Adding the VIQR input method to IBus

To add the VIQR input method to IBus, install the ibus-table-others package. My setup is GNOME on Arch Linux, so the steps were as follows:

  • Install the package ibus-table-others package from the AUR
  • Log out and log back in
  • Add the Vietnamese (Viqr) input method in Keyboard settings

Background

When I need to type in Vietnamese, I use the VIQR input method because it was the method that made the most sense to me. The other popular method is VNI, but I did not have the patience to learn the numbers that would give me the desired accent (diacritic) marks.

I have the VIQR input method set up on my desktop but until recently, my laptop was not set up with the input method. To make it even more fun, I have swapped and reloaded laptops a few times of the past few years. Since this is something I have done years ago, it took a while to recall how to do this again.

Clonezilla: “Box” is an unknown partition device

I was looking for some files that were on my laptop before I erased it for re-partitioning (to GPT) and reinstalling. Luckily, I made an image of the drive using Clonezilla.

When trying to restore the partition image to a disk (restoreparts) inside a VM, Clonezilla kept error-ing out after selecting the partition(s) to restore.

"Box" is an unknown partition device. Program terminated!.
“Box” is an unknown partition device. Program terminated!.

After some failures in both Proxmox and ESXi, it dawned on me that Clonezilla is unhappy because there are no partitions to target. Luckily, one can drop to the shell, sudo su to become root, and use fdisk to create the target partition(s).

If unsure about the partition type and/or size, there are a few files in the folder containing the image that could provide hints such as sda-pt.parted (sda is the block device at the time the image was created).

Once the partition(s) are created, CTRL+C twice to exit root and exit the shell and restart Clonezilla to restore partition image(s).

Updating ESXi host using local patch zip file

A Tweet from @ESXiPatches prompted me to update my ESXi 6.7.0 host. I enabled SSH and tried to update, but I got the popular message:

$ esxcli software profile update -p ESXi-6.7.0-20220704001-standard \
  -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml
 [OSError]
 [Errno 28] No space left on device
 Please refer to the log file for more details.

This is not the first time I’ve been hit by this error. Last time I worked around it I did not document it. I do know that I tried the solution from virten.net and it did not work.

I came across another solution where instead of specifying the depot URL, esxcli can be pointed at an archive. I downloaded the patch zip file from VMware Customer Connect, uploaded it to my datastore (datastore-0), and was able to update my host with the following command:

$ esxcli software profile update -p ESXi-6.7.0-20220704001-standard -d /vmfs/volumes/datastore-0/_downloads/ESXi670-202207001.zip
Update Result
   Message: The update completed successfully, but the system needs to be rebooted for the changes to be effective.
   Reboot Required: true
   <snip>

Proxmox VE and Let’s Encrypt with DNS-01 Validation

One of the appealing reasons for using Proxmox VE as your hypervisor is that one can configure their system to obtain a TLS certificate for https from Let’s Encrypt on a regular basis.

The Environment

At the time of writing, I am running Proxmox VE version 7.2-4. The name of the node for this article will be pve.
I have a dynamic DNS zone (i.e. acme.example.net) running BIND for the purposes of enabling ACME clients (acme.sh) to update the dynamic zone with the appropriate TXT record. A CNAME will be created in the “top-level” zone (example.net) such that querying _acme-challenge.pve.example.net will be answered by _acme-challenge.pve.acme.example.net.

Configuration

In PVE, go to Datacenter > ACME and then click Add under Accounts to register an ACME account.

The next step is to add a Challenge Plugin. On the same screen click Add under Challenge Plugins.

Plugin ID: nsupdate
Validation Delay: 30 (default)
DNS API: nsupdate (RFC 2136)
NSUPDATE_KEY=/var/lib/pve/nsupdate.key
NSUPDATE_SERVER=acme.ns.example.net

Since I am using nsupdate as the DNS API, I generate a key locally:

$ ddns-confgen -a hmac-sha256 -k pve.example.net. -q > pve.key

Transfer the key to PVE to the location specified in NSUPDATE_KEY. Below are the user/group and permissions for reference.

