Is the Password to the Private Key Correct?

When we generate a public-private key pair for public key cryptography, such as, RSA, we can use a password to control access to the private key. We would know if it is the case by viewing the content of the key file, e.g.,

$ sudo head -1 myprivatekey.key
-----BEGIN ENCRYPTED PRIVATE KEY-----

The problem is that I don't know which password is correct because I have a few. If we are using openssh, we can easily verify if a password is correct by using ssh-keygen with the -y option -- the manual states,

-y      This option will read a private OpenSSH format file and print an
        OpenSSH public key to stdout.

Knowing this, we verify whether a password is correct or not by

ssh-keygen -y -f ./myprivatekey.key; echo "exit code is " $?
Enter passphrase: xxxxxxxx
Load key "./myprivatekey.key": incorrect passphrase supplied to decrypt private key
exit code is  255

which shows that the password I entered was incorrect. However, we entered a correct one, we would observe,

ssh-keygen -y -f ./myprivatekey.key; echo "exit code is " $?
Enter passphrase: yyyyyyyy
exit code is  0

On a Debian-based Linux Distribution, Which Package Has a Given File?

We often wonder which package we should install to use a command. On Debian-based distributions, we can use apt-file to locate file that in packages that we have or haven't installed, and use dlocate to locate a file in packages that have been installed.

For example, to determine which package the ip command is in, we can run the following.

First, make sure we have installed apt-file

sudo apt-get install apt-file

Second, make sure we have packages indexed and up-to-date, be it installed or not.

sudo apt-file update

We can now determine which package has the ip command,



apt-file search ip

The result may be too long to be useful. To shorten the result, we apply heuristics. We know that the ip is a command, and it is probably in a bin directory, the name of the file should be ip,

apt-file search ip | grep "bin" | grep "/ip$"

Now the output is

iproute2: /bin/ip
iproute2: /sbin/ip

If we know that we have had the iproute2 installed, we can use dlocate as follows.
First, we make sure that we have installed dlocate.

sudo apt-get install dlocate

Next, we run dlocate with some heuristics as in,

dlocate ip | grep "bin" | grep "/ip$"

The output is,

iproute2: /bin/ip
iproute2: /sbin/ip

When SFC Cannot Fix Corrupted Windows Files, DSIM Comes to Rescue

Just as the title suggested, on a Windows 10 host, I encountered a case that SFC reported that it could not fix corrupted files, and DSIM in this case helped. Below is the screen transcript.

C:\WINDOWS\system32>sfc /scannow

Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection found corrupt files but was unable to fix some of them.
For online repairs, details are included in the CBS log file located at
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
repairs, details are included in the log file provided by the /OFFLOGFILE flag.

C:\WINDOWS\system32>Dism /Online /Cleanup-Image /RestoreHealth

Deployment Image Servicing and Management tool
Version: 10.0.17763.771

Image Version: 10.0.17763.805

[==========================100.0%==========================] The restore operation completed successfully.
The operation completed successfully.

C:\WINDOWS\system32>sfc /scannow

Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection found corrupt files and successfully repaired them.
For online repairs, details are included in the CBS log file located at
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
repairs, details are included in the log file provided by the /OFFLOGFILE flag.

C:\WINDOWS\system32>sfc /scannow

Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

C:\WINDOWS\system32>

LOG4J on Windows Complaining about Console Code Page

I was running the Windows JVM with LOG4J 2.8.1 with SLF4J 2.7.5 on the Windows Subsystem for Linux and encountered an error as follows,

2019-10-24 16:03:19,902 main ERROR Unable to inject fields into builder class 
for plugin type class org.apache.logging.log4j.core.appender.ConsoleAppender, 
element Console. java.nio.charset.UnsupportedCharsetException: cp0

In the Windows Subsystem for Linux terminal, the code page returned was 0, which was the source of the code page cp0.

user@WSL:/mnt/c/Windows/System32$ chcp.com
Active code page: 0
user@WSL:/mnt/c/Windows/System32$

Interestingly, the returned code page is on Windows Command Prompt,

C:\Windows\System32>chcp
Active code page: 437

C:\Windows\System32>

To get rid of the problem, we need to inform Java the encoding scheme, e.g.,

java -Dsun.stdout.encoding=UTF-8 -Dsun.err.encoding=UTF-8 FooClass

where we assume we run the FooClass class.

