Post

Fedora and Vivaldi with Flash and ffmpeg support

So if you haven’t tried it yet, I strongly suggest giving Vivaldi a try.  It combines the base code of Chromium without the Chrome features you may not want with an interesting user interface.  To me, this is the best setup:

  • Chrome/Chromium underpinnings, so you don’t have website compatibility issues (Think Opera, a good browser, but odd support for online banking and other strict websites.  Yes, I know you can spoof the user agent, but the fact you have to do that doesn’t help non-power users, IMO.)
  • The user interface is fun, some of my favorites:
    • Mouse Gestures
    • Adaptive user interface
    • Notes

For Fedora users, the Vivald RPM from their website does install easy enough, but you can’t play Vines, Twitter Video, etc. because you don’t have functional ffmpeg support nor Flash if you use SiriusXM or other Flash only websites.  So, here’s a quick fix for you:

The Long Way

For Vine/Twitter Video support, the Vivaldi RPM comes with a libffmpeg.so located in /opt/vivaldi/lib , but it doesn’t run have support for h264/mp4 due to licensing restrictions.  What I did next was fire up a VM with Linux Mint and built chromium-codecs-ffmpeg-extra .  From there, I took libffmpeg.so and copied it to my Fedora install at /opt/vivaldi/lib after backing up the stock libffmpeg.so .  Double check that your standard user can read the plugin by:

# chmod 644 libfmpeg.so

For Flash Player, I had Chrome installed on the Linux Mint VM, so I just copied the directory /opt/google/chrome/PepperFlash to my Fedora machine and:

# chmod -R 644 /opt/google/chrome/PepperFlash

Then I restarted Vivaldi and had up-to-date Flash and working H.264/MP4 support.  Because I had the VM, it literally took me minutes to build, copy, and run these updates. Still, I’d love a repo from RPMFusion or someone that is really trustworthy, but that won’t happen with h.264/MP4 it appears.

The Easy Way

You are welcomed to use my plugin I built for libffmpeg.so and Flash, I realize not everyone is as paranoid as I am or just want to run it for testing purposes in a VM, etc.  I do not believe I’m violating any distribution rights from Adobe for the Flash Player since it is the Pepper plugin as opposed to Linux 11.2 version.  I’m sure Adobe will let me know otherwise…  Save libffmpeg.so to /opt/vivaldi/lib and libpepflashplayer.so to /opt/google/chrome/PepperFlash, enjoy!

libffmpeg.so   built on August 12th 2016
SHA1: d6514e2c0a16318d1feaf162ff6e6e035e36972c

libpepflashplayer.so     version 22.0.0.209
SHA1: 727799f1aba7a98052ec855a81c2b797c6f0025b

Post

VMWare Workstation for Linux and Windows guests have poor sound

So I run Fedora 23 at home and one of my VMs was running Windows 10, but the sound was awful.  The sound would have a horrible echo and “scratchy” sound, sometimes after it would play for a bit, it would “fix itself”.  I tried the following:

  • Different drivers in the .vmx file including sb16 (didn’t work at all)
  • Tried Windows 7 to see if it was a Windows 10 issue (nope the issue happened with any version of Windows)
  • Issue didn’t happen with virtual Linux guests
  • Fresh Windows 7, then 10 install (still had the issue by default
  • Tried the fix from VMWare for audio with the speaker output (didn’t fix it, in fact, 24bit made it worse)

Long story short, I finally found this thread that worked for me.  It just installed a legacy adapter in Windows 10 and it worked perfect!!  As long as I was in the .vmx, I installed the VMXNET3 driver by changing the network adapter from “E1000” to “vmxnet3” for better performance!

 

Post

Directadmin AWS setup

So Amazon requires their EC2 machines to use private IPs, regardless if you have an elastic IP.  The guys at Directadmin have a nice guide to help you setup, but making it work on CentOS requires a little help that I found on the amazon forums, but in case it goes away

 

$ cat /etc/sysconfig/network-scripts/ifcfg-eth0\:1
DEVICE=eth0:1
BOOTPROTO=static
ONPARENT=yes
IPADDR=10.0.x.x
NETMASK=255.255.255.0

$ cat /etc/sysconfig/network-scripts/route-eth0\:1
default via 10.0.0.1 dev eth0:1 table main
10.0.0.0/24 dev eth0:1 src 10.0.x.x table main

$ cat /etc/sysconfig/network-scripts/rule-eth0\:1
from 10.0.x.x/32 table main
to 10.0.x.x/32 table main

 

 

Post

Migration Zimbra Network edition RHEL to CentOS on AWS

So following this guide from the folks at Zimbra, it has most of what you need to migrate, I’m going to add some extra steps that I found to be helpful during the migration as it was botched in testing a couple times.  Migrating to AWS adds a few surprises to the migration

  • Absolutely obsess about getting your hostname, hosts files, and anything to do with DNS.  If you reboot, the AWS cloud config will nuke your settings, so make sure when you make your changes, which are normally simple changes for a Linux Admin, reboot and verify.
    • Before you make your changes to the settings above, go into /etc/cloud/cloud.cfg and comment, using # , the cloud init modules called:
      • set_hostname
      • update_hostname
  • The steps on copying the SSL certificates are a little rough, I went ahead and rsynced the /opt/zimbra/ssl folder right on over.  I had all sorts of issues with the server.key not matching and it was much easier to do this and let Zimbra fix the perms with the utility at the end.

Otherwise, make sure your elastic IP from amazon isn’t on a blacklist already with Spamhaus.   I’m a fan of mxtoolbox to check the blacklists for.  Finally, don’t forget your RevDNS setup for your static IP, you can just click here and submit your information to Amazon.  This is also the same spot to ask to get off of Spamhaus, if your IP is on a list, expect up to a week to get it resolved, though.

Post

Watchguard SSL-VPN for Linux

Borrowing a lot from this site, I wanted to update the process on using Mobile VPN with SSL Watchguard. Here’s what you need to do:

  1. Do not download from the sslvpn.html page of your VPN appliance, it won’t have all the steps for the Linux side of the house.
  2. Do download the CRT, PEM, and CA files from your Windows or Mac SSLVPN client installation.  For Windows, it is found in “%Appdata%\Watchguard\Mobile VPN” and grab the following to copy over to your Linux installation:
    1. ca.crt
    2. client.crt
    3. client.pem
  3. If you are using SELinux, you must copy the files from step 2 into ~/.cert or SELinux will whine and stop your connection as the certificates can’t lay around your home folder without intervention not covered here.
  4. Setup an openvpn client using the following settings:
    1. gateway = your pick
    2. Connection type = X.509 with password
    3. CA file = ca.crt
    4. Certificate = client.crt
    5. key = client.pem
    6. Key password = <unneeded>
    7. Username and password is your setup
  5. While setting up the connection, you need to tweak the settings by clicking on “Advanced” which is in the screen from step 3
    1. Gateway port = 443
    2. Tunnel and UDP fragment size = Automatic
    3. Check “Use custom reneotiation interval” = 36060 (default from Watchguard)
    4. Check “Use TCP Connection” as this is a SSLVPN on TCP 443
    5. On the Security tab, your cipher should be AES-256-CBC and the HMAC Authentication should be SHA-1

That’s it, the connection will fire right up and run without further settings.  Enjoy!