# ls -l /var/lib/pve/nsupdate.key
-rw-r--r-- 1 root root 128 Jun 21 19:43 /var/lib/pve/nsupdate.key

Now go to the node itself under Datacenter. Go to System > Certificates. Under ACME, click Add.
Select DNS as the Challenge Type, select nsupdate as the plugin, and enter the PVE host’s domain.

Since we have delegated the actual records to another DNS zone, we need to make one small change to the (PVE) node’s configuration. Under the DNS Validation through CNAME Alias of the documentation:

set the alias property in the Proxmox VE node configuration file

https://pve.proxmox.com/wiki/Certificate_Management#sysadmin_certs_acme_dns_challenge

To do that, I ssh-ed into the node (as root), opened /etc/pve/local/config in nano, and added alias=pve.acme.example.net to the end of the line that has the domain (in my case, it was the line that started with acmedomain0)

# cat /etc/pve/local/config
acme: account=default
acmedomain0: pve.example.net,plugin=nsupdate,alias=pve.acme.example.net

Save (CTRL+O) and Exit (CTRL+X)

Back in the web interface, in the Certificates screen (Datacenter > Your node (pve) > System > Certificates) you should be able to select the domain and click Order Certificates Now.

At this point PVE should be able to create a TXT _acme-challenge record in the (delegated) dynamic DNS zone, Let’s Encrypt should be able to validate it, and we should be able to get an TLS certificate for https.

can’t change attributes MNT_DEFEXPORTED already set for mount

When restarting my TrueNAS (CORE) box, I got a few of the following errors for a few of my datasets:

Apr 23 02:11:37 truenas 1 2022-04-23T02:11:37.549270+00:00 truenas.local mountd 1176 - - can't change attributes for /mnt/tank/user/jmtran: MNT_DEFEXPORTED already set for mount 0xfffff8016cc87000
Apr 23 02:11:37 truenas 1 2022-04-23T02:11:37.549276+00:00 truenas.local mountd 1176 - - bad exports list line '/mnt/tank/user/jmtran'

They were not show-stoppers, but they were slightly annoying. Since exports is a NFS thing, let’s take a look at the sharenfs property

$ zfs get -t filesystem sharenfs                         
NAME                                                   PROPERTY  VALUE     SOURCE
...
tank/user/jmtran                                       sharenfs  on        local

The source of the sharenfs property for some datasets were either local or received. This was because tank was from a Linux system and I had manually set sharenfs to share the dataset via NFS.

To made TrueNAS happy, I did the following such that the source of the property became default

# zfs inherit sharenfs tank/user/jmtran
# zfs get -t filesystem sharenfs tank/user/jmtran
NAME              PROPERTY  VALUE     SOURCE
tank/user/jmtran  sharenfs  off       default

Print photos to DNP DS-RX1HS on Linux

I have a DNP DS-RX1HS photo printer for the occasional photobooth “gig” and every so often, I would like to print out some photos. When I do print photos, I would have get the image to a laptop and if I picked up the T430, I would have to reboot that into Windows otherwise there’s the MacBook Pro that is sometimes out of battery because it is an old laptop. I would like to get out of that business and print to the printer from whatever device I am working on.

Unfortunately DNP’s website offers drivers for Windows or macOS but not Linux. Since macOS uses CUPS I thought I could add the printer on Linux using its PPD. After looking at the PPD, it became apparent that this was not going to work. The PPD had calls to binaries such as rastertodnp and without the source I would not be able to recompile the binaries to work on Linux.

For kicks and giggles, I searched GitHub for “dnp ds rx1” to see if anyone has attempted something similar. I came across a few results that mentioned Gutenprint. Promising.

Looking at the ArchWiki for a page about Gutenprint, I installed the gutenprint and foomatic-db-gutenprint-ppds packages. Then I added the printer via the CUPS web interface since the system-config-printer utility kept throwing a client-error-not-possible error. I could add the printer using Gnome’s Printers settings panel, but I prefer to name the printers (ds-rx1hs).

Once the printer was added, I was able to print photos to the DS-RX1HS from Linux. There is also support for cutting the photos at the 2 inch/horizontally halfway point for photo strips which is NEAT. At this point, I am considering getting a RaspberryPi and set it up as a print server such that I am able to print photos to it from my desktop and/or my laptop.

