A few updates on things


I have been working rather feverishly as of the last few weeks on doing up a nice EL7 script that will get one from a fresh EL7 install to a working mail server setup on a database so one can do virtual domains, virtual users, and webmail.  Once I get this up and running I will also have the ability to publish a few other things that require the use of a local mail server that will be of interest (surprises inbound).

Once that is up and rocking, I will be doing the same for a wordpress install (actually not hard, but lower on my priority list).

Then the same for getting an LDAP solution implemented with SSO capabilities.  This one is actually not that easy, but should keep me busy and productive in the shell scripting department.

Eventually each of these will have a GUI component (good thing to get back into PyGTK) so one will only need to shovel it a few answers to some questions (shell acct, domain info, etc.)  If there are any particular requests for things related to these topics, feel free to contact me one way or another.  Otherwise I will just keep chugging along with the battle plans that present themselves based off my needs, and several clients’ needs.  These are solutions to the needs of me primarily, but a few have asked for automation tools that I think can be done for these tasks quite nicely, as there are a rather finite number of variables for each that can rather sanely be foreseen and dealt with.

As for the former’s roadmap, I think by June I should have something rather well tested using local vms and via vagrant scripts.  The biggest hurdle for me is doing the regex calls to replace lines of text, and for insertion.  It has indeed been that long, but thankfully this is not rocket science and can be handled quite well, once I get more time to sit and tinker and refine and finally test.

Plex Media Server playback issue fix


One of the issues that cropped up rather recently was a bunch of recent rips just stopped working completely.  Couldn’t stream them at all whether it be the HTML5 web GUI, my Roku, Android App, via the LAN, or WAN.  Nothing.  Would just get an error about the file could not be played back.  They used to work, why not now?

So naturally, after swearing at my server for a while and fidgeting fruitlessly, I let it sit for a bit, with hopes it was a bug and an update would fix it.  Nope.  Google yielded me a rather fast result that normally I would have dismissed, but since I tried almost everything I could think of, I tried it.

The fix was simple — create a new transcoding temp dir.  Yeah it was that stupid simple.  Settings -> Server -> Trancoder -> Transcoder temporary directory.

Screenshot from 2016-03-06 05-32-07

New EL7 Repo : Plex Media Server


I am now hosting the public download versions of Plex Media Server in a separate repo.   I haven’t decided if I will host publicly the Plex Pass files or not.




As root:

wget https://schotty.com/yum/plex_el7/schotty-plex.repo -O /etc/yum.repos.d/
yum makecache
yum install plexmediaserver

And here is what is there currently:

[andrew@shadow ~]$ sudo yum info plexmediaserver
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
Available Packages
Name : plexmediaserver
Arch : x86_64
Version :
Release : e0b7243
Size : 122 M
Repo : schotty-plex-el7
Summary : Plex organizes all of your personal media so you can easily access and
: enjoy it.
License : see /usr/share/doc/plexmediaserver/copyright
Description : Stream media everywhere(tm)
: (RPM Made by ZiGGiMoN)

Updated page on installing The Elder Scrolls Online on Linux


I have updated the installation instructions for getting TESO installed on Linux.  Specifically, the instructions for Crossover needed some changes since Crossover 15.  I have also updated the screenshots associated with Crossover 15 since the UI got such an overhaul.  Hopefully this is helpful for anyone doing a fresh install or fixing a broken bottle.

Installing The Elder Scrolls Online on Linux

Upgraded to SSL


I have upgraded the site to use SSL.  I made an attempt to change all internal links here to use https rather than http, so forgive me if one or two got missed.

But while I had this opportunity, I also overhauled most of the pages here and cleaned up stale information with correct information, and condensed some others.  There are a few sections that are so old I am not sure where to begin, and will put that cleanup off for another day.

Anything I missed, please make me aware.  I will get it corrected ASAP.

New Package: tuxboot


Rolled up tuxboot RPMs for BOTH (yes BOTH) EL7 and Fedora 22.

tuxboot is a tool for making bootable disks (USB primarily) of various disk utilities such as Clonezilla and gParted

I have no FC22 system to test the RPM out on, so let me know if there are any issues.  The only difference in the spec file is the EL7 package requires epel repo to be installed (which should be anyway if you are using anything in my repo to begin with).  This of course would be pointless on Fedora as there is no epel for Fedora 😀  Either way mock was very happy with it.  There is one bug that is of note — the linux version has the wrong version tag within the app.  Will be fixed in a future update from upstream.



