Install deCSS on Ubuntu 12.04

Posted on March 9, 2013 by admin

You’ll need this to play encrypted DVD’s on your linux box. Installing it is easy but I can never remember the trick.


sudo apt-get install libdvdread4
sudo /usr/share/doc/libdvdread4/install-css.sh

Posted in Linux | Comments Off on Install deCSS on Ubuntu 12.04

How to use openssl to generate a certificate request

Posted on February 25, 2013 by admin

I can never remember how to generate a certificate request (CSR) when doing a one-off certificate. I use a script for my normal certs at work but sometimes I want to make one for personal use or a self signed cert.

Here is how to create a CSR for a site called boxtricks.com

openssl req -out boxtricks.com.csr -new -newkey rsa:2048 -nodes -keyout boxtricks.com.key

When you run that, fill it out something like this:

Generating a 2048 bit RSA private key
...................+++
............................................................................................................+++
writing new private key to 'boxtricks.com.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Wisconsin
Locality Name (eg, city) []:Watertown
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Boxtricks
Organizational Unit Name (eg, section) []:Web Hosting
Common Name (eg, YOUR name) []:www.boxtricks.com
Email Address []:[email protected]

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Posted in Linux, SSL | Comments Off on How to use openssl to generate a certificate request

500 OOPS: vsftpd: refusing to run with writable root inside chroot()

Posted on February 25, 2013 by admin

This is one of the most annoying and frustrating problems I have run into lately. This supposed security fix makes vsftp simply unusable after upgrading to Ubuntu 12.04 from 10.04. No amount of cajoling or messing with options will get it working again.

The fix is pretty easy though, just copy/paste these lines into a terminal. It will update your /etc/vsftpd.conf that stopped working after you upgraded.

This has been tested and works on Ubuntu 12.04

Updated 5/1/2013
wget http://ftp.us.debian.org/debian/pool/main/v/vsftpd/vsftpd_3.0.2-14_amd64.deb
dpkg -i vsftpd_3.0.2-14_amd64.deb
echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf
echo "seccomp_sandbox=NO" >> /etc/vsftpd.conf
service vsftpd reload

Updated 7/18/2017
It seems the link above is broken. Try one of these, depending on your architecture:

http://mirror.global-layer.com/debian/pool/main/v/vsftpd/vsftpd_3.0.2-14_i386.deb
http://mirror.global-layer.com/debian/pool/main/v/vsftpd/vsftpd_3.0.2-14_amd64.deb

Nitza Lerner

Posted in FTP, Linux | Comments Off on 500 OOPS: vsftpd: refusing to run with writable root inside chroot()

OpenVPN refuses to start in LXC container

Posted on February 1, 2013 by admin

I was getting the following error when trying to start openvpn from within an LXC container:

Note: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)

This fixed it:

mkdir /dev/net 
mknod /dev/net/tun c 10 200 
chmod 666 /dev/net/tun
Posted in Linux, lxc | Comments Off on OpenVPN refuses to start in LXC container

Can I remove winsxs on windows server 2008? It is eating up my hard disk

Posted on January 31, 2013 by admin

In case you ever need it, I followed this advice, and it cut the winsxs folder just about in half.  Everything seems to be working fine.  All that I lost was the ability to roll back to a previous Service Pack.

  • Start an elevated command prompt (run ‘CMD’ as administrator) and …
  • Run the DISM command, which replaces the old VSP1CLN and COMPCLN we used on previous Windows versions: DISM.exe /online /Cleanup-Image /spsuperseded
  • Wait 10 minutes before the task completes ( it ends with “Service Pack Cleanup operation completed. The operation completed successfully”)

Normally you should have been able to reduce the Winsxs folder size by 1 or maybe 2 GBs, sometimes more. Saved space may vary a lot.

Just know that after using DISM you will not be able to uninstall the Service Pack 1 anymore.

Let’s have a look at the used switches for DISM.exe:

  • The /online switch tells DISM to work on the running OS installation
  • The /spsuperseded option removes the backup files created during installation.

Optionally you could use the /hidesp option which will remove SP1 (KB976932) from the “Installed Updates” section of Programs and Features, to ensure that users do not try to uninstall the Service Pack.

EDIT:

Also see this https://technet.microsoft.com/en-us/library/ff630161(v=ws.10).aspx

Posted in Microsoft, windows | Comments Off on Can I remove winsxs on windows server 2008? It is eating up my hard disk