Category: Operating systems

Installing splunk on FreeBSD 10

Acquire software
First, register an account [splunk.com] on the splunk website to get access to the downloads. When logged in with your freshly verified account, go to the download page [splunk.com] for the enterprise version.

Download the package named “FreeBSD<n>” (at the time writing these instructions, <n> = 7). Easiest is to cancel the “Save file…” dialogue and instead go with the “Got wget? Get this URL” approach.

Use the URL to download the software package on your FreeBSD 10 server.

Configure FreeBSD
Add some configuration to the boot loader:

sysctl -a | egrep "kern.maxdsiz|kern.dfldsiz" | sed 's/: /="/' | awk '{print $0"\""}' >> /boot/loader.conf
echo "machdep.hlt_cpus=0" >> /boot/loader.conf

Reboot server for changes to take affect.

Install and start software
Uncompress the package contents in /opt:

mkdir /opt
tar zxvf splunk-*.tgz -C /opt
/opt/splunk/bin/splunk enable boot-start
service splunk start

Configure syslog
The standard syslog daemon in FreeBSD listens on UDP port 514 by default. We want splunk to take care of that, so to disable lets disable it by adding the syslogd flag -ss in /etc/rc.conf and restart the daemon.

echo 'syslogd_flags="-ss"' >> /etc/rc.conf
service syslogd restart

Configure
Let’s configure splunk to listen for remote logging on UDP port 514 instead for remote clients.

/opt/splunk/bin/splunk add udp -source 514 -sourcetype syslog -resolvehost true

Locally on the server, we should monitor /var/log.

/opt/splunk/bin/splunk add monitor /var/log

Now you have a working instance of Splunk! What is left todo is configure your clients to use it as a remote logging server… that is however out of the scope of these instructions.

Change to free license
With the free enterprise download (needed for the FreeBSD version), you received a trial license for 60 days. For home usage, you can just remove the trial license straight away and save you the hassle down the road in 60 days.

/opt/splunk/bin/splunk edit licenser-groups Free -is_active 1
service splunk restart

Installing Ubuntu on Dell XPS 13

Today I got my new Dell XPS 13. Being an Macbook user for the past 5-6 years, this was quite exciting for me; I finally got to run Linux on the desktop again!

So, I created the USB installation stick in Windows and booted to the Live system.

First “bump” was the Dell Wireless network interface that the laptop came with. It’s a Broadcom BCM4352 chip which has a properitary driver.

root@ubuntu:~# lspci -v | grep -i bcm
02:00.0 Network controller: Broadcom Corporation BCM4352 802.11ac Wireless Network Adapter (rev 03)

The required packages is included on the USB installation stick, so it’s just a matter of installing them (this would have to be repeated once booting into the freshly installed system):

sudo dpkg -i /cdrom/pool/main/d/dkms/dkms_2.2.0.3-2ubuntu3_all.deb
sudo dpkg -i /cdrom/pool/restricted/b/bcmwl/bcmwl-kernel-source_6.30.223.248+bdcom-0ubuntu2_amd64.deb

After the installation and restarting the laptop it couldn’t find any bootable devices(!). Reading the release notes, this is a known problem. The bug 1499323 has a workaround.

To enable palm detection, which should have a similar effect as above:

sudo apt-get install xserver-xorg-input-libinput

Then create /etc/X11/xorg.conf.d/99-libinput.conf:

Section "InputClass"
    Identifier "libinput"
    Driver "libinput"
    MatchDevicePath "/dev/input/event*"
    MatchIsTouchpad "true"
    Option "Tapping" "true"
    Option "TappingDragLock" "true"
    Option "ClickMethod" "none"
    Option "NaturalScrolling" "false"
EndSection

The above settings should make the touchpad behave “similar” to an Apple touchpad.

To improve battery life you can install TLP:

TLP brings you the benefits of advanced power management for Linux without the need to understand every technical detail. TLP comes with a default configuration already optimized for battery life, so you may just install and forget it. Nevertheless TLP is highly customizable to fulfil your specific requirements.

