Moving to KVM virtual machines

Installing VirtualBox is getting increasingly painful on Ubuntu due to the problems with UEFI Secure Boot and the VirtualBox kernel modules. Another reason for an alternative is that running VirtualBox VM’s completely in the background is not as straightforward as it could be.

From the available alternatives I looked into (VMWare, Xen & KVM) it was KVM that fitted my needs (casual VM usage with mostly headless VM’s for testing purposes). Main reasons:

  • Well supported by Ubuntu
  • Easy, straightforward install
  • Background VM’s are simple as
  • Moving VM’s from one host to another is a breeze

Checking system

To check if the CPU can actually support

egrep -c '(svm|vmx)' /proc/cpuinfo

If the number returned is > 0 your systems should be capable to run.

You will also enable your BIOS for virtualisation (in Security settings of most BIOS’s) if that has not already be done. You will get an error if not enabled if you are trying to run an install. The Install of KVM will work fine.

Installation

sudo apt-get install qemu-kvm libvirt-bin bridge-utils virt-manager
sudo addgroup libvirtd
sudo adduser libvirtd
sudo service libvirtd start
sudo service libvirtd status
sudo virt-manager

Moving VM’s to another host

Source Host

virsh shutdown VMNAME
virsh dumpxml VMNAME > /tmp/VMNAME.xml
scp /tmp/VMNAME.xml TARGETHOST:/tmp/VMNAME.xml
scp /var/lib/libvirt/images/VMNAME.qcow2 TARGETHOST:/var/lib/libvirt/images/VMNAME.qcow2

Target Host

virsh define /tmp/vm.xml
virsh start vm

Once you have confirmed operation you probably want to remove the source VM from the Source Host.

virsh undefine VMNAME
rm /var/lib/libvirt/images/VMNAME.qcow2

Giving Opera another spin – ad-blocking as a core feature

I haven’t been using Opera for quite a while as I didn’t really have a need for a third browser lately (Firefox & Chrome being the main ones). However I came across this article today mentioning that Opera has integrated ad-blocking as a core feature rather than a plugin to manage.

If there were no bloated ads, some top websites would load up to 90% faster.

Today, we wanted to share with you a native ad-blocking technology in our Developer channel for Opera for computers. “Native” means unmatched speed vs extensions, since the blocking happens at the web engine level.

We are the first major browser vendor to integrate an ad-blocking feature, but this development should be a no surprise to anyone given the rising popularity of ad-blocking software and even Apple allowing it on its platform.

Install procedure (Ubuntu 15.10)

sudo add-apt-repository 'deb https://deb.opera.com/opera-stable/ stable non-free'
wget -qO- https://deb.opera.com/archive.key | sudo apt-key add -
sudo apt-get update
sudo apt-get install opera-stable

Original: http://www.opera.com/blogs/desktop/2016/03/native-ad-blocking-feature-opera-for-computers/

OpenVPN – fix issues with DNS server assignment (Synology NAS)

Synology NAS systems are great VPN servers for a home or small office. However if you want to connect to the VPN and route all your traffic through the VPN and be able to browse the internet there are a few things you need to change on the Synology server.

Theoretically you should be able to set these options on the client, but I have not managed to get this to work with Synology and judging by the amount of forum threads a lot of other people had the same problem. If somebody has a better way to fix this I would love to know. I don’t like to manually change these config files as I assume they will be overwritten when making changes to the web-interface.

vi /usr/syno/etc/packages/VPNCenter/openvpn/openvpn.conf

add the following lines.

push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.4.4"
push "dhcp-option DNS 8.8.8.8"

Please note that the DNS option are Google’s public DNS servers as an example, you probably want to use your ISP’s (the one hosting the Synology server that is) DNS IP’s instead.

Please note that this was tested with Synology DSM version 5.2 only and Ubuntu & Android as the main client OS. Please leave comment for other combinations.