Using tuned to Configure PostgreSQL Database Management System

Tuned is a profile-based system tuning tool for dynamic and static tuning of system settings. I find it very useful even if for configuring system settings. Tuned comes from recent release of Fedora Linux distribution. The following steps are just to make sure that we have the tuned package in the system, and start and enable the tuned service.

sudo dnf install tuned
sudo systemctl start tuned
sudo systemctl enable tuned

Below are a few steps to show how we use tuned to manually adjust system settings (or static-tuning):

• Listing existing profiles
  

  
  tuned-adm list
  

  
  
• To activate a profile or to reactivate a profile after you have revised it,
  

  
  sudo tuned-adm active postgresql
  

  
  In this example, we have created a profile of our own to tune the system for running PostgreSQL Database Management System.

To create such a profile, follow the steps:

1. Create a directory at /etc/tuned, e.g., if we wish to have a profile called postgresql, we create the directory postgresql at /etc/tuned,
   

   
   sudo mkdir /etc/tuned/postgresql
   

   
   
2.  Create a profile at the directory you created, e.g., create tuned.conf at /etc/tuned/postgresql. The following is an example profile for PostgreSQL
   

   
   $ cat /etc/tuned/postgresql/tuned.conf
   #
   # tuned configuration
   #
   
   [main]
   summary=Optimize for running PostgreSQL inside a virtual guest
   
   [cpu]
   governor=performance
   energy_perf_bias=performance
   min_perf_pct=100
   
   [disk]
   readahead=>4096
   
   [sysctl]
   vm.dirty_ratio = 2
   vm.dirty_background_ratio=1
   vm.overcommit_memory=2
   vm.swappiness = 0
   vm.nr_hugepages=1192
   
   [vm]
   transparent_hugepages=never
   
   

   
   This profile basically sets the system to use 2MB hugepages for PostgreSQL. It is worth nothing that in the PostgreSQL's $PGDATA/postgresql.conf configuration file, we have these lines:
   

   
   shared_buffers = 2GB
   huge_pages = on
   

   
   Since shared buffers is 2GB/(hugepage size) = 2GB/2MB = 1024 pages, the vm.nr_hugepages (the number of reserved hugepages) cannot be less than 1024 pages plus additional pages for the process itself and others; otherwise, PostgreSQL will fail to start.
   

Enabling pg_stat_statements for PostgreSQL Database System Tuning and Analysis

To facilitate PostgreSQL database system performance tuning and analysis, we ought to collect query statistics, such as, the amount of time that a query takes. For this, we should enable pg_stat_statements extension. The following shows the steps on a Fedora Linux system:

1. Install the postgresql-contrib package. In the system shell, run command
   
   

   sudo yum install postgresql-contrib

   
   
2. Create pg_stat_statements extension for the database whose query performance we wish to analyze, e.g., we wish to tune performance for database template1,
   
   

   echo "CREATE EXTENSION pg_stat_statements;" | psql -U postgres template1

   
   
3. Enable query statistics collection by editing $PGDATA/postgresql.conf where PGDATA is where the database is, e.g.,
   

   
   # Loading the extension
   shared_preload_libraries = 'pg_stat_statements'
   
   # Increase the max size of the query strings that the database system records
   track_activity_query_size = 2048
   
   # Track all statements including those generated by stored procedures
   pg_stat_statements.track = all
   
   # Log queries that run more than 1000 milliseconds. 
   log_min_duration_statement = 1000
   
   

4. Restart the database server, i.e.,
   

   
   sudo systemctl restart postgresql
   

Increasing PostgreSQL Maintenance Task Speed

I observed maintenance tasks, such as, indexing a large table on a PostgreSQL database took long time. Examining the PostgreSQL configuration, I saw the maintenance_work_mem is 64MB, the default value, e.g.,

postgres=# show maintenance_work_mem;
 maintenance_work_mem
----------------------
 64MB
(1 row)

postgres=#

To speed up the indexing processing, I temporarily increase it to 1GB without restarting the database server. The following transcripts shows the steps:

postgres=# show maintenance_work_mem;
 maintenance_work_mem
----------------------
 64MB
(1 row)

postgres=# ALTER SYSTEM SET maintenance_work_mem='1GB';
ALTER SYSTEM
postgres=# show maintenance_work_mem;
 maintenance_work_mem
----------------------
 64MB
(1 row)

postgres=# SELECT pg_reload_conf();
 pg_reload_conf
----------------
 t
(1 row)

postgres=# show maintenance_work_mem;
 maintenance_work_mem
----------------------
 1GB
(1 row)

postgres=#

What Are Current Queries in PostgreSQL Database?

