Category Archives: Linux

Use HP iLO2 Remote Console with Linux in 2018

Today I have to reinstall an old HP ProLiant 350 G5 which uses Integrated Lights-Out 2 (iLO2). For the re-installation I need to use the Remote Console which runs as Java Applet. A long time ago Firefox dropped the support of NPAPI and therefore Java Applets will not work anymore (Official statement).

Here is my solution how to use Java Applets.


  • OS: Arch Linux
  • Browser: Firefox ESR
  • Java: JRE7
  • HP ProLiant ML350 G5 with iLO2

Install Firefox ESR

yaourt firefox-esr

Choose version: aur/firefox-esr-bin 52.6.0-1

Install JRE7

yaourt jre7

Choose version: aur/jre7 7u80-1

Configure JRE7 for Firefox

cd /usr/lib/mozilla/plugins

sudo rm libnpjp*

sudo ln -s /usr/lib/jvm/java-7-jre/jre/lib/amd64/

Add the iLO2 to the security exceptions

  1. Start the Java Control Panel: /usr/lib/jvm/java-7-jre/jre/bin/ControlPanel
  2. Add the URL to the exception list

Open iLO2

  1. Open Firefox-ESR
  2. Open about:addons
  3. Verify if the plugin is listed
  4. Open the iLO page and start the remote console

Finally you should get a screen like this

Gnome: Start ownCloud Desktop Client minimized

Today I solved the annoying behave of not minimized ownCloud Desktop Client under Gnome during logon startup.

System: Arch Linux
Gnome: 3.26.2
ownCloud Desktop Client: 2.4.0

1. Create a helper script

touch ~/scripts/
chmod u+x ~/scripts/
vim ~/scripts/

Content of


owncloud &

wmid=`wmctrl -l | grep $WINDOW_NAME | cut -f 1 -d ” “`
xdotool windowfocus $wmid; xdotool key “Escape”

2. Create the startup routine

vim ~/.config/autostart/ownCloud.desktop

Content of ownCloud.desktop:

IMPORTANT: Set your home folder in “Exec” line.

[Desktop Entry]
GenericName=File Synchronizer

3. Done

Re-Login and see how the ownCloud Desktop Client magically disappear into the background.

UniFi Security Gateway: Add an additional public IP with NAT

The UniFi Controller has no UI configuration to assign an additional IP for the UniFi Security Gateway (USG). Hopefully this will be added from Ubiquiti in the future.

Date: 25.12.2017
Controller Version: 5.6.26


After many hours of reading, try and error I was able to solve this task. This guide is focused on people with network basics, therefore I will not cover technically explanations.


NAT Public IP on Port 80/TCP to internal server on Port 8080/TCP.



  1. Test if the Port is closed
  2. Add the additional IP to the gateway
  3. Create a DNAT rule from WAN to LAN
  4. Create a SNAT rule from LAN to WAN
  5. Create a Firewall rule to allow traffic from WAN to LAN
  6. Apply changes
  7. Test if the Port is now open

NOTE: You can also add this with CLI commands but it will not persist after changes made from the Web-Interface.

Step 1

Test with NMAP from WAN/Internet

nmap -n -Pn -p 80

If this Port is open you should check your network setup because something is responding to 80/TCP and the next steps will potentially lead to undesired results.

Step 2-4

We need to create or append config.gateway.json inside the UniFi Controller. Place this file inside the site configuration, e.g. for the default page but the file inside “data/sites/default”

Content of config.gateway.json:

    "interfaces": {
        "ethernet": {
            "eth0": {
                "address": [
                "firewall": {
                    "in": {
                        "name": "WAN_IN"
                    "local": {
                        "name": "WAN_LOCAL"
                    "out": {
                        "name": "WAN_OUT"
    "service": {
        "nat": {
            "rule": {
                "3000": {
                    "description": "DNAT TCP/8080 to",
                    "destination": {
                        "address": "",
                        "port": "80"
                    "inbound-interface": "eth0",
                    "inside-address": {
                        "address": "",
                        "port": "8080"
                    "log": "enable",
                    "protocol": "tcp",
                    "type": "destination"
                "5000": {
                    "description": "SNAT TCP/8080 to",
                    "log": "enable",
                    "outbound-interface": "eth0",
                    "outside-address": {
                        "address": "",
                        "port": "80"
                    "protocol": "tcp",
                    "source": {
                        "address": "",
                        "port": "8080"
                    "type": "source"
    "firewall": {
        "name": {
            "WAN_IN": {
                "default-action": "drop",
                "rule": {
                    "1000": {
                        "action": "accept",
                        "description": "NAT TCP/8080 to",
                        "destination": {
                            "address": "",
                            "port": "8080"
                        "log": "enable",
                        "protocol": "tcp"

Step 5

Now it’s time to apply these rules to the USG. To do this log in to your UniFi Controller and force provisioning

Step 6

Test with NMAP from WAN/Internet

nmap -n -Pn -p 80

Install self-signed certificate for curl (and others)

These are the steps to install a self-signed certificate so you can avoid using the “–insecure” switch for curl and others which communicate over SSL/TLS.

