Stuff I'm Up To

Technical Ramblings

Mysql Broken After Apt Upgrade — January 18, 2018

Mysql Broken After Apt Upgrade

My local install of mysql-community-server decided to fail today after applying some updates. I’m running Debian buster/sid so these kind of things are to be expected. But this was a totally new one to me.

Mysql failed to start so the update wouldn’t install.

Unpacking mysql-community-server (5.7.21-1debian9) ...
Setting up mysql-community-client (5.7.21-1debian9) ...
Setting up mysql-client (5.7.21-1debian9) ...
Processing triggers for systemd (236-3) ...
Processing triggers for man-db ( ...
Setting up mysql-community-server (5.7.21-1debian9) ...
Job for mysql.service failed because the control process exited with error code.
See "systemctl status mysql.service" and "journalctl -xe" for details.
invoke-rc.d: initscript mysql, action "start" failed.
● mysql.service - MySQL Community Server
   Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
   Active: activating (auto-restart) (Result: exit-code) since Thu 2018-01-18 08:54:36 GMT; 9ms ago
  Process: 11123 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/ ^[[0;1;31m(code=exited, status=1/FAILURE)^[[0m
  Process: 11088 ExecStartPre=/usr/share/mysql/mysql-systemd-start pre (code=exited, status=0/SUCCESS)
dpkg: error processing package mysql-community-server (--configure):
 installed mysql-community-server package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
Log ended: 2018-01-18  08:54:36

Then in my syslog file I saw lots of activity constantly trying to start and failing.

Continue reading

Microsoft Azure and Juniper SRX — January 12, 2018

Microsoft Azure and Juniper SRX

We’re getting on the Microsoft Office 366 and band wagon. I’m not a Microsoft fan, and think it’s overpriced for the functionality we’ll actually use. This means we need to setup an IPSec VPN between the Juniper SRX and Azure.

Microsoft have a Github page with not just guidance, but specific configuration examples to help do this. Not just with Juniper, but a range of firewalls.

We’ve got some consultants in setting up the Azure side of the VPN and once I got into the portal I laughed at how much they were charging for turning on the VPN feature and setting a private key – that’s it! There’s very little control to be able to do anything else and if you want logs to see why things aren’t going to plan, you’d better rely on your own device for that.

After a couple of hours they’d written some PowerShell to gather some information that was stale because we’d already moved on past that particular error.

But that said, the Azure side just works. Get your device side right and do your debugging from there and let Azure sit and just do it’s thing. You have to assume that Azure just works.

Continue reading

DFS – Access Denied — January 5, 2018

DFS – Access Denied

Whilst trying to add a new cluster for file shares to take over from the previous one we found that whilst replication worked to migrate the files, we could not remove or disable the old paths from the Folder Targets.

Access Denied – obviously some kind of permission issue, but try as we might comparing ACL’s between systems we couldn’t see where the issue was.

It all came down to the power of my Google Fu.

Continue reading

Mobility Printing from a Guest Network — January 4, 2018

Mobility Printing from a Guest Network

Today I have been mostly fumbling around in DNS trying to get untrusted devices on our Guest network to print to our PaperCut Pull Printing system using NAT.

All our WiFi users connect to the Guest VLAN which is isolated from the main production network. There are very few services that need to come from the Guest network into the Trusted zone, but this pull printing is one of them.


Continue reading

Vue.js, Vuetify and Laravel — December 24, 2017

Vue.js, Vuetify and Laravel

I’m really new to playing with Vue.js but thought I’d use it with Laravel and Vuetify rather than bootstrap. I couldn’t even get it off the ground due to this error:

app.js:442 [Vue warn]: Unknown custom element:  - did you register the component correctly? For recursive components, make sure to provide the "name" option.

(found in )

I’d tried to webpack the JS and this seems to be where the trouble lies. Something not loading quite right separating Vuetify out into the “vendor” script. Put simply the not being registered is because the vuetify.js script hasn’t loaded.

So going from this in my webpack.mix.js:

mix.js('resources/assets/js/app.js', 'public/js')
    .sass('resources/assets/sass/app.scss', 'public/css');

To this:

mix.js('resources/assets/js/app.js', 'public/js')
    .sass('resources/assets/sass/app.scss', 'public/css');

resolved the problem for me.

Windows 10 Explorer Slow on Open — December 19, 2017

Windows 10 Explorer Slow on Open

This wound me up this week. Every time I tried to open an Explorer instance to view some files I’d have to wait what seemed like an eternity before the window opened. It must have been about 30 seconds, maybe longer.

Ultimately it turned out to be a problem of my own making – kind of.

I’d repeatedly visited a Samba/CIFS share on a virtual Linux box I’ve been working on. Windows decided to add the share to my “Quick Access” list. But because the virtual box isn’t always on, the share wasn’t accessible and so explorer would have to wait for it to time out before showing me my C: drive.

Just clear the “not so” Quick Access list and presto, Explorer is back to opening quickly again.

Press Windows Key (or open Start Menu), type “folder” and open the “File Explorer Options” that are listed. Then click the “Clear” button under Privacy to get things back to as they should be.


I Googled plenty that recommended MSCONFIG and stopping services like Windows Search and Cortana, adding Registry Keys and other nonsense. When all it was is a Quick Access entry.


PHP7.0, Microsoft SQL Driver & Debian (stretch) — December 12, 2017

PHP7.0, Microsoft SQL Driver & Debian (stretch)

What a mission today has been. I think I’ll ultimately roll back to using Debian Jessie as Stretch isn’t a supported system, yet.

