Michael Kane dryliketoast

How to mount a qcow2 disk image

This is a quick guide to mounting a qcow2 disk images on your host server. This is useful to reset passwords, edit files, or recover something without the virtual machine running.

Step 1 - Enable NBD on the Host

modprobe nbd max_part=8

	Is there a tool like iotop but for monitoring IO on specific volumes?
	https://unix.stackexchange.com/questions/72027/iotop-but-for-particular-disk/701656#701656

	Check out `fatrace`

	For example, cd into the partition you want to (in my case, mount point /hdd) monitor and run

	sudo fatrace -c -t

	Then, for example a touch /hdd/x will show:

	source: https://blog.danman.eu/new-version-of-lenkeng-hdmi-over-ip-extender-lkv373a/

	Device should send packets like this:
	11:06:02.782172 IP 192.168.1.238.5004 > 239.255.42.42.5004: UDP, length 1328
	11:06:02.782542 IP 192.168.1.238.5004 > 239.255.42.42.5004: UDP, length 1328
	11:06:02.782775 IP 192.168.1.238.5004 > 239.255.42.42.5004: UDP, length 1328
	11:06:02.783042 IP 192.168.1.238.5004 > 239.255.42.42.5004: UDP, length 1328

	Connect to stream when on same subnet:
	vlc udp://@239.255.42.42:5004

	Version: FreeNAS-11.3-U5
	Problem: Active Directory Faulted

	Resolution:
	1) Disabling the service
	2) Manually delete the kerberos realm
	3) Enabling the service again

	Active Directory should now show as healthy and function properly
	Ref: https://www.reddit.com/r/freenas/comments/fbsfq8/active_directory_faulted/

	On a side note you can use nmap with ssl-enum-ciphers script as follows

	`nmap --script ssl-enum-ciphers -p 443 example.com`
	You will get a response like this.

	```
	PORT STATE SERVICE
	443/tcp open https
	\| ssl-enum-ciphers:
	\| SSLv3:

	within the virtual machine, update grub with this:
	GRUB_CMDLINE_LINUX=”console=tty1 console=ttyS0,115200n8″

	reboot the virtual machine

	so instead of using ssh from the host, you can now do this:
	virsh console --domain [virtual-machine-name]

	this works with most linux distributions on bare metal (ipmi) or otherwise

	gsettings set org.gnome.shell.extensions.desktop-icons show-home false
	gsettings set org.gnome.shell.extensions.desktop-icons show-trash false


	https://unix.stackexchange.com/questions/125382/migrate-socat-init-script-to-systemd
	For socat, I use a pure systemd approach. This is an example for a serial loopback:

	[Unit]
	Description=Socat Serial Loopback
	#Before=my-other.service

	[Service]
	Type=simple

	Creating a Self-Signed Certificate
	As an example, we'll create a certificate that might be used to secure a personal website that's hosted with Apache.

	The example will create a certificate valid for 365 days; we may wish to increase this value. We've specified the FQDN (fully qualified domain name) of the VPS for the "Common Name" entry, as this certificate will be used for generic SSL service.

	$ sudo openssl req -new -x509 -sha256 -days 365 -nodes -out /etc/ssl/localcerts/apache.pem -keyout /etc/ssl/localcerts/apache.key
	Generating a 2048 bit RSA private key
	.............................+++
	.........................................................+++
	writing new private key to '/etc/ssl/localcerts/apache.key'

	https://bugs.launchpad.net/mos/+bug/1475019
	Denis Puchkin (dpuchkin) wrote on 2016-04-20: #6

	Hi
	The cause of these apparmor messages is misconfigured ntp apparmor profile,
	but there is nothing terrible

	Apparmor banned only messages (like ntp successfully started and listen on socket )
	to rsyslog through /dev/log, this happened because NTP is running in the
	network namespase and apparmor has some issues with that.