For me it was necessary to communicate safe over the network with my tool written in  ruby

Test environment:

  • Server: debian 7 (Raspberry PI) with owncloud 9
  • Client: centOS 7

# Test first if you get an certificate error
curl -v -O remote.php https://$HOST/owncloud/remote.php
# Download the certificate
openssl s_client -showcerts -connect $HOST:$PORT </dev/null | openssl x509 -outform PEM > $FILE
# Install the certificate into nssdb
certutil -d sql:/etc/pki/nssdb -A -t “P,,” -n $HOST -i $FILE
# List if the certificate are inside the database
certutil -d sql:/etc/pki/nssdb -L -n $HOST
# Download the test file again.
curl -v -O remote.php https://$HOST/owncloud/remote.php

Registrierkassen-Software cbird unter Linux verwenden

tux-cbirdDa ich bei einigen meiner Kunden die hervorragende Registrierkassen-Software cbird der Firma usoft e.U. verwende und diese in Java geschrieben musste ich natürlich gleich testen ob diese nicht auch unter Linux laufen könnte.

Mit ein paar kleinen Kniffen läuft Sie auch unter Linux ohne Funktionseinschränkungen, Drucken, Sichern, PDF export, …

Dank der Genehmigung von usoft habe ich Skripts, eine Anleitung und weitere Informationen auf einem GitHub Repository veröffentlicht.

Falls Ihr Wünsche, Fehler oder sonstiges anmerken möchtet erstellt bitte auf GitHub einen Eintrag oder direkt hier im Blog. Direkt im Blog kann es etwas dauern da ich Aufgrund der vielen Blog-Spambots nur ab und zu die Kommentare durchsehe 😉

zum GitHub Repository

Nagios check to verify open files counter

I published my Nagios checks to monitor the open files counter for special users and for the whole system. You can chek it out on github and nagiosexchange.



oVirtBackup: online full-backup tool for oVirt

I wrote the last days a little Tool to get in touch with Python (first time) and solved a little backup problem since I switched from vmware esxi to oVirt.

The Tool creates a full backup and export it to a NFS share (export domain).


  • NFS share which are connected to the ovirt-engine where the backups will be stored


  • Create a snapshot
  • Clone the snapshot into a new VM
  • Delete the snapshot
  • Export the VM to the NFS share
  • Delete the VM


  • It is possible to set the age in days how long the backup should be hold

You can find it on github:

WARNING: Wrong configuration can delete your existent backup !!! Please test it first with a new clean VM !!!

Note: With the current Python API (ovirtsdk) it is not possible to export a snapshot directly to the NFS share so it is necessary to create first a temporary VM

BackupPC broken after upgrade

If you get this error after you installed the latest update:

Error: Unable to connect to BackupPC server

This CGI script (/BackupPC) is unable to connect to the BackupPC server on server port -1.
The error was: unix connect: No such file or directory.
Perhaps the BackupPC server is not running or there is a configuration error. Please report this to your Sys Admin.

Maybe this will help

mkdir /var/run/BackupPC

chown backuppc:backuppc /var/run/BackupPC

systemctl restart backuppc

BackupPC for workstations

Today I publish my script to do daily backups on a BackupPC Server on workstations which are not online all the time. BackupPC is normally used to do daily backups from servers, but this is a problem for workstations which are normally offline on backup times like 3:00AM (I heard people sleep during this time (wired)).

Therefore there are some solutions:

  1. Disable automatically backup in BackupPC and make in manually by clicking on the backup button in the webinterface
  2. Turn on the workstations in the night with wake-on-lan and power them off after the backup is done. This was my solution before i wrote this script which is also not so easy for example: whats do you do when somebody is working on the workstation after backup is finished. You can’t turn them off, but you can try 😀
  3. Use my script which can be used in a cronjob to run every minute, add it to the startup script, run it only at a given time and many more

What will the script do?

It starts the backup process on the BackupPC server as a ssh command, checks the backup state, save the last backup time to avoid to often backups and stores a pid so it run as singleton

Preparation for BackupPC:

  • Configure the workstations in BackupPC like a normal server
  • Test the backup
  • Disable the automatically backup “BackupsDisable=1”
  • Done

Where to find the script?

Indeed on github 😉

I hope this will help others to, comments are welcome

Missing predefs.h during compiling sources

Today I compiled freerdp ( from the latest sources to connect to a rdp connection through a rdp-gateway.

Durring compilation I get the following error:

[  0%] Building C object winpr/libwinpr/CMakeFiles/winpr.dir/synch/address.c.o
In file included from /usr/include/stdio.h:28:0,
from <folder>/FreeRDP.git/winpr/include/winpr/synch.h:25,
from <folder>/FreeRDP.git/winpr/libwinpr/synch/address.c:24:
/usr/include/features.h:323:26: fatal error: bits/predefs.h: No such file or directory
#include <bits/predefs.h>
compilation terminated.
make[2]: *** [winpr/libwinpr/CMakeFiles/winpr.dir/synch/address.c.o] Error 1
make[1]: *** [winpr/libwinpr/CMakeFiles/winpr.dir/all] Error 2
make: *** [all] Error 2

It was clear that the problem must be anywhere around the libc6 libraries, but where 🙂

Remove and install of libc6-dev, build-essential and gcc-multilib doesn’t help. But after many hourse (no a joke after some minutes) I found it.

Here are the solution (yes it can be so easy):

apt-get install –reinstall libc6-dev

have a nice day

(This was all done under Ubuntu 14.04 amd64)