bsd.m3th.org » Linux

Recovering data from Linux LVM with same volume group name

Kevin Foo (chfl4gs_) — Fri, 13 Jan 2012 18:58:19 +0000

Although it is not a usual task for replacing/upgrading notebook internal hdd, nevertheless, I have performed one lately due to a failing hdd. smartctl reported hdd read failure and I have decided to make an early replacement. However, I still need to duplicate the hdd for recent data that has not been backup.

Cloning the hdd seems not a good option as it takes longer time and might fail to completely replicate the data due to hdd read failure. So I reinstalled OpenSUSE on the new hdd and restore relevant data on partition.

Default lvm volume group naming convention from OpenSUSE installer is somehow same as previous volume group. This will create problem when accessing data on failing hdd as I need to mount partition on lvm volume group which is same as running system. You should change the volume group name to something else other than “system” during the installation. Guess I didn’t paid too much attention during the installation and now I have 2 “system” volume groups. How should I mount the volume on failing hdd then?

Actually it is just an easy task of renaming volume group name.

1) Discover the UUID of the volume with dd by dumping the disk header.
dd if=/dev/sdb2 bs=512 count=255 skip=1 of=/tmp/sdb2.txt

Checking the output for disk UUID.
cat /tmp/sdb2.txt

You will find some thing like this.

system {
id = "8SX5aX-gQZJ-auYA-UX54-BkBA-nc4V-rNoV6v"
seqno = 6
status = ["RESIZEABLE", "READ", "WRITE"]
flags = []
extent_size = 8192
max_lv = 0
max_pv = 0

physical_volumes {

pv0 {
id = "dAe8PS-ThIN-Piez-pmqE-8hUv-vdGM-dyvtSO"
device = "/dev/sda2"

status = ["ALLOCATABLE"]
flags = []
dev_size = 487845855
pe_start = 384
pe_count = 59551
}
}

logical_volumes {

home {
id = "hQH10J-MouP-sNok-VNJN-53As-BYsw-b5cqS3"
status = ["READ", "WRITE", "VISIBLE"]
flags = []
segment_count = 1

segment1 {
start_extent = 0
extent_count = 50847

type = "striped"
stripe_count = 1        # linear

stripes = [
"pv0", 0
]
}
}

root {
id = "nde2YD-6rgk-Ufm7-bLf7-ERTc-bHdO-kg7fwF"
status = ["READ", "WRITE", "VISIBLE"]
flags = []
segment_count = 1

segment1 {
start_extent = 0
extent_count = 7680

type = "striped"
stripe_count = 1        # linear

stripes = [
"pv0", 51359
]
}
}

swap {
id = "KXGiD4-qFSH-smun-P4wS-TH14-xxfY-lWYlq8"
status = ["READ", "WRITE", "VISIBLE"]
flags = []
segment_count = 2

segment1 {
start_extent = 0
extent_count = 512

type = "striped"
stripe_count = 1        # linear

stripes = [
"pv0", 59039
]
}
segment2 {
start_extent = 512
extent_count = 512

type = "striped"
stripe_count = 1        # linear

stripes = [
"pv0", 50847
]
}
}
}
}

The UUID of the volume group “system” is “8SX5aX-gQZJ-auYA-UX54-BkBA-nc4V-rNoV6v”

2) Renaming the volume group
vgrename 8SX5aX-gQZJ-auYA-UX54-BkBA-nc4V-rNoV6v oldsystem

3) Activate the renamed volume group
# vgchange oldsystem -a y

Now you should have your vg ready. Verify it with
# pvscan

Output

  PV /dev/sdb2   VG oldsystem      lvm2 [232.62 GiB / 0    free]
  PV /dev/sda2   VG system   lvm2 [297.93 GiB / 23.93 GiB free]
  Total: 2 [530.55 GiB] / in use: 2 [530.55 GiB] / in no VG: 0 [0   ]