I wonder what queries my PostgreSQL database are executing, and figure it out using the query below

SELECT query FROM pg_stat_activity;

Finding Disk's Serial Numbers on FreeNAS (or FreeBSD)

To list hard disk drives' serial numbers in a FreeNAS or a FreeBSD system, we can run the following command

geom disk list | grep ident

Limiting Number of Old Kernels in Fedora Linux

As we upgrade/update Linux systems, such as, Fedora Linux, we will see the old kernels accumulate in the system. Since these kernel images are in the Boot partition that is often small, the Boot partition can run out of space. We may remove these old kernel images if we are certain the new kernel installed via the upgrade/update process works fine. In the past, I did it manually (since I didn't know better). In fact, we can do it automatically by configuring the system to allow a number of kernels in the system.

For this, in Fedora Linux, we can add a line to /etc/dnf.conf, such as,

installonly_limit=2

which limits the number of installed kernels to 2. When we perform a dnf upgrade, the system shall remove the old kernel images exceeding the limit. By the way, for a Linux distribution utilizing YUM, adding the same line to /etc/yum.conf will have the same effect.

Permission Denied when Querying PostgreSQL Database

When I query a PostgreSQL database whose name is exampledb that has a table called exampletbl from PostgreSQL user exampleuser, I encountered "Permission Denied" error as follows,

exampledb=> SELECT * FROM exampletbl;
ERROR:  permission denied for relation exampletbl
exampledb=>

The solution is to grant necessary permissions to the user. In the following, I grant "All Permissions" to the user. The following is the command on the command line from a terminal window:

$ echo GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO exampleuser | \
  psql -U postgres exampledb

The key is to grant permissions to the tables in the database to the user, and we can complete this via the database admin user (postgres).

We may also need to grant the user permissions to "All Sequences" and "All Functions" as follows on the command line,

$ echo GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO exampleuser | \
  psql -U postgres exampledb

$ echo GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO exampleuser | \
  psql -U postgres exampledb 

Eclipse Complains "ImportError: DLL Load failed"

When I ran a Python program in a PyDev project in Eclipse, I encountered the following error:

ImportError: DLL load failed: The specified module could not be found.

It turns out that the PATH (or path in UNIX systems) in environment variable does contain the path where the DLL files required by the package imported in the Python program are in. Knowing this, I resolve it by adding the path to the environment variable.

Instead of adding it to the system path environment variable, I added it to the Eclipse "run-as" configuration, e.g., right-click on the Python program we want to run, select "Run As", click on "Run Configuration", click on the "Environment" tab, click at the "Select" button, check the "Path" variable, bring up the edit dialog window, and add the DLL path value to the existing value.

I am using Anaconda3 in a Windows 10 host and installed it at C:\Applications\Anaconda3. In this case, the DLL path value I added is C:\Applications\Anaconda3\Library\bin

Extending a Linux Virtuam Machine File System on a FreeNAS zvol.

I have FreeNAS system where I run a Fedora Linux system on a Virtual Machine. I want to increase the size of a file system on the Linux VM. The file system is on a FreeNAS zvol. Assuming that the file system is mounted at /mnt, and the file system is a Linux Extended File System. The steps are as follows to increase the size of the partition.

1. Increase the zvol via FreeNAS user interface
2. Resize the partition at the Linux VM. Go to Linux VM, run parted. See transcript below
   

   
      $ parted /dev/sdc
      (parted) resizepart 1 100%
      (parted) quit
      $
   

   
   
3. Resize the file system on the partition we just resize. Below are the steps
   

   
      $ e2fsck -f /dev/sdc1
      $ resize2fs /dev/sdc1
   

Upgrading PostgreSQL Databases Revisited

Once upon a time I had to upgrade a PostgreSQL database after a Fedora Linux upgrade. Today after I upgraded a Fedora Linux 28 host to a Fedora Linux 31, I found out I had to do it again because PostgreSQL services refuses to start due to database files of older format. I took a slightly simpler approach to upgrade the 9.6 PostgreSQL database to a 11.5 one.

1. Download and install a PostgresSQL 9.6 binary since I have upgraded the host to Fedora 31 and the old binary was gone. For this, instead of building it from source, I took advantage of the Interactive installer from EnterpriseDB. Download the installer and bring it to the Fedora Host:
   • Interactive PostgreSQL Database Installer Download
2. Running the installer. This is as simple as running the installer from the command line as,
   

   
   chmod +x ./postgresql-9.6.15-2-linux-x64.run
   sudo ./postgresql-9.6.15-2-linux-x64.run
   

   
   Following the prompts given by the installer, I installed the binary at /opt/PostgreSQL/9.6/.
3. Disable and stop the 9.6 version of the database service
   

   
    sudo systemctl disable postgresql-9.6.service
    sudo systemctl stop postgresql-9.6.service
   

   
   
4. The 11.5 version of the database service should not be running because this is why we are doing this. However, it does not hurt to make sure it is down:
   

   
   sudo systemctl stop postgresql.service
   

   
   
