Dropbox

Update 24 May 2010: I have added some more features to Dropbox and I have released my new “Dropoff” over at www.dropoff.me. Get all the latest and greatest there in future!

I have found a great solution to the common problem of sending and receiving files from other sites and research partners, and generally sending large files around the web where email won’t do the trick.

It’s called “
Dropbox” and was originally written by the University of Delaware.

I am launching it as a service at work called “
Dropoff” in order that people don’t think you are talking about the service provided by www.dropbox.com which is a totally different thing.

The idea is that you don’t even need to login to send a file to a user within your site/company/University/institution, so external people can use it to send files to people in your institution. It can handle arbitrarily large files, there are no fixed limits. If you log in to the Dropbox website, you can send files to people outside your institution. People who cannot log in can only send files to people within your institution. This stops the rest of the world using it to send people to other people who aren’t members of your institution.

I have added various extra features to it:
  • Active Directory AD authentication (to multiple AD sites at once if needed)
  • Virus scanning of uploaded files, using ClamAV

I have customised it quite a bit just for our site, so if you want a copy of my patched version, along with a guide as to what changes I have made, then please
contact me.
Comments

Resending Unix Mbox Files

Unfortunately someone screwed up the installation of one of our servers so that mail to local addresses was being delivered into /var/spool/mail/ instead of being sent onwards to our SMTP server.

Getting the sendmail.mc correct was the easy bit, there is a simple
“null client” sendmail.mc file I wrote years ago which does that nicely.

The hard bit was taking all the Unix mbox files in /var/spool/mail and /var/mail and re-delivering them all to their intended recipients. The bit most people get wrong is the separator between messages. The separator is
not a line starting with “From “. The separator is a blank line followed by a line starting with “From “. So I wrote my own script to do it which you are very welcome to download and use.
Comments

VMware Converter - Converting an Existing Windows System

The Converter is a client/server program, where the converter server runs on ecsvm-admin.ecs and the client can run anywhere, such as win-admin.

Firewall Rules
If the source physical Windows system is in the DMZ, you will need to add a couple of rules to the firewall "Short-Term Rules" section allowing all traffic from ECS-internal to the source host and from the source host to ECS-internal. You should remove these rules again once the conversion has completed.

Starting the Conversion
Start the VMWare Converter Standalone Client program.
IP Address/Name = ecsvm-admin:7443
Username = administrator (or your own sys* username if you are registered on the vSphere with an account).
Password = Windows-infrastructure password

Click the "Convert Machine" button in the toolbar.
Source type = Powered-on machine
Give remote machine full hostname.
Give username and password of a user in the "Administrators" group on the source Windows system, such as the "ECS2000\administrator" account and domain password..
OS Family = Windows.
Next.

It should connect to the source physical system.
If it fails, then give it the IP address of the source physical system instead of the name of it.
If it still fails, then Remote Desktop to the source physical system, download the converter (from browsing the datastores starting at http://ecsvm-admin.ecs.soton.ac.uk/) and install the converter agent (not the client/server setup) onto the source system, then run it again from there.
When it asks for the name of the source system to convert, give it the IP address of the source system (which is the same system you are now running the Converter on).

Tell it to automatically uninstall the files when the import succeeds.
It will then deploy the agent, which takes a few seconds.

VMware Infrastructure server details:
Server = ecsvm-admin
Username = administrator (or your sys* username if you have an account on vSphere).
Password = Windows-infrastructure password (or yours).
Next.

Select host to run the VM on = ecsvm-admin1.ecs.soton.ac.uk.
Virtual machine name = short hostname (eg. major-backup).
Datastore = infrastore1-Vol2 (an infrastore volume with plenty of free space).
Virtual machine version = Version 7.
Next.