Check the volume
# lvscan

  ACTIVE            '/dev/oldsystem/home' [198.62 GiB] inherit
  ACTIVE            '/dev/oldsystem/root' [30.00 GiB] inherit
  ACTIVE            '/dev/oldsystem/swap' [4.00 GiB] inherit
  ACTIVE            '/dev/system/home' [250.00 GiB] inherit
  ACTIVE            '/dev/system/root' [20.00 GiB] inherit
  ACTIVE            '/dev/system/swap' [4.00 GiB] inherit

That’s it. You can now mount and dump/restore the failing hdd.

ssh ‘connection reset by peer’ issue

Kevin Foo (chfl4gs_) — Fri, 06 May 2011 02:39:08 +0000

I have been plagued by ssh problem since openssh 5.8p1 on OpenSuSE 11.4. Without any warning, even debug level is set to 3, ssh connection to older router/server is dropped silently. I have issue ssh’ing to AMD64 FreeBSD 8.2-RELEASE which comes with OpenSSH 5.4p1.

chflags@zeus:~> ssh -v 10.0.48.61 -l kevin OpenSSH_5.8p1, OpenSSL 1.0.0c 2 Dec 2010 debug1: Reading configuration data /home/chflags/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to 10.0.48.61 [10.0.48.61] port 22. debug1: Connection established. debug1: identity file /home/chflags/.ssh/id_rsa type -1 debug1: identity file /home/chflags/.ssh/id_rsa-cert type -1 debug1: identity file /home/chflags/.ssh/id_dsa type -1 debug1: identity file /home/chflags/.ssh/id_dsa-cert type -1 debug1: identity file /home/chflags/.ssh/id_ecdsa type -1 debug1: identity file /home/chflags/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.4p1 FreeBSD-20100308 debug1: match: OpenSSH_5.4p1 FreeBSD-20100308 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.8 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP Read from socket failed: Connection reset by peer

With some internet searching, I'm not the only one who's got bitten by this bug :p
Openssh dev: http://www.gossamer-threads.com/lists/engine?do=post_view_flat;post=51339;page=1;mh=-1;list=openssh;sb=post_latest_reply;so=ASC
Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612607
Ubuntu: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493
Arch Linux: https://bugs.archlinux.org/task/22897?project=1

WORKAROUNDS
1) Downgrade openssh to version 5.5p1 or lower or better still upgrade to version 5.8p2 or wait for future release of 5.9p1

2) Add "-c 'aes128-ctr'" when connecting to router/server with older version of ssh.

3) Add to ~/.ssh/config. HostKeyAlgorithms ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss. (I personally couldn't get this work. Can't verify this. You can try it though.)

Once you use one of the workarounds, you should be able to connect to old router/servers. For instance, with workaround 2:-

chflags@zeus:~> ssh -v 10.0.48.61 -c 'aes128-ctr' OpenSSH_5.8p1, OpenSSL 1.0.0c 2 Dec 2010 debug1: Reading configuration data /home/chflags/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to 10.0.48.61 [10.0.48.61] port 22. debug1: Connection established. debug1: identity file /home/chflags/.ssh/id_rsa type -1 debug1: identity file /home/chflags/.ssh/id_rsa-cert type -1 debug1: identity file /home/chflags/.ssh/id_dsa type -1 debug1: identity file /home/chflags/.ssh/id_dsa-cert type -1 debug1: identity file /home/chflags/.ssh/id_ecdsa type -1 debug1: identity file /home/chflags/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.4p1 FreeBSD-20100308 debug1: match: OpenSSH_5.4p1 FreeBSD-20100308 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.8 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA 63:4c:3e:87:76:5a:d7:62:47:d7:74:60:84:72:10:03 debug1: Host '10.0.48.61' is known and matches the RSA host key. debug1: Found key in /home/chflags/.ssh/known_hosts:22 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Next authentication method: publickey debug1: Trying private key: /home/chflags/.ssh/id_rsa debug1: Trying private key: /home/chflags/.ssh/id_dsa debug1: Trying private key: /home/chflags/.ssh/id_ecdsa debug1: Next authentication method: keyboard-interactive Password:

FreeBSD : displaying chinese characters in console

Kevin Foo (chfl4gs_) — Tue, 11 Jan 2011 16:38:34 +0000

A quick and easy tip to display Chinese characters in console mode. This applies not only to FreeBSD, it does for Linux and some other *nix variants too.

