Category Archives: Uncategorized

Mounting an encrypted zfs filesystem

Posted on by
Reply

I got a new SSD and did a fresh Ubuntu 23.04 install. What I usually do, is connecting the old disk via USB and copy data over from the old disk to the new SSD.

But my old disk used encrypted ZFS. It took me some time to figure out how to mount that that so here’s what I did.

The old disk gets detected as /dev/sda . There are 2 pools, rpool and bpool in my case. rpool is the one that contains my home directory and also the root directory. Let’s import that pool:

# zpool import -f rpool
# zpool list
NAME    SIZE  ALLOC   FREE  CKPOINT  EXPANDSZ   FRAG    CAP  DEDUP    HEALTH  ALTROOT
rpool  1.81T  1.29T   536G        -         -    21%    71%  1.00x    ONLINE  -

After the pool import, there is now the LUKS encrypted keystore available under /dev/zvol/rpool/keystore . That keystore does contain the ZFS key for encrypting/decrypting. so let’s luksOpen that one:

# cryptsetup open /dev/zvol/rpool/keystore rpool-keystore
Enter passphrase for /dev/zvol/rpool/keystore: 
MY_SUPER_SECRET_PASSPHRASE

And now the newly created mapper device for the opened crypt device:

# mount /dev/mapper/rpool-keystore /mnt/
# ls /mnt/
lost+found  system.key

So system.key is there. Let’s load it so ZFS can use it and clean up:

# cat /mnt/system.key | sudo zfs load-key -L prompt rpool
# umount /mnt
# cryptsetup close rpool-keystore

With zfs list the different datasets can be listed. To mount the /home/$USERNAME database, find the right one, change the mountpoint and mount it (/mnt/home-myuser must be created before):

# zfs list|grep home
rpool/USERDATA/myuser_xq8e3k                                                                        1.22T   478G      986G  /home/myuser
# zfs set mountpoint=/mnt/home-myuser rpool/USERDATA/myuser_xq8e3k
# zfs mount rpool/USERDATA/myuser_xq8e3k
ls /mnt/home-myuser  # this should show the files from your home now

That’s it. The last steps can be repeated to mount any other ZFS dataset (eg. the one for /)

Share GTK application windows within google meet under Wayland

Posted on by
Reply

Trying to share a GTK application window with https://meet.google.com/ might not work if you run under a Wayland session.

A workaround is to run a GTK application under XWayland:

GDK_BACKEND=x11 gedit

Now gedit can be shared within google meet.

If you want to share a gnome-terminal window, things are a bit more complicated. gnome-terminal has a client/server architecture so gnome-terminal-server needs to run with the x11 backend.

mkdir -p ~/.config/systemd/user/gnome-terminal-server.service.d/
cat <<EOF > ~/.config/systemd/user/gnome-terminal-server.service.d/override.conf
[Service]
Environment=GDK_BACKEND=x11
EOF
systemctl --user daemon-reload
systemctl --user restart gnome-terminal-server

The last command will kill all your terminals!

Now you can share your gnome-terminal windows again!

Improved python packaging for openSUSE

Posted on by
2

The standard tool to create new Python packages for openSUSE is py2pack . The tool had some open issues so I decided to spend some time during SUSE’s Hack week to improve the tool.

The main problem with py2pack was, that the metadata detection (to get Requires and BuildRequires for RPM .spec files) was error prone because it parsed the setup.py from a sdist tarball to get the needed metadata. This was failing when

  • variables are used for i.e. install_requires or extras_require
  • No install_requires are specified (i.e. because pbr together with a requirements.txt file is used)
  • the used regular expressions are not matching for various reasons

To get rid of theses problems, another way for getting the metadata was needed. And the new way is a custom distutils command . This command runs the setup.py to receive the metadata. The command can also be used standalone when py2pack is installed:

