0xStubs

System Administration, Reconfigurable Computing and Other Random Topics

Prevent autostart of Android File Transfer on macOS

Android File Transfer (let’s call it AFT) is a handy tool to transfer files from and to an Android device when using a Mac. This software has an annoying habit though: It automatically starts when an Android device is plugged in. Since on most modern Android devices, the user has to give permission to access files after connecting it to a PC, it opens up just to confront the user with an error message.

Read More

Debugging a flaky cpu steal time counter on a paravirtualized Xen guest

I recently noticed a strange phenomenon on a Debian Stretch server running as a paravirtualized guest on a Xen host: top showed the CPU either be 100% idle or 100% stolen. User, system, nice and waiting times were stuck at 0%. I cross-checked with vmstat and it showed 0% for all cpu time counters. Both tools are getting their information from /proc/stat which looked like the following:

cpu 5322 0 4376 12720669 37879 0 59 1198368772563 0 0
cpu0 5322 0 4376 12720669 37879 0 59 1198368772563 0 0
...

The third to last value is the steal time, denoting “stolen time, which is the time spent in other operating systems when running in a virtualized environment” [procfs(5)]. This value looked way too high and, in particular, it was counting backwards. So, if I wanted to put this system into production, some debugging was required before…

Read More

Pitfalls when running a mail server

When running a mail server, some basic rules have to be followed, e.g. ensuring that the server does not operate as an open relay. These rules are nowadays well known and the default configuration provided with MTA software typically avoids these “big no-nos”. Still, there are many pitfalls when configuring a mail server. In this post I want to share some of those pitfalls that I stumbled across in the last years myself.

Read More

Migrating from ownCloud 9.1.6 to Nextcloud 10

If you are stuck with PHP 5.4 (e.g. because you are still running Debian Wheezy) and want to migrate from ownCloud to Nextcloud, you are probably facing a minor issue. Nextcloud 11 and newer require PHP 5.6 so you have to stick to version 10 instead. Nextcloud 10 reached its end-of-life with version 10.0.5, which internally corresponds to ownCloud version 9.1.5. The most recent version of ownCloud 9 is version 9.1.6 though, so when trying to migrate to Nextcloud you will face the following error:

Downgrading is not supported and is likely to cause unpredictable issues (from 9.1.6.2 to 9.1.5.2)

Looking at the git commits between ownCloud 9.1.5 and 9.1.6 shows that there were no changes to the database layout. So, as a workaround, you can just edit your config/config.php and set version to 9.1.5.1 or lower. Afterwards, you should be able to run the normal upgrade procedure.

Fixing Roundcube’s command execution vulnerability in Debian Wheezy

Recently a quite serious vulnerability (CVE-2016-9920) in Roundcube was reported. Until now (7th Dec) this vulnerability is unfixed in Debian’s roundcube packages (see the corresponding entry in the Debian Security Tracker).

The upstream patch is not directly applicable to version 0.7 which is used in Debian Wheezy but with a little modification it is. Following you find a corresponding patch*.
Read More

Broken calendar migration from Google to ownCloud

For some time now I run a small ownCloud instance to synchronize my contacts and calendars across different devices. When another person tried to migrate his Google calendars to this instance there was an issue though. The .ics files exported from Google contained invalid entries that were copied into ownCloud’s database and broke synchronization with 3rd party applications like Thunderbird’s Lightning extension.

Read More

How systemd-timesyncd handles leap seconds

This night we get another leap second, meaning that the last second of today is not 23:59:59 but 23:59:60 instead. The last time this happened was on June 30, 2012 and lead to issues on several servers due to bugs in the Linux kernel. Since then these bugs were fixed and also methods of hiding the leap second altogether were implemented. Here you can find a good overview over different configurations of kernel, ntpd and tzdata and how a leap second will be handled using these configurations. What is missing here is how a setup using systemd-timesyncd instead of ntpd will handle this situation.
Read More