XFS just like EXT4 (I wrote a post about it last year) supports online defragmentation, to manage those volumes on CentOS and Fedora xfsprogs package is needed. Fragmentation level of XFS volumes can be checked with the command: [root@CentOS ~]$ xfs_db -c frag -r /dev/sdb1 actual 4491, ideal 4006, fragmentation factor 10.80% To perform online defragmentation of XFS volumes run the following command: [root@CentOS ~]$ xfs_fsr -v /dev/sdb1 /mnt/data1 start inode=0 ino=205 ino=205: file busy ino=201 ino=201 already fully defragmented. …

After some time qcow2 images tend -especially after taking snapshots- to grow bigger and bigger, even bigger than the maximum size specified at creation time. QEMU provides a tool called virt-sparsify (install libguestfs-tools package in CentOS 7) that can effectively make a virtual machine disk thin provisioned (space is not preallocated, only the actual space needed is used). virt-sparsify has a nice number of options, the most interesting one is --in-place, it tells QEMU to shrink the volume in place without requiring any addition space. …

DNSCrypt installation process is pretty simple since it is present in the repository, pdnsd on the other hand is missing, luckily compiling from source is not that hard. For the sake of completeness I will also cover the procedure to install DNSCrypt from source, alternatively yum install dnscrypt-proxy. Install the required dependencies and get the source code: [root@CentOS ~]# yum install gcc libsodium-devel libtool-ltdl-dev git wget [root@CentOS ~]# git clone https://github. …

Since every time I am about to install Vim I forgot how to set it up, set it as default system wide text editor and so on I figure I’ll write it down once and for all. First of all let’s install Vim, specifically the so called enhanced version which is capable of loading plugins and colorschemes: [user@Fedora ~]# sudo dnf install vim ### powerline plugin [user@Fedora ~]# sudo dnf install vim-plugin-powerline I personally really like molokay colorscheme from tomasr; putting it in the default colorscheme directory does the trick if we want to use it for every user. …

Fail2ban is a useful tool capable of mitigating brute force attacks performed against a multitude of services (ejabberd in our case). Configuration is split between a multitude of files: jail.conf defines which filters are active while the filters scripts are placed in ./filter.d directory. [root@CentOS ~]# vi /etc/fail2ban/jail.conf --- bantime = 1200 findtime = 1200 maxretry = 10 backend = auto [ejabberd-auth] enabled = true port = 5222,5280,7777 action = iptables-multiport[name=ejabberd, port="5222,5269,5280,777", protocol=tcp] logpath = /var/log/ejabberd/ejabberd. …

Ejabberd XMPP server includes a SOCKS5 proxy, setting it up correctly is what makes the difference between fast or very slow file transfer operations. As per XEP-0065 file transfer is either peer-to-peer or mediated by a proxy server. In Conversation peer-to-peer transfer is done by converting the file in base64, split it in 4 kb chunks sent one at the time always awaiting first for the ACK of the precedent one; this makes the whole process painfully slow and bandwidth consuming. …

The latest version of DNScrypt-proxy does not use anymore a single configuration file (/etc/conf.d/dnscrypt-proxy) but instead completely relies on systemd. Configuration is now split in two different files. [root@arch ~]# cat /etc/systemd/system/multi-user.target.wants/dnscrypt-proxy.service --- [Unit] Description=DNSCrypt client proxy Requires=dnscrypt-proxy.socket [Install] Also=dnscrypt-proxy.socket WantedBy=multi-user.target [Service] Type=simple NonBlocking=true ExecStart=/usr/bin/dnscrypt-proxy \ --resolver-address=185.97.7.7:27015 \ --provider-name=2.dnscrypt-cert.fvz-rec-de-fra-01.dnsrec.meo.ws \ --provider-key=9FCC:EB74:6856:238D:AC57:428B:DE4F:D9C6:E736:5370:E9F9:5415:3BD3:6EBE:A8C2:FAFE \ --user=nobody …and… [root@arch ~]# cat /etc/systemd/system/dnscrypt-proxy.socket --- [Unit] Description=dnscrypt-proxy listening socket After=network.target [Socket] ListenStream=127.0.0.2:53 ListenDatagram=127.0.0.2:53 [Install] WantedBy=sockets.target

After some years of using Firefox (currently version 38.0.5) with Session Restore enabled (the browser saves all the tabs from the previous session and reload them at the next start-up) it started to act weird and freeze for around 10 seconds 3 or 4 times a day. This very annoying behavior is caused by the presence of multiple useless Session Restore files. To delete those files open a new tab and type about:support in the address bar, then in the Application Basics area click on the Open Directory button placed next to Profile Directory. …