Test iSCSI

The LUN is created on ReadyNAS (192.168.1.28) in group CentOS-PXE, target iqn.1994-11.com.netgear:nas:08303042:centos-pxe.

All commands are run from my laptop (T530), but it can be any Linux:

[root@T530 ~]# iscsiadm -m discovery -t sendtargets -p 192.168.1.28
192.168.1.28:3260,1 iqn.1994-11.com.netgear:nas:051ada19:group1
192.168.1.28:3260,1 iqn.1994-11.com.netgear:nas:08303042:centos-pxe

We are interested in the second one:

[root@T530 ~]# iscsiadm -m node -T 'iqn.1994-11.com.netgear:nas:08303042:centos-pxe' -p 192.168.1.28 -l
Logging in to [iface: default, target: iqn.1994-11.com.netgear:nas:08303042:centos-pxe, portal: 192.168.1.28,3260] (multiple)
Login to [iface: default, target: iqn.1994-11.com.netgear:nas:08303042:centos-pxe, portal: 192.168.1.28,3260] successful.

Now we can list disks:

[root@T530 ~]# ls -l /dev/disk/by-path
razem 0
lrwxrwxrwx. 1 root root  9 10-22 17:25 fc---lun-0 -> ../../sdd
iqn.1994-11.com.netgear:nas:08303042:centos-pxe-lun-0 -> ../../sdd
lrwxrwxrwx. 1 root root  9 10-22 16:29 pci-0000:00:0d.0-ata-1.0 -> ../../sda
lrwxrwxrwx. 1 root root 10 10-22 16:29 pci-0000:00:0d.0-ata-1.0-part1 -> ../../sda1
lrwxrwxrwx. 1 root root 10 10-22 16:29 pci-0000:00:0d.0-ata-1.0-part2 -> ../../sda2
lrwxrwxrwx. 1 root root  9 10-22 16:29 pci-0000:00:0d.0-ata-2.0 -> ../../sr0

as you can see, the new volume is linked as /dev/sdd usualy it will be sda or sdb.

Now we can "unmount" as it won't be needed.

iscsiadm -m node -T 'iqn.1994-11.com.netgear:nas:08303042:centos-pxe' -p 192.168.1.28 -u

Configure network install

You will need: tftp, dhcp and ftp server and CentOS installation ISO file. Unpack ISO content to ftp server to some (CentOS7-1908-minimal in my case) directory.

Add entry in /data/tftpboot/pxelinux.cfg/default file:

LABEL InstallCentOS7
MENU LABEL Install CentOS 7 1908
KERNEL /networkboot/CentOS7-1908/vmlinuz
APPEND initrd=/networkboot/CentOS7-1908/initrd.img inst.repo=ftp://192.168.1.28/CentOS7-1908-minimal

You have to create networkboot/CentOS7-1908 directory in your tftp root directory. In my (ReadtNAS) case /data/tftpboot/, so full path is /data/tftpboot/networkboot/CentOS7-1908.

Files vmlinux and initrd.img are from ISO from isolinux directory. Because my ftp root is /data/pub/ I typed:

cp /data/pub/CentOS-7-x86_64-Minimal-1908/isolinux/{vmlinuz,initrd.img} /data/tftpboot/networkboot/CentOS7-1908

Now you should be able to run CentOS installation from network.

Installation

Boot computer from network (PXE BOOT) choose Install CentOS 7 1908 from pxe menu.

Run standard installator. As Installation destination add disk in Specialized & Network Disks. In Add iSCSI Target... enter 192.168.1.28 as Target IP Address and click Start discovery. Choose desired node (if you have more than one you should know what do do) and click Log in and (after a while) OK.

Now you should have some drive (sda, sdb or similar) - select it and click Done. Probably there will be Error checking storage configuration message - click Full disk summary and boot loader ... and unselect your disk as a boot device by clicking Do not install boot loader. Click Done.

Now be sure the name of your network card. In my case it is enp0s3.

You can add more installation repositories, but it is not necessary now.

Click Begin installation. It will take a while - in the meantime you can set root password.

