Tagged with debian

nginx User-Agent spoofing to circumvent LinkedIn's blacklisting

I have a few virtual hosts that redirect to my LinkedIn profile thanks to a rewrite rule in nginx:

server {
  server_name  example.com;
  listen       80;

  location / {
    rewrite    ^  http://be.linkedin.com/in/tristanterpelle/;
  }
}

This worked beautifully when I tested it, but today I noticed it was broken. LinkedIn returned a 999 error. After looking around a bit, it turns out that LinkedIn actively blocks HTTP requests from clients with certain User-Agent strings.

 $ curl -I --url https://be.linkedin.com/in/tristanterpelle 
HTTP/1.1 999 Request denied
$  curl -A "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.71 Safari/537.36" -I --url https://be.linkedin.com/in/tristanterpelle
HTTP/1.1 200 OK

OK, so curl's User-Agent is blacklisted, and apparently so is nginx' (wget also fails). Luckily, nginx can spoof its User-Agent thanks to the HttpHeadersMoreModule.

server {
  server_name  example.com;
  listen       80;

  location / {
    rewrite    ^  http://be.linkedin.com/in/tristanterpelle/;
    more_set_input_headers 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.71 Safari/537.36';
  }
}

On Debian, you need to install the nginx-extras package, or you will get a [emerg] unknown directive "more_set_input_headers" error.

Tagged , ,

VMware Workstation 9.0.1 on Debian with kernel 3.10

New major Linux kernel version, new major breakage of VMware Workstation. Here's what and how to patch to be able to compile VMware's modules so you can run your virtual machines under Linux kernel 3.10.

vmnet

The compilation of the vmnet.ko module fails, a patch found on the VMware Community forum fixes this.

It has to be applied to the contents of /usr/lib/vmware/modules/source/vmnet.tar. You can find the instructions on how to do this in my older post.

vmblock

After the first patch, we're still not out of the woods: the vmblock.ko won't compile either. In the same thread a link is provided to a blog post with the appropriate patch. This time, the patch has to be applied to the files in /usr/lib/vmware/modules/source/vmblock.tar.

Compile

Now you can compile the modules with vmware-modconfig --console --install-all, provided you installed the appropriate kernel header files for your kernel. In my case, the packages I needed were:

ii  linux-headers-3.10-2-amd64            3.10.7-1                         amd64        Header files for Linux 3.10-2-amd64
ii  linux-headers-3.10-2-common           3.10.7-1                         amd64        Common header files for Linux 3.10-2
ii  linux-image-3.10-2-amd64              3.10.7-1                         amd64        Linux 3.10 for 64-bit PCs

Sources

Tagged , , ,

Prey anti-theft on Debian

Anti-theft solution

Prey is an open source anti-theft solution. I decided to install it on my laptop so I could track it in case I lost it or it was stolen.

Prey is scheduled to "call home" to check the status of the device it's protecting. If it finds out the device went missing, it build a report with useful information to track down the device and tries to send it to the user. It can do the check and send the report via the Prey Control Panel (simple to setup) or you can run it in standalone mode which offers more options. I used the simple setup to find out if and how it works.

Installation

Version 0.5.3 is currently in the Debian repositories, which is easy to install (apt-get install prey) but after a few hours of trying, I couldn't get it to do anything useful: Prey noticed when my laptop was missing and created and sent the reports but they never arrived.

A post on Prey's anwers list recommended to upgrade to version 0.5.9 to get things working. I decided to install the latest version, which was 0.6.0. There's .deb for Ubuntu that I tried first on Debian Jessie/Sid, but long story short: it didn't work. Instead, I downloaded the universal .zip for Linux and made a .deb from it, the quick and dirty way.

Because it was built the quick and dirty way, Prey was complaining about a missing cronjob and configuration file.

The cronjob was in /etc/cron.d/prey when Prey expected it to be in root's list of crons. I copied the lines from /etc/cron.d/prey to crontab -e -u root and then rm'ed /etc/cron.d/prey. I changed the frequency to every 5 minutes.

Prey looked for the configuration file in /usr/lib/prey/config, which I solved by symlinking /etc/prey/config there: ln -sv /etc/prey/config /usr/lib/prey/config.

Like I said: a very quick and dirty packaging.

