Apache Directory (DS) systemd.service

Place following file into /usr/lib/systemd/system/apacheds.service

# Systemd unit file for ApacheDS instances.

[Unit]
Description=Apache DS LDAP server
After=syslog.target network.target

[Service]
Type=forking
ExecStart=/opt/apacheds-2.0.0_M20/bin/apacheds start default
ExecStop=/opt/apacheds-2.0.0_M20/bin/apacheds stop default
SuccessExitStatus=143
User=apacheds
Group=apacheds

[Install]
WantedBy=multi-user.target

Then execute:

systemctl enable apacheds
systemctl start apacheds

How reliable is your PC

Thanks to the research done by Bianca Schroeder, Eduardo Pinheiro and Wolf-Dietrich Weber about errors that occur in DRAM memory, now we know that it is possible a single machine to have 48621 errors (correctable errors) per year. Roughly this makes 133.20 (48621 / 365) errors per day or 5.55 errors per hour.
The research is based on DRAM memory equipped with ECC (Error-correcting code). Most home/office PCs don't use ECC, so those errors are not detected and cause software failure (like infamous blue screen of death)

Windows update error 8024402C

When windows update gives error 8024402C, and the machine is not managed by WSUS and has internet connection, the problem could be solved by executing following command line:

netsh winhttp reset proxy

Updating to Windows 10 when having GRUB 2 bootloader installed in MBR.

Usually when having dualboot of Windows and Linux the GRUB 2 bootloader is installed in MBR. When trying to update to Windows 10 it fails with the following error "We Can't Tell if your PC has enough space to continue".
Well the solution for updating to Windows 10 is simple - restore the hardisk Master Boot Record (MBR) using Windows installation disc (it can be also created via Microsoft's MediaCreationTool - the same tool used for updating to Windows 10. Just on the first screen choose not to update, but "Create installation media for another PC" and write it to DVD/USB).
Boot from the Windows installation DVD/USB and follow instruction until screen that allows you to install windows or "Repair your computer". Choose to "Repair your computer" / "Troubleshoot" / "Advanced options" / "Command prompt"
Execute following command:

bootrec.exe /fixmbr

Reboot and start the update process again. Now the update should be successful.
Now Windows boots successfully but Linux is no longer accessible. One way to make Linux bootable again is to use Windows bootloader to load Linux. I prefer this method because I don't want to face any future problems with windows updates.
We need a copy of the GRUB2 exported as file. For that reason we will install GRUB on Partition Boot Record (PBR) and copy the boot sector to file. First we must access the installed Linux partitions. Create a "Live CD" on DVD/USB and boot from it. The from the shell mount your existing linux installation. Let's assume that /dev/sda3 is the linux boot partition, /dev/sda4 is the root partition. Now mount the volumes:

mount /dev/sda4 /mnt
mount /dev/sda3 /mnt/boot
mount --bind /dev /mnt/dev
mount --bind /proc /mnt/proc
mount --bind /sys /mnt/sys

Optionally you may mount home directory

mount /dev/sdaX /mnt/home

Now do chroot:

chroot /mnt

Reinstall grup 2 on boot partition

grub2-install /dev/sda3

You may receive following error:
"warning: Embedding is not possible. GRUB can only be installed in this setup by using blocklists. However, blocklists are UNRELIABLE and their use is discouraged.
error: will not proceed with blocklists"
Then just use --force

grub2-install --force /dev/sda3

Once the installation complets create a dump of the bootsector:

dd if=/dev/sda3 of=/tmp/linux.bootsector.bin bs=512 count=1

copy the /tmp/linux.bootsector.bin  to some partition accessible by Windows.

mkdir /mnt/c

mount /dev/sda2 /mnt/c

cp /tmp/linux.bootsector.bin /mnt/c

umount /mnt/c

Now reboot and start Windows and we need to create a new BCD entry for Linux
Open administrative command prompt (right click on "command prompt" and choose run as administrator)

bcdedit /create /d “Linux” /application BOOTSECTOR

The command will return GUID e.g. {5474794d-1fe8-4008-a0ae-d10210214f2a}
That GUID will be use in next commands.
Configure new BCD entry's partition and path to the location where linux.bootsector.bin is copied

bcdedit /set {5474794d-1fe8-4008-a0ae-d10210214f2a} device partition=C: 

bcdedit /set {5474794d-1fe8-4008-a0ae-d10210214f2a}  PATH \linux.bootsector.bin

Then configure the new entry to be shown last, and the OS selection menu timeout to be 5 seconds.

