Thursday, June 30, 2016

Using bluetooth headset on Linux

I bought a bluetooth headset recently. I got to make it work with my Linux laptop. There are 2 tools that I found useful in my experience in making it works such as:

  1. rfkill - let you know whether particular feature is blocked or not
Example: rfkill list

0: phy0: Wireless LAN
        Soft blocked: no
        Hard blocked: no
1: asus-wlan: Wireless LAN
        Soft blocked: no
        Hard blocked: no
2: asus-bluetooth: Bluetooth
        Soft blocked: yes
        Hard blocked: no

As you can see, the bluetooth is soft blocked. It means, you have to turn it on using software. Usually you can enable it using a GUI tool in your KDE or GNOME desktop. If it is hard blocked, it means you have to turn it on by pressing a combination of or a key on your keyboard or a switch. 

2. pavucontrol

Taken verbatim from here:

Pulseaudio volume control (pavucontrol) is a simple gtk+ based volume control tool (mixer) for the pulseaudio sound server. in contrast to classic mixer tools this one allows you to control both the volume of hardware devices and of each playback stream separately. it also allows you to redirect a playback stream to another output device without interrupting playback.

It is a powerful tool to control your input and output devices. If you want to use your bluetooth headset, you can change it here (see picture above).

That's all there is to it. Have fun!

Monday, May 30, 2016

Introducing Pipelight

Hi there!

I was trying to access a page with silverlight on it but I couldnt view the page correctly because I was using Mozilla and Linux. I need to instll silverlight plugin. I could've installed Project Mono but it has been discontinued the project and won't support it in the future. In Ubuntu forum, someone mentioned about Pipelight. The concept of Pipelight is running the plugin using wine (it will run in the background). It solved my problem. I can now access the page and view it correctly. Try it.

Have fun! :D

Wednesday, May 25, 2016

How to disable ctl+alt+backspace key from killing your X server in KDE?

I recently accidentally pressed ctrl+alt+backspace key combination. It killed my X server. To prevent it from happening again and to protect your unsaved works, you have to disable this key combination. For KDE 4.x users, below are the steps:

Open the settings page:
Menu --> Applications --> Settings --> System Settings

Open the Input Devices:

Clik on Keyboard and the Advanced tab and click on the Configure keyboard options checkbox:

Find Key sequence to kill the X server from the list and untick the check box for Ctrl + Alt + Backspace

And then click the Apply button to save the settings.

That is all there is to it. Have fun!

Thursday, May 19, 2016

Enable or disable a service from autostarting on ubuntu and derivatives

To make a upsmon service to autostart during bootup:

sudo update-rc.d upsmon enable

The output looks like this:

update-rc.d: warning: /etc/init.d/upsmon missing LSB information
update-rc.d: see
 Disabling system startup links for /etc/init.d/upsmon ...
 Removing any system startup links for /etc/init.d/upsmon ...
 Adding system startup for /etc/init.d/upsmon ...
   /etc/rc0.d/K06upsmon -> ../init.d/upsmon
   /etc/rc1.d/K06upsmon -> ../init.d/upsmon
   /etc/rc6.d/K06upsmon -> ../init.d/upsmon
   /etc/rc2.d/K39upsmon -> ../init.d/upsmon
   /etc/rc3.d/K39upsmon -> ../init.d/upsmon
   /etc/rc5.d/K39upsmon -> ../init.d/upsmon

To disable autostart:

sudo update-rc.d upsmon disable

The output:

update-rc.d: warning: /etc/init.d/upsmon missing LSB information
update-rc.d: see
 Enabling system startup links for /etc/init.d/upsmon ...
 Removing any system startup links for /etc/init.d/upsmon ...
 Adding system startup for /etc/init.d/upsmon ...
   /etc/rc0.d/K06upsmon -> ../init.d/upsmon
   /etc/rc1.d/K06upsmon -> ../init.d/upsmon
   /etc/rc6.d/K06upsmon -> ../init.d/upsmon
   /etc/rc2.d/S61upsmon -> ../init.d/upsmon
   /etc/rc3.d/S61upsmon -> ../init.d/upsmon
   /etc/rc5.d/S61upsmon -> ../init.d/upsmon

