SVN: import subfolder as new repository root

April 6th, 2014

I’ve done a little research and found the partial solution here: http://stackoverflow.com/questions/2337470/svn-move-single-directory-into-other-repository-with-history

Problem was that using it would error as it tries to create the subfolder.
So I dug some more and then found:
http://www.pakettiradio.net/the_ultimate_subversion_repository_splitting_guide/

Problem here was that I still had the root of the sub-folder creation attempt raising
svnadmin: File not found: transaction ’0-1′, path

A little digging turned up:
http://www.celticwolf.com/blog/2010/05/03/subversion-svnadmin-load-error-file-not-found-transaction-0-1-path/

Which doesn’t solve anything but lit my Eureka bulb: there is no sense in creating an empty root folder. It already exists. So What I did was to delete it’s creation from the fixed dump file which was looking like this notice empty Node-path and action “add”):

Node-path:
Node-action: add
Node-kind: dir
Prop-content-length: 10
Content-length: 10

PROPS-END

Not to be confused with other empty Node-path which actually set properties!!!

Now remains only 1 problem: I also want the user to be changed. This is a problem because in the dump, the username is preceded by a line starting with V followed by a number. This number is the length of the username.

There are some interesting solutions here: http://stackoverflow.com/questions/1195339/is-there-a-way-to-change-a-svn-users-username-through-the-entire-repository-hist

However, I am trying to keep my server yum-compatible, and svndumptool is in no public yum repo, to my searching today.
My solution involves a multiline SED. Relevant articles are
http://www.refining-linux.org/archives/27/20-Multi-line-sed-search-and-replace/
and
http://stackoverflow.com/questions/4510813/sed-regular-expression-over-multiple-lines

As I have multiple subfolders to be split up into new repositories, I’ve created a script to do the job, including setting up an apache vhost for each.

The relevant part of the script looks like this:

1
2
3
4
5
6
svndumpfilter include $grp/$usr --drop-empty-revs --renumber-revs  < $repo_dump > $repo_dump.$usr
sed -e "s/Node-path: $grp\/$usr/Node-path: /" < $repo_dump.$usr >$repo_dump.$usr.fixed1
sed -e "s/Node-copyfrom-path: $grp\/$usr/Node-copyfrom-path: /" < $repo_dump.$usr.fixed1 >$repo_dump.$usr.fixed2
sed -e "/Node-path: /{ N; N; N; N; N; N; s/Node-path: \nNode-action: add\nNode-kind: dir\nProp-content-length: 10\nContent-length: 10\n\nPROPS-END//}" < $repo_dump.$usr.fixed2 >$repo_dump.$usr.fixed3
sed -e "/svn:author/{ N; N; s/svn:author\n.*\n$svn_usr_from/svn:author\nV $svn_usr_len\n$svn_usr_to/}" < $repo_dump.$usr.fixed3 >$repo_dump.$usr.fixed4
svnadmin load $repo_dir/$cust_group/$cust_customer --ignore-uuid < $repo_dump.$usr.fixed4

Related posts

VMWare ESXi – VM is gray when adding new hardware

March 26th, 2014

VMWare ESXi 5.0 U1

It happened to me that I created a new VM, then copied over a template VMDK but forgot to add it. When I started the VM it complained of no OS, so I edited the config and added the HDD.
Right after this operation, the VM became gray and was no longer manageable.
I removed it from inventory, then added it back again and now it was showing properly as powered on.
I powered it off, then on again.

Now, the VM kept showing a text cursor “dancing” on the screen like crazy.
I powered it off, removed the HDD, then added it back and powered it on.

Now, it’s usable.

Related posts

One of the ways spam gets onto your email “legally”

March 10th, 2014

So we all know the pitfalls of using your email address in the wrong places.

Some of us also know about using your email in the right places and still getting spam.

That is why there are services such as http://notsharingmy.info
It’s not the best of services, but it is free and does it right for me so I stopped looking. If anybody knows of a better alternative, please comment.

Now onto the point: I registered on alibaba.com as a means of getting some stuff to import.
Begin a chinese site, I don’t trust them so I used an alias from above mentioned service.
exactly 3 weeks later my inbox was starting to fill in with spam/junk email from various suppliers broadcasting their offers for everything but what I was looking for.
So I cancelled forwarding and made a new alias and registered that one. Hopefully, it will last at least another 3 weeks.

It sucks, but what can one do?

Related posts

The major pitfall when you manage (start, stop, etc) remote service in Windows XP

January 29th, 2014

I literally spent almost 2 hours googling around for this issue.

“error 5: access denied”

No matter if I use sc.exe, the mmc snapin, sysinternals tools, etc. I get the same error. And it took me this much to find this gem referenced on some forum/whatever:

https://groups.google.com/forum/#!msg/microsoft.public.scripting.wsh/r0GXUNHlVBs/YormuJCEOtwJ

So the problem with WinXP Pro, by default, when in a WORKGROUP is that it’s FORCE GUEST on.
That means that every user connecting to it’s services, is authenticated as guest. And guest has no business managing services.

