Total Pageviews

Sunday, August 06, 2023

QNAP Webinterface funktioniert plötzlich (oder nach Firmware Update) nicht mehr

Ich hatte vor kurzem das Problem, das auf meinem betagten QNAP TS-569 Pro das Webinterface per https nicht mehr erreichbar war.

Es kam der Fehler "503 - Service Unavailable".

Da ich die Anmeldung bzw. den Aufruf des Webinterface nur per SSL zugelassen hatte, konnte ich nicht mehr die Variante ohne SSL auf Port 8080 probieren, da dort der http Service ja von mir generell abgeschaltet wurde.

Per QFinder war das NAS aber noch auffindbar und auch der SSH Zugriff funktionierte problemlos. Dies ermöglichte es mir auch, den Fehler zu beheben.

Ich habe mich per SSH am QNAP als Admin angemeldet und dann die folgenden Befehle ausgeführt:

 setcfg system "Force SSL" 0  
 setcfg system "Web Access Port" 8080  

und danach dann den Apache neu gestartet mit:

 /etc/init.d/thttpd.sh restart  

Anschließend konnte ich mich per http auf Port 8080 anmelden und auch die https Variante funktionierte wieder.

Ggfs. kann beim setcfg noch folgender Befehl helfen:

 setcfg system "Lan Access" "TRUE"  

That's it!

 

Monday, December 05, 2022

intelliMove - New version of my Android "Keep screen on" app now available in Google Play Store

Almost 7 years after I did the latest update of my app "intelliMove" I decided to update and polish the app. Get rid of old and deprecated stuff and do a little facelift.

The app is available on Google Play using this URL: https://play.google.com/store/apps/details?id=de.qu.android.intellimove&hl=en

Short description of the app

intelliMove controls, whether the screen of your device should go off or stays on by detecting if the device is in use. It is a so called "screen on" tool. It's simply bothering, when you are looking at your device (without touching it) and the screen goes off after reaching the display timeout.

How does keep screen on works?

It works by examining the angle in which the device is being used (or hold). If the device is within a specified range (configured via preferences) the screen will not go off, because intelliMove assumes the device is in use. intelliMove comes with predefined orientation ranges for different device types (e. g. tablet or smartphone) so that a range configuration is usually not necessary. intelliMove keeps the screen on when you need it!

Furthermore, it is optionally possible to add a face detection using the device front camera. This feature only gets activated, when the device is out of configured orientation range and tries to determine, whether someone is looking at the device.

What else can intelliMove do?

intelliMove can extend the battery life of your device. Because intelliMove detects when the device is not in use the screen timeout value can be set to the minimal value (e.g. 15 seconds).

In case the device isn't used anymore, the screen goes off after the minimal configured timeout and not after waiting 2 minutes (or whatever long value is configured in settings)

The display is the biggest battery consumer of the device and drains the battery the most ... intelliMove can help to reduce those massive drains!

What else?

Well, intelliMove is able to detect if the phone was put into a pocket and turns off the screen when this gesture was detected. There are a few more gestures that intelliMove can detect.

Many of the so called "Screen On" apps work by using the front camera. intelliMove only uses the front camera if this feature was activated (to be honest it is still experimental). Using the camera consumes more battery than using the sensors of the phone. intelliMove uses the sensors of your phone to detect if the phone is in use.

Pricing

I have decided to introduce a subscription model for this app. Implementing this app is very time consuming and I have to test it on multiple devices. Please understand this. There is a basic and a premium subscription model. Please support the further development of this app!

The app runs in a 7 day trial period so it can be tested extensively. There are a lot of devices out there, and I can not test the app on each and every one of it.

Requirements

I hope you like the app and feel free to test it. I am also glad about any feedback you provide. The app should run on almost any modern device (phone, tablet). Android 7 is the minimum requirement.

Sunday, October 09, 2022

Automatischer Neustart bei Samsung Handys funktioniert nicht - Hier die (simple) Lösung

Seitdem ich ein Samsung A52 besitze, habe ich mit der Funktion "Automatischer Neustart zu festen Zeiten" gekämpft.

Ich habe diesen Punkt aktiviert, damit das Handy regelmässig mal neu gestartet wird um Arbeitsspeicher freizugeben und Hintergrundaktivitäten zu beenden die evtl. noch unnütz laufen.

Leider hat der Neustart NIE geklappt. Wenn man unter "Akku -> Wartungsbericht" nachschaut, stand dort immer unter "Letzter automatischer Neustart" der Wert "Nie".

