Recent comments on posts in the blog:

Alternative ..

That's not a bad solution, but it might be simpler to use a client which handles a DNS-challenge.

With DNS-challenges you don't have to worry about webservers, or internal/external firewalling.

Comment by Steve Kemp
Suggestions about filesystem corruption

Hi. Two things you might want to check, if you haven't already.

See if the "UDMA_CRC_Error_Count" or "CRC_Error_Count" attribute (199) reported by your smartctl is >0 and slowly increasing over time. It's not marked as an error by smartctl and it's easy to miss. It's an indication of a flaky SATA bus connection and I've seen this cause filesystem corruption (I'm guessing because every once in a while CRC will randomly end up OK for a corrupted command).

The other thing is to check if you're running "fstrim". Some SSDs are known to have bugs with that and you might be running a kernel that doesn't yet have a workaround or blacklist for your particular model or SSD firmware version. See https://github.com/torvalds/linux/blob/master/drivers/ata/libata-core.c#L3774.

Comment by Tomaž
comment 10

This helped a lot. Thanks! For a younger Ubuntu (20.04), I also had to mount /sys:

mount --rbind /sys /mnt/sys/

I didn't try the mount -o bind method with sys.

Comment by FlascheLeer
Re: Wine for Anytone 878

If I understand you correctly, Wine does not let CPS read or write to the Anytone 878.

I have not tried Wine so I can't comment on this.

Does that mean we need to purchase a Windows 10 license and run it from VirtualBox?

You could probably use one of the Windows 10 IE / Legacy Edge testing VMs that Microsoft offers for free for 90 days.

Comment by francois
Wine for Anytone 878
If I understand you correctly, Wine does not let CPS read or write to the Anytone 878. Does that mean we need to purchase a Windows 10 license and run it from VirtualBox? There is a different version of CPS for Windows 7. Does that work better with Wine?
Comment by Glen Flint
How to minimise Squid overhead?
This type of filtering could be very useful for one of our applications, but there are concerns about the overhead of running an extra process on our servers, and I notice that Squid's FAQ says it uses memory fairly aggressively to improve caching. How would we configure it to discard all of the caching (and associated memory usage) and just do IP filtering?
Comment by Thrawn
About the DNS records you showed.
Keep in mind that CNAME redirects "every" record type lookup elsewhere. Your TLZ will have records that these hostnames should not. For example SOA, NS, and the TXT/spf. So using CNAME in that way should be discouraged, it's most defiantly not what you want.
Comment by cheako+feeding_cloud_geek_nz
systemD time synchronization has a long way to go
Since systemd only does basic time synchronization, I think it's really, really misleading to say, "there is no need to run the full-fledged ntpd daemon anymore." I can think of several uses for time-slewing, and persistent time carry over between boots is necessary.
Comment by Jeff
Quicker method

There's a quicker method if you just want to extend the expiration date:

gpg --quick-set-expire KEYID PERIOD

…and for the subkeys:

gpg --quick-set-expire KEYID PERIOD '*'

PS: Did you know you could lint your PGP keys? The hopenpgp-tools include hokey lint.

Comment by Anonymous
comment 9

Had a very similar issue after an update of Ubuntu 20.04 on a Dell XPS13 (2020). Searched for hours, the solution was actually super easy.

  1. reboot and go to BIOS using "fn and F2"
  2. BIOS > System Configuration > Sata Operation > switch to "AHCI" from "RAID On"

For some reason, this BIOS setting was switched.

Comment by Koen