When installation is complete switch to console (Ctrl-Alt-F2) and copy vmlinuz and initramfs files to your tftp server:

scp /mnt/sysimage/boot/vmlinuz-3.10.0-1062.el7.x86_64 /mnt/sysimage/boot/initramfs-3.10.0-1062.el7.x86_64.img user@192.168.1.28:

and place this two files in tftp directory:

mv /home/user/vmlinuz-3.10.0-1062.el7.x86_64 /home/user/initramfs-3.10.0-1062.el7.x86_64.img /data/tftpboot/networkboot/CentOS7-1908

as you can see I use the same directory as in network install, but it is no necessary.

Now it is time to final PXE configuration on tftp server prepare entry similar to:

LABEL Centos7
MENU DEFAULT
MENU LABEL Cent OS 7
kernel /networkboot/CentOS7-1908/vmlinuz-3.10.0-1062.el7.x86_64 root=/dev/mapper/centos-root ro netroot=iscsi:@192.168.1.28::::iqn.1994-11.com.netgear:nas:08303042:centos-pxe rd.iscsi.initiator=iqn.1994-05.com.redhat:2f3474eec735 vconsole.keymap=pl LANG=en_GB.UTF-8  console=tty0 ip=enp3s0:dhcp  rhgb quiet
append initrd=/networkboot/CentOS7-1908/initramfs-3.10.0-1062.el7.x86_64.img

You can check "magic numbers" on freshly installed system by:

[anaconda root@localhost /]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.1994-05.com.redhat:2f3474eec735
[anaconda root@localhost /]# iscsiadm -m session
tcp: [1] 192.168.1.28:3260,1 iqn.1994-11.com.netgear:nas:08303042:centos-pxe
[anaconda root@localhost /]# grep root /mnt/sysimage/etc/fstab
/dev/mapper/centos-root /    xfs      defaults,_netdev,_netdev 0 0 

Now you can click Reboot.

After some time you have network booted system.

Configure iPXE

Instead of PXE I should be possible to use iPXE. For now I can only boot iPXE - then I return to PXE because it works.

Download binary (on ReadyNAS - TFTP server) and move to tftp directory:

cd /tmp/
wget http://boot.ipxe.org/undionly.kpxe
mv /tmp/undionly.kpxe /data/tftpboot/

Not to have to flash network card ROM I use PXE chainloading. Change (on Gargoyle - DHCP server):

dhcp-match=set:ipxe,175
dhcp-boot=tag:!ipxe,undionly.kpxe,,192.168.1.28
dhcp-boot=menu.ipxe,,192.168.1.28

It should be more convenient way to upgrade kernel in future.

For now, in menu.ipxe I've entry:

:pxelinux
set 210:string tftp://192.168.1.28/
chain ${210:string}pxelinux.0 || goto failed
goto start

Sources:

Diskless iSCSI boot with PXE HOWTO

How to chainload ipxe using dnsmasq?

Centos 7 Diskless Environment – PXE booting OpenStack compute nodes from iSCSI SAN

Last time I've prepared Gargoyle as dhcp and tftp server.

Prepare tftp on ReadyNAS

To enable tftp on ReadyNAS I've installed Tftp Server for Readynas. All files have to be in tftpboot share, so I've created it.

I have to copy all syslinux files (can be copied from gargoyle) to this share, so it contains (full path):

/data/tftpboot/pxelinux.cfg
/data/tftpboot/pxelinux.cfg/default
/data/tftpboot/ldlinux.c32
/data/tftpboot/libutil.c32
/data/tftpboot/menu.c32
/data/tftpboot/pxelinux.0

Reconfigure DHCP

Now I have to change dhcp server configuration. On gargoyle, in file /etc/dnsmasq.conf:

dhcp-boot=pxelinux.0,,192.168.1.28

as you can see, now it has address of my ReadyNAS (192.168.1.28).

You can comment out lines

enable-tftp
tftp-root=/var/lib/misc/tftpboot

tftp on gargoyle is not need any more.

Now you should be able to boot any PC using PXE from ReadyNAS.

Boot to CentOS 7 (or any Linux) Installer

Now you can try to run Cent OS installer from network. You have to prepare FTP share and copy there files from installation image (CD/DVD). I've copied it to ReadyNAS to pub/CentOS7-1708 share .