Die Lösung habe ich nach langem Suchen in diesem Forumseintrag gefunden.

Damit das Ganze definitiv funktioniert, muss die SIM Kartensperre deaktiviert werden.

Also unter "Andere Sicherheitseinstellungen" den Punkt "SIM-Sperre einrichten" anwählen und dort die Option "Sperren der SIM-Karte" deaktivieren. Und schwupps klappt es auch mit dem Neustart.

Friday, September 01, 2017

Howto exclude files from git without committing changes to .gitignore

Long time, no post ;-)

There are sometimes use cases where you don't want to change the .gitignore file.

You want to keep your local modifications just on your local box but you don't want a git pull command to change those modifications.

The file .git/info/exclude allows you to ignore files from being staged. It's some sort of own personal .gitignore file, which no other can see or touch. See this blog posting for more details.

Monday, August 10, 2015

VirtualBox: Running Samba inside CentOS 7 guest and expose Samba shares to running Windows host

This was a problem puzzling me a complete day. My environment is as follows:
  • Running Windows 7 (64 Bit)
  • Using VirtualBox 5 to run CentOS 7 as Linux guest
I was looking for a solution to create a Samba share inside the CentOS guest, so I am able to access folders in the running CentOS guest from my Windows 7 host system.

I configured VirtualBox to use two network adapters (NAT and Host-Only).

I installed Samba on the CentOS guest and configured it as a Standalone Server. I created a Samba share called "data". See the full smb.conf here, the Samba share is defined at the end of the file:

 [global]  
      workgroup = WORKGROUP  
      server string = Samba Server Version %v  
      dns proxy = no  
      # log files split per-machine:  
      log file = /var/log/samba/log.%m  
      # maximum size of 50KB per log file, then rotate:  
      max log size = 50  
      security = user  
      passdb backend = tdbsam  
      load printers = yes  
      cups options = raw  
      server role = standalone server  
      encrypt passwords = true  
      guest ok = yes  
      usershare allow guests = yes  
      obey pam restrictions = yes  
      unix password sync = yes  
      passwd program = /usr/bin/passwd %u  
      passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .  
      pam password change = yes  
      map to guest = bad user  
 #============================ Share Definitions ==============================  
 [homes]  
      comment = Home Directories  
      browseable = no  
      writable = yes  
 ;     valid users = %S  
 ;     valid users = MYDOMAIN\%S  
 [printers]  
      comment = All Printers  
      path = /var/spool/samba  
      browseable = no  
      guest ok = no  
      writable = no  
      printable = yes  
 [data]  
      comment = Data Folder  
      path = /data  
      guest ok = yes  
      browseable = yes  
      create mask = 0777  
      directory mask = 0777  
      writable = yes  
      force create mode = 777  
      force directory mode = 777  
      force security mode = 777  
      force directory security mode = 777  

This Samba configuration works in an Ubuntu 14.04. VirtualBox guest OS perfectly. But no matter what I did, this configuration did not work in CentOS. I always got a "Permission denied" error when I tried to access the Samba share from the Windows host using

\\centos-guest\data\

Well it turned out, that the problem was a running firewall AND SELinux (Security-Enhanced Linux). To disable both do the following steps in CentOS:
  1. systemctl stop firewalld
  2. systemctl disalbe firewalld
  3. vi /etc/selinux/config

 # This file controls the state of SELinux on the system.  
 # SELINUX= can take one of these three values:  
 #   enforcing - SELinux security policy is enforced.  
 #   permissive - SELinux prints warnings instead of enforcing.  
 #   disabled - No SELinux policy is loaded.  
 SELINUX=disabled  
 # change  
 # SELINUXTYPE= can take one of these two values:  
 #   targeted - Targeted processes are protected,  
 #   minimum - Modification of targeted policy. Only selected processes are protected.  
 #   mls - Multi Level Security protection.  
 SELINUXTYPE=targeted  

After this, reboot the guest OS and you can access the samba shares of your CentOS guest on your Windows host.

But be warned, you disabled the firewall on your Linux guest OS!
If this is not what you want, you should find an alternative approach.