As of 15.10, tlp is part of the official repositories, if you’re running an earlier release:

sudo add-apt-repository ppa:linrunner/tlp

It is easy as:

sudo apt-get update
sudo apt-get install tlp tlp-rdw gsmartcontrol smart-notifier

Bluetooth does not work out-of-the box. To get it working, we need a firmware file from the Windows driver. Good guy hg8 has it available on github.com for us.

wget https://github.com/hg8/bluetooth-firmware-XPS13-9343/blob/master/BCM20702A0-0a5c-216f.hcd
sudo mv BCM20702A0-0a5c-216f.hcd /lib/firmware/brcm/
sudo ln -s /lib/firmware/brcm/BCM20702A0-0a5c-216f.hcd /lib/firmware/brcm/BCM20702A1-0a5c-216f.hcd

Change the bluetooth device name with:

sudo -i
echo "PRETTY_HOSTNAME=$HOSTNAME" > /etc/machine-name
systemctl restart bluetooth.service

Additional resources:

Building the Darwin Streaming Server in Ubuntu

Me and a colleague tried building the Darwin Streaming server on Ubuntu Server 13.10 with the help of this guide [instructables.com].

It did not go as well as we were hoping due to build errors. After some troubleshooting (all credit goes to my colleague), it turned out that the linking of libraries was not done recursively. So even though the correct libraries was included in LDFLAGS it wouldn’t work.

With the following two changes, we got rid of the build errors:

$ cd lstoll*
$ find . -name "Makefile.*" -exec sed -i 's/-lQTFileExternalLib/-lQTFileExternalLib -lpthread/' {} \;
$ sed -i 's/-lQTFileLib/-lQTFileLib -ldl/' Makefile.POSIX

Installing Ubuntu on a Macbook Air (late 2010, 3.1)

I was craving running Linux on the desktop again, and the netbook I had lying around did not have proper support for the graphics card. This resulted in Unity not being that smooth, and the LVMPIPE mode really sucked.

So, I did something “drastic” and removed Mac OS X and installed Ubuntu 13.04 instead.

The Macbook Air (late 2010) has a Nvidia GeForce 320M graphics card and there is proprietary drivers for it. However, these does not work in EFI mode and by default Ubuntu is installed in EFI mode. I read some guides on how to convert the GPT partition table before installing, men turned out that it was still a GPT partition table after the installation finished. Therefor I had to convert it after the installation, following these [ubuntu.com] instructions. After converting to legacy BIOS, I installed the proprietary Nvidia drivers.

Other than the official tips in the Ubuntu community documentation [ubuntu.com], I also made the following changes to get the keyboard to work as similar as in Mac OS X (Settings, Keyboard Layout, Options):

  • Win keys (and the usual ctrl): To use cmd + c/v to copy, paste etc.
  • Key to choose 3rd level, Any Alt key: to get /, | and \ to work like in Mac OS X

After installing the Linux version of Spotify, I wanted the multimedia buttons on the keyboard to control Spotify. I found the following information [mabishu.com] that Spotify had built in support for dbus, så it was just a matter of writing a small script:

#!/usr/bin/env bash
dbus-send --print-reply --dest=org.mpris.MediaPlayer2.spotify /org/mpris/MediaPlayer2 org.mpris.MediaPlayer2.Player.$1

Then you’d have to create keyboard shortcuts for Audio Play (argument “PlayPause”), Audio next (argument “Next”) and Audio previous (argument “Previous”) which would execute the script.

I really hate Windows (Unable to start Group Policy Client)

I’m sitting and installing updates on my girlfriends Windows 7 laptop. After the installation is finished and the computer restarts the first time; enter blue screen of death. Fair enough, it is what windows does. I restart it a second time and it boots without problem, except that it is not possible to login with any user that does not have administrator privileges. I spend the whole evening trying to find a solution for the problem, without any initial success.

Gave it another shot the day after, searching for solutions, and I actually found one! I’d say it looks a bit magical, but it works. However, it says a lot about windows and specially the windows register!

  1. Open regedit
  2. Find HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services. This path must contain a key with the name gpsvc, in my case it was intact, but double check that it truly exist. If it does not exist, you might get some guidance here [batcmd.com]
  3. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost, this is the most important path since it must contain the keys and values in step 2.
  4. Make sure that the key above has a multi-string key that is named GPSvcGroup where the value is GPSvc
  5. Make sure that the key in step 3 has a sub-key named GPSvcGroup
  6. This key should have two DWORD (32-bit) values:
  • AuthenticationCapabilities with the value 0x00003020 (12320 decimal)
  • CoInitializeSecurityParam with the value 1

When above steps are finished, just reboot the computer and hopefully you’ll be able to login with non-administrator users again.

A big thank you to SQL-ER [microsoft.com] on the Windows 7 technet forum [microsoft.com] that provided the fix.