Configuration

To use Prey, you need to register an account. Once you've done that, log in and you will find your API key in the Account page. This key goes in your configuration file on the api_key= line. When you've set that, you can run Prey in test mode where it will check its status and generate a device key. It will immediately add the device key to the config file as well. Some moments later, your device will appear in Prey's Control Panel.

In Prey's Control Panel you can set the information you want gathered in the Devices tab. I deselected all the actions to perform on the right to keep Prey inconspicuous to a possible thief.

Testing

Set your device's status to Missing and wait for the cronjob to kick in. You should be getting a report with some very useful information a few minutes later. I checked and even when I didn't have X running, I got a nice report with a webcam picture.

Don't forget to set the status back to normal when you've verified that everything works: the free Prey account only has space for 10 reports.

Sources

Tagged , , ,

VMware Workstation 9.0.1 on Debian with kernel 3.8

Missing C header files

I installed VMware Workstation 9.0 on a fresh Debian Jessie/Sid installation, but when I ran it after the installation, I was greeted with the error message:

C header files matching your running kernel were not found.  Refer to your distribution's documentation for installation instructions.

and a dialog to locate said missing headers manually.

I found the fix to this annoying issue on ArchLinux' Wiki. The directory structure of the header files has changed since Linux kernel 3.7, so the installer cannot find the file it's looking for. A simple symlink resolves this.

# ln -sv /usr/src/linux-headers-$(uname -r)/include/generated/uapi/linux/version.h /usr/src/linux-headers-$(uname -r)/include/linux
‘/usr/src/linux-headers-3.8-1-amd64/include/linux/version.h’ -> ‘/usr/src/linux-headers-3.8-1-amd64/include/generated/uapi/linux/version.h’

Now VMware Workstation would at least try to compile the kernel modules!

Error compiling kernel modules

But failed miserably in the process:

Using 2.6.x kernel build system.
make: Entering directory `/tmp/modconfig-rWaQRn/vmci-only'
/usr/bin/make -C /lib/modules/3.8-1-amd64/build/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. \
   MODULEBUILDDIR= modules
make[1]: Entering directory `/usr/src/linux-headers-3.8-1-amd64'
  CC [M]  /tmp/modconfig-rWaQRn/vmci-only/linux/driver.o
  CC [M]  /tmp/modconfig-rWaQRn/vmci-only/linux/vmciKernelIf.o
  CC [M]  /tmp/modconfig-rWaQRn/vmci-only/common/vmciContext.o
  CC [M]  /tmp/modconfig-rWaQRn/vmci-only/common/vmciDatagram.o
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:127:4: error: implicit declaration of function __devexit_p [-Werror=implicit-function-declaration]
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:127:4: error: initializer element is not constant
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:127:4: error: (near initialization for vmci_driver.remove)
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:1754:1: error: expected =, ,, ;, asm or __attribute__ before vmci_probe_device
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:1982:1: error: expected =, ,, ;, asm or __attribute__ before vmci_remove_device
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:119:12: warning: vmci_probe_device used but never defined [enabled by default]
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:121:13: warning: vmci_remove_device used but never defined [enabled by default]
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:2063:1: warning: vmci_interrupt defined but not used [-Wunused-function]
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:2137:1: warning: vmci_interrupt_bm defined but not used [-Wunused-function]
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:1717:1: warning: vmci_enable_msix defined but not used [-Wunused-function]
cc1: some warnings being treated as errors
make[4]: *** [/tmp/modconfig-rWaQRn/vmci-only/linux/driver.o] Error 1
make[4]: *** Waiting for unfinished jobs....
make[3]: *** [_module_/tmp/modconfig-rWaQRn/vmci-only] Error 2
make[2]: *** [sub-make] Error 2
make[1]: *** [all] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-3.8-1-amd64'
make: *** [vmci.ko] Error 2
make: Leaving directory `/tmp/modconfig-rWaQRn/vmci-only'
Failed to build vmci.  Failed to execute the build command.
Using 2.6.x kernel build system.
make: Entering directory `/tmp/modconfig-rWaQRn/vmci-only'
/usr/bin/make -C /lib/modules/3.8-1-amd64/build/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. \
   MODULEBUILDDIR= modules
make[1]: Entering directory `/usr/src/linux-headers-3.8-1-amd64'
  CC [M]  /tmp/modconfig-rWaQRn/vmci-only/linux/driver.o
  CC [M]  /tmp/modconfig-rWaQRn/vmci-only/common/vmciDoorbell.o
  CC [M]  /tmp/modconfig-rWaQRn/vmci-only/common/vmciDriver.o
  CC [M]  /tmp/modconfig-rWaQRn/vmci-only/common/vmciEvent.o
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:127:4: error: implicit declaration of function __devexit_p [-Werror=implicit-function-declaration]
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:127:4: error: initializer element is not constant
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:127:4: error: (near initialization for vmci_driver.remove)
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:1754:1: error: expected =, ,, ;, asm or __attribute__ before vmci_probe_device
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:1982:1: error: expected =, ,, ;, asm or __attribute__ before vmci_remove_device
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:119:12: warning: vmci_probe_device used but never defined [enabled by default]
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:121:13: warning: vmci_remove_device used but never defined [enabled by default]
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:2063:1: warning: vmci_interrupt defined but not used [-Wunused-function]
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:2137:1: warning: vmci_interrupt_bm defined but not used [-Wunused-function]
/tmp/modconfig-rWaQRn/vmci-only/linux/driver.c:1717:1: warning: vmci_enable_msix defined but not used [-Wunused-function]
cc1: some warnings being treated as errors
make[4]: *** [/tmp/modconfig-rWaQRn/vmci-only/linux/driver.o] Error 1
make[4]: *** Waiting for unfinished jobs....
make[3]: *** [_module_/tmp/modconfig-rWaQRn/vmci-only] Error 2
make[2]: *** [sub-make] Error 2
make[1]: *** [all] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-3.8-1-amd64'
make: *** [vmci.ko] Error 2
make: Leaving directory `/tmp/modconfig-rWaQRn/vmci-only'
Failed to build vmci.  Failed to execute the build command.