Saturday, June 14, 2014

Create and import a MySQL dump

Dumping a MySQL database is that simple:

 /path/to/mysqldump -u$DBUSER -p$DBPASSWD -h$DBHOST $DBNAME > $FILENAME  

Importing the dump back into a MySQL DB looks like this:

 /path/to/mysql -u $DBUSER -p$DBPASSWD --database=$DBNAME < $FILENAME  

If the database to import is encoded with UTF8 it might be necessary to use the option
--default_character_set

 /path/to/mysql -u $DBUSER -p$DBPASSWD --default_character_set utf8 --database=$DBNAME < $FILENAME  

Tuesday, June 10, 2014

How to get module name and application name in Java EE applications

It's been a long time since my last blog post, but here is an update :-)

For those of you who always wanted to get the name of the application or the module at runtime in a Java EE application, here is a solution:

 @Resource(lookup="java:module/ModuleName")  
 private String moduleName;

 @Resource(lookup="java:app/AppName")  
 private String applicationName;  

It's been there since Java EE 6 and it's easy and portable!

There is also the opportunity to get those names via JNDI lookup

 String myModuleName = (String) initialContext.lookup("java:module/ModuleName");  
 String myApplicationName = (String) initialContext.lookup("java:app/AppName");  

If you don't need the names in a field but just in a single method this is the way to go.

The default module name is the base name of an ejb-jar or WAR archive.
The default application name is the base name of an EAR archive.

Saturday, February 01, 2014

Solution for “Certificate has expired” in log when starting Glassfish 3.1.2

Since a few weeks my GlassFish installation produces an annoying message whenever it gets started. The message looks like this one posted on stackoverflow:


   ...  
    [exec]  
    [exec] [#|2013-08-15T08:57:42.106+0200|INFO|glassfish3.1.2|javax.enterprise.system.core.com.sun.enterprise.v3.services.impl|_ThreadID=39;_ThreadName=Thread-2;|Grizzly  
 Framework 1.9.50 started in: 16ms - bound to [0.0.0.0:1307 6]|#]  
    [exec]  
    [exec] [#|2013-08-15T08:57:42.262+0200|INFO|glassfish3.1.2|javax.enterprise.system.core.com.sun.enterprise.v3.server|_ThreadID=1;_ThreadName=Thread-2;|GlassFish  
 Server Open Source Edition 3.1.2.2 (5) startup time : Felix (1'1  
 23ms), startup services(609ms), total(1'732ms)|#]  
    [exec]  
    [exec] [#|2013-08-15T08:57:42.309+0200|SEVERE|glassfish3.1.2|javax.enterprise.system.ssl.security.com.sun.enterprise.security.ssl.impl|_ThreadID=40;_ThreadName=Thread-2;|SEC5054:  
 Certificate has expired: [  
    [exec] [  
    [exec]  Version: V3  
    [exec]  Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US  
    [exec]  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5  
    [exec]  
    [exec]  Key: Sun RSA public key, 2048 bits  
    [exec]  modulus: 237418898293472616608124373663877543854434319738611148654904141538840503317458119685231168476255701465927369352097185652960533868421359855348631579831288127741629980536737464707822524076734022381468699944387  
 29551246768368782318393878374421033907597162218758024581735139682087126982809511479059100617027892880227587855877479432885604404402435662802390484099065871430585284534529627347717530352189612077130606642676951640071336717026459037  
 542552927905851171460589361570392199748753414855675665635003335769915908187224347232807336022456537328962095005323382940080676931822787496212635993279098588863972868266229522169377  
    [exec]  public exponent: 65537  
    [exec]  Validity: [From: Fri Aug 14 16:50:00 CEST 1998,  
    [exec]        To: Thu Aug 15 01:59:00 CEST 2013]  
    [exec]  Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US  
    [exec]  SerialNumber: [  01b6]  
    [exec]  
    [exec] Certificate Extensions: 4  
    [exec] [1]: ObjectId: 2.5.29.19 Criticality=true  
    [exec] BasicConstraints:[  
    [exec]  CA:true  
    [exec]  PathLen:5  
    [exec] ]  
    [exec]  
    [exec] [2]: ObjectId: 2.5.29.32 Criticality=false  
    [exec] CertificatePolicies [  
    [exec]  [CertificatePolicyId: [1.2.840.113763.1.2.1.3]  
    [exec] [] ]  
    [exec] ]  
    [exec]  
    [exec] [3]: ObjectId: 2.5.29.15 Criticality=true  
    [exec] KeyUsage [  
    [exec]  Key_CertSign  
    [exec]  Crl_Sign  
    [exec] ]  
    [exec]  
    [exec] [4]: ObjectId: 2.5.29.14 Criticality=false  
    [exec] SubjectKeyIdentifier [  
    [exec] KeyIdentifier [  
    [exec] 0000: 76 0A 49 21 38 4C 9F DE  F8 C4 49 C7 71 71 91 9D v.I!8L....I.qq..  
    [exec] ]  
    [exec] ]  
    [exec]  
    [exec] ]  
    [exec]  Algorithm: [SHA1withRSA]  
    [exec]  Signature:  
    [exec] 0000: 41 3A D4 18 5B DA B8 DE  21 1C E1 8E 09 E5 F1 68 A:..[...!......h  
    [exec] 0010: 34 FF DE 96 F4 07 F5 A7  3C F3 AC 4A B1 9B FA 92 4.......<..J....  
    [exec] 0020: FA 9B ED E6 32 21 AA 4A  76 C5 DC 4F 38 E5 DF D5 ....2!.Jv..O8...  
    [exec] 0030: 86 E4 D5 C8 76 7D 98 D7  B1 CD 8F 4D B5 91 23 6C ....v......M..#l  
    [exec] 0040: 8B 8A EB EA 7C EF 14 94  C4 C6 F0 1F 4A 2D 32 71 ............J-2q  
    [exec] 0050: 63 2B 63 91 26 02 09 B6  80 1D ED E2 CC B8 7F DB c+c.&...........  
    [exec] 0060: 87 63 C8 E1 D0 6C 26 B1  35 1D 40 66 10 1B CD 95 .c...l&.5.@f....  
    [exec] 0070: 54 18 33 61 EC 13 4F DA  13 F7 99 AF 3E D0 CF 8E T.3a..O.....>...  
    [exec] 0080: A6 72 A2 B3 C3 05 9A C9  27 7D 92 CC 7E 52 8D B3 .r......'....R..  
    [exec] 0090: AB 70 6D 9E 89 9F 4D EB  1A 75 C2 98 AA D5 02 16 .pm...M..u......  
    [exec] 00A0: D7 0C 8A BF 25 E4 EB 2D  BC 98 E9 58 38 19 7C B9 ....%..-...X8...  
    [exec] 00B0: 37 FE DB E2 99 08 73 06  C7 97 83 6A 7D 10 01 2F 7.....s....j.../  
    [exec] 00C0: 32 B9 17 05 4A 65 E6 2F  CE BE 5E 53 A6 82 E9 9A 2...Je./..^S....  
    [exec] 00D0: 53 0A 84 74 2D 83 CA C8  94 16 76 5F 94 61 28 F0 S..t-.....v_.a(.  
    [exec] 00E0: 85 A7 39 BB D7 8B D9 A8  B2 13 1D 54 09 34 24 7D ..9........T.4$.  
    [exec] 00F0: 20 81 7D 66 7E A2 90 74  5C 10 C6 BD EC AB 1B C2  ..f...t\.......  
    [exec]  
    [exec] ]|#] ...  

