Behringer C-1U microphone under Linux – recording level too low

If you wanted to find a good way to record good quality audio and decided to buy a Behringer C-1U (U meaning USB connector), then connected it on your Ubuntu (or other Linux distribution) only to find that the sound recording level was so low you could barely hear it, then you’re almost like me. I mean, unless you have found a way to fix it, in which case you’re exactly like me!

 

The microphone itself is good, don’t hit your head on the wall about having spent too many buck on it just to throw it away because you hate Windows. The problem is that you need some ALSA help. And when I say ALSA, I really mean alsamixer, or something of the likes. In my case, I checked a list of alsa-related names in my software repository and found qasmixer, which allowed me to solve the problem, so here’s how you do it.

Install QASMixer

That one’s very easy, either through Synaptic or on the command line: sudo apt-get install qasmixer

Start qasmixer, that should just be a matter of typing the program name either in unity, gnome3 or in a terminal. The program opens.

Select the microphone

Go to the View menu, then select “Show device selection” (or just press F6, anyway).This will make a little area appear on the far right side of the window. In that area, you should see a little “hw” option appear (for “hardware”, I guess). Click it. You can see the C-1U in a second area opening below, right?

Click the C-1U option. A new level indicator appears on the left side, that says “Mic” and is at the bottom (or in the middle). Just put that one up to the maximum level. You can now safely close qasmixer.

Now use whatever technique you used to use to record your voice. You should *finally* be able to get some decent voice recording from your Linux box!

I hope it helps, really.

2014-04-06 Update: The microphone seems to have stopped working at some point. I have to confirm that with other computers still, but so far the led inside lights up then fades very quickly (after 1 second or so) and the computer doesn’t detect it. dmesg was claiming the device could not be identified. I tested again a few days later and it was working again. No idea of what might have caused this.

Varnish stops file download after 60 seconds

The default installation of Varnish 3 on Debian-based system (including Ubuntu) will set a default timeout for sending files to users (i.e. for users files download) to 60 seconds.

To change this limit, it is necessary to update your default Varnish configuration, in /etc/default/varnish.

For example, if you have something like this:

DAEMON_OPTS="-a :80 \
             -T localhost:6082 \
             -f /etc/varnish/default.vcl \
             -S /etc/varnish/secret \
             -s malloc,256m"

make sure you add the send_timeout param, like this (see the -p line):

DAEMON_OPTS=”-a :80 \
-T localhost:6082 \
-f /etc/varnish/default.vcl \
-S /etc/varnish/secret \
-p send_timeout=900 \
-s malloc,256m”

This will obviously increase the maximum download time to 900 seconds (15 minutes), which will make it much more practical and less stressfull to download large files.

The logic behind this very short limit is that, if you’re optimizing your site with Varnish, you shouldn’t make it busy with handling one long-term connection with a large file like this (meanwhile, thousands of other connections could have been treated) and your large files should reside on a CDN or something like this.

Marcar un teléfono con extensión en Android

Si, como yo, tienen montones de números de teléfono con extensiones que guardar en su celular (Android), definitivamente les ayudará el procedimiento siguiente.

Cuando graban el número de su contacto (digamos 5555555 con extensión 1111), miren las opciones de su teclado. Deberían encontrar la tecla “Sym” (para símbolos, en Inglés). En este menú, encontrarán unas teclas de coma (,) que dicen “Pause(,)“. Pues se pueden usar para que su celular espere el contestador antes de marcar.

Según las centrales telefónicas del otro lado, es probable que tengan que poner más de uno de estos símbolos. Al parecer, 3 es una buena cantidad de tiempo de pausa. Entonces mi número con extensión, lo marcaré así:

5555555,,,1111

Problema resuelto. Ahora puedo guardar mis contactos en mi celular con sus extensiones, sin tener que hacer jugadas de campos personalizados y estas cosas.

Munin nginx_status fails on HTTPS

This must appear in one opportunity in 1000, but it happened to me, so I bet it might have just happened to you…

Munin is great, Nginx is great, and SSL is great, but when you mix all of them together, you might get some frustrating behaviour.

If you don’t know it already, you can test the results of a Munin plugin on Debian-based systems with the command

sudo munin-run [plugin]

For example, if your nginx_status graph in the Munin web interface is empty, you can try

sudo munin-run nginx_status

The name of the plugin will auto-complete with the TAB key, with any plugin present in /etc/munin/plugins/

In my case, the command gave the following result:

total.value U
reading.value U
writing.value U
waiting.value U

“U” in the result above is the equivalent of “Undefined” or “Unavailable”. Translation: the plugin can’t get its data.

