Multiplay Labs

tech hits and tips from Multiplay

Archive for the ‘OS’s’ Category

Installing Intel 82579V drivers on Windows 2008 R2

without comments

We recently found ourselves trying to install Windows 2008R2 on a 2 year old Intel Sandy Bridge system with an Intel 82579V onboard network card.

As part of the install, we pushed out the standard Intel ProWinx64 drivers, along with Intel Chipset Software installer to install all missing drivers.
Annoyingly this left us without a working network card, which is slightly bit problematic when trying to finish off the install remotely.

After debugging and searching on google we found this thread on the Microsoft Technet forums where the user MGerio is having a very similar issue to ourselves.

It turns out the fix is to extract the ProWinx64.exe file to a folder on the desktop and update a single inf file:

Edit PRO1000\Winx64\NDIS62\e1c62x64.inf
Find the following section

ExcludeFromSelect = \
PCI\VEN_8086&DEV_1502,\
PCI\VEN_8086&DEV_1503

This needs replacing with just:

ExcludeFromSelect =

Further down in this file, you’ll need to update the [Intel.NTamd64.6.1] block to also include:

[Intel.NTamd64.6.1]
; DisplayName Section DeviceID
; ----------- ------- --------
%E1502NC.DeviceDesc% = E1502, PCI\VEN_8086&DEV_1502
%E1503NC.DeviceDesc% = E1503.6.1.1, PCI\VEN_8086&DEV_1503

Following on from this, you should be able to run APPS\PROSETDX\Winx64\DxSetup.exe
This will then do the install with the local edited files and install the missing drivers

Written by Dan Offord

November 22nd, 2013 at 5:11 pm

Posted in Networking,Windows

Tagged with , ,

Adding a certificate to certdata.txt

without comments

First off you’ll need addbuiltin, which is part of nss tools.

On FreeBSD this is built but not installed as part of /usr/ports/security/nss.

Next you’ll need your cert in der format. If you have the cert in pem format openssl can convert it for you:

openssl x509 -in cert.crt -outform der -out cert.der

Finally append your certificate to certdata.txt using:

addbuiltin -n "Nickname for Certificate" -t "CT,C,C" < cert.der >> certdata.txt

Written by Dilbert

November 20th, 2013 at 10:45 am

Posted in FreeBSD

Fix for MMC could not create snap-in for Group Policy Object editor

without comments

If when you run gpedit.msc you just get the following error

MMC could not create snap-in because of the current user policies.
Name: Group Policy Object editor
CLSID :{8FC0B734-A0E1-11D1-A7D3-0000F87571E3}

The one reason is that the Group Policy Object editor has been restricted for the current user. You can check and possibly change this with the registry entry:

[HKEY_CURRENT_USER\Software\Policies\Microsoft\MMC\{8FC0B734-A0E1-11D1-A7D3-0000F87571E3}]
Restrict_Run=1

If the value of Restrict_Run is 1 then you will get the error, if you have enough permissions simply setting it to 0 will allow you to run the Group Policy Object Editor without any further issues.

Written by Dilbert

November 10th, 2013 at 10:57 pm

Posted in Windows

sftp-server umask not working under older versions

without comments

Older versions of openssh’s sftp-server, such as the version shipped in 8.3-RELEASE, includes a bug which means the command line option for umask is not processed correctly.

This can be used to support chroot’ed sftp only as done via the following block in

/etc/ssh/sshd_config
Subsystem   sftp    internal-sftp
Match group chroot
    ChrootDirectory %h
    X11Forwarding no
    AllowTcpForwarding no
    ForceCommand internal-sftp -u 0477

The following patch fixes this issue:

--- crypto/openssh/sftp-server.c.orig	2013-09-27 15:10:32.089496594 +0000
+++ crypto/openssh/sftp-server.c	2013-09-27 15:12:06.128649706 +0000
@@ -1378,7 +1378,7 @@ sftp_server_main(int argc, char **argv, 
 	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
 	char *cp, buf[4*4096];
 	const char *errmsg;
-	mode_t mask;
+	long mask;
 
 	extern char *optarg;
 	extern char *__progname;
@@ -1412,11 +1412,11 @@ sftp_server_main(int argc, char **argv, 
 				error("Invalid log facility \"%s\"", optarg);
 			break;
 		case 'u':
-			mask = (mode_t)strtonum(optarg, 0, 0777, &errmsg);
-			if (errmsg != NULL)
-				fatal("Invalid umask \"%s\": %s",
-				    optarg, errmsg);
-			(void)umask(mask);
+			mask = strtol(optarg, &cp, 8);
+			if (mask < 0 || mask > 0777 || *cp != '\0' ||
+			    cp == optarg || (mask == 0 && errno != 0))
+				fatal("Invalid umask \"%s\"", optarg);
+			(void)umask((mode_t)mask);
 			break;
 		case 'h':
 		default:

Written by Dilbert

September 27th, 2013 at 3:41 pm

Posted in Code,FreeBSD

MySQL under FreeBSD max_open_files more than 11095

without comments

If your seeing the following in your MySQL log even after raising kern.maxfilesperproc on FreeBSD, don’t forget you need to logout and log back into the machine before the new kern.maxfilesperproc value will be available to your session and hence available when you start MySQL via rc.d
[Warning] Buffered warning: Could not increase number of max_open_files to more than 11095 (request: 25000)

Written by Dilbert

September 5th, 2013 at 3:41 pm

Posted in FreeBSD,MySQL

Rails 2 to Rails 4 Basic Upgrade Tips

without comments

We’ve just had the “pleasure” of upgrading a very basic legacy Ruby on Rails 2 app to Rails 4 and the following where the basic steps needed.

