Well, it seems and the Linux kernel can’t bridge dissimilar network types, which means I can’t bridge Ethernet and Firewire (workaround until I replace my NIC in my desktop because it fried, having my laptop route for my desktop).
My laptop’s IP is 192.168.2.4
My desktop’s IP is 192.168.2.2
My router’s IP is 192.168.2.1
So, the work around seems to be this…
On the laptop, with eth0 already up:
ifconfig firewire0 up 192.168.2.4
route del -net 192.168.2.0 netmask 255.255.255.0 dev firewire0
route add -host 192.168.2.2 dev firewire0
iptables -F
iptables -P FORWARD ACCEPT
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
On the desktop:
ifconfig firewire0 up 192.168.2.2
route add default gw 192.168.2.1
To make this permanent, you would edit /etc/networking/interfaces like this…
On the laptop:
auto eth0
iface eth0 inet static
address 192.168.2.4
netmask 255.255.255.0
broadcast 192.168.2.255
gateway 192.168.2.1
post-up ifconfig firewire0 down
post-up ifconfig firewire0 up 192.168.2.4
post-up route del -net 192.168.2.0 netmask 255.255.255.0 dev firewire0
post-up route add -host 192.168.2.2 dev firewire0
post-up iptables -F
post-up iptables -P FORWARD ACCEPT
post-up echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
On the desktop:
auto eth0
iface firewire0 inet static
address 192.168.2.2
netmask 255.255.255.0
broadcast 192.168.2.255
gateway 192.168.2.1
By default, the admin console can be accessed by the outside world. I prefer to have it accessible to localhost only (so I can ssh tunnel it only).
Open the admin console, and on the menu, Configuration -> Network Config -> Network Listeners -> admin-listener, and edit the IP to state 127.0.0.1, hit save, then restart Glassfish.
Sometimes you’re developing an app along with a new database schema to go with it, but you get this: Schema "null" cannot be resolved for table "XXXX".
Window -> Preferences -> Validation, JPA Validator, turn off for Build.
This probably shouldn’t be on by default anyhow, people are most likely going to build new apps from scratch than build new apps to fit old databases; and even if they do build from old, Eclipse’s JPA Tools has a build entities from tables function.
Recently I created a new virtual machine locally, and I tried to ssh into it.
[diablo@infinity ~]$ ssh tachikoma
Received disconnect from tachikoma: 2: Too many authentication
failures for diablo
[diablo@infinity ~]$
I didn’t put a key on tachikoma yet, and ssh didn’t ask me my password. It didn’t make any sense.
So, I ran the same command with -vvv and realized… its sending all my identity keys to tachikoma, and the sshd on that machine is kicking the connection due to all of them failing.
What bizarre behavior.
So I dug around in the man page for ~/.ssh/config, ssh_config and noticed I can just add…
host *
IdentitiesOnly yes
… to force ssh to only use specifically named identities which (what I’ve been doing for years, anyways) are written like this…
host some.remote.host.com
IdentityFile ~/.ssh/id_rsa_some.remote.host.com
… or something similar. With the IdentitiesOnly directive in there, it only sends specifically the identity keys I specify with IdentityFile instead of spamming all the keys I have.
I’m not sure if this is a Debian-only problem (both infinity and tachikoma are Debian machines), but even though its a security feature, its kind of annoying.
Out there, on the Internet, there is a lot of conflicting information on how to properly build a UML image on Debian. These instructions are for Debian Sid, but should work on Etch and Sarge as well. The instructions are partially based on the ones available here.