Options
Destination Attributes: Name = short hostname, Folder = ecs
Data to copy: Click "Advanced...", then "Target Layout...".
Set all large, non-swap filesystems to "Thin provisioning" (this is "Dynamic disks" in Microsoft speak, where only the disk space in use is actually allocated on disk, used disk space expands as necessary to hold the data, up to the maximum set by the size of the filesystem).
Set the Size of the normal large filesystems (eg. "C:") to a reasonable number, no point in making them huge, most will fit in 60Gbytes.
Switch to the "Source Volumes" tab to see how much space is actually in use at the moment.
Normally set C: to thin provisioning, 60GBytes or more.
It is important not to waste disk space on Flat-provisioned disks that are not going to use all their space. Disk is relatively expensive.
Devices: Numer of processors = 1.
Disk controller = SCSI LSI Logic or SCSI Buslogic.
Memory = usually the default will be fine.
Networks: Network adapters to connect = 1
Set the network for the network adapter to be the same Virtual Machine Network VLAN as the physical machine you are converting.
The new virtual machine will take over the IP address of the physical source machine.
Services: Source Services: switch off services that should not be left running when the VM is created (such as SQL Server or WWW Publishing Service, and Hyper-V services if moving from Hyper-V to VMware). Destination Services: set all Hyper-V services to "Disabled".
Advanced Options: Power on target machine = yes
Power off source machine = yes
Install VMware Tools on the imported virtual machine = yes
Configure guest preferences for the virtual machine = no
Remove System Restore checkpoints on destination = yes
Reconfigure destination virtual machine = yes

Next.

It should now just show you the final option settings and then start the process of converting the host. Wait for the whole process to finish before touching either the source (physical) or destination (virtual) machines.

How long it takes depends on the quantity of data that has to be moved. You can expect about 20 to 25 MBytes/second conversion speed. A machine with about 7GB of used disk takes about 25 minutes to convert.

As the process is run by the Converter Server (running on ecsvm-admin), it doesn't matter if you quit the Windows app used to watch the process, you can track the progress of the conversion from the Converter Windows app running on any PC.

After the Conversion has Finished
Open a console on the new VM.
In the "VM/Guest" menu, install the VM tools. This will insert a CD into the virtual CD drive, what happens then is dependent on the Windows Autoplay preferences in the virtual machine.
This will force a restart of the virtual machine.

Shutdown the virtual machine.
Once the VM has stopped, edit the settings of the VM and choose the middle "Options" tab. In the "VMware Tools" settings, right at the bottom right of the dialog there is an option to "Synchronize guest time with host". Tick this box.
Okay that, then power on the VM.
It should successfully boot.

The VM should now be fully running happily and serving its services to the users.

Now just remove the two temporary firewall rules you added at the start of this process.
Comments

VMware Converter - Converting an Existing Linux System

The Converter is a client/server program, where the converter server runs on ecsvm-admin.ecs and the client can run anywhere, such as win-admin.

Firewall Rules
If the source physical Linux system is in the DMZ, you will need to add a couple of rules to the firewall "Short-Term Rules" section allowing all traffic from ECS-internal to the source host and from the source host to ECS-internal. You should remove these rules again once the conversion has completed.

Before You Start
On the final virtual machine, you will need to install the VMware tools and set the VM settings to synchronise the time on the VM with that of the ecsvm-admin server. So you won't want ntpd to be running. Also, you are going to need to reboot the VM at least once after you have converted it, so stop and disable the primary user services (e.g. httpd, mysqld) that are running on the server. You can start up the user services again as the last step after getting the VM Linux system running. So I would start with
service ntpd stop
service httpd stop
service mysqld stop
chkconfig ntpd off
chkconfig httpd off
chkconfig mysqld off
Also, if the physical source machine is actually a Windows 2008 Hyper-V VM, then you will want to do the same to the "inputvsc" service, and copy the seth0 device settings to eth0 (remembering to change the device name in /etc/sysconfig/network-scripts/ifcfg-eth0 after copying the ifcfg-seth0 file onto it) as VMware will use the eth0 device and not the seth0 device.

Once running in VMware, the kernel will need to be able to "probe" the disk controllers in order to be able to find the controller types. So in /boot/grub/grub.conf, edit the kernel command line arguments and remove any settings that set "hda=noprobe" or similar. You don't need to reboot after this change, this will be applied once the VM conversion has finished and VMware starts the new VM.

Starting the Conversion
Start the VMWare Converter Standalone Client program.
IP Address/Name = ecsvm-admin:7443
Username = administrator (or your own sys* username if you are registered on the vSphere with an account).
Password = Windows-infrastructure password

Click the "Convert Machine" button in the toolbar.
Source type = Powered-on machine
Give remote machine full hostname.
Give root username and password.
Next.