5. Switch to user postgres
   

   
   sudo su - postgres
   

   
   
6. Initialize a 11.5 database. Assuming we want the database to reside at directory /mnt/data/postgres/data11, we run version 11.5's initdb:
   

   
   mkdir /mnt/data/postgres/data11
   initdb /mnt/data/postgres/data11
   

   
   
7. Start the 11.5 service for the initialized 11.5 database using the installed 11.5's binary:
   

   
   postgres -D /mnt/data/postgres/data11
   

   
   
8. Open another terminal Window, and in the new terminal Window, start the upgrade process using the pg_upgrade . We take a two-step approach.
   1. First check whether everything is OK with the upgrade using the -c option:

      
      sudo pg_upgrade -b /opt/PostgreSQL/9.6/ -B /usr/bin \
        -d /mnt/data/postgres/data96/ -D /mnt/data/postgres/data11 \
        -c
      

      
      
   2. If pg_upgrade does not complain, we go ahead with the upgrade
      

      
      sudo pg_upgrade -b /opt/PostgreSQL/9.6/ -B /usr/bin \
        -d /mnt/data/postgres/data96/ -D /mnt/data/postgres/data11 \
      

      
      
9. Terminate the 11.5 service we ran manually. Just type CTRL-C in the terminal Windows.
10. In the new terminal Window, make sure the user postgres owns the the database files:
    

    
    sudo chown -R postgres:postgres /mnt/data/postgres/data11
    

    
    
11. We are now ready to start the 11.5 database service in the system

    
    sudo systemctl start postgresql.service
    

    
    
12. Finally, we may have to do some additional steps as instructed by the output of pg_upgrade, such as reindexing the database, uninstalling the 9.6 database server binaries, and removing the old database files, e.g.,

    
    sudo su - postgres
    psql < reindex_hash.sql
    exit
    sudo /opt/PostgreSQL/9.6/bin/uninstall-postgresql
    

Showing PostgreSQL Database Database Location (Data Directory)

To show on which file system and directory on which the PostgreSQL Database System stores its databases, we simply run this query:

psql -U postgres -c "show data_directory;"

Setting up OpenSSH Server on Windows 7 Hosts

Windows 10 has an OpenSSH server feature that we can enable or disable from the Settings UI. Windows 7 however does not have this feature. Since Windows 7, in particular in enterprise environments are still in wide use. This post notes the procedure to install OpenSSH server from the release of the Microsoft's PowerShell development team .

The steps to install the OpenSSH server is straightforward, that is, to follow the team's instructions:

• Instruction to Install Win32 OpenSSH 

This instruction applies to both 32-bit and 64-bit binaries at its release page. Two problems I encountered are,

Setting up SSH Server Host Key

To run the OpenSSH Server, we ought to set up the host keys for the SSH server. We complete this in two steps:

1. Create the  C:\ProgramData\ssh directory, i.e., as Administrator issuing command

   
   mkdir C:\ProgramData\ssh
   

   
   
2. Create SSH server host keys, i.e., running the following as Administrator

   
   C:\Program Files\OpenSSH\ssh-keygen.exe -A
   

It is worth nothing that skipping step 1 above results the following error in my case:

PS C:\Program Files\OpenSSH> .\ssh-keygen -A
ssh-keygen: generating new host keys: RSA Could not save your public key in __PROGRAMDATA__\\ssh/ssh_host_rsa_key.temp_file_suffix: No such file or directory
ssh-keygen: generating new host keys: DSA Could not save your public key in __PROGRAMDATA__\\ssh/ssh_host_dsa_key.temp_file_suffix: No such file or directory
ssh-keygen: generating new host keys: ECDSA Could not save your public key in __PROGRAMDATA__\\ssh/ssh_host_ecdsa_key.temp_file_suffix: No such file or directory
ssh-keygen: generating new host keys: ED25519 Could not save your public key in __PROGRAMDATA__\\ssh/ssh_host_ed25519_key.temp_file_suffix: No such file or directory

Correcting Files and Directory Permissions

Another problem is that the following command to start the SSH server failed:

    net start sshd

The error message is,

    The SSHD service is starting. The SSHD service could not be started.

    A system error has occurred.

    System error 1067 has occurred.

    The process terminated unexpectedly.

