Tuesday, May 18, 2010

Build your own Media Center: Installing XBMC on Fedora Core 12 (FC12)

First, make sure you have a user "xbmc" installed - we'll run everything as a protected user.

I would login from a laptop or another PC with an ssh windows client, such as putty ssh (Putty Download) to do the installation, just in case you mess up something. To upload files use a windows sftp package like Bitvise Tunnelier (Tunnelier Download).

Install the latest NVIDIA Linux Driver - I wont document ATI Cards, since we're gunning for VDPAU processing offload to the graphics card to keep our media centre running at optimal performance. You SHOULD update your kernel at the same time:

yum install kernel.x86_64 kernel-devel.x86_64

Reboot, and install the latest NVIDIA Kernel modules (which will install dependent Xorg modules/libraries).

yum install kmod-nvidia-2.6.32.11-99.fc12.x86_64.x86_64 (make sure to match kernel number to running kernel)

You might need to adjust your grub settings if you get errors when loading nvidia.ko kernel module like:

May 18 14:12:03 localhost kernel: NVRM: No NVIDIA graphics adapter probed!
May 18 14:12:36 localhost kernel: NVRM: The NVIDIA probe routine was not called for 1 device(s).
May 18 14:12:36 localhost kernel: NVRM: This can occur when a driver such as rivafb, nvidiafb or
May 18 14:12:36 localhost kernel: NVRM: rivatv was loaded and obtained ownership of the NVIDIA
May 18 14:12:36 localhost kernel: NVRM: device(s).
May 18 14:12:36 localhost kernel: NVRM: Try unloading the rivafb, nvidiafb or rivatv kernel module
May 18 14:12:36 localhost kernel: NVRM: (and/or reconfigure your kernel without rivafb/nvidiafb
May 18 14:12:36 localhost kernel: NVRM: support), then try loading the NVIDIA kernel module again.

To remedy, add "nomodeset" to the /etc/grub.conf line for your kernel:

kernel /vmlinuz-2.6.32.11-99.fc12.x86_64 ro root=/dev/mapper/vg_xbmc-lv_root LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us rhgb quiet nomodeset

Then, install subversion and checkout the latest XBMC out of the repository:

yum install subversion.x86_64

cd /home/xbmc

svn checkout http://xbmc.svn.sourceforge.net/svnroot/xbmc/trunk xbmc

Add the RPMFusion repository (This will make things easier I promise, half of required packages do not exist on the standard FC Repos):

rpm -Uvh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm

Then install the following XBMC Dependencies:

yum install quilt.x86_64 cmake.x86_64 autoconf.noarch automake.noarch unzip.x86_64 boost.x86_64 boost-devel.x86_64 mesa-libOSMesa.x86_64 mesa-libGL-devel.x86_64 mesa-libGLU-devel.x86_64 libjpeg-devel.x86_64 glew-devel.x86_64 libsamplerate-devel.x86_64 libogg-devel.x86_64 libvorbis-devel.x86_64 freetype-devel.x86_64 fontconfig-devel.x86_64 zfstream.x86_64 fribidi-devel.x86_64 libsqlite3x-devel.x86_64 mysql-libs.x86_64 alsa-lib-devel.x86_64 libpng-devel.x86_64 pcre-devel.x86_64 lzo-devel.x86_64 libcdio-devel.x86_64 SDL_image-devel.x86_64 SDL_mixer-devel.x86_64 enca-devel.x86_64 jasper-devel.x86_64 libXt-devel.x86_64 libXmu-devel.x86_64 libXinerama-devel.x86_64 libcurl-devel.x86_64 dbus-devel.x86_64 hal-devel.x86_64 avahi-devel.x86_64 libXrandr-devel.x86_64 libavc1394-devel.x86_64 libmp4v2.x86_64 libmp4v2-devel.x86_64 libass-devel.x86_64 flac-devel.x86_64 wavpack-devel.x86_64 python-devel.x86_64 gawk.x86_64 gperf.x86_64 nasm.x86_64 cwiid-devel.x86_64 zlib-devel.x86_64 libsmbclient-devel.x86_64 libtiff-devel.x86_64 libisofs-devel.x86_64 openssl-devel.x86_64 libmicrohttpd-devel.x86_64 libmodplug-devel.x86_64 libssh-devel.x86_64 libssh2-devel.x86_64 gettext.x86_64 cvs.x86_64 libtool.x86_64 gcc-c++.x86_64 libmad-devel.x86_64 bzip2-devel.x86_64 libmpeg2-devel.x86_64 libmpeg3-devel.x86_64 libmms-devel.x86_64 mysql-devel.x86_64 faad2-devel.x86_64 libXtst-devel.x86_64 ccache.x86_64 expat-devel.x86_64 libvdpau-devel.x86_64

