I finally figured out my weird font issues in VS Code

Posted on December 7, 2020 · 1 min reading time

I can’t remember when it started, but it was a while ago - Visual Studio Code started to show very strange font things when I have Editor: Render Whitespace turned on.

broken

This should look like…

working now

FInding the relevant thing to search for took… far too long. I ended up searching for “dot” and then clicking on random things in the Wikipedia page until I found Interpunct, and the Catalan usage of it…

[Read More]

Regarding My M1 MacBook's Battery

Posted on December 1, 2020 · 1 min reading time

Got my M1 powered MacBook Pro 13" today. Haven’t plugged it in since taking it out of the box - has gone from 88% to 39% battery in about four hours of “DO ALL THE THINGS SETUP SYNC BACKUP”. The i7 sitting next to it hasn’t charged from ~20% to 100% in that time…

— James Hodgkinson (@yaleman43381258) December 1, 2020

[Read More]

PowerDNS All Data Was Not Consumed Message

Posted on September 21, 2020 · 2 mins reading time

This was … annoying today.

I’m playing with upgrading a PowerDNS instance and started getting All data was not consumed when doing queries against particular zones. Turns out, it was the space at the end of the SOA record, somehow something was adding that in…

# pdnsutil check-zone example.com
[Error] Following record had a problem: "example.com IN SOA ns1.example.net dns.example.net 2020092142 3600 7200 3600000 172800 "
[Error] Error was: All data was not consumed
Checked 26 records of 'example.com', 1 errors, 0 warnings.

# psql -h nsdb.example.com


powerdns=> select * from records where type='SOA' and name like '%isdnsworking%';
    id    | domain_id | name        | type |                      content                                         | ttl  | prio | change_date | disabled | ordername | auth
----------+-----------+-------------+------+----------------------------------------------------------------------+------+------+-------------+----------+-----------+------
 15122753 |   1557559 | example.com | SOA  | ns1.example.net dns.example.net 2020092142 3600 7200 3600000 172800  | 3600 |      |             | f        |           | t
(1 row)

powerdns=> update records set content='ns1.example.net dmain.netregistry.net 2020092142 3600 7200 3600000 172800' where type='SOA' and name like '%isdnsworking%' ;
UPDATE 1
powerdns=> select * from records where type='SOA' and name like '%isdnsworking%';
    id    | domain_id | name        | type |                     content                                         | ttl  | prio | change_date | disabled | ordername | auth
----------+-----------+-------------+------+---------------------------------------------------------------------+------+------+-------------+----------+-----------+------
 15122753 |   1557559 | example.com | SOA  | ns1.example.net dns.example.net 2020092142 3600 7200 3600000 172800 | 3600 |      |             | f        |           | t
(1 row)

powerdns=> \q
# pdnsutil check-zone example.com
Checked 26 records of 'example.com', 0 errors, 0 warnings.

… wow.

[Read More]

Battery Equivalence...

Posted on September 17, 2020 · 1 min reading time

This was oddly hard to find…

The Energizer A544 is equivalent to the 4LR44, a 6 volt battery - which my Merlin garage door opener uses. It also replaces the 6V PX28A.

[Read More]

Raspberry Pi USB Boot 'USB-MSD Boot Requires Newer Software'

Posted on August 20, 2020 · 1 min reading time

I was getting this error when trying to boot my Raspi4 8GB from USB:

USB-MSD boot requires newer software

The fix is to grab the latest firmware from the raspberrypi/firmware repository like so:

  1. git clone --depth 1 https://github.com/raspberrypi/firmware
  2. cd firmware/boot
  3. Mount the USB boot drive on my mac
  4. cp -R * /Volumes/boot
  5. Unmount the drive and put it into the Pi

This’ll copy the latest firmware (don’t delete any other files) and it should work.

[Read More]

ManageEngine Password Manager Pro Parameter Error

Posted on June 18, 2020 · 1 min reading time

If you start getting an error like this, you need to update the SSL certificate on your SAML server ;)

It’ll show up in $installdir\logs\security-log-0.txt.