On a different occasion, I also encounter an error message like,

     Error code 5: Access is denied. (Create File)

It turns out that the directories hosting the OpenSSH server binaries and keys had wrong permissions. Luckily, this is easy to fix thanks to the powershell script provided by the Powershell team. To fix the permission issues, we run the FixHostFilePermissions.ps1 and FixUserFilePermissions.ps1 scripts in the OpenSSH server directory, e.g.,

1. Open a Windows Command Prompt window or a PowerShell window as Administrator 
2. Assume that your OpenSSH server binaries are in directory C:\Program Files\OpenSSH, run the following in the Windows Command Prompt window or the PowerShell Window

   
   cd "C:\Program Files\OpenSSH"
   powershell -ExecutionPolicy Bypass -File FixHostFilePermissions.ps1
   powershell -ExecutionPolicy Bypass -File FixUserFilePermissions.ps1
   

Jipack.io Complaining about Not Being Able to Locate a Repo

I use a very useful tool jitpack.io to add dependencies directly from Github repositories. I encountered an error in IntelliJ that complains that it cannot resolve the dependencies. Below is an example message:

Could not find artifact com.github.GumTreeDiff:gumtree:pom:v2.1.1 
in jitpack.io (https://jitpack.io)

I resolve this by following these simple steps.

1. Open jitpack.io in a Web browser
2. Enter the Github username and repository name on the site
3. Locate the error reports and different releases from the Website, e.g., using the gumtree project as an example dependency,
   
4. Try different releases by configuring the Maven project with different releases. In this case, version 2.0.0 works.

Windows 10 Complaining Permission Denied for Bind, but Ports Unused

An application on Windows 10 cannot open a TCP port, and the error message is something like

Error:  Permission denied - bind(2) for 127.0.0.1:7334

However, when you attempts to see if any uses the port, you finds nothing, such as,

netstat -abo | find ":7334"

In fact, this error can be the result of the "exclude port range". For instance, we can query the excluded port range on the system using,

netsh interface ipv4 show excludedportrange protocol=tcp

The output can be something like,

Protocol tcp Port Exclusion Ranges

Start Port    End Port
----------    --------
      7248        7347
      7348        7447

* - Administered port exclusions.

From the output we can see that the 7334 tcp port is in the exclusion range, and thus we can not assign it to a process.

Gradle Complaining about JDK not Found

I was attempting to compile a Kotlin project, and encountered the following error:

* What went wrong:

Execution failed for task ':compileKotlin'.

> Kotlin could not find the required JDK tools in the Java installation 'C:\Program Files\Java\jre1.8.0_211' used by Gradle. Make sure Gradle is running on a JDK, not JRE.

The answer to the problem is straightforward is to inform Gradle where the JDK is. Since I am on a Windows host, and the host has had these installed:

C:\>dir "C:\Program Files\Java\"
....

05/14/2019  09:58 AM    <DIR>          .
05/14/2019  09:58 AM    <DIR>          ..
03/04/2019  09:39 PM    <DIR>          jdk-11.0.2
03/04/2019  09:29 PM    <DIR>          jdk1.8.0_201
05/12/2019  08:32 PM    <DIR>          jre1.8.0_211
.....

C:\>

I added the following line to the gradle.properties file, and the problem went away,

org.gradle.java.home=C:\\Program Files\\Java\\jdk1.8.0_201

Updating Plex Media Server to Latest FreeNAS Plugin on Command Line in Jail

There are two methods to upgrade Plex Media Server in FreeNAS Jail. 

1. Method 1. Upgrading Plex Media Server to Latest FreeBSD Release. Using this method, you don't have to wait for FreeNAS developers to upgrade Plex Media Server in the plugin repository.
2. Method 2. Upgrading Plex Media Server to Latest FreeNAS Plugin. 

This post is about Method 2, and documents the steps to upgrade Plex Media Server on Command Line.

1. Login or open FreeNAS shell
2. List jails
   

   
   $ jls
   

   
   The output looks like the following
   

   
   $ jls
      JID  IP Address  Hostname     Path
        1              plex         /mnt/Storage/iocage/jails/plex/root
   $

3. Open a shell inside the jail. The command is as follows,
   

   
   jexec ${JID} csh
   

   
   In the above, the jail ID (JID) is 1. Since we can only the csh as root, we open a shell inside the jail as follows

   
   $ sudo jexec 1 csh
   

4. Upgrading the plexmediaserver package. Inside the jail, we do
   

   
   # pkg upgrade plexmediaserver
   

   
   If the installed version is already latest, we should observe something similar to the following,
   

   
   root@plex:/ # pkg upgrade plexmediaserver
   Updating iocage-plugins repository catalogue...
   iocage-plugins repository is up to date.
   All repositories are up to date.
   Checking integrity... done (0 conflicting)
   Your packages are up to date.
   root@plex:/ #
   

   
   However, if there is a newer version, the upgrade will commerce.
   