If you use proftpd you have to create /etc/frontview/proftpd/proftpd.conf.overrides file to allow anonymous access:

UserAlias anonymous guest
<Anonymous /var/ftp/pub>

User guest
Group guest

  <Directory *>
    <Limit WRITE>
      DenyAll
    </Limit>
  </Directory>

  <Directory incoming>
    <Limit READ >
      DenyAll
    </Limit>
    <Limit STOR>
      AllowAll
    </Limit>
  </Directory>
</Anonymous>

Create /data/tftpboot/networkboot/CentOS7-1708 directory and copy there files:

/data/tftpboot/networkboot/CentOS7-1708/initrd.img
/data/tftpboot/networkboot/CentOS7-1708/vmlinuz

In /data/tftpboot/pxelinux.cfg/default file add lines:

LABEL InstallCentOS7
MENU DEFAULT
MENU LABEL Install CentOS 7
KERNEL /networkboot/CentOS7-1708/vmlinuz
APPEND initrd=/networkboot/CentOS7-1708/initrd.img inst.repo=ftp://192.168.1.28/CentOS7-1708-minimal

notice that ftp path is relative to pub share.

Now you should be able to boot to Cent OS installer.

Prepare NFS share

I've done it on ReadtNAS. You have to set in Settings - Network Access - NFS - Advanced settings: No Root Squash.

Be careful because you have to provide full path when mount share. My share is pub/root, so I have to mount as /data/pub/root:

mount -vt nfs 192.168.1.18:/data/pub/root /mnt/nfsroot/

As you can see, I've mounted this share in /mnt/nfsroot directory.

Install Cent OS

yum install --releasever=7 --installroot=/mnt/nfsroot \@base \@core

when You want to install another packages you can see error:

Wczytane wtyczki: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
There are no enabled repos.
 Run "yum repolist all" to see the repos you have.
 To enable Red Hat Subscription Management repositories:
     subscription-manager repos --enable <repo>
 To enable custom repositories:
     yum-config-manager --enable <repo>

you will have to

cp /etc/yum.repos.d/CentOS-Base.repo /mnt/nfsroot/etc/yum.repos.d/

Now you can add some GUI packages:

yum install --releasever=7 --installroot=/mnt/nfsroot \@fonts \@gnome-desktop \@x11

Based on: CentOS 7: Install PXE Boot server for thin client with NFS.

The solution is similar as in Windows 7. To add a drive you have to type command (single line):

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" 
internalcommands createrawvmdk -filename 
"C:\Users\jaqb\SP900.vmdk" -rawdisk "\\.\PhysicalDrive1"

The VirutalBox also have to be run as privileged user (administrator).

On CentOS 7 you can log all commands to syslog an then to local file or even to remote server.

Send all commands to syslog

Create file /etc/sysconfig/bash-prompt-xterm:

RETRN_VAL=$?;logger -p local6.debug "$(whoami) [$$]: $(history 1 | sed "s/^[ ]*[0-9]\+[ ]*//" ) [$RETRN_VAL]"

and change, to be executable:

chmod a+x /etc/sysconfig/bash-prompt-xterm

Configure syslog to send messages from local6 facility to separate file

Create file /etc/rsyslog.d/bash.conf:

local6.*    /var/log/commands.log

finally:

service restart rsyslog

Now you can monitor commands:

tail -f /var/log/commands.log

Log command using audit

Alternatively you can use audit - create /etc/audit/rules.d/bash_history.rules:

-a exit,always -F arch=b64 -S execve
-a exit,always -F arch=b32 -S execve

but logs are not very human friendly:

grep EXECVE /var/log/audit/audit.log

and you may also want to log execvp, execl, execveat etc.

Sources:

https://askubuntu.com/questions/93566/how-to-log-all-bash-commands-by-all-users-on-a-server

https://unix.stackexchange.com/questions/86000/how-can-you-log-every-command-typed

http://whmcr.com/2011/10/14/auditd-logging-all-commands/

Setting up PXE booting server.

Set up DHCP server:

On Gargoyle (my dhcp server) router I've add to /etc/dnsmasq.conf:

dhcp-boot=pxelinux.0
enable-tftp
tftp-root=/var/lib/misc/tftpboot

of course you can try to use uci instead, if you know how - I couldn't.

