XenServer, like many other bare-metal hypervisors, only supports a small bunch of RAID controllers. The difference between it and for example VMware ESXi is that XenServer is pretty much a CentOS minimal install with some proprietary administration tools and a pretty decent remote manager (only for Windows as long as I know…) while ESXi is a completely proprietary closed source blob. XenServer being based on CentOS makes it possible to do many weird unsupported things, like installing it on a software fake RAID on ICH8R. To install it on a software RAID1 all we have to do is perform the usual installation (without configuring any local storage) on a single HDD (/dev/sda), copy everything on a second drive (/dev/sdb) and use mdadm to build a couple of RAID volumes. – I’m pretty much only reposting things I read somewhere, I don’t take any credit for this guide – …

Let’s say we have a big single FLAC file we want to split into multiple files, we are on Fedora and we don’t want to use anything but the command line. First of all: [root@fedora ~]$ yum install lame ffmpeg shntool cuetools To split the single FLAC file run: [user@fedora ~]$ shnsplit -o flac -f file_name.cue -t "%n - %p - %t" file_name.flac This will produce n single files, -t parameter is used to specify file name format (in this case: track_number – performer – track_name). To copy metadata from CUE to the single files run: …

One year ago or so I wrote about my experience using the Logitech G500 on Linux, I like the mouse a lot, especially the scroll wheel, but there were also a couple of issues I couldn’t live with: no driver for Linux, tuning DPI settings is a real PITA; the fucker doesn’t track on close to every surface, be it a gadget mousepad you got for free at a meeting, a wooden table, a plastic-something table or a 20 € mousepad. I don’t want this post to be a rant against Logitech even if I think I’ve all the right to be at least a bit angry since I bought a quite high priced mouse which basically doesn’t work. Anyway, before using the G500 for 1 year or so I did like 6 years with a Razer Deathadder and I LOVED it (for the reference, it still works like the first day but is in really bad shape aesthetically speaking). This Zowie is pretty much a Razer Deathadder with the plus of being plug-and-play, no drivers, a button for switching between 450, 1150 and 2300 DPI and tracks on every mousepad I have. …

Long story short: in Fedora 20 (and as far as I remember also 19 and 18) XScreenSaver doesn’t power off the monitor backlight when locking the screen. Being the lazy ass I am it took like me 2 or 3 years to find the motivation to solve the issue. It was actually pretty simple, no need to edit some obscure config file or else, in XFCE just click on: Application menu -> Settings -> Screensaver. A window will appear, select Blank Screen Only in the Mode dropdown menu, then switch to the advanced tab, un-check power Management Enabled and check Quick Power-off in Blank Only Mode. This is it, now every time the screen locks the monitor backlight will also power off. …

Being the tinfoil hat I am I obviously don’t like nor use whatsapp, some time ago I set up my own XMPP server and made a bunch of close friends switch to it. There are multiple clients for every platform, my personal preference goes to Xabber on Android and Pidgin on GNU/Linux; both support OTR encryption and all around are pretty decent clients. The only real issue we had so far is the very annoying problem of lost messages; if the internet connection is stable and decent the problem will very likely never come up, too bad that mobile phone internet connection is everything but stable. Every time there is a switch between EDGE, 3G, HSDPA and 4G the mobile phone is out of reach for some seconds (some time much more than just some). The switch between let’s say 3G and HSDPA is not predictable, so the client has physically no time to notificate the server that he is about to close the connection and on the other hand the server also has some trouble knowing if someone suddenly disconnect. Here comes XEP-199 a.k.a. XMPP ping, it is used to probe the clients connection state every X seconds, in my ejabbed (the XMPP server I use) configuration it is set to 60 seconds, so every 60 seconds the server ping every client, if after 32 additional seconds a client has not replied it will be considered as disconnected and any further message sent from everyone to it will be cached by the server and resent the next time the client will be back online. Enable XEP-199 in ejabberd is pretty easy… …

Ok, -everyone- knows it, this new version introduces a number of interesting updates, one above all: openssl version 1.0.1. Openssl is the library used by many programs to perform encryption tasks, for example it’s used by openssh, webservers, etc etc. The version included in CentOS 6.4 was really outdated, it doesn’t support TLS v1.2 for example, so I had to install it separately (which is a PITA to say the least). With the new version included in CentOS 6.5 TLS v1.2 works out of the box, keep up the good work CentOS team. …

It’s been quite a while since the last time I fired up the single stage (actually, it should be 290 days), let alone having a LN2 session. Past saturday I went to my grandfather’s place and got him a new PC since his precedent one is, to say the least, outdated. Anyway, since the old one has some interesting parts I decided to give it a try, hooked it to the single stage and baaaaaaam. …

This post is meant to be the sequel of the one I wrote one month ago about CentOS as router, transparent proxy, and much more. A big chunk of the precedent article is on how configure squid and squidGuard to act as a transparent proxy with URLs filtering capabilities. But there’s a problem with that: nowadays many sites (f4c3b00k.c0m just to name the most annoying one) are HTTPS. With HTTP one can really easily intercept a packet and read the payload (which contains the URL) but with HTTPS this is not possible anymore since the payload is encrypted. The only way to be able to read the payload of an HTTPS packet is doing a man-in-the-middle attack with a fake certificate, but that’s not advisable and you really don’t wanna do it. If, like in my case, we are not interested in what the users are doing but we just want them to not be able to access some sites/services/whatever ipset (combined with iptables) are the right tools for the job. iptables is a pretty powerful tool, the only real issue is that it doesn’t scale pretty well if the number of the rules is very big, and this is not a good thing since we probably want to blacklist thousands of IPs. And here comes ipset: with it it’s possible to manage huge blacklists without iptables slowing down. …