Ubuntu 14.04 Webmin Install from PPA

On remote systems sometimes a web-based tool can be very handy. Webmin is such a tool that has been well maintained for decades. To install quickly on a Ubuntu Server without having to manage dependencies and keeping it updated as part of normal OS update operations installing from a PPA Repo is handy.

sudo echo "deb http://download.webmin.com/download/repository sarge contrib" >> /etc/apt/sources.list
wget -q http://www.webmin.com/jcameron-key.asc -O- | sudo apt-key add -
#OpenSuse Repo Key
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 977C43A8BA684223
sudo apt-get update
sudo apt-get install webmin

After this you should be able to connect to your webmin instance on port 10000

https://hostname:10000

Security note: I would never allow direct access to Webmin on a remote server but rather tunnel port 10000 over SSH !

Finding a private location check-in service

Foursquare decided that it was too hard for them to compete with location services like Yelp and split their app into two separate apps. Whilst that might make sense to the 4Square CEO and his VC masters, it makes no sense from a users perspective. Foursquare can be a bit of a battery hog already, and having 2 apps to open and “annoy” you with notifications is not an improvement by any means. And if I wanted Foursquare to be Yelp – I would have used Yelp in the first place. So no – I do not want to install another separate check-in App (called Swarm). One battery hogging location app was enough.

no checkins here by leogaggl, on Flickr
Creative Commons Creative Commons Attribution-Noncommercial-Share Alike 2.0 Generic License   by  leogaggl 

The other argument used by 4Square’s CEO is that he didn’t want users confused about the “gamification” aspects of 4Square. I personally think that this is highly patronising to the Foursquare user base. I am sure most users would be able to work out what it is useful for.

Since I have always used 4Square mainly as a means to get some analytics of my movements and historic record of where I was at what time (I always downloaded my checkins to Thinkup on my own server) I was trying to find something that would fit the same use case. Meet Ushahidi (http://www.ushahidi.com/) – an excellent geo-coded “reporting” service developed in Kenya. I have been following this project for years already.

Dynamic Timeline

Track your reports on the map and over time, filter your data by time, and see when things happened and where.

Interactive Mapping

One of the most powerful ways to visualize information is to display it on a map. The Ushahidi platform give you rich information mapping tools.

Multiple Data Streams

The Ushahidi Platform allows you to easily collect information via text messages, email, twitter and web-forms.

Free & Open Source

The Ushahidi Platform is free for you to download and use. It is released under the GNU Lesser General Public License (LGPL).

Installation information for your own Ushahidi Server can be found on GitHub – or you can use their hosted service called Crowdmap.

Whilst this is obviously not an option for everybody it works for me. I will miss some the social aspect of 4Square as I had a small number of people I was sharing my check-ins with and it did bring about some by-chance meetups & conversation about other people’s check-ins. But the Ushahidi instance can be shared between multiple people. Maybe some will come along for the ride.

So long Foursquare – it was nice while it lasted ! If you treat your users like sheep – all you will be left with is sheep…

And for those who want to delete their Foursquare account: https://support.foursquare.com/hc/en-us/articles/201065530-How-do-I-delete-my-account-.

Edit files on remote host via SSH

Whilst most commandline editors have the ability to edit files on a remote host directly this can get messy sometimes when there are multiple files involved. Mounting the remote folder via SSHFS seems to be more reliable in practical use.

Mount

sudo apt-get install sshfs
sudo addgroup USERNAME fuse
sshfs remoteuser@remotehost:/remote/path /local/mountpath

Unmount

fusermount -u /local/mountpath

Using TOR and PRIVOXY on Ubuntu

This covers only the basic install and configuration for future reference. More info on Privoxy can be found on their website http://www.privoxy.org/.

Install

apt-get install tor privoxy

vim /etc/privoxy/config

uncomment the following line:

forward-socks5 / 127.0.0.1:9050 .

If you need to browse internal hosts while connected:

forward 10.*.*.*/

Browser Configuration

Firefox: FoxyProxy
Chromium: Proxy Switchy

Documentation: http://www.privoxy.org/faq/misc.html#TOR

Wireshark install on Ubuntu 12.04

Just a short note on Wireshark install (needed to beat an Asterisk SIP install into submission)

sudo apt-get install wireshark
sudo useradd -U -M -s /bin/false wireshark
sudo chgrp wireshark /usr/bin/dumpcap
sudo chmod 754 /usr/bin/dumpcap
sudo setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap
sudo gpasswd -a YOURUSERNAME wireshark

Source: http://wiki.wireshark.org/CaptureSetup/CapturePrivileges