To see available services:

service --status-all

Monday, May 16, 2016

Installing thawte SSL cert in Zimbra 8.6.0

1. Create csr and keep your key file. Copy the key file to /opt/zimbra/ssl/zimbra/commercial/commercial.key
2. Give or upload your csr file to certificate provider
3. Get certificate given by your cert provider after your csr is accepted.
4. Get the root certificate of your provider. For thawte, mine is here
5. Get intermediate certificate. Mine is here
6. Combine the content of the root and intermediate cert files e.g cat intermediate.crt root.crt > commercial_ca.crt and copy it to dir /opt/zimbra/ssl/zimbra/commercial

Below is the steps to verify that the certificates are ok and ready to deploy. You can skip the first step if you have already create the csr.

Single-Node Commercial Certificate

We need to take care and ask for the Certificate authority for the Root and Intermediate Keys, we will need it soon.
We will use at least 2048-bit key, is the minimum for all Certificate Authorities: 1. Begin by generating a Certificate Signing Request (CSR).
/opt/zimbra/bin/zmcertmgr createcsr comm -new -subject "/C=US/ST=CA/L=Sunnyvale/O=Zimbra/OU=Zimbra Collaboration Suite/" -subjectAltNames
2. Next, submit the CSR to the SSL provider and get a commercial certificate in PEM format. Save the new certificate to a temporary file (e.g. /tmp/commercial.crt).
3. Now, download and save the root Certificate Authority (CA) from your provider to a temporary file. (e.g. /tmp/ca.crt)
4. Download any intermediary CAs from your provider to a temporary file. (e.g. /tmp/ca_intermediary.crt)
5. Combine root and intermediary CAs into a temporary file.
cat /tmp/ca_intermediary.crt /tmp/ca.crt > /tmp/ca_chain.crt
6. Verify your commercial certificate.
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /tmp/commercial.crt /tmp/ca_chain.crt
**Verifying /tmp/commercial.crt against
Certificate (/tmp/commercial.crt) and private key
(/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
Valid Certificate: /tmp/commercial.crt: OK
7. Deploy your commercial certificate.
/opt/zimbra/bin/zmcertmgr deploycrt comm /tmp/commercial.crt /tmp/ca_chain.crt
** Verifying /tmp/commercial.crt against
Certificate (/tmp/commercial.crt) and private key
(/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
Valid Certificate: /tmpt/commercial.crt: OK
**Copying commercial.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
**Appending CA chain /tmp/ca_chain.crt to
**Saving server config key zimbraSSLCeretificate…done.
**Saving server config key zimbraSSLPrivateKey…done.
**Installing mta certificate and key…done.
**Installing slapd certificate and key…done.
**Installing proxy certificate and key…done.
**Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12…done.
**Creating keystore file /opt/zimbra/mailbox/etc/keystore…done.
**Installing CA to /opt/zimbra/conf/ca…done.
If you get error "unable to get issuer certificate, please look at the steps in the link below.

Saturday, May 7, 2016

Changing display manager on Linux Mint using command

If you used to login to Linux using GUI, it means you were using X display manager. There are many display managers. Among popular ones are gdm, kdm, mdm and lightdm. You can change display manager using gui tools but you can also use command for that purpose. On Linux Mint (and i think on other debian-based distros), you can use this command (say you are using gdm):

dpkg-reconfigure gdm

A dialog will ask you whether you want to change to other installed display managers or not. You can replace mdm with other installed display manager.