RHEL 7 with OpenVPN in NetworkManager


OK, put simply there are issues immediately due to SELinux in getting NetworkManager to connect up to your VPN properly.  If you setup your connection and certificates as follows you will have no issues whatsoever connecting as any user.

1)Copy all your certificate files into ~/.cert

2)Check your SELinux context and validate it is appropriate:


You need to have something like this:

[andrew@big-red-wireless .cert]$ pwd
[andrew@big-red-wireless .cert]$ ls -Z
-rw-r–r–. andrew andrew unconfined_u:object_r:home_cert_t:s0 andrew.crt
-rw——-. andrew andrew unconfined_u:object_r:home_cert_t:s0 andrew.key
-rw-r–r–. andrew andrew unconfined_u:object_r:home_cert_t:s0 ca.crt
[andrew@big-red-wireless .cert]$

3)If you need to reset the contexts, issue the following command as root:

restorecon -R -v /home/$USERNAME/.cert

4)Create a NetworkManager VPN entry with your cert files from the ~/.cert folder.


Took me a few minutes to understand why the connection was barfing out.  Once I noticed some SELinux alerts it dawned on me — I never set the contexts.  A quick Google showed me also, that there is a convenient location to dump all certificates into.  Double win!

Learnt something new : cu


Inside the uucp package is a nifty tool that I just picked up on called cu.  This is for serial connection management and it works beautifully, and simply.  I had a few old machines that I needed to tap into via serial and a friend admin I was with recently mentioned her love of this command.  So having a selectively great memory, I gave it a stab.

1)First get uucp installed.  I see that it comes from EPEL on RHEL7.

[andrew@big-red-wireless Desktop]$ sudo yum info uucp
Loaded plugins: langpacks, nvidia, product-id, subscription-manager
Installed Packages
Name : uucp
Arch : x86_64
Version : 1.07
Release : 41.el7
Size : 2.7 M
Repo : installed
From repo : epel
Summary : A set of utilities for operations between systems
URL : http://www.airs.com/ian/uucp.html
License : GPLv2+
Description : The uucp command copies files between systems. Uucp is primarily
: used by remote machines downloading and uploading email and news
: files to local machines.

[andrew@big-red-wireless Desktop]$

2)Secondly determine your connection parameters.  I have a USB to serial hodgepodge of cabling and adapters that I tote around and stash in places useful.  So in my case its /dev/ttyUSB0 for the device, and of course each connection has its flow control and bitrate and parity, etc…  Know that all.  In my case the devices preferred to speak 19200b, 8N1, FC Off (manuals say so).  But being hasty I just slapped into the terminal:

[andrew@big-red-wireless ~]# sudo cu -l /dev/ttyUSB0 -s 19200

And things just worked.  For a full reference guide for various settings and such,:



RHEL 7 + Intel 7260 AC Card


There are known issues with older kernels that cause major issues with the 7260 with regards to power management and the 5GHz spectra.  After dealing with a dying i7 IMC issue, I finally could spend time troubleshooting my issues.

For starters, ensure your router/AP isn’t crap.  I had that issue regardless of devices and their respective OS’s.  Once you are sure that there isn’t anything dead/dying or just plain flaky, there are a few things that can be done, one of which you have a potential choice as to how to deal with it.  Supposedly kernels beyond 3.16/3.17 have this rectified.  As we are pegged on EL7 to 3.10, until Red Hat backports the changes we have to deal with it ourselves.

For starters there are several lines we need to put into your /etc/modprobe.d/iwlwifi.conf

Here is how I went, and I will detail what each line means:

$ cat /etc/modprobe.d/iwlwifi.conf

options iwlmvm power_scheme=1

options iwlwifi bt_coex_active=N swcrypto=1 11n_disable=8

The power_scheme option is to set the power to full bore at all times.  The default is to 2 on most installations which is the adaptive mode.  This can cause issues with the device going to sleep at rather inopportune moments.  Although not necessarily your issue, something to keep note of.