This is what you get when dealing with Chinese characters in console mode with csh.

Just set up the environment LANG to zh_TW.UTF-8 with this command setenv LANG zh_TW.UTF-8.

Simple eh? Indeed. Making it permanently, edit /etc/csh.cshrc and put these in:-

setenv ENABLE_STARTUP_LOCALE zh_TW.UTF-8
setenv LC_CTYPE en_US.ISO10646-1
setenv LC_ALL zh_TW.UTF-8
setenv LANG zh_TW.UTF-8

For bash, you can just edit /etc/profile and instead of using setenv, you do it with export. i.e. export LANG=zh_TW.UTF-8.

OpenSuSE 11.3: Network Management disabled

Kevin Foo (chfl4gs_) — Mon, 19 Jul 2010 03:36:12 +0000

Go hit by buggy network manager on OpenSuSE 11.3 turned disabled after waking up from suspend/hibernate.

Simple workarounds to get network manager working again (Use any of these) :-

# qdbus --system org.freedesktop.NetworkManager /org/freedesktop/NetworkManager wake

# nm-online

# rm /var/lib/NetworkManager/NetworkManager.state && rcnetwork restart

This resume bug is marked fixed. However it is not available in update repo yet.

Battery info button on HP elitebook 6930p

Kevin Foo (chfl4gs_) — Wed, 16 Sep 2009 04:43:50 +0000

Keymap for laptop keyboard is fun especially there are lots of default actions attached to it. One particular key, FnF8, which has tiny battery icon is not mapped to any action. It has a keycode of 137 on HP elitebook 6930p. I decided to bind the keycode to call up kpowersave information dialog since I am using KDE4 as desktop manager. But how to call up only kpowersave information dialog? Running command “kpowersave” will only trigger another instance of kpowersave.

I tried to use qdbus but could not find suitable dbus object to display kpowersave information dialog. Nevertheless qdbus is quit handy when come to change power profile of kpowersave.

qdbus is a no go for this purpose. I had to look for something else. Luckily, it did not take much of my time searching. “dcop” is it! dcop kpowersave KPowersaveIface showDetailedDialog will display kpowersave information dialog. Awesome!

I edited keytouch keyboard with these lines.
battery 137 PROG2 dcop kpowersave KPowersaveIface showDetailedDialog

Reactivated keytouch, the nifty application to map your multimedia keyboard. This is the result of pressing FnF8.

Nice eh?

Quick note on Xen P2V migration

Kevin Foo (chfl4gs_) — Fri, 24 Jul 2009 09:23:47 +0000

I had migrated some of the old machines at work to Xen hypervisor VM. The procedure is rather straight forward and with many options. In this post, I used simple dd command to migrate physical machine to a flat file image on Xen server.

DD IN ACTION

debian-HP370:~/ # dd if=/dev/cciss/c0d0 | ssh me@xenserver dd of=/home/xen/img/debian-HP370.img

This will take a long time depending on your disk size/network speed. So leave it there and go on with other stuff. After a couple of hours, you have the image transferred to Xen server.

TAILORING TO VM ENVIRONMENT

As the physical machine has smart array raid and VM has choices of disk options: IDE, SATA, physical partition under the VM guest, I mounted the image and edit /etc/fstab to reflect disk on VM. Mounting an image file with many partitions is simple. Firstly, offset value of the partition is required. This can be obtained via fdisk command.

xenserver:/home/xen/img # fdisk -lu debian-HP370.img
You must set cylinders.
You can do this from the extra functions menu.