Set up files

Download newest syslinux from Linux kernel site (in my case: syslinux 6.03).

Copy

• bios/com32/libutil/libutil.c32
• bios/com32/elflink/ldlinux/ldlinux.c32
• bios/com32/menu/menu.c32
• bios/core/pxelinux.0

to /var/lib/misc/tftpboot directory.

Create pxelinux.cfg directory and default file inside:

mkdir /var/lib/misc/tftpboot/pxelinux.cfg/
vi /var/lib/misc/tftpboot/pxelinux.cfg/default

The default file should have content like this:

DEFAULT menu.c32
TIMEOUT 300
ALLOWOPTIONS 0
PROMPT 0

MENU TITLE My new PXE Boot Menu

LABEL BootLocal
MENU LABEL ^Boot Local (HDD)
LOCALBOOT 0

now you should be able to test booting from any computer in local network.

Of course this is dummy example as it can only boot from local disk.

As you can see in logs (using logread command on Gargoule router):

Fri Sep 27 19:25:47 2019 daemon.info dnsmasq-tftp[20876]: sent /var/lib/misc/tftpboot/pxelinux.0 to 192.168.1.163
Fri Sep 27 19:25:47 2019 daemon.info dnsmasq-tftp[20876]: sent /var/lib/misc/tftpboot/ldlinux.c32 to 192.168.1.163
Fri Sep 27 19:25:47 2019 daemon.err dnsmasq-tftp[20876]: file /var/lib/misc/tftpboot/pxelinux.cfg/44454c4c-3400-1037-8034-b1c04f30354a not found
Fri Sep 27 19:25:47 2019 daemon.err dnsmasq-tftp[20876]: file /var/lib/misc/tftpboot/pxelinux.cfg/01-84-2b-2b-bd-47-59 not found
Fri Sep 27 19:25:47 2019 daemon.err dnsmasq-tftp[20876]: file /var/lib/misc/tftpboot/pxelinux.cfg/C0A801A3 not found
Fri Sep 27 19:25:47 2019 daemon.err dnsmasq-tftp[20876]: file /var/lib/misc/tftpboot/pxelinux.cfg/C0A801A not found
Fri Sep 27 19:25:47 2019 daemon.err dnsmasq-tftp[20876]: file /var/lib/misc/tftpboot/pxelinux.cfg/C0A801 not found
Fri Sep 27 19:25:47 2019 daemon.err dnsmasq-tftp[20876]: file /var/lib/misc/tftpboot/pxelinux.cfg/C0A80 not found
Fri Sep 27 19:25:47 2019 daemon.err dnsmasq-tftp[20876]: file /var/lib/misc/tftpboot/pxelinux.cfg/C0A8 not found
Fri Sep 27 19:25:47 2019 daemon.err dnsmasq-tftp[20876]: file /var/lib/misc/tftpboot/pxelinux.cfg/C0A not found
Fri Sep 27 19:25:47 2019 daemon.err dnsmasq-tftp[20876]: file /var/lib/misc/tftpboot/pxelinux.cfg/C0 not found
Fri Sep 27 19:25:47 2019 daemon.err dnsmasq-tftp[20876]: file /var/lib/misc/tftpboot/pxelinux.cfg/C not found
Fri Sep 27 19:25:47 2019 daemon.info dnsmasq-tftp[20876]: sent /var/lib/misc/tftpboot/pxelinux.cfg/default to 192.168.1.163

My computer tried to find following configs files:

• his UUID (44454c4c-3400-1037-8034-b1c04f30354a)
• his MAC address (01-84-2b-2b-bd-47-59) with 01 prefix
• full IP address (C0A801A3) - C0.A8.01.A3 is equal to 192.168.1.163.
• 7 larger subnets (by 4 bits) - C0A801A to C.
• finally default file

You can use it later to per host configurations.

First of all you should prepare image with LDAP support as described in Docker image of Wordpress with LDAP support or why do not use ldap plugin before you created container...