VMware Infrastructure server details:
Server = ecsvm-admin
Username = administrator (or your sys* username if you have an account on vSphere).
Password = Windows-infrastructure password (or yours).
Next.

Select host to run the VM on = ecsvm-admin1.ecs.soton.ac.uk.
Virtual machine name = short hostname (eg. gander).
Datastore = infrastore1-Vol2 (an infrastore volume with plenty of free space).
Virtual machine version = Version 7.
Next.

Options
Destination Attributes: Name = short hostname, Folder = ecs
Data to copy: Click "Advanced...", then "Target Layout...".
Set all large, non-swap filesystems to "Thin provisioning" (this is "Dynamic disks" in Microsoft speak, where only the disk space in use is actually allocated on disk, used disk space expands as necessary to hold the data, up to the maximum set by the size of the filesystem).
Set the Size of the normal large filesystems (eg. "/") to a reasonable number, no point in making them huge, most will fit in 40Gbytes.
Switch to the "Source Volumes" tab to see how much space is actually in use at the moment.
Normally set / to thin provisioning, 40GBytes, leave /boot and swap alone.
Devices: Numer of processors = 1.
Disk controller = SCSI LSI Logic or SCSI Buslogic.
Memory = usually the default will be fine.
Networks: Network adapters to connect = 1
Set the network for the network adapter to be the same Virtual Machine Network VLAN as the physical machine you are converting.
The new virtual machine will take over the IP address of the physical source machine.
Advanced Options: Power on target machine = yes
Power off source machine = yes
Reconfigure destination virtual machine = yes
Helper VM Network: Look up the IP address of the host "ecsvm--helper" which is a spare IP address unused by anything else in the same "" as the physical host you are converting. There are currently hosts defined such as "ecsvm-systems-helper", "ecsvm-dmz-helper" and "ecsvm-servers-helper". The IP configuration parameters and DNS setup for the Helper VM Network must all be consistent with its IP address. This "helper" machine is a temporary system setup by the VMware Converter just for use during the process of converting a Linux box, it disappears again at the end.

Next.

It should now just show you the final option settings and then start the process of converting the host. Wait for the whole process to finish before touching either the source (physical) or destination (virtual) machines.

How long it takes depends on the quantity of data that has to be moved. You can expect about 20 to 25 MBytes/second conversion speed. A machine with about 7GB of used disk takes about 25 minutes to convert.

As the process is run by the Converter Server (running on ecsvm-admin), it doesn't matter if you quit the Windows app used to watch the process, you can track the progress of the conversion from the Converter Windows app running on any PC.

After the Conversion has Finished
Open a console on the new VM.
In the "VM/Guest" menu, install the VM tools.
mount /dev/cdrom /mnt
cd /tmp
tar xzf /mnt/VM*
umount /mnt
cd vmware*
./vmware-tools-install.pl
Accept all the defaults. It will find suitable modules for your kernel, or else will compile them itself, and build a new initrd, grub.conf and modprobe.conf for your kernel.
Assuming that succeeded, then
shutdown -h now
Once the VM has stopped, edit the settings of the VM and choose the middle "Options" tab. In the "VMware Tools" settings, right at the bottom right of the dialog there is an option to "Synchronize guest time with host". Tick this box.
Okay that, then power on the VM.
It should successfully boot.

The only remaining tasks are to enable and start up the user services, but 
not ntpd.
chkconfig mysqld on
chkconfig httpd on
service mysqld start
service httpd start

The VM should now be fully running happily and serving its services to the users. If you prefer, you can always reboot the VM again instead of running those last two "service ... start" commands to prove it is all okay and booting correctly.

Now just remove the two temporary firewall rules you added at the start of this process.
Comments

Install VMware Tools on a Linux Client

First, log in to the VM as root and "yum update".
Then "yum install gcc make binutils kernel-devel kernel-headers".
Then reboot the VM.
Then start up the vSphere Client, right click on the VM and choose Guest - Install VMware Tools.
Back into the VM's root session.
mount /dev/cdrom /mnt
cd /tmp
tar xzf /mnt/VM*
umount /mnt
cd vmware-tools-distrib
./vmware-install.pl
Accept all the defaults, and let it do everything it wants. If you have a fully updated and correct system, it should install flawlessly.