Disk debian-HP370.img: 0 MB, 0 bytes
255 heads, 63 sectors/track, 0 cylinders, total 0 sectors
Units = sectors of 1 * 512 = 512 bytes
Disk identifier: 0x111f5759

Device Boot Start End Blocks Id System
debian-HP370.imgp1 * 63 102269789 51134863+ 83 Linux
debian-HP370.imgp2 102269790 106655534 2192872+ 5 Extended
debian-HP370.imgp5 102269853 106655534 2192841 82 Linux swap / Solaris

The offset value in this example is 63 * 512 = 32256

Note : 63 is the Start sector of the partition that I wanted to mount.

xenserver:/home/xen/img # mount -o loop,offset=32256 debian-HP370.img /mnt/stuff

Next, you can just vi /mnt/stuff/etc/fstab, to suit your Xen VM configurations. We are almost done.

CREATING NEW VM

Creating a new VM is rather easy. You need a configuration file for VM guest. Please refer to example and wiki for complete parameters. Just run xm new i.e. xm new debian-vmconfig or else use vm-install and be prompted with bunch of questions for configuration parameters. Sample HVM configuration file for my VM:-

name=”Linux-debian-HP370″
memory=1024
maxmem=2048
vcpus=2
on_poweroff=”destroy”
on_reboot=”restart”
on_crash=”destroy”
localtime=0
keymap=”en-us”

builder=”hvm”
extid=0
device_model=”/usr/lib/xen/bin/qemu-dm”
kernel=”/usr/lib/xen/boot/hvmloader”
boot=”c”
disk=[ 'file:/home/xen/img/debian-HP370.img,sda,w', ]
vif=[ 'mac=00:16:3e:51:16:ee,bridge=br0,model=e1000', ]

stdvga=0
vnc=1
vncunused=1
apic=1
acpi=1
pae=1

serial=”pty”

START THE MACHINE, LITERALLY

At this point of time, you should turn off the physical machine to avoid IP address clash. There is one last step to go which is the editing grub on VM. You could just fire up the new guest VM with xm start Linux-debian-HP370 && xm console Linux-debian-HP370 and hit “e” at GRUB menu to edit kernel parameter for root disk. Lastly, modify /boot/grub/menu.lst to reflect your root partition. Remember to run update-grub after finished editing.

OPTIONAL

Since my xen is a headless box, I have to go extra mile to get into the console by ssh tunnel.

ssh me@xenserver -L 5900:127.0.0.1:5900

Connect vnc to localhost will give you the new shinny VM console.

Debian : ssl-cert 1.0.15 chroot issue (ugly workaround)

Kevin Foo (chfl4gs_) — Wed, 20 Feb 2008 05:13:22 +0000

On my previous post, I encountered problem with ssl-cert in chrooted environment. By installing ssl-cert via apt-get, these processes were triggered.
root 27799 0.0 0.4 4676 2256 pts/2 Ss+ 04:33 0:00 /usr/bin/dpkg --status-fd 13 --configure ssl-cert root 27800 0.4 1.3 10016 7132 pts/2 S+ 04:33 0:00 /usr/bin/perl -w /usr/share/debconf/frontend /var/lib/dpkg/info/ssl-cert.postinst configure root 27806 0.0 0.2 3804 1192 pts/2 S+ 04:33 0:00 /bin/sh -e /var/lib/dpkg/info/ssl-cert.postinst configure root 27808 0.0 0.2 3820 1280 pts/2 S+ 04:33 0:00 /bin/bash -e /usr/sbin/make-ssl-cert generate-default-snakeoil root 27812 0.0 0.2 3780 1448 pts/2 S+ 04:33 0:00 openssl req -config /tmp/tmp.OXerK27810 -new -x509 -days 3650 -nodes -out /etc/ssl/certs/ssl-cert-snakeoil.pem -keyout /etc/ssl/private/ssl-cert-snakeoil.key

Further investigation showed that process 27812 stuck. Running the openssl command manually brings up:
27830:error:0E065068:configuration file routines:STR_COPY:variable has no value:conf_def.c:629:line 5

The error message is exactly same as what Michael Prokop has found out.