[10:52:00:698]|[06-18-2020]|[com.adventnet.iam.security.URLRule]|[WARNING]|[77]: Extra parameter found: the parameter Map :  {[SigAlg = http://www.w3.org/2000/09/xmldsig#rsa-sha1][Signature = Tn+28vsQB9fXiL2SwGShT4gGwyNhDUbWWLPM1SZjc/K2M6xuwAS+zEL8fdDU9/XzAVvnRhrK4SRDitCWjCBwAUMiHLYONjMz6jNRs5HqjwFUCEk8slFlvup0oER2vq4w5BfbXBt7VKku85xOWqu7gHHAr9Xkhtlx8i/Xdmw0S4r/66V+bMHHKUm3dc/bJ/dEF8KOFdseSwNF2gDhiTX2iMyhIsrZeifjp5O/WpJJdi80WbX50kQrkGOJa17Pbvi9o9yoFBLtHDvyp2AfUXghW6kuA8d0unvBmo5dqr8kwTkungs/+IExBHbGIP8M/gKvAcUKgleP/99jXUxjct6GCw==]}  for the URI : (/STATE_ID/[0-9]+)?/saml2|
[Read More]

Drone CI and 'Github Pages Promoted Build xxxx' causing failed builds

Posted on May 18, 2020 · 1 min reading time

I enabled Github Pages on Dewar last night and it started triggering these weird failing builds in Drone CI.

github-pages [bot] promoted github-pages to ac77354f

After much searching I finally found a thread on the Drone CI Discourse “GitHub Pages triggering builds incorrectly” - turns out it’s a weird deploy hook thing.

Adding the “trigger” block to my .drone.yml fixed it (block snipped from the larger file):

kind: pipeline
type: docker
name: dewar

trigger:
  event:
    exclude: [ promote ]
steps:
- name: pytest

Quote from @bradrydzewski on the Discourse:

[Read More]

Proxmox VE and Management on IPv6

Posted on May 17, 2020 · 1 min reading time

I try to run IPv6 all the things, these days. It makes connectivity from the outside world (when needed) much easier; once DNS is set up, who needs to connect via IP address anyway?

I knew connectivity worked because I could ssh to the IPv6 address, but pveproxy was being a pain (as usual). Turns out, it looks at /etc/hosts for the hostname on startup, to figure out where to bind to.

[Read More]

Splunk, SAML, and ADFS: failed to parse issuer

Posted on May 15, 2020 · 1 min reading time

Trying to get Splunk doing SAML auth against ADFS today. Was getting this error in splunkd.log.

05-15-2020 00:43:39.673 +0000 ERROR Saml - Failed to parse issuer. Could not evaluate xpath expression /samlp:Response/samlp:Status/samlp:StatusMessage or no matching nodes found. No value found in SamlResponse for key=/samlp:Response/samlp:Status/samlp:StatusMessageCould not evaluate xpath expression /samlp:Response/samlp:Status/samlp:StatusDetail/Cause or no matching nodes found. No value found in SamlResponse for key=/samlp:Response/samlp:Status/samlp:StatusDetail/CauseCould not evaluate xpath expression //saml:Assertion/saml:Issuer or no matching nodes found. No value found in SamlResponse for key=//saml:Assertion/saml:Issuer
05-15-2020 00:43:39.673 +0000 ERROR UiSAML - IDP failed to authenticate request. Status Message="" Status Code="Responder"

Turned off Authentication request signing and it came good. I can’t store the frontend cert in the ADFS config because it changes as often as the LetsEncrypt issuance period, so this’ll do for now.

[Read More]

Getting the TOTP Key From the Guacamole Database

Posted on May 7, 2020 · 1 min reading time

Guac’s great, but there’s no interface for changing the TOTP key once it’s set for a user.

I’m using docker-compose to build this, so your method might be different.

Connect to postgresql:

psql guacamole postgres

To make sure you’re in the right db, type \dt and hit enter, it should show you a bunch of tables starting with guacamole_.

This is the query, copypasta should do it.

select entity.name, uid.user_id, uattr.attribute_value 
from guacamole_user as uid, 
    guacamole_user_attribute as uattr, 
    guacamole_entity as entity 
where uattr.attribute_name='guac-totp-key-secret' 
    AND uid.entity_id=entity.entity_id
    AND uid.user_id=uattr.user_id;

And the result I get (I’ve only got one user)

[Read More]