Check the "ifconfig -a" and ensure that all the network devices that exist have startup scripts in /etc/sysconfig/network-scripts/ifcfg-eth*.

Go into the vSphere Client again and right-click on the VM. Look in the "Guest" sub-menu and tell it to stop installing the VMware Tools if it offers you that.

Reboot the VM.

If you have problems...

The most likely problem is that you are running an el5xen kernel or some other xen kernel, which you don't want to be doing.
Once you've done a yum update, take the xen kernel you are running (uname -a will tell you) and do something like this:
yum install kernel-2.6.18-164.el5
Then edit /boot/grub/grub.conf and ensure that the "default=" setting at the top is set to boot the kernel you just installed and not the xen kernel (they start numbering from the top of the file from 0).
Then reboot so you are running the non-xen kernel.
Then
yum install kernel-devel-2.6.18-164.el5
Then re-run /tmp/vmware-tools-distrib/vmware-install.pl and if it asks you for the kernel headers location, give it
/usr/src/kernels/2.6.18-164.el5/include
But you will most likely find that it just happily works on its own!
Then just reboot to pick up all the VMware tools in a fresh boot.
Comments

VMware Converter Fails for Linux Client

You need to change the installed SCSI controller to be a LSI Logic controller. The original machine may have been configured for a Transtec 3Ware SCSI controller.

The main relevant article is here:
http://tipstricksandmore.blogspot.com/2009/01/after-converting-physical-rhel4-system.html

Once the VM has been converted, you can change the hardware of the VM in the "Edit Settings..." menu from right-clicking on the VM. You can only change it when the VM is powered off.

Edit the VM settings and connect the DVD drive to a "Datastore ISO File": infra1-localDisk/vSphere Management Assistant/rhel-5-server-i386-dvd.iso.
Set the Device Status to "Connected" and "Connect at power on".
In the VM options page, set it to go into the BIOS setup at next boot.

Open a console on the VM and power it on. It will go into the BIOS setup.
In the "Boot" BIOS menu, select the DVD drive and press + to move it to the top.
Save and exit the BIOS setup.

It will boot from DVD.
Enter "linux rescue".
You don't need any network interfaces.
Let it look for the installed system to mount under /mnt/sysimage.

chroot /mnt/sysimage
Replace hda with sda in /etc/fstab, /boot/grub/device.map and /boot/grub/grub.conf
grub-install /dev/sda

Make sure /etc/modules.conf is empty or non-existent.

Edit /etc/modprobe.conf and set
alias eth0 pcnet32
alias eth1 pcnet32
alias scsi_hostadapter mptbase
alias scsi_hostadapter1 mptscsih

Work out the full path to the initrd image you are going to rebuild. They are in /boot and are called initrd*.
The /boot/grub/grub.conf will point to the right one.
So in my example it is "/boot/initrd-2.6.18-128.7.1.el5xen.img".
There should be a directory under /lib/modules called the same version number.

Then you use a command like this to rebuild it
mkinitrd -v -f /boot/initrd-2.6.18-128.7.1.el5xen.img 2.6.18-128.7.1.el5xen

exit
reboot

Press Esc to get the boot menu and force it to boot from the hard disk.
Hopefully it will boot this time!

Shut it down again, edit the VM settings and set the DVD drive back to "Client Device".
Boot your VM normally.
Comments

Mouse support in Hyper-V

This is how to add mouse support to the LICs (Linux Integration Components) provided by Microsoft. This does not involve using the Beta version of the LICs at all, it is all done with the production release version.

Firstly install everything else involved in getting the LICs working. There is another article in this blog that will explain how to get the LICs working with RedHat or CentOS 5.2.

On your Windows 2008 or Hyper-V server, download the “inputvsc.iso” from
http://www.xen.org/download/satori.html.
Using the Hyper-V “Connect” window and its Media menu, set the DVD drive to point to the “inputvsc.iso” you just downloaded.
In the virtual machine, “mkdir /mnt” and “mount /dev/hdc /mnt”. That should mount the ISO on /mnt.
Make somewhere to put it, such as “mkdir -p /opt/inputdriver”.
Copy the contents of the ISO to there, “cp -pr /mnt/* /opt/inputdriver”.
Unmount the ISO, “umount /mnt”.
Eject the media using the Media menu in the Hyper-V “Connect” window.
Go into that directory, “cd /opt/inputdriver”.
Install one required package, “yum install xorg-x11-server-sdk”.
Install the mouse driver, “perl setup.pl inputdriver”.
That should succeed.