bcdedit /displayorder {5474794d-1fe8-4008-a0ae-d10210214f2a}  /addlast

bcdedit /timeout 5

Reboot and now you will be able to boot either Windows or Linux.

Windows 10/8/7/Vista administrative shares are not accessible (from linux / windows)

The information is based on Access Denied Trying to Connect to Administrative Shares C$, D$ etc.

Typical error is :

mount -t cifs -o username=superman,password=secret //192.168.22.14/c$ /mnt/c
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)

The reason is that described in KB951916 Microsoft introduced as part of UAC a little known feature called “UAC remote restrictions”. It filters the access token for connections made with local user accounts or Microsoft accounts (the latter typically have the format MicrosoftAccount\EMailAddress). In other words it removes the SID for “Administrators”. Connections made with domain accounts remain unchanged. From KB951016:

If the user wants to administer the workstation with a Security Account Manager (SAM) account, the user must interactively log on to the computer that is to be administered with Remote Assistance or Remote Desktop, if these services are available.

UAC remote restrictions can be disabled by setting the DWORD registry value LocalAccountTokenFilterPolicy to 1:

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Value: LocalAccountTokenFilterPolicy
Data: 1 (to disable, 0 enables filtering)
Type: REG_DWORD (32-bit)

Reboot is not required on Windows 8/10

OpeneElec Kodi hacking - creating music catalog

Systemd CIFS mount

/storage/.config/system.d/storage-music-rock.mount

[Unit]
 Description=cifs mount script
 Requires=network-online.service
 After=network-online.service
 Before=kodi.service

 [Mount]
 What=//192.168.0.31/MusicRock
 Where=/storage/music/rock
 Options=username=myusername,password=mypassword,rw
 Type=cifs

 [Install]
 WantedBy=multi-user.target

Important: this file must be renamed to mountpoint.mount where mountpoint, is the FULL path where the share will be mounted. Slashes "/" MUST BE REPLACED with dashes "-" with .mount as extension. This means, if we want mount to "/storage/music/rock" (see above "Where=/storage/music/rock") then this file must be renamed to 'storage-music-rock.mount'. This is only for the filename! not for the What= and Where= sections!

Script that maps file by the first two letters

/storage/.config/create_symb_links.sh chmod +s /storage/.config/create_symb_links.sh

#!/bin/bash
displayUsage() { 
  echo "Scans source directory and create symbolic links based on the file first two letters" 
  echo -e "\nUsage:\n$0 [src-dir] [links-dir]\n  src-dir\tsource directory to be scanned\n  links-dir\tfull path to target directory where symbolic links will be created\n\n" 
  echo -e "e.g.:\n $0 /storage/music/rock /storage/music/rock_links/\n\n"
  echo -e "Let's have 3 files:\n    /storage/music/rock/rock1\n    /storage/music/rock/rock2\n    /storage/music/rock/metal\n"
  echo -e "then inside /storage/music/rock_links/ you will have following files:\n"
  echo -e "    /storage/music/rock_links/RO/rock1\n    /storage/music/rock_links/RO/rock2\n    /storage/music/rock_links/ME/metal\n"
} 


if [[ -z $1 ]]; then
  displayUsage
  exit 1 
fi

if [[ -z $2 ]]; then
  displayUsage
  exit 1 
fi

dir=$1
links=$2
currdir=`pwd`

rm -Rf $links

cd $dir

mkdir -p $links
for f in *
do 
  prefix=`echo $f | cut -c 1,2 | tr [:lower:] [:upper:]`
  mkdir -p $links/$prefix
  ln -s "$dir/$f" "$links/$prefix/$f"
done

cd $currdir

Service for creating music catalog

/storage/.config/system.d/catalog-music-rock.service

[Unit]
Description=Create musics catalog
Requires=storage-music-rock.mount
After=storage-music-rock.mount
Before=kodi.service