   
5. Restart Plex Media Server if it gets upgraded as follows inside the jail,
   

   
   # service plexmediaserver restart
   

Locate a Command on Windows

We know we can locate a command on Unix-like operating systems like Linux or OS X using the which command, such as,

$ which ls
/bin/ls
$

Can we do the similar on Windows? Yes, we use the where, e.g.,

C:\>where find
C:\Windows\System32\find.exe

C:\>

Disqus Complaining "Content Security Policy" Error on Jekyll Webite

I was building a website using Jekyll with the Minima theme. Following the instruction of the Minima theme, I set up Disqus to posts on the site by adding the "Disqus shortname" to Jekyll site configuration file _config.yml, such as,

disqus:
    shortname: mysite-short-name

However, the site displays an error message,

We were unable to load Disqus. If you are a moderator please see our troubleshooting guide.

When I clicked on the error message, Disqus shows an error message

Content Security Policy error

It turns out that to make Disqus work, we must include a url attribute in the configuration file, i.e., after I added the attribute, the configuration now includes,

url: https://mysite-url-used-for-disqus
disqus:
    shortname: mysite-short-name

Jekyll Complains "GitHub Metadata: No GitHub API authentication could be found."

When building a Jekyll site, I encountered the following error message,

$ bundle exec jekyll build
Configuration file: _config.yml
            Source: foosite/
       Destination: _site
 Incremental build: disabled. Enable with --incremental
      Generating...
   GitHub Metadata: No GitHub API authentication could be found. 
   Some fields may be missing or have incorrect data.

The sources of this error are many. What caused the error in my case? It is actually the combination of the two facts:

1. I used the Jekyll SEO Tags plugin, and
2. I did not include a description value in the _config.yml file. 

After my adding a description map to the _config.yml file, the problem went away, e.g.,

$ cat _config.yml
...
description: this is my awesome site. 
...

Dealing with Data Degradation or Bit Rots

If you have set up a NAS or alike, such as a FreeNAS system, you know that the system periodically "scrubs" the disks. The disk scrubs are to to wipe clean the disks, instead, they are to prevent bit rots, a slow degradation of data store on storage devices, e.g., a magnetic disk's gradual loosing its magnetic charge.

If you don't have a NAS that does it for you, how do you reduce the chance of loosing the data due to bit rots (or data degradation), in particular, you have lots of important data on external hard drives? There are a number of tools that can help us if you don't wish to take the task into your own hand to program one. This post bookmarks three such tools,

1. CSHATAG
2. ExactFile
3. DiskFresh 

A combination of application number 3 and one of applications number 1 and 2 in the above can give us a piece of mind, i.e., to detect bit rots and to prevent bit rots.

Moon, Saturn, and Jupiter at Night Sky

Stepping out at this Friday night, I happened to see a few bright astronomical bodies in the night sky.  A striking view was that Saturn, Moon, and Jupiter were lined up in an almost straight line. Can you spot the two planets and the Moon in this low-quality cellphone photo?

 

It also happened that above my head were two bright stars, Altair and Vega that were supposedly separated by the Milky Way -- I say "supposedly" because the Milky Way wasn't visible at all in this light-polluted city park. In both western and eastern folklore and cultures, these two have had interesting histories and stories that often inspire romances. In Chinese folklore, Altair and Vega are a couple whose love are banished. Against all odds, Altair and two nearby but much darker stars β-Aquilae and γ-Aquilae at one side of the river, i.e., the Milky way are meeting his wife and the children's mother, the Weaving girl, Vega at the other side of the river. I wish I had had taken a photo of these beloved stars.

Installing Jekyll on Windows 10 with Windows Subsystem for Linux

Following the Jekyll document, I installed Jekyll on Windows 10 with Windows System for Linux. The steps were as follows:

1. Enable Windows Subsystem for Linux following Microsoft's documentation, i.e., 
1. In Windows 10, open PowerShell as Administrator.
2. Run the following in PowerShell
   
   

   Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
   

   
   
3. Restart Windows
2. Download and install a Linux distribution from Microsoft Store by opening the following URL in a Web browser: https://aka.ms/wslstore
3.  Open a Windows Command Prompt window, and run
   
   

   bash
   

   
   
4. Run the following in bash
   

   
   sudo apt-get update -y && sudo apt-get upgrade -y
   sudo apt-get install -y --no-install-recommends software-properties-common gnupg gpg-agent dirmngr 
   sudo apt-add-repository ppa:brightbox/ruby-ng
   sudo apt-get update
   sudo apt-get install -y ruby2.5 ruby2.5-dev build-essential dh-autoreconf zlib1g-dev
   sudo apt-get install bundler
   sudo gem update
   

   
   