First, you want to apt-get install user-mode-linux uml-utilities bridge-utils debootstrap realpath. Then, become root either by su or sudo bash. Make an empty directory (such as ~/uml) and cd into it. Now, follow this psudeo script:
# setup environment, feel free to change DEBIAN_MIRROR to your closest mirrror, IP to an IP not already being used on your network, and GATEWAY to your LAN's gateway (not your host machine)
export TMPDIR=`pwd`"/tmp"
export IMAGE="root_fs"
export DEBIAN_MIRROR="ftp://ftp.debian.org/debian/"
export HOSTNAME="NameThisMachine"
export IP="a.ip.to.use"
export GATEWAY="ip.to.talk.to"
mkdir $TMPDIR
# produce a 1GB image, fudge with seek to change size
dd if=/dev/zero of=$IMAGE bs=1 count=1 seek=1G
# make partition, and mount it; Debian Sid kernels can only mount ext2, ext3, cramfs, iso9660, and reiserfs, ext3 is the only one worth using
mkfs.ext3 $IMAGE
mount -o loop $IMAGE $TMPDIR
# download and install Debian into your image: change arch to the arch you're using, and change sid to sid, etch, or sarge; this step takes awhile
debootstrap --arch i386 sid $TMPDIR $DEBIAN_MIRROR
# install a correct fstab, proc and sys are automatically loaded on boot
echo "/dev/ubd0 / ext3 defaults 0 0" > $TMPDIR/etc/fstab
echo $HOSTNAME > $TMPDIR/etc/hostname
# tweak inittab
cp $TMPDIR/etc/inittab $TMPDIR/etc/inittab.save
grep -v "getty" $TMPDIR/etc/inittab.save > $TMPDIR/etc/inittab
echo "# We launch just one console for UML:" >> $TMPDIR/etc/inittab
echo "c0:1235:respawn:/sbin/getty 38400 tty0 linux" >> $TMPDIR/etc/inittab
echo "# UML modification: use tty0 or vc/0" >> $TMPDIR/etc/securetty
echo "tty0" >> $TMPDIR/etc/securetty
echo "vc/0" >> $TMPDIR/etc/securetty
# add networking stuff
echo "auto lo" >> $TMPDIR/etc/network/interfaces
echo "iface lo inet loopback" >> $TMPDIR/etc/network/interfaces
echo "" >> $TMPDIR/etc/network/interfaces
echo "auto eth0" >> $TMPDIR/etc/network/interfaces
echo "iface eth0 inet static" >> $TMPDIR/etc/network/interfaces
echo "address $IP" >> $TMPDIR/etc/network/interfaces
echo "netmask 255.255.255.0" >> $TMPDIR/etc/network/interfaces
echo "gateway $GATEWAY" >> $TMPDIR/etc/network/interfaces
# clean up
umount $TMPDIR
rmdir $TMPDIR
You now have an image full of Debian named root_fs. To run, simply execute linux mem=64M ubd0s=root_fs. If you need more memory, increase the mem paramater. By default, there is no password for root, so just use root as your login and press enter when it asks for password.
A little aside on networking:the auto tuntap method (eth0=tuntap,,,the.ip.to.use, which basically does ARP proxying on the host machine) does not work properly as it only allows host->UML traffic. The only way I’ve been able to get UML networking to work properly is to build a full bridge setup. The following commands in /etc/network/interfaces/ sets up the bridge. You probably have something like:
auto eth0
iface eth0 inet dhcp
Comment that out with #s, and change it to:
auto br0
iface br0 inet dhcp
pre-up tunctl -u user-to-run-uml -t tap0
pre-up ifconfig eth0 0.0.0.0 promisc up
pre-up ifconfig tap0 0.0.0.0 promisc up
pre-up brctl addbr br0
pre-up brctl stp br0 off
pre-up brctl setfd br0 1
pre-up brctl sethello br0 1
pre-up brctl addif br0 eth0
pre-up brctl addif br0 tap0
post-down tunctl -d tap0
allow-hotplug eth0
iface eth0 inet manual
pre-up ifconfig eth0 0.0.0.0 promisc up
pre-up brctl addif br0 eth0
pre-down brctl delif br0 eth0
pre-down ifconfig eth0 down
Add the additional parameter to linux‘s command line: eth0=tuntap,tap0. That will make UML connect to tap0, and use the IP set above when you built the image. If you use a firewall, you need to change the interface to firewall from eth0 to br0, and to allow br0->br0 traffic.