Wednesday 16 August 2023
Thursday 17 November 2022
"autofs" software for Ubuntu and other Linux systems mounts file systems and network shares on demand and there are a couple key benefits to using autofs compared to fstab and other methods and I've posted before about Autofs and a couple tricks with NFS shares.
- File share does not have to be available on boot so faster boot times and fewer failures after restart
- File share is unmounted when not in use reducing system resources on client and server side
- Consistent abstraction of mounts is easier to maintain across systems
Giant caveat that Linux does not segregate permissions once a share is mounted. This is fine for single-user systems and also fine where systems are un-attended (i.e. servers) but really a big problem on multi-user systems that user a and user b can both access share Z once it is mounted and it is as the connected user.
The Ubuntu standard "autofs" package includes an "auto.smb" which dynamically configures the shares in most cases so long as credentials are available and some basic pre-work is done. This should work for generic needs but for file share specific configurations use the auto.misc instead
Required packages to work with SMB shares (i.e. on Windows) and mounting with the stock CIFS driver (i.e. same old driver in Linux).
apt install autofs smbclient cifs-utils
The auto.smb file itself doesn't have to be configured, if you look in the file it advises what configuration to add to "auto.master" and how to setup credentials.
# edit /etc/auto.master and add this line
/cifs /etc/auto.smb --timeout=300
# create /etc/creds with restricted permissions
sudo mkdir -m 700 /etc/creds
# edit a file with the server name like /etc/creds/MYNAS
# restart autofs
sudo systemctl restart autofs
As any user you should be able to list shares and access contents of any available share the configured user has access to.
# shows all shares on the server (not hidden ones)
# access files as normal within a share
If file shares or the contents do not appear, check "mount" and system logs for hints what may be wrong. Biggest caveat I had had was that cifs-utils really are required and I'm pretty sure smbutils as well - out of the box autofs with the stock system drivers and packages may have been able to do SMB1 but SMB1 should be disabled on any file servers so yeah, need to get "cifs-utils" package which includes tools to work with the newer SMB2 and SMB3 protocols.
Tuesday 24 May 2022
We eventually saw Google change their tack with The Return of the Google Apps Free Accounts. It was pretty unnerving to lose services which had been free for over a decade. Really the services are free anyhow: Email in Gmail, custom domains in Google DNS, cloud storage in Drive, basic web hosting in Sites and Blogger. Why wasn't there are a better migration tool? Google has been eroding the GA free for years and all we really needed was a migration tool to get like 80% migrated to Gmail etc and this push could have been more successful. But then again, how many users signed up for GA a decade ago and are still using it? I know we're free-loaders but really the "free" services are doing for Google what they're supposed to: Get users hooked on Google's suite of services.
Sunday 20 March 2022
With the end of Google Apps free accounts I've been looking at what services end up where and Google is pretty well covering personal use with maybe a few asterisks particularly around email.
Setup Email Forwarding in Google Domains by adding up to 100 email aliases.
- Generate your app password
- Add an email alias
- Confirm the address
- Change the "From" address
- Optionally set this address as default sending address once confirmed.
Use Google Sites or Blogger and add custom URLs and they will generate the DNS entries as needed.
Google Domains "is out of Beta" ... Uh what? I've been using Google Domains for a few years already and didn't realise it was a "Beta". It did mean they sent out promo codes to all their existing "beta" customers so we can get 20-30% off their regular price registrations
I took the opportunity to register a test domain to test out some of the changes for when the GA free accounts go away shortly. As far as DNS registration and hosting goes it's a pretty good offering. Not the cheapest, but does include WHOIS privacy, integration with website services, and up to 100 email addresses forwarded for free.
The website services is a handy integration including with free services both on Google Sites and on Blogger (i.e. this site). It automatically creates DNS records when you create custom domain. Maybe it's more intuitive for a lay person than an IT pro because on Blogger you click the option for "custom domain" and type in whatever you want and if it's in a domain under your account it just registers it? I guess? Not clear it doesn't tell you a lot which is maybe point - it's all very easy.
Email I was really struggling with because there seem to be a lot of variables. We're using plain old Gmail account and there's two parts to deal with custom domains: receiving and sending. The receiving side is simple - add an alias in Google Domains (or 100) and you're done.
Sending is far more complicated which I chalk up to "we can't have nice things". In Gmail you can add an alias with another Gmail account and that setup is pretty easy "email@example.com" can be added in your settings as an alias for "firstname.lastname@example.org". To use an alias with a custom domain you have to give a mail server and you can use the Gmail SMTP but you need an app password. And you can only use an app password if you have 2FA on your account. And if you don't have 2FA you can use "less secure authentication". But that's a feature apparently getting dropped soon so if we follow all the caveats, it means you have to use 2FA and app passwords. There's Google docs all over the place - the above link in the TLDR I think has the necessary info.
Compared to how easy it is to do one Gmail address as an alias for another this was a bit mind boggling to go through. I get it - Google wants to sell as many Workspace accounts as they can, and lots of other options just don't work in the 21st century because we ruined the Internet and Email with so much spam.
Sunday 5 December 2021
Migrating to a new Gmail email account is a lot easier using Google Takeout this Thurderbird Add-on ImportExportTools NG. I have been splitting up my email accounts so that I have several distinct accounts - more on that below. The gist was that in the past I was forwarding all mail into one account which I'm no longer doing but now I want to move all that old mail, ~30,000 emails, into a different mailbox. Recommendations online were to connect Thunderbird to the two accounts and move messages in batches but in practice Gmail times out these connections very quickly and the batches are way too small. Instead I ended up exporting my email and importing it - why Google does not offer an import of the format in which they export boggles the mind, and while it's possible I've simply missed proper screen where this can be done, somehow I think not. This seems to be one of those things that is easy enough, but not obvious and took a bit of searching.
The easiest process I found was to use the ImportExportTools Add-on:
- Spring cleaning time of your old email! Newsletters and automated notifications that were being filtered to a folder go 💥, gone.
- Go to Google Takeout and export mail. This produces a ZIP file which you can extract and there is a single large MBOX format file
- Install Thurderbird and the ImportExportTools NG add-on
- Import the MBOX as a local folder with ImportExportTools
- Re-Export the email from local folder to a directory of EML files with ImportExportTools
- Connect Thunderbird to your new email account
- Import with ImportExportTools "all messages from a directory" and import into your "All Mail" folder
- Wait. ... Wait ... Ponder if you should have done more aggressive cleaning... And wait. My mailbox I think it ran at least 3 hours? Not sure, but a lot time, many hours.
- Tada! Go into your Gmail account and try a few searches and see if you got everything you expected.
Sunday 8 August 2021
- Open Control Panel
- Navigate to Shared Folder
- Select the share with the closed lock
- Encryption menu
- Provide passphrase (if applicable)
Friday 23 April 2021
Passed my Microsoft Azure Fundamentals certification this week and this is my first Microsoft exam. My primary resource was Microsoft Learn where there is a lot of material broken up into 30-60 minute lessons including some labs. Also used the practice tests and did those many times before writing the cert exam itself.
For anyone who's had to cleanup some mail problems with Postfix configuration (or more often with other things, like anti-spam, tied in ...
In the course of troubleshooting the office Jabber server the other day, I came across some interesting info about the various caches that O...
For everyone who uses cron, you are familiar with the job schedule form: min hr day-of-month month day-of-week <command> A problem...