Now people say that there is no solution for this in WinXP Home and for WinXP Pro one should edit the local policies or registry as explained in that article above.

However, but I cannot verify on WinXp HOME, I believe that by putting the Guest user in the administrators account you should be able to get the same effect. This is working (tested) on WinXP PRO !!!
Of course, the implications of such a bold move must be carefully weighed because there are a lot of assumptions made in the system about the Guest account and a lot of things will be affected, but taken the security issue aside, this is COOL :)

Ok, so there you go, covering both pro and home editions. Use it at your own risk.

Related posts

The traps of buying online hardware from other countries

January 22nd, 2014

So I bought a StarTech 1 port PCI Express eSATA II Controller Card to use in my ESXi to passthrough to my fileserver and connect an internal HDD to it.
Everything is nice, the card works fine in windows but not in linux (which my file server is). I get
FATAL: Error inserting si3531r5 (/lib/modules/2.6.32-358.11.1.el6.x86_64/kernel/drivers/scsi/si3531r5.ko): Invalid module format
and dmesg shows:

si3531r5: version magic '2.6.9-22.ELsmp SMP gcc-3.4' should be '2.6.32-358.11.1.el6.x86_64 SMP mod_unload modversions '

This is as expected since my kernel grew/matured over the years unlike their drivers.
So I go about contacting their support, asking for code or updated drivers. They route me to silicon image for this issue because

Unfortunately when it comes to the source code for these cards, that code is owned by Silicon Image and if we had the source code ourselves, we would still most likely not be at liberty to hand it out. We supply the driver on the website which is designed for getting this card installed and working in most environments.

now, that’s silly, since in the linux world, kernels get new versions all the time so it’s pretty much impossible to keep a system outdated for 4-5 years just so an expansion card can be used in it. It’s just stupid.

So I go to silicon image site, and check for drivers. What do you know:

End-Users: Silicon Image does NOT support End-Users directly. Silicon Image designs and develops chips for manufacturers. These manufacturers develop their own drivers, firmware and software for their boards. Silicon Image does not have information or access to the Drivers, Software or boards that these manufacturers create and sell. We typically assist these manufacturers when they have problems with our chips. End-Users should contact product manufacturer of the board for technical support.

In RED.

Call me stupid, but startech support appears to be living on another planet. They tell me to return the card. Right. Overseas?

Related posts

Troubleshooting NFS

January 6th, 2014

Every now and then I have issues with my NFS setup, server-side or client-side. And since I don’t usually handle NFS all that often, I always forget how to solve it and end up wasting a ton of time debugging and searching and stuff.

SO I finally, seconds before posting a long question on serverfault.com, managed to pin it down once again.

So, long story short:
- pretty much most of the problems regarding NFS come from firewall: server-side, client-side and/or router-side. So make sure to disable them all and see if that works. If it does, I’ll explain later how to make it work with your firewall enabled as well
- then, there are NFS server and NFS client configuration issues. There are plenty of how-tos out there for this

So how to troubleshoot a firewall/iptables issue? The most common flag for this problem is “connection timeout”. If you get it, it’s most likely a firewall/routing issue.

What I just did now, in my case, is to set up my firewall rules such a way that all drops are going to a special “mydrop” target, in which I drop everything.
Then, I have some scripts made which cancels, restores and enables logging in the firewall.
The logging script will cancel the firewall, then restore it (this cleans up stuff) then it adds logging like:

iptables -I mydrop -m limit --limit 2/sec -j LOG --log-prefix "IPTables-dropped: " --log-level 4 --log-tcp-options --log-ip-options

then, in another console, I do

tail -f /var/log/messages

and in the first one I start the mount/showmount/rpcinfo commands and check the tail log to see what packets are being dropped.
Then I make rules for those packets.

Now, in my personal case, I set up my NFS server to have static/dedicated ports (there are how-tos out there on how to do it, I won’t go over them here).
So, on a tight firewalled linux machine, the iptables rules for NFS client would look like this

# nfs client
-A services -s 192.168.1.4 -p tcp --sport 111 -j ACCEPT
-A services -s 192.168.1.4 -p tcp --sport 892 -j ACCEPT
-A services -s 192.168.1.4 -p tcp --sport 2049 -j ACCEPT
-A services -s 127.0.0.1 -d 127.0.0.1 -p udp --dport 111 -j ACCEPT
-A services -s 127.0.0.1 -d 127.0.0.1 -p udp --sport 111 -j ACCEPT

“services” in this context is a dedicated target for my used services (usually server/daemon stuff, but also client stuff when needed, like this scenario).
Note: 192.168.1.4 is my NFS server.