5. Assume you have a Jeykll site at the www directory. Then go to the directory in bash
   

   
   cd www
   

   
   
6. In bash, run the following
   

   
   cd www
   bundle update
   bundle install
   

7. Build the site and launch the Web serer for testing.
   

   
   bundle exec jekyll serve --host=0.0.0.0 --incremental
   

   
   

Adding Github Repository as a Dependecy to Java Project

I just learned that we could easily add a Github repository as a dependency to a Java project using JitPack. Below is an example to a Maven project to which we wish to add JGraphX as a dependency to the Maven project. Since JGraphX "don't properly support Maven or publish to Maven Central", this comes very handy. I view this as a two step approach:

1. Add JitPack to the pom.xml. I added the following just above the dependencies tag:

   
   <repositories>
    <repository>
     <id>jitpack.io</id>
     <url>https://jitpack.io</url>
    </repository>
   </repositories>
   

2. Add a Git commit or release of a Git repository as a dependency. In the following, we use the JGraphX project as an example. The project's Git repository is the JGraphX repository whose url is https://github.com/jgraph/jgraphx.git, from which we read that the Github username is jgraph, and the repository name is jgraphx. Browsing the project repository, we can select a commit by using its commit id (i.e., commit hash), or a tag, or a release. The JGraphX has a number releases as seen at https://github.com/jgraph/jgraphx/releases, among which is v4.0.3. Having gathered the Github username, the repository name, and the release number, we add the following as a child tag to the dependencies tag,

   
    <dependency>
     <groupId>com.github.jgraph</groupId>
     <artifactId>jgraphx</artifactId>
     <version>v4.0.3</version>
    </dependency>
   

After these two steps, we do a Maven update.

Looking up TexLive Package Name using .sty Filename

I am using TexLive, and sometimes it reports that it cannot locate a .sty file. It is not always the case that the package name is identical to the .sty filename (less the extension). For instance, when LaTeX reports that it cannot locate manyfoot.sty. The following will fail because the package that has manyfoot.sty isn't manyfoot.

$ tlmgr install manyfoot
tlmgr.pl: package repository http://ctan.math.utah.edu/ctan/tex-archive/systems/texlive/tlnet (not verified: gpg unavailable)
tlmgr.pl install: package manyfoot not present in repository.
tlmgr.pl: action install returned an error; continuing.
tlmgr.pl: An error has occurred. See above messages. Exiting.

A method to figure out the package name is to use tlmgr to search TexLive repositories, i.e.,

tlmgr search --global --file STY_FILE_NAME

For the example of manyfoot.sty, we do,

$ tlmgr search --global --file  manyfoot.sty
tlmgr.pl: package repository http://ctan.math.utah.edu/ctan/tex-archive/systems/texlive/tlnet (not verified: gpg unavailable)
lwarp:
        texmf-dist/tex/latex/lwarp/lwarp-manyfoot.sty
ncctools:
        texmf-dist/tex/latex/ncctools/manyfoot.sty

after which we do,

$ tlmgr install ncctools
tlmgr.pl: package repository http://ctan.math.utah.edu/ctan/tex-archive/systems/texlive/tlnet (not verified: gpg unavailable)
[1/1, ??:??/??:??] install: ncctools [2430k]
running mktexlsr ...
done running mktexlsr.
tlmgr.pl: package log updated: C:/Applications/texlive/2019/texmf-var/web2c/tlmgr.log

Finding Windows Uptime from Command Line

To get Windows uptime from the command line, we can instead obtain the boot time of the system, and subtract it from current time. To obtain the boot time, we can do the following,

On a Windows server,

net statistics server | find "Statistics since" 

On a Windows workstation

net statistics workstation | find "Statistics since"

Alternatively, we can use the following,

systeminfo | find "System Boot Time:"

or

wmic path Win32_OperatingSystem get LastBootUpTime

or

echo (get-date) - (gcim Win32_OperatingSystem).LastBootUpTime | powershell

PostgreSQL Password File

To access a PostgreSQL database, we may use a Password file. We can place the Password file any where and references to it via a PGPASSFILE environment variable. Here is an example on Windows:

C:\Work>type ./pgpass
# hostname:port:database:username:password
foodbhost:5432:foodb:foouser:foopassword

C:\Work>set PGPASSFILE=./pgpass

C:\Work>psql -U foodbuser -h foodbhost foodb
psql (9.6.3)
Type "help" for help.

foodb=>

Using this method, we help separate the DB authentication and authorization from the application logic. 

Making New Git Repository from Directories in Existing Git Repository

I want to make a new Git repository from a few directories in an existing Git repository. I found the solution provided in this Stack Overflow answer was exactly what I wanted.