The bt_coex_active option is for coexistence of BlueTooth and wireless.  They operate on the same frequency range and can cause issues.

The swcrypto option is for forcing the cryptography off of the card and onto your system CPU.  High workloads

The 11n_disable option is where I was referring to a choice.  Setting the disable to 1 will force the card into G only speeds.  This does indeed work on AC networks just fine, but will limit your connection to 54Mb/s speeds max.  Setting this to 8 will not cause that restriction but rather a link aggregation.  Here is the information from the module on this parameter:

$modinfo iwlwifi | grep 11n_disable
parm: 11n_disable:disable 11n functionality, bitmap: 1: full, 2: disable agg TX, 4: disable agg RX, 8 enable agg TX (uint)

Once you have made a choice as to what of these option you are going to implement, you can do the following commands (as root) to unload/load the kernel, of course taking the new parameters on reload.

$ sudo rmmod iwlmvm

$ sudo rmmod iwlwifi

$ sudo modprobe iwlwifi

Hopefully this information is as useful to you as it was me.  This fully rectified my constant disconnections while on AC networks with this card.

Docker & desktop applications


I decided to play around a bit with running applications that aren’t packaged up for RHEL7 via docker.  I mean, why not?  That’s one of the perks of containers, so it should be doable without much fuss right?


I did manage with little difficulty to do so, but there is a bit of work that will go into it first, and you will need to work with Dockerfiles, selinux, and sudo.  Here we go.

I found a great tutorial on this and pretty much copied the work verbatim.  I know that not all applications are going to need everything in the template, but its just a container, so to hell with it.  If it is mission critical, one should be a bit more discriminatory anyhow.


Now, what I use is the following for my stub for a Ubuntu 14.04 LTS base:

FROM ubuntu:14.04

RUN apt-get update && apt-get install -y firefox

# Replace 1000 with your user / group id
RUN export uid=1000 gid=1000 && \
mkdir -p /home/firefox && \
echo “firefox:x:${uid}:${gid}:firefox,,,:/home/firefox:/bin/bash” >> /etc/passwd && \
echo “firefox:x:${uid}:” >> /etc/group && \
echo “firefox ALL=(ALL) NOPASSWD: ALL” > /etc/sudoers.d/firefox && \
chmod 0440 /etc/sudoers.d/firefox && \
chown ${uid}:${gid} -R /home/firefox

USER firefox
ENV HOME /home/firefox
CMD /usr/bin/firefox


As you can see not alot to it.   But lets go over a few things that should stand out a bit.  First off, the variables should bark out at you very loudly.  For things to work, we need to setup a few maps between your actual system UID and GID and the fake one we are making in the container.  Second, I need to work on making this a bit more portable.  I will eventually play around with a variable for the appname, and propagate that thru the entire Dockerfile as we are doing with the UID and GID variables.   Lastly a general clean up of everything there so its a bit more logical as to what is going on and can be commented out for those that just don’t need it.

That said, usage!  I am going to presume you can install docker (yum install -y docker).  The way docker builds docker images via dockerfiles is a bit odd for those not used to it, but you will want to make a directory structure that includes a folder for each docker image’s dockerfile. So a ~/Dockerfiles/firefox/ and put the above into it in a file called … (wait for it) … Dockerfile.  Yes with a capital D.  The result using the above demonstration info would be ~/Dockerfiles/firefox/Dockerfile.

Next via a terminal, cd to that directory and enter in:

sudo docker build -t firefox .

Dont forget the trailing space and period.  The image should be getting built.  Once completed, you can enter in on the prompt:

sudo docker images

That should show a firefox image.  Now we can invoke this firefox instance as we need via:

sudo docker run -ti –rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix firefox

If you are like me and love your selinux, it will have a fit.  Open up setroubleshooter and fix it as you deem best for your tastes.  Rerunning it should then work fine.

Here is a quick screen recording demonstrating what I went over.  I have already built the image, so that was of course not there.  But I do show my dockerfile I made, the launch script and running firefox.


Video Card Benchmark Site


Found a bit back a nifty site for figuring out relative performances of all the video cards out on the market.  Posting in lieu of poor memory and assumption I am not the only one interested in this information 😀



Installing The Elder Scrolls Online on Linux



I have instructions for both Wine, via PlayOnLinux, and Crossover.  I have links where I can, and have hosted locally the digital cert file, just to make sure its available.  The images are clickable for full resolution screenshots.