Start the XBMC Installation:

./bootstrap

./configure --disable-pulse --enable-vdpau --enable-ccache (We'll use direct ALSA Drivers for Multiplexing and enable VDPAU for offloading)

make -j2 (dual core) or -j4 (quad core)

Takes about 35 minutes to compile on a 2.4Ghz Core2Duo with 2GB RAM

make install

To autologin as the xbmc user, edit the /etc/gdm/custom.conf file and add the following section:

[daemon]
TimedLoginEnable=true
AutomaticLoginEnable=true
AutomaticLogin=xbmc
TimedLogin=xbmc
TimedLoginDelay=0

Then reboot your machine, go to System --> Preferences --> Startup Applications and then uncheck everything except for:

"Volume Control"
"Network Manager"

Then click on Add to create an XBMC startup item, and fill in the following:

Name: xbmc
Command: /usr/local/bin/xbmc

Click on Save, and then hit CTRL-ALT-Backspace to restart GDE, which should now automatically login and start XBMC with sound. All very nice and pretty !!!

Monday, May 10, 2010

Injecting VNC Server into a remote Windows Server

I had a strange issue today, a Windows 2008 server, with broken RDP , no way for me to get to a desktop screen of it to fix. Here is a quick little solution to inject a VNC Server into the machine to allow you to get some access.

You WILL need at the very least:

IP Address
Username with admin rights
Password

So undertake the following:

1. Download and install a full install of UltraVNC (do not startup and services) - UltraVNC Download

2. Download a package called "Fastpush" to C:\fastpush - Fastpush 8a Download

3. Edit the c:\fastpush\fp8a.cmd file and change the following line to point to the correct path:

set fplocation=C:\fastpush

4. run c:\fastpush\utils\vncenc.exe to create a password:

C:\fastpush\utils>vncenc.exe password
Password = REG_BINARY 0x00000008 0xfd3cd8db 0x58147a72

5. Copy the whole output line and paste into both c:\fastpush\common\machine.ini and c:\fastpush\common\vnc4.ini

6. Run the fastpush injection/installation:

fp8a.cmd 10.0.1.2 /vnc /user DOMAIN\administrator password /log /noshortcut /firewall /noview

Where:

/vnc = install VNC server
/user = username/password
/log = log results to c:\fastpush\results.txt
/noshortcut = dont create shortcuts for the VNC server installation on target machine
/firewall = install a firewall exception for the VNC Server on target machine
/noview = do not install VNC viewing tools on target machine

Thats it, use the UltraVNC viewer to now login to your server !

Sunday, May 9, 2010

Resume support for SSH/SCP downloads in *nix

I've had problems with broken downloads on a Solaris 10 system, and after some digging I found that rsync has a native "partial completion" component built in that keeps partially downloaded files and then continues where you left off on restarting the download (rsync man page). The Machine you are downloading FROM needs to have rsyncd enabled though.

First create an alias to simplify things:

alias scpr='rsync -avzh --progress --partial --stats --itemize-changes -e ssh '

Then start your download:

scpr user@host:/dir/file .

If the download breaks, just re-run the command and it will continue from where it left off.

Wednesday, May 5, 2010

Downloading Sun Patch Clusters without SunSolve

Try this:

Solaris 10 x86 - http://mirror.cogentco.com/pub/misc/10_x86_Recommended.zip

Solaris 10 SPARC - http://mirror.cogentco.com/pub/misc/10_Recommended.zip

Solaris 9 - http://mirror.cogentco.com/pub/misc/9_Recommended.zip

Solaris 8 - http://mirror.cogentco.com/pub/misc/8_Recommended.zip

Letting Tomcat handle SSL requests

Most people use the apache2/modJK approach to do SSL offload/redirection to Tomcat contexts, but Tomcat has matured and the benefits of not using modJK and a possibly memory hungry apache is appealing.