[Service]
Type=oneshot
ExecStartPre=/bin/bash -c 'echo "Creating music catalog ..."'
ExecStart=/bin/bash -c '/storage/.config/create_symb_links.sh  /storage/music/rock /storage/music/rock_links'
StandardOutput=tty

[Install]
WantedBy=multi-user.target

Enabling mount and services

systemctl enable storage-music.mount
systemctl enable storage-music-rock.mount
systemctl enable catalog-music-rock.service

Glassfish 2.1: Using Local EJB interface in WAR's POJO

Base interface for local and remote interfaces

public interface HelloEjb extends Serializable {
  public String hello(); 
}

Define local interface

@Local
public interface HelloEjbLocal extends HelloEjb {
}

Define remote interface

@Remote
public interface HelloEjbRemote extends HelloEjb {
}

Define EJB implementation

//@Local(HelloEjbLocal.class) // not needed
//@Remote(HelloEjbRemote.class) // not needed
@Stateless
public class HelloEjbImpl extends HelloEjbLocal, HelloEjbRemote {
  public String hello() { return "hello world!"; }
}

Using EJB in POJO

Please note that the POJO must be called from a class that is part of the WAR (either servlet, webservice, etc.)

// Notes: POJO must be called by class from the WAR
@EJB(name="helloEjbJndi", beanInterface=HelloEjbLocal.class)
public class HelloClient {

  public HelloEjb getEjb() throws NamingException {
    final InitialContext ctx = new InitialContext();
    return (HelloEjb)ctx.lookup("java:comp/env/helloEjbJndi");
  }
}

Read time and battery status from bluetooth device

Pair with the device

[root@laptop ~]$ bluetoothctl 
[NEW] Controller AA:BB:CC:DD:EE:FF laptop [default]
[bluetooth]# power on
Changing power on succeeded
[bluetooth]# scan on
Discovery started
[CHG] Controller AA:BB:CC:DD:EE:FF Discovering: yes
[NEW] Device F1:F2:F3:F4:F5:F6 CHRONOS ECO XXXX
[bluetooth]# info F1:F2:F3:F4:F5:F6
Device F1:F2:F3:F4:F5:F6
 Name: CHRONOS ECO XXXX
 Alias: CHRONOS ECO XXXX
 Appearance: 0x1234
 Paired: no
 Trusted: no
 Blocked: no
 Connected: no
 LegacyPairing: no
 UUID: Vendor specific           (6e400001-b5a3-f393-e0a9-e50e24dcca9e)
[bluetooth]# trust F1:F2:F3:F4:F5:F6
[CHG] Device F1:F2:F3:F4:F5:F6 Trusted: yes
Changing F1:F2:F3:F4:F5:F6 trust succeeded
[bluetooth]# agent on
Agent registered
[bluetooth]# default-agent
Default agent request successful
[bluetooth]# pair F1:F2:F3:F4:F5:F6
Attempting to pair with F1:F2:F3:F4:F5:F6
[CHG] Device F1:F2:F3:F4:F5:F6 Connected: yes
[CHG] Device F1:F2:F3:F4:F5:F6 UUIDs:
 00001800-0000-1000-8000-00805f9b34fb
 00001801-0000-1000-8000-00805f9b34fb
 00001805-0000-1000-8000-00805f9b34fb
 0000180a-0000-1000-8000-00805f9b34fb
 0000180f-0000-1000-8000-00805f9b34fb
 6e400001-b5a3-f393-e0a9-e50e24dcca9e
[CHG] Device F1:F2:F3:F4:F5:F6 Paired: yes
Pairing successful
[bluetooth]# paired-devices 
Device F1:F2:F3:F4:F5:F6 CHRONOS ECO XXXX
[bluetooth]# info F1:F2:F3:F4:F5:F6
Device F1:F2:F3:F4:F5:F6
 Name: CHRONOS ECO XXXX
 Alias: CHRONOS ECO XXXX
 Appearance: 0x1234
 Paired: yes
 Trusted: yes
 Blocked: no
 Connected: no
 LegacyPairing: no
 UUID: Generic Access Profile    (00001800-0000-1000-8000-00805f9b34fb)
 UUID: Generic Attribute Profile (00001801-0000-1000-8000-00805f9b34fb)
 UUID: Current Time Service      (00001805-0000-1000-8000-00805f9b34fb)
 UUID: Device Information        (0000180a-0000-1000-8000-00805f9b34fb)
 UUID: Battery Service           (0000180f-0000-1000-8000-00805f9b34fb)
 UUID: Vendor specific           (6e400001-b5a3-f393-e0a9-e50e24dcca9e)
[bluetooth]# quit