Start X Windows with “startx” to test it. If the mouse support doesn’t work, you can always kill X by pressing Ctrl-Alt-Backspace, or by logging in remotely to the virtual machine as root and typing “killall X”.

That’s about it. It worked fine for me!
Comments

Hyper-V CentOS 5.2 Distributions

Update: 22nd May 2009 - This does not work with CentOS 5.3 or RedHat 5.3.
Update:
29th December 2008 - I have compacted the original vhd files rather better, and the total download for each version is now about 2.3 Gbytes.

To make life easier for everyone, I have put together a couple of VHD files for Hyper-V that contain a pre-built x86 and x86_64 (x64) distribution of CentOS 5.2 including pre-installed Linux Integration Components. They are fully patched up to date, including the latest kernel version available, as of Christmas 2008.

The root password for each of them is the word “password” (without the quotes).

To construct each one, go to the relevant directories for
the x86 (32-bit)
or x64 (64-bit)
versions and download all the zip files in the directory.

Unpack each zip file and you will have a string of files partaa, partab, partac and so on.

On a Windows system you can join these together into the .vhd file with the command (in a normal Command Prompt window)
x86: copy /B partaa+partab+partac+partad+partae+partaf+partag+partah+partai+partaj+partak+partal CentOS5.2.x86.vhd
(all of that should be on one line)
x64: copy /B partaa+partab+partac+partad+partae+partaf+partag+partah+partai+partaj+partak+partal CentOS5.2.x64.vhd
(all of that should be on one line)

You should end up with a single .vhd file with the following size:
x86: 16173279232 bytes
x64: 18433592832 bytes

Then just build a virtual machine around each one with the .vhd file as the IDE hard disk, and with a Network Adapter (not a Legacy Network Adapter) in it.

Remember that the root password is the word “password” (without the quotes).

You will need to edit these files
  • /etc/hosts
  • /etc/resolv.conf
  • /etc/sysconfig/network

and then run the command “setup” to configure the IP address and so on of the “seth0” network device. Then just reboot and you’re away.

If you need a graphical interface with a mouse and such, then change the “3” to a “5” in the “default” line in /etc/inittab and reboot. But I would advise leaving it in text-only mode.
Comments

Speeding Up Ext3 Filesystems

There are a few things you can do to speed up the ext3 filesystem, and when combined they make a lot of difference!

Firstly, you probably don’t need to store the “last accessed” time of every file and/or every directory, so add “noatime,nodiratime” to the mount options in /etc/fstab (add a comma then that text straight after the word “defaults” in the relevant line of /etc/fstab).

Furthermore, you can optimise the caching of data in the filesystem by adding “data=writeback” to the mount options in /etc/fstab. This is pretty safe as long as your system isn’t very busy and liable to lose power without warning. The only downside is that should it lose power while writing to the disk, a few files may end up with slightly old content in them.

The last one is a little more complicated, but well worth doing. You can change the directories to be B-trees instead of lists, which are a lot faster if you have many files in each directory. Say your filesystem is mounted off /dev/sdb1, for example.
  1. Unmount the filesystem, having stopped all processes that are using it, with “umount /dev/sdb1”.
  2. Change the directory indexing with “tune2fs -O dir_index /dev/sdb1”.
  3. Re-build all the existing directories with “e2fsck -D /dev/sdb1”.
  4. Reboot, or else remount the filesystem and start the processes back up. Rebooting is simpler Happy
  5. That should make your filesystem run a whole lot faster!
Comments

Hyper-V Linux Integration Components RC2 Download

To make it easy to find, the RC2 of the Microsoft Windows Server 2008 Hyper-V Linux Integration Components can be found here: Linux-IC-RC2.
Comments

Speeding Up ext3 Filesystems

There are a few things you can do to speed up the operation of ext3 filesystems, by changing some of the ways in which it behaves by default.