That's all there is to it folk. Have fun! :D

Saturday, February 20, 2016

Proxmox KVM usb passthrough

Proxmox KVM usb passthrough

Open KVM monitor for your KVM machine in Proxmox GUI or in the command line with the following command:
# qm monitor 168
Entering Qemu Monitor for VM 168 - type 'help' for help

Show the usb devices info from your host machine:
qm> info usbhost
  Bus 4, Addr 2, Port 1, Speed 12 Mb/s
    Class 00: USB device 046b:ff10, Virtual Keyboard and Mouse
  Bus 6, Addr 2, Port 2, Speed 1.5 Mb/s
    Class 00: USB device 0624:0294, Dell 03R874
  Bus 2, Addr 3, Port 1, Speed 480 Mb/s
    Class 00: USB device 0930:6533, DataTraveler 2.0
  Auto filters:
    Bus *, Addr *, Port *, ID 0930:6533

According to device “USB device 0930:6533” in the example, add the device to guest machine:
qm> device_add usb-host,id=myusb,vendorid=0x0930,productid=0x6533

Verify that the new usb device is added in your guest:
qm> info usb
  Device 0.1, Port 1, Speed 12 Mb/s, Product QEMU USB Tablet
  Device 0.3, Port 2, Speed 12 Mb/s, Product QEMU USB Hub
  Device 0.4, Port 2.1, Speed 480 Mb/s, Product DataTraveler 2.0

After using it, remove usb device from your guest:
qm> device_del myusb

If you run the command again, you will see the usb device is gone from your guest:
qm> info usb
  Device 0.1, Port 1, Speed 12 Mb/s, Product QEMU USB Tablet
  Device 0.3, Port 2, Speed 12 Mb/s, Product QEMU USB Hub

This has been tested in Proxmox 3.0/957f0862


Saturday, January 16, 2016

FreeRDP - The Free Remote Desktop Client for Linux

RDP stands for Remote Desktop Connection. It is a way to connect to Windows desktop/server. Default port is 3389. If you use Linux, there are 2 client programs: 

1. rdekstop is the old client. Support Windows XP,2000,NT,Windows Server 2012 R2.
2. freerdp resumes the work of rdesktop and support new MS authentication for remote desktop.

To connect to Windows, following is the example: 

xfreerdp -u login -p password

There are many other options. Just run xfreerdp -h to see them.

mplayer-gui error : Error in skin config file

After installing mplayer-gui package, I can't start it.

$ gmplayer
MPlayer 1.1-4.8 (C) 2000-2012 MPlayer Team
mplayer: could not connect to socket
mplayer: No such file or directory
Failed to open LIRC support. You will not be able to use your remote control.
Error in skin config file on line 6: PNG read error in /usr/share/mplayer/skins/default/main
Config file processing error with skin 'default'

After googling a bit, I found out that it was due to the png files in dir /usr/share/mplayer/skins/default. This is the default skin directory. To fix this error, I have to install ImageMagick package because I want to use the convert program to convert all of the png files to format png24. Thus,
cd /usr/share/mplayer/skins/default; for FILE in *.png ; do sudo convert $FILE -define png:format=png24 $FILE ; done

Rerun gmplayer and all should be fine.

Have fun!

Friday, November 27, 2015

New job, new place and new adventure

I have been working in a new place and environment for almost 6 months now. A lot has happened since in my life and i am very excited to begin blogging again.

I gained new knowledge in many areas of Linux, servers and networking. I dealt with 6 hypervisors here, many virtual machines on them, about 20 vlans, many vpns, many pfsenses, NAS, HAS, AD, win 2012 R2 and zimbra collaboration suite.

I need to master all of this and hopefully with my basic knowledge in Linux, AD and postfix, it will be easier to grasp them.

The most important things here are the bosses and colleagues. So far they are very helpful, friendly and supportive.