First off, there has been an issue with wine + TESO losing network connection to the server.  Some windows gamers have this issue too.  As far as I can tell nothing can be done as of right now.  I have two installs of most of my games, Crossover for daily gameplay, and the other in PlayOnLinux for reference purposes just in case a patch breaks things.  I haven’t seen a change with the latest wine in regards to this.  If this ever gets resolved, this text will disappear, or get an update as to what needs to be done.

Wine via PlayOnLinux

There should be an entry in the available games list still.  Use this, it works great.  The only step additional is getting the Thawte digital certificate installed. If for whatever reason anything gets changed, there are two things that will affect getting this to run.  To accomplish this:

  1. Click on the “Configure” gear, highlight your game
  2. Select “Task Manager”.
  3. Run “C:\windows\system32\control.exe”.
  4. Run “Internet Settings”.
  5. Select the “Content” Tab, and click on “Certificates”.
  6. Import the Thawte Digital Certificate

If you are crashing out, you need to change video drivers.  Edit the following file: ~/Documents/Elder Scrolls Online/live/UserSettings.txt

You want to change or add the line SET GraphicsDriver.7 “OPENGL”

Codeweavers Crossover

The installation is actually pretty simple, and hopefully I can figure out how to do crossties, but here is the manual method for getting this accomplished.  I am specifying the order here to avoid extra steps and confusion states.

Install via the existing CrossTie. During the TESO installer, it is advisable to untick the DirectX and Visual C++ installs. We already have this since the bundled installers are broken under wine upon last notice.

Upon completion close out or force kill the updater (it should lock up due to the missing certificate). If Crossover doesn’t see a successful installation, thats OK, just hit cancel and it will continue along.Then download and install the Thawte digital cert (images show how if you need help) via the Internet Settings for this bottle.



If you have problems launching, not an issue. These are the following tweaks I have noticed work very well.

  • If you have problems launching, not an issue.  Either way, quit out and edit ~/Documents/Elder Scrolls Online/live/UserSettings.txt  You want to change or add the line SET GraphicsDriver.7 “OPENGL”
  • Set a virtual desktop up.  And avoid if possible any Alt-Tabbing.  Can get crashy very fast if you are.
  • I have found that disabling the “Performance Enhanced Graphics” option in the Crossover bottle is beneficial.
  • For best practices, you may want to add the registry key for DirectX to know your video card memory.


Create a new key called “Direct3D”

Create a new string value called “VideoMemorySize”

Double Click on VideoMemorySize to set the value in MB (remember 1024 MB == 1GB, 2048MB == 2GB, etc)



EL & NVIDIA workes quite well with the elrepo kmod-nvidia rpms that are in the stable repo.


1)Install ELRepo


2)Follow the instructions here for normal installs on 7.0 (RHEL or clone)


To install the rpms use the following command:

 yum install kmod-nvidia nvidia-x11-drv-32bit nvidia-x11-drv

3)To finish up, we need to ensure that nouveau is blacklisted and glamoregl is disabled.

nouveau should automatically get blacklisted, but lets ensure that the RPM did the job:

[andrew@big-red-wireless ~]$ sudo grep –color -e nouveau /etc/default/grubGRUB_CMDLINE_LINUX=”rhgb quiet nouveau.modeset=0 rd.driver.blacklist=nouveau”[andrew@big-red-wireless ~]$

Providing it is we can move to dealing with glamoregl.  There are several ways to deal with this one, personally I chose to remove it via yum cleanly.  The mailing list description is here:


To do what I did:
yum remove xorg-x11-glamor


Minecraft servers down for now, doing upgrade


The minecraft servers are down for the next day or so whilst I migrate from a slower machine to a faster one, and go from Fedora Server to RHEL Atomic.

Will post an update here, the G+ group, and update the MC server pages at each location with the needed info for connecting.

And yes, for now still going to be whitelisted.

Removing F20 Repo


As I see nobody is tapping into my repo anymore, I am killing off my F20 repo.  Those that have access, will continue to access it if they wish, but I am removing instructions for access, and this is fair warning that I am officially abandoning the repo.  All future work on packages will be EL6/7 based.