• Do it with multiple and easy understandable steps.

“it’s not a superior education, but a superior peer group”

A Bloomberg opinion piece by Andrea Gabor states

"
These results suggest that “it’s not a superior education, but a superior peer group” that makes the difference for high-performing students, said Lisa Barrow, one of the authors of the Chicago study and a senior economist at the Federal Reserve Bank of Chicago.
"

which includes references to a few related studies. Worth further reading!

Pre-defined Compiler Macros

Found this today,

https://sourceforge.net/projects/predef/

that documents pre-defined compiler macros for standards, compilers, operating systems, and hardware architectures.

Go to the following page, and you will see why it is very useful!

https://sourceforge.net/p/predef/wiki/OperatingSystems/

Laptop BIOS Reports "Fan Error"

A laptop computer of mine suddenly reports "Fan Error" during boot with a loud beep. One solution is obviously to replace the fan assembly. In this particular case, I found out that when I reapplied the thermal paste, and the "Fan Error" went away.

If you encounter this problem and happen to have some thermal paste with you, perhaps, you should try this method first. By the way, drug store-sold 91% Isopropyl Alcohol is excellent for removing old thermal paste.

Cannot Eject USB Drive on Windows

It has frustrated me a great deal that I sometimes cannot eject USB drives on Windows. What really worked for me is the answer this superuser thread. The answer for me isn't to use the Sysinternals tools, and questionable 3rd party tools like unlocker. Rather, the answer is to use the Windows Event Viewer as pointed out by an answer in the thread. In my case, what has prevent the USB drive from being ejected is the Windows Task Manager, and I am not alone!

Replacing Corrupt Hard Drive for FreeNAS

An ATA hard drive can fail without being detected by the SMART system in time. At a FreeNAS 11 system I observe when this happens, the drive disappears from the zpool disk list while FreeNAS reports an alert typically like the following,

The volume MyZpool state is DEGRADED: One or more devices has been taken offline 
by the administrator. Sufficient replicas exist for the pool to continue 
functioning in a degraded state.

Since the disk drive disappears from the zpool disk list, the method to replace the disk drive in the FreeNAS guide won't work -- after you replaced the corrupted hard disk drive, if you bring the disk drive online, the disk will be "UNAVAIL"; and if you attempt to replace it via the FreeNAS's Web interface, there will be no disk for you to choose from. If you run "zpool status", you will observe a long sequence of digits instead of the partition as the following example:

$ zpool status
  pool: MyZpool
 state: DEGRADED
status: One or more devices could not be opened.  Sufficient replicas exist for
        the pool to continue functioning in a degraded state.
action: Attach the missing device and online it using 'zpool online'.
   see: http://illumos.org/msg/ZFS-8000-2Q

config:

        NAME                                            STATE     READ WRITE CKSUM
        MyZpool                                         DEGRADED     0     0     0
          raidz2-0                                      DEGRADED     0     0     0
            gptid/11111111-2222-3333-4444-555555555555  ONLINE       0     0     0
            gptid/22222222-2222-3333-4444-555555555555  ONLINE       0     0     0
            99999999999999999999                        UNAVAIL      0     0     0  was /dev/ada2
            gptid/33333333-2222-3333-4444-555555555555  ONLINE       0     0     0
            gptid/44444444-2222-3333-4444-555555555555  ONLINE       0     0     0
            gptid/55555555-2222-3333-4444-555555555555  ONLINE       0     0     0

errors: No known data errors

  pool: freenas-boot
 state: ONLINE
  scan: scrub repaired 0 in 0 days 00:10:03 with 0 errors on Tue Jan 15 03:55:03 2019
config:

        NAME        STATE     READ WRITE CKSUM
        freenas-boot  ONLINE       0     0     0
          da0p2     ONLINE       0     0     0

errors: No known data errors

The method to resolve this is via command line. Below is the steps starting from replacing the physical hard drive.

1. Replace the physical hard drive. For this, shutdown the machine if necessary. 
2. Partition the hard drive. Following is an example where we assume the disk is /dev/ada2.

   
   # create gpt called ada2
   sudo gpart create -s gpt ada2
   # create a 2G swap partition (it will be ada2p1)
   sudo gpart add -i 1 -b 128 -t freebsd-swap -s 2G ada2
   # create a second partition using the rest of the space (it will be ada2p2)
   sudo gpart add -i 2 -t freebsd-zfs ada2
   # replace disk labeled "99999999999999999999" by ada2p2. See the error message example above. 
   sudo zpool replace MyZpool 99999999999999999999 ada2p2
   

Once the above is completed, FreeNAS will immediately start resilvering the zpool.