We will read the information from the "Current Time Service" and "Battery Service"

Connect to the device and list services with handles

[root@laptop ~]$ gatttool -t random -I -b F1:F2:F3:F4:F5:F6
[F1:F2:F3:F4:F5:F6][LE]> connect
Attempting to connect to F1:F2:F3:F4:F5:F6
Connection successful
[F1:F2:F3:F4:F5:F6][LE]> primary
attr handle: 0x0001, end grp handle: 0x0007 uuid: 00001800-0000-1000-8000-00805f9b34fb
attr handle: 0x0008, end grp handle: 0x000b uuid: 00001801-0000-1000-8000-00805f9b34fb
attr handle: 0x000c, end grp handle: 0x0011 uuid: 6e400001-b5a3-f393-e0a9-e50e24dcca9e
attr handle: 0x0012, end grp handle: 0x0015 uuid: 0000180f-0000-1000-8000-00805f9b34fb
attr handle: 0x0016, end grp handle: 0x0020 uuid: 0000180a-0000-1000-8000-00805f9b34fb
attr handle: 0x0021, end grp handle: 0xffff uuid: 00001805-0000-1000-8000-00805f9b34fb

Connect to handle of "Current Time Service" (00001805-0000-1000-8000-00805f9b34fb).

Use the handle and the grp handle values.

[F1:F2:F3:F4:F5:F6][LE]> characteristics 0x0021 0xffff
handle: 0x0022, char properties: 0x12, char value handle: 0x0023, uuid: 00002a2b-0000-1000-8000-00805f9b34fb

Note the "char value handle" and use it for reading characteristics data.

[F1:F2:F3:F4:F5:F6][LE]> char-read-hnd 0x0023
Characteristic value/descriptor: df 07 04 1A 16 0e 00 00 03 00 00 00 

the first two bytes are the year: 07df = 2015
the thrid byte is the month: 04 = April
the fourth byte is the date: 1A = 26
the fifth byte is the hour: 16 = 22
the sixth byte is the minutes: 0e = 14
So the date is: 26.April.2015 22:14
More information about the format could be found here

Now let's read the battery status from Battery Service (0000180f-0000-1000-8000-00805f9b34fb)

[F1:F2:F3:F4:F5:F6][LE]> characteristics 0x0012 0x0015
handle: 0x0013, char properties: 0x12, char value handle: 0x0014, uuid: 00002a19-0000-1000-8000-00805f9b34fb
[F1:F2:F3:F4:F5:F6][LE]> char-read-hnd 0x0014
Characteristic value/descriptor: 5a

This is the battery status (in percentage): 5a = 90
So the battery level is 90%.
More information about the format could be found here

Bluetooth COM port in Linux

Following tools are needed for dealing with bluetooth devices in Linux: bluetoothctl, hcitool, rfcomm, minicom

Pairing

Powering the bluetooth adapter and making it pairable

user@workstation:~$ bluetoothctl
[bluetooth]# power on
Changing power on succeeded

[bluetooth]# pairable on 
Changing pairable on succeeded

Search for new bluetooth devices - note the btaddress of the device (00:06:66:04:9E:4A). It is needed for all bluetooth commands

[bluetooth]# scan on
Discovery started
[CHG] Controller aa:bb:cc:dd:ee:ff Discovering: yes
[NEW] Device 00:06:66:04:9E:4A FireFly-9E4A