$ py2pack fetch oslo.log
$ tar xfz oslo.log-3.11.0.tar.gz 
$ cd oslo.log-3.11.0/
$ python setup.py --command-packages=py2pack get_metadata
running get_metadata
{
 "install_requires": [
 "pbr>=1.6", 
 "six>=1.9.0", 
 "oslo.config>=3.10.0", 
 "oslo.context>=2.4.0", 
 "oslo.i18n>=2.1.0", 
 "oslo.utils>=3.11.0", 
 "oslo.serialization>=1.10.0", 
 "debtcollector>=1.2.0", 
 "pyinotify>=0.9.6", 
 "python-dateutil>=2.4.2"
 ], 
 "entry_points": {
 "oslo.config.opts": [
 "oslo.log = oslo_log._options:list_opts"
 ]
 }, 
 "extras_require": {
 "fixtures": [
 "fixtures>=3.0.0 # Apache-2.0/BSD"
 ]
 }, 
 "tests_require": [
 "hacking<0.11,>=0.10.0", 
 "discover", 
 "python-subunit>=0.0.18", 
 "testrepository>=0.0.18", 
 "testscenarios>=0.4", 
 "testtools>=1.4.0", 
 "mock>=2.0", 
 "oslotest>=1.10.0", 
 "coverage>=3.6", 
 "sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2", 
 "oslosphinx!=3.4.0,>=2.5.0", 
 "reno>=1.6.2", 
 "bandit>=1.0.1"
 ]
}

And of course the command is integrated into py2pack so running:

$ py2pack generate oslo.log -f python-oslo.log.spec

generates a working .spec file. I did a new release on pypi so this work is integrated in version 0.6.3.

Happy packaging!

Installing Debian Stretch on a Cubox-i

Posted on by
5

I have a Cubox-i and these are my notes to install Debian with the standard u-boot and linux kernel from the Debian archive.

Some requirements on the host:

apt-get install qemu-user-static debootstrap

Assuming the SD-Card is available as /dev/sdb :

# define our target device (mmc card) and the directory we use
export TARGETDEV=/dev/sdb
export MNTDIR=/mnt/tmp

# clean some blocks
dd if=/dev/zero of=$TARGETDEV bs=1M count=4

# create a single partition and ext4 filesystem
echo "n
p
1

w
"|fdisk $TARGETDEV
mkfs.ext4 -L rootfs "$TARGETDEV"1

mkdir -p $MNTDIR
mount "$TARGETDEV"1 $MNTDIR
mkdir -p $MNTDIR/etc/{default,flash-kernel}
echo "SolidRun Cubox-i Dual/Quad" >> $MNTDIR/etc/flash-kernel/machine
echo 'LINUX_KERNEL_CMDLINE="root=/dev/mmcblk0p1 rootfstype=ext4 ro rootwait console=ttymxc0,115200 console=tty1"' >> $MNTDIR/etc/default/flash-kernel
echo '/dev/mmcblk0p1 / ext4 defaults,noatime 0 0' >> $MNTDIR/etc/fstab

# get and install packages via debootstrap
qemu-debootstrap --foreign  --include=ntp,ntpdate,less,u-boot,u-boot-tools,flash-kernel,linux-image-armmp,kmod,openssh-server,firmware-linux-free,bash-completion,dialog,fake-hwclock,locales,vim --arch=armhf stretch $MNTDIR http://ftp.de.debian.org/debian/

# copy u-boot files to SD-Card (and it's 69, not 42. See cuboxi README from u-boot source tree)
dd if=$MNTDIR/usr/lib/u-boot/mx6cuboxi/SPL of=$TARGETDEV bs=1K seek=1
dd if=$MNTDIR/usr/lib/u-boot/mx6cuboxi/u-boot.img of=$TARGETDEV bs=1K seek=69

# set root password
chroot $MNTDIR passwd root
# serial console
echo 'T0:23:respawn:/sbin/getty -L ttymxc0 115200 vt100' >> $MNTDIR/etc/inittab

# hostname
echo "cubox" >> $MNTDIR/etc/hostname

# network eth0
cat <<eof>> $MNTDIR/etc/network/interfaces.d/eth0
auto eth0
allow-hotplug eth0
iface eth0 inet dhcp
eof

# loopback
cat <<eof>> $MNTDIR/etc/network/interfaces.d/lo
auto lo
iface lo inet loopback
eof

umount $MNTDIR

That’s it. Insert the SD-Card, connect with Putty or minicom and yo should see a booting system and be able to login.