This is to show how to use an EXISTING ssl key and how to import it into tomcat.

Create a tomcat keyring first in /opt/csw/tomcat5/ssl (you'll need to mkdir ssl)

keytool -genkey -alias tomcat -keyalg RSA

use the password "changeit" this is the default tomcat one.

Put in any Information, this would only be used in the case of issuing a CSR request.

I'm using a Godaddy.com CA, but substitute whichever CA you have:

Download Godaddy CA Cert for Signing from https://certs.godaddy.com/anonymous/repository.seam;jsessionid=A3D2CC1A02748C7AD01654BD5ED6D777.web002?streamfilename=gd-class2-root.crt&actionMethod=anonymous%2Frepository.xhtml%3Arepository.streamFile%28%27%27%29&cid=212695 and save it as godaddy.crt

Get the original .crt .csr .key from the Apache2/modJK installation.

Then

Cat these files together in THIS order:

cat godaddy.crt www.website.com.key www.website.com.crt > ssl.pem

Then create a PKS12 key in the tomcat keyring

openssl pkcs12 -export -in ssl.pem -out ssl.p12 -name tomcat

Cert is now valid and signed correctly.

In Tomcat, change the SSL section in /opt/csw/tomcat5/conf/server.xml running on 8443 to this:

keystoreFile="/opt/csw/tomcat5/ssl/ssl.p12" keystorePass="changeit" keystoreType="PKCS12"
SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" />

Restart Tomcat and test with https://server/manager/html

To stop Tomcat serving requests on https://server (which is a security risk in itself) delete the tomcat5/webapps/ROOT directory and all should be okay.

Remember to choose a complex password for the "manager" role in tomcat.

Tuesday, May 4, 2010

Problem: no SSH into a default VMware ESX 3.5 Installation

ESXi 3.5 does ship with the ability to run SSH, but this is disabled by default (and is not supported).


At the console of the ESXi host, press ALT-F1 to access the console window.

Enter unsupported in the console and then press Enter. You will not see the text ou type in.

If you typed in unsupported correctly, you will see the Tech Support Mode warning and a password prompt. Enter the password for the root login.

You should then see the prompt of ~ #. Edit the file inetd.conf (enter the command vi /etc/inetd.conf).

Find the line that begins with #ssh and remove the #. Then save the file. If you’re new to using vi, then move the cursor down to #ssh line and then press the Insert key. Move the cursor over one space and then hit backspace to delete the #. Then press ESC and type in :wq to save the file and exit vi. If you make a mistake, you can press the ESC key and then type it :q! to quit vi without saving the file.

Once you’ve closed the vi editor, run the command /sbin/services.sh restart to restart the management services. You’ll now be able to connect to the ESXi host with a SSH client.

Setting up an iSCSI Target on Solaris 10

Provide a directory where the logical units will be stored (file based LUN's will be stored here)

iscsitadm modify admin -d /etc/iscsi

and turn on fast write ACK's:

iscsitadm modify admin -f enable

Obviously if you'd like to have the LUs stored elsewhere just supply a different directory.

Create a direct connection to a disk drive:

iscsitadm create target --type raw --backing-store /dev/dsk/c4t600A0B8000492E84000002914BDE738Ad0p0 mssql

Or just create a logical disk on top of a normal filesystem:

iscsitadm create target -z 20g mssql

"-z 20g" is the size of the iSCSI targetand "mssql" is the name of the iSCSI target. Now set the receive buffer size, to increase write speeds:

iscsitadm modify target --maxrecv 16777214 mssql

Enable discovery from a host running the Solaris initiator

iscsiadm add discovery-address 10.0.0.25
iscsiadm modify discovery -t enable

Test to see all is okay with "iscsitadm list target -v" :

root@Selenium-S10 - ~>iscsitadm list target -v
Target: mssql
iSCSI Name: iqn.1986-03.com.sun:02:b374a80a-816f-65e6-b0b8-babca7af2adc.mssql
Alias: MSSQL
MaxRecv: 16777214
Connections: 0
ACL list:
TPGT list:
TPGT: 1
LUN information:
LUN: 0
GUID: 010000144f1fd33800002a004bdf2651
VID: SUN
PID: SOLARIS
Type: disk
Size: 543G
Status: online