The contents of /usr/lib/vmware/modules/source/vmci.tar needed to be patched, according to this thread on the VMware forums.

# wget -O /tmp/vmware9.k3.8rc4.patch http://communities.vmware.com/servlet/JiveServlet/download/2182440-102649/vmware9.k3.8rc4.patch
# cd /usr/lib/vmware/modules/source
# tar xf vmci.tar
# cd vmci-only
# patch -p1 < /tmp/vmware9.k3.8rc4.patch 
patching file linux/driver.c
# tar cf vmci.tar vmci-only
# rm -rf /usr/lib/vmware/modules/source/vmci-only

After that, I just had to run vmware as root and the modules were built successfully.

Sources

Tagged , , ,

FIXED: No sound from Thinkpad T430 when docked

Update (31/Jan/2013)

As of kernel 3.6.9 in Debian (experimental), the patch is included by default so this procedure is now obsolete. Save yourself a lot of trouble and simply install linux-image-3.7-trunk. ;)

</update>

My T430's speaker got muted as soon as I docked it in its Mini Dock Plus Series 3. Luckily a patch has been posted to the Linux' mailing list.

Here's a quick guide to get sound from the dock by patching the Linux kernel and building Debian packages for the patched kernel and for the proprietary nVidia module.

Get the latest kernel from kernel.org. I used version 3.6.4, released on 28 October 2012. Download it to /usr/src.

Extract the kernel's tarball in /usr/src, it will create a directory linux-3.6.4:

tar xf linux-3.6.4.tar.bz2

Create a symbolic link to /usr/src/linux for linux-3.6.4:

ln -sv /usr/src/linux-3.6.4 /usr/src/linux

chown the /usr/src directory to your normal user. This way you can build packages without having to be root.

chown -R youruser /usr/src

Install the nVidia kernel source. I installed version 304.60 from the unstable repo.

aptitude -t unstable install nvidia-kernel-source

Extract the nVidia kernel tarball, it was installed under /usr/src.

tar xf /usr/src/nvidia-kernel-source.tar.bz2

Configure your kernel manually (make menuconfig) or copy a config you already have (e.g. /boot/config-3.2.0-3-amd64) and run make oldconfig to set all the new options that have been introduced since v3.2.0.