There is a simple solution for it. 

Just remove the certificate from the GlassFish keystore. Here is just a simple example used with GlassFish on my Windows developer box. It is slightly different when using a clustered GlassFish.
  1. Open a DOS command shell
  2. Go to the directory $GLASSFISH_INSTALL/glassfish/domains/domain1/config
  3. Type in the following command and execute it
  4.  keytool -delete -alias gtecybertrust5ca -keystore cacerts.jks  
    
  5. In some cases you have to provide a password for the keystore. If you did not change that, it is the default GlassFish keystore password 'changeit'.
  6. You can verify whether the alias was deleted by executing the following command in a DOS shell
  7.  keytool -list -keystore cacerts.jks > keytool.output 
    
  8. Opening the file keytool.output in an editor and doing a search for gtecybertrust5ca should yield an empty result set.

Saturday, January 25, 2014

How to install Couch DB 1.5 on Ubuntu

A recent task I had to do on my home Ubuntu Linux box running 12.04. LTS was to install CouchDB. I needed it because I wanted to use ACRA as remote error reporting tool for Android Apps. Acra is completely open source (hosted on GitHub) and an incredible cool tool started by Kevin Gaudin.

I used to try it out using Iris Couch but it turns out for me that Iris Couch using the free of charge account is painful slow. Thus I decided to host my own CouchDB at home.

The Ubuntu repositories doesn't host an up to date version of Couch DB. I tried it using apt-get and got CouchDB version 1.0.1. This was not a viable choice, because I wanted to use the replicate function of CouchDB which only is available on version higher than 1.2.