1. Create a new app
2. Import the old code /app and /lib into the new app
3. Update the models
3.1. Update custom table name declarations

set_table_name 'table' -> self.table_name = 'table'

3.2. Update custom primary key declarations

set_primary_key 'primary_key' -> self.primary_key = 'primary_key'

4. Updated configuration removing any config.gem as this is maintained in Gemfile now
5. Migrate old app/controllers/application.rb -> app/controllers/application_controller.rb

In our app we use a custom path to log to for Rails 4 changing this is simply not documented, we found howere the following worked for us:-
Add to config/application.rb

# Use logs directory not log directory for logs
config.paths['log'] = File.join('logs', "#{Rails.env}.log")

Finally one of the plugins we used was validates_as_email which errored on startup due to a UTF8 error this was easily fixed by switching from // syntax to Regexp.new specifically:

--- validates_as_email.rb.orig       2013-07-22 12:53:11.360404644 +0000
+++ validates_as_email.rb      2013-07-19 08:36:52.969805090 +0000
@@ -25,7 +25,7 @@ module RFC822
     domain = "#{sub_domain}(?:\\x2e#{sub_domain})*"
     local_part = "#{word}(?:\\x2e#{word})*"
     addr_spec = "#{local_part}\\x40#{domain}"
-       pattern = /\A#{addr_spec}\z/
+       pattern = Regexp.new "\A#{addr_spec}\z", nil, 'n'
   end
 end

Written by Dilbert

July 22nd, 2013 at 9:47 am

Posted in FreeBSD,Rails

Rails 4 Javascript Dependency Failure on Boot

without comments

Rails includes a package manager which does on demand javascript packaging, this depends by default on node under FreeBSD which installs its binaries into /usr/local/bin which shouldn’t be a problem however the this isn’t in the path for services started at boot.

Because node can’t be found in the PATH passenger will fail to start the app.

We fixed this by adding the following to config/boot.rb

# Ensure /usr/local/bin is in the path
ENV['PATH'] = (ENV['PATH'] || '').split(/:/).push('/usr/local/bin') * ':'

Written by Dilbert

July 22nd, 2013 at 9:33 am

Posted in FreeBSD,Rails

Configuring Supermicro IPMI interface NIC using ipmitool

without comments

Newer Supermicro IPMI interfaces come configured by default in “failover” mode which means that the IPMI will bind to either the dedicated IPMI NIC port or share with one the the machine NIC ports.

This can cause IPMI to come up on wrong NIC and hence be inaccessible if the dedicated NIC doesn’t detect a link.

You can use ipmitool to change this behavour

First query the current setting:
ipmitool raw 0x30 0x70 0x0c 0

The result will be one of the following
0x00 = Dedicated
0x01 = Onboard / Shared
0x02 = Failover

Next to configure it you can use one of the following.

For older models:
ipmitool raw 0x30 0x70 0x0c 1 1 0

For X9 motherboards:
ipmitool raw 0x30 0x70 0x0c 1 0

References for this can be found here:
http://www.supermicro.com/support/faqs/faq.cfm?faq=9829
http://www.supermicro.com/support/faqs/faq.cfm?faq=14417

Written by Dilbert

June 27th, 2013 at 5:03 pm

Posted in FreeBSD,Networking

Force failing a disk in RAID set attached to an Areca controller

without comments

Sometimes a disk may be failing and timing out yet still working enough so that the RAID controller doesn’t drop it from the array.

This results in very poor performance from the entire array as the controller waits for timeout’s on the problem disk.

If your using an Areca controller there’s a command that can be used to manually fail such a disk allow it to rebuild onto an available Hotspare without having to have someone onsite to remove the problem disk.

WARNING – Using these commands can damage your array so be very sure before using them!

This can be achieved via the Areca web interface from the Raidset Functions -> Rescue Raidset option. In the text entry field enter the following command:-
FailDisk <disk channel>

The <disk channel> MUST be entered correctly otherwise you could fail the wrong disk for example entering
FailDisk Ch2 will fail disk attached to Channel 4 and not Channel 2.

The correct input is includes the 0 i.e. Ch02 you see in the Hierarchy display so in full:
FailDisk Ch02

The areca-cli also provides a similar option e.g. disk fail drv=2 but this only works on new controllers and not older ones e.g. ARC-1220 (at least not with FW 1.49)

Note a rather confusing version of this information can be found on Areca’s FAQ

Written by Dilbert

June 18th, 2013 at 9:01 pm

Posted in OS's

Fixing bad FreeBSD boot.config on ZFS

without comments

Today we had a machine rebooted with a broken /boot.config file, preventing it from booting.

It took us some time to find the solution to for a full ZFS machine so worth a mention.

From boot prompt simply enter:

root:/boot/zfsloader

Written by Dilbert

May 14th, 2013 at 1:46 pm

Posted in FreeBSD,ZFS