Syncthing is a great piece of Software to keep multiple PCs – and tablets – in sync. Unfortunately, it produces a LOT of log spam; on my Ubuntu machines, more than half of the entries in /var/log/syslog are useless syncthing INFO messages.

Here’s how they get produced:

• Syncthing outputs stuff on stdout/stderr
• Systemd, which starts syncthing, connects that stdout and stderr to itself, and sends everything it gets to rsyslogd
• Rsyslogd has a default config to send pretty much everything to /var/log/syslog

And here’s how to change that:

Create a file /etc/rsyslog.d/30-syncthing.conf:


# Ignore syncthing INFO messages
if $programname == 'syncthing' and $syslogseverity-text == 'info' then stop


Restart rsyslogd:
systemctl restart rsyslog

Done!

Lately, I needed to set up VirtualBox on some server I use to ssh into, and I wanted to use the GUI for initial setup. I did this previously, without any problems – ssh -X, then just start the GUI.

Not so with VirtualBox 5, the only message I got was libGL error: failed to load driver: swrast.

Turns out that the VirtualBox 5 GUI uses OpenGL, while previous versions didn’t, and there seem to be some issues whether that should be rendered locally or remotely.

Finally I found a solution in a 20 year old discussion: https://groups.google.com/forum/#!msg/comp.security.ssh/DXHF6hGznYI/15zYRY4L5pYJ is still valid.

GLFORCEREDIRECT=no VirtualBox

works.

Every now and then, there is a new minecraft subversion, and when your favourite server updates, you need to update as well. Which is easy if you’re running a plain vanilla client, but can be quite an annoyance when you’re using mods, and your mod author doesn’t update them in time.

When there’s a lot of changes to the client itself, then, well, mods have to adjust to these changes. But when the changes are very minor, like 1.12 to 1.12.1 to 1.12.2, most of the time, plugins will still work.

As long as they’re forge mods. Not so, with liteloader.
Continue reading →

I’ve been playing minecraft on my Linux system from time to time, and had an annoying “misfeature” – when exiting the client, my screen resolutions would get messed up.
Continue reading →

Current Linux terminal emulators have a feature that many people consider a bug.

Read the manual of some command. Find what you wanted to check. Quit the viewer to return to the command line. Poof, your screen is restored to what it was before you started man, and the information you were looking for is gone.

Same if you start your editor; quit the editor and the screen restores to the previous content.

Continue reading →

I needed to analyze a problem on a server, which required me to see through network dumps. Unfortunately, there’s a firewall between clients and this server, so i couldn’t filter on client IP. Which means there are zillions of connections in my .pcapng files, with only very few of them relevant. All in all, 137 GB of capture for one day.
Continue reading →

Finding a useful resource for this took me quite a while. The solution comes with the standard repository:

apt-get install g15daemon

On my 18-key G15, keys G1..G18 map to key 175..192, and M1..MR map to 193..196.

xmodmap can be used to reassign keys; unfortunately, you can’t assign a sequence of keys to one key press. Still looking for a solution to this.

Sometimes, you need to decrypt SSL. Wireshark says you can do that if you have the server key.

This works .. almost.

It doesn’t work if the key exchange uses a DH (Diffie-Helmann) cipher. You need to use a RSA cipher for the key exchange. Several people on the internet tell you this, but i was never able to find any information which keys to use and which not to use.

Seems this works, however:

I made it work. As SYN-bit said, the reason because my server and client use DH cipher to exchange key, I should config my server to use RSA cipher to exchange key. with Apache :

SSLCipherSuite RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS

Now I can decrypt https traffic.

This has been annoying me for almost 2 weeks now. Entry #7 of this fixes the problem for me.

In short:
in /usr/share/xfce4/helpers/firefox.desktop, replace the last two lines with


X-XFCE-Commands=%B -new-window "about:blank";%B;
X-XFCE-CommandsWithParameter=%B -new-tab "%s";%B %s;


Oracle is (rightfully!) tightening the security requirements around the .jnlp web starter more and more. Formerly, they were just started; later, you got warning messages if they weren’t signed with a proper certificate, and in the newest versions, you need to explicitly manage a list of servers you permit execution from.

So, even if you’re a developer of open source, or freeware, you need to sign your code, which requires a certificate, which normally costs money. Unless you use the services of the nice company Unizeto, who, with their Certum certificates, give code signing certificates to open source developers for free.
Continue reading →