Then, on server side I have this
# nfs server
-A services -s 192.168.1.0/24 -m state --state NEW -p udp --dport 111 -j ACCEPT
-A services -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 111 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 32803 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 32769 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 892 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 892 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 875 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 875 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 662 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 662 -j ACCEPT

the rules with INPUT I have copied from another blog/site, which I can’t recall now. At the time I get these, I didn’t think about the logging idea I just wrote about, and I don’t want to kill all my machines to test it so I can figure out exactly what rules to put there.

Anyway, I hope this logging idea will help someone save some hours.

Related posts

Experts-Exchange: going at it, again

January 4th, 2014

As mentioned earlier, I’ve got congratulated on becoming a designated expert on 2 sections: http://blog.ciuly.com/?p=817
Today, they did it again. For the same 2 sections :)

time for another email to their support (the first time I didn’t mail them, I was hoping it was a one time slip).

Related posts

Windows XP: this file came from another computer and might be blocked

January 3rd, 2014

I thought I’ve seen them all in WinXP. So I got bumped today with not being able to access a file over a share on another computer on the local network. I hit the file properties and saw the message in the title.
Small googling, turned up to suggest it may be some zone information IE browser would set when you download a file. Some suggest using streams.exe from sysinternals to delete the extra data stream of the file.

Indeed, that solves it. But I am not one of those that just blindly deletes stuff, so before I deleted, I made sure to peek at what info I was about to delete. And it looks like this:
c:\path\DigiSign_eToken_PKI_Client_x32.msi:
:Zone.Identifier:$DATA 26

looks safe to delete. so just proceed. If you get anything else, make sure you are safe to delete it before you do it.

Related posts

Apache on linux: Could not open configuration file Permission denied

January 2nd, 2014

I don’t do configuration every day so some things elude me. Especially when selinux is involved.

So this happened to me the other day when I setup a new web site on my server and as usual, I added a config file for it. Immediately after reloading apache, I got the Permission Denied error when reading the config file for the newly created default.conf file.

Took some googling to get to the bottom of it:

(just to confirm it’s selinux)
[root@localhost conf]# sestatus
SELinux status: enabled

[root@localhost conf]# [root@localhost sites]# ls -Z
-rw-r–r– root root root:object_r:default_t default.conf
-rw-r–r– root root root:object_r:httpd_config_t site1.conf
-rw-r–r– root root root:object_r:httpd_config_t site2.conf

[root@localhost sites]# chcon -t httpd_config_t default.conf

[root@localhost sites]# ls -Z
-rw-r–r– root root root:object_r:httpd_config_t default.conf
-rw-r–r– root root root:object_r:httpd_config_t site1.conf
-rw-r–r– root root root:object_r:httpd_config_t site2.conf

Same goes on the site folders and files.

And it’s all good now. I’ll probably make some script to create these things automatically so I won’t have to deal with these issues every other year when I decide to put up a new site.

Related posts

CentOS modulez.cgz

January 2nd, 2014

So I was trying to install startech 1 port PCI Express eSATA II Controller Card in one of my linux servers and according to the included readme/manual, one would do:
modules.cgz | gunzip | cpio -ivH crc
as one of the first steps to copy out the proper files for the current kernel.
Unfortunately, there are a few issues with the zip file you download from their site:
1. – the executable files are not executable (the bit is not set) so one must chmod +x on them
2. – the command above fails with
-bash: modules.cgz: command not found

So after googling a bit, I found that one should do:
gunzip < modules.cgz | cpio -ivH crc

That takes care of that issue.

The next problem I bumped into was that the "copy the modules.cgz to a destination directory" instruction was not clear enough. We're not talking about any destinations here.
The problem started from the insmod call, which would report that
insmod: can't read 'si3531r5': No such file or directory
same for
insmod: can't read 'si3531r5.ko': No such file or directory
even when copying into
/lib/modules/`uname -r`/kernel/drivers/scsi/
which seemed the logical thing to do

Then it hit me: there's a list of modules that are loaded, which was not updated.
so I
echo kernel/drivers/scsi/si3531r5.ko >>/lib/modules/`uname -r`/modules.dep
and then
depmod -a

and finally, I did
modprobe si3531r5
which, obviously, failed:
FATAL: Error inserting si3531r5 (/lib/modules/2.6.32-358.11.1.el6.x86_64/kernel/drivers/scsi/si3531r5.ko): Invalid module format

so I hit dmesg which shows:
si3531r5: version magic ’2.6.9-22.ELsmp SMP gcc-3.4′ should be ’2.6.32-358.11.1.el6.x86_64 SMP mod_unload modversions ‘

Trying to find sources for the driver in order to recompile it, failed. Nothing, nowhere.

So, it is time to appeal to their technical support. Hopefully, it will be a positive experience.

Related posts