The content of /tmp/tmp.OXerK27810 is:
# # SSLeay example configuration file. #


RANDFILE                = $ENV::RANDFILE
[ req ]

default_bits            = 1024

default_keyfile         = privkey.pem

distinguished_name      = req_distinguished_name

prompt                  = no

policy                  = policy_anything

[ req_distinguished_name ] commonName = myshinnybox

DIRTY SOLUTION
As I’m only interested to get packages such as Postfix, Postgresql Apache mod SSL to install, killed the “apt-get install ssl-cert” process and fired up vi and removed the line RANDFILE = $ENV::RANDFILE from /tmp/tmp.OXerK27810.

# openssl req -config /tmp/tmp.OXerK27810 -new -x509 -days 3650 -nodes -out /etc/ssl/certs/ssl-cert-snakeoil.pem -keyout /etc/ssl/private/ssl-cert-snakeoil.key Generating a 1024 bit RSA private key ................................................++++++ .......++++++ writing new private key to '/etc/ssl/private/ssl-cert-snakeoil.key' ----- # apt-get install ssl-cert Reading package lists... Done Building dependency tree Reading state information... Done ssl-cert is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 1 not fully installed or removed. After this operation, 0B of additional disk space will be used. Setting up ssl-cert (1.0.15) ... #

I don’t understand why the package ssl-cert exist in the first place when user can just use “openssl” command to generate ssl certificate. Yet making the situation worst, ssl-cert was added as dependency to many packages. Duh! In additional, chroot seems to be buggy under Linux.

Debian : ssl-cert 1.0.15 chroot issue

Kevin Foo (chfl4gs_) — Mon, 18 Feb 2008 12:16:04 +0000

Ran into some issues with ssl-cert 1.0.15 installation on Debian chroot environment. But looks like I’m not alone. The issue was reported by Michael Prokop.

molecule:/# apt-get install ssl-cert Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: ssl-cert 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 0B/7938B of archives. After this operation, 90.1kB of additional disk space will be used. Preconfiguring packages ... Selecting previously deselected package ssl-cert. (Reading database ... 27065 files and directories currently installed.) Unpacking ssl-cert (from .../ssl-cert_1.0.15_all.deb) ... Setting up ssl-cert (1.0.15) ...

……took forever……

make-ssl-cert generate-default-snakeoil took forever. So it looks like no fun with ssl-cert in chroot’ed environment. Any solution out there? Buzz me. Thanks.

Linux : vmsplice local root exploit (Goodbye uptime)

Kevin Foo (chfl4gs_) — Wed, 13 Feb 2008 17:41:05 +0000

As Linux kernel vmsplice local root exploit in the wild and the Debian boxes in my office is vulnerable to the exploit, I have decided to upgrade their kernels. It’s sad to see rock-solid Linux boxes went down for the 1st time after running stable nearly 8 months.

17:01:25 up 230 days, 9:59, 3 users, load average: 0.00, 0.00, 0.02

17:02:31 up 231 days, 7:02, 1 user, load average: 0.18, 0.38, 0.18

After upgrade
chflags@mzimyklosb03:~$ ./c ----------------------------------- Linux vmsplice Local Root Exploit By qaaz ----------------------------------- [+] mmap: 0x0 .. 0x1000 [+] page: 0x0 [+] page: 0x20 [+] mmap: 0x4000 .. 0x5000 [+] page: 0x4000 [+] page: 0x4020 [+] mmap: 0x1000 .. 0x2000 [+] page: 0x1000 [+] mmap: 0xb7e64000 .. 0xb7e96000 [-] vmsplice: Bad address chflags@mzimyklosb03:~$ uname -smr Linux 2.6.24.2 i686

CentOS : Switching default MTA to Postfix

Kevin Foo (chfl4gs_) — Sun, 03 Feb 2008 17:59:11 +0000

This a just a short note for my own reference.

1) Install postfix
# yum install postfix

2) Set default MTA to Postix via this command
# alternatives –set mta /usr/sbin/sendmail.postfix

3) Autostart Postfix (Optional but you really want to do it)
# chkconfig –levels 235 sendmail off
# chkconfig –levels 235 postfix on
# /etc/init.d/sendmail stop
# /etc/init.d/postfix start