I found a pretty good step by step guide in the Apache CouchDB wiki.
To sum it up:

I installed it by compiling it from source

using the following steps.

  1. Download CouchDB 1.5 sources
  2. Create a user and a group with name 'couchdb'. This is very important. Don't compile and install it with user 'root'. If you do it with root, CouchDB will not start nor write any error messages to any log file, because CouchDB will start under user 'couchdb' but all installed files and folders don't allow read or write access for any other user than 'root'. If you have compiled and installed it with user 'root' you have to adjust the permissions and owner rights of various files and folders by yourself. I have to admit that I did it with user 'root' the first time and it took me two hours to search for the causes and correct everything. So be warned ;-)
  3. Install at least the following packages.
  4.  sudo apt-get install -y g++  
     sudo apt-get install -y erlang-dev erlang-manpages erlang-base-hipe erlang-eunit erlang-nox erlang-xmerl erlang-inets  
     sudo apt-get install -y libmozjs185-dev libicu-dev libcurl4-gnutls-dev libtool  
    
  5. Extract and compile CouchDB using default installation directory /usr/local. You can change it by using a different --prefix when calling configure. Check manual.
  6.  cd /tmp && tar xvzf apache-couchdb-1.5.0.tar.gz  
     cd apache-couchdb-*  
     ./configure && make  
    
  7. Install CouchDB. CouchDB installs into /usr/local
  8.  sudo make install  
    
  9. Sometimes it's necessary to remove old stuff from ubuntu packages. This was not necessary in my case. But you can do the following:
  10.  sudo rm /etc/logrotate.d/couchdb /etc/init.d/couchdb  
    
  11. Install init scripts and logrotate
  12.  sudo ln -s /usr/local/etc/logrotate.d/couchdb /etc/logrotate.d/couchdb  
     sudo ln -s /usr/local/etc/init.d/couchdb /etc/init.d  
     sudo update-rc.d couchdb defaults  
    
  13. Verify that CouchDB is running
  14.  curl http://127.0.0.1:5984/  
    
    It should give you an output like this:
     {"couchdb":"Welcome","uuid":"5a23983ac768251e1c8d413bb52e67b5","version":"1.5.0","vendor":{"version":"1.5.0","name":"The Apache Software Foundation"}}  
    
  15. With this setup, CouchDB only listens on localhost (127.0.0.1). If you want CouchDB to listen on all interfaces and access it externally you have to configure it in /usr/local/etc/couchdb/local.ini
    Just look for the [httpd] section and uncomment the line starting with 'bind_address' and replace 127.0.0.1 with 0.0.0.0
  16.  [httpd]  
     ;port = 5984  
     bind_address = 0.0.0.0  
    
  17. Now restart CouchDB and you are done.
  18.  /etc/init.d/couchdb restart  
    
You are also able to install a CouchDB version built by source alongside the default Ubuntu package. Check out the step by step guide mentioned above to look how this is being achieved.

Thursday, January 02, 2014

Upgrading to Maven 3.1.1 caused Jenkins Maven Job to fail

After upgrading Maven on my Jenkins CI build server to version 3.1.1 (because the android-maven-plugin version 3.8.2 needs it) I encountered  problems with my Maven build jobs in Jenkins (version 1.544).
The error message looks something like this:

 ERROR: Failed to parse POMs  
 ...  
 ...  
 ...  
 Caused by: java.lang.ClassNotFoundException: org.apache.maven.cli.MavenLoggerManager  
      at org.codehaus.plexus.classworlds.strategy.SelfFirstStrategy.loadClass(SelfFirstStrategy.java:50)  
      at org.codehaus.plexus.classworlds.realm.ClassRealm.unsynchronizedLoadClass(ClassRealm.java:259)  
      at org.codehaus.plexus.classworlds.realm.ClassRealm.loadClass(ClassRealm.java:235)  
      at org.codehaus.plexus.classworlds.realm.ClassRealm.loadClass(ClassRealm.java:227)  
      ... 18 more  

Googling around it seems someone else faced the same problem already. He also mentioned Jenkins issue JENKINS-15935 referring to that exact problem.
The solution is to update the Maven Project Plugin in Jenkins because the issue is fixed in Jenkins 1.509.
As of version 2.0 of the plugin, it is released separately but still bundled with Jenkins. Though, it might be the case, that the newest version of the plugin isn't bundled always with the jenkins release.