If you’ve got Munin running only for HTTPS (the rest is handled by Varnish, for example), then the first thing is to make sure that the plugin is effectively querying an HTTPS URL managed by Munin, and that the URL, even if tested on the same machine, is the one that matches your SSL certificate. For example: https://www.example.com/nginx_status if your domain is example.com and you have the certificate for that domain. Make sure you have a block like this in your /etc/munin/plugin-conf.d/munin-node file (you can add it at the end):

[nginx*]
env.url https://www.example.com/nginx_status

Then reload your munin configuration with

sudo /etc/init.d/munin-node restart

Second, you want to make sure the URL nginx_status is actually managed by Nginx. To do this, check the section “location / { … }” in your nginx config file (/etc/nginx/sites-available/default, for example) and make sure there is another location block like this one:

location /nginx_status {
  stub_status on;

  access_log off;

  allow 127.0.0.1;

  deny all;
}

(change – or copy over – the “allow” property if needed).
In particular, it happens that you need to put the public IP in an “allow” tag in order for munin to work.
This will ensure the URL https://www.example.com/nginx_status actually answers something like this:

Active connections: 1
server accepts handled requests
8723 8723 10497
Reading: 0 Writing: 1 Waiting: 0

… Which you can test with lynx or links2 from the same server: lynx https://www.example.com/nginx_status

Now (we’re not finished yet) you might have all this running, and still an empty munin graph.
This is the most tricky part, because it’s difficult to get to that conclusion without hacking the code a little bit.

Without you noticing, the munin plugin might now be failing because you don’t have the IO::Socket::SSL library installed on your computer. I only realized that by adding a die() call in the Perl script of the plugin when getting the answer from Nginx, to see that it was still in encrypted form and contained a message saying I should install this module in order to make SSL readable by Munin.
Well, once you know this, it’s fairly easy to do:

sudo apt-get install libio-socket-ssl-perl

sudo /etc/init.d/munin-node restart

You can try it out with munin-run:

$ sudo munin-run nginx_status
total.value 1
reading.value 0
writing.value 1
waiting.value 0

Done! If this helped you, please share it.

Firefox 15 PDF Reader preview

In Ubuntu, the shipped Firefox 15 comes with the new embedded HTML5 PDF reader disabled.

It is easy to enable though.

Go to “about:config”, search on “pdf” and switch the “pdfjs.disabled” entry to “false”.

Restart Firefox and test it pointing to some PDF URL.

In case it does not work, have a look at the “Portable Document Format (PDF)” type to action association in “Edit->Preferences->Applications” and set it to the internal Firefox preview.

50.804027 4.317089

Munin 2.0 on Debian

Munin 2.0 has been released and packaged for Debian, and even backported to Squeeze (from backports.debian.org).

Even though there are still some quirks in this version (or just the Debian packaging), it is far better (more scalable, more powerful and prettier) than version 1.4.

Basically, the following article should cover it all: http://munin-monitoring.org/wiki/CgiHowto2, but doesn’t quite achieve it, so far.

Let’s see together how to install it successfully on Debian Squeeze. I will however not cover the agent (Munin Node), as there is no significant difference between basic installation of its 1.4 and 2.0 versions.

As a first significant performance improvement, Munin is now able to use RRDcached (it fairly reduces the disk I/O pressure on RRD files), and it is fairly easy to setup. Just install package rrdcached (who would have guessed?), then add the following options to OPTS in /etc/default/rrdcached:

OPTS="-s munin -l unix:/var/run/rrdcached.sock -b /var/lib/munin/ -B -j /var/lib/munin/journal/ -F"

This will override its defaults. And of course, restart then the daemon.

Adapt /etc/munin/apache.conf to your likings, in this case, we are going to uncomment all cgi and fastcgi-related blocks.