This is all for /dev/sda1, change it to suit the partition you are working with. Make sure you have an ext3 filesystem on there already, and ensure you have unmounted the filesystem first.

umount /dev/sda1
tune2fs -Ohas_journal -o journal_data_writeback /dev/sda1
tune2fs -O dir_index /dev/sda1
e2fsck -D /dev/sda1
Add ",noatime,nodiratime" to the list of options in the relevant line in /etc/fstab.
mount /dev/sda1
Comments

Extracting OLE Objects from Word Documents

Many people have asked me how to extract the file embedded inside an OLE object that has been inserted into a Microsoft Word document, or similar.

I reverse-engineered the file format, it’s very simple. Not this code doesn’t always appear to work, but it gets 95% of them out.

Use it at your own peril. Please credit me (Julian Field jules@jules.fm) where/when/if you use this code or any derivative of it, including translations into other languages.

$byte = "";
$buffer = "";
#$infh = new FileHandle;
#sysopen $infh, "$explodeinto/$inname", O_RDONLY;
Open the infh filehandle with the "inname" file containing the OLE object.
sysseek $infh, 6, SEEK_SET; # Skip 1st 6 bytes
Skip the first 6 bytes, these appear to be useless
$outname = "";
$finished = 0;
$length = 0;
until ($byte eq "\0" || $finished || $length>1000) {
# Read a C-string into $outname
sysread($infh, $byte, 1) or $finished = 1;
$outname .= $byte;
$length++;
}
Read a null-terminated string of bytes,
this becomes the output filename.
next OLEFILE if $length>1000; # Bail out if it went wrong
If the filename was way too long, this is probably corrupt.
$finished = 0;
$byte = 1;
$length = 0;
until ($byte eq "\0" || $finished || $length>1000) { # Throw away a C-string
sysread($infh, $byte, 1) or $finished = 1;
$length++;
}
Throw away the next null-terminated string of bytes.
next OLEFILE if $length>1000; # Bail out if it went wrong
If the string was way too long, this is probably corrupt.
sysseek $infh, 4, Fcntl::SEEK_CUR or next OLEFILE; # Skip next 4 bytes
Skip the next 4 bytes of the file.
sysread $infh, $number, 4 or next OLEFILE;
$number = unpack 'V', $number;
Read the next 4 bytes into a 4-byte int called "$number".
#print STDERR "Skipping $number bytes of header filename\n";
if ($number>0 && $number<1_000_000) {
sysseek $infh, $number, Fcntl::SEEK_CUR; # Skip the next bit of header (C-string)
} else {
next OLEFILE;
}
If the number $number was a reasonable size,
skip that many bytes of the file.
sysread $infh, $number, 4 or next OLEFILE;
$number = unpack 'V', $number;
Read the next 4 bytes in a 4-byte int called "$number".
This is the length of the real embedded file we want to extract.
#print STDERR "Reading $number bytes of file data\n";
sysread $infh, $buffer, $number
if $number>0 && $number < $size; # Sanity check
Read the $number number of bytes into memory into a chunk
of memory allocated which is at least $number bytes long.
Do a sanity check that the number of bytes we have asked it to read
is less than the total length of the input file.
$outfh = new FileHandle;
$outsafe = $this->MakeNameSafe($outname, $explodeinto);
sysopen $outfh, "$explodeinto/$outsafe", (O_CREAT | O_WRONLY)
or next OLEFILE;
Create an output file with a filename which is a sanitised safe
version of the filename we read at the top of this bit of code.
if ($number>0 && $number<1_000_000_000) { # Number must be reasonable!
syswrite $outfh, $buffer, $number or next OLEFILE;
}
close $outfh;
If the output file is less than 1Gbyte long, write out the data we just read.
This creates the file containing the embedded file we wanted to extract.
Then close that output file.
Comments

RedHat 5.2 yum update errors

If you install RedHat 5.2 and try to do a “yum update” command, you get loads of errors about libxslt and libvorbis.

To solve these errors, type the following commands before you do a “yum update”.
# rpm -e --nodeps --allmatches libvorbis
# rpm -e --nodeps --allmatches libxslt-python libxslt-devel
# rpm -e --nodeps --allmatches libxslt
# rpm -e --nodeps --allmatches libvorbis-devel
# yum -y install libvorbis libxslt

Then you will find that “yum update” works as expected.
Comments