I will post more about my Linux work here soon. So stay tuned but don't hold your breath. :D


Monday, February 16, 2015

cannot ssh to server

If you got the following error when trying to connect to ssh server:

me@pluto ~]$ ssh -vvv -l you localhost.localdomain  
OpenSSH_6.2p2, OpenSSL 1.0.1k 8 Jan 2015
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 49: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost.localdomain [] port 22.
debug1: Connection established.
debug1: identity file /home/zamri/.ssh/identity type -1
debug1: identity file /home/zamri/.ssh/identity-cert type -1
debug1: identity file /home/zamri/.ssh/id_rsa type -1
debug1: identity file /home/zamri/.ssh/id_rsa-cert type -1
debug1: identity file /home/zamri/.ssh/id_dsa type -1
debug1: identity file /home/zamri/.ssh/id_dsa-cert type -1
debug1: identity file /home/zamri/.ssh/id_ecdsa type -1
debug1: identity file /home/zamri/.ssh/id_ecdsa-cert type -1
ssh_exchange_identification: Connection closed by remote host

Try putting this in /etc/host.allow:


It solved my problem. Your mileage may vary.

Thursday, July 3, 2014

Book review: Implementing SAMBA 4

Samba is a Windows implementation of sharing files and folders in Linux world. It is a favorite way of sharing your files on Linux with Windows users. But its use is much more than that. It can also act as servers of various roles.

Implementing SAMBA 4 is a book worth reading for Linux admins, system engineers or anybody who plan to use and master SAMBA configurations. In this version, a new feature, Active Directory Domain Controller (AD DC) is the most sought after by admins. This will let you configure SAMBA 4 as an AD DC. Using Debian 7 as the OS, I found no problem with it although many admins out there are using Fedora/Red Hat/CentOS as the main distros of choice.

Looking at the table of contents, I can say this book is not for beginners. So you have been warned. :)

Reading the sample chapter provided (Chapter 3), this book is an interesting to read. Steps are shown in pictures and clearly explained. Although I have little knowledge of AD DC, this book will make it easier for you to understand the steps needed by lots of screenshots.

Other topics mentioned that I found important and interesting are:
  • Understand the migration steps from Samba 3 to Samba 4
  • Integrate GNU/Linux operating system authentication into the AD
  • Understand the tasks and attention points when replacing a Microsoft Windows AD
If you are looking for a reading to better understand on how to configure SAMBA 4 for your AD DC, I recommend this kind of book.

Tuesday, June 17, 2014

Using mail command to send email using SMTP AUTH and no SSL

This is the command to send email using mail server with SMTP AUTH.

mail -v -s "Testing SMTP AUTH from mail command" -S smtp-auth=login -S smtp=smtp:// -S -S smtp-auth-user=me -S smtp-auth-password=mypassword

-v = verbose
-s = subject
-S = option

For more options and info, please type man mail or info mail.
The last email address is the recipient address.
You can replace mail with mailx.

This command is useful to test your mailserver setup without login to GUI.

Have fun! :)

Monday, May 19, 2014

Apache redirection

I want to redirect all of my users who go to to I have learned that from my googling, there are 2 popular ways to do it in apache web server. First, by using mod_rewrite and second, I can use redirect. The latter is the simplest. So I chose it. :)
Put this in vhost container.

Redirect 301 /

In Mageia 4, the file is located in /etc/httpd/conf/vhosts.d and the file name is 00_default_vhosts.conf

That's it. Restart or reload apache for the changes to take effect.

Have fun!

Wednesday, May 14, 2014

Mageia 4 and HP Laserjet P1102 can't print

Hi all,

Since upgrading my Mageia 3 to 4, I never test my printer. It worked in Mageia 3. I never knew that it was going to give me a headache LoL. It didn't work!. I tried reinstalling the CUPS, the driver, and even changing the USB cable. It was after 2 weeks of busy schedule, I thought I wanted to try to find a solution.

After googling a bit, I found out from a post which I didnt remember to bookmark it, the culprit was the usblp module. Remove it by rmmod usblp and the printer could print again. I could say the problem is the module conflicts with the HP printer driver. Your mileage may vary.

Have fun!