To get the MS SQL ODBC driver working even in Jessie appears to be a challenge. In Stretch I almost surrendered. It is working, but I do think it’s a bit of a hack as I’ve had to install an older libssl1.0.0 and enable the locale en_US.UTF-8.

PHP development voted out the inclusion of MS SQL to the project so now you must compile and install it yourself. There are some very good instructions out there to help you – even from Microsoft.

Continue reading

Laravel & PHP Minimum Requirements — December 11, 2017

Laravel & PHP Minimum Requirements

Make sure you’ve installed php and the necessary modules before trying to create a new Laravel project.

$ sudo apt-get install php-fpm php php-mbstring php-zip

The order of php-fpm and php is important as putting them the other way around you’ll find you get apache2 installed when you probably don’t want that.

Then you should be able to create your empty project using composer without any complaints.

$ cd /var/www
$ composer create-project --prefer-dist laravel/laravel [project]


Google Home and Kodi — November 29, 2017

Google Home and Kodi

I thought I’d take the opportunity to add a Google Home to my gadget collection. After all it’s on a £50 off same this week, so comes in at £79 delivered.

What I really want from it above all is to control my Kodi setup. Being able to voice control what movie or TV show to play would make the wife’s life a lot easier – and when she’s happy, I’m happy.

This is where I came across the GoogleHomeKodi project on GitHub and referenced on the Kodi forum here.

Continue reading

VMware Remote Console for Linux — November 22, 2017

VMware Remote Console for Linux

This has frustrated me for as long as I can remember. How do I manage our VMware vSphere estate when the tools provided don’t work reliably on Linux?

First there was the vCenter problem using Flash Player. Thank fully they release v6.5 which has a new HTML5 based interface – no more Flash Player!


Then inside there you could download the VMware Remote Console (VMRC) and isntall that to allow you to remote onto the actual vSphere guest and not rely on other Guest remote tools like RDS or VNC.

Only trouble with VMRC is that it would not install on my Debian system. I upgraded to the Debian Buster/Sid (testing) version and still can’t get it to work.

Then I couldn’t uninstall it either!

The uninstall complains that there is an unmet dependency for vmware-usbabitrator<=17.1.1. Try as I might I couldn’t get that to install either. I ran the installer bundle with a -x [path] to extract it then manually tried to get the vmware-usbarbitrator to run. Then gave up.

Time to resort to using VMware Workstation Player! Yes, the player can open vmrc:// links. But I couldn’t get it to install because it too complained about vmware-usbarbitrator. So I had to revisit removing VMRC.

To get the removal to work I used DB Explorer for SQLite and opened the /etc/vmware-installer/database file. Then deleted the row from the table component_dependencies that contained vmware-usbarbitrator>=17.1.1


Then I could remove VMRC using:

$ sudo vmware-installer -u vmware-vmrc

This did the trick and it got rid of VMRC. A vmware-installer -l still showed VIX so I removed that too.

$ sudo vmware-installer -u vmware-vix

Now my WMware Workstation Player bundle installed successfully. So I ran it from the menu. I left the license empty at this point and continued to accept the dialogs required to get to the main VMware Player app.

Now it’s just a case of going back to my vCenter Server Appliance (https://vcsa/ui) management interface and clicking on a Guests “Launch Remote Console” link. It fires up VMware Player and asks for credentials for the vcsa and up pops the guest remote screen!


PaperCut Certificate — November 21, 2017

PaperCut Certificate

Time to replace the PaperCut web server certificate. So pleased I ran into Keystore Explorer previously as this made changing the web server certificate a breeze.

Put simply you create a new keystore file, in the Program Files\PaperCut MF\server\custom folder, and import your certificate that you obtain from your internal CA. We did this using MMC and the Certificate snap-in on the print server. Then export the certificate with private key to a .pfx file. Then just import the .pfx into the new keystore in Keystore Explorer.

Edit the file in Program Files\PaperCut MF\server and add the relevant keystore and password details.:

### SSL/HTTPS Configuration (Default: 9192) ###

# Custom SSL keystore example (recommend placing in the custom directory)

Restart the PaperCut services, give it a minute and the user and admin portal should now be using the new certificate.


Now every printer that has an embedded PaperCut app will need to be updated to accept the new certificate. This means you have to visit each PaperCut admin console on every device – yes, that’s the painful bit if you have a lot of printers. Then you login to the console and click apply, even though you’ve made no change. This will then ask you to accept and trust the new certificate.



vSphere SSH failed to connect to host — November 17, 2017

vSphere SSH failed to connect to host

When trying to apply patches to one of our ESXi 6.0 hosts I found I couldn’t connect to it using ssh. Stopping and starting SSH from vCenter didn’t work. Neither did disabling/enabling from the DCUI.

From my client I’d see:

ssh_exchange_identification: Connection closed by remote host

So then I resorted to checking out the server from the console. First make sure I stopped SSH from either of the GUI’s.

Use ALT-F1 at the DCUI and logon to the host using your root account.

Then I tried to start sshd as a daemon using:

# /usr/lib/vmware/openssh/bin/sshd -D

Which reported errors Unsupported option running and Unsupported option PrintLastLog

So I editted my /etc/ssh/sshd_config file. Don’t know what caused it. But it was just a # missing from the first line. I guess I must have spannered it at some point when editing it to disable some ciphers. But the good news is using this method I can at least get some clear output from sshd -D to tell me why it wasn’t starting properly.

# running from inetd
# Port 2200
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

UsePrivilegeSeparation no

SyslogFacility auth
LogLevel info

PermitRootLogin yes

PrintMotd yes
PrintLastLog no

TCPKeepAlive yes

X11Forwarding no


So just to be safe I checked the other hosts and copied an sshd_config from one of the known good ones.