Flash kills my CPU. Now I kill it with a button.

I'm constantly annoyed by the jet airplane taking off noise that my computer makes as soon as I open a webpage that's chock full of Flash (weather.com?). I've taken to running top in a terminal window behind my browser and killing the offending process whenever it gets to be too much. This is a ton of fun, especially because Chrome makes those cute x_x faces in the places where the Flash is no longer.

Today it dawned on me that I could get even more savvy as a Flash killer. I could add a button to the top bar in Gnome and just kill at will. Needless to say this is wonderful.

Whenever I click the button, this is executed in a terminal:

killall -9 exe

It was as easy as right clicking and adding launcher to the menu bar:

For whatever reason, "exe" is the process name that the 64-bit Flash plugin uses on my Ubuntu 9.10 x86_64 system. If you're running the standard 32-bit plugin, your going to have nsplugin(.bin?) in the process name and this might make using killall less than awesome.

Regarding the killall instead of pkill or something else, this is just my habitual way of accomplishing a task like this. Note that regardless of how you kill flash, you are going to kill all of the Flash that is currently running in ALL of your tabs; even in Chrome. This may only apply to the actual 64-bit Flash binary, but there is a single process behind all of those little animated annoyances running around in your 50 browser tabs.

Next I'll probably get sick of clicking the button and figure out how to set a keyboard shortcut in Gnome. I'm sure it is easy, but as yet messing with keyboard shortcut bindings in Gnome hasn't passed my desire versus laziness threshold.

ssh FAIL!

The other day I was baffled. The version of ssh-keygen I was trying to use just was not giving me the results I wanted. The really strange part was that ssh-keygen -h gave completely different options than what I could find in the ssh manpage.

I checked the version and things started to get wierd:
[root@zim .ssh2]# ssh-keygen -V
ssh-keygen version , compiled Jun 7 2009.

That's right, it had no version. I'm not sure why, but it didn't. Strange things were afoot.

I spent about an hour trying to figure out how this ssh-keygen worked. I was interested to see that it generated keys in RFC 4716 format instead of the openssh key format required in ~/.ssh/authorized_keys. It couldn't produce the normal openssh format no matter what options I used.

After rpm verify didn't show me anything of interest (ssh-keygen matched what was distributed by the openssh package) I decided to see where ssh-keygen was living.

[root@zim .ssh2]# which ssh-keygen
/usr/local/bin/ssh-keygen

What's that you say? /usr/local? No RPM installed openssh binaries have any business living there.

[root@zim .ssh2]# ls -la /usr/local/bin
....
lrwxrwxrwx 1 root root 11 Jun 7 00:41 ssh-keygen -> ssh-keygen2
-rwxr-xr-x 1 root root 2041687 Jun 7 00:41 ssh-keygen2
....

How interesting. Jun 7. That was the alleged compile time from ssh-keygen -V.

I have removed those binaries from /usr/local/bin, things returned to normal, and now I'm left wondering how they got there.

Warning: DocumentRoot [/home/bugzilla/bugzilla-2.20] does not exist

Default CentOS 5.3 install.

[root@tatersalad bugzilla-2.20]# apachectl graceful
Warning: DocumentRoot [/home/bugzilla/bugzilla-2.20] does not exist
httpd: Could not reliably determine the server's fully qualified domain name, using tatersalad.loc.yoohoo.net for ServerName
httpd not running, trying to start

Found solution here: http://forums.devshed.com/apache-development-15/documentroot-does-not-exist-when-it-does-526847.html

[root@tatersalad bugzilla-2.20]# vim /etc/selinux/
config restorecond.conf semanage.conf targeted/
[root@tatersalad bugzilla-2.20]# vim /etc/selinux/config

Change SELINUX=enforcing to permissive

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=permissive
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted

Reboot. Enjoy.

Command Line Truecrypt Volume Creation

This will create a hidden volume in an outer volume on a disk device. If you haven't been playing around with Truecrypt and breaking where it will try to mount things by default, this will work fine. Otherwise, you may have to determine what the /dev/mapper/truecrypt mountpoint will be. Same goes for /dev/sd?.


Create your normal Truecrypt volume on the device. You can also do this with a disk partition; i.e., sdq1.

truecrypt -k '' -p somewhatsekrit --volume-type=normal --filesystem=none --encryption=AES --hash=RIPEMD-160 --random-source=/dev/urandom -c /dev/sdq

Mount the volume in Truecrypt so that you can format the filesystem.

truecrypt -k '' --filesystem=none --protect-hidden=no -p somewhatsekrit /dev/sdq

Format the filesystem.

mkfs.ext2 /dev/mapper/truecrypt0

Unmount the volume.

truecrypt -d /dev/sdq

Create the hidden volume with a password you don't intend to divulge. Until they start pulling fingermails, of course. Adjust your hidden volume's size according to your device's contraints. Volume size is given in bytes. fdisk -l /dev/sdq will show how many bytes are available on the device or partition.

truecrypt -k '' --volume-type=hidden -p omgverysekrit --filesystem=none --encryption=AES --hash=RIPEMD-160 --random-source=/dev/urandom -c /dev/sdq --size=50000000

Mount the volume so the filesystem can be formatted.

truecrypt -k '' --filesystem=none --protect-hidden=no -p omgverysekrit --filesystem=none /dev/sdq

Format the volume's filesystem.

mkfs.ext2 /dev/mapper/truecrypt0

Unmount the volume.

truecrypt -d /dev/sdq

Truecrypt requires keyfile values be given (-k) when creating volumes via command line, or it will prompt for them. Adding the two single-quotes (-k '') just says that there isn't a keyfile to be used. Truecrypt in command line mode also apparently won't create an ext2 filesystem, so you first have to create the volume without a filesystem, mount it with truecrypt and use mkfs (mkfs.ext2 in this case) to format the the volume.

how do you say "netdump" in chinese?

Amazing. This happens to me all the time. I perform a Google search so pertinent, relevant and fine that its like a scalpel cutting through the cruft and garbage of the Interwebz. It yields a single pebble of truth... and it's in Chinese. Fuck.

"/var/crash/magic" "No such file or directory"

*sigh*

I'm trying to get netdump installed on a server that's giving us some trouble. I'll post an update when I have the solution.

Update: Not bothering w/ netdump anymore right now.

Exchange 2007 Transport Rules Fail Mysteriously

If you're using Exchange 2007, chances are that you are going to setup some transport rules to add disclaimers to emails or prevent certain senders from sending to certain other senders. There's plenty of documentation on how to actually implement the rules, so I'm not going to get into that, but instead address an issue that appears to be undocumented.

When you create your first Transport Rules using the Management Console, one of the actions that occurs in the background is the enabling of the "Transport Rule Agent" which is what actually does the heavy lifting for you.

If you were to issue the command yourself on the Exchange Powershell:

Enable-TransportAgent -Identity "Transport Rule Agent"

You would get a warning that this action will require a restart of the Transport Service.

If your new rules are mysteriously failing, it is very likely because the Transport Service has not been restarted since the Transport Rule Agent was enabled.

First Post - Original Title

I've noticed that I seem to constantly run into little things here and there that prevent me from getting my job done. It happens to my co-workers as well and whenever these mini disasters and annoying impediments present themselves we typically say: "Drat, THWARTED AGAIN!"

Some of the answers to life thwartations involve complex technical solutions and others involve admonitions addressing the stupid, silly, lazy mistakes that can lead to being thwarted. I'll find plenty of both to post here.