But if you already have a container there is also possibility to enable LDAP support:

Run bash inside container:

docker exec -it wordpress_wordpress_1 /bin/bash

then exec:

apt-get update
apt-get install -y libldap2-dev
docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/
docker-php-ext-install ldap
rm -rf /var/lib/apt/lists/*
apt-get purge -y --auto-remove libldap2-dev
/etc/init.d/apache2 restart

the last line will terminate container. If you have set power policy to restart always there is nothing you have to do. Alternatively you can run container again

docker start wordpress_wordpress_1

I am using F*EX (old sever), but it doesn't integrate with Thunderbird Filelink.

Today I found Download Ticket Service (sources) - which says that provides integration with Thunderbird.

Update: Simpler and newer version: LEGO Boost and Python - CentOS 7.

I've manage to control LEGO Boost using Python.

I've used CentOS 7, BLED112 dongle and pylgbst library.

There are a few command I have to run:

yum install rh-python36
/opt/rh/rh-python36/root/usr/bin/pip install pygatt
/opt/rh/rh-python36/root/usr/bin/pip install https://github.com/undera/pylgbst/archive/0.9.tar.gz
/opt/rh/rh-python36/root/usr/bin/pip install pexpect

now I can run first program (boost1.py):

from pylgbst.movehub import MoveHub

hub = MoveHub()

for device in hub.devices:
    print(device)

using command:

/opt/rh/rh-python36/root/usr/bin/python boost1.py
1
2
55
56
57
50
58
59
60

as you can see, there are list of devices IDs (1, 2, 55, 56, 57, 50, 58, 59, 60).

Let's try to do something (boost2.py):

from pylgbst.movehub import MoveHub, COLOR_RED

hub = MoveHub()

hub.led.set_color(COLOR_RED)

Yes! The LED has been changed to red.

Install docker

curl -fsSL https://get.docker.com/ | sh

start, and enable to start after rebooting:

systemctl start docker
systemctl enable docker

optionally you can add permissions you yourself:

usermod -aG docker jaqb

in my case my user is jaqb.

Install docker-compose

curl -L "https://github.com/docker/compose/releases/download/\
1.23.1/docker-compose-$(uname -s)-$(uname -m)" \
-o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

you have to check if there is newer version than 1.23.1.

You can get System Workbench for STM32 from STM32 Community download area.

You can get STM32CubeMX form ST site.

STM32 CubeMX

I've tried to run SetupSTM32CubeMX-5.0.0.linux, but I got:

/lib/ld-linux.so.2: bad ELF interpreter: No such file or directory

so I need to install

yum install glibc.i686

because of missing /lib/ld-linux.so.2 file.

Now I've got:

[root@linux en.stm32cubemx5]# ./SetupSTM32CubeMX-5.0.0.linux
chdir /tmp/en.stm32cubemx5/.
current dir /tmp/en.stm32cubemx5
Nov 20, 2018 5:47:11 PM INFO: Logging initialized at level 'INFO'
Nov 20, 2018 5:47:11 PM INFO: Commandline arguments:
Nov 20, 2018 5:47:13 PM INFO: Detected platform: linux,version=3.10.0-693.21.1.e                                                                                        l7.x86_64,arch=x64,symbolicName=null,javaVersion=1.8.0_161
Nov 20, 2018 5:47:14 PM WARNING: No console implementation of panel: \
com.st.microxplorer.install.MXAnalyticsPanel
Console installation is not supported by this installer
[ Console installation FAILED! ]

If you have installed 4.x version you can get error when you try to run:

2018-11-20 15:22:45,811 [INFO] STM32CubeMX:30 - Starting STM32CubeMX
Exception in thread "AWT-EventQueue-0" java.awt.HeadlessException

I had to install:

yum groups install "GNOME" "X Window System" "Fonts"
yum install xorg-x11-fonts-Type1
yum install java-1.8.0-openjdk

Java is important - java-1.8.0-openjdk-headless it's not enough.

Now I can install it without problems.

System Workbench for STM32

./install_sw4stm32_linux_64bits-v2.7.run -m -f

exit with error:

error: Failed dependencies:
libusbx >= 1.0 is needed by st-stlink-server-1.1.0-2.amd64

so I've installed:

yum install libusbx

now it install without problems.