[bluetooth]# scan off
Discovery stopped
[CHG] Controller aa:bb:cc:dd:ee:ff Discovering: no

Retrieve some information about the device

[bluetooth]# info 00:06:66:04:9E:4A
Device 00:06:66:04:9E:4A
 Name: FireFly-9E4A
 Alias: FireFly-9E4A
 Class: 0x001f00
 Paired: no
 Trusted: no
 Blocked: no
 Connected: no
 LegacyPairing: yes

Optionally configure the device to be trusted - so if it automatically accepts generated PINs. However for legacy pairing manually entered PIN is required.

[bluetooth]# trust 00:06:66:04:9E:4A
[CHG] Device 00:06:66:04:9E:4A Trusted: yes
Changing 00:06:66:04:9E:4A trust succeeded

Configure the bluetoothctl to be default agent for dealing with PIN code.

[bluetooth]# agent on
Agent registered

[bluetooth]# default-agent 
Default agent request successful

Now pair with the device

[bluetooth]# pair 00:06:66:04:9E:4A
Attempting to pair with 00:06:66:04:9E:4A
[CHG] Device 00:06:66:04:9E:4A Connected: yes
Request PIN code
[agent] Enter PIN code: 1234
[CHG] Device 00:06:66:04:9E:4A UUIDs:
 00001101-0000-1000-8000-00805f9b34fb
[CHG] Device 00:06:66:04:9E:4A Paired: yes
Pairing successful

Double check the pairing and quit

[bluetooth]# paired-devices 
Device 00:06:66:04:9E:4A FireFly-9E4A

[bluetooth]# quit

Discovering services and RFCOMM channels

For devices that support SDP - Service Discovery Protocol (UUID: 00000001-0000-1000-8000-00805F9B34FB) the following command will show available protocols and RFCOMM channels. The XX:XX:XX:XX:XX:XX is the btaddress of the device. Note that in the previos example the device 00:06:66:04:9E:4A do not support SDP protocol, so the sdptool command will produce empty result.

user@workstation:~$ sdptool browse XX:XX:XX:XX:XX:XX
Service Name: Object Push Profile
Service RecHandle: 0x1000f
Service Class ID List:
  "OBEX Object Push" (0x1105)
Protocol Descriptor List:
  "L2CAP" (0x0100)
  "RFCOMM" (0x0003)
    Channel: 2
  "OBEX" (0x0008)
Profile Descriptor List:
  "OBEX Object Push" (0x1105)
    Version: 0x0100

Creating links to the remote COM port

Retrieving the bluetooth adapter name on the local machine.

user@workstation:~$ hcitool dev
Devices
        hci0    aa:bb:cc:dd:ee:ff

The adapter is called hci0 Optionally the connection could be tested with the following command

user@workstation:~$ sudo rfcomm connect hci0 00:06:66:04:9E:4A 1

Creating symlink to bluetooth serial port

user@workstation:~$ sudo rfcomm bind hci0 00:06:66:04:9E:4A 1

Verifying that the connection is established

user@workstation:~$ sudo rfcomm -a
rfcomm0: 00:06:66:04:9E:4A channel 1 connected [tty-attached]

The serial (COM) port is available as /dev/rcomm0 Any terminal program can use it. With following command will configure rootooth bluetooth device to communicate with Roomba 520 at baud rate 115200

user@workstation:~$ sudo minicom -D /dev/rfcomm0
$$$
>CMD
U,115K,N
>AOK
---
>END

Removing the symlink

In order to remove the symbolic link to the serial port the following command must be executed:

user@workstation:~$ sudo rfcomm release hci0

Unpairing the device and removing pairing configuration

user@workstation:~$ bluetoothctl

[bluetooth]# disconnect 00:06:66:04:9E:4A
Attempting to disconnect from 00:06:66:04:9E:4A
Successful disconnected

[bluetooth]# remove 00:06:66:04:9E:4A
[DEL] Device 00:06:66:04:9E:4A FireFly-9E4A
Device has been removed

[bluetooth]# power off
Changing power off succeeded