199 Driver/Datasource Class Names, URL Syntax and Configuration Properties for Connector/J
Configure UsersRolesLoginModule for JBoss EAP 6
In this blog I will show you how to configure a simple JAAS login module, that holds username, passwords and roles in properties file. The login module for this job is org.jboss.security.auth.spi.UsersRolesLoginModule.
Finding the correct source code and documentation for the JBoss EAP 6 login modules, can be a bit tricky and the reason for that, is that the concrete implementation for them are hosted in the sister project Picketbox. For example the exact version that is shipped with JBoss EAP 6.1.0 is 4.0.17.Final-redhat-1. And the jar is located under $JBOSS_HOME/modules/system/layers/base/org/picketbox/main/.
The UsersRolesLoginModule has more to offer than I will show you here, and that is to store the password scrambled and not in clear text. But since the UsersRolesLoginModule is merely for test purpose, I will leave that out here.
I will use JBoss EAP 6 in standalone mode, which means that the JBoss configuration file is $JBOSS_HOME/standalone/configuration/standalone.xml. Open it and add the below JAAS security-domain.
Create Users and Assing Roles
Creating users and theirs associated roles are easy since them are located in clear plain text files located under $JBOSS_HOME/standalone/configuration/. Here I will only create one user and one role, but you can create as many as you please.
The easiest way to test the security, is to either take an existing war project or create a new zip file add a welcome file (index.html), web.xml and jboss-web.xml. Either way the relevant configuration for the web.xml is below.
And the relevant portion in jboss-web.xml.
Configure ActiveMQ 5.8.0 to use MySQL as Persistence Mechanism
In this blog I will show you how to change, the default persistence mechanism in Apache ActiveMQ 5.8.0 from KahaDB to instead use a RDBMS. And here I will use MySQL 5, but ActiveMQ supports most of the major vendor of RDBMS.
Install MySQL JDBC Driver
Download driver from maven central repo:
Copy to $ACTIVEMQ_HOME/lib/optional/.
Create ActiveMQ database
Log into mysql and create ActiveMQ database.
Configure MySQL as persistence storage
Open the ActiveMQ configuration, $ACTIVEMQ_HOME/conf/activemq.xml, and add mysql datasource, comment/remove the default KahaDB and finally add the RDBMS persistence adapter.
Now we are ready to test the installation. Restart activemq and check the activemq log for errors, $ACTIVEMQ_HOME/data/activemq.log.
You can also open the activemq web console, to verify that things are working:
Now lets really test the installation from the activemq web console you can send message. From the web console click Send and choose to send a text message to a new queue.
Afterwards we can check that the message is sent to the queue, by clicking on Queue and our new queue foo.bar. And there see your text message.
You could also verify that the message is really persistent in MySQL by querying your database.
Configure Redelivery for ActiveMQ 5.8 Resource Adapter in JBoss EAP 6
In this blog I will show you how to setup ActiveMQ resource adapter in JBoss EAP 6 and then test different redelivery policies.
Before we begin, we need to download the latest Apache ActiveMQ binaries and unzip it. To start, stop and check status we use the activemq script located in the bin folder.
After started the ActiveMQ, we can test the installation by open a web browser and open http://localhost:8161/admin/. The default username is admin and default password is admin.
Now we need to configure JBoss. In this blog we will use JBoss EAP 6.1.0. Download it and unzip it.
The next thing we need to do is to download the Apache ActiveMQ resource adapter. You can find it from maven central repo – http://search.maven.org/remotecontent?filepath=org/apache/activemq/activemq-rar/5.8.0/activemq-rar-5.8.0.rar.
JBoss EAP 6 can be run in two different modes – standalone and domain mode. In this blog we will be using standalone mode, but if you need to run JBoss in domain the below configuration is basically the same.
Now deploy the resource adapter to $JBOSS_HOME/standalone/deployment
Now we are ready to configure JBoss. Open $JBOSS_HOME/standalone/configuration/standalone.xml
The last thing we also need is to configure mdb support for the standalone configuration.
Now we are to test the installation. We do that by creating a simple MDB, that prints out incoming JMS messages and then rollbacks the MDB transaction.
As test client we can send jms message from the ActiveMQ web console
Below follows different test results for different redelivery configuration
18:57:51,140 INFO [stdout] (default-threads - 2) mdb recieved, redelivered=false
18:57:52,220 INFO [stdout] (default-threads - 3) mdb recieved, redelivered=true
18:57:53,256 INFO [stdout] (default-threads - 4) mdb recieved, redelivered=true
18:57:54,296 INFO [stdout] (default-threads - 5) mdb recieved, redelivered=true
18:57:55,334 INFO [stdout] (default-threads - 6) mdb recieved, redelivered=true
18:57:56,365 INFO [stdout] (default-threads - 7) mdb recieved, redelivered=true
19:55:21,453 INFO [stdout] (default-threads - 2) mdb recieved, redelivered=false
19:55:26,495 INFO [stdout] (default-threads - 3) mdb recieved, redelivered=true
19:55:51,503 INFO [stdout] (default-threads - 4) mdb recieved, redelivered=true
19:57:56,510 INFO [stdout] (default-threads - 5) mdb recieved, redelivered=true
20:08:21,516 INFO [stdout] (default-threads - 6) mdb recieved, redelivered=true
21:00:26,523 INFO [stdout] (default-threads - 7) mdb recieved, redelivered=true
delta1 = 5s (calculated value 1*5)
delta2 = 25s (calculated value 5*5)
delta3 = 125s (calculated value 25*5)
delta4 = 625s (calculated value 125*5)
delta5 = 3125s (calculated value 625*5)
22:28:52,542 INFO [stdout] (default-threads - 2) mdb recieved, redelivered=false
22:29:02,598 INFO [stdout] (default-threads - 3) mdb recieved, redelivered=true
22:29:52,604 INFO [stdout] (default-threads - 4) mdb recieved, redelivered=true
22:34:02,609 INFO [stdout] (default-threads - 5) mdb recieved, redelivered=true
delta1 = 10s (calculated value 2*5)
delta2 = 50s (calculated value 10*5)
delta3 = 250s (calculated value 50*5)
Make Samsung Galaxy S3 with Android 4 work on Ubuntu
In the latest Ubuntu 13.04, the Ubuntu team has upgraded the MTP support, so you now can connect you mobile phone with Ubuntu. But if you are looking for a more stable version of Ubuntu, I recommend that you use a LTS (Long Term Support) version. Which currently is version 12.04.
But when using 12.04, it lack the Android 4 support. But that can be fixed with following the instruction found here http://www.webupd8.org/2013/01/upgrade-to-gvfs-with-mtp-support-in.html.
Configure High-Availability Clustering using TCP Unicast with JBoss EAP 6, HTTPD, mod_cluster on RHEL 6
In my previous blogs I have written about HA in JBoss EAP 6 with Apache Webserver (httpd) and that is all done with UDP multicast. In this blog I will show you how to do it with TCP unicast.
In this example we are going to run all JBoss EAP server on the same machine and we are using standalone mode for simplicity reason. But the same apply if you want to run domain mode.
First configure JGroups to use TCP unicast.
Secondly we need to configure modcluster subsystem in JBoss EAP 6 and set advertise="false" and proxy-list="127.0.0.1:80".
Now lets restart Apache Webserver (httpd) and start two JBoss server. And last you must deploy a clusterable application.