Get the patch to get sound from the docking station: : https://lkml.org/lkml/2012/10/19/320. I just added the missing line manually to sound/pci/hda/patch_realtek.c: change the file from

SND_PCI_QUIRK(0x17aa, 0x21f6, "Thinkpad T530", ALC269_FIXUP_LENOVO_DOCK),
SND_PCI_QUIRK(0x17aa, 0x21fa, "Thinkpad X230", ALC269_FIXUP_LENOVO_DOCK),
SND_PCI_QUIRK(0x17aa, 0x21fb, "Thinkpad T430s", ALC269_FIXUP_LENOVO_DOCK),
SND_PCI_QUIRK(0x17aa, 0x2203, "Thinkpad X230 Tablet", ALC269_FIXUP_LENOVO_DOCK),

to

SND_PCI_QUIRK(0x17aa, 0x21f6, "Thinkpad T530", ALC269_FIXUP_LENOVO_DOCK),
SND_PCI_QUIRK(0x17aa, 0x21fa, "Thinkpad X230", ALC269_FIXUP_LENOVO_DOCK),
SND_PCI_QUIRK(0x17aa, 0x21f3, "Thinkpad T430", ALC269_FIXUP_LENOVO_DOCK),
SND_PCI_QUIRK(0x17aa, 0x21fb, "Thinkpad T430s", ALC269_FIXUP_LENOVO_DOCK),
SND_PCI_QUIRK(0x17aa, 0x2203, "Thinkpad X230 Tablet", ALC269_FIXUP_LENOVO_DOCK),

Now use make-kpkg to build the kernel, the modules, an initial ramdisk, the kernel header files and the nVidia kernel module in one swift command:

make-kpkg --revision 3.6.4 --append-to-version -2-bgd -j4 --initrd kernel_image kernel_headers modules_image

See make-kpkg's manpage for more info on the parameters and switches to the above command.

Find your new packages in /usr/src:

  • linux-headers-3.6.4-2-bgd_3.6.4_amd64.deb
  • linux-image-3.6.4-2-bgd_3.6.4_amd64.deb
  • nvidia-kernel-3.6.4-2-bgd_304.60-1+3.6.4_amd64.deb

Install your patched kernel, headers and nVidia module:

dpkg -i linux-headers-3.6.4-2-bgd_3.6.4_amd64.deb linux-image-3.6.4-2-bgd_3.6.4_amd64.deb nvidia-kernel-3.6.4-2-bgd_304.60-1+3.6.4_amd64.deb

Reboot and enjoy sound from the dock!

Update

When I installed the 3 .deb files above, I still had the nVidia packages from Debian unstable installed as well. This was not a good idea: after a few weeks a new nVidia driver was available (v304.64), and it got installed with aptitude safe-upgrade. It clashed with my custom package to the extent where X would not show an image anymore. I ended up with hundreds of Xorg.[0-999].log files in /var/log too.

I fixed this by removing all official Debian packages for nVidia, and reinstalling my own custom package.

Source: Debian Wiki - NvidiaGraphicsDrivers

Tagged , , , , ,

Xen and GRUB2 on Debian

GRUB2 on Debian is configured in /etc/defaults/grub. To get the correct boot parameters for the hypervisor I use the following lines:

#for normal use:
GRUB_CMDLINE_XEN="dom0_mem=256M"
# for rescue mode:
GRUB_CMDLINE_XEN_DEFAULT="dom0_mem=1024M"

To pass options to Xen kernels I use GRUB_CMDLINE_LINUX_XEN_REPLACE="xen-pciback.permissive xen-pciback.passthrough=1 xen-pciback.hide=(00:01.b)(00:02.0)". See Debian bug 617538 and Debian bug 617538 for more info. You will need grub-pc from Debian Wheezy (1.99-14 or up)!

Tagged , , , ,

HP MFP on Debian Wheezy

I bought an HP LaserJet 100 MFP M175nw. It's supported by hplip but only in version 3.11.7 and later. Debian Squeeze has version 3.10, so I upgraded my Debian installation to Wheezy. Installing hplip on Squeeze from Wheezy seemed to break a lot of stuff, so I figured upgrading would be easier.

To use the printer, you need to install hplip (>= 3.11.7) and run hp-setup. It will try to download a binary file that's required to print. In my case, the download never started and the installation just lasted indefenitely. So I manually downloaded the required file from the HPLIP project page. The file's name is hplip-3.11.10.run. The installer allowed me to specify the path to the file, but in GUI mode it wouldn't continue without giving me a reason: the next button was simply grayed out.

In CLI mode, I found out that the installer expects the filename to be hplip-3.11.10-plugin.run.

I renamed the file from hplip-3.11.10.run to hplip-3.11.10-plugin.run and finished the installation.

Tagged , ,