Yet another post about setting up alerts

tl;dr Set up e-mail alerts so that you are alerted to when things (start to) go wrong.

This morning, I got an email from my FreeNAS server with the following:

New alerts:
* Boot Pool Status Is ONLINE: One or more devices has experienced an unrecoverable error. An attempt was made to correct the error. Applications are unaffected.

Logging in to the server, I ran zpool status freenas-boot to see the state of the pool:

# zpool status
  pool: freenas-boot
 state: ONLINE
status: One or more devices has experienced an unrecoverable error.  An
	attempt was made to correct the error.  Applications are unaffected.
action: Determine if the device needs to be replaced, and clear the errors
	using 'zpool clear' or replace the device with 'zpool replace'.
   see: http://illumos.org/msg/ZFS-8000-9P
  scan: scrub repaired 98.5K in 0 days 01:08:27 with 0 errors on Wed May 27 04:53:27 2020
config:

	NAME                                            STATE     READ WRITE CKSUM
	freenas-boot                                    ONLINE       0     0     0
	  mirror-0                                      ONLINE       0     0     0
	    gptid/44bef123-fee5-11e4-9e92-0cc47a4a5aff  ONLINE       0     0     1
	    ada0p2                                      ONLINE       0     0     0  block size: 512B configured, 4096B native

errors: No known data errors

Luckily, this pool is made up of a mirrored vdev: a USB flash drive (gptid/44bef123-fee5-11e4-9e92-0cc47a4a5aff) and an SSD (ada0/p2). Per zpool status, I ran zpool clear to clear the error. The next scrub will be towards the end of the month (June), so we will see if this error comes back. In the meantime, I have started to look into replacing the flash drive with a SATA DOM.

# zpool clear freenas-boot

# zpool status freenas-boot
  pool: freenas-boot
 state: ONLINE
status: One or more devices are configured to use a non-native block size.
	Expect reduced performance.
action: Replace affected devices with devices that support the
	configured block size, or migrate data to a properly configured
	pool.
  scan: scrub repaired 98.5K in 0 days 01:08:27 with 0 errors on Wed May 27 04:53:27 2020
config:

	NAME                                            STATE     READ WRITE CKSUM
	freenas-boot                                    ONLINE       0     0     0
	  mirror-0                                      ONLINE       0     0     0
	    gptid/44bef123-fee5-11e4-9e92-0cc47a4a5aff  ONLINE       0     0     0
	    ada0p2                                      ONLINE       0     0     0  block size: 512B configured, 4096B native

errors: No known data errors

The moral of this story: set up email alerts or some kind of alerting system to alert you when things (start to) go wrong.

blog.

This [blog] has been an idea on the back burner for a very long time. Reasons for this include:

  • What will I use? (WordPress, GitHub Pages, etc.)
  • What will the domain name be?

As you can tell, I have decided to use WordPress and this subdomain. Maybe one day I will get creative and flip everything around but this is the lane that I have chosen to drive in (for now).

INSTALL_VERIFICATION_FAILED_ALERT_INFO Error with Office 365 and macOS

While installing Office 365 (16.25.19051201) for a client (macOS High Sierra 10.13.6), Microsoft AutoUpdate (MAU) pops up with an error saying “INSTALL_VERIFICATION_FAILED_ALERT_INFO”. Clicking OK would open the browser and it would proceed to download the latest AutoUpdate to install. However, at the end of the install the error comes up again. Repeat until annoyed.

While going through many Q & A pages, I recall running into a folder that I couldn’t access without elevated privileges. I don’t know macOS internals that well so I didn’t have the slightest idea as to the purpose of that folder.

It turns out that the permissions on /Library/PrivilegedHelperTools were borked. Unfortunately, I didn’t capture what the state was but it was probably something along the lines of rwx------.

Comparing with two devices I had access to, the permissions were the following:

# ls -ld /Library/PrivilegedHelperTools
drwxr-xr-t  13 root  wheel  416 Feb 22 18:32 /Library/PrivilegedHelperTools

As root, I semi-sorted the permissions with # chmod 755 /Library/PrivilegedHelperTools and rebooted. Upon reboot, the permissions were rwxr-xr-t and MAU and friends appeared to be happy.