Install packages libapache2-mod-fcgid and spawn-fcgi, then download the following script and install it as an initscript on your system (e.g. as /etc/init.d/spaw-fcgi-munin-graph and running insserv):

http://files.julienschmidt.com/public/cfg/munin/spawn-fcgi-munin-graph (though this version is still buggy and quite fragile, contact me for a slightly improved version)

apt-get install libapache2-mod-fcgid spawn-fcgi

Add user munin and www-data to group adm, and allow group adm to write to /var/log/munin/munin*-cgi-*.log:

adduser munin adm
adduser www-data adm
chmod g+w /var/log/munin/munin*-cgi-*.log

Add user www-data to group munin and the opposite:

adduser www-data munin; adduser munin www-data

Start the spawn-fcgi-munin-graph service and check it is indeed running.

Enable the fcgid and rewrite Apache modules and restart the Apache2 service.

Customize /etc/munin/munin.conf to your likings, enabling the (Fast)CGI parts.

Whenever monitoring more than a single host, I recommend moving (i.e. commenting and copying) the localhost definition to some new /etc/munin/munin-conf.d/ file per domain (e.g. beeznest.conf), and add your hosts there, with a meaningful domain name.

50.804027 4.317089

Nginx Anti-DOS filter for Fail2Ban

We are currently trying out this Fail2Ban rule on one of our server, to block simple (but very upsetting) DOS attacks on Nginx automatically (after 30 seconds).

New filter in /etc/fail2ban/filter.d/nginx-dos.conf:

# Fail2Ban configuration file
#
# Generated on Fri Jun 08 12:09:15 EST 2012 by BeezNest
#
# Author: Yannick Warnier
#
# $Revision: 1 $
#

[Definition]
# Option:  failregex
# Notes.:  Regexp to catch a generic call from an IP address.
# Values:  TEXT
#
failregex = ^<HOST> -.*"(GET|POST).*HTTP.*"$

# Option:  ignoreregex
# Notes.:  regex to ignore. If this regex matches, the line is ignored.
# Values:  TEXT
#
ignoreregex =

In our jail.local, we have (at the end of the file):

[nginx-dos]
# Based on apache-badbots but a simple IP check (any IP requesting more than
# 240 pages in 60 seconds, or 4p/s average, is suspicious)
# Block for two full days.
# @author Yannick Warnier
enabled = true
port    = http,8090
filter  = nginx-dos
logpath = /var/log/nginx/*-access.log
findtime = 60
bantime  = 172800
maxretry = 240

Of course, in case you would be logging all resources of your site (images, css, js, etc), it would be really easy to get to those numbers as a normal user. To avoid this, use the access_log off directive of Nginx, like so:

 # Serve static files directly
        location ~* \.(png|jpe?g|gif|ico)$ {
                expires 1y;
                access_log off;
                try_files $uri $uri/ @rewrite;
                gzip off;
        }
        location ~* \.(mp3)$ {
                expires 1y;
                access_log off;
                gzip off;
        }
        location ~* \.(css)$ {
                expires 1d;
                access_log off;
        }
        location ~* \.(js)$ {
                expires 1h;
                access_log off;
        }

We’ll see how that works for us… (and report here)

0.000000 0.000000

Building a Debian Lenny package for Sphinxsearch

See the second part of http://sphinxsearch.com/wiki/doku.php?id=sphinx_on_debian_gnu_linux for the original post:

$ cd
$ mkdir src
$ cd src
$ sudo grep deb-src /etc/apt/sources.list > /etc/apt/sources.list.d/wheezy.list
$ sudo vim wheezy.list
  (change squeeze to wheezy and remove security line)
$ sudo apt-get update
$ mkdir sphinxsearch
$ cd sphinxsearch
$ apt-get source sphinxsearch
$ apt-get build-dep sphinxsearch
$ cd sphinxsearch-2.0.3/
$ debuild
$ cd ..
$ dpkg -i sphinxsearch_2.0.3-1_amd64.deb

You can then start it with

$ sudo vim /etc/default/sphinxsearch
$ START=yes
$ /etc/init.d/sphinxsearch start (this generates an error but don't worry for now, just keep moving)

There are a few requirements for Sphinx to work when you start it the first time (it has to have indexing files), which you can comply with by using the indexer binary (see This tutorial on HowtoForge for more info)

20 most common passwords

I wouldn’t want this post to disappear, so just to make sure that the information is better spread on what passwords *not to use*, here is the list:

1. 123456

2. 12345

3. 123456789

4. Password

5. iloveyou

6. princess

7. rockyou

8. 1234567

9. 12345678

10. abc123

11. Nicole

12. Daniel

13. babygirl

14. monkey

15. Jessica

16. Lovely

17. michael

18. Ashley

19. 654321

20. Qwerty

Come on, people, get some imagination! This would seriously make the web a better place…

Related post about web security (I’ll find a better place to put it soon): http://www.softwarequalityconnection.com/2011/12/how-to-check-your-web-app-for-security-vulnerabilities/

Creating a software RAID array on an already installed Ubuntu 11.04

Let’s say you got confused by a misleading fake-RAID feature on an HP Blade server and you decided to ignore that the Ubuntu installer was telling you it found 2 disks while it was supposed (if it was actual hardware RAID) to be detecting only one. And let’s say you are lucky to have 3 disks, and you only one to use two as the RAID array (and they do not contain your operating system, i.e. the / partition). You might wonder: “And now what? S**** you, HP!” (that last bit is if you left panic get you, of course). Let’s also say that you had an installation of a large production web application on /var/www, which is what you wanted to be on RAID, but that, by an incredibly lucky turn of events, it is just small enough to fit on what’s left of your first disk…

Well fear no more! There’s a solution and I tested it for you…

First take a safe copy of what is on that partition that you wanted to be in RAID, and put it on the disk that will not change. Also, unmount that partition. If it was /var/www, use:

$ sudo umount /var/www

If the system says it’s busy, shutdown Apache and make sure no user is currently in a terminal in /var/www… (use lsof |grep /var/www for example).

If you happen to read this Ubuntu RAID guide between the lines, you’ll catch it talks about “mdadm”, a software to manage multi-disk arrays. As you know, installing software on Ubuntu (or Debian) is dead-easy:

sudo apt-get install mdadm

Then let’s say you wonder how to use it… As you know, getting documentation in English on Linux is dead easy:

man mdadm

Then you’re up for a lot of reading, unless you don’t really care about the details and you want to try it quick. This is what you would then do, considering your two unused disks (or “devices” for the geeks) are /dev/sdb and /dev/sdc (you can get an idea from “ls /dev/sd*” or “df” or “fdisk /dev/anything-you-can-think-about” :

$ sudo mdadm –create /dev/md1 –level=1 –raid-devices=2 /dev/sdb /dev/sdc

…where /dev/md1 is the new multi-disks device you’ll create, –level is the RAID type you want to use (1 for simple mirroring), and –raid-devices is the number of disks you will have inside your multi-disks device.

You can then confirm that you don’t care about the partitions it may find on these. Then launch

$ sudo mdadm /dev/md1

To check if that virtual disk exists. It should give you something like:

/dev/md1: 465.76GiB raid1 2 devices, 0 spares. Use mdadm –detail for more detail.

Now you’ve got a device, but that doesn’t give you a partition…You’ll have to create one with “fdisk”:

$ sudo fdisk /dev/md1

fdisk> n

fdisk> p

fdisk> 1

fdisk> <enter> for default

fdisk> <enter> for default

fdisk> w

But the partition is not formatted. As you might know, formatting a partition (let’s say in EXT4 because you like modern stuff moderately) on Debian/Ubuntu is dead-easy:

$ sudo mkfs.ext4 /dev/md1

You now have an EXT4 partition mounted on a RAID1 mirroring device. Almost done: you want to mount the partition in your file system. Let’s say as /var/www (that directory must exist and it’d rather be empty):

$ sudo mount /dev/md1 /var/www

Now, you want this mounting to happen on its own when you reboot, right? To do that, you need to update your /etc/fstab. If you had already something mounted there before, chances are you will find its line is already in /etc/fstab . For example, if you had one of the disks alone mounted as /var/www, you’ll have this kind of line:

UUID=244b687f-f8d9-4a48-986a-8a1a8a8d33bd /var/www        ext4    defaults        0       2

Right? Well, you’ll need to edit that line to change the device ID now… But how do you get that UUID? No problem, just launch:

$ ls -l /dev/disk/by-uuid

You’ll see your /dev/md1 listed there, along with its UUID. Just copy that UUID and replace the older one on the /var/www line of your /etc/fstab. Done. Now I recommend you reboot to check everything is mounting correctly, before you delete your safe backup file.

Well, that wasn’t too hard, was it? I actually believed I would have to reinstall the whole Ubuntu, but having a very slow connection for the update, I preferred not to. Seems like I won this round! Thanks to all the guys involved in these cool projects! You really made my day.