How to mount your backups with Obnam using FUSE

With the latest version 1.5 Obnam introduced a pretty cool new feature: You now can mount your backup as if it would be a "virtual hard drive". That is, you don't need to extract / restore your backup using Obnam's command line anymore if you only are interested in certain files or directories to restore.

Since this feature is pretty new I had to bring myself up-to-date on how to exactly use the mount option. Since this is FUSE (Filesystem in Userspace) you don't need to be root to mount the actual backup. Still, it took my a while until I figured out the right parameters to make it all work.


This is how to make it happen (tested on Ubuntu / Mint / Debian):

First, you have to create a new directory in your home directory where to actually let Obnam mount the backup into. I chose

/home/<your-user-name>/tmp/obnam

for that.

Second, your user needs to be part of the group "fuse". This already should be the case, and if not: 

 sudo usermod -a -G fuse <your-user-name>

Now comes the fun part: Mounting your backup! For me, my backups are located on my NAS, which in turn are mounted (read-only, for saftey!) into

/media/ds212/backup/<your-hostname>/backup_YYMM

To mount the this backup repository, do a

obnam mount --repository /media/ds212/backup/<your-hostname>/backup_1310/ --client-name <your-hostname> --viewmode=multiple / --to=/home/<your-user-name>/tmp/obnam

Note: Execute the command above as your regular user, not as root! The backup will be mounted as ready-only -- makes sense with a backup, does it?

Now you should be able to access your backup within

/home/<your-user-name>/tmp/obnam

The cool thing is: With the option --viewmode=multiple just supplied above you can access all backup generations so far created at once. The latest folder contains a link to the, well, latest backup made.

To unmount the backup you need to be root however: sudo umount obnam

Have fun with this cool feature!

Why Android SSL was downgraded from AES256-SHA to RC4-MD5 in late 2010

Whoa, what an article! If you consider IT security your thing you have to read the following blog post over at:

http://op-co.de/blog/posts/android_ssl_downgrade/

The author essentially found out that since Android 2.3.4 Google has changed the default cipher suite list to favor the (unsecure) RC4-MD5 first instead of RSA-SHA256.

How to debug SSH path problems on Synology NASes

Recently I wanted to add just another backup job to my beloved DS212+ Synology NAS box. This job essentially does a bit of shell stuff via SSH on that box, also requiring to have some of the optware binaries in $PATH.

Well, first it didn't work out because apparently the optware binaries (more precisely /opt/bin and /opt/sbin) weren't in SSH's $PATH. However, I was pretty sure (and of course double checked!) that $PATH was tweaked correctly in the .ssh/environment file and that sshd was restarted after that.

To debug the issue further I just started another SSH instance on the Synology, using a different port + in foreground debug mode: 

/usr/syno/sbin/sshd -d -D -p 2222

On my client I then did this:

ssh -v root@<IP-to-my-NAS> echo \$PATH

Ah ha! The "Environment:" on the client side now told me that it indeed was picking up the wrong $PATH. But wait: Where did this come from?

Quick answer: Synology's start/stop script located at

/usr/syno/etc/rc.d/S95sshd.sh

kind of messes it up. For the sake of speed I believe it doesn't really terminate the old sshd instance and instead just drops existing connections. This is why changes to .ssh/environment do not get applied correctly after restarting the service.

Solution to all this now sounds pretty simple: Log in to DSM (DiskStation Manager) via web interface, go to system settings / terminal and (again) activate "SSH". This will (re-)start sshd the right way with the new environment settings picked up. Crappy, but works!


 

How to re-root your devices after Android 4.3 OTA

Yay, so you finally got your hands on the just released Android 4.3 on-the-air (OTA) update? Great! But wait ...after upgrading your lovely root permissions are gone and even Super-SU does not work anymore?

This happened to me as well on my beloved Nexus 4, so to quickly remember how to gain root after such an update, do the following:

1. Make sure you got the latest Android SDK (namely, adb + fastboot) installed 
2. If wanted: Get the latest ClockworkMod (CWM) recovery for flashing here
3. Download the latest SuperSU flashable .zip from here
4. Place the SuperSU flashable .zip onto your device's SD-card / -partition
5. Connect your device via USB cable to your PC
6. Do a adb devices to check if your device is being recognized
7. Do a adb reboot bootloader to reboot your device into the bootloader
8. Now, do a fastboot flash recovery <path to the CWM recovery .img file> to flash the latest CWM recovery to your device
9. Time to reboot the device into CWM by choosing "Recovery" directly on the device's bootloader screen (via the volume +/- buttons, power button to confirm)
10. CWM now should boot up. Here you now have to select the SuperSU .zip downloaded and up on the SD-card / -partition from step 4 and flash it.

And finally: Reboot the device and enjoy having root access again!

"I Contribute to the Windows Kernel. We Are Slower Than Other Operating Systems. Here Is Why."

Just found a very nice post over at HackerNews which apparently is from an engineer working at Microsoft, comparing the innovation speed of Linux and MS kernels. A must-read for techies: http://blog.zorinaq.com/?e=74

Tiny Tiny RSS and Synology NASes

Today I spent a bit of time to evaluate Tiny Tiny RSS, an Open-Source and web-based RSS client with API support and much, much more.

I simply wasn't too happy with my last Feedly experiments, namely: No plugins, no filtering / tagging / scoring support and, well, it's closed-source. So I decided to give Tiny Tiny RSS a try. Why? Maybe you've heard about Google Reader closing soon.

Luckily, Syno Community is offering a (beta) package for Synology NASes, like for my DS212+. To get this package you have to add Syno Community's package repository with a special parameter:

http://packages.synocommunity.com/?beta=1

(Note the ?beta=1 at the end)

After adding, installation should go pretty smooth. Oh, and did I mention you have to enable MySQL and Web Station before doing that? Otherwise it won't work. Really.

In case you're wondering what's your admin user default password (in case you didn't change it yet) for the MySQL server: it's empty, nothing, nada.

If Tiny Tiny RSS' update daemon is not running correctly, that is, your feeds don't get updated, see the next steps:

Stop the package in the Synology package manger.

Check what's going on by manually running

su -m nobody -c "php /var/services/web/tt-rss/update.php --daemon"

on the SSH command line.

If there's an error like "sh: /usr/syno/bin/php: not found" you have to link the existing PHP binary via

ln -s /usr/bin/php /usr/syno/bin/php

After that the regular "--daemon" should work and also update the feeds. Now you can start the package again in the package manager.

Hope this helps.

Pictures from a developer’s life

Just a small one for the